• Home
  •  > 
  • Games
  •  > 
  • Quick optimization of Apache and Nginx web server settings.

Quick optimization of Apache and Nginx web server settings.

At all, if you can don't lift Apache, don't do this. Consider whether lighttpd or thttpd can perform the tasks you need. These web servers can be very useful in situations where there are not enough system resources for everyone, but it should work. I repeat once again: we are talking about those situations when the functionality of these products will be sufficient to complete the assigned tasks (by the way, lighttpd knows how to work with PHP). In those situations where without Apache well, there’s simply no way around it, you can usually free up a lot of system resources anyway by redirecting requests to static content (JavaScript, graphics) from Apache to a lightweight HTTP server. The biggest problem Apache is his great appetite for RAM. In this article I will look at methods that help speed up work and reduce the amount of memory it takes up:

  • processing fewer parallel requests;
  • circulation processes;
  • using not too long KeepAlives;
  • reducing timeout;
  • reducing logging intensity;
  • disabling host name resolution;
  • disabling use .htaccess.

    • Loading fewer modules

    The first step is to get rid of unnecessary modules from loading. Review the config files and determine which modules you are loading. Do you need all the downloadable modules? Find something that is not used and turn it off, this will save you some memory.

    Process fewer concurrent requests

    The more processes Apache allowed to run simultaneously, the more simultaneous requests it can handle. By increasing this number, you thereby increase the amount of memory allocated for Apache. Using top, you can see that each process Apache It takes up very little memory because shared libraries are used. IN Debian 5 With Apache 2 The default configuration is this:

    StartServers 5 MinSpareServers 5 MaxSpareServers 10 MaxClients 20 MaxRequestsPerChild 0

    Directive StartServers determines the number of server processes that are launched initially, immediately after its start. Directives MinSpareServers And MaxSpareServers determine the minimum and maximum number of child “spare” processes Apache. Such processes wait for incoming requests and are not unloaded, which makes it possible to speed up the server's response to new requests. Directive MaxClients defines the maximum number of parallel requests simultaneously processed by the server. When the number of concurrent connections exceeds this number, new connections will be queued for processing. In fact, the directive MaxClients and determines the maximum allowed number of child processes Apache,launched simultaneously. Directive MaxRequestsPerChild defines the number of requests that the child process must process Apache before ending its existence. If the value of this directive is set to zero, then the process will not "expire".

    For my home server, with the corresponding needs, I corrected the configuration to the following:

    StartServers 1 MinSpareServers 1 MaxSpareServers 1 MaxClients 5 MaxRequestsPerChild 300

    Of course, the above configuration is completely unsuitable for use on highly loaded servers, but for home, in my opinion, it’s just right.

    Process circulation

    As you can see, I changed the value of the directive MaxRequestsPerChild. By limiting the lifetime of child processes in this way by the number of requests processed, you can avoid accidental memory leaks caused by poorly written scripts.

    Using KeepAlives that are not too long

    KeepAlive is a method of support permanent connection between client and server. HTTP was originally designed to be connection-agnostic. That is, when a web page is sent to a client, all its parts (images, frames, JavaScript) are transmitted using various, separately established connections. With the advent KeepAlive, browsers now have the ability to request a persistent connection and, once established, download data using a single established connection. This method gives a significant increase in productivity. However Apache By default, it uses a too long timeout before closing the connection, equal to 15 seconds. This means that after all the content has been served to the client who requested KeepAlive, the child process will wait for another 15 seconds for incoming requests. It's a bit much, though. It is better to reduce this timeout to 2-3 seconds.

    KeepAliveTimeout 2

    Decrease timeout

    Alternatively, you can reduce the value of the directive TimeOut, which specifies how long it takes to wait for individual requests to complete. By default its value is 300 , perhaps in your case it will make sense to reduce/increase this value. I personally left it as is for now.

