[users@httpd] Are this option

2022-03-09 Thread Marc Serra 
Hi, I want to configure an apache server to support a high load site. Are
these settings correct?

/etc/apache2/mods-enabled/mpm_event.conf


StartServers 2
MinSpareThreads  75
MaxSpareThreads  250
ThreadLimit  64
ThreadsPerChild  25
MaxRequestWorkers 1500
MaxConnectionsPerChild   0
ServerLimit 75


I used a combination of
https://httpd.apache.org/docs/2.4/en/mod/mpm_common.html and
https://support.plesk.com/hc/en-us/articles/214529205-Apache-keeps-going-down-on-a-Plesk-server-server-reached-MaxRequestWorkers-setting
...

MaxRequestWorkers = (Total RAM - Memory used for Linux, DB, etc.) / average
Apache process size
=>
1500 = (64000 - 6) / 40

The default ServerLimit value is 16. To increase it, you must also raise
MaxRequestWorkers using the following formula: ServerLimit value x 25 =
MaxRequestWorkers value. For example, if ServerLimit is set to 20, then
MaxRequestWorkers will be 20 x 25 = 500.
=>
75 x 25 = 1500



The hardware includes 64GB of memory, AMD Ryzen 7 PRO 3700 8-Core Processor
and NVME disks.

I'm using Apache 2.4.41 with event MPM on ubuntu 20.04 ...

Server version: Apache/2.4.41 (Ubuntu)
Server built:   2022-01-05T14:49:56
Server's Module Magic Number: 20120211:88
Server loaded:  APR 1.6.5, APR-UTIL 1.6.1
Compiled using: APR 1.6.5, APR-UTIL 1.6.1
Architecture:   64-bit
Server MPM: event
  threaded: yes (fixed thread count)
forked: yes (variable process count)
Server compiled with
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=256
 -D HTTPD_ROOT="/etc/apache2"
 -D SUEXEC_BIN="/usr/lib/apache2/suexec"
 -D DEFAULT_PIDLOG="/var/run/apache2.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="mime.types"
 -D SERVER_CONFIG_FILE="apache2.conf"

And this loaded Modules...
 core_module (static)
 so_module (static)
 watchdog_module (static)
 http_module (static)
 log_config_module (static)
 logio_module (static)
 version_module (static)
 unixd_module (static)
 access_compat_module (shared)
 aclr_module (shared)
 actions_module (shared)
 alias_module (shared)
 auth_basic_module (shared)
 authn_core_module (shared)
 authn_file_module (shared)
 authz_core_module (shared)
 authz_host_module (shared)
 authz_user_module (shared)
 autoindex_module (shared)
 cgid_module (shared)
 deflate_module (shared)
 dir_module (shared)
 env_module (shared)
 fcgid_module (shared)
 filter_module (shared)
 headers_module (shared)
 include_module (shared)
 mime_module (shared)
 mpm_event_module (shared)
 negotiation_module (shared)
 proxy_module (shared)
 proxy_fcgi_module (shared)
 proxy_http_module (shared)
 proxy_wstunnel_module (shared)
 remoteip_module (shared)
 reqtimeout_module (shared)
 rewrite_module (shared)
 setenvif_module (shared)
 socache_shmcb_module (shared)
 ssl_module (shared)
 status_module (shared)
 suexec_module (shared)
 unique_id_module (shared)
 userdir_module (shared)


Thank's for your time.

-- 


   
  
  
  
 Manxa 1876, S.L.
Ctra. Les 
Tries, 85.17800 Olot (Girona)
*Tel. 972 27 45 30 www.manxa.com 
* 
  *Manxa 
Industrial *
 
  *Manxa Ferros *
   *Manxa Ferreteria i Parament de la Llar 
*
  

  



-- 


El contingut d’aquest correu electrònic i els seus annexos és 
estrictament confidencial. En el cas que no siguis el destinatari i hagis 
rebut aquest missatge per error, preguem que ho comuniquis al remitent i 
procedeixis a la seva eliminació, sense difondre, emmagatzemar o copiar el 
seu contingut. Imprimeix aquest correu només si és necessari.

