1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Tweaking and tuning apache!

Discussion in 'Hire a Freelancer' started by writingismypassion, Jan 15, 2016.

  1. writingismypassion

    writingismypassion BANNED BANNED

    Joined:
    Jun 21, 2015
    Messages:
    1,110
    Likes Received:
    61
    Hello i have hosted 10+ wordpress sites on a 512mb ram vps(i know its low)
    I need someone to disable unneeded or unneccessary files\process which are running and taking my memory.like disabling modules which are not needed.
    it will hardly take half an hour if you know all things right.
    My budget is not much.
    Let me know if you can do it and any tutorial you ca refer ( i will try to do it myself)
    I have centos installed and vesta cp panel running.
     
  2. writingismypassion

    writingismypassion BANNED BANNED

    Joined:
    Jun 21, 2015
    Messages:
    1,110
    Likes Received:
    61
    anyone ?
     
  3. Asif WILSON Khan

    Asif WILSON Khan Executive VIP Jr. VIP

    Joined:
    Nov 10, 2012
    Messages:
    11,448
    Likes Received:
    32,370
    Gender:
    Male
    Occupation:
    Fun Lovin' Criminal
    Location:
    London
    Home Page:
    I don't want to be rude but you need to spend more on better hosting.
    If you can't afford hosting then you need to scale back your projects.
    Also this should be in the Haf section, although I don't anybody would be interested in doing this for peanuts.
    http://www.blackhatworld.com/blackhat-seo/f76-hire-freelancer/
     
    • Thanks Thanks x 1
  4. TayaX

    TayaX Jr. VIP Jr. VIP

    Joined:
    Dec 13, 2010
    Messages:
    3,457
    Likes Received:
    1,931
    Occupation:
    Skype : TayaxBHW
    Location:
    France
    Home Page:
    Anyone will take you more than what an upgrade of your server will cost you.
     
  5. Apricot

    Apricot Administrator Staff Member

    Joined:
    Mar 26, 2013
    Messages:
    12,564
    Likes Received:
    7,973
    Gender:
    Female
    Occupation:
    BHW Moderator
    Location:
    the clacks
    Home Page:
    moved to hire-a-freelancer section
     
  6. myers424

    myers424 Registered Member

    Joined:
    Nov 11, 2013
    Messages:
    73
    Likes Received:
    3
    Home Page:
    How much is you budget.
    What's your vps running on.
    Control panel?
     
  7. Nesousx

    Nesousx Registered Member

    Joined:
    Sep 9, 2009
    Messages:
    66
    Likes Received:
    59
    Hi OP,

    I tend to agree with what was said before : upgrade will cost you less (and give you better results) than tweaking apache.

    Moreover tweaking Apache is not about disabling unnecessary modules (if they are not used, they are not using resources). Apache tweaking is more about setting max connections, number of forks, etc. And imho, when tweaking, you should also tweak databases system (probably mysql in your case).

    If you really want better performance for you actual "hardware", it would be better to give Nginx + php-fpm a try instead of using Apache, or again tweak mysql before tweaking Apache.

    Considering how "low", you actual VPS is, I would personally just upgrade it before trying to tweak it.
     
    • Thanks Thanks x 1
  8. fatboy

    fatboy Elite Member

    Joined:
    Aug 13, 2008
    Messages:
    1,618
    Likes Received:
    3,229
    Occupation:
    Retired
    Location:
    Old Peoples Home
    If you have busy sites then I would spend more time looking at the database side of things and the caching you have on the wordpress installs. As all the sites are dynamic thats where your memory will get slapped.

    If you want to keep hosting on a small VPS, and to be honest I am surprised that a 512Mb one is running that without sobbing like a little girl if you have any large number of visitors, I would take a look at installing something like Nginx for the web server and either use a very tweaked mysql install or check out something with a lower memory footprint (haven't really looked but checked out mongo or mariadb, they may be more efficient)

    Good luck though!
     
    • Thanks Thanks x 1
  9. abhiman

    abhiman Newbie

    Joined:
    Dec 16, 2015
    Messages:
    20
    Likes Received:
    0
    installation of ngnix is better than tweaking apache. also you can use percona database, it performs better than the plain mysql. If you are looking for any help on this then PM me I will help you out.
     
  10. Loyal0

    Loyal0 Junior Member

    Joined:
    Oct 20, 2015
    Messages:
    162
    Likes Received:
    347
    Try nginx instead of Apache and use Redis caching. I would advice against using nosql solutions, on your level the performance gain is minimal
     
  11. dabandit

    dabandit Junior Member

    Joined:
    Feb 21, 2008
    Messages:
    140
    Likes Received:
    50
    If your Wordpress content is primarily static to anonymous users, turn on and configure mod_cache and htcacheclean. Works just like Nginx's FastCGI Cache or Varnish. Once the page is saved on disk and enters Linux's disk cache, the kernel spits out the pages like there's no tomorrow. You'll be bandwidth limited on most hosts before you even get anywhere close to stressing the CPU.

