The Hidden Dangers of Beautiful Themes

A Tale of Seduction and Betrayal

Some of the best-designed and officially featured WordPress themes aren’t built to handle mid-volume traffic. Just one incoming link from a semi-popular page can take your server down.

A New Blog for a Web App

The featured “News” theme that crashed my server

Everything started out smoothly. Like thousands of developers do every day, I set up a new WordPress installation to support a new web app I’m getting online. I’ve got a Linode 1536 which is perfect for this ?. It has gigs of free disk space and 800MB of unused RAM just for cache. And these virtual servers are fast. Mine hosts about 15 Rails and WordPress apps and the system load never gets up to 1.0.

For me, the hardest (and most fun) part of setting up a new blog is choosing the theme. I didn’t want to waste time, so I looked only at WordPress’s one-page “featured” themes list and chose News — a conservative theme with personality.

I wrote a few posts to get started, posted a link to one on Reddit, and went to sleep.

I Woke Up but My Server Wasn’t There

The network traffic graph gives a dramatic view of the server crash

At around 9am, I was in for a shock: no web pages were loading and it took 2 minutes to simply ssh in. There were about a million Apache processes running and the system was out of memory. Checking on Reddit, I saw that the post was getting a good amount of traffic: it was at the top of the r/programming subreddit. It had a couple of hundred up-votes; a lot, but certainly not an apocalypse. So this was odd. I also saw that someone reposted it to the Hacker News. (Nice!) Except that the posts were only noting that the site was offline (Not nice.)

Discovering the Culprit: the Theme

A helpful Hacker News reader suggested “Caching is your friend”. That was my first thought as well. WordPress by default is just a PHP app, doing a lot of repetitious work with every request. But that didn’t feel right. This was a brand new blog, after all, and the requests were all for one simple page.

18 comments

  1. Rachael Schmink

    “I wrote a few posts to get started, posted a link to one on Reddit, and went to sleep.”

    Well that was your first mistake right there. Never post a link on Reddit only to just go to sleep.

  2. name

    Reducing the request count was the right idea. Improving the load times could be done to move some content to a different domain. The Browser will then be capable to speed up since it can handle more connections with more domains.

    Using the the old design and locate stuff to a different domain will not “solve” the issue. Just postpone it to another day. You can’t solve issues with hardware if the software has “errors”.

    • huxley

      Both are good ideas but often aren’t practical for many theme users. Sadly theme makers don’t make money from efficient design, so reducing requests or moving to subdomains is an exercise left to the theme user.

      But if you’re using a theme, you may not be experienced enough to modify it to either reduce requests or move it to a subdomain. A bit of a catch-22 which leaves you frustrated when a good server is brought to its knees.

      • robb

        @name & @huxley, I agree with both of you. Maybe the solution is an automated testing setup for themes in the WordPress “codex”. Each theme could then be listed with a YSlow score. And themes scoring too low would be cut from the “featured” list.

      • Masklinn

        An interesting option could be to have some sort of themes CDN, all themes would get their static assets from there sharing caches across the theme’s userbase and preventing an excessive theme from blowing up blogs.

      • robb

        That ain’t a bad idea either. All of these identical themes installed redundantly, thousands of times over …

  3. Trackback: Quora
  4. Pingback: “I Woke Up but My Server Wasn’t There” - WPLover | WPLover
  5. Pingback: Auch Themes können Server lahmlegen | dreitehabee
  6. David

    well, (maybe)
    1. when you sprite all images in the theme, it’s going to be hard for end-user to modify the theme. (and alot of end-user modify the theme)
    2. news theme use 2 of custom font (lobster and league gothic), of course justin tadlock/ tung do (the developer) can use google font to reduce request. but i think maybe there’s a reason. (maybe not all country can access google server, i’m not sure too..)

    but yes, this theme at least need to sprite the images, not all, but reduce it to 2-3 images . and some image element can be replace just using css. (border radius etc..)

    (sorry for my english, it’s not my native language)

  7. Pingback: WP Late Night #6: "Gravy train to gold island" | WPCandy
  8. Pingback: wp-coder.net » WP Late Night #6: “Gravy train to gold island”
  9. Pingback: Auch Themes können Server lahmlegen - mkln.org
  10. Pingback: WordPress.com vs. Managed WordPress Hosting | The Robb Report

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s