Summary of Apache server optimization methods

Time:2022-1-9

Apache server optimization
This personal summary, together with the experience of some predecessors, the following optimization is generally quite useful in more than a year of my use, and optimization and non optimization are obvious
Let’s get to the point
Extendedstatus on is set to off because additional time flags are written.
MPM: worker – a new design of multi process and multi thread, which is suitable for high traffic services, but it is unstable. The support for objects such as PHP is very poor. It is not recommended. Prefork – stable, non threaded and occupies more memory.
Hostnamelookups off is turned off, so there is less DNS query. Log processing can be done by other software.
Note the modules not in the loadmoule instruction.
Generally speaking, unnecessary modules include:

Copy code

The code is as follows:

LoadModule auth_basic_module modules/mod_auth_basic.so
#LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule authn_file_module modules/mod_authn_file.so
#LoadModule authn_alias_module modules/mod_authn_alias.so
LoadModule authn_anon_module modules/mod_authn_anon.so
#LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
#LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule ldap_module modules/mod_ldap.so
#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule expires_module modules/mod_expires.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
#LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule info_module modules/mod_info.so
#LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so
#For example, you need to debug PHP under ~ / username /
#LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
#LoadModule proxy_module modules/mod_proxy.so
#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
#LoadModule proxy_http_module modules/mod_proxy_http.so
#LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule cache_module modules/mod_cache.so
LoadModule suexec_module modules/mod_suexec.so
LoadModule disk_cache_module modules/mod_disk_cache.so
LoadModule file_cache_module modules/mod_file_cache.so
LoadModule mem_cache_module modules/mod_mem_cache.so
#CGI programs, such as awstats, need to be used
LoadModule cgi_module modules/mod_cgi.so
LoadModule version_module modules/mod_version.so

The above is just my summary. I can’t use it. If you have great Xia’s advice, there are those that can’t be
Optimization of folder directory options indexes includes followsymlinks execcgi
AllowOverride None
Copying code execcgi allows CGI scripts to be executed. If this option is not set, the CGI script cannot be executed. If it’s not necessary, you’d better not open it. There may be security problems
Includes allows server-side inclusion. The server side allows an HTML file to contain other files. This is usually not used. He needs to check each HTML, so don’t open it
Includesnoexec allows server-side inclusion, but the #exec and #include directives in the CGI script are invalid. Not often. Turn it off
Indexes if directoryindex (such as index. HTML) does not exist in the requested directory, the directory content list is displayed in a certain way This is used too much. Open it
Followsymlinks is best to turn off symbolic connections, and Apache must perform additional system calls to verify symbolic connections. Each component of a file name requires an additional call When this option is turned on, Apache checks whether each request contains a reference to a symbolic connection, which makes an LSTAT () system call for each path contained in the request. When requesting “/ index. HTML”, Apache will make LSTAT () calls to “/ www”, “WWW / HtDocs”, “WWW / HtDocs / index. HTML”. Moreover, the execution result of LSTAT () is not cached, so every request must be executed once. Unless you are ready to use symbolic connections, use options – followsymlinks to turn it off. Boot with a dash to disable this instruction.
The allowoverride option is enabled. For example, htaccess is included for permission control. Apache must first find out whether the file exists in the current directory. If so, it will parse the file and apply the settings in the file in the current directory. Worse, Apache should not only check the current directory, but also check whether all the upper directories of the current directory include htaccess files to finalize the settings based on all these files. For example, if you request “/ index. HTML”, Apache will try to open “/. Htaccess”, “WWW /. Htaccess”, “WWW / HtDocs /. Htaccess”. The solution is to turn off allowoverride none. Of course, the staticization can only be written in the VH configuration. After disabling, the setting file is parsed only once when the server is started.
Directoryindex *, do not use wildcards, but use a complete list, such as directoryindex cgi index. pl index. shtml index. html。 Of course, at least it’s better to specify the list of setting files clearly and put them at the top.
Persistent link keepalive is enabled so that the child process will remain busy waiting for new requests on the open connection. If keepalivetimeout is turned on, the default value is set to 5 seconds. It is better not to exceed 60 seconds.
Disable logging
Writing log information is a time-consuming task. Although Apache keeps the log file open to save the time of opening the file, it still takes a lot of time. If there is no need to store log information, you can turn this option off to save more processor time. You can turn it off by commenting out the log line in the settings file. Of course, it is really necessary to add another single disk to manage log storage

