Download Apache Security - Ivan Ristic - Oreilly - 2005 - My E

StartServers 5
# allow a max of 150 clients at any given time
MaxClients 150
# allow unlimited requests per server
MaxRequestsPerChild 0
You may want to lower the maximal number of
clients (MaxClients) if your server does not have enough memory to handle 150 Apache instances
at one time.
You should make a habit of putting a limit on the maximal number of requests served by one server instance, which is unlimited by default in
Apache 1 (as indicated by the 0 MaxRequestsPerChild value) but set to 10000 in Apache 2. When a server instance reaches the limit, it will be shut
down and replaced with a fresh copy. A high value such as 1000 (or even more) will not affect web server operation but will help if an Apache
module has a memory leak. Interestingly, when the Keep-Alive feature (which allows many requests to be performed over a single network
connection) is used, all requests performed over a single Keep-Alive connection will be counted as one for the purposes of MaxRequestsPerChild
handling.
Apache 2 introduces the concept of multiprocessing modules (MPMs), which are special-purpose modules that determine how request processing
is organized. Only one MPM can be active at any one time. MPMs were introduced to allow processing to be optimized for each operating system
individually. The Apache 1 processing model (multiple processes, no threads, each process handling one request at one time) is called prefork, and
it is the default processing model in Apache 2 running on Unix platforms. On Windows, Apache always runs as a single process with multiple
execution threads, and the MPM for that is known as winnt. On Unix systems running Apache 2, it is possible to use theworker MPM, which is a
hybrid, as it supports many processes each with many threads. For the worker MPM, the configuration is similar to the following (refer to the
documentation for the complete description):
# the maximum number of processes
ServerLimit 16
# how many processes to start with
StartServers 2
# how many threads per process to create
ThreadsPerChild 25
# minimum spare threads across all processes
MinSpareThreads 25
# maximum spare threads across all processes
MaxSpareThreads 75
# maximum clients at any given time
MaxClients 150
Since the number of threads per process is fixed, the Apache worker MPM will change the number of active processes to obey the minimum and
maximum spare threads configured. Unlike with the prefork MPM, the MaxClients directive now controls the maximum number of active threads at
any given time.
2.2.7. Preventing Information Leaks