The Best Settings for Configuring FastCGI (mod_fcgid)

Reading Time: 5 minutes

In our last tutorial, we showed you how to install Apache’s mod_fcgid and provided Linux scripts to assist in transitioning from mod_php. In this next section, we’ll be discussing how to configure a baseline setting for PHP optimization. Continue reading “The Best Settings for Configuring FastCGI (mod_fcgid)”

How to Install mod_fcgid on cPanel’s EasyApache 4 with CloudLinux

Reading Time: 6 minutes

When it comes to PHP execution, mod_fcgid (also called FCGI) is one of the heavyweight contenders. There are a few rival handlers, like PHP-FPM or mod_lsapi, which come close to matching its execution speed, but they generally leave something to be desired when it comes to fine-tuning and resource consumption. FCGI is built for speed and includes a myriad of Apache directives that can be leveraged for resource regulation.

This article will cover installing mod_fcgid followed by basic configuration in a separate article. The article applies to any cPanel servers running the following operating systems:

The article will not cover EasyApache 3 (EA3). Due to the End-of-Fife (EOL) status of EA3, it is imperative that any systems running EA3 upgrade to EA4 as soon as possible. To avoid conflicts, upgrading to EA4 should be handled as an entirely separate procedure from installing mod_fcgid. If you need assistance with upgrading from EA3 to EA4, please feel free to contact our support team. If you’re running a Liquid Web Fully Managed cPanel server, our team will perform the entire upgrade procedure for you.

Expectations: Downtime & Performance

Downtime – Please plan ahead of time as this operation may cause downtime. While installing an Apache module and enabling a baseline configuration should only require an Apache restart, there may be unforeseen circumstances that require troubleshooting. This can lead to sites becoming unresponsive and/or slow.

Note
Always plan for more downtime than expected and always have a reversion plan. Allot extra time for troubleshooting, testing, and reverting all changes if necessary.

Performance – While FCGI provides superior PHP execution time, it is not a blanket fix for performance. For server optimization there will be an adjustment period for configuration tweaking.This period can take hours to weeks as it must account for the unique caveats with the specific server hardware, software, traffic habits, and many other unpredictable variables.

Note
Optimization is an ongoing, perceptual process. There is no one-size-fits-all optimized configuration. Traffic & resource usages continually change over time on all servers. Periodic evaluation and configuration adjustment are necessary to stay ahead of the curve.

 

Installation of mod_fcgid

The following steps should be followed as close to the examples as possible. Things will vary slightly depending on CentOS/CloudLinux versions, and a few other factors. The article will denote the differences where they are expected.

Step 1) [su_highlight background="#3ac6eb"]Liquid Web Servers Only[/su_highlight] Disable Mod_Zeus & Other EA3 Modules

Older Liquid Web cPanel servers with EasyApache 3 who upgraded to EA4 may find residual configs on the system that can cause conflicts in the Apache configuration. This step will help make sure these older configs are disabled. The following sed one-liner will take care of disabling the inclusion line for these modules. These modules are stored in the /usr/local/lp/configs/httpd/conf.d/ directory. This directory is typically mentioned in the /etc/apache2/conf.d/includes/post_virtualhost_global.conf config file. The sed code looks for and comments out the specific include statement for this file.

sed -i -e 's/[^#]+\(Include [/]usr[/]local[/]lp[/]configs[/]httpd[/]\)/#\1/g' /etc/apache2/conf.d/includes/post_virtualhost_global.conf

To confirm the change, print the contents of the post_virtualhost_global.conf file using cat:

cat /etc/apache2/conf.d/includes/post_virtualhost_global.conf

The output should be blank or have a commented out inclusion line like below:

#Include /usr/local/lp/configs/httpd/conf.d/*.conf

Step 2) Disable Litespeed

FCGI is not compatible with Litespeed, which uses its own mod_lsapi module to process PHP using lsphp. Disabling Litespeed in this way does not remove it from the server; it merely enables Apache as the default web server.

