1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Apache server tuning thread.

Discussion in 'Server Configuration and Hosting' started by Slavik, Mar 13, 2011.

  1. Slavik

    Slavik XenForo Moderator Staff Member

    These are what I currently have set up for my new server. (quad core 2.1ghz 4gb ram)

    Any suggestions to improve this further? The next upgrade I will be doing will be to move over to a LCMP stack, but that will be some while off.

    sysctl.conf edits

    Code:
    #Increase shared memory to 1gb
    kernel.shmall = 1073741824
    kernel.shmax = 1073741826
    
    # Disables packet forwarding
    net.ipv4.ip_forward=0
    
    # Disables IP source routing
    net.ipv4.conf.all.accept_source_route = 0
    net.ipv4.conf.lo.accept_source_route = 0
    net.ipv4.conf.eth0.accept_source_route = 0
    net.ipv4.conf.default.accept_source_route = 0
    
    # Enable IP spoofing protection, turn on source route verification
    net.ipv4.conf.all.rp_filter = 1
    net.ipv4.conf.lo.rp_filter = 1
    net.ipv4.conf.eth0.rp_filter = 1
    net.ipv4.conf.default.rp_filter = 1
    
    # Disable ICMP Redirect Acceptance
    net.ipv4.conf.all.accept_redirects = 0
    net.ipv4.conf.lo.accept_redirects = 0
    net.ipv4.conf.eth0.accept_redirects = 0
    net.ipv4.conf.default.accept_redirects = 0
    
    # Enable Log Spoofed Packets, Source Routed Packets, Redirect Packets
    net.ipv4.conf.all.log_martians = 0
    net.ipv4.conf.lo.log_martians = 0
    net.ipv4.conf.eth0.log_martians = 0
    
    # Disables IP source routing
    net.ipv4.conf.all.accept_source_route = 0
    net.ipv4.conf.lo.accept_source_route = 0
    net.ipv4.conf.eth0.accept_source_route = 0
    net.ipv4.conf.default.accept_source_route = 0
    
    # Enable IP spoofing protection, turn on source route verification
    net.ipv4.conf.all.rp_filter = 1
    net.ipv4.conf.lo.rp_filter = 1
    net.ipv4.conf.eth0.rp_filter = 1
    net.ipv4.conf.default.rp_filter = 1
    
    # Disable ICMP Redirect Acceptance
    net.ipv4.conf.all.accept_redirects = 0
    net.ipv4.conf.lo.accept_redirects = 0
    net.ipv4.conf.eth0.accept_redirects = 0
    net.ipv4.conf.default.accept_redirects = 0
    
    # Disables the magic-sysrq key
    kernel.sysrq = 0
    
    # Decrease the time default value for tcp_fin_timeout connection
    net.ipv4.tcp_fin_timeout = 15
    
    # Decrease the time default value for tcp_keepalive_time connection
    net.ipv4.tcp_keepalive_time = 1800
    
    # Turn off the tcp_window_scaling
    net.ipv4.tcp_window_scaling = 0
    
    # Turn off the tcp_sack
    net.ipv4.tcp_sack = 0
    
    # Turn off the tcp_timestamps
    net.ipv4.tcp_timestamps = 0
    
    # Enable TCP SYN Cookie Protection
    net.ipv4.tcp_syncookies = 1
    
    # Enable ignoring broadcasts request
    net.ipv4.icmp_echo_ignore_broadcasts = 1
    
    # Enable bad error message Protection
    net.ipv4.icmp_ignore_bogus_error_responses = 1
    
    # Log Spoofed Packets, Source Routed Packets, Redirect Packets
    net.ipv4.conf.all.log_martians = 1
    
    # Increases the size of the socket queue (effectively, q0).
    net.ipv4.tcp_max_syn_backlog = 1024
    
    # Increase the tcp-time-wait buckets pool size
    net.ipv4.tcp_max_tw_buckets = 1440000
    
    # Allowed local port range
    net.ipv4.ip_local_port_range = 16384 65536
    
    my.cnf edits

    Code:
    [mysqld]
    query_cache_limit=1M
    query_cache_size=64M
    query_cache_type=1
    max_connections=3000
    max_user_connections=600
    interactive_timeout=100
    wait_timeout=100
    connect_timeout=10
    thread_cache_size=512
    key_buffer=512M
    join_buffer_size=2M
    max_allowed_packet=32M
    table_cache=1024
    sort_buffer_size=2M
    read_buffer_size=2M
    read_rnd_buffer_size=3072K
    max_connect_errors=10
    thread_concurrency=8
    myisam_sort_buffer_size=128M
    skip-locking
    [myisamchk]
    key_buffer=256M
    sort_buffer=256M
    read_buffer=64M
    write_buffer=64M
    
