Urgently need Litespeed Enterprise Settings for high traffic site

Discussion in 'General' started by thecerial, May 8, 2008.

  1. thecerial

    thecerial New Member

    Hi,

    we have bought a 4 core licence for Litespeed enterprise and we are having about 100K unique user a day. We urgently need some settings for our server.
    Mr. Torsten Morgenroth has bought the licences.

    I please you to give me some settings to start with because i often get "Site could not be loaded" in firefox when contacting our servers.


    Please Help us.

    Currently we have following Settings:

    Code:
    <?xml version="1.0" encoding="UTF-8"?>
    <httpServerConfig>
      <serverName>s15286895</serverName>
      <user>www-data</user>
      <group>www-data</group>
      <priority>0</priority>
      <chrootPath>/</chrootPath>
      <enableChroot>0</enableChroot>
      <inMemBufSize>200M</inMemBufSize>
      <swappingDir>/tmp/lshttpd/swap</swappingDir>
      <autoRestart>1</autoRestart>
      <autoFix503>1</autoFix503>
      <loadApacheConf>0</loadApacheConf>
      <mime>$SERVER_ROOT/conf/mime.properties</mime>
      <showVersionNumber>0</showVersionNumber>
      <autoUpdateInterval>86400</autoUpdateInterval>
      <autoUpdateDownloadPkg>1</autoUpdateDownloadPkg>
      <adminEmails>thecerial@gmail.com</adminEmails>
      <adminRoot>$SERVER_ROOT/admin/</adminRoot>
      <logging>
        <log>
          <fileName>$SERVER_ROOT/logs/error.log</fileName>
          <logLevel>DEBUG</logLevel>
          <debugLevel>0</debugLevel>
          <rollingSize>2047M</rollingSize>
          <enableStderrLog>1</enableStderrLog>
        </log>
        <accessLog>
          <fileName>$SERVER_ROOT/logs/access.log</fileName>
          <pipedLogger></pipedLogger>
          <logFormat></logFormat>
          <logHeaders>7</logHeaders>
          <rollingSize>2047M</rollingSize>
          <keepDays>30</keepDays>
          <compressArchive>0</compressArchive>
        </accessLog>
      </logging>
      <indexFiles>index.html, index.php</indexFiles>
      <htAccess>
        <allowOverride>2</allowOverride>
        <accessFileName>.htaccess</accessFileName>
      </htAccess>
      <expires>
        <enableExpires>0</enableExpires>
        <expiresDefault></expiresDefault>
        <expiresByType>image/*=A604800, text/css=A604800, application/x-javascript=A604800</expiresByType>
      </expires>
      <tuning>
        <maxConnections>75000</maxConnections>
        <maxSSLConnections>0</maxSSLConnections>
        <connTimeout>100</connTimeout>
        <maxKeepAliveReq>1000</maxKeepAliveReq>
        <smartKeepAlive>1</smartKeepAlive>
        <keepAliveTimeout>15</keepAliveTimeout>
        <sndBufSize>5096</sndBufSize>
        <rcvBufSize>0</rcvBufSize>
        <eventDispatcher>epoll</eventDispatcher>
        <maxCachedFileSize>4096</maxCachedFileSize>
        <totalInMemCacheSize>20M</totalInMemCacheSize>
        <maxMMapFileSize>256K</maxMMapFileSize>
        <totalMMapCacheSize>40M</totalMMapCacheSize>
        <useSendfile>1</useSendfile>
        <etagNoInode></etagNoInode>
        <SSLCryptoDevice>null</SSLCryptoDevice>
        <maxReqURLLen>450</maxReqURLLen>
        <maxReqHeaderSize>16380</maxReqHeaderSize>
        <maxReqBodySize>50M</maxReqBodySize>
        <maxDynRespHeaderSize>4K</maxDynRespHeaderSize>
        <maxDynRespSize>50M</maxDynRespSize>
        <enableGzipCompress>0</enableGzipCompress>
        <enableDynGzipCompress>0</enableDynGzipCompress>
        <gzipCompressLevel>1</gzipCompressLevel>
        <compressibleTypes>text/*, application/x-javascript, application/xml</compressibleTypes>
        <gzipAutoUpdateStatic>1</gzipAutoUpdateStatic>
        <gzipCacheDir></gzipCacheDir>
        <gzipStaticCompressLevel>3</gzipStaticCompressLevel>
        <gzipMaxFileSize>1M</gzipMaxFileSize>
        <gzipMinFileSize>300</gzipMinFileSize>
      </tuning>
      <security>
        <fileAccessControl>
          <followSymbolLink>1</followSymbolLink>
          <checkSymbolLink>0</checkSymbolLink>
          <requiredPermissionMask>000</requiredPermissionMask>
          <restrictedPermissionMask>000</restrictedPermissionMask>
        </fileAccessControl>
        <perClientConnLimit>
          <staticReqPerSec>12</staticReqPerSec>
          <dynReqPerSec>10</dynReqPerSec>
          <outBandwidth>400K</outBandwidth>
          <inBandwidth>35K</inBandwidth>
          <softLimit>1</softLimit>
          <hardLimit>4</hardLimit>
          <gracePeriod>15</gracePeriod>
          <banPeriod>300</banPeriod>
        </perClientConnLimit>
        <CGIRLimit>
          <maxCGIInstances>20</maxCGIInstances>
          <minUID>11</minUID>
          <minGID>10</minGID>
          <priority>0</priority>
          <CPUSoftLimit>300</CPUSoftLimit>
          <CPUHardLimit>600</CPUHardLimit>
          <memSoftLimit>250M</memSoftLimit>
          <memHardLimit>300M</memHardLimit>
          <procSoftLimit>400</procSoftLimit>
          <procHardLimit>450</procHardLimit>
        </CGIRLimit>
        <censorshipControl>
          <enableCensorship>1</enableCensorship>
          <logLevel>0</logLevel>
          <defaultAction>deny,log,status:403</defaultAction>
          <scanPOST>1</scanPOST>
        </censorshipControl>
        <censorshipRuleSet>
          <name>XSS attack</name>
          <ruleSetAction>log,deny,status:403,msg:'XSS attack'</ruleSetAction>
          <enabled>1</enabled>
          <ruleSet>SecFilterSelective ARGS &quot;(alert|expression|eval|url)[[:space:]]*\(&quot;
    SecFilterSelective ARGS &quot;(&amp;\{.+\}|(&amp;#[[0-9a-fA-F]]|\x5cx[0-9a-fA-F]){2})&quot;
    
