Forum

Hi all! I have been away for a couple of years and am excited to be using Hiawatha again. At any rate, I have a SSD VPS setup on Ramnode, with a server in Atlanta, GA. Everything is configured the way I want it, and is running smoothly.

Upon doing an upgrade to the server software (Ubuntu 14.04 LTS server, minimum install), I noticed that while I can SSH into the server within 10-12 seconds of issuing the sudo reboot command... It takes a full 2-3 minutes for the website to be available.

Note that I am using Wordpress, and when the site(s) do come up, it is blazing fast. So there are no problems there.

This is NOT a critical issue. I only do upgrades during the wee hours anyway. However, I want to make sure that I have not made some sort of rookie mistake in configuring Hiawatha, or the server itself.

For the sake of completeness, my hiawatha.conf file is included below

# Hiawatha main configuration file
#

#VARIABLES
Set LOCALHOST = 127.0.0.0/8
Set MyIPv4 = 75.138.77.0/24


# GENERAL SETTINGS
#
#ServerString = Hiawatha
ServerId = www-data
ConnectionsTotal = 1000
ConnectionsPerIP = 48
SystemLogfile = /var/log/hiawatha/system.log
GarbageLogfile = /var/log/hiawatha/garbage.log
ExploitLogfile = /var/log/hiawatha/exploit.log
ThreadKillRate = 10
CacheSize = 8
CacheMaxFilesize = 512
LogfileMask = deny LOCALHOST, deny MyIPv4

PIDfile = /var/run/hiawatha.pid

# BINDING SETTINGS
# A binding is where a client can connect to.
#
#IPv4 Binding
Binding {
        Port = 80
        MaxKeepAlive = 100
        TimeForRequest = 5,15
        MaxRequestSize = 3000
        MaxUploadSize = 3
}
#Binding {
#       Port = 443
#       MaxKeepAlive = 100
#       TimeForRequest = 5,15
#       SSLcertFile =
#       MaxRequestSize = 3000
#       MaxUploadSize = 3
#}
#IPv6 Binding
Binding {
        Port = 80
        Interface = 2604:180:0:b97::a6e2
        MaxKeepAlive = 100
        TimeForRequest = 5,15
        MaxRequestSize = 3000
        MaxUploadSize = 3
}
#Binding {
#       Port = 443
#       Interface = MyIPv6
#       MaxKeepAlive = 100
#       TimeForRequest = 5,15
#       SSLcertFile =
#       MaxRequestSize = 3000
#       MaxUploadSize = 3
#}

# BANNING SETTINGS
# Deny service to clients who misbehave.
#
BanOnGarbage = 300
BanOnInvalidURL = 60
BanOnMaxPerIP = 15
BanOnMaxReqSize = 300
BanOnWrongPassword = 6:900
BanOnSQLi = 3600
KickOnBan = yes
RebanDuringBan = yes
BanlistMask = deny LOCALHOST, deny MyIPv4
BanOnDeniedbody = 300
BanOnFlooding = 90/1:300


# COMMON GATEWAY INTERFACE (CGI) SETTINGS
# These settings can be used to run CGI applications.
#
#CGIhandler = /usr/bin/perl:pl
#CGIhandler = /usr/sbin/php5-fpm:php
#CGIhandler = /usr/bin/python:py
#CGIhandler = /usr/bin/ruby:rb
#CGIhandler = /usr/bin/ssi-cgi:shtml
#CGIextension = cgi
#
FastCGIserver {
        FastCGIid = PHP5
        ConnectTo = /var/run/php5-fpm.sock
        Extension = php
}

UrlToolkit {
    ToolkitID = tiered-cache-control
    Match ^/.*\.(gif|htm|html|jpeg|jpg|png)(\?v=.*|\?ver=.*)?(/|$) Expire 1 weeks
    Match ^/.*\.(css|js|svg|swf|ttf|txt)(\?v=.*|\?ver=.*)?(/|$) Expire 2 weeks
    Match ^/.*\.(eot|ico|otf|pdf|ps|psd|ttf|woff|woff2)(/|$) Expire 2 months
}

UrlToolkit {
        ToolkitID = wordpress
        RequestURI exists Return
        Match .*\?(.*) Rewrite /index.php?$1
        Match .* Rewrite /index.php
}

UrlToolkit {
        ToolkitID = secure-wp
        UseSSL Skip 2
        Match ^/wp-login.php(.*) Redirect https://blog.example.tld/wp-login.php$1
        Match /wp-admin/$ Redirect https://blog.example.tld/wp-admin/$1
}

# DEFAULT WEBSITE
# It is wise to use your IP address as the hostname of the default website
# and give it a blank webpage. By doing so, automated webscanners won't find
# your possible vulnerable website.
#
Hostname = 107.191.101.186
WebsiteRoot = /var/www/hiawatha
StartFile = index.html
AccessLogfile = /var/log/hiawatha/access.log
ErrorLogfile = /var/log/hiawatha/error.log

Include /etc/hiawatha/enable-sites/

# VIRTUAL HOSTS
# Use a VirtualHost section to declare the websites you want to host.
#
VirtualHost {
        Hostname = www.ronjones.io, ronjones.io
        WebsiteRoot = /var/www/ronjones/public_html
        StartFile = index.php
        AccessLogfile = /var/log/ronjones/access.log
        ErrorLogfile = /var/log/ronjones/error.log
        TimeForCGI = 30
        UseFastCGI = PHP5
        CustomHeader = X-Frame-Options: sameorigin
        RandomHeader = 64
        UseToolkit = wordpress, tiered-cache-control
        EnforceFirstHostname = yes
        #e.g. <script>alert("xss");</script>
        DenyBody = ^.*%3Cscript.*%3C%2Fscript%3E.*$
        # Null Byte
        DenyBody = ^.*%00.*$
        PreventXSS = yes
        PreventCSRF = yes
        PreventSQLi = yes
}

VirtualHost {
        Hostname = www.trenchantpen.com, trenchantpen.com
        WebsiteRoot = /var/www/trenchantpen/public_html
        StartFile = index.php
        AccessLogfile = /var/log/trenchantpen/access.log
        ErrorLogfile = /var/log/trenchantpen/error.log
        TimeForCGI = 30
        UseFastCGI = PHP5
        CustomHeader = X-Frame-Options: sameorigin
        RandomHeader = 64
        UseToolkit = wordpress, tiered-cache-control
        EnforceFirstHostname = yes
        #e.g. <script>alert("xss");</script>
        DenyBody = ^.*%3Cscript.*%3C%2Fscript%3E.*$
        # Null Byte
        DenyBody = ^.*%00.*$
        PreventXSS = yes
        PreventCSRF = yes
        PreventSQLi = yes
}

When Hiawatha is started, websites will be available within a second. That's all it takes to load the configuration and to initialize things. So, if it takes more than that, something else is causing it. My guess is that some other service or boot step is delaying the start of Hiawatha. Try changing the boot order of the Hiawatha service.

Thanks. I have been looking into this, and found that there is no script in /etc/init for hiawatha. Should I make one, or is there a better solution?

That depends on the OS you are using. But since Hiawatha does start during boot (otherwise, it wouldn't be available after a few minutes), there must be an init script somewhere. My guess is that there is some other cause to this.