What Apache2 modules can be disabled?

Events happening in the community are now at Drupal community events on www.drupal.org.
Rockland Steel's picture
Posted by Rockland Steel on December 26, 2009 at 4:44pm

Hello,

I think many Apache2 unused modules loaded. I'm going to disable some of them.

But I just want some "do & don't", which one can be disabled, which one is needed for a Drupal website?

Thanks in advance



By the way, this is list of my loaded modules:
core prefork http_core mod_so mod_auth_basic mod_auth_digest mod_authn_file mod_authn_alias mod_authn_anon mod_authn_dbm mod_authn_default mod_authz_host mod_authz_user mod_authz_owner mod_authz_groupfile mod_authz_dbm mod_authz_default util_ldap mod_authnz_ldap mod_include mod_log_config mod_logio mod_env mod_ext_filter mod_mime_magic mod_expires mod_deflate mod_headers mod_usertrack mod_setenvif mod_mime mod_dav mod_status mod_autoindex mod_info mod_dav_fs mod_vhost_alias mod_negotiation mod_dir mod_actions mod_speling mod_userdir mod_alias mod_rewrite mod_proxy mod_proxy_balancer mod_proxy_ftp mod_proxy_http mod_proxy_connect mod_cache mod_suexec mod_disk_cache mod_file_cache mod_mem_cache mod_cgi mod_version mod_php5 mod_proxy_ajp

Categories: , ,

Comments

Module apache 2

Posted by grandjulien on December 26, 2009 at 6:41pm
grandjulien's picture

Hello

On Apache:

Modules cache, proxy, and authentication can be very useful for security and site performance.

You could also open a post on PHP 5 functions useless. I am sure there would be a good debate on it, too.

Best regards

Thank you very much.

Posted by Rockland Steel on December 26, 2009 at 10:49pm
Rockland Steel's picture

Thank you very much.

Why not list what is needed?

Posted by kbahey on December 28, 2009 at 3:21am
kbahey's picture

Let us do this the other way around. I will list only modules that I use on high traffic sites.

This configuration is from Apache2 on Ubuntu 8.04 LTS. It uses Apache MPM Worker (threaded server) and PHP in FastCGI mode using fcgid.

 core_module (static)
 log_config_module (static)
 logio_module (static)
 mpm_worker_module (static)
 http_module (static)
 so_module (static)
 alias_module (shared)
 auth_basic_module (shared)
 authn_file_module (shared)
 authz_default_module (shared)
 authz_groupfile_module (shared)
 authz_host_module (shared)
 authz_user_module (shared)
 autoindex_module (shared)
 cgid_module (shared)
 deflate_module (shared)
 dir_module (shared)
 env_module (shared)
 fcgid_module (shared)
 mime_module (shared)
 negotiation_module (shared)
 rewrite_module (shared)
 setenvif_module (shared)
 status_module (shared)

You can substitute MPM Worker with MPM Prefork, and fcgid with mod_php, but you will use more memory that way.

Drupal performance tuning, development, customization and consulting: 2bits.com, Inc..
Personal blog: Baheyeldin.com.

Thanks. PHP using fcgid.. and

Posted by Rockland Steel on December 29, 2009 at 1:41pm
Rockland Steel's picture

Thanks.

PHP using fcgid.. and Apache MPM Worker... I will try

(added)

I create script to call php fcgi but I remove this codes:

    SuexecUserGroup bob bob
    PHP_Fix_Pathinfo_Enable 1

BTW, is PHP_Fix_Pathinfo_Enable 1 very important?

So should i use only those

Posted by rokape on January 23, 2010 at 5:55pm
rokape's picture

So should i use only those modules?and turn off other?

Is there a reason expires

Posted by christefano on March 14, 2010 at 12:38pm
christefano's picture

Is there a reason expires isn't in your list?

I'm also surprised to see

Posted by dalin on March 15, 2010 at 12:25am
dalin's picture

I'm also surprised to see mod_autoindex in your list Khalid. That's generally one of the first ones to go for me. I usually don't use mod_negotiation either.

For those of us doing a more vanilla Apache, without anything CGI related, you wouldn't need mod_cgid, mod_env, and mod_fcgid. Also you'd probably be using mpm_prefork instead of worker.

--

Dave Hansen-Lange
Director of Technical Strategy, Advomatic.com
Pronouns: he/him/his

Agree

Posted by mikeytown2 on March 15, 2010 at 10:05pm
mikeytown2's picture

http://httpd.apache.org/docs/trunk/mod/mod_negotiation.html
http://httpd.apache.org/docs/trunk/mod/mod_autoindex.html

Both of these are not needed if all your running is Drupal. If you want your default "out of the box" configuration file to work then you need these. So for the simple reduce the number of modules loaded & not fix what's broken then you need both of these modules. If you want to get a very custom httpd.conf file then you go ahead and remove these. If you want the bare minimum modules this is what I run with CentOS

LoadModule authz_host_module modules/mod_authz_host.so
LoadModule dir_module modules/mod_dir.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule mime_module modules/mod_mime.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule alias_module modules/mod_alias.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule include_module modules/mod_include.so

If I wasn't lazy I could get rid of include_module & alias_module. Might be able to get rid of setenvif_module & deflate_module depending on your setup. If your ambitious you can use headers_module to replace the expires_module. log_config_module is also optional depending on your situation.

