Re: [users@httpd] Help with mod_rewrite

2023-05-09 Thread Marc Serra 
For your information, seems now works adding this rules as the first rules ...

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/(gb|es|ca|fr)/ [NC]
RewriteRule . /  [R,L]



Missatge de Frank Gingras  del dia dj., 20 d’abr.
2023 a les 16:12:
>
> The best way to tackle this complex set of rules is to use your development 
> server, clone the directives, comment out everything and uncomment a few 
> rules at a time.
>
> While you do this, see if you still have a loop (test with curl, not a 
> browser), examine the log entries, and then uncomment another rule. Repeat 
> until the loop appears.
>
> If you have a specific question about one log entry, do ask it.
>
> On Thu, Apr 20, 2023 at 2:18 AM Marc Serra  wrote:
>>
>> Thank's for answer Frank,
>>
>> A simple https://www.domain.tld/gb/ query generates a thousand lines
>> log file (attached). I'm really lost, I dont' know what I'm looking
>> for in the log file.
>>
>>
>>
>> Missatge de Frank Gingras  del dia dc., 19 d’abr.
>> 2023 a les 20:19:
>> >
>> > I would start with the rewrite log in your development environment, if you 
>> > can't change the configuration on the live server.
>> >
>> > I would also look to replace this entire mess with a FallbackResource 
>> > directive.
>> >
>> > On Tue, Apr 18, 2023 at 6:32 AM Marc Serra  wrote:
>> >>
>> >> Hi,
>> >>
>> >> A few weeks ago we renewed our prestashop website.
>> >>
>> >> One of the new features is the support for multiple languages.
>> >>
>> >> A typical home URL are...
>> >> https://www.domain.tld/gb/ for english
>> >> https://www.domain.tld/es/ for spanish
>> >> etc.
>> >>
>> >> A typical product URL are...
>> >> https://www.domain.tld/gb/PRODUCT_CATEGORY_FRIENDLY_URL/PRODUCT_CODE-PRODUCT_URL_FRIENDLY_DESCRIPTION.html
>> >> for english
>> >> https://www.domain.tld/es/PRODUCT_CATEGORY_FRIENDLY_URL/PRODUCT_CODE-PRODUCT_URL_FRIENDLY_DESCRIPTION.html
>> >> for spanish
>> >> etc.
>> >>
>> >> Our old URL wasn't contain the language, for example:
>> >> https://www.domain.tld/.html for home
>> >> https://www.domain.tld/PRODUCT_CATEGORY_FRIENDLY_URL/PRODUCT_CODE-PRODUCT_URL_FRIENDLY_DESCRIPTION.html
>> >> for product
>> >> etc.
>> >>
>> >> I'm trying to save the old URL and move to our default language (gb
>> >> for example).
>> >>
>> >> For start, I added the following two lines at the beginning of the
>> >> htaccess file. I try to redirect any URL not starting with /gb/ to the
>> >> english home page instead of 404 page ...
>> >>
>> >> RewriteCond %{REQUEST_URI} !^/gb/
>> >> RewriteRule ^.*$ /gb/ [L]
>> >>
>> >> # Followed by the prestashop default rules ...
>> >>
>> >> RewriteRule . - [E=REWRITEBASE:/]
>> >> RewriteRule ^api(?:/(.*))?$
>> >> %{ENV:REWRITEBASE}webservice/dispatcher.php?url=$1 [QSA,L]
>> >>
>> >> # Images
>> >> RewriteCond %{HTTP_HOST} ^www.domain.tld$
>> >> RewriteRule ^([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$
>> >> %{ENV:REWRITEBASE}img/p/$1/$1$2$3.jpg [L]
>> >> RewriteCond %{HTTP_HOST} ^www.domain.tld$
>> >> RewriteRule ^([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$
>> >> %{ENV:REWRITEBASE}img/p/$1/$2/$1$2$3$4.jpg [L]
>> >> RewriteCond %{HTTP_HOST} ^www.domain.tld$
>> >> RewriteRule ^([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$
>> >> %{ENV:REWRITEBASE}img/p/$1/$2/$3/$1$2$3$4$5.jpg [L]
>> >> RewriteCond %{HTTP_HOST} ^www.domain.tld$
>> >> RewriteRule 
>> >> ^([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$
>> >> %{ENV:REWRITEBASE}img/p/$1/$2/$3/$4/$1$2$3$4$5$6.jpg [L]
>> >> RewriteCond %{HTTP_HOST} ^www.domain.tld$
>> >> RewriteRule 
>> >> ^([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$
>> >> %{ENV:REWRITEBASE}img/p/$1/$2/$3/$4/$5/$1$2$3$4$5$6$7.jpg [L]
>> >> RewriteCond %{HTTP_HOST} ^www.domain.tld$
>> >> RewriteRule 
>> >> ^([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$
>> >> %{ENV:REWRITEBASE}img/p/$1/$2/$3/$4/$5/$6/$1$2$3$4$5$6$7$8.jpg [L]
>> >> RewriteCond %{HTTP_HOST} ^www.domain.tld$
>>

Re: [users@httpd] Apache VirtualHost Config Tool management

2023-04-27 Thread Marc Serra 
I used ISPConfig for years and it's a great tool!

If you have money for the license or your hosting provider has it for
free, plesk web host edition it's a great option too.


Missatge de Curtis  del dia dj., 27 d’abr. 2023 a les 15:41:
>
> I might also suggest ispconfig
>
> https://ispconfig.org.
>
> Sent from my iPhone
>
> > On Apr 27, 2023, at 8:24 AM, Carlos García Gómez 
> >  wrote:
> >
> > Yes.
> > Something like this but simpler
> >
> > Carlos
> >
> >
> >
> > -Mensaje original-
> > De: Antony Stone 
> > Enviado el: jueves, 27 de abril de 2023 13:03
> > Para: users@httpd.apache.org
> > Asunto: Re: [users@httpd] Apache VirtualHost Config Tool management
> >
> >> On Thursday 27 April 2023 at 12:53:29, Carlos García Gómez wrote:
> >>
> >> I am looking for a tool that makes it easier for me to manage the all
> >> virtual hosts that I have configured.
> >
> > How about http://doxfer.webmin.com/Webmin/Apache_Webserver ?
> >
> >
> > Antony.
> >
> > --
> > I just got a new mobile phone, and I called it Titanic.  It's already 
> > syncing.
> >
> >   Please reply to the list;
> > please *don't* CC 
> > me.
> >
> > -
> > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> > For additional commands, e-mail: users-h...@httpd.apache.org
> >
> >
> >
> > -
> > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> > For additional commands, e-mail: users-h...@httpd.apache.org
> >
>
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>

-- 


   
  
  
  

 Manxa 1876, S.L.
Ctra. Les 
Tries, 85.17800 Olot (Girona)
*Tel. 972 27 45 30 www.manxa.com 
* 

  *Manxa 
Industrial *
 
  *Manxa Ferros *
   *Manxa Ferreteria i Parament de la Llar 
*

  

  



-- 
 

-- 


El contingut d’aquest correu electrònic i els seus annexos és 
estrictament confidencial. En el cas que no siguis el destinatari i hagis 
rebut aquest missatge per error, preguem que ho comuniquis al remitent i 
procedeixis a la seva eliminació, sense difondre, emmagatzemar o copiar el 
seu contingut. Imprimeix aquest correu només si és necessari.

El contenido 
de este correo electrónico y sus anexos es estrictamente confidencial. En 
el caso de que no seas el destinatario y hayas recibido este mensaje por 
error, rogamos lo comuniques al remitente y procedas a su eliminación, sin 
difundir, almacenar o copiar su contenido. Imprimir este correo solo si es 
necesario.

The content of this email and its attachments is strictly 
confidential. If you are not the recipient and you have received this 
message by mistake, please notify the sender and proceed to its 
elimination, without spreading, storing or copying its content. Print this 
email only if necessary.

Le contenu de cet e-mail et de ses pièces jointes 
est strictement confidentiel. Dans le cas où vous n'êtes pas le 
destinataire et avez reçu ce message par erreur, veuillez en informer 
l'expéditeur et procéder à sa suppression, sans diffuser, stocker ou copier 
son contenu. Imprimez cet e-mail uniquement si nécessaire.

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] Help with mod_rewrite

2023-04-18 Thread Marc Serra 
Hi,

A few weeks ago we renewed our prestashop website.

One of the new features is the support for multiple languages.

A typical home URL are...
https://www.domain.tld/gb/ for english
https://www.domain.tld/es/ for spanish
etc.

A typical product URL are...
https://www.domain.tld/gb/PRODUCT_CATEGORY_FRIENDLY_URL/PRODUCT_CODE-PRODUCT_URL_FRIENDLY_DESCRIPTION.html
for english
https://www.domain.tld/es/PRODUCT_CATEGORY_FRIENDLY_URL/PRODUCT_CODE-PRODUCT_URL_FRIENDLY_DESCRIPTION.html
for spanish
etc.

Our old URL wasn't contain the language, for example:
https://www.domain.tld/.html for home
https://www.domain.tld/PRODUCT_CATEGORY_FRIENDLY_URL/PRODUCT_CODE-PRODUCT_URL_FRIENDLY_DESCRIPTION.html
for product
etc.

I'm trying to save the old URL and move to our default language (gb
for example).

For start, I added the following two lines at the beginning of the
htaccess file. I try to redirect any URL not starting with /gb/ to the
english home page instead of 404 page ...

RewriteCond %{REQUEST_URI} !^/gb/
RewriteRule ^.*$ /gb/ [L]

# Followed by the prestashop default rules ...

RewriteRule . - [E=REWRITEBASE:/]
RewriteRule ^api(?:/(.*))?$
%{ENV:REWRITEBASE}webservice/dispatcher.php?url=$1 [QSA,L]

# Images
RewriteCond %{HTTP_HOST} ^www.domain.tld$
RewriteRule ^([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$
%{ENV:REWRITEBASE}img/p/$1/$1$2$3.jpg [L]
RewriteCond %{HTTP_HOST} ^www.domain.tld$
RewriteRule ^([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$
%{ENV:REWRITEBASE}img/p/$1/$2/$1$2$3$4.jpg [L]
RewriteCond %{HTTP_HOST} ^www.domain.tld$
RewriteRule ^([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$
%{ENV:REWRITEBASE}img/p/$1/$2/$3/$1$2$3$4$5.jpg [L]
RewriteCond %{HTTP_HOST} ^www.domain.tld$
RewriteRule ^([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$
%{ENV:REWRITEBASE}img/p/$1/$2/$3/$4/$1$2$3$4$5$6.jpg [L]
RewriteCond %{HTTP_HOST} ^www.domain.tld$
RewriteRule 
^([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$
%{ENV:REWRITEBASE}img/p/$1/$2/$3/$4/$5/$1$2$3$4$5$6$7.jpg [L]
RewriteCond %{HTTP_HOST} ^www.domain.tld$
RewriteRule 
^([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$
%{ENV:REWRITEBASE}img/p/$1/$2/$3/$4/$5/$6/$1$2$3$4$5$6$7$8.jpg [L]
RewriteCond %{HTTP_HOST} ^www.domain.tld$
RewriteRule 
^([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(\-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+\.jpg$
%{ENV:REWRITEBASE}img/p/$1/$2/$3/$4/$5/$6/$7/$1$2$3$4$5$6$7$8$9.jpg
[L]
RewriteCond %{HTTP_HOST} ^www.domain.tld$
RewriteRule ^c/([0-9]+)(\-[\.*_a-zA-Z0-9-]*)(-[0-9]+)?/.+\.jpg$
%{ENV:REWRITEBASE}img/c/$1$2$3.jpg [L]
RewriteCond %{HTTP_HOST} ^www.domain.tld$
RewriteRule ^c/([a-zA-Z_-]+)(-[0-9]+)?/.+\.jpg$
%{ENV:REWRITEBASE}img/c/$1$2.jpg [L]
# AlphaImageLoader for IE and fancybox
RewriteRule ^images_ie/?([^/]+)\.(jpe?g|png|gif)$
js/jquery/plugins/fancybox/images/$1.$2 [L]

# Dispatcher
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^.*$ %{ENV:REWRITEBASE}index.php [NC,L]



But when I visit https://www.domain.tld/sdfsdf/, an internal server
errors appears. In apache error log:

[Tue Apr 18 12:28:43.520237 2023] [core:error] [pid 521174:tid
140459917698624] [client 90.x.x.x:47218] AH00124: Request exceeded the
limit of 10 internal redirects due to probable configuration error.
Use 'LimitInternalRecursion' t
o increase the limit if necessary. Use 'LogLevel debug' to get a backtrace.
[Tue Apr 18 12:28:43.520326 2023] [core:error] [pid 521174:tid
140459917698624] [client 90.x.x.x:47218] AH00124: Request exceeded the
limit of 10 internal redirects due to probable configuration error.
Use 'LimitInternalRecursion' t
o increase the limit if necessary. Use 'LogLevel debug' to get a backtrace.

If I visit https://www.domain.tld/gb/, an internal server errors
appears. In apache error log (the same):

[Tue Apr 18 12:28:03.961530 2023] [core:error] [pid 521174:tid
140460882368064] [client 90.x.x.x:37092] AH00124: Request exceeded the
limit of 10 internal redirects due to probable configuration error.
Use 'LimitInternalRecursion' t
o increase the limit if necessary. Use 'LogLevel debug' to get a backtrace.
[Tue Apr 18 12:28:03.961606 2023] [core:error] [pid 521174:tid
140460882368064] [client 90.x.x.x:37092] AH00124: Request exceeded the
limit of 10 internal redirects due to probable configuration error.
Use 'LimitInternalRecursion' t
o increase the limit if necessary. Use 'LogLevel debug' to get a backtrace.

Can anyone help me?

