3.0.12 Slow ; Browser Errors; Laravel Log Errors

Self Hosted
Akaunting Version: 3.0.12
Server: Ubuntu 22.04
PHP Version: 8.2.4
MySQL Version: 8.0.32-0ubuntu0.22.04.2
Browser: Brave Version 1.50.114 Chromium: 112.0.5615.49 (Official Build) (64-bit)

It's taking forever (30+ seconds) to go from page to page in the application. It didn't use to be like this. Now the software is almost unusable.

These are the errors we get in the browser console:

edit:1603 Refused to load the image 'https://assets.akaunting.com/software/admin/tips/bank-feeds.png' because it violates the following Content Security Policy directive: "default-src 'self' data: blob: *.google.com *.gstatic.com". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.

edit:1 Refused to load the image 'https://assets.akaunting.com/software/admin/tips/bank-feeds.png' because it violates the following Content Security Policy directive: "default-src 'self' data: blob: *.google.com *.gstatic.com". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.

DevTools failed to load source map: Could not load content for https://akaunting.aaaaaaa.bbb/public/akaunting-js/popper.min.js.map: Unexpected token '

..continued because this forum software is terrible

DevTools failed to load source map: Could not load content for https://akaunting.aaaaaaa.bbb/public/akaunting-js/popper.min.js.map: Unexpected token '

And we get lots of these errors in the Laravel log

[2023-04-10 06:48:17] production.ERROR: Attempted to lazy load [document] on model [App\Models\Banking\Transaction]. {"userId":1,"exception":"[object] (Exception(code: 0): Attempted to lazy load [document] on model [App\\Models\\Banking\\Transaction]. at /d01/www/akaunting/vendor/laravel/framework/src/Illuminate/Foundation/helpers.php:681)

Same here re: unusable. Not only do I click and wait *forever*, but the autoloader takes over my screen even when the data is clearly loaded in the background. Further, the UX makes no sense - can't even right click > open in new tab on an invoice?

My console errors:
DevTools failed to load source map: Could not parse content for https://akaunting.mysite.ca/public/akaunting-js/popper.min.js.map: Unexpected token '

Update: We performed some server maintenance - specifically, we installed PHP FPM and tweaked MySQL config - and noticed a *massive* speed boost on all our PHP web apps ..... .. . . . except Akaunting, which is actually slower. 20 seconds to login, and now nearly 38 seconds to click between pages.

Specifically, this appears at least a dozen times:
LOG.warning: addslashes(): Passing null to parameter #1 ($strong) of type string is deprecated in /home/public_html/akaunting/app/View/Components/DeleteLink.php on line 221

And here's my server specs - note that both opcache and fpm are installed...
Xeon 8 core 3.8Ghz
32GB RAM (of which 20GB and 22 instances are dedicated to SQL)

PHP
8.1.13
MySQL
10.3.27-MariaDB
Memory Limit
128M
Execution Time
30
PHP OS
Linux
PHP SAPI
fpm-fcgi
PHP Timezone
UTC
Requirements
[]
PHP Extensions
array:45 [▼
0 => "Core"
1 => "date"
2 => "libxml"
3 => "openssl"
4 => "pcre"
5 => "zlib"
6 => "filter"
7 => "hash"
8 => "json"
9 => "pcntl"
10 => "Reflection"
11 => "SPL"
12 => "session"
13 => "standard"
14 => "cgi-fcgi"
15 => "bcmath"
16 => "calendar"
17 => "ctype"
18 => "curl"
19 => "dom"
20 => "fileinfo"
21 => "ftp"
22 => "gd"
23 => "iconv"
24 => "imap"
25 => "intl"
26 => "mbstring"
27 => "mysqlnd"
28 => "PDO"
29 => "Phar"
30 => "posix"
31 => "SimpleXML"
32 => "soap"
33 => "sockets"
34 => "sqlite3"
35 => "tokenizer"
36 => "xml"
37 => "xmlwriter"
38 => "xsl"
39 => "zip"
40 => "mysqli"
41 => "pdo_mysql"
42 => "pdo_sqlite"
43 => "xmlreader"
44 => "Zend OPcache"
]

My entire team is crippled by the speed, and we've had enough so we took an even deeper look. It appears that a random page of data is 5MB (!!!) in size. This is huge for a media-light page, but it suggests there are a LOT of libraries ... and possibly a compression issue. I checked /akaunting/.htaccess and, sure enough, there was no compression enabled server-side. I added it and GUESS WHAT!!! PAGE LOADS ARE HUMANE!!!!

