Re: [users@httpd] How do I choose the best settings for the Apache Server?

[Frank Gingras]

You can only load one mpm module at a time. Run apachectl -M to see the
loaded mpm.

On Fri, Sep 15, 2023 at 6:19 PM Jason Long 
wrote:

> Hello,
> What happens if I use both modules at the same time?
>
>
> On Fri, Sep 15, 2023 at 3:08 PM, Daniel Ferradal
>  wrote:
>
>
> El vie, 15 sept 2023 a las 13:36, Daniel Ferradal ()
> escribió:
>
>
> When I probably recommended  MaxSpareThreads == to MaxRequestWorkers was
> due to Apache httpd with third party modules not restarting gracefully,
> that along to MaxConnectionsPerChild 0 would prevent HTTPD from trying to
> restart them.
>
> I meant httpd server child processes not restarting gracefully
>
>
> --
> Daniel Ferradal
> HTTPD Project
> #httpd help at Libera.Chat
>
>

Re: [users@httpd] How do I choose the best settings for the Apache Server?

[Jason Long]

Hello,What happens if I use both modules at the same time?

 
 
  On Fri, Sep 15, 2023 at 3:08 PM, Daniel Ferradal wrote: 
  

El vie, 15 sept 2023 a las 13:36, Daniel Ferradal () 
escribió:


When I probably recommended  MaxSpareThreads == to MaxRequestWorkers was due to 
Apache httpd with third party modules not restarting gracefully, that along to 
MaxConnectionsPerChild 0 would prevent HTTPD from trying to restart them.

I meant httpd server child processes not restarting gracefully

-- 
Daniel Ferradal
HTTPD Project
#httpd help at Libera.Chat  

RE: [users@httpd] realtime protection against cloud scans

[Marc]

I would even state that >80% of your server load is crap, if you don't block 
any ranges. Besides that you open yourself up to vulnerability checks and 
monitoring for domain hijacking etc.

> 
> Does the traffic from those cloud ranges have any significant impact on
> your server performance?
> 
> On Tue, Sep 12, 2023 at 10:33 AM Marc   > wrote:
> 
> 
> 
>   Anyone having a suggestion on how to block cloud crawlers/bots?
> Obviously I would like search engine bots to have access, but all the other
> crap I want to lose. Only 'real users'.
> 
>   What is best practice for this? Just getting amazon,
> googleusercontent, digitalocean, azure ip ranges and put them in something
> like ipset or are there currently better ways of doing this?
> 
> 
> 

Re: [users@httpd] Apache Perms for Django

[Frank Gingras]

I would take a look at:

https://cwiki.apache.org/confluence/display/httpd/13PermissionDenied

On Mon, Sep 4, 2023 at 2:01 AM Ahmad Bilal 
wrote:

> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> I am in the final stage of Django deployment on Apache+mod_wsgi
> however I keep getting `403 Forbidden` error when I go to `127.0.0.1`
> my apache log says this:
>
> [core:error] [pid 7092:tid 7264] (13)Permission denied: [client
> 127.0.0.1:57598] AH00035: access to / denied (filesystem path
> '/home/djangouser/djangoprojects') because search permissions are missing
> on a component of the path
>
> I have already given 755 permission on each folder and 644 permissions to
> files
> 11:27
> I made the wsgi.py file as 755 as well
> Someone mentioned that maybe Apache is not being able to access the file
> mod_wsgi is running in daemon mode .. as djangouser (second
> non-priviledged linux user)
> just following the documentation.. on both Django and Apache+mod_wsgi
> This is my custom apache config file
> https://paste.pythondiscord.com/55JQ (edited)
> 11:28
> somebody told me.. that Apache should be made group owner of the top-most
> folder.. But I am not sure if that is a good idea
>
>
> Sent with Proton Mail secure email.
> -BEGIN PGP SIGNATURE-
> Version: ProtonMail
>
> wsBzBAEBCAAnBYJk9XJ5CZD3irc5ItUgGhYhBDkFTpuTInATMeXMGveKtzki
> 1SAaAACk/gf/QaUTDvWw30t5kLrNZ7PcwDQqQT0s7rLLuUqsC3VGhmLAyqy6
> N7poU0xfhyuMC57KtTDA7R9zUIzCtnV5ZLfgLXT6Y37NS8DuRlyWQVkkQka5
> 90OBvOxRLcM97Ztinvv4pUoGqqS8h5lUb/GifezJv/3S2sDH6gOXnNPd7BIA
> kjnZJzmF7tEewWPu37jVM1Qh6YHOJ1UfnAtzyE9nt+h9IufsP80OQyam2R4a
> fLfvqAep6k5mpG2rs2wijl3F8R7rS3B8JDaQ8jHlO9vBELJzE5eIDr9oP13Z
> oLn9BNhNbBpM+4HmpAUnyxhhH32VRCvLbeAELRsDVlXCENJBhPwF+g==
> =J/3D
> -END PGP SIGNATURE-
>
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Inquiry about apache httpd compile option