Thank's

-- 
Marc Serra

-- 


   
  
  
  <https://www.manxa.com>

 Manxa 1876, S.L.
Ctra. Les 
Tries, 85.17800 Olot (Girona)
*Tel. 972 27 45 30 www.manxa.com 
<https://www.manxa.com>* 

 <https://www.manxaindustrial.com> *Manxa 
Industrial <https://www.manxaindustrial.com>*
 
<https://www.manxaferros.com>  *Manxa Ferros <https://www.manxaferros.com>*
 <https://www.manxabricol

[users@httpd] GeoIP module problem

2022-11-11 Thread Marc Serra 
nt-ttf font/otf application/x-font-otf
font/opentype image/svg+xml
   


#If rewrite mod isn't enabled
ErrorDocument 404 /index.php?controller=404

# ~~end~~ Do not remove this comment, Prestashop will keep
automatically the code outside this comment when .htaccess will be
generated again

GeoIPEnable On
SetEnvIf GEOIP_COUNTRY_CODE AD AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE AT AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE BE AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE CH AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE DE AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE DK AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE ES AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE FI AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE FR AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE GB AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE IE AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE IT AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE LU AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE MC AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE NL AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE NO AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE PT AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE SE AllowCountry
SetEnvIf GEOIP_COUNTRY_CODE US AllowCountry
Deny from all
Allow from env=AllowCountry






The page loads, but I see this error on the apache error_log ...

[Fri Nov 11 13:23:06.906754 2022] [access_compat:error] [pid
2668535:tid 140474346104576] [client 90.161.x.x:43760] AH01797: client
denied by server configuration:
/var/www/vhosts/mydomain.tld/httpdocs/index.php
[Fri Nov 11 13:23:07.052376 2022] [access_compat:error] [pid
2668534:tid 140474580969216] [client 90.161.x.x:43776] AH01797: client
denied by server configuration:
/var/www/vhosts/mydomain.tld/httpdocs/index.php

Because I have activated fail2ban, after a few page loads, the IP is
banned and I can't access my site.

After removing the banned IP from fail2ban and If I remove the GeoIP
part of my .htaccess file, no errors are recorded on error_log and the
page loads correctly.

More strange though, if I replace the previous GeoIP config on the
.htaccess file with the following ...


GeoIPEnable On
SetEnvIf GEOIP_COUNTRY_CODE AF DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE AX DenyCountry
# ... 200 lines ... (all countries except the previous ones: AD, AT, BE, ...)
SetEnvIf GEOIP_COUNTRY_CODE ZM DenyCountry
SetEnvIf GEOIP_COUNTRY_CODE ZW DenyCountry
Deny from env=DenyCountry



No errors logged on apache error_log file and page loads correctly.

And yes, it seems the GeoIP module is working. For exemple, If I add
"SetEnvIf GEOIP_COUNTRY_CODE ES DenyCountry" to the .htaccess file
with the latest described setup (more than 200 denied countries), my
IP is instantly blocked (no first load) as expected. And this entries
appears in apache error_log file (as expected too):

[Fri Nov 11 13:40:33.698490 2022] [access_compat:error] [pid
2668535:tid 140474346104576] [client 90.161.x.x:38306] AH01797: client
denied by server configuration:
/var/www/vhosts/mydomain.tld/httpdocs/ca
[Fri Nov 11 13:40:33.860555 2022] [access_compat:error] [pid
2668535:tid 140474713110272] [client 90.161.xx.x:38310] AH01797:
client denied by server configuration:
/var/www/vhosts/mydomain.tld/httpdocs/favicon.ico, referer: https:/
/mydomain.tld/ca/

Any Idea what's happening and how to find more information?

Thank's!

-- 
Marc Serra

-- 


   
  
  
  <https://www.manxa.com>
 Manxa 1876, S.L.
Ctra. Les 
Tries, 85.17800 Olot (Girona)
*Tel. 972 27 45 30 www.manxa.com 
<https://www.manxa.com>* 
 <https://www.manxaindustrial.com> *Manxa 
Industrial <https://www.manxaindustrial.com>*
 
<https://www.manxaferros.com>  *Manxa Ferros <https://www.manxaferros.com>*
 <https://www.manxabricolatge.com>  *Manxa Ferreteria i Parament de la Llar 
<https://www.manxabricolatge.com>*
  

  



-- 


El contingut d’aquest correu electrònic i els seus annexos és 
estrictament confidencial. En el cas que no siguis el destinatari i hagis 
rebut aquest missatge per error, preguem que ho comuniquis al remitent i 
procedeixis a la seva eliminació, sense difondre, emmagatzemar o copiar el 
seu contingut. Imprimeix aquest correu només si és necessari.

El contenido 
de este correo electrónico y sus anexos es estrictamente confidencial. En 
el caso de que no seas el destinatario y hayas recibido este mensaje por 
error, rogamos lo comuniques al remitente y procedas a su eliminación, sin 
difundir, almacenar o copiar su contenido. Imprimir este correo solo si es 
necesario.

The content of this email and its attachments is strictly 
confidential. If you are not the recipient and you have received this 
message by mistake, please notify the sender and proceed to its 
elimination, without spreading, storing or copying its content. Print this 
email only if necessary.

Le contenu de cet e-mail et de ses pièces jointes 
est strictement confidentiel. Dans le cas où vous n'êtes pas le 
destinataire et avez reçu ce message par erreur, veuillez en informer 
l'expéditeur et procé

Re: [users@httpd] Re: Are this option

2022-03-24 Thread Marc Serra 
Please don't spend more time on this until I write another email. I
found sometrhng strange on our PHP code.

Missatge de Marc Serra  del dia dj., 24 de març 2022
a les 12:42:
>
> > Pretty bad numbers actually, aren't you limited by the network
> > bandwidth between ab and the server?
>
> I think it isn't a bandwidth problem. Look ...
>
> wget https://domain.tld/test.zip
> --2022-03-24 12:04:26--  https://domain.tld/test.zip
> Resolving domain.tld (domain.tld)... 82.x.x.x
> Connecting to domain.tld (domain.tld)|82.x.x.x|:443... connected.
> HTTP request sent, awaiting response... 200 OK
> Length: 688466403 (657M) [application/zip]
> Saving to: ‘test.zip’
>
> test.zip
> 100%[===>]
> 656.57M  11.2MB/sin 59s
>
> 2022-03-24 12:05:25 (11.2 MB/s) - ‘test.zip’ saved [688466403/688466403]
>
>
> > What are the numbers from ab when it's running on the server (i.e. ab
> > ... https://localhost/index.html)?
>
> Not good (this test is made from the same server where are hosted
> www.domain.tld) ...
>
> ab -l -H 'Accept-Encoding: gzip,deflate' -k -n 1 -c 1000
> https://www.domain.tld/index.html
> This is ApacheBench, Version 2.3 <$Revision: 1843412 $>
> Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
> Licensed to The Apache Software Foundation, http://www.apache.org/
>
> Benchmarking www.domain.tld (be patient)
> Completed 1000 requests
> Completed 2000 requests
> Completed 3000 requests
> Completed 4000 requests
> Completed 5000 requests
> Completed 6000 requests
> Completed 7000 requests
> Completed 8000 requests
> Completed 9000 requests
> Completed 1 requests
> Finished 1 requests
>
>
> Server Software:Apache
> Server Hostname:www.domain.tld
> Server Port:443
> SSL/TLS Protocol:   TLSv1.2,ECDHE-RSA-AES128-GCM-SHA256,2048,128
> Server Temp Key:X25519 253 bits
> TLS Server Name:www.domain.tld
>
> Document Path:  /index.html
> Document Length:Variable
>
> Concurrency Level:  1000
> Time taken for tests:   262.963 seconds
> Complete requests:  1
> Failed requests:0
> Non-2xx responses:  9582
> Keep-Alive requests:9582
> Total transferred:  57837957 bytes
> HTML transferred:   49816818 bytes
> Requests per second:38.03 [#/sec] (mean)
> Time per request:   26296.304 [ms] (mean)
> Time per request:   26.296 [ms] (mean, across all concurrent requests)
> Transfer rate:  214.79 [Kbytes/sec] received
>
> Connection Times (ms)
>   min  mean[+/-sd] median   max
> Connect:0  292 1179.6  08078
> Processing: 0 24796 6927.5  27341   54249
> Waiting:0 25726 5596.4  27377   54249
> Total:  0 25088 6821.9  27372   54249
>
> Percentage of the requests served within a certain time (ms)
>   50%  27372
>   66%  27532
>   75%  27641
>   80%  27767
>   90%  28015
>   95%  28133
>   98%  31766
>   99%  40137
>  100%  54249 (longest request
>
>
> > The CPU usage looks high (20%) too for the requested load, but that's
> > probably on mod_deflate (and TLS handshakes), how does "-H
> > 'Accept-Encoding: gzip,deflate'" change things?
>
> I tried without the -H option and I got similar results
>
> ab -l -k -n 1 -c 1000 https://www.domain.tld/index.php
> This is ApacheBench, Version 2.3 <$Revision: 1843412 $>
> Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
> Licensed to The Apache Software Foundation, http://www.apache.org/
>
> Benchmarking www.domain.tld (be patient)
> Completed 1000 requests
> Completed 2000 requests
> Completed 3000 requests
> Completed 4000 requests
> Completed 5000 requests
> Completed 6000 requests
> Completed 7000 requests
> Completed 8000 requests
> Completed 9000 requests
> Completed 1 requests
> Finished 1 requests
>
>
> Server Software:Apache
> Server Hostname:www.domain.tld
> Server Port:443
> SSL/TLS Protocol:   TLSv1.2,ECDHE-RSA-AES128-GCM-SHA256,2048,128
> Server Temp Key:X25519 253 bits
> TLS Server Name:www.domain.tld
>
> Document Path:  /index.php
> Document Length:Variable
>
> Concurrency Level:  1000
> Time taken for tests:   325.617 seconds
> Complete requests:  1
> Failed requests:0
> Keep-Alive requests:0
> Total transferred:  157188 bytes
> HTML transferred:   156440 bytes
> Requests per second:30.71 [#/sec] (mean)
> Time per r

Re: [users@httpd] Re: Are this option

2022-03-24 Thread Marc Serra 
> Pretty bad numbers actually, aren't you limited by the network
> bandwidth between ab and the server?

I think it isn't a bandwidth problem. Look ...

wget https://domain.tld/test.zip
--2022-03-24 12:04:26--  https://domain.tld/test.zip
Resolving domain.tld (domain.tld)... 82.x.x.x
Connecting to domain.tld (domain.tld)|82.x.x.x|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 688466403 (657M) [application/zip]
Saving to: ‘test.zip’

test.zip
100%[===>]
656.57M  11.2MB/sin 59s

2022-03-24 12:05:25 (11.2 MB/s) - ‘test.zip’ saved [688466403/688466403]


> What are the numbers from ab when it's running on the server (i.e. ab
> ... https://localhost/index.html)?

Not good (this test is made from the same server where are hosted
www.domain.tld) ...

ab -l -H 'Accept-Encoding: gzip,deflate' -k -n 1 -c 1000
https://www.domain.tld/index.html
This is ApacheBench, Version 2.3 <$Revision: 1843412 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/

Benchmarking www.domain.tld (be patient)
Completed 1000 requests
Completed 2000 requests
Completed 3000 requests
Completed 4000 requests
Completed 5000 requests
Completed 6000 requests
Completed 7000 requests
Completed 8000 requests
Completed 9000 requests
Completed 1 requests
Finished 1 requests


Server Software:Apache
Server Hostname:www.domain.tld
Server Port:443
SSL/TLS Protocol:   TLSv1.2,ECDHE-RSA-AES128-GCM-SHA256,2048,128
Server Temp Key:X25519 253 bits
TLS Server Name:www.domain.tld

Document Path:  /index.html
Document Length:Variable

Concurrency Level:  1000
Time taken for tests:   262.963 seconds
Complete requests:  1
Failed requests:0
Non-2xx responses:  9582
Keep-Alive requests:9582
Total transferred:  57837957 bytes
HTML transferred:   49816818 bytes
Requests per second:38.03 [#/sec] (mean)
Time per request:   26296.304 [ms] (mean)
Time per request:   26.296 [ms] (mean, across all concurrent requests)
Transfer rate:  214.79 [Kbytes/sec] received

Connection Times (ms)
  min  mean[+/-sd] median   max
Connect:0  292 1179.6  08078
Processing: 0 24796 6927.5  27341   54249
Waiting:0 25726 5596.4  27377   54249
Total:  0 25088 6821.9  27372   54249

Percentage of the requests served within a certain time (ms)
  50%  27372
  66%  27532
  75%  27641
  80%  27767
  90%  28015
  95%  28133
  98%  31766
  99%  40137
 100%  54249 (longest request


> The CPU usage looks high (20%) too for the requested load, but that's
> probably on mod_deflate (and TLS handshakes), how does "-H
> 'Accept-Encoding: gzip,deflate'" change things?

I tried without the -H option and I got similar results

ab -l -k -n 1 -c 1000 https://www.domain.tld/index.php
This is ApacheBench, Version 2.3 <$Revision: 1843412 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/

Benchmarking www.domain.tld (be patient)
Completed 1000 requests
Completed 2000 requests
Completed 3000 requests
Completed 4000 requests
Completed 5000 requests
Completed 6000 requests
Completed 7000 requests
Completed 8000 requests
Completed 9000 requests
Completed 1 requests
Finished 1 requests


Server Software:Apache
Server Hostname:www.domain.tld
Server Port:443
SSL/TLS Protocol:   TLSv1.2,ECDHE-RSA-AES128-GCM-SHA256,2048,128
Server Temp Key:X25519 253 bits
TLS Server Name:www.domain.tld

Document Path:  /index.php
Document Length:Variable

Concurrency Level:  1000
Time taken for tests:   325.617 seconds
Complete requests:  1
Failed requests:0
Keep-Alive requests:0
Total transferred:  157188 bytes
HTML transferred:   156440 bytes
Requests per second:30.71 [#/sec] (mean)
Time per request:   32561.691 [ms] (mean)
Time per request:   32.562 [ms] (mean, across all concurrent requests)
Transfer rate:  4714.25 [Kbytes/sec] received

Connection Times (ms)
  min  mean[+/-sd] median   max
Connect:1  177 610.2  23500
Processing:   334 30715 5844.0  32449   48394
Waiting:  218 30593 5846.3  32327   48264
Total:336 30892 5586.1  32456   48396

Percentage of the requests served within a certain time (ms)
  50%  32456
  66%  32616
  75%  32700
  80%  32733
  90%  32833
  95%  32934
  98%  33002
  99%  33033
 100%  48396 (longest request)


> Sorry, more questions than answers, but results on my (poor) laptop look like:

Oh, no! Thank's for all your answers, questions and time!