And unless you need to limit

Posted by dalin on March 15, 2010 at 11:57pm
dalin's picture

And unless you need to limit access of some directories/sites you can get rid of the auth*_modules. (But to remove mod_authz_host will probably require tweaking your config files)

--

Dave Hansen-Lange
Director of Technical Strategy, Advomatic.com
Pronouns: he/him/his

Plesk server apache module setup

Posted by Gastonia on August 22, 2012 at 10:34am
Gastonia's picture

After reading several articles on 2bits and in the community in general, I have a good idea of what Drupal needs.

But, I recently have acquired a VPS server which is managed by plesk, but I do everything mainly by SSH.

This is what this server comes with default

LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_alias_module modules/mod_authn_alias.so
LoadModule authn_anon_module modules/mod_authn_anon.so
LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule ldap_module modules/mod_ldap.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule expires_module modules/mod_expires.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule info_module modules/mod_info.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule cache_module modules/mod_cache.so
LoadModule suexec_module modules/mod_suexec.so
LoadModule disk_cache_module modules/mod_disk_cache.so
LoadModule file_cache_module modules/mod_file_cache.so
LoadModule mem_cache_module modules/mod_mem_cache.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule version_module modules/mod_version.so

My question is, I don't mind turning all these off and implementing the suggestions I have learned from my research and this thread, but, for those of you who are familiar with Plesk, would turning any of these off affect how Plesk operates or the other sites on this server?

Can I safely turn them off and simply implement the minimum required?

right now my Drupal apache processes are around 100m each. Yuck. I really have to get that down :/

Thanks!

What I'm running

Posted by mikeytown2 on August 22, 2012 at 6:22pm
mikeytown2's picture

LoadModule authz_host_module modules/mod_authz_host.so
LoadModule dir_module modules/mod_dir.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule mime_module modules/mod_mime.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule alias_module modules/mod_alias.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule env_module modules/mod_env.so
LoadModule logio_module modules/mod_logio.so

What I did was disable an apache module and if httpd started & drupal worked, leave it disabled and repeat the process. Good luck.

And using the same

Posted by dalin on August 22, 2012 at 7:28pm
dalin's picture

And using the same hunt-and-peck procedure, this is the minimum that works on our servers:

mod_alias
mod_deflate
mod_dir
mod_expires
mod_headers
mod_mime
mod_php5
mod_rewrite

--

Dave Hansen-Lange
Director of Technical Strategy, Advomatic.com
Pronouns: he/him/his

Re: Plesk server apache module setup

Posted by srahul07 on August 22, 2012 at 11:21am
srahul07's picture

@Gastonia:

I can see that there are a lot of modules enabled and most of them may be are of no use for your case, but since those are enabled by plesk by default, they must be used for some purpose. I would not recommend turning directly every module off. Instead you should first verify whether the module is being used anywhere by any application.

So, I would recommend following action items before disabling any module:

  1. Verify which modules are being used by which process: Use ps aux
  2. Confirm whether you really need that application to run
  3. If the application is not needed OR the module is not being used by any process, List down all such modules
  4. Read each of the modules documentation from here.
  5. Post this list of unused module to the Plesk Support Team and get help from them to disable any of those module. You can also post it here.
  6. Disable the modules once confirmed from Plesk Support.

Ideally you should also look out for the queries that are run in background. Most of the time the queries give unnecessary amount of data which could in turn increase the apache process size.

Also, let us know What are caching engines and other performance optimization application you are using?

Cheers!

Rahul B. Shelke
My Cute Office

https://mycuteoffice.com/

From what I have read, a

Posted by Gastonia on August 22, 2012 at 11:40am
Gastonia's picture

From what I have read, a typical Plesk installation just enables everything for the less technical user so that they don't even have to worry about ever using SSH or even getting to this config file. That way, whatever they do on their website just 'works'. But I am no Plesk expert, and even less of an Apache module expert.

There were a few in the list I thought may be needed for multiple sites to run in a shared environment, such as 'vhost_alias' - which as name suggests, sounds like it it something for the vhost environment to operate properly.

Thanks for the link though, and I will check that out and familiarize myself more with the modules.

To answer your specific question about other performance enhancements, I am using Memcache, set to one default bin, and running APC. These have sped the site up greatly, but these Apache processes still concern me. Thanks for the quick response!

High performance

Group notifications

This group offers an RSS feed. Or subscribe to these personalized, sitewide feeds: