[pmwiki-users] Performance problems with passwords

Tyler Spivey tspivey at pcdesk.net
Wed Oct 19 17:51:41 CDT 2016


I'm trying to understand how I can speed up PMWiki.
I found an easily-reproduceable test case involving passwords. Using one 
slows down my page quite a bit, even in the most common case, someone 
reading the wiki without authenticating.

First, I extracted pmwiki and copied the sample config to config.php.
Then I ran
php -S 0:8001
To start the development server.
curl localhost:8001/pmwiki.php
We can ignore the first one, I think it's just a redirect while PmWiki 
sets up wiki.d.
time curl -s localhost:8001/pmwiki.php >/dev/null
Running that 3 times, we get around 58ms. Not too bad.

Now I want an admin and edit password:
$DefaultPasswords['admin'] = pmcrypt('secret');
$DefaultPasswords['edit'] = pmcrypt('secret');

With this, the lowest I've seen my page go is 405ms. Understandable, 
since I'm calling pmcrypt() for each page load.
password_hash() and thus pmcrypt() is expensive. We can reduce this 
slightly by pre-encrypting them, which I did, and edited the relevant 
lines to precompute pmcrypt('secret').
Encrypted password = 

Even with that, the best I can get is 223ms, far from the 58 I 
originally had.
It's trying to compare "nopass" with both of my encrypted passwords, 
adding 80 or so ms per call.
Can anything be done to optimize this?

PHP Version => 7.0.8-0ubuntu0.16.04.3
Operating system: Ubuntu 16.04.1

More information about the pmwiki-users mailing list