What would be Optimal Apache config for our box?

benniblanco

Member
Jan 21, 2013
15
0
1
cPanel Access Level
Root Administrator
Sorry if I am posting in the wrong thread but could not find an actual Apache forum.

Since about 2 days we were under funny attack and our hosting company placed us behind TMS to fix the issue. But until they did that few of their admins messed up our Apache config and now we are left with lagging site , timeouts and all sorts of weird things.


Our setup can be seen here
Screenshot by Lightshot

and this is current Apache config


fileetag: All
keepalive: On
keepalivetimeout: 7
maxclients: 250
maxkeepaliverequests: 150
maxrequestsperchild: 1000
maxspareservers: 50
minspareservers: 50
root_options: ExecCGI, FollowSymLinks, Includes, IncludesNOEXEC, Indexes, SymLinksIfOwnerMatch
serverlimit: 256
serversignature: Off
servertokens: ProductOnly
sslciphersuite: ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
startservers: 50
timeout: 300
traceenable: Off


I still experience slow connection and first load is like a process is verifying something before it actually lets me in. But every 5-10 min the connection just dies for about 20-30 sec.

please advise if this config is ok for our box.

Thank you much!
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,913
2,202
363
Hello :)

You can browse to the following option to configure these values:

"WHM Home » Service Configuration » Apache Configuration » Global Configuration"

You may want to adjust the settings back to their default values if the firewall has stopped the attack in order to see if there is a positive change in the performance.

Thank you.
 

thinkbot

Well-Known Member
Oct 30, 2012
326
1
16
cPanel Access Level
Root Administrator
keepalive: On
this set to Off

timeout: 300
this to 15-30 max

and this
startservers: 20
maxspareservers: 10
minspareservers: 30

even assuming that you have high traffic (it will be forking processes automatically, when necessary)

you got plenty of RAM, so even when you have many apache connections it might get stuck on database or something
anyway, if its stuck on not enough apache processes, then its good to turn off keepalive or set it to 1s