Tuning Apache (a)

 

(1) the relationship .Apache and Tomcat

　　Apache HTTPD Server and Apache Tomcat belong to the Apache open source project. Two can be used alone as a web server to use, but it has its own characteristics. Apache HTTPD general also referred to as the Apache .

　　Apache is the older static web server to support the project. The Tomcat is primarily used to support dynamic web project, interact with the database system. Of course, Tomcat can also be used to develop a static web system, but worse than the Httpd performance. Apache can of course also support dynamic web, because from the Apache modules, we can see a lot of modules to "mod _ *. So" in the name. These modules extend Apache's functionality, allowing it to serve the use of PHP, CGI and other server-side development language, but can not explain java program (jsp, serverlet). But it may be in communication with the Tomcat (one-way connection Apache Tomcat, the resource that is accessible via Tomcat Apache. Not vice versa)

　　Tomcat itself is typical of Java Servlet engines. It was used as a Java Servlet container Servlet life cycle management, never handle dynamic page requests, etc.. We can think of Tomcat is an extension of the apache.

　　Both are a container just released something different. html apache is the container, the same function as IIS, tomcat is jsp / servlet container, used to publish the JSP and JAVA, IBM has a similar webshere, EBA's Weblogic, sun of JRun, etc.

　　apache tomcat are independent and can be integrated on a single server through. Analogy: apache a truck, it can be installed on top of something, such as html and so on. But can not hold water, must be filled with water to the container (barrel), tomcat is a bucket (like water loaded JAVA), and this may not be placed on the bucket truck.

(2) Hide Apache Version Information

　　Hide the version number can effectively prevent hacker under the Apache version information, look up the corresponding vulnerability to attack.

　　Use curl -I [IP address or domain name] to view the response header, you can see the version of the Server, as viewed Baidu, Taobao, Tencent Server version, they have done a version of hide.

[root@youxi1 ~]# curl -I www.baidu.com| grep Server
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0   277    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
Server: bfe/1.0.8.18
[root@youxi1 ~]# curl -I www.taobao.com | grep Server
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0   278    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
Server: Tengine
[root@youxi1 ~]# curl -I www.tencent.com | grep Server
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
  0   189    0     0    0     0      0      0 --:--:-- --:--:-- --:--:--     0
Server: NWS_UGC_HY

　　Download Apache source package ( https://mirrors.aliyun.com/apache/httpd/ ) and upload before compiling the source code, modify the appropriate configuration files

[youxi1 the root @ ~] # the tar-2.4.39.tar.gz -C zxf the httpd / usr / local / the src / 
[the root youxi1 @ ~] # CD /usr/local/src/httpd-2.4.39/ 
[the root @ youxi1 httpd-2.4.39] # vim include / ap_release.h // modify the first 40 to 47 lines 
#define AP_SERVER_BASEVENDOR "IIS" // service provider name, formerly Software Foundation the Apache 
#define AP_SERVER_BASEPROJECT "IIS HTTP Server" / / services name, the original HTTP Server is the Apache 
#define AP_SERVER_BASEPRODUCT "IIS" // service product name, formerly the Apache 

#define AP_SERVER_MAJORVERSION_NUMBER 7 // major version number, the original 2 
#define AP_SERVER_MINORVERSION_NUMBER 0 // small version number, original to 4 
#define AP_SERVER_PATCHLEVEL_NUMBER 0 // patch level, formerly 39 
#define AP_SERVER_DEVBUILD_BOOLEAN 0

　　Then install dependencies, compiler installation

// install dependencies 
[the root @ youxi1 the httpd-2.4.39] # yum the install On Apr -Y-util On Apr-util-devel On Apr PCRE PCRE On Apr-devel-devel zlib zlib-devel OpenSSL OpenSSL devel-GCC 
// - enable -so supports dynamically loaded modules, - enable-rewrite support site address rewriting, - enable-ssl ssl encryption support - enable-deflate compressed before transmission support page, - enable-expires cached pages support setting time 
[root @ youxi1 httpd-2.4.39] # ./configure --prefix = / usr / local / apache2.4.39 --enable-so --enable-rewrite --enable-ssl --enable-deflate --enable- the Expires 
[root @ youxi1 httpd-2.4.39] # the make the make install && 
[root @ youxi1 httpd-2.4.39] # echo $? 
0

　　Generate a startup script to start and see.

