Networking and Addresses | The Book of Webmin: Or How I Learned to Stop Worrying and Love UNIX

This section is for configuring the network addresses and ports where Apache will listen, and some other access limits, timeouts, and queue options (Figure 7-2).

click to expand
Figure 7-2: Networking and Addresses

Listen on addresses and ports

This option defines the addresses and ports where Apache will listen for requests. The default is to listen on port 80 on all addresses, and this is often all that is needed. Port 80 is the standard port for web traffic and should generally be used for all normal web traffic. It is also possible to configure multiple Apaches to run on the same machine with different global configurations on different ports or addresses. Also, because ports below 1024 are privileged ports, regular users running Apache without administrator access will have to run it on a nonstandard port. 8080 is a common port for web servers run by unprivileged system users who cannot bind to port 80. A good overview of these options can be found at Setting which addresses and ports Apache uses [http://www.apache.org/docs/bind.html]. These options correlate to the Listen [http://www.apache.org/docs/mod/core.html#listen] and Port [http://www.apache.org/docs/mod/core.html#port] directives.

Multiple requests per connection

When KeepAlive [http://www.apache.org/docs/mod/core.html#keepalive] is enabled the server will support persistent connections, which can result in improved performance and a generally better experience for the end user. This option sets the maximum number of requests to be handled per client connection. If set to 0, the server will impose no limit on the number of requests during a single connection. This option correlates to the MaxKeepAliveRequests [http://www.apache.org/docs/mod/core.html#maxkeepaliverequests] directive. The default is usually 100.

Caution

If you develop websites, resist the temptation to rely on persistent connections to maintain state. An unfortunate effect of persistent connections becoming available on most browser clients, as well as most web servers, is that some web application and commerce site developers have attempted to use a long-lasting persistent connection to maintain the shopping cart or other state information of the user. This seemingly easy method of keeping up with users is fraught with problems in the real world, and the time spent doing it right using back-end storage and cookies or similar session ID information will be well rewarded in the decrease of support problems you run into. Problems caused by the abuse of persistence include older web proxies that do not support persistence breaking the connection and causing your application to not work for anyone behind such a proxy. Even some network address translation devices and load balancing systems can cause mysterious failures of the site. It is also an inefficient use of resources, potentially leading to many more server processes running than are necessary to service requests.

Keep-alive timeout

The number of seconds Apache will wait for a subsequent request before closing a connection. This option edits the KeepAliveTimeout [http://www.apache.org/docs/mod/core.html#keepalivetimeout] directive. The default is 15 seconds. A too large value for this directive may lead to performance problems, as many clients may hold open idle connections to Apache processes that cannot exit or process requests for other users, thus they take up resources but remain idle.

Listen queue length

The maximum length of the queue of pending connections. Generally no tuning is needed or desired, however on some systems it is desirable to increase this when under a TCP SYN flood attack. As discussed in the Processes and Limits section, the listen queue is where requests that cannot be served immediately end up. If this number is exceeded, subsequent requests will be dropped. Correlates to the ListenBacklog [http://www.apache.org/docs/mod/core.html#listenbacklog] directive.

Addresses for name virtual servers

This option is used to configure the IP address on which Apache will listen for requests to virtual servers. Virtual servers are name-based servers, wherein several different domain names can answer on the same IP address. For example, I run two test servers on my local network. One is named liberty while the other is named constitution. Both run on the same server, but they answer on different named addresses and provide different root directories. So a visit to each will bring up different web pages. This, of course, works for real domain names as well (www.nostarch.com or www.swelltech.com, for example). Note that your DNS server, or the DNS server that is authoritative for the domain you wish to run virtual servers on, will also have to have entries for each virtual server you run that resolves to the IP of your server. It is also possible to specify a different port for a given name virtual server to listen on, by appending the port following a colon (i.e., 192.168.1.1:8080) would cause Apache to listen on port 8080 on the given IP. This option affects the NameVirtualHost [http://www.apache.org/docs/mod/core.html#namevirtualhost ] directive. A tutorial on setting up Apache virtual hosts is provided later in this chapter. Another good source of information on virtual servers in Apache is the Apache Virtual Host documentation [http://www.apache.org/docs/vhosts/index.html].

TCP send buffer size

Sets the size of the send buffer for TCP packets. It is usually safe to leave this at the default, which is determined by the default of your operating system. This option edits the SendBufferSize [http://www.apache.org/docs/mod/core.html#sendbuffersize] directive.

Request timeout

Defines the maximum number of seconds that Apache will wait for a request after a connection has been established. Correlates to the TimeOut [http:// www.apache.org/docs/mod/core.html#timeout] directive.