Update the Apache Configuration File
Required User Role: Root user
Tenable Security Center 6.3.x updated the Apache web server configuration to resolve a memory leak issue. When your Tenable Security Center instance meets the following criteria, you must update some values in the Apache configuration file located at /opt/sc/support/conf/mpm.conf:
-
You are upgrading to Tenable Security Center version 6.5.x from version 6.2.1 or earlier.
-or-
-
Your Tenable Security Center instance manages more than 10,000 active IPs.
The default settings in the Apache configuration file are sufficient if you are upgrading from Tenable Security Center version 6.3.x or later, and your instance manages fewer than 10,000 active IPs.
Before you begin:
-
Stop Tenable Security Center, as described in Start, Stop, or Restart Tenable Security Center.
-
Install Tenable Security Center or Upgrade Tenable Security Center
To update the Apache configuration file:
-
Navigate to the Apache configuration file, located at /opt/sc/support/conf/mpm.conf
-
Update the values in the configuration file. Tenable recommends the following settings based on the size of your deployment:
# Hosts Managed by Tenable Security Center Recommended Settings
10,000 to 25,000 active IPs
StartServers 10
MinSpareServers 10
MaxSpareServers 20
MaxRequestWorkers 64
25,001 to 100,000 active IPs
StartServers 20
MinSpareServers 20
MaxSpareServers 40
MaxRequestWorkers 128
100,001 or more active IPs
StartServers 40
MinSpareServers 40
MaxSpareServers 80
MaxRequestWorkers 256
-
Restart Tenable Security Center, as described in Start, Stop, or Restart Tenable Security Center.
What to do next:
-
After the Tenable Security Center build has run for a period of time, check the log located at /opt/sc/support/logs/error_log for any errors related to the MaxRequestWorkers setting. For more information, see Generate a Diagnostics File.