Annotation of doc/install/suse/sles9/i386/httpd.conf, revision 1.1
1.1 ! raeburn 1: ##
! 2: ## httpd.conf -- Apache HTTP server configuration file
! 3: ##
! 4:
! 5: #
! 6: # Based upon the NCSA server configuration files originally by Rob McCool.
! 7: #
! 8: # This is the main Apache server configuration file. It contains the
! 9: # configuration directives that give the server its instructions.
! 10: # See <URL:http://www.apache.org/docs/> for detailed information about
! 11: # the directives.
! 12: #
! 13: # Do NOT simply read the instructions in here without understanding
! 14: # what they do. They're here only as hints or reminders. If you are unsure
! 15: # consult the online docs. You have been warned.
! 16: #
! 17: # After this file is processed, the server will look for and process
! 18: # /etc/httpd/srm.conf and then /etc/httpd/access.conf
! 19: # unless you have overridden these with ResourceConfig and/or
! 20: # AccessConfig directives here.
! 21: #
! 22: # The configuration directives are grouped into three basic sections:
! 23: # 1. Directives that control the operation of the Apache server process as a
! 24: # whole (the 'global environment').
! 25: # 2. Directives that define the parameters of the 'main' or 'default' server,
! 26: # which responds to requests that aren't handled by a virtual host.
! 27: # These directives also provide default values for the settings
! 28: # of all virtual hosts.
! 29: # 3. Settings for virtual hosts, which allow Web requests to be sent to
! 30: # different IP addresses or hostnames and have them handled by the
! 31: # same Apache server process.
! 32: #
! 33: # Configuration and logfile names: If the filenames you specify for many
! 34: # of the server's control files begin with "/" (or "drive:/" for Win32), the
! 35: # server will use that explicit path. If the filenames do *not* begin
! 36: # with "/", the value of ServerRoot is prepended -- so "logs/foo.log"
! 37: # with ServerRoot set to "/usr/local/apache" will be interpreted by the
! 38: # server as "/usr/local/apache/logs/foo.log".
! 39: #
! 40:
! 41: ### Section 1: Global Environment
! 42: #
! 43: # The directives in this section affect the overall operation of Apache,
! 44: # such as the number of concurrent requests it can handle or where it
! 45: # can find its configuration files.
! 46: #
! 47:
! 48: #
! 49: # ServerType is either inetd, or standalone. Inetd mode is only supported on
! 50: # Unix platforms.
! 51: #
! 52: ServerType standalone
! 53:
! 54: #
! 55: # ServerRoot: The top of the directory tree under which the server's
! 56: # configuration, error, and log files are kept.
! 57: #
! 58: # NOTE! If you intend to place this on an NFS (or otherwise network)
! 59: # mounted filesystem then please read the LockFile documentation
! 60: # (available at <URL:http://www.apache.org/docs/mod/core.html#lockfile>);
! 61: # you will save yourself a lot of trouble.
! 62: #
! 63: ServerRoot "/etc/httpd"
! 64:
! 65: #
! 66: # The LockFile directive sets the path to the lockfile used when Apache
! 67: # is compiled with either USE_FCNTL_SERIALIZED_ACCEPT or
! 68: # USE_FLOCK_SERIALIZED_ACCEPT. This directive should normally be left at
! 69: # its default value. The main reason for changing it is if the logs
! 70: # directory is NFS mounted, since the lockfile MUST BE STORED ON A LOCAL
! 71: # DISK. The PID of the main server process is automatically appended to
! 72: # the filename.
! 73: #
! 74: LockFile /var/lock/subsys/httpd/httpd.accept.lock
! 75:
! 76: #
! 77: # PidFile: The file in which the server should record its process
! 78: # identification number when it starts.
! 79: #
! 80: PidFile /var/run/httpd.pid
! 81:
! 82: #
! 83: # ScoreBoardFile: File used to store internal server process information.
! 84: # Not all architectures require this. But if yours does (you'll know because
! 85: # this file will be created when you run Apache) then you *must* ensure that
! 86: # no two invocations of Apache share the same scoreboard file.
! 87: #
! 88: ScoreBoardFile /var/run/httpd.scoreboard
! 89:
! 90: #
! 91: # In the standard configuration, the server will process httpd.conf (this
! 92: # file, specified by the -f command line option), srm.conf, and access.conf
! 93: # in that order. The latter two files are now distributed empty, as it is
! 94: # recommended that all directives be kept in a single file for simplicity.
! 95: # The commented-out values below are the built-in defaults. You can have the
! 96: # server ignore these files altogether by using "/dev/null" (for Unix) or
! 97: # "nul" (for Win32) for the arguments to the directives.
! 98: #
! 99: #ResourceConfig /etc/httpd/srm.conf
! 100: #AccessConfig /etc/httpd/access.conf
! 101:
! 102: #
! 103: # Timeout: The number of seconds before receives and sends time out.
! 104: #
! 105: Timeout 300
! 106:
! 107: #
! 108: # KeepAlive: Whether or not to allow persistent connections (more than
! 109: # one request per connection). Set to "Off" to deactivate.
! 110: #
! 111: KeepAlive On
! 112:
! 113: #
! 114: # MaxKeepAliveRequests: The maximum number of requests to allow
! 115: # during a persistent connection. Set to 0 to allow an unlimited amount.
! 116: # We recommend you leave this number high, for maximum performance.
! 117: #
! 118: MaxKeepAliveRequests 100
! 119:
! 120: #
! 121: # KeepAliveTimeout: Number of seconds to wait for the next request from the
! 122: # same client on the same connection.
! 123: #
! 124: KeepAliveTimeout 15
! 125:
! 126: #
! 127: # Server-pool size regulation. Rather than making you guess how many
! 128: # server processes you need, Apache dynamically adapts to the load it
! 129: # sees --- that is, it tries to maintain enough server processes to
! 130: # handle the current load, plus a few spare servers to handle transient
! 131: # load spikes (e.g., multiple simultaneous requests from a single
! 132: # Netscape browser).
! 133: #
! 134: # It does this by periodically checking how many servers are waiting
! 135: # for a request. If there are fewer than MinSpareServers, it creates
! 136: # a new spare. If there are more than MaxSpareServers, some of the
! 137: # spares die off. The default values are probably OK for most sites.
! 138: #
! 139:
! 140: # Note: these two values are set by SuSEconfig according to the setting of the
! 141: # HTTPD_PERFORMANCE variable in /etc/sysconfig/apache!
! 142: MinSpareServers 1
! 143: MaxSpareServers 1
! 144:
! 145: #
! 146: # Number of servers to start initially --- should be a reasonable ballpark
! 147: # figure.
! 148: #
! 149:
! 150: # Note: this value is set by SuSEconfig according to the setting of the
! 151: # HTTPD_PERFORMANCE variable in /etc/sysconfig/apache!
! 152: StartServers 1
! 153:
! 154: #
! 155: # Limit on total number of servers running, i.e., limit on the number
! 156: # of clients who can simultaneously connect --- if this limit is ever
! 157: # reached, clients will be LOCKED OUT, so it should NOT BE SET TOO LOW.
! 158: # It is intended mainly as a brake to keep a runaway server from taking
! 159: # the system with it as it spirals down...
! 160: #
! 161:
! 162: # Note: this value is set by SuSEconfig according to the setting of the
! 163: # HTTPD_PERFORMANCE variable in /etc/sysconfig/apache!
! 164: MaxClients 150
! 165:
! 166: #
! 167: # MaxRequestsPerChild: the number of requests each child process is
! 168: # allowed to process before the child dies. The child will exit so
! 169: # as to avoid problems after prolonged use when Apache (and maybe the
! 170: # libraries it uses) leak memory or other resources. On most systems, this
! 171: # isn't really needed, but a few (such as Solaris) do have notable leaks
! 172: # in the libraries. For these platforms, set to something like 10000
! 173: # or so; a setting of 0 means unlimited.
! 174: #
! 175: # NOTE: This value does not include keepalive requests after the initial
! 176: # request per connection. For example, if a child process handles
! 177: # an initial request and 10 subsequent "keptalive" requests, it
! 178: # would only count as 1 request towards this limit.
! 179: #
! 180: MaxRequestsPerChild 0
! 181:
! 182: #
! 183: # Listen: Allows you to bind Apache to specific IP addresses and/or
! 184: # ports, instead of the default. See also the <VirtualHost>
! 185: # directive.
! 186: #
! 187: #Listen 3000
! 188: #Listen 12.34.56.78:80
! 189:
! 190: #
! 191: # BindAddress: You can support virtual hosts with this option. This directive
! 192: # is used to tell the server which IP address to listen to. It can either
! 193: # contain "*", an IP address, or a fully qualified Internet domain name.
! 194: # See also the <VirtualHost> and Listen directives.
