EngineScript
diff --git a/‎config/etc/mysql/mariadb.cnf‎
Lines changed: 1 addition & 1 deletion b/‎config/etc/mysql/mariadb.cnf‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎config/etc/nginx/nginx.conf‎
Lines changed: 8 additions & 8 deletions b/‎config/etc/nginx/nginx.conf‎
Lines changed: 8 additions & 8 deletions
diff --git a/‎config/etc/php/php.ini‎
Lines changed: 1 addition & 1 deletion b/‎config/etc/php/php.ini‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎config/etc/redis/redis.conf‎
Lines changed: 5 additions & 5 deletions b/‎config/etc/redis/redis.conf‎
Lines changed: 5 additions & 5 deletions
diff --git a/‎config/etc/sysctl.d/60-enginescript.conf‎
Lines changed: 26 additions & 20 deletions b/‎config/etc/sysctl.d/60-enginescript.conf‎
Lines changed: 26 additions & 20 deletions
diff --git a/‎config/opt/kernel-samepage-merging/ksm-service.sh‎
Lines changed: 0 additions & 9 deletions b/‎config/opt/kernel-samepage-merging/ksm-service.sh‎
Lines changed: 0 additions & 9 deletions
diff --git a/‎enginescript-variables.txt‎
Lines changed: 12 additions & 8 deletions b/‎enginescript-variables.txt‎
Lines changed: 12 additions & 8 deletions
diff --git a/‎scripts/functions/alias/alias-cache.sh‎
Lines changed: 77 additions & 31 deletions b/‎scripts/functions/alias/alias-cache.sh‎
Lines changed: 77 additions & 31 deletions
@@ -112,7 +112,7 @@ innodb_buffer_pool_size = SEDMYSQL45PERCENTM
 innodb_log_buffer_size = SEDLBSM
 innodb_file_per_table = 1
 innodb_open_files = SEDINOF
-innodb_io_capacity = 400
+#innodb_io_capacity = 1000
 innodb_flush_method = O_DIRECT
 innodb_use_native_aio=1
 
 
@@ -24,10 +24,10 @@ events {
 http {
   # Main Logs
   log_format main '$remote_addr - $remote_user [$time_local] $request '
-                  '"$status" $body_bytes_sent "$http_referer" '
-                  '"$http_user_agent" "$http_x_forwarded_for" "$gzip_ratio"'
-                  '"$connection" "$connection_requests" "$request_time" $http_cf_ray '
-                  '$ssl_protocol $ssl_cipher';
+  '"$status" $body_bytes_sent "$http_referer" '
+  '"$http_user_agent" "$http_x_forwarded_for" "$gzip_ratio"'
+  '"$connection" "$connection_requests" "$request_time" $http_cf_ray '
+  '$ssl_protocol $ssl_cipher';
 
   #log_format main_json escape=json '{'
   #  '"connection": "$connection", ' # connection serial number
@@ -52,10 +52,10 @@ http {
   # HTTP_Proxy exploit log
   # https://www.nginx.com/blog/mitigating-the-httpoxy-vulnerability-with-nginx
   #log_format proxylog '$remote_addr - $remote_user [$time_local] '
-                      #'"$request" $status $body_bytes_sent '
-                      #'"$http_referer" "$http_user_agent" '
-                      #'"$http_proxy"';
-
+  #'"$request" $status $body_bytes_sent '
+  #'"$http_referer" "$http_user_agent" '
+  #'"$http_proxy"';
+  
   # Enable access log if you want to use ngxtop to monitor traffic
   access_log off;
   #access_log /dev/null crit;
 
@@ -141,7 +141,7 @@ max_execution_time = 120
 max_input_time = 60
 ;max_input_nesting_level = 64
 max_input_vars = 4666
-memory_limit = SEDPHPVERMEMLIMIT
+memory_limit = SEDPHPMEMLIMIT
 
 ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
 ; Error handling and logging ;
 
@@ -112,11 +112,11 @@ maxmemory-policy allkeys-lru
 
 ############################# LAZY FREEING ####################################
 
-lazyfree-lazy-eviction no
-lazyfree-lazy-expire no
-lazyfree-lazy-server-del no
-replica-lazy-flush no
-lazyfree-lazy-user-del no
+lazyfree-lazy-eviction yes
+lazyfree-lazy-expire yes
+lazyfree-lazy-server-del yes
+replica-lazy-flush yes
+lazyfree-lazy-user-del yes
 
