1 <?xml version="1.0" encoding="UTF-8" ?>
2 <!DOCTYPE manualpage SYSTEM "./style/manualpage.dtd">
3 <?xml-stylesheet type="text/xsl" href="./style/manual.en.xsl"?>
4 <!-- $LastChangedRevision$ -->
7 Licensed to the Apache Software Foundation (ASF) under one or more
8 contributor license agreements. See the NOTICE file distributed with
9 this work for additional information regarding copyright ownership.
10 The ASF licenses this file to You under the Apache License, Version 2.0
11 (the "License"); you may not use this file except in compliance with
12 the License. You may obtain a copy of the License at
14 http://www.apache.org/licenses/LICENSE-2.0
16 Unless required by applicable law or agreed to in writing, software
17 distributed under the License is distributed on an "AS IS" BASIS,
18 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19 See the License for the specific language governing permissions and
20 limitations under the License.
23 <manualpage metafile="glossary.xml.meta">
25 <title>Glossary</title>
28 <p>This glossary defines some of the common terminology related to Apache in
29 particular, and web serving in general. More information on each concept
30 is provided in the links.</p>
33 <section id="definitions"><title>Definitions</title>
36 <dt><a name="accesscontrol" id="accesscontrol">Access Control</a></dt>
37 <dd>The restriction of access to network realms. In an Apache context
38 usually the restriction of access to certain <em>URLs</em>.<br /> See: <a
39 href="howto/auth.html">Authentication, Authorization, and Access
43 <dt><a name="algorithm" id="algorithm">Algorithm</a></dt>
44 <dd>An unambiguous formula or set of rules for solving a problem in a finite
45 number of steps. Algorithms for encryption are usually called
49 <dt><a name="apacheextensiontool" id="apacheextensiontool">APache
50 eXtension Tool</a> <a name="apxs" id="apxs">(apxs)</a></dt>
51 <dd>A perl script that aids in compiling <glossary
52 ref="module">module</glossary> sources into Dynamic Shared Objects
53 (<glossary ref="dso">DSO</glossary>s) and helps install them in the
54 Apache Web server.<br />
55 See: Manual Page: <program>apxs</program>
58 <dt><a name="apacheportableruntime"
59 id="apacheportableruntime">Apache Portable Runtime</a> <a
60 name="apr" id="apr">(APR)</a></dt>
61 <dd>A set of libraries providing many of the basic interfaces
62 between the server and the operating system. APR is developed
63 parallel to the Apache HTTP Server as an independent project.<br />
64 See: <a href="http://apr.apache.org/">Apache Portable Runtime
68 <dt><a name="authentication" id="authentication">Authentication</a></dt>
69 <dd>The positive identification of a network entity such as a server, a
70 client, or a user.<br />
71 See: <a href="howto/auth.html">Authentication, Authorization, and Access
75 <dt><a name="certificate" id="certificate">Certificate</a></dt>
76 <dd>A data record used for authenticating network entities such
77 as a server or a client. A certificate contains X.509 information pieces
78 about its owner (called the subject) and the signing <glossary
79 ref="certificationauthority">Certification Authority</glossary> (called
80 the issuer), plus the owner's <glossary ref="publickey">public
81 key</glossary> and the
82 signature made by the CA. Network entities verify these signatures
83 using CA certificates.<br />
84 See: <a href="ssl/">SSL/TLS Encryption</a>
87 <dt><a name="certificatsigningrequest"
88 id="certificatsigningrequest">Certificate Signing Request</a>
89 <a name="csr" id="csr">(CSR)</a></dt>
90 <dd>An unsigned <glossary ref="certificate">certificate</glossary> for
91 submission to a <glossary ref="certificationauthority">Certification
92 Authority</glossary>, which signs it with the <glossary
93 ref="privatekey">Private Key</glossary> of their CA
94 <em>Certificate</em>. Once the CSR is signed, it becomes a real
96 See: <a href="ssl/">SSL/TLS Encryption</a>
99 <dt><a name="certificationauthority"
100 id="certificationauthority">Certification Authority</a>
101 <a name="ca" id="ca">(CA)</a></dt>
102 <dd>A trusted third party whose purpose is to sign certificates for network
103 entities it has authenticated using secure means. Other network entities
104 can check the signature to verify that a CA has authenticated the bearer
105 of a certificate.<br />
106 See: <a href="ssl/">SSL/TLS Encryption</a>
109 <dt><a name="cipher" id="cipher">Cipher</a></dt>
110 <dd>An algorithm or system for data encryption. Examples are DES, IDEA, RC4,
112 See: <a href="ssl/">SSL/TLS Encryption</a>
115 <dt><a name="ciphertext" id="ciphertext">Ciphertext</a></dt>
116 <dd>The result after <glossary ref="plaintext">Plaintext</glossary> is
117 passed through a <glossary ref="cipher">Cipher</glossary>.<br /> See: <a
118 href="ssl/">SSL/TLS Encryption</a>
121 <dt><a name="commongatewayinterface" id="commongatewayinterface">Common
122 Gateway Interface</a> <a name="cgi" id="cgi">(CGI)</a></dt>
123 <dd>A standard definition for an interface between a web server and an
124 external program that allows the external program to service requests.
