In this article, I'll talk about using mod_status and
mod_info to tell you how your server is performing right now.
In this article, I'll talk about using
to tell you how your server is performing right now.
mod_status, you can tell who is looking at what on your
server right now. You can tell how many people are on the web
site right now. And you can see other things that may not be of
particular interest to your customer, but is useful to you as the
I don't know how your customers are, but my customers like information.
How much information? More information. Up-to-the-minute information.
Detailed information. Daily reports are not good enough, because by the
end of the day, it's already too late. They want to know what's going
on right now.
In fact, I have one customer who ... well, I suppose I shouldn't say
anything more. After all, he might actually read my column.
Anyways, the point is, customers love this sort of thing. By giving
them this sort of detailed information, at the cost of a few
configuration changes, you are the hero and it looks like you did
a lot of work for it. Don't worry. I won't tell.
There are two modules that I'll talk about in this column. They give
you two rather different types of information, but they are both
mod_info tells you about your server: how it was built, and how
mod_status tells you exactly what your server is thinking about
mod_status is the more exciting of the two modules. You can watch
what folks are looking at on your site, how many child processes are
running, and what those processes are doing.
If you did a default build of Apache, you will have
installed, and all that you will have to do is add the following lines
to your configuration file. (Actually, you will probably find them
already there, commented out.)
# Server status
Deny from all
Allow from .your_domain.com
SetHandler directive tells Apache that when it receives a
request that matches the specified context (in this case, a
/server-status, that instead of looking in
that directory for a file, it should rather pass control over
to the specified handler, which is usually provided by a module
or by a CGI (or similar) process.
mod_status module defines a handler (
one directive (
With the configuration above, accessing the resource
will present you with a summary of server activity as of right now.
You'll get a representation of how many servers you have running
(child processes) and how this relates to your maximum number of
servers, which you set with
This will look something like:
represents a child process that is sending a reply. The
represents a child that is idle, waiting for an incoming
represents a potential child that does not
exist yet. One slot is displayed for each potential server you have
permitted, as per
In the example above, only one child was active, while 9 others
were waiting in the wings for incoming traffic.
It will additionally tell you how long the server has been up
since the last restart, the date and time of that last restart,
and there will be a key explaining each of the symbols appearing
in the diagram.
If you want more information than this, you need to use
ExtendedStatus. By default set to
gives additional information about what your server is up to.
In addition the information above, you'll also get a table
listing each child and what it is doing. It will list
the child processes that are currently active, and tell you what
resource each of them is serving, to whom, and from what virtual
host the resources are coming. (Where ''to whom'' means, usually,
what IP address.)
For each child, you'll get the PID, how many times that particular
child has been accessed, and how much CPU time it is using.
For the server, you'll get a count of total ''hits'' since server
restart, CPU usage, and a ''hits per minute'' statistic, as well as
a total quantity of data that has been pushed out to clients.
For the purposes of amusing the customer, you really should turn
ExtendedStatus as, without it, it's a little cryptic.
Which brings me to the rest of the above configuration.
Although it might amuse the customer to know who is accessing what
resource, you probably don't want this information available
to the whole Internet. And, with some customers, you might not
even want them knowing this sort of thing. There are questions of
user confidentiality to be addressed, but I'll leave that to your
own conscience for the moment.
You should restrict access to this service to hosts you know about,
and which you think should have access to the information for actual
valid reasons. There are voyeurs that get great entertainment from
server-status displays to see who's looking at what.
And this means that they are reloading every 10 seconds to see the
latest stats. This imposes an unnecessary load on your server, and
does not benefit your or your customer in any way. Hence, we have
Allow rules set up in the example above,
which ensure that nobody is looking at this who should not be.
mpd-info is classified as an Extension module, which means that it
is not built into your copy of Apache unless you intentionally
added it in. That is, it is not built in by default.
mod_info is less interesting to the customer, but is very useful
to the system administrator. Especially if, like me, you have a large
number of servers that you are responsible for, and you can't for the
life of you remember what you've built into each.
Use the following set of directives:
Deny from all
Allow from .your-domain.com
page might be a good page to load, print, and
keep on file. (In fact, having written that, I think I'll do that when
I get back to the office on Monday!) What you get with this handler
is a listing of all the things that you have built into your server,
how you have things configured, and various other specifics
about your server.
At the top of the page, when you access http://your.server/server-info/
you'll see a list of each of the modules that is built into your server,
or is loaded as a DSO. Each of these is linked to a section lower
down in the document where you will have listed all of the active
configuration directives that are defined by that module, wherever
in the configuration file they might be placed.
This is great for figuring out quickly how a particular server
is set up, and for trouble-shooting any problems that you might be
having which are caused by misconfiguration.
There's no very effective way for me to show you a running example
of these modules running on my servers, as I have them configured
to only show these pages to certain addresses. But the change
can be made very quickly on your server (unless you don't have the
modules installed!) and you can try it for yourself.
Please let me know if you have any particular subjects that you'd
like for me to cover in the future. You can contact me via the
Talkbacks, or email me at email@example.com