It was a blockbuster year for web outages in 2014. From retailers to cable providers, it seems everyone had their 15 minutes of fame.
Join 28,000 others and follow Sean Hull on twitter @hullsean.
How can we protect our web property from the same fate? Here’s a short list of suggestions.
1. How much traffic can my site handle?
If you’re not already asking this question, you should be.
Answer: Load test well in advance
Load testing simulates what happens when the internet hordes descent on your website like a plague of locusts. This can be a good thing if you’re having a special sale or promotion. Or possibly a bad thing if you’re the victim of a denial of service attack.
2. How quickly can I bring online more capacity?
A more nuanced version of number one, once you know what your site can handle, you need to know if you’re even ready for more.
Answer: Auto-scale & test.
Answer: Scale your database tier well in advance
Autoscaling is a feature popularized by amazon web services, which couples monitoring your traffic, with thresholds that will kick off more capacity. This capacity may be deploying new webservers to sit behind your load balancer. Whatever your method, be sure to test carefully.
3. Cache, cache, cache!!
Optimizing your site means
Answer: Use an object & page cache.
If you’re not already using memcache, redis or elasticache, you should be. These object caches sit in between your application & your database, holding frequently accessed data & reducing load on your central database server.
Consider a page cache too like nginx or varnish. These act as sort of tiny webservers that are very low overhead, low memory & fast response. They provide a buffer in front of your main application server, and can service simpler but repetitive web requests.
A third caching layer sits in the db itself, called a query cache. This is implemented differently on Oracle, SQL Server, MySQL and Postgres, but the concept is similar. Cache frequent queries, so they don’t need to be rerun each time.
4. Degrade gracefully
Answer: Build a browse only mode
If you’ve ever logged into an airline website & selected your flight, only to run into trouble during checkout, you know what a browse-only mode is! Many sites build this, along with other feature flags & toggles to allow them to degrade gracefully, that is keep the site up and running, while essential services may be inoperable.
Every production site should prioritize for this. Sooner or later you’re gonna need it!
5. Try CloudFlare
CloudFlare is a service for protection from denial of service attacks. Integrate their servers into your infrastructure & a monitoring process begins, of each packet you receive. If a denial of service occurs, your site can be throttled down to reduce the impact & keep things online. This protection can double for heavily loaded legitimate traffic, keeping your website online in a worse case scenario.