Quick Links
openSUSE Forums
»
Apache (httpd) 1.3
|
||||||
| Forums FAQ | Members List | Search | Today's Posts | Mark Forums Read |
| ARCHIVES - Sample Configuration Files Copies of commonly used configuration files in SUSE Linux
(Moderated - Please do not post questions here) |
|
|
LinkBack | Thread Tools | Display Modes |
09-Apr-2004, 17:18
|
|||
|
|||
[quote][b]##
## httpd.conf -- Apache HTTP server configuration file ## # # Based upon the NCSA server configuration files originally by Rob McCool. # # This is the main Apache server configuration file.* It contains the # configuration directives that give the server its instructions. # See <URL:http://www.apache.org/docs/> for detailed information about # the directives. # # Do NOT simply read the instructions in here without understanding # what they do.* They're here only as hints or reminders.* If you are unsure # consult the online docs. You have been warned.* # # After this file is processed, the server will look for and process # /srv/www/conf/srm.conf and then /srv/www/conf/access.conf # unless you have overridden these with ResourceConfig and/or # AccessConfig directives here. # # The configuration directives are grouped into three basic sections: #* 1. Directives that control the operation of the Apache server process as a #* * whole (the 'global environment'). #* 2. Directives that define the parameters of the 'main' or 'default' server, #* * which responds to requests that aren't handled by a virtual host. #* * These directives also provide default values for the settings #* * of all virtual hosts. #* 3. Settings for virtual hosts, which allow Web requests to be sent to #* * different IP addresses or hostnames and have them handled by the #* * same Apache server process. # # Configuration and logfile names: If the filenames you specify for many # of the server's control files begin with "/" (or "drive:/" for Win32), the # server will use that explicit path.* If the filenames do *not* begin # with "/", the value of ServerRoot is prepended -- so "logs/foo.log" # with ServerRoot set to "/usr/local/apache" will be interpreted by the # server as "/usr/local/apache/logs/foo.log". # ### Section 1: Global Environment # # The directives in this section affect the overall operation of Apache, # such as the number of concurrent requests it can handle or where it # can find its configuration files. # # # ServerType is either inetd, or standalone.* Inetd mode is only supported on # Unix platforms. # ServerType standalone # # ServerRoot: The top of the directory tree under which the server's # configuration, error, and log files are kept. # # NOTE!* If you intend to place this on an NFS (or otherwise network) # mounted filesystem then please read the LockFile documentation # (available at <URL:http://www.apache.org/docs/mod/core.html#lockfile>); # you will save yourself a lot of trouble. # ServerRoot "/srv/www" # # The LockFile directive sets the path to the lockfile used when Apache # is compiled with either USE_FCNTL_SERIALIZED_ACCEPT or # USE_FLOCK_SERIALIZED_ACCEPT. This directive should normally be left at # its default value. The main reason for changing it is if the logs # directory is NFS mounted, since the lockfile MUST BE STORED ON A LOCAL # DISK. The PID of the main server process is automatically appended to # the filename. # LockFile /var/lock/subsys/httpd/httpd.accept.lock # # PidFile: The file in which the server should record its process # identification number when it starts. # PidFile /var/run/httpd.pid # # ScoreBoardFile: File used to store internal server process information. # Not all architectures require this.* But if yours does (you'll know because # this file will be* created when you run Apache) then you *must* ensure that # no two invocations of Apache share the same scoreboard file. # ScoreBoardFile /var/run/httpd.scoreboard # # In the standard configuration, the server will process httpd.conf (this # file, specified by the -f command line option), srm.conf, and access.conf # in that order.* The latter two files are now distributed empty, as it is # recommended that all directives be kept in a single file for simplicity.* # The commented-out values below are the built-in defaults.* You can have the # server ignore these files altogether by using "/dev/null" (for Unix) or # "nul" (for Win32) for the arguments to the directives. # #ResourceConfig conf/srm.conf #AccessConfig conf/access.conf # # Timeout: The number of seconds before receives and sends time out. # Timeout 300 # # KeepAlive: Whether or not to allow persistent connections (more than # one request per connection). Set to "Off" to deactivate. # KeepAlive On # # MaxKeepAliveRequests: The maximum number of requests to allow # during a persistent connection. Set to 0 to allow an unlimited amount. # We recommend you leave this number high, for maximum performance. # MaxKeepAliveRequests 100 # # KeepAliveTimeout: Number of seconds to wait for the next request from the # same client on the same connection. # KeepAliveTimeout 15 # # Server-pool size regulation.* Rather than making you guess how many # server processes you need, Apache dynamically adapts to the load it # sees --- that is, it tries to maintain enough server processes to # handle the current load, plus a few spare servers to handle transient # load spikes (e.g., multiple simultaneous requests from a single # Netscape browser). # # It does this by periodically checking how many servers are waiting # for a request.* If there are fewer than MinSpareServers, it creates # a new spare.* If there are more than MaxSpareServers, some of the # spares die off.* The default values are probably OK for most sites. # # Note: these two values are set by SuSEconfig according to the setting of the # HTTPD_PERFORMANCE variable in /etc/sysconfig/apache! MinSpareServers 1 MaxSpareServers 1 # # Number of servers to start initially --- should be a reasonable ballpark # figure. # # Note: this value is set by SuSEconfig according to the setting of the # HTTPD_PERFORMANCE variable in /etc/sysconfig/apache! StartServers 1 # # Limit on total number of servers running, i.e., limit on the number # of clients who can simultaneously connect --- if this limit is ever # reached, clients will be LOCKED OUT, so it should NOT BE SET TOO LOW. # It is intended mainly as a brake to keep a runaway server from taking # the system with it as it spirals down... # # Note: this value is set by SuSEconfig according to the setting of the # HTTPD_PERFORMANCE variable in /etc/sysconfig/apache! MaxClients 150 # # MaxRequestsPerChild: the number of requests each child process is # allowed to process before the child dies.* The child will exit so # as to avoid problems after prolonged use when Apache (and maybe the # libraries it uses) leak memory or other resources.* On most systems, this # isn't really needed, but a few (such as Solaris) do have notable leaks # in the libraries. For these platforms, set to something like 10000 # or so; a setting of 0 means unlimited. # # NOTE: This value does not include keepalive requests after the initial #* * * request per connection. For example, if a child process handles #* * * an initial request and 10 subsequent "keptalive" requests, it #* * * would only count as 1 request towards this limit. # MaxRequestsPerChild 0 # # Listen: Allows you to bind Apache to specific IP addresses and/or # ports, in addition to the default. See also the <VirtualHost> # directive. # #Listen 3000 #Listen 12.34.56.78:80 # # BindAddress: You can support virtual hosts with this option. This directive # is used to tell the server which IP address to listen to. It can either # contain "*", an IP address, or a fully qualified Internet domain name. # See also the <VirtualHost> and Listen directives. # #BindAddress * # # Dynamic Shared Object (DSO) Support # # To be able to use the functionality of a module which was built as a DSO you # have to place corresponding `LoadModule' lines at this location so the # directives contained in it are actually available _before_ they are used. # Please read the file http://httpd.apache.org/docs/dso.html for more # details about the DSO mechanism and run `httpd -l' for the list of already # built-in (statically linked and thus always available) modules in your httpd # binary. # # Note: The order in which modules are loaded is important.* Don't change # the order below without expert advice. # Note: # # The file that is included after the LoadModule statements is generated # by SuSEconfig according to # # 1) which modules (ones not included with apache) are installed # 2) the settings in /etc/sysconfig/apache # # SuSEconfig uses the /etc/httpd/modules/* files that come with each module # to determine the necessary directives. # # Apache no longer needs to be started with '-D <modules>' switches (with # the exception of mod_ssl, which has a lot of conditional statements). # Example: # LoadModule foo_module libexec/mod_foo.so LoadModule mmap_static_module /usr/lib/apache/mod_mmap_static.so LoadModule vhost_alias_module /usr/lib/apache/mod_vhost_alias.so LoadModule env_module* * * * /usr/lib/apache/mod_env.so LoadModule define_module* * * /usr/lib/apache/mod_define.so LoadModule config_log_module* /usr/lib/apache/mod_log_config.so LoadModule agent_log_module* /usr/lib/apache/mod_log_agent.so LoadModule referer_log_module /usr/lib/apache/mod_log_referer.so LoadModule mime_magic_module* /usr/lib/apache/mod_mime_magic.so LoadModule mime_module* * * * /usr/lib/apache/mod_mime.so LoadModule negotiation_module /usr/lib/apache/mod_negotiation.so LoadModule status_module* * * /usr/lib/apache/mod_status.so LoadModule info_module* * * * /usr/lib/apache/mod_info.so LoadModule includes_module* * /usr/lib/apache/mod_include.so LoadModule autoindex_module* /usr/lib/apache/mod_autoindex.so LoadModule dir_module* * * * /usr/lib/apache/mod_dir.so LoadModule cgi_module* * * * /usr/lib/apache/mod_cgi.so LoadModule asis_module* * * * /usr/lib/apache/mod_asis.so LoadModule imap_module* * * * /usr/lib/apache/mod_imap.so LoadModule action_module* * * /usr/lib/apache/mod_actions.so LoadModule speling_module* * /usr/lib/apache/mod_speling.so # mod_userdir will be included below by SuSEconfig if HTTPD_SEC_PUBLIC_HTML=yes LoadModule alias_module* * * /usr/lib/apache/mod_alias.so LoadModule rewrite_module* * /usr/lib/apache/mod_rewrite.so LoadModule access_module* * * /usr/lib/apache/mod_access.so LoadModule auth_module* * * * /usr/lib/apache/mod_auth.so LoadModule anon_auth_module* /usr/lib/apache/mod_auth_anon.so LoadModule dbm_auth_module* * /usr/lib/apache/mod_auth_dbm.so LoadModule db_auth_module* * /usr/lib/apache/mod_auth_db.so LoadModule digest_module* * * /usr/lib/apache/mod_digest.so LoadModule proxy_module* * * /usr/lib/apache/libproxy.so LoadModule cern_meta_module* /usr/lib/apache/mod_cern_meta.so LoadModule expires_module* * /usr/lib/apache/mod_expires.so LoadModule headers_module* * /usr/lib/apache/mod_headers.so LoadModule usertrack_module* /usr/lib/apache/mod_usertrack.so # LoadModule unique_id_module* /usr/lib/apache/mod_unique_id.so LoadModule setenvif_module* * /usr/lib/apache/mod_setenvif.so <IfDefine DUMMYSSL> LoadModule ssl_module* * * * /usr/lib/apache/libssl.so </IfDefine> Include /etc/httpd/suse_loadmodule.conf #* Reconstruction of the complete module list from all available modules #* (static and shared ones) to achieve correct module execution order. #* [WHENEVER YOU CHANGE THE LOADMODULE SECTION ABOVE UPDATE THIS, TOO] ClearModuleList AddModule mod_mmap_static.c AddModule mod_vhost_alias.c AddModule mod_env.c AddModule mod_define.c AddModule mod_log_config.c AddModule mod_log_agent.c AddModule mod_log_referer.c AddModule mod_mime_magic.c AddModule mod_mime.c AddModule mod_negotiation.c AddModule mod_status.c AddModule mod_info.c AddModule mod_include.c AddModule mod_autoindex.c AddModule mod_dir.c AddModule mod_cgi.c AddModule mod_asis.c AddModule mod_imap.c AddModule mod_actions.c AddModule mod_speling.c # mod_userdir will be included below by SuSEconfig if HTTPD_SEC_PUBLIC_HTML=yes AddModule mod_alias.c AddModule mod_rewrite.c AddModule mod_access.c AddModule mod_auth.c AddModule mod_auth_anon.c AddModule mod_auth_dbm.c AddModule mod_auth_db.c AddModule mod_digest.c AddModule mod_proxy.c AddModule mod_cern_meta.c AddModule mod_expires.c AddModule mod_headers.c AddModule mod_usertrack.c # AddModule mod_unique_id.c AddModule mod_so.c AddModule mod_setenvif.c <IfDefine DUMMYSSL> AddModule mod_ssl.c </IfDefine> # Again, the following file is generated by SuSEconfig for modules that actually # have been installed Include /etc/httpd/suse_addmodule.conf # # ExtendedStatus controls whether Apache will generate "full" status # information (ExtendedStatus On) or just basic information (ExtendedStatus # Off) when the "server-status" handler is called. The default is Off. # ExtendedStatus On # # To enable mod_dav, add the following directive to the appropriate # container(s) in the httpd.conf file: # <IfModule mod_dav.c> DavLockDB /var/lib/httpd/DAVLock </IfModule> # # # enable the SSI (Server Side Includes) execution for +x files # <IfModule mod_include.c> XBitHack on </IfModule> ### Section 2: 'Main' server configuration # # The directives in this section set up the values used by the 'main' # server, which responds to any requests that aren't handled by a # <VirtualHost> definition.* These values also provide defaults for # any <VirtualHost> containers you may define later in the file. # # All of these directives may appear inside <VirtualHost> containers, # in which case these default settings will be overridden for the # virtual host being defined. # # # If your ServerType directive (set earlier in the 'Global Environment' # section) is set to "inetd", the next few directives don't have any # effect since their settings are defined by the inetd configuration. # Skip ahead to the ServerAdmin directive. # # # Port: The port to which the standalone server listens. For # ports < 1023, you will need httpd to be run as root initially. # Port 80 ## ##* SSL Support ## ##* When we also provide SSL we have to listen to the ##* standard HTTP port (see above) and to the HTTPS port ## <IfDefine SSL> Listen 80 Listen 443 </IfDefine> # # If you wish httpd to run as a different user or group, you must run # httpd as root initially and it will switch.* # # User/Group: The name (or #number) of the user/group to run httpd as. #* . On SCO (ODT 3) use "User nouser" and "Group nogroup". #* . On HPUX you may not be able to use shared memory as nobody, and the #* * suggested workaround is to create a user www and use that user. #* NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET) #* when the value of (unsigned)Group is above 60000; #* don't use Group nogroup on these systems! # User wwwrun Group nogroup # # ServerAdmin: Your address, where problems with the server should be # e-mailed.* This address appears on some server-generated pages, such # as error documents. # # Note: this email address is set by SuSEconfig according to the setting of the # HTTPD_SEC_SERVERADMIN variable in /etc/sysconfig/apache! ServerAdmin webmaster@susebox.acnet # # ServerName allows you to set a host name which is sent back to clients for # your server if it's different than the one the program would get (i.e., use # "www" instead of the host's real name). # # Note: You cannot just invent host names and hope they work. The name you # define here must be a valid DNS name for your host. If you don't understand # this, ask your network administrator. # If your host doesn't have a registered DNS name, enter its IP address here. # You will have to access it by its address (e.g., http://123.45.67.89/) # anyway, and this will make redirections work in a sensible way. # # 127.0.0.1 is the TCP/IP local loop-back address, often named localhost. Your # machine always knows itself by this address. If you use Apache strictly for # local testing and development, you may use 127.0.0.1 as the server name. # # Note: the host name is set by SuSEconfig according to the setting of the # FQHOSTNAME variable in /etc/sysconfig/network/config! ServerName susebox.acnet # # DocumentRoot: The directory out of which you will serve your # documents. By default, all requests are taken from this directory, but # symbolic links and aliases may be used to point to other locations. # DocumentRoot "/srv/www/htdocs" # # Each directory to which Apache has access, can be configured with respect # to which services and features are allowed and/or disabled in that # directory (and its subdirectories). # # First, we configure the "default" to be a very restrictive set of # permissions.* # <Directory /> * * AuthUserFile* /etc/httpd/passwd * * AuthGroupFile /etc/httpd/group * * Options -FollowSymLinks +Multiviews * * AllowOverride None </Directory> # # Note that from this point forward you must specifically allow # particular features to be enabled - so if something's not working as # you might expect, make sure that you have specifically enabled it # below. # # # This should be changed to whatever you set DocumentRoot to. # <Directory "/srv/www/htdocs"> # # This may also be "None", "All", or any combination of "Indexes", # "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews". # # Note that "MultiViews" must be named *explicitly* --- "Options All" # doesn't give it to you. # * * Options Indexes -FollowSymLinks +Includes MultiViews # # This controls which options the .htaccess files in directories can # override. Can also be "All", or any combination of "Options", "FileInfo", # "AuthConfig", and "Limit" # * * AllowOverride None # # Controls who can get stuff from this server. # * * Order allow,deny * * Allow from all # # disable WebDAV by default for security reasons. # <IfModule mod_dav.c> DAV Off </IfModule> # # Enable SSI (Server Side Includes) for the demo index.html pages, as some of the content # is created dynamically. This should be disabled when setting up a productive # server. <Files /srv/www/htdocs/index.htm*> Options -FollowSymLinks +Includes +MultiViews </Files> # # Protect the php3 test page, so it cannot be viewed from an outside system. # <Files test.php3> Order deny,allow deny from all allow from localhost </Files> </Directory> # # UserDir: The name of the directory which is appended onto a user's home # directory if a ~user request is received. # Note: # The next three lines are commented out here. These directives and the access # control section have been put into /etc/httpd/suse_public_html.conf. # If the variable HTTPD_SEC_PUBLIC_HTML in /etc/sysconfig/apache # is set to "yes" (default), SuSEconfig will include that file via # /etc/httpd/suse_include.conf. # Also note that for the /home/*/public_html directories to be browsable the # executable flag must be set on the /home/* directories. # # <IfModule mod_userdir.c> #* * UserDir public_html # </IfModule> # # Control access to UserDir directories.* The following is an example # for a site where these directories are restricted to read-only. # #<Directory /home/*/public_html> #* * AllowOverride FileInfo AuthConfig Limit #* * Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec #* * <Limit GET POST OPTIONS PROPFIND> #* * * * Order allow,deny #* * * * Allow from all #* * </Limit> #* * <LimitExcept GET POST OPTIONS PROPFIND> #* * * * Order deny,allow #* * * * Deny from all #* * </LimitExcept> #</Directory> # # DirectoryIndex: Name of the file or files to use as a pre-written HTML # directory index.* Separate multiple entries with spaces. # <IfModule mod_dir.c> * * DirectoryIndex index.html </IfModule> # # AccessFileName: The name of the file to look for in each directory # for access control information. # AccessFileName .htaccess # # The following lines prevent .htaccess files from being viewed by # Web clients.* Since .htaccess files often contain authorization # information, access is disallowed for security reasons.* Comment # these lines out if you want Web visitors to see the contents of # .htaccess files.* If you change the AccessFileName directive above, # be sure to make the corresponding changes here. # # Also, folks tend to use names such as .htpasswd for password # files, so this will protect those as well. # <Files ~ "^\.ht"> * * Order allow,deny * * Deny from all * * Satisfy All </Files> # # CacheNegotiatedDocs: By default, Apache sends "Pragma: no-cache" with each # document that was negotiated on the basis of content. This asks proxy # servers not to cache the document. Uncommenting the following line disables # this behavior, and proxies will be allowed to cache the documents. # #CacheNegotiatedDocs # # UseCanonicalName:* (new for 1.3)* With this setting turned on, whenever # Apache needs to construct a self-referencing URL (a URL that refers back # to the server the response is coming from) it will use ServerName and # Port to form a "canonical" name.* With this setting off, Apache will # use the hostname  ort that the client supplied, when possible.* This# also affects SERVER_NAME and SERVER_PORT in CGI scripts. # UseCanonicalName On # # TypesConfig describes where the mime.types file (or equivalent) is # to be found. # <IfModule mod_mime.c> * * TypesConfig /etc/httpd/mime.types </IfModule> # # DefaultType is the default MIME type the server will use for a document # if it cannot otherwise determine one, such as from filename extensions. # If your server contains mostly text or HTML documents, "text/plain" is # a good value.* If most of your content is binary, such as applications # or images, you may want to use "application/octet-stream" instead to # keep browsers from trying to display binary files as though they are # text. # DefaultType text/plain # # The mod_mime_magic module allows the server to use various hints from the # contents of the file itself to determine its type.* The MIMEMagicFile # directive tells the module where the hint definitions are located. # mod_mime_magic is not part of the default server (you have to add # it yourself with a LoadModule [see the DSO paragraph in the 'Global # Environment' section], or recompile the server and include mod_mime_magic # as part of the configuration), so it's enclosed in an <IfModule> container. # This means that the MIMEMagicFile directive will only be processed if the # module is part of the server. # <IfModule mod_mime_magic.c> * * MIMEMagicFile /etc/httpd/magic </IfModule> # # HostnameLookups: Log the names of clients or just their IP addresses # e.g., www.apache.org (on) or 204.62.129.132 (off). # The default is off because it'd be overall better for the net if people # had to knowingly turn this feature on, since enabling it means that # each client request will result in AT LEAST one lookup request to the # nameserver. # HostnameLookups Off #* The following are the directives necessary to get mod_backhand operational. #* You will need to add Backhand directives to any directories that you wish #* to balance..* For example, you could put the following inside a #* ScriptAliased /cgi-cpu/ directory (for scripts that are cpu hogs) # <Directory ...> # ... stuff ... # Backhand byAge # Backhand byRandom # Backhand byLogWindow # Backhand byCPU # ... stuff ... # </Directory> # This will eliminate servers you haven't heard from for a while # Then randomize those remaining # Then take the first log(n)* (log base 2 of course) # Then use the one with the highest CPU idle time <IfModule mod_backhand.c> # UnixSocketDir is were the mod_backhand-Arriba file is stored #* (how fast your machine is). This directory must be readable and writable #* by euid of apache (wwwrun) because the children have dropped privileges #* before they connect to a UNIX domain socket in this directory. # This directive is singular. # # MulticastStats of the form [<IP ADDR>] <BROADCAST ADDR>:<PORT> will set #* mod_backhand to broadcast server statistics on that address advertising #* for a server on <IP ADDR> or gethostbyname(gethostname()) # MulticastStats of the form [<IP ADDR>] <MULTICAST ADDR>:<PORT>,<ttl> will #* set mod_backhand to multicast server statistics on that address #* advertising for a server on <IP ADDR> or gethostbyname(gethostname()) # This directive is singular. # # AcceptStats <a.b.c.d>[/<mask>] (like 10.0.0.4 or 10.0.0.0/24) will accept #* statistics originating from that IP or IP network. # This option can be cascaded. * UnixSocketDir /var/lib/backhand # MulticastStats 128.220.221.255:4445 # MulticastStats 225.220.221.20:4445,1 # AcceptStats 128.220.221.0/24 # Note that you _must_ configure the MulticastStats/AcceptStats directives, # otherwise apache will segfault! # This is a status of sorts.* Visit it and see how valuable it is to you. * <Location "/backhand/"> * * SetHandler backhand-handler * </Location> </IfModule> # # working directory of mod_bandwidth # <IfModule mod_bandwidth.c> * * BandWidthDataDir /var/lib/httpd/mod_bandwidth </IfModule> # # ErrorLog: The location of the error log file. # If you do not specify an ErrorLog directive within a <VirtualHost> # container, error messages relating to that virtual host will be # logged here.* If you *do* define an error logfile for a <VirtualHost> # container, that host's errors will be logged there and not here. # ErrorLog /var/log/httpd/error_log # # LogLevel: Control the number of messages logged to the error_log. # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. # LogLevel warn # # The following directives define some format nicknames for use with # a CustomLog directive (see below). # LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%h %l %u %t \"%r\" %>s %b" common LogFormat "%{Referer}i -> %U" referer LogFormat "%{User-agent}i" agent # # The location and format of the access logfile (Common Logfile Format). # If you do not define any access logfiles within a <VirtualHost> # container, they will be logged here.* Contrariwise, if you *do* # define per-<VirtualHost> access logfiles, transactions will be # logged therein and *not* in this file. # CustomLog /var/log/httpd/access_log common # # If you would like to have agent and referer logfiles, uncomment the # following directives. # #CustomLog /var/log/httpd/referer_log referer #CustomLog /var/log/httpd/agent_log agent # # If you prefer a single logfile with access, agent, and referer information # (Combined Logfile Format) you can use the following directive. # #CustomLog /var/log/httpd/access_log combined # # Optionally add a line containing the server version and virtual host # name to server-generated pages (error documents, FTP directory listings, # mod_status and mod_info output etc., but not CGI generated documents). # Set to "EMail" to also include a mailto: link to the ServerAdmin. # Set to one of:* On | Off | EMail # # Note: this is set by SuSEconfig according to the setting of the # HTTPD_SEC_SAY_FULLNAME variable in /etc/sysconfig/apache! ServerSignature On # EBCDIC configuration: # (only for mainframes using the EBCDIC codeset, currently one of: # Fujitsu-Siemens' BS2000/OSD, IBM's OS/390 and IBM's TPF)!! # The following default configuration assumes that "text files" # are stored in EBCDIC (so that you can operate on them using the # normal POSIX tools like grep and sort) while "binary files" are # stored with identical octets as on an ASCII machine. # # The directives are evaluated in configuration file order, with # the EBCDICConvert directives applied before EBCDICConvertByType. # # If you want to have ASCII HTML documents and EBCDIC HTML documents # at the same time, you can use the file extension to force # conversion off for the ASCII documents: # > AddType* * * text/html .ahtml # > EBCDICConvert Off=InOut .ahtml # # EBCDICConvertByType* On=InOut text/* message/* multipart/* # EBCDICConvertByType* On=In* * application/x-www-form-urlencoded # EBCDICConvertByType* On=InOut application/postscript model/vrml # EBCDICConvertByType Off=InOut */* # # Aliases: Add here as many aliases as you need (with no limit). The format is # Alias fakename realname # <IfModule mod_alias.c> * * # * * # Note that if you include a trailing / on fakename then the server will * * # require it to be present in the URL.* So "/icons" isn't aliased in this * * # example, only "/icons/".* If the fakename is slash-terminated, then the * * # realname must also be slash terminated, and if the fakename omits the * * # trailing slash, the realname must also omit it. * * # * * Alias /icons/ "/srv/www/icons/" * * <Directory "/srv/www/icons"> * * * * Options Indexes MultiViews * * * * AllowOverride None * * * * Order allow,deny * * * * Allow from all * * </Directory> * * # This Alias will project the on-line documentation tree under /manual/ * * # even if you change the DocumentRoot. Comment it if you don't want to * * # provide access to the on-line documentation. * * # * * Alias /manual/ "/srv/www/htdocs/manual/" * * <Directory "/srv/www/htdocs/manual"> * * * * Options Indexes FollowSymlinks MultiViews * * * * AllowOverride None * * * * Order allow,deny * * * * Allow from all * * </Directory> * * # * * # ScriptAlias: This controls which directories contain server scripts. * * # ScriptAliases are essentially the same as Aliases, except that * * # documents in the realname directory are treated as applications and * * # run by the server when requested rather than as documents sent to the client. * * # The same rules about trailing "/" apply to ScriptAlias directives as to * * # Alias. * * # * * ScriptAlias /cgi-bin/ "/srv/www/cgi-bin/" <IfModule mod_perl.c> * * # Provide two aliases to the same cgi-bin directory, * * # to see the effects of the 2 different mod_perl modes. * * # for Apache::Registry Mode * * ScriptAlias /perl/* * * * * "/srv/www/cgi-bin/" * * # for Apache:  erlrun Mode* * ScriptAlias /cgi-perl/* * * "/srv/www/cgi-bin/" </IfModule> * * # * * # "/srv/www/cgi-bin" should be changed to whatever your ScriptAliased * * # CGI directory exists, if you have that configured. * * # * * <Directory "/srv/www/cgi-bin"> * * * * AllowOverride None * * * * Options None * * * * Order allow,deny * * * * Allow from all * * </Directory> </IfModule> # End of aliases. # # set /cgi-bin for CGI execution # <Location /cgi-bin> AllowOverride None Options +ExecCGI -Includes SetHandler cgi-script </Location> # # If mod_perl is activated, load configuration information # <IfModule mod_perl.c> Perlrequire /usr/include/apache/modules/perl/startup.perl PerlModule Apache::Registry # # set Apache::Registry Mode for /perl Alias # <Location /perl> SetHandler* perl-script PerlHandler Apache::Registry Options ExecCGI PerlSendHeader On </Location> # # set Apache: erlRun Mode for /cgi-perl Alias# <Location /cgi-perl> SetHandler* perl-script PerlHandler Apache: erlRunOptions ExecCGI PerlSendHeader On </Location> </IfModule> # # Redirect allows you to tell clients about documents which used to exist in # your server's namespace, but do not anymore. This allows you to tell the # clients where to look for the relocated document. # Format: Redirect old-URI new-URL # # # Directives controlling the display of server-generated directory listings. # <IfModule mod_autoindex.c> * * # * * # FancyIndexing is whether you want fancy directory indexing or standard * * # * * IndexOptions FancyIndexing * * # * * # AddIcon* directives tell the server which icon to show for different * * # files or filename extensions.* These are only displayed for * * # FancyIndexed directories. * * # * * AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip * * AddIconByType (TXT,/icons/text.gif) text/* * * AddIconByType (IMG,/icons/image2.gif) image/* * * AddIconByType (SND,/icons/sound2.gif) audio/* * * AddIconByType (VID,/icons/movie.gif) video/* * * AddIcon /icons/binary.gif .bin .exe * * AddIcon /icons/binhex.gif .hqx * * AddIcon /icons/tar.gif .tar * * AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv * * AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip * * AddIcon /icons/a.gif .ps .ai .eps * * AddIcon /icons/layout.gif .html .shtml .htm .pdf * * AddIcon /icons/text.gif .txt * * AddIcon /icons/c.gif .c * * AddIcon /icons/p.gif .pl .py * * AddIcon /icons/f.gif .for * * AddIcon /icons/dvi.gif .dvi * * AddIcon /icons/uuencoded.gif .uu * * AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl * * AddIcon /icons/tex.gif .tex * * AddIcon /icons/bomb.gif core * * AddIcon /icons/back.gif .. * * AddIcon /icons/hand.right.gif README * * AddIcon /icons/folder.gif ^^DIRECTORY^^ * * AddIcon /icons/blank.gif ^^BLANKICON^^ * * # * * # DefaultIcon is which icon to show for files which do not have an icon * * # explicitly set. * * # * * DefaultIcon /icons/unknown.gif * * # * * # AddDescription allows you to place a short description after a file in * * # server-generated indexes.* These are only displayed for FancyIndexed * * # directories. * * # Format: AddDescription "description" filename * * # * * AddDescription "GZIP compressed document" .gz * * AddDescription "tar archive" .tar * * AddDescription "GZIP compressed tar archive" .tgz * * # * * # ReadmeName is the name of the README file the server will look for by * * # default, and append to directory listings. * * # * * # HeaderName is the name of a file which should be prepended to * * # directory indexes. * * # * * # If MultiViews are amongst the Options in effect, the server will * * # first look for name.html and include it if found.* If name.html * * # doesn't exist, the server will then look for name.txt and include * * # it as plaintext if found. * * # * * ReadmeName README * * HeaderName HEADER * * # * * # IndexIgnore is a set of filenames which directory indexing should ignore * * # and not include in the listing.* Shell-style wildcarding is permitted. * * # * * IndexIgnore .??* *~ *#* RCS CVS *,v *,t </IfModule> # End of indexing directives. # # Document types. # <IfModule mod_mime.c> * * # * * # AddEncoding allows you to have certain browsers (Mosaic/X 2.1+) uncompress * * # information on the fly. Note: Not all browsers support this. * * # Despite the name similarity, the following Add* directives have nothing * * # to do with the FancyIndexing customization directives above. * * # * * AddEncoding x-compress Z * * AddEncoding x-gzip gz tgz * * # * * # AddLanguage allows you to specify the language of a document. You can * * # then use content negotiation to give a browser a file in a language * * # it can understand.* * * # * * # Note 1: The suffix does not have to be the same as the language * * # keyword --- those with documents in Polish (whose net-standard * * # language code is pl) may wish to use "AddLanguage pl .po" to * * # avoid the ambiguity with the common suffix for perl scripts. * * # * * # Note 2: The example entries below illustrate that in quite * * # some cases the two character 'Language' abbreviation is not * * # identical to the two character 'Country' code for its country, * * # E.g. 'Danmark/dk' versus 'Danish/da'. * * # * * # Note 3: In the case of 'ltz' we violate the RFC by using a three char * * # specifier. But there is 'work in progress' to fix this and get * * # the reference data for rfc1766 cleaned up. * * # * * # Danish (da) - Dutch (nl) - English (en) - Estonian (ee) * * # French (fr) - German (de) - Greek-Modern (el) * * # Italian (it) - Korean (kr) - Norwegian (no) - Norwegian Nynorsk (nn) * * # Portugese (pt) - Luxembourgeois* (ltz) * * # Spanish (es) - Swedish (sv) - Catalan (ca) - Czech(cz) * * # Polish (pl) - Brazilian Portuguese (pt-br) - Japanese (ja) * * # Russian (ru) * * # * * AddLanguage da .dk * * AddLanguage nl .nl * * AddLanguage en .en * * AddLanguage et .ee * * AddLanguage fr .fr * * AddLanguage de .de * * AddLanguage el .el * * AddLanguage he .he * * AddCharset ISO-8859-8 .iso8859-8 * * AddLanguage it .it * * AddLanguage ja .ja * * AddCharset ISO-2022-JP .jis * * AddLanguage kr .kr * * AddCharset ISO-2022-KR .iso-kr * * AddLanguage nn .nn * * AddLanguage no .no * * AddLanguage pl .po * * AddCharset ISO-8859-2 .iso-pl * * AddLanguage pt .pt * * AddLanguage pt-br .pt-br * * AddLanguage ltz .lu * * AddLanguage ca .ca * * AddLanguage es .es * * AddLanguage sv .sv * * AddLanguage cz .cz * * AddLanguage ru .ru * * AddLanguage zh-tw .tw * * AddLanguage tw .tw * * AddCharset Big5* * * * .Big5* * .big5 * * AddCharset WINDOWS-1251 .cp-1251 * * AddCharset CP866* * * * .cp866 * * AddCharset ISO-8859-5* .iso-ru * * AddCharset KOI8-R* * * .koi8-r * * AddCharset UCS-2* * * * .ucs2 * * AddCharset UCS-4* * * * .ucs4 * * AddCharset UTF-8* * * * .utf8 * * # LanguagePriority allows you to give precedence to some languages * * # in case of a tie during content negotiation. * * # * * # Just list the languages in decreasing order of preference. We have * * # more or less alphabetized them here. You probably want to change this. * * # * * <IfModule mod_negotiation.c> * * * * LanguagePriority en da nl et fr de el it ja kr no pl pt pt-br ru ltz ca es sv tw * * </IfModule> * * # * * # AddType allows you to tweak mime.types without actually editing it, or to * * # make certain files to be certain types. * * # * * AddType application/x-tar .tgz * * AddType image/x-icon .ico * * # Some more types: * * # * * # PHP 3.x: * * # * * <IfModule mod_php3.c> * * AddType application/x-httpd-php3 .php3 * * AddType application/x-httpd-php3-source .phps * * AddType application/x-httpd-php3 .phtml * * </IfModule> * * # * * # PHP 4.x: * * # * * <IfModule mod_php4.c> * * AddType application/x-httpd-php .php * * AddType application/x-httpd-php .php4 * * AddType application/x-httpd-php-source .phps * * </IfModule> * * # * * # mod_dtcl can execute tcl scripts * * # * * <IfModule mod_dtcl.c> * * AddType application/x-httpd-tcl .ttml * * AddType application/x-dtcl-tcl* .tcl * * </IfModule> * * AddType text/vnd.wap.wml wml * * AddType text/vnd.wap.wmlscript wmls * * AddType application/vnd.wap.wmlc wmlc * * AddType application/vnd.wap.wmlscriptc wmlsc * * Addtype image/vnd.wap.wbmp wbmp * * # * * # AddHandler allows you to map certain file extensions to "handlers", * * # actions unrelated to filetype. These can be either built into the server * * # or added with the Action command (see below) * * # * * # If you want to use server side includes, or CGI outside * * # ScriptAliased directories, uncomment the following lines. * * # * * # To use CGI scripts: * * # * * AddHandler cgi-script .cgi * * # * * # To use server-parsed HTML files * * # * * AddType text/html .shtml * * AddHandler server-parsed .shtml * * # * * # Uncomment the following line to enable Apache's send-asis HTTP file * * # feature * * # * * #AddHandler send-as-is asis * * # * * # If you wish to use server-parsed imagemap files, use * * # * * #AddHandler imap-file map * * # * * # To enable type maps, you might want to use * * # * * #AddHandler type-map var </IfModule> # End of document types. # # Action lets you define media types that will execute a script whenever # a matching file is called. This eliminates the need for repeated URL # pathnames for oft-used CGI file processors. # Format: Action media/type /cgi-script/location # Format: Action handler-name /cgi-script/location # # # MetaDir: specifies the name of the directory in which Apache can find # meta information files. These files contain additional HTTP headers # to include when sending the document # #MetaDir .web # # MetaSuffix: specifies the file name suffix for the file containing the # meta information. # #MetaSuffix .meta # # Customizable error response (Apache style) #* these come in three flavors # #* * 1) plain text #ErrorDocument 500 "The server made a boo boo. #* n.b.* the single leading (") marks it as text, it does not get output # #* * 2) local redirects #ErrorDocument 404 /missing.html #* to redirect to local URL /missing.html #ErrorDocument 404 /cgi-bin/missing_handler.pl #* N.B.: You can redirect to a script or a document using server-side-includes. # #* * 3) external redirects #ErrorDocument 402 http://some.other-server.com/subscription_info.html #* N.B.: Many of the environment variables associated with the original #* request will *not* be available to such a script. # # Customize behaviour based on the browser # <IfModule mod_setenvif.c> * * # * * # The following directives modify normal HTTP response behavior. * * # The first directive disables keepalive for Netscape 2.x and browsers that * * # spoof it. There are known problems with these browser implementations. * * # The second directive is for Microsoft Internet Explorer 4.0b2 * * # which has a broken HTTP/1.1 implementation and does not properly * * # support keepalive when it is used on 301 or 302 (redirect) responses. * * # * * BrowserMatch "Mozilla/2" nokeepalive * * BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0 * * # * * # The following directive disables HTTP/1.1 responses to browsers which * * # are in violation of the HTTP/1.0 spec by not being able to grok a * * # basic 1.1 response. * * # * * BrowserMatch "RealPlayer 4\.0" force-response-1.0 * * BrowserMatch "Java/1\.0" force-response-1.0 * * BrowserMatch "JDK/1\.0" force-response-1.0 </IfModule> # End of browser customization directives # # Allow server status reports, with the URL of http://servername/server-status # Change the ".your-domain.com" to match your domain to enable. # # Note: apache is started (by /etc/init.d/apache) with -D STATUS if # HTTPD_SEC_ACCESS_SERVERINFO is set to "yes" in # /etc/sysconfig/apache. <IfDefine STATUS> <Location /server-status> * * SetHandler server-status * * Order deny,allow * * Deny from all * * Allow from localhost </Location> # # Allow remote server configuration reports, with the URL of # http://servername/server-info (requires that mod_info.c be loaded). # Change the ".your-domain.com" to match your domain to enable. # <Location /server-info> * * SetHandler server-info * * Order deny,allow * * Deny from all * * Allow from localhost </Location> # # enable perl-status for mod_perl # <IfModule mod_perl.c> <Location /perl-status> * * SetHandler perl-script * * PerlHandler Apache::Status * * order deny,allow * * deny from all * * allow from localhost </Location> </IfModule> </IfDefine> # # There have been reports of people trying to abuse an old bug from pre-1.1 # days.* This bug involved a CGI script distributed as a part of Apache. # By uncommenting these lines you can redirect these attacks to a logging # script on phf.apache.org.* Or, you can record them yourself, using the script # support/phf_abuse_log.cgi. # #<Location /cgi-bin/phf*> #* * Deny from all #* * ErrorDocument 403 http://phf.apache.org/phf_abuse_log.cgi #</Location> # # Proxy Server directives. Uncomment the following lines to # enable the proxy server: # #<IfModule mod_proxy.c> #* * ProxyRequests On #* * <Directory proxy:*> #* * * * Order deny,allow #* * * * Deny from all #* * * * Allow from .your-domain.com #* * </Directory> * * # * * # Enable/disable the handling of HTTP/1.1 "Via:" headers. * * # ("Full" adds the server version; "Block" removes all outgoing Via: headers) * * # Set to one of: Off | On | Full | Block * * # #* * ProxyVia On * * # * * # To enable the cache as well, edit and uncomment the following lines: * * # (no cacheing without CacheRoot) * * # #* * CacheRoot "/var/cache/httpd" #* * CacheSize 5 #* * CacheGcInterval 4 #* * CacheMaxExpire 24 #* * CacheLastModifiedFactor 0.1 #* * CacheDefaultExpire 1 #* * NoCache a-domain.com another-domain.edu joes.garage-sale.com #</IfModule> # End of proxy directives. ### Section 3: Virtual Hosts # # VirtualHost: If you want to maintain multiple domains/hostnames on your # machine you can setup VirtualHost containers for them. Most configurations # use only name-based virtual hosts so the server doesn't need to worry about # IP addresses. This is indicated by the asterisks in the directives below. # # Please see the documentation at <URL:http://www.apache.org/docs/vhosts/> # for further details before you try to setup virtual hosts. # # You may use the command line option '-S' to verify your virtual host # configuration. # # Use name-based virtual hosting. # #NameVirtualHost * # # VirtualHost example: # Almost any Apache directive may go into a VirtualHost container. # The first VirtualHost section is used for requests without a known # server name. # #<VirtualHost *> #* * ServerAdmin webmaster@dummy-host.example.com #* * DocumentRoot /www/docs/dummy-host.example.com #* * ServerName dummy-host.example.com #* * ErrorLog logs/dummy-host.example.com-error_log #* * CustomLog logs/dummy-host.example.com-access_log common #</VirtualHost> #<VirtualHost _default_:*> #</VirtualHost> ## ##* SSL Global Context ## ##* All SSL configuration in this context applies both to ##* the main server and all SSL-enabled virtual hosts. ## # #* Some MIME-types for downloading Certificates and CRLs # <IfDefine SSL> AddType application/x-x509-ca-cert .crt AddType application/x-pkcs7-crl* * .crl </IfDefine> <IfModule mod_ssl.c> #* Pass Phrase Dialog: #* Configure the pass phrase gathering process. #* The filtering dialog program (`builtin' is a internal #* terminal dialog) has to provide the pass phrase on stdout. SSLPassPhraseDialog* builtin #* Inter-Process Session Cache: #* Configure the SSL Session Cache: First the mechanism #* to use and second the expiring timeout (in seconds, default=300). #* shm means the same as shmht. #* Note that on most platforms shared memory segments are not allowed to be on #* network-mounted drives, so in that case you need to use the dbm method. #SSLSessionCache* * * * none #SSLSessionCache* * * * shmht:/var/run/ssl_scache(512000) #SSLSessionCache* * * * shmcb:/var/run/ssl_scache(512000) #SSLSessionCache* * * * dbm:/var/run/ssl_scache SSLSessionCache* * * * shmcb:/var/lib/httpd/ssl_scache SSLSessionCacheTimeout* 600 #* Semaphore: #* Configure the path to the mutual exclusion semaphore the #* SSL engine uses internally for inter-process synchronization. #SSLMutex* file:/var/run/ssl_mutex SSLMutex* sem #* Pseudo Random Number Generator (PRNG): #* Configure one or more sources to seed the PRNG of the #* SSL library. The seed data should be of good random quality. #* WARNING! On some platforms /dev/random blocks if not enough entropy #* is available. This means you then cannot use the /dev/random device #* because it would lead to very long connection times (as long as #* it requires to make more entropy available). But usually those #* platforms additionally provide a /dev/urandom device which doesn't #* block. So, if available, use this one instead. Read the mod_ssl User #* Manual for more details. SSLRandomSeed startup builtin SSLRandomSeed connect builtin #SSLRandomSeed startup file:/dev/random* 512 #SSLRandomSeed startup file:/dev/urandom 512 #SSLRandomSeed connect file:/dev/random* 512 #SSLRandomSeed connect file:/dev/urandom 512 #* Logging: #* The home of the dedicated SSL protocol logfile. Errors are #* additionally duplicated in the general error log file.* Put #* this somewhere where it cannot be used for symlink attacks on #* a real server (i.e. somewhere where only root can write). #* Log levels are (ascending order: higher ones include lower ones): #* none, error, warn, info, trace, debug. SSLLog* * * /var/log/httpd/ssl_engine_log SSLLogLevel info </IfModule> <IfDefine SSL> ## ## SSL Virtual Host Context ## <VirtualHost _default_:443> #* General setup for the virtual host DocumentRoot "/srv/www/htdocs" ServerName new.host.name ServerAdmin you@your.address ErrorLog /var/log/httpd/error_log TransferLog /var/log/httpd/access_log #* SSL Engine Switch: #* Enable/Disable SSL for this virtual host. SSLEngine on #* SSL Cipher Suite: #* List the ciphers that the client is permitted to negotiate. #* See the mod_ssl documentation for a complete list. SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSL v2:+EXP:+eNULL #* Server Certificate: #* Point SSLCertificateFile at a PEM encoded certificate.* If #* the certificate is encrypted, then you will be prompted for a #* pass phrase.* Note that a kill -HUP will prompt again. A test #* certificate can be generated with `make certificate' under #* built time. Keep in mind that if you've both a RSA and a DSA #* certificate you can configure both in parallel (to also allow #* the use of DSA ciphers, etc.) SSLCertificateFile /etc/httpd/ssl.crt/server.crt #SSLCertificateFile /etc/httpd/ssl.crt/server-dsa.crt #* Server Private Key: #* If the key is not combined with the certificate, use this #* directive to point at the key file.* Keep in mind that if #* you've both a RSA and a DSA private key you can configure #* both in parallel (to also allow the use of DSA ciphers, etc.) SSLCertificateKeyFile /etc/httpd/ssl.key/server.key #SSLCertificateKeyFile /etc/httpd/ssl.key/server-dsa.key #* Server Certificate Chain: #* Point SSLCertificateChainFile at a file containing the #* concatenation of PEM encoded CA certificates which form the #* certificate chain for the server certificate. Alternatively #* the referenced file can be the same as SSLCertificateFile #* when the CA certificates are directly appended to the server #* certificate for convinience. #SSLCertificateChainFile /etc/httpd/ssl.crt/ca.crt #* Certificate Authority (CA): #* Set the CA certificate verification path where to find CA #* certificates for client authentication or alternatively one #* huge file containing all of them (file must be PEM encoded) #* Note: Inside SSLCACertificatePath you need hash symlinks #* * * * to point to the certificate files. Use the provided #* * * * Makefile to update the hash symlinks after changes. #SSLCACertificatePath /etc/httpd/ssl.crt #SSLCACertificateFile /etc/httpd/ssl.crt/ca-bundle.crt #* Certificate Revocation Lists (CRL): #* Set the CA revocation path where to find CA CRLs for client #* authentication or alternatively one huge file containing all #* of them (file must be PEM encoded) #* Note: Inside SSLCARevocationPath you need hash symlinks #* * * * to point to the certificate files. Use the provided #* * * * Makefile to update the hash symlinks after changes. #SSLCARevocationPath /etc/httpd/ssl.crl #SSLCARevocationFile /etc/httpd/ssl.crl/ca-bundle.crl #* Client Authentication (Type): #* Client certificate verification type and depth.* Types are #* none, optional, require and optional_no_ca.* Depth is a #* number which specifies how deeply to verify the certificate #* issuer chain before deciding the certificate is not valid. #SSLVerifyClient require #SSLVerifyDepth* 10 #* Access Control: #* With SSLRequire you can do per-directory access control based #* on arbitrary complex boolean expressions containing server #* variable checks and other lookup directives.* The syntax is a #* mixture between C and Perl.* See the mod_ssl documentation #* for more details. #<Location /> #SSLRequire (* * %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \ #* * * * * * and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \ #* * * * * * and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \ #* * * * * * and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \ #* * * * * * and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20* * * ) \ #* * * * * or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/ #</Location> #* SSL Engine Options: #* Set various options for the SSL engine. #* o FakeBasicAuth: #* * Translate the client X.509 into a Basic Authorisation.* This means that #* * the standard Auth/DBMAuth methods can be used for access control.* The #* * user name is the `one line' version of the client's X.509 certificate. #* * Note that no password is obtained from the user. Every entry in the user #* * file needs this password: `xxj31ZMTZzkVA'. #* o ExportCertData: #* * This exports two additional environment variables: SSL_CLIENT_CERT and #* * SSL_SERVER_CERT. These contain the PEM-encoded certificates of the #* * server (always existing) and the client (only existing when client #* * authentication is used). This can be used to import the certificates #* * into CGI scripts. #* o StdEnvVars: #* * This exports the standard SSL/TLS related `SSL_*' environment variables. #* * Per default this exportation is switched off for performance reasons, #* * because the extraction step is an expensive ope |
|
25-Apr-2004, 21:27
|
|||
|
|||
|
... add a virtual hosts, put it in httpd.conf:
------------------------------------------------------------------------------------------ <VirtualHost www.yourvirtualsite.net> ServerName yourvirtualsite.net NameVirtualHost 222.111.222.111 ServerAdmin webmaster@yourvirtualsite.net DocumentRoot /www/yourvirtualsite.net/htdocs CustomLog /www/yourvirtualsite.net/logs/access_log combined ErrorLog /www/yourvirtualsite.net/logs/error_log ErrorDocument 404 /error/404.html ScriptAlias /cgi-bin/ "/www/yourvirtualsite.net/cgi-bin/" </VirtualHost> <VirtualHost yourvirtualsite.com> ServerName yourvirtualsite.com ServerAdmin webmaster@yourvirtualsite.com DocumentRoot /www/yourvirtualsite.com/htdocs CustomLog /www/yourvirtualsite.com/logs/access_log combined ErrorLog /www/yourvirtualsite.com/logs/error_log ErrorDocument 404 /error/404.html ScriptAlias /cgi-bin/ "/www/yourvirtualsite.com/cgi-bin/" </VirtualHost> ------------------------------------------------------------------------------------------ Notes: 1. The secound virtual host dont need a NameVirtualHost parameter... 2. I use combined logs to Awstats analyze... 3. Put your correct directory and domains in conf... ...and Have a lot of Fun 
|
|
31-Dec-2004, 02:37
|
|||
|
|||
|
I know this is an odd request but can someone post just the plain unconfigured httpd.conf file for apache?
|
|
31-Dec-2004, 23:45
|
|||
|
|||
|
Quote:
Code:
# # Based upon the NCSA server configuration files originally by Rob McCool. # # This is the main Apache server configuration file. *It contains the # configuration directives that give the server its instructions. # See <URL:http://httpd.apache.org/docs/> for detailed information about # the directives. # # Do NOT simply read the instructions in here without understanding # what they do. *They're here only as hints or reminders. *If you are unsure # consult the online docs. You have been warned. * # # After this file is processed, the server will look for and process # conf/srm.conf and then conf/access.conf # unless you have overridden these with ResourceConfig and/or # AccessConfig directives here. # # The configuration directives are grouped into three basic sections: # *1. Directives that control the operation of the Apache server process as a # * * whole (the 'global environment'). # *2. Directives that define the parameters of the 'main' or 'default' server, # * * which responds to requests that aren't handled by a virtual host. # * * These directives also provide default values for the settings # * * of all virtual hosts. # *3. Settings for virtual hosts, which allow Web requests to be sent to # * * different IP addresses or hostnames and have them handled by the # * * same Apache server process. # # Configuration and logfile names: If the filenames you specify for many # of the server's control files begin with "/" (or "drive:/" for Win32), the # server will use that explicit path. *If the filenames do *not* begin # with "/", the value of ServerRoot is prepended -- so "logs/foo.log" # with ServerRoot set to "/usr/local/apache" will be interpreted by the # server as "/usr/local/apache/logs/foo.log". # ### Section 1: Global Environment # # The directives in this section affect the overall operation of Apache, # such as the number of concurrent requests it can handle or where it # can find its configuration files. # # # ServerType is either inetd, or standalone. *Inetd mode is only supported on # Unix platforms. # ServerType standalone # # ServerRoot: The top of the directory tree under which the server's # configuration, error, and log files are kept. # # NOTE! *If you intend to place this on an NFS (or otherwise network) # mounted filesystem then please read the LockFile documentation # (available at <URL:http://www.apache.org/docs/mod/core.html#lockfile>); # you will save yourself a lot of trouble. # ServerRoot "@@ServerRoot@@" # # The LockFile directive sets the path to the lockfile used when Apache # is compiled with either USE_FCNTL_SERIALIZED_ACCEPT or # USE_FLOCK_SERIALIZED_ACCEPT. This directive should normally be left at # its default value. The main reason for changing it is if the logs # directory is NFS mounted, since the lockfile MUST BE STORED ON A LOCAL # DISK. The PID of the main server process is automatically appended to # the filename. # #LockFile logs/accept.lock # # PidFile: The file in which the server should record its process # identification number when it starts. # PidFile logs/httpd.pid # # ScoreBoardFile: File used to store internal server process information. # Not all architectures require this. *But if yours does (you'll know because # this file will be *created when you run Apache) then you *must* ensure that # no two invocations of Apache share the same scoreboard file. # ScoreBoardFile logs/apache_runtime_status # # In the standard configuration, the server will process httpd.conf (this # file, specified by the -f command line option), srm.conf, and access.conf # in that order. *The latter two files are now distributed empty, as it is # recommended that all directives be kept in a single file for simplicity. * # The commented-out values below are the built-in defaults. *You can have the # server ignore these files altogether by using "/dev/null" (for Unix) or # "nul" (for Win32) for the arguments to the directives. # #ResourceConfig conf/srm.conf #AccessConfig conf/access.conf # # Timeout: The number of seconds before receives and sends time out. # Timeout 300 # # KeepAlive: Whether or not to allow persistent connections (more than # one request per connection). Set to "Off" to deactivate. # KeepAlive On # # MaxKeepAliveRequests: The maximum number of requests to allow # during a persistent connection. Set to 0 to allow an unlimited amount. # We recommend you leave this number high, for maximum performance. # MaxKeepAliveRequests 100 # # KeepAliveTimeout: Number of seconds to wait for the next request from the # same client on the same connection. # KeepAliveTimeout 15 # # Server-pool size regulation. *Rather than making you guess how many # server processes you need, Apache dynamically adapts to the load it # sees --- that is, it tries to maintain enough server processes to # handle the current load, plus a few spare servers to handle transient # load spikes (e.g., multiple simultaneous requests from a single # Netscape browser). # # It does this by periodically checking how many servers are waiting # for a request. *If there are fewer than MinSpareServers, it creates # a new spare. *If there are more than MaxSpareServers, some of the # spares die off. *The default values are probably OK for most sites. # MinSpareServers 5 MaxSpareServers 10 # # Number of servers to start initially --- should be a reasonable ballpark # figure. # StartServers 5 # # Limit on total number of servers running, i.e., limit on the number # of clients who can simultaneously connect --- if this limit is ever # reached, clients will be LOCKED OUT, so it should NOT BE SET TOO LOW. # It is intended mainly as a brake to keep a runaway server from taking # the system with it as it spirals down... # MaxClients 150 # # MaxRequestsPerChild: the number of requests each child process is # allowed to process before the child dies. *The child will exit so # as to avoid problems after prolonged use when Apache (and maybe the # libraries it uses) leak memory or other resources. *On most systems, this # isn't really needed, but a few (such as Solaris) do have notable leaks # in the libraries. For these platforms, set to something like 10000 # or so; a setting of 0 means unlimited. # # NOTE: This value does not include keepalive requests after the initial # * * * request per connection. For example, if a child process handles # * * * an initial request and 10 subsequent "keptalive" requests, it # * * * would only count as 1 request towards this limit. # MaxRequestsPerChild 0 # # Listen: Allows you to bind Apache to specific IP addresses and/or # ports, instead of the default. See also the <VirtualHost> # directive. # #Listen 3000 #Listen 12.34.56.78:80 # # BindAddress: You can support virtual hosts with this option. This directive # is used to tell the server which IP address to listen to. It can either # contain "*", an IP address, or a fully qualified Internet domain name. # See also the <VirtualHost> and Listen directives. # #BindAddress * # # Dynamic Shared Object (DSO) Support # # To be able to use the functionality of a module which was built as a DSO you # have to place corresponding `LoadModule' lines at this location so the # directives contained in it are actually available _before_ they are used. # Please read the file http://httpd.apache.org/docs/dso.html for more # details about the DSO mechanism and run `httpd -l' for the list of already # built-in (statically linked and thus always available) modules in your httpd # binary. # # Note: The order in which modules are loaded is important. *Don't change # the order below without expert advice. # # Example: # LoadModule foo_module libexec/mod_foo.so # # ExtendedStatus controls whether Apache will generate "full" status # information (ExtendedStatus On) or just basic information (ExtendedStatus # Off) when the "server-status" handler is called. The default is Off. # #ExtendedStatus On ### Section 2: 'Main' server configuration # # The directives in this section set up the values used by the 'main' # server, which responds to any requests that aren't handled by a # <VirtualHost> definition. *These values also provide defaults for # any <VirtualHost> containers you may define later in the file. # # All of these directives may appear inside <VirtualHost> containers, # in which case these default settings will be overridden for the # virtual host being defined. # # # If your ServerType directive (set earlier in the 'Global Environment' # section) is set to "inetd", the next few directives don't have any # effect since their settings are defined by the inetd configuration. # Skip ahead to the ServerAdmin directive. # # # Port: The port to which the standalone server listens. For # ports < 1023, you will need httpd to be run as root initially. # Port 80 # # If you wish httpd to run as a different user or group, you must run # httpd as root initially and it will switch. * # # User/Group: The name (or #number) of the user/group to run httpd as. # *. On SCO (ODT 3) use "User nouser" and "Group nogroup". # *. On HPUX you may not be able to use shared memory as nobody, and the # * *suggested workaround is to create a user www and use that user. # *NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET) # *when the value of (unsigned)Group is above 60000; # *don't use Group "#-1" on these systems! # User nobody Group "#-1" # # ServerAdmin: Your address, where problems with the server should be # e-mailed. *This address appears on some server-generated pages, such # as error documents. # ServerAdmin you@your.address # # ServerName allows you to set a host name which is sent back to clients for # your server if it's different than the one the program would get (i.e., use # "www" instead of the host's real name). # # Note: You cannot just invent host names and hope they work. The name you # define here must be a valid DNS name for your host. If you don't understand # this, ask your network administrator. # If your host doesn't have a registered DNS name, enter its IP address here. # You will have to access it by its address (e.g., http://123.45.67.89/) # anyway, and this will make redirections work in a sensible way. # # 127.0.0.1 is the TCP/IP local loop-back address, often named localhost. Your # machine always knows itself by this address. If you use Apache strictly for # local testing and development, you may use 127.0.0.1 as the server name. # #ServerName www.example.com # # DocumentRoot: The directory out of which you will serve your # documents. By default, all requests are taken from this directory, but # symbolic links and aliases may be used to point to other locations. # DocumentRoot "@@ServerRoot@@/htdocs" # # Each directory to which Apache has access, can be configured with respect # to which services and features are allowed and/or disabled in that # directory (and its subdirectories). # # First, we configure the "default" to be a very restrictive set of # permissions. * # <Directory /> * *Options FollowSymLinks * *AllowOverride None </Directory> # # Note that from this point forward you must specifically allow # particular features to be enabled - so if something's not working as # you might expect, make sure that you have specifically enabled it # below. # # # This should be changed to whatever you set DocumentRoot to. # <Directory "@@ServerRoot@@/htdocs"> # # This may also be "None", "All", or any combination of "Indexes", # "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews". # # Note that "MultiViews" must be named *explicitly* --- "Options All" # doesn't give it to you. # * *Options Indexes FollowSymLinks MultiViews # # This controls which options the .htaccess files in directories can # override. Can also be "All", or any combination of "Options", "FileInfo", # "AuthConfig", and "Limit" # * *AllowOverride None # # Controls who can get stuff from this server. # * *Order allow,deny * *Allow from all </Directory> # # UserDir: The name of the directory which is appended onto a user's home # directory if a ~user request is received. # <IfModule mod_userdir.c> * *UserDir public_html </IfModule> # # Control access to UserDir directories. *The following is an example # for a site where these directories are restricted to read-only. # #<Directory /home/*/public_html> # * *AllowOverride FileInfo AuthConfig Limit # * *Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec # * *<Limit GET POST OPTIONS PROPFIND> # * * * *Order allow,deny # * * * *Allow from all # * *</Limit> # * *<LimitExcept GET POST OPTIONS PROPFIND> # * * * *Order deny,allow # * * * *Deny from all # * *</LimitExcept> #</Directory> # # DirectoryIndex: Name of the file or files to use as a pre-written HTML # directory index. *Separate multiple entries with spaces. # <IfModule mod_dir.c> * *DirectoryIndex index.html </IfModule> # # AccessFileName: The name of the file to look for in each directory # for access control information. # AccessFileName .htaccess # # The following lines prevent .htaccess files from being viewed by # Web clients. *Since .htaccess files often contain authorization # information, access is disallowed for security reasons. *Comment # these lines out if you want Web visitors to see the contents of # .htaccess files. *If you change the AccessFileName directive above, # be sure to make the corresponding changes here. # # Also, folks tend to use names such as .htpasswd for password # files, so this will protect those as well. # <Files ~ "^\.ht"> * *Order allow,deny * *Deny from all * *Satisfy All </Files> # # CacheNegotiatedDocs: By default, Apache sends "Pragma: no-cache" with each # document that was negotiated on the basis of content. This asks proxy # servers not to cache the document. Uncommenting the following line disables # this behavior, and proxies will be allowed to cache the documents. # #CacheNegotiatedDocs # # UseCanonicalName: *(new for 1.3) *With this setting turned on, whenever # Apache needs to construct a self-referencing URL (a URL that refers back # to the server the response is coming from) it will use ServerName and # Port to form a "canonical" name. *With this setting off, Apache will # use the hostname:port that the client supplied, when possible. *This # also affects SERVER_NAME and SERVER_PORT in CGI scripts. # UseCanonicalName On # # TypesConfig describes where the mime.types file (or equivalent) is # to be found. # <IfModule mod_mime.c> * *TypesConfig conf/mime.types </IfModule> # # DefaultType is the default MIME type the server will use for a document # if it cannot otherwise determine one, such as from filename extensions. # If your server contains mostly text or HTML documents, "text/plain" is # a good value. *If most of your content is binary, such as applications # or images, you may want to use "application/octet-stream" instead to # keep browsers from trying to display binary files as though they are # text. # DefaultType text/plain # # The mod_mime_magic module allows the server to use various hints from the # contents of the file itself to determine its type. *The MIMEMagicFile # directive tells the module where the hint definitions are located. # mod_mime_magic is not part of the default server (you have to add # it yourself with a LoadModule [see the DSO paragraph in the 'Global # Environment' section], or recompile the server and include mod_mime_magic # as part of the configuration), so it's enclosed in an <IfModule> container. # This means that the MIMEMagicFile directive will only be processed if the # module is part of the server. # <IfModule mod_mime_magic.c> * *MIMEMagicFile conf/magic </IfModule> # # HostnameLookups: Log the names of clients or just their IP addresses # e.g., www.apache.org (on) or 204.62.129.132 (off). # The default is off because it'd be overall better for the net if people # had to knowingly turn this feature on, since enabling it means that # each client request will result in AT LEAST one lookup request to the # nameserver. # HostnameLookups Off # # ErrorLog: The location of the error log file. # If you do not specify an ErrorLog directive within a <VirtualHost> # container, error messages relating to that virtual host will be # logged here. *If you *do* define an error logfile for a <VirtualHost> # container, that host's errors will be logged there and not here. # ErrorLog logs/error_log # # LogLevel: Control the number of messages logged to the error_log. # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. # LogLevel warn # # The following directives define some format nicknames for use with # a CustomLog directive (see below). # LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%h %l %u %t \"%r\" %>s %b" common LogFormat "%{Referer}i -> %U" referer LogFormat "%{User-agent}i" agent # # The location and format of the access logfile (Common Logfile Format). # If you do not define any access logfiles within a <VirtualHost> # container, they will be logged here. *Contrariwise, if you *do* # define per-<VirtualHost> access logfiles, transactions will be # logged therein and *not* in this file. # CustomLog logs/access_log common # # If you would like to have agent and referer logfiles, uncomment the # following directives. # #CustomLog logs/referer_log referer #CustomLog logs/agent_log agent # # If you prefer a single logfile with access, agent, and referer information # (Combined Logfile Format) you can use the following directive. # #CustomLog logs/access_log combined # # Optionally add a line containing the server version and virtual host # name to server-generated pages (error documents, FTP directory listings, # mod_status and mod_info output etc., but not CGI generated documents). # Set to "EMail" to also include a mailto: link to the ServerAdmin. # Set to one of: *On | Off | EMail # ServerSignature On # EBCDIC configuration: # (only for mainframes using the EBCDIC codeset, currently one of: # Fujitsu-Siemens' BS2000/OSD, IBM's OS/390 and IBM's TPF)!! # The following default configuration assumes that "text files" # are stored in EBCDIC (so that you can operate on them using the # normal POSIX tools like grep and sort) while "binary files" are # stored with identical octets as on an ASCII machine. # # The directives are evaluated in configuration file order, with # the EBCDICConvert directives applied before EBCDICConvertByType. # # If you want to have ASCII HTML documents and EBCDIC HTML documents # at the same time, you can use the file extension to force # conversion off for the ASCII documents: # > AddType * * * text/html .ahtml # > EBCDICConvert Off=InOut .ahtml # # EBCDICConvertByType *On=InOut text/* message/* multipart/* # EBCDICConvertByType *On=In * *application/x-www-form-urlencoded # EBCDICConvertByType *On=InOut application/postscript model/vrml # EBCDICConvertByType Off=InOut */* # # Aliases: Add here as many aliases as you need (with no limit). The format is # Alias fakename realname # <IfModule mod_alias.c> * *# * *# Note that if you include a trailing / on fakename then the server will * *# require it to be present in the URL. *So "/icons" isn't aliased in this * *# example, only "/icons/". *If the fakename is slash-terminated, then the * *# realname must also be slash terminated, and if the fakename omits the * *# trailing slash, the realname must also omit it. * *# * *Alias /icons/ "@@ServerRoot@@/icons/" * *<Directory "@@ServerRoot@@/icons"> * * * *Options Indexes MultiViews * * * *AllowOverride None * * * *Order allow,deny * * * *Allow from all * *</Directory> * *# This Alias will project the on-line documentation tree under /manual/ * *# even if you change the DocumentRoot. Comment it if you don't want to * *# provide access to the on-line documentation. * *# * *Alias /manual/ "@@ServerRoot@@/htdocs/manual/" * *<Directory "@@ServerRoot@@/htdocs/manual"> * * * *Options Indexes FollowSymlinks MultiViews * * * *AllowOverride None * * * *Order allow,deny * * * *Allow from all * *</Directory> * *# * *# ScriptAlias: This controls which directories contain server scripts. * *# ScriptAliases are essentially the same as Aliases, except that * *# documents in the realname directory are treated as applications and * *# run by the server when requested rather than as documents sent to the client. * *# The same rules about trailing "/" apply to ScriptAlias directives as to * *# Alias. * *# * *ScriptAlias /cgi-bin/ "@@ServerRoot@@/cgi-bin/" * *# * *# "@@ServerRoot@@/cgi-bin" should be changed to whatever your ScriptAliased * *# CGI directory exists, if you have that configured. * *# * *<Directory "@@ServerRoot@@/cgi-bin"> * * * *AllowOverride None * * * *Options None * * * *Order allow,deny * * * *Allow from all * *</Directory> </IfModule> # End of aliases. # # Redirect allows you to tell clients about documents which used to exist in # your server's namespace, but do not anymore. This allows you to tell the # clients where to look for the relocated document. # Format: Redirect old-URI new-URL # # # Directives controlling the display of server-generated directory listings. # <IfModule mod_autoindex.c> * *# * *# FancyIndexing is whether you want fancy directory indexing or standard * *# * *IndexOptions FancyIndexing * *# * *# AddIcon* directives tell the server which icon to show for different * *# files or filename extensions. *These are only displayed for * *# FancyIndexed directories. * *# * *AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip * *AddIconByType (TXT,/icons/text.gif) text/* * *AddIconByType (IMG,/icons/image2.gif) image/* * *AddIconByType (SND,/icons/sound2.gif) audio/* * *AddIconByType (VID,/icons/movie.gif) video/* * *AddIcon /icons/binary.gif .bin .exe * *AddIcon /icons/binhex.gif .hqx * *AddIcon /icons/tar.gif .tar * *AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv * *AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip * *AddIcon /icons/a.gif .ps .ai .eps * *AddIcon /icons/layout.gif .html .shtml .htm .pdf * *AddIcon /icons/text.gif .txt * *AddIcon /icons/c.gif .c * *AddIcon /icons/p.gif .pl .py * *AddIcon /icons/f.gif .for * *AddIcon /icons/dvi.gif .dvi * *AddIcon /icons/uuencoded.gif .uu * *AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl * *AddIcon /icons/tex.gif .tex * *AddIcon /icons/bomb.gif core * *AddIcon /icons/back.gif .. * *AddIcon /icons/hand.right.gif README * *AddIcon /icons/folder.gif ^^DIRECTORY^^ * *AddIcon /icons/blank.gif ^^BLANKICON^^ * *# * *# DefaultIcon is which icon to show for files which do not have an icon * *# explicitly set. * *# * *DefaultIcon /icons/unknown.gif * *# * *# AddDescription allows you to place a short description after a file in * *# server-generated indexes. *These are only displayed for FancyIndexed * *# directories. * *# Format: AddDescription "description" filename * *# * *#AddDescription "GZIP compressed document" .gz * *#AddDescription "tar archive" .tar * *#AddDescription "GZIP compressed tar archive" .tgz * *# * *# ReadmeName is the name of the README file the server will look for by * *# default, and append to directory listings. * *# * *# HeaderName is the name of a file which should be prepended to * *# directory indexes. * *# * *ReadmeName README.html * *HeaderName HEADER.html * *# * *# IndexIgnore is a set of filenames which directory indexing should ignore * *# and not include in the listing. *Shell-style wildcarding is permitted. * *# * *IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t </IfModule> # End of indexing directives. # # Document types. # <IfModule mod_mime.c> * *# * *# AddLanguage allows you to specify the language of a document. You can * *# then use content negotiation to give a browser a file in a language * *# it can understand. * * *# * *# Note 1: The suffix does not have to be the same as the language * *# keyword --- those with documents in Polish (whose net-standard * *# language code is pl) may wish to use "AddLanguage pl .po" to * *# avoid the ambiguity with the common suffix for perl scripts. * *# * *# Note 2: The example entries below illustrate that in quite * *# some cases the two character 'Language' abbreviation is not * *# identical to the two character 'Country' code for its country, * *# E.g. 'Danmark/dk' versus 'Danish/da'. * *# * *# Note 3: In the case of 'ltz' we violate the RFC by using a three char * *# specifier. But there is 'work in progress' to fix this and get * *# the reference data for rfc1766 cleaned up. * *# * *# Danish (da) - Dutch (nl) - English (en) - Estonian (ee) * *# French (fr) - German (de) - Greek-Modern (el) * *# Italian (it) - Korean (kr) - Norwegian (no) - Norwegian Nynorsk (nn) * *# Portugese (pt) - Luxembourgeois* (ltz) * *# Spanish (es) - Swedish (sv) - Catalan (ca) - Czech(cs) * *# Polish (pl) - Brazilian Portuguese (pt-br) - Japanese (ja) * *# Russian (ru) * *# * *AddLanguage da .dk * *AddLanguage nl .nl * *AddLanguage en .en * *AddLanguage et .ee * *AddLanguage fr .fr * *AddLanguage de .de * *AddLanguage el .el * *AddLanguage he .he * *AddCharset ISO-8859-8 .iso8859-8 * *AddLanguage it .it * *AddLanguage ja .ja * *AddCharset ISO-2022-JP .jis * *AddLanguage kr .kr * *AddCharset ISO-2022-KR .iso-kr * *AddLanguage nn .nn * *AddLanguage no .no * *AddLanguage pl .po * *AddCharset ISO-8859-2 .iso-pl * *AddLanguage pt .pt * *AddLanguage pt-br .pt-br * *AddLanguage ltz .lu * *AddLanguage ca .ca * *AddLanguage es .es * *AddLanguage sv .sv * *AddLanguage cs .cz .cs * *AddLanguage ru .ru * *AddLanguage zh-TW .zh-tw * *AddCharset Big5 * * * * .Big5 * *.big5 * *AddCharset WINDOWS-1251 .cp-1251 * *AddCharset CP866 * * * *.cp866 * *AddCharset ISO-8859-5 * .iso-ru * *AddCharset KOI8-R * * * .koi8-r * *AddCharset UCS-2 * * * *.ucs2 * *AddCharset UCS-4 * * * *.ucs4 * *AddCharset UTF-8 * * * *.utf8 * *# LanguagePriority allows you to give precedence to some languages * *# in case of a tie during content negotiation. * *# * *# Just list the languages in decreasing order of preference. We have * *# more or less alphabetized them here. You probably want to change this. * *# * *<IfModule mod_negotiation.c> * * * *LanguagePriority en da nl et fr de el it ja kr no pl pt pt-br ru ltz ca es sv tw * *</IfModule> * *# * *# AddType allows you to tweak mime.types without actually editing it, or to * *# make certain files to be certain types. * *# * *AddType application/x-tar .tgz * *# * *# AddEncoding allows you to have certain browsers uncompress * *# information on the fly. Note: Not all browsers support this. * *# Despite the name similarity, the following Add* directives have nothing * *# to do with the FancyIndexing customization directives above. * *# * *AddEncoding x-compress .Z * *AddEncoding x-gzip .gz .tgz * *# * *# If the AddEncoding directives above are commented-out, then you * *# probably should define those extensions to indicate media types: * *# * *#AddType application/x-compress .Z * *#AddType application/x-gzip .gz .tgz * *# * *# AddHandler allows you to map certain file extensions to "handlers", * *# actions unrelated to filetype. These can be either built into the server * *# or added with the Action command (see below) * *# * *# If you want to use server side includes, or CGI outside * *# ScriptAliased directories, uncomment the following lines. * *# * *# To use CGI scripts: * *# * *#AddHandler cgi-script .cgi * *# * *# To use server-parsed HTML files * *# * *#AddType text/html .shtml * *#AddHandler server-parsed .shtml * *# * *# Uncomment the following line to enable Apache's send-asis HTTP file * *# feature * *# * *#AddHandler send-as-is asis * *# * *# If you wish to use server-parsed imagemap files, use * *# * *#AddHandler imap-file map * *# * *# To enable type maps, you might want to use * *# * *#AddHandler type-map var </IfModule> # End of document types. # # Action lets you define media types that will execute a script whenever # a matching file is called. This eliminates the need for repeated URL # pathnames for oft-used CGI file processors. # Format: Action media/type /cgi-script/location # Format: Action handler-name /cgi-script/location # # # MetaDir: specifies the name of the directory in which Apache can find # meta information files. These files contain additional HTTP headers # to include when sending the document # #MetaDir .web # # MetaSuffix: specifies the file name suffix for the file containing the # meta information. # #MetaSuffix .meta # # Customizable error response (Apache style) # *these come in three flavors # # * *1) plain text #ErrorDocument 500 "The server made a boo boo. # *n.b. *the single leading (") marks it as text, it does not get output # # * *2) local redirects #ErrorDocument 404 /missing.html # *to redirect to local URL /missing.html #ErrorDocument 404 /cgi-bin/missing_handler.pl # *N.B.: You can redirect to a script or a document using server-side-includes. # # * *3) external redirects #ErrorDocument 402 http://www.example.com/subscription_info.html # *N.B.: Many of the environment variables associated with the original # *request will *not* be available to such a script. # # Customize behaviour based on the browser # <IfModule mod_setenvif.c> * *# * *# The following directives modify normal HTTP response behavior. * *# The first directive disables keepalive for Netscape 2.x and browsers that * *# spoof it. There are known problems with these browser implementations. * *# The second directive is for Microsoft Internet Explorer 4.0b2 * *# which has a broken HTTP/1.1 implementation and does not properly * *# support keepalive when it is used on 301 or 302 (redirect) responses. * *# * *BrowserMatch "Mozilla/2" nokeepalive * *BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0 * *# * *# The following directive disables HTTP/1.1 responses to browsers which * *# are in violation of the HTTP/1.0 spec by not being able to grok a * *# basic 1.1 response. * *# * *BrowserMatch "RealPlayer 4\.0" force-response-1.0 * *BrowserMatch "Java/1\.0" force-response-1.0 * *BrowserMatch "JDK/1\.0" force-response-1.0 </IfModule> # End of browser customization directives # # Allow server status reports, with the URL of http://servername/server-status # Change the ".example.com" to match your domain to enable. # #<Location /server-status> # * *SetHandler server-status # * *Order deny,allow # * *Deny from all # * *Allow from .example.com #</Location> # # Allow remote server configuration reports, with the URL of # http://servername/server-info (requires that mod_info.c be loaded). # Change the ".example.com" to match your domain to enable. # #<Location /server-info> # * *SetHandler server-info # * *Order deny,allow # * *Deny from all # * *Allow from .example.com #</Location> # # There have been reports of people trying to abuse an old bug from pre-1.1 # days. *This bug involved a CGI script distributed as a part of Apache. # By uncommenting these lines you can redirect these attacks to a logging # script on phf.apache.org. *Or, you can record them yourself, using the script # support/phf_abuse_log.cgi. # #<Location /cgi-bin/phf*> # * *Deny from all # * *ErrorDocument 403 http://phf.apache.org/phf_abuse_log.cgi #</Location> ### Section 3: Virtual Hosts # # VirtualHost: If you want to maintain multiple domains/hostnames on your # machine you can setup VirtualHost containers for them. Most configurations # use only name-based virtual hosts so the server doesn't need to worry about # IP addresses. This is indicated by the asterisks in the directives below. # # Please see the documentation at <URL:http://www.apache.org/docs/vhosts/> # for further details before you try to setup virtual hosts. # # You may use the command line option '-S' to verify your virtual host # configuration. # # Use name-based virtual hosting. # #NameVirtualHost *:80 # # VirtualHost example: # Almost any Apache directive may go into a VirtualHost container. # The first VirtualHost section is used for requests without a known # server name. # #<VirtualHost *:80> # * *ServerAdmin webmaster@dummy-host.example.com # * *DocumentRoot /www/docs/dummy-host.example.com # * *ServerName dummy-host.example.com # * *ErrorLog logs/dummy-host.example.com-error_log # * *CustomLog logs/dummy-host.example.com-access_log common #</VirtualHost> |
| Bookmarks |
| Thread Tools | |
| Display Modes | |
Linear Mode
|
|
© 2007 Novell, Inc. All Rights Reserved.
This site uses the YAML CSS framework.
All times are GMT -6. The time now is 08:18.
About openSUSE | Disclaimers | Feedback
About openSUSE | Disclaimers | Feedback
