I basically have two questions:
How do you set the RequestReadTimeout (in mod_reqtimeout), header and body time to: unlimited time
and
How do I apply that to a specific folder?
The default reqtimeout.conf is:
<IfModule reqtimeout_module>
RequestReadTimeout header=10-20,minrate=500
RequestReadTimeout body=10,minrate=500
</IfModule>
So that it would be something like:
<IfModule reqtimeout_module>
#Apply this to the /var/www/unlimitedtime folder
<Directory /var/www/unlimitedtime>
RequestReadTimeout header=unlimited,MinRate=0 body=unlimited,MinRate=0
</Directory>
</IfModule>
This doesn't work but it's just an example that maybe will make my question more clear.
Thx
Several tips from official documentation of top
RequestReadTimeout :
Context: server config, virtual host
That means this directive is a quite high level directive, you do not have the Location or Directory context here. In fact the timeouts are applied far before the web server can apply a directory decision on the request (the request is not received...), so it's quite normal. What it means is that you cannot apply this directive in a Directory, and there's nothing you can do for that, sorry.
type=timeout
The time in seconds allowed for reading all of the request headers or
body, respectively. A value of 0 means no limit.
So instead of using the 10-20 form simply set 0 and it becomes an unlimited timeout. Or at least that's what the documentation seems to imply. But that's a real nice way of making your webserver DOS-enabled. A few HTTP requests on the right url and you will get a nice Deny of Service, so I hope some other Timeout setting will override it (but maybe not, be careful) :-)
Related
Please, Can you help me for best Apache Configuration
I own the servers for files download, Download files by direct links
ex: domain.com/files.rar
Without programming or php function
The problem: Sometimes I having a high load or stop servers
For this can you help me for best Apache Configuration
Such as:
Server Limit
Max Clients
Max Requests Per Child
Keep-Alive
Keep-Alive Timeout
Max Keep-Alive Requests
Etc.
My servers with 4GB RAM and HDD drives, and 100Mb-ps and 1GBMb-ps
Thanks.
Separate Static and Dynamic Content
Use separate servers for static and dynamic content. Apache processes serving dynamic content will carry overhead and swell to the size of the content being served, never decreasing in size. Each process will incur the size of any loaded PHP or Perl libraries. A 6MB-30MB process size [or 10% of server's memory] is not unusual, and becomes a waist of resources for serving static content.
For a more efficient use of system memory, either use mod_proxy to pass specific requests onto another Apache Server, or use a lightweight server to handle static requests:
Nginx
lighttpd
Or use a front-end caching proxy such as Squid-Cache or Varnish-Cache
The Server handling the static content goes up front.
Note that configuration settings will be quite different between a dynamic content Server and a static content Server.
mod_deflate
Reduce bandwidth by 75% and improve response time by using mod_deflate.
LoadModule deflate_module modules/mod_deflate.so
<Location />
AddOutputFilterByType DEFLATE text/html text/plain text/css text/xml application/x-javascript
</Location>
Loaded Modules
Reduce memory footprint by loading only the required modules.
Some also advise to statically compile in the needed modules, over building DSOs (Dynamic Shared Objects). Very bad advice. You will need to manually rebuild Apache every time a new version or security advisory for a module is put out, creating more work, more build related headaches, and more downtime.
mod_expires
Include mod_expires for the ability to set expiration dates for specific content; utilizing the 'If-Modified-Since' header cache control sent by the user's browser/proxy. Will save bandwidth and drastically speed up your site for [repeat] visitors.
Note that this can also be implemented with mod_headers.
KeepAlive
Enable HTTP persistent connections to improve latency times and reduce server load significantly [25% of original load is not uncommon].
prefork MPM:
KeepAlive On
KeepAliveTimeout 2
MaxKeepAliveRequests 100
worker and winnt MPMs:
KeepAlive On
KeepAliveTimeout 15
MaxKeepAliveRequests 100
With the prefork MPM, it is recommended to set 'KeepAlive' to 'Off'. Otherwise, a client will tie up an entire process for that span of time. Though in my experience, it is more useful to simply set the 'KeepAliveTimeout' value to something very low [2 seconds seems to be the ideal value]. This is not a problem with the worker MPM [thread-based], or under Windows [which only has the thread-based winnt MPM].
With the worker and winnt MPMs, the default 15 second timeout is setup to keep the connection open for the next page request; to better handle a client going from link to link. Check logs to see how long a client remains on each page before moving on to another link. Set value appropriately [do not set higher than 60 seconds].
SymLinks
Make sure 'Options +FollowSymLinks -SymLinksIfOwnerMatch' is set for all directories. Otherwise, Apache will issue an extra system call per filename component to substantiate that the filename is NOT a symlink; and more system calls to match an owner.
<Directory />
Options FollowSymLinks
</Directory>
AllowOverride
Set a default 'AllowOverride None' for your filesystem. Otherwise, for a given URL to path translation, Apache will attempt to detect an .htaccess file under every directory level of the given path.
