Strip Down Apache to Improve Performance & Memory Efficiency

Can you believe that its been 2+ years since the release of Apache 2.4?! Yup. Still, most Apache based web servers are still running Apache version 2.2 or even 2.0. This is understandable for the same reasons why Apache web servers are still used by more than Nginx… compatibility, official support and features. If you haven’t already swapped Apache out for Nginx,  then here’s a quick article which discusses boosting Apache’s performance using a method that’s often overlooked by Admins.

Now, before we get into that, please note that I’m not claiming that Apache is faster than Nginx, because it just isn’t. Also, considering what Apache is designed for/as, its not supposed to be faster than Nginx. That said, there are tons of articles on the web about Apache’s performance. Many with dreadfully unfair comparisons touting just how fast Nginx is vs Apache. Yet, the fact is that Apache is a tried and true web server that has played, and still plays, a large role in what has become the internet of web servers. With over 50% of all web servers still running Apache.

To compare Apache vs Nginx isn’t a fair comparison because Apache focuses on being feature-rich, while Nginx is more of a lightweight static http/proxy server. Here’s a more accurate way to look at Apache as compared to Nginx: Apache comes with tons of features and modules, but most times you only need a few of these. While Nginx offers a bare-bones approach (newer versions getting more and more bloated!) and performs these core features a lot faster than Apache. Thus, if you consider how heavy Apache is, it actually performs a lot better at than given credit for!

Stripping Apache 2.x (Httpd) of unused modules

Thats where you have to ask yourself, how many of Apache’s modules am actually using? 20%, 30% maybe 40%! Yes, one important approach to improving Apache performance – often overlooked – is stripping it down to only the modules (features) that you use. This increases throughput while reducing memory and CPU consumption.

Ok so lets take a look at what modules your Apache install currently loads on Apache startup. You can view a list of enabled modules by typing the following from shell:

For CentOS/Fedora (httpd):

For Ubuntu/Debian (apache2):

 

List of Apache Modules Loaded by Default on CentOS 6.x

core_module (static)
mpm_prefork_module (static)
http_module (static)
so_module (static)
auth_basic_module (shared)
auth_digest_module (shared)
authn_file_module (shared)
authn_alias_module (shared)
authn_anon_module (shared)
authn_dbm_module (shared)
authn_default_module (shared)
authz_host_module (shared)
authz_user_module (shared)
authz_owner_module (shared)
authz_groupfile_module (shared)
authz_dbm_module (shared)
authz_default_module (shared)
ldap_module (shared)
authnz_ldap_module (shared)
include_module (shared)
log_config_module (shared)
logio_module (shared)
env_module (shared)
ext_filter_module (shared)
mime_magic_module (shared)
expires_module (shared)
deflate_module (shared)
headers_module (shared)
usertrack_module (shared)
setenvif_module (shared)
mime_module (shared)
dav_module (shared)
status_module (shared)
autoindex_module (shared)
info_module (shared)
dav_fs_module (shared)
vhost_alias_module (shared)
negotiation_module (shared)
dir_module (shared)
actions_module (shared)
speling_module (shared)
userdir_module (shared)
alias_module (shared)
substitute_module (shared)
rewrite_module (shared)
proxy_module (shared)
proxy_balancer_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_ajp_module (shared)
proxy_connect_module (shared)
cache_module (shared)
suexec_module (shared)
disk_cache_module (shared)
cgi_module (shared)
version_module (shared)

In red are those modules that can safely be removed in most environments. The reason for removing is that Apache will load all of these into server memory. As a result making Apache heavier and slower for each request, especially as web server throughput increases!

 

Here’s my final list of modules on CentOS 6.4

core_module (static)
mpm_event_module (static)
http_module (static)
so_module (static)
authz_host_module (shared)
authz_user_module (shared)
authn_file_module (shared)
auth_basic_module (shared)
log_config_module (shared)
logio_module (static)
expires_module (shared)
deflate_module (shared)
headers_module (shared)
setenvif_module (shared)
mime_module (shared)
dir_module (shared)
alias_module (shared)
rewrite_module (shared)
proxy_module (shared)
proxy_fcgi_module (shared)

Notice more than half of the preloaded modules have been stripped. I’ve also replaced mpm prefork with mpm event and added proxy_module and proxy_fcgi_module for PHP-FPM (see notes at the end of article).

 

Apache Modules Loaded by Default on Ubuntu 12.04/13.04

core_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
mpm_prefork_module (static)
http_module (static)
so_module (static)
alias_module (shared)
auth_basic_module (shared)
authn_file_module (shared)
authz_default_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgi_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
mime_module (shared)
negotiation_module (shared)
reqtimeout_module (shared)
setenvif_module (shared)
status_module (shared)

Notice, less modules are enabled by default than with CentOS. In fact, Ubuntu’s Apache does not enable some performance critical modules. (See below)

 

Here’s my final list of modules on Ubuntu 13.04

core_module (static)
log_config_module (static)
logio_module (static)
version_module (static)
mpm_event_module (static)
http_module (static)
so_module (static)
auth_basic_module (shared)
authn_file_module (shared)
authz_host_module (shared)
authz_user_module (shared)
expires_module (shared)
deflate_module (shared)
headers_module (shared)
dir_module (shared)
mime_module (shared)
setenvif_module (shared)
rewrite_module (shared)
proxy_module (shared)
proxy_fcgi_module (shared)

In green are modules I’ve added that when configured correctly will also improve performance. While the rewrite_module is simply required by web apps such as WordPress for friendly URL rewrites (WordPress permalinks). Again the proxy modules for PHP-FPM.

 

Apache (Httpd) Specific Module notes

mpm_prefork_module - With Apache 2.4, replace this with mpm_event_module. Its faster & uses less memory. (Do this last) You can’t use mpm event with mod_php so I suggest moving to PHP fastcgi/PHP-FPM. Also see: Apache MPMs – Prefork, Worker, and Event. Event MPM is no longer experimental but is now fully supported (2.4).

log_config_module - Once your web app is stable decide if to turn off access logging via Apache config. Access logs add extra overhead to every request. This is negligent, but on high-throughput web servers access logging can cause a more noticeable performance hit with gigabytes of logs being written daily. This module is also responsible for the extremely important error logs.

status_module - The Status module allows server admins to find out how well Apache is performing. Safe to disable. Tracks ALL requests. Useful

 

How to disable Apache Modules – Ubuntu/Debian

If you’re on Ubuntu, you can disable Apache modules using shell commands. Simply type the following (a2dismod nameofmodule) for each module:

Repeat for each module you need to disable.

 

How to disable Apache Modules – CentOS/Fedora

If you’re runing a CentOS server – my fav after Arch Linux – then simply comment out the lines for each module listed in /etc/httpd/conf/httpd.conf.

For example, change:

to

Repeat for each module.

 

Important notes

– Make sure you have a list of the modules used with Ubuntu before you start disabling. On CentOS, copy (cp) httpd.conf to something like httpd.conf_bak. This way you can easily revert changes.

– With some of the modules, when disabled you will also have to comment out (remove) corresponding lines of config from httpd.conf (CentOS) or apache2.conf (Ubuntu). If you are not very familiar with Apache, then disable the modules one-by-one. After you disable each module, restart Apache to test. This is useful because when you disable some modules such as dav_module, autoindex_module, etc, then some of the related config lines in httpd.conf or apache2.conf will be left stranded. Thus, when you restart Apache, it will show errors. For example:

“Starting httpd: Syntax error on line 565 of /etc/httpd/conf/httpd.conf: Invalid command ‘IndexOptions’, perhaps misspelled or defined by a module not included in the server configuration”

These errors are so self explanatory, its not funny. When you see an error after Apache restart you have two options 1) re-enable the module 2) go to the line that Apache error reports – in the above case, line 565 of /etc/httpd/conf/httpd.conf – and comment out the line. Repeat until Apache starts without error and then move on with disabling the next module and so on.

– If you are installing Apache for the first time. Don’t install using yum install httpd or apt-get install apache2. Instead, for ever better performance compile Apache from source and only enable the modules you require. Compiling is also a best performance practice because it will save even more RAM that’s used for supporting dynamically loaded modules, the downside is that you will have to recompile Apache each time you need to add or remove modules in future. Remember you’ll need proxy_module and proxy_fcgi_module for PHP-FPM.

– For PHP-FPM with Apache 2.4 please see: http://wiki.apache.org/httpd/PHP-FPM

– Apache performance (similar to Nginx) isn’t accomplish by one or two changes. It’s composite and although there are many areas that can be expanded on above, to keep things simple, I’ve kept this article limited to stripping down Apache’s modules. In future, I may get around to posting about more Apache performance tips. Let me know below if this is something you’d be interested me writing about.

– Once you’ve performed the various areas of Apache tuning (including stripping modules) if you still need a performance boost or load reduction and don’t want to get rid of Apache because of whatever reasons. Then consider installing Nginx just for static files (css, js, images, etc). However, Apache 2.4 mpm event is a lot faster and more efficient serving static files than Apache 2.2 mpm prefork or mpm worker ever was.

This blog is powered by Apache 2.4, no Nginx… yet. Also read: Strip Down Apache to Improve Performance & Memory Efficiency.

apache-feather-logo

Strip Down Apache to Improve Performance & Memory Efficiency was last modified: November 20th, 2013 by Hayden James

Strip Down Apache to Improve Performance & Memory Efficiency

7 Responses

  1. Great sharing of knowledge,

    May i ask your advise, about how to maximize for speed of a 512ram, 10gb, vps, with apache2, since i tried nginx, and get stucked, in rewrite

    So, i read n read about webserver comparison, only thing that made me choose back to apache, that it will not ask thousand of dollars, for speed up, when my web, getting more busy, someday

    Thx n regards,
    Adi kwok,

    adi kwok April 4, 2014 at 7:19 am #
  2. I do this for years, stripping down Apache en tuning it’s config. It’s true, Nginx is faster, but we dealt with shitloads of traffic using optimized Apache servers. What we also did was static compiling of Apache and PHP, disabling .htaccess use and put all the stuff from there in the vhost config. And what also works great is taking care of PHP’s include path’s, default it searches too many paths for including files. Stuff like PEAR was always included in the project’s code and directly included with a complete path. And don’t forget the use of the Opcode caches.

