Latest News: (loading..)
John W

Admin suddenly slow - cause & solution

5 posts in this topic

I suddenly started having very slow access and page loads in my Admin (it's renamed) while the catalog side ran fast.  After thinking about this a bit I figured it had to be because of the Apache Auth on Admin.  To back up a little, Apache 2.4 changed the way .htaccess works for allowing and denying, see http://httpd.apache.org/docs/current/upgrading.html  There's a module call mod_compat that makes the old system compatible, but that's definitely where my problem was.  It would take a minute for a page to load in Admin.  Important to note that the exact way they show on the apache site didn't work.  Mine below works. 

Here's my old .htaccess

SSLRequireSSL
Order Deny,Allow
deny from all
allow from IP my ip
AuthName "Restricted"
AuthUserFile "my path to file"
AuthType Basic
require valid-user

Here's my new one that is working completely from my testing.  Test yours if you change this. 

NOTE: Important to note that the exact way they show on the apache site didn't work.  Mine below works. 

SSLRequireSSL
AuthType Basic
AuthUserFile "my path to file"
AuthName "Restricted"
<RequireAll>
        Require valid-user
        Require ip my ip
</RequireAll>

I don't know if anyone else will run into this but I'm guessing this is coming.  We should probably look at making changes to all the .htaccess files.

raiwa and kymation like this

Share this post


Link to post
Share on other sites

A little more info on this.  The way I determined this was the problem is when I commented out the auth, the admin loaded fast.  I only had to comment out for a couple seconds to see the effect. 

Also, for my ip, I use the first two numbers of my ip.  For instance 192.168 which in my case is my ISP from my part of my state.  So, if my ip changes like from Hurricane Irma coming through, then I'm still good without changing that.  If I try to access it through a VPN, then I get a 403 error.

Share this post


Link to post
Share on other sites

Another thing to try would be to use your host's built-in "password protect a directory" instead of the osC-supplied code access authorization files. That might be optimized to better fit your server.

Share this post


Link to post
Share on other sites

@MrPhil

That's actually how I had done mine a long long time ago.  I agree it's better because it puts the password file in a protected directory outside of public_html.  This problem showed up after a nightly Cpanel/Apache update.  I have a dedicated server and have run Apache 2.4 for many years now and this just popped up.  May have been a glitch in mod_compat or mod_access_compat, but this is the future anyway, so I'll leave it.  I know they have dbm auth too, but haven't explored it.

Share this post


Link to post
Share on other sites

After thinking about this, I realized I've modified mine compared to how Cpanel writes it.  Mainly, with SSLRequireSSL and require ip.  Cpanel now has password protect label inside of "leech protection".  Unfortunately, I don't think it has the ability to add the require ip address, which in my case feels like added security.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!


Register a new account

Sign in

Already have an account? Sign in here.


Sign In Now