The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Introducing EasyApache’s Optimal Profiles

Discussion in 'EasyApache' started by ScottTh, Oct 30, 2013.

  1. ScottTh

    ScottTh Well-Known Member

    Joined:
    Jan 28, 2013
    Messages:
    157
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    We are happy to announce the upcoming release of a new Profile page that will make EasyApache quicker and easier to use.

    This new Profile page will include cPanel & WHM’s new Optimal Profiles. The purpose of the new profiles is to ensure that you will receive a safe and secure EasyApache build without having to access the Short or Exhaustive Options list. Each new Optimal Profile will include a selection of modules to match the current PHP version we recommend, and an Apache version that will deliver safe and reliable performance.

    We will also introduce profiles that utilize the advantages of the CloudLinux operating system. One of the recommendations we make for CloudLinux users is to use the Apache MPM ITK module. This upcoming release will add the MPM ITK module to EasyApache. We will provide links to learn more about CloudLinux, and an opportunity to upgrade to the operating system.

    Server administrators will continue to have access to the Short and Exhaustive Options list. You will still be able to create new profiles, customize any profile you save, and use previous profiles.

    Below, we have included wire frame drafts of our new EasyApache Profile pages. Please note that these drafts do not reflect a finalized product and are subject to change. We welcome your comments and suggestions.

    Without CL.png

    The cPanel Recommended Profiles page will allow system administrators to build EasyApache and learn more about CloudLinux.

    With CL.png

    The cPanel + Cloud Linux Profiles page will only be visible if a server has the CloudLinux operating system installed.

    Look for these exciting changes before the end of 2013!

    Reminder:
    The EasyApache team would like to remind all users about the removal of several End of Life items. By the end of 2013, the following items will be removed from EasyApache:

    Apache 1.3
    Apache 2.0
    PHP 5.2*
    mod_frontpage*

    *These items will be available as Custom Modules. You can read more about how to use and install Custom Modules at Impending End of Life Announcements from the EasyApache Team
     
  2. ThinIce

    ThinIce Well-Known Member

    Joined:
    Apr 27, 2006
    Messages:
    346
    Likes Received:
    7
    Trophy Points:
    18
    Location:
    Disillusioned in England
    cPanel Access Level:
    Root Administrator
    Looks interesting, how will new installs deal with this? Taking a look at that first screenshot, am I correct in thinking that a vanilla new install (i.e. non cloud linux) will include a default "basic" build with suphp but the recommended configuration will be mod_ruid2 or mpm_itk depending on apache version? Or will a new install only fall back to basic / suphp if it can't (for whatever reason) build the recommended option?
     
  3. ScottTh

    ScottTh Well-Known Member

    Joined:
    Jan 28, 2013
    Messages:
    157
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Hi ThinIce,

    Thanks for all the great questions! Let me try and answer them one by one:

    "...how will new installs deal with this?"
    New installs of EasyApache will display the cPanel Recommended Profiles only. After you have built EasyApache with one of those profiles, or constructed your own custom profile, the next time you run EasyApache you will see the Previously Saved Configuration section with the build you initially selected.

    "...am I correct in thinking that a vanilla new install (i.e. non cloud linux) will include a default "basic" build with suphp but the recommended configuration will be mod_ruid2 or mpm_itk depending on apache version?"
    Yes, the Basic profile will include SuPHP. You are correct that Recommended profiles will contain mod_ruid2 or MPM-ITK depending on which Apache version you'd like to us. The MPM-ITK Profile will only be available with Apache 2.2

    "Or will a new install only fall back to basic / suphp if it can't (for whatever reason) build the recommended option?"
    I'll try my best to answer this one, but you may need to let me know if I don't address your question. If you have selected one of the Recommended profiles the build should proceed just as if you selected the Basic profile. A Recommended profile build won't fall back to a Basic if it can't complete for whatever reason.

    Please remember that the development process for this new profile page is an ongoing process. The final profile page and behavior may be slightly different than described here.

    Let me know if you have any additional questions!
     
  4. ThinIce

    ThinIce Well-Known Member

    Joined:
    Apr 27, 2006
    Messages:
    346
    Likes Received:
    7
    Trophy Points:
    18
    Location:
    Disillusioned in England
    cPanel Access Level:
    Root Administrator
    Hi Scott, thanks for the reply and the extra information. So a cPanel install on a new box will be running the default basic build with suphp as it does now. Would it be possible to have a way of setting it to build one of the other (recommended) two before running the cPanel install? I realise this will be less of an issue when everything is being pulled in with rpms eventually, but it'll save some time.

