PECL, the PHP Extension Community Library, is a repository of C extensions that are loaded directly into PHP. PHP Extensions expand the functionality of PHP. PECL extensions can be installed via the use of the pecl command. There are also PHP extensions provided by package repositories. The decision of which to utilize typically depends on how PHP was installed.
Today, DevOps teams try to utilize automation as much as possible. This is to cut down on the sheer number of repeatable processes to limit man-hours worked, throttle development efforts, and to reduce the possibility of errors. This is also a business necessity to reduce overhead costs, increase the speed of the CI/CD process and increase customer satisfaction. There are multiple individual areas that need to be automated to have a fully autonomous infrastructure. Luckily, there are various tools we can take advantage of to help us automate our infrastructure and make sure we have well-developed DevOps processes. In this article we will go over the several of the best DevOps tools for our infrastructure systems.
In this article, we will discuss how to install PIP on Ubuntu 18.04. PIP is a tool used to install and manage Python packages. This tutorial will show how to install and check the version of PIP as well as run a few basic commands for using PIP on Ubuntu 18.04.
Reading Time: 2minutesSimilar to Dropbox and Google Drive, Nextcloud is self-hosting software that allows you to share files, contacts, and calendars. But, unlike Dropbox and Google Drive, your files will be private and stored on your server instead of a third-party server. Nextcloud is HIPAA and GDPR compliant, so your files will be encrypted along with the ability to audit. For this tutorial, we’ll be installing our Nextcloud instance on our Ubuntu VPS server. Continue reading “How to Install Nextcloud 15 on Ubuntu 18.04”→
Reading Time: 5minutesMod_security, also commonly called Modsec for short, is a powerful WAF (Web Application Firewall) that integrates directly into Apache’s module system. This direct integration allows the security module to intercept traffic at the earliest stages of a request. Early detection is crucial for blocking malicious requests before they are passed along to web applications hosted by Apache web sites. This provides and extra layer of protection against common threats a server faces. This article will explore the installation of mod_security along with the CRS (Core Rule Set) in a Ubuntu 16.04 LTS Server running Apache 2.4. Continue reading “Install and Configure ModSecurity on Ubuntu 16.04 Server”→
EasyApache 4 installs, configures, updates, and validates your Apache, PHP and other services on your server.EasyApache 4 also supports multiple versions of PHP. This allows you to assign different versions of PHP to each of your domains. There are great tools that have been implemented with EasyApache 4 that makes managing PHP versions simple. Two of these are the MultiPHP Manager and MultiPHP INI Editor. These can be found within the Web Host Manager, or “WHM” for short. With the addition of these tools in cPanel/WHM, users can now complete most of these tasks from the Graphical User Interface. However, it is worth mentioning, attempting these tasks from the command line is recommended as we have seen better performance when compiling Apache builds.
Using PHP 7.2 on an Ubuntu dedicated server is highly recommended over previous PHP versions for several reasons, first being security. Active Support for PHP 7.2 goes until November 30th, 2019 and Security Support until Nov. 30, 2020. Older versions like 7.0 and anything 5.6 and below are no longer getting any support and can leave open security holes on a server if they are not replaced. Another main reason to upgrade is the big performance increase over previous versions when PHP 7.2 is installed and is using the OPcache module. This can greatly decrease the time it takes for your web page to load! If you are developing a site locally or launching it on one of Liquid Web’s Ubuntu VPS or Dedicated Servers, using PHP 7.2 or newer would be the way to go.
Reading Time: 3minutesThe keystone for understanding Apache server performance is by far the Multiprocessing Modules (MPMs). These modules determine the basis for how Apache addresses multiprocessing. Multiprocessing means running multiple operations simultaneously in a system with multiple central processing units (CPU Cores).
