When Nginx and Apache run on the same server, using Unix domain sockets instead of TCP connections can significantly reduce overhead. This eliminates TCP/IP stack processing, connection state maintenance, and port allocation - three major performance bottlenecks in local inter-process communication.
First, modify your Apache virtual host to listen on a Unix socket instead of a TCP port. Edit your Apache configuration file (typically in /etc/apache2/sites-available/):
<VirtualHost *:82>
# Change this to use Unix socket
Listen /var/run/apache2/apache.sock
ServerName site.net
DocumentRoot /var/www/html
<Directory /var/www/html>
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
</VirtualHost>Then update Apache's main configuration to enable the Unix socket module (if not already enabled):
LoadModule unixd_module modules/mod_unixd.soNow modify your Nginx configuration to use the Unix socket instead of localhost:82:
server {
server_name site.net;
location / {
proxy_pass http://unix:/var/run/apache2/apache.sock:;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# Important for Unix socket performance
proxy_http_version 1.1;
proxy_set_header Connection "";
}
}Unix sockets require proper permissions. After restarting Apache, verify the socket file exists and has correct permissions:
sudo chown www-data:www-data /var/run/apache2/apache.sock
sudo chmod 660 /var/run/apache2/apache.sockYou may need to adjust these based on your specific user/group configuration.
To verify the performance improvement, you can use ab (Apache Benchmark):
ab -n 10000 -c 100 http://site.net/test.htmlCompare the results with your previous TCP-based configuration. Typically, you'll observe:
- 20-30% reduction in connection time
- Lower CPU usage during high concurrency
- More stable performance under heavy load
If you encounter 502 Bad Gateway errors:
- Verify the socket file exists after Apache starts
- Check Nginx error logs:
tail -f /var/log/nginx/error.log - Confirm SELinux/apparmor isn't blocking socket access
- Ensure the socket path in Nginx exactly matches Apache's configuration
Many developers use Nginx as a reverse proxy for Apache with TCP connections like this:
server {
server_name site.net;
location / {
proxy_pass http://localhost:82;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
}
}
Unix domain sockets offer several advantages over TCP for local communication:
- Lower latency (no TCP stack overhead)
- Higher throughput
- Better security (filesystem permissions instead of network ports)
- No port conflicts
First, modify your Apache configuration to listen on a Unix socket instead of TCP:
# In httpd.conf or apache2.conf
Listen /var/run/apache2/apache.sock
<VirtualHost unix:/var/run/apache2/apache.sock>
# Your virtual host configuration
</VirtualHost>
Make sure the socket directory exists and has proper permissions:
sudo mkdir -p /var/run/apache2
sudo chown www-data:www-data /var/run/apache2
Modify your Nginx configuration to use the Unix socket:
server {
server_name site.net;
location / {
proxy_pass http://unix:/var/run/apache2/apache.sock;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
For optimal performance with Unix sockets, consider these additional settings:
location / {
proxy_pass http://unix:/var/run/apache2/apache.sock;
proxy_http_version 1.1;
proxy_set_header Connection "";
proxy_buffering off;
proxy_request_buffering off;
}
If you encounter problems:
- Check socket permissions:
ls -la /var/run/apache2/ - Verify Apache is listening:
ss -a | grep apache.sock - Check error logs for both Nginx and Apache
Use tools like ab or wrk to compare performance:
ab -n 10000 -c 100 http://site.net/test.html
Expect to see significant improvements in requests per second and reduced latency.