Enterprise-level Nginx service Optimization (iii) apache+ anti-theft chain

Last Update:2016-05-06 Source: Internet

Author: User

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

Apache Worker/prefork

/application/apache/bin/apachectl-l | Sed-n '/worker\|prefork/p '

Worker.c

Server Mpm:worker

./configure--with-mpm=worke//compile-time specified, default is Prefork

Prefork Default

Use multiple child processes, with only one thread per child process

High efficiency, stability, security, more resources than worker consumption

vim/application/apache/conf/extra/httpd-mpm.conf

Startservers 10//Service START process number

Minspareservers 10//Minimum Idle quantity

Maxspareservers 15//Maximum idle Quantity

Serverlimit 2000

MaxClients 1000//MAX process concurrency

Maxrequestsperchild 5000//The maximum number of processes processed by the child process 0 = Unlimited

</IfModule>

Ps-ef | grep http| Grep-v grep | WC-L//View concurrent connections

worker threads are combined with processes

vim/application/apache/conf/extra/httpd-mpm.conf

<ifmodule mpm_worker_module>

Startservers 2

maxclients Number of client connections//concurrent

Serverlimit 25//Total process Count

Minsparethreads 50

Maxsparethreads 200

Thread Limit

Threadsperchild The number of worker threads per server that lasts//

maxrequestsperchild 0//single subprocess accumulates up to less requests, default 0, unlimited meaning

</IfModule>

maxclient <= serverlimit* Threadsperchild

maxclient %threadsperchild =0

Cat/application/apache/conf/extra/httpd-default.conf

Timeout 300

KeepAlive on

Maxkeepaliverequests 100

KeepAliveTimeout 5

Usecanonicalname OFF

Accessfilename. htaccess

Servertokens full

Serversignature on

Hostnamelookups OFF

Number of concurrent connections

pstree-a | grep http |grep-v grep | Wc-l

110

Apache Web Services anti-theft chain

Rewriteengine on

Rewritecond%{http_referer}!^http://website domain name/.*$ [NC]

Rewriterule. *\. (gif|jpg) $/HTTP instead of icon [R,NC]

</Directory>

configuration of Nginx anti-theft chain

Location ~* \. (gif|jpg|png|swf|flv|bmp) $ {

Valid_referers None blocked *.hequan.com Hequan z.com;

if ($invalid_referer) {

#rewrite ^/Http://www.hequan. com/403.html;

return 403;

}

This article is from the "what-all" blog, please be sure to keep this source http://hequan.blog.51cto.com/5701886/1770655

Enterprise-level Nginx service Optimization (iii) apache+ anti-theft chain

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More

Enterprise-level Nginx service Optimization (iii) apache+ anti-theft chain

Contact Us

A Free Trial That Lets You Build Big!

Sales Support

After-Sales Support