Skip to content

Jesses Software Engineering Blog

Oct 25

Jesse

Disable Apache Modules

The Apache web server operates by using a combination of modules. The modules are used by the Apache core and do not interact with one another, each offering unique functionality. Depending on which OS you are using, there is likely many Apache modules that are enabled by default that you do not need. Disabling this modules can have performance benefits for your web server, including the use of less resources and memory.

Depending on your OS there will be different ways to disable the Apache modules. When disabling modules be very careful not to disable modules that your web application rely on. Its best to disable modules one, or a couple at a time, to verify that the modules were not in use. It is also important to monitor the Apache errors logs, as defined in httpd.conf, for additional error oupt. This is a very brief outline of the different modules, and the ones typically required to run web applications. All modules should be researched further before disabling.

Commonly Used Modules

mod_authz_host – Needed to use the Allow Deny Order directives

mod_expires – Used for caching HTTP headers

mod_deflate – Compress server response before being delivered to the client

mod_headers – Allows for header manipulation

mod_mime – Associates the requested filename’s extensions with the file’s behavior, allows for the directive AddEncoding to allow for different encodings for different files

mod_mime_magic – Tries to determine the mime type for encoding purposes, define as many as possible with mod_mime to limit the amount of guessing mime_magic needs to do

mod_setenvif – Used for browser matching directives, setting of vars based on request characteristics, needed for setting up conditional directives

mod_autoindex – Needed for IndexOptions directives

mod_dir – Needed for DirectoryIndex directives

mod_rewrite – Provides a rule-based rewriting engine to rewrite requested URLs, used by most MVC frameworks

Uncommon Modules

While some of theses modules can be useful in some circumstances, in general they are not needed for most web applications. Also it is important to note that while a lot of the functionality sounds useful, there are often less expensive ways to achieve the same goals. Alternatively, module functionality can be used conditionally, such as the logging and status modules during server benchmarking, and then turned off when not needed.

auth_* / authz_* – Unless you’re using Apache authorization, these can be disabled

mod_include – Enables server side includes using the Includes directive

mod_ldap – Improves performance for connections to LDAP servers

mod_env – Modifies the environment which is passed to CGI scripts and SSI pages

mod_ext_filter – Passes the response body through an external program before delivery to the client

mod_usertrack – Clickstream logging of user activity on a site

mod_dav – Distributed Authoring and Versioning functionality via HTTP

mod_vhost_alias – For dynamically configured mass virtual hosting

mod_info – Provides a comprehensive overview of the server configuration

mod_negotiation – Content negotiation, or more accurately content selection, the selection of the document that best matches the clients capabilities

mod_actions – Executing CGI scripts based on media type or request method

mod_spelling – Attempts to correct mistaken URLs that users might have entered by ignoring capitalization

mod_userdir – User specific directories

mod_alias – Used with mapping different parts of the host filesystem and for URL redirection i.e. /errors/afas ->errors, needed for the RedirectMatch directive

mod_substitute – Performs search and replace operations on response bodies

mod_proxy* – Enables an Apache proxy server

mod_cache/mod_disk_cache – Content cache keyed to URIs

mod_suexec – Allows CGI scripts to run as a specified User and Group

mod_version – Allows for version dependent configuration

mod_log_config / mod_logio – Various logging functionality

mod_status – Provides information on server activity and performance

Blog Powered By Wordpress