    Example of my mod_cache settings if I ever needed it:
    Code:
    CacheEnable disk /
    CacheDirLength 1
    CacheIgnoreHeaders Set-Cookie
    CacheLock On
    CacheRoot "/var/cache/apache2/"
     
    • Thanks Thanks x 1
  12. dabandit

    dabandit Junior Member

    Joined:
    Feb 21, 2008
    Messages:
    140
    Likes Received:
    50
    This image below shows a non-scientific benchmark being ran against a 1CPU/768MB instant on Vultr running Apache 2.4.18 (mod_security/crs enabled) w/PHP-FPM (suhosin+ioncube) (using ECDHSA/ECC certs, ALPN, SSL Cooldown+SessionCache+Stapling+Tickets and HTTP2).

    [​IMG]

    If this were plain HTTP, I'd probably have a RPS over 12K, if not more. If I created another PHP-FPM listener, for only ionCube required apps, I'd wouldn't have the performance bottleneck of ionCube running everytime a php file is processed. When I hear people complain about Apache being slow, it makes me laugh. It's usually an apples to orange comparison of mod_PHP vs Nginx's FastCGI instead of going against Apache's mod_proxy_fcgi.
     
    Last edited: May 7, 2016
  13. dabandit

    dabandit Junior Member

    Joined:
    Feb 21, 2008
    Messages:
    140
    Likes Received:
    50
    The configs and compile profile for the Apache server running on the 1CPU/768MB instance.

    apache2 -V:
    Code:
    Server version: Apache/2.4.18 (Unix)
    Server built:   May  3 2016 20:05:54
    Server's Module Magic Number: 20120211:52
    Server loaded:  APR 1.5.2, APR-UTIL 1.5.4
    Compiled using: APR 1.5.2, APR-UTIL 1.5.4
    Architecture:   64-bit
    Server MPM:     event
      threaded:     yes (fixed thread count)
        forked:     yes (variable process count)
    Server compiled with....
     -D APR_HAS_SENDFILE
     -D APR_HAS_MMAP
     -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
     -D APR_USE_SYSVSEM_SERIALIZE
     -D APR_USE_PTHREAD_SERIALIZE
     -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
     -D APR_HAS_OTHER_CHILD
     -D AP_HAVE_RELIABLE_PIPED_LOGS
     -D DYNAMIC_MODULE_LIMIT=256
     -D HTTPD_ROOT="/usr"
     -D SUEXEC_BIN="/usr/bin/suexec"
     -D DEFAULT_PIDLOG="/var/run/httpd.pid"
     -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
     -D DEFAULT_ERRORLOG="logs/error_log"
     -D AP_TYPES_CONFIG_FILE="/etc/apache2/mime.types"
     -D SERVER_CONFIG_FILE="/etc/apache2/httpd.conf"
    apache2 -M:
    Code:
    Loaded Modules:
     core_module (static)
     so_module (static)
     http_module (static)
     mpm_event_module (static)
     alias_module (shared)
     authn_core_module (shared)
     authz_core_module (shared)
     authz_host_module (shared)
     dir_module (shared)
     env_module (shared)
     expires_module (shared)
     headers_module (shared)
     http2_module (shared)
     log_config_module (shared)
     mime_module (shared)
     proxy_module (shared)
     proxy_fcgi_module (shared)
     rewrite_module (shared)
     setenvif_module (shared)
     ssl_module (shared)
     socache_shmcb_module (shared)
     unique_id_module (shared)
     unixd_module (shared)
    /etc/apache2/httpd.conf:
    Code:
    ServerRoot "/usr/lib64/apache2"
    Group apache
    Include /etc/apache2/modules.d/*.conf
    Include /etc/apache2/vhosts.d/*.conf
    Listen xxx.xxx.xxx.xxx:80 [B](I have my Apache bound to a single IP [IPv4 and IPv6] as my machine has multiple IPs.  If you have only one IP or you want Apache to listen on all interfaces, use ":80".)
    [/B]Listen [xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx]:80 [B](Comment out or delete if you don't need IPv6)[/B]
    Listen xxx.xxx.xxx.xxx:443 [B](Comment out or delete if you don't need ssl)[/B]
    Listen [xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx]:443 [B](Comment out or delete if you don't need ssl or IPv6)[/B]
    LoadModule alias_module modules/mod_alias.so
    LoadModule authn_core_module modules/mod_authn_core.so
    LoadModule authz_core_module modules/mod_authz_core.so
    LoadModule authz_host_module modules/mod_authz_host.so
    #LoadModule cache_module modules/mod_cache.so [B](I don't have it turned on.  I'll only enable it if there's a significant traffic spike.)[/B]
    #LoadModule cache_disk_module modules/mod_cache_disk.so [B](Works in conjuction with the above.)[/B]
    LoadModule dir_module modules/mod_dir.so
    LoadModule env_module modules/mod_env.so
    LoadModule expires_module modules/mod_expires.so
    LoadModule headers_module modules/mod_headers.so
    LoadModule http2_module modules/mod_http2.so [B](Comment out or delete if not using HTTP2.)[/B]
    LoadModule log_config_module modules/mod_log_config.so
    LoadModule mime_module modules/mod_mime.so
    LoadModule proxy_module modules/mod_proxy.so
    LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
    LoadModule rewrite_module modules/mod_rewrite.so
    LoadModule setenvif_module modules/mod_setenvif.so
    LoadModule ssl_module modules/mod_ssl.so
    LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
    LoadModule unique_id_module modules/mod_unique_id.so
    LoadModule unixd_module modules/mod_unixd.so
    # Enable Debugging Of Specific Modules
    #LogLevel modulename:trace3
    #LogLevel modulename:info
    #LogLevel http2:info
    PidFile /run/apache2.pid
    User apache
    modules.d/00_default_settings.conf:
    Code:
    AddDefaultCharset UTF-8
    ContentDigest Off
    <Directory />
    	Options FollowSymLinks
    	AllowOverride None [B](Disables .htaccess which you shouldn't be using anyway.  It's a major performance hit.  Whatever is in a .htaccess file should be in your Apache config.)[/B]
    	Require all denied
    </Directory>
    EnableMMAP On
    EnableSendfile On
    ErrorLog /var/log/apache2/error.log
    FileETag MTime Size
    <FilesMatch "^\.ht">
    	Require all denied
    </FilesMatch>
    HostnameLookups Off
    KeepAlive On
    KeepAliveTimeout 3
    LogLevel warn
    MaxKeepAliveRequests 100
    Protocols h2 http/1.1 [B](comment out or delete if you're not using HTTP2)[/B]
    ServerName captainrex [B](change to your server's hostname)[/B]
    ServerSignature Off
    ServerTokens Prod
    Timeout 30
    TraceEnable off
    UseCanonicalName Off
    