<Directory />
AllowOverride None
</Directory>
ExtendedStatus
If mod_status is included, make sure that directive 'ExtendedStatus' is set to 'Off'. Otherwise, Apache will issue several extra time-related system calls on every request made.
ExtendedStatus Off
Timeout
Lower the amount of time the server will wait before failing a request.
Timeout 45
If you are having load-problems with your apache setup, you could also consider migrating to another system. From my personal experience I would suggest you to try nginx to serve static files.
I am trying to fix this whole day without success, so I hope someone might be able to help me. I have an app at http://localhost/, and it uses Pylons for the app I am hosting. In addition to that, I need to host a PHP/MySQL site, so I had to use Apache too.
My current setup is that I use haproxy with this config for the Apache backend:
backend apache
mode http
timeout connect 4000
timeout server 30000
timeout queue 60000
balance roundrobin
server app02-8002 localhost:8002 maxconn 1000
This is triggered by this:
acl image url_sub images
use_backend apache if image
So, when I open my IP/images, it will trigger that and open Apache then, with port 8002.
For Apache, I created virtual hosts, and this is the "image" one:
<VirtualHost *:8002>
ServerAdmin my#email.com
ServerName image
ServerAlias image
DocumentRoot /srv/www/image/public_html/
ErrorLog /srv/www/image/logs/error.log
CustomLog /srv/www/image/logs/access.log combined
</VirtualHost>
So, that all works nicely, when I type IP/images it open the /srv/www/image/public_html. But then the issues come. As I am using the image uploading script, it involves a lot of rewriting, so I had to enable that mod. This is the .htaccess which is located in the public_html/images folder (I somehow had to make this subfolder too, to "match" the URL with the actual location in the public_html.
SetEnv PHP_VER 5_3
RewriteEngine On
# You must define your installation directory and uncomment the line :
RewriteBase /images/
RewriteRule ^([a-zA-Z]+)\.(jpg|gif|png|wbmp)$ controller/Resizer.php?m=original&a=$1&e=$2 [L]
RewriteRule ^(icon|small|medium|square)\/([a-zA-Z]+)\.(jpg|gif|png|wbmp)$ controller/Resizer.php?m=$1&a=$2&e=$3 [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule (.*) application.php?request=$1 [L,QSA]
So, basically, this is somethow not working. I suppose there is a conflict between this virtual host, subdirectory, rewriting or something, but I can't seem to isolate it.
It is a bit confusing that when I open the IP/images/xxxx.jpg it opens the image, which is located in the public_html/images/upload/original folder, so the rewrite is working. The the other rules seem not to be working. All of the thumbnails and smaller versions are not rendering properly (with the icon, small, medium, square), so that makes the site quite unsusable.
Here is the link of the development server: http://localhost/images/
Thanks in advance for your time and help!
The first thing you should do is determine whether mod_rewrite is in fact part of the problem by accessing one of the failing URLs directly via its rewritten form and verifying that you get the expected result.
Indeed, the problem might simply be that the PHP script for the smaller resolutions "doesn't work" while it does for the original size ones. The first of the following URLs nicely served me an image; the second one is supposed to give me a smaller version of the same image, but served me an HTTP 500:
http://106.186.21.176/images/controller/Resizer.php?m=original&a=q&e=png
http://106.186.21.176/images/controller/Resizer.php?m=small&a=q&e=png
I got the same result (HTTP 500) for any of the smaller-size format names mentioned in your post, which matches your problem description.
Once you've verified that the script works as expected, it's likely that the problem is with mod_rewrite. If so, enable rewrite logging: use the RewriteLog directive to activate it, and RewriteLogLevel to control its verbosity. Especially at the higher log levels, it can give you very detailed information about exactly what it's doing. This should make the problem readily apparent from the logs.
Also, if possible, try to avoid configuring mod_rewrite rules in .htaccess files -- move them into your main server config file instead. The reason is explained on Apache mod_rewrite Technical Details, section "API phases":
Unbelievably mod_rewrite provides URL manipulations in per-directory context, i.e., within .htaccess files, although these are reached a very long time after the URLs have been translated to filenames. It has to be this way because .htaccess files live in the filesystem, so processing has already reached this stage. In other words: According to the API phases at this time it is too late for any URL manipulations. To overcome this chicken and egg problem mod_rewrite uses a trick: When you manipulate a URL/filename in per-directory context mod_rewrite first rewrites the filename back to its corresponding URL (which is usually impossible, but see the RewriteBase directive below for the trick to achieve this) and then initiates a new internal sub-request with the new URL. This restarts processing of the API phases.
Again mod_rewrite tries hard to make this complicated step totally transparent to the user, but you should remember here: While URL manipulations in per-server context are really fast and efficient, per-directory rewrites are slow and inefficient due to this chicken and egg problem. But on the other hand this is the only way mod_rewrite can provide (locally restricted) URL manipulations to the average user.
