New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
I don't use centminmod but I always give a peep at your approaches, I did experiment with the TLS 1.3 draft using repackaged OpenSSL beta releases with tweaked cipher ordering and secp384r1, I didn't benchmark thoroughly like you (thank you for your reports) but I did notice (given compatible clients) an improvement over default "recommended" configs as well
Yeah over time folks should start testing their HTTPS performance and probably will see what I see - especially if you're using ECDSA SSL certificates instead of traditional RSA SSL certificates.
I wrote a https_bench.sh benchmark script for Centmin Mod users so they can test both ECDSA and RSA based SSL certificate Nginx HTTP/2 HTTPS at https://community.centminmod.com/threads/post-share-your-centmin-mod-nginx-http-2-https-benchmarks.14832/. I'll be running tests with Centmin Mod Nginx using OpenSSL 1.0.2 vs OpenSSL 1.1.0 vs OpenSSL 1.1.1 vs BoringSSL vs LibreSSL (since Centmin Mod Nginx supports all crypto libraries out of the box and are end user selectable)
FYI, Chrome 70 was just released with official TLS 1.3 rfc final protocol support. So now latest Centmin Mod 123.09beta01's Nginx with either OpenSSL 1.1.1 or BoringSSL crypto libraries support TLS 1.3 rfc final protocol for HTTP/2 HTTPS https://community.centminmod.com/threads/centmin-mod-nginx-http-2-https-tls-1-3-support.15537/
Firefox 63 release next week also updates to support TLS 1.3 rfc final if you web server supports TLS 1.3
Enjoy !
Updated my guide at https://community.centminmod.com/threads/how-to-boost-centmin-mod-lemp-stack-performance.13776/ as recently started doing comparison benchmarks for PHP 7.3 vs 7.2 vs 7.1 vs 7.0 and thought I'd highlight how Centmin Mod's optional support for Profile Guided Optimizations (PGO) for PHP 7+ can improve PHP 7 performance by up to 25% when you specifically configure Centmin Mod to PGO train specific PHP scripts. PGO trained benchmarks at https://community.centminmod.com/threads/php-7-3-vs-7-2-vs-7-1-vs-7-0-php-fpm-benchmarks.16090/#post-68855
How can we benefit of this while using wordpress? By putting our index php in fullpath?
Basically = yes
Centmin Mod 123.09beta01's PGO support when enabled, will use pre-set training scripts for Wordpress, MediaWiki and Drupal like PHP web applications and similar PHP execution patterns https://community.centminmod.com/threads/added-profile-guided-optimizations-to-boost-php-7-performance.8961/. This will somewhat boost Wordpress by 3-7%.
But to further train PHP 7 during PGO routine, you can point the Wordpress full index path and other wordpress scripts to get greater performance. I just updated so you can add up to 4 additional index variables so you can do PGO training for up to 4 other web script php files https://community.centminmod.com/threads/update-profile-guided-optimization-pgo-routine-for-php-7-in-123-09….16095/.
Not all web app scripts standalone php files support PGO training from command line though. Wordpress supports it though.
@eva2000 I love centminmod, but I'd like to isolate my websites from the others. In the case that one gets compromised all the others won't.
I've read several tutorials on how to do this and each one of them do it diferently. Some create diferent users for php-fpm and disable opcache, others create full new directories of the OS and fully jail everything.
I know centminmod is not made for shared hosting and that this type of isolation is not implemented, but Id like to ask you if you could link me to the implementation that you consider to be better/more secure.
@eva2000 any ideas of implementing a functions like export/import from other cmm installation, regarding the websites, db?
Both jailed nginx vhost accounts and centmin mod to centmin mod data migration are on the public dev dashboard to do list at https://github.com/centminmod/centminmod/projects/1
https://community.centminmod.com/threads/jailed-chrooted-sftp-ssh-user-nginx-vhost-menu.8/
I would use it anytime. But I prefere the automatic plesk or coanel backup and restauration from remote stations.
I checked several times centmin and I cannot achieve it.
Yeah not right now.
Latest PHP 7.3 vs 7.2 vs 7.1 vs 7.0 benchmarks with Wordpress 5.0 RCs with Profile Guided Optimization boost https://community.centminmod.com/threads/php-7-3-vs-7-2-vs-7-1-vs-7-0-php-fpm-benchmarks.16090/#post-69010
@eva2000 How can the login message for centminmod be edited? Have check all common files but don't know where it is being kept.
Best to ask on official community forums https://community.centminmod.com/ Depending on what you want to edit it for, some of the ssh log info can be hidden - see https://community.centminmod.com/threads/how-to-remove-first-info-intro-when-logged-to-server-ssh.8745/