    httpd
    Code:
    HTTPD=/usr/sbin/httpd.worker
    
    httpd.conf
    Code:
    <IfModule worker.c>
    StartServers 6
    MaxClients 300 .
    MinSpareThreads 25
    MaxSpareThreads 75
    ThreadsPerChild 25
    MaxRequestsPerChild 2000
    </IfModule>
    LoadModule fastcgi_module modules/mod_fastcgi.so
    
    php.fcgi

    Code:
    #!/bin/bash
    PHP_CGI=/usr/bin/php-cgi
    PHP_FCGI_CHILDREN=16
    PHP_FCGI_MAX_REQUESTS=1000
    export PHP_FCGI_CHILDREN
    export PHP_FCGI_MAX_REQUESTS
    exec $PHP_CGI
    
    php.conf
    Code:
    AddHandler php5-fastcgi .php
    Action php5-fastcgi /cgi-bin/php.fcgi
    DirectoryIndex index.php
    
    memcached

    Code:
    PORT="11211"
    USER="nobody"
    MAXCONN="1024"
    CACHESIZE="512"
    OPTIONS=""
    
    php.ini

    Code:
    extension=memcache.so
    output_buffering = On
    output_handler = ob_gzhandler
    zlib.output_compression = Off
    zend_extension="/usr/lib64/php/modules/eaccelerator.so"
    eaccelerator.shm_size="64"
    eaccelerator.cache_dir="/tmp/eaccelerator"
    eaccelerator.enable="1"
    eaccelerator.optimizer="1"
    eaccelerator.check_mtime="1"
    eaccelerator.debug="0"
    eaccelerator.filter=""
    eaccelerator.shm_max="0"
    eaccelerator.shm_ttl="0"
    eaccelerator.shm_prune_period="0"
    eaccelerator.shm_only="0"
    eaccelerator.compress="1"
    eaccelerator.compress_level="9"
    eaccelerator.log_file = "/var/log/httpd/eaccelerator_log"
    
     
    Digital Doctor and Ingenious like this.
  2. CyclingTribe

    CyclingTribe Well-Known Member

    On a quick (from memory) overview, try:

    Increase key_buffer for mysqld to 512MB - decrease join to 2MB.

    Increase Memcached buffer to 512.

    Consider using APC to accelerate delivery of PHP content.

    Also, have you downloaded "mysqltuner.pl" and "tuning-primer.sh"? They're both helpful tools for tweaking your setup.

    Be careful though, it can get compulisive and if you're not careful you can spend months shaving ms off page load times (so I'm told ... lol).

    Cheers,
    Shaun :D
     
  3. Slavik

    Slavik XenForo Moderator Staff Member

    1) will try it
    2) Oops, forgot to up this.
    3) eaccelerator does what apc does, but has better mem usage and slightly better speeds from my personal experience.
    4) new server is not actively being used at the moment, I will be running these after giving the server a few days of live traffic.
     
  4. CyclingTribe

    CyclingTribe Well-Known Member

    3) Ah, I missed that (I was cooking tea for the family at the time though, he he).

    How many sites are you going to be hosting on it?

    Cheers,
    Shaun :D
     
  5. Slavik

    Slavik XenForo Moderator Staff Member

    Magento store
    Vbulletin site (2gb database)
    Xenforo site (will take over vb once all worked out)
    Email service
     
  6. CyclingTribe

    CyclingTribe Well-Known Member

    Cor, that'll run sweet then :)

    I remember doing a few other tweaks to my setup last year when optimising, so when I'm on the laptop next I'll try to add a few more bits. Might not be useful, but doesn't hurt to pass things on in case they are.

    It's always nice getting a fast new machine :)

    Shaun :D
     
  7. Riven

    Riven Member

Share This Page