    Reducing logging intensity

    On the way to increasing server performance, you can try reducing the intensity of logging. Modules such as mod_rewrite, can write debugging information to the log, and if you don’t need it, turn off its output.

    Disabling Hostname Resolution

    In my opinion, there is no need to reverse resolve IP addresses to hostnames. If you really need them so much when analyzing logs, then you can determine them at the analysis stage, and not while the server is running. The directive is responsible for resolving hostnames HostnameLookups, which is actually installed by default in Off, however check this if you really think you need to disable the conversion.

    HostnameLookups Off

    Disabling use of .htaccess

    File processing .htaccess running Apache every time you request data. Not only that Apache must download this file, so a lot of time and resources are spent on processing it. Take a look at your web server and reconsider the need for files .htaccess. If you need different settings for different directories, maybe it would be realistic to put them in the main server configuration file? And disable processing .htaccess possible by directive in the server configuration.

    Apache is the most popular Web server. Adjusting some parameters (tuning) can give a significant increase in the speed of its operation.

    Configuration

    Apache is configured in the configuration file. It can be found:

    Debian
    /etc/apache2/apache2.conf
    Freebsd
    /usr/local/etc/apache22/httpd.conf

    Modules

    Disable modules that you don't need. This will save a lot of resources on request processing. Apache modules are usually delivered as plugins (DSO), so enabling and disabling them is done simply through a configuration file.

    Typically you don't need anything other than these modules:

    Mod_alias mod_authz_host mod_deflate mod_dir mod_expires mod_headers mod_mime mod_rewrite mod_log_config mod_autoindex mod_negotiation mod_setenvif

    MPM

    MPM allows you to choose a method for processing parallel requests. The best option is Worker— in-line MPM. In it, each request is served in a separate thread of one of the child processes. Threads are easier objects for the OS than processes. Therefore, in this case the performance is improved.

    To enable Worker MPM, you need to open the file nano /etc/sysconfig/httpd

    and remove the comment from the line HTTPD=/usr/sbin/httpd.worker

    Restart Apache /etc/init.d/apache2 restart

    AllowOverride and .htaccess

    The AllowOverride directive enables the use of the .htaccess file. In this case, with each request, Apache will look for this file in the requested directories. Move all configuration to virtual host files (/etc/apache2/sites-enabled/ folder for Debian) and disable htaccess: AllowOverride None

    MaxClients


    The MaxClients directive sets the maximum number of parallel requests that the server will process. This setting needs to be adapted over time, work within the range of 128...4096: MaxClients 256

    If the server is already serving MaxClients of requests, new requests will be queued, the size of which is set using the ListenBacklog directive.

    MinSpareServers, MaxSpareServers, and StartServers

    These directives allow you to have created processes in memory in advance, so that you do not have to do this while receiving a request. They are installed only for prefork mpm.

    StartServers 3

    # When starting Apache will create 3 processes

    MinSpareServers 3

    # Apache will not kill free processes if there are less than three of them left

    MaxSpareServers 5

    # Maximum 5 free processes, the rest will be destroyed

    MaxRequestsPerChild

    The MaxRequestsPerChild directive sets how many requests one child process/thread can process before it is terminated. By default, the value of this directive is set to 0, which means that once a process/thread is created, it will never be terminated. This option can help you get rid of memory leak problems, so it's better to set it:

    MaxRequestsPerChild 4096

    # After 4096 processed requests the process will be restarted

    KeepAlive

    KeepAlive requests allow you to establish persistent connections between a client and server. This saves resources by not having to re-establish connections. Be sure to enable this option.

    KeepAlive On KeepAliveTimeout 30

    # Enable KeepAlive and set the timeout before closing the connection to 30 seconds

    There are times when a user sends only one request. For example, a download server. Then KeepAlive can be useless and even harmful, because... When KeepAlive is enabled, the server does not close the connection immediately, but waits for some time (KeepAliveTimeout).

    Compression


    All modern browsers support compression. Enabling gzip will significantly reduce the size of the traffic. This should always be done.

