Re: [users@httpd] Problem setting up ssl
Hi Sander, Nice to meet you. Based on your response here, you seem to be more educated with respect to web security and SSLs. I’m working on developing a startup that eliminates the difficulty obtaining and installing SSL certs. The process is overly complicated and ripe for disruption. If this is something of interest to you, please send me your LinkedIn url and/or CV and some good days/times to chat. Thanks, Tony On Tue, Aug 21, 2018 at 4:12 AM Sander Smeenk wrote: > Quoting Mahmood Naderan (nt_mahm...@yahoo.com.INVALID): > > > >Is default-ssl site "enabled" via the debian/ubuntu tools e.g. > a2ensite? > > # a2ensite default-ssl > > Enabling site default-ssl. > > Well, there ya go. > > > Now, when I open https://w.x.y.z in firefox, I get > > Your connection is not secure > > This is because SSL-certs require domain names and don't work properly > with 'bare IP addresses'. You'll never get that fixed unless you start > using a domainname and a correct certificate (LetsEncrypt for example). > > -- > | I'm a lousy dancer but my moods are swinging! > | 4096R/20CC6CD2 - 6D40 1A20 B9AA 87D4 84C7 FBD6 F3A9 9442 20CC 6CD2 > > - > To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org > For additional commands, e-mail: users-h...@httpd.apache.org > > -- Tony DiLoreto President & CEO Migliore Technologies Inc 716.997.2396 t...@miglioretechnologies.com miglioretechnologies.com *The best in the business...period!*
Re: [users@httpd] MPM Modules Rule of Thumb
A quick update here, I'm starting to believe there is a memory leak in
either the way I've configured or compiled httpd on AWS EC2. I'm running a
t2.small with 4GB memory with LAMP installed and 4 very small (< 5 hits a
day) sites running on it. In my opinion, even with mod_php, Apache should
require no more than 100MB IN TOTAL. That's not, however, the case:
[ec2-user@ip-172-31-21-23 ~]$ free -m
total used free sharedbuffers cached
Mem: 3954 *3809*145 19214643
-/+ buffers/cache: 2952 1002
Swap:0 0 0
[ec2-user@ip-172-31-21-23 ~]$ ps aux | grep 'httpd' | awk '{print $6/1024;}'
2.07812
45.9297
9.48438
2648.25
[ec2-user@ip-172-31-21-23 ~]$ ps aux | grep 'httpd' | awk '{print
$6/1024;}' | awk '{avg += ($1 - avg) / NR;} END {print "Num Processes: " NR
" Average: " avg " MB";}'
Num Processes: 4 Average: 676.416 MB
There you have it. A *4GB, $50/mo EC2 server* with the default installation
of LAMP
<http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/install-LAMP.html>, at *96%
utilized memory* and *71%* of the used memory going to 4 Apache processes
(average of 676.4MB per process). If you're wondering how it is installed:
[ec2-user@ip-172-31-21-23 ~]$ httpd -V
Server version: Apache/2.4.27 (Amazon)
Server built: Aug 2 2017 18:02:45
Server's Module Magic Number: 20120211:68
Server loaded: APR 1.5.1, APR-UTIL 1.4.1
Compiled using: APR 1.5.1, APR-UTIL 1.4.1
Architecture: 64-bit
Server MPM: worker
threaded: yes (fixed thread count)
forked: yes (variable process count)
Server compiled with
-D APR_HAS_SENDFILE
-D APR_HAS_MMAP
-D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
-D APR_USE_SYSVSEM_SERIALIZE
-D APR_USE_PTHREAD_SERIALIZE
-D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
-D APR_HAS_OTHER_CHILD
-D AP_HAVE_RELIABLE_PIPED_LOGS
-D DYNAMIC_MODULE_LIMIT=256
-D HTTPD_ROOT="/etc/httpd"
-D SUEXEC_BIN="/usr/sbin/suexec"
-D DEFAULT_PIDLOG="/var/run/httpd/httpd.pid"
-D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
-D DEFAULT_ERRORLOG="logs/error_log"
-D AP_TYPES_CONFIG_FILE="conf/mime.types"
-D SERVER_CONFIG_FILE="conf/httpd.conf"
and the loaded modules:
[ec2-user@ip-172-31-21-23 ~]$ httpd -M
Loaded Modules:
core_module (static)
so_module (static)
http_module (static)
access_compat_module (shared)
actions_module (shared)
alias_module (shared)
auth_basic_module (shared)
auth_digest_module (shared)
authz_core_module (shared)
authz_dbd_module (shared)
authz_dbm_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_owner_module (shared)
authz_user_module (shared)
autoindex_module (shared)
data_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
expires_module (shared)
ext_filter_module (shared)
filter_module (shared)
headers_module (shared)
include_module (shared)
info_module (shared)
log_config_module (shared)
mime_module (shared)
negotiation_module (shared)
reqtimeout_module (shared)
request_module (shared)
rewrite_module (shared)
setenvif_module (shared)
slotmem_plain_module (shared)
slotmem_shm_module (shared)
socache_dbm_module (shared)
socache_memcache_module (shared)
socache_shmcb_module (shared)
status_module (shared)
unixd_module (shared)
userdir_module (shared)
version_module (shared)
vhost_alias_module (shared)
watchdog_module (shared)
dav_module (shared)
dav_fs_module (shared)
dav_lock_module (shared)
mpm_worker_module (shared)
ssl_module (shared)
cgid_module (shared)
php5_module (shared)
pagespeed_module (shared)
Thoughts on optimization/memory repair?
