Apache should i use keepalive

If there are no free slots, it can be even longer of a wait. The keepalive timeout dictates how long the slot will remain occupied, after the web browser stops asking for new things. Much like a server will not wait an hour for you to decide on dessert, a web server like Apache will not wait an infinite amount of time for your web browser to ask for new files or images. A single webpage is typically made up of a couple dozen files or images, and takes a couple of seconds to load.

The keepalive timeout is a timer that counts down, and is reset every time the web browser asks for a new item. So long as the browser keeps asking for more things, the timeout will not expire, even with a keepalive timout setting of 1 second. However, the default setting for Apache Keepalive Timeout is 15 seconds. In computer terms, this is an eternity. If it takes 2 seconds to load a webpage, then, the slot is active for 2 seconds, serving requests, and then waits 15 seconds longer, waiting to see if the user needs anything else.

This is because you do not need to open a new connection to the server, which takes a small amount of time. It would be like if a waiter, after delivering your food, waited 15 minutes to see if you needed anything else, before working to help anyone else. Even 1 minute for a waiter or 1 second for a web server is longer than is necessary, but at least it would not be a total disaster. With even a keepalive timeout of 1 second the minimum you can set it to , it is almost guaranteed that a web browser will be able to keep the same connection slot for the entire time it is loading the page.

There is no reason to set a longer keepalive than 1 second, pretty much ever. Imagine our waiter, dropping off your food, and then waiting 15 minutes before doing any other work. By default, Keep Alive is disabled in Apache web server. Typically, any server including Apache creates a new TCP connection for every request. This requires authentication and multiple handoffs every time. Since every requested page sends multiple requests, this can take a lot of time especially with many concurrent users.

Thank you,. Your email address will not be published. What is KeepAlive? Consider that a typical web page has dozens of different files such as images, stylesheets, javascript files etc. If KeepAlive is disabled a separate connection must be made for each of those files. Creating and closing connections has an overhead and doing it for every single file wastes CPU time. Disadvantages of Keepalive Increases memory usage : Enabling KeepAlive increases memory usage on the server.

When should you enable KeepAlive? RAM is often the biggest limiting factor in a webserver. If you have little RAM you should turn off KeepAlive because having Apache processes hanging around while they wait for more requests from persistent connections is a waste of precious memory.

Types of sites : If you have pages with a lot of images or other files linked into them, KeepAlive will improve the user experience significantly. This is because a single connection will be used to transfer multiple files. Traffic patterns : The type of traffic you get. If your web traffic is spread out evenly throughout a day then you should turn on KeepAlive.

OTOH, if you have bursty traffic where a lot of concurrent users access your sites during a short time period KeepAlive will cause your RAM usage to skyrocket so you should turn it off. On Centos this file is called httpd.

Hope you can solve my issue. But for others who might be interested in this I have this bit from the docs to share: In a name-based virtual host context, the value of the first defined virtual host the default host in a set of NameVirtualHost will be used.

That was really helpful. Thanks for the thorough analysis of KeepAlive. Like this article. By the way, what is First-Byte time and how to configure for best optimizations for my site?? Nevertheless since you asked, here are the answers to your questions: 1.

The connection terminates with a counterparty that has a less timeout set. Do I have to paste some script on. May be elementary question for you. Nonetheless, I will appreciate your guidance. Best wishes, Ashok Koparday. Pingback: How to speed up WordPress Apache. Thanks for this well written article — a very clear and helpful explanation of Keep Alive. I learned a lot from your article, thanks! The higher the timeout, the more server processes will be kept occupied waiting on connections with idle clients.

If KeepAliveTimeout is not set for a name-based virtual host, the value of the first defined virtual host best matching the local IP and port will be used. Access controls are normally effective for all access methods, and this is the usual desired behavior. The method name is case-sensitive. For example, given the following configuration, all users will be authorized for POST requests, and the Require group editors directive will be ignored in all cases:.

An internal redirect happens, for example, when using the Action directive, which internally redirects the original request to a CGI script. A subrequest is Apache httpd's mechanism to find out what would happen for some URI if it were requested. LimitInternalRecursion prevents the server from crashing when entering an infinite loop of internal redirects or subrequests.

Such loops are usually caused by misconfigurations. The directive stores two different limits, which are evaluated on per-request basis. The first number is the maximum number of internal redirects that may follow each other. The second number determines how deeply subrequests may be nested. If you specify only one number , it will be assigned to both limits. This directive specifies the number of bytes from 0 meaning unlimited to 2GB that are allowed in a request body. See the note below for the limited applicability to proxy requests.

The LimitRequestBody directive allows the user to set a limit on the allowed size of an HTTP request message body within the context in which the directive is given server, per-directory, per-file or per-location. If the client request exceeds that limit, the server will return an error response instead of servicing the request.