    Looking at How to Configure Apache Pre-Installation perhaps you could pop the recommended profiles up for download for people performing new installs?
     
  5. ScottTh

    ScottTh Well-Known Member

    Joined:
    Jan 28, 2013
    Messages:
    157
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Hi ThinIce,

    I believe I can help you out with this question too. Below is a link where you can download the profiles currently offered in EasyApache. This dynamic list will change when the new profile page is introduced so you will be able to download the two new Recommended profiles.

    Index of /cpanelsync/easy/profiles/easy/apache/profile/custom/

    Hope that helps and let me know if you have any more questions!
     
  6. Duplika

    Duplika Well-Known Member

    Joined:
    Feb 26, 2005
    Messages:
    56
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Buenos Aires, Argentina
    cPanel Access Level:
    Root Administrator
    Twitter:
    Having a custom profile built for CloudLinux, with a compatible opcode configuration and optimized settings for shared hosting servers will be great.
     
  7. patchwork

    patchwork Well-Known Member

    Joined:
    Nov 2, 2001
    Messages:
    92
    Likes Received:
    0
    Trophy Points:
    16
    Having a good config using an opcode cache would be great, I've been changing my config for hours trying to find a working configuration, I can get xcache working but I then get apache crashes and seg faults, other configs stop everything working, some stop sessions from working. I really am finding it very hard to create a good fast and secure configuration.

    Pete
     
  8. ScottTh

    ScottTh Well-Known Member

    Joined:
    Jan 28, 2013
    Messages:
    157
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Hi Juanzo,

    You will also be able customize each of the recommended profiles to work best for you. While the recommended Cloud Linux profiles are configured for security and reliability you may want to experiment to find the best opcode configuration for your sever.
     
  9. patchwork

    patchwork Well-Known Member

    Joined:
    Nov 2, 2001
    Messages:
    92
    Likes Received:
    0
    Trophy Points:
    16
    I tried many different apache 2.2 / PHP 5.3 / xcache variations and ended up getting a lot of seg faults, in the end I decided to try apache 2.4, PHP 5.5 and the new builtin OPCache and I'm really impressed, it seems like a very good and stable combination.
     
  10. gwc_wd

    gwc_wd Member

    Joined:
    Oct 24, 2010
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    1
    Focusing on the word "optimal," will this new profile approach provide an easy way to prevent loading modules or having directives that are not being used? For example there are a lot of Alias directives (such as for Interchange) that many systems do not use. I do not use and don't want to use WebDav - but does the LoadModule directive for it get executed anyway? I would like to remove all Languages and charsets except two. Having the least amount of "stuff" going on is not only optimal, but is better security against unforeseen vulnerabilities -- I recall some time ago there was an exploit against a charset variation for example.

    The includes editor in WHM allows the addition of modules and directives but I don't see a way to delete defaults from the configuration other than going in manually, which I am not confident I can do without breaking something else. I'm not qualified to know what I'm doing <smile> which is kind of the point of Easy Apache...
     
  11. cPanelKurtN

    cPanelKurtN Well-Known Member
    Staff Member

    Joined:
    Jan 29, 2013
    Messages:
    95
    Likes Received:
    1
    Trophy Points:
    8
    cPanel Access Level:
    Root Administrator
    We are using the word "optimal" to refer to the combination of software and environment that an administrator can install on their machine, in order to provide the highest quality of service and experience when using EasyApache.

    Micro-optimizing a web server (and related configurations) is often dependent on a server's usage pattern. Thus, it is dependent on you to understand those patterns/needs, as it varies quite wildly from customer to customer. Often times this requires a great deal of metrics and experience to determine where speed/security improvements should take place; e.g. disk, cpu, memory, and network i/o optimizations.

    Given that response, if you find that your customers don't need the software that is installed, we have, and will continue to support custom profiles and configuration templates.
     
  12. gwc_wd

    gwc_wd Member

    Joined:
    Oct 24, 2010
    Messages:
    13
    Likes Received:
    0
    Trophy Points:
    1
    Thank you for appearing to answer my questions. As they may have been too wordy to be clear let me try again:

    Will there be an easy way to disable or exclude modules from loading?