    AddOutputFilterByType DEFLATE text/plain AddOutputFilterByType DEFLATE text/html AddOutputFilterByType DEFLATE text/xml AddOutputFilterByType DEFLATE text/css AddOutputFilterByType DEFLATE application/xml AddOutputFilterByType DEFLATE application/xhtml+xml AddOutputFilterByType DEFLATE application/rss+xml AddOutputFilter ByType DEFLATE application/javascript AddOutputFilterByType DEFLATE application/x- javascript

    Check that the compression is working using the Online Gzip checker.

    DNS


    Turn off unnecessary DNS queries in Apache: HostnameLookups Off

    # So Apache will log the client's IP address instead of its host.

    Always use the IP address in the Allow From and Deny From directives, not domain names. Allow From 1.1.1.1 Deny From 2.2.2.2

    The most important thing

    The biggest impact on visitors will be the inclusion gzip compression. This often saves about 70% of traffic.

    Today I'm going to talk about how to make Apache a little faster. Someone will ask “why?.. there are faster solutions!”….
    I will answer such comrades that yes, they are, that they are faster, for example, on one tin I use the Apache+Nginx combination (I even wrote about it), you can use Nginx with the FastCGI module.. And I will write about this, not in this article, but I'll write...

    But now we will talk about how to make Apache a little faster, more adequate and safer. A picture, the tag “more” and the article went...

    Modules in Apache

    First, the most basic thing, something like “thank you” - Apache needs to be launched with the necessary modules to reduce memory consumption.

    To disable them, you can use the a2dismod commands<имя_модуля>and then restart the server configuration. If you disable something wrong, you can enable the module with the a2enmod command<имя_модуля>. Again, be careful what you disable, otherwise some functions of your projects may stop working.

    By the way, as a rule, you don’t need anything else besides these listed modules:

    Mod_alias mod_authz_host mod_deflate mod_dir mod_expires mod_headers mod_mime mod_rewrite mod_log_config mod_autoindex mod_negotiation mod_setenvif

    Suitable MPM

    In Apache, each request is processed in its own process or thread. When compiled, apache allows you to choose one of several MPMs (Multi-processing modules), which are responsible for listening on ports, accepting requests and distributing these requests to child processes or threads in which these requests will be processed.

    If security is important, choose peruser MPM. If productivity is important, then choose prework or worker.

    • Worker - threaded MPM, i.e. in it, each request is served in a separate thread of one of the child processes. Threads are easier objects for the OS than processes; they use memory more efficiently and context switches are faster for them. However, because each thread has access to the entire memory of the process, worker mpm is more prone to crashes: the failure of one thread can cause the entire process in which that thread was located to crash (which is why worker mpm starts several child processes with multiple threads in each ).
    • Perfork - mpm uses multiple child processes, each child process handles one connection. Because the process is a heavier structure, it uses slightly more resources, but it is less prone to failure - the processing of each individual request does not depend on other processes.

    For me, Worker is the best option.

    To find out which MPM you are currently running, there are two ways, the first is to get a list of modules using apachectrl (for CentOS):

    Apachectl -t -D DUMP_MODULES

    This is an example for Debian systems:

    Apache2ctl -t -D DUMP_MODULES

    The second way to view detailed information about the Apache version. On CentOS:

    To change MPM on some OSes, you will need to recompile apache, or install the appropriate apache package (apache2-mpm-event, apache2-mpm-prefork, apache2-mpm-itk, apache2-mpm-worker).

    On CentOS systems, it will be enough to simply uncomment the line in the /etc/sysconfig/httpd file

    HTTPD=/usr/sbin/httpd.worker

    and restart apache...

    DNS queries

    HostnameLookups is a directive that enables reverse DNS queries, as a result, dns hosts will be included in the logs instead of IP addresses. This directive will slow down the request until there is a response from the DNS server.

