Our documentation is getting an overhaul! We would like your input! Click here to take a look at the beta launch of our new documentation site! Only cPanel & WHM version 82 documentation exists on our beta at this time. 84 will be added to the new site soon! Leave your feedback here: https://go.cpanel.net/docsfeedback
Global Configuration - Version 82 Documentation - cPanel Documentation
Page tree
For cPanel & WHM version 82.


Skip to end of metadata
Go to start of metadata

(WHM >> Home >> Service Configuration >> Apache Configuration)

Overview

This feature allows you to adjust several of the Apache® web server's advanced features. Many of these directives require that you format your entry in a specific way. Click a directive name to view its documentation on the Apache website.

Global Configuration

Note:

  • Some of these settings require that you install Multi-Processing Modules (MPM). For more information, read our MPM documentation.
  • Make certain that you and your users do not require a directive before you disable it.

To configure the advanced features of the Apache web server, use the following directives:

DirectiveDescriptionDefault Settings
SSL Cipher Suite

Sets the OpenSSL ciphers that Apache uses.

Note:

We recommend that you use this directive's default setting to adjust your server for PCI compliance. For more information about PCI compliance, read our PCI Compliance and Software Versions documentation.

By default, cPanel & WHM uses the following cipher list for web services:

 Click to view...
ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256

SSL/TLS Protocols

Determines the SSL and TLS protocols that the client and server negotiate during the SSL/TLS handshake phase.

Warning:

As of cPanel & WHM version 68, we only support Transport Layer Security (TLS) protocol version 1.2

  • We will only support applications that use TLSv1.2.
  • We strongly recommend that you enable TLSv1.2 on your server. 

TLSv1.2
Extended StatusShows more details about incoming requests. This appears in WHM's Apache Status interface (WHM >> Home  >> Server Status >> Apache Status).On
LogLevel Sets the verbosity of the error log.warn
LogFormat (combined)

The Apache log file's format, which includes the referrer and user agent strings.

Note:

The system defaults to this format.

%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"
LogFormat (common) The Apache log file's format.%h %l %u %t \"%r\" %>s %b
Trace Enable Allows or disallows TRACE requests.Off
Server Signature Determines whether server information appears in error results and other information that the server generates.Off
Server Tokens

Determines the amount of information that Apache provides to visitors in Server HTTP response headers.

ProductOnly
File ETag

Determines the amount of information that Apache provides to visitors who request a file via HTTP.

  • ETags display meta information to visitors who request a file.
  • This directive can potentially reduce server load and increase load speed.
None
Directory "/" Options Sets several options that pertain to the root (/) directory.
  • ExecCGI
  • FollowSymLinks
  • IncludesNOEXEC
  • Indexes
Start Servers Defines the number of child server processes that Apache creates when it starts.5
Minimum Spare Servers

Sets the minimum number of idle child server processes. Only configure this directive for very busy servers.

Note:

To configure this setting, you must install the MPM Prefork module.

5
Maximum Spare Servers

Sets the maximum number of idle child server processes. Only configure this directive for very busy servers.

Note:

To configure this setting, you must install the MPM Prefork module.

10
Server Limit Defines the maximum configured value for the MaxRequestWorkers directive (the MaxClients directive in Apache versions earlier than 2.4) for the lifetime of the Apache process.256

Max Request Workers

Sets the limit on the number of simultaneous requests that Apache serves. For example, use this value to change the maximum number of HTTP connections.

You can enter a number equal to or lower than the value of the Server Limit setting

(Apache refers to this directive as Max Clients in versions earlier than 2.4.)

Note:

To configure this setting, you must install the MPM Event, MPM Worker, or MPM Prefork module.

150

Max Connections Per Child

Sets the limit on the number of requests that an individual child server process handles. After the child server processes a MaxConnectionsPerChild number of requests, the child server process terminates. If the MaxConnectionsPerChild setting equals 0, the child server process never expires.

(Apache refers to this directive as Max Requests Per Child in versions earlier than 2.4.)

Note:

To configure this setting, you must install the MPM Prefork module.

10000
Keep-Alive Enables long-lived HTTP sessions, which allow you to send multiple requests over the same TCP connection. This directive can reduce load times for HTML documents with many images.Off
Keep-Alive Timeout Defines the number of seconds that Apache waits for another request before Apache closes a connection.5
Max Keep-Alive Requests Limits the number of requests that a TCP connection can make when you enable the KeepAlive directive. If you do not wish to limit KeepAlive directive requests, set this value to 0.100
Timeout Defines the amount of time (in seconds) that Apache waits for certain events before Apache fails a request.300
Symlink Protection Enables the Symlink Protection patch, which helps improve Apache's ability to detect a race condition.Off

After you update the desired configuration options, click Save. A new interface will appear. Click Rebuild Configuration and Restart Apache.

To undo any of your changes, click Reset.

Manually edit Apache features

To manually configure the advanced features of the Apache web server, perform the following steps:

  1. Log in to your server as the root user via SSH.

  2. Open the /var/cpanel/conf/apache/local file and locate the setting that you wish to edit, for example:

     "servertokens": 'Full'
  3. Enter the desired value for that setting, for example:

     "servertokens": 'Minimal'

    For a complete list of each feature's valid values, read Apache's Directive Quick Reference documentation.

  4. Run the /scripts/rebuildhttpdconf script to rebuild the httpd configuration file.
  5. Restart Apache with the /usr/local/cpanel/scripts/restartsrv_httpd script.

Additional documentation