Posted on November 21, 2013 at 5:13 pm
In my opinion, Lighttpd + PHP5-CGI is the best arsenal for high traffic websites.
Install the needed packages:
apt-get install mysql-server lighttpd php5-cgi php5-mysql |
The default WWW path for Lighttpd is:
/var/www/ |
The configuration file is located here:
/etc/lighttpd/lighttpd.conf |
Edit the php.ini file:
vi /etc/php5/cgi/php.ini |
And uncomment:
[...] cgi.fix_pathinfo = 1 |
Edit the lighttpd.conf file:
vi /etc/lighttpd/lighttpd.conf |
Enable needed modules:
server.modules = (
"mod_access",
"mod_alias",
"mod_compress",
"mod_redirect",
"mod_rewrite",
"mod_accesslog",
"mod_fastcgi",
) |
Append the following lines to configure fastCGI:
fastcgi.server = ( ".php" => ((
"bin-path" => "/usr/bin/php5-cgi",
"socket" => "/tmp/php.socket",
"max-procs" => 6,
"bin-environment" => (
"PHP_FCGI_CHILDREN" => "20",
"PHP_FCGI_MAX_REQUESTS" => "10000"
),
"bin-copy-environment" => (
"PATH", "SHELL", "USER"
),
"broken-scriptfilename" => "enable"
))) |
To hide the server signature in the HTTP response header, add this line:
server.tag = "Private Server" |
To increase the max connections limit on high traffic websites, add:
server.max-fds = 8192 server.max-connections = 4096 |
Protect .htaccess and .htpasswd files:
url.access-deny = ( "~", ".inc", ".htaccess", ".htpasswd" ) |
The final lighttpd.conf file should look like this:
server.modules = (
"mod_access",
"mod_alias",
"mod_compress",
"mod_redirect",
"mod_rewrite",
"mod_accesslog",
"mod_fastcgi",
)
server.document-root = "/var/www"
server.upload-dirs = ( "/var/cache/lighttpd/uploads" )
server.errorlog = "/var/log/lighttpd/error.log"
server.pid-file = "/var/run/lighttpd.pid"
server.username = "www-data"
server.groupname = "www-data"
server.port = 80
server.tag = "Private Server"
server.max-fds = 8192
server.max-connections = 4096
index-file.names = ( "index.php", "index.html", "index.lighttpd.html" )
url.access-deny = ( "~", ".inc", ".htaccess", ".htpasswd", "password.txt", "username.txt", "login.txt" )
static-file.exclude-extensions = ( ".php", ".pl", ".fcgi" )
compress.cache-dir = "/var/cache/lighttpd/compress/"
compress.filetype = ( "application/javascript", "text/css", "text/html", "text/plain" )
# default listening port for IPv6 falls back to the IPv4 port
include_shell "/usr/share/lighttpd/use-ipv6.pl " + server.port
include_shell "/usr/share/lighttpd/create-mime.assign.pl"
include_shell "/usr/share/lighttpd/include-conf-enabled.pl"
fastcgi.server = ( ".php" => ((
"bin-path" => "/usr/bin/php5-cgi",
"socket" => "/tmp/php.socket",
"max-procs" => 5,
"bin-environment" => (
"PHP_FCGI_CHILDREN" => "40",
"PHP_FCGI_MAX_REQUESTS" => "10000"
),
"bin-copy-environment" => (
"PATH", "SHELL", "USER"
),
"broken-scriptfilename" => "enable"
))) |
To add vhosts, add this line:
include "test.com.conf" |
Create the file test.com.conf in this directory:
/etc/lighttpd/ |
Add this text in test.com.conf:
$HTTP["host"] =~ "test\.com" {
server.document-root = "/var/www/test.com/html"
accesslog.filename = "/var/www/test.com/logs/access.log"
} |
If you want to filter access logs, for example to not log images, javascript and css files, use:
$HTTP["host"] =~ "test\.com" {
server.document-root = "/var/www/test.com/public"
$HTTP["url"] !~ "(\.css|\.jpg|\.js|\.ico|\.png|\.jpeg|\.gif)$" {
accesslog.filename = "/var/www/test.com/logs/access.log"
}
} |
Create directories needed for the vhost:
mkdir -p /var/www/test.com/html mkdir -p /var/www/test.com/logs |
Restart Lighttpd:
/etc/init.d/lighttpd restart |
All errors generated by Lighttpd are saved, by default, in this file:
/var/log/lighttpd/error.log |
Make sure the path /var/www/ is owned by your web server user ( www-data or lighttpd):
chown -R www-data:www-data /var/www |
Useful links
Documentation :: Module: mod_fastcgi
Increase the number of open files under Linux
Install jessie packages on wheezy
Updated on December 11, 2013 at 7:31 pm
Other Posts
- Route OpenVPN Connections Through Floating IP
- How to Configure a Floating IP in a VPS (Hetzner)
- Set OpenVPN to Listed on a Specific IP Address
- Bash Trim Leading and Trailing Whitespace from a String
- Bash Get Name of Ethernet Network Interface
- VPN Providers with Dedicated Static IP Address
- OpenVPN Iptables Rules
- WireGuard VPN Iptables Rules
Updated Posts
- AMD Chipsets & Graphics Card Drivers for Windows 7, 8, 10
- AMD Radeon 7400 Drivers for Windows 10
- How to pass custom command-line parameters in InnoSetup
- Add Desktop shortcut for all Windows PC users
- Programmatically create desktop icon with InnoSetup
- GeneratePress - a Lightweight WordPress Theme 2021
- InnoSetup disable DesktopIcon via command-line
- Use cURL to authenticate with JWT Bearer tokens