[the root @ youxi1 the httpd-2.4.39] # CP /usr/local/apache2.4.39/bin/apachectl /etc/init.d/httpd 
[the root @ youxi1 the httpd-2.4.39] # CP / usr / local / apache2 .4.39 / bin / apachectl /etc/init.d/httpd 
[the root @ youxi1 the httpd-2.4.39] # /etc/init.d/httpd 
[the root @ youxi1 the httpd-2.4.39] # curl -I 192.168.5.101 
HTTP / 1.1 200 the OK 
a Date: Mon, 05 Aug 2019 06:56:57 GMT 
Server: IIS / 7.0.0 (Unix) // you can see here is IIS / 7.0.0 
Last-Modified: Mon, 11 Jun 18:53:14 GMT 2007 
the ETag: "2d-432a5e4a73a80" 
the Accept-Ranges: bytes 
Content-the Length: 45 
Content-Type: text / HTML

　　Note: At this point can not be used to set chkconfig boot from the start, because the lack of a key two lines . After following settings can only be set to boot from the start

[root @ youxi1 apache2.4.39] # vim /etc/init.d/httpd 
! # / bin / SH // add this line below, which is the first line below 
# chkconfig: 2345 64 36 // in the system which start mode, the boot sequence, closing sequence 
# description: apache // description 
[root @ youxi1 apache2.4.39] # systemctl daemon-reload // modify the boot file need to reload 
[root @ youxi1 apache2.4.39] # chkconfig --add httpd // added to chkconfig management 
[@ youxi1 the root apache2.4.39] # chkconfig --list the httpd 
the httpd 0: off 1: off 2: opening 3: On 4: opening 5: opening 6: off

　　May then also hidden system type and version number of the module

[root @ youxi1 apache2.4.39] # vim conf / the httpd.conf 
the Include conf / Extra / httpd-default.conf // line 490, the line is enabled 
[root @ youxi1 apache2.4.39] # vim conf / extra / httpd -default.conf 
ServerTokens Prod // line 55, does not show the type of server operating system 
ServerSignature Off // 65 line, do not display the web server module version number and version number. You need to be modified before apache2.4.

　　Reload the configuration and view results

[root @ youxi1 apache2.4.39] # /etc/init.d/httpd graceful // restart can, but will disconnect 
[root @ youxi1 apache2.4.39] # curl the -I 192.168.5.101 
HTTP / 1.1 200 the OK 
a Date : Mon, 05 Aug 2019 07:40:41 GMT 
server: // IIS server can see the type of Web server and version numbers are not the 
Last-Modified: Mon, 11 Jun 2007 18:53:14 GMT 
the ETag: "2D- 432a5e4a73a80 " 
the Accept-Ranges: bytes 
Content-the Length: 45 
Content-Type: text / HTML

(3) Modify the default user running apache

　　View user currently running the apache

[root@youxi1 apache2.4.39]# ps aux | grep httpd
root       1399  0.0  0.2  74924  2960 ?        Ss   14:56   0:00 /usr/local/apache2.4.39/bin/httpd
daemon     1702  0.0  0.4 429424  4724 ?        Sl   15:40   0:00 /usr/local/apache2.4.39/bin/httpd
daemon     1703  0.0  0.4 363888  4204 ?        Sl   15:40   0:00 /usr/local/apache2.4.39/bin/httpd
daemon     1704  0.0  0.4 363888  4204 ?        Sl   15:40   0:00 /usr/local/apache2.4.39/bin/httpd
root       1789  0.0  0.0 112724   996 pts/0    R+   15:49   0:00 grep --color=auto httpd

　　Modify the default user running apache

[root@youxi1 apache2.4.39]# useradd -M -s /sbin/nologin apache
[root@youxi1 apache2.4.39]# vim conf/httpd.conf
User apache　　//第167~168行
Group apache

　　Restart Apache, and check

[root@youxi1 apache2.4.39]# /etc/init.d/httpd graceful        
[root@youxi1 apache2.4.39]# ps aux | grep httpd               
root       1399  0.0  0.2  74924  2968 ?        Ss   14:56   0:00 /usr/local/apache2.4.39/bin/httpd
apache     1816  0.0  0.4 363888  4204 ?        Sl   15:58   0:00 /usr/local/apache2.4.39/bin/httpd
apache     1817  0.0  0.4 363888  4204 ?        Sl   15:58   0:00 /usr/local/apache2.4.39/bin/httpd
apache     1818  0.0  0.4 363888  4204 ?        Sl   15:58   0:00 /usr/local/apache2.4.39/bin/httpd
root       1901  0.0  0.0 112724   996 pts/0    R+   15:58   0:00 grep --color=auto httpd