> Or with a shorter resource (1KB) and 10x more r

Re: [users@httpd] Re: Are this option

2022-03-24 Thread Marc Serra 
Hi again,

I tested the settings with Apache Bench ...

ab -l -H 'Accept-Encoding: gzip,deflate' -k -n 1 -c 1000
https://www.DOMAIN1.TLD/index.html

I'm not sure if the following are good numbers or bad numbers. Can
anyone help me interpret this result please?



This is ApacheBench, Version 2.3 <$Revision: 1843412 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
Licensed to The Apache Software Foundation, http://www.apache.org/

Benchmarking www.DOMAIN1.TLD (be patient)
Completed 1000 requests
Completed 2000 requests
Completed 3000 requests
Completed 4000 requests
Completed 5000 requests
Completed 6000 requests
Completed 7000 requests
Completed 8000 requests
Completed 9000 requests
Completed 1 requests
Finished 1 requests


Server Software:Apache
Server Hostname:www.DOMAIN1.TLD
Server Port:443
SSL/TLS Protocol:   TLSv1.2,ECDHE-RSA-AES128-GCM-SHA256,2048,128
Server Temp Key:X25519 253 bits
TLS Server Name:www.DOMAIN1.TLD

Document Path:  /index.html
Document Length:Variable

Concurrency Level:  1000
Time taken for tests:   318.542 seconds
Complete requests:  1
Failed requests:0
Non-2xx responses:  9572
Keep-Alive requests:9561
Total transferred:  208048597 bytes
HTML transferred:   200026656 bytes
Requests per second:31.39 [#/sec] (mean)
Time per request:   31854.176 [ms] (mean)
Time per request:   31.854 [ms] (mean, across all concurrent requests)
Transfer rate:  637.82 [Kbytes/sec] received

Connection Times (ms)
  min  mean[+/-sd] median   max
Connect:0   67 283.1  02752
Processing:91 30309 7974.2  33159   49480
Waiting:0 31523 5907.8  33184   49478
Total: 91 30376 7926.5  33162   49480

Percentage of the requests served within a certain time (ms)
  50%  33162
  66%  33264
  75%  33324
  80%  33357
  90%  33503
  95%  33578
  98%  33626
  99%  33692
 100%  49480 (longest request





The memory used on the server it's really low ...

free -m
  totalusedfree  shared  buff/cache   available
Mem:  643072752 448 196   61106   60683
Swap:  7629   47625






I remind you of the current settings

StartServers 2
ServerLimit 45
ThreadLimit 100
ThreadsPerChild 100
MinSpareThreads 100
MaxSpareThreads 750
MaxRequestWorkers 1500
MaxConnectionsPerChild 0









 Finally here you have the result of mod_status (very looong)


Apache Server Status for 82.x.x.x (via 82.x.x.x)
Server Version: Apache/2.4.41 (Ubuntu) mod_fcgid/2.3.9 OpenSSL/1.1.1f
Server MPM: event
Server Built: 2022-03-16T16:52:53
Current Time: Thursday, 24-Mar-2022 09:06:54 CET
Restart Time: Thursday, 24-Mar-2022 09:05:13 CET
Parent Server Config. Generation: 1
Parent Server MPM Generation: 0
Server uptime: 1 minute 41 seconds
Server load: 6.17 5.45 3.68
Total accesses: 2932 - Total Traffic: 68.5 MB - Total Duration: 66037674
CPU Usage: u15.82 s2.52 cu.97 cs.21 - 19.3% CPU load
29 requests/sec - 0.7 MB/second - 23.9 kB/request - 22523.1 ms/request
1004 requests currently being processed, 396 idle workers
Slot PID Stopping Connections Threads Async connections
total accepting busy idle writing keep-alive closing
0 245322 no 100 no 100 0 0 0 0
1 247187 no 100 no 100 0 0 0 0
2 245581 no 100 no 100 0 0 0 0
3 245737 no 100 no 100 0 0 0 0
4 245738 no 100 no 100 0 0 0 0
5 245991 no 99 yes 99 1 0 0 0
6 245992 no 100 no 100 0 0 0 0
7 247321 no 100 no 100 0 0 0 0
8 245994 no 100 no 100 0 0 0 0
9 247322 no 100 no 100 0 0 0 0
10 247565 no 0 yes 0 100 0 0 0
11 247566 no 0 yes 0 100 0 0 0
12 247570 no 1 yes 2 98 0 0 0
13 247582 no 3 yes 3 97 0 0 0
Sum 14 0 1003 1004 396 0 0 0









WW_W

Re: [users@httpd] Re: Are this option

2022-03-18 Thread Marc Serra 
Thank you very much Yann,

The workload will be static HTML files.

The site typically has 1.000 visits per hour, but some days it has a
sudden demand of 10.000 unique visitors in a matter of seconds.

We start with your values and check periodically with mod_status.

Thank's again

Missatge de Yann Ylavic  del dia dv., 18 de març
2022 a les 11:19:


>
> On Fri, Mar 18, 2022 at 8:27 AM Marc Serra  wrote:
> >
> > Thank's for your comments Frank,
> >
> > Reading the Apache documentation
> > (https://httpd.apache.org/docs/2.4/en/mod/mpm_common.html#threadlimit)
> > I cannot find the way to calculate an optimal value for ThreadLimit
> > and ThreadsPerChild directives for that reason I kept the default
> > values (64 and 25).
> >
> > Can you (or anyone) help me to find the right values?
>
> This script might help for an MPM event configuration based on
> MaxRequestWorkers:
> ```
> #!/bin/bash
>
> if [ $# -lt 1 ]; then
> echo>&2 "usage: `basename $0` "
> exit 1
> fi
>
> # Some pre-computations
> numWorkers=$1
> if [ $numWorkers -lt 1000 ]; then
> numProcesses=10
> elif [ $numWorkers -lt 1 ]; then
> numProcesses=$(($numWorkers / 100))
> else
> numProcesses=100
> fi
> numThreads=$(($numWorkers / $numProcesses))
>
> cat < # MPM event settings
> StartServers 1
> ServerLimit  $(($numProcesses * 3))
> ThreadLimit  $numThreads
> ThreadsPerChild  $numThreads
> MinSpareThreads  $numThreads
> MaxSpareThreads  $(($numWorkers / 2))
> MaxRequestWorkers$numWorkers
> #ThreadStackSize 524288
> MaxConnectionsPerChild   0
> EOF
> ```
>
> For a MaxRequestWorkers of 1500, it gives:
> # MPM event settings
> StartServers 1
> ServerLimit  45
> ThreadLimit  100
> ThreadsPerChild  100
> MinSpareThreads  100
> MaxSpareThreads  750
> MaxRequestWorkers1500
> #ThreadStackSize 524288
> MaxConnectionsPerChild   0
>
> But you didn't describe your workload: static resources, dynamic
> content (local with mod_cgid or offloaded with mod_proxy_fcgi),
> proxying (HTTP, websocket), etc.
> Since your system looks quite capable (RAM/CPU), the limit for
> MaxRequestWorkers depends mainly on the average request time (bounded
> by timeouts) which you probably should measure for your workload.
>
>
> Regards;
> Yann.
>
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>

-- 
Marc Serra

-- 


   
  
  
  <https://www.manxa.com>
 Manxa 1876, S.L.
Ctra. Les 
Tries, 85.17800 Olot (Girona)
*Tel. 972 27 45 30 www.manxa.com 
<https://www.manxa.com>* 
 <https://www.manxaindustrial.com> *Manxa 
Industrial <https://www.manxaindustrial.com>*
 
<https://www.manxaferros.com>  *Manxa Ferros <https://www.manxaferros.com>*
 <https://www.manxabricolatge.com>  *Manxa Ferreteria i Parament de la Llar 
<https://www.manxabricolatge.com>*
  

  



-- 


El contingut d’aquest correu electrònic i els seus annexos és 
estrictament confidencial. En el cas que no siguis el destinatari i hagis 
rebut aquest missatge per error, preguem que ho comuniquis al remitent i 
procedeixis a la seva eliminació, sense difondre, emmagatzemar o copiar el 
seu contingut. Imprimeix aquest correu només si és necessari.

El contenido 
de este correo electrónico y sus anexos es estrictamente confidencial. En 
el caso de que no seas el destinatario y hayas recibido este mensaje por 
error, rogamos lo comuniques al remitente y procedas a su eliminación, sin 
difundir, almacenar o copiar su contenido. Imprimir este correo solo si es 
necesario.

The content of this email and its attachments is strictly 
confidential. If you are not the recipient and you have received this 
message by mistake, please notify the sender and proceed to its 
elimination, without spreading, storing or copying its content. Print this 
email only if necessary.

Le contenu de cet e-mail et de ses pièces jointes 
est strictement confidentiel. Dans le cas où vous n'êtes pas le 
destinataire et avez reçu ce message par erreur, veuillez en informer 
l'expéditeur et procéder à sa suppression, sans diffuser, stocker ou copier 
son contenu. Imprimez cet e-mail uniquement si nécessaire.

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] Re: Are this option

2022-03-18 Thread Marc Serra 
Thank's for your comments Frank,

Reading the Apache documentation
(https://httpd.apache.org/docs/2.4/en/mod/mpm_common.html#threadlimit)
I cannot find the way to calculate an optimal value for ThreadLimit
and ThreadsPerChild directives for that reason I kept the default
values (64 and 25).

Can you (or anyone) help me to find the right values?



Missatge de Frank Gingras  del dia dj., 17 de març
2022 a les 17:19:
>
> Those settings could fit your workload, or not. You need to measure it with 
> /server-status to see how many idle workers you have.
>
> That being said, ThreadsPerChild seems very low. Depending on your content, 
> you could likely ramp up to a much higher value, which means that you would 
> need less parent processes.
>
>
>
> On Wed, 16 Mar 2022 at 08:14, Marc Serra  wrote:
>>
>> I'm sorry to insist ... if this list is not the right place to ask that 
>> question, could anyone tell me where to do it?
>>
>> Thank's
>>
>> Missatge de Marc Serra  del dia dc., 9 de març 2022 a les 
>> 18:01:
>>>
>>> Hi, I want to configure an apache server to support a high load site. Are 
>>> these settings correct?
>>>
>>> /etc/apache2/mods-enabled/mpm_event.conf
>>>
>>> 
>>> StartServers 2
>>> MinSpareThreads  75
>>> MaxSpareThreads  250
>>> ThreadLimit  64
>>> ThreadsPerChild  25
>>> MaxRequestWorkers 1500
>>> MaxConnectionsPerChild   0
>>> ServerLimit 75
>>> 
>>>
>>> I used a combination of 
>>> https://httpd.apache.org/docs/2.4/en/mod/mpm_common.html and 
>>> https://support.plesk.com/hc/en-us/articles/214529205-Apache-keeps-going-down-on-a-Plesk-server-server-reached-MaxRequestWorkers-setting
>>>  ...
>>>
>>> MaxRequestWorkers = (Total RAM - Memory used for Linux, DB, etc.) / average 
>>> Apache process size
>>> =>
>>> 1500 = (64000 - 6) / 40
>>>
>>> The default ServerLimit value is 16. To increase it, you must also raise 
>>> MaxRequestWorkers using the following formula: ServerLimit value x 25 = 
>>> MaxRequestWorkers value. For example, if ServerLimit is set to 20, then 
>>> MaxRequestWorkers will be 20 x 25 = 500.
>>> =>
>>> 75 x 25 = 1500
>>>
>>>
>>>
>>> The hardware includes 64GB of memory, AMD Ryzen 7 PRO 3700 8-Core Processor 
>>> and NVME disks.
>>>
>>> I'm using Apache 2.4.41 with event MPM on ubuntu 20.04 ...
>>>
>>> Server version: Apache/2.4.41 (Ubuntu)
>>> Server built:   2022-01-05T14:49:56
>>> Server's Module Magic Number: 20120211:88
>>> Server loaded:  APR 1.6.5, APR-UTIL 1.6.1
>>> Compiled using: APR 1.6.5, APR-UTIL 1.6.1
>>> Architecture:   64-bit
>>> Server MPM: event
>>>   threaded: yes (fixed thread count)
>>> forked: yes (variable process count)
>>> Server compiled with
>>>  -D APR_HAS_SENDFILE
>>>  -D APR_HAS_MMAP
>>>  -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
>>>  -D APR_USE_SYSVSEM_SERIALIZE
>>>  -D APR_USE_PTHREAD_SERIALIZE
>>>  -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
>>>  -D APR_HAS_OTHER_CHILD
>>>  -D AP_HAVE_RELIABLE_PIPED_LOGS
>>>  -D DYNAMIC_MODULE_LIMIT=256
>>>  -D HTTPD_ROOT="/etc/apache2"
>>>  -D SUEXEC_BIN="/usr/lib/apache2/suexec"
>>>  -D DEFAULT_PIDLOG="/var/run/apache2.pid"
>>>  -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
>>>  -D DEFAULT_ERRORLOG="logs/error_log"
>>>  -D AP_TYPES_CONFIG_FILE="mime.types"
>>>  -D SERVER_CONFIG_FILE="apache2.conf"
>>>
>>> And this loaded Modules...
>>>  core_module (static)
>>>  so_module (static)
>>>  watchdog_module (static)
>>>  http_module (static)
>>>  log_config_module (static)
>>>  logio_module (static)
>>>  version_module (static)
>>>  unixd_module (static)
>>>  access_compat_module (shared)
>>>  aclr_module (shared)
>>>  actions_module (shared)
>>>  alias_module (shared)
>>>  auth_basic_module (shared)
>>>  authn_core_module (shared)
>>>  authn_file_module (shared)
>>>  authz_core_module (shared)
>>>  authz_host_module (shared)
>>>  authz_user_module (shared)
>>>  autoindex_module (shared)
>>>  cgid_module (shared)

[users@httpd] Re: Are this option

2022-03-16 Thread Marc Serra 
I'm sorry to insist ... if this list is not the right place to ask that
question, could anyone tell me where to do it?

