Just recently I’ve been plagued by an issue with a Magento cart checkout performing slowly between stages 5 and 6 of the standard one page checkout process. Some bad code in Magento’s core helped reduce the delays (Loop limit counters that are initialised INSIDE the loop? Hello?), along with judicious increases to DB and PHP cache sizes. However the problem remained, leaving me with a 6-10 second delay (Down from 15-20 I must add) when hitting the final button in the checkout to head off to the payment gateway of choice.

The culprit?

An open_basedir directive in the http.conf file for the VHost it was running on.

A note to anyone unfortunate enough to find themselves butting up against this problem: When open_basedir is enabled, the PHP realcache gets turned off. This cache basically tracks the locations of included files, meaning that the OS doesn’t have to perform as many lstat() calls to determine what’s going on with the files you’re trying to include. Once it’s disabled, and Magento decides to trigger a host of AJAX related checkout processes like, say, saving your order, emailing the customer and contacting the payment gateway, those lstat() calls add up fast.

The solution? Security pundits might wince, but the way around this little beauty is to disable open_basedir and hope to all things holy that there aren’t any arbitrary file access holes in the Magento codebase, which, given its immense size (Which contributes to this problem in the first place…) might be a risky bet.

There’s plenty of detail over here: http://blog.nexcess.net/, but I thought I share for any other poor souls out there who’ve lost sleep thanks to this behemoth of a shopping cart. For anyone looking for an alternative, I’ve heard you can do a lot worse than Oxid or OpenCart