Recently, we announced the release of a new version of Jelastic's Platform-as-Infrastructure. This version delivers key features for enterprises and hosting service providers, focusing on application scalability, security and performance. Today we’d like to pay more attention to the main PHP improvements that were implemented in the 1.9.3 release of Jelastic. These are:
- Automatic change of workers according to the stated resource limits
- Adding Zend OPcache extension
- Enabling mod_security module for Apache
And now, let’s examine each point in depth.
Change the Number of Workers Automatically
The latest Apache versions implement hybrid multi-threaded and multi-process models to serve requests. The number of processes and threads per process are governed by Apache configurations. Each request processing thread is called a worker. Apache automatically self-regulates the number of workers for processing PHP requests, depending on the cloudlet amount stated for the server.
To check the process of Apache workers automatic change, navigate to the Conf option of your server and perform the following steps:
1. Open conf > httpd.conf file and remember the MaxClients value (in our case we have MaxClients 51).
2. After that, Change environment topology by increasing or decreasing the cloudlet limit for your server. As an example, we increased the number of cloudlets for Apache.
3. Return to the conf > httpd.conf file. As you can see, the number of MaxClients has increased (MaxClients 102). If you set less cloudlets the MaxClients will be decreased.
Zend OPcache improves PHP performance by storing a pre-compiled script bytecode in shared memory. As a result, this removes the need for PHP to load and parse scripts on each request.
Zend OPcache is enabled in Jelastic PHP app servers by default. Apache and Nginx (php: 5.3, 5.4, 5.5) include OPcache extension enabled via etc > php.ini:
The default size and other OPcache settings can be configured via the php.ini file by changing the following parameters:
enable/disable OPcache extension
set the amount of memory to use (in megabytes)
set the amount of memory to be used for storing internal strings (e.g. classnames)
the maximum number of files to be cached
the frequency of checking file timestamps for changes to the shared memory storage allocation
enable/disable a fast shutdown sequence for accelerated code
enable/disable the OPcache for the CLI version of PHP
Using opcode caching and optimization OPcache extension, speeds up PHP execution. This results in a performance improvement of up to 40%.
Configuring mod_security Module
mod_security is a super handy Apache module, which provides such abilities as simple filtering, URL and Unicode encoding validation, auditing, null byte attack prevention, upload memory limits, server identity masking, built in chroot support and many more.
This module is available in Jelastic by default and can be configured via conf.d > mod_security.conf file.
Here you can edit the default configurations or add your own custom ones.
For example, you can add some extra ModSecurity Rules by uploading them to the modsecurity.d folder (e.g. modsecurity_crs_11_brute_force.conf).
The rules uploaded to modsecurity.d or to activated_rules folders will be automatically activated without any extra settings.
This is set with the following default parameters in the conf.d > mod_security.conf file:
In such a way, you can set up additional security configurations for your PHP application hosted with an Apache application server.
Step-by-step Jelastic enhances its functionality in all directions and this release was not an exception. The implemented PHP improvements increases the level of security and scalability of the hosted PHP applications. In our plans there are much more PHP features that will be implemented in the further releases. Did you experience any technical problems while hosting your PHP application? Let us know in the comments below and we’ll try to address any issues by improving Jelastic's platform.