Update the Apache Configuration File

Required User Role: Root user

Tenable Security Center Director 6.3.x updated the Apache web server configuration to resolve a memory leak issue. When your Tenable Security Center Director instance meets the following criteria, you must update some values in the Apache configuration file located at /opt/sc/support/conf/mpm.conf:

  • You are upgrading to Tenable Security Center Director version 6.4.x from version 6.2.1 or earlier.

    -or-

  • Your Tenable Security Center Director instance manages more than 10,000 active IPs.

The default settings in the Apache configuration file are sufficient if you are upgrading from Tenable Security Center Director version 6.3.x or later, and your instance manages fewer than 10,000 active IPs.

Before you begin:

To update the Apache configuration file:

  1. Navigate to the Apache configuration file, located at /opt/sc/support/conf/mpm.conf

  2. Update the values in the configuration file. Tenable recommends the following settings based on the size of your deployment:

    # Hosts Managed by Tenable Security Center Director

    Recommended Settings

    10,000 to 25,000 active IPs

    StartServers 10

    MinSpareServers 10

    MaxSpareServers 20

    MaxRequestWorkers 64

    25,001 to 100,000 active IPs

    StartServers 20

    MinSpareServers 20

    MaxSpareServers 40

    MaxRequestWorkers 128

    100,001 or more active IPs

    StartServers 40

    MinSpareServers 40

    MaxSpareServers 80

    MaxRequestWorkers 256

  3. Restart Tenable Security Center Director, as described in Start, Stop, or Restart Tenable Security Center Director.

What to do next:

  • After the Tenable Security Center Director build has run for a period of time, check the log located at /opt/sc/support/logs/error_log for any errors related to the MaxRequestWorkers setting. For more information, see Generate a Diagnostics File.