    Therefore, this directive must be disabled in the config file: HostnameLookups Off

    If you really need DNS addresses, use logresolve.

    Also make sure that the Allow from and Deny from directives used IP addresses, since apache will make two requests to make sure that the client is who it says it is.

    Content Negotiation

    If you don't require Apache
    automatically recognizes the language of each visitor and displays pages in the appropriate language, then disable this module: a2dismod negotiation

    FollowSymLinks and SymLinksIfOwnerMatch

    If the FollowSymLinks option is enabled for a directory, the server will follow the symbolic links of that directory. If this option is disabled, Apache will make a lot of unnecessary system requests. Keep it on.

    If the SymLinksIfOwnerMatch option is enabled for a directory, then the server will follow symbolic links only if the owner of this directory matches the file/directory to which this link refers. This means that SymLinksIfOwnerMatch is making more requests, so disable it.

    AllowOverride

    If the AllowOverride directive is not set to 'None', Apache will look for a .htaccess file in every directory it visits. Here's an example:

    DocumentRoot /var/www/html AllowOverride all

    If the /index.php file is requested, Apache will try to open the /.htaccess, /var/.htaccess, /var/www/.htaccess, and /var/www/html/.htaccess files, which increases the request time. Therefore, if you need this file for only one directory, then include this directive only for it:

    DocumentRoot /var/www/html AllowOverride None AllowOverride all

    MaxClients

    This directive sets the maximum number of requests that Apache will serve. There shouldn't be many MaxClients. The value is set to be large to process many requests simultaneously, and smaller to reduce memory consumption!

    MinSpareServers, MaxSpareServers, and StartServers

    The MaxSpareServers and MinSpareServers directives set how many processes/threads should wait ready to accept a request (maximum and minimum). If the MinSpareServers value is too small and many requests come unexpectedly, apache will be forced to create many new processes/threads, which will create additional load in this stressful situation. On the other hand, if MaxSpareServers is too large, apache will heavily load the system with these processes, even if the number of clients is minimal.

    Set MinSpareServers and MaxSpareServers such that apache does not create more than 4 processes/threads per second. If it creates more than 4, a message about this will be placed in the ErrorLog, indicating that MinSpareServers is too small.

    MaxRequestsPerChild

    This directive sets the number of requests that one child process can handle before it is terminated. By default it is set to 0, which can lead to a memory leak, so set it there, for example, 4096...

    According to Netcraft, Apache is the most popular web server on the Internet, serving many servers and sites. There is often a need to increase the performance of a web server. Probably the best way to do this is to switch to the frontend+backend scheme, but this may require quite serious changes in the application (for example, you will probably lose all sorts of file upload progress indicators).

    Another way is to simply increase the server's performance - install a faster processor and more memory.

    However, both the first and second require a lot of time and resources, so for the first time you can try to speed up Apache by optimizing its configuration. There are optimizations that can only be applied when rebuilding Apache, while others can be applied without recompiling the server.

    Load only necessary modules

    Apache is a modular program, most of the functions of which are implemented in modules. Moreover, these modules can be either compiled or assembled in the form of DSO - dynamic libraries. Most modern distributions ship Apache with a set of DSOs, so that unnecessary modules can be easily disabled without recompilation.

    Run apache only with the necessary modules to reduce memory consumption. If you decide to compile apache yourself, then either be selective about the list of modules you include, or compile them as DSOs using apxs in apache1 and apxs2 in apache2. In order to disable unnecessary DSO modules, just comment out the extra LoadModule lines in httpd.conf. Apache with statically compiled modules will consume slightly less memory, but you will have to recompile it each time to change the list of modules.

    Choose the appropriate MPM

    In Apache, each request is processed in its own process or thread. When compiled, apache allows you to choose one of several MPMs (Multi-processing modules), which are responsible for listening on ports, accepting requests and distributing these requests to child processes or threads in which these requests will be processed.