[Frank Gingras]

What is the problem you are trying to solve here with those compile options?

On Sun, Sep 10, 2023 at 5:28 AM (대학원생) 양성현 (컴퓨터공학과) 
wrote:

> Hello,
>
> First of all, thank you for reading this mail.
>
> I send an email to this address to ask three questions about apache httpd
> compilation.
>
> First, I am curious whether it is possible to know the compile option by
> only using httpd binary file.
> I tried to compare the compile options between Bitnami and Drupal which
> are the containers using apache httpd server.
> I could find the compile option of Bitnami from config.nice file in
> Bitnami's container.
> However, I could not see any information of Drupal's compile option in
> Drupal's container.
>
> So, I am curious whether it is possible to find the compile option of
> apache httpd by only using httpd binary file or apache2 binary file.
>
>
> Second, does configure option(e.g., --enable-ssl --enable-so) which is
> used to build the apache httpd affect the httpd binary file?
> I think that if the configure option is different, the httpd binary file
> is also different.
> However, when I compiled the httpd program with two options (one command
> is "./configure" and the other is "./configure --enable-ssl --enable-so")
> and llvm, I could get the same bitcode files from two different options.
>
> So, I am curious whether the configure option affects building apache
> httpd. If it does not affect, I also want to know whether apache httpd only
> uses same httpd binary file and supports some functions by only using
> configuration file (e.g, httpd.conf).
>
>
> Lastly, may I know the compile option of httpd or apache2 which they can
> be installed using commands (e.g, apt install apache2)?
>
>
> I am not sure whether asking these questions to this mail is right. If it
> is not right, may I know where should I ask about these questions?
>
>
> I appreciate you for reading this email.
>
> I look forward to hearing from you.
>
> Sincerely,
>
>

Re: [users@httpd] realtime protection against cloud scans

[Frank Gingras]

Does the traffic from those cloud ranges have any significant impact on
your server performance?

On Tue, Sep 12, 2023 at 10:33 AM Marc  wrote:

>
> Anyone having a suggestion on how to block cloud crawlers/bots? Obviously
> I would like search engine bots to have access, but all the other crap I
> want to lose. Only 'real users'.
>
> What is best practice for this? Just getting amazon, googleusercontent,
> digitalocean, azure ip ranges and put them in something like ipset or are
> there currently better ways of doing this?
>
>
>

Re: [users@httpd] where to change this "internal server error message"

[Frank Gingras]

So we're likely dealing with mod_security overriding the response. I
haven't tinkered with that module in some time to give you a definitive
answer.

On Fri, Sep 15, 2023 at 11:49 AM Marc  wrote:

> >
> > What is returning the 500 response here? Is php/python/perl involved?
>
> No, I think this mod_security is generating this
>
> > As for the scrapers, you are absolutely wasting your time customizing the
> > response. I would just return a 403, actually.
>
> I think you might be right. I did not expect to waste so much time on
> trying to just send an 'empty' body.
>
> >
> >
> >   > See the ErrorDocument directive.
> >
> >   It does not seem to work. It looks like this config is skipped and
> > the error is loaded directly from the httpd binary.
> >
> >   ErrorDocument 500 /406.html
> >
> >   > Now, why is that response not suitable? And why would you respond
> > with a
> >   > 200 for a blocked user agent?
> >
> >   I think it is better to return to scrapers 200 and empty content,
> > instead of notifying them so they can reconfigure their systems.
> >
> >   >
> >   >
> >   >   Where/how can I change this message?
> >   >
> >   >   The server encountered an internal error or
> >   >   misconfiguration and was unable to complete
> >   >   your request.
> >   >   Please contact the server administrator at
> >   >xxx to inform them of the time this error occurred,
> >   >and the actions you performed just before this error.
> >   >   More information about this error may be available
> >   >   in the server error log.
> >   >   
> >   >
> >   >   or as a work-a-round, how can refuse access with
> modsecurity
> > and just
> >   > generate a 200 blank page response.
> >   >
> >   >   SecRule REQUEST_HEADERS:User-Agent "blockthisua"
> >   > "id:'13006',phase:2,log,deny,status:200"
> >   >
> >
> >
>
>

