To understand what an opcode cache is and why it’s important, you first need to understand how PHP works server-side. When a PHP script is run on your web server, the PHP source file is read and then compiled into byte code before being executed. If you add an opcode cache, the intermediary executable code gets compiled on the first access of a script but then is stored in the cache and used for subsequent requests of the same script. This saves a lot of overhead, which is especially noticeable on a busy server.

Although there are a number of PHP opcode caches available, we’ll focus on APC, as it is the most widely used. However, with the release of PHP 5.5, the core PHP distribution now includes Zend Optimizer+, which after being open sourced has become the default opcode cache in PHP moving forward. PHP is now referring to Zend Optimizer+ as “OPcache.” APC currently ships as a PECL extension, meaning it can be installed via the PECL install tool, though most Linux distributions and add-on software repositories have prebuilt packages available. OPcache is built into PHP versions 5.5.0+ and is available as a PECL extension for versions 5.2, 5.3, and 5.4. An alternative to APC is most welcome, and we imagine most sites will soon migrate from APC to OPcache. In the meantime, however, the vast majority of sites are running on APC, so we will focus on APC throughout this chapter.

Once installed, the APC extension needs to be enabled either in php.ini or in its own apc.ini file. For servers hosting a single Drupal site, most of the default settings for APC will work fine; however, it is very important to set an appropriate memory size. For most sites, using a single shared memory segment with a size of 128 MB is a good starting point. Once set, restart Apache to pick up the change, then load your website and repeatedly load a few different pages. Then visit apc.php (a monitoring script included in most APC packages that can be moved to your webroot, but should not be left there after use) in your browser to see the current statistics. What you want to see is little to no fragmentation of the cache, and there should be some amount (at least 16–32 MB) of free space available. At this point, you should also see hit rates at or close to 100%. If your cache is totally full or showing high fragmentation, or if the full count is more than 0, you should increase the amount of memory allocated to APC. Continue increasing the memory allocation until the cache is left with free space; once the site has run for a few days without filling up the cache, you’re in good shape. It’s important to check on this periodically to be sure that the cache isn’t filling up or becoming fragmented.

Once your APC memory allocation has been set properly, there are many other configuration settings that allow some fine-tuning of how APC runs. As mentioned previously, these typically don’t need to change for most sites (especially if you are only running one Drupal web root on a server). The full list of APC runtime settings is available at http://www.php.net/manual/en/apc.configuration.php. A few of the most commonly customized are:

Again, it’s important to monitor APC status to ensure the cache does not fill or become too fragmented (usually fragmentation is caused by the cache being at or close to full). There are, for example, Munin scripts that scrape the APC stats from a local PHP script (a great candidate to live in an adminscripts directory!) and graph them over time. If you notice the usage approaching full on the APC cache, it’s likely that you’ll want to increase the cache size.

There are a few settings in php.ini that are important to consider when bringing up a site. The most important of these settings is memory_limit, which controls how much memory a single PHP process is allowed to consume. It is important to gauge this setting correctly because if a process consumes more than this amount of memory, it will error out at the point where it attempts to allocate more memory, and the entire page load will fail. For many Drupal sites, the maximum memory usage is somewhere around the 128 MB range. While it’s not uncommon for this to be set at 512 MB or 768 MB on larger websites, if you are using that much RAM in PHP, you may have a problem in your code that needs attention. The downside to setting this to a very large value is that a memory leak or “runaway” process can end up consuming quite a bit of system memory, potentially causing the server to run out of memory.

Watch the memory use of your PHP processes (or httpd processes if you’re running PHP as a module) to see how much they are using on average by running top and sorting by memory usage (type O to see sort options, then n to sort by resident memory). However, that just tells you what the current processes are doing and doesn’t tell you what the maximum usage may be. For a more precise view of PHP memory usage, consider enabling XHProf, described in Chapter 6, and use it to profile the different page types on your site. With this setting, it’s best to err on the large side because setting it too low will cause some user-visible errors with the site should you ever hit the limit.

The display_errors setting controls whether or not PHP errors will be shown on the output of the page where an error occurs. This is clearly something you want to disable on your production servers, but it can be very useful to enable on your development servers.

While you shouldn’t display errors to users on a production site, you likely want to keep track of errors if they do happen. For this reason there is a log_errors setting that controls whether or not errors are logged. If you are running PHP as an Apache module, setting this to On will log PHP errors to Apache’s error log.

Both display_errors and log_errors are selective about what types of errors they show. Both of them are affected by the error_reporting setting, which lets you define which types of errors to show/log and which to ignore. Settings here are applied bitwise, meaning you can combine different message types with “and,” “or,” and “not” in order to achieve the type of error reporting you desire. Generally on production servers, you would only care about actual errors and not about warnings, notices, or language deprecation messages. On development servers, it’s more useful to track everything so that you can see things like PHP notices when variables are used before being set, etc. php.ini files ship with a large section of comments explaining the various message types along with suggested settings for production versus development.

It’s also important to set the time zone in php.ini (or in your .htaccess file). As of PHP 5.3, a warning message will be sent when the date.timezone setting is unset—and importantly, it defaults to unset. Valid time zone values are listed here.

PHP is most commonly run as an Apache module called mod_php. This is the easiest way to run PHP, as it can be installed as a package that includes a very minimal Apache configuration to enable the module for PHP scripts. There are two main issues to understand when running mod_php:

It is possible to run PHP as an “external CGI,” which just boils down to having some way for httpd to call an external PHP process when it needs to execute PHP code. In order for this to work in production environments, you need to run a CGI manager such as mod_fastcgi to manage the PHP processes. This requires a bit of extra configuration over the built-in module, but you gain flexibility. For alternative web servers such as Nginx, you must run PHP as a CGI—more on this at the end of this chapter.

PHP now includes the FastCGI Process Manager, or FPM, also referred to as PHP-FPM. Prior to PHP-FPM, it was difficult to ensure PHP CGI processes shared an opcode cache, which was not great for performance. The addition of PHP-FPM allows its PHP processes to share a central APC cache, making it a stronger option for those who are looking for an alternative to running mod_php.

Many sites choose to skip the extra configuration needed to run PHP as a CGI binary, and instead stick with the default mod_php. mod_php can scale well and has the performance advantage of being in the same process space as Apache. However, it does add additional memory overhead in the httpd processes, and it’s not quite as tune-able as having PHP completely separated as a CGI. For example, in a PHP-FPM setup, you can limit the amount of memory and/or threads each FPM pool has available to it. If you need this extra configurability, are hosting multiple sites that need to run as different users, or cannot offload static file serving (such as by using Varnish or a CDN), FastCGI and PHP-FPM are options worth considering. For our purposes, we will continue to assume the use of mod_php since it is the most popular method to run PHP.

Apache is one of the most configurable and flexible HTTP servers in existence. It is in fact so configurable that you can even change its process model via your choice of multiprocessing module (MPM). The two major core MPMs are Prefork and Worker:

In most cases, the choice between these two modules is made for you. If you are using mod_php, you should use the Prefork module. There are many non-thread-safe PHP modules, and some are required by many Drupal installations. On the other hand, if you are running PHP as a CGI, you have the option of using Apache Worker and making Apache a bit more lightweight. The remainder of this chapter will assume the use of the Apache Prefork module using mod_php.

The Prefork module has a number of settings that control its behavior. Generally, the defaults for the settings controlling the number of spare servers to start and leave idle work fine for most sites. However, it’s important to focus on the settings that control the number of processes and how often they are cycled, as these are the settings that have the potential to bring your server crashing down if not configured correctly. They are:

((System RAM) – (RAM used by other processes)) /
    (httpd process size) = MaxClients

“RAM used by other processes” would take into account any other major services running on the web server, plus some amount for basic OS-level processes. Generally we use 512 MB as a rough estimate for OS resource needs, and then add any additional service requirements to that. This 512 MB estimate is intended to cover resources used by the kernel as well as periodic processes that may be run on the server. Long-running services should be analyzed separately.

As an example, suppose your web server is running Varnish, httpd, and no other major services. The server has 8 GB of RAM. Varnish is allocated 2 GB of memory. Your average httpd process is around 85 MB. To provide some safety in our estimate, we’ll round that up to 100 MB. In this case, we would calculate MaxClients as follows:

((8 GB System RAM) – (512 MB OS resources + 2 GB Varnish)) /
    (100 MB httpd process)
= 5632 MB / 100 MB
= 56.32

You should always round down at the end for safety, so you would end up with 56 as your MaxClients setting.

KeepAlive allows a client to reuse the same connection with the server multiple times instead of having to open up a new connection for each request. For example, if you had a web page with a number of images and CSS files all served locally, the client would download the web page and then reuse the same connection to download the images and CSS. This saves time and resources on both ends of the connection. However, there is a downside to using KeepAlive, which is that the server needs to keep connections open for a certain amount of time (defined by KeepAliveTimeout). This can lead to a lot of open connections sitting around waiting and not actually serving any content. For this same reason, KeepAlive can make it easier for someone to launch a denial of service (DoS) attack against your site—once there are enough connections open waiting for clients, no other requests to the site can be served.

To be clear, KeepAlive is very beneficial for client-side performance. However, it can bring down sites if misconfigured, or if enabled at all during large traffic spikes. This is one of the benefits of having a caching reverse proxy, such as Varnish, as it is far more capable of handling KeepAlive connections to clients without adversely impacting Apache stability.

If you choose to use KeepAlive, be sure to also look at the KeepAliveTimeout setting, which defines how long a process will wait for an idle client to send another request. The default KeepAliveTimeout is five seconds, which in most cases is rather high. Ideally, set this as low as possible without having it force new connections on existing clients. One or two seconds can work generally, but it’s worth a bit of trial and error to figure out the correct setting for your site and the majority of your visitors. Also, we highly recommend providing KeepAlive to clients through a proxy and not directly with Apache.

There are a number of headers that are used to inform client browsers and intermediate caches whether or not to cache content, and if so, for how long. Configuring these headers properly can make a difference in user-visible performance on your site. The headers you will want to keep an eye on when setting up a production site are ETags, Expires, Cache-Control, Last-Modified, and Vary. These headers work together to determine just how aggressively a client can cache a page or static file. We will discuss each of these headers individually:

Apache allows you to set multiple log outputs for different types of information, though the majority of sites are configured only with a general access log and an error log. Most often, in the case of multiple sites on a single server, logs are defined per-virtual host so that it’s easy to track information for each individual site.

The format of the log files can be defined using the ErrorLogFormat and LogFormat directives. Generally, the default ErrorLogFormat is fine for most sites, and for the access log, most sites use one of the log formats that comes predefined in default Apache configuration files—either “common” or “combined.” The combined log format adds header information for Referer and User-Agent. If you decide to use your own custom log format, you can define the format and give it a name using the LogFormat directive, and then refer to that name in a CustomLog directive:

LogFormat "%h \"%r\"" hostandrequest
CustomLog logs/request.log hostandrequest

This example defines a hostandrequest log format that includes only the remote host and the requested URL, and then uses that format to log to the file logs/request.log.

While the built-in Apache logging works great for many sites, it’s not quite as flexible as some sites require. For these situations, Apache supports using external logging tools. Cronolog is one example of an external logging application used in conjunction with Apache. It has some nice features, such as dynamic log file naming using date fields, making it possible to output to a log file with the current date in its filename. When the date changes, Cronolog will automatically start writing to a new file, meaning you get “built-in” log rotation as well as having log files nicely organized by date. Because new log files are written to every day, there’s no need to reload httpd to perform log rotation. You most likely will want to add your own scripts to compress these log files, and eventually to remove/archive them. The following is an example Apache configuration to use Cronolog:

ErrorLog "|/usr/sbin/cronolog /var/log/httpd/error/%Y%m%d-error.log"
CustomLog "|/usr/sbin/cronolog /var/log/httpd/access/%Y%m%d-access.log" common

You can add the following script to cron.daily on the server to compress old log files:

#!/bin/bash
export PATH="/usr/bin:/bin"

if [ -d /var/log/httpd ]; then
  find /var/log/httpd -name "*.log" -mtime +1 -exec gzip -9 "{}" ";"
fi

and this one to eventually remove them:

#!/bin/bash
export PATH="/usr/bin:/bin"

if [ -d /var/log/httpd ]; then
  find /var/log/httpd -name "*.log.gz" -mtime +60 -exec rm "{}" ";"
fi

There are a couple of places where Apache may output information about its version, and potentially version information for modules such as PHP. One of these is the “server signature” line that optionally shows up at the bottom of Apache-generated pages (e.g., 503 errors or directory listing pages); the other is the Server HTTP response header that gets sent by the server. Some people may consider this a security risk in that it makes it easy for potential attackers to know what software versions you are running and target you with specific attacks. Others would say that security through obscurity is not security at all, and if someone is dedicated enough, hiding information like this is only going to make it take a few minutes longer for them to figure out an attack. Whatever your view is, you may want to hide this information either for security reasons or just because you don’t like the way it looks to potential visitors.

The Server header and server signature lines are controlled by two different settings:

Often times, you’ll need to store various web-accessible scripts on a server used for monitoring or management. For example, it can be useful to have access to apc.php to review APC settings and statistics, but you typically don’t want to leave that in your publicly accessible web root. There are a couple of easy solutions for how to securely store those scripts: you can either use a locked-down directory or a separate virtualhost to store the scripts. In either case, securing the scripts directory using a list of authorized IPs and/or an htaccess username and password is critical.

Storing these types of scripts in their own separate directory has a couple of great benefits. First, you don’t need to temporarily copy files into your production web root and remove them when you’re done. (How many times have you copied a phpinfo() script or similar into the web root and then forgotten to remove it?) Secondly, keeping them in their own virtualhost or directory means they are easily accessible by authorized users (or monitoring scripts) at a permanent URL that you can use across all of your web servers.

An example administrative scripts directory configuration looks like this:

Alias /adminscripts /var/www/adminscripts
<Directory "/var/www/adminscripts">
    Options -Indexes
    AllowOverride None
    # Control who can get stuff from this directory.
    Order Allow,Deny
    Allow from 127.0.0.1
</Directory>

Apache’s web server, httpd, is the most popular web server in use today, and has been for many years. Recently, however, some other open source web servers have gained some traction. Nginx is one alternative to Apache’s httpd that has become very popular.

There are a number of reasons why you might consider using Nginx for your site instead of Apache. Nginx is newer, and there is a lot of discussion around the Internet suggesting that Nginx is generally faster and lighter, especially for serving static files. While some tests may back this up, it’s by no means conclusively faster for all requests. One thing that may make Nginx faster than Apache for serving static files in our default setup (using mod_php) is that with mod_php Apache would have a full PHP process in memory for each httpd process. Nginx doesn’t have to worry about this, because it relies on an external PHP setup. This is one reason we recommend offloading static file serving if you are using Apache and mod_php.

One of the main differences in Nginx is its event-based model for dealing with new connections. Instead of dedicating a process or thread to each request, this process model only services a request when an event triggers (data read from disk, etc.), and then moves on to another request. This model has become very popular recently, due to how efficient it can be when executed well. Apache 2.4 now includes the event MPM, which works somewhat similarly to Nginx.

The most common Nginx setup for Drupal involves using PHP-FPM (see PHP Apache Module Versus CGI), which provides a pool of PHP processes that Nginx connects to over a Unix or TCP socket. This architecture provides a method to scale and tune Nginx separately from the PHP processes, keeping the Nginx processes very lightweight and able to quickly serve static requests.