Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
apache [2012/07/30 20:18]
188.143.232.12 dijjfZhmxGR
apache [2012/07/31 12:45] (current)
greebo old revision restored
Line 1: Line 1:
-I had the same problemafter fowolling ​all the advices ​above , i came across this:# enable resulting ​html compressionFor security reasonsmod_php ​is not used on this server. Use php.ini file for php directives ​#php_flag zlib.output_compression onMy host is bluehost.So in ~public_html/php.ini change ​this line:zlib.output_compression = offtozlib.output_compression = onNow it is super fast.Thank you all+====== Apache ====== 
 +==== utils ==== 
 +   * vlogger: http://​n0rp.chemlab.org/​vlogger 
 +   * webalizer: http://​www.mrunix.net/​webalizer 
 + 
 + 
 + 
 +===== optimization ===== 
 +  * **disable DNS Look Up** 
 +  * **MaxClients** ( 512 ) 
 +  * **KeepAlive** 
 +     * Disable KeepAlive connections (by setting KeepAlive to Off) 
 +     * Shorten ​the KeepAliveTimeout value to something like 3 seconds for instances), reducing the maximum simultaneous opened connections to 768 
 +  * **Compress HTTP Content** 
 +  * **Turn off unwanted services** - There are a few services and/or features that you will want to turn off or not allowAll of these services can be disabled in the httpd.conf file. Those services/​features that could cause the most issues include: 
 +       * Directory browsing. This is done within a directory tag (the document root is a good place to start) using the Options directive and is set with “-Indexing”. 
 +       * Server side Includes. This is another feature that is disabled within a directory tag (using Options directive) and is set with “-Includes”. 
 +       * CGI execution. Unless your site needs CGI, turn this off. This feature is also set within a directory tag using the Options directive, with “-ExecCGI”. 
 +       * Symbolic links. Set this inside a (surprise, surprise) directory tag with “-FollowSymLinks”. 
 +       * None. You can turn off all options (in the same way you set the above) using “None” with the Option directive. 
 +   * **Disable unused modules** 
 +   * **Restrict access** 
 +<​code>​ 
 +Order DenyAllow 
 +Deny from all 
 +Allow from 192.168.1.0/​16 
 +</​code>​ 
 +   * **Limit request size** - Denial of service attacks are always a possibility when you allow large requests on Apache. Apache has a directive, LimitRequestBody,​ that is placed within a Directory tag. The size of your limit will depend upon your Web site’s needs. By default, LimitRequestBody is set to unlimited. 
 +   * **Hide Apache’s version number** 
 +<​code>​ 
 +ServerSignature Off 
 +ServerTokens Prod 
 +TraceEnable Off 
 +</​code>​ 
 + 
 +in ssl.conf 
 + 
 +   ​SSLProtocol -ALL +SSLv3 +TLSv1 
 +   ​SSLCipherSuite ALL:!aNULL:​!ADH:​!eNULL:​!LOW:​!EXP:​RC4+RSA:​+HIGH:​+MEDIUM 
 + 
 +in vhost 
 + 
 +   ​Include conf/​ssl.conf 
 +   ​RewriteEngine on 
 +   ​RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK) 
 +   ​RewriteRule .* - [F] 
 + 
 +   * **Disable unnecessary PHP variable** 
 +<​code>​ 
 +allow_call_time_pass_reference = Off 
 +magic_quotes_gpc = Off 
 +register_long_arrays = Off 
 +register_argc_argv = Off 
 +allow_url_fopen = Off 
 +expose_php = Off 
 +disable_functions = symlink,​shell_exec,​proc_close,​proc_open,​dl,​passthru,​escapeshellarg,​escapeshellcmd,​openlog,​ apache_child_terminate,​apache_get_modules,​apache_get_version,​apache_getenv,​apache_note,​apache_setenv,​virtual,​ phpinfo 
 +</​code>​ 
 + 
 +===== mod_deflate (Apache2) ===== 
 + 
 +also see: [[http://​www.howtoforge.com/​apache2_mod_deflate|HowtoForce - ModDeflate]],​ [[http://​pflanze.mine.nu/​~chris/​mod_deflate/​mod_deflate_readme_EN.html|mod_deflate]] 
 +  <​Location /> 
 +   Insert filter 
 +   ​SetOutputFilter DEFLATE 
 +   
 +   #​DeflateFilterNote ratio 
 +   #​DeflateCompressionLevel 9 
 +   # Netscape 4.x has some problems... 
 +   ​BrowserMatch ^Mozilla/4 gzip-only-text/​html 
 +   
 +   Netscape 4.06-4.08 have some more problems 
 +   ​BrowserMatch ^Mozilla/​4\.0[678] no-gzip 
 +   
 +   # MSIE masquerades as Netscapebut it is fine 
 +   # BrowserMatch \bMSIE !no-gzip !gzip-only-text/​html 
 +   
 +   # NOTE: Due to bug in mod_setenvif up to Apache 2.0.48 
 +   the above regex won't workYou can use the following 
 +   # workaround to get the desired effect: 
 +   ​BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/​html 
 +   
 +   # Don't compress images 
 +   ​SetEnvIfNoCase Request_URI \.(?:​gif|jpe?​g|png)$ no-gzip dont-vary 
 +   ​SetEnvIfNoCase Request_URI \.(?:​exe|t?​gz|zip|bz2|sit|rar)$ no-gzip dont-vary 
 +   ​SetEnvIfNoCase Request_URI \.pdf$ no-gzip dont-vary 
 +   
 +   # Make sure proxies don't deliver the wrong content 
 +    Header append Vary User-Agent env=!dont-vary 
 +  </Location>​ 
 + 
 +This configuration will compress everything except for imagesOf courseyou can’t test this with curl, but you can test it with Firefox and [[https://addons.mozilla.org/​en-US/​firefox/​addon/​3829|LiveHTTPHeaders]]If you don’t have Firefox handy, you can try a very handy **[[http://​www.gidnetwork.com/​tools/​gzip-test.php|web application]]** that will give you the statistics about the compression of your site’s data. 
 + 
 + 
 +deflate.load 
 +header.load 
 + 
 + 
 += SSL = 
 +http://​www.mail-archive.com/​modssl-users@modssl.org/​msg10790.html\\ 
 + 
 +ssl.conf\\ 
 +#​SSLSessionCache ​        ​shmcb:/​var/​run/​apache2/​ssl_scache(512000)\\ 
 +SSLSessionCache ​        ​dbm:/​var/​run/​apache2/​ssl_scache\\ 
 +SSLSessionCacheTimeout ​ 300\\ 
 + 
 + 
apache.txt · Last modified: 2012/07/31 12:45 by greebo
CC Attribution-Noncommercial-Share Alike 4.0 International
Valid CSS Driven by DokuWiki do yourself a favour and use a real browser - get firefox!! Recent changes RSS feed Valid XHTML 1.0 ipv6 ready