1 <?xml version="1.0" encoding="UTF-8" ?>
2 <!DOCTYPE manualpage SYSTEM "./style/manualpage.dtd">
3 <?xml-stylesheet type="text/xsl" href="./style/manual.en.xsl"?>
4 <!-- $LastChangedRevision$ -->
7 Copyright 2002-2005 The Apache Software Foundation or its licensors,
10 Licensed under the Apache License, Version 2.0 (the "License");
11 you may not use this file except in compliance with the License.
12 You may obtain a copy of the License at
14 http://www.apache.org/licenses/LICENSE-2.0
16 Unless required by applicable law or agreed to in writing, software
17 distributed under the License is distributed on an "AS IS" BASIS,
18 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19 See the License for the specific language governing permissions and
20 limitations under the License.
23 <manualpage metafile="glossary.xml.meta">
25 <title>Glossary</title>
28 <p>This glossary defines some of the common terminology related to Apache in
29 particular, and web serving in general. More information on each concept
30 is provided in the links.</p>
33 <section id="definitions"><title>Definitions</title>
36 <dt><a name="accesscontrol" id="accesscontrol">Access Control</a></dt>
37 <dd>The restriction of access to network realms. In an Apache context
38 usually the restriction of access to certain <em>URLs</em>.<br /> See: <a
39 href="howto/auth.html">Authentication, Authorization, and Access
43 <dt><a name="algorithm" id="algorithm">Algorithm</a></dt>
45 <dd>An unambiguous formula or set of rules for solving a problem in a finite
46 number of steps. Algorithms for encryption are usually called
50 <dt><a name="apacheextensiontool" id="apacheextensiontool">APache
51 eXtension Tool</a> <a name="apxs" id="apxs">(apxs)</a></dt>
52 <dd>A perl script that aids in compiling <glossary
53 ref="module">module</glossary> sources into Dynamic Shared Objects
54 (<glossary ref="dso">DSO</glossary>s) and helps install them in the
55 Apache Web server.<br />
56 See: Manual Page: <program>apxs</program>
59 <dt><a name="authentication" id="authentication">Authentication</a></dt>
60 <dd>The positive identification of a network entity such as a server, a
61 client, or a user.<br />
62 See: <a href="howto/auth.html">Authentication, Authorization, and Access
66 <dt><a name="certificate" id="certificate">Certificate</a></dt>
67 <dd>A data record used for authenticating network entities such
68 as a server or a client. A certificate contains X.509 information pieces
69 about its owner (called the subject) and the signing <glossary
70 ref="certificationauthority">Certification Authority</glossary> (called
71 the issuer), plus the owner's <glossary ref="publickey">public
72 key</glossary> and the
73 signature made by the CA. Network entities verify these signatures
74 using CA certificates.<br />
75 See: <a href="ssl/">SSL/TLS Encryption</a>
78 <dt><a name="certificatsigningrequest"
79 id="certificatsigningrequest">Certificate Signing Request</a>
80 <a name="csr" id="csr">(CSR)</a></dt>
81 <dd>An unsigned <glossary ref="certificate">certificate</glossary> for
82 submission to a <glossary ref="certificationauthority">Certification
83 Authority</glossary>, which signs it with the <glossary
84 ref="privatekey">Private Key</glossary> of their CA
85 <em>Certificate</em>. Once the CSR is signed, it becomes a real
87 See: <a href="ssl/">SSL/TLS Encryption</a>
90 <dt><a name="certificationauthority"
91 id="certificationauthority">Certification Authority</a>
92 <a name="ca" id="ca">(CA)</a></dt>
93 <dd>A trusted third party whose purpose is to sign certificates for network
94 entities it has authenticated using secure means. Other network entities
95 can check the signature to verify that a CA has authenticated the bearer
96 of a certificate.<br />
97 See: <a href="ssl/">SSL/TLS Encryption</a>
100 <dt><a name="cipher" id="cipher">Cipher</a></dt>
101 <dd>An algorithm or system for data encryption. Examples are DES, IDEA, RC4,
103 See: <a href="ssl/">SSL/TLS Encryption</a>
106 <dt><a name="ciphertext" id="ciphertext">Ciphertext</a></dt>
107 <dd>The result after <glossary ref="plaintext">Plaintext</glossary> is
108 passed through a <glossary ref="cipher">Cipher</glossary>.<br /> See: <a
109 href="ssl/">SSL/TLS Encryption</a>
112 <dt><a name="commongatewayinterface" id="commongatewayinterface">Common
113 Gateway Interface</a> <a name="cgi" id="cgi">(CGI)</a></dt>
114 <dd>A standard definition for an interface between a web server and an
115 external program that allows the external program to service requests.
116 The interface was originally defined by <a
117 href="http://hoohoo.ncsa.uiuc.edu/cgi/overview.html">NCSA</a> but there
118 is also an <a href="http://cgi-spec.golux.com/">RFC project</a>.<br />
119 See: <a href="howto/cgi.html">Dynamic Content with CGI</a>
122 <dt><a name="configurationdirective"
123 id="configurationdirective">Configuration Directive</a></dt>
124 <dd>See: <glossary ref="directive">Directive</glossary></dd>
126 <dt><a name="configurationfile" id="configurationfile">Configuration
128 <dd>A text file containing <glossary ref="directive">Directives</glossary>
129 that control the configuration of Apache.<br />
130 See: <a href="configuring.html">Configuration Files</a>
133 <dt><a name="connect" id="connect">CONNECT</a></dt>
134 <dd>An HTTP <glossary ref="method">method</glossary> for proxying raw data
135 channels over HTTP. It can be used to encapsulate other protocols, such as
139 <dt><a name="context" id="context">Context</a></dt>
140 <dd>An area in the <glossary ref="configurationfile">configuration
141 files</glossary> where certain types of <glossary
142 ref="directive">directives</glossary> are allowed.<br />
143 See: <a href="mod/directive-dict.html#Context">Terms Used to Describe
144 Apache Directives</a>
147 <dt><a name="digitalsignature" id="digitalsignature">Digital
149 <dd>An encrypted text block that validates a certificate or other file. A
150 <glossary ref="certificationauthority">Certification Authority</glossary>
151 creates a signature by generating a hash of the <em>Public Key</em>
152 embedded in a <em>Certificate</em>, then encrypting the hash with its own
153 <em>Private Key</em>. Only the CA's public key can decrypt the signature,
154 verifying that the CA has authenticated the network entity that owns the
155 <em>Certificate</em>.<br />
156 See: <a href="ssl/">SSL/TLS Encryption</a>
159 <dt><a name="directive" id="directive">Directive</a></dt>
160 <dd>A configuration command that controls one or more aspects of Apache's
161 behavior. Directives are placed in the <glossary
162 ref="configurationfile">Configuration File</glossary><br />
163 See: <a href="mod/directives.html">Directive Index</a>
166 <dt><a name="dynamicsharedobject" id="dynamicsharedobject">Dynamic
167 Shared Object</a> <a name="dso" id="dso">(DSO)</a></dt>
168 <dd><glossary ref="module">Modules</glossary> compiled separately from the
169 Apache <program>httpd</program> binary that can be loaded on-demand.<br />
170 See: <a href="dso.html">Dynamic Shared Object Support</a>
173 <dt><a name="environmentvariable" id="environmentvariable">Environment
174 Variable</a> <a name="env-variable"
175 id="env-variable">(env-variable)</a></dt>
176 <dd>Named variables managed by the operating system shell and used to store
177 information and communicate between programs. Apache also contains
178 internal variables that are referred to as environment variables, but are
179 stored in internal Apache structures, rather than in the shell
181 See: <a href="env.html">Environment Variables in Apache</a>
184 <dt><a name="export-crippled" id="export-crippled">Export-Crippled</a></dt>
185 <dd>Diminished in cryptographic strength (and security) in order to comply
186 with the United States' Export Administration Regulations (EAR).
187 Export-crippled cryptographic software is limited to a small key size,
188 resulting in <em>Ciphertext</em> which usually can be decrypted by brute
190 See: <a href="ssl/">SSL/TLS Encryption</a>
193 <dt><a name="filter" id="filter">Filter</a></dt>
194 <dd>A process that is applied to data that is sent or received by the
195 server. Input filters process data sent by the client to the server,
196 while output filters process documents on the server before they are sent
197 to the client. For example, the <code>INCLUDES</code> output filter
198 processes documents for <glossary ref="ssi">Server Side
199 Includes</glossary>.<br />
200 See: <a href="filter.html">Filters</a>
203 <dt><a name="fully-qualifieddomain-name"
204 id="fully-qualifieddomain-name">Fully-Qualified Domain-Name</a>
205 <a name="fqdn" id="fqdn">(FQDN)</a></dt>
206 <dd>The unique name of a network entity, consisting of a hostname and a
207 domain name that can resolve to an IP address. For example,
208 <code>www</code> is a hostname, <code>example.com</code> is a domain name,
209 and <code>www.example.com</code> is a fully-qualified domain name.
212 <dt><a name="handler" id="handler">Handler</a></dt>
213 <dd>An internal Apache representation of the action to be performed when a
214 file is called. Generally, files have implicit handlers, based on the file
215 type. Normally, all files are simply served by the server, but certain
216 file types are "handled" separately. For example, the
217 <code>cgi-script</code> handler designates files to be processed as
218 <glossary ref="cgi">CGIs</glossary>.<br />
219 See: <a href="handler.html">Apache's Handler Use</a>
222 <dt><a name="hash" id="hash">Hash</a></dt>
223 <dd>A mathematical one-way, irreversable algorithm generating a string with
224 fixed-length from another string of any length. Different input strings
225 will usually produce different hashes (depending on the hash function).
228 <dt><a name="header" id="header">Header</a></dt>
229 <dd>The part of the <glossary ref="http">HTTP</glossary> request and
230 response that is sent before the actual content, and that contains
231 meta-information describing the content.
234 <dt><a name="htaccess" id="htaccess">.htaccess</a></dt>
235 <dd>A <glossary ref="configurationfile">configuration file</glossary> that
236 is placed inside the web tree and applies configuration <glossary
237 ref="directive">directives</glossary> to the directory where it is
238 placed and all sub-directories. Despite its name, this file can hold
239 almost any type of directive, not just access-control directives.<br />
240 See: <a href="configuring.html">Configuration Files</a>
243 <dt><a name="httpd.conf" id="httpd.conf">httpd.conf</a></dt>
244 <dd>The main Apache <glossary ref="configurationfile">configuration
245 file</glossary>. The default location is
246 <code>/usr/local/apache2/conf/httpd.conf</code>, but it may be moved using
247 run-time or compile-time configuration.<br />
248 See: <a href="configuring.html">Configuration Files</a>
251 <dt><a name="hypertexttransferprotocol"
252 id="hypertexttransferprotocol">HyperText Transfer Protocol</a>
253 <a name="http" id="hhtp">(HTTP)</a></dt>
254 <dd>The standard transmission protocol used on the World Wide Web. Apache
255 implements version 1.1 of the protocol, referred to as HTTP/1.1 and
256 defined by <a href="http://ietf.org/rfc/rfc2616.txt">RFC 2616</a>.
259 <dt><a name="https" id="https">HTTPS</a></dt>
260 <dd>The HyperText Transfer Protocol (Secure), the standard encrypted
261 communication mechanism on the World Wide Web. This is actually just HTTP
262 over <glossary ref="ssl">SSL</glossary>.<br />
263 See: <a href="ssl/">SSL/TLS Encryption</a>
266 <dt><a name="method" id="method">Method</a></dt>
267 <dd>In the context of <glossary ref="http">HTTP</glossary>, an action to
268 perform on a resource, specified on the request line by the client. Some
269 of the methods available in HTTP are <code>GET</code>, <code>POST</code>,
270 and <code>PUT</code>.
273 <dt><a name="messagedigest" id="messagedigest">Message Digest</a></dt>
274 <dd>A hash of a message, which can be used to verify that the contents of
275 the message have not been altered in transit.<br />
276 See: <a href="ssl/">SSL/TLS Encryption</a>
279 <dt><a name="mime-type" id="mime-type">MIME-type</a></dt>
280 <dd>A way to describe the kind of document being transmitted. Its name
281 comes from that fact that its format is borrowed from the Multipurpose
282 Internet Mail Extensions. It consists of a major type and a minor type,
283 separated by a slash. Some examples are <code>text/html</code>,
284 <code>image/gif</code>, and <code>application/octet-stream</code>. In
285 HTTP, the MIME-type is transmitted in the <code>Content-Type</code>
286 <glossary ref="header">header</glossary>.<br />
287 See: <a href="mod/mod_mime.html">mod_mime</a>
290 <dt><a name="module" id="module">Module</a></dt>
291 <dd>An independent part of a program. Much of Apache's functionality is
292 contained in modules that you can choose to include or exclude. Modules
293 that are compiled into the Apache <program>httpd</program> binary are
294 called <dfn>static modules</dfn>, while modules that are stored
295 separately and can be optionally loaded at run-time are called
296 <dfn>dynamic modules</dfn> or <glossary ref="dso">DSOs</glossary>.
297 Modules that are included by default
298 are called <dfn>base modules</dfn>. Many modules are available for Apache
299 that are not distributed as part of the Apache HTTP Server <glossary
300 ref="tarball">tarball</glossary>. These are referred to as
301 <dfn>third-party modules</dfn>.<br />
302 See: <a href="mod/">Module Index</a>
305 <dt><a name="modulemagicnumber" id="modulemagicnumber">Module Magic
306 Number</a> (<a name="mmn" id="mmn">MMN</a>)</dt>
307 <dd>Module Magic Number is a constant defined in the Apache source code that
308 is associated with binary compatibility of modules. It is changed when
309 internal Apache structures, function calls and other significant parts of
310 API change in such a way that binary compatibility cannot be guaranteed
311 any more. On MMN change, all third party modules have to be at least
312 recompiled, sometimes even slightly changed in order to work with the new
316 <dt><a name="openssl" id="openssl">OpenSSL</a></dt>
317 <dd>The Open Source toolkit for SSL/TLS<br />
318 See <a href="http://www.openssl.org/">http://www.openssl.org/</a>#
321 <dt><a name="passphrase" id="passphrase">Pass Phrase</a></dt>
322 <dd>The word or phrase that protects private key files. It prevents
323 unauthorized users from encrypting them. Usually it's just the secret
324 encryption/decryption key used for <glossary
325 ref="cipher">Ciphers</glossary>.<br />
326 See: <a href="ssl/">SSL/TLS Encryption</a>
329 <dt><a name="plaintext" id="plaintext">Plaintext</a></dt>
330 <dd>The unencrypted text.</dd>
332 <dt><a name="privatekey" id="privatekey">Private Key</a></dt>
333 <dd>The secret key in a <glossary ref="publickeycryptography">Public Key
334 Cryptography</glossary> system, used to decrypt incoming messages and
335 sign outgoing ones.<br />
336 See: <a href="ssl/">SSL/TLS Encryption</a>
339 <dt><a name="proxy" id="proxy">Proxy</a></dt>
340 <dd>An intermediate server that sits between the client and the <em>origin
341 server</em>. It accepts requests from clients, transmits those requests
342 on to the origin server, and then returns the response from the origin
343 server to the client. If several clients request the same content, the
344 proxy can deliver that content from its cache, rather than requesting it
345 from the origin server each time, thereby reducing response time.<br />
346 See: <a href="mod/mod_proxy.html">mod_proxy</a>
349 <dt><a name="publickey" id="publickey">Public Key</a></dt>
350 <dd>The publicly available key in a <glossary
351 ref="publickeycryptography">Public Key Cryptography</glossary> system,
352 used to encrypt messages bound for its owner and to decrypt signatures
353 made by its owner.<br />
354 See: <a href="ssl/">SSL/TLS Encryption</a>
357 <dt><a name="publickeycryptography"
358 id="publickeycryptography">Public Key Cryptography</a></dt>
359 <dd>The study and application of asymmetric encryption systems, which use
360 one key for encryption and another for decryption. A corresponding pair of
361 such keys constitutes a key pair. Also called Asymmetric Cryptography.
363 See: <a href="ssl/">SSL/TLS Encryption</a>
366 <dt><a name="regularexpresion" id="regularexpresion">Regular Expression</a>
367 <a name="regex" id="regex">(Regex)</a></dt>
368 <dd>A way of describing a pattern in text - for example, "all the words that
369 begin with the letter A" or "every 10-digit phone number" or even "Every
370 sentence with two commas in it, and no capital letter Q". Regular
371 expressions are useful in Apache because they let you apply certain
372 attributes against collections of files or resources in very flexible ways
373 - for example, all .gif and .jpg files under any "images" directory could
374 be written as "<code>/images/.*(jpg|gif)$</code>". Apache uses Perl
375 Compatible Regular Expressions provided by the <a
376 href="http://www.pcre.org/">PCRE</a> library.
379 <dt><a name="reverseproxy" id="reverseproxy">Reverse Proxy</a></dt>
380 <dd>A <glossary ref="proxy">proxy</glossary> server that appears to the client
381 as if it is an <em>origin server</em>. This is useful to hide the real
382 origin server from the client for security reasons, or to load balance.
385 <dt><a name="securesocketslayer" id="securesocketslayer">Secure Sockets
386 Layer</a> <a name="ssl" id="ssl">(SSL)</a></dt>
387 <dd>A protocol created by Netscape Communications Corporation for general
388 communication authentication and encryption over TCP/IP networks. The most
389 popular usage is <em>HTTPS</em>, i.e. the HyperText Transfer Protocol (HTTP)
391 See: <a href="ssl/">SSL/TLS Encryption</a>
394 <dt><a name="serversideincludes" id="serversideincludes">Server Side
395 Includes</a> <a name="ssi" id="ssi">(SSI)</a></dt>
396 <dd>A technique for embedding processing directives inside HTML files.<br />
397 See: <a href="howto/ssi.html">Introduction to Server Side Includes</a>
400 <dt><a name="session" id="session">Session</a></dt>
401 <dd>The context information of a communication in general.</dd>
403 <dt><a name="ssleay" id="ssleay">SSLeay</a></dt>
404 <dd>The original SSL/TLS implementation library developed by Eric A.
408 <dt><a name="symmetriccryptophraphy" id="symmetriccryptophraphy">Symmetric
409 Cryptography</a></dt>
410 <dd>The study and application of <em>Ciphers</em> that use a single secret key
411 for both encryption and decryption operations.<br />
412 See: <a href="ssl/">SSL/TLS Encryption</a>
415 <dt><a name="tarball" id="tarball">Tarball</a></dt>
416 <dd>A package of files gathered together using the <code>tar</code> utility.
417 Apache distributions are stored in compressed tar archives or using
421 <dt><a name="transportlayersecurity" id="transportlayersecurity">Transport
422 Layer Security</a> <a name="tls" id="tls">(TLS)</a></dt>
423 <dd>The successor protocol to SSL, created by the Internet Engineering Task
424 Force (IETF) for general communication authentication and encryption over
425 TCP/IP networks. TLS version 1 and is nearly identical with SSL version
427 See: <a href="ssl/">SSL/TLS Encryption</a>
430 <dt><a name="uniformresourcelocator" id="uniformresourcelocator">Uniform
431 Resource Locator</a> <a name="url" id="url">(URL)</a></dt>
432 <dd>The name/address of a resource on the Internet. This is the common
433 informal term for what is formally called a <glossary
434 ref="uniformresourceidentifier">Uniform Resource Identifier</glossary>.
435 URLs are usually made up of a scheme, like <code>http</code> or
436 <code>https</code>, a hostname, and a path. A URL for this page is
437 <code>http://httpd.apache.org/docs-2.1/glossary.html</code>.
440 <dt><a name="uniformresourceidentifier"
441 id="uniformresourceidentifier">Uniform Resource Identifier</a>
442 <a name="URI" id="URI">(URI)</a></dt>
443 <dd>A compact string of characters for identifying an abstract or physical
444 resource. It is formally defined by <a
445 href="http://www.ietf.org/rfc/rfc2396.txt">RFC 2396</a>. URIs used on the
446 world-wide web are commonly referred to as <glossary
447 ref="url">URLs</glossary>.
450 <dt><a name="virtualhosting" id="virtualhosting">Virtual Hosting</a></dt>
451 <dd>Serving multiple websites using a single instance of Apache. <em>IP
452 virtual hosting</em> differentiates between websites based on their IP
453 address, while <em>name-based virtual hosting</em> uses only the name of the
454 host and can therefore host many sites on the same IP address.<br />
455 See: <a href="vhosts/">Apache Virtual Host documentation</a>
458 <dt><a name="x.509" id="x.509">X.509</a></dt>
459 <dd>An authentication certificate scheme recommended by the International
460 Telecommunication Union (ITU-T) which is used for SSL/TLS authentication.<br
461 /> See: <a href="ssl/">SSL/TLS Encryption</a>