Thank's

Missatge de Marc Serra  del dia dc., 9 de març 2022 a les
18:01:

> Hi, I want to configure an apache server to support a high load site. Are
> these settings correct?
>
> /etc/apache2/mods-enabled/mpm_event.conf
>
> 
> StartServers 2
> MinSpareThreads  75
> MaxSpareThreads  250
> ThreadLimit  64
> ThreadsPerChild  25
> MaxRequestWorkers 1500
> MaxConnectionsPerChild   0
> ServerLimit 75
> 
>
> I used a combination of
> https://httpd.apache.org/docs/2.4/en/mod/mpm_common.html and
> https://support.plesk.com/hc/en-us/articles/214529205-Apache-keeps-going-down-on-a-Plesk-server-server-reached-MaxRequestWorkers-setting
> ...
>
> MaxRequestWorkers = (Total RAM - Memory used for Linux, DB, etc.) /
> average Apache process size
> =>
> 1500 = (64000 - 6) / 40
>
> The default ServerLimit value is 16. To increase it, you must also raise
> MaxRequestWorkers using the following formula: ServerLimit value x 25 =
> MaxRequestWorkers value. For example, if ServerLimit is set to 20, then
> MaxRequestWorkers will be 20 x 25 = 500.
> =>
> 75 x 25 = 1500
>
>
>
> The hardware includes 64GB of memory, AMD Ryzen 7 PRO 3700 8-Core
> Processor and NVME disks.
>
> I'm using Apache 2.4.41 with event MPM on ubuntu 20.04 ...
>
> Server version: Apache/2.4.41 (Ubuntu)
> Server built:   2022-01-05T14:49:56
> Server's Module Magic Number: 20120211:88
> Server loaded:  APR 1.6.5, APR-UTIL 1.6.1
> Compiled using: APR 1.6.5, APR-UTIL 1.6.1
> Architecture:   64-bit
> Server MPM: event
>   threaded: yes (fixed thread count)
> forked: yes (variable process count)
> Server compiled with
>  -D APR_HAS_SENDFILE
>  -D APR_HAS_MMAP
>  -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
>  -D APR_USE_SYSVSEM_SERIALIZE
>  -D APR_USE_PTHREAD_SERIALIZE
>  -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
>  -D APR_HAS_OTHER_CHILD
>  -D AP_HAVE_RELIABLE_PIPED_LOGS
>  -D DYNAMIC_MODULE_LIMIT=256
>  -D HTTPD_ROOT="/etc/apache2"
>  -D SUEXEC_BIN="/usr/lib/apache2/suexec"
>  -D DEFAULT_PIDLOG="/var/run/apache2.pid"
>  -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
>  -D DEFAULT_ERRORLOG="logs/error_log"
>  -D AP_TYPES_CONFIG_FILE="mime.types"
>  -D SERVER_CONFIG_FILE="apache2.conf"
>
> And this loaded Modules...
>  core_module (static)
>  so_module (static)
>  watchdog_module (static)
>  http_module (static)
>  log_config_module (static)
>  logio_module (static)
>  version_module (static)
>  unixd_module (static)
>  access_compat_module (shared)
>  aclr_module (shared)
>  actions_module (shared)
>  alias_module (shared)
>  auth_basic_module (shared)
>  authn_core_module (shared)
>  authn_file_module (shared)
>  authz_core_module (shared)
>  authz_host_module (shared)
>  authz_user_module (shared)
>  autoindex_module (shared)
>  cgid_module (shared)
>  deflate_module (shared)
>  dir_module (shared)
>  env_module (shared)
>  fcgid_module (shared)
>  filter_module (shared)
>  headers_module (shared)
>  include_module (shared)
>  mime_module (shared)
>  mpm_event_module (shared)
>  negotiation_module (shared)
>  proxy_module (shared)
>  proxy_fcgi_module (shared)
>  proxy_http_module (shared)
>  proxy_wstunnel_module (shared)
>  remoteip_module (shared)
>  reqtimeout_module (shared)
>  rewrite_module (shared)
>  setenvif_module (shared)
>  socache_shmcb_module (shared)
>  ssl_module (shared)
>  status_module (shared)
>  suexec_module (shared)
>  unique_id_module (shared)
>  userdir_module (shared)
>
>
> Thank's for your time.
>
>

-- 
Marc Serra
Organització i Sistemes

-- 


   
  
  
  <https://www.manxa.com>
 Manxa 1876, S.L.
Ctra. Les 
Tries, 85.17800 Olot (Girona)
*Tel. 972 27 45 30 www.manxa.com 
<https://www.manxa.com>* 
 <https://www.manxaindustrial.com> *Manxa 
Industrial <https://www.manxaindustrial.com>*
 
<https://www.manxaferros.com>  *Manxa Ferros <https://www.manxaferros.com>*
 <https://www.manxabricolatge.com>  *Manxa Ferreteria i Parament de la Llar 
<https://www.manxabricolatge.com>*
  

  



-- 


El contingut d’aquest correu electrònic i els seus annexos és 
estrictament confidencial. En el cas que no siguis el destinatari i hagis 
rebut aquest missatge per error, preguem que ho comuniquis al remitent i 
procedeixis a la seva eliminació, sense difondre, emmagatzemar o copia

Re: [users@httpd] mod_evasive [OT?]

2022-03-10 Thread Marc Serra 
Hi Darryl,

Take a look at mod_security: https://github.com/SpiderLabs/ModSecurity

Not perfect for fending off DoS attacks, but provides a rate-limit option:
https://stackoverflow.com/questions/26409546/protecting-against-ddos-attacks-is-mod-security-and-the-owasp-rule-set-adequate

Missatge de Darryl Philip Baker  del dia
dj., 10 de març 2022 a les 16:35:

> I am trying to upgrade our webservers from RHEL7 to RHEL8. One third party
> module we use is mod_evasive. Searching for information I find that in 2020
> it was in the EPEL repository for RHEL8/CentOS8 but it is no longer there.
> I have no problem building it from source if necessary. Where can I find
> the current source for it? Is there another module that is better for
> fending off DoS and DDoS attacks?
>
>
>
> *Darryl Baker, *GSEC, GCLD  (he/him/his)
>
> Sr. System Administrator
>
> Distributed Application Platform Services
>
> *Northwestern University*
>
> 4th Floor
>
> 2020 Ridge Avenue
>
> Evanston, IL  60208-0801
>
> *darryl.ba...@northwestern.edu *
>
> (847) 467-6674 <+18474676674>
>
>
>


-- 
Marc Serra
Organització i Sistemes

-- 


   
  
  
  <https://www.manxa.com>
 Manxa 1876, S.L.
Ctra. Les 
Tries, 85.17800 Olot (Girona)
*Tel. 972 27 45 30 www.manxa.com 
<https://www.manxa.com>* 
 <https://www.manxaindustrial.com> *Manxa 
Industrial <https://www.manxaindustrial.com>*
 
<https://www.manxaferros.com>  *Manxa Ferros <https://www.manxaferros.com>*
 <https://www.manxabricolatge.com>  *Manxa Ferreteria i Parament de la Llar 
<https://www.manxabricolatge.com>*
  

  



-- 


El contingut d’aquest correu electrònic i els seus annexos és 
estrictament confidencial. En el cas que no siguis el destinatari i hagis 
rebut aquest missatge per error, preguem que ho comuniquis al remitent i 
procedeixis a la seva eliminació, sense difondre, emmagatzemar o copiar el 
seu contingut. Imprimeix aquest correu només si és necessari.

El contenido 
de este correo electrónico y sus anexos es estrictamente confidencial. En 
el caso de que no seas el destinatario y hayas recibido este mensaje por 
error, rogamos lo comuniques al remitente y procedas a su eliminación, sin 
difundir, almacenar o copiar su contenido. Imprimir este correo solo si es 
necesario.

The content of this email and its attachments is strictly 
confidential. If you are not the recipient and you have received this 
message by mistake, please notify the sender and proceed to its 
elimination, without spreading, storing or copying its content. Print this 
email only if necessary.

Le contenu de cet e-mail et de ses pièces jointes 
est strictement confidentiel. Dans le cas où vous n'êtes pas le 
destinataire et avez reçu ce message par erreur, veuillez en informer 
l'expéditeur et procéder à sa suppression, sans diffuser, stocker ou copier 
son contenu. Imprimez cet e-mail uniquement si nécessaire.

[users@httpd] Are this option

2022-03-09 Thread Marc Serra 
Hi, I want to configure an apache server to support a high load site. Are
these settings correct?

/etc/apache2/mods-enabled/mpm_event.conf


StartServers 2
MinSpareThreads  75
MaxSpareThreads  250
ThreadLimit  64
ThreadsPerChild  25
MaxRequestWorkers 1500
MaxConnectionsPerChild   0
ServerLimit 75


I used a combination of
https://httpd.apache.org/docs/2.4/en/mod/mpm_common.html and
https://support.plesk.com/hc/en-us/articles/214529205-Apache-keeps-going-down-on-a-Plesk-server-server-reached-MaxRequestWorkers-setting
...

MaxRequestWorkers = (Total RAM - Memory used for Linux, DB, etc.) / average
Apache process size
=>
1500 = (64000 - 6) / 40

The default ServerLimit value is 16. To increase it, you must also raise
MaxRequestWorkers using the following formula: ServerLimit value x 25 =
MaxRequestWorkers value. For example, if ServerLimit is set to 20, then
MaxRequestWorkers will be 20 x 25 = 500.
=>
75 x 25 = 1500



The hardware includes 64GB of memory, AMD Ryzen 7 PRO 3700 8-Core Processor
and NVME disks.

I'm using Apache 2.4.41 with event MPM on ubuntu 20.04 ...

Server version: Apache/2.4.41 (Ubuntu)
Server built:   2022-01-05T14:49:56
Server's Module Magic Number: 20120211:88
Server loaded:  APR 1.6.5, APR-UTIL 1.6.1
Compiled using: APR 1.6.5, APR-UTIL 1.6.1
Architecture:   64-bit
Server MPM: event
  threaded: yes (fixed thread count)
forked: yes (variable process count)
Server compiled with
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=256
 -D HTTPD_ROOT="/etc/apache2"
 -D SUEXEC_BIN="/usr/lib/apache2/suexec"
 -D DEFAULT_PIDLOG="/var/run/apache2.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="mime.types"
 -D SERVER_CONFIG_FILE="apache2.conf"

And this loaded Modules...
 core_module (static)
 so_module (static)
 watchdog_module (static)
 http_module (static)
 log_config_module (static)
 logio_module (static)
 version_module (static)
 unixd_module (static)
 access_compat_module (shared)
 aclr_module (shared)
 actions_module (shared)
 alias_module (shared)
 auth_basic_module (shared)
 authn_core_module (shared)
 authn_file_module (shared)
 authz_core_module (shared)
 authz_host_module (shared)
 authz_user_module (shared)
 autoindex_module (shared)
 cgid_module (shared)
 deflate_module (shared)
 dir_module (shared)
 env_module (shared)
 fcgid_module (shared)
 filter_module (shared)
 headers_module (shared)
 include_module (shared)
 mime_module (shared)
 mpm_event_module (shared)
 negotiation_module (shared)
 proxy_module (shared)
 proxy_fcgi_module (shared)
 proxy_http_module (shared)
 proxy_wstunnel_module (shared)
 remoteip_module (shared)
 reqtimeout_module (shared)
 rewrite_module (shared)
 setenvif_module (shared)
 socache_shmcb_module (shared)
 ssl_module (shared)
 status_module (shared)
 suexec_module (shared)
 unique_id_module (shared)
 userdir_module (shared)


Thank's for your time.

-- 


   
  
  
  
 Manxa 1876, S.L.
Ctra. Les 
Tries, 85.17800 Olot (Girona)
*Tel. 972 27 45 30 www.manxa.com 
* 
  *Manxa 
Industrial *
 
  *Manxa Ferros *
   *Manxa Ferreteria i Parament de la Llar 
*
  

  



-- 


El contingut d’aquest correu electrònic i els seus annexos és 
estrictament confidencial. En el cas que no siguis el destinatari i hagis 
rebut aquest missatge per error, preguem que ho comuniquis al remitent i 
procedeixis a la seva eliminació, sense difondre, emmagatzemar o copiar el 
seu contingut. Imprimeix aquest correu només si és necessari.

El contenido 
de este correo electrónico y sus anexos es estrictamente confidencial. En 
el caso de que no seas el destinatario y hayas recibido este mensaje por 
error, rogamos lo comuniques al remitente y procedas a su eliminación, sin 
difundir, almacenar o copiar su contenido. Imprimir este correo solo si es 
necesario.

The content of this email and its attachments is strictly 
confidential. If you are not the recipient and you have received this 
message by mistake, please notify the sender and proceed to its 
elimination, without spreading, storing or copying its content. Print this 
email only if necessary.

Le contenu de cet e-mail et de ses pièces jointes 
est strictement confidentiel. Dans le cas où vous n'êtes pas le 
destinataire et avez reçu ce message par erreur, veuillez en informer 
l'expéditeur et procéder à sa suppression, sans diffuser, stocker

Re: [users@httpd] Issues with accessing web page using DNS URL

2021-08-18 Thread Marc Serra 
If you ping (or dig, or nslookup, or ...) your www.mywebpage.com (the noip
name) from outside your home is resolved to you public IP address?

I think it's not an apache related issue.



El dc., 18 d’ag. 2021, 20:41,  va escriure:

> I set up my router to port forward. I was using NOIP with my previous ISP
> because the IP address was changing. With my new ISP I don't have that
> problem. My goal is to use something like "www.mywebpage.com" to access my
> home server instead of using my actual IP. I am thinking about having a
> place for family to see pictures and videos I have of my kids. I am also
> wanting to have my own cloud server for files and media. I am under the
> impression that to have my own domain name I would need to do that through
> NOIP. Is there another way to have name address resolution without NoIp?
> -Original Message- From: Richard Sent: Wednesday, August 18, 2021
> 1:19 PM To: users@httpd.apache.org Subject: Re: [users@httpd] Issues with
> accessing web page using DNS URL > Date: Wednesday, August 18, 2021
> 12:48:36
> -0500 > From: wendellkb...@gmail.com > > I am wondering if anyone has any
> idea as to what could be happening to > prevent me from using the URL I
> have
> set up with No-IP. > > Particulars: > > 1. I have a static IP > 2. I setup
> NOIP to send port 80 traffic to port 8080 > > I can use the internal IP
> address on my home network and bring up my > web page. I can input the
> static IP of my router and access my web > page. If I use the web address
> URL I set up with No-Ip it just times > out. Does anyone have any ideas why
> this is the case? > Not a lot of detail to work from ... Are you using NAT
> for your network behind the router? If so, are you port-forwarding the
> necessary port(s) to the target machine's internal/lan IPnumber?
> Separately,
> if you have a static (public) IPnumber why not set up DNS rather than using
> "no-ip", which is intended for cases where you *don't* have a static
> IPnumber.
> - To
> unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional
> commands, e-mail: users-h...@httpd.apache.org Scanned by McAfee and
> confirmed virus-free. Find out more here: https://bit.ly/2zCJMrO
>
>
>
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>

-- 


   
  
  
  
 Manxa 1876, S.L.
Ctra. Les 
Tries, 85.17800 Olot (Girona)
*Tel. 972 27 45 30 www.manxa.com 
* 
  *Manxa 
Industrial *
 
  *Manxa Ferros *
   *Manxa Ferreteria i Parament de la Llar 
*
  

  



-- 


El contingut d’aquest correu electrònic i els seus annexos és 
estrictament confidencial. En el cas que no siguis el destinatari i hagis 
rebut aquest missatge per error, preguem que ho comuniquis al remitent i 
procedeixis a la seva eliminació, sense difondre, emmagatzemar o copiar el 
seu contingut. Imprimeix aquest correu només si és necessari.

