Apache – geekdecoder

Benchmark Apache

November 20, 2018 The Geek Decoder Leave a comment Apache

How to test apache.

Create 2 files:
testload.php
test.php

Create a php file testload.php that checks the existence of another file named test.php in the same directory of two CentOS 7 servers with the same hardware characteristics and load but with different MPM. One of them will use event and the other one will use prefork.

<!--?php $filename = 'test.php'; if (file_exists($filename)) { echo "The file $filename exists"; } else { echo "The file $filename does not exist"; } ?-->

With ab, we will sent 50 (-c 50) concurrent requests at the same time and repeat the test 1000000 times

# ab -c 50 -n 100000 http://localhost/testload.php

200 simultaneous requests until 2000 requests are completed:

# ab -k -c 100 -n 2000 localhost/testload.php

Another test to localhost
PREFORK

]# ab -c 50 -n 100000 http://localhost/index.html
This is ApacheBench, Version 2.3 <$Revision: 1430300 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/

Benchmarking localhost (be patient)
Completed 10000 requests
Completed 20000 requests
Completed 30000 requests
^C

Server Software:        Apache/2.4.6
Server Hostname:        localhost
Server Port:            80

Document Path:          /index.html
Document Length:        15167 bytes

Concurrency Level:      50
Time taken for tests:   3596.808 seconds
Complete requests:      34570
Failed requests:        0
Write errors:           0
Non-2xx responses:      34571
Total transferred:      537122767 bytes
HTML transferred:       524331497 bytes
Requests per second:    9.61 [#/sec] (mean)
Time per request:       5202.210 [ms] (mean)
Time per request:       104.044 [ms] (mean, across all concurrent requests)
Transfer rate:          145.83 [Kbytes/sec] received

Connection Times (ms)
              min  mean[+/-sd] median   max
Connect:        0    0   0.1      0       3
Processing:   213 5198 241.5   5203   10154
Waiting:      174 4428 227.6   4435    9302
Total:        214 5198 241.5   5203   10154

Percentage of the requests served within a certain time (ms)
  50%   5203
  66%   5264
  75%   5302
  80%   5327
  90%   5391
  95%   5449
  98%   5532
  99%   5617
 100%  10154 (longest request)

View Apache Statistics with Apache mod_status module

December 9, 2017 The Geek Decoder Leave a comment Apache

The Apache mod_status module is something that can be very useful when troubleshooting high CPU or Memory usage with Apache.

Taken it directly from the Apache documentation:

– The number of worker serving requests.
– The number of idle worker.
– The status of each worker, the number of requests that worker has performed and the total number of bytes served by the worker.
– A total number of accesses and byte count served.
– The time the server was started/restarted and the time it has been running for.
– Averages giving the number of requests per second, the number of bytes served per second and the average number of bytes per request.
– The current percentage CPU used by each worker and in total by all workers combined.
– The current hosts and requests being processed.

Setting it up is simple.


# CentOS 6 / CentOS 7
[root@web01 ~]# vim /etc/httpd/conf.d/status.conf


# Ubuntu 12.04
[root@web01 ~]# vim /etc/apache2/conf.d/status.conf
</code>
<code>
# Ubuntu 14.04
[root@web01 ~]# vim /etc/apache2/conf-available/status.conf

Using the correct location for your distro use the following configuration to enable mod_status. Update the AuthUserFile line accordingly for your distro:


<IfModule mod_status.c>
#
# ExtendedStatus controls whether Apache will generate "full" status
# information (ExtendedStatus On) or just basic information (ExtendedStatus
# Off) when the "server-status" handler is called. The default is Off.
#
ExtendedStatus On

# Allow server status reports generated by mod_status,
# with the URL of http://servername/server-status
# Uncomment and change the ".example.com" to allow
# access from other hosts.
#
<Location /server-status>
     SetHandler server-status
     Order deny,allow
     Deny from all
     Allow from localhost ip6-localhost
     <IfModule mod_rewrite.c>
          RewriteEngine off
     </IfModule>
     Allow from 127.0.0.1

# On CentOS / RedHat systems, uncomment the following line
     AuthUserFile /etc/httpd/status-htpasswd

# On Debian / Ubuntu systems, uncomment the following line
#     AuthUserFile /etc/apache2/status-htpasswd

     AuthName "Password protected"
     AuthType Basic
     Require valid-user

     # Allow password-less access for allowed IPs
     Satisfy any
</Location>

</IfModule>

Once you have the configuration in place, you can secure it with a username and password:


# CentOS 6 / CentOS 7
[root@web01 ~]# htpasswd -c /etc/httpd/status-htpasswd serverinfo
[root@web01 ~]# service httpd restart




# Ubuntu 12.04
[root@web01 ~]# htpasswd -c /etc/apache2/status-htpasswd serverinfo
[root@web01 ~]# service apache2 restart



# Ubuntu 14.04
[root@web01 ~]# htpasswd -c /etc/apache2/status-htpasswd serverinfo
[root@web01 ~]# a2enconf status.conf
[root@web01 ~]# service apache2 restart

Now go to:


http://serverip/server-status

You can have the /server-status page refresh automatically by using the following in the URL:


http://serverip/server-status?refresh=2

It may give you some idea of what client, or what types of requests, are causing the resource contention issues. Usually it is a specific web application misbehaving, or a specific client is attacking a site.

Install mod_cloudflare.so, file_cache_module.so and mod_mem_cache.so on CentOS 6

March 21, 2017 The Geek Decoder Leave a comment Apache

How to Install mod_cloudflare.so, file_cache_module.so and mod_mem_cache.so on CentOS 6

Install xcache

July 12, 2016 The Geek Decoder Leave a comment Apache, PHP

CentOS 6

# yum install php-xcache xcache-admin

Debian/Ubuntu/Linux Mint


# apt-get install php5-xcache

Configure

RHEL/CentOS/Fedora


# nano /etc/php.d/xcache.ini

Debian/Ubuntu/Linux Mint


# nano /etc/php5/conf.d/xcache.ini

# nano /etc/php5/mods-available/xcache.ini

once you’re done with configuration settings, restart your Apache web server.



# /etc/init.d/httpd restart



# /etc/init.d/apache2 restart

Verify

# php -v

Enabling XCache Admin Panel for PHP

By default the admin panel is protected with http-auth and in disabled state. To set user/password open the Xcache.ini file. But, first you have to create md5 password using following command. (Where typeyourpassword is your password).


# echo -n "typeyourpassword" | md5sum

Sample Output


ae9ac3f19ae3990b2c99701061c5d8c2

Now open Xcache.ini file add the generated md5 password. See the following example, add your own password md5 string.


[xcache.admin]
xcache.admin.enable_auth = On
; Configure this to use admin pages
xcache.admin.user = "mOo"
; xcache.admin.pass = md5($your_password)
xcache.admin.pass = "ae9ac3f19ae3990b2c99701061c5d8c2"

The simplest way to do so is copying the whole directory xcache (admin was in older release) to your web root directory (i.e. /var/www/html or /var/www).


# cp -a /usr/share/xcache/ /var/www/html/


# cp -a /usr/share/xcache/htdocs /var/www/xcache


cp -a /usr/share/xcache/admin/ /var/www/ (older release)

Now call it from your browser, a http-auth login prompt window will pop-up. Enter your user/pass in, and it’s done.

http://localhost/xcache OR http://localhost/admin (older release)

How to enable Xcache in cPanel

July 12, 2016 The Geek Decoder Leave a comment Apache, cPanel

How to enable Xcache in cPanel to speed up website?
Xcache can be enabled in cPanel by using Easy Apache.

Log into your cPanel server. After you login, search for “EasyApache” in left column and click on the link. Select “Previously Saved Config” and click on “start customizing”. For both Apache and PHP, click on “next step” button. Look for “xcache for php” and check the box. Click on “save and build”. Allow the build process to finish.

To enable xcache, you will need to make changes to php.ini before it can be used by your scripts.

# nano  /usr/local/lib/php.ini

Here is recommended settings for xcache in cPanel —

xcache.admin.pass=””
xcache.admin.user=”mOo”
xcache.cacher=”On”
xcache.coredump_directory=””
xcache.count=”1″
xcache.coveragedump_directory=”/tmp/pcov/”
xcache.coverager=”Off”
xcache.gc_interval=”300″
xcache.mmap_path=”/dev/zero”
xcache.optimizer=”On”
xcache.readonly_protection=”Off”
xcache.size=”50M”
xcache.slots=”8K”
xcache.test=”Off”
xcache.ttl=”3600″
xcache.var_count=”2″
xcache.var_gc_interval=”300″
xcache.var_maxttl=”7200″
xcache.var_size=”16M”
xcache.var_slots=”8K”
xcache.var_ttl=”3600″

Make necessary changes and save. Aftererwards you will need to restart Apache in WHM for changes to take affect

