BestHub
Sign in
Operations 9 min read

Boost High‑Traffic Site Performance: Nginx & PHP‑FPM Tuning Tips

This guide shares practical, experience‑backed techniques for optimizing Nginx and PHP‑FPM on high‑traffic Linux servers, covering UNIX sockets, worker processes, upstream load balancing, logging, compression, caching, timeouts, buffer sizes, kernel tweaks, and monitoring.

MaGe Linux Operations
MaGe Linux Operations
MaGe Linux Operations
Boost High‑Traffic Site Performance: Nginx & PHP‑FPM Tuning Tips

Using seven years of experience with Nginx and PHP, we share practical tips for optimizing Nginx and PHP‑FPM on high‑traffic sites.

1. Switch TCP to UNIX domain sockets

UNIX domain sockets provide better performance than TCP loopback because they avoid data copies and context switches, but they only work for processes on the same server.

upstream backend {
    # UNIX domain sockets
    server unix:/var/run/fastcgi.sock;

    # TCP sockets
    # server 127.0.0.1:8080;
}

2. Adjust worker process count

Modern hardware is multi‑processor; Nginx can use all available CPUs. Determine CPU count with:

cat /proc/cpuinfo | grep processor   # Linux
sysctl dev.cpu | grep location       # FreeBSD

Set worker_processes to the number of cores and increase worker_connections, enable multi_accept, and use epoll on Linux.

# We have 16 cores
worker_processes 16;

events {
    worker_connections 4096;
    multi_accept on;
}

3. Configure upstream load balancing

Splitting backend pools across multiple upstreams on the same machine can increase throughput. Example for 1000 PHP‑FPM children split into two pools of 500 each:

upstream backend {
    server unix:/var/run/php5-fpm.sock1 weight=100 max_fails=5 fail_timeout=5;
    server unix:/var/run/php5-fpm.sock2 weight=100 max_fails=5 fail_timeout=5;
}

Corresponding php-fpm.conf pool sections are shown.

<section name="pool">
    <value name="name">www1</value>
    <value name="listen_address">/var/run/php5-fpm.sock1</value>
    ...
</section>
<section name="pool">
    <value name="name">www2</value>
    <value name="listen_address">/var/run/php5-fpm.sock2</value>
    ...
</section>

4. Disable access logs

Turning off access logs reduces I/O synchronization overhead. If logs must stay on, buffer them:

access_log off;
log_not_found off;
error_log /var/log/nginx-error.log warn;
access_log /var/log/nginx/access.log main buffer=16k;

5. Enable Gzip compression

gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;

6. Cache frequently accessed file metadata

open_file_cache max=200000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;

7. Tune client timeouts

client_max_body_size 500M;
client_body_buffer_size 1m;
client_body_timeout 15;
client_header_timeout 15;
keepalive_timeout 2 2;
send_timeout 15;
sendfile on;
tcp_nopush on;
tcp_nodelay on;

8. Adjust FastCGI buffer sizes

fastcgi_buffers 256 16k;
fastcgi_buffer_size 128k;
fastcgi_connect_timeout 3s;
fastcgi_send_timeout 120s;
fastcgi_read_timeout 120s;
reset_timedout_connection on;
server_names_hash_bucket_size 100;

9. System kernel tuning (/etc/sysctl.conf)

# Recycle Zombie connections
net.inet.tcp.fast_finwait2_recycle=1
net.inet.tcp.maxtcptw=200000
# Increase number of files
kern.maxfiles=65535
kern.maxfilesperproc=16384
# Increase page share factor per process
vm.pmap.pv_entry_max=54272521
vm.pmap.shpgperproc=20000
# Increase number of connections
vfs.vmiodirenable=1
kern.ipc.somaxconn=3240000
net.inet.tcp.rfc1323=1
net.inet.tcp.delayed_ack=0
net.inet.tcp.restrict_rst=1
kern.ipc.maxsockbuf=2097152
kern.ipc.shmmax=268435456
# Host cache
net.inet.tcp.hostcache.hashsize=4096
net.inet.tcp.hostcache.cachelimit=131072
net.inet.tcp.hostcache.bucketlimit=120
# Increase number of ports
net.inet.ip.portrange.first=2000
net.inet.ip.portrange.last=100000
net.inet.ip.portrange.hifirst=2000
net.inet.ip.portrange.hilast=100000
kern.ipc.semvmx=131068
# Disable Ping‑flood attacks
net.inet.tcp.msl=2000
net.inet.icmp.bmcastecho=1
net.inet.icmp.icmplim=1
net.inet.tcp.blackhole=2
net.inet.udp.blackhole=1

10. Monitoring

Continuously monitor open connections, idle memory, and waiting threads. Set alerts for threshold breaches, using custom scripts or tools like ServerDensity. Ensure the Nginx stub_status module is compiled:

./configure --with-http_ssl_module --with-http_stub_status_module --without-mail_pop3_module --without-mail_imap_module --without-mail_smtp_module
make install BATCH=yes
Original Source

Signed-in readers can open the original source through BestHub's protected redirect.

Sign in to view source
Republication Notice

This article has been distilled and summarized from source material, then republished for learning and reference. If you believe it infringes your rights, please contactadmin@besthub.devand we will review it promptly.

performanceOperationsNGINXphp-fpm
MaGe Linux Operations
Written by

MaGe Linux Operations

Founded in 2009, MaGe Education is a top Chinese high‑end IT training brand. Its graduates earn 12K+ RMB salaries, and the school has trained tens of thousands of students. It offers high‑pay courses in Linux cloud operations, Python full‑stack, automation, data analysis, AI, and Go high‑concurrency architecture. Thanks to quality courses and a solid reputation, it has talent partnerships with numerous internet firms.

0 followers
Reader feedback

How this landed with the community

Sign in to like

Rate this article

Was this worth your time?

Sign in to rate
Discussion

0 Comments

Thoughtful readers leave field notes, pushback, and hard-won operational detail here.

Sign in to comment