    The choice of MPM depends on several factors, such as whether the OS has threading support, the amount of free memory, and stability and security requirements.

    If security is very important, you should choose peruser MPM, sacrificing performance.

    If performance is important, then the choice is limited to two mpm: prefork and worker.

    Worker - threaded MPM, i.e. in it, each request is served in a separate thread of one of the child processes. Threads are easier objects for the OS than processes; they use memory more efficiently and context switches are faster for them. However, because each thread has access to the entire memory of the process, worker mpm is more prone to crashes: the failure of one thread can cause the entire process in which that thread was located to crash (which is why worker mpm starts multiple child processes with multiple threads in each ).

    Perfork - mpm uses multiple child processes, each child process handles one connection. Because the process is a heavier structure, it uses slightly more resources, but it is less prone to failure - the processing of each individual request does not depend on other processes.

    Unfortunately, changing mpm requires recompiling Apache. This is where source-based distributions show their advantages: you can easily recompile Apache and all its dependent packages without turning the system into a dump. Binary distributions deal with this situation in different ways. For example, in RHEL, apache rpm contains two versions of apache - with worker and prefork mpm (prefork is used by default). However, worker mpm does not support php. So if you want php and worker mpm you will have to compile it yourself or look for third-party repositories.

    DNS queries

    The HostnameLookups directive enables reverse DNS queries, so that client DNS names will appear in the logs instead of IP addresses. Of course, this significantly slows down the processing of the request, because... the request is not processed until a response is received from the DNS server. Therefore, make sure that this directive is always turned off (HostnameLookups Off), and if you still need DNS addresses, you can find them out later by running the log in the logresolve utility (which comes with Apache).

    In addition, make sure that the Allow from and Deny From directives use IP addresses and not domain names. Otherwise, apache will make two DNS requests (reverse and forward) to make sure that the client is who he claims to be.

    AllowOverride

    If the AllowOverride directive is not set to "None", apache will try to open .htaccess files in every directory it visits and in all directories above it. For example:

    DocumentRoot /var/www/html AllowOverride all
    If /index.html is requested, apache will try to open (and interpret) the /.htaccess, /var/.htaccess, /var/www/.htaccess, and /var/www/html/.htaccess files. This increases the request processing time. So if you only need .htaccess for one directory, allow it only for that directory:

    DocumentRoot /var/www/html AllowOverride None AllowOverride all

    FollowSymLinks and SymLinksIfOwnerMatch

    If the FollowSymLinks option is enabled for a directory, the server will follow the symbolic links in that directory. If the SymLinksIfOwnerMatch option is enabled for a directory, apache will follow symbolic links only if the owner of the file or directory pointed to by the link matches the owner of the specified directory. So when the SymLinksIfOwnerMatch option is enabled, apache makes more system requests.

    Additionally, additional system requests are required when FollowSymlinks IS NOT INSTALLED. That. The most optimal situation for performance is when the FollowSymlinks option is enabled.

    Content Negotiation

    Try to avoid content negotiaion.

    MaxClients

    The MaxClients directive sets the maximum number of concurrent requests that the server will support. Apache will not spawn more processes/threads than MaxClients. The MaxClient value should not be too small (otherwise many clients will remain unserved), but you should not set the number too large - it is better not to serve some clients than to exhaust all resources, go into swap and die under load. A good value might be MaxClients = amount of memory allocated for the web server / maximum size of the spawned process or thread. For static files, apache uses about 2-3 MB per process, for dynamic files (php, cgi) - depends on the script, but usually about 16-32 MB.

    You can estimate the approximate size by looking at the rss column in the output of `ps -ylC httpd --sort:rss`

    If the server is already serving MaxClients of requests, new requests will be queued, the size of which is set using the ListenBacklog directive.

