I'm a newbie sys admin. Our site has been using mod_auth_mysql to authenticate its members' area since before I started here. My gripe is that it has to authenticate for each request in an HTML page (e.g. dozens of images). It's not so bad to view from within the USA, but here in Australia, with a 500+ ms ping to the database server, our site is crawling.
I was wondering what you would recommend for keeping SQL sessions open? I noticed AuthMySQLKeepAlive is disabled in later releases, is it feasible to use an older version and periodically kill zombie MySQL processes? Are there any other drawbacks..? Anything I can implement short of having to rewrite our members areas? :)
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
That is correct. Every item requested from a protected directory must be authenticated. This is how Apache security works, and is not specific to mod_auth_mysql.
It won't help to keep the session open for a couple of reasons. First of all, that won't stop the authentication process; every request will still need to be authenticated. Second, the connection is already kept open for the duration of a single conversation, which generally includes multiple requests.
And KeepAlive was removed because it didn't work and caused problems.
If your problem is indeed the time it takes to authenticate/authorize each image, then the best way to handle it is to move those images to a non-protected directory, if possible. But I'm not convinced that's the problem; I think you need to do a little diagnosis to see if that indeed is the problem.
Jerry
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi guys,
I'm a newbie sys admin. Our site has been using mod_auth_mysql to authenticate its members' area since before I started here. My gripe is that it has to authenticate for each request in an HTML page (e.g. dozens of images). It's not so bad to view from within the USA, but here in Australia, with a 500+ ms ping to the database server, our site is crawling.
I was wondering what you would recommend for keeping SQL sessions open? I noticed AuthMySQLKeepAlive is disabled in later releases, is it feasible to use an older version and periodically kill zombie MySQL processes? Are there any other drawbacks..? Anything I can implement short of having to rewrite our members areas? :)
That is correct. Every item requested from a protected directory must be authenticated. This is how Apache security works, and is not specific to mod_auth_mysql.
It won't help to keep the session open for a couple of reasons. First of all, that won't stop the authentication process; every request will still need to be authenticated. Second, the connection is already kept open for the duration of a single conversation, which generally includes multiple requests.
And KeepAlive was removed because it didn't work and caused problems.
If your problem is indeed the time it takes to authenticate/authorize each image, then the best way to handle it is to move those images to a non-protected directory, if possible. But I'm not convinced that's the problem; I think you need to do a little diagnosis to see if that indeed is the problem.
Jerry