There are many MPMs to choose; however, this article focuses on the most commonly used modules found in Liquid Web Linux based servers. These modules are:
The self-regulating MPM Prefork derives its namesake from how it forks or copies itself into new identical processes preemptively to wait for incoming requests. A non-threaded process-based approach at multiprocessing, MPM Prefork runs Apache in a single master parent server process. This parent is responsible for managing any additional child servers that make up its serverpool. While using MPM Prefork, each child server handles only a single request. This focus provides complete isolation from other requests dealt with on the server. MPM Prefork is typically used for compatibility when non-threaded libraries/software, like mod_php (DSO), are required. From an optimization standpoint, MPM Prefork can be sorely lacking when compared to multi-threaded solutions, requiring vastly more resources to reach similar traffic levels as a threaded MPM. It is resource intensive due to its need to spawn full copies of Apache for every request.
Avoid using MPM Prefork whenever possible. It’s inability to scale well with increased traffic will quickly outpace the available hardware on most system configurations.
A hybrid pre-forking, multithreaded, multiprocessing web server. In the same fashion as MPM Prefork, MPM Worker uses the same approach with a single master parent process governing all children within its serverpool. However, unlike MPM Prefork, these children are multi-threaded processes that can handle dozens of threads (requests) simultaneously. MPM Worker has set the foundation for multithreaded multiprocessing in Apache servers which became stable in Apache 2.2. The threaded configuration allows Apache to service hundreds of requests with ease while retaining only a dozen or so child processes in memory. The MPM Worker make for both a high capacity and low resource solution for web service.
The KeepAliveTimeOut directive currently defines the amount of time Apache will wait for requests. When utilizing KeepAlive with MPM Worker use the smallest KeepAliveTimeout as possible (1 second preferably).
Based off the MPM Worker source code, MPM Event shares configuration directives with MPM Worker. It works nearly identical to MPM Worker except when it comes to handling KeepAlive requests. MPM Event uses a dedicated Listener thread in each child process. This Listening thread is responsible for directing incoming requests to an available worker thread. The Listening thread solves the issue encountered by MPM Worker which locks entire threads into waiting for the KeepAliveTimeout. The Listener approach of MPM Event ensures worker threads are not “stuck” waiting for KeepAliveTimeout to expire. This method keeps the maximum amount of worker threads handling as many requests as possible.
MPM Event is stable in Apache 2.4, older versions can use MPM Worker as an alternative.
There is an assortment of additional MPMs available. These are typically part of Apache’s integration into Operating Systems other than Unix based systems. These have specific MPMs which are requirements or utilizing Apache on their respective system types. These types of MPMs are beyond the purview of this article. You can find more information on specific MPM in the MPM Defaults section of the official Apache Documentation.
We recommend staying away from experimental and unstable MPMs. The unreliable nature of these types of software renders them unsupportable.
Which MPM is the best?
When considering optimization, it is essential to understand there is no such thing as a one-size-fits-all Apache configuration. Correctly choosing an MPM requires analysis of many moving variables like traffic, site code, server type, PHP Handler and available hardware. Every server is unique making the best MPM an entirely subjective choice.
If your application code does not support multi-threading, then your choice will inevitably be MPM Prefork purely on a compatibility basis. MPM Prefork includes software modules like mod_php (DSO). MPM Worker without KeepAlive performs very well if your application is a high-performance load balanced API system. The scalability and flexibility of MPM Event is a solid choice for hosting multiple small to medium sites in a shared hosting configuration.
Most simple servers setups operate well under the self-governing default configuration of MPM Event, making it an ideal starting point for optimization tuning. Once chosen, an MPM can then move onto Configuration Directives to review which settings pertain to server performance and optimization. Or check out our previous article in this series, Apache Performance Tuning: Swap Memory.
Reading Time: 6minutesBroken down into two parts our article’s first section hits on “how to whitelist IPs or URIs,” for people who are somewhat familiar with ModSecurity but want to know further about the process. Our second section examines why we configure ModSecurity and how to prevent the security of the server from getting in the way of our work. If you have a Fully Managed Liquid Web server reach out to our Heroic Support team for assistance with whitelisting! Continue reading “Whitelisting in ModSecurity”→