Take down Apache to improve performance and memory efficiency

Can you believe it’s been almost a decade since Apache 2.4 was released?! If you haven’t replaced Apache with Nginx, here’s a quick guide to boosting Apache performance using a method that is often overlooked.

Now, before we get into this, please note that I am not claiming that Apache is faster than Nginx. However, I am not even claiming that it is slow. For the most part, out-of-the-box Apache will be slower than Nginx. Although, when configured correctlyApache can be just as fast as Nginx.

There are a lot of articles on the web about Apache performance, mostly with unfair comparisons describing how fast Nginx vs Apache is. Still, the fact that Apache is a tried-and-true web server played a big role in what became the Internet of web servers, and still plays. with about 30% of all web servers Apache is still running, Take a look at the below benchmark showing Nginx vs Apache 2.4.


Note how well Apache 2.4 vs Nginx performs when using mpm_worker or mpm_event (source).

Nginx is more than a lightweight static http server. Apache comes with a lot of features and modules. Most of the times you only need a few of these. Whereas Nginx provides bare-bones approach and has these core features much faster than Apache. Thus, if you consider how heavy Apache is, it actually performs much better than the credits given.

stripping apache 2.4 (httpd) of unused modules

This is where you have to ask yourself, how many modules of Apache are you actually using? 10%, 20% maybe 30%?! Yes, a key approach to improving Apache’s performance – which is often overlooked – is narrowing it down to only the modules/features you need. This increases throughput while reducing memory and CPU consumption.

Ok, so let’s see what modules are currently loaded by your apache at apache startup. You can view the list of enabled modules by typing the following from the shell:

For CentOS/Fedora (httpd):

httpd -M

For Ubuntu/Debian (Apache 2):

apache2 -M

List of Apache modules loaded by default on CentOS 7

core_module (static)
mpm_prefork_module (static)
http_module (static)
so_module (static)
auth_basic_module (shared)
auth_digest_module (shared)
authn_file_module (shared)
authn_alias_module (shared)
authn_anon_module (shared)
authn_dbm_module (shared)
authn_default_module (shared)
authz_host_module (shared)
authz_user_module (shared)
authz_owner_module (shared)
authz_groupfile_module (shared)
authz_dbm_module (shared)
authz_default_module (shared)
ldap_module (shared)
authnz_ldap_module (shared)
include_modules (shared)
log_config_module (shared)
logio_module (shared)
env_module (shared)
ext_filter_module (shared)
mime_magic_module (shared)
expire_modules (shared)
deflate_module (shared)
header_modules (shared)
usertrack_module (shared)
setenvif_module (shared)
mime_module (shared)
dav_module (shared)
Status_module (Shared)
autoindex_module (shared)
info_module (shared)
dav_fs_module (shared)
vhost_alias_module (shared)
conversation_modules (shared)
dir_module (shared)
action_module (shared)
spelling_module (shared)
userdir_module (shared)
alias_module (shared)
substitute_modules (shared)
rewrite_modules (shared)
proxy_modules (shared)
proxy_balancer_module (shared)
proxy_ftp_module (shared)
proxy_http_module (shared)
proxy_ajp_module (shared)
proxy_connect_module (shared)
cache_modules (shared)
suexec_module (shared)
disk_cache_module (shared)
cgi_module (shared)
version_modules (shared)

in red They are modules that can be safely removed in most environments. The reason for the removal is that Apache will load all of these into the server memory. As a result, making apache heavy and slow for each request, especially as the web server throughput increases!

Here is my final list of modules on CentOS 6.4

core_module (static)
mpm_event_module (static)
http_module (static)
so_module (static)
authz_host_module (shared)
authz_user_module (shared)
authn_file_module (shared)
auth_basic_module (shared)
log_config_module (shared)
logio_module (static)
expire_modules (shared)
deflate_module (shared)
header_modules (shared)
setenvif_module (shared)
mime_module (shared)
dir_module (shared)
alias_module (shared)
rewrite_modules (shared)
proxy_modules (shared)
proxy_fcgi_module (shared)

Notice more than half of the preloaded modules are stripped. I have also replaced mpm prefork with mpm event and added proxy_module and proxy_fcgi_module for php-fpm (see notes at end of article).