El contenido 
de este correo electrónico y sus anexos es estrictamente confidencial. En 
el caso de que no seas el destinatario y hayas recibido este mensaje por 
error, rogamos lo comuniques al remitente y procedas a su eliminación, sin 
difundir, almacenar o copiar su contenido. Imprimir este correo solo si es 
necesario.

The content of this email and its attachments is strictly 
confidential. If you are not the recipient and you have received this 
message by mistake, please notify the sender and proceed to its 
elimination, without spreading, storing or copying its content. Print this 
email only if necessary.

Le contenu de cet e-mail et de ses pièces jointes 
est strictement confidentiel. Dans le cas où vous n'êtes pas le 
destinataire et avez reçu ce message par erreur, veuillez en informer 
l'expéditeur et procéder à sa suppression, sans diffuser, stocker ou copier 
son contenu. Imprimez cet e-mail uniquement si nécessaire.

Re: [users@httpd] Can't get the list of loaded modules with apache2 -M

2021-07-26 Thread Marc Serra 
Try to source your envvars by running it like this

source /etc/apache2/envvars

and then

/usr/sbin/apache2 -M

El dl., 26 de jul. 2021, 19:18, Andrea Croci  va
escriure:

> Hi, I have Apache 2.4.48 installed in Ubuntu 20.04 by adding the
> ondrej-ppa. When I do
>
> sudo apache2 -M
>
> (and other apache2 commands as well) I get
>
> [Mon Jul 26 19:03:15.930435 2021] [core:warn] [pid 10739] AH00111: Config
> variable ${APACHE_RUN_DIR} is not defined
> apache2: Syntax error on line 82 of /etc/apache2/apache2.conf:
> DefaultRuntimeDir must be a valid directory, absolute or relative to
> ServerRoot
>
> The envvars file does define those variables and I didn't touch it from
> installation. The only thing I did is to add to the apache2.conf file a
> global ServerName directive, because it was complaining by reloading that
> it couldn't find the fully qualified domain name.
>
> Now it reloads and restarts fine, but I get that error. The error log only
> shows my restarts and reloads, nothing else. I didn't find anything useful
> on the net. How could I go about troubleshooting this?
>
> Thanks,
>
> Andrea
>

-- 


   
  
  
  
 Manxa 1876, S.L.
Ctra. Les 
Tries, 85.17800 Olot (Girona)
*Tel. 972 27 45 30 www.manxa.com 
* 
  *Manxa 
Industrial *
 
  *Manxa Ferros *
   *Manxa Ferreteria i Parament de la Llar 
*
  

  



-- 


El contingut d’aquest correu electrònic i els seus annexos és 
estrictament confidencial. En el cas que no siguis el destinatari i hagis 
rebut aquest missatge per error, preguem que ho comuniquis al remitent i 
procedeixis a la seva eliminació, sense difondre, emmagatzemar o copiar el 
seu contingut. Imprimeix aquest correu només si és necessari.

El contenido 
de este correo electrónico y sus anexos es estrictamente confidencial. En 
el caso de que no seas el destinatario y hayas recibido este mensaje por 
error, rogamos lo comuniques al remitente y procedas a su eliminación, sin 
difundir, almacenar o copiar su contenido. Imprimir este correo solo si es 
necesario.

The content of this email and its attachments is strictly 
confidential. If you are not the recipient and you have received this 
message by mistake, please notify the sender and proceed to its 
elimination, without spreading, storing or copying its content. Print this 
email only if necessary.

Le contenu de cet e-mail et de ses pièces jointes 
est strictement confidentiel. Dans le cas où vous n'êtes pas le 
destinataire et avez reçu ce message par erreur, veuillez en informer 
l'expéditeur et procéder à sa suppression, sans diffuser, stocker ou copier 
son contenu. Imprimez cet e-mail uniquement si nécessaire.

Re: [users@httpd] blacklisting

2021-06-17 Thread Marc Serra 
We are using a border firewall too. This firewall includes an option to
auto update "list of bad IP" from a proprietary database.

Also you can use a public bad IP list, for example:
https://feodotracker.abuse.ch/blocklist/ or
https://github.com/mlsecproject/combine/wiki/Threat-Intelligence-Feeds-Gathered-by-Combine,
and create a crontab script to parse this list and update your .htaccess
file

Missatge de Jim Albert  del dia dj., 17 de juny 2021 a
les 3:30:

> On 6/16/2021 9:05 PM, Will Fatherley wrote:
> > Hi All,
> >
> > I have been using A2 for a few years now, but I've not really needed
> > to implement any deny/black-listing because I simply have no
> > meaningful security/traffic constraints. In moving forward with
> > development on top of A2 which does have security implications, I'm
> > hoping it might be possible that folks might be willing to share how
> > they store blocked remote addresses. For instance, are relational
> > datastores and other such objects typically required at the enterprise
> > level to store blocked addresses? Or is a plaintext file suitable from
> > an efficiency standpoint?
> >
> > Best,
> > Will F
>
> I find it easiest to implement blocks at the border firewall especially
> if I'm implementing a stored list of known attack IP addresses. At the
> border firewall I can easily block a set of IP addresses from the WAN to
> all my resources... httpd and others.
>
> Within Apache there are a variety of examples of what you can do at:
> https://httpd.apache.org/docs/2.4/howto/access.html
>
> I'm sure others can add to this advice from their own experiences.
>
> Jim
>
>
> -----
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>

-- 
Marc Serra
Organització i Sistemes

-- 

   
  


 
  

  
  
  
 
 Manxa 1876, S.L.
Ctra. Les Tries, 
85.17800 Olot (Girona)
*Tel. 972 27 45 30 www.manxa.com 
<https://www.manxa.com>* 
_ *Manxa Industrial 
<https://www.manxaindustrial.com>*
_ *Manxa Ferros 
<https://www.manxaferros.com>*
_ *Manxa Ferreteria i Parament de la Llar 
<https://www.manxabricolatge.com>*___
  

  




-- 

Manxa 
1876, S.L. *
Ctra. 
Les Tries, 85. 17800 Olot (Girona)**Tel. 972 27 
45 30 Fax 972 27 45 32*


* Manxa Industrial | *Coneix
més aquí 
<http://www.manxaindustrial.com>



* Manxa Ferros | *Coneix
més aquí 
<http://www.manxaferros.com/>



* Manxa Ferreteria i Parament de la Llar | 
*Coneix
més aquí <https://www.manxabricolatge.com>


**

-- 


El contingut d’aquest correu electrònic i els seus annexos és 
estrictament confidencial. En el cas que no siguis el destinatari i hagis 
rebut aquest missatge per error, preguem que ho comuniquis al remitent i 
procedeixis a la seva eliminació, sense difondre, emmagatzemar o copiar el 
seu contingut. Imprimeix aquest correu només si és necessari.

El contenido 
de este correo electrónico y sus anexos es estrictamente confidencial. En 
el caso de que no seas el destinatario y hayas recibido este mensaje por 
error, rogamos lo comuniques al remitente y procedas a su eliminación, sin 
difundir, almacenar o copiar su contenido. Imprimir este correo solo si es 
necesario.

The content of this email and its attachments is strictly 
confidential. If you are not the recipient and you have received this 
message by mistake, please notify the sender and proceed to its 
elimination, without spreading, storing or copying its content. Print this 
email only if necessary.

Le contenu de cet e-mail et de ses pièces jointes 
est strictement confidentiel. Dans le cas où vous n'êtes pas le 
destinataire et avez reçu ce message par erreur, veuillez en informer 
l'expéditeur et procéder à sa suppression, sans diffuser, stocker ou copier 
son contenu. Imprimez cet e-mail uniquement si nécessaire.

Re: [users@httpd] Improve memory use [EXT]

2021-06-15 Thread Marc Serra 
Thank's James,

99% of the hosted content is static. I think it's time to migrate to MPM
event.

Thank's again.

Missatge de James Smith  del dia dl., 14 de juny 2021 a
les 11:21:

> Yes the answer is almost certainly to do with the number of domains/size
> of code – even if all the sites are running the same code – they are likely
> to have different copies of it (unless they are all running the exact same
> copy of the code – and using a name based switch somewhere in it) There may
> be better ways of handling this – having 800 PHP children is not ideal –
> look at ways of using static servers if you can e.g.
>
>- you may be able to sit another apache in front of this one to handle
>the static requests {using the event mpm} and use this one to server PHP
>code;
>- or more this to mpm event model and use one of the fcgi wrappers for
>PHP {mileage may vary on this if you have a large number of PHP code
>basese};
>
>
>
> *From:* Marc Serra 
> *Sent:* 14 June 2021 10:08
> *To:* users@httpd.apache.org
> *Subject:* [users@httpd] Improve memory use [EXT]
>
>
>
> Hi again,
>
> I got an old Ubuntu server 16.04 with apache 2.4.18 serving 140 different
> domains.
>
> The server has 8 vCPUs and 16GB of memory. It's a virtual server hosted in
> Digital Ocean.
>
> As you can see above, the average memory use per apache process is 93MB.
>
> It's possible to improve that? If not, why is so much memory used? In
> other servers with similar configurations but with fewer hosted domains and
> low resources (see at the bottom of this email), the memory usage is much
> lower. Is it due precisely to the number of domains hosted? If not, what?
>
> Sorry to insist on the memory used by each apache process, but I need to
> improve it (if it's possible).
>
> # ls /etc/apache2/sites-enabled/|grep -v ssl |wc
> 140
>
> # cat /etc/issue
> Ubuntu 16.04.6 LTS
>
> # apache2 -V
> Server version: Apache/2.4.18 (Ubuntu)
> Server built:   2019-10-08T13:31:25
> Server's Module Magic Number: 20120211:52
> Server loaded:  APR 1.5.2, APR-UTIL 1.5.4
> Compiled using: APR 1.5.2, APR-UTIL 1.5.4
> Architecture:   64-bit
> Server MPM: prefork
>   threaded: no
> forked: yes (variable process count)
> Server compiled with
>  -D APR_HAS_SENDFILE
>  -D APR_HAS_MMAP
>  -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
>  -D APR_USE_SYSVSEM_SERIALIZE
>  -D APR_USE_PTHREAD_SERIALIZE
>  -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
>  -D APR_HAS_OTHER_CHILD
>  -D AP_HAVE_RELIABLE_PIPED_LOGS
>  -D DYNAMIC_MODULE_LIMIT=256
>  -D HTTPD_ROOT="/etc/apache2"
>  -D SUEXEC_BIN="/usr/lib/apache2/suexec"
>  -D DEFAULT_PIDLOG="/var/run/apache2.pid"
>  -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
>  -D DEFAULT_ERRORLOG="logs/error_log"
>  -D AP_TYPES_CONFIG_FILE="mime.types"
>  -D SERVER_CONFIG_FILE="apache2.conf"
>
> # apache2 -M
> Loaded Modules:
>  core_module (static)
>  so_module (static)
>  watchdog_module (static)
>  http_module (static)
>  log_config_module (static)
>  logio_module (static)
>  version_module (static)
>  unixd_module (static)
>  access_compat_module (shared)
>  alias_module (shared)
>  auth_basic_module (shared)
>  authn_core_module (shared)
>  authn_file_module (shared)
>  authz_core_module (shared)
>  authz_host_module (shared)
>  authz_user_module (shared)
>  autoindex_module (shared)
>  deflate_module (shared)
>  dir_module (shared)
>  env_module (shared)
>  expires_module (shared)
>  filter_module (shared)
>  headers_module (shared)
>  mime_module (shared)
>  mpm_prefork_module (shared)
>  negotiation_module (shared)
>  php7_module (shared)
>  rewrite_module (shared)
>  setenvif_module (shared)
>  socache_shmcb_module (shared)
>  ssl_module (shared)
>  status_module (shared)
>
> Relevant part of /etc/apache2/apache2.conf ...
> 
> ServerLimit 800
> StartServers10
> MinSpareServers 200
> MaxSpareServers 400
> MaxRequestWorkers   800
> MaxConnectionsPerChild  1
> 
>
> # free -m
>   totalusedfree  shared  buff/cache
> available
> Mem:  160467198 496 2328351
>  8187
> Swap:  4095 2433852
>
> # ps aux | grep apache
> root  1204  0.0  0.2 431016 47312 ?Ss   May04   7:43
> /usr/sbin/apache2 -k start
> www-data  4778  0.0  0.4 531744 77132 ?S09:00   0:03
> /usr/sbin/apache2 -k start
> www-data 11661  0.1  0.3 518652 57868 ?S

[users@httpd] Improve memory use

2021-06-14 Thread Marc Serra 
  S07:09   0:21
/usr/sbin/apache2 -k start
www-data 28566  0.0  0.4 525804 80060 ?S07:09   0:05
/usr/sbin/apache2 -k start
www-data 28567  0.1  0.5 522436 86684 ?S07:09   0:17
/usr/sbin/apache2 -k start
www-data 28568  0.0  0.7 559216 116156 ?   S07:09   0:11
/usr/sbin/apache2 -k start
www-data 28569  0.1  0.5 531404 94140 ?S07:09   0:14
/usr/sbin/apache2 -k start
www-data 28570  0.1  0.4 519344 74340 ?S07:09   0:15
/usr/sbin/apache2 -k start








An example of a very similar server with very similar apache configuration
but with less domains (6). The average memory used are 27MB ...