RE: [users@httpd] where to change this "internal server error message"

[Marc]

> 
> What is returning the 500 response here? Is php/python/perl involved?

No, I think this mod_security is generating this

> As for the scrapers, you are absolutely wasting your time customizing the
> response. I would just return a 403, actually.

I think you might be right. I did not expect to waste so much time on trying to 
just send an 'empty' body.

> 
> 
>   > See the ErrorDocument directive.
> 
>   It does not seem to work. It looks like this config is skipped and
> the error is loaded directly from the httpd binary.
> 
>   ErrorDocument 500 /406.html
> 
>   > Now, why is that response not suitable? And why would you respond
> with a
>   > 200 for a blocked user agent?
> 
>   I think it is better to return to scrapers 200 and empty content,
> instead of notifying them so they can reconfigure their systems.
> 
>   >
>   >
>   >   Where/how can I change this message?
>   >
>   >   The server encountered an internal error or
>   >   misconfiguration and was unable to complete
>   >   your request.
>   >   Please contact the server administrator at
>   >xxx to inform them of the time this error occurred,
>   >and the actions you performed just before this error.
>   >   More information about this error may be available
>   >   in the server error log.
>   >   
>   >
>   >   or as a work-a-round, how can refuse access with modsecurity
> and just
>   > generate a 200 blank page response.
>   >
>   >   SecRule REQUEST_HEADERS:User-Agent "blockthisua"
>   > "id:'13006',phase:2,log,deny,status:200"
>   >
> 
> 

Re: [users@httpd] where to change this "internal server error message"

[Frank Gingras]

What is returning the 500 response here? Is php/python/perl involved?

As for the scrapers, you are absolutely wasting your time customizing the
response. I would just return a 403, actually.

On Fri, Sep 15, 2023 at 11:37 AM Marc  wrote:

>
> > See the ErrorDocument directive.
>
> It does not seem to work. It looks like this config is skipped and the
> error is loaded directly from the httpd binary.
>
> ErrorDocument 500 /406.html
>
> > Now, why is that response not suitable? And why would you respond with a
> > 200 for a blocked user agent?
>
> I think it is better to return to scrapers 200 and empty content, instead
> of notifying them so they can reconfigure their systems.
>
> >
> >
> >   Where/how can I change this message?
> >
> >   The server encountered an internal error or
> >   misconfiguration and was unable to complete
> >   your request.
> >   Please contact the server administrator at
> >xxx to inform them of the time this error occurred,
> >and the actions you performed just before this error.
> >   More information about this error may be available
> >   in the server error log.
> >   
> >
> >   or as a work-a-round, how can refuse access with modsecurity and
> just
> > generate a 200 blank page response.
> >
> >   SecRule REQUEST_HEADERS:User-Agent "blockthisua"
> > "id:'13006',phase:2,log,deny,status:200"
> >
>
>

RE: [users@httpd] where to change this "internal server error message"

[Marc]

> See the ErrorDocument directive.

It does not seem to work. It looks like this config is skipped and the error is 
loaded directly from the httpd binary. 

ErrorDocument 500 /406.html

> Now, why is that response not suitable? And why would you respond with a
> 200 for a blocked user agent?

I think it is better to return to scrapers 200 and empty content, instead of 
notifying them so they can reconfigure their systems.