    MinSpareServers, MaxSpareServers, and StartServers

    Because Creating a thread, and especially a process, is an expensive operation; apache creates them in advance. The MaxSpareServers and MinSpareServers directives set how many processes/threads should wait ready to accept a request (maximum and minimum). If the MinSpareServers value is too small and many requests come unexpectedly, apache will be forced to create many new processes/threads, which will create additional load in this stressful situation. On the other hand, if MaxSpareServers is too large, apache will heavily load the system with these processes, even if the number of clients is minimal.

    Try to set MinSpareServers and MaxSpareServers such that apache does not create more than 4 processes/threads per second. If it creates more than 4, a message about this will be placed in the ErrorLog. This is a signal that MinSpareServers is too small.

    MaxRequestsPerChild

    The MaxRequestsPerChild directive sets how many requests one child process/thread can process before it is terminated. By default, the value of this directive is set to 0, which means that once a process/thread is created, it will never be terminated (well, except when the server stops or this process/thread crashes). I recommend setting MaxRequestsPerChild equal to some fairly large number (several thousand). This will not create unnecessary load due to the fact that apache will be forced to create new child processes, at the same time it will help get rid of problems with memory leaks in child processes (which is very possible, for example, if you are using an unstable version of php).

    KeepAlive and KeepAliveTimeout

    KeepAlive allows you to make multiple requests on a single TCP connection. This is especially useful for html pages with a lot of images. If KeepAlive is set to Off, then a separate connection will be created for the page itself and for each image (which will need to be processed by the master process), which is bad for both the server and the client. So for such cases, it is recommended to set KeepAlive to On. For other applications (for example, for a download server), KeepAlive may be useless and even harmful, because When KeepAlive is enabled, the server does not close the connection immediately, but waits for KeepAliveTimeout seconds for a new request. To prevent processes from hanging around needlessly waiting for too long, set KeepAliveTimeout small enough, about 5-10 seconds is usually sufficient.

    Compression

    HTTP compression was defined in the HTTP/1.1 standard, and now all modern client programs and almost all servers support it. The server can return the response in gzip or deflate, and the client program decompresses the data unnoticed by the user. This reduces the amount of traffic transferred (up to 75%), but of course increases CPU usage.
    However, if your server is visited by many clients on slow connections, compression can reduce the load on your server because the server can deliver the compressed response faster and free up resources occupied by the child process. This effect can be especially noticeable if you have a fast processor but little memory.

    Caching is configured by mod_deflate module directives. Keep in mind that you should not set the gzip compression level to more than 4-5 - this will require significantly more CPU time, and the effect will be quite small. Well, of course, there is no need to try to compress images into jpg, gif and png, music, video files and all other binary files that are already well compressed.

    Client-side caching

    Don't forget to set Expires headers on static files (see mod_expires module). If the file does not change, you should always try to cache it on the client. Then the client’s pages will load faster, and the server will be free of unnecessary requests.

    Original: "Configuring Apache for Maximum Performance". Vishnu Ram V: http://linuxgazette.net/123/vishnu.html

    Introduction

    According to Netcraft, Apache is the most popular web server on the Internet, it
    serves many servers and sites. There is often a need
    increase web server performance. Probably the best way is
    do - go to the frontend+backend scheme, but this may require
    quite serious changes in the application (for example, you probably have
    all sorts of file upload progress indicators will fall off).

    Another way is to simply increase server performance - put
    faster processor and more memory.

    However, both the first and second require a lot of time and resources, so
    at first you can try to speed up apache by optimizing it
    configurations. There are optimizations that can only be applied
    when rebuilding Apache, others can be used without recompilation
    server.

    Load only necessary modules

    Apache is a modular program, most of the functions of which are implemented
    in modules. Moreover, these modules can be either compiled or
    collected in the form of DSO - dynamic libraries. Most modern
    distributions ship apache with a set of DSOs, so no modules needed
    can be easily disabled without recompilation.