# ls /etc/apache2/sites-enabled/|grep -v ssl  |wc
  6   6 148

# ps aux|grep apache
www-data   936  0.0  1.4 414692 14272 ?S10:55   0:00
/usr/sbin/apache2 -k start
www-data   937  0.1  2.1 423736 21900 ?S10:55   0:00
/usr/sbin/apache2 -k start
www-data   941  0.0  1.0 414328 10244 ?S10:55   0:00
/usr/sbin/apache2 -k start
www-data   943  0.0  2.8 500268 29376 ?S10:55   0:00
/usr/sbin/apache2 -k start
root 21633  0.0  3.1 414296 32304 ?Ss   May04   1:46
/usr/sbin/apache2 -k start
www-data 28923  0.0  3.1 500432 31840 ?S06:30   0:00
/usr/sbin/apache2 -k start
www-data 28924  0.0  3.1 500392 32264 ?S06:30   0:00
/usr/sbin/apache2 -k start
www-data 28925  0.0  3.1 500412 31756 ?S06:30   0:00
/usr/sbin/apache2 -k start
www-data 28926  0.0  3.2 500324 33124 ?S06:30   0:00
/usr/sbin/apache2 -k start
www-data 29160  0.0  3.2 500456 33184 ?S06:41   0:00
/usr/sbin/apache2 -k start
www-data 29612  0.0  3.5 504596 35632 ?S06:47   0:00
/usr/sbin/apache2 -k start

# apache2 -M
Loaded Modules:
 core_module (static)
 so_module (static)
 watchdog_module (static)
 http_module (static)
 log_config_module (static)
 logio_module (static)
 version_module (static)
 unixd_module (static)
 access_compat_module (shared)
 alias_module (shared)
 auth_basic_module (shared)
 authn_core_module (shared)
 authn_file_module (shared)
 authz_core_module (shared)
 authz_host_module (shared)
 authz_user_module (shared)
 autoindex_module (shared)
 deflate_module (shared)
 dir_module (shared)
 env_module (shared)
 expires_module (shared)
 filter_module (shared)
 headers_module (shared)
 mime_module (shared)
 mpm_prefork_module (shared)
 negotiation_module (shared)
 php7_module (shared)
 rewrite_module (shared)
 setenvif_module (shared)
 socache_shmcb_module (shared)
 ssl_module (shared)
 status_module (shared)

# cat /etc/issue
Ubuntu 16.04.6 LTS

# apache2 -V
Server version: Apache/2.4.18 (Ubuntu)
Server built:   2019-10-08T13:31:25
Server's Module Magic Number: 20120211:52
Server loaded:  APR 1.5.2, APR-UTIL 1.5.4
Compiled using: APR 1.5.2, APR-UTIL 1.5.4
Architecture:   64-bit
Server MPM: prefork
  threaded: no
forked: yes (variable process count)
Server compiled with
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=256
 -D HTTPD_ROOT="/etc/apache2"
 -D SUEXEC_BIN="/usr/lib/apache2/suexec"
 -D DEFAULT_PIDLOG="/var/run/apache2.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="mime.types"
 -D SERVER_CONFIG_FILE="apache2.conf"


Thank's

-- 
Marc Serra
Organització i Sistemes

-- 

Manxa 
1876, S.L. *
Ctra. 
Les Tries, 85. 17800 Olot (Girona)**Tel. 972 27 
45 30 Fax 972 27 45 32*


* Manxa Industrial | *Coneix
més aquí 
<http://www.manxaindustrial.com>



* Manxa Ferros | *Coneix
més aquí 
<http://www.manxaferros.com/>



* Manxa Ferreteria i Parament de la Llar | 
*Coneix
més aquí <https://www.manxabricolatge.com>


**

-- 


El contingut d’aquest correu electrònic i els seus annexos és 
estrictament confidencial. En el cas que no siguis el destinatari i hagis 
rebut aquest missatge per error, preguem que ho comuniquis al remitent i 
procedeixis a la seva eliminació, sense difondre, emmagatzemar o copiar el 
seu contingut. Imprimeix aquest correu només si és necessari.

El contenido 
de este correo electrónico y sus anexos es estrictamente confidencial. En 
el caso de que no seas el destinatario y hayas recibido este mensaje por 
error, rogamos lo comuniques al remitente y procedas a su eliminación, sin 
difundir, almacenar o copiar su contenido. Imprimir este correo solo si es 
necesario.

The content of this email and its attachments is strictly 
confidential. If you are not the recipient and you have received this 
message by mistake, please notify the sender and proceed to its 
elimination, without spreading, storing or copying its content. Print this 
email only i

Re: [users@httpd] Is ServerLimit 256 in prefork mode somehow hardcoded?

2021-06-01 Thread Marc Serra 
https://httpd.apache.org/docs/2.4/en/mod/mpm_common.html#serverlimit

There is a hard limit of ServerLimit 2 compiled into the server (for
the prefork MPM 20). This is intended to avoid nasty effects caused by
typos. To increase it even further past this limit, you will need to modify
the value of MAX_SERVER_LIMIT in the mpm source file and rebuild the server.

Missatge de Alois Treindl  del dia dt., 1 de juny 2021 a
les 11:02:

> I am using Apache on RHEL 7 since along time.
> httpd-2.4.6-97.el7_9.x86_64
>
> I use it with mod_mpm_prefork module, the default on Redhat.
>
> I see, shortly after startup, messages in errorlog like
> AH00161: server reached MaxRequestWorkers setting, consider raising the
> MaxRequestWorkers setting
>
> I have tried to do that
> 
> StartServers  20
> MinSpareServers   10
> MaxSpareServers   20
> ServerLimit   512
> MaxRequestWorkers 512
> MaxConnectionsPerChild  1
> 
>
> I also tried much higher values of ServerLimit and MaxRequestWorkers, like
> 6400 or 30'000
>
> It makes no difference, the error message appears.
>
> In server-status, I always see four lines of 64 servers, i.e. a total of
> 256 servers shown, like this:
>
> .R_R_RKCCC_C..R_RRRKRRCC.R_CCKRKRKC.KRKR_R.__RKCRRRK
> .KKRWRC_R_RCRRCKR_KRKKRRRKRC.C_RRRKR_C.K
> 
> 
>
> How can I get beyond these 256 servers?
>
> The machine has 64 cores, and 132 Gb RAM.
>
> I know that I can switch to mod_mpm_event, but before I go that way, I
> would like to know why I cannot more than 256 servers in prefork mode.
>
>
> - To
> unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional
> commands, e-mail: users-h...@httpd.apache.org



-- 
Marc Serra
Organització i Sistemes

-- 

Manxa 
1876, S.L. *
Ctra. 
Les Tries, 85. 17800 Olot (Girona)**Tel. 972 27 
45 30 Fax 972 27 45 32*


* Manxa Industrial | *Coneix
més aquí 
<http://www.manxaindustrial.com>



* Manxa Ferros | *Coneix
més aquí 
<http://www.manxaferros.com/>



* Manxa Ferreteria i Parament de la Llar | 
*Coneix
més aquí <https://www.manxabricolatge.com>


**

-- 


El contingut d’aquest correu electrònic i els seus annexos és 
estrictament confidencial. En el cas que no siguis el destinatari i hagis 
rebut aquest missatge per error, preguem que ho comuniquis al remitent i 
procedeixis a la seva eliminació, sense difondre, emmagatzemar o copiar el 
seu contingut. Imprimeix aquest correu només si és necessari.

El contenido 
de este correo electrónico y sus anexos es estrictamente confidencial. En 
el caso de que no seas el destinatario y hayas recibido este mensaje por 
error, rogamos lo comuniques al remitente y procedas a su eliminación, sin 
difundir, almacenar o copiar su contenido. Imprimir este correo solo si es 
necesario.

The content of this email and its attachments is strictly 
confidential. If you are not the recipient and you have received this 
message by mistake, please notify the sender and proceed to its 
elimination, without spreading, storing or copying its content. Print this 
email only if necessary.

Le contenu de cet e-mail et de ses pièces jointes 
est strictement confidentiel. Dans le cas où vous n'êtes pas le 
destinataire et avez reçu ce message par erreur, veuillez en informer 
l'expéditeur et procéder à sa suppression, sans diffuser, stocker ou copier 
son contenu. Imprimez cet e-mail uniquement si nécessaire.

Re: [users@httpd] Poor Load Balancer performance

2021-05-27 Thread Marc Serra 
Thank's for your reply Eric.

 if you have thousands of connections you need to have more servers and
> then a balancer will help spreading the load (not increasing performance)
> among all the servers, or add bigger figures to your mpm settings in your
> single server (if the hardware will be able to cope with it).
>
> If you have thousand of connections and just 800 workers, then it is
> logical that it clogs.
>
> Supposing 800 connections would be enough for peaks if you want no
> clogging with prefork because load is quite variable it is better to
> specify a higher minspareservers value (more workers readily available, not
> have to be spawned, less cpu usage because less processes have to be
> spawned).
>
> I would try to go for event asap though, much better to have to spawn 8
> processes with 100 threads than 800 processes.
>

Daniel, after your words, I think it's important to move to event too. I
will take a look. Thank's.

-- 

Manxa 
1876, S.L. *
Ctra. 
Les Tries, 85. 17800 Olot (Girona)**Tel. 972 27 
45 30 Fax 972 27 45 32*


* Manxa Industrial | *Coneix
més aquí 




* Manxa Ferros | *Coneix
més aquí 




* Manxa Ferreteria i Parament de la Llar | 
*Coneix
més aquí 


**

-- 


El contingut d’aquest correu electrònic i els seus annexos és 
estrictament confidencial. En el cas que no siguis el destinatari i hagis 
rebut aquest missatge per error, preguem que ho comuniquis al remitent i 
procedeixis a la seva eliminació, sense difondre, emmagatzemar o copiar el 
seu contingut. Imprimeix aquest correu només si és necessari.

El contenido 
de este correo electrónico y sus anexos es estrictamente confidencial. En 
el caso de que no seas el destinatario y hayas recibido este mensaje por 
error, rogamos lo comuniques al remitente y procedas a su eliminación, sin 
difundir, almacenar o copiar su contenido. Imprimir este correo solo si es 
necesario.

The content of this email and its attachments is strictly 
confidential. If you are not the recipient and you have received this 
message by mistake, please notify the sender and proceed to its 
elimination, without spreading, storing or copying its content. Print this 
email only if necessary.

Le contenu de cet e-mail et de ses pièces jointes 
est strictement confidentiel. Dans le cas où vous n'êtes pas le 
destinataire et avez reçu ce message par erreur, veuillez en informer 
l'expéditeur et procéder à sa suppression, sans diffuser, stocker ou copier 
son contenu. Imprimez cet e-mail uniquement si nécessaire.

Re: [users@httpd] Poor Load Balancer performance

2021-05-27 Thread Marc Serra 
Thank's Eric, I understand.

But if configuring a load balancer I'm adding another hop with reducing the
performance, seems that is not the best way to improve this performance,
correct?

As I explained before, it's only a test setup before move to a real
environment.

Now I have a single server (8 cores, 32GB RAM with prefork) and the
following apache tunning. In some moments, I have thousands of concurrent
connections that collapse the server and I thought the best way to fix this
was by setting up a load balancer. Isn't it?

ServerLimit 800
StartServers 10
MinSpareServers 200
MaxSpareServers 400
MaxRequestsWorkers 800
MaxConnectionsPerChild 1

Missatge de Eric Covener  del dia dj., 27 de maig 2021 a
les 13:15:

> On Thu, May 27, 2021 at 7:06 AM Marc Serra  wrote:
> > I has inverted the results! I'm sorry!
>
> I see -- I think this is a case where you aren't taxing either backend
> and you've just added another hop.
> This is probably especially true when testing static files.
>
> -
> To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
> For additional commands, e-mail: users-h...@httpd.apache.org
>
>

-- 
Marc Serra
Organització i Sistemes

-- 

Manxa 
1876, S.L. *
Ctra. 
Les Tries, 85. 17800 Olot (Girona)**Tel. 972 27 
45 30 Fax 972 27 45 32*


* Manxa Industrial | *Coneix
més aquí 
<http://www.manxaindustrial.com>



* Manxa Ferros | *Coneix
més aquí 
<http://www.manxaferros.com/>



* Manxa Ferreteria i Parament de la Llar | 
*Coneix
més aquí <https://www.manxabricolatge.com>


**

-- 


El contingut d’aquest correu electrònic i els seus annexos és 
estrictament confidencial. En el cas que no siguis el destinatari i hagis 
rebut aquest missatge per error, preguem que ho comuniquis al remitent i 
procedeixis a la seva eliminació, sense difondre, emmagatzemar o copiar el 
seu contingut. Imprimeix aquest correu només si és necessari.

El contenido 
de este correo electrónico y sus anexos es estrictamente confidencial. En 
el caso de que no seas el destinatario y hayas recibido este mensaje por 
error, rogamos lo comuniques al remitente y procedas a su eliminación, sin 
difundir, almacenar o copiar su contenido. Imprimir este correo solo si es 
necesario.

The content of this email and its attachments is strictly 
confidential. If you are not the recipient and you have received this 
message by mistake, please notify the sender and proceed to its 
elimination, without spreading, storing or copying its content. Print this 
email only if necessary.

Le contenu de cet e-mail et de ses pièces jointes 
est strictement confidentiel. Dans le cas où vous n'êtes pas le 
destinataire et avez reçu ce message par erreur, veuillez en informer 
l'expéditeur et procéder à sa suppression, sans diffuser, stocker ou copier 
son contenu. Imprimez cet e-mail uniquement si nécessaire.

Re: [users@httpd] Poor Load Balancer performance

2021-05-27 Thread Marc Serra 
Oh shit! copy/paste error!!!

I has inverted the results! I'm sorry!

the real ones...

