Optimise cPanel PHP-FPM performance

Activating a PHP-FPM pool for your cPanel domain will give a hefty performance boost over the default suPHP or CGI handler. But did you know that you can further improve the PHP-FPM performance by tweaking the pool settings? This is not for the faint-hearted however, and requires some sysadmin understanding with SSH access and editing of cPanel YAML files. Here's what we do:

First, locate and open your site's PHP-FPM YAML file in the SSH console. The file location and name structure is as follows:

nano /var/cpanel/userdata/username/domain.tld.php-fpm.yaml

This is, of course, where 'username' is your cPanel username and 'domain.tld' is your domain name like example.org or google.com.

Once you have your YAML file open, you'll be presented with a basic configuration as per the main cPanel/WHM PHP-FPM interface. Here's where we can improve it. The below example is taken from a busy Wordpress/Magento site, but you can tweak it to your own requirements. Remove all existing YAML file contents and replace with:

_is_present: 1
pm: static
pm_start_servers: 20
pm_max_children: 20
pm_max_requests: 100
php_admin_value_disable_functions : passthru,system
php_flag[display_errors]: off
php_flag[display_startup_errors]: off

And finally, to apply the settings we need to rebuild the master PHP-FPM pool config files and restart the PHP-FPM processes:

/scripts/php_fpm_config --rebuild

Of course, you should customise this as required:

  1. Using static PHP children, your server's RAM/memory usage will be consistently higher than prior so you may need to lower the pm_start_servers and pm_max_children values.
  2. You might also want to increase pm_max_requests, if for example your site serves high volumes of small requests. Or, perhaps decrease it if you serve large memory-hungry requests.
  3. It is recommended to leave passthru and system disabled for security, and you might also want to disable further functions like ini_set too.
  4. The display errors flags are disabled also for security and PCI compliance, however for debugging/development sites you may wish to set those.

Hope this helps!

  • 2 Users Found This Useful
Was this answer helpful?

Related Articles

Apache configuration for receiving reverse-proxied SSL traffic

Many customers use SSL-terminating reverse proxies and load balancers in front of their Apache...

Apache 2.4 .htpasswd protection and whitelisting multiple IP addresses

A customer asked us to secure their development environment using .htaccess and .htpassword...

cPanel: Resolve 'Forbidden' errors after removing mod_ruid2

So you have rebuilt Apache on your cPanel server to use suPHP instead of mod_ruid2... but you are...

Redirect http to https

Once you've got your SSL certificate installed, you'll want to switch your site traffic from http...

Nginx-like "microcaching" using Apache mod_cache

Nginx is well known for its high performance 'microcache' feature, which is often used to make...