(4) Modify the Apache directory and file permissions under

　　htdocs directory is the main Apache web store, modify their respective owners owning group

[root@youxi1 apache2.4.39]# chown apache:apache htdocs/ -R
[root@youxi1 apache2.4.39]# ll -sd htdocs/
0 drwxr-xr-x 2 apache apache 24 8月   5 14:23 htdocs/

(5). Guarantee Apache log file permissions for root

　　Since the recording Apache log is operated by the main Apache process, and the process is Apache's main root user-initiated, so this does not affect the output log. This is the safest way to log records.

[root@youxi1 apache2.4.39]# ll logs/
总用量 12
-rw-r--r-- 1 root root  142 8月   5 15:40 access_log
-rw-r--r-- 1 root root 1142 8月   5 15:58 error_log
-rw-r--r-- 1 root root    5 8月   5 15:58 httpd.pid
[root@youxi1 apache2.4.39]# ll -ds logs/
0 drwxr-xr-x 2 root root 58 8月   5 14:56 logs/

(6) using Apache log cutting cronlog

　　apache server, the default log file is not divided, a whole document is neither manageable nor easy to analyze statistics. cronolog filter is a simple program that reads the log file entries each entry from the standard input and output file name template and written to the specified log file and the current date and time. When the file name extension changes, the current file is closed, newly opened. cronolog and designed to be used with a Web server, such as Apache, split the access log into daily or monthly logs.

　　Installation cronlog

[root@youxi1 apache2.4.39]# yum -y install epel-release
[root@youxi1 apache2.4.39]# yum -y install cronolog

　　Configuring Apache to use cronlog

[root @ youxi1 apache2.4.39] # vim conf / the httpd.conf 
// 274, line 
ErrorLog "| / usr / sbin / cronolog /usr/local/apache2.4.39/logs/error_%Y%m%d.log" 
// 303 line 
    CustomLog "| / usr / sbin / cronolog /usr/local/apache2.4.39/logs/access_%Y%m%d.log" Combined 
[root @ youxi1 apache2.4.39] # / etc / the init. d / httpd Use the graceful 
[root @ youxi1 apache2.4.39] # LS logs / // this time will generate an immediate error log file 
access_log error_log error_20190806.log httpd.pid 
[root @ youxi1 apache2.4.39] # curl the -I 192.168.5.101 
HTTP 200 the OK /1.1 
a Date: Tue, 06 Aug 2019 02:07:23 GMT 
Server: IIS 
Last-Modified: Mon, 11 Jun 2007 18:53:14 GMT 
the ETag: "2d-432a5e4a73a80" 
the Accept-Ranges: bytes  
Content-the Length : 45
Content-Type : text / html
 
[root @ youxi1 apache2.4.39] # LS logs / access after the first // will generate access log file 
access_20190806.log access_log error_20190806.log error_log httpd.pid

(7) Error page

　　In order to enhance the site's user experience, to avoid the ugly default error message appears like 404,403. We need to optimize the error page, so that they become prettier. Error page that tells the user to access not only a problem, and the need to guide the user to the correct page.

　　Method a: assigned to the custom interface

[@ youxi1 the root apache2.4.39] # Vim the conf / the httpd.conf 
<Directory "/usr/local/apache2.4.39/htdocs"> // add a line in the row, the act line 223 
    the ErrorDocument 404 /404.html 
[root @ youxi1 apache2.4.39] # echo "This is 404.html"> htdocs / 404.html // create a test page 404 
[root @ youxi1 apache2.4.39] # /etc/init.d/httpd graceful // Reload

　　Tests for Windows

　　Method Two: Jump to a specific page

[@ youxi1 the root apache2.4.39] # Vim the conf / the httpd.conf 
<Directory "/usr/local/apache2.4.39/htdocs"> 
    the ErrorDocument http://www.baidu.com // 404 or the same position, but the path instead of outside the domain name address 
[root @ youxi1 apache2.4.39] # /etc/init.d/httpd graceful // reload

　　Windows test, you can see a direct jump to Baidu

(8). Enabling compression module

　　With the increase of website content and increase the amount of user traffic, the bandwidth of the site will continue to increase, along with the website is to increase the cost. And when the amount of content increases when the client if the bandwidth is small, it will affect the user experience. So from these two considerations, some of the content of the site must be compressed and then passed after the user, and then decompress the user client, the two sides to achieve win-win results.

　　Apache mod_deflate to use compression module, which provides the DEFLATE output filter, allowing compressed before the server sends the output to the client content to save bandwidth. Its core idea is to compress the file to the server and then transmitted, which can significantly reduce the size of the file transfer. When the transfer is completed, the client's browser will be re-compressed content to decompress. If no special circumstances, then, all the text should be gzip compression, such as: html (php), js, css, xml, txt and so on. Special situation is like on some of the home have a lot of js code of advertising, due to the need to visit each load and then conducted statistical information, so these tags js owner of the site does not go through gzip compression.

　　Also note that, although the compression module reduces bandwidth consumption, but increased CPU consumption.

　　Use command to see if the deflate module is installed, if the return deflate_module (static) is installed together when compiling the installation, if the return deflate_module (shared) is installed in the DSO.

[root@youxi1 apache2.4.39]# /usr/local/apache2.4.39/bin/apachectl -M | grep deflate

　　Note: Installation compile time, to keep --enable-deflate compiled; the DSO mode can be translated, may be used in the main Apache bin directory after installation after compilation server / apxs extension tool increases and the compiler.

　　Extended use apxs tool installation deflate module

[root @ youxi1 apache2.4.39] # LS /usr/local/src/httpd-2.4.39/modules/filters/mod_deflate.* 
/usr/local/src/httpd-2.4.39/modules/filters/mod_deflate.c 
/usr/local/src/httpd-2.4.39/modules/filters/mod_deflate.dep 
/usr/local/src/httpd-2.4.39/modules/filters/mod_deflate.dsp 
/usr/local/src/httpd-2.4 .39 / modules / Filters / mod_deflate.exp 
/usr/local/src/httpd-2.4.39/modules/filters/mod_deflate.la 
/usr/local/src/httpd-2.4.39/modules/filters/mod_deflate.lo 
/usr/local/src/httpd-2.4.39/modules/filters/mod_deflate.mak 
/usr/local/src/httpd-2.4.39/modules/filters/mod_deflate.o 
/usr/local/src/httpd-2.4 .39 / modules / Filters / mod_deflate.slo  
// - c option indicates that you need to perform compiling operation; -i option indicates the installation operation and installs one or more dynamically shared objects into the server's modules directory;
// - a option indicates that adding a LoadModule line to the httpd.conf file to activate this module, or if this row exists is enabled.
[root @ youxi1 apache2.4.39] # bin / apxs-CIA /usr/local/src/httpd-2.4.39/modules/filters/mod_deflate.c 
[root @ youxi1 apache2.4.39] # echo $? 
0 
[root @ apache2.4.39 youxi1] # LS modules / mod_deflate.so 
modules / mod_deflate.so // see if there deflate module 
[root @ youxi1 apache2.4.39] # vim conf / the httpd.conf 
LoadFile /usr/lib64/libz.so // Add 
LoadModule deflate_module modules / mod_deflate.so // add a line at the top of the line, the behavior line 106 
[root @ youxi1 apache2.4.39] # bin / apachectl -M | grep the deflate 
deflate_module (Shared) // show this is a successful installation the

　　Then deflate module configuration parameters

[@ youxi1 the root apache2.4.39] # Vim the conf / the httpd.conf 
// after the line 158 is added, i.e. added after the LoadModule large segment 
<IfModule mod_deflate.c> 
   DeflateCompressionLevel. 9 // compression level, the value 1 9,9 is the highest, the higher the degree of compression, the greater the CPU consumption, or 6 is generally used. 8 
   SetOutputFilter the DEFLATE // enable compression 
   DeflateFilterNote input instream // declare input stream 
   DeflateFilterNote output outstream // declare an output stream 
   DeflateFilterNote ratio ratio // declaration compression The percentage 
   AddOutputFilterByType DEFLATE text / html text / plain text / xml text / css application / javascript // declare the type of compression 
</ IfModule> 
[root @ youxi1 apache2.4.39] # /etc/init.d/httpd Use the graceful // reload 
[ root @ youxi1 apache2.4.39] # cp conf / httpd.conf htdocs / httpd.html // generate a test page 
[root @ youxi1 apache2.4.39] # ll -h htdocs / httpd.html // view the test page size 
-rw-r - r-- 1 root root 19K . 8 dated 6 15:47 htdocs / httpd.html　

　　This time using a 360 browser plug-ins installed YSLOW, log test page (speed mode), and then open the Components option YSLOW plug-in, you can see the original size 19.1K, 6.3K size after compression.