In general, not using .htaccess at all has the added advantage that you can tell Apache to not even bother and disable the functionality all together, which save Apache from having to scan each directory level it serves from for the .htaccess files.
I'm working on a site where the main idea is to do a lot of xmlHttpRequests in a loop (or loop like construct). But the thing is that every time I access the file on my server from the javascript it is logged in access log on the server. Over time the access log file gets so big it slows down the further requests.
Is there a way to tell the apache (I guess) not to log the access to this file if its correct? (I'm sending a get with a password (always different) to this file.)
The access to the file will be from different IPs.
I don't want to stop all the logging, just the "approved" one.
No problem. Just look at the example from Apache's documentation (a place where you might want to look, if you happen to have an apache-related question in the future).
For example:
# Mark requests for the AJAX call
SetEnvIf Request_URI "^/myajaxscript\.php.*$" dontlog
SetEnvIf Request_URI "^/myotherajaxscript\.php$" dontlog
# Log what remains
CustomLog logs/access_log common env=!dontlog
I need to do a url-rewriting job now.
I don't know whether I should put the code into a .htaccess or httpd.conf?
EDIT
What's the effecting range of .htaccess?Will it affect all requests or only requests to the specific directory it's located?
If you wont have to change your rules very often, you should put them in the httpd.conf and turn off overriding in the top directory your rules apply to
AllowOverride None
With no overriding, your apache will not scan every directory for .htaccess files making less of an overhead for each request.
Whenever you do have to change your rules, you will have to restart your apache server if you put it in your httpd.conf as opposed to them being instantly detected in .htaccess files because it reads them all on every request.
You can easily do this using a graceful restart with the apachectl tool to avoid cutting off any current requests being served.
apachectl graceful
If you aren't going to turn override off, you might as well just use .htaccess only.
Edit in response to your edit:
Say you have a request for www.example.com/dir1/dir2/dir3/file
Apache will look for a .htaccess file in all 3 of those directories and the root for rules to apply to the request if you have overriding allowed.
Ease of use and IMO maintainability (just go to the dir you want as any permissioned user) = .htaccess but that is parsed repeatedly vs. the parse once in httpd.conf where your über-high volume would be best set.
There are three issues here in terms of which is "better":
performance
management
security
.htaccess is slower, harder to manage, and potentially less secure. If you have access to the httpd.conf, then placing rules there can be easier to manage (in one place), faster ("AllowOverrides None" means that the server does not look in the current directory and any parent directories for an override file to parse and follow), and since .htaccess files are not present in the website directory, they cannot be edited (and if created, will be ignored).
You may use both of them. IMHO, .htaccess will be a bit better
I want to use the keep-alive feature in Apache. How can I do this with my host (.htaccess file), and what are the best values for the parameters like KeepAliveTimeout?
If Keep-alive is turned on in the Apache configuration, all you need is just set an HTTP header Connection: keep-alive. E.g. add following lines to your .htaccess file:
<ifModule mod_headers.c>
Header set Connection keep-alive
</ifModule>
You can't control keepalive behaviour in an .htaccess. Keepalives are a host-level feature, not one where different directories can behave differently depending on the per-directory htaccess info.
If you are on the kind of basic shared hosting that only gives you .htaccess to configure your sites, you can't change the keepalive settings. Presumably the hosting company will have set them appropriately, or just left them on the default settings, which are usually fine.
Yes Keep-alive behavior can be controlled in .htaccess file.
First check the server setting by printing $_SERVER and if
[HTTP_CONNECTION] => keep-alive
is there then you just have to include the setting in your .htaccess file.
Add the following line at the end of .htaccess file in your project's root directory.
<ifModule mod_headers.c>
Header set Connection keep-alive
</ifModule>
If you have SSH access to your server you should edit the Apache config file. Use these settings as a starter:
KeepAlive: on
KeepAliveTimeout: 3 seconds
MaxKeepAliveRequests: 60
This should work for most basic server setups with average traffic. You can always tweak the settings to suit your own needs. See here for more detailed info about this: http://www.giftofspeed.com/enable-keep-alive/
If you don't have access to your server you should contact your host. Changing the keepalive settings on your own by editing the .htaccess file will probably don't work.
It very much depends on your site and the amount of traffic it receives. If a user comes to your site, then clicks through to another page within the KeepAliveTimeout setting (default is 15), a new TCP does not have to be created. This can really help with overhead.
On the other hand, any Apache processes that are currently tied up w/ existing visitors will not be able to talk to the new ones. So you may have to increase the total number of Apache processes that are available.
In short... it requires tweaking.
you can't control keep-alive behavior in .htaccess
Paste the following code in your .htaccess file:
<ifModule mod_headers.c>
Header set Connection keep-alive
</ifModule>
Then use this website: https://varvy.com/pagespeed/ to check if it's enabled.