Speed performance of this plugin is one of my primary concern. In this version, I’ve enhanced the validation performance up to 25% at maximum than the previous one.
So I’d like to summarize the changes in this release with other improvements.
Enhancement: validation speed
I’ve carefully made this plugin desinged not to impact on the public facing pages for the site speed because currently it only handles the malicious accesses against the backend of the site.
It’s easy to achieve this goal if I select the specific action hook according to the end points of such malicious accesses. For example, accesses to wp-comments-post.php can be fetched by the action hook pre_comment_on_post.
But WP core will load many PHPs and process a bunch of codes before triggering such specific action hooks. So those are not suitable for the validation speed.
On the other hand, action hooks such as plugin_loaded and init are at the very begging of WP core processing, but will affect all accesses including to the public facing pages.
The best way to balance those contradictory requirements is identifying an access to the specific end point at the early stage (e.g. plugin_laoded) and assigning a proper action hook (e.g. init). And it’s also important to optimize this process to minimize the impact on the entire site.
I’ve achieved this assigning process beeing done under a millisecond order.
Test environment
The test environment and configuration of plugins are almost same as the previous evaluation.
| Category | Description |
|---|---|
| Hardware | MacBook Pro / 2.8GHz Core i7 / Memory 16GB |
| Software | OS X 10.9.5 / MAMP 3.4 (Apache 0.2.2.29, PHP 5.6.10) |
| WordPress | 4.4-ja / Site Language: English |
Plugins configuration
Results
wp-comments-post.php
| IGB | WFS | Requests/sec | Time/req [ms] | Improvement (0.2.2.1 ⇒ 0.2.2.2) |
|---|---|---|---|---|
| OFF | OFF | 3.88 | 257.841 | – |
| OFF | ON | 3.59 | 278.581 | – |
| ON | ON | 5.07 ⇒ 5.30 | 197.379 ⇒ 188.756 | +4.37% |
| ON | OFF | 5.49 ⇒ 5.87 | 182.055 ⇒ 170.356 | +6.63% |
xmlrpc.php
| IGB | WFS | Requests/sec | Time/req [ms] | Improvement (0.2.2.1 ⇒ 0.2.2.2) |
|---|---|---|---|---|
| OFF | OFF | 4.80 | 208.424 | – |
| OFF | ON | 4.47 | 223.709 | – |
| ON | ON | 4.26 ⇒ 5.46 | 234.857 ⇒ 183.182 | +22.00% |
| ON | OFF | 4.54 ⇒ 6.09 | 220.028 ⇒ 164.078 | +25.43% |
wp-login.php
| IGB | WFS | Requests/sec | Time/req [ms] | Improvement (0.2.2.1 ⇒ 0.2.2.2) |
|---|---|---|---|---|
| OFF | OFF | 5.73 | 174.496 | – |
| OFF | ON | 2.96 | 337.784 | – |
| ON | ON | 4.91 ⇒ 5.13 | 203.505 ⇒ 195.112 | +4.12% |
| ON | OFF | 5.50 ⇒ 5.75 | 181.871 ⇒ 173.779 | +4.45% |
wp-admin/admin-ajax.php
| IGB | WFS | Requests/sec | Time/req [ms] | Improvement (0.2.2.1 ⇒ 0.2.2.2) |
|---|---|---|---|---|
| OFF | OFF | 4.36 | 229.095 | – |
| OFF | ON | 4.04 | 247.593 | – |
| ON | ON | 4.43 ⇒ 4.48 | 225.800 ⇒ 223.052 | +1.22% |
| ON | OFF | 4.86 ⇒ 4.88 | 205.684 ⇒ 204.919 | +0.37% |
Observation by P3
P3 (Plugin Performance Profiler) is a super useful plugin to identify the slow plugins in a real world. I applied this plugin to my real site which theme is Twenty Fifteen in order to know how slow (or fast) this plugin is compared to other plugins.
The first result is by “Auto scan” which is mainly observed the admin area. I think that IP Location Block is slightly heavy because of its rich functionality for admin.
The next one is by “Manual scan” applying only public facing pages. You can find that IP Location Block is almost the same as Akismet.
Improvement: Recording statistical data
In the previous version, the statistical data was recorded into wp_options. It caused the uncertainty of recording especially in case of burst attacks and also affected the performance of rendering the public facing pages.
Now the data will be recorded in an independent table to improve this issue.
Bug fix: Alternatives for BCMath extension
IP2Location PHP Module requires BC Math Functions to calculate 128 bits values from IPv6. So I bundled those functions with this plugin for the fallback but imperfectly. It caused a fatal error of redeclaration when combined with some plugins such as NextGEN Pro.
Thanks to bodowewer to fix this issue!
Conclusion
Speaking generally, a software product gets heavy in accordance with its increased functionalities. Of course, I think I should evolve IP Location Block to cover with more wide range of undesired accesses. But at every time before doing so, I would take care of the optimization from the view point of software design 