www/apache
1
0
Fork 0
mirror of https://github.com/apache/httpd.git synced 2025-11-03 17:53:20 +03:00
Code Activity
Files
e485b1290c48a4bcdca2b31e07eae03f2f6067f7
apache/docs/manual/mod/core.html
Ryan Bloom b7bc1a03e7 Remove the Port directive. In it's place, the Listen directive 
is now a required directive, which tells Apache what port to
listen on.  The ServerName directive has also been extended
to accept an optional port.  If the port is specified to the
ServerName, the server will report that port whenever it
reports the port that it is listening on.  This change was
made to ease configuration errors that stem from having a Port
directive, and a Listen directive.  In that situation, the server
would only listen to the port specified by the Listen command,
which caused a lot of confusion to users.


git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@91293 13f79535-47bb-0310-9956-ffa450edef68
2001-10-04 20:00:53 +00:00

2692 lines
108 KiB
HTML
Raw Blame History

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta name="generator" content="HTML Tidy, see www.w3.org" />
<title>Apache Core Features</title>
</head>
<!-- Background white, links blue (unvisited), navy (visited), red (active) -->
<body bgcolor="#FFFFFF" text="#000000" link="#0000FF"
vlink="#000080" alink="#FF0000">
<!--#include virtual="header.html" -->
<h1 align="CENTER">Apache Core Features</h1>
<p>These configuration parameters control the core Apache
features, and are always available.</p>
<h2>Directives</h2>
<ul>
<li><a href="#accessfilename">AccessFileName</a></li>
<li><a href="#adddefaultcharset">AddDefaultCharset</a></li>
<li><a href="#addmodule">AddModule</a></li>
<li><a href="#allowoverride">AllowOverride</a></li>
<li><a href="#authname">AuthName</a></li>
<li><a href="#authtype">AuthType</a></li>
<li><a href="#clearmodulelist">ClearModuleList</a></li>
<li><a href="#contentdigest">ContentDigest</a></li>
<li><a href="#coredumpdirectory">CoreDumpDirectory</a></li>
<li><a href="#defaulttype">DefaultType</a></li>
<li><a href="#directory">&lt;Directory&gt;</a></li>
<li><a href="#directorymatch">&lt;DirectoryMatch&gt;</a></li>
<li><a href="#documentroot">DocumentRoot</a></li>
<li><a href="#errordocument">ErrorDocument</a></li>
<li><a href="#errorlog">ErrorLog</a></li>
<li><a href="#files">&lt;Files&gt;</a></li>
<li><a href="#filesmatch">&lt;FilesMatch&gt;</a></li>
<li><a href="#forcetype">ForceType</a></li>
<li><a href="#hostnamelookups">HostNameLookups</a></li>
<li><a href="#identitycheck">IdentityCheck</a></li>
<li><a href="#ifdefine">&lt;IfDefine&gt;</a></li>
<li><a href="#ifmodule">&lt;IfModule&gt;</a></li>
<li><a href="#include">Include</a></li>
<li><a href="#keepalive">KeepAlive</a></li>
<li><a href="#keepalivetimeout">KeepAliveTimeout</a></li>
<li><a href="#limit">&lt;Limit&gt;</a></li>
<li><a href="#limitexcept">&lt;LimitExcept&gt;</a></li>
<li><a href="#limitrequestbody">LimitRequestBody</a></li>
<li><a href="#limitrequestfields">LimitRequestFields</a></li>
<li><a
href="#limitrequestfieldsize">LimitRequestFieldsize</a></li>
<li><a href="#limitrequestline">LimitRequestLine</a></li>
<li><a
href="#limitxmlrequestbody">LimitXMLRequestBody</a></li>
<li><a href="#location">&lt;Location&gt;</a></li>
<li><a href="#locationmatch">&lt;LocationMatch&gt;</a></li>
<li><a href="#loglevel">LogLevel</a></li>
<li><a
href="#maxkeepaliverequests">MaxKeepAliveRequests</a></li>
<li><a href="#namevirtualhost">NameVirtualHost</a></li>
<li><a href="#options">Options</a></li>
<li><a href="#require">Require</a></li>
<li><a href="#rlimitcpu">RLimitCPU</a></li>
<li><a href="#rlimitmem">RLimitMEM</a></li>
<li><a href="#rlimitnproc">RLimitNPROC</a></li>
<li><a href="#satisfy">Satisfy</a></li>
<li><a
href="#scriptinterpretersource">ScriptInterpreterSource</a></li>
<li><a href="#serveradmin">ServerAdmin</a></li>
<li><a href="#serveralias">ServerAlias</a></li>
<li><a href="#servername">ServerName</a></li>
<li><a href="#serverpath">ServerPath</a></li>
<li><a href="#serverroot">ServerRoot</a></li>
<li><a href="#serversignature">ServerSignature</a></li>
<li><a href="#servertokens">ServerTokens</a></li>
<li><a href="#sethandler">SetHandler</a></li>
<li><a href="#setinputfilter">SetInputFilter</a></li>
<li><a href="#setoutputfilter">SetOutputFilter</a></li>
<li><a href="#timeout">TimeOut</a></li>
<li><a href="#usecanonicalname">UseCanonicalName</a></li>
<li><a href="#virtualhost">&lt;VirtualHost&gt;</a></li>
</ul>
<hr />
<h2><a id="accessfilename" name="accessfilename">AccessFileName
directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt AccessFileName} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> AccessFileName
<em>filename</em> [<em>filename</em>] ...<br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a> <code>AccessFileName
.htaccess</code><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config, virtual
host<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> AccessFileName
can accept more than one filename only in Apache 1.3 and later
<p>When returning a document to the client the server looks for
the first existing access control file from this list of names
in every directory of the path to the document, if access
control files are enabled for that directory. For example:</p>
<blockquote>
<code>AccessFileName .acl</code>
</blockquote>
before returning the document /usr/local/web/index.html, the
server will read /.acl, /usr/.acl, /usr/local/.acl and
/usr/local/web/.acl for directives, unless they have been
disabled with
<blockquote>
<code>&lt;Directory /&gt;<br />
AllowOverride None<br />
&lt;/Directory&gt;</code>
</blockquote>
<p><strong>See Also:</strong> <a
href="#allowoverride">AllowOverride</a></p>
<hr />
<h2><a id="adddefaultcharset"
name="adddefaultcharset">AddDefaultCharset directive</a></h2>
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> AddDefaultCharset
On|Off|<em>charset</em><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> all<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a>
<code>AddDefaultCharset Off</code><br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a>
AddDefaultCharset is only available in Apache 1.3.12 and later
<p>This directive specifies the name of the character set that
will be added to any response that does not have any parameter
on the content type in the HTTP headers. This will override any
character set specified in the body of the document via a
<code>META</code> tag. A setting of <code>AddDefaultCharset
Off</code> disables this functionality. <code>AddDefaultCharset
On</code> enables Apache's internal default charset of
<code>iso-8859-1</code> as required by the directive. You can
also specify an alternate <em>charset</em> to be used; e.g.
<code>AddDefaultCharset utf-8</code>.</p>
<hr />
<h2><a id="addmodule" name="addmodule">AddModule
directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt AddModule} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> AddModule
<em>module</em> [<em>module</em>] ...<br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config <br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> AddModule is
only available in Apache 1.2 and later
<p>The server can have modules compiled in which are not
actively in use. This directive can be used to enable the use
of those modules. The server comes with a pre-loaded list of
active modules; this list can be cleared with the <a
href="#clearmodulelist">ClearModuleList</a> directive.</p>
<hr />
<h2><a id="allowoverride" name="allowoverride">AllowOverride
directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt AllowOverride} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> AllowOverride
All|None|<em>directive-type</em> [<em>directive-type</em>]
...<br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a> <code>AllowOverride
All</code><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> directory<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core
<p>When the server finds an .htaccess file (as specified by <a
href="#accessfilename">AccessFileName</a>) it needs to know
which directives declared in that file can override earlier
access information.</p>
<p>When this directive is set to <code>None</code>, then
.htaccess files are completely ignored. In this case, the
server will not even attempt to read .htaccess files in the
filesystem.</p>
<p>When this directive is set to <code>All</code>, then any
directive which has the .htaccess <a
href="directive-dict.html#Context">Context</a> is allowed in
.htaccess files.</p>
<p>The <em>directive-type</em> can be one of the following
groupings of directives.</p>
<dl>
<dt>AuthConfig</dt>
<dd>
<!--%plaintext &lt;?INDEX {\tt AuthConfig} override&gt; -->
Allow use of the authorization directives (<a
href="mod_auth_dbm.html#authdbmgroupfile">AuthDBMGroupFile</a>,
<a
href="mod_auth_dbm.html#authdbmuserfile">AuthDBMUserFile</a>,
<a href="mod_auth.html#authgroupfile">AuthGroupFile</a>, <a
href="#authname">AuthName</a>, <a
href="#authtype">AuthType</a>, <a
href="mod_auth.html#authuserfile">AuthUserFile</a>, <a
href="#require">Require</a>, <em>etc.</em>).</dd>
<dt>FileInfo</dt>
<dd><!--%plaintext &lt;?INDEX {\tt FileInfo} override&gt; -->
Allow use of the directives controlling document types (<a
href="#defaulttype">DefaultType</a>, <a
href="#errordocument">ErrorDocument</a>, <a
href="#forcetype">ForceType</a>, <a
href="mod_negotiation.html#languagepriority">LanguagePriority</a>,
<a href="#sethandler">SetHandler</a>, <a
href="#setinputfilter">SetInputFilter</a>, <a
href="#setoutputfilter">SetOutputFilter</a>, and <a
href="mod_mime.html">mod_mime Add* and Remove*
directives</a>, <em>etc.</em>).</dd>
<dt>Indexes</dt>
<dd><!--%plaintext &lt;?INDEX {\tt Indexes} override&gt; -->
Allow use of the directives controlling directory indexing
(<a
href="mod_autoindex.html#adddescription">AddDescription</a>,
<a href="mod_autoindex.html#addicon">AddIcon</a>, <a
href="mod_autoindex.html#addiconbyencoding">AddIconByEncoding</a>,
<a href="mod_autoindex.html#addiconbytype">AddIconByType</a>,
<a href="mod_autoindex.html#defaulticon">DefaultIcon</a>, <a
href="mod_dir.html#directoryindex">DirectoryIndex</a>, <a
href="mod_autoindex.html#fancyindexing">FancyIndexing</a>, <a
href="mod_autoindex.html#headername">HeaderName</a>, <a
href="mod_autoindex.html#indexignore">IndexIgnore</a>, <a
href="mod_autoindex.html#indexoptions">IndexOptions</a>, <a
href="mod_autoindex.html#readmename">ReadmeName</a>,
<em>etc.</em>).</dd>
<dt>Limit</dt>
<dd><!--%plaintext &lt;?INDEX {\tt Limit} override&gt; -->
Allow use of the directives controlling host access (Allow,
Deny and Order).</dd>
<dt>Options</dt>
<dd><!--%plaintext &lt;?INDEX {\tt Options} override&gt; -->
Allow use of the directives controlling specific directory
features (<a href="#options">Options</a> and <a
href="mod_include.html#xbithack">XBitHack</a>).</dd>
</dl>
<p><strong>See Also:</strong> <a
href="#accessfilename">AccessFileName</a></p>
<hr />
<h2><a id="authname" name="authname">AuthName
directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt AuthName} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> AuthName
<em>auth-domain</em><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> directory,
.htaccess<br />
<a href="directive-dict.html#Override"
rel="Help"><strong>Override:</strong></a> AuthConfig<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core
<p>This directive sets the name of the authorization realm for
a directory. This realm is given to the client so that the user
knows which username and password to send.
<samp>AuthName</samp> takes a single argument; if the realm
name contains spaces, it must be enclosed in quotation marks.
It must be accompanied by <a href="#authtype">AuthType</a> and
<a href="#require">Require</a> directives, and directives such
as <a href="mod_auth.html#authuserfile">AuthUserFile</a> and <a
href="mod_auth.html#authgroupfile">AuthGroupFile</a> to
work.</p>
<hr />
<h2><a id="authtype" name="authtype">AuthType
directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt AuthType} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> AuthType
Basic|Digest<br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> directory,
.htaccess<br />
<a href="directive-dict.html#Override"
rel="Help"><strong>Override:</strong></a> AuthConfig<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core
<p>This directive selects the type of user authentication for a
directory. Only <code>Basic</code> and <code>Digest</code> are
currently implemented.
<!--%plaintext &lt;?INDEX {\tt Basic} authentication scheme&gt; -->
It must be accompanied by <a href="#authname">AuthName</a> and
<a href="#require">Require</a> directives, and directives such
as <a href="mod_auth.html#authuserfile">AuthUserFile</a> and <a
href="mod_auth.html#authgroupfile">AuthGroupFile</a> to
work.</p>
<hr />
<h2><a id="clearmodulelist"
name="clearmodulelist">ClearModuleList directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt ClearModuleList} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> ClearModuleList<br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> ClearModuleList
is only available in Apache 1.2 and later
<p>The server comes with a built-in list of active modules.
This directive clears the list. It is assumed that the list
will then be re-populated using the <a
href="#addmodule">AddModule</a> directive.</p>
<hr />
<h2><a id="contentdigest" name="contentdigest">ContentDigest
directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt ContentDigest} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> ContentDigest
on|off<br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a> <code>ContentDigest
off</code><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config, virtual
host, directory, .htaccess<br />
<a href="directive-dict.html#Override"
rel="Help"><strong>Override:</strong></a> Options<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> experimental<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> ContentDigest is
only available in Apache 1.1 and later
<p>This directive enables the generation of
<code>Content-MD5</code> headers as defined in RFC1864
respectively RFC2068.</p>
<p>MD5 is an algorithm for computing a "message digest"
(sometimes called "fingerprint") of arbitrary-length data, with
a high degree of confidence that any alterations in the data
will be reflected in alterations in the message digest.</p>
<p>The <code>Content-MD5</code> header provides an end-to-end
message integrity check (MIC) of the entity-body. A proxy or
client may check this header for detecting accidental
modification of the entity-body in transit. Example header:</p>
<pre>
Content-MD5: AuLb7Dp1rqtRtxz2m9kRpA==
</pre>
<p>Note that this can cause performance problems on your server
since the message digest is computed on every request (the
values are not cached).</p>
<p><code>Content-MD5</code> is only sent for documents served
by the core, and not by any module. For example, SSI documents,
output from CGI scripts, and byte range responses do not have
this header.</p>
<hr />
<h2><a id="defaulttype" name="defaulttype">DefaultType
directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt DefaultType} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> DefaultType
<em>MIME-type</em><br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a> <code>DefaultType
text/html</code><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config, virtual
host, directory, .htaccess<br />
<a href="directive-dict.html#Override"
rel="Help"><strong>Override:</strong></a> FileInfo<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core
<p>There will be times when the server is asked to provide a
document whose type cannot be determined by its MIME types
mappings.</p>
<p>The server must inform the client of the content-type of the
document, so in the event of an unknown type it uses the
<code>DefaultType</code>. For example:</p>
<blockquote>
<code>DefaultType image/gif</code>
</blockquote>
would be appropriate for a directory which contained many gif
images with filenames missing the .gif extension.
<p>Note that unlike <a href="#forcetype">ForceType</a>, this
directive is only provides the default mime-type. All other
mime-type definitions, including filename extensions, that
might identify the media type will override this default.</p>
<hr />
<h2><a id="directory" name="directory">&lt;Directory&gt;
directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt Directory} section directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> &lt;Directory
<em>directory-path</em>&gt; ... &lt;/Directory&gt; <br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config, virtual
host<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> Core.
<p>&lt;Directory&gt; and &lt;/Directory&gt; are used to enclose
a group of directives which will apply only to the named
directory and sub-directories of that directory. Any directive
which is allowed in a directory context may be used.
<em>Directory-path</em> is either the full path to a directory,
or a wild-card string. In a wild-card string, `?' matches any
single character, and `*' matches any sequences of characters.
As of Apache 1.3, you may also use `[]' character ranges like
in the shell. Also as of Apache 1.3 none of the wildcards match
a `/' character, which more closely mimics the behavior of Unix
shells. Example:</p>
<pre>
&lt;Directory /usr/local/httpd/htdocs&gt;
Options Indexes FollowSymLinks
&lt;/Directory&gt;
</pre>
<p><strong>Apache 1.2 and above:</strong> Extended regular
expressions can also be used, with the addition of the
<code>~</code> character. For example:</p>
<pre>
&lt;Directory ~ "^/www/.*/[0-9]{3}"&gt;
</pre>
would match directories in /www/ that consisted of three
numbers.
<p>If multiple (non-regular expression) directory sections
match the directory (or its parents) containing a document,
then the directives are applied in the order of shortest match
first, interspersed with the directives from the <a
href="#accessfilename">.htaccess</a> files. For example,
with</p>
<blockquote>
<code>&lt;Directory /&gt;<br />
AllowOverride None<br />
&lt;/Directory&gt;<br />
<br />
&lt;Directory /home/*&gt;<br />
AllowOverride FileInfo<br />
&lt;/Directory&gt;</code>
</blockquote>
for access to the document <code>/home/web/dir/doc.html</code>
the steps are:
<ul>
<li>Apply directive <code>AllowOverride None</code>
(disabling <code>.htaccess</code> files).</li>
<li>Apply directive <code>AllowOverride FileInfo</code> (for
directory <code>/home/web</code>).</li>
<li>Apply any FileInfo directives in
<code>/home/web/.htaccess</code></li>
</ul>
<p>Regular expression directory sections are handled slightly
differently by Apache 1.2 and 1.3. In Apache 1.2 they are
interspersed with the normal directory sections and applied in
the order they appear in the configuration file. They are
applied only once, and apply when the shortest match possible
occurs. In Apache 1.3 regular expressions are not considered
until after all of the normal sections have been applied. Then
all of the regular expressions are tested in the order they
appeared in the configuration file. For example, with</p>
<blockquote>
<code>&lt;Directory ~ abc$&gt;<br />
... directives here ...<br />
&lt;/Directory&gt;<br />
</code>
</blockquote>
Suppose that the filename being accessed is
<code>/home/abc/public_html/abc/index.html</code>. The server
considers each of <code>/</code>, <code>/home</code>,
<code>/home/abc</code>, <code>/home/abc/public_html</code>, and
<code>/home/abc/public_html/abc</code> in that order. In Apache
1.2, when <code>/home/abc</code> is considered, the regular
expression will match and be applied. In Apache 1.3 the regular
expression isn't considered at all at that point in the tree.
It won't be considered until after all normal
&lt;Directory&gt;s and <code>.htaccess</code> files have been
applied. Then the regular expression will match on
<code>/home/abc/public_html/abc</code> and be applied.
<p><strong>Note that the default Apache access for
&lt;Directory /&gt; is <samp>Allow from All</samp>. This means
that Apache will serve any file mapped from an URL. It is
recommended that you change this with a block such
as</strong></p>
<pre>
&lt;Directory /&gt;
Order Deny,Allow
Deny from All
&lt;/Directory&gt;
</pre>
<p><strong>and then override this for directories you
<em>want</em> accessible. See the <a
href="../misc/security_tips.html">Security Tips</a> page for
more details.</strong></p>
The directory sections typically occur in the access.conf file,
but they may appear in any configuration file.
&lt;Directory&gt; directives cannot nest, and cannot appear in
a <a href="#limit">&lt;Limit&gt;</a> or <a
href="#limitexcept">&lt;LimitExcept&gt;</a> section.
<p><strong>See also</strong>: <a href="../sections.html">How
Directory, Location and Files sections work</a> for an
explanation of how these different sections are combined when a
request is received</p>
<hr />
<h2><a id="directorymatch"
name="directorymatch">&lt;DirectoryMatch&gt;</a></h2>
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> &lt;DirectoryMatch
<em>regex</em>&gt; ... &lt;/DirectoryMatch&gt; <br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config, virtual
host<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> Core.<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> Available in
Apache 1.3 and later
<p>&lt;DirectoryMatch&gt; and &lt;/DirectoryMatch&gt; are used
to enclose a group of directives which will apply only to the
named directory and sub-directories of that directory, the same
as <a href="#directory">&lt;Directory&gt;</a>. However, it
takes as an argument a regular expression. For example:</p>
<pre>
&lt;DirectoryMatch "^/www/.*/[0-9]{3}"&gt;
</pre>
<p>would match directories in /www/ that consisted of three
numbers.</p>
<p><strong>See Also:</strong> <a
href="#directory">&lt;Directory&gt;</a> for a description of
how regular expressions are mixed in with normal
&lt;Directory&gt;s.<br />
<strong>See also</strong>: <a href="../sections.html">How
Directory, Location and Files sections work</a> for an
explanation of how these different sections are combined when a
request is received</p>
<hr />
<h2><a id="documentroot" name="documentroot">DocumentRoot
directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt DocumentRoot} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> DocumentRoot
<em>directory-path</em><br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a> <code>DocumentRoot
/usr/local/apache/htdocs</code><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config, virtual
host<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core
<p>This directive sets the directory from which httpd will
serve files. Unless matched by a directive like Alias, the
server appends the path from the requested URL to the document
root to make the path to the document. Example:</p>
<blockquote>
<code>DocumentRoot /usr/web</code>
</blockquote>
then an access to
<code>http://www.my.host.com/index.html</code> refers to
<code>/usr/web/index.html</code>.
<p>There appears to be a bug in mod_dir which causes problems
when the DocumentRoot has a trailing slash (<em>i.e.</em>,
"DocumentRoot /usr/web/") so please avoid that.</p>
<hr />
<h2><a id="errordocument" name="errordocument">ErrorDocument
directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt ErrorDocument} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> ErrorDocument
<em>error-code document</em><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config, virtual
host, directory, .htaccess<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<a href="directive-dict.html#Override"
rel="Help"><strong>Override:</strong></a> FileInfo<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> The directory
and .htaccess contexts are only available in Apache 1.1 and
later. The quoting syntax prior to Apache 2.0 was different.
<p>In the event of a problem or error, Apache can be configured
to do one of four things,</p>
<ol>
<li>output a simple hardcoded error message</li>
<li>output a customized message</li>
<li>redirect to a local <em>URL-path</em> to handle the
problem/error</li>
<li>redirect to an external <em>URL</em> to handle the
problem/error</li>
</ol>
<p>The first option is the default, while options 2-4 are
configured using the <code>ErrorDocument</code> directive,
which is followed by the HTTP response code and a URL or a
message. Apache will sometimes offer additional information
regarding the problem/error.</p>
<p>URLs can begin with a slash (/) for local URLs, or be a full
URL which the client can resolve. Alternatively, a message can
be provided to be displayed by the browser. Examples:</p>
<blockquote>
<code>ErrorDocument 500
http://foo.example.com/cgi-bin/tester<br />
ErrorDocument 404 /cgi-bin/bad_urls.pl<br />
ErrorDocument 401 /subscription_info.html<br />
ErrorDocument 403 "Sorry can't allow you access
today"</code>
</blockquote>
<p>Note that when you specify an <code>ErrorDocument</code>
that points to a remote URL (ie. anything with a method such as
"http" in front of it), Apache will send a redirect to the
client to tell it where to find the document, even if the
document ends up being on the same server. This has several
implications, the most important being that the client will not
receive the original error status code, but instead will
receive a redirect status code. This in turn can confuse web
robots and other clients which try to determine if a URL is
valid using the status code. In addition, if you use a remote
URL in an <code>ErrorDocument 401</code>, the client will not
know to prompt the user for a password since it will not
receive the 401 status code. Therefore, <strong>if you use an
"ErrorDocument 401" directive then it must refer to a local
document.</strong></p>
<p>Prior to version 2.0, messages were indicated by prefixing
them with a single unmatched double quote character.</p>
<p>See Also: <a href="../custom-error.html">documentation of
customizable responses.</a></p>
<hr />
<h2><a id="errorlog" name="errorlog">ErrorLog
directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt ErrorLog} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> ErrorLog
<em>file-path</em>|syslog[:<em>facility</em>] <br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a> <code>ErrorLog
logs/error_log</code> (Unix)<br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a> <code>ErrorLog
logs/error.log</code> (Windows and OS/2)<br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config, virtual
host<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core
<p>The error log directive sets the name of the file to which
the server will log any errors it encounters. If the
<em>file-path</em> does not begin with a slash (/) then it is
assumed to be relative to the <a
href="#serverroot">ServerRoot</a>. If the <em>file-path</em>
begins with a pipe (|) then it is assumed to be a command to
spawn to handle the error log.</p>
<p><strong>Apache 1.3 and above:</strong> Using
<code>syslog</code> instead of a filename enables logging via
syslogd(8) if the system supports it. The default is to use
syslog facility <code>local7</code>, but you can override this
by using the <code>syslog:</code><em>facility</em> syntax where
<em>facility</em> can be one of the names usually documented in
syslog(1).</p>
<p>SECURITY: See the <a
href="../misc/security_tips.html#serverroot">security tips</a>
document for details on why your security could be compromised
if the directory where logfiles are stored is writable by
anyone other than the user that starts the server.</p>
<p><strong>See also:</strong> <a href="#loglevel">LogLevel</a>
and <a href="../logs.html">Apache Log Files</a></p>
<hr />
<h2><a id="files" name="files">&lt;Files&gt; directive</a></h2>
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> &lt;Files
<em>filename</em>&gt; ... &lt;/Files&gt;<br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config, virtual
host, .htaccess<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> only available
in Apache 1.2 and above.
<p>The &lt;Files&gt; directive provides for access control by
filename. It is comparable to the <a
href="#directory">&lt;Directory&gt;</a> directive and <a
href="#location">&lt;Location&gt;</a> directives. It should be
matched with a &lt;/Files&gt; directive. The directives given
within this section will be applied to any object with a
basename (last component of filename) matching the specified
filename. <code>&lt;Files&gt;</code> sections are processed in
the order they appear in the configuration file, after the
&lt;Directory&gt; sections and <code>.htaccess</code> files are
read, but before &lt;Location&gt; sections. Note that
&lt;Files&gt; can be nested inside &lt;Directory&gt; sections
to restrict the portion of the filesystem they apply to.</p>
<p>The <em>filename</em> argument should include a filename, or
a wild-card string, where `?' matches any single character, and
`*' matches any sequences of characters. Extended regular
expressions can also be used, with the addition of the
<code>~</code> character. For example:</p>
<pre>
&lt;Files ~ "\.(gif|jpe?g|png)$"&gt;
</pre>
would match most common Internet graphics formats. In Apache
1.3 and later, <a href="#filesmatch">&lt;FilesMatch&gt;</a> is
preferred, however.
<p>Note that unlike <a
href="#directory"><code>&lt;Directory&gt;</code></a> and <a
href="#location"><code>&lt;Location&gt;</code></a> sections,
<code>&lt;Files&gt;</code> sections can be used inside
.htaccess files. This allows users to control access to their
own files, at a file-by-file level.</p>
<p><strong>See also</strong>: <a href="../sections.html">How
Directory, Location and Files sections work</a> for an
explanation of how these different sections are combined when a
request is received</p>
<hr />
<h2><a id="filesmatch"
name="filesmatch">&lt;FilesMatch&gt;</a></h2>
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> &lt;FilesMatch
<em>regex</em>&gt; ... &lt;/FilesMatch&gt;<br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config, virtual
host, .htaccess<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> only available
in Apache 1.3 and above.
<p>The &lt;FilesMatch&gt; directive provides for access control
by filename, just as the <a href="#files">&lt;Files&gt;</a>
directive does. However, it accepts a regular expression. For
example:</p>
<pre>
&lt;FilesMatch "\.(gif|jpe?g|png)$"&gt;
</pre>
<p>would match most common Internet graphics formats.</p>
<strong>See also</strong>: <a href="../sections.html">How
Directory, Location and Files sections work</a> for an
explanation of how these different sections are combined when a
request is received
<hr />
<h2><a id="forcetype" name="forcetype">ForceType</a>
directive</h2>
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> ForceType
<em>mime-type</em><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> directory,
.htaccess<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> Base<br />
<a href="directive-dict.html#Module"
rel="Help"><strong>Module:</strong></a> core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> ForceType was
introduced in mod_mime with Apache 1.1, and moved to the core
in Apache 2.0.
<p>When placed into an <code>.htaccess</code> file or a
<code>&lt;Directory&gt;</code>, or
<code>&lt;Location&gt;</code> or or <code>&lt;Files&gt;</code>
section, this directive forces all matching files to be served
with the content type identification given by
<em>mime-type</em>. For example, if you had a directory full of
GIF files, but did not want to label them all with ".gif", you
might want to use:</p>
<pre>
ForceType image/gif
</pre>
<p>Note that unlike <a href="#defaulttype">DefaultType</a>,
this directive overrides all mime-type associations, including
filename extensions, that might identify the media type.</p>
<hr />
<h2><a id="hostnamelookups"
name="hostnamelookups">HostNameLookups directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt HostNameLookups} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> HostNameLookups
on|off|double<br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a> <code>HostNameLookups
off</code><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config, virtual
host, directory<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a>
<code>double</code> available only in Apache 1.3 and
above.<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> Default was
<code>on</code> prior to Apache 1.3.
<p>This directive enables DNS lookups so that host names can be
logged (and passed to CGIs/SSIs in <code>REMOTE_HOST</code>).
The value <code>double</code> refers to doing double-reverse
DNS. That is, after a reverse lookup is performed, a forward
lookup is then performed on that result. At least one of the ip
addresses in the forward lookup must match the original
address. (In "tcpwrappers" terminology this is called
<code>PARANOID</code>.)</p>
<p>Regardless of the setting, when <a
href="mod_access.html">mod_access</a> is used for controlling
access by hostname, a double reverse lookup will be performed.
This is necessary for security. Note that the result of this
double-reverse isn't generally available unless you set
<code>HostnameLookups double</code>. For example, if only
<code>HostnameLookups on</code> and a request is made to an
object that is protected by hostname restrictions, regardless
of whether the double-reverse fails or not, CGIs will still be
passed the single-reverse result in
<code>REMOTE_HOST</code>.</p>
<p>The default for this directive was previously
<code>on</code> in versions of Apache prior to 1.3. It was
changed to <code>off</code> in order to save the network
traffic for those sites that don't truly need the reverse
lookups done. It is also better for the end users because they
don't have to suffer the extra latency that a lookup entails.
Heavily loaded sites should leave this directive
<code>off</code>, since DNS lookups can take considerable
amounts of time. The utility <a
href="../programs/logresolve.html">logresolve</a>, provided in
the <em>/support</em> directory, can be used to look up host
names from logged IP addresses offline.</p>
<hr />
<h2><a id="identitycheck" name="identitycheck">IdentityCheck
directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt IdentityCheck} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> IdentityCheck
on|off<br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a> <code>IdentityCheck
off</code><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config, virtual
host, directory<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core
<p>This directive enables RFC1413-compliant logging of the
remote user name for each connection, where the client machine
runs identd or something similar. This information is logged in
the access log. <em>Boolean</em> is either <code>on</code> or
<code>off</code>.</p>
<p>The information should not be trusted in any way except for
rudimentary usage tracking.</p>
<p>Note that this can cause serious latency problems accessing
your server since every request requires one of these lookups
to be performed. When firewalls are involved each lookup might
possibly fail and add 30 seconds of latency to each hit. So in
general this is not very useful on public servers accessible
from the Internet.</p>
<hr />
<h2><a id="ifdefine" name="ifdefine">&lt;IfDefine&gt;
directive</a></h2>
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> &lt;IfDefine
[!]<em>parameter-name</em>&gt; <em>...</em>
&lt;/IfDefine&gt;<br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a> None<br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> all<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> Core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> &lt;IfDefine&gt;
is only available in 1.3.1 and later.
<p>The &lt;IfDefine <em>test</em>&gt;...&lt;/IfDefine&gt;
section is used to mark directives that are conditional. The
directives within an IfDefine section are only processed if the
<em>test</em> is true. If <em>test</em> is false, everything
between the start and end markers is ignored.</p>
<p>The <em>test</em> in the &lt;IfDefine&gt; section directive
can be one of two forms:</p>
<ul>
<li><em>parameter-name</em></li>
<li><code>!</code><em>parameter-name</em></li>
</ul>
<p>In the former case, the directives between the start and end
markers are only processed if the parameter named
<em>parameter-name</em> is defined. The second format reverses
the test, and only processes the directives if
<em>parameter-name</em> is <strong>not</strong> defined.</p>
<p>The <em>parameter-name</em> argument is a define as given on
the <code>httpd</code> command line via
<code>-D</code><em>parameter-</em>, at the time the server was
started.</p>
<p>&lt;IfDefine&gt; sections are nest-able, which can be used
to implement simple multiple-parameter tests. Example:</p>
<pre>
$ httpd -DReverseProxy ...
# httpd.conf
&lt;IfDefine ReverseProxy&gt;
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule proxy_module modules/libproxy.so
&lt;/IfDefine&gt;
</pre>
<hr />
<h2><a id="ifmodule" name="ifmodule">&lt;IfModule&gt;
directive</a></h2>
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> &lt;IfModule
[!]<em>module-name</em>&gt; <em>...</em>
&lt;/IfModule&gt;<br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a> None<br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> all<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> Core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> IfModule is only
available in 1.2 and later.
<p>The &lt;IfModule <em>test</em>&gt;...&lt;/IfModule&gt;
section is used to mark directives that are conditional. The
directives within an IfModule section are only processed if the
<em>test</em> is true. If <em>test</em> is false, everything
between the start and end markers is ignored.</p>
<p>The <em>test</em> in the &lt;IfModule&gt; section directive
can be one of two forms:</p>
<ul>
<li><em>module name</em></li>
<li>!<em>module name</em></li>
</ul>
<p>In the former case, the directives between the start and end
markers are only processed if the module named <em>module
name</em> is compiled in to Apache. The second format reverses
the test, and only processes the directives if <em>module
name</em> is <strong>not</strong> compiled in.</p>
<p>The <em>module name</em> argument is a module name as given
as the file name of the module, at the time it was compiled.
For example, <code>mod_rewrite.c</code>.</p>
<p>&lt;IfModule&gt; sections are nest-able, which can be used
to implement simple multiple-module tests.</p>
<hr />
<h2><a id="include" name="include">Include directive</a></h2>
<strong>Syntax:</strong> Include
<em>file-path</em>|<em>directory-path</em><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> Core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> Include is only
available in Apache 1.3 and later.
<p>This directive allows inclusion of other configuration files
from within the server configuration files.</p>
<p>If <code>Include</code> points to a directory, rather than a
file, Apache will read all files in that directory, and any
subdirectory, and parse those as configuration files.</p>
<hr />
<h2><a id="keepalive" name="keepalive">KeepAlive
directive</a></h2>
<strong>Syntax:</strong> KeepAlive on/off<br />
<strong>Default:</strong> <code>KeepAlive On</code><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> Core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> KeepAlive is
only available in Apache 1.1 and later.
<p>The Keep-Alive extension to HTTP/1.0 and the persistent
connection feature of HTTP/1.1 provide long-lived HTTP sessions
which allow multiple requests to be sent over the same TCP
connection. In some cases this has been shown to result in an
almost 50% speedup in latency times for HTML documents with
many images. To enable Keep-Alive connections in Apache 1.2 and
later, set <code>KeepAlive On</code>.</p>
<p>For HTTP/1.0 clients, Keep-Alive connections will only be
used if they are specifically requested by a client. In
addition, a Keep-Alive connection with an HTTP/1.0 client can
only be used when the length of the content is known in
advance. This implies that dynamic content such as CGI output,
SSI pages, and server-generated directory listings will
generally not use Keep-Alive connections to HTTP/1.0 clients.
For HTTP/1.1 clients, persistent connections are the default
unless otherwise specified. If the client requests it, chunked
encoding will be used in order to send content of unknown
length over persistent connections.</p>
<p>See also <a
href="#maxkeepaliverequests">MaxKeepAliveRequests</a>.</p>
<hr />
<h2><a id="keepalivetimeout"
name="keepalivetimeout">KeepAliveTimeout directive</a></h2>
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> KeepAliveTimeout
<em>seconds</em><br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a> <code>KeepAliveTimeout
15</code><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> Core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> KeepAliveTimeout
is only available in Apache 1.1 and later.
<p>The number of seconds Apache will wait for a subsequent
request before closing the connection. Once a request has been
received, the timeout value specified by the <a
href="#timeout"><code>Timeout</code></a> directive applies.</p>
<p>Setting <code>KeepAliveTimeout</code> to a high value may
cause performance problems in heavily loaded servers. The
higher the timeout, the more server processes will be kept
occupied waiting on connections with idle clients.</p>
<hr />
<h2><a id="limit" name="limit">&lt;Limit&gt; directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt Limit} section directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> &lt;Limit
<em>method</em> [<em>method</em>] ... &gt; ...
&lt;/Limit&gt;<br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> any<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core
<p>Access controls are normally effective for
<strong>all</strong> access methods, and this is the usual
desired behavior. <strong>In the general case, access control
directives should not be placed within a
<code>&lt;limit&gt;</code> section.</strong></p>
<p>The purpose of the &lt;Limit&gt; directive is to restrict
the effect of the access controls to the nominated HTTP
methods. For all other methods, the access restrictions that
are enclosed in the &lt;Limit&gt; bracket <strong>will have no
effect</strong>. The following example applies the access
control only to the methods POST, PUT, and DELETE, leaving all
other methods unprotected:</p>
<blockquote>
<code>&lt;Limit POST PUT DELETE&gt;<br />
Require valid-user<br />
&lt;/Limit&gt;</code>
</blockquote>
The method names listed can be one or more of: GET, POST, PUT,
DELETE, CONNECT, OPTIONS, TRACE, PATCH, PROPFIND, PROPPATCH,
MKCOL, COPY, MOVE, LOCK, and UNLOCK. <strong>The method name is
case-sensitive.</strong> If GET is used it will also restrict
HEAD requests.
<hr />
<h2><a id="limitexcept" name="limitexcept">&lt;LimitExcept&gt;
directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt LimitExcept} section directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> &lt;LimitExcept
<em>method</em> [<em>method</em>] ... &gt; ...
&lt;/LimitExcept&gt;<br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> any<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> Available in
Apache 1.3.5 and later
<p>&lt;LimitExcept&gt; and &lt;/LimitExcept&gt; are used to
enclose a group of access control directives which will then
apply to any HTTP access method <strong>not</strong> listed in
the arguments; i.e., it is the opposite of a <a
href="#limit">&lt;Limit&gt;</a> section and can be used to
control both standard and nonstandard/unrecognized methods. See
the documentation for <a href="#limit">&lt;Limit&gt;</a> for
more details.</p>
<hr />
<h2><a id="limitrequestbody"
name="limitrequestbody">LimitRequestBody directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt LimitRequestBody} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> LimitRequestBody
<em>bytes</em><br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a> <code>LimitRequestBody
0</code><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config, virtual
host, directory, .htaccess<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> LimitRequestBody
is only available in Apache 1.3.2 and later.
<p>This directive specifies the number of <em>bytes</em> from 0
(meaning unlimited) to 2147483647 (2GB) that are allowed in a
request body. The default value is defined by the compile-time
constant <code>DEFAULT_LIMIT_REQUEST_BODY</code> (0 as
distributed).</p>
<p>The LimitRequestBody directive allows the user to set a
limit on the allowed size of an HTTP request message body
within the context in which the directive is given (server,
per-directory, per-file or per-location). If the client request
exceeds that limit, the server will return an error response
instead of servicing the request. The size of a normal request
message body will vary greatly depending on the nature of the
resource and the methods allowed on that resource. CGI scripts
typically use the message body for passing form information to
the server. Implementations of the PUT method will require a
value at least as large as any representation that the server
wishes to accept for that resource.</p>
<p>This directive gives the server administrator greater
control over abnormal client request behavior, which may be
useful for avoiding some forms of denial-of-service
attacks.</p>
<hr />
<h2><a id="limitrequestfields"
name="limitrequestfields">LimitRequestFields directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt LimitRequestFields} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> LimitRequestFields
<em>number</em><br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a>
<code>LimitRequestFields 100</code><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a>
LimitRequestFields is only available in Apache 1.3.2 and later.
<p><em>Number</em> is an integer from 0 (meaning unlimited) to
32767. The default value is defined by the compile-time
constant <code>DEFAULT_LIMIT_REQUEST_FIELDS</code> (100 as
distributed).</p>
<p>The LimitRequestFields directive allows the server
administrator to modify the limit on the number of request
header fields allowed in an HTTP request. A server needs this
value to be larger than the number of fields that a normal
client request might include. The number of request header
fields used by a client rarely exceeds 20, but this may vary
among different client implementations, often depending upon
the extent to which a user has configured their browser to
support detailed content negotiation. Optional HTTP extensions
are often expressed using request header fields.</p>
<p>This directive gives the server administrator greater
control over abnormal client request behavior, which may be
useful for avoiding some forms of denial-of-service attacks.
The value should be increased if normal clients see an error
response from the server that indicates too many fields were
sent in the request.</p>
<hr />
<h2><a id="limitrequestfieldsize"
name="limitrequestfieldsize">LimitRequestFieldsize
directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt LimitRequestFieldsize} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> LimitRequestFieldsize
<em>bytes</em><br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a>
<code>LimitRequestFieldsize 8190</code><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a>
LimitRequestFieldsize is only available in Apache 1.3.2 and
later.
<p>This directive specifies the number of <em>bytes</em> from 0
to the value of the compile-time constant
<code>DEFAULT_LIMIT_REQUEST_FIELDSIZE</code> (8190 as
distributed) that will be allowed in an HTTP request
header.</p>
<p>The LimitRequestFieldsize directive allows the server
administrator to reduce the limit on the allowed size of an
HTTP request header field below the normal input buffer size
compiled with the server. A server needs this value to be large
enough to hold any one header field from a normal client
request. The size of a normal request header field will vary
greatly among different client implementations, often depending
upon the extent to which a user has configured their browser to
support detailed content negotiation.</p>
<p>This directive gives the server administrator greater
control over abnormal client request behavior, which may be
useful for avoiding some forms of denial-of-service attacks.
Under normal conditions, the value should not be changed from
the default.</p>
<hr />
<h2><a id="limitrequestline"
name="limitrequestline">LimitRequestLine directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt LimitRequestLine} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> LimitRequestLine
<em>bytes</em><br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a> <code>LimitRequestLine
8190</code><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> LimitRequestLine
is only available in Apache 1.3.2 and later.
<p>This directive sets the number of <em>bytes</em> from 0 to
the value of the compile-time constant
<code>DEFAULT_LIMIT_REQUEST_LINE</code> (8190 as distributed)
that will be allowed on the HTTP request-line.</p>
<p>The LimitRequestLine directive allows the server
administrator to reduce the limit on the allowed size of a
client's HTTP request-line below the normal input buffer size
compiled with the server. Since the request-line consists of
the HTTP method, URI, and protocol version, the
LimitRequestLine directive places a restriction on the length
of a request-URI allowed for a request on the server. A server
needs this value to be large enough to hold any of its resource
names, including any information that might be passed in the
query part of a GET request.</p>
<p>This directive gives the server administrator greater
control over abnormal client request behavior, which may be
useful for avoiding some forms of denial-of-service attacks.
Under normal conditions, the value should not be changed from
the default.</p>
<hr />
<h2><a id="limitxmlrequestbody"
name="limitxmlrequestbody">LimitXMLRequestBody
directive</a></h2>
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> LimitXMLRequestBody
<em>number</em><br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a>
<code>LimitXMLRequestBody 1000000</code><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<p>Limit (in bytes) on maximum size of an XML-based request
body.</p>
<hr />
<h2><a id="location" name="location">&lt;Location&gt;
directive</a></h2>
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> &lt;Location
<em>URL-path</em>|<em>URL</em>&gt; ... &lt;/Location&gt;<br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config, virtual
host<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> Location is only
available in Apache 1.1 and later.
<p>The &lt;Location&gt; directive provides for access control
by URL. It is similar to the <a
href="#directory">&lt;Directory&gt;</a> directive, and starts a
subsection which is terminated with a &lt;/Location&gt;
directive. <code>&lt;Location&gt;</code> sections are processed
in the order they appear in the configuration file, after the
&lt;Directory&gt; sections and <code>.htaccess</code> files are
read, and after the &lt;Files&gt; sections.</p>
<p>Note that URLs do not have to line up with the filesystem at
all, it should be emphasized that &lt;Location&gt; operates
completely outside the filesystem.</p>
<p>For all origin (non-proxy) requests, the URL to be matched
is of the form <code>/path/</code>, and you should not include
any <code>http://servername</code> prefix. For proxy requests,
the URL to be matched is of the form
<code>scheme://servername/path</code>, and you must include the
prefix.</p>
<p>The URL may use wildcards In a wild-card string, `?' matches
any single character, and `*' matches any sequences of
characters.</p>
<p><strong>Apache 1.2 and above:</strong> Extended regular
expressions can also be used, with the addition of the
<code>~</code> character. For example:</p>
<pre>
&lt;Location ~ "/(extra|special)/data"&gt;
</pre>
<p>would match URLs that contained the substring "/extra/data"
or "/special/data". In Apache 1.3 and above, a new directive <a
href="#locationmatch">&lt;LocationMatch&gt;</a> exists which
behaves identical to the regex version of
<code>&lt;Location&gt;</code>.</p>
<p>The <code>Location</code> functionality is especially useful
when combined with the <code><a
href="mod_mime.html#sethandler">SetHandler</a></code>
directive. For example, to enable status requests, but allow
them only from browsers at foo.com, you might use:</p>
<pre>
&lt;Location /status&gt;
SetHandler server-status
Order Deny,Allow
Deny from all
Allow from .foo.com
&lt;/Location&gt;
</pre>
<p><strong>Apache 1.3 and above note about / (slash)</strong>:
The slash character has special meaning depending on where in a
URL it appears. People may be used to its behavior in the
filesystem where multiple adjacent slashes are frequently
collapsed to a single slash (<em>i.e.</em>,
<code>/home///foo</code> is the same as
<code>/home/foo</code>). In URL-space this is not necessarily
true. The <code>&lt;LocationMatch&gt;</code> directive and the
regex version of <code>&lt;Location&gt;</code> require you to
explicitly specify multiple slashes if that is your intention.
For example, <code>&lt;LocationMatch ^/abc&gt;</code> would
match the request URL <code>/abc</code> but not the request URL
<code>//abc</code>. The (non-regex)
<code>&lt;Location&gt;</code> directive behaves similarly when
used for proxy requests. But when (non-regex)
<code>&lt;Location&gt;</code> is used for non-proxy requests it
will implicitly match multiple slashes with a single slash. For
example, if you specify <code>&lt;Location /abc/def&gt;</code>
and the request is to <code>/abc//def</code> then it will
match.</p>
<p><strong>See also</strong>: <a href="../sections.html">How
Directory, Location and Files sections work</a> for an
explanation of how these different sections are combined when a
request is received</p>
<hr />
<h2><a id="locationmatch"
name="locationmatch">&lt;LocationMatch&gt;</a></h2>
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> &lt;LocationMatch
<em>regex</em>&gt; ... &lt;/LocationMatch&gt;<br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config, virtual
host<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> LocationMatch is
only available in Apache 1.3 and later.
<p>The &lt;LocationMatch&gt; directive provides for access
control by URL, in an identical manner to <a
href="#location">&lt;Location&gt;</a>. However, it takes a
regular expression as an argument instead of a simple string.
For example:</p>
<pre>
&lt;LocationMatch "/(extra|special)/data"&gt;
</pre>
<p>would match URLs that contained the substring "/extra/data"
or "/special/data".</p>
<strong>See also</strong>: <a href="../sections.html">How
Directory, Location and Files sections work</a> for an
explanation of how these different sections are combined when a
request is received
<hr />
<h2><a id="loglevel" name="loglevel">LogLevel
directive</a></h2>
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> LogLevel
<em>level</em><br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a> <code>LogLevel
warn</code><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config, virtual
host<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> LogLevel is only
available in 1.3 or later.
<p>LogLevel adjusts the verbosity of the messages recorded in
the error logs (see <a href="#errorlog">ErrorLog</a>
directive). The following <em>level</em>s are available, in
order of decreasing significance:</p>
<table>
<tr>
<th align="LEFT"><strong>Level</strong> </th>
<th align="LEFT"><strong>Description</strong> </th>
</tr>
<tr>
<th>
</th>
<th align="LEFT"><strong>Example</strong> </th>
</tr>
<tr>
<td><code>emerg</code> </td>
<td>Emergencies - system is unusable.</td>
</tr>
<tr>
<td>
</td>
<td>"Child cannot open lock file. Exiting"</td>
</tr>
<tr>
<td><code>alert</code> </td>
<td>Action must be taken immediately.</td>
</tr>
<tr>
<td>
</td>
<td>"getpwuid: couldn't determine user name from uid"</td>
</tr>
<tr>
<td><code>crit</code> </td>
<td>Critical Conditions.</td>
</tr>
<tr>
<td>
</td>
<td>"socket: Failed to get a socket, exiting child"</td>
</tr>
<tr>
<td><code>error</code> </td>
<td>Error conditions.</td>
</tr>
<tr>
<td>
</td>
<td>"Premature end of script headers"</td>
</tr>
<tr>
<td><code>warn</code> </td>
<td>Warning conditions.</td>
</tr>
<tr>
<td>
</td>
<td>"child process 1234 did not exit, sending another
SIGHUP"</td>
</tr>
<tr>
<td><code>notice</code> </td>
<td>Normal but significant condition.</td>
</tr>
<tr>
<td>
</td>
<td>"httpd: caught SIGBUS, attempting to dump core in
..."</td>
</tr>
<tr>
<td><code>info</code> </td>
<td>Informational.</td>
</tr>
<tr>
<td>
</td>
<td>"Server seems busy, (you may need to increase
StartServers, or Min/MaxSpareServers)..."</td>
</tr>
<tr>
<td><code>debug</code> </td>
<td>Debug-level messages</td>
</tr>
<tr>
<td>
</td>
<td>"Opening config file ..."</td>
</tr>
</table>
<p>When a particular level is specified, messages from all
other levels of higher significance will be reported as well.
<em>E.g.</em>, when <code>LogLevel info</code> is specified,
then messages with log levels of <code>notice</code> and
<code>warn</code> will also be posted.</p>
<p>Using a level of at least <code>crit</code> is
recommended.</p>
<hr />
<h2><a id="maxkeepaliverequests"
name="maxkeepaliverequests">MaxKeepAliveRequests
directive</a></h2>
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> MaxKeepAliveRequests
<em>number</em><br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a>
<code>MaxKeepAliveRequests 100</code><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> Only available
in Apache 1.2 and later.
<p>The MaxKeepAliveRequests directive limits the number of
requests allowed per connection when <a
href="#keepalive">KeepAlive</a> is on. If it is set to
"<code>0</code>", unlimited requests will be allowed. We
recommend that this setting be kept to a high value for maximum
server performance.</p>
<hr />
<h2><a id="namevirtualhost"
name="namevirtualhost">NameVirtualHost directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt NameVirtualHost} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> NameVirtualHost
<em>addr</em>[:<em>port</em>]<br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> NameVirtualHost
is only available in Apache 1.3 and later
<p>The NameVirtualHost directive is a required directive if you
want to configure <a href="../vhosts/">name-based virtual
hosts</a>.</p>
<p>Although <em>addr</em> can be hostname it is recommended
that you always use an IP address, <em>e.g.</em></p>
<blockquote>
<code>NameVirtualHost 111.22.33.44</code>
</blockquote>
With the NameVirtualHost directive you specify the IP address
on which the server will receive requests for the name-based
virtual hosts. This will usually be the address to which your
name-based virtual host names resolve. In cases where a
firewall or other proxy receives the requests and forwards them
on a different IP address to the server, you must specify the
IP address of the physical interface on the machine which will
be servicing the requests. If you have multiple name-based
hosts on multiple addresses, repeat the directive for each
address.
<p>Note: the "main server" and any _default_ servers will
<strong>never</strong> be served for a request to a
NameVirtualHost IP Address (unless for some reason you specify
NameVirtualHost but then don't define any VirtualHosts for that
address).</p>
<p>Optionally you can specify a port number on which the
name-based virtual hosts should be used, <em>e.g.</em></p>
<blockquote>
<code>NameVirtualHost 111.22.33.44:8080</code>
</blockquote>
<strong>See also:</strong> <a href="../vhosts/">Apache Virtual
Host documentation</a>
<hr />
<h2><a id="options" name="options">Options directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt Options} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> Options
[+|-]<em>option</em> [[+|-]<em>option</em>] ...<br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config, virtual
host, directory, .htaccess<br />
<a href="directive-dict.html#Override"
rel="Help"><strong>Override:</strong></a> Options<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core
<p>The Options directive controls which server features are
available in a particular directory.</p>
<p><em>option</em> can be set to <code>None</code>, in which
case none of the extra features are enabled, or one or more of
the following:</p>
<dl>
<dt>All</dt>
<dd>All options except for MultiViews. This is the default
setting.</dd>
<dt>ExecCGI</dt>
<dd><!--%plaintext &lt;?INDEX {\tt ExecCGI} option&gt; -->
Execution of CGI scripts is permitted.</dd>
<dt>FollowSymLinks</dt>
<dd>
<!--%plaintext &lt;?INDEX {\tt FollowSymLinks} option&gt; -->
The server will follow symbolic links in this
directory.<br />
<strong>Note</strong>: even though the server follows the
symlink it does <em>not</em> change the pathname used to
match against <code>&lt;Directory&gt;</code> sections.<br />
<strong>Note</strong>: this option gets ignored if set
inside a &lt;Location&gt; section.</dd>
<dt>Includes</dt>
<dd><!--%plaintext &lt;?INDEX {\tt Includes} option&gt; -->
Server-side includes are permitted.</dd>
<dt>IncludesNOEXEC</dt>
<dd>
<!--%plaintext &lt;?INDEX {\tt IncludesNOEXEC} option&gt; -->
Server-side includes are permitted, but the #exec command and
#exec CGI are disabled. It is still possible to #include
virtual CGI scripts from ScriptAliase'd directories.</dd>
<dt>Indexes</dt>
<dd><!--%plaintext &lt;?INDEX {\tt Indexes} option&gt; -->
If a URL which maps to a directory is requested, and the
there is no DirectoryIndex (<em>e.g.</em>, index.html) in
that directory, then the server will return a formatted
listing of the directory.</dd>
<dt>MultiViews</dt>
<dd><!--%plaintext &lt;?INDEX {\tt MultiViews} option&gt; -->
<a href="../content-negotiation.html">Content negotiated</a>
MultiViews are allowed.</dd>
<dt>SymLinksIfOwnerMatch</dt>
<dd>
<!--%plaintext &lt;?INDEX {\tt SymLinksIfOwnerMatch} option&gt; -->
The server will only follow symbolic links for which the
target file or directory is owned by the same user id as the
link.<br />
<strong>Note</strong>: this option gets ignored if set
inside a &lt;Location&gt; section.</dd>
</dl>
Normally, if multiple <code>Options</code> could apply to a
directory, then the most specific one is taken complete; the
options are not merged. However if <em>all</em> the options on
the <code>Options</code> directive are preceded by a + or -
symbol, the options are merged. Any options preceded by a + are
added to the options currently in force, and any options
preceded by a - are removed from the options currently in
force.
<p>For example, without any + and - symbols:</p>
<blockquote>
<code>&lt;Directory /web/docs&gt;<br />
Options Indexes FollowSymLinks<br />
&lt;/Directory&gt;<br />
&lt;Directory /web/docs/spec&gt;<br />
Options Includes<br />
&lt;/Directory&gt;</code>
</blockquote>
then only <code>Includes</code> will be set for the
/web/docs/spec directory. However if the second
<code>Options</code> directive uses the + and - symbols:
<blockquote>
<code>&lt;Directory /web/docs&gt;<br />
Options Indexes FollowSymLinks<br />
&lt;/Directory&gt;<br />
&lt;Directory /web/docs/spec&gt;<br />
Options +Includes -Indexes<br />
&lt;/Directory&gt;</code>
</blockquote>
then the options <code>FollowSymLinks</code> and
<code>Includes</code> are set for the /web/docs/spec directory.
<p><strong>Note:</strong> Using <code>-IncludesNOEXEC</code> or
<code>-Includes</code> disables server-side includes completely
regardless of the previous setting.</p>
<p>The default in the absence of any other settings is
<code>All</code>.</p>
<hr />
<h2><a id="require" name="require">Require directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt Require} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> Require
<em>entity-name</em> [<em>entity-name</em>] ...<br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> directory,
.htaccess<br />
<a href="directive-dict.html#Override"
rel="Help"><strong>Override:</strong></a> AuthConfig<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core
<p>This directive selects which authenticated users can access
a directory. The allowed syntaxes are:</p>
<ul>
<li>
Require user <em>userid</em> [<em>userid</em>] ...
<p>Only the named users can access the directory.</p>
</li>
<li>
Require group <em>group-name</em> [<em>group-name</em>] ...
<p>Only users in the named groups can access the
directory.</p>
</li>
<li>
Require valid-user
<p>All valid users can access the directory.</p>
</li>
</ul>
<p>Require must be accompanied by <a
href="#authname">AuthName</a> and <a
href="#authtype">AuthType</a> directives, and directives such
as <a href="mod_auth.html#authuserfile">AuthUserFile</a> and <a
href="mod_auth.html#authgroupfile">AuthGroupFile</a> (to define
users and groups) in order to work correctly. Example:</p>
<blockquote>
<code>AuthType Basic<br />
AuthName "Restricted Directory"<br />
AuthUserFile /web/users<br />
AuthGroupFile /web/groups<br />
Require group admin<br />
</code>
</blockquote>
Access controls which are applied in this way are effective for
<strong>all</strong> methods. <strong>This is what is normally
desired.</strong> If you wish to apply access controls only to
specific methods, while leaving other methods unprotected, then
place the <code>Require</code> statement into a <a
href="#limit">&lt;Limit&gt;</a> section
<p>See also <a href="#satisfy">Satisfy</a> and <a
href="mod_access.html">mod_access</a>.</p>
<hr />
<h2><a id="rlimit" name="rlimit">RLimitCPU</a> <a
id="rlimitcpu" name="rlimitcpu">directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt RLimitCPU} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> RLimitCPU
<em>number</em>|max [<em>number</em>|max] <br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a> <em>Unset; uses
operating system defaults</em> <br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config, virtual
host<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> RLimitCPU is
only available in Apache 1.2 and later. Moved in version 2.0 to
the <a href="../mpm.html">MPMs</a>.
<p>Takes 1 or 2 parameters. The first parameter sets the soft
resource limit for all processes and the second parameter sets
the maximum resource limit. Either parameter can be a number,
or <em>max</em> to indicate to the server that the limit should
be set to the maximum allowed by the operating system
configuration. Raising the maximum resource limit requires that
the server is running as root, or in the initial startup
phase.</p>
<p>This applies to processes forked off from Apache children
servicing requests, not the Apache children themselves. This
includes CGI scripts and SSI exec commands, but not any
processes forked off from the Apache parent such as piped
logs.</p>
<p>CPU resource limits are expressed in seconds per
process.</p>
<p>See also <a href="#rlimitmem">RLimitMEM</a> or <a
href="#rlimitnproc">RLimitNPROC</a>.</p>
<hr />
<h2><a id="rlimitmem" name="rlimitmem">RLimitMEM
directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt RLimitMEM} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> RLimitMEM
<em>number</em>|max [<em>number</em>|max]<br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a> <em>Unset; uses
operating system defaults</em> <br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config, virtual
host<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> RLimitMEM is
only available in Apache 1.2 and later. Moved in version 2.0 to
the <a href="../mpm.html">MPMs</a>.
<p>Takes 1 or 2 parameters. The first parameter sets the soft
resource limit for all processes and the second parameter sets
the maximum resource limit. Either parameter can be a number,
or <em>max</em> to indicate to the server that the limit should
be set to the maximum allowed by the operating system
configuration. Raising the maximum resource limit requires that
the server is running as root, or in the initial startup
phase.</p>
<p>This applies to processes forked off from Apache children
servicing requests, not the Apache children themselves. This
includes CGI scripts and SSI exec commands, but not any
processes forked off from the Apache parent such as piped
logs.</p>
<p>Memory resource limits are expressed in bytes per
process.</p>
<p>See also <a href="#rlimitcpu">RLimitCPU</a> or <a
href="#rlimitnproc">RLimitNPROC</a>.</p>
<hr />
<h2><a id="rlimitnproc" name="rlimitnproc">RLimitNPROC
directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt RLimitNPROC} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> RLimitNPROC
<em>number</em>|max [<em>number</em>|max]<br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a> <em>Unset; uses
operating system defaults</em> <br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config, virtual
host<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> RLimitNPROC is
only available in Apache 1.2 and later. Moved in version 2.0 to
the <a href="../mpm.html">MPMs</a>.
<p>Takes 1 or 2 parameters. The first parameter sets the soft
resource limit for all processes and the second parameter sets
the maximum resource limit. Either parameter can be a number,
or <code>max</code> to indicate to the server that the limit
should be set to the maximum allowed by the operating system
configuration. Raising the maximum resource limit requires that
the server is running as root, or in the initial startup
phase.</p>
<p>This applies to processes forked off from Apache children
servicing requests, not the Apache children themselves. This
includes CGI scripts and SSI exec commands, but not any
processes forked off from the Apache parent such as piped
logs.</p>
<p>Process limits control the number of processes per user.</p>
<p>Note: If CGI processes are <strong>not</strong> running
under userids other than the web server userid, this directive
will limit the number of processes that the server itself can
create. Evidence of this situation will be indicated by
<strong><em>cannot fork</em></strong> messages in the
error_log.</p>
<p>See also <a href="#rlimitmem">RLimitMEM</a> or <a
href="#rlimitcpu">RLimitCPU</a>.</p>
<hr />
<h2><a id="satisfy" name="satisfy">Satisfy directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt Satisfy} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> Satisfy any|all<br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a> Satisfy all<br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> directory,
.htaccess<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> Satisfy is only
available in Apache 1.2 and later
<p>Access policy if both <code>Allow</code> and
<code>Require</code> used. The parameter can be either
<em>'all'</em> or <em>'any'</em>. This directive is only useful
if access to a particular area is being restricted by both
username/password <em>and</em> client host address. In this
case the default behavior ("all") is to require that the client
passes the address access restriction <em>and</em> enters a
valid username and password. With the "any" option the client
will be granted access if they either pass the host restriction
or enter a valid username and password. This can be used to
password restrict an area, but to let clients from particular
addresses in without prompting for a password.</p>
<p>See also <a href="#require">Require</a> and <a
href="mod_access.html">mod_access</a>.</p>
<hr />
<h2><a id="scriptinterpretersource"
name="scriptinterpretersource">ScriptInterpreterSource
directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt ScriptInterpreterSource} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> ScriptInterpreterSource
registry|script<br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a>
<code>ScriptInterpreterSource script</code> <br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> directory,
.htaccess<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core (Windows only)
<p>This directive is used to control how Apache 1.3.5 and later
finds the interpreter used to run CGI scripts. The default
technique is to use the interpreter pointed to by the #! line
in the script. Setting ScriptInterpreterSource registry will
cause the Windows Registry to be searched using the script file
extension (e.g., .pl) as a search key.</p>
<hr />
<h2><a id="serveradmin" name="serveradmin">ServerAdmin
directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt ServerAdmin} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> ServerAdmin
<em>email-address</em><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config, virtual
host<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core
<p>The ServerAdmin sets the e-mail address that the server
includes in any error messages it returns to the client.</p>
<p>It may be worth setting up a dedicated address for this,
<em>e.g.</em></p>
<blockquote>
<code>ServerAdmin www-admin@foo.bar.com</code>
</blockquote>
as users do not always mention that they are talking about the
server!
<hr />
<h2><a id="serveralias" name="serveralias">ServerAlias
directive</a></h2>
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> ServerAlias
<em>hostname</em> [<em>hostname</em>] ...<br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> virtual host<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> ServerAlias is
only available in Apache 1.1 and later.
<p>The ServerAlias directive sets the alternate names for a
host, for use with <a
href="../vhosts/name-based.html">name-based virtual
hosts</a>.</p>
<p><strong>See also:</strong> <a href="../vhosts/">Apache
Virtual Host documentation</a></p>
<hr />
<h2><a id="servername" name="servername">ServerName
directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt ServerName} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> ServerName
<em>fully-qualified-domain-name:port</em> <br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config, virtual
host<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core
<p>The ServerName directive sets the hostname of the server;
this is used when creating redirection URLs. If it is not
specified, then the server attempts to deduce it from its own
IP address; however this may not work reliably, or may not
return the preferred hostname. For example:</p>
<blockquote>
<code>ServerName www.example.com:80</code>
</blockquote>
would be used if the canonical (main) name of the actual
machine were <code>simple.example.com</code>.
<p>If you are using <a
href="../vhosts/name-based.html">name-based virtual hosts</a>,
the <code>ServerName</code> inside a <a
href="#virtualhost"><code>&lt;VirtualHost&gt;</code></a>
section specifies what hostname must appear in the request's
<code>Host:</code> header to match this virtual host.</p>
<p>This directive now takes allows a port to be added to the
server name. This allows an admin to assign the canonical
port at the same time that the canonical name is assigned.
The Port directive, which used to perform this role, has also
been removed, easing configuration for all users.
<p><strong>See Also</strong>:<br />
<a href="../dns-caveats.html">DNS Issues</a><br />
<a href="../vhosts/">Apache virtual host
documentation</a><br />
<a href="#usecanonicalname">UseCanonicalName</a><br />
<a href="#namevirtualhost">NameVirtualHost</a><br />
<a href="#serveralias">ServerAlias</a><br />
</p>
<hr />
<h2><a id="serverpath" name="serverpath">ServerPath
directive</a></h2>
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> ServerPath
<em>directory-path</em><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> virtual host<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> ServerPath is
only available in Apache 1.1 and later.
<p>The ServerPath directive sets the legacy URL pathname for a
host, for use with <a href="../vhosts/">name-based virtual
hosts</a>.</p>
<p><strong>See also:</strong> <a href="../vhosts/">Apache
Virtual Host documentation</a></p>
<hr />
<h2><a id="serverroot" name="serverroot">ServerRoot
directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt ServerRoot} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> ServerRoot
<em>directory-path</em><br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a> <code>ServerRoot
/usr/local/apache</code><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core
<p>The ServerRoot directive sets the directory in which the
server lives. Typically it will contain the subdirectories
<code>conf/</code> and <code>logs/</code>. Relative paths for
other configuration files are taken as relative to this
directory.</p>
<p>See also <a href="../invoking.html">the <code>-d</code>
option to httpd</a>.</p>
<p>See also <a href="../misc/security_tips.html#serverroot">the
security tips</a> for information on how to properly set
permissions on the ServerRoot.</p>
<hr />
<h2><a id="serversignature"
name="serversignature">ServerSignature directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt ServerSignature} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> ServerSignature
On|Off|EMail<br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a> <code>ServerSignature
Off</code><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config, virtual
host, directory, .htaccess<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> ServerSignature
is only available in Apache 1.3 and later.
<p>The ServerSignature directive allows the configuration of a
trailing footer line under server-generated documents (error
messages, mod_proxy ftp directory listings, mod_info output,
...). The reason why you would want to enable such a footer
line is that in a chain of proxies, the user often has no
possibility to tell which of the chained servers actually
produced a returned error message.<br />
The <samp>Off</samp> setting, which is the default, suppresses
the error line (and is therefore compatible with the behavior
of Apache-1.2 and below). The <samp>On</samp> setting simply
adds a line with the server version number and <a
href="#servername">ServerName</a> of the serving virtual host,
and the <samp>EMail</samp> setting additionally creates a
"mailto:" reference to the <a
href="#serveradmin">ServerAdmin</a> of the referenced
document.</p>
<hr />
<h2><a id="servertokens" name="servertokens">ServerTokens
directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt ServerTokens} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> ServerTokens
Minimal|ProductOnly|OS|Full<br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a> <code>ServerTokens
Full</code><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config <br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> ServerTokens is
only available in Apache 1.3 and later; the
<code>ProductOnly</code> keyword is only available in versions
later than 1.3.12
<p>This directive controls whether <samp>Server</samp> response
header field which is sent back to clients includes a
description of the generic OS-type of the server as well as
information about compiled-in modules.</p>
<dl>
<dt><code>ServerTokens Prod[uctOnly]</code></dt>
<dd>Server sends (<em>e.g.</em>): <samp>Server:
Apache</samp></dd>
<dt><code>ServerTokens Min[imal]</code></dt>
<dd>Server sends (<em>e.g.</em>): <samp>Server:
Apache/1.3.0</samp></dd>
<dt><code>ServerTokens OS</code></dt>
<dd>Server sends (<em>e.g.</em>): <samp>Server: Apache/1.3.0
(Unix)</samp></dd>
<dt><code>ServerTokens Full</code> (or not specified)</dt>
<dd>Server sends (<em>e.g.</em>): <samp>Server: Apache/1.3.0
(Unix) PHP/3.0 MyMod/1.2</samp></dd>
</dl>
<p>This setting applies to the entire server, and cannot be
enabled or disabled on a virtualhost-by-virtualhost basis.</p>
<hr />
<h2><a id="sethandler" name="sethandler">SetHandler</a>
directive</h2>
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> SetHandler
<em>handler-name</em><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> directory, files,
location, .htaccess<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> Base<br />
<a href="directive-dict.html#Module"
rel="Help"><strong>Module:</strong></a> core<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> SetHandler was
introduced in mod_mime with Apache 1.1, and moved into the core
with Apache 2.0
<p>When placed into an <code>.htaccess</code> file or a
<code>&lt;Directory&gt;</code> or <code>&lt;Location&gt;</code>
section, this directive forces all matching files to be parsed
through the <a href="../handler.html">handler</a> given by
<em>handler-name</em>. For example, if you had a directory you
wanted to be parsed entirely as imagemap rule files, regardless
of extension, you might put the following into an
<code>.htaccess</code> file in that directory:</p>
<pre>
SetHandler imap-file
</pre>
<p>Another example: if you wanted to have the server display a
status report whenever a URL of
<code>http://servername/status</code> was called, you might put
the following into access.conf:</p>
<pre>
&lt;Location /status&gt;
SetHandler server-status
&lt;/Location&gt;
</pre>
<hr />
<h2><a id="setinputfilter" name="setinputfilter">SetInputFilter
directive</a></h2>
<p><a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> SetInputFilter
<em>filter</em>[<em>;filter</em>...]<br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a> none<br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> directory, files,
location, .htaccess<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core</p>
<p>The <code>SetInputFilter</code> directive sets the filter or
filters which will process client requests and POST input when
they are received by the server. This is in addition to any
filters defined elsewhere, including the <a
href="mod_mime.html#addinputfilter">AddInputFilter</a>
directive.</p>
<p>If more than one filter is specified, they must be seperated
by semicolons in the order in which they should process the
content.</p>
<p>See also the <a href="../filter.html">Filters</a>
documentation.</p>
<hr />
<h2><a id="setoutputfilter"
name="setoutputfilter">SetOutputFilter directive</a></h2>
<p><a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> SetOutputFilter
<em>filter</em> [<em>filter</em>] ...<br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a> none<br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> directory, files,
location, .htaccess<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core</p>
<p>The <code>SetOutputFilter</code> directive sets the filters
which will process responses from the server before they are
sent to the client. This is in addition to any filters defined
elsewhere, including the <a
href="mod_mime.html#addoutputfilter">AddOutputFilter</a>
directive.</p>
For example, the following configuration will process all files
in the <code>/www/data/</code> directory for server-side
includes.<br />
<br />
<blockquote>
<code>&lt;Directory /www/data/&gt;<br />
&nbsp;&nbsp;SetOutputFilter INCLUDES<br />
&lt;/Directory&gt;</code>
</blockquote>
<p>If more than one filter is specified, they must be seperated
by semicolons in the order in which they should process the
content.</p>
<p>See also the <a href="../filter.html">Filters</a>
documentation.</p>
<hr />
<h2><a id="timeout" name="timeout">TimeOut directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt TimeOut} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> TimeOut
<em>number</em><br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a> <code>TimeOut
300</code><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> core
<p>The TimeOut directive currently defines the amount of time
Apache will wait for three things:</p>
<ol>
<li>The total amount of time it takes to receive a GET
request.</li>
<li>The amount of time between receipt of TCP packets on a
POST or PUT request.</li>
<li>The amount of time between ACKs on transmissions of TCP
packets in responses.</li>
</ol>
We plan on making these separately configurable at some point
down the road. The timer used to default to 1200 before 1.2,
but has been lowered to 300 which is still far more than
necessary in most situations. It is not set any lower by
default because there may still be odd places in the code where
the timer is not reset when a packet is sent.
<hr />
<h2><a id="usecanonicalname"
name="usecanonicalname">UseCanonicalName directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt UseCanonicalName} directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> UseCanonicalName
on|off|dns<br />
<a href="directive-dict.html#Default"
rel="Help"><strong>Default:</strong></a> <code>UseCanonicalName
on</code><br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config, virtual
host, directory<br />
<a href="directive-dict.html#Override"
rel="Help"><strong>Override:</strong></a> Options<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> UseCanonicalName
is only available in Apache 1.3 and later
<p>In many situations Apache has to construct a
<em>self-referential</em> URL. That is, a URL which refers back
to the same server. With <code>UseCanonicalName on</code> (and
in all versions prior to 1.3) Apache will use the <a
href="#servername">ServerName</a> and <a href="#port">Port</a>
directives to construct a canonical name for the server. This
name is used in all self-referential URLs, and for the values
of <code>SERVER_NAME</code> and <code>SERVER_PORT</code> in
CGIs.</p>
<p>With <code>UseCanonicalName off</code> Apache will form
self-referential URLs using the hostname and port supplied by
the client if any are supplied (otherwise it will use the
canonical name). These values are the same that are used to
implement <a href="../vhosts/name-based.html">name based
virtual hosts</a>, and are available with the same clients. The
CGI variables <code>SERVER_NAME</code> and
<code>SERVER_PORT</code> will be constructed from the client
supplied values as well.</p>
<p>An example where this may be useful is on an intranet server
where you have users connecting to the machine using short
names such as <code>www</code>. You'll notice that if the users
type a shortname, and a URL which is a directory, such as
<code>http://www/splat</code>, <em>without the trailing
slash</em> then Apache will redirect them to
<code>http://www.domain.com/splat/</code>. If you have
authentication enabled, this will cause the user to have to
reauthenticate twice (once for <code>www</code> and once again
for <code>www.domain.com</code>). But if
<code>UseCanonicalName</code> is set off, then Apache will
redirect to <code>http://www/splat/</code>.</p>
<p>There is a third option, <code>UseCanonicalName DNS</code>,
which is intended for use with mass IP-based virtual hosting to
support ancient clients that do not provide a
<code>Host:</code> header. With this option Apache does a
reverse DNS lookup on the server IP address that the client
connected to in order to work out self-referential URLs.</p>
<p><strong>Warning:</strong> if CGIs make assumptions about the
values of <code>SERVER_NAME</code> they may be broken by this
option. The client is essentially free to give whatever value
they want as a hostname. But if the CGI is only using
<code>SERVER_NAME</code> to construct self-referential URLs
then it should be just fine.</p>
<p><strong>See also:</strong> <a
href="#servername">ServerName</a>, <a href="#port">Port</a></p>
<hr />
<h2><a id="virtualhost" name="virtualhost">&lt;VirtualHost&gt;
directive</a></h2>
<!--%plaintext &lt;?INDEX {\tt VirtualHost} section directive&gt; -->
<a href="directive-dict.html#Syntax"
rel="Help"><strong>Syntax:</strong></a> &lt;VirtualHost
<em>addr</em>[:<em>port</em>] [<em>addr</em>[:<em>port</em>]]
...&gt; ... &lt;/VirtualHost&gt; <br />
<a href="directive-dict.html#Context"
rel="Help"><strong>Context:</strong></a> server config<br />
<a href="directive-dict.html#Status"
rel="Help"><strong>Status:</strong></a> Core.<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> Non-IP
address-based Virtual Hosting only available in Apache 1.1 and
later.<br />
<a href="directive-dict.html#Compatibility"
rel="Help"><strong>Compatibility:</strong></a> Multiple address
support only available in Apache 1.2 and later.
<p>&lt;VirtualHost&gt; and &lt;/VirtualHost&gt; are used to
enclose a group of directives which will apply only to a
particular virtual host. Any directive which is allowed in a
virtual host context may be used. When the server receives a
request for a document on a particular virtual host, it uses
the configuration directives enclosed in the
&lt;VirtualHost&gt; section. <em>Addr</em> can be</p>
<ul>
<li>The IP address of the virtual host</li>
<li>A fully qualified domain name for the IP address of the
virtual host.</li>
</ul>
Example:
<blockquote>
<code>&lt;VirtualHost 10.1.2.3&gt;<br />
ServerAdmin webmaster@host.foo.com<br />
DocumentRoot /www/docs/host.foo.com<br />
ServerName host.foo.com<br />
ErrorLog logs/host.foo.com-error_log<br />
TransferLog logs/host.foo.com-access_log<br />
&lt;/VirtualHost&gt;</code>
</blockquote>
Each VirtualHost must correspond to a different IP address,
different port number or a different host name for the server,
in the former case the server machine must be configured to
accept IP packets for multiple addresses. (If the machine does
not have multiple network interfaces, then this can be
accomplished with the <code>ifconfig alias</code> command (if
your OS supports it), or with kernel patches like <a
href="../misc/vif-info.html">VIF</a> (for SunOS(TM) 4.1.x)).
<p>The special name <code>_default_</code> can be specified in
which case this virtual host will match any IP address that is
not explicitly listed in another virtual host. In the absence
of any _default_ virtual host the "main" server config,
consisting of all those definitions outside any VirtualHost
section, is used when no match occurs.</p>
<p>You can specify a <code>:port</code> to change the port that
is matched. If unspecified then it defaults to the same port as
the most recent <code><a href="#port">Port</a></code> statement
of the main server. You may also specify <code>:*</code> to
match all ports on that address. (This is recommended when used
with <code>_default_</code>.)</p>
<p><strong>SECURITY</strong>: See the <a
href="../misc/security_tips.html">security tips</a> document
for details on why your security could be compromised if the
directory where logfiles are stored is writable by anyone other
than the user that starts the server.</p>
<p><strong>NOTE</strong>: The use of &lt;VirtualHost&gt; does
<strong>not</strong> affect what addresses Apache listens on.
You may need to ensure that Apache is listening on the correct
addresses using <a
href="mpm_common.html#listen">Listen</a>.</p>
<p><strong>See also:</strong> <a href="../vhosts/">Apache
Virtual Host documentation</a><br />
<strong>See also:</strong> <a
href="../dns-caveats.html">Warnings about DNS and
Apache</a><br />
<strong>See also:</strong> <a href="../bind.html">Setting
which addresses and ports Apache uses</a><br />
<strong>See also</strong>: <a href="../sections.html">How
Directory, Location and Files sections work</a> for an
explanation of how these different sections are combined when a
request is received</p>
<!--#include virtual="footer.html" -->
</body>
</html>
View Git Blame Copy Permalink