Besiege Your Web Application - Load Testing over HTTP

When performance tuning a system, it’s vital that you continually monitor the effect of any changes that you make. Instrumentation should be put in place to provide continual access to consistent metrics.

Web applications are no different. They can be complex beasts, however, so you may benefit from many different layers of instrumentation. If you’re building on a feature-rich framework, you probably have access to timers and counters within your code. These are very useful for telling you how long different stages of your application take to execute, and can count and time calls to external systems, such as SQL queries.

Sometimes, however, you need a view of the bigger picture – a benchmark that more accurately represents the performance your users experience, and encompasses all aspects of servicing their request, including network latency and HTTP server overhead.

Siege is a free UNIX (Linux / Mac OS etc) tool from JoeDog Software which provides just that.

Siege is an http regression testing and benchmarking utility. It was designed to let web developers measure the performance of their code under duress, to see how it will stand up to load on the internet. Siege supports basic authentication, cookies, HTTP and HTTPS protocols. It allows the user hit a web server with a configurable number of concurrent simulated users. Those users place the webserver “under siege.”

Siege can be installed on Mac OS via MacPorts, or easily compiled from source if you have XCode and a love of the command line. If you’re on Windows PC, you can run it under Cygwin, or use the free VMware Server to install a Linux distribution such as Ubuntu as a virtual machine.

Take a look through the documentation as well as the ~/.siegerc file and siege –help output to get an idea of what it can do. In particular, the URLs File gives you great control over how different parts of your web application are put to the test.

I’ll leave you with a very basic example to get the ball rolling:

# siege -b -c5 -r20 http://test.ubuntu.vm/static.html  ** SIEGE 2.66 ** Preparing 5 concurrent users for battle. The server is now under siege..      done. Transactions:                    100 hits Availability:                 100.00 % Elapsed time:                   0.18 secs Data transferred:               0.01 MB Response time:                  0.01 secs Transaction rate:             555.56 trans/sec Throughput:                     0.07 MB/sec Concurrency:                    4.83 Successful transactions:         100 Failed transactions:               0 Longest transaction:            0.03 Shortest transaction:           0.00 
# siege -b -c5 -r20 http://test.ubuntu.vm/randomsleep.php  ** SIEGE 2.66 ** Preparing 5 concurrent users for battle. The server is now under siege..      done. Transactions:                    100 hits Availability:                 100.00 % Elapsed time:                   2.95 secs Data transferred:               0.01 MB Response time:                  0.07 secs Transaction rate:              33.90 trans/sec Throughput:                     0.00 MB/sec Concurrency:                    2.36 Successful transactions:         100 Failed transactions:               0 Longest transaction:            2.69 Shortest transaction:           0.00 


Category: programming Time: 2007-05-07 Views: 2

Related post

  • Web application load testing 2013-12-31

    Anyone had experience with load testing tools like WAPT Pro? I want to know, when recording those load test script on a web application, shall i include those like Google Analytic tracking request? Or just focus on application itself will do? -------

  • Request bursting from web application Load Tests 2010-02-19

    I'm migrating our web and database hosting to a new environment on all new machines. I've recently performed a Load Test using WAPT to generate load from multiple distributed clients. The server has plenty of room to handle the traffic load, but I'm

  • Is it smart to use an API on the same server as your web application 2016-06-13

    Im new to RESTful API's and would like to find some info out. Currently we run a daily digest of eHealth material for the public to read and get up to date content regarding that topic. Which is powered by Laravel 5.2 and a MySQL Database. We have a

  • Open source web application penetration testing community 2011-08-21

    I do web development for a living but my real passion is security. I have worked with countless open source web application/framework and I have found vulnerabilities in most of them. The main cause of those vulnerabilities is a lack of security educ

  • Web application penetration testing resources? 2012-07-31

    Possible Duplicate: Best resources to learn web security attacks? I'm very interested in web application penetration testing. I went over every good Youtube video on that subject and most of the books. I'm reading Tangled web at the moment. Thanks to

