How to Speed up and Optimize Drupal 7

Before we go into the details of techniques and tips to speed up drupal 7, lets understand what slows down drupal.

1. Database queries
2. Loading CSS and Javascript
3. Images which are loaded on your page
4. Loading unwanted modules

Now lets see what are some of the quick things you can do to speed up and optimize.

Configuration changes

1. For an initial, quick performance tuning, see on your site: Administer > Site configuration > Performance

Here you can read the options for page cache, CSS optimization,  JavaScript optimization. That standard optimization and database caching can be enough for many sites.

Check the boxes next to "Cache pages for anonymous users," "Cache blocks," "Compress cached pages," "Aggregate and compress CSS files," and "Aggregate JavaScript files."

Turning off modules

2. Turn off update manager module
3. Turn off any devel modules if you have installed.
4. Turn off overlay module
5. Turn off toolbar module, download and install administration menu module instead.

Likewise you should turn off and remove any modules you are not using, since fast loading site is much more important than adding more functionality which is slow.

Boost Module

6. Enable Boost module. For anonymous users Boost caches your pages  HTML files, so your webserver  can serve them much more quickly as there will be no database reads.  So if majority of traffic is from anonymous users, then Boost is a great module for you.  Boost can help you realize a significant performance increase for personal blogs, small business, corporate sites, portals and directories that receive mostly anonymous traffic. For shared hosting this is your best option in terms of improving performance and enhancing your website visitor's experience.

For statistics you can always use google analytics module.

Advanced Performance Tuning

7. Adding Rule to .htaccess file

If you use the mod_deflate rule, you don't necessarily need to check the "Compress cached pages" checkbox on the Performance settings page.

Rules to be added to the .htaccess file (I add this little block of code to the top of the file, just under the "Apache/PHP/Drupal settings:" comments):

##### Midwestern Mac-recommended additions #####

# Use mod_deflate to gzip components
<IfModule mod_deflate.c>
  AddOutputFilterByType DEFLATE text/css application/x-javascript application/javascript text/plain text/html text/xml application/xml
</IfModule>

# Disable ETags (can help if you're using multiple servers, or use cloud hosting)
# see: http_://www.askapache.com/htaccess/apache-speed-etags.html for more info
FileETag None

################################################

7. Innodb Tuning

Now that Drupal 7 (D7) joins mediawiki and gallery2 in using the Innodb database engine if you use any of these you must consider tuning it too and not just myISAM, or these products will run slower than they should.

Edit /etc/my.cnf and for a small D7 site start by adding the following lines under the [mysqld] section.

# innodb specific
# innodb_buffer_pool_size 50% of memory on 5GB+ server. Set it to be larger than your data size or 500M on 4G box.
innodb_buffer_pool_size=20M
# innodb_log_file_size This depends on your recovery speed needs but 256M seems to be good performance
# innodb_log_buffer_size=4M 4M is good for most large servers
innodb_log_buffer_size = 2M
# innodb_flush_log_at_trx_commit=2 (1=flush log to disk every transaction, 2=flush to OS Cache, 0=don't flush)
innodb_flush_log_at_trx_commit = 2

               

Drupal MemCached Integration

Though drupal has built-in cache mechanism, by default, Drupal will save all its caches to database, which means, every time you hit a cache, there will be a database query. This is obviously not the best solutions.

To speed up your site's cache, a better way is use a 3rd party caching system, such as Memcached, and stores all caches in memory. And in this article, we will tell you how to integrate Memcached with drupal.

What's Memcached

Memcached is a distributed memory object caching system which is often used to speed up dynamic database-driven websites by caching data and objects in RAM to reduce the number of times an external data source (such as a database or API) must be read. It is now widely used by hundreds of thousands of sites on the internet such as YouTube, Zynga, Facebook and Twitter.

Memcached runs on Unix, Linux Windows and MacOSX and is distributed under a permissive freee software license.

Install Memcached

Memcached is very likely in your source packages, so you can just try:

 sudo yum install memcached

If you want build memcached from source code, remember install libevent first.

 sudo yum install libevent-dev

To verify memcached is installed correctly, run:

 memcached -h

And you'll see the help info for memcached.