    SecFilterSelective ARGS &quot;((javascript|vbscript):|style[[:space:]]*=)&quot;
    SecFilterSelective ARGS &quot;(fromCharCode|http-equiv|&lt;.+&gt;|innerHTML|dynsrc|--&gt;)&quot;
    SecFilterSelective ARGS &quot;document\.(body|cookie|location|write)&quot;
    
    SecFilterSelective ARGS_VALUES &quot;jsessionid|phpsessid|onReadyStateChange|xmlHttp&quot;
    
    SecFilterSelective ARGS &quot;&lt;(applet|div|embed|iframe|img|meta|object|script|textarea)&quot;
    
    # JavaScript event handlers
    SecFilterSelective ARGS &quot;on(Abort|Blur|Click|DblClick|DragDrop|Error|Focus|KeyUp|KeyDown|KeyPrerss|Load|Mouse(Down|Out|Over|Up)|Move|Reset|Resize|Select|Submit|Unload)&quot;</ruleSet>
        </censorshipRuleSet>
        <censorshipRuleSet>
          <name>SQL injection</name>
          <ruleSetAction>log,pass,msg:'SQL Injection attack'</ruleSetAction>
          <enabled>1</enabled>
          <ruleSet>#SQL generic
    SecFilterSelective ARGS &quot;drop[[:space:]]+(database|table|column|procedure)&quot;
    SecFilterSelective ARGS &quot;delete[[:space:]]+from|create[[:space:]]+table|update.+set.+=|insert[[:space:]]+into.+values&quot;
    SecFilterSelective ARGS &quot;select.+from|bulk[[:space:]]+insert|union.+select|alter[[:space:]]+table&quot;
    SecFilterSelective ARGS &quot;or.+1[[:space:]]*=[[:space:]]1|or 1=1--'|'.+--&quot;
    
    SecFilterSelective ARGS &quot;into[[:space:]]+outfile|load[[:space:]]+data|/\*.+\*/&quot;</ruleSet>
        </censorshipRuleSet>
        <accessDenyDir>
          <dir>/</dir>
          <dir>/etc/*</dir>
          <dir>/dev/*</dir>
          <dir>$SERVER_ROOT/conf/*</dir>
          <dir>$SERVER_ROOT/admin/conf/*</dir>
        </accessDenyDir>
        <accessControl>
          <allow>ALL</allow>
          <deny></deny>
        </accessControl>
      </security>
      <extProcessorList>
        <extProcessor>
          <type>lsapi</type>
          <name>phpLsapi</name>
          <address>uds://tmp/lshttpd/lsphp.sock</address>
          <note></note>
          <maxConns>50000</maxConns>
          <env>PHP_LSAPI_MAX_REQUESTS=50000</env>
          <env>PHP_LSAPI_CHILDREN=200</env>
          <initTimeout>100</initTimeout>
          <retryTimeout>30</retryTimeout>
          <persistConn>1</persistConn>
          <pcKeepAliveTimeout>15</pcKeepAliveTimeout>
          <respBuffer>5096</respBuffer>
          <autoStart>1</autoStart>
          <path>$SERVER_ROOT/fcgi-bin/lsphp</path>
          <backlog>100</backlog>
          <instances>1</instances>
          <runOnStartUp>1</runOnStartUp>
          <extMaxIdleTime>40</extMaxIdleTime>
          <priority>-1</priority>
          <memSoftLimit>250M</memSoftLimit>
          <memHardLimit>760M</memHardLimit>
          <procSoftLimit>5</procSoftLimit>
          <procHardLimit>60</procHardLimit>
        </extProcessor>
      </extProcessorList>
      <scriptHandlerList>
        <scriptHandler>
          <suffix>php</suffix>
          <type>lsapi</type>
          <handler>phpLsapi</handler>
        </scriptHandler>
      </scriptHandlerList>
      <railsDefaults>
        <rubyBin></rubyBin>
        <railsEnv>1</railsEnv>
        <maxConns>5</maxConns>
        <env>LSAPI_MAX_REQS=1000</env>
        <env>LSAPI_MAX_IDLE=60</env>
        <initTimeout>180</initTimeout>
        <retryTimeout>0</retryTimeout>
        <pcKeepAliveTimeout>60</pcKeepAliveTimeout>
        <respBuffer>0</respBuffer>
        <backlog>50</backlog>
        <runOnStartUp>1</runOnStartUp>
        <extMaxIdleTime></extMaxIdleTime>
        <priority>3</priority>
        <memSoftLimit>250M</memSoftLimit>
        <memHardLimit>300M</memHardLimit>
        <procSoftLimit>200</procSoftLimit>
        <procHardLimit>300</procHardLimit>
      </railsDefaults>
      <virtualHostList>
        <virtualHost>
          <name>NewZoozleOrg</name>
          <vhRoot>/home/wwwroot</vhRoot>
          <configFile>/home/litespeed/conf/vhconf.xml</configFile>
          <note></note>
          <allowSymbolLink>1</allowSymbolLink>
          <enableScript>1</enableScript>
          <restrained>1</restrained>
          <maxKeepAliveReq>1000</maxKeepAliveReq>
          <smartKeepAlive>1</smartKeepAlive>
          <setUIDMode>0</setUIDMode>
          <chrootMode>0</chrootMode>
          <staticReqPerSec>5</staticReqPerSec>
          <dynReqPerSec>5</dynReqPerSec>
          <outBandwidth>400K</outBandwidth>
          <inBandwidth>30K</inBandwidth>
        </virtualHost>
      </virtualHostList>
      <listenerList>
        <listener>
          <name>NewZoozleOrg</name>
          <address>87.106.134.107:80</address>
          <binding>15</binding>
          <secure>0</secure>
          <note></note>
          <vhostMapList>
            <vhostMap>
              <vhost>NewZoozleOrg</vhost>
              <domain>zoozle.org, zoozle.eu, *</domain>
            </vhostMap>
          </vhostMapList>
        </listener>
      </listenerList>
    </httpServerConfig>
    

Share This Page