    If the answer is "no" that's fine, but it would be nice to know that my question was understood.

    Is being able to exclude Interchange and WebDav really considered "Micro-optimizing"?

    Given the way CPanel approaches other tasks, it seemed to me to be possible to include checkboxes for those things in Tweak Settings or in the EasyApache setup. Perhaps excluding charsets, languages and icons is too micro. But entire unused modules should be seen as major configuration choices.

    CPanel obviously thinks so too, to some degree, since it is possible to disable the WebDav server, despite all the directives continuing to be loaded in Apache. Ditto Interchange. Service disabled, but it continues to have gobs of entries in different server files. But no worries as I see no apparent damage from these inconsistencies.
     
  13. cPanelKenneth

    cPanelKenneth cPanel Development
    Staff Member

    Joined:
    Apr 7, 2006
    Messages:
    4,461
    Likes Received:
    22
    Trophy Points:
    38
    cPanel Access Level:
    Root Administrator
    The ability to enable or disable modules (or, if you will include or exclude) will be as simple as it currently is. That part is not changing.

    We pulled Interchange from cPanel & WHM in version 11.38. Could you provide more details on what Interchange items you see being loaded with Apache? We'd like to know what still needs cleaned up.

    In regards to WebDav, could you also provide more details? What directives are still being loaded when webdav is disabled in EasyApache?
     
  14. wintech2003

    wintech2003 Member
    PartnerNOC

    Joined:
    Sep 15, 2010
    Messages:
    22
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Greece
    cPanel Access Level:
    DataCenter Provider
    Any idea about when we can expect EasyApache’s Optimal Profiles?
     
  15. chrismfz

    chrismfz Well-Known Member

    Joined:
    Jul 4, 2007
    Messages:
    109
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Greece
    cPanel Access Level:
    DataCenter Provider

    I think it's on its way :p

    BTW I saw ITK in screenshots. Is it considered safe enough for use ? (Because of root privileges that it requires)
     
  16. ScottTh

    ScottTh Well-Known Member

    Joined:
    Jan 28, 2013
    Messages:
    157
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Hi wintech2003,

    We're continuing to work on the new Optimal Profiles. I don't have an exact date for you quite yet, but please stay tuned to this thread for additional updates. It's our hope to release these new profiles in the near future though.

    Thanks for the question and for following our progress!
     
  17. ScottTh

    ScottTh Well-Known Member

    Joined:
    Jan 28, 2013
    Messages:
    157
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Hi chrismfz,

    That's a great question about ITK. The release will include ITK support for Apache 2.2 only. This is due to ITK's established history and stability with Apache 2.2.

    Do you have more specific questions about ITK and Apache 2.2 that we can help answer?

    Thanks!
     
  18. chrismfz

    chrismfz Well-Known Member

    Joined:
    Jul 4, 2007
    Messages:
    109
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Greece
    cPanel Access Level:
    DataCenter Provider
    Got a few questions :D

    From apache2-mpm-itk :
    Configuration paragraph:

    Will you give an option to edit them globally or per vhost ?
    Not very useful if someone's running CloudLinux but anyway some-kind-of useful...


    And from Quirks and warnings:

    We cannot predict 0-day exploits but we gonna have to worry about this ?
    (Defining "more": more over other ways to run apache like prefork/worker/etc)
     
  19. rachweb

    rachweb Well-Known Member

    Joined:
    Jun 26, 2004
    Messages:
    268
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    amsterdam
    When we will have support for Apache 2.4? MPM-ITK is already supporting this version.
     
  20. ScottTh

    ScottTh Well-Known Member

    Joined:
    Jan 28, 2013
    Messages:
    157
    Likes Received:
    2
    Trophy Points:
    18
    Location:
    Houston, TX
    cPanel Access Level:
    Root Administrator
    Hi rachweb,

    The ITK project has made some recent strides to incorporate 2.4 support which is great. We're keeping our eyes on the project and will watch the forums and feature request site to gague the interest in adding 2.4 and ITK support. At this time we are not currently pursuing 2.4 and ITK support, but we're hard at work on providing 2.2 and ITK support here in the near future.

    Please post a request for Apache 2.4 and ITK support here at the cPanel feature request site.

    Thank you for the question!
     

Share This Page