Server Tuning

Specifies which I/O event dispatcher to use. Different operating systems support different types of event dispatcher:

• Linux kernel 2.4.x supports:
  • poll
• Linux kernel 2.6.x supports:
  • poll
  • epoll
• FreeBSD supports:
  • poll
  • kqueue
• Solaris supports:
  • poll
  • devpoll
• Mac OS X 10.3 and above supports:
  • poll
  • kqueue

Select from drop down list

Changes shared memory's default directory to the specified path. If the directory does not exist, it will be created. All SHM data will be stored in this directory unless otherwise specified.

Path

Specifies the maximum number of concurrent connections that the server can accept. This includes both plain TCP connections and SSL connections. Once the maximum concurrent connections limit is reached, the server will close Keep-Alive connections when they complete active requests.

Integer number

When the server is started by "root" user, the server will try to adjust the per-process file descriptor limits automatically, however, if this fails, you may need to increase this limit manually.

Specifies the maximum number of concurrent SSL connections the server will accept. Since total concurrent SSL and non-SSL connections cannot exceed the limit specified by Max Connections, the actual number of concurrent SSL connections allowed must be lower than this limit.

Integer number

Specifies the maximum connection idle time allowed during processing one request. The connection will be closed if it has been idle, i.e. no I/O activity, for this period of time.

Integer number

[Security] Set this as low as you can to help recover dead connections during a potential DoS attack.

Keep-Alive Timeout (secs)

Specifies the maximum number of requests that can be served through a keep-alive (persistent) session. The connection will be closed once this limit is reached. You can set this limit for each virtual host as well.

Integer number

[Performance] Set this to a reasonably high value. A value of "1" or "0" will disable keep-alive.

Virtual Host Max Keep-Alive Requests

Specifies whether to turn on Smart Keep-Alive. This option is effective only if Max Keep-Alive Requests is greater than 1. If enabled, you can also enable/disable it at the virtual host level. Smart keep-alive will only establish keep-alive connections for requests of JavaScript, CSS Style Sheet, and image files. For html pages, the connection will not be kept alive. This will help serve more users more efficiently. Normally a web page contains multiple images and scripts that will be cached by the browser after the initial request. It is more efficient to send those non-html static files through a single keep-alive connection and have the text/html file sent through another non-keep-alive connection. This method will reduce idle connections and in turn increase the capacity to handle more concurrent requests and users.

Select from radio box

[Performance] Enable this for high-load web sites.

Virtual Host Smart Keep-Alive

Specifies the maximum idle time between requests from a keep-alive connection. If no new request is received during this period of time, the connection will be closed. This setting only applies to HTTP/1.1 connections. HTTP/2 connections have long keep-alive timeouts by design and are not affected by this setting.

Integer number

[Security & Performance] We recommend that you set this value just long enough to wait for subsequent requests from a client when there are more assets referenced by a single page that need to be loaded. Do not set this too long hoping that the next page will be served over the keep-alive connection. Keeping many idle keep-alive connections is a waste of server resources and could be taken advantage of by (D)DoS attacks. 2-5 seconds is a reasonable range for most applications. LiteSpeed is highly efficient in a non-keep-alive environment.

The sending buffer size of each TCP socket. 512K is the maximum allowed buffer size.

Integer number

[Performance] It is recommended to leave this value as "Not Set" or set to 0 to use the operating system's default buffer size.
[Performance] If your web site serves large static files, increase the send buffer size to improve performance.
[Performance] Setting this to a lower value will reduce throughput and memory usage per socket allowing the server to have more concurrent sockets when memory is a bottleneck.

The receiving buffer size of each TCP socket. 512K is the maximum allowed buffer size.

Integer number

[Performance] It is recommended to leave this value as "Not Set" or set to 0 to use the operating system's default buffer size.
[Performance] A large receive buffer will increase performance when processing incoming requests with large payloads, i.e. file uploads.
[Performance] Setting this to a lower value will reduce throughput and memory usage per socket allowing the server to have more concurrent sockets when memory is a bottleneck.

Specifies the maximum size of a request URL. URL is the full text address used to access a server resource including the query string. 8192 bytes is the hard limit.

Integer number

[Security & Performance] Set it reasonably low to reduce memory usage and help identify bogus requests and DoS attacks.
2-3K is big enough for most web sites unless the HTTP GET method is used with large query strings instead of POST.

Specifies the maximum size of an HTTP request header including request URL. Hard limit is 16380 bytes.

Integer number

[Security & Performance] Set it reasonably low to reduce memory usage and help identify bogus requests and DoS attacks.
4-8K is big enough for most web sites.

Specifies the maximum size of an HTTP request body. For a 32Bit OS, 2GB is the hard limit. For a 64Bit OS, it is virtually unlimited.

Integer number

[Security] To help prevent DoS attacks, try to constrain this limit to only what is really needed. Your swapping space must have enough free space to accommodate this limit.

Specifies the maximum header size of a dynamically generated response. Hard limit is 8KB.

Integer number

[Reliability & Performance] Set it reasonably low to help recognize bad responses dynamically generated by external applications.

Specifies the maximum body size of a dynamically generated response. Hard limit is 2047MB.

Integer number

[Reliability & Performance] Set the limit reasonably low to help identify bad responses. It is not uncommon to malformed scripts to contain an infinite loop which leads to infinity-sized responses.

Specifies the largest static file that will be cached in a pre-allocated memory buffer. Static files can be served in four different ways: memory buffer cache, memory-mapped cache, plain read/write, and sendfile(). Files whose size is smaller than this setting are served from memory buffer cache. Files whose size is larger than this setting, but smaller than the Max MMAP File Size (bytes) will be served from memory-mapped cache. Files whose size is larger than the Max MMAP File Size (bytes) will be served via plain read/write or sendfile(). It is optimal to serve static files smaller than 4K from the memory buffer cache.

Integer number

Specifies the total memory that can be allocated to the buffer cache in order to cache/serve small static files.

Integer number

Specifies the largest static file that will be memory mapped (MMAP). Static files can be served in four different ways: memory buffer cache, memory-mapped cache, plain read/write, and sendfile(). Files whose size is smaller than the Max Cached Small File Size (bytes) are served from memory buffer cache. Files whose size is larger than the Max Cached Small File Size (bytes), but smaller than the Max MMAP File Size will be served from memory-mapped cache. Files whose size is larger than the Max MMAP File Size will be served via plain read/write or sendfile(). Since the server has a 32bit address space (2GB), it is not recommended to memory map very large files.

Integer number

Specifies the total memory that can be allocated for memory- mapped cache in order to cache/serve medium sized static files.

Integer number

Specifies whether to use the sendfile() system call to serve static files. Static files can be served in four different ways: memory buffer cache, memory-mapped cache, plain read/write, and sendfile(). Files smaller than the Max Cached Small File Size (bytes) are served from memory buffer cache. Files larger than the Max Cached Small File Size (bytes) but smaller than the Max MMAP File Size (bytes) will be served from memory-mapped cache. Files larger than the Max MMAP File Size (bytes) will be served via plain read/write or sendfile(). Sendfile() is a "zero copy" system call that can greatly reduce CPU utilization when serving very large static files. Sendfile() requires an optimized network card kernel driver and thus may not be suitable for some small-vendor network adapters.

Select from radio box

Specifies whether to use a file's inode, last-modified time, and size attributes to generate the ETag HTTP response header for static files. All three attributes are enabled by default. If you plan to serve the same file out of mirrored servers, you should not include inode; otherwise, the ETag generated for one file will be different on different servers.

Select from checkbox

Controls GZIP compression for both static and dynamic HTTP responses.

Select from radio box

[Performance] Enable it to save network bandwidth. Text-based responses such as html, css, and javascript files benefit the most and on average can be compressed to half of their original size.

Controls GZIP compression for dynamically generated HTTP response. Enable Compression must be set to Yes in order to enable dynamic GZIP compression.

Select from radio box

[Performance] Compressing dynamic responses increases CPU and memory utilization but saves network bandwidth.

Specifies the level of compression for dynamic content. Ranges from 1 (lowest) to 9 (highest). The default is 2.

Number between 1 and 9.

[Performance] Higher compression level will use more memory and CPU cycles. You can set it to a higher level if your machine has additional power. There is not much difference between 6 and 9, except 9 uses many more CPU cycles.

Specifies what MIME types are allowed to be compressed.

MIME type list separated by commas. Wild card "*" and negate sign "!" are allowed, such as text/*, !text/js.

If you want to compress text/* but not text/css, you can have a rule like text/*, !text/css. "!" will exclude that MIME type.

[Performance] Only allow types that will benefit from GZIP compression. Binary files such as gif/png/jpeg images and flash files do not benefit from compression.

Specifies whether to let the server automatically create/update GZIP-compressed versions of compressible static files or not. If set to Yes, when a file with a MIME type listed in Compressible Types is requested, the server may create or update the corresponding compressed version of the file depending on the compressed file's timestamp. This compressed file is created under the Static GZIP Cache Directory. The filename is based on a MD5 hash of the path of the original file.

Select from radio box

Specifies the path of the directory used to store compressed files for static content. The default is Swapping Directory.

Directory Path

Specifies the level of compression for static content. Ranges from 1 (lowest) to 9 (highest). The default is 6.

Number between 1 and 9.

Specifies the maximum size of a static file for which the server will create a compressed file automatically.

Number in bytes not less than 1K.

[Performance] It is not recommended to have the server create/update compressed files for large files. Compressing blocks an entire server process and no further requests can be processed until the compression is completed.

Specifies the minimum size of a static file for which the server will create a corresponding compressed file.

Number in bytes not less than 200.

It is not necessary to compress very small files as the bandwidth saving is negligible.

Specifies whether to use 2048 or 1024 bit DH keys for SSL handshakes. If set to "Yes", 2048 bit DH keys will be used for 2048 bit SSL keys and certificates. 1024 bit DH keys will still be used in other situations. Default is "Yes".

Earlier versions of Java do not support DH key size higher than 1024 bits. If Java client compatibility is required, this should be set to "No".

radio

Allows listeners/vhosts to set multiple SSL certificates. If multiple certificates are enabled, the certificates/keys are expected to follow a naming scheme. If the cert is named server.crt, other possible cert names are server.crt.rsa, server.crt.dsa, server.crt.ecc. If "Not Set", defaults to "No".

Select from radio box

Enables session id caching. If "Not Set", defaults to "No". (Openssl Default)

Select from radio box

Sets the maximum number of SSL session IDs to store in the cache. Default is 1,000,000.

Integer number

This value determines how long a session ID will be valid within the cache before renegotiation is required. Default is 3,600.

Integer number

Enables session tickets. If "Not Set", the server will use openSSL's default ticket.

Select from radio box

This value determines how long a session ticket will be valid before a renegotiation is required. Default is 3,600.

Integer number

Allows the SSL Ticket Key to be created/maintained by an administrator. The file must be 48 bytes long. If this option is left empty, the load balancer will generate and rotate its own set of keys.

IMPORTANT: To maintain forward secrecy, it is strongly recommended to change the key every SSL Session Ticket Lifetime seconds. If this cannot be done, it is recommended to leave this field empty.

Path