[pmwiki-users] Performance problems with passwords
Tyler Spivey
tspivey at pcdesk.net
Wed Oct 19 17:51:41 CDT 2016
Hi,
I'm trying to understand how I can speed up PMWiki.
I found an easily-reproduceable test case involving passwords. Using one
slows down my page quite a bit, even in the most common case, someone
reading the wiki without authenticating.
First, I extracted pmwiki and copied the sample config to config.php.
Then I ran
php -S 0:8001
To start the development server.
Then:
curl localhost:8001/pmwiki.php
We can ignore the first one, I think it's just a redirect while PmWiki
sets up wiki.d.
time curl -s localhost:8001/pmwiki.php >/dev/null
Running that 3 times, we get around 58ms. Not too bad.
Now I want an admin and edit password:
$DefaultPasswords['admin'] = pmcrypt('secret');
$DefaultPasswords['edit'] = pmcrypt('secret');
With this, the lowest I've seen my page go is 405ms. Understandable,
since I'm calling pmcrypt() for each page load.
password_hash() and thus pmcrypt() is expensive. We can reduce this
slightly by pre-encrypting them, which I did, and edited the relevant
lines to precompute pmcrypt('secret').
Encrypted password =
$2y$10$3fQco9ikY9t5EEGPizr5jeHOmpnr0H5QtOkLSABZRSK1jD3.m01Wi
Even with that, the best I can get is 223ms, far from the 58 I
originally had.
It's trying to compare "nopass" with both of my encrypted passwords,
adding 80 or so ms per call.
Can anything be done to optimize this?
PHP Version => 7.0.8-0ubuntu0.16.04.3
Operating system: Ubuntu 16.04.1
More information about the pmwiki-users
mailing list