Apache HTTP Server Optimization: Part 1

When running your own dedicated server or even a VPS (virtual private server), it is important make sure your server is running at optimal performance. Apache, the web server of choice for many Linux system administrators, will not automatically make itself stable, secure, and fast. You must do that, and there are several optimization techniques you can use to accomplish it. This week, I will cover a few.

Apache configuration is stored in a file called httpd.conf or apache2.conf, and it most often stored in /etc/httpd or /etc/apache2. To edit the file, you can use “vi” or “nano”.

MaxClients

This setting defines the number of visitors you can have connected at once. You can calculate the visitor capacity your server can support by using this formula:

150 x number of GigaBytes of RAM

For example, a server with 2GB of RAM can have 300 MaxClients. 3GB can support 450. Make it high enough to prevent user timeouts but low enough to avoid causing the server to lockup. A high amount can also make your server an easy target for DoS (Denial of Service) attacks.

ServerLimit

Set this value to the same as MaxClients (i.e. SeverLimit = 150 x number of GB of RAM)

I will continue the series on Apache optimization throughout this week. You can also read your Linux distribution’s specific documentation on Apache to find out specifics, such as where the configuration file is stored.

Source: linuxstuffs.net

Hackers attack South Korea and US

According to reports, North Korean hackers are believed to have launched cyber attacks on government offices in the US and South Korea. Some South Korean and US websites were momentarily taken down. Among the South Korean sites with service disruption were the Blue House, defense ministry, national assembly, Shinhan bank, Korean Exchange bank, and Internet portal Naver.

As of yet, there seems to be no concrete evidence that the North Korean government had any involvement in the attack, despite the suspicions to the contrary. South Korean officials announced that they suspected North Korea or its sympathizers of initiating the attack and that they are working with the US in the investigation. The US treasury department, secret service, Federal Trade Commission, and transport department websites were hit and momentarily taken off line over the past weekend.

The method of attack appears to be DoS (denial of service), a technique preferred by hackers because of its effectiveness at taking down websites without the need to infiltrate security systems. The hackers will normally use several computers connected to the Internet, sometimes spread all over the world, to bombard a website with simultaneous connections until the site can no longer handle the load. The site then either goes offline or is simply unreachable to legitimate visitors.

Source: Guardian
Photo: Flickr

Chinese Police Detain Four Internet Hackers

On May 19, China experienced widespread Internet outages after hackers took down major DNS servers in a DoS (Denial of Service) attack. Chinese authorities now have the four hackers in custody following police investigations in the Jiangsu, Zhejiang and Guandong provinces. The server in question was DNSPod, a Chinese DNS service provider and domain name registrar.

The motive for the attacks was apparently over a bitter rivalry between two illegal online gaming companies. DNSPod provides access to some of the competition’s gaming servers, and the suspects figured it was an easy way to redirect traffic to their own gaming sites. But the effects of the attacks were widespread, causing other servers to go down, including those of Baofeng, a popular Chinese video streaming service. Millions of users were denied service.

Nearly 300 million Internet users in China temporarily lost service, the worst outage since 2006, according to the the Chinese Ministry of Public Security. A DoS attack relies on unsecured computers to do its dirty work, infiltrating them and then using their Internet connections to send useless packets of data to a server until the server’s resources are completely used, denying real customers service.
Source: Top Tech News
Photo: Flickr