Apache server tuning thread.

Slavik

XenForo moderator
Staff member
These are what I currently have set up for my new server. (quad core 2.1ghz 4gb ram)

Any suggestions to improve this further? The next upgrade I will be doing will be to move over to a LCMP stack, but that will be some while off.

sysctl.conf edits

Code:
#Increase shared memory to 1gb
kernel.shmall = 1073741824
kernel.shmax = 1073741826

# Disables packet forwarding
net.ipv4.ip_forward=0

# Disables IP source routing
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.lo.accept_source_route = 0
net.ipv4.conf.eth0.accept_source_route = 0
net.ipv4.conf.default.accept_source_route = 0

# Enable IP spoofing protection, turn on source route verification
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.lo.rp_filter = 1
net.ipv4.conf.eth0.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1

# Disable ICMP Redirect Acceptance
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.lo.accept_redirects = 0
net.ipv4.conf.eth0.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0

# Enable Log Spoofed Packets, Source Routed Packets, Redirect Packets
net.ipv4.conf.all.log_martians = 0
net.ipv4.conf.lo.log_martians = 0
net.ipv4.conf.eth0.log_martians = 0

# Disables IP source routing
net.ipv4.conf.all.accept_source_route = 0
net.ipv4.conf.lo.accept_source_route = 0
net.ipv4.conf.eth0.accept_source_route = 0
net.ipv4.conf.default.accept_source_route = 0

# Enable IP spoofing protection, turn on source route verification
net.ipv4.conf.all.rp_filter = 1
net.ipv4.conf.lo.rp_filter = 1
net.ipv4.conf.eth0.rp_filter = 1
net.ipv4.conf.default.rp_filter = 1

# Disable ICMP Redirect Acceptance
net.ipv4.conf.all.accept_redirects = 0
net.ipv4.conf.lo.accept_redirects = 0
net.ipv4.conf.eth0.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0

# Disables the magic-sysrq key
kernel.sysrq = 0

# Decrease the time default value for tcp_fin_timeout connection
net.ipv4.tcp_fin_timeout = 15

# Decrease the time default value for tcp_keepalive_time connection
net.ipv4.tcp_keepalive_time = 1800

# Turn off the tcp_window_scaling
net.ipv4.tcp_window_scaling = 0

# Turn off the tcp_sack
net.ipv4.tcp_sack = 0

# Turn off the tcp_timestamps
net.ipv4.tcp_timestamps = 0

# Enable TCP SYN Cookie Protection
net.ipv4.tcp_syncookies = 1

# Enable ignoring broadcasts request
net.ipv4.icmp_echo_ignore_broadcasts = 1

# Enable bad error message Protection
net.ipv4.icmp_ignore_bogus_error_responses = 1

# Log Spoofed Packets, Source Routed Packets, Redirect Packets
net.ipv4.conf.all.log_martians = 1

# Increases the size of the socket queue (effectively, q0).
net.ipv4.tcp_max_syn_backlog = 1024

# Increase the tcp-time-wait buckets pool size
net.ipv4.tcp_max_tw_buckets = 1440000

# Allowed local port range
net.ipv4.ip_local_port_range = 16384 65536

my.cnf edits

Code:
[mysqld]
query_cache_limit=1M
query_cache_size=64M
query_cache_type=1
max_connections=3000
max_user_connections=600
interactive_timeout=100
wait_timeout=100
connect_timeout=10
thread_cache_size=512
key_buffer=512M
join_buffer_size=2M
max_allowed_packet=32M
table_cache=1024
sort_buffer_size=2M
read_buffer_size=2M
read_rnd_buffer_size=3072K
max_connect_errors=10
thread_concurrency=8
myisam_sort_buffer_size=128M
skip-locking
[myisamchk]
key_buffer=256M
sort_buffer=256M
read_buffer=64M
write_buffer=64M

httpd
Code:
HTTPD=/usr/sbin/httpd.worker

httpd.conf
Code:
<IfModule worker.c>
StartServers 6
MaxClients 300 .
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 2000
</IfModule>
LoadModule fastcgi_module modules/mod_fastcgi.so

php.fcgi

Code:
#!/bin/bash
PHP_CGI=/usr/bin/php-cgi
PHP_FCGI_CHILDREN=16
PHP_FCGI_MAX_REQUESTS=1000
export PHP_FCGI_CHILDREN
export PHP_FCGI_MAX_REQUESTS
exec $PHP_CGI

php.conf
Code:
AddHandler php5-fastcgi .php
Action php5-fastcgi /cgi-bin/php.fcgi
DirectoryIndex index.php

memcached

Code:
PORT="11211"
USER="nobody"
MAXCONN="1024"
CACHESIZE="512"
OPTIONS=""

php.ini

Code:
extension=memcache.so
output_buffering = On
output_handler = ob_gzhandler
zlib.output_compression = Off
zend_extension="/usr/lib64/php/modules/eaccelerator.so"
eaccelerator.shm_size="64"
eaccelerator.cache_dir="/tmp/eaccelerator"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.filter=""
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="0"
eaccelerator.shm_prune_period="0"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"
eaccelerator.log_file = "/var/log/httpd/eaccelerator_log"
 
On a quick (from memory) overview, try:

Increase key_buffer for mysqld to 512MB - decrease join to 2MB.

Increase Memcached buffer to 512.

Consider using APC to accelerate delivery of PHP content.

Also, have you downloaded "mysqltuner.pl" and "tuning-primer.sh"? They're both helpful tools for tweaking your setup.

Be careful though, it can get compulisive and if you're not careful you can spend months shaving ms off page load times (so I'm told ... lol).

Cheers,
Shaun :D
 
On a quick (from memory) overview, try:

Increase key_buffer for mysqld to 512MB - decrease join to 2MB.

Increase Memcached buffer to 512.

Consider using APC to accelerate delivery of PHP content.

Also, have you downloaded "mysqltuner.pl" and "tuning-primer.sh"? They're both helpful tools for tweaking your setup.

Be careful though, it can get compulisive and if you're not careful you can spend months shaving ms off page load times (so I'm told ... lol).

Cheers,
Shaun :D

1) will try it
2) Oops, forgot to up this.
3) eaccelerator does what apc does, but has better mem usage and slightly better speeds from my personal experience.
4) new server is not actively being used at the moment, I will be running these after giving the server a few days of live traffic.
 
3) Ah, I missed that (I was cooking tea for the family at the time though, he he).

How many sites are you going to be hosting on it?

Cheers,
Shaun :D
 
3) Ah, I missed that (I was cooking tea for the family at the time though, he he).

How many sites are you going to be hosting on it?

Cheers,
Shaun :D

Magento store
Vbulletin site (2gb database)
Xenforo site (will take over vb once all worked out)
Email service
 
Cor, that'll run sweet then :)

I remember doing a few other tweaks to my setup last year when optimising, so when I'm on the laptop next I'll try to add a few more bits. Might not be useful, but doesn't hurt to pass things on in case they are.

It's always nice getting a fast new machine :)

Shaun :D
 
Top Bottom