    modules.d/00_mpm.conf
    : (These are my optimal settings. You need to experiment to find the optimal settings that satisfy you.)
    Code:
    MaxRequestWorkers	256
    ServerLimit		2
    ThreadLimit		128
    ThreadsPerChild		128
    
    modules.d/01_mod_cache.conf: (Mod-cache is disabled on my system 99% of the time.)
    Code:
    <IfDefine CACHE>
    CacheDefaultExpire 5 [B](I use microcaching - short term caching of dynamic content.)[/B]
    CacheEnable disk /
    CacheDirLevels 2
    CacheDirLength 1
    CacheIgnoreHeaders Set-Cookie [B](Prevents caching of headers.)[/B]
    CacheLock On
    CacheLockMaxAge 1
    CacheLockPath /tmp/mod_cache-lock
    CacheRoot "/var/cache/apache2/" [B](Must be writeable by the server.)[/B]
    </IfDefine>
    
    modules.d/01_mod_expires.conf:
    Code:
    ExpiresActive On
    ExpiresDefault						"access plus 1 month"
    ExpiresByType application/json				"access plus 5 minutes"
    ExpiresByType application/xml				"access plus 5 minutes"
    ExpiresByType text/xml					"access plus 5 minutes"
    ExpiresByType application/xhtml+xml			"access plus 0 seconds"
    ExpiresByType text/html					"access plus 0 seconds"
    ExpiresByType application/x-web-app-manifest+json	"access plus 5 minutes"
    ExpiresByType text/cache-manifest			"access plus 5 minutes"
    ExpiresByType application/atom+xml			"access plus 1 hour"
    ExpiresByType application/rss+xml			"access plus 1 hour"
    
    modules.d/01_mod_headers.conf:
    Code:
    <FilesMatch "\.(bz2|css|exe|flv|gif|ico|jpe?g|js|pdf|png|rar|swf|t?gz|zip)$">
    	Header set Cache-Control "max-age=31536000, public"
    </FilesMatch>
    <FilesMatch "\.(htm|x?html)$">
            Header set Cache-Control "public, must-revalidate"
    </FilesMatch>
    Header always set X-Content-Type-Options "nosniff"
    Header always set X-Frame-Options "DENY"
    Header set X-Robots-Tag "noarchive,nofollow,noindex,noodp,nosnippet,noydir"
    Header set X-UA-Compatible "IE=Edge"
    