After memcached installation completed, you can edit options for memcached to meet your need.

 vi /etc/sysconfig/memcached

There are some common options:

 PORT="11211"
 USER="memcached"
 CACHESIZE="64"    # Max cache size, Unit: MB.
 MAXCONN=”1024″    # Max connection allowed.
 OPTIONS=""

Other options can be seen by:

 memcached -h

If everything is ok, you can now start the memcached service.

 service memcached start

Use the following shell code to test the connectivity:

 echo -e "stats\r" | nc localhost 11211

Install Memcached Extension for PHP

To use memcached in php, you need install the PECL memcache extension for PHP.

 yum install php-pecl-memcached

Edit your php.ini file, make sure the following line in your php.ini

 extension=memcache.so

Restart apache server, access "/admin/reports/status/php" of your drupal site. You'll found a new memcached section.

Install Memcached Module for Drupal

Download "Memcache API and Integration" module from http://drupal.org/project/memcache. Uncompress, and put it at /sites/all/modules/

Add following code to your settings.php(/sites/default)

 $conf = array(
     'cache_inc' => './sites/all/modules/memcache/memcache.inc',
 );

Access your drupal admin page, enable the "Memcache" and "Memcache Admin" module.

Then clear all the cache in "Administration -> Configuration -> Performance" Page.

Till now, the integration is done. Hope you enjoy it.

And you can view the memcached status at Administration -> Reports -> Memcached

Configuring Drupal With Multiple Memcached Instances

If you using more than one memcached server, you should edit the settings.php like this. (/sites/default/). Add something like this.

 $conf = array(
   'cache_inc' => './sites/all/modules/memcache/memcache.inc',
   'memcache_servers' => array(
    // Servers/instances configured here
     'localhost:11211' => 'default',
     'localhost:11212' => 'page',
     'localhost:11213' => 'filter',
   ),
   'memcache_bins' => array(
    // Bins assigned here
     'cache'        => 'default',
     'cache_menu'   => 'default',
     'cache_page'   => 'page',
     'cache_filter' => 'filter',
   ),
 );

What Else

Before deploying Memcache in production, you should find a proper Drupal hosting solution. Normally, shared hosting package is not recommened as MemCache is not installed by default, and you are also not allowed to make the change to the web server. So, we recommend you to get a Cloud hosting or something close, in which you could get the full control of the server.

5 drupal modules to Purge users, Clean-up Spammers and Spam posts

Lets look at some of the options available with drupal modules to control user spam, clean the posts after user have spammed, clean up or Purge unwanted users from drupal website.

1. Ban Unpublish Module

This is probably the best option, since it also integrates with Advanced user module and View Bulk operations module(VBO).

The Ban and Unpublish module makes it easier to clean up after registered spammers and other problem users by implementing a bulk operation that appears at Home > Administer > User management > Users.

This module adds a single drop-down option to the list page that performs the following in a single pass:

• Ban the user's email address.
• Ban the username.
• Block the account.
• Kick the user off the server, if active.
• Unpublish any nodes that were published by the user.
• Unpublish any comments that were published by the user

As mentioned before the above operations will be added to VBO and Advanced user module for doing more bulk operations

2. Country wise banning of spammers

Country Ban can be used to set entire countries to "read only" or to ban their access completely. Setting a country to "read only" disables all account access for that region, automatically logging out any user which resides there and preventing new accounts from being generated. Websites set to 'read only' will still be able to be viewed anonymously. The website admin may also set a "complete ban", which will block the website entirely for all users of the configured region.

Country Ban is dependent upon IP-based Determination of a Visitor's Country as well as Country Codes API. These modules provide the country of origin that Country Ban requires to filter properly.

3. Advanced user Module

The advanced user module's main job is to allow additional filtering which is not possible with the inbuilt drupal user module. Once you have filtered the users, you can do operations like

1. Mass emailing
2. Blocking
3. Unblocking
4. Deleting

It allows filtering of users based on the user.module fields and optionally the profile.module fields. The fields available for filtering can be configured using the module settings. Eg. Site admin may search through 1000s of users to display all users who have not accessed their account.

• Filtering of users based on:

1. Permissions
2. Status
3. Created
4. Accessed
5. Email
6. User Id
7. Admin Selected Profile Fields

• Filtering on fields can be grained to

1. Is Equal To
2. Is Not Equal To
3. Is Less Than
4. Is Greater Than
5. Is Less Than or Equal To
6. Is Greater Than or Equal To
7. Contains
8. Does Not Contain
9. Begins With
10. Ends With

• Multiple filters can be refined to be AND or OR operations giving you the greatest control of the data selections.
• Administrative options include notification of user data changes.The notification emails include:
• • User's email address
  • A link to google and yahoo searches for user's email address - great for doing a quick spammer check on the user's email address.

4. Prevent spammers from registering - Spambot

Spambot protects the user registration form from spammers and spambots by verifying registration attempts against the Stop Forum Spam (www.stopforumspam.com) online database. It also adds some useful features to help deal with spam accounts.