> 
> 
>   Where/how can I change this message?
> 
>   The server encountered an internal error or
>   misconfiguration and was unable to complete
>   your request.
>   Please contact the server administrator at
>xxx to inform them of the time this error occurred,
>and the actions you performed just before this error.
>   More information about this error may be available
>   in the server error log.
>   
> 
>   or as a work-a-round, how can refuse access with modsecurity and just
> generate a 200 blank page response.
> 
>   SecRule REQUEST_HEADERS:User-Agent "blockthisua"
> "id:'13006',phase:2,log,deny,status:200"
> 

Re: [users@httpd] where to change this "internal server error message"

[Frank Gingras]

See the ErrorDocument directive.

Now, why is that response not suitable? And why would you respond with a
200 for a blocked user agent?

On Fri, Sep 15, 2023 at 11:26 AM Marc  wrote:

> Where/how can I change this message?
>
> The server encountered an internal error or
> misconfiguration and was unable to complete
> your request.
> Please contact the server administrator at
>  xxx to inform them of the time this error occurred,
>  and the actions you performed just before this error.
> More information about this error may be available
> in the server error log.
> 
>
> or as a work-a-round, how can refuse access with modsecurity and just
> generate a 200 blank page response.
>
> SecRule REQUEST_HEADERS:User-Agent "blockthisua"
> "id:'13006',phase:2,log,deny,status:200"
>

[users@httpd] where to change this "internal server error message"

[Marc]

Where/how can I change this message?

The server encountered an internal error or
misconfiguration and was unable to complete
your request.
Please contact the server administrator at
 xxx to inform them of the time this error occurred,
 and the actions you performed just before this error.
More information about this error may be available
in the server error log.


or as a work-a-round, how can refuse access with modsecurity and just generate 
a 200 blank page response.

SecRule REQUEST_HEADERS:User-Agent "blockthisua" 
"id:'13006',phase:2,log,deny,status:200"

Re: [users@httpd] How do I choose the best settings for the Apache Server?

[Daniel Ferradal]

El vie, 15 sept 2023 a las 13:36, Daniel Ferradal ()
escribió:

>
> When I probably recommended  MaxSpareThreads == to MaxRequestWorkers was
> due to Apache httpd with third party modules not restarting gracefully,
> that along to MaxConnectionsPerChild 0 would prevent HTTPD from trying to
> restart them.
>
> I meant httpd server child processes not restarting gracefully

-- 
Daniel Ferradal
HTTPD Project
#httpd help at Libera.Chat

Re: [users@httpd] How do I choose the best settings for the Apache Server?

[Daniel Ferradal]

El vie, 15 sept 2023 a las 12:38, Mike Dewhirst ()
escribió:

>
> # After reading
> https://www.liquidweb.com/kb/apache-performance-tuning-apache-mpm-modules/
> 
> ServerLimit 32
> StartServers16
> MinSpareThreads 400
> #MaxSpareThreads 250 increase == MaxRequestWorkers
> dferra...@apache.org
> MaxSpareThreads 800
> ThreadLimit 64
> ThreadsPerChild 50
> AsyncRequestWorkerFactor2
> MaxRequestWorkers   800
> MaxConnectionsPerChild  0
> 
>
>
>
>
When I probably recommended  MaxSpareThreads == to MaxRequestWorkers was
due to Apache httpd with third party modules not restarting gracefully,
that along to MaxConnectionsPerChild 0 would prevent HTTPD from trying to
restart them.

Where did you get this?

Also I keep wondering why people assign so many processes, StartServers 16?
In a threaded mpm?

Why not just assign just 2 or even 4, and assign 100, 200 worker threads
each?

-- 
Daniel Ferradal
HTTPD Project
#httpd help at Libera.Chat

Re: [users@httpd] How do I choose the best settings for the Apache Server?

[Mike Dewhirst]

On 15/09/2023 8:14 pm, Jason Long wrote:

Hello,
Thank you so much.
Can you share an ideal Apache configuration file? Something like a 
template.


Not saying this is ideal but I went through an iterative set of confs 
and came to the following for a 4GB VM which seems to be OK in a lightly 
loaded scenario.


