Can you determine which Apache modules have been used and can be removed?

apache-2.2 httpd low-memory
5,931

Solution 1

The way I did is building a test server, read the documentation, and start from a blank page.

The following modules are compulsory:

  • core
  • mod_authz_host
  • mod_auth_basic
  • mod_authn_file
  • mod_dir
  • mod_log_config
  • mod_mime

Then I commented out all the remaining modules and restart Apache. It will sound out if something breaks, for e.g:

Starting httpd: Syntax error on line 10 of /etc/httpd/conf.d/squid.conf:
Invalid command 'order', perhaps misspelled or defined by a module not included in the server configuration

Do the same with the other modules. By using this method, here are some modules often not needed:

  • mod_authn_alias
  • mod_authn_anon
  • mod_authn_dbm
  • mod_authn_default
  • mod_authz_user
  • mod_authz_owner
  • mod_authz_groupfile
  • mod_authz_dbm
  • mod_authz_default
  • mod_include
  • mod_logio
  • mod_ext_filter
  • mod_usertrack
  • mod_dav
  • mod_info
  • mod_dav_fs
  • mod_speling
  • mod_suexec
  • mod_cgi

If you are not using LDAP for authentication, this can be disabled:

  • mod_ldap
  • mod_authnz_ldap

The below modules should be considered when enabling:

  • mod_proxy
  • mod_proxy_balancer
  • mod_proxy_ftp
  • mod_proxy_http
  • mod_proxy_connect
  • mod_cache
  • mod_disk_cache
  • mod_file_cache
  • mod_mem_cache

Solution 2

An earlier post suggest disabling the modules until something breaks. While that is definitely foolhardy in on a production system, the person is the on right path, as you will need to do regression testing anyway.

So in this case:

  1. Build a test server identical to the one you have running, right down to the sites configuration
  2. Disable a module.
  3. Perform regression testing on the sites.
  4. Repeat step 2 and 3 until something breaks or you are done with all the modules.
  5. Re-enable the module.
  6. Repeat steps 2 and 3.
  7. With the newly updated apache, perform a configuration flash-cut on the configuration and restart the apache service.
  8. If it fails, revert the configuration bath, pull the logs, analyze and start from step 2 (or step 1 if necessary).

That is probably the easiest way to streamline the Apache configuration. Otherwise, you will have to look each module, determine its functionality and search through the sites to see which one uses that functionality. That would take much longer.

Alternatively, this may give you a good opportunity to switch to something more lightweight:

Share:
5,931

Related videos on Youtube

Matt Simmons
Author by

Matt Simmons

12+ years administering small/medium networks 18+ years of Linux experience I've been a blogger for a few years now, and have made a lot of friends and learned an amazing amount. I think that as a sysadmin, you need to learn from every opportunity, and this site is an excellent resource for that.@standaloneSAlinkedin

Updated on September 18, 2022

Comments

  • Matt Simmons
    Matt Simmons almost 2 years

    I, like many people, have a relatively out-of-the-box Apache installation with a lot of default "LoadModule" lines.

    Since the beginning, I've installed a lot of software, and to be honest, I don't know what software is is using which modules.

    I would like to reduce the memory footprint of my Apache instances, and to do that, I'd like to remove modules from being used. The only way that I know of to determine if a module is in use is to remove it from the configuration and see if anything breaks. This is bad in more ways than I have time to describe.

    I would like to know if anyone is aware of a way to get Apache to report which modules have been used, or if there's another way to programmatically determine whether a module is safe to un-configure.

  • John Gardeniers
    John Gardeniers over 12 years
    How does that answer the question that was asked?
  • Greg Petersen
    Greg Petersen over 12 years
    What do you mean?
  • mahnsc
    mahnsc over 12 years
    Although I love your answer, the OP is looking for some tool, command line argument, or handler that will tell you which modules are safe to remove, presumably when run against or while inspecting a live server's configuration files.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How can I install httpd 2.2 in /etc/ directory in CentoOS 7
Best Apache & MySQL config for 16GB and 8 Cores
How to add /home/user/public_html as virtual host in apache - centos
Running CGI With Perl under Apache Permission Problem
AH00027: No authentication done error after upgrading from Apache 2.2 to 2.4
High RAM usage by Apache without any visitors
'txn-current-lock': Permission denied [500, #13] - Subversion + Apache Configuration Issue
What is bottleneck of my Apache server?
SELinux policy enabled; httpd running as context unconfined_u:system_r:httpd_t:s0
how to set any browser to no keep alive in apache httpd.conf