El contenido 
de este correo electrónico y sus anexos es estrictamente confidencial. En 
el caso de que no seas el destinatario y hayas recibido este mensaje por 
error, rogamos lo comuniques al remitente y procedas a su eliminación, sin 
difundir, almacenar o copiar su contenido. Imprimir este correo solo si es 
necesario.

The content of this email and its attachments is strictly 
confidential. If you are not the recipient and you have received this 
message by mistake, please notify the sender and proceed to its 
elimination, without spreading, storing or copying its content. Print this 
email only if necessary.

Le contenu de cet e-mail et de ses pièces jointes 
est strictement confidentiel. Dans le cas où vous n'êtes pas le 
destinataire et avez reçu ce message par erreur, veuillez en informer 
l'expéditeur et procéder à sa suppression, sans diffuser, stocker

Re: [users@httpd] ErrorLog Module Option Request

2016-08-31 Thread JunkYardMail1 

Re: piped logging; Oh goody more processes running as root.

Rewriting is a part of normal running operations and as such non error 
logging of rewrites should be facilitated.


Really missing the RewriteLog and RewriteLogLevel directives.


-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] ErrorLog Module Option Request

2016-08-31 Thread Eric Covener 
On Wed, Aug 31, 2016 at 6:40 PM,   wrote:
> LogLevel rewrite:trace1
>
>
> Need rewrite logging for normal operation, but don't want it cluttering the
> error logs.
> Rewrites are a part of normal operation, not errors.  Using the error logs
> creates clutter making it more difficult to work with the error logs.

The RewriteLog was never intended for normal operation.  IMO It's
unlikely your requirement will be implemented (even if you added it to
bugzilla).

 It should be straightforward to handle in a simple piped logged, though.

-- 
Eric Covener
cove...@gmail.com

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

[users@httpd] ErrorLog Module Option Request

2016-08-31 Thread JunkYardMail1 
Since the RewriteLog and RewriteLogLevel directives have been eliminated I 
would like to propose an optional module parameter be added to the ErrorLog 
directive to specify a specific module.  Similar to the LogLevel directive.


  Current Syntax: ErrorLog file-path|syslog[:facility]
Proposed Syntax: ErrorLog [module:]file-path|syslog[:facility]

So maybe could do something like this:
ErrorLog rewrite:"logs/rewrite_log"
LogLevel rewrite:trace1


Need rewrite logging for normal operation, but don't want it cluttering the 
error logs.
Rewrites are a part of normal operation, not errors.  Using the error logs 
creates clutter making it more difficult to work with the error logs.


The following statement in the ErrorLog Directive documentation gave me hope 
that specifying a module:file-path instead of syslog:facility would work. 
But it did not.

"ErrorLog syslog:user"
"Additional modules can provide their own ErrorLog providers. The syntax is 
similar to the syslog example above."


https://httpd.apache.org/docs/current/mod/core.html#errorlog
https://httpd.apache.org/docs/current/mod/core.html#loglevel

Thanks for your time and attention.  Hope a solution for keeping the rewrite 
logging isolated from the error logging can be provided.



-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

Re: [users@httpd] adding particular option to httpd build

2012-03-20 Thread Igor Cicimov 
Not enogh info what apache and what OS? Anyway, read this:
http://httpd.apache.org/docs/2.2/programs/configure.html

You have same for 2.0 and 2.4
 On Mar 20, 2012 10:06 AM, Security Admin (NetSec) 
secad...@netsecdesign.com wrote:

  Currently have an apache server with following options:

 ** **

 *Server compiled with*

 *-D APACHE_MPM_DIR=server/mpm/prefork*

 *-D APR_HAS_SENDFILE*

 *-D APR_HAS_MMAP*

 *-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)*

 *-D APR_USE_SYSVSEM_SERIALIZE*

 *-D APR_USE_PTHREAD_SERIALIZE*

 *-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT*

 *-D APR_HAS_OTHER_CHILD*

 *-D AP_HAVE_RELIABLE_PIPED_LOGS*

 *-D HTTPD_ROOT=/etc/httpd*

 *-D SUEXEC_BIN=/usr/sbin/suexec*

 *-D DEFAULT_PIDLOG=run/httpd.pid*

 *-D DEFAULT_SCOREBOARD=logs/apache_runtime_status*

 *-D DEFAULT_LOCKFILE=logs/accept.lock*

 *-D DEFAULT_ERRORLOG=logs/error_log*

 *-D AP_TYPES_CONFIG_FILE=conf/mime.types*

 *-D SERVER_CONFIG_FILE=conf/httpd.conf*

 ** **

 ** **

 I would like to maintain these options in the new build.  When I typed
 “./configure –help” I could not find these options listed.  If someone
 could let me know what syntax I need to use (./configure …) much
 appreciated.

Re: [users@httpd] adding particular option to httpd build

2012-03-20 Thread Simone Caruso 

 I would like to maintain these options in the new build.  When I typed
 “./configure –help” I could not find these options listed.  If someone could 
 let
 me know what syntax I need to use (./configure …) much appreciated.
 

Most of these are set running configure, u should study how automake works... a
security expert... lol

-- 
Simone Caruso
IT Consultant
+39 349 65 90 805

-
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org

RE: [users@httpd] adding particular option to httpd build

2012-03-20 Thread Bennett, Tony 
If you still have the original build tree for your current version of Apache,
you can look at the top of config.log file, or you can look at 
config.nice...
...both of these have the original configure command and are located at
the top of the build tree in the same directory as configure.

-tony

From: Igor Cicimov [mailto:icici...@gmail.com]
Sent: Tuesday, March 20, 2012 12:30 AM
To: users@httpd.apache.org
Subject: Re: [users@httpd] adding particular option to httpd build


Not enogh info what apache and what OS? Anyway, read this:
http://httpd.apache.org/docs/2.2/programs/configure.html

You have same for 2.0 and 2.4
On Mar 20, 2012 10:06 AM, Security Admin (NetSec) 
secad...@netsecdesign.commailto:secad...@netsecdesign.com wrote:
Currently have an apache server with following options:

Server compiled with
-D APACHE_MPM_DIR=server/mpm/prefork
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D HTTPD_ROOT=/etc/httpd
-D SUEXEC_BIN=/usr/sbin/suexec
-D DEFAULT_PIDLOG=run/httpd.pid
-D DEFAULT_SCOREBOARD=logs/apache_runtime_status
-D DEFAULT_LOCKFILE=logs/accept.lock
-D DEFAULT_ERRORLOG=logs/error_log
-D AP_TYPES_CONFIG_FILE=conf/mime.types
-D SERVER_CONFIG_FILE=conf/httpd.conf


I would like to maintain these options in the new build.  When I typed 
./configure -help I could not find these options listed.  If someone could 
let me know what syntax I need to use (./configure ...) much appreciated.

[users@httpd] adding particular option to httpd build

2012-03-19 Thread Security Admin (NetSec) 
Currently have an apache server with following options:

Server compiled with
-D APACHE_MPM_DIR=server/mpm/prefork
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D HTTPD_ROOT=/etc/httpd
-D SUEXEC_BIN=/usr/sbin/suexec
-D DEFAULT_PIDLOG=run/httpd.pid
-D DEFAULT_SCOREBOARD=logs/apache_runtime_status
-D DEFAULT_LOCKFILE=logs/accept.lock
-D DEFAULT_ERRORLOG=logs/error_log
-D AP_TYPES_CONFIG_FILE=conf/mime.types
-D SERVER_CONFIG_FILE=conf/httpd.conf


I would like to maintain these options in the new build.  When I typed 
./configure -help I could not find these options listed.  If someone could 
let me know what syntax I need to use (./configure ...) much appreciated.