# event MPM
# ServerLimit: Upper limit on configurable number of processes (default 16)
# StartServers: initial number of server processes to start (default 3)
# MinSpareThreads: minimum number of worker threads which are kept spare 
(default 75)
# MaxSpareThreads: maximum number of worker threads which are kept spare 
(default 250)
# ThreadLimit: upper limit on the configurable number of threads per 
child process (default 64)
# ThreadsPerChild: constant number of worker threads in each server 
process (default 25)
# MaxRequestWorkers: maximum number of worker threads 
(ServerLimit*ThreadsPerChild)

# MaxConnectionsPerChild: maximum number of requests a server process serves
##
# After reading 
https://www.liquidweb.com/kb/apache-performance-tuning-apache-mpm-modules/


    ServerLimit 32
    StartServers    16
    MinSpareThreads 400
#    MaxSpareThreads 250 increase == 
MaxRequestWorkers dferra...@apache.org

    MaxSpareThreads 800
    ThreadLimit 64
    ThreadsPerChild 50
    AsyncRequestWorkerFactor    2
    MaxRequestWorkers   800
    MaxConnectionsPerChild  0


##
# First stab after reading Apache docs
#
#    ServerLimit            16
#    StartServers            3
#    MinSpareThreads            75
#    MaxSpareThreads            250
#    ThreadLimit            750
#    ThreadsPerChild            250
#    AsyncRequestWorkerFactor    2
#    MaxRequestWorkers        1000
#    MaxConnectionsPerChild        0
#
# Original
#
#    StartServers    2
#    MinSpareThreads 25
#    MaxSpareThreads 75
#    ThreadLimit 64
#    ThreadsPerChild 25
#    MaxRequestWorkers   150
#    MaxConnectionsPerChild  0
#








On Fri, Sep 15, 2023 at 1:17 AM, Stormy
 wrote:
On 2023-09-14 16:01, Jason Long wrote:
> Hello,
> Thanks again.
> How about the other parameters? For example, how can I estimate
the best
> value for "MaxRequestsPerChild", "ThreadsPerChild" and etc.?

What is wrong with the default values? Why do you want to "estimate"?
Have you tried different values? If so, what was the
upside/downside of
your trials? Logs? Stats?

You say somewhere below that your server "uses WordPress, so it
also has
PHP and MySQL."  Fine, these are services (memory and CPU cycles)
outside the scope of Apache/httpd which just "serves" what it is
given
to "serve."

As an example, I have just rewritten a quite big (474 Gb) WP
website in
html5 with minimal php and js. Result: client output identical,
Apache
throughput just over 90% lower. YMMV

Good luck,
Paul
>
>
>    On Thu, Sep 14, 2023 at 10:27 PM, Frank Gingras
>     wrote:
>    Just comment out the LoadModule line for prefork, and
uncomment the
>    line for event.
>
>    There is no "template"; you just need to tweak event to spawn
more
>    workers if needed, but the default settings should be fine
for small
>    volumes.
>
>    The prefork mpm should really be avoided at this point, as it
spawns
>    a separate process for every single HTTP request.
>
>    On Thu, Sep 14, 2023 at 2:47 PM Jason Long
>     wrote:
>
>        Hello,
>        Thanks again.
>        So, I must remove the "mpm_prefork_module" section. Am I
right?
>
>        Can you show me an Apache configuration template for use with
>        Wordpress?
>
>        When I must use "mpm_prefork_module"?
>
>
>            On Thu, Sep 14, 2023 at 4:24 PM, Frank Gingras
>            mailto:thu...@apache.org>> wrote:
>            500MB of RAM for the httpd processes, yes. The rest
of the
>            RAM will go towards php and MySQL.
>
>            Since wordpress is involved, you'll want to use the event
>            mpm (nor prefork, nor event), proxy_fcgi and php-fpm.
See:
>
> https://cwiki.apache.org/confluence/display/HTTPD/PHP-FPM
>           

>
>
>
>            On Thu, Sep 14, 2023 at 6:21 AM Jason Long
>            mailto:hack3r...@yahoo.com>> wrote:
>
>                Hello,
>                Thank you so much for your reply.
>                Can you tell me more about "It should run well under
>                500MB even with thousands of 

Re: [users@httpd] How do I choose the best settings for the Apache Server?

[Jason Long]

Hello,Thank you so much.Can you share an ideal Apache configuration file? 
Something like a template.


 
 
  On Fri, Sep 15, 2023 at 1:17 AM, Stormy wrote:   On 
2023-09-14 16:01, Jason Long wrote:
> Hello,
> Thanks again.
> How about the other parameters? For example, how can I estimate the best 
> value for "MaxRequestsPerChild", "ThreadsPerChild" and etc.?