Results when I run 'ab  -k -n 1 -c 1000 http://vm_host_ip_address:8010/'
with NO balancer configured...
 Finished 1 requests
 Server Software:Apache/2.4.41
 Server Hostname:192.168.68.210
 Server Port:8010
 Document Path:  /
 Document Length:97098 bytes
 Concurrency Level:  1000
 Time taken for tests:   15.527 seconds
 Complete requests:  1
 Failed requests:834
   (Connect: 0, Receive: 0, Length: 834, Exceptions: 0)
 Keep-Alive requests:9166
 Total transferred:  892851836 bytes
 HTML transferred:   89268 bytes
 Requests per second:644.04 [#/sec] (mean)
 Time per request:   1552.701 [ms] (mean)
 Time per request:   1.553 [ms] (mean, across all concurrent requests)
 Transfer rate:  56155.42 [Kbytes/sec] received
 Connection Times (ms)
  min  mean[+/-sd] median   max
 Connect:0   22 146.6  01038
 Processing: 0  657 1668.1122   13453
 Waiting:0  752 1883.8121   13453
 Total:  0  679 1763.1122   14476
 Percentage of the requests served within a certain time (ms)
  50%122
  66%234
  75%330
  80%402
  90%   1657
  95%   4987
  98%   7221
  99%   8733
  100%  14476 (longest request)
 Finished 1 requests



Results when I run 'ab  -k -n 1 -c 1000 http://vm_host_ip_address:8010/'
with (YES) balancer...
 Finished 1 requests
 Server Software:Apache/2.4.41
 Server Hostname:192.168.68.210
 Server Port:8010
 Document Path:  /
 Document Length:97098 bytes
 Concurrency Level:  1000
 Time taken for tests:   24.029 seconds
 Complete requests:  1
 Failed requests:5526
(Connect: 0, Receive: 0, Length: 5526, Exceptions: 0)
 Keep-Alive requests:8938
 Total transferred:  870844342 bytes
 HTML transferred:   868062523 bytes
 Requests per second:416.16 [#/sec] (mean)
 Time per request:   2402.908 [ms] (mean)
 Time per request:   2.403 [ms] (mean, across all concurrent requests)
 Transfer rate:  35391.87 [Kbytes/sec] received
 Connection Times (ms)
  min  mean[+/-sd] median   max
 Connect:0   22 144.2  01039
 Processing: 0 1087 2291.1451   18504
 Waiting:0 1207 2615.1426   18470
 Total:  0 1109 2372.3451   19514
 Percentage of the requests served within a certain time (ms)
  50%451
  66%585
  75%678
  80%764
  90%   1868
  95%   7315
  98%  10098
  99%  11156
  100%  19514 (longest request)
 Finished 1 requests

Missatge de Eric Covener  del dia dj., 27 de maig 2021 a
les 12:51:

> On Thu, May 27, 2021 at 6:22 AM Marc Serra  wrote:
>
>> I got better performance without the load balancer.
>>
>
>
>> Results when I run 'ab  -k -n 1 -c 1000
>> http://vm_host_ip_address:8010/' with no balancer...
>>  Requests per second:416.16 [#/sec] (mean)
>>  Transfer rate:  35391.87 [Kbytes/sec] received
>>
>
>
>
>> Results when I run 'ab  -k -n 1 -c 1000
>> http://vm_host_ip_address:8010/' with balancer configured...
>>  Requests per second:644.04 [#/sec] (mean)
>>  Transfer rate:  56155.42 [Kbytes/sec] received
>>
>
>
> It doesn't look like the no-proxy case did better.  Which metric were you
> looking at?
>
> + a few cautions:
> - If you aren't taxing the system beyond what a single backend could
> handle, it can easily be slower by adding a proxy.
> - A layer 7 proxy can easily be more overhead than a basic VIP / LB / IP
> sprayer if there's nothing actually being offloaded in the proxy.
>
>


-- 
Marc Serra
Organització i Sistemes

-- 

Manxa 
1876, S.L. *
Ctra. 
Les Tries, 85. 17800 Olot (Girona)**Tel. 972 27 
45 30 Fax 972 27 45 32*


* Manxa Industrial | *Coneix
més aquí 
<http://www.manxaindustrial.com>



* Manxa Ferros | *Coneix
més aquí 
<http://www.manxaferros.com/>



* Manxa Ferreteria i Parament de la Llar | 
*Coneix
més aquí <https://www.manxabricolatge.com>


**

-- 


El contingut d’aquest correu electrònic i els seus annexos és 
estrictament confidencial. En el cas que no siguis el destinatari i hagis 
rebut aquest missatge per error, preguem que ho comuniquis al remitent i 
procedeixis a la seva eliminació, sense difondre, emmagatzemar o copiar el 
seu contingut. Imprimeix aquest correu només si és necessari.

El contenido 
de este correo electrónico y sus anexos es estrictamente confidencial. En 
el caso de que no seas el destinatario y hayas recibido este mensaje por 
error, rogamos lo comuniques al remitente y procedas a su eliminación, sin 
difundir, almacenar o copiar su contenido. Imprimir este correo solo si es 
necesario.

The content of this email and its attachments is strictly 
confident

[users@httpd] Poor Load Balancer performance

2021-05-27 Thread Marc Serra 
 ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined







Results when I run 'ab  -k -n 1 -c 1000 http://vm_host_ip_address:8010/'
with balancer configured...
 Finished 1 requests
 Server Software:Apache/2.4.41
 Server Hostname:192.168.68.210
 Server Port:8010
 Document Path:  /
 Document Length:97098 bytes
 Concurrency Level:  1000
 Time taken for tests:   15.527 seconds
 Complete requests:  1
 Failed requests:834
   (Connect: 0, Receive: 0, Length: 834, Exceptions: 0)
 Keep-Alive requests:9166
 Total transferred:  892851836 bytes
 HTML transferred:   89268 bytes
 Requests per second:644.04 [#/sec] (mean)
 Time per request:   1552.701 [ms] (mean)
 Time per request:   1.553 [ms] (mean, across all concurrent requests)
 Transfer rate:  56155.42 [Kbytes/sec] received
 Connection Times (ms)
  min  mean[+/-sd] median   max
 Connect:0   22 146.6  01038
 Processing: 0  657 1668.1122   13453
 Waiting:0  752 1883.8121   13453
 Total:  0  679 1763.1122   14476
 Percentage of the requests served within a certain time (ms)
  50%122
  66%234
  75%330
  80%402
  90%   1657
  95%   4987
  98%   7221
  99%   8733
  100%  14476 (longest request)
 Finished 1 requests



I replaced the apache vhost config file with...


BalancerMember http://vm_host_ip_address:8011
BalancerMember http://vm_host_ip_address:8012

ProxyPreserveHost On
ProxyPass / balancer://mycluster/
ProxyPassReverse / balancer://mycluster/




The index.html file is a 90KB plain text file for both node1 and node2

I'm missing something?

The problem is the way virtualbox handles this network configuration and in
a real world the results would be different?


-- 
Marc Serra

-- 

Manxa 
1876, S.L. *
Ctra. 
Les Tries, 85. 17800 Olot (Girona)**Tel. 972 27 
45 30 Fax 972 27 45 32*


* Manxa Industrial | *Coneix
més aquí 
<http://www.manxaindustrial.com>



* Manxa Ferros | *Coneix
més aquí 
<http://www.manxaferros.com/>



* Manxa Ferreteria i Parament de la Llar | 
*Coneix
més aquí <https://www.manxabricolatge.com>


**

-- 


El contingut d’aquest correu electrònic i els seus annexos és 
estrictament confidencial. En el cas que no siguis el destinatari i hagis 
rebut aquest missatge per error, preguem que ho comuniquis al remitent i 
procedeixis a la seva eliminació, sense difondre, emmagatzemar o copiar el 
seu contingut. Imprimeix aquest correu només si és necessari.

El contenido 
de este correo electrónico y sus anexos es estrictamente confidencial. En 
el caso de que no seas el destinatario y hayas recibido este mensaje por 
error, rogamos lo comuniques al remitente y procedas a su eliminación, sin 
difundir, almacenar o copiar su contenido. Imprimir este correo solo si es 
necesario.

The content of this email and its attachments is strictly 
confidential. If you are not the recipient and you have received this 
message by mistake, please notify the sender and proceed to its 
elimination, without spreading, storing or copying its content. Print this 
email only if necessary.

Le contenu de cet e-mail et de ses pièces jointes 
est strictement confidentiel. Dans le cas où vous n'êtes pas le 
destinataire et avez reçu ce message par erreur, veuillez en informer 
l'expéditeur et procéder à sa suppression, sans diffuser, stocker ou copier 
son contenu. Imprimez cet e-mail uniquement si nécessaire.

Re: [users@httpd] Why so much difference in memory used per process in apache2 between two different systems

2021-05-17 Thread Marc Serra 
Thank's Daniel,

> The list of modules is different. I don't think you can compare event and
prefork servers as if they should behave the same, even more if you have a
different list of modules. Consider in prefork each process is a worker,
 while on event processes are not workers, but threads of each process.
> In order to compare fairly you have to use the same modules, same load,
similar resulting mpm settings and compare the total usage, still your
biggest concern unless you have a faulty module mostly will be CPU.
> Also consider there are some different modules in each case too, some are
third party modules.

As I already commented on my answer to Dino, I didn’t really think a module
would cause this change in memory usage, which is why I haven’t dedicated
myself to disabling them one by one. But I was clearly wrong. Thank you
again too!

-- 

Manxa 
1876, S.L. *
Ctra. 
Les Tries, 85. 17800 Olot (Girona)**Tel. 972 27 
45 30 Fax 972 27 45 32*


* Manxa Industrial | *Coneix
més aquí 




* Manxa Ferros | *Coneix
més aquí 




* Manxa Ferreteria i Parament de la Llar | 
*Coneix
més aquí 


**

-- 


El contingut d’aquest correu electrònic i els seus annexos és 
estrictament confidencial. En el cas que no siguis el destinatari i hagis 
rebut aquest missatge per error, preguem que ho comuniquis al remitent i 
procedeixis a la seva eliminació, sense difondre, emmagatzemar o copiar el 
seu contingut. Imprimeix aquest correu només si és necessari.

El contenido 
de este correo electrónico y sus anexos es estrictamente confidencial. En 
el caso de que no seas el destinatario y hayas recibido este mensaje por 
error, rogamos lo comuniques al remitente y procedas a su eliminación, sin 
difundir, almacenar o copiar su contenido. Imprimir este correo solo si es 
necesario.

The content of this email and its attachments is strictly 
confidential. If you are not the recipient and you have received this 
message by mistake, please notify the sender and proceed to its 
elimination, without spreading, storing or copying its content. Print this 
email only if necessary.

Le contenu de cet e-mail et de ses pièces jointes 
est strictement confidentiel. Dans le cas où vous n'êtes pas le 
destinataire et avez reçu ce message par erreur, veuillez en informer 
l'expéditeur et procéder à sa suppression, sans diffuser, stocker ou copier 
son contenu. Imprimez cet e-mail uniquement si nécessaire.

Re: [users@httpd] Why so much difference in memory used per process in apache2 between two different systems

2021-05-17 Thread Marc Serra 
Thank's for answer Yann,

> MPM prefork is single threaded, while MPM event uses multiple threads,
> and each thread "consumes" 8MB of rss (for its stack) on a typical
> linux system.
> The default thread stack size can be changed with "ulimit -s" (or
> LimitSTACK= on systemd), depending on the loaded modules and their
> stack "consumption".
> I usually run httpd with "ulimit -s 512" (KB) without issues, but this
> needs testing in your environment (i.e. no crash)..


For me is new the ulimit command, I take a look in a near future.

-- 

Manxa 
1876, S.L. *
Ctra. 
Les Tries, 85. 17800 Olot (Girona)**Tel. 972 27 
45 30 Fax 972 27 45 32*


* Manxa Industrial | *Coneix
més aquí 




* Manxa Ferros | *Coneix
més aquí 




* Manxa Ferreteria i Parament de la Llar | 
*Coneix
més aquí 


**

-- 


El contingut d’aquest correu electrònic i els seus annexos és 
estrictament confidencial. En el cas que no siguis el destinatari i hagis 
rebut aquest missatge per error, preguem que ho comuniquis al remitent i 
procedeixis a la seva eliminació, sense difondre, emmagatzemar o copiar el 
seu contingut. Imprimeix aquest correu només si és necessari.

El contenido 
de este correo electrónico y sus anexos es estrictamente confidencial. En 
el caso de que no seas el destinatario y hayas recibido este mensaje por 
error, rogamos lo comuniques al remitente y procedas a su eliminación, sin 
difundir, almacenar o copiar su contenido. Imprimir este correo solo si es 
necesario.

The content of this email and its attachments is strictly 
confidential. If you are not the recipient and you have received this 
message by mistake, please notify the sender and proceed to its 
elimination, without spreading, storing or copying its content. Print this 
email only if necessary.

Le contenu de cet e-mail et de ses pièces jointes 
est strictement confidentiel. Dans le cas où vous n'êtes pas le 
destinataire et avez reçu ce message par erreur, veuillez en informer 
l'expéditeur et procéder à sa suppression, sans diffuser, stocker ou copier 
son contenu. Imprimez cet e-mail uniquement si nécessaire.

Re: [users@httpd] Why so much difference in memory used per process in apache2 between two different systems

2021-05-17 Thread Marc Serra 
Wow! The memory eater was security2 ...

With the module enabled (120-160MB per process) ...
# ps axo 'user rss cmd' | grep apache | grep -v "\(root\|grep\|tomcat\)"
www-data 121232 /usr/sbin/apache2 -k start
www-data 120596 /usr/sbin/apache2 -k start
www-data 156816 /usr/sbin/apache2 -k start
www-data 162668 /usr/sbin/apache2 -k start

With the module disabled (9-15MB per process) ...
# a2dismod security2
Module security2 disabled.
To activate the new configuration, you need to run:
  systemctl restart apache2
# systemctl restart apache2
# ps axo 'user rss cmd' | grep apache | grep -v "\(root\|grep\|tomcat\)"
www-data 10340 /usr/sbin/apache2 -k start
www-data  9764 /usr/sbin/apache2 -k start
www-data 14164 /usr/sbin/apache2 -k start
www-data 14220 /usr/sbin/apache2 -k start

Thank's for your answer Dino. That's enough for me.

I didn’t really think a module would cause this change in memory usage,
which is why I haven’t dedicated myself to disabling them one by one. But I
was clearly wrong. Thank you again.

For your information, my problem was understand why so much difference
between to systems because I want to optimize some parameters
like: ServerLimit, StartServers, MinSpareServers, MaxSpareServers,
MaxClients and MaxRequestsPerChild

I need to know the memory used per each Apache process to find
the MaxClients value.

