Posted on November 21, 2013 at 5:13 pm
In my opinion, Lighttpd + PHP5-CGI is the best arsenal for high traffic websites.
Install the needed packages:
apt-get install mysql-server lighttpd php5-cgi php5-mysql |
The default WWW path for Lighttpd is:
/var/www/ |
The configuration file is located here:
/etc/lighttpd/lighttpd.conf |
Edit the php.ini file:
vi /etc/php5/cgi/php.ini |
And uncomment:
[...] cgi.fix_pathinfo = 1 |
Edit the lighttpd.conf file:
vi /etc/lighttpd/lighttpd.conf |
Enable needed modules:
server.modules = ( "mod_access", "mod_alias", "mod_compress", "mod_redirect", "mod_rewrite", "mod_accesslog", "mod_fastcgi", ) |
Append the following lines to configure fastCGI:
fastcgi.server = ( ".php" => (( "bin-path" => "/usr/bin/php5-cgi", "socket" => "/tmp/php.socket", "max-procs" => 6, "bin-environment" => ( "PHP_FCGI_CHILDREN" => "20", "PHP_FCGI_MAX_REQUESTS" => "10000" ), "bin-copy-environment" => ( "PATH", "SHELL", "USER" ), "broken-scriptfilename" => "enable" ))) |
To hide the server signature in the HTTP response header, add this line:
server.tag = "Private Server" |
To increase the max connections limit on high traffic websites, add:
server.max-fds = 8192 server.max-connections = 4096 |
Protect .htaccess and .htpasswd files:
url.access-deny = ( "~", ".inc", ".htaccess", ".htpasswd" ) |
The final lighttpd.conf file should look like this:
server.modules = ( "mod_access", "mod_alias", "mod_compress", "mod_redirect", "mod_rewrite", "mod_accesslog", "mod_fastcgi", ) server.document-root = "/var/www" server.upload-dirs = ( "/var/cache/lighttpd/uploads" ) server.errorlog = "/var/log/lighttpd/error.log" server.pid-file = "/var/run/lighttpd.pid" server.username = "www-data" server.groupname = "www-data" server.port = 80 server.tag = "Private Server" server.max-fds = 8192 server.max-connections = 4096 index-file.names = ( "index.php", "index.html", "index.lighttpd.html" ) url.access-deny = ( "~", ".inc", ".htaccess", ".htpasswd", "password.txt", "username.txt", "login.txt" ) static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" ) compress.cache-dir = "/var/cache/lighttpd/compress/" compress.filetype = ( "application/javascript", "text/css", "text/html", "text/plain" ) # default listening port for IPv6 falls back to the IPv4 port include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port include_shell "/usr/share/lighttpd/create-mime.assign.pl" include_shell "/usr/share/lighttpd/include-conf-enabled.pl" fastcgi.server = ( ".php" => (( "bin-path" => "/usr/bin/php5-cgi", "socket" => "/tmp/php.socket", "max-procs" => 5, "bin-environment" => ( "PHP_FCGI_CHILDREN" => "40", "PHP_FCGI_MAX_REQUESTS" => "10000" ), "bin-copy-environment" => ( "PATH", "SHELL", "USER" ), "broken-scriptfilename" => "enable" ))) |
To add vhosts, add this line:
include "test.com.conf" |
Create the file test.com.conf in this directory:
/etc/lighttpd/ |
Add this text in test.com.conf:
$HTTP["host"] =~ "test\.com" { server.document-root = "/var/www/test.com/html" accesslog.filename = "/var/www/test.com/logs/access.log" } |
If you want to filter access logs, for example to not log images, javascript and css files, use:
$HTTP["host"] =~ "test\.com" { server.document-root = "/var/www/test.com/public" $HTTP["url"] !~ "(\.css|\.jpg|\.js|\.ico|\.png|\.jpeg|\.gif)$" { accesslog.filename = "/var/www/test.com/logs/access.log" } } |
Create directories needed for the vhost:
mkdir -p /var/www/test.com/html mkdir -p /var/www/test.com/logs |
Restart Lighttpd:
/etc/init.d/lighttpd restart |
All errors generated by Lighttpd are saved, by default, in this file:
/var/log/lighttpd/error.log |
Make sure the path /var/www/ is owned by your web server user ( www-data or lighttpd):
chown -R www-data:www-data /var/www |
Useful links
Documentation :: Module: mod_fastcgi
Increase the number of open files under Linux
Install jessie packages on wheezy
Updated on December 11, 2013 at 7:31 pm
Other Posts
- Route OpenVPN Connections Through Floating IP
- How to Configure a Floating IP in a VPS (Hetzner)
- Set OpenVPN to Listed on a Specific IP Address
- Bash Trim Leading and Trailing Whitespace from a String
- Bash Get Name of Ethernet Network Interface
- VPN Providers with Dedicated Static IP Address
- OpenVPN Iptables Rules
- WireGuard VPN Iptables Rules
Updated Posts
- AMD Chipsets & Graphics Card Drivers for Windows 7, 8, 10
- AMD Radeon 7400 Drivers for Windows 10
- How to pass custom command-line parameters in InnoSetup
- Add Desktop shortcut for all Windows PC users
- Programmatically create desktop icon with InnoSetup
- GeneratePress - a Lightweight WordPress Theme 2021
- InnoSetup disable DesktopIcon via command-line
- Use cURL to authenticate with JWT Bearer tokens