What is wrong with the default values? Why do you want to "estimate"? 
Have you tried different values? If so, what was the upside/downside of 
your trials? Logs? Stats?

You say somewhere below that your server "uses WordPress, so it also has 
PHP and MySQL."  Fine, these are services (memory and CPU cycles) 
outside the scope of Apache/httpd which just "serves" what it is given 
to "serve."

As an example, I have just rewritten a quite big (474 Gb) WP website in 
html5 with minimal php and js. Result: client output identical, Apache 
throughput just over 90% lower. YMMV

Good luck,
Paul
> 
> 
>    On Thu, Sep 14, 2023 at 10:27 PM, Frank Gingras
>     wrote:
>    Just comment out the LoadModule line for prefork, and uncomment the
>    line for event.
> 
>    There is no "template"; you just need to tweak event to spawn more
>    workers if needed, but the default settings should be fine for small
>    volumes.
> 
>    The prefork mpm should really be avoided at this point, as it spawns
>    a separate process for every single HTTP request.
> 
>    On Thu, Sep 14, 2023 at 2:47 PM Jason Long
>     wrote:
> 
>        Hello,
>        Thanks again.
>        So, I must remove the "mpm_prefork_module" section. Am I right?
> 
>        Can you show me an Apache configuration template for use with
>        Wordpress?
> 
>        When I must use "mpm_prefork_module"?
> 
> 
>            On Thu, Sep 14, 2023 at 4:24 PM, Frank Gingras
>            mailto:thu...@apache.org>> wrote:
>            500MB of RAM for the httpd processes, yes. The rest of the
>            RAM will go towards php and MySQL.
> 
>            Since wordpress is involved, you'll want to use the event
>            mpm (nor prefork, nor event), proxy_fcgi and php-fpm. See:
> 
>            https://cwiki.apache.org/confluence/display/HTTPD/PHP-FPM
>            
> 
> 
> 
>            On Thu, Sep 14, 2023 at 6:21 AM Jason Long
>            mailto:hack3r...@yahoo.com>> wrote:
> 
>                Hello,
>                Thank you so much for your reply.
>                Can you tell me more about "It should run well under
>                500MB even with thousands of workers."? Do you mean 500
>                MB memory?
> 
>                My server uses WordPress, so it also has PHP and MySQL.
>                What parameters should I change?
> 
>                What is the formula for calculating "mpm_prefork_module"
>                and "mpm_worker_module"
>                parameters?
> 
> 
> 
>                    On Wed, Sep 13, 2023 at 5:00 PM, Francois Gingras
>                                        > wrote:
>                    You'll want to make sure you're using the event mpm,
>                    in any case. It should run well under 500MB even
>                    with thousands of workers.
> 
>                    If php or another dynamic language is involved, then
>                    the answer will depend on what you use. You should
>                    also consider if other services use RAM, such as a
>                    rdbms.
> 
> 
>                    On Wed, Sep 13, 2023 at 8:52 AM Jason Long
>                     wrote:
> 
>                        Hello,
>                        My server has 6 GB RAM and 4 virtual CPUs. I
>                        want to know How can I change the following
>                        settings for better performance?
> 
> 
>                        Timeout 45
>                        KeepAlive On
>                        MaxKeepAliveRequests 100
>                        KeepAliveTimeout 15
> 
>                        
>                              StartServers                 3
>                              MinSpareServers         3
>                              MaxSpareServers        3
>                              ServerLimit                   50
>                              MaxClients                    50
>                              MaxRequestsPerChild  1000
>                        
> 
>                        
>                              StartServers              3
>                              MaxClients                50
>                              MinSpareThreads     3
>                              MaxSpareThreads    3
>                              ThreadsPerChild       25
>                              MaxRequestsPerChild  1000
>                        
> 
> 
>                        I'm thankful if anyone can guide me to choose
>                        the above settings according to my server
>                        

Re: [users@httpd] How do I choose the best settings for the Apache Server?

[Jason Long]

Hello,Thanks again.So, is it better to use the following module?
 StartServers 3 MinSpareThreads 75 MaxSpareThreads 
250ThreadLimit 64ThreadsPerChild 25MaxRequestWorkers 400 MaxConnectionsPerChild 
0 

Do you know of any articles, websites, or something like a cheat sheet for 
quickly setting up Apache?