Missatge de Dino Ciuffetti  del dia dl., 17 de maig 2021 a
les 14:54:
>
> Try to comment out mod_security, it's a module that use enough memory.
> Also on server2 there are modules not loaded on server1. BTW what's your
problem? Your server is plenty of ram and RSS memory is not creating any
problem. Right?
>
>
> 17 maggio 2021 13:34, "Marc Serra"  wrote:
>
> Hi to all,
> I already posted this question to stackoverflow.com but no answer after 9
days:
https://stackoverflow.com/questions/67439771/why-so-much-difference-in-memory-used-per-process-in-apache2-between-two-differe
> I hope the apache gurus in this list can help me :)
> I have a pair of Ubuntu dedicated servers...
>
> Server1:
> Ubuntu 16.04.7 (64 bits)
> 16GB RAM
> 8 Xeon CPU
> Apache 2.4.18
> MPM mode: prefork
>
> Server2:
> Ubuntu server 20.04.2 (64 bits)
> 32GB RAM
> 8 Xeon CPU
> 2.4.41
> MPM mode: event
>
> On Server1, each apache2 process uses between 7MB and 18MB of RAM ...
> # ps axo 'user rss cmd' | grep apache | grep -v "\(root\|grep\|tomcat\)"
> www-data 18232 /usr/sbin/apache2 -k start
> www-data 11700 /usr/sbin/apache2 -k start
> www-data 11276 /usr/sbin/apache2 -k start
> www-data 10792 /usr/sbin/apache2 -k start
> www-data 11216 /usr/sbin/apache2 -k start
> www-data 11600 /usr/sbin/apache2 -k start
> www-data 10336 /usr/sbin/apache2 -k start
> www-data 11356 /usr/sbin/apache2 -k start
> www-data 11348 /usr/sbin/apache2 -k start
> www-data 10980 /usr/sbin/apache2 -k start
> www-data 11316 /usr/sbin/apache2 -k start
> www-data 6808 /usr/sbin/apache2 -k start
>
> On Server2, each apache2 process uses between 120MB and 130MB of RAM ...
> # ps axo 'user rss cmd' | grep apache | grep -v "\(root\|grep\|tomcat\)"
> www-data 120436 /usr/sbin/apache2 -k start
> www-data 119784 /usr/sbin/apache2 -k start
> www-data 128720 /usr/sbin/apache2 -k start
> www-data 130208 /usr/sbin/apache2 -k start
>
> Why so much difference in memory used?
>
> After read a few documentation and googleing, I thought about loaded
modules, but there are not a lot of difference between each server...
>
> Server1
> # apache2 -M
> Loaded Modules:
> core_module (static)
> so_module (static)
> watchdog_module (static)
> http_module (static)
> log_config_module (static)
> logio_module (static)
> version_module (static)
> unixd_module (static)
> access_compat_module (shared)
> actions_module (shared)
> alias_module (shared)
> auth_basic_module (shared)
> auth_digest_module (shared)
> auth_openidc_module (shared)
> authn_core_module (shared)
> authn_file_module (shared)
> authz_core_module (shared)
> authz_host_module (shared)
> authz_user_module (shared)
> autoindex_module (shared)
> bw_module (shared)
> cgi_module (shared)
> dav_module (shared)
> dav_fs_module (shared)
> dav_lock_module (shared)
> deflate_module (shared)
> dir_module (shared)
> env_module (shared)
> expires_module (shared)
> fcgid_module (shared)
> filter_module (shared)
> headers_module (shared)
> include_module (shared)
> mime_module (shared)
> mpm_prefork_module (shared)
> negotiation_module (shared)
> proxy_module (shared)
> proxy_balancer_module (shared)
> proxy_fcgi_module (shared)
> proxy_http_module (shared)
> rewrite_module (shared)
> setenvif_module (shared)
> slotmem_shm_module (shared)
> socache_shmcb_module (shared)
> ssl_modu

[users@httpd] Why so much difference in memory used per process in apache2 between two different systems

2021-05-17 Thread Marc Serra 
Hi to all,

I already posted this question to stackoverflow.com but no answer after 9
days:
https://stackoverflow.com/questions/67439771/why-so-much-difference-in-memory-used-per-process-in-apache2-between-two-differe

I hope the apache gurus in this list can help me :)

I have a pair of Ubuntu dedicated servers...

Server1:
Ubuntu 16.04.7 (64 bits)
16GB RAM
8 Xeon CPU
Apache 2.4.18
MPM mode: prefork

Server2:
Ubuntu server 20.04.2 (64 bits)
32GB RAM
8 Xeon CPU
2.4.41
MPM mode: event

On Server1, each apache2 process uses between 7MB and 18MB of RAM ...
# ps axo 'user rss cmd' | grep apache | grep -v "\(root\|grep\|tomcat\)"
www-data 18232 /usr/sbin/apache2 -k start
www-data 11700 /usr/sbin/apache2 -k start
www-data 11276 /usr/sbin/apache2 -k start
www-data 10792 /usr/sbin/apache2 -k start
www-data 11216 /usr/sbin/apache2 -k start
www-data 11600 /usr/sbin/apache2 -k start
www-data 10336 /usr/sbin/apache2 -k start
www-data 11356 /usr/sbin/apache2 -k start
www-data 11348 /usr/sbin/apache2 -k start
www-data 10980 /usr/sbin/apache2 -k start
www-data 11316 /usr/sbin/apache2 -k start
www-data  6808 /usr/sbin/apache2 -k start


On Server2, each apache2 process uses between 120MB and 130MB of RAM ...
# ps axo 'user rss cmd' | grep apache | grep -v "\(root\|grep\|tomcat\)"
www-data 120436 /usr/sbin/apache2 -k start
www-data 119784 /usr/sbin/apache2 -k start
www-data 128720 /usr/sbin/apache2 -k start
www-data 130208 /usr/sbin/apache2 -k start


Why so much difference in memory used?

After read a few documentation and googleing, I thought about loaded
modules, but there are not a lot of difference between each server...

Server1
# apache2 -M
Loaded Modules:
 core_module (static)
 so_module (static)
 watchdog_module (static)
 http_module (static)
 log_config_module (static)
 logio_module (static)
 version_module (static)
 unixd_module (static)
 access_compat_module (shared)
 actions_module (shared)
 alias_module (shared)
 auth_basic_module (shared)
 auth_digest_module (shared)
 auth_openidc_module (shared)
 authn_core_module (shared)
 authn_file_module (shared)
 authz_core_module (shared)
 authz_host_module (shared)
 authz_user_module (shared)
 autoindex_module (shared)
 bw_module (shared)
 cgi_module (shared)
 dav_module (shared)
 dav_fs_module (shared)
 dav_lock_module (shared)
 deflate_module (shared)
 dir_module (shared)
 env_module (shared)
 expires_module (shared)
 fcgid_module (shared)
 filter_module (shared)
 headers_module (shared)
 include_module (shared)
 mime_module (shared)
 mpm_prefork_module (shared)
 negotiation_module (shared)
 proxy_module (shared)
 proxy_balancer_module (shared)
 proxy_fcgi_module (shared)
 proxy_http_module (shared)
 rewrite_module (shared)
 setenvif_module (shared)
 slotmem_shm_module (shared)
 socache_shmcb_module (shared)
 ssl_module (shared)
 status_module (shared)
 suexec_module (shared)
 userdir_module (shared)

Server2
# apache2 -M
Loaded Modules:
 core_module (static)
 so_module (static)
 watchdog_module (static)
 http_module (static)
 log_config_module (static)
 logio_module (static)
 version_module (static)
 unixd_module (static)
 access_compat_module (shared)
 aclr_module (shared)
 actions_module (shared)
 alias_module (shared)
 auth_basic_module (shared)
 auth_digest_module (shared)
 auth_openidc_module (shared)
 authn_core_module (shared)
 authn_file_module (shared)
 authz_core_module (shared)
 authz_host_module (shared)
 authz_user_module (shared)
 autoindex_module (shared)
 cgid_module (shared)
 dav_module (shared)
 dav_fs_module (shared)
 dav_lock_module (shared)
 deflate_module (shared)
 dir_module (shared)
 env_module (shared)
 fcgid_module (shared)
 filter_module (shared)
 headers_module (shared)
 include_module (shared)
 mime_module (shared)
 mpm_event_module (shared)
 negotiation_module (shared)
 proxy_module (shared)
 proxy_balancer_module (shared)
 proxy_fcgi_module (shared)
 proxy_http_module (shared)
 remoteip_module (shared)
 reqtimeout_module (shared)
 rewrite_module (shared)
 security2_module (shared)
 setenvif_module (shared)
 slotmem_shm_module (shared)
 socache_shmcb_module (shared)
 ssl_module (shared)
 status_module (shared)
 suexec_module (shared)
 unique_id_module (shared)
 userdir_module (shared)


I already changed MPM mode from Event to Prefork on Server2, with the same
results.

What else can I check to understand this difference?

Thank's!

-- 

Manxa 
1876, S.L. *
Ctra. 
Les Tries, 85. 17800 Olot (Girona)**Tel. 972 27 
45 30 Fax 972 27 45 32*


* Manxa Industrial | *Coneix
més aquí 




* Manxa Ferros | *Coneix
més aquí 




* Manxa Ferreteria i Parament de la Llar | 
*Coneix
més aquí 


**

-- 


El contingut d’aquest correu electrònic i els seus annexos és 
estrictament confidencial. En el cas que no siguis el destinatari i hagis 
rebut aquest missatge per error, preguem que ho comuniquis al remitent i 
procedeixis a la seva eliminació, sense

RE: [users@httpd] domain name Question

2011-10-17 Thread Marc Serra 
Usually the same ISP provides the DNS service. Search for a web form in
your ISP user page for  point your domain name to your IP address.

 

De: Stephen Grant Brown [mailto:stephengrantbr...@mcmedia.com.au] 
Enviado el: domingo, 16 de octubre de 2011 10:36
Para: Apache Users
Asunto: [users@httpd] domain name Question

 

Hi All,

I have a domain name registered with a ISP. 

Do I need my own DNS server to be able to host my website usine Apache? 

 

Yours Sincerely 

Stephen Grant Brown

 


Marc Serra - OiS
mse...@manxa.es 
img
Manxa 1901 S.L.
Ctra. Les Tries 85 
17800 Olot (Girona)
Telf: +34 972 27 64 99
www.manxa.es 

Avis legal
El contingut d'aquest correu electronic i els seus annexos es estrictament 
confidencial. En el cas que voste no sigui el destinatari i hagi rebut aquest 
missatge per error, preguem ho comuniqui al remitent i procedeixi a la seva 
eliminacio, sense difondre, emmagatzemar o copiar el seu contingut. 

Aviso legal
El contenido de este correo electronico y sus anexos es estrictamente 
confidencial. En el caso de que usted no sea el destinatario y haya recibido 
este mensaje por error, rogamos lo comunique al remitente y proceda a su 
eliminacion, sin difundir, almacenar o copiar su contenido. 

Important notice
The information contained in this e-mail is strictly confidential and is 
intended to be viewed and used only by the above-named recipient. If you are 
not the above-named intended recipient and have received this message by 
mistake, you are hereby notified that any dissemination, distribution or 
copying of this communication and its content is strictly prohibited. If you 
have received this communication by mistake, please re-send it to the sender 
and delete the original message or any copy of it from your computer system.

[users@httpd] Open links of indexed directory to new window

2011-10-13 Thread Marc Serra 
Hi! I'm calling a diretory index from an iframe. I want to open this
files (links) in a new window... 

 

here the page:
http://portal.manxa.es/cataleg/v2/industrial/ca/promos2.htm

 

It's possible using the apache (or htaccess) config? Thank's!


Marc Serra - OiS
mse...@manxa.es 
img
Manxa 1901 S.L.
Ctra. Les Tries 85 
17800 Olot (Girona)
Telf: +34 972 27 64 99
www.manxa.es 

Avis legal
El contingut d'aquest correu electronic i els seus annexos es estrictament 
confidencial. En el cas que voste no sigui el destinatari i hagi rebut aquest 
missatge per error, preguem ho comuniqui al remitent i procedeixi a la seva 
eliminacio, sense difondre, emmagatzemar o copiar el seu contingut. 

Aviso legal
El contenido de este correo electronico y sus anexos es estrictamente 
confidencial. En el caso de que usted no sea el destinatario y haya recibido 
este mensaje por error, rogamos lo comunique al remitente y proceda a su 
eliminacion, sin difundir, almacenar o copiar su contenido. 

Important notice
The information contained in this e-mail is strictly confidential and is 
intended to be viewed and used only by the above-named recipient. If you are 
not the above-named intended recipient and have received this message by 
mistake, you are hereby notified that any dissemination, distribution or 
copying of this communication and its content is strictly prohibited. If you 
have received this communication by mistake, please re-send it to the sender 
and delete the original message or any copy of it from your computer system.

[EMAIL PROTECTED] Require SSL only for an individual file

2006-02-04 Thread Marc Serra 
Hi gurus!

I need to secure with SSL only one file from a directory that contains a
lot more files.

How can I do that?

I know how secure an entire directory, with SSLRequireSSL option, but is
possible only for a file?

Thank's!


-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Require SSL only for an individual file

2006-02-04 Thread Marc Serra 
Thanks, and I know your solution, but isn't possible. I can't not move
this file from this directory, and (for application requirements) the
other files on this directory cannot be under SSL.


 I guess the easiest way would be to put that SSL enabled
 file into a sub-dir all on it's own?



-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Require SSL only for an individual file

2006-02-04 Thread Marc Serra 
Thanks for a reply joshua.

Really? And can you give me an example of this?

For a directory that requires SSL:

Directory /var/www/localhost/htdocs/ssl
SSLRequireSSL
AllowOverride AuthConfig
/Directory


But for a file? Does would you mean?:
File /var/www/localhost/htdocs/ssl/file.under.ssl.html
SSLRequireSSL
AllowOverride AuthConfig
/File



-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: [EMAIL PROTECTED] Require SSL only for an individual file

2006-02-04 Thread Marc Serra 
I don't know does snide mean, but I hope nothing bad ;-)

I tried to search in: http://www.apache-ssl.org/docs.html and
http://httpd.apache.org/docs/2.0/ssl/ , but i don't find an answer for me.

Your links seems better. Sorry for bugging.

Tomorrow i try it, I'm very tired now... B-(


 I hate to be snide, but why are you guessing when you could simply
 read the documentation:
 http://httpd.apache.org/docs/2.2/mod/core.html#files
 http://httpd.apache.org/docs/2.2/sections.html#file-and-web



-
The official User-To-User support forum of the Apache HTTP Server Project.
See URL:http://httpd.apache.org/userslist.html for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]