# service http restart

Set up vhost in CentOS

June 1, 2016 The Geek Decoder Leave a comment Apache

Make a vhosts file in /etc/httpd/conf.d


# nano dominname.conf

Add the following

# file: /etc/http/conf.d/dominname.conf
# vhost: geekdecoder.com *.dominname.com
#NameVirtualHost *:80

<VirtualHost *:80>

  # Admin email, Server Name (domain name) and any aliases
    ServerName dominname.com
    ServerAlias www.dominname.com
    ServerAdmin webmaster@dominname.com

  # Index file and Document Root (where the public files are located)
    DirectoryIndex index.html index.php
    DocumentRoot /home/dominname/public_html

  # Custom log file locations
    LogLevel warn
    ErrorLog /home/dominname/logs/error.log
    CustomLog /home/dominname/logs/access.log combined

  # Error Documents
    ErrorDocument 404 /errors/404.html
    ErrorDocument 403 /errors/403.html

  <Directory />
    AllowOverride All
    Options None
  </Directory>

 <Directory "/home/dominname/public_html">
    Order allow,deny
    Allow from all
    Options SymLinksIfOwnerMatch
    Options -Indexes
    Options -Includes
  </Directory>

  ScriptAlias /cgi-bin/ /home/dominname/public_html/cgi-bin/
  <Location /cgi-bin>
  Options +ExecCGI
  </Location>

</VirtualHost>
<VirtualHost *:443>
        SSLEngine on
        SSLCertificateFile /etc/pki/tls/certs/dominname.crt
        SSLCertificateKeyFile /etc/pki/tls/private/dominname.key
        <Directory /home/dominname/public_html/>
        AllowOverride All
        </Directory>
        DocumentRoot /home/dominname/public_html
        ServerName dominname.com
</VirtualHost>

How to keep apache and mysql from starting automatically on Ubuntu 14

December 30, 2015 The Geek Decoder Leave a comment Apache, MySQL, Ubuntu

For all system services in /etc/init.d, disabling them can be done with the update-rc.d command, e.g.:


# update-rc.d -f apache2 remove

To restore it to running on startup:


# update-rc.d apache2 defaults

You can also manually start and stop via service apache2 start and service apache2 stop

Install Apache, Mysql and PHP on Ubuntu 14.04

September 29, 2015 The Geek Decoder Leave a comment Apache, MySQL, PHP, Ubuntu

How to install Apache, MySQL and PHP on Ubuntu 14.04

Update

# sudo apt-get update

Apache

# sudo apt-get install apache2

Install MySQL

# sudo apt-get install mysql-server php5-mysql

# sudo mysql_install_db

# mysql_secure_installation

Install PHP

# sudo apt-get install php5 libapache2-mod-php5 php5-mcrypt

Restart Server

# sudo /etc/init.d/apache2 restart

Check Apache

Open a web browser and navigate to http://IPADDRESS. You should see a message saying It works!

Check PHP

# php -r 'echo "\n\nYour PHP installation is working fine.\n\n\n";'

The requested resource does not allow request data with POST requests

September 7, 2015 The Geek Decoder Leave a comment Apache

The requested resource
/marketplace/marketplaceaccount/editProfile/
does not allow request data with POST requests, or the amount of data provided in the request exceeds the capacity limit

mod_security configuration in the /etc/httpd/conf.d/mod_security.conf file:


# Maximum request body size we will
# accept for buffering
SecRequestBodyLimit 131072

You should be able to change this value and restart apache for the uploads to work.

Update SSL cipher Suite from 1.0 to 1.2

August 28, 2015 The Geek Decoder Leave a comment Apache, SSL Certificates

SSL certificate info on Chrome you get a message that we are using an obsolete cipher suite TLS 1.0. We need to upgrade to 1.1 or 1.2. How can this be done?

# nano /etc/httpd/conf.d/ssl.conf

Old


# List the enable protocol levels with which clients will be able to
# connect.  Disable SSLv2 access by default:
SSLProtocol all -SSLv2

#   SSL Cipher Suite:
# List the ciphers that the client is permitted to negotiate.
# See the mod_ssl documentation for a complete list.
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW

New

##   SSL Protocol support:
## List the enable protocol levels with which clients will be able to
## connect.  Disable SSLv2 access by default:
SSLProtocol All -SSLv2 -SSLv3

SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
#
##   SSL Cipher Suite:
## List the ciphers that the client is permitted to negotiate.
## See the mod_ssl documentation for a complete list.
#SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW