Benchmarking Your Site with ‘http_load’
http_load is a stunningly useful HTTP benchmarking utility that gives you a rough idea of how many hits per second a server is capable of serving. You simply tell it what pages to grab, and how many “clients” it should run in parallel; it gives you back useful information about the average fetches per second and the average, minimum, and maximum response times. It’s no substitute for a solid profiler to dig into the hows and whys of your application’s performance, but it’s great at telling you when you’re “good enough” to launch.
Installing http_load on OS X
- Download from http://www.acme.com/software/http_load/
- Open terminal, cd to the directory where the archive is and unzip
$ tar xvzf http_load-12mar2006.tar.gz - Move to that directory
$ cd http_load-12mar2006 - Run
$ make - Run
$ sudo make install
Tuning the Apache MaxClients parameter
One thing that can have a really drastic effect on a large site using Apache, is the value assigned to the MaxClients parameter.
This parameter defines how many simultaneous request can be served. Any connection request from browsers that come in after that will be queued.
Apache prefork, StartServers, MaxSpareServers and MinSpareServers
In the most common case, you will be using Apache in the prefork mode, meaning one process per connection, with a pool of processes pre-forked to standby for connections. The number of spare processes is defined by the values MaxSpareServers, MinSpareServers, while the number to start is defined by StartServers.
Read more…
.Htaccess IP Banning IP Block Bad Visitors
Increase your web site’s security by blocking bad visitors with .htaccess. If you have nuisance visitors, site scrapers, or spammers, you may want to add some lines of code to your .htaccess file that will block bad visitors by IP address or by blocks of IP addresses. You want to be careful though that you don’t ban blocks of IPs carelessly as you may end up banning potential customers or other valid site visitors. Also, nothing is completely foolproof as the user can always use another IP address, but I’ve found that this does reduce the number of troublesome incidents.
Secure Directories by IP Address and/or Domain
# allow all except those indicated here
order allow,deny
allow from all
deny from 190.115.67.200
deny from .*yourdomain\.com.*
Read more…
How to install mod_security
What is mod_security ?
ModSecurity is an open source intrusion detection and prevention engine for web applications. It operates embedded into the web server, acting as a powerful umbrella – shielding applications from attacks. ModSecurity supports both branches of the Apache web server.
Rfx Networks Recommended:
“mod_security is great and I encourage it be used by everyone; it does have the potential to break some web applications but so far iv seen very few issues to say the least. Likewise it is easy to fix any applications that may break with the granular filter rules that can be setup to either deny or allow certain content. Overall mod_security is a needed addition to apache, providing a layer of security yet unseen for apache. I highly encourage you read the reference document on the modsecurity.org site (under documentation) to better understand each directive and the role it plays in protecting your server and sites.”
Requirements:
Apache Web Server 1.3x or 2.x
How to install ?
Read more…
How To Install mod_bandwidth
What is Mod_Bandwidth?
“Mod_bandwidth” (mod bandwidth) is a module for the Apache webserver that enable the setting of server-wide or per connection bandwidth limits, based on the directory, size of files and remote IP/domain.
Install mod_bandwidth: (For Apache 1.3x. ONLY!)
Read more…
Setting Apache expires header
There’s two ways of getting there with Apache. mod_expires yields the most flexible solution, but mod_headers will work too, if you cannot use mod_expires for some reason.
mod_expires
Read more…
Configure mod deflate for Apache 2.2.x
Mod Deflate comes built into Apache, but is not enabled by default. This tutorial will explain the simplest way of enabling it and setting which mime times to compress. Mod Deflate will increase your server load, but decreases the amount of time that clients are connected and can usually reduce the page size by 60 to 80 percent.
Read more…
Install mod_evasive on Apache (anti Dos)
mod_evasive is a Apache module that provides evasive maneuvers action in the event of an HTTP DoS or DDoS (Denial of Service) attack or brute force attack at the web server. When possible attacks are detected, mod_evasive will block the traffic from the source for a specific duration of time, while reports abuses via email and syslog facilities. Or administrators can configure mod_evasive to talk to iptables, ipchains, firewalls, routers, and etc. to build a comprehensive DDOS prevention system for the high traffic busy web server.
Read more…