The size of a normal request message body will vary greatly depending on the nature of the resource and the methods allowed on that resource. CGI scripts typically use the message body for retrieving form information. Implementations of the PUT method will require a value at least as large as any representation that the server wishes to accept for that resource.

This directive gives the server administrator greater control over abnormal client request behavior, which may be useful for avoiding some forms of denial-of-service attacks. If, for example, you are permitting file upload to a particular location and wish to limit the size of the uploaded file to K, you might use the following directive:.

Setting number at 0 means unlimited. The LimitRequestFields directive allows the server administrator to modify the limit on the number of request header fields allowed in an HTTP request. A server needs this value to be larger than the number of fields that a normal client request might include. The number of request header fields used by a client rarely exceeds 20, but this may vary among different client implementations, often depending upon the extent to which a user has configured their browser to support detailed content negotiation.

Optional HTTP extensions are often expressed using request header fields. The value should be increased if normal clients see an error response from the server that indicates too many fields were sent in the request. When name-based virtual hosting is used, the value for this directive is taken from the default first-listed virtual host for the local IP and port combination.

This directive specifies the number of bytes that will be allowed in an HTTP request header. A server needs this value to be large enough to hold any one header field from a normal client request. The size of a normal request header field will vary greatly among different client implementations, often depending upon the extent to which a user has configured their browser to support detailed content negotiation. When name-based virtual hosting is used, the value for this directive is taken from the default first-listed virtual host best matching the current IP address and port combination.

This directive sets the number of bytes that will be allowed on the HTTP request-line. A server needs this value to be large enough to hold any of its resource names, including any information that might be passed in the query part of a GET request.

Limit in bytes on maximum size of an XML-based request body. A value of 0 will disable any checking. This has several consequences. Since several different URLs may map to the same filesystem location, such access controls may by circumvented.

The enclosed directives will be applied to the request if the path component of the URL meets any of the following criteria:. No scheme, hostname, port, or query string may be included. The URL may use wildcards. For example, to enable status requests but allow them only from browsers at example. The slash character has special meaning depending on where in a URL it appears.

People may be used to its behavior in the filesystem where multiple adjacent slashes are frequently collapsed to a single slash i. However, it takes a regular expression as an argument instead of a simple string. LogLevel adjusts the verbosity of the messages recorded in the error logs see ErrorLog directive.

The following level s are available, in order of decreasing significance:. When a particular level is specified, messages from all other levels of higher significance will be reported as well. When logging to a regular file, messages of the level notice cannot be suppressed and thus are always logged.

However, this doesn't apply when logging is done using syslog. Specifying a level without a module name will reset the level for all modules to that level.

Specifying a level with a module name will set the level for that module only. This means the following three specifications are equivalent:. If it is set to 0 , unlimited requests will be allowed. We recommend that this setting be kept to a high value for maximum server performance. If more overlapping ranges than permitted are requested, the complete resource is returned instead. If more ranges reversals than permitted are requested, the complete resource is returned instead.

If more ranges than permitted are requested, the complete resource is returned instead. When mapping URL's to the filesystem, these multiple slashes are not significant. However, URL's handled other ways, such as by CGI or proxy, might prefer to retain the significance of multiple consecutive slashes.

In these cases MergeSlashes can be set to OFF to retain the multiple consecutive slashes, which is the legacy behavior. Non regular expression based Location always operate against a URL with merged slashes and cannot differentiate between multiple slashes. This merging occurs when the request body has been completely consumed, long after most header processing would have a chance to examine or modify request headers.

This option is provided for compatibility with releases prior to 2. The Mutex directive sets the mechanism, and optionally the lock file location, that httpd and modules use to serialize access to resources. Specify default as the second argument to change the settings for all mutexes; specify a mutex name see table below as the second argument to override defaults only for that mutex. The Mutex directive is typically used in the following exceptional situations:.

All modules bundled with httpd support the Mutex directive, but third-party modules may not. Consult the documentation of the third-party module, which must indicate the mutex name s which can be configured if this directive is supported. This selects the default locking implementation, as determined by APR.

The default locking implementation can be displayed by running httpd with the -V option. This effectively disables the mutex, and is only allowed for a mutex if the module indicates that it is a valid choice. Consult the module documentation for more information. The semaphore ownership is not recovered if a thread in the process holding the mutex segfaults, resulting in a hang of the web server.

It is possible to "leak" SysV semaphores if processes crash before the semaphore is removed. This selects the "best" available semaphore implementation, choosing between Posix and SystemV IPC semaphores, in that order. On most systems, if a child process terminates abnormally while holding a mutex that uses this implementation, the server will deadlock and stop responding to requests. When this occurs, the server will require a manual restart to recover.

Solaris and Linux are notable exceptions as they provide a mechanism which usually allows the mutex to be recovered after a child process terminates abnormally while holding a mutex. This is a mutex variant where a physical lock- file and the fcntl function are used as the mutex.

