Quick Steps to Optimize & Secure Apache
Below are a few basic steps to secure and optimize your Apache webserver. Most recommendations are for optimizing a basic VPS with minimal footprint.
Note - If htop utility isn’t installed ony your Linux machine, I’d definitely recommend it.
Remove Unnecessary Apache modules to save Memory
By default, Apache loads a variety of different modules. Many of these modules may be un-needed for the scope of your webserver, and will eat up quite a bit of memory.
You can check what modules are loaded by default..
httpd -M # or... apache2ctl -M
This will decrease the attack surface on the off chance an existing default module becomes a security risk - such as the Shellshock exploit and mod_cgi.
If you’re running just WordPress on your Apache server, then the below modules will suffice.
mod_alias mod_authz_host mod_deflate mod_dir mod_expires mod_headers mod_mime mod_rewrite mod_log_config mod_autoindex mod_negotiation mod_setenvif
To disable out of scope modules, comment out the mods (.so files) in:
/var/httpd/modules #or /usr/lib64/https/modules
Restart Apache and you should notice a reduction in memory uses. _
MPM Prefork Mod
If you’re running a minimal VPS with traffic that’s not extremely heavy, then the default Apache Prefork module settings should definitely be altered.
These settings will totally depend on the system resources, traffic, etc. It’s not like subnetting, so there’s no definitive answer. Tweaking it to find out what runs best for your server is the way to go.
You’ll find the necessary lines in the httpd.config file - the example below is for a minimal low memory VPS.
StartServers 2 MinSpareServers 2 MaxSpareServers 6 ServerLimit 20 MaxClients 20 MaxRequestsPerChild 60 ListenBacklog 100
Remember to save the config file and restart Apache.
Both KeepAlive and Timeout are also located in the apache config file.
Reducing your KeepAlive to something less than the default 15 may help Apache performance (or to zero). Server processes waiting for an idle user can eat up resources if you have a steady flow of visitors. Think of how long you may go to a page and click next, or back, etc. The user (is hopefully) digesting the content on your pages and will remain idle for a bit aka no need for that KeepAlive process to be eating resources.
If you have a ton of spare resources and you’d like to make user experience better, you can increase this value.