This module works well for sites which require user registration before posting is allowed (which is most forums).

• Checks (username, email, ip address) data against the www.stopforumspam.com blacklist. Blacklisting can be based on either of email, username or IP address (with configurable thresholds).
• Bulk reporting of users as spammers.
• Scanning of existing user accounts (via cron).
• New 'spam' tab for user accounts with some useful information and actions.
• Uses IP addresses from core statistics and User Stats if they are enabled.
• Optional auto-reporting of blacklisted registration attempts to www.stopforumspam.com

If you need more IP address statistics of your users, please consider the User Stats module

Conclusion

Install Ban Unpublish, VBO, Advanced user modules and you should be able to do most of the operations around spam control including banning users, removing spam posts, purging spammers etc. If you still face heavy spam install Country Ban Module to restrict users from a particular geography. And yes do install spambot if your website has heavy traffic. Sometimes legitimate users may also be blocked by Spambot so be careful.

Stopping spam in Drupal – Users, Posts, Comments

One of the most common problems faced by many drupal sites is tons of spam, There are either spam users or spam content or spam comments. There are all sort of nasty things that happen by spammers and it is a huge risk to the website’s credibility and growth. Read on for detailed analysis and recommendations on preventing spam

I personally would not visit a forum again if the content is unmoderated and spam. So how do you avoid the spam. There are three methods

Automatically

                Install modules or write code that block the spam users, comments and content For example there isspam.module which uses Bayesian logic to filter content, or Akismet which sends the content to the Akismet for checking via several tests, Akismet is known to be the best method so far for preventing comment spam. Another method is  Bad Behavior which looks for spammer-like activity and blocks those users. The issue with this method is that sometimes genuine users also get blocked thereby creating a negative spiral.

Setup for these types of solutions needs some work and  they can slow your site down considerably depending on the amount of spam that you get and the power of your server.

Challenging Users

These includes turing tests like captcha.module which presents a math problem or "numbers embedded in an image, or KittenAuth - the cute alternative, you're presented 5 images of animals and you pick the kitty. There's also things you can do in comment.module setup like requiring contact information, or requiring previews.

Catchpa Riddler module will let you ask custom questions to the users  during registration and if they answer correctly  they are allowed in. This very useful for niche sites since the spammers will not know answer to simple question related to your website’s domain.

Administrators prevent spam

This will require work, but if your site has less traffic this is the most effective way. You can either  disallow commenting without approval in admin/access and/or something like Comment Mail which sends an email with approve/deny links to the admin every time a comment is submitted. Or you could have an army of content moderators to delete spam when they find it.

Likewise you can disallow any registration without administration approval.

The main advantage of this method is there are 100% results however the delay in getting approvals may turn down people.

I generally check the user credentials during registration and only allow them to register if they have entered all profile fields. THis method will cut down 95% of spammers. Looking at Profile fields during registration you will deny a whole lot of people. Then I moderate content every 12 to 24 hours and delete spam comments and posts and block the user. This method works for my niche sites very well.

So what is the best way to prevent drupal spam? Well there is no single answer. Based on your problems you will have to select the best answer. It depends on your spam volume, whether you want to block bots or unwanted users, and how much time you can devote to website moderation.

1. Mollom which is developed by drupal founder is still not mature enough to be used, there are downtimes and sluggisness in response which plague them for now.
2. Spamcide – Adds a hidden field to forms that only spam-bots will see and fill in. But this will not work for human spammers
3. Spambot - Checks member details against the Stop Forum Spam system. An effective method but will not work for  anonymous posts. So to use this you will have to stop anonymous posting and also be prepared

To me it seems like Bad Behaviour module and Akismet should work for most  users and would be the best option to prevent spam

Note:
If you enable CAPTCHA module, it disables page caching. So if you have comments form at bottom of each page then the page will not be cached. So every page will be treated as if the user has logged in and it will incur a query to database. Do the following to open comments form on new page.
1) go to admin/content/types
2) Click the edit link for the page, blog entry, or other type you want to modify
3) Scroll down to Comment Settings
4) Find "Location of Comment Submission Form"
5) Select the "Display on separate page" option
6) Click Save Content Type

At times the CAPTCHA module does not work effectively, if that is the case use reCAPTCHA module. It is very effective and simple to install and use. The reCAPTCHA module uses the reCAPTCHA web service to improve the CAPTCHA system and protect email addresses. Just get your public and private keys from recaptcha site and plug it in your site.