Apache Modules Loaded by Default on Ubuntu

core_module (static)
log_config_module (static)
logio_module (static)
version_module (stable)
mpm_prefork_module (static)
http_module (static)
so_module (static)
alias_module (shared)
auth_basic_module (shared)
authn_file_module (shared)
authz_default_module (shared)
authz_groupfile_module (shared)
authz_host_module (shared)
authz_user_module (shared)
autoindex_module (shared)
cgi_module (shared)
deflate_module (shared)
dir_module (shared)
env_module (shared)
mime_module (shared)
conversation_modules (shared)
reqtimeout_module (shared)
setenvif_module (shared)
Status_module (Shared)

Note, fewer modules are enabled by default as compared to CentOS. In fact, Ubuntu’s Apache does not enable some performance-critical modules. (see below)

Here is my final list of modules on Ubuntu

core_module (static)
log_config_module (static)
logio_module (static)
version_module (stable)
mpm_event_module (static)
http_module (static)
so_module (static)
auth_basic_module (shared)
authn_file_module (shared)
authz_host_module (shared)
authz_user_module (shared)
expire_modules (shared)
deflate_module (shared)
header_modules (shared)
dir_module (shared)
mime_module (shared)
setenvif_module (shared)
rewrite_modules (shared)
proxy_modules (shared)
proxy_fcgi_module (shared)

in green There are modules that I’ve added that when configured correctly will improve performance as well. Whereas rewrite_module is needed only for friendly URL rewriting (WordPress permalinks) for web apps like WordPress. Again proxy module for PHP-FPM.

Apache (httpd) specific module notes

mpm_prefork_module – replace it with apache 2.4 mpm_event_module, Its fast and uses less memory. (make it last) You can’t use MPM events with mod_php so I suggest going to PHP fastcgi/PHP-FPM. event mpm No longer experimental and fully supported as of Apache 2.4+.

log_config_module – Once your web app is stable, decide whether to turn off access logging via apache config. Access logs add extra overhead to this everyone Request. This is negligible, but on high-throughput web servers, access logging can lead to more noticeable performance, with gigabytes being written daily. This module is also responsible for the extremely important error logs.

status_module The Status module allows server administrators to track how well Apache is performing. Safe to disable. Tracks all requests. useful

How to Deactivate Apache Modules – Ubuntu / Debian

If you are on Ubuntu, you can disable apache module using shell command. Just type the following (a2dismod nameofmodule) for each module:

a2dismod authz_groupfile

Repeat for each module you need to disable.

How to Deactivate Apache Modules – CentOS/Fedora

If you are running a CentOS server just comment out the lines for each module listed in it /etc/httpd/conf/httpd.conf,

Update 2nd March 2020: Comment these lines on CentOS 8 /etc/httpd/conf.modules.d/00-base.conf

For example, change:

LoadModule auth_digest_module modules/mod_auth_digest.so

To

#LoadModule auth_digest_module modules/mod_auth_digest.so

Repeat for each module. When unsure, disable, then test configuration, disable, test configuration, and so on.

important articles

– Make sure you have a list of modules used with Ubuntu before disabling. On CentOS, copy (cp) httpd.conf to something like httpd.conf_bak. This way you can easily revert the changes.

– With some modules, you must also comment out (remove) the relevant lines of config from httpd.conf (CentOS) or apache2.conf (Ubuntu) if disabled. If you are not very familiar with Apache, disable modules one by one. After disabling each module, restart Apache to test. This is useful because when you disable some modules like dav_module, autoindex_module, etc., some related config lines in httpd.conf or apache2.conf will be stuck. Thus, when you restart Apache, it will show errors. for example:

“Starting httpd: syntax error on line 565 of /etc/httpd/conf/httpd.conf: Invalid command ‘indexOptions’, probably misspelled or defined by a module not included in the server configuration”

These errors are so self-explanatory, it’s not funny. When you see an error after restarting apache you have two options 1) re-enable the module 2) go to the line that apache reports the error – in the above case, /etc/httpd/conf Line 565 of /httpd.conf – and comment out the line. Repeat until Apache starts without any errors and then proceed with disabling the next module.

– For PHP-FPM with Apache 2.4 please visit:

– Apache performance (similar to Nginx) is not complete by one or two changes. It’s comprehensive and although there are many areas that could be expanded on above, to keep things simple, I’ve limited this article to disassembling Apache’s modules. In the future, I may be willing to post more Apache performance tips. Let me know below if this is something I’d be interested in writing about.

– Once you’ve performed various areas of Apache tuning (including stripping modules), if you still need a performance boost or load reduction and don’t want to get rid of Apache for whatever reason. Then consider installing Nginx only for static files (css, js, images, etc). However, Apache 2.4 MPM Events are much faster and more efficient serving static files than Apache 2.2 MPM Prefork or MPM Worker.

Published: August 15, 2017 | Last Updated: November 3, 2021.

Leave a Comment