Without further adieu and in the hopes that it may help others, here is my modified .htaccess:

# Prevent Directory Listing

IndexIgnore *


### Begin: Compression THIS MUST BE THE FIRST BLOCK BEFORE ANY REWRITING ###


AddType "text/javascript" .gzip


AddType "text/css" .gzip

AddEncoding gzip .gzip


# Force compression for mangled `Accept-Encoding` request headers


SetEnvIfNoCase ^(Accept-EncodXng|X-cept-Encoding|X{15}|~{15}|-{15})$ ^((gzip|deflate)\s*,?\s*)+|[X~-]{4,13}$ HAV$
RequestHeader append Accept-Encoding "gzip,deflate" env=HAVE_Accept-Encoding



# Compress all output labeled with one of the following media types.
#
# (!) For Apache versions below version 2.3.7 you don't need to
# enable `mod_filter` and can remove the ``
# and `` lines as `AddOutputFilterByType` is still in
# the core directives.
#
# https://httpd.apache.org/docs/current/mod/mod_filter.html#addoutputfilterbytype


AddOutputFilterByType DEFLATE application/atom+xml \
application/javascript \
application/json \
application/ld+json \
application/manifest+json \
application/rdf+xml \
application/rss+xml \
application/schema+json \
application/vnd.geo+json \
application/vnd.ms-fontobject \
application/x-font-ttf \
application/x-javascript \
application/x-web-app-manifest+json \
application/xhtml+xml \
application/xml \
font/eot \
font/opentype \
image/bmp \
image/svg+xml \
image/vnd.microsoft.icon \
image/x-icon \
text/cache-manifest \
text/css \
text/html \
text/javascript \
text/plain \
text/vcard \
text/vnd.rim.location.xloc \
text/vtt \
text/x-component \
text/x-cross-domain-policy \
text/xml



AddEncoding gzip svgz



### End: Compression ###

### Begin: Browser caching of resource files ###

# This affects Frontend and Backend and increases performance.


ExpiresActive on
ExpiresDefault "access plus 1 year"

ExpiresByType text/css "access plus 1 year"

ExpiresByType application/json "access plus 0 seconds"
ExpiresByType application/ld+json "access plus 0 seconds"
ExpiresByType application/schema+json "access plus 0 seconds"
ExpiresByType application/vnd.geo+json "access plus 0 seconds"
ExpiresByType application/xml "access plus 0 seconds"
ExpiresByType text/xml "access plus 0 seconds"

ExpiresByType image/vnd.microsoft.icon "access plus 1 week"
ExpiresByType image/x-icon "access plus 1 week"

ExpiresByType text/x-component "access plus 1 month"

ExpiresByType text/html "access plus 0 seconds"

ExpiresByType application/javascript "access plus 1 year"
ExpiresByType application/x-javascript "access plus 1 year"
ExpiresByType text/javascript "access plus 1 year"

ExpiresByType application/manifest+json "access plus 1 week"
ExpiresByType application/x-web-app-manifest+json "access plus 0 seconds"
ExpiresByType text/cache-manifest "access plus 0 seconds"

ExpiresByType audio/ogg "access plus 1 year"
ExpiresByType image/bmp "access plus 1 year"
ExpiresByType image/gif "access plus 1 year"
ExpiresByType image/jpeg "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
ExpiresByType image/svg+xml "access plus 1 year"
ExpiresByType image/webp "access plus 1 year"
ExpiresByType video/mp4 "access plus 1 year"
ExpiresByType video/ogg "access plus 1 year"
ExpiresByType video/webm "access plus 1 year"

