Apache

Troubleshooting

Check how much memory each apache2 process is using

ps -ylC apache2 --sort:rss

Check the average apache2 process memory use

ps -ylC apache2 --sort:rss |\
   awk '{sum+=$8; ++n} END {print "Tot="sum"("n")="sum/1024" MB";print "Avg="sum"/"n"="sum/n/1024" MB"}'

Count the number of current HTTP connections by remote IP address

netstat -ant | grep :80\  | awk '{print $5}' | awk -F : '{$NF="";}1' | \
  sort | uniq -c | sort -n

Count the number of current HTTPS connections by remote IP address

netstat -ant | grep :443\  | awk '{print $5}' | \
  awk -F : '{$NF="";}1' | sort | uniq -c | sort -n

Attach strace to multiple apache processes

strace $(pidof apache2 |sed 's/\([0-9]*\)/\-p \1/g')

Configuration

Redirect to HTTPS

RewriteEngine on
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R]

NFS Optimizations

EnableMMAP off
EnableSendfile off

Disable SSLv2

SSLProtocol ALL -SSLv2
SSLCipherSuite HIGH:!SSLv2:!ADH:!aNULL:!eNULL:!NULL

Test this with

openssl s_client -connect servername:443 -ssl2 

And look for the following

CONNECTED(00000003) 
23196:error:1407F0E5:SSL routines:SSL2_WRITE:ssl handshake failure:s2_pkt.c:428:

Basic Authentication

AuthType Basic
AuthName "Restricted Files"
AuthUserFile /etc/apache2/htpasswd
Require valid-user

ProxyPass

ProxyVia on
ProxyPass / http://www.example.com/
ProxyPassReverse / http://www.example.com/

Verify mod_deflate is working

curl -I -H 'Accept-Encoding: gzip,deflate' http://www.badllama.com/

Look for Content-Encoding: gzip