    These days we do it differently, very often we use Nginx as webserver for all static files and as a proxy in front of Apache. Apache is still very vast in just executing PHP, read this: http://www.eschrade.com/page/why-is-fastcgi-w-nginx-so-much-faster-than-apache-w-mod_php/
    Not my benchmark by the way…

    In some cases we can not avoid the use of Apache because of the need for SAML authentication, ADFS for example. We use Apache as a reverse proxy for Tomcat for example and use the Shibboleth module for SAML.

    For our high traffic sites we use OpenLiteSpeed at the moment with a Varnish cache cluster in front of them and a set of HAProxy loadbalancers. It performs really, really well and it’s easier to move Apache sites to OpenLiteSpeed then to Nginx. It takes some time, not that much, to get used to the way OpenLiteSpeed has to be configured but if you know what to do and build some templates it works very quickly. Don’t know if OpenLiteSpeed is faster or Nginx is but I got the feeling they perform pretty similar. OLS is just a bit more comfortable.

    Werner June 17, 2014 at 7:34 pm #
  3. Thanks for this useful writeup. How should one move to “PHP-FPM”? I currently use Nginx proxying to Apache 2.2 with PHP running as Prefork – the most common hosting platform. Would love to move to MPM Event, and the PHP-FPM ecosystem. Your style of writing is clear and specific, so I’d kill to get you to writeup some simple instructions one could follow. Thanks so much!

    PK Hun August 7, 2014 at 1:04 am #
    • Hi PK,

      Thanks for notes. I will try to write and article about Apache 2.4 with PHP-FPM soon: https://wiki.apache.org/httpd/PHP-FPM

      What setup/Linux distro are you using? This way I can setup and post using the same. For example if you are not on cPanel, or if you don’t have specific compatibility needs you can replace Apache with Nginx completely. If you require Apache then use version 2.4 with mpm_event which is faster than Apache 2.2.

      Lets keep in touch.

      Hayden James August 7, 2014 at 1:14 pm #
      • Thanks. This is very kind. What a super and generous blog.

        I have two server. Both are on WHM/Cpanel latest “release” (the level below bleeding-edge, but above stable.) 11.44.x or something.

        Both are CentOS 64-bit. One is CentOS 5, the other CentOS 6. Both are running Nginx 1.0.8 with Apache 2.2 (prefork) proxied on a different port.

        On both, if possible, I prefer to go Nginx entirely. One server is very high traffic and uses a custom PHP site with Postgresql as the backend. PG is the big load on this server, to be honest.

        The second server is about 20 WordPress websites.

        For both, I want to now consider moving to AWS entirely, and custom-setup Nginx + PHP-FPM + memcached + mysql/pgsql on my own. It’s been a daunting task because a production server needs IP (Elastic IP in AmaZon), DNS etc which I get with “bind” on WHM automatically (Need Route 53 on Amazon), a CDN which I now have from Edgecast (need cloudfront on Amazon), etc etc.

        For Nginx specifically, the issues are:

        1. RewriteRules. I bet there’s an Nginx equivalent for every RewriteRule in Apache, even without “rewrite”, just with smart setup of “location”. My needs are similar to something I found on the Nginx forum (but that dude has no response yet) — http://forum.nginx.org/read.php?9,252367

        2. Mod_security. What’s the equivalent to manage XSS or SQL injections, etc? I heard of NAXSI or something, but not sure. Or do I even need this in Nginx world? I hear it works better with DDOS stuff. (On Apache I used to have “mod_evasive”, but now no more.)

        3. Need to use mod_geoip. I think Nginx also has a module.

        If all of these are possible on Nginx, then no need for Apache at all. I’m looking for smart instructions to install the latest Nginx and the latest PHP-FPM, and from source is fine so I have more control in the future than “yum” or, even worse, Cpanel’s ugly scripts.

        But all the instructions online are of a highly diverse quality.

        Any thoughts or help MUCH appreciated. I’ll sing your praises everywhere.

        PK+Hun August 7, 2014 at 1:26 pm #
        • Sure thing. Ok will make a blog post about Nginx + PHP-FPM using CentOS withOUT cPanel in the coming days. Please subscribe to updates so you are notified: http://eepurl.com/GeQXn

          Hayden James August 7, 2014 at 1:37 pm #
  4. Nice write up! For many reasons, I can’t use Nginx, and neither can I deploy Nginx as proxy. So, every tip for speeding up Apache is certainly very valuable for my team.

    Pandu POLUAN October 25, 2014 at 1:44 pm #

Leave a Reply