CGI Scripts that are Very Secure, Reliable & Free! 

Apache configuration

Although Apache will run after installation with the default configuration does not include some safety features you'll want to enable.

Stopping runaway scripts - RLimitCPU

Adding RLimitCPU to your httpd.conf file is vital if you want to stop runaway scripts from taking your server down. When a script goes wrong it can end up in an infinite loop. Without this directive it'll just keep on going, eating up your CPU and memory. If you get several of these at the same time your server will get bogged down and run extremely slowly. Add this directive "RLimitCPU 240, 300" to your httpd.conf file. We added ours just before the Virtual hosts section (Just above NameVirtualHost). The numbers represent a softlimit and a hard limit in seconds. The standard is 5 mins (300 seconds) but you may want to restrict this number further if you get repetitive problems with runaway scripts.

Handling heavy script loads

Out of the box, apache is configured to allow a high number of simultaneous connections. This is great if you have a lot of static content receiving a lot of traffic. But what happens if the majority of traffic is hitting dynamic content or a script? If the script is a simple redirect or page display it won't be a problem, but what if it's calling a database and reading and writing to it? What if you have 40 or more visitors hit the database script at the exact same time? Well things will back up a little and the server load rating will shoot up. Now any more hit's coming in are just adding to the problem. If this is followed by a period of low traffic it's probably recover, but if the traffic remains high, then the server will become effectively inaccessible. What happens when people can't get to the server? They keep hitting the refresh button, making the problem much worse as now each visitor is accounting for several requests, not just one.

All this can sound pretty daunting, but don't worry if you are experiencing this, there is a solution. Firstly make sure your database and script engine (perl, php, jsp, asp) are up to date and running the latest stable release. Secondly update your apache configuration to restrict the number of requests that can come in at once. The lines you need to look at are:-
StartServers
MinSpareServers
MaxSpareServers
MaxClients
By default these numbers are quite high. The most important one is MaxClients, this dictates the maximum number of processes apache can run at the same time. Any traffic above this number will be put in a queue and wait to get processed. Scaling down these numbers will resolve the problem.

Lowering Bandwidth

Most of the stuff you're probably serving is HTML page content. This in essence is raw text, which can be compressed to usually less than 25% of the original size. Apache 2 makes this a bit easier as it includes a module called mod_deflate, with Apache 1 you'll need to grab mod_gzip and upload it to your server. Without this enabled you'll be using up bandwidth needlessly and your pages will actually server slower! Instructions below:-

For Apache 2

1. Open httpd.conf
2. Check for the line:-
   LoadModule deflate_module modules/mod_deflate.so
   If you can't find it add the line below the other LoadModule statements
3. Add the line:-
   AddOutputFilterByType DEFLATE text/html text/plain text/xml
   We added ours below AddOutputFilter INCLUDES .shtml

For Apache 1

1. Grab the mod_gzip package from SourceForge
2. Install following the instructions it contains
3. Open httpd.conf
4. Check for the line:-
   LoadModule gzip_module modules/mod_gzip.so
   If you can't find it add the line below the other LoadModule statements
5. Now Add the lines:-
   <IfModule mod_gzip.c>
   mod_gzip_on yes
   mod_gzip_item_include mime ^text/.*
   mod_gzip_item_exclude mime ^image/.*
   </IfModule>

Running scripts safely and properly

To run scripts safely and properly you need to use a CGI wrapper. Apache comes with a CGI wrapper called suEXEC. Please follow our guide to setting up suexec.