    Run apache with only necessary modules to reduce
    memory consumption. If you decide to compile apache
    yourself, then either carefully select a list of modules,
    which you include, or compile them as DSO using apxs in
    apache1 and apxs2 to apache2. To disable unnecessary
    DSO modules, just comment out the extra lines of LoadModule in
    httpd.conf. Apache with statically compiled modules will
    consume a little less memory, but you will have to use it every time
    recompile to change the list of modules.

    Choose the appropriate MPM

    In Apache, each request is processed in its own process or thread. At
    Apache compilation allows you to choose one of several MPMs
    (Multi-processing module), which are responsible for listening to ports,
    receiving requests and distributing these requests to child processes or threads,
    in which these requests will be processed.

    The choice of MPM depends on several factors, such as the availability of support
    threads in the OS, the amount of free memory, as well as requirements
    stability and security.

    If security is very important, you should choose peruser MPM, sacrificing
    productivity.

    If performance is important, then the choice is limited to two
    mpm: prefork and worker.

    Worker - threaded MPM, i.e. in it each request is serviced in
    a separate thread of one of the child processes. Streams are lighter
    for the OS objects than processes, they use memory more efficiently and
    Context switches are faster for them. However, because
    that each thread has access to all process memory, worker mpm is more
    prone to failure: failure of one thread can cause the whole thing to fail
    the process this thread was in (that's why worker mpm
    starts multiple child processes with multiple threads in
    each).

    Perfork - mpm uses multiple child processes, each child
    the process handles one connection. Due to the fact that the process is more
    heavy structure, it uses a little more resources, but it is less
    prone to failure - the processing of each individual request does not depend on
    other processes.

    Unfortunately, changing mpm requires recompiling Apache. Here
    source-based distributions show their advantages: you can easily
    recompile apache and all its dependent packages without changing
    system to the dump. Binary distributions get out of this situation
    differently. For example, in RHEL there are two versions in apache rpm
    apache - with worker and prefork mpm (prefork is used by default).
    However, worker mpm does not support php. So if you want php and
    worker mpm you will have to compile it yourself or search for
    third party repositories.

    DNS lookup

    The HostnameLookups directive includes reverse DNS queries, so the logs
    clients' DNS hosts will be included instead of IP addresses. Of course that
    this significantly slows down the processing of the request, because no request
    is processed until it receives a response from the DNS server. That's why
    Make sure this directive is always disabled (HostnameLookups
    Off), and if you still need DNS addresses, you can find them later,
    by running the log in the logresolve utility (which comes with Apache).

    In addition, make sure that in the Allow from and Deny From directives
    IP addresses were used rather than domain names. Otherwise apache will do
    two DNS queries (reverse and forward) to make sure that the client is the right one
    who he pretends to be.

    AllowOverride

    If the AllowOverride directive is not set to 'None', apache will
    try to open .htaccess files in each directory it
    visits in all directories above it. For example:


    DocumentRoot /var/www/html

    AllowOverride all

    If /index.html is requested, apache will try to open (and
    interpret) files /.htaccess, /var/.htaccess, /var/www/.htaccess,
    and /var/www/html/.htaccess. This increases the request processing time. So
    what if you need .htaccess for only one directory, allow
    it's just for her:

    DocumentRoot /var/www/html

    AllowOverride None


    AllowOverride all

    FollowSymLinks and SymLinksIfOwnerMatch

    If the FollowSymLinks option is enabled for a directory, the server will
    follow the symbolic links in this directory. If for
    directory, the SymLinksIfOwnerMatch option is enabled, apache will follow
    via symbolic links only if the owner of the file or directory is
    which this link indicates matches the owner of the specified
    directories. So with the SymLinksIfOwnerMatch option enabled apache
    makes more system requests.

    Additionally, additional system requests are required when
    FollowSymlinks IS NOT INSTALLED. That. the most optimal situation for
    performance - when the FollowSymlinks option is enabled.

    Content Negotiation

    Try to avoid content negotiaion.