　　Note: a production environment, when enabled mod_deflate, for the image file format is too small and some of them do not compress, the more likely the greater the pressure.

　　All can be compressed file types: text / plain, text / html, text / php, text / xml, text / css, text / javascript, application / xhtml + xml, application / xml, application / rss + xml, application / atom_xml , application / x-javascript, application / x-httpd-php, image / svg + xml, image / gif, image / png, image / jpe, image / swf, image / jpeg, image / bmp.

(9) Enable the Web cache module

　　Mod_deflate module is enabled by compression, saving the company from a largely bandwidth and reduce business costs. However, because more and more images, scripts, css and flash are embedded in the page when a customer visits the site is bound to do http request many times, so we can also set ExpiresHeader by mod_expires caching module to cache these files.

　　Expires is to specify a particular type of file caching time to visit is in the header of the message through. Usually, most of our pictures, flash after release is not often change, so after doing a cache tour is the first time, you do not need to download these files from the tour but directly from the server after download from the server read the cache. Speed ​​access page so that customers will greatly accelerate the company's bandwidth pressure also eased.

　　Use command to see if the module is installed expires, if the return expires_module (static) is installed together when compiling the installation, if the return expires_module (shared) is installed in the DSO.

[root@youxi1 apache2.4.39]# bin/apachectl -M | grep expires

　　注意：编译时安装方法，在编译时跟上--enable-expires即可；DSO方式可以在编译服务器之后编译，也可以在安装完成后使用Apache主目录下的bin/apxs扩展工具编译并增加。

　　使用apxs扩展工具安装deflate模块

[root@youxi1 apache2.4.39]# ls /usr/local/src/httpd-2.4.39/modules/metadata/mod_expires.*
/usr/local/src/httpd-2.4.39/modules/metadata/mod_expires.c
/usr/local/src/httpd-2.4.39/modules/metadata/mod_expires.dep
/usr/local/src/httpd-2.4.39/modules/metadata/mod_expires.dsp
/usr/local/src/httpd-2.4.39/modules/metadata/mod_expires.exp
/usr/local/src/httpd-2.4.39/modules/metadata/mod_expires.la
/usr/local/src/httpd-2.4.39/modules/metadata/mod_expires.lo
/usr/local/src/httpd-2.4.39/modules/metadata/mod_expires.mak
/usr/local/src/httpd-2.4.39/modules/metadata/mod_expires.o
/usr/local/src/httpd-2.4.39/modules/metadata/mod_expires.slo
//-c选项表明需要执行编译操作；-i选项表明需要执行安装操作，以安装一个或多个动态共享对象到服务器的modules目录；
//-a选项表明增加一个LoadModule行到httpd.conf文件中，以激活此模块，或者如果此行存在则启用。
[root@youxi1 apache2.4.39]# bin/apxs -cia /usr/local/src/httpd-2.4.39/modules/metadata/mod_expires.c
[root@youxi1 apache2.4.39]# echo $?
0
[root@youxi1 apache2.4.39]# ls /usr/local/apache2.4.39/modules/mod_expires.so
/usr/local/apache2.4.39/modules/mod_expires.so　　//查看是否存在expires模块
[root@youxi1 apache2.4.39]# bin/apachectl -M | grep expires
 expires_module (shared)　　//显示这个表示安装成功

　　接着配置expires模块参数

[root@youxi1 apache2.4.39]# vim conf/httpd.conf
//如果想要全局启用expires模块参数，一样可以在LoadModule大段结束后添加（第158行左右）
//如果只想某个目录配置，可以将expires模块参数加入到对应目录的<Directory></Directory>标签内
//甚至可以针对虚拟主机配置，将expires模块参数加入到对应虚拟主机的<VirtualHost></VirtualHost>标签内
<IfModule mod_expires.c>
    ExpiresActive on
    ExpiresDefault "access plus 12 month"
    ExpiresByType text/html "access plus 12 months"
    ExpiresByType text/css "access plus 12 months"
    ExpiresByType image/gif "access plus 12 months"
    ExpiresByType image/jpeg "access plus  12 months"
    ExpiresByType image/jpg "access plus 12 months"
    ExpiresByType image/png "access plus 12 months"
    EXpiresByType application/x-shockwave-flash "access plus 12 months"
    EXpiresByType application/x-javascript "access plus 12 months"
    ExpiresByType video/x-flv "access plus 12 months"
</IfModule>
[root@youxi1 apache2.4.39]# /etc/init.d/httpd graceful　　//重新加载