Static content
If your web server uses a lot of static content or you use two web servers to process dynamic and static content respectively, your main goal now is to shorten the response time of the server sending the requested content. The simplest way is to use mod_ Cache module. You can use mod_ disk_ Cache and Mod_ mem_ Cache to provide disk based cache and memory based cache respectively.
Optimize dynamic content
Dynamic content may be the most time consuming part of all web servers, especially when using CGI. A simple program may increase the response time by several seconds.
A great advantage of using script based schemes is that they load the interpreter in Apache, which reduces the time to load the interpreter during execution. Some schemes also cache the parsed scripts so that they can be executed directly without parsing again when encountering the same request next time. Of course, you can also apply service separation, such as using PHP’s fastcgi to run behind and to the web server in front
Tuning and optimizing specific systems is complex and time-consuming, and you need to adjust specific scripts to take advantage of the results of optimization.
However, the optimization effect of dynamic content is very obvious, just changing the execution mode of Perl script from CGI to mod_ Perl can reduce the execution time by up to 70%. If we go further, we can also use the persistent connection to the database or cache information between multiple requests, which is very useful for e-commerce websites. It also reduces the overhead of repeatedly loading information between different requests.
Generally speaking, the dynamic content script and CGI of the website are the most important aspects affecting the performance of the website (so good programmers are very important). If you manage a typical Apache server, you will find that the time taken by Apache to respond to an incoming connection and finally send the content to the customer is recorded in milliseconds, and the time waiting for the required data resources often reaches a few seconds.
Other optimization

You can change the priority of Apache (httpd) to – 15, which is close to the upper limit (the priority ranges from – 20 to 19). You can use these two utilities from the command line:
*To stop an existing service and restart it with priority – 15, issue the command nice – 15 httpd
*To avoid stopping the service, issue the command renice – 15 – P 1996
The difference here is that renice requires a process ID (or PID). As mentioned above, you can use top to find out the PID. Nice and renice are very flexible programs
Configure Mod_ Expires module (this is a very useful optimization)
mod_ Expires can reduce repeated requests by about 20-30%, so that repeated users cache the results of the specified page requests locally and do not send requests to the server at all. It will be updated only when the user sends no cache, but pay attention not to do this for files that are updated quickly
mod_ Installation configuration of expires:

Copy code

The code is as follows:

ExpiresActive On
ExpiresDefault A60
ExpiresByType image/x-icon A2592000
ExpiresByType application/x-javascript A2592000
ExpiresByType text/css A2592000
ExpiresByType image/gif A604800
ExpiresByType image/png A604800
ExpiresByType image/jpeg A604800
ExpiresByType text/plain A604800
ExpiresByType application/x-shockwave-flash A604800
ExpiresByType video/x-flv A604800
ExpiresByType application/pdf A604800
ExpiresByType text/html A60

In fact, there is another compression, so I won’t write it. See my other article >
http://www.php-oa.com/2008/08/20/gzipsquid.html The compression ratio can be as high as 70%, which is very useful
In addition, for high-speed Web services, you can add the noatime parameter to the / etc / fstab file
The lnux file system keeps records when files are accessed, created, and updated. By default, the system will update the last time read attribute when reading and writing files. Because write operations are resource consuming operations, reducing unnecessary I / O can improve disk performance as a whole.
When attaching the file system, adding the noatime parameter can prohibit the modification of inode node access time. If the file update time is not very important for a specific application, such as a web service, you can add the noatime parameter to the / etc / fstab file
For example:
/dev/sdb1 /mountlocation ext3 defaults,noatime 1 2
It is recommended to use a separate zone as the hanging point and turn on the noatime switch
You can also turn off services (as everyone seems to understand), apmd, autofs, cups, hpoj ISDN, PCMCIA, rhnsd, sendmail, XFS (font service)
Open the time-wait socket in reuse TCP / IP
sysctl -w net.ipv4.tcp_tw_reuse=1
Start the fast loop function of time-wait socket status
sysctl =w net.ipv4.tcp_tw_recycle=1

This personal summary, together with the experience of some predecessors, the following optimization is generally quite useful in more than a year of my use, and optimization and non optimization are obvious
Let’s get to the point

Extendedstatus on is set to off because additional time flags are written.
MPM: worker – a new design of multi process and multi thread, which is suitable for high traffic services, but it is unstable. The support for objects such as PHP is very poor. It is not recommended. Prefork – stable, non threaded and occupies more memory.
Hostnamelookups off is turned off, so there is less DNS query. Log processing can be done by other software.

Note the modules not in the loadmoule instruction.
Generally speaking, unnecessary modules include:
LoadModule auth_basic_module modules/mod_auth_basic.so
#LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule authn_file_module modules/mod_authn_file.so
#LoadModule authn_alias_module modules/mod_authn_alias.so
LoadModule authn_anon_module modules/mod_authn_anon.so
#LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
#LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule ldap_module modules/mod_ldap.so
#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule expires_module modules/mod_expires.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
#LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule info_module modules/mod_info.so
#LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so
#For example, you need to debug PHP under ~ / username /
#LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
#LoadModule proxy_module modules/mod_proxy.so
#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
#LoadModule proxy_http_module modules/mod_proxy_http.so
#LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule cache_module modules/mod_cache.so
LoadModule suexec_module modules/mod_suexec.so
LoadModule disk_cache_module modules/mod_disk_cache.so
LoadModule file_cache_module modules/mod_file_cache.so
LoadModule mem_cache_module modules/mod_mem_cache.so
#CGI programs, such as awstats, need to be used
LoadModule cgi_module modules/mod_cgi.so
LoadModule version_module modules/mod_version.so
The above is just my summary. I can’t use it. If you have great Xia’s advice, there are those that can’t be
Optimization of folder directory options
Options Indexes Includes FollowSymLinks ExecCGI
AllowOverride None
Execcgi allows CGI scripts to be executed. If this option is not set, the CGI script cannot be executed. If it’s not necessary, you’d better not open it. There may be security problems
Includes allows server-side inclusion. The server side allows an HTML file to contain other files. This is usually not used. He needs to check each HTML, so don’t open it
Includesnoexec allows server-side inclusion, but the #exec and #include directives in the CGI script are invalid. Not often. Turn it off
Indexes if directoryindex (such as index. HTML) does not exist in the requested directory, the directory content list is displayed in a certain way This is used too much. Open it
Followsymlinks is best to turn off symbolic connections, and Apache must perform additional system calls to verify symbolic connections. Each component of a file name requires an additional call When this option is turned on, Apache checks whether each request contains a reference to a symbolic connection, which makes an LSTAT () system call for each path contained in the request. When requesting “/ index. HTML”, Apache will make LSTAT () calls to “/ www”, “WWW / HtDocs”, “WWW / HtDocs / index. HTML”. Moreover, the execution result of LSTAT () is not cached, so every request must be executed once. Unless you are ready to use symbolic connections, use options – followsymlinks to turn it off. Boot with a dash to disable this instruction.
The allowoverride option is enabled. For example, htaccess is included for permission control. Apache must first find out whether the file exists in the current directory. If so, it will parse the file and apply the settings in the file in the current directory. Worse, Apache should not only check the current directory, but also check whether all the upper directories of the current directory include htaccess files to finalize the settings based on all these files. For example, if you request “/ index. HTML”, Apache will try to open “/. Htaccess”, “WWW /. Htaccess”, “WWW / HtDocs /. Htaccess”. The solution is to turn off allowoverride none. Of course, the staticization can only be written in the VH configuration. After disabling, the setting file is parsed only once when the server is started.

Directoryindex *, do not use wildcards, but use a complete list, such as directoryindex cgi index. pl index. shtml index. html。 Of course, at least it’s better to specify the list of setting files clearly and put them at the top.

Persistent link keepalive is enabled so that the child process will remain busy waiting for new requests on the open connection. If keepalivetimeout is turned on, the default value is set to 5 seconds. It is better not to exceed 60 seconds.

Disable logging
Writing log information is a time-consuming task. Although Apache keeps the log file open to save the time of opening the file, it still takes a lot of time. If there is no need to store log information, you can turn this option off to save more processor time. You can turn it off by commenting out the log line in the settings file. Of course, it is really necessary to add another single disk to manage log storage

Static content
If your web server uses a lot of static content or you use two web servers to process dynamic and static content respectively, your main goal now is to shorten the response time of the server sending the requested content. The simplest way is to use mod_ Cache module. You can use mod_ disk_ Cache and Mod_ mem_ Cache to provide disk based cache and memory based cache respectively.

