Optimizing cPanel/WHM With the upcoming "VPS Optimized" version of cPanel/WHM making it's way out (it's recently moved from the EDGE to CURRENT tree), Doug has asked me to post some of the ways I tweak a cPanel/WHM VPS to reduce the background memory and CPU usage and leave more resources for actual hosting. I'm also going to post some how-tos on securing VPSs over the next few days and weeks. I should also mention that this is by no means my own work - I have learned much from other forums, and by experimenting on a test VPS I have specifically to "break things". So, here goes - Whenever I get a new cPanel/WHM VPS (or server) here's the first things I adjust or tweak to cut down on resource usage: 1) Mailman - Mailman is a memory glutton. It runs constantly as a process, gobbling memory for no good reason. If you don't need it, pop into WHM >> Server Configuration >> Tweak Settings and turn it off by unchecking the box. If you need a good mailing list, then PHPList (http://www.phplist.com) works fine, uses resources only when it needs it, and also comes with Fantastico if you have it. 2) While in Tweak Settings, there's some other adjustments you can make: a) Mail >> Number of minutes between mail server queue runs (default is 60). Each time the mail queue runs it increases load - The default of 60 can safely be reduced to 120 or even 180 on a busy server. Whilst there I also disable Boxtrapper Spam Trap and SpamAssassin Spam Box delivery, on the basis that whilst the server will filter out most of the spam coming in, it's then up to the users to employ filters in their email clients etc in order to filter out the rest of the rubbish - Using Boxtrapper and SpamBox simply puts more load on the server. (These 2 options also need to be disabled in the feature lists you use so that they don't show up as available in clients' cPanels). b) Also under the Mail section, I set the "Default catch-all/default address behavior for new accounts" to fail - there's no need to collect unwanted or unroutable mail in catch-all folders. If you're doing this to a server with accounts already on it, changing this setting will not change those existing accounts, which are probably set to the default of BLACKHOLE. You can enforce the change onto all existing accounts by logging in via SSH and running the command: perl -pi -e "s:blackhole:/:fail:/g;" /etc/valiases/* c) Further down in the Tweak Settings section are the settings for Stats programs. Turn off Reverse DNS Lookup for AWStats, disable Analog Stats (pretty useless really) and just run with AWStats (if you need it) and Webalizer. All stats programs run processes to collate the stats so if you can get away with using just Webalizer all the better. d) Further down under tweak Settings, in the System section, is an option "Conserve Memory at the expense of using more cpu/diskio." If you're running a server that is always maxing out on memory usage this may be an option to try, but you should bear in mind that it does slightly reduce speed of processing, and you should check with Solar VPS Support that, as a result, you're not using more than your share of CPU resources. Also under the System section, ensure that you have checked the "Do not start deprecated Melange 1.10 chat server." option. 3) Spamassassin: Spamassassin is also a memory hungry beast in its default setup, but you can reduce this very easily. In WHM scroll right down the left- hand menus until you get to the cPanel section and click on Manage Plugins. There are two plugins in there that you should enable - spamdconf and cronconfig (more on this one in a minute). Once you have checked those two options, scroll down to the bottom and click Save. Your server will then contact the cPanel servers and install those 2 plugins for you in a minute or so. Once done, refresh the left hand frame in your browser (the one containing the WHM menus) and you'll see a new section right at the bottom (You will already have this section if you run Fantastico, but these new 2 options will be added to it). Select "Setup Spamd Startup Configuration" and you will presented with 4 option boxes, the second of which is the one we want. Setting "Maximum Children" to 2 (no, this isn't birth control LOL) will restrict the number of processes Spamassassin fires up on startup, each of which eats memory. Once you save this the server will restart Ensim to build in the new setting - this can take up to a minute to restart, so just be patient. 4) Cron times: Cron jobs use memory and CPU resources, so it's best to check that they run in off-peak hours (usually overnight). The other option we just added in the Manage Plugins section has added a menu option "Configure cPanel Cron Times" in the Plugins section at the bottom of the WHM menu. Within that section are 2 settings for the times that your cPanel Update runs (if you run it automatically) and the time your backup runs. You can change and "commit" each of these times to something more sensible. Also, if you run Fantastico, there's another option in the Fantastico settings for the time the daily Fantastico update cron job. This is all very much a matter of preference, and depends a lot on when your server is least busy but, for example, one of my standard settings for these would be: cpbackup = 01:00AM cpupdate = 03:00AM Fantastico = 04:00AM This allows each cron job enough time to run before another one starts so that you don't get 2 resource-hungry routines overlapping. The actual times you use depend on when your own server is least busy. You should also check right up at the top of the WHM menu under Server Time that the server is actually running in the Time Zone you expect - You cannot change this on a VPS but you should ensure that the server time is actually reasonably correct and not set to a timezone that would actually cause your cron jobs to run in peak hours - this actually happened to me once when I discovered that a USA server was actually set to GMT and all my crons were running seven hours earlier than I thought, slap bang in the middle of one of the busiest periods ;) 5) FTP: In WHM >> Service Configuration, there is an option to change 2 settings for FTP. By default the first will be set to use pure-ftpd (this is good) and the second is to allow anonymous FTP (this is very bad). Unless you really want half the world (the bad half) discovering that you run an open FTP server, turn anonymous OFF. Each FTP session uses resources, so you should also be careful about how many FTP logons you allow each account in your Feature Lists. Up to 3 is fine - anything over 10 is getting silly and simply invites your users to use your server for file sharing.
Pages to are hidden for
"Optimizing cPanel-WHM"Please download to view full document