Optimizing Apache 2 Configuration for Smaller VPS Instances

I recently down-scaled the server which hosts this blog (one among a few). Being a Ubuntu server, it was trivial to install the LAMP stack, including Apache 2. However, I quickly discovered a problem with the default configuration on a server with a lesser amount of memory (in this case 512MB). The server would work just fine for a short while and then grind to a near halt, where even a SSH session becomes unusable. When I eventually got into the server, I listed the processes and found the ‘apache2’ process running several dozen times!

The default configuration for the Pre-fork MBM (Multi-Processing Module) reads as follows:

# prefork MPM

   StartServers          16
   MinSpareServers       16
   MaxSpareServers       32
   ServerLimit           400
   MaxClients            400
   MaxRequestsPerChild   10000

To something more reasonable to a server with limited memory, such as:

# prefork MPM

   StartServers         4
   MinSpareServers      4
   MaxSpareServers      8
   MaxClients           35
   MaxRequestsPerChild  10000

I found this has made my server much more stable – and I’ve not noticed any performance decrease from the new configuration.

How To Install Phusion Passenger on a CentOS/cPanel Box

The Usual Disclaimer
Please beware that even if these instructions work, that they may break your setup.  While these worked fine for me, you should take extreme care applying them to your situation.  Follow these instructions at your own risk. They work fine for me on a CentOS 4.6 box with cPanel 11.23.4-R26138 and WHM 11.23.2.

First off, Phusion Passenger only works with Apache 2.x so if your server doesn’t have that thats the next thing you’ll have to do.  T o upgrade Apache, go to your main control panel at https://server.ip.address:2087/ and click the “Apache Update” link on the left.  If given the option, I highly recommend that you choose Apache 2.2 instead of 2.0.

Next, download Passenger. Assuming you already have Ruby and RubyGems installed on your server, simply run (as root) gem install passenger. This will pull the passenger library and code down to the server and place it with your other RubyGems.  It’s important to know that this does not install Passenger into Apache, so obviously its non-operational.  If you don’t have Ruby and RubyGems, you’re way too far down the line with reading this article and need to get up to speed with actually getting those on to your box.  Google can help with that!

At this point it’s probably useful to have the Passenger User Guide up on screen, just for reference.

Third, you need to compile and install the Passenger module within Apache. This sounds worse than it is, but before you do it, it is important to set a couple of environment variables to make it work properly.  In your SSH console type thrse two commands into it:

export APXS2=/usr/local/apache/bin/apxs
export APR_CONFIG=/usr/local/apache/bin/apr-1-config

Next, run:


It might take a few minutes, but if everything goes well you’ll eventually end up with Passenger telling you to add a few lines to your Apache configuration file (the code you get may differ slightly):

LoadModule passenger_module /usr/local/lib/ruby/gems/1.8/gems/passenger-2.0.2/ext/apache2/mod_passenger.so
PassengerRoot /usr/local/lib/ruby/gems/1.8/gems/passenger-2.0.2
PassengerRuby /usr/local/bin/ruby

However, despite what it tells you, do not put it in the httpd.conf file – cPanel can rewrite that file and your changes can be lost breaking your passenger configuration and virtual site.  Instead, add it to /usr/local/apache/conf/includes/pre_virtualhost_global.conf – this file might not exist until you make it, but that’s okay.

Lastly restart Apache and if you didnt get any critial errors, you should be in business.  I have had issue on other servers where the Rails app failed to load because the RubyGems version was too old, so keep your eye on the error_log file if Apache starts but it still doesn’t work.  Also refer to the Passenger User Guide for further configuration and usage information.

Connecting to Postgres Through a SSH Connection

Production level servers can be tricky.  Mostly because of the inherent, increased security needed to protect online (and exposed?) assets.  Our Postgres server is one such asset.

But opening the necessary ports to allow access to the database server (for maintenance) can expose the server to possible attack.  Fortunately, if your Postgres server is on a UNIX or Linux based machine with SSH installed, you can forward the Postgres port through the SSH tunnel.

ssh -L 1234:localhost:5432 username@server.dns.addressorip.com

In PGAdmin, simply connect to localhost:1234, and you will connect to the production server through the SSH connection without the need to open a port on the external firewall.