When multiple mutexes based on this mechanism are used within multi-threaded, multi-process environments, deadlock errors EDEADLK can be reported for valid mutex operations if fcntl is not thread-aware, such as on Solaris.

This selects the "best" available file locking implementation, choosing between fcntl and flock , in that order. Most mechanisms are only available on selected platforms, where the underlying platform and APR support it. Mechanisms which aren't available on all platforms are posixsem , sysvsem , sem , pthread , fcntl , flock , and file. With the file-based mechanisms fcntl and flock , the path, if provided, is a directory where the lock file will be created.

The default directory is httpd's run-time file directory relative to ServerRoot. The basename of the file will be the mutex type, an optional instance string provided by the module, and unless the OmitPID keyword is specified, the process id of the httpd parent process will be appended to make the file name unique, avoiding conflicts when multiple httpd instances share a lock file directory. The OmitPID keyword suppresses the addition of the httpd parent process id from the lock file name. The mutex mechanism for all other mutexes will be changed from the compiled-in default to sysvsem.

Prior to 2. The Options directive controls which server features are available in a particular directory. Omitting this option should not be considered a security restriction, since symlink testing is subject to race conditions that make it circumventable. This option should not be considered a security restriction, since symlink testing is subject to race conditions that make it circumventable. Normally, if multiple Options could apply to a directory, then the most specific one is used and others are ignored; the options are not merged.

See how sections are merged. This directive specifies the protocol used for a specific listening socket. The protocol is used to determine which module should handle a request and to apply protocol specific optimizations with the AcceptFilter directive. This directive not required for most configurations. If not specified, https is the default for port and http the default for all other ports. The protocol is used to determine which module should handle a request, and to apply protocol specific optimizations with the AcceptFilter directive.

For example, if you are running https on a non-standard port, specify the protocol explicitly:. You can also specify the protocol using the Listen directive. Modules may enable more protocols. Such protocol names will simply be ignored. Protocols specified in base servers are inherited for virtual hosts only if the virtual host has no own Protocols directive.

Or, the other way around, Protocols directives in virtual hosts replace any such directive in the base server. This directive specifies if the server should honor the order in which the Protocols directive lists protocols.

If configured Off, the client supplied list order of protocols has precedence over the order in the server configuration. With ProtocolsHonorOrder set to on default , the client ordering does not matter and only the ordering in the server settings influences the outcome of the protocol negotiation. This directive allows to configure the size in bytes of the memory buffer used to read data from the network or files.

A larger buffer can increase peformances with larger data, but consumes more memory per connection. The minimum configurable size is Any option preceded by a '-' is removed from the already set options. The none keyword resets any already set options. This directive may be used to register additional HTTP methods.

This is necessary if non-standard methods need to be used with directives that accept method names as parameters, or to allow particular non-standard methods to be used via proxy or CGI script when the server has been configured to only pass recognized methods to modules. Takes 1 or 2 parameters. The first parameter sets the soft resource limit for all processes and the second parameter sets the maximum resource limit. Either parameter can be a number, or max to indicate to the server that the limit should be set to the maximum allowed by the operating system configuration.

Raising the maximum resource limit requires that the server is running as root or in the initial startup phase. This applies to processes forked from Apache httpd children servicing requests, not the Apache httpd children themselves. The first parameter sets the soft resource limit for all processes, and the second parameter sets the maximum resource limit.

If CGI processes are not running under user ids other than the web server user id, this directive will limit the number of processes that the server itself can create. The default setting is Script. This causes Apache httpd to use the interpreter pointed to by the shebang line first line, starting with!

On Win32 systems this line usually looks like:. If the registry keys cannot be found, Apache httpd falls back to the behavior of the Script option. Be careful when using ScriptInterpreterSource Registry with ScriptAlias 'ed directories, because Apache httpd will try to execute every file within this directory. The Registry setting may cause undesired program calls on files which are typically not executed.

For example, the default open command on. This is a good way to crash your system within a minute or so. The ExecCGI key is not a common one. It must be configured manually in the windows registry and hence prevents accidental program calls on your system. For historical purposes, only 63 characters of the request are actually stored for display purposes.

This directive controls whether the 1st 63 characters are stored the previous behavior and the default or if the last 63 characters are. This is only applicable, of course, if the length of the request is 64 characters or greater. The ServerAdmin sets the contact address that the server includes in any error messages it returns to the client.

If the httpd doesn't recognize the supplied argument as an URL, it assumes, that it's an email-address and prepends it with mailto: in hyperlink targets. However, it's recommended to actually use an email address, since there are a lot of CGI scripts that make that assumption. If you want to use an URL, it should point to another server under your control. Otherwise users may not be able to contact you in case of errors.