Update the Apache Configuration File
Required User Role: Root user
Tenable Security Center Director 6.3.x updated the Apache web server configuration to resolve a memory leak issue. When your Tenable Security Center Director instance meets the following criteria, you must update some values in the Apache configuration file located at /opt/sc/support/conf/mpm.conf:
-
You are upgrading to Tenable Security Center Director version 6.4.x from version 6.2.1 or earlier.
-or-
-
Your Tenable Security Center Director instance manages more than 10,000 active IPs.
The default settings in the Apache configuration file are sufficient if you are upgrading from Tenable Security Center Director version 6.3.x or later, and your instance manages fewer than 10,000 active IPs.
Before you begin:
-
Stop Tenable Security Center Director, as described in Start, Stop, or Restart Tenable Security Center Director.
-
Install Tenable Security Center Director or Upgrade Tenable Security Center Director
To update the Apache configuration file:
-
Navigate to the Apache configuration file, located at /opt/sc/support/conf/mpm.conf
-
Update the values in the configuration file. Tenable recommends the following settings based on the size of your deployment:
# Hosts Managed by Tenable Security Center Director Recommended Settings
10,000 to 25,000 active IPs
StartServers 10
MinSpareServers 10
MaxSpareServers 20
MaxRequestWorkers 64
25,001 to 100,000 active IPs
StartServers 20
MinSpareServers 20
MaxSpareServers 40
MaxRequestWorkers 128
100,001 or more active IPs
StartServers 40
MinSpareServers 40
MaxSpareServers 80
MaxRequestWorkers 256
-
Restart Tenable Security Center Director, as described in Start, Stop, or Restart Tenable Security Center Director.
What to do next:
-
After the Tenable Security Center Director build has run for a period of time, check the log located at /opt/sc/support/logs/error_log for any errors related to the MaxRequestWorkers setting. For more information, see Generate a Diagnostics File.