    MaxClients

    The MaxClients directive sets the maximum number of parallel
    requests that the server will support. Apache won't spawn
    more processes/threads than MaxClients. MaxClient value is not enough
    be too small (otherwise many customers will remain unserved),
    but you shouldn’t set too large a quantity - it’s better not
    serve some clients than exhaust all resources, get into swap and
    die under load. A good value might be MaxClients =
    amount of memory allocated for the web server / maximum size
    child process or thread. For apache static files
    uses about 2-3 MB per process, for dynamics (php, cgi) - depends
    from the script, but usually about 16-32 MB.

    You can estimate the approximate size by looking at the rss column in the output
    `ps -ylC httpd —sort:rss`

    If the server is already serving MaxClients requests, new requests will fall
    to a queue whose size is set using a directive
    ListenBacklog.

    MinSpareServers, MaxSpareServers, and StartServers

    Because creating a thread, and especially a process, is an expensive operation, apache
    creates them in advance. MaxSpareServers and MinSpareServers directives
    set how many processes/threads should wait ready
    accept the request (maximum and minimum). If the value of MinSpareServers
    too small and unexpectedly many requests arrive, apache is forced
    will create many new processes/threads, which will create
    additional burden in this stressful situation. On the other side,
    if MaxSpareServers is too large, apache will be heavily loaded
    system by these processes, even if the number of clients is minimal.

    Try to set MinSpareServers and MaxSpareServers such that
    apache did not create more than 4 processes/threads per second. If he creates
    more than 4, a message about this will be placed in the ErrorLog. This is a signal that
    that MinSpareServers is too small.

    MaxRequestsPerChild

    The MaxRequestsPerChild directive sets how many requests can be
    process one child process/thread before it is terminated. By
    By default, the value of this directive is set to 0, which means that
    once created, a process/thread will never be terminated (well, except
    cases where the server stops or the process/thread crashes). I recommend
    set MaxRequestsPerChild to something large enough
    number (several thousand). This will not create unnecessary stress associated with
    the fact that apache will be forced to create new child processes, while
    At the same time, this will help get rid of problems with memory leaks in child
    processes (which is very possible, for example if you are using an unstable
    php version).

    KeepAlive and KeepAliveTimeout

    KeepAlive allows you to make multiple requests on a single TCP connection.
    This is especially useful for html pages with a lot of
    images. If KeepAlive is set to Off, then for the page itself and
    a separate connection will be created for each image (which
    will need to be processed by the master process), which is bad for both the server and
    client. So for such cases it is recommended to install
    KeepAlive on. For other applications (for example, for a download server)
    KeepAlive can be useless and even harmful, because... when turned on
    KeepAlive server does not close the connection immediately, but waits for KeepAliveTimeout
    seconds of new request. To prevent processes from hanging for too long
    in useless waiting, set KeepAliveTimeout enough
    small, about 5-10 seconds is usually enough.

    Compression

    HTTP compression was defined in the HTTP/1.1 standard and is now
    modern client programs and almost all of its servers
    support. The server can return the response in gzip or deflate, and
    the client program decompresses the data unnoticed by the user. This
    reduces the amount of transmitted traffic (up to 75%), but of course
    increases CPU usage.
    However, if your server is visited by many clients with slow connections,
    compression can reduce the load on your server due to the fact that the server
    will be able to transmit a compressed response faster and free up resources occupied
    child process. This effect can be especially noticeable if
    You have a fast processor, but little memory.

    Caching is configured by mod_deflate module directives. Keep in
    Please note that you should not set the gzip compression level to more than 4-5 - this
    will require significantly more CPU time, but the effect will be sufficient
    small. Well, of course, there is no need to try to compress images into jpg, gif
    and png, music, video files and all other binary files that are already
    so well compressed.

    Client-side caching

    Don't forget to set Expires headers on static files (see.
    mod_expires module). If the file does not change, then it should always be
    try caching on the client. Then the client will have faster
    pages will load, and the server will be freed from unnecessary requests.