More Tips to Reduce Server Load - Apache

This is an introductory tutorial that teaches you useful and easy practices you can use to reduce website server load. It is applicable to websites hosted on Apache web servers, preferably using Cpanel. It also assumes that you are using PHP as your server side scripting language.

TABLE OF CONTENTS:

By: Codex-M

Poor Best

Rating:

/ 3

March 30, 2011

print this article

SEARCH DEV SHED

TOOLS YOU CAN USE

Reducing Server Load Tip #3: Put Limitation on Your PHP Script's Runtime Execution

Suppose you have a web application that generates random numbers between X and Y, with a quantity specified by the user. If you do not put a limitation on the PHP scripts that execute this application, it is prone to abuse, which can consume a lot of server load.

Why? In a realistic scenario, normal users may want to generate 50 random numbers between 1 and 100. This is not a CPU intensive activity. But what if a malicious user were to enter numbers between 0.01 to 1000000000000000 and want to generate 10000000000 random numbers. This consumes a lot of server resources. Things will only get worse if a bot does this intentionally.

Things you will need to do:

1.) Examine your web applications and ensure that you impose limitations to them.
2.) Protect your web applications with captcha.
3.) Look for bugs in your scripts that can cause infinite looping, etc.

Reducing Server Load Tip #4: Prevent Unauthorized Websites from “HotLinking” To Your Site

You may not be aware of this, but if you have a popular website (or even not so popular), malicious users can abuse your site by doing extensive “hotlinking”. Suppose you have files, images, and so forth on your server for downloading. These files, depending on the application, can be massive in size.

Now if you allow other websites to link to that file, any bots and users coming from other websites can end up downloading your massive files, which in turn can increase the server load.

Things you need to implement:

1.) Use .htaccess located in the root directory of your website to allow only authorized websites to remotely access your files. Other websites will be blocked. The .htaccess example syntax is shown below:

RewriteEngine on
# Options +FollowSymlinks
RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !^http://(www\.)?yourdomain.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(subdomain\.)?yourdomain.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?allowthisdomain1.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(www\.)?allowthisdomain2.com/.*$ [NC]
RewriteCond %{HTTP_REFERER} !^http://(subdomain\.)?example.com/.*$ [NC]
RewriteRule \.(gif|jpg|jpeg|png|bmp|js|css|mpg|mp3|zip|ppt|pps|xls|inc|gz|pdf|doc|wav)$ - [F]

Simply replace “yourdomain.com” with your own domain name (the website that you would like to reduce the server load). If you have a subdomain within your main domain, add it as well. Otherwise, delete it from the syntax above.

If you allow other domains, then specify them under “allowthisdomain1.com”. Otherwise if you want to block ALL external domains from accessing your content, just delete those affected lines above. You can also specify the file types that you want to prevent from being hotlinked to by other sites.

Reducing Server Load Tip #5: Use AJAX along with PHP

AJAX is a wonderful technology that allows the user to interact with your web applications (such as web forms) without reloading the page. AJAX only updates necessary portions in the HTML, which does not require the page to be reloaded. This significantly reduces server load.

This page provides a good introduction on using AJAX with PHP: http://www.w3schools.com/php/php_ajax_php.asp

Reducing Server Load Tip #6: Enable Website Caching

Depending on your webhost, you need to make sure mod_headers are enabled for your Apache web server. Then add the following lines to htaccess:

<IfModule mod_headers.c>
<FilesMatch "\.(ico|pdf|flv)$">
Header set Cache-Control "max-age=29030400, public"
</FilesMatch>
<FilesMatch "\.(jpg|jpeg|png|gif|swf)$">
Header set Cache-Control "max-age=604800, public"
</FilesMatch>
<FilesMatch "\.(xml|txt|css|js)$">
Header set Cache-Control "max-age=172800, proxy-revalidate"
</FilesMatch>
<FilesMatch "\.(html|htm|php)$">
Header set Cache-Control "max-age=60, private, proxy-revalidate"
</FilesMatch></IfModule>

Source: http://www.askapache.com/htaccess/speed-up-sites-with-htaccess-caching.html

Why does caching reduce server load? After the visitor visits the page, your website content (images, etc) will reside in the browser cache. If this content (such as images) are said to last up to 2 weeks (as defined in your cache headers above), then the visitors browser will not request to your server the same type of content since it is already cached. By reducing the server request, you are also reducing the server load.

Reducing Server Load Tip #7: Use robots.txt or .htaccess to Block Bots

Robots.txt (http://support.microsoft.com/kb/217103 ) and “Deny from all” directives (http://www.kavoir.com/2009/01/htaccess-deny-from-all-restrict-directory-access.html) in .htaccess helps in preventing unauthorized users such as bots from visiting sections of your website that are meant to store large amounts of data such as documents, etc.

If these are crawled, it consumes large amounts of bandwidth and server load. It is because it is being downloaded unintentionally. Using a combination of robots.txt and .htaccess will be help prevent this.