ExpiresByType application/atom+xml "access plus 1 hour"
ExpiresByType application/rdf+xml "access plus 1 hour"
ExpiresByType application/rss+xml "access plus 1 hour"

ExpiresByType application/vnd.ms-fontobject "access plus 1 year"
ExpiresByType font/eot "access plus 1 year"
ExpiresByType font/opentype "access plus 1 year"
ExpiresByType application/x-font-ttf "access plus 1 year"
ExpiresByType application/font-woff "access plus 1 year"
ExpiresByType application/x-font-woff "access plus 1 year"
ExpiresByType font/woff "access plus 1 year"
ExpiresByType application/font-woff2 "access plus 1 year"

ExpiresByType text/x-cross-domain-policy "access plus 1 week"



### End: Browser caching of resource files ###


# Prevent Directory Listing

Options -MultiViews -Indexes


RewriteEngine On

# Prevent Direct Access to Protected Files

# Apache 2.2 syntax

Order deny,allow
Deny from all

# Apache 2.4 syntax

Require all denied



# Prevent Direct Access To Protected Folders
RewriteRule ^(app|bootstrap|config|database|overrides|resources|routes|storage|tests)/(.*) / [L,R=301]

# Prevent Direct Access To modules/vendor Folders Except Assets
RewriteRule ^(modules|vendor)/(.*)\.((?!ico|gif|jpg|jpeg|png|js\b|css|less|sass|font|woff|woff2|eot|ttf|svg|xls|xlsx).)*$ / [L,R=301]

# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /$1 [L,R=301]

# Send Requests To Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]

# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]




# php -- BEGIN cPanel-generated handler, do not edit
# Set the “ea-php81” package as the default “PHP” programming language.

AddHandler application/x-httpd-ea-php81 .php .php8 .phtml

# php -- END cPanel-generated handler, do not edit

Whoops, I should note, the forum is (rightfully) filtering the ifmodules, so I'll try to put them in this way...

- Wrap indexignore in ifmodule:
- Before #Force compression, add an ifmodule:
- After text/xml, close the ifmodule:
- Wrap the AddEncoding gzip svgz in ifmodule: AND THEN add another closing
- Before "#Prevent directory listing", add and ifmodule:
- Before " ExpiresActive on", add and ifmodule:
- After cross-domain-policy "access plus 1 week", close the ifmodule:
- Before "# Prevent Directory Listing", wrap an if:
# Prevent Directory Listing
- After Options -MultiViews -Indexes, close the if:
- After HTTP:Authorization}], close the ifmodule:

Scratch that. 5 years, multiple updates, and still no solution ...
To prevent the "it's your host" error, I am now spending a small mortgage on a blazing fast server yet every page is taking over 20 seconds to load. The compression doesn't matter, the PHP handler (PHP=FPM or LSAPI) doesn't matter ... the pages are *huge* and take forever to parse. The only progress I have is that I took a performance snapshot in the browser and, sure enough, the parsing of HTML is taking 23.74s - specifically:

Total time: 23.73s
Self Time: 114.91 ms
Range: /1/sales/invoices?list_records=all:20764
Aggregated time:
115 ms loading (self)
5971 ms loading (children)
11898 ms scripting
794 ms rendering
4958 ms system
23736 ms Total

With a hardware tweak, I can now get down to about 5 seconds per page. Not great, but a LOT better. Here's my checklist so far:

1.) enable compression in .htaccess
NOTE: My code above was gets filtered but any search for htaccess compression should get you pointed in the right direction

2.) adjust server hardware settings
With huge pages, you simply must have fast hardware. Verify with your web host that enough RAM is allocated and increase disk IO speed as high as possible. I had mine increased from 1MB/s to 32MB/s and even then akaunting was still slow. No other app has this problem.

3.) Try a different PHP module
Depending on your server, using either PHP-FPM or mod_lsapi should give a performance boost

4.) Disable debug in .env
APP_DEBUG=false