参数说明：

　　ExpiresDefault "<base> [plus] {<number> <type>}"

　　ExpiresByType "<base> [plus] {<number> <type>}"

　　<base>的参数有3个：access，now（等价于‘access’），modification（最后修改日期）

　　plus（加上）关键字是可选的。

　　<num>必须是整数，确保可以atoi()所接收。（atoi可以把字符串转换成长整型数）

　　<type>参数类型：years，months，weeks，days，hours，minutes，seconds

注意：如果你使用基于最后修改日期的设置，“Expires”头将不会被添加到那些并非来自于硬盘文件的内容，这是因为这些内容并不存在“最后修改时间”的属性。基准时刻可以是源文件的最后修改时刻或者客户端对源文件的访问时刻，至于使用那一个则由<code>指定。“M”表示源文件的最后修改时刻，“A”表示客户端对源文件的访问时刻，需要注意的是<code>和seconds之间没有空格。这两个基准的差别是很微妙的。如果使用“M”，所有当前缓存中的文档副本都将在同一时刻过期，这个可能对定期更新的URL（比如位于同一位置的每周通告）很有好处。如果使用“A”，则每个客户端所得到的有效期是不一样的，这个可能对那些几乎不更新的图片很有好处，特别是对于一组都引用相同图片的相关文档。

　　再次使用360浏览器打开测试页面，然后打开YSLOW，可以看到出现缓存时间了，时间到2020年7月31日。

　　缓存的优点：1.缩短服务的响应时间；2.减轻服务器负担；3.减少网络带宽使用量，降低企业成本。

　　缓存的缺点：由于使用了缓存设置，导致被缓存的内容更新了，但是客户看到的却还是旧的。针对此缺点可以缩短缓存时间（例如1天）或对缓存的对象改名。

(10).启用长链接

　　打开长链接后，会保持连接，减少三次握手，但是会消耗内存。是否打开，取决于单位时间内是否进行多次连接(三次握手)，一个连接有多次请求的，建议打开,并适当调整KeepAliveTimeout时间。

　　在Apache的httpd.conf中，KeepAlive指的是保持连接活跃，如果将KeepAlive设置为On，那么来自同一客户端的请求就不需要再一次连接，避免每次请求都要新建一个连接而加重服务器的负担。当然KeepAlive的连接活跃时间受KeepAliveTimeOut限制的。如果第二次请求和第一次请求之间超过KeepAliveTimeOut的时间的话，第一次连接就会中断，再新建第二个连接。

　　所以，一般情况下，图片较多的网站应该把KeepAlive设为On。但是KeepAliveTimeOut应该设置为多少秒就是一个值得讨论的问题了。如果KeepAliveTimeOut设置的时间过短，例如设置为1秒，那么APACHE就会频繁的建立新连接，当然会耗费不少的资源；反过来，如果KeepAliveTimeOut设置的时间过长，例如设置为300秒，那么APACHE中肯定有很多无用的连接会占用服务器的资源，也不是一件好事。所以，到底要把KeepAliveTimeOut设置为多少，要看网站的流量、服务器的配置而定。

　　修改长链接配置

[root@youxi1 apache2.4.39]# vim conf/httpd.conf
Include conf/extra/httpd-default.conf　　//启用这一行，搜索一下吧，大概在第500行左右
[root@youxi1 apache2.4.39]# vim conf/extra/httpd-default.conf
Timeout 60　　//第10行，接收一个GET的请求时间；POST或PUT请求时接收两个TCP包之间的时间；应答TCP包传输中两个ACK包之间的时间。默认10
KeepAlive On　　//第16行，默认是开启的
MaxKeepAliveRequests 100　　//第23行，一个长链接的最大请求数，超过将会断开重新连接，默认100
KeepAliveTimeout 30　　//第29行，修改下超时时间，单位秒，默认5秒