 ################################ THREADED I/O #################################
 
 
@@ -1,8 +1,5 @@
 ### GENERAL SYSTEM SECURITY OPTIONS ###
 
-# Disable SysRq keyboard shortcuts  : Credit SlickStack
-kernel.sysrq = 0
-
 # Controls the number of system-wide asynchronous io requests
 fs.aio-max-nr = 1048576
 
@@ -41,11 +38,11 @@ kernel.kptr_restrict = 1
 # Increase size of file handles and inode cache
 fs.file-max = 209708
 
-## Protect system hard/soft links : Credit SlickStack
+# Protect system hard/soft links : Credit SlickStack
 fs.protected_hardlinks = 1
 fs.protected_symlinks = 1
 
-## Big performance boost (published by PostgreSQL community) : Credit SlickStack
+# Big performance boost (published by PostgreSQL community) : Credit SlickStack
 kernel.sched_migration_cost_ns = 5000000
 kernel.sched_autogroup_enabled = 0
 
@@ -57,6 +54,9 @@ vm.dirty_background_ratio = 5
 # Specifies the minimum virtual address that a process is allowed to mmap
 vm.mmap_min_addr = 4096
 
+# Specifies the maximum number of memory map areas that a process can have
+vm.max_map_count = 262144
+
 # 50% overcommitment of available memory
 # Allow memory overcommit required for redis
 vm.overcommit_ratio = 40
@@ -95,7 +95,7 @@ net.ipv6.conf.default.forwarding = 0
 
 # Disables IP source routing
 net.ipv4.conf.all.send_redirects = 0
-net.ipv4.conf.default.send_redirects = 0
+net.ipv4.conf.default.send_redirects = 0
 net.ipv4.conf.all.accept_source_route = 0
 net.ipv4.conf.default.accept_source_route = 0
 net.ipv6.conf.all.accept_source_route = 0
@@ -123,9 +123,9 @@ net.ipv4.conf.default.log_martians = 1
 net.ipv4.tcp_fin_timeout = 10
 
 # Decrease the time default value for connections to keep alive
-net.ipv4.tcp_keepalive_time = 300
-net.ipv4.tcp_keepalive_probes = 5
 net.ipv4.tcp_keepalive_intvl = 15
+net.ipv4.tcp_keepalive_probes = 5
+net.ipv4.tcp_keepalive_time = 300
 
 # Don't relay bootp
 net.ipv4.conf.all.bootp_relay = 0
@@ -136,7 +136,7 @@ net.ipv4.conf.all.proxy_arp = 0
 # Turn on the tcp_timestamps, accurate timestamp make TCP congestion control algorithms work better
 net.ipv4.tcp_timestamps = 1
 
-# # Enable select acknowledgments
+# Enable select acknowledgments
 net.ipv4.tcp_sack = 1
 
 # Don't ignore directed pings
@@ -156,16 +156,16 @@ net.ipv6.ip_local_port_range = 1024 65535
 net.ipv4.tcp_rfc1337 = 1
 
 # Do not auto-configure IPv6
-net.ipv6.conf.all.autoconf=0
-net.ipv6.conf.all.accept_ra=0
-net.ipv6.conf.default.autoconf=0
-net.ipv6.conf.default.accept_ra=0
-net.ipv6.conf.eth0.autoconf=0
-net.ipv6.conf.eth0.accept_ra=0
+net.ipv6.conf.all.accept_ra = 0
 net.ipv6.conf.all.accept_ra_defrtr = 0
-net.ipv6.conf.default.accept_ra_defrtr = 0
 net.ipv6.conf.all.accept_ra_pinfo = 0
+net.ipv6.conf.all.autocon f = 0
+net.ipv6.conf.default.accept_ra = 0
+net.ipv6.conf.default.accept_ra_defrtr = 0
 net.ipv6.conf.default.accept_ra_pinfo = 0
+net.ipv6.conf.default.autoconf = 0
+net.ipv6.conf.eth0.accept_ra = 0
+net.ipv6.conf.eth0.autoconf = 0
 
 ### TUNING NETWORK PERFORMANCE ###
 
@@ -207,17 +207,16 @@ net.core.somaxconn = 65535
 # Increase number of incoming connections backlog
 net.core.netdev_max_backlog = 32801
 net.core.dev_weight = 64
-net.core.netdev_budget = 1200
-net.core.netdev_budget_usecs = 8000
+net.core.netdev_budget = 3600
+net.core.netdev_budget_usecs = 4000
 
 # Increase the maximum amount of option memory buffers
 net.core.optmem_max = 25165824
 
 # Increase the tcp-time-wait buckets pool size to prevent simple DOS attacks
-net.ipv4.tcp_max_tw_buckets = 400000
+net.ipv4.tcp_max_tw_buckets = 600000
 
 # Try to reuse time-wait connections, but don't recycle them (recycle can break clients behind NAT)
-net.ipv4.tcp_tw_recycle = 0
 net.ipv4.tcp_tw_reuse = 1
 
 # Limit number of orphans, each orphan can eat up to 16M (max wmem) of unswappable memory
@@ -275,6 +274,13 @@ net.ipv6.route.flush = 1
 
 # References
 # https://wiki.archlinux.org/title/Sysctl
+# https://www.kernel.org/doc/Documentation/sysctl/
+# https://github.com/klaver/sysctl/blob/master/sysctl.conf
 # https://medium.com/@moaminsharifi/tuning-your-linux-kernel-for-io-intensive-applications-2e059dd5f813
 # https://ntk148v.github.io/posts/linux-network-performance-ultimate-guide/
 # https://raw.githubusercontent.com/littlebizzy/slickstack/master/modules/ubuntu/24.04/sysctl.txt
+# https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/9/html/monitoring_and_managing_system_status_and_performance/tuning-the-network-performance_monitoring-and-managing-system-status-and-performance
+# https://bastakiss.com/blog/linux-7/best-practices-for-managing-linux-servers-in-2025-517
+# https://www.elastic.co/guide/en/elasticsearch/reference/current/vm-max-map-count.html
+# https://discourse.ubuntu.com/t/boosting-the-vm-max-map-count-in-ubuntu/33863/7
+# https://fasterdata.es.net/host-tuning/linux/
@@ -4,22 +4,13 @@
 #----------------------------------------------------------------------------
 # Website:      https://EngineScript.com
 # GitHub:       https://github.com/Enginescript/EngineScript
-# Company:      VisiStruct / EngineScript
 # License:      GPL v3.0
 #----------------------------------------------------------------------------
 
 # EngineScript Variables
 source /usr/local/bin/enginescript/enginescript-variables.txt
 source /home/EngineScript/enginescript-install-options.txt
 
-# Check current user's ID. If user is not 0 (root), exit.
-if [ "${EUID}" != 0 ];
-  then
-    echo "${BOLD}ALERT:${NORMAL}"
-    echo "EngineScript should be executed as the root user."
-    exit
-fi
-
 #----------------------------------------------------------------------------
 # Start Main Script
 
 
@@ -6,7 +6,7 @@
 #-#-#-#-#-#-#-#  Edit These At Your Own Risk  #-#-#-#-#-#-#-#
 
 # EngineScript Version
-VARIABLES_DATE="FEB2425"
+VARIABLES_DATE="MAR0125"
 
 # Software Versions
 LIBURING_VER="2.9"
@@ -25,18 +25,24 @@ ZLIB_VER="1.3.1"
 OLDPHP="8.0"
 OLDPCRE="8.45"
 
-# EngineScript Variables
+# System Information
 BIT_TYPE="$(uname -m)"
 CPU_COUNT="$(nproc --all)"
 DT="$(date +"%m-%d-%y")"
 IP_ADDRESS="$(ip -o route get to 8.8.8.8 | sed -n 's/.*src \([0-9.]\+\).*/\1/p')"
 UBUNTU_TYPE="$(lsb_release -si)"
+UBUNTU_CODENAME="$(lsb_release -sc)"
+UBUNTU_VERSION="$(lsb_release -sr)"
+
+# Random Characters
 RAND_CHAR2="$(pwgen -A01 2)"
-RAND_CHAR4="$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 4 | head -n 1)"
+RAND_CHAR4="$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 4 | head -n 1)"
 RAND_CHAR8="$(pwgen -1Bcns 8)"
-RAND_CHAR16="$(cat /dev/urandom | tr -dc 'a-zA-Z0-9' | fold -w 16 | head -n 1)"
+RAND_CHAR16="$(tr -dc 'a-zA-Z0-9' < /dev/urandom | fold -w 16 | head -n 1)"
 RAND_CHAR24="$(date +%s | sha256sum | base64 | head -c 24)"
-RAND_CHAR32="$(cat /dev/urandom | tr -dc 'a-zA-Z0-9_' | fold -w 32 | head -n 1)"
+RAND_CHAR32="$(tr -dc 'a-zA-Z0-9_' < /dev/urandom | fold -w 32 | head -n 1)"
+
+# Server Memory Calculations
 SERVER_MEMORY_TOTAL_01="$(free -m | awk 'NR==2{printf "%d", $2*0.01 }')"
 SERVER_MEMORY_TOTAL_02="$(free -m | awk 'NR==2{printf "%d", $2*0.02 }')"
 SERVER_MEMORY_TOTAL_03="$(free -m | awk 'NR==2{printf "%d", $2*0.03 }')"
@@ -49,9 +55,7 @@ SERVER_MEMORY_TOTAL_09="$(free -m | awk 'NR==2{printf "%d", $2*0.09 }')"
 SERVER_MEMORY_TOTAL_10="$(free -m | awk 'NR==2{printf "%d", $2*0.10 }')"
 SERVER_MEMORY_TOTAL_80="$(free -m | awk 'NR==2{printf "%d", $2*0.80 }')"
 SERVER_MEMORY_TOTAL_100="$(free -m | awk 'NR==2{printf "%d", $2*1 }')"
-UBUNTU_CODENAME="$(lsb_release -sc)"
-UBUNTU_VERSION="$(lsb_release -sr)"
 
-# Shell text
+# Shell text formatting
 BOLD="$(tput bold)"
 NORMAL="$(tput sgr0)"
@@ -27,36 +27,82 @@ echo -e "\nClearing Caches\n\n"
 # Include config
 source /home/EngineScript/sites-list/sites.sh
 
-# Clear Transients on all sites
-for i in "${SITES[@]}"
-do
-  echo "Deleting ${i} Transients"
-	cd "/var/www/sites/$i/html"
-  wp transient delete-all --allow-root
-done
-
-# Clear Nginx fastCGI cache
-echo "Clearing Nginx Cache"
-for i in "${SITES[@]}"
-do
-  echo "Deleting ${i} Transients"
-	cd "/var/www/sites/$i/html"
-  wp nginx-helper purge-all --allow-root
-done
-rm -rf /var/cache/nginx/*
-
-# Clear PHP OpCache
-echo "Clearing PHP OpCache"
-rm -rf /var/cache/opcache/*
-
-# Clear Redis object cache
-echo "Clearing Redis Object Cache"
-redis-cli FLUSHALL ASYNC
+# Function to clear transients on all sites
+clear_transients() {
+    for site in "${SITES[@]}"; do
+        echo "Deleting ${site} Transients"
+        cd "/var/www/sites/$site/html" || {
+            echo "Error: Failed to change directory to /var/www/sites/$site/html"
+        }
+        wp transient delete-all --allow-root || {
+            echo "Error: Failed to delete transients for ${site}"
+        }
+    done
+}
+
+# Function to clear Nginx cache
+clear_nginx_cache() {
+    echo "Clearing Nginx Cache"
+    for site in "${SITES[@]}"; do
+        echo "Purging Nginx Cache for ${site}"
+        cd "/var/www/sites/$site/html" || {
+            echo "Error: Failed to change directory to /var/www/sites/$site/html"
+        }
+        wp nginx-helper purge-all --allow-root || {
+            echo "Error: Failed to purge Nginx cache for ${site}"
+        }
+    done
+    rm -rf /var/cache/nginx/* || {
+        echo "Error: Failed to clear Nginx cache"
+    }
+}
+
+# Function to clear PHP OpCache
+clear_php_opcache() {
+    echo "Clearing PHP OpCache"
+    rm -rf /var/cache/opcache/* || {
+        echo "Error: Failed to clear PHP OpCache"
+    }
+}
+
+# Function to clear Redis object cache
+clear_redis_cache() {
+    echo "Clearing Redis Object Cache"
+    redis-cli FLUSHALL ASYNC || {
+        echo "Error: Failed to clear Redis cache"
+    }
+}
+
+# Function to restart a service
+restart_service() {
+    local service_name=$1
+    echo "Restarting ${service_name}"
+    service ${service_name} restart || {
+        echo "Error: Failed to restart ${service_name}"
+    }
+}
+
+# Function to restart PHP-FPM service
+restart_php_fpm() {
+    local php_versions=("8.1" "8.2" "8.3" "8.4")
+    for version in "${php_versions[@]}"; do
+        if systemctl is-active --quiet php${version}-fpm; then
+            restart_service "php${version}-fpm"
+            return
+        fi
+    done
+    echo "Error: No active PHP-FPM service found."
+}
+
+# Clear caches
+clear_transients
+clear_nginx_cache
+clear_php_opcache
+clear_redis_cache
 
 # Restart services
-echo "Restarting Nginx"
-service nginx restart
-echo "Restarting PHP-FPM"
-service php${PHP_VER}-fpm restart
-echo "Restarting Redis"
-service redis-server restart
+restart_service "nginx"
+restart_php_fpm
+restart_service "redis-server"
+
+echo "All caches cleared and services restarted successfully."