    modules.d/01_mod_ssl.conf: (Unnecessary if you're not using SSL.)
    Code:
    SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA
    SSLHonorCipherOrder On
    SSLOpenSSLConfCmd DHParameters /etc/ssl/apache2/dhparam_2048.pem
    SSLProtocol all -SSLv2 -SSLv3
    SSLSessionCache shmcb:/dev/shm/ssl_scache(512000)
    SSLSessionCacheTimeout 43200
    SSLStaplingCache shmcb:/dev/shm/stapling_cache(128000)
    SSLStaplingResponderTimeout 5
    SSLStaplingReturnResponderErrors off
    SSLUseStapling On
    
    No need in posting my fail2ban and mod_security configs.

    Sample Wordpress domain template:
    Code:
    VirtualHost xxx.xxx.xxx.xxx:80> [B](Can use ":80" instead)[/B]
    <Directory "/var/www/www.example.com">
    	Require all granted
    	RewriteEngine On
    	RewriteBase /
    	RewriteRule ^index\.php$ - [L]
    	RewriteCond %{REQUEST_FILENAME} !-f
    	RewriteCond %{REQUEST_FILENAME} !-d
    	RewriteRule . /index.php [L]
    	####RewriteRule ^(.*)$ /index.php/$1 [L,QSA] [B](Use this instead of the preceding line if using Mod_Cache.  Comment out preceding line)[/B]
    </Directory>
    DirectoryIndex index.php index.html
    DocumentRoot "/var/www/www.example.com"
    <FilesMatch \.php$>
    	SetHandler "proxy:unix:///var/run/php-fpm/php-fpm.sock|fcgi://localhost/" [B](Connect to locally running instance of PHP-FPM socket.)[/B]
    </FilesMatch>
    Header always set X-Frame-Options SAMEORIGIN [B](Overrules default option.)[/B]
    Header always set X-Xss-Protection "1; mode=block
    Header set X-Robots-Tag "noarchive,nofollow,noodp,nosnippet,noydir" [B](Overrules default option.)[/B]
    ServerAdmin [email protected]
    ServerName www.example.com
    </VirtualHost>
    <VirtualHost xxx.xxx.xxx.xxx:80> [B](Same as line one.)[/B]
    Redirect permanent / http://www.example.com/
    ServerName example.com
    </VirtualHost>
    
    php-fpm.conf: (As I stated before, these are my custom settings. This may not work for you.)
    Code:
    [global]
    error_log = /var/log/php-fpm.log
    emergency_restart_threshold = 2
    emergency_restart_interval = 1m
    process_control_timeout = 10s
    
    [www]
    listen = /var/run/php-fpm/php-fpm.sock
    listen.backlog = 65536
    listen.owner = apache
    listen.group = apache
    user = apache
    group = apache
    pm = static
    pm.max_children = 1
    pm.max_requests = 1024
    
    php.ini: (As I stated before, these are my custom settings. This may not work for you.)
    Code:
    [PHP]
    allow_url_fopen = On
    always_populate_raw_post_data=-1
    display_errors = Off
    error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT
    expose_php = Off
    log_errors = On
    memory_limit = 128M [B][/B]
    output_buffering = 4096
    post_max_size = 64M [B][/B]
    register_argc_argv = Off
    request_order = "GP"
    upload_max_filesize = 64M [B][/B]
    variables_order = "GPCS"
    [Date]
    date.timezone = America/New_York [B](Change to whatever timezone you want.)[/B]
    [Session]
    session.cache_limiter =
    session.cookie_httponly = On
    session.cookie_secure = On [B](Comment or delete if not using SSL.)[/B]
    session.gc_divisor = 1000
    session.hash_bits_per_character = 5
    session.save_handler = files
    session.save_path = "/var/www/save_path" [B](Must be writeable by use PHP-FPM is running under.  Change to whatever directory you want.)[/B]
    url_rewriter.tags = "a=href,area=href,frame=src,input=src,form=fakeentry"
    
    Warning: Use this as a template to adjust your settings. Be sure to read both Apache's and PHP's documentation on what a configuration variable means. I know for a fact that CentOS and a lot of other distros have some funky scripting that ties into environment variables that won't allow this configuration to work if you're lazy and think you're going to do a copy and paste. Apache won't start if you do that. Keep backups of your working configs!!! Change one variable. Save. Restart. Benchmark. Compare.
     
    Last edited: May 7, 2016