  • Is it necessary to test all input parameters of a web application when testing its security? 2013-07-16

    We know that testing input parameters for lack of validation is one part of a black box web vulnerability assessment but, is it necessary to test ALL input parameters (parameters, cookies, HTTP headers, URLs...)? If we don't test one it is possible t

  • How do I change an existing SharePoint web application to run the https protocol? 2015-06-16

    We have a internet web application that published and running under http protocol, now we want to change to https . the existing web application running on Port 80 its url is this Internet web application configured with F5 Net

  • Extract zip files before web application loads 2016-02-09

    How can I go about extracting zipped file into a folder before my web application loads? For a reason, I need to have a zipped file of the framework. When I run my web application through Visual Studio, I want to be able to extract the files (from th

  • What is a good browser for web application pen testing? 2014-08-25

    I am getting started in testing web applications, and I am having trouble verifying vulnerabilities. It seems all modern browsers have protections against things like XSS. When something like Burp finds an XSS vulnerability, I can't ever verify it wh

  • Web Application Performance Testing - End User Experience 2009-10-02

    I currently maintain servers that host a .NET web application for external customers (primarily Microsoft technologies). I would like to find some tools or services that would let me measure web application response time and/or end user experience wi

  • When to trust a web application's security with HTTPS only rather than use a VPN? 2011-04-22

    We are installing a vendor-supplied application on IIS 7.5, giving access to sensitive customer details for remote access by our staff. I am wondering whether it is necessary to use a VPN to secure it. Using a VPN would be considerably more i

  • What are some small, standalone or web applications for test new QA staff on? 2013-01-28

    I'm permanently stuck with the following trouble: being Senior QA I need to quickly check and hire people for short-time testing projects. I specialize mostly in manual testing, while the range of applications is practically unlimited: web portals, s

  • How to Estimate time taken for Web Application Security Testing? 2015-08-19

    I would like to do some kind of estimation for time taken to test a website/ web application for security vulnerabilities. I will be testing websites against OWASP Top 10 Based on my understanding, Number of static/dynamic URLs, number of parameters

  • Web services load test with increment variable 2012-06-07

    I'm trying to found out some application or way to run a load test on a Web services. requests must simultaneous but my big problem is that: for every request, the values passed to a variable long must increment! has any one got any idea ? Tnx! -----

  • Scaling Your Web Application: VPS vs PAAS 2012-10-09

    You have deployed your Rails application to your VPS, or to Heroku. Traffic starts to arrive as interest in your application builds. Next, it goes viral. Then your application crashes- Much has been discussed about the scalability or otherwise of Rai

  • How to setup cluster of virtual machines to host web application with fail-over redundancy? 2013-01-14

    I would like to know how to setup a cluster of virtual machines to host a web application. We are expecting a high volume of clients connecting. I would like a cluster of virtual machines (or physical if it makes more sense) that host this web applic

  • Is one Web Application Architecture preferred over several Web Applications? 2013-08-26

    In almost all of the SharePoint projects I've participated in, the general architecture is three different web applications for intranet, cooperation and mysite. This has been the standard setup in any project. So far I've never experienced any perfo

  • Implementing password-reset in a web application by authtoken over email 2014-06-05

    I think I have a basic understanding of security concerns, but I feel like if I don't know everything, I'm going to implement lousy solutions. Below is my current strategy; Have I overlooked obvious best practices? I've read Can anyone provide refere

  • CNAME site attempts to load files over HTTP instead of HTTPS 2015-05-11

    The main site loads fine. We have a CNAME pointing from the above domain to the following domain, however, the page source shows HTTP for all the asset files. Even the Google Font which is ha

iOS development

Android development

Python development

JAVA development

Development language

PHP development

Ruby development


Front-end development


development tools

Open Platform

Javascript development

.NET development

cloud computing


Copyright (C), All Rights Reserved.

processed in 2.373 (s). 13 q(s)