 
 
  On Fri, Sep 15, 2023 at 1:31 AM, Frank Gingras wrote:   
There are no "best" values, either way; it depends on your traffic pattern.
Use mod_status with ExtendedStatus on, and monitor /server-status to check how 
many idle workers you have, over time.
On Thu, Sep 14, 2023 at 5:45 PM Stormy  wrote:

On 2023-09-14 16:01, Jason Long wrote:
> Hello,
> Thanks again.
> How about the other parameters? For example, how can I estimate the best 
> value for "MaxRequestsPerChild", "ThreadsPerChild" and etc.?

What is wrong with the default values? Why do you want to "estimate"? 
Have you tried different values? If so, what was the upside/downside of 
your trials? Logs? Stats?

You say somewhere below that your server "uses WordPress, so it also has 
PHP and MySQL."  Fine, these are services (memory and CPU cycles) 
outside the scope of Apache/httpd which just "serves" what it is given 
to "serve."

As an example, I have just rewritten a quite big (474 Gb) WP website in 
html5 with minimal php and js. Result: client output identical, Apache 
throughput just over 90% lower. YMMV

Good luck,
Paul
> 
> 
>     On Thu, Sep 14, 2023 at 10:27 PM, Frank Gingras
>      wrote:
>     Just comment out the LoadModule line for prefork, and uncomment the
>     line for event.
> 
>     There is no "template"; you just need to tweak event to spawn more
>     workers if needed, but the default settings should be fine for small
>     volumes.
> 
>     The prefork mpm should really be avoided at this point, as it spawns
>     a separate process for every single HTTP request.
> 
>     On Thu, Sep 14, 2023 at 2:47 PM Jason Long
>      wrote:
> 
>         Hello,
>         Thanks again.
>         So, I must remove the "mpm_prefork_module" section. Am I right?
> 
>         Can you show me an Apache configuration template for use with
>         Wordpress?
> 
>         When I must use "mpm_prefork_module"?
> 
> 
>             On Thu, Sep 14, 2023 at 4:24 PM, Frank Gingras
>             mailto:thu...@apache.org>> wrote:
>             500MB of RAM for the httpd processes, yes. The rest of the
>             RAM will go towards php and MySQL.
> 
>             Since wordpress is involved, you'll want to use the event
>             mpm (nor prefork, nor event), proxy_fcgi and php-fpm. See:
> 
>             https://cwiki.apache.org/confluence/display/HTTPD/PHP-FPM
>             
> 
> 
> 
>             On Thu, Sep 14, 2023 at 6:21 AM Jason Long
>             mailto:hack3r...@yahoo.com>> wrote:
> 
>                 Hello,
>                 Thank you so much for your reply.
>                 Can you tell me more about "It should run well under
>                 500MB even with thousands of workers."? Do you mean 500
>                 MB memory?
> 
>                 My server uses WordPress, so it also has PHP and MySQL.
>                 What parameters should I change?
> 
>                 What is the formula for calculating "mpm_prefork_module"
>                 and "mpm_worker_module"
>                 parameters?
> 
> 
> 
>                     On Wed, Sep 13, 2023 at 5:00 PM, Francois Gingras
>                                          > wrote:
>                     You'll want to make sure you're using the event mpm,
>                     in any case. It should run well under 500MB even
>                     with thousands of workers.
> 
>                     If php or another dynamic language is involved, then
>                     the answer will depend on what you use. You should
>                     also consider if other services use RAM, such as a
>                     rdbms.
> 
> 
>                     On Wed, Sep 13, 2023 at 8:52 AM Jason Long
>                      wrote:
> 
>                         Hello,
>                         My server has 6 GB RAM and 4 virtual CPUs. I
>                         want to know How can I change the following
>                         settings for better performance?
> 
> 
>                         Timeout 45
>                         KeepAlive On
>                         MaxKeepAliveRequests 100
>                         KeepAliveTimeout 15
> 
>                         
>                              StartServers                 3
>                              MinSpareServers         3
>                              MaxSpareServers        3
>                              ServerLimit                   50
>                              MaxClients                    50
>                              MaxRequestsPerChild  1000
>                         
> 
>                         
>