/usr/local/lsws/admin/misc/cp_switch_ws.sh apache

Step 3) Install mod_fcgid

The following yum command will install the necessary module:

yum install ea-apache24-mod_fcgid -y

Once completed, confirm Apache has the fcgid_module loaded:

httpd -M | grep expires\|version\|fcgid

Example output:

fcgid_module (shared)

Step 4) [su_highlight background="#3ac6eb"]CloudLinux Only[/su_highlight] Configure CageFS Map for FCGI

The following snippet will create the necessary directories needed by mod_fcgid to execute correctly. It will then add those directory entries into the /etc/cagefs/cagefs.mp file, allowing user-level access to said directories from within their caged environment. It finally forces cagefs to remount all user directories for access to the new directory on all sites.

mkdir -p /var/run/mod_fcgid /usr/share/cagefs-skeleton/var/run/mod_fcgid /run/mod_fcgid
cp -p /etc/cagefs/cagefs.mp{,.lwbak.$(date +%F_%H%M%S)}
cat <<EOF>>/etc/cagefs/cagefs.mp
/var/run/mod_fcgid
/run/mod_fcgid
/usr/local/cpanel/cgi-sys/
EOF
cagefsctl -M

Step 5) [OPTIONAL] Remove Unnecessary Writable Permission

Due to security restrictions, any website files or directories with group-writable or other-writable permissions will be denied and a 500 Internal Server Error will be displayed. The following awk one-liner uses the find command to search all DocumentRoot directories configured on the server. It is advised to run this process in a screen session as it may take an hour or more depending on the size of the file system in question. The code takes care to use nice and ionice commands to run the process as a low priority so there will be minimal impact on server load or disk I/O. All changed files and their previous permissions are recorded in the /var/log/fixperms.log file.

Step 5a) Create & Attach to a Screen Session

screen -dmS fixperms; screen -x fixperms

Step 5b) Run the One-Liner

nice -n 15 ionice -c2 -n7 awk '/DocumentRoot/{DR[$NF]=$NF}END{for (e in DR) {x="find \""e"\" \\( -type f -or -type d \\) -and -perm /g+w,o+w -printf \"%M %y %m %p\\n\" -exec chmod g-w,o-w {} +"; while(x|getline) {print $0;print strftime("%F %T %Z"),$0 >> "/var/log/fixperms.log"} close(x)}}' /etc/apache2/conf/httpd.confExit screen by holding CTRL/CMD then pressing A, then D.

 

Step 6) [OPTIONAL] Disable mod_php Directives in .htaccess Files

Another common caveat when switching to FCGI is that any existing mod_php related directives inside any .htaccess file are not compatible with mod_fcgid and will cause the site to throw a 500 Internal Server Error. So these entries need to be located and disabled or removed.  The following awk one-liner checks all configured DocumentRoot directories for .htaccess files, and if they contain a php_value or php_admin_value entry, it will disable by commentting the line out. First, an in-place backup is created of the original file. The backup is named .htaccess.bak.YYYY-MM-DD_HHMMSS. All changed files and their previous permissions are logged in the /var/log/fixhtaccess.log file.

Step 6a) Create & Attach to a Screen Session

screen -dmS fixhtaccess; screen -x fixhtaccess

Step 6b) Run the One-Liner

nice -n 15 ionice -c2 -n7 awk '/DocumentRoot/{DR[$NF]=$NF}END{for (e in DR) { x="find "e" -name .htaccess -exec grep -iEl \"^([^#]*php_(admin_)?value)\" {} +"; s="sed -i.bak.$(date +%F_%H%M%S) \047s/^\\([^#]*php_\\(admin_\\)\\?value\\)/#\\1/gi\047 2>&1";
while(x|getline) {print $0; print s,$0; print strftime("%F %T %Z"),s,$0 >> "/var/log/fixhtaccess.log"; while(s" "$0|getline y) { print y; print strftime("%F %T %Z"),y >> "/var/log/fixhtaccess.log" } close(s" "$0)} close(x)}}' /etc/apache2/conf/httpd.conf

Step 7) Rebuild Apache Config (Troubleshoot Any Errors)

The following command checks the system httpd.conf file for syntax error and if none are found, runs the cPanel httpd.conf rebuild script. Fix any syntax errors, until a clean rebuild is completed without error.

httpd -t && /scripts/rebuildhttpdconf

Step 8) [su_highlight background="#3ac6eb"]CloudLinux ONLY[/su_highlight] Setup PHP Selector

The PHP Selector feature of CloudLinux is only compatible with the inherit PHP versions in the cPanel MultiPHP Manager interface. All sites should be using the inherited version of PHP or PHP Selector will not function for that site. This only applies to CloudLinux servers.

Step 8a) Force All Sites to Use Inherited Version of PHP in MultiPHP Selector

The following command uses cPanel’s whmapi1 system to force all sites onto the inherited version of PHP in MultiPHP Manager.

/usr/sbin/whmapi1 php_get_vhost_versions | awk  -F'[: ]+' '$2~/vhost/{x="/usr/sbin/whmapi1 php_set_vhost_versions version=inherit vhost-0="$3;print x;system(x);close(x)}'

Step 8b) Disable MultiPHP Manager & MultiPHP INI Editor

The following uses the cPanel whmapi1 system to add MultiPHP Manager/INI Editor to the disabled features list.

/usr/sbin/whmapi1 update_featurelist featurelist=disabled multiphp=1 multiphp_ini_editor=1 ; /usr/sbin/whmapi1 update_featurelist featurelist=disabled multiphp_ini_editor=1

Step 9) Switch All PHP Handlers over to FCGI

The following will convert all installed PHP Handlers to using FCGI. These handlers are viewalbe through the Handlers tab of WHM’s MultiPHP Manager interface or by running the cPanel rebuild_phpconf script.

/usr/local/cpanel/bin/rebuild_phpconf --current | awk 'NR>1{x="/usr/local/cpanel/bin/rebuild_phpconf --"$1"=fcgi"; print x; system(x);
close(x)}'

To confirm the changes, run:

/usr/local/cpanel/bin/rebuild_phpconf --current

Example Output:

DEFAULT PHP: ea-php71
ea-php54 SAPI: fcgi
ea-php55 SAPI: fcgi
ea-php56 SAPI: fcgi
ea-php70 SAPI: fcgi
ea-php71 SAPI: fcgi
ea-php72 SAPI: fcgi

Step 10) Perform a Full Stop & Restart of Apache

The following script will stop Apache (gracefully if possible), and kill any unresponsive Apache & PHP processes before starting the Apache service again. It will also verify the Apache configuration syntax and will only perform the restart procedure if the syntax returns ok. This technique is handy as it is common for Apache processes to get stuck from time to time on busy servers.  This snippet deals with those scenarios after performing the humane stop request first.

httpd -t && (/scripts/restartsrv_apache stop; sleep 3; killall httpd php lsphp php-cgi; sleep 3; killall -9 httpd php lsphp php-cgi; /scripts/restartsrv_apache start) || echo Fix Apache Config and try again.

Note
Toss this snippet into an alias called apache_rescue which you can add to your ~/.bashrc for easy access to this code. Below is a one-liner that will create this alias for you and load the modified profile in your current session. Once this alias is installed, it will always be available on that  server by typing apache_rescue.

cat <<'EOF'>>~/.bashrc && source ~/.bashrc
alias apache_rescue='httpd -t && (/scripts/restartsrv_apache stop; sleep 3; killall httpd php lsphp php-cgi; sleep 3; killall -9 httpd php lsphp php-cgi; /scripts/restartsrv_apache start) || echo Fix Apache Config and try again.'
EOF

This concludes our ten step process for installing mod_fcgid onto your cPanel system.  It’s recommended to adjust FCGI settings from their default settings. Tune into our next tutorial where we’ll be advising on how to optimize FCGI for various environments.

How to Check Server Load on a Windows Server

Reading Time: 6 minutes

What Does Server Load Mean?

Checking a server’s load allows us to evaluate server resources and confirm they are sufficient for any running application. It enables us to troubleshoot slow performance and reliably pinpoint any server resource that may need attention.

While there are many tools and options available, today let’s focus on Windows Task Manager as a way to help us quickly see what is going on, and interact with applications, processes, and services to identify the load. This article will also include an introduction to Resource Monitor as it can be opened from Task Manager to provide more detail.

Ways to start Task Manager

  • Click the Start menu and type task… then choose Task Manager
  • Right-click the Taskbar area and choose Task Manager from the menu
  • Press Ctrl+Alt+End keys on the keyboard when in a Remote Desktop session
  • Run the command taskmgr

Let’s bring up the Task Manager and take a look at what it has to offer.

On systems where it has never been used, you may find Task Manager offering this very uninteresting display. Click More details to discover the treasure trove of information it is hiding.

Task Manager provides quick access to Processes, Performance, Users, Details, and Services. We’ll go through each tab to see what they have to offer and discover what to look for when checking server load.

Processes

The Processes tab shows us everything that is running in the system and the amount of CPU and memory resources it is using. At the top, we can see the total CPU and memory utilization.

By clicking the CPU or Memory column headings, we can sort the processes list by that criteria, and use the sort arrow to determine whether to sort from highest to lowest usage or the opposite. You can click on any individual process and end the task, see resource usage, and more.

Troubleshooting Tip:
If we see a particular application is using a high amount of the CPU or memory, it may be a potential source of performance issues. In the example above, we can see this server is using 78% of memory and only a very small amount of the CPU.

Performance

Performance tab has the most visual display of information and allows us to select from CPU, Memory, and Ethernet views to show activity over a 60 second period. With this view, we can identify spikes or see the trend over time to determine if a condition is temporary or sustained.

 

CPU Performance

CPU performance information shows us the type of CPU and speed, the number of processes, threads, and handles in use, as well as the number of virtual CPUs, in most cases. We can also see how long the system has been up (up time). This last bit of information can tell us how long the server has been running, confirm if it successfully completed a restart, or if it rebooted unexpectedly due to running out of resources.

Troubleshooting Tip:
In this example, we see the CPU is at 94%. If this level or higher is sustained over a long period of time, server performance will be sluggish, and it could affect the stability of the system. Sustained high CPU use is an indicator the system is struggling. We need to look at other systems to determine whether it is due to applications or insufficient physical memory that pushes the system to use virtual memory. Doing this will cause the CPU and disk resources to spike and remain high.

 

Memory Performance

Memory Performance information shows us the total amount of memory in the system as well as what is in use and available. Committed represents virtual memory and the pagefile (an extension of RAM) on disk. Cached represents memory used by Windows, and the Paged pool represents memory used by Windows that can be paged out to the pagefile on disk if memory starts running low. Non-paged cannot be paged to the pagefile.

Troubleshooting Tip:
n this example, we see the CPU is at 94%, Memory is at 90%, and we are using virtual memory. When looking at the Committed Memory, we can see that virtual memory is 2.7 GB while the pagefile is 4.9 GB. In this example, we have not maxed out the pagefile. If we find the system is continuously running with the CPU and Memory at or above 90%, it is a strong indicator to add physical memory to the system to reduce the use of virtual memory.

 

Ethernet Performance

Ethernet performance information shows us the type of network adapter and the amount of resources it is using with a graphed line for both send and receive as well as numeric values for data being sent. We can also see the Adapter name, Connection type, and the IP address(es) assigned. Right-clicking on the graph will allow us to see network details including network utilization, link speed and state, bytes send and received, etc. On the Performance tab, we also have the option to launch Resource Monitor to see even more detail.

 

Users

The Users tab shows us a list of all the users connected to the server and how much CPU and memory resources the user is utilizing. We can click on a specific user to Disconnect them, send them a message, or take over their session if we have Administrator rights. In the context of checking for load, we can determine if a specific user is consuming too many resources or has disconnected from a session, leaving it running in memory, and choose whether to log the user out to free up resources.

Details

The Details tab shows us a list of all the running programs and processes along with their PID (Process ID) number, whether the program is running or suspended, the user name it is running under, the amount of CPU and memory it is using, and a description of the process. You can click any of the column names to sort by that column in highest to lowest or the opposite order. The PID number can be very helpful to track down a specific process that is referenced in event logs. Right-clicking an item allows us to choose options including:

  • ending a process or process tree
  • set a priority for the running process
  • establish affinity to a specific processor or all processors
  • additional options

 

Services

The Services tab shows us a list of service names, their PID (Process ID) numbers, a description of the service, the status as either stopped or running, and the Group the service is running under. Right-clicking on a service allows us to start, stop, restart, and access additional options. We should be careful not to change the status of some services as they depend on others, and stopping the wrong one could have unintended consequences on the system or devices. To learn more about a service, we can right-click it and choose Search Online.

How Do I Check My Resouce Monitor?

Ways to start Resource Monitor

  • Click the Start menu and type resource… then choose Resource Monitor
  • Right-click the Taskbar area and choose Task Manager from the menu, then from Performance tab choose Open Resource Monitor
  • Run the command resmon

Let’s bring up Resource Monitor and take a look at what it has to offer. You’ll find this has more depth but is very similar to the information available from Task Manager. For this reason, we’ll only cover the overview and a brief description of each tab in this article.

Overview provides us with data on CPU, Memory, Disk, and Network options and graphs all on one page with the option to expand or collapse each section. It will also show current usage of a resource as well as the highest active time. Clicking individual sections provides more detail.

CPU shows processes, services, associated handles, and modules, and will show individual CPUs and their load in addition to total CPU.

Memory shows processes in addition to a breakdown of the physical memory and graphs to show commit charge which relates to use of the pagefile and the number of hard faults per second which can be an indicator of how many times Windows has to access the swap file. If your system is showing hundreds of hard faults per second, this indicates a need more physical memory.

Disk shows the processes in addition to a breakdown of how much each task is reading and writing to disk. The graphs show total disk activity in addition to Queue Length. Disk Queue length indicates how many disk I/O operations are queued up waiting for their turn to be processed by the disk. If we find that the highest active time is above 80% and the disk queue length is 2 or higher, it means processes are waiting, and the performance of the disk is affecting the overall performance of the system. In many cases, this number will be high due to a system that lacks sufficient physical memory and is constantly paging information to disk or relying too heavily on virtual memory. It will often be accompanied by a CPU running above 90% for sustained periods.

Network shows the processes with network activity, in addition to TCP connections and listening ports, and graphs to show network transfer and TCP connections. Sustained high network utilization can indicate congestion issues and a need for more capacity.

Still having trouble determining what is bogging down your server?  With Liquid Web’s servers, you can talk to a experienced support tech night or day.  Our techs have the expertise needed to help determine bottlenecks in your system. Switch to Liquid Web today and get the support you’ve been looking for!

Useful Command Line for Linux Admins

Reading Time: 11 minutes

The command line terminal, or shell on your Linux server, is a potent tool for deciphering activity on the server, performing operations, or making system changes. But with several thousand executable binaries installed by default, what tools are useful, and how should you use them safely? Continue reading “Useful Command Line for Linux Admins”

How to: Using killall to Stop Processes with Command Line

Reading Time: 2 minutes

Sometimes you may find your server in a state of high load caused by out control of processes. First you’ll want to use a command like htop, top, or ps, to get an idea on the server’s current state. If you aren’t familiar with those utilities we’d suggest checking our our article on htop.

After you have an initial assessment of the server’s current load you will have a better idea on how to proceed. More often than not the load is likely being caused by regular server traffic and usage.

Generally that will mean the load is being caused by a high number of Apache, PHP, or MySQL processes. After all most servers are hosting websites and these are the most commonly required programs to run a website. With that in mind during times of high load it’s often nice to quickly stop all processes of a certain type.
Continue reading “How to: Using killall to Stop Processes with Command Line”

Monitoring Server Processes With Top

Reading Time: 2 minutes

The top program provides a dynamic real-time view of a running system. It can display system summary information as well as a list of tasks currently being managed by the Linux kernel. The types of system summary information shown and the types, order and size of information displayed for tasks are all user configurable.

Continue reading “Monitoring Server Processes With Top”