What Apache2 modules can be disabled?

Submitted by Rockland Steel on Sat, 2009-12-26 16:44
· ·

Hello,

I think many Apache2 unused modules loaded. I'm going to disable some of them.

But I just want some "do & don't", which one can be disabled, which one is needed for a Drupal website?

Thanks in advance



By the way, this is list of my loaded modules:
core prefork http_core mod_so mod_auth_basic mod_auth_digest mod_authn_file mod_authn_alias mod_authn_anon mod_authn_dbm mod_authn_default mod_authz_host mod_authz_user mod_authz_owner mod_authz_groupfile mod_authz_dbm mod_authz_default util_ldap mod_authnz_ldap mod_include mod_log_config mod_logio mod_env mod_ext_filter mod_mime_magic mod_expires mod_deflate mod_headers mod_usertrack mod_setenvif mod_mime mod_dav mod_status mod_autoindex mod_info mod_dav_fs mod_vhost_alias mod_negotiation mod_dir mod_actions mod_speling mod_userdir mod_alias mod_rewrite mod_proxy mod_proxy_balancer mod_proxy_ftp mod_proxy_http mod_proxy_connect mod_cache mod_suexec mod_disk_cache mod_file_cache mod_mem_cache mod_cgi mod_version mod_php5 mod_proxy_ajp

Groups:
High performance
Login or register to post comments

Module apache 2

grandjulien - Sat, 2009-12-26 18:41

Hello

On Apache:

Modules cache, proxy, and authentication can be very useful for security and site performance.

You could also open a post on PHP 5 functions useless. I am sure there would be a good debate on it, too.

Best regards


Login or register to post comments ·

Thank you very much.

Rockland Steel - Sat, 2009-12-26 22:49

Thank you very much.


Login or register to post comments ·

Why not list what is needed?

kbahey's picture
kbahey - Mon, 2009-12-28 03:21

Let us do this the other way around. I will list only modules that I use on high traffic sites.

This configuration is from Apache2 on Ubuntu 8.04 LTS. It uses Apache MPM Worker (threaded server) and PHP in FastCGI mode using fcgid.

 core_module (static)
 log_config_module (static)
 logio_module (static)
 mpm_worker_module (static)
 http_module (static)
 so_module (static)
 alias_module (shared)
 auth_basic_module (shared)
 authn_file_module (shared)
 authz_default_module (shared)
 authz_groupfile_module (shared)
 authz_host_module (shared)
 authz_user_module (shared)
 autoindex_module (shared)
 cgid_module (shared)
 deflate_module (shared)
 dir_module (shared)
 env_module (shared)
 fcgid_module (shared)
 mime_module (shared)
 negotiation_module (shared)
 rewrite_module (shared)
 setenvif_module (shared)
 status_module (shared)

You can substitute MPM Worker with MPM Prefork, and fcgid with mod_php, but you will use more memory that way.

Drupal performance tuning, development, customization and consulting: 2bits.com, Inc..
Personal blog: Baheyeldin.com.


Login or register to post comments ·

Thanks. PHP using fcgid.. and

Rockland Steel - Tue, 2009-12-29 13:41

Thanks.

PHP using fcgid.. and Apache MPM Worker... I will try

(added)

I create script to call php fcgi but I remove this codes:

    SuexecUserGroup bob bob
    PHP_Fix_Pathinfo_Enable 1

BTW, is PHP_Fix_Pathinfo_Enable 1 very important?


Login or register to post comments ·

So should i use only those

rokape - Sat, 2010-01-23 17:55

So should i use only those modules?and turn off other?


Login or register to post comments ·

Is there a reason expires

christefano's picture
christefano - Sun, 2010-03-14 12:38

Is there a reason expires isn't in your list?


Exaltation of Larks
Founder, CEO
http://www.larks.la  		 LA Drupal
Organizer, Drupal Adventure Guide
http://ladrupal.org/christo  		 Droplabs
Founder, Lead Burrito Analyst   
http://droplabs.net   

Login or register to post comments ·

I'm also surprised to see

dalin's picture
dalin - Mon, 2010-03-15 00:25

I'm also surprised to see mod_autoindex in your list Khalid. That's generally one of the first ones to go for me. I usually don't use mod_negotiation either.

For those of us doing a more vanilla Apache, without anything CGI related, you wouldn't need mod_cgid, mod_env, and mod_fcgid. Also you'd probably be using mpm_prefork instead of worker.

--
Dave Hansen-Lange
Web Developer
Advomatic LLC
Great White North Office
Canada


Login or register to post comments ·

Agree

mikeytown2's picture
mikeytown2 - Mon, 2010-03-15 22:05

http://httpd.apache.org/docs/trunk/mod/mod_negotiation.html
http://httpd.apache.org/docs/trunk/mod/mod_autoindex.html

Both of these are not needed if all your running is Drupal. If you want your default "out of the box" configuration file to work then you need these. So for the simple reduce the number of modules loaded & not fix what's broken then you need both of these modules. If you want to get a very custom httpd.conf file then you go ahead and remove these. If you want the bare minimum modules this is what I run with CentOS

LoadModule authz_host_module modules/mod_authz_host.so
LoadModule dir_module modules/mod_dir.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule mime_module modules/mod_mime.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule alias_module modules/mod_alias.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule include_module modules/mod_include.so

If I wasn't lazy I could get rid of include_module & alias_module. Might be able to get rid of setenvif_module & deflate_module depending on your setup. If your ambitious you can use headers_module to replace the expires_module. log_config_module is also optional depending on your situation.


Login or register to post comments ·

And unless you need to limit

dalin's picture
dalin - Mon, 2010-03-15 23:57

And unless you need to limit access of some directories/sites you can get rid of the auth*_modules. (But to remove mod_authz_host will probably require tweaking your config files)

--
Dave Hansen-Lange
Web Developer
Advomatic LLC
Great White North Office
Canada


Login or register to post comments ·