Global Configuration v86

Valid for versions 86 through the latest version

Version:

82

84

86


Overview

This feature allows you to adjust several of the Apache® web server’s advanced features. Many of these directives require that you format your entry in a specific way. Click a directive name to view its documentation on the Apache website.

Global Configuration

Note:
  • Some of these settings require that you install Multi-Processing Modules (MPM). For more information, read our MPM documentation.

  • Make certain that you and your users do not require a directive before you disable it.

To configure the advanced features of the Apache web server, use the following directives:

Directive Description Default Settings
SSL Cipher Suite Sets the OpenSSL ciphers that Apache uses.
Note:
We recommend that you use this directive’s default setting to adjust your server for PCI compliance. For more information about PCI compliance, read our PCI Compliance and Software Versions documentation.
By default, cPanel & WHM uses the following cipher list for web services:
ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256
SSL/TLS Protocols Determines the SSL and TLS protocols that the client and server negotiate during the SSL/TLS handshake phase.
Warning:

We support Transport Layer Security (TLS) protocol version 1.2 and TLS version 1.3.

  • We strongly recommend that you enable TLSv1.2 on your server.
  • Some clients don’t support TLSv1.3, which requires OpenSSL 1.1.1 or higher.
TLSv1.2
SSL Use Stapling This option enables Online Certificate Status Protocol (OCSP) stapling. If enabled and requested by the client, the TLS handshake will include an OCSP response for its own certificate. This improves performance and security because the client does not need to contact the Certificate Authority (CA). For more information, read Wikipedia’s OCSP stapling article. On
Extended Status Shows more details about incoming requests. This information appears in WHM’s Apache Status (WHM >> Home >> Server Status >> Apache Status) interface. On
LogLevel Sets the verbosity of the error log. warn
LogFormat (combined) The Apache log file’s format, which includes the referrer and user agent strings.
Note:
The system defaults to this format.
%h %l %u %t \“%r\” %>s %b \“%{Referer}i\” \“%{User-Agent}i\”
LogFormat (common) The Apache log file’s format. %h %l %u %t \“%r\” %>s %b
Trace Enable Allows or disallows TRACE requests. Off
Server Signature Determines whether server information appears in error results and other information that the server generates. Off
Server Tokens Determines the amount of information that Apache provides to visitors in Server HTTP response headers.
File ETag Determines the amount of information that Apache provides to visitors who request a file via HTTP.
  • ETags display meta information to visitors who request a file.
  • This directive can potentially reduce server load and increase load speed.
None
Directory “/” Options Sets several options that pertain to the root (/) directory.
  • ExecCGI
  • FollowSymLinks
  • IncludesNOEXEC
  • Indexes
Start Servers Defines the number of child server processes that Apache creates when it starts. 5
Minimum Spare Servers Sets the minimum number of idle child server processes. Only configure this directive for very busy servers.
Note:
To configure this setting, you must install the MPM Prefork module.
5
Maximum Spare Servers Sets the maximum number of idle child server processes. Only configure this directive for very busy servers.
Note:
To configure this setting, you must install the MPM Prefork module.
10
Server Limit Defines the maximum configured value for the MaxRequestWorkers directive (the MaxClients directive in Apache versions earlier than 2.4) for the lifetime of the Apache process. 256
Max Request Workers Sets the limit on the number of simultaneous requests that Apache serves. For example, use this value to change the maximum number of HTTP connections. You can enter a number equal to or lower than the value of the Server Limit setting (Apache refers to this directive as Max Clients in versions earlier than 2.4.)
Note:

To configure this setting, you must install the MPM Event, MPM Worker, or MPM Prefork module.

150
Max Connections Per Child Sets the limit on the number of requests that an individual child server process handles. After the child server processes a MaxConnectionsPerChild number of requests, the child server process terminates. If the MaxConnectionsPerChild setting equals 0, the child server process never expires. (Apache refers to this directive as Max Requests Per Child in versions earlier than 2.4.)
Note:
To configure this setting, you must install the MPM Prefork module.
10000
Keep-Alive Enables long-lived HTTP sessions, which allow you to send multiple requests over the same TCP connection. This directive can reduce load times for HTML documents with many images. Off
Keep-Alive Timeout Defines the number of seconds that Apache waits for another request before Apache closes a connection. 5
Max Keep-Alive Requests Limits the number of requests that a TCP connection can make when you enable the KeepAlive directive. If you do not wish to limit KeepAlive directive requests, set this value to 0. 100
Timeout Defines the amount of time (in seconds) that Apache waits for certain events before Apache fails a request. 300
Symlink Protection Enables the Symlink Protection patch, which helps improve Apache’s ability to detect a race condition. Off

After you update the desired configuration options, click Save. A new interface will appear. Click Rebuild Configuration and Restart Apache.

To undo any of your changes, click Reset.

Manually edit Apache features

The server stores the configuration of your Apache web server in the etc/cpanel/ea4/ea4.conf file. This file replaced the /var/cpanel/conf/apache/local and /var/cpanel/conf/apache/main files.

Warning:
We strongly recommend that you do not directly edit the /etc/cpanel/ea4/ea4.conf file. Use the interface instead. Editing the file directly may result in unexpected results, including server instability.

We provide several other methods to customize your system. You can use one of the following methods to create custom configurations:

For more information, read our Advanced Apache Configuration documentation.

Additional Documentation