125 There is an <a href="http://www.ietf.org/rfc/rfc3875">Informational
126 RFC</a> which covers the specifics.<br />
127 See: <a href="howto/cgi.html">Dynamic Content with CGI</a>
130 <dt><a name="configurationdirective"
131 id="configurationdirective">Configuration Directive</a></dt>
132 <dd>See: <glossary ref="directive">Directive</glossary></dd>
134 <dt><a name="configurationfile" id="configurationfile">Configuration
136 <dd>A text file containing <glossary ref="directive">Directives</glossary>
137 that control the configuration of Apache.<br />
138 See: <a href="configuring.html">Configuration Files</a>
141 <dt><a name="connect" id="connect">CONNECT</a></dt>
142 <dd>An HTTP <glossary ref="method">method</glossary> for proxying raw data
143 channels over HTTP. It can be used to encapsulate other protocols, such as
147 <dt><a name="context" id="context">Context</a></dt>
148 <dd>An area in the <glossary ref="configurationfile">configuration
149 files</glossary> where certain types of <glossary
150 ref="directive">directives</glossary> are allowed.<br />
151 See: <a href="mod/directive-dict.html#Context">Terms Used to Describe
152 Apache Directives</a>
155 <dt><a name="digitalsignature" id="digitalsignature">Digital
157 <dd>An encrypted text block that validates a certificate or other file. A
158 <glossary ref="certificationauthority">Certification Authority</glossary>
159 creates a signature by generating a hash of the <em>Public Key</em>
160 embedded in a <em>Certificate</em>, then encrypting the hash with its own
161 <em>Private Key</em>. Only the CA's public key can decrypt the signature,
162 verifying that the CA has authenticated the network entity that owns the
163 <em>Certificate</em>.<br />
164 See: <a href="ssl/">SSL/TLS Encryption</a>
167 <dt><a name="directive" id="directive">Directive</a></dt>
168 <dd>A configuration command that controls one or more aspects of Apache's
169 behavior. Directives are placed in the <glossary
170 ref="configurationfile">Configuration File</glossary><br />
171 See: <a href="mod/directives.html">Directive Index</a>
174 <dt><a name="dynamicsharedobject" id="dynamicsharedobject">Dynamic
175 Shared Object</a> <a name="dso" id="dso">(DSO)</a></dt>
176 <dd><glossary ref="module">Modules</glossary> compiled separately from the
177 Apache <program>httpd</program> binary that can be loaded on-demand.<br />
178 See: <a href="dso.html">Dynamic Shared Object Support</a>
181 <dt><a name="environmentvariable" id="environmentvariable">Environment
182 Variable</a> <a name="env-variable"
183 id="env-variable">(env-variable)</a></dt>
184 <dd>Named variables managed by the operating system shell and used to store
185 information and communicate between programs. Apache also contains
186 internal variables that are referred to as environment variables, but are
187 stored in internal Apache structures, rather than in the shell
189 See: <a href="env.html">Environment Variables in Apache</a>
192 <dt><a name="export-crippled" id="export-crippled">Export-Crippled</a></dt>
193 <dd>Diminished in cryptographic strength (and security) in order to comply
194 with the United States' Export Administration Regulations (EAR).
195 Export-crippled cryptographic software is limited to a small key size,
196 resulting in <em>Ciphertext</em> which usually can be decrypted by brute
198 See: <a href="ssl/">SSL/TLS Encryption</a>
201 <dt><a name="filter" id="filter">Filter</a></dt>
202 <dd>A process that is applied to data that is sent or received by the
203 server. Input filters process data sent by the client to the server,
204 while output filters process documents on the server before they are sent
205 to the client. For example, the <code>INCLUDES</code> output filter
206 processes documents for <glossary ref="ssi">Server Side
207 Includes</glossary>.<br />
208 See: <a href="filter.html">Filters</a>
211 <dt><a name="fully-qualifieddomain-name"
212 id="fully-qualifieddomain-name">Fully-Qualified Domain-Name</a>
213 <a name="fqdn" id="fqdn">(FQDN)</a></dt>
214 <dd>The unique name of a network entity, consisting of a hostname and a
215 domain name that can resolve to an IP address. For example,
216 <code>www</code> is a hostname, <code>example.com</code> is a domain name,
217 and <code>www.example.com</code> is a fully-qualified domain name.
220 <dt><a name="handler" id="handler">Handler</a></dt>
221 <dd>An internal Apache representation of the action to be performed when a
222 file is called. Generally, files have implicit handlers, based on the file
223 type. Normally, all files are simply served by the server, but certain
224 file types are "handled" separately. For example, the
225 <code>cgi-script</code> handler designates files to be processed as
226 <glossary ref="cgi">CGIs</glossary>.<br />
227 See: <a href="handler.html">Apache's Handler Use</a>
230 <dt><a name="hash" id="hash">Hash</a></dt>
231 <dd>A mathematical one-way, irreversible algorithm generating a string with
232 fixed-length from another string of any length. Different input strings
233 will usually produce different hashes (depending on the hash function).
236 <dt><a name="header" id="header">Header</a></dt>
237 <dd>The part of the <glossary ref="http">HTTP</glossary> request and
238 response that is sent before the actual content, and that contains
239 meta-information describing the content.
242 <dt><a name="htaccess" id="htaccess">.htaccess</a></dt>
243 <dd>A <glossary ref="configurationfile">configuration file</glossary> that
244 is placed inside the web tree and applies configuration <glossary
245 ref="directive">directives</glