VPSes are really hard to use with the memory restrictions and CPU limitations...but with some optimization they can definitely serve your websites fast!

MySQL Optimization
Here are my suggested settings for the my.cnf file. This should work well for a VPS with 256-512MB RAM.


[mysqld]
max_connections = 400
key_buffer = 16M
myisam_sort_buffer_size = 32M
join_buffer_size = 1M
read_buffer_size = 1M
sort_buffer_size = 2M
table_cache = 1024
thread_cache_size = 286
interactive_timeout = 25
wait_timeout = 1000
connect_timeout = 10
max_allowed_packet = 16M
max_connect_errors = 10
query_cache_limit = 1M
query_cache_size = 16M
query_cache_type = 1
tmp_table_size = 16M
skip-innodb

[mysqld_safe]
open_files_limit = 8192

[mysqldump]
quick
max_allowed_packet = 16M

[myisamchk]
key_buffer = 32M
sort_buffer = 32M
read_buffer = 16M
write_buffer = 16M
In order to make things even faster, you can customize these settings specifically for your VPSs' usage. There's a great howto on InterWorx's forum for this --> http://www.interworx.com/forums/showthread.php?p=2346

Lastly, I recommend installing mytop to help you monitor your usage...
wget http://dll.elix.us/mytop-1.4.tar.gz
tar -zxvf mytop-1.4.tar.gz
cd mytop-1.4
perl Makefile.PL
make
make test
make install
Once that's done, just enter in "mytop" :).

PHP & Apache Optimization
I strongly recommend installing eAccelerator. There's an easy to follow howto here: http://forum.ev1servers.net/showthread.php?t=23574&highlight=eaccelerator. If you use the default cache dir for eAccelerator (/tmp/eaccelerator) make sure you check it reguarily and clean it every once and a while. (it can really get quite large from my experience)

For httpd.conf I suggest:
Timeout 200
KeepAlive On
maxKeepAliveRequests 100
KeepAliveTimeout 3
MinSpareServers 10
MaxSpareServers 20
StartServers 15
MaxClients 250
MaxRequestsPerChild 0
HostnameLookups Off

You can use ab to benchmark your Apache before and after you make changes.

ab -c 5 -n 20 somephpbasedsiteonyourserver.com/file.php

I suggest doing 2 or 3 tests like that to get an average.

If you want to check the Apache error log, try this -->
cat /usr/local/apache/logs/error_log

Monitoring Usage
On a Virtuozzo VPS you can use cat /proc/usr_beancounters to output your usage of the VZ parameters. You should pay most attention to oomguarpages and privmpages. (although anything with a failure is generally bad)

You can find the amount of connections to Apache with this command:
netstat -nt | grep :80 | wc -l

To find the amount of Apache processes use this command:
ps -A | grep httpd | wc -l (this will show the process count)
ps -aux | grep httpd (this will show the actual processes)

To find the amount of MySQL processes use this command:
ps -A | grep mysql | wc -l (this will show the process count)
ps -aux | grep mysql (this will show the actual processes)

Just simply using top (standard view) or top -c (will show the actual command being used and/or location of each process as opposed to just the name) can help you monitor your VPS usage very wel.

To see your disk space usage, try using this command --> df -h

Mitigating (D)DOS
If you're being DDOS'd or DOS'd you can use this command:
netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n

That will help you see how many connections each IP address has in total to your server.

There's a very decent script you can use to automate the banning of IP addresses available here --> http://forums.deftechgroup.com/showthread.php?t=825

Although I haven't tried it myself, I suggest you take a look at Scrutinizer as well which sounds very useful --> http://www.solutix.ch/cgi-bin/index.pl

Spam Assassin
Spam Assassin can take up a lot of memory and make it really hard to host just a few sites on a VPS, but there is a way around this...