! 195: #
! 196: #BindAddress *
! 197:
! 198: #
! 199: # Dynamic Shared Object (DSO) Support
! 200: #
! 201: # To be able to use the functionality of a module which was built as a DSO you
! 202: # have to place corresponding `LoadModule' lines at this location so the
! 203: # directives contained in it are actually available _before_ they are used.
! 204: # Please read the file http://httpd.apache.org/docs/dso.html for more
! 205: # details about the DSO mechanism and run `httpd -l' for the list of already
! 206: # built-in (statically linked and thus always available) modules in your httpd
! 207: # binary.
! 208: #
! 209: # Note: The order in which modules are loaded is important. Don't change
! 210: # the order below without expert advice.
! 211:
! 212: # Note:
! 213: #
! 214: # The file that is included after the LoadModule statements is generated
! 215: # by SuSEconfig according to
! 216: #
! 217: # 1) which modules (ones not included with apache) are installed
! 218: # 2) the settings in /etc/sysconfig/apache
! 219: #
! 220: # SuSEconfig uses the /etc/httpd/modules/* files that come with each module
! 221: # to determine the necessary directives.
! 222: #
! 223: # Apache no longer needs to be started with '-D <modules>' switches (with
! 224: # the exception of mod_ssl, which has a lot of conditional statements).
! 225:
! 226: # Example:
! 227: # LoadModule foo_module libexec/mod_foo.so
! 228: LoadModule mmap_static_module /usr/lib/apache/mod_mmap_static.so
! 229: LoadModule vhost_alias_module /usr/lib/apache/mod_vhost_alias.so
! 230: LoadModule env_module /usr/lib/apache/mod_env.so
! 231: LoadModule define_module /usr/lib/apache/mod_define.so
! 232: LoadModule config_log_module /usr/lib/apache/mod_log_config.so
! 233: LoadModule agent_log_module /usr/lib/apache/mod_log_agent.so
! 234: LoadModule referer_log_module /usr/lib/apache/mod_log_referer.so
! 235: LoadModule mime_magic_module /usr/lib/apache/mod_mime_magic.so
! 236: LoadModule mime_module /usr/lib/apache/mod_mime.so
! 237: LoadModule negotiation_module /usr/lib/apache/mod_negotiation.so
! 238: LoadModule status_module /usr/lib/apache/mod_status.so
! 239: LoadModule info_module /usr/lib/apache/mod_info.so
! 240: LoadModule includes_module /usr/lib/apache/mod_include.so
! 241: LoadModule autoindex_module /usr/lib/apache/mod_autoindex.so
! 242: LoadModule dir_module /usr/lib/apache/mod_dir.so
! 243: LoadModule cgi_module /usr/lib/apache/mod_cgi.so
! 244: LoadModule asis_module /usr/lib/apache/mod_asis.so
! 245: LoadModule imap_module /usr/lib/apache/mod_imap.so
! 246: LoadModule action_module /usr/lib/apache/mod_actions.so
! 247: LoadModule speling_module /usr/lib/apache/mod_speling.so
! 248: # mod_userdir will be included below by SuSEconfig if HTTPD_SEC_PUBLIC_HTML=yes
! 249: LoadModule alias_module /usr/lib/apache/mod_alias.so
! 250: LoadModule rewrite_module /usr/lib/apache/mod_rewrite.so
! 251: LoadModule access_module /usr/lib/apache/mod_access.so
! 252: LoadModule auth_module /usr/lib/apache/mod_auth.so
! 253: LoadModule anon_auth_module /usr/lib/apache/mod_auth_anon.so
! 254: LoadModule dbm_auth_module /usr/lib/apache/mod_auth_dbm.so
! 255: LoadModule db_auth_module /usr/lib/apache/mod_auth_db.so
! 256: LoadModule digest_module /usr/lib/apache/mod_digest.so
! 257: LoadModule proxy_module /usr/lib/apache/libproxy.so
! 258: LoadModule cern_meta_module /usr/lib/apache/mod_cern_meta.so
! 259: LoadModule expires_module /usr/lib/apache/mod_expires.so
! 260: LoadModule headers_module /usr/lib/apache/mod_headers.so
! 261: LoadModule usertrack_module /usr/lib/apache/mod_usertrack.so
! 262: # LoadModule unique_id_module /usr/lib/apache/mod_unique_id.so
! 263: LoadModule setenvif_module /usr/lib/apache/mod_setenvif.so
! 264: <IfDefine DUMMYSSL>
! 265: LoadModule ssl_module /usr/lib/apache/libssl.so
! 266: </IfDefine>
! 267:
! 268: Include /etc/httpd/suse_loadmodule.conf
! 269:
! 270:
! 271: # Reconstruction of the complete module list from all available modules
! 272: # (static and shared ones) to achieve correct module execution order.
! 273: # [WHENEVER YOU CHANGE THE LOADMODULE SECTION ABOVE UPDATE THIS, TOO]
! 274: ClearModuleList
! 275: AddModule mod_mmap_static.c
! 276: AddModule mod_vhost_alias.c
! 277: AddModule mod_env.c
! 278: AddModule mod_define.c
! 279: AddModule mod_log_config.c
! 280: AddModule mod_log_agent.c
! 281: AddModule mod_log_referer.c
! 282: AddModule mod_mime_magic.c
! 283: AddModule mod_mime.c
! 284: AddModule mod_negotiation.c
! 285: AddModule mod_status.c
! 286: AddModule mod_info.c
! 287: AddModule mod_include.c
! 288: AddModule mod_autoindex.c
! 289: AddModule mod_dir.c
! 290: AddModule mod_cgi.c
! 291: AddModule mod_asis.c
! 292: AddModule mod_imap.c
! 293: AddModule mod_actions.c
! 294: AddModule mod_speling.c
! 295: # mod_userdir will be included below by SuSEconfig if HTTPD_SEC_PUBLIC_HTML=yes
! 296: AddModule mod_alias.c
! 297: AddModule mod_rewrite.c
! 298: AddModule mod_access.c
! 299: AddModule mod_auth.c
! 300: AddModule mod_auth_anon.c
! 301: AddModule mod_auth_dbm.c
! 302: AddModule mod_auth_db.c
! 303: AddModule mod_digest.c
! 304: AddModule mod_proxy.c
! 305: AddModule mod_cern_meta.c
! 306: AddModule mod_expires.c
! 307: AddModule mod_headers.c
! 308: AddModule mod_usertrack.c
! 309: # AddModule mod_unique_id.c
! 310: AddModule mod_so.c
! 311: AddModule mod_setenvif.c
! 312: <IfDefine DUMMYSSL>
! 313: AddModule mod_ssl.c
! 314: </IfDefine>
! 315:
! 316:
! 317:
! 318: # Again, the following file is generated by SuSEconfig for modules that actually
! 319: # have been installed
! 320:
! 321: Include /etc/httpd/suse_addmodule.conf
! 322:
! 323:
! 324: #
! 325: # ExtendedStatus controls whether Apache will generate "full" status
! 326: # information (ExtendedStatus On) or just basic information (ExtendedStatus
! 327: # Off) when the "server-status" handler is called. The default is Off.
! 328: #
! 329: ExtendedStatus On
! 330:
! 331:
! 332: #
! 333: # To enable mod_dav, add the following directive to the appropriate
! 334: # container(s) in the httpd.conf file:
! 335: #
! 336: <IfModule mod_dav.c>
! 337: DavLockDB /var/lib/httpd/DAVLock
! 338: </IfModule>
! 339:
! 340:
! 341:
! 342: ### Section 2: 'Main' server configuration
! 343: #
! 344: # The directives in this section set up the values used by the 'main'
! 345: # server, which responds to any requests that aren't handled by a
! 346: # <VirtualHost> definition. These values also provide defaults for
! 347: # any <VirtualHost> containers you may define later in the file.
! 348: #
! 349: # All of these directives may appear inside <VirtualHost> containers,
! 350: # in which case these default settings will be overridden for the
! 351: # virtual host being defined.
! 352: #
! 353:
! 354: #
! 355: # If your ServerType directive (set earlier in the 'Global Environment'
! 356: # section) is set to "inetd", the next few directives don't have any
! 357: # effect since their settings are defined by the inetd configuration.
! 358: # Skip ahead to the ServerAdmin directive.
! 359: #
! 360:
! 361: #
! 362: # Port: The port to which the standalone server listens. For
! 363: # ports < 1023, you will need httpd to be run as root initially.
! 364: #
! 365: Port 80
! 366:
! 367: ##
! 368: ## SSL Support
! 369: ##
! 370: ## When we also provide SSL we have to listen to the
! 371: ## standard HTTP port (see above) and to the HTTPS port
! 372: ##
! 373: <IfDefine SSL>
! 374: Listen 80
! 375: Listen 443
! 376: </IfDefine>
! 377:
! 378: #
! 379: # If you wish httpd to run as a different user or group, you must run
! 380: # httpd as root initially and it will switch.
! 381: #
! 382: # User/Group: The name (or #number) of the user/group to run httpd as.
! 383: # . On SCO (ODT 3) use "User nouser" and "Group nogroup".
! 384: # . On HPUX you may not be able to use shared memory as nobody, and the
! 385: # suggested workaround is to create a user www and use that user.
! 386: # NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
! 387: # when the value of (unsigned)Group is above 60000;
! 388: # don't use Group "#-1" on these systems!
! 389: #
! 390: User wwwrun
! 391: Group www
! 392:
! 393: #
! 394: # ServerAdmin: Your address, where problems with the server should be
! 395: # e-mailed. This address appears on some server-generated pages, such
! 396: # as error documents.
! 397: #
! 398:
! 399: # Note: this email address is set by SuSEconfig according to the setting of the
! 400: # HTTPD_SEC_SERVERADMIN variable in /etc/sysconfig/apache!
! 401: ServerAdmin raeburn@msu.edu
! 402:
! 403: #
! 404: # ServerName allows you to set a host name which is sent back to clients for
! 405: # your server if it's different than the one the program would get (i.e., use
! 406: # "www" instead of the host's real name).
! 407: #
! 408: # Note: You cannot just invent host names and hope they work. The name you
! 409: # define here must be a valid DNS name for your host. If you don't understand
! 410: # this, ask your network administrator.
! 411: # If your host doesn't have a registered DNS name, enter its IP address here.
! 412: # You will have to access it by its address (e.g., http://123.45.67.89/)
! 413: # anyway, and this will make redirections work in a sensible way.
! 414: #
! 415: # 127.0.0.1 is the TCP/IP local loop-back address, often named localhost. Your
! 416: # machine always knows itself by this address. If you use Apache strictly for
! 417: # local testing and development, you may use 127.0.0.1 as the server name.
! 418: #
! 419:
! 420: # Note: the host name is set by SuSEconfig according to the setting of the
! 421: # FQHOSTNAME variable in /etc/sysconfig/network/config!
! 422:
! 423: #
! 424: # DocumentRoot: The directory out of which you will serve your
! 425: # documents. By default, all requests are taken from this directory, but
! 426: # symbolic links and aliases may be used to point to other locations.
! 427: #
! 428: DocumentRoot "/home/httpd/html"
! 429:
! 430: #
! 431: # Each directory to which Apache has access, can be configured with respect
! 432: # to which services and features are allowed and/or disabled in that
! 433: # directory (and its subdirectories).
! 434: #
! 435: # First, we configure the "default" to be a very restrictive set of
! 436: # permissions.
! 437: #
! 438: <Directory />
! 439: AuthUserFile /etc/httpd/passwd
! 440: AuthGroupFile /etc/httpd/group
! 441:
! 442: Options -FollowSymLinks +Multiviews
! 443: AllowOverride None
! 444:
! 445: </Directory>
! 446:
! 447:
! 448: #
! 449: # Note that from this point forward you must specifically allow
! 450: # particular features to be enabled - so if something's not working as
! 451: # you might expect, make sure that you have specifically enabled it
! 452: # below.
! 453: #
! 454:
! 455: #
! 456: # This should be changed to whatever you set DocumentRoot to.
! 457: #
! 458: <Directory "/srv/www/htdocs">
! 459:
! 460: #
! 461: # This may also be "None", "All", or any combination of "Indexes",
! 462: # "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews".
! 463: #
! 464: # Note that "MultiViews" must be named *explicitly* --- "Options All"
! 465: # doesn't give it to you.
! 466: #
! 467: Options Indexes -FollowSymLinks +Includes MultiViews
! 468:
! 469: #
! 470: # This controls which options the .htaccess files in directories can
! 471: # override. Can also be "All", or any combination of "Options", "FileInfo",
! 472: # "AuthConfig", and "Limit"
! 473: #
! 474: AllowOverride None
! 475:
! 476: #
! 477: # Controls who can get stuff from this server.
! 478: #
! 479: Order allow,deny
! 480: Allow from all
! 481:
! 482:
! 483: #
! 484: # disable WebDAV by default for security reasons.
! 485: #
! 486: <IfModule mod_dav.c>
! 487: DAV Off
! 488: </IfModule>
! 489:
! 490: #
! 491: # Protect the php3 test page, so it cannot be viewed from an outside system.
! 492: #
! 493: <Files test.php3>
! 494: Order deny,allow
! 495: deny from all
! 496: allow from localhost
! 497: </Files>
! 498:
! 499: </Directory>
! 500:
! 501: #
! 502: # UserDir: The name of the directory which is appended onto a user's home
! 503: # directory if a ~user request is received.
! 504:
! 505: # Note:
! 506: # The next three lines are commented out here. These directives and the access
! 507: # control section have been put into /etc/httpd/suse_public_html.conf.
! 508: # If the variable HTTPD_SEC_PUBLIC_HTML in /etc/sysconfig/apache
! 509: # is set to "yes" (default), SuSEconfig will include that file via
! 510: # /etc/httpd/suse_include.conf.
! 511: # Also note that for the /home/*/public_html directories to be browsable the
! 512: # executable flag must be set on the /home/* directories.
! 513:
! 514: #
! 515: # <IfModule mod_userdir.c>
! 516: # UserDir public_html
! 517: # </IfModule>
! 518:
! 519: #
! 520: # Control access to UserDir directories. The following is an example
! 521: # for a site where these directories are restricted to read-only.
! 522: #
! 523: #<Directory /home/*/public_html>
! 524: # AllowOverride FileInfo AuthConfig Limit
! 525: # Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
! 526: # <Limit GET POST OPTIONS PROPFIND>
! 527: # Order allow,deny
! 528: # Allow from all
! 529: # </Limit>
! 530: # <LimitExcept GET POST OPTIONS PROPFIND>
! 531: # Order deny,allow
! 532: # Deny from all
! 533: # </LimitExcept>
! 534: #</Directory>
! 535:
! 536: #
! 537: # DirectoryIndex: Name of the file or files to use as a pre-written HTML
! 538: # directory index. Separate multiple entries with spaces.
! 539: #
! 540: <IfModule mod_dir.c>
! 541: DirectoryIndex index.html
! 542: </IfModule>
! 543:
! 544: #
! 545: # AccessFileName: The name of the file to look for in each directory
! 546: # for access control information.
! 547: #
! 548: AccessFileName .htaccess
! 549:
! 550: #
! 551: # The following lines prevent .htaccess files from being viewed by
! 552: # Web clients. Since .htaccess files often contain authorization
! 553: # information, access is disallowed for security reasons. Comment
! 554: # these lines out if you want Web visitors to see the contents of
! 555: # .htaccess files. If you change the AccessFileName directive above,
! 556: # be sure to make the corresponding changes here.
! 557: #
! 558: # Also, folks tend to use names such as .htpasswd for password
! 559: # files, so this will protect those as well.
! 560: #
! 561: <Files ~ "^\.ht">
! 562: Order allow,deny
! 563: Deny from all
! 564: Satisfy All
! 565: </Files>
! 566:
! 567: #
! 568: # CacheNegotiatedDocs: By default, Apache sends "Pragma: no-cache" with each
! 569: # document that was negotiated on the basis of content. This asks proxy
! 570: # servers not to cache the document. Uncommenting the following line disables
! 571: # this behavior, and proxies will be allowed to cache the documents.
! 572: #
! 573: #CacheNegotiatedDocs
! 574:
! 575: #
! 576: # UseCanonicalName: (new for 1.3) With this setting turned on, whenever
! 577: # Apache needs to construct a self-referencing URL (a URL that refers back
! 578: # to the server the response is coming from) it will use ServerName and
! 579: # Port to form a "canonical" name. With this setting off, Apache will
! 580: # use the hostname:port that the client supplied, when possible. This
! 581: # also affects SERVER_NAME and SERVER_PORT in CGI scripts.
! 582: #
! 583: UseCanonicalName On
! 584:
! 585: #
! 586: # TypesConfig describes where the mime.types file (or equivalent) is
! 587: # to be found.
! 588: #
! 589: <IfModule mod_mime.c>
! 590: TypesConfig /etc/httpd/mime.types
! 591: </IfModule>
! 592:
! 593: #
! 594: # DefaultType is the default MIME type the server will use for a document
! 595: # if it cannot otherwise determine one, such as from filename extensions.
! 596: # If your server contains mostly text or HTML documents, "text/plain" is
! 597: # a good value. If most of your content is binary, such as applications
! 598: # or images, you may want to use "application/octet-stream" instead to
! 599: # keep browsers from trying to display binary files as though they are
! 600: # text.
! 601: #
! 602: DefaultType text/plain
! 603:
! 604: #
! 605: # The mod_mime_magic module allows the server to use various hints from the
! 606: # contents of the file itself to determine its type. The MIMEMagicFile
! 607: # directive tells the module where the hint definitions are located.
! 608: # mod_mime_magic is not part of the default server (you have to add
! 609: # it yourself with a LoadModule [see the DSO paragraph in the 'Global
! 610: # Environment' section], or recompile the server and include mod_mime_magic
! 611: # as part of the configuration), so it's enclosed in an <IfModule> container.
! 612: # This means that the MIMEMagicFile directive will only be processed if the
! 613: # module is part of the server.
! 614: #
! 615: <IfModule mod_mime_magic.c>
! 616: MIMEMagicFile /etc/httpd/magic
! 617: </IfModule>
! 618:
! 619: #
! 620: # HostnameLookups: Log the names of clients or just their IP addresses
! 621: # e.g., www.apache.org (on) or 204.62.129.132 (off).
! 622: # The default is off because it'd be overall better for the net if people
! 623: # had to knowingly turn this feature on, since enabling it means that
! 624: # each client request will result in AT LEAST one lookup request to the
! 625: # nameserver.
! 626: #
! 627: HostnameLookups Off
! 628:
! 629:
! 630: # The following are the directives necessary to get mod_backhand operational.
! 631: # You will need to add Backhand directives to any directories that you wish
! 632: # to balance.. For example, you could put the following inside a
! 633: # ScriptAliased /cgi-cpu/ directory (for scripts that are cpu hogs)
! 634:
! 635: # <Directory ...>
! 636: # ... stuff ...
! 637: # Backhand byAge
! 638: # Backhand byRandom
! 639: # Backhand byLogWindow
! 640: # Backhand byCPU
! 641: # ... stuff ...
! 642: # </Directory>
! 643:
! 644: # This will eliminate servers you haven't heard from for a while
! 645: # Then randomize those remaining
! 646: # Then take the first log(n) (log base 2 of course)
! 647: # Then use the one with the highest CPU idle time
! 648:
! 649: <IfModule mod_backhand.c>
! 650: # UnixSocketDir is were the mod_backhand-Arriba file is stored
! 651: # (how fast your machine is). This directory must be readable and writable
! 652: # by euid of apache (wwwrun) because the children have dropped privileges
! 653: # before they connect to a UNIX domain socket in this directory.
! 654: # This directive is singular.
! 655: #
! 656: # MulticastStats of the form [<IP ADDR>] <BROADCAST ADDR>:<PORT> will set
! 657: # mod_backhand to broadcast server statistics on that address advertising
! 658: # for a server on <IP ADDR> or gethostbyname(gethostname())
! 659: # MulticastStats of the form [<IP ADDR>] <MULTICAST ADDR>:<PORT>,<ttl> will
! 660: # set mod_backhand to multicast server statistics on that address
! 661: # advertising for a server on <IP ADDR> or gethostbyname(gethostname())
! 662: # This directive is singular.
! 663: #
! 664: # AcceptStats <a.b.c.d>[/<mask>] (like 10.0.0.4 or 10.0.0.0/24) will accept
! 665: # statistics originating from that IP or IP network.
! 666: # This option can be cascaded.
! 667:
! 668: UnixSocketDir /var/lib/backhand
! 669: # MulticastStats 128.220.221.255:4445
! 670: # MulticastStats 225.220.221.20:4445,1
! 671: # AcceptStats 128.220.221.0/24
! 672:
! 673: # Note that you _must_ configure the MulticastStats/AcceptStats directives,
! 674: # otherwise apache will segfault!
! 675:
! 676: # This is a status of sorts. Visit it and see how valuable it is to you.
! 677: <Location "/backhand/">
! 678: SetHandler backhand-handler
! 679: </Location>
! 680: </IfModule>
! 681:
! 682:
! 683: #
! 684: # working directory of mod_bandwidth
! 685: #
! 686: <IfModule mod_bandwidth.c>
! 687: BandWidthDataDir /var/lib/httpd/mod_bandwidth
! 688: </IfModule>
! 689:
! 690:
! 691: #
! 692: # ErrorLog: The location of the error log file.
! 693: # If you do not specify an ErrorLog directive within a <VirtualHost>
! 694: # container, error messages relating to that virtual host will be
! 695: # logged here. If you *do* define an error logfile for a <VirtualHost>
! 696: # container, that host's errors will be logged there and not here.
! 697: #
! 698: ErrorLog /var/log/httpd/error_log
! 699:
! 700: #
! 701: # LogLevel: Control the number of messages logged to the error_log.
! 702: # Possible values include: debug, info, notice, warn, error, crit,
! 703: # alert, emerg.
! 704: #
! 705: LogLevel warn
! 706:
! 707: #
! 708: # The following directives define some format nicknames for use with
! 709: # a CustomLog directive (see below).
! 710: #
! 711: LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
! 712: LogFormat "%h %l %u %t \"%r\" %>s %b" common
! 713: LogFormat "%{Referer}i -> %U" referer
! 714: LogFormat "%{User-agent}i" agent
! 715:
! 716: #
! 717: # The location and format of the access logfile (Common Logfile Format).
! 718: # If you do not define any access logfiles within a <VirtualHost>
! 719: # container, they will be logged here. Contrariwise, if you *do*
! 720: # define per-<VirtualHost> access logfiles, transactions will be
! 721: # logged therein and *not* in this file.
! 722: #
! 723: CustomLog /var/log/httpd/access_log common
! 724:
! 725: #
! 726: # If you would like to have agent and referer logfiles, uncomment the
! 727: # following directives.
! 728: #
! 729: #CustomLog /var/log/httpd/referer_log referer
! 730: #CustomLog /var/log/httpd/agent_log agent
! 731:
! 732: #
! 733: # If you prefer a single logfile with access, agent, and referer information
! 734: # (Combined Logfile Format) you can use the following directive.
! 735: #
! 736: #CustomLog /var/log/httpd/access_log combined
! 737:
! 738: #
! 739: # Optionally add a line containing the server version and virtual host
! 740: # name to server-generated pages (error documents, FTP directory listings,
! 741: # mod_status and mod_info output etc., but not CGI generated documents).
! 742: # Set to "EMail" to also include a mailto: link to the ServerAdmin.
! 743: # Set to one of: On | Off | EMail
! 744: #
! 745:
! 746: # Note: this is set by SuSEconfig according to the setting of the
! 747: # HTTPD_SEC_SAY_FULLNAME variable in /etc/sysconfig/apache!
! 748: ServerSignature Off
! 749:
! 750:
! 751: # EBCDIC configuration:
! 752: # (only for mainframes using the EBCDIC codeset, currently one of:
! 753: # Fujitsu-Siemens' BS2000/OSD, IBM's OS/390 and IBM's TPF)!!
! 754: # The following default configuration assumes that "text files"
! 755: # are stored in EBCDIC (so that you can operate on them using the
! 756: # normal POSIX tools like grep and sort) while "binary files" are
! 757: # stored with identical octets as on an ASCII machine.
! 758: #
! 759: # The directives are evaluated in configuration file order, with
! 760: # the EBCDICConvert directives applied before EBCDICConvertByType.
! 761: #
! 762: # If you want to have ASCII HTML documents and EBCDIC HTML documents
! 763: # at the same time, you can use the file extension to force
! 764: # conversion off for the ASCII documents:
! 765: # > AddType text/html .ahtml
! 766: # > EBCDICConvert Off=InOut .ahtml
! 767: #
! 768: # EBCDICConvertByType On=InOut text/* message/* multipart/*
! 769: # EBCDICConvertByType On=In application/x-www-form-urlencoded
! 770: # EBCDICConvertByType On=InOut application/postscript model/vrml
! 771: # EBCDICConvertByType Off=InOut */*
! 772:
! 773:
! 774: #
! 775: # Aliases: Add here as many aliases as you need (with no limit). The format is
! 776: # Alias fakename realname
! 777: #
! 778: <IfModule mod_alias.c>
! 779:
! 780: #
! 781: # Note that if you include a trailing / on fakename then the server will
! 782: # require it to be present in the URL. So "/icons" isn't aliased in this
! 783: # example, only "/icons/". If the fakename is slash-terminated, then the
! 784: # realname must also be slash terminated, and if the fakename omits the
! 785: # trailing slash, the realname must also omit it.
! 786: #
! 787: Alias /icons/ "/srv/www/icons/"
! 788:
! 789: <Directory "/srv/www/icons">
! 790: Options Indexes MultiViews
! 791: AllowOverride None
! 792: Order allow,deny
! 793: Allow from all
! 794: </Directory>
! 795:
! 796: # This Alias will project the on-line documentation tree under /manual/
! 797: # even if you change the DocumentRoot. Comment it if you don't want to
! 798: # provide access to the on-line documentation.
! 799: #
! 800: Alias /manual/ "/srv/www/htdocs/manual/"
! 801:
! 802: <Directory "/srv/www/htdocs/manual">
! 803: Options Indexes FollowSymlinks MultiViews
! 804: AllowOverride None
! 805: Order allow,deny
! 806: Allow from all
! 807: </Directory>
! 808:
! 809: #
! 810: # ScriptAlias: This controls which directories contain server scripts.
! 811: # ScriptAliases are essentially the same as Aliases, except that
! 812: # documents in the realname directory are treated as applications and
! 813: # run by the server when requested rather than as documents sent to the client.
! 814: # The same rules about trailing "/" apply to ScriptAlias directives as to
! 815: # Alias.
! 816: #
! 817: # ScriptAlias /cgi-bin/ "/home/httpd/cgi-bin/"
! 818:
! 819: <IfModule mod_perl.c>
! 820: # Provide two aliases to the same cgi-bin directory,
! 821: # to see the effects of the 2 different mod_perl modes.
! 822: # for Apache::Registry Mode
! 823: ScriptAlias /perl/ "/srv/www/cgi-bin/"
! 824: # for Apache::Perlrun Mode
! 825: ScriptAlias /cgi-perl/ "/srv/www/cgi-bin/"
! 826: </IfModule>
! 827: #
! 828: # "/srv/www/cgi-bin" should be changed to whatever your ScriptAliased
! 829: # CGI directory exists, if you have that configured.
! 830: #
! 831: <Directory "/srv/www/cgi-bin">
! 832: AllowOverride None
! 833: Options None
! 834: Order allow,deny
! 835: Allow from all
! 836: </Directory>
! 837:
! 838: </IfModule>
! 839: # End of aliases.
! 840:
! 841:
! 842: #
! 843: # set /cgi-bin for CGI execution
! 844: #
! 845: <Location /cgi-bin>
! 846: AllowOverride None
! 847: Options +ExecCGI -Includes
! 848: SetHandler cgi-script
! 849: </Location>
! 850:
! 851: #
! 852: # If mod_perl is activated, load configuration information
! 853: #
! 854: <IfModule mod_perl.c>
! 855: Perlrequire /usr/include/apache/modules/perl/startup.perl
! 856: PerlModule Apache::Registry
! 857:
! 858: #
! 859: # set Apache::Registry Mode for /perl Alias
! 860: #
! 861: <Location /perl>
! 862: SetHandler perl-script
! 863: PerlHandler Apache::Registry
! 864: Options ExecCGI
! 865: PerlSendHeader On
! 866: </Location>
! 867:
! 868: #
! 869: # set Apache::PerlRun Mode for /cgi-perl Alias
! 870: #
! 871: <Location /cgi-perl>
! 872: SetHandler perl-script
! 873: PerlHandler Apache::PerlRun
! 874: Options ExecCGI
! 875: PerlSendHeader On
! 876: </Location>
! 877:
! 878: </IfModule>
! 879:
! 880:
! 881:
! 882: #
! 883: # Redirect allows you to tell clients about documents which used to exist in
! 884: # your server's namespace, but do not anymore. This allows you to tell the
! 885: # clients where to look for the relocated document.
! 886: # Format: Redirect old-URI new-URL
! 887: #
! 888:
! 889: #
! 890: # Directives controlling the display of server-generated directory listings.
! 891: #
! 892: <IfModule mod_autoindex.c>
! 893:
! 894: #
! 895: # FancyIndexing is whether you want fancy directory indexing or standard
! 896: #
! 897: IndexOptions FancyIndexing
! 898:
! 899: #
! 900: # AddIcon* directives tell the server which icon to show for different
! 901: # files or filename extensions. These are only displayed for
! 902: # FancyIndexed directories.
! 903: #
! 904: AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
! 905:
! 906: AddIconByType (TXT,/icons/text.gif) text/*
! 907: AddIconByType (IMG,/icons/image2.gif) image/*
! 908: AddIconByType (SND,/icons/sound2.gif) audio/*
! 909: AddIconByType (VID,/icons/movie.gif) video/*
! 910:
! 911: AddIcon /icons/binary.gif .bin .exe
! 912: AddIcon /icons/binhex.gif .hqx
! 913: AddIcon /icons/tar.gif .tar
! 914: AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
! 915: AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
! 916: AddIcon /icons/a.gif .ps .ai .eps
! 917: AddIcon /icons/layout.gif .html .shtml .htm .pdf
! 918: AddIcon /icons/text.gif .txt
! 919: AddIcon /icons/c.gif .c
! 920: AddIcon /icons/p.gif .pl .py
! 921: AddIcon /icons/f.gif .for
! 922: AddIcon /icons/dvi.gif .dvi
! 923: AddIcon /icons/uuencoded.gif .uu
! 924: AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
! 925: AddIcon /icons/tex.gif .tex
! 926: AddIcon /icons/bomb.gif core
! 927:
! 928: AddIcon /icons/back.gif ..
! 929: AddIcon /icons/hand.right.gif README
! 930: AddIcon /icons/folder.gif ^^DIRECTORY^^
! 931: AddIcon /icons/blank.gif ^^BLANKICON^^
! 932:
! 933: #
! 934: # DefaultIcon is which icon to show for files which do not have an icon
! 935: # explicitly set.
! 936: #
! 937: DefaultIcon /icons/unknown.gif
! 938:
! 939: #
! 940: # AddDescription allows you to place a short description after a file in
! 941: # server-generated indexes. These are only displayed for FancyIndexed
! 942: # directories.
! 943: # Format: AddDescription "description" filename
! 944: #
! 945: AddDescription "GZIP compressed document" .gz
! 946: AddDescription "tar archive" .tar
! 947: AddDescription "GZIP compressed tar archive" .tgz
! 948:
! 949: #
! 950: # ReadmeName is the name of the README file the server will look for by
! 951: # default, and append to directory listings.
! 952: #
! 953: # HeaderName is the name of a file which should be prepended to
! 954: # directory indexes.
! 955: #
! 956: ReadmeName README
! 957: HeaderName HEADER
! 958:
! 959: #
! 960: # IndexIgnore is a set of filenames which directory indexing should ignore
! 961: # and not include in the listing. Shell-style wildcarding is permitted.
! 962: #
! 963: IndexIgnore .??* *~ *# RCS CVS *,v *,t
! 964:
! 965: </IfModule>
! 966: # End of indexing directives.
! 967:
! 968: #
! 969: # Document types.
! 970: #
! 971: <IfModule mod_mime.c>
! 972:
! 973: #
! 974: # AddLanguage allows you to specify the language of a document. You can
! 975: # then use content negotiation to give a browser a file in a language
! 976: # it can understand.
! 977: #
! 978: # Note 1: The suffix does not have to be the same as the language
! 979: # keyword --- those with documents in Polish (whose net-standard
! 980: # language code is pl) may wish to use "AddLanguage pl .po" to
! 981: # avoid the ambiguity with the common suffix for perl scripts.
! 982: #
! 983: # Note 2: The example entries below illustrate that in quite
! 984: # some cases the two character 'Language' abbreviation is not
! 985: # identical to the two character 'Country' code for its country,
! 986: # E.g. 'Danmark/dk' versus 'Danish/da'.
! 987: #
! 988: # Note 3: In the case of 'ltz' we violate the RFC by using a three char
! 989: # specifier. But there is 'work in progress' to fix this and get
! 990: # the reference data for rfc1766 cleaned up.
! 991: #
! 992: # Danish (da) - Dutch (nl) - English (en) - Estonian (ee)
! 993: # French (fr) - German (de) - Greek-Modern (el)
! 994: # Italian (it) - Korean (kr) - Norwegian (no) - Norwegian Nynorsk (nn)
! 995: # Portugese (pt) - Luxembourgeois* (ltz)
! 996: # Spanish (es) - Swedish (sv) - Catalan (ca) - Czech(cs)
! 997: # Polish (pl) - Brazilian Portuguese (pt-br) - Japanese (ja)
! 998: # Russian (ru)
! 999: #
! 1000: AddLanguage da .dk
! 1001: AddLanguage nl .nl
! 1002: AddLanguage en .en
! 1003: AddLanguage et .ee
! 1004: AddLanguage fr .fr
! 1005: AddLanguage de .de
! 1006: AddLanguage el .el
! 1007: AddLanguage he .he
! 1008: AddCharset ISO-8859-8 .iso8859-8
! 1009: AddLanguage it .it
! 1010: AddLanguage ja .ja
! 1011: AddCharset ISO-2022-JP .jis
! 1012: AddLanguage kr .kr
! 1013: AddCharset ISO-2022-KR .iso-kr
! 1014: AddLanguage nn .nn
! 1015: AddLanguage no .no
! 1016: AddLanguage pl .po
! 1017: AddCharset ISO-8859-2 .iso-pl
! 1018: AddLanguage pt .pt
! 1019: AddLanguage pt-br .pt-br
! 1020: AddLanguage ltz .lu
! 1021: AddLanguage ca .ca
! 1022: AddLanguage es .es
! 1023: AddLanguage sv .sv
! 1024: AddLanguage cs .cz .cs
! 1025: AddLanguage ru .ru
! 1026: AddLanguage zh-TW .zh-tw
! 1027: AddCharset Big5 .Big5 .big5
! 1028: AddCharset WINDOWS-1251 .cp-1251
! 1029: AddCharset CP866 .cp866
! 1030: AddCharset ISO-8859-5 .iso-ru
! 1031: AddCharset KOI8-R .koi8-r
! 1032: AddCharset UCS-2 .ucs2
! 1033: AddCharset UCS-4 .ucs4
! 1034: AddCharset UTF-8 .utf8
! 1035:
! 1036: # LanguagePriority allows you to give precedence to some languages
! 1037: # in case of a tie during content negotiation.
! 1038: #
! 1039: # Just list the languages in decreasing order of preference. We have
! 1040: # more or less alphabetized them here. You probably want to change this.
! 1041: #
! 1042: <IfModule mod_negotiation.c>
! 1043: LanguagePriority en da nl et fr de el it ja kr no pl pt pt-br ru ltz ca es sv tw
! 1044: </IfModule>
! 1045:
! 1046: #
! 1047: # AddType allows you to tweak mime.types without actually editing it, or to
! 1048: # make certain files to be certain types.
! 1049: #
! 1050: AddType application/x-tar .tgz
! 1051:
! 1052: #
! 1053: # AddEncoding allows you to have certain browsers uncompress
! 1054: # information on the fly. Note: Not all browsers support this.
! 1055: # Despite the name similarity, the following Add* directives have nothing
! 1056: # to do with the FancyIndexing customization directives above.
! 1057: #
! 1058: AddEncoding x-compress .Z
! 1059: AddEncoding x-gzip .gz .tgz
! 1060: #
! 1061: # If the AddEncoding directives above are commented-out, then you
! 1062: # probably should define those extensions to indicate media types:
! 1063: #
! 1064: #AddType application/x-compress .Z
! 1065: #AddType application/x-gzip .gz .tgz
! 1066:
! 1067: # Some more types:
! 1068:
! 1069: #
! 1070: # PHP 3.x:
! 1071: #
! 1072: <IfModule mod_php3.c>
! 1073: AddType application/x-httpd-php3 .php3
! 1074: AddType application/x-httpd-php3-source .phps
! 1075: AddType application/x-httpd-php3 .phtml
! 1076: </IfModule>
! 1077:
! 1078: #
! 1079: # PHP 4.x:
! 1080: #
! 1081: <IfModule mod_php4.c>
! 1082: AddType application/x-httpd-php .php
! 1083: AddType application/x-httpd-php .php4
! 1084: AddType application/x-httpd-php-source .phps
! 1085: </IfModule>
! 1086:
! 1087: #
! 1088: # mod_dtcl can execute tcl scripts
! 1089: #
! 1090: <IfModule mod_dtcl.c>
! 1091: AddType application/x-httpd-tcl .ttml
! 1092: AddType application/x-dtcl-tcl .tcl
! 1093: </IfModule>
! 1094:
! 1095: AddType text/vnd.wap.wml wml
! 1096: AddType text/vnd.wap.wmlscript wmls
! 1097: AddType application/vnd.wap.wmlc wmlc
! 1098: AddType application/vnd.wap.wmlscriptc wmlsc
! 1099: Addtype image/vnd.wap.wbmp wbmp
! 1100: #
! 1101: # AddHandler allows you to map certain file extensions to "handlers",
! 1102: # actions unrelated to filetype. These can be either built into the server
! 1103: # or added with the Action command (see below)
! 1104: #
! 1105: # If you want to use server side includes, or CGI outside
! 1106: # ScriptAliased directories, uncomment the following lines.
! 1107: #
! 1108: # To use CGI scripts:
! 1109: #
! 1110: AddHandler cgi-script .cgi
! 1111:
! 1112: #
! 1113: # To use server-parsed HTML files
! 1114: #
! 1115: AddType text/html .shtml
! 1116: AddHandler server-parsed .shtml
! 1117:
! 1118: #
! 1119: # Uncomment the following line to enable Apache's send-asis HTTP file
! 1120: # feature
! 1121: #
! 1122: #AddHandler send-as-is asis
! 1123:
! 1124: #
! 1125: # If you wish to use server-parsed imagemap files, use
! 1126: #
! 1127: #AddHandler imap-file map
! 1128:
! 1129: #
! 1130: # To enable type maps, you might want to use
! 1131: #
! 1132: #AddHandler type-map var
! 1133:
! 1134: </IfModule>
! 1135: # End of document types.
! 1136:
! 1137: #
! 1138: # Action lets you define media types that will execute a script whenever
! 1139: # a matching file is called. This eliminates the need for repeated URL
! 1140: # pathnames for oft-used CGI file processors.
! 1141: # Format: Action media/type /cgi-script/location
! 1142: # Format: Action handler-name /cgi-script/location
! 1143: #
! 1144:
! 1145: #
! 1146: # MetaDir: specifies the name of the directory in which Apache can find
! 1147: # meta information files. These files contain additional HTTP headers
! 1148: # to include when sending the document
! 1149: #
! 1150: #MetaDir .web
! 1151:
! 1152: #
! 1153: # MetaSuffix: specifies the file name suffix for the file containing the
! 1154: # meta information.
! 1155: #
! 1156: #MetaSuffix .meta
! 1157:
! 1158: #
! 1159: # Customizable error response (Apache style)
! 1160: # these come in three flavors
! 1161: #
! 1162: # 1) plain text
! 1163: #ErrorDocument 500 "The server made a boo boo.
! 1164: # n.b. the single leading (") marks it as text, it does not get output
! 1165: #
! 1166: # 2) local redirects
! 1167: #ErrorDocument 404 /missing.html
! 1168: # to redirect to local URL /missing.html
! 1169: #ErrorDocument 404 /cgi-bin/missing_handler.pl
! 1170: # N.B.: You can redirect to a script or a document using server-side-includes.
! 1171: #
! 1172: # 3) external redirects
! 1173: #ErrorDocument 402 http://some.other-server.com/subscription_info.html
! 1174: # N.B.: Many of the environment variables associated with the original
! 1175: # request will *not* be available to such a script.
! 1176:
! 1177: #
! 1178: # Customize behaviour based on the browser
! 1179: #
! 1180: <IfModule mod_setenvif.c>
! 1181:
! 1182: #
! 1183: # The following directives modify normal HTTP response behavior.
! 1184: # The first directive disables keepalive for Netscape 2.x and browsers that
! 1185: # spoof it. There are known problems with these browser implementations.
! 1186: # The second directive is for Microsoft Internet Explorer 4.0b2
! 1187: # which has a broken HTTP/1.1 implementation and does not properly
! 1188: # support keepalive when it is used on 301 or 302 (redirect) responses.
! 1189: #
! 1190: BrowserMatch "Mozilla/2" nokeepalive
! 1191: BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
! 1192:
! 1193: #
! 1194: # The following directive disables HTTP/1.1 responses to browsers which
! 1195: # are in violation of the HTTP/1.0 spec by not being able to grok a
! 1196: # basic 1.1 response.
! 1197: #
! 1198: BrowserMatch "RealPlayer 4\.0" force-response-1.0
! 1199: BrowserMatch "Java/1\.0" force-response-1.0
! 1200: BrowserMatch "JDK/1\.0" force-response-1.0
! 1201:
! 1202: </IfModule>
! 1203: # End of browser customization directives
! 1204:
! 1205: #
! 1206: # Allow server status reports, with the URL of http://servername/server-status
! 1207: # Change the ".your-domain.com" to match your domain to enable.
! 1208: #
! 1209: # Note: apache is started (by /etc/init.d/apache) with -D STATUS if
! 1210: # HTTPD_SEC_ACCESS_SERVERINFO is set to "yes" in
! 1211: # /etc/sysconfig/apache.
! 1212:
! 1213: <IfDefine STATUS>
! 1214: <Location /server-status>
! 1215: SetHandler server-status
! 1216: Order deny,allow
! 1217: Deny from all
! 1218: Allow from localhost
! 1219: </Location>
! 1220:
! 1221: #
! 1222: # Allow remote server configuration reports, with the URL of
! 1223: # http://servername/server-info (requires that mod_info.c be loaded).
! 1224: # Change the ".your-domain.com" to match your domain to enable.
! 1225: #
! 1226: <Location /server-info>
! 1227: SetHandler server-info
! 1228: Order deny,allow
! 1229: Deny from all
! 1230: Allow from localhost
! 1231: </Location>
! 1232:
! 1233: #
! 1234: # enable perl-status for mod_perl
! 1235: #
! 1236: <IfModule mod_perl.c>
! 1237: <Location /perl-status>
! 1238: SetHandler perl-script
! 1239: PerlHandler Apache::Status
! 1240: order deny,allow
! 1241: deny from all
! 1242: allow from localhost
! 1243: </Location>
! 1244: </IfModule>
! 1245: </IfDefine>
! 1246:
! 1247:
! 1248: #
! 1249: # There have been reports of people trying to abuse an old bug from pre-1.1
! 1250: # days. This bug involved a CGI script distributed as a part of Apache.
! 1251: # By uncommenting these lines you can redirect these attacks to a logging
! 1252: # script on phf.apache.org. Or, you can record them yourself, using the script
! 1253: # support/phf_abuse_log.cgi.
! 1254: #
! 1255: #<Location /cgi-bin/phf*>
! 1256: # Deny from all
! 1257: # ErrorDocument 403 http://phf.apache.org/phf_abuse_log.cgi
! 1258: #</Location>
! 1259:
! 1260: #
! 1261: # Proxy Server directives. Uncomment the following lines to
! 1262: # enable the proxy server:
! 1263: #
! 1264: #<IfModule mod_proxy.c>
! 1265: # ProxyRequests On
! 1266:
! 1267: # <Directory proxy:*>
! 1268: # Order deny,allow
! 1269: # Deny from all
! 1270: # Allow from .your-domain.com
! 1271: # </Directory>
! 1272:
! 1273: #
! 1274: # Enable/disable the handling of HTTP/1.1 "Via:" headers.
! 1275: # ("Full" adds the server version; "Block" removes all outgoing Via: headers)
! 1276: # Set to one of: Off | On | Full | Block
! 1277: #
! 1278: # ProxyVia On
! 1279:
! 1280: #
! 1281: # To enable the cache as well, edit and uncomment the following lines:
! 1282: # (no cacheing without CacheRoot)
! 1283: #
! 1284: # CacheRoot "/var/cache/httpd"
! 1285: # CacheSize 5
! 1286: # CacheGcInterval 4
! 1287: # CacheMaxExpire 24
! 1288: # CacheLastModifiedFactor 0.1
! 1289: # CacheDefaultExpire 1
! 1290: # NoCache a-domain.com another-domain.edu joes.garage-sale.com
! 1291:
! 1292: #</IfModule>
! 1293: # End of proxy directives.
! 1294:
! 1295: ### Section 3: Virtual Hosts
! 1296: #
! 1297: # VirtualHost: If you want to maintain multiple domains/hostnames on your
! 1298: # machine you can setup VirtualHost containers for them. Most configurations
! 1299: # use only name-based virtual hosts so the server doesn't need to worry about
! 1300: # IP addresses. This is indicated by the asterisks in the directives below.
! 1301: #
! 1302: # Please see the documentation at <URL:http://www.apache.org/docs/vhosts/>
! 1303: # for further details before you try to setup virtual hosts.
! 1304: #
! 1305: # You may use the command line option '-S' to verify your virtual host
! 1306: # configuration.
! 1307:
! 1308: #
! 1309: # Use name-based virtual hosting.
! 1310: #
! 1311: #NameVirtualHost *:80
! 1312:
! 1313: #
! 1314: # VirtualHost example:
! 1315: # Almost any Apache directive may go into a VirtualHost container.
! 1316: # The first VirtualHost section is used for requests without a known
! 1317: # server name.
! 1318: #
! 1319: #<VirtualHost *:80>
! 1320: # ServerAdmin webmaster@dummy-host.example.com
! 1321: # DocumentRoot /www/docs/dummy-host.example.com
! 1322: # ServerName dummy-host.example.com
! 1323: # ErrorLog logs/dummy-host.example.com-error_log
! 1324: # CustomLog logs/dummy-host.example.com-access_log common
! 1325: #</VirtualHost>
! 1326:
! 1327: #<VirtualHost _default_:*>
! 1328: #</VirtualHost>
! 1329:
! 1330: ##
! 1331: ## SSL Global Context
! 1332: ##
! 1333: ## All SSL configuration in this context applies both to
! 1334: ## the main server and all SSL-enabled virtual hosts.
! 1335: ##
! 1336:
! 1337: #
! 1338: # Some MIME-types for downloading Certificates and CRLs
! 1339: #
! 1340: <IfDefine SSL>
! 1341: AddType application/x-x509-ca-cert .crt
! 1342: AddType application/x-pkcs7-crl .crl
! 1343: </IfDefine>
! 1344:
! 1345: <IfModule mod_ssl.c>
! 1346:
! 1347: # Pass Phrase Dialog:
! 1348: # Configure the pass phrase gathering process.
! 1349: # The filtering dialog program (`builtin' is a internal
! 1350: # terminal dialog) has to provide the pass phrase on stdout.
! 1351: SSLPassPhraseDialog builtin
! 1352:
! 1353: # Inter-Process Session Cache:
! 1354: # Configure the SSL Session Cache: First the mechanism
! 1355: # to use and second the expiring timeout (in seconds, default=300).
! 1356: # shm means the same as shmht.
! 1357: # Note that on most platforms shared memory segments are not allowed to be on
! 1358: # network-mounted drives, so in that case you need to use the dbm method.
! 1359: #SSLSessionCache none
! 1360: #SSLSessionCache shmht:/var/run/ssl_scache(512000)
! 1361: #SSLSessionCache shmcb:/var/run/ssl_scache(512000)
! 1362: #SSLSessionCache dbm:/var/run/ssl_scache
! 1363: SSLSessionCache shmcb:/var/lib/httpd/ssl_scache
! 1364: SSLSessionCacheTimeout 600
! 1365:
! 1366: # Semaphore:
! 1367: # Configure the path to the mutual exclusion semaphore the
! 1368: # SSL engine uses internally for inter-process synchronization.
! 1369: #SSLMutex file:/var/run/ssl_mutex
! 1370: SSLMutex sem
! 1371:
! 1372: # Pseudo Random Number Generator (PRNG):
! 1373: # Configure one or more sources to seed the PRNG of the
! 1374: # SSL library. The seed data should be of good random quality.
! 1375: # WARNING! On some platforms /dev/random blocks if not enough entropy
! 1376: # is available. This means you then cannot use the /dev/random device
! 1377: # because it would lead to very long connection times (as long as
! 1378: # it requires to make more entropy available). But usually those
! 1379: # platforms additionally provide a /dev/urandom device which doesn't
! 1380: # block. So, if available, use this one instead. Read the mod_ssl User
! 1381: # Manual for more details.
! 1382: SSLRandomSeed startup builtin
! 1383: SSLRandomSeed connect builtin
! 1384: #SSLRandomSeed startup file:/dev/random 512
! 1385: #SSLRandomSeed startup file:/dev/urandom 512
! 1386: #SSLRandomSeed connect file:/dev/random 512
! 1387: #SSLRandomSeed connect file:/dev/urandom 512
! 1388:
! 1389: # Logging:
! 1390: # The home of the dedicated SSL protocol logfile. Errors are
! 1391: # additionally duplicated in the general error log file. Put
! 1392: # this somewhere where it cannot be used for symlink attacks on
! 1393: # a real server (i.e. somewhere where only root can write).
! 1394: # Log levels are (ascending order: higher ones include lower ones):
! 1395: # none, error, warn, info, trace, debug.
! 1396: SSLLog /var/log/httpd/ssl_engine_log
! 1397: SSLLogLevel info
! 1398:
! 1399: </IfModule>
! 1400:
! 1401: <IfDefine SSL>
! 1402:
! 1403: ##
! 1404: ## SSL Virtual Host Context
! 1405: ##
! 1406:
! 1407: <VirtualHost _default_:443>
! 1408:
! 1409: # General setup for the virtual host
! 1410: DocumentRoot "/srv/www/htdocs"
! 1411: ServerName new.host.name
! 1412: ServerAdmin you@your.address
! 1413: ErrorLog /var/log/httpd/error_log
! 1414: TransferLog /var/log/httpd/access_log
! 1415:
! 1416: # SSL Engine Switch:
! 1417: # Enable/Disable SSL for this virtual host.
! 1418: SSLEngine on
! 1419:
! 1420: # SSL Cipher Suite:
! 1421: # List the ciphers that the client is permitted to negotiate.
! 1422: # See the mod_ssl documentation for a complete list.
! 1423: SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
! 1424:
! 1425: # Server Certificate:
! 1426: # Point SSLCertificateFile at a PEM encoded certificate. If
! 1427: # the certificate is encrypted, then you will be prompted for a
! 1428: # pass phrase. Note that a kill -HUP will prompt again. A test
! 1429: # certificate can be generated with `make certificate' under
! 1430: # built time. Keep in mind that if you've both a RSA and a DSA
! 1431: # certificate you can configure both in parallel (to also allow
! 1432: # the use of DSA ciphers, etc.)
! 1433: SSLCertificateFile /etc/httpd/ssl.crt/server.crt
! 1434: #SSLCertificateFile /etc/httpd/ssl.crt/server-dsa.crt
! 1435:
! 1436: # Server Private Key:
! 1437: # If the key is not combined with the certificate, use this
! 1438: # directive to point at the key file. Keep in mind that if
! 1439: # you've both a RSA and a DSA private key you can configure
! 1440: # both in parallel (to also allow the use of DSA ciphers, etc.)
! 1441: SSLCertificateKeyFile /etc/httpd/ssl.key/server.key
! 1442: #SSLCertificateKeyFile /etc/httpd/ssl.key/server-dsa.key
! 1443:
! 1444: # Server Certificate Chain:
! 1445: # Point SSLCertificateChainFile at a file containing the
! 1446: # concatenation of PEM encoded CA certificates which form the
! 1447: # certificate chain for the server certificate. Alternatively
! 1448: # the referenced file can be the same as SSLCertificateFile
! 1449: # when the CA certificates are directly appended to the server
! 1450: # certificate for convinience.
! 1451: #SSLCertificateChainFile /etc/httpd/ssl.crt/ca.crt
! 1452:
! 1453: # Certificate Authority (CA):
! 1454: # Set the CA certificate verification path where to find CA
! 1455: # certificates for client authentication or alternatively one
! 1456: # huge file containing all of them (file must be PEM encoded)
! 1457: # Note: Inside SSLCACertificatePath you need hash symlinks
! 1458: # to point to the certificate files. Use the provided
! 1459: # Makefile to update the hash symlinks after changes.
! 1460: #SSLCACertificatePath /etc/httpd/ssl.crt
! 1461: #SSLCACertificateFile /etc/httpd/ssl.crt/ca-bundle.crt
! 1462:
! 1463: # Certificate Revocation Lists (CRL):
! 1464: # Set the CA revocation path where to find CA CRLs for client
! 1465: # authentication or alternatively one huge file containing all
! 1466: # of them (file must be PEM encoded)
! 1467: # Note: Inside SSLCARevocationPath you need hash symlinks
! 1468: # to point to the certificate files. Use the provided
! 1469: # Makefile to update the hash symlinks after changes.
! 1470: #SSLCARevocationPath /etc/httpd/ssl.crl
! 1471: #SSLCARevocationFile /etc/httpd/ssl.crl/ca-bundle.crl
! 1472:
! 1473: # Client Authentication (Type):
! 1474: # Client certificate verification type and depth. Types are
! 1475: # none, optional, require and optional_no_ca. Depth is a
! 1476: # number which specifies how deeply to verify the certificate
! 1477: # issuer chain before deciding the certificate is not valid.
! 1478: #SSLVerifyClient require
! 1479: #SSLVerifyDepth 10
! 1480:
! 1481: # Access Control:
! 1482: # With SSLRequire you can do per-directory access control based
! 1483: # on arbitrary complex boolean expressions containing server
! 1484: # variable checks and other lookup directives. The syntax is a
! 1485: # mixture between C and Perl. See the mod_ssl documentation
! 1486: # for more details.
! 1487: #<Location />
! 1488: #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
! 1489: # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
! 1490: # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
! 1491: # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
! 1492: # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
! 1493: # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
! 1494: #</Location>
! 1495:
! 1496: # SSL Engine Options:
! 1497: # Set various options for the SSL engine.
! 1498: # o FakeBasicAuth:
! 1499: # Translate the client X.509 into a Basic Authorisation. This means that
! 1500: # the standard Auth/DBMAuth methods can be used for access control. The
! 1501: # user name is the `one line' version of the client's X.509 certificate.
! 1502: # Note that no password is obtained from the user. Every entry in the user
! 1503: # file needs this password: `xxj31ZMTZzkVA'.
! 1504: # o ExportCertData:
! 1505: # This exports two additional environment variables: SSL_CLIENT_CERT and
! 1506: # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
! 1507: # server (always existing) and the client (only existing when client
! 1508: # authentication is used). This can be used to import the certificates
! 1509: # into CGI scripts.
! 1510: # o StdEnvVars:
! 1511: # This exports the standard SSL/TLS related `SSL_*' environment variables.
! 1512: # Per default this exportation is switched off for performance reasons,
! 1513: # because the extraction step is an expensive operation and is usually
! 1514: # useless for serving static content. So one usually enables the
! 1515: # exportation for CGI and SSI requests only.
! 1516: # o CompatEnvVars:
! 1517: # This exports obsolete environment variables for backward compatibility
! 1518: # to Apache-SSL 1.x, mod_ssl 2.0.x, Sioux 1.0 and Stronghold 2.x. Use this
! 1519: # to provide compatibility to existing CGI scripts.
! 1520: # o StrictRequire:
! 1521: # This denies access when "SSLRequireSSL" or "SSLRequire" applied even
! 1522: # under a "Satisfy any" situation, i.e. when it applies access is denied
! 1523: # and no other module can change it.
! 1524: # o OptRenegotiate:
! 1525: # This enables optimized SSL connection renegotiation handling when SSL
! 1526: # directives are used in per-directory context.
! 1527: #SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire
! 1528: <Files ~ "\.(cgi|shtml|phtml|php3?)$">
! 1529: SSLOptions +StdEnvVars
! 1530: </Files>
! 1531: <Directory "/srv/www/cgi-bin">
! 1532: SSLOptions +StdEnvVars
! 1533: </Directory>
! 1534:
! 1535: # SSL Protocol Adjustments:
! 1536: # The safe and default but still SSL/TLS standard compliant shutdown
! 1537: # approach is that mod_ssl sends the close notify alert but doesn't wait for
! 1538: # the close notify alert from client. When you need a different shutdown
! 1539: # approach you can use one of the following variables:
! 1540: # o ssl-unclean-shutdown:
! 1541: # This forces an unclean shutdown when the connection is closed, i.e. no
! 1542: # SSL close notify alert is send or allowed to received. This violates
! 1543: # the SSL/TLS standard but is needed for some brain-dead browsers. Use
! 1544: # this when you receive I/O errors because of the standard approach where
! 1545: # mod_ssl sends the close notify alert.
! 1546: # o ssl-accurate-shutdown:
! 1547: # This forces an accurate shutdown when the connection is closed, i.e. a
! 1548: # SSL close notify alert is send and mod_ssl waits for the close notify
! 1549: # alert of the client. This is 100% SSL/TLS standard compliant, but in
! 1550: # practice often causes hanging connections with brain-dead browsers. Use
! 1551: # this only for browsers where you know that their SSL implementation
! 1552: # works correctly.
! 1553: # Notice: Most problems of broken clients are also related to the HTTP
! 1554: # keep-alive facility, so you usually additionally want to disable
! 1555: # keep-alive for those clients, too. Use variable "nokeepalive" for this.
! 1556: # Similarly, one has to force some clients to use HTTP/1.0 to workaround
! 1557: # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
! 1558: # "force-response-1.0" for this.
! 1559: SetEnvIf User-Agent ".*MSIE.*" \
! 1560: nokeepalive ssl-unclean-shutdown \
! 1561: downgrade-1.0 force-response-1.0
! 1562:
! 1563: # Per-Server Logging:
! 1564: # The home of a custom SSL log file. Use this when you want a
! 1565: # compact non-error SSL logfile on a virtual host basis.
! 1566: CustomLog /var/log/httpd/ssl_request_log \
! 1567: "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
! 1568:
! 1569: </VirtualHost>
! 1570:
! 1571: </IfDefine>
! 1572:
! 1573:
! 1574:
! 1575: # Note:
! 1576: #
! 1577: # The file that is included below is generated by SuSEconfig.
! 1578: #
! 1579: # In this file, SuSEconfig puts Include statements it finds
! 1580: # in /etc/httpd/modules/* (lines with "File:..." or "Include:...").
! 1581: # If such a module file also contains a "Variable:..." statement, the settings
! 1582: # in /etc/sysconfig/apache will be honored.
! 1583: #
! 1584: # In addition, any files listed in the HTTPD_CONF_INCLUDE_FILES variable
! 1585: # in /etc/sysconfig/apache will be included here by SuSEconfig.
! 1586: # This allows you to add e.g. VirtualHost statements without touching
! 1587: # /etc/httpd/httpd.conf itself, which means that SuSEconfig will continue doing its
! 1588: # job (since it would not touch httpd.conf any longer as soon it detects changes
! 1589: # made by the admin via the md5sum mechanism)
! 1590:
! 1591: Include /etc/httpd/suse_include.conf
! 1592: Include /etc/httpd/conf/loncapa_apache.conf
! 1593:
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to httpd.conf CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [LON-CAPA] / doc / install / suse / sles9 / i386