Thank you!
On Wed, Sep 6, 2017 at 2:25 PM, Tony DiLoreto <t...@miglioretechnologies.com
> wrote:
> Thanks Luca, I'll give that a shot. What surprises me is how much each
> process was consuming; at times 250mb each. Are you saying the majority of
> that is for php?
>
> At the end of the day, I'm looking for the optimal configuation for a
> standard Wordpress site server. Given the ubiquity of the platform you'd
> expect more people to have blogged about the required mods and MPM
> settings for this, but I've come back with little.
>
> Do we have a "barebones Wordpress" list of mods that are required?
>
> On Wed, Sep 6, 2017 at 1:30 AM Luca Toscano <toscano.l...@gmail.com>
> wrote:
>
>> Hi Tony,
>>
>> usually httpd consumes a very little amount of memory, if it is behaving
>> in that way it is probably due to some module like mod_php. Can you give us
>> a bit more info about your mpm used and the list of modules loaded? For
>> example, the most common use case that we see is mpm-prefork and mod_php
>> causing a ton of RAM consumed (each httpd process allocates memory for
Re: [users@httpd] MPM Modules Rule of Thumb
Thanks Luca, I'll give that a shot. What surprises me is how much each process was consuming; at times 250mb each. Are you saying the majority of that is for php? At the end of the day, I'm looking for the optimal configuation for a standard Wordpress site server. Given the ubiquity of the platform you'd expect more people to have blogged about the required mods and MPM settings for this, but I've come back with little. Do we have a "barebones Wordpress" list of mods that are required? On Wed, Sep 6, 2017 at 1:30 AM Luca Toscano <toscano.l...@gmail.com> wrote: > Hi Tony, > > usually httpd consumes a very little amount of memory, if it is behaving > in that way it is probably due to some module like mod_php. Can you give us > a bit more info about your mpm used and the list of modules loaded? For > example, the most common use case that we see is mpm-prefork and mod_php > causing a ton of RAM consumed (each httpd process allocates memory for a > PHP interpreter), meanwhile a solution like mpm-worker|event + > mod_proxy_fcgi + php-fpm works way better. > > My suggestion would be to narrow down what module is really causing your > memory to saturate before tuning the mpm. > > Luca > > > 2017-09-06 1:33 GMT+02:00 Tony DiLoreto <t...@miglioretechnologies.com>: > >> Hi Luca, >> >> Basically my server runs out of free memory and freezes. On AWS I have to >> stop/start it again to be able to SSH in. What I'd really like is a >> MAX_PERCENTAGE_AVAILABLE_MEMORY directive that limits Apache to <= some % >> of free memory. That way it can never halt my system. >> >> Hope this helps. >> >> On Tue, Sep 5, 2017 at 1:16 PM Luca Toscano <toscano.l...@gmail.com> >> wrote: >> >>> Hi Tony, >>> >>> 2017-08-31 23:43 GMT+02:00 Tony DiLoreto <t...@miglioretechnologies.com> >>> : >>> >>>> Hi All, >>>> >>>> I've been scouring the internet for best practices or heuristics for >>>> specifying parameter values of the MPM directives. My server seems to lock >>>> up regardless of the values I enter. Are there "rules of thumb" for each >>>> MPM type (prefork, worker, event)? >>>> >>>> >>> Can you tell us what do you mean with "lock up"? >>> >>> Luca >>> >> -- >> Tony DiLoreto >> President & CEO >> Migliore Technologies Inc >> >> 716.997.2396 >> t...@miglioretechnologies.com >> >> >> >> miglioretechnologies.com >> *The best in the business...period!* >> > > -- Tony DiLoreto President & CEO Migliore Technologies Inc 716.997.2396 t...@miglioretechnologies.com miglioretechnologies.com *The best in the business...period!*
Re: [users@httpd] MPM Modules Rule of Thumb
Hi Luca, Basically my server runs out of free memory and freezes. On AWS I have to stop/start it again to be able to SSH in. What I'd really like is a MAX_PERCENTAGE_AVAILABLE_MEMORY directive that limits Apache to <= some % of free memory. That way it can never halt my system. Hope this helps. On Tue, Sep 5, 2017 at 1:16 PM Luca Toscano <toscano.l...@gmail.com> wrote: > Hi Tony, > > 2017-08-31 23:43 GMT+02:00 Tony DiLoreto <t...@miglioretechnologies.com>: > >> Hi All, >> >> I've been scouring the internet for best practices or heuristics for >> specifying parameter values of the MPM directives. My server seems to lock >> up regardless of the values I enter. Are there "rules of thumb" for each >> MPM type (prefork, worker, event)? >> >> > Can you tell us what do you mean with "lock up"? > > Luca > -- Tony DiLoreto President & CEO Migliore Technologies Inc 716.997.2396 t...@miglioretechnologies.com miglioretechnologies.com *The best in the business...period!*
[users@httpd] MPM Modules Rule of Thumb
Hi All, I've been scouring the internet for best practices or heuristics for specifying parameter values of the MPM directives. My server seems to lock up regardless of the values I enter. Are there "rules of thumb" for each MPM type (prefork, worker, event)? Thanks! -- Tony DiLoreto President & CEO Migliore Technologies Inc 716.997.2396 t...@miglioretechnologies.com miglioretechnologies.com *The best in the business...period!*
Re: [users@httpd] Fine Tuning Apache 2.4 on AWS EC2 t2.medium Instance
Hi chris, Apologies for the delayed response. So I have the base installation of apache 2.4 within Amazon EC2 (via these instructions: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/install-LAMP.html) which loads these modules by default, among a few others: LoadModule access_compat_module modules/mod_access_compat.so LoadModule actions_module modules/mod_actions.so LoadModule alias_module modules/mod_alias.so LoadModule allowmethods_module modules/mod_allowmethods.so LoadModule auth_basic_module modules/mod_auth_basic.so LoadModule auth_digest_module modules/mod_auth_digest.so LoadModule authn_anon_module modules/mod_authn_anon.so LoadModule authn_core_module modules/mod_authn_core.so LoadModule authn_dbd_module modules/mod_authn_dbd.so LoadModule authn_dbm_module modules/mod_authn_dbm.so LoadModule authn_file_module modules/mod_authn_file.so LoadModule authn_socache_module modules/mod_authn_socache.so LoadModule authz_core_module modules/mod_authz_core.so LoadModule authz_dbd_module modules/mod_authz_dbd.so LoadModule authz_dbm_module modules/mod_authz_dbm.so LoadModule authz_groupfile_module modules/mod_authz_groupfile.so LoadModule authz_host_module modules/mod_authz_host.so LoadModule authz_owner_module modules/mod_authz_owner.so LoadModule authz_user_module modules/mod_authz_user.so LoadModule autoindex_module modules/mod_autoindex.so LoadModule cache_module modules/mod_cache.so LoadModule cache_disk_module modules/mod_cache_disk.so LoadModule cache_socache_module modules/mod_cache_socache.so LoadModule data_module modules/mod_data.so LoadModule dbd_module modules/mod_dbd.so LoadModule deflate_module modules/mod_deflate.so LoadModule dir_module modules/mod_dir.so LoadModule dumpio_module modules/mod_dumpio.so LoadModule echo_module modules/mod_echo.so LoadModule env_module modules/mod_env.so LoadModule expires_module modules/mod_expires.so LoadModule ext_filter_module modules/mod_ext_filter.so LoadModule filter_module modules/mod_filter.so LoadModule headers_module modules/mod_headers.so LoadModule include_module modules/mod_include.so LoadModule info_module modules/mod_info.so LoadModule log_config_module modules/mod_log_config.so LoadModule logio_module modules/mod_logio.so LoadModule macro_module modules/mod_macro.so LoadModule mime_magic_module modules/mod_mime_magic.so LoadModule mime_module modules/mod_mime.so LoadModule negotiation_module modules/mod_negotiation.so LoadModule remoteip_module modules/mod_remoteip.so LoadModule reqtimeout_module modules/mod_reqtimeout.so LoadModule request_module modules/mod_request.so LoadModule rewrite_module modules/mod_rewrite.so LoadModule setenvif_module modules/mod_setenvif.so LoadModule slotmem_plain_module modules/mod_slotmem_plain.so LoadModule slotmem_shm_module modules/mod_slotmem_shm.so LoadModule socache_dbm_module modules/mod_socache_dbm.so LoadModule socache_memcache_module modules/mod_socache_memcache.so LoadModule socache_shmcb_module modules/mod_socache_shmcb.so LoadModule status_module modules/mod_status.so LoadModule substitute_module modules/mod_substitute.so LoadModule suexec_module modules/mod_suexec.so # This module will cause Apache to fail to load if there is no DNS # LoadModule unique_id_module modules/mod_unique_id.so LoadModule unixd_module modules/mod_unixd.so LoadModule userdir_module modules/mod_userdir.so LoadModule version_module modules/mod_version.so LoadModule vhost_alias_module modules/mod_vhost_alias.so LoadModule watchdog_module modules/mod_watchdog.so It is using *MPM_Prefork* by default, with default values (nothing specified). I could setup a phpinfo page privately if you'd like as well. I have requested repeatedly to Amazon to put out a page that is more comprehensive than their basic MPM tuning page <https://aws.amazon.com/premiumsupport/knowledge-center/ec2-apache-memory-tuning/>, for following the instructions does not fix it. Ironically the server grinds to a halt even if no requests are being made to it. IMHO, even with the default installation Apache eats up too much memory. It would be MUCH simpler if there was a MAX_MEMORY_PERCENT directive you can place in httpd.conf, which specifies the percentage of free memory Apache is allowed to consume. Any thoughts? On Sat, Oct 1, 2016 at 1:59 PM, Christopher Schultz < ch...@christopherschultz.net> wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA256 > > Tony, > > On 10/1/16 4:36 PM, Tony DiLoreto wrote: > > All, > > > > I'm at my wits end trying to simply run Apache 2.4 on my Amazon > > EC2 server. There are dozens of stackoverflow and websites, but > > the suggestions do not seem to work on my instance. > > > > *Hardware* > > > > * Amazon EC2 Instance * t2.medium (2 VCPUs, 4GB RAM, 1GB Swap > > added) > > > > *Software* > > > > * Base Amazon Unix distro * Apache 2.4, PHP 5 (no mysql) via > > Amazon instructions: > > http://d
[users@httpd] Fine Tuning Apache 2.4 on AWS EC2 t2.medium Instance
All, I'm at my wits end trying to simply run Apache 2.4 on my Amazon EC2 server. There are dozens of stackoverflow and websites, but the suggestions do not seem to work on my instance. *Hardware* - Amazon EC2 Instance - t2.medium (2 VCPUs, 4GB RAM, 1GB Swap added) *Software* - Base Amazon Unix distro - Apache 2.4, PHP 5 (no mysql) via Amazon instructions: http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/install-LAMP.html Shortly after installation, I'm finding the serve grinds to a halt. Apache eats 95% of total memory, to the point where I cannot run base unix commands like 'ls'. Looking for recommendations on: - which modules I can safely disable (those that few very users need) - *exact* values for maxConnectionsPerChild, maxRequestWorkers, etc. That leaves me with 1GB free for the operating system. My Wordpress website will not be serving more than 10k pageviews/month, and never more than 20 at any given moment. Any recommendations?? Thanks in advance! -- Tony DiLoreto President & CEO Migliore Technologies Inc 716.997.2396 t...@miglioretechnologies.com miglioretechnologies.com *The best in the business...period!*
