There are a lot of config changes which need the apache process to be restarted. When i enable/disable ssl for a customer or many other things like that.
Ok. But is there no other way? What if a customer gotz a critical website with a shop, and sometimes because someone changes his config and applies it, the webshop is not available for a few seconds, over and over again. Sessions break down and so on… Not sexy.
I got mod_security enabled on one of my virtualmin servers. That means, the restart of the apache process takes about >= 8 seconds.
Is that just something we have to life with or am i wrong with my fear?
What else would be the solution? Clustered websites? Changing config when nobody is hitting the pages? …
The only real solution is to not allow those (quite few) options that can trigger a hard restart. Nearly everything in Virtualmin uses a graceful restart, which allows existing connections to finish before stopping. This isn’t entirely infallible (there’s a bit of time there, and I guess in your case quite a bit, since you have something else that slows it down dramatically). So, you could force them to go through you for enabling SSL and additional IP addresses (which are the primary source of restarts), and then you could do them during a normal maintenance window.
This is one of the negatives of a shared hosting system. There isn’t really a great solution…though for most folks the downtime on a hard restart is rather short. I wasn’t aware mod_security added so much time to the startup…perhaps a smaller/simpler policy would make it load faster? I’m just guessing, as I’ve never used it. But, it seems like a possibility.
Yep, i got way too much rules enabled…
Thats what makes the hard restart of the httpd process slow.
I better strip that rules down to the really essential ones.
Also, I no longer remember what the default is, but I’d recommend checking in System Settings -> Module Config -> Actions upon server and user creation, and make sure “Check Apache configuration before applying”.
That does a test on the Apache config to make sure there aren’t any syntax errors, which could cause further trouble