Login to WHM as root, scroll down to "cPanel 10.8.1-R15" (it may be slightly different depending on what version you are using) then goto "Addon Modules" and install "spamdconf". Once it's done, refresh the WHM page, scroll down to "Add-ons" on the nav bar and then click on 'Setup Spamd Startup Configuration". Set "Maximum Children" to "2". Then hit Submit. Wait a few seconds (15-30, but usually less) for exim to restart and you're done :).

cPanel Tweak Setings
Login to WHM as root, and under "Server Configuration" on the nav bar hit "Tweak Settings".

Here are some suggested settings:
Default catch-all/default address behavior for new accounts. fail will generally save the most CPU time.
- Use "FAIL". If you already have some accounts setup not to use "FAIL" (by default it will not) then run this command to convert to FAIL from BLACKHOLE --> perl -pi -e "s/:blackhole:/:fail:/g;" /etc/valiases/*

Mailman
- Mailman tends to use a lot of resources, so if you don't need cpanel mailing lists then uncheck this.

Number of minutes between mail server queue runs (default is 60).:
- You may want to set this to 180 to reduce load.

Track the origin of messages sent though the mail server by adding the X-Source headers (exim 4.34+ required)
- This is just generally a good idea. So check this.

Analog Stats
- I find this useless, so uncheck this. If you want to delete the existing analog stats files just run this command --> rm -rf /home/*/tmp/analog/*

Awstats Reverse Dns Resolution
- Make sure this is unchecked, I find it pretty much useless for most users.

Awstats Stats
- You can check this if you need a robust stats software that integrates with cPanel, if you don't need it, then don't check it. *Note most hosting clients will want to use this. If you want to delete the existing awstats stats files just run this command --> rm -rf /home/*/tmp/awstats/*

Webalizer Stats
- Not many hosting clients will want to use this so, you can uncheck this to reduce load. If you want to delete the existing webalizer stats files just run this command --> rm -rf /home/*/tmp/webalizer/*

Delete each domain's access logs after stats run
- Make sure this is checked, otherwise disk space usage can really rack up!

That's about it for now, I may do some more later....

Hope it helps!

http://www.eth0.us/mod_evasive - also a great tool for helping against DDOS attacks.

Awesome post!...

Thanks a lot elix.

Awesome post!...

Thanks a lot elix.
Glad to hear it helped =)

Bookmarked. For those of us VPS NEWBIES contemplating a shift from shared hosting to a VPS and all the responsibility that entails, posts like this are a Godsend.

Thanks!

Bookmarked. For those of us VPS NEWBIES contemplating a shift from shared hosting to a VPS and all the responsibility that entails, posts like this are a Godsend.

Thanks!
Your welcome!

Wow! This post is amazing! Bookmarked of course, and will definatly be trying everything that you mention out on my VPS. Good job!

Wow! This post is amazing! Bookmarked of course, and will definatly be trying everything that you mention out on my VPS. Good job!
Thank you! :)

Thanks for the information. =)

No problem, and if anyone needs any help applying some of these tweaks, just let me know =)

want to add somthing to elix's great thread

How to install Rkhunter (rootkit scanner)

You need to be in root (su)

1.Get Files
wget http://downloads.rootkit.nl/rkhunter-1.2.7.tar.gz

2. Unpack
tar -xvzf rkhunter-1.2.7.tar.gz

3.
cd rkhunter

4.
./install.sh

How to run

1. Running update
rkhunter --update

2. Checking for rootkits
rkhunter --checkall

Nice tutorial, pztup...

Just one thing I wanted to amend to my MySQL config...

wait_timeout -- you may want to set this it a lower number (like 100 or even less) if your MySQL is used more intensively. 400 is good if your MySQL isn't used a lot, therefore you can afford some more open processes..

Wow. One of the best posts I have ever read on WHT.

some great info, all in one place, thanks for the post.

No problem! Glad to hear it's useful.

I just signed up with a baby VPS so I can play with it and learn more, so I only have 128K of Ram. What settings would you use then? I know its not practical to have this little Ram on a production site, but it would be helpful info.

I found that most VPS hosts force you to run your own mail and DNS server. This is fine if you really want to customize those two things, but I don't need it. I prefer the way a standard hosting account works: the provider handles all the mail software and DNS.

Anyway, I found this today:
www dot zoneedit dot com

They will handle your DNS for free. They also run a mail server that you can optionally have your mail sent to, and forwarded to any e-mail address.

I should mention that I found a similar service that has a few more caveats and doesn't offer the mail server:
freedns dot afraid dot org

I just signed up with a baby VPS so I can play with it and learn more, so I only have 128K of Ram. What settings would you use then? I know its not practical to have this little Ram on a production site, but it would be helpful info.
What are you mainly going to use the VPS for?

Great tutorial. Thanks for taking your time and posting this up!

Great tutorial. Thanks for taking your time and posting this up!
No problem!

can anyone help me out here? im a complete VPS newbie... how do i edit my.cnf so i can use elix settings, i have my VPS all set up, i have an account with SSH access and all that...

i dont know if im giving the right information so just let me know, thanks!

PM me with access details for your VPS (if you wish to provide them, I won't do any harm as I have worked on a lot of people's servers to their satisfaction).

Thanks

elix

For those in the really tiny vps plans (64-96mb), lighttpd is a goodly server. Fast with a small memory footprint. meta.wikimedia.org/wiki/Installing_MediaWiki_with_Lighttpd is a good guide to setting up lighttpd/php-fcgi/mysql on a Debian installation.

In addition to eacclerator, install Zend optimizer as well, they coexist nicely and work to speed up php quite a bit.

Good suggestions there!

I'll second inferis' recommendation of lighttpd on low-memory VPSes. I've got a 32 meg VPS from unixshell, happily serving a big pile of static domains. For 8 bucks a month.

If anybody needs help setting up their VPS / Managing. PM me we can work something out. I'm hvu @ PowerVPS forums btw. Elix knows my work (;

That's great from you

I will be hosting a few small sites right now, just my personal ones. I have a few MSQL data bases, but no forums or downloads. Consider it mostly brochure-ware.

What are you mainly going to use the VPS for?

I will be running only about 15 sites, 10 of which have MSQL databases on. No forms or large downloads. Mostly Blogs and brochure ware.

Van

I will be running only about 15 sites, 10 of which have MSQL databases on. No forms or large downloads. Mostly Blogs and brochure ware.

Van
Try this for the httpd.conf settings:

Timeout 150
KeepAlive Off
MinSpareServers 3
MaxSpareServers 6
StartServers 2
MaxClients 150
MaxRequestsPerChild 0
HostnameLookups Off

I'll have a MySQL config ready a little later.

But, I have a question...are these sites popular?

Try this for the httpd.conf settings:

Timeout 150
KeepAlive Off
MinSpareServers 3
MaxSpareServers 6
StartServers 2
MaxClients 150
MaxRequestsPerChild 0
HostnameLookups Off

I'll have a MySQL config ready a little later.

But, I have a question...are these sites popular?

Nothing I do is popular:( no, just kidding. I don't get a lot of traffic, about 500 unique visitors per day.

Thanks,
Van

Timeout 150
KeepAlive Off
MinSpareServers 4
MaxSpareServers 8
StartServers 3
MaxClients 150
MaxRequestsPerChild 0
HostnameLookups Off

That should work better. Also, get rid of unneeded modules to lower the Apache footprint.

I strongly recommend installing eAccelerator. There's an easy to follow howto here: http://forum.ev1servers.net/showthread.php?t=23574&highlight=eaccelerator. If you use the default cache dir for eAccelerator (/tmp/eaccelerator) make sure you check it reguarily and clean it every once and a while. (it can really get quite large from my experience)



Elix,
On eAccelerator's home page they say there has been problems with Dual Processors and 64 bit. I am on Dual Opterons, so do you still reccomend the program? Or are the problems minor? If not, is there an alternative?

Thanks,
Your awesome
Van

I have no problems on my VPS. Try it out (:

Elix,
On eAccelerator's home page they say there has been problems with Dual Processors and 64 bit. I am on Dual Opterons, so do you still reccomend the program? Or are the problems minor? If not, is there an alternative?

Thanks,
Your awesome
Van
I think the issues might be for actual Dual processor servers, but probably not for VPSes. I have never had an issue really.

want to add somthing to elix's great thread

How to install Rkhunter (rootkit scanner)

You need to be in root (su)

1.Get Files
wget http://downloads.rootkit.nl/rkhunter-1.2.7.tar.gz

2. Unpack
tar -xvzf rkhunter-1.2.7.tar.gz

3.
cd rkhunter

4.
./install.sh

How to run

1. Running update
rkhunter --update

2. Checking for rootkits
rkhunter --checkall

Is there any reason you run that root kit checker and not:
CHKROOTKIT?

Just curious - is it better, a preference or you found it first?

Cheers

Is there any reason you run that root kit checker and not:
CHKROOTKIT?

Just curious - is it better, a preference or you found it first?

Cheers
I'm not pztup, but I believe I can answer.

I've seen that RK Hunter tunds to work a little (for me atleast) than Chkrootkit, but there is no harm in running both (as far as I know).

Thanks alot for the great post really :)
But what about installing APF on the VPS with 256-512 RAM .. Will it work fine ? cuz I heared that APF doesnt work well on VPSs. If so is there an alternative for a good firewall ?

Thanks ...

If so is there an alternative for a good firewall ?Thanks ...

Another option - check the post by pztup: http://www.webhostingtalk.com/showthread.php?threadid=321882

Thanks for the info. I will be sure to try them out. Always looking to squeeze another ounce or two out of my VPS.

Thanks for the info. I will be sure to try them out. Always looking to squeeze another ounce or two out of my VPS.
Glad to hear it's useful to you. Good luck.

PHP & Apache Optimization
I strongly recommend installing eAccelerator.

Is eAccelerator basically the same thing as the zend optimiser?

Is eAccelerator basically the same thing as the zend optimiser?
Nope. Zend Optimizer doesn't cache PHP scripts and doesn't help improve performance (for the most part).

Eaccelerator can be configured to work with Zend Optimizer and cache PHP scripts to improve performance.

Thanks for a very helpful post!

Thanks for a very helpful post!
No problem :)

Nope. Zend Optimizer doesn't cache PHP scripts and doesn't help improve performance (for the most part).

Eaccelerator can be configured to work with Zend Optimizer and cache PHP scripts to improve performance.


Any insight on how this is done?

http://forum.ev1servers.net/showthread.php?t=23574&highlight=eaccelerator

Has a guide :)

elix,

great tutorial..actually saved alot of my memory for mysql because it was eating it up like crazy for my blogging and installed your mytop which was nice

one problem for me, where does this mysql caching write too..I don't know much about this stuff so I don't know where to look in my vps because I deleted some plugins and they still keep coming up in my blog so I guess I need to clean up the cache to reflect these changes..

thanks for your help ahead of time

stupid me..it was in tmp folder...lol

elix,

great tutorial..actually saved alot of my memory for mysql because it was eating it up like crazy for my blogging and installed your mytop which was nice

one problem for me, where does this mysql caching write too..I don't know much about this stuff so I don't know where to look in my vps because I deleted some plugins and they still keep coming up in my blog so I guess I need to clean up the cache to reflect these changes..

thanks for your help ahead of time
the query cache won't cause issues like that from what I've seen.

and thanks for your kind words =)

your right...it was in mysql..didn't get deleted correctly and kept showing up..had to go through alot of tables to find it

one of my VPS has optimized by my friend but my other VPS not. When i check its .my.cnf file there is only

[client]
user:xx
pass:xxx

it has 256 mb ram. And has some database reletaed sites. 10 domains Are the first message settings good for that

thanks

one of my VPS has optimized by my friend but my other VPS not. When i check its .my.cnf file there is only

[client]
user:xx
pass:xxx

it has 256 mb ram. And has some database reletaed sites. 10 domains Are the first message settings good for that

thanks
It should work just fine, yes. Let me know if that is not the case.

Thanks!