Optimize dynamic content
Dynamic content may be the most time consuming part of all web servers, especially when using CGI. A simple program may increase the response time by several seconds.
A great advantage of using script based schemes is that they load the interpreter in Apache, which reduces the time to load the interpreter during execution. Some schemes also cache the parsed scripts so that they can be executed directly without parsing again when encountering the same request next time. Of course, you can also apply service separation, such as using PHP’s fastcgi to run behind and to the web server in front

Tuning and optimizing specific systems is complex and time-consuming, and you need to adjust specific scripts to take advantage of the results of optimization.

However, the optimization effect of dynamic content is very obvious, just changing the execution mode of Perl script from CGI to mod_ Perl can reduce the execution time by up to 70%. If we go further, we can also use the persistent connection to the database or cache information between multiple requests, which is very useful for e-commerce websites. It also reduces the overhead of repeatedly loading information between different requests.

Generally speaking, the dynamic content script and CGI of the website are the most important aspects affecting the performance of the website (so good programmers are very important). If you manage a typical Apache server, you will find that the time taken by Apache to respond to an incoming connection and finally send the content to the customer is recorded in milliseconds, and the time waiting for the required data resources often reaches a few seconds.
Other optimization

Configure Mod_ Expires module (this is a very useful optimization)

mod_ Expires can reduce repeated requests by about 20-30%, so that repeated users cache the results of the specified page requests locally and do not send requests to the server at all. It will be updated only when the user sends no cache, but pay attention not to do this for files that are updated quickly

mod_ Installation configuration of expires:
ExpiresActive On
ExpiresDefault A60
ExpiresByType image/x-icon A2592000
ExpiresByType application/x-javascript A2592000
ExpiresByType text/css A2592000
ExpiresByType image/gif A604800
ExpiresByType image/png A604800
ExpiresByType image/jpeg A604800
ExpiresByType text/plain A604800
ExpiresByType application/x-shockwave-flash A604800
ExpiresByType video/x-flv A604800
ExpiresByType application/pdf A604800
ExpiresByType text/html A60
In fact, there is another compression, which I won’t write. See my other article < < gzip settings in Apache 2 and squid’s handling of it > >
http://www.php-oa.com/2008/08/20/gzipsquid.html The compression ratio can be as high as 70%, which is very useful
In addition, for high-speed Web services, you can add the noatime parameter to the / etc / fstab file
The lnux file system keeps records when files are accessed, created, and updated. By default, the system will update the last time read attribute when reading and writing files. Because write operations are resource consuming operations, reducing unnecessary I / O can improve disk performance as a whole.
When attaching the file system, adding the noatime parameter can prohibit the modification of inode node access time. If the file update time is not very important for a specific application, such as a web service, you can add the noatime parameter to the / etc / fstab file
For example:
/dev/sdb1 /mountlocation ext3 defaults,noatime 1 2
It is recommended to use a separate zone as the hanging point and turn on the noatime switch
You can also turn off services (as everyone seems to understand), apmd, autofs, cups, hpoj ISDN, PCMCIA, rhnsd, sendmail, XFS (font service)
Open the time-wait socket in reuse TCP / IP
sysctl -w net.ipv4.tcp_tw_reuse=1
Start the fast loop function of time-wait socket status
sysctl =w net.ipv4.tcp_tw_recycle=1
You can also learn about the article a long time ago

Recommended Today

The whole tutorial of docker installation and use, installation / complete command / dockerfile image production / docker container arrangement and one click installation of nginx + redis + MySQL / visualizer portal (version 2022)

官网: https://docs.docker.com/ 官网: https://www.docker.com/ docker 镜像市场: https://hub.docker.com/ 一、docker 说明 1.1、docker 核心 1、Docker 是一个开源的应用容器引擎,基于 Go 语言 并遵从 Apache2.0 协议开源,Docker 是一个 CS 架构软件。 2、Docker 是一个虚拟化轻量级linux服务器,可以解决我们在开发环境中运行配置问题 3.、Docker的主要目标是‘build ,ship and run any app,anywhere’,一次封装,到处运行 4、容器是完全使用沙箱机制,相互之间不会有任何接口(类似 iPhone 的 app),更重要的是容器性能开销极低。 1.2、docker 版本问题 .Docker 从 17.03 版本之后分为 CE(Community Edition: 社区版) 和 EE(Enterprise Edition: 企业版),我们用社区版就可以了。 1.3、docker 架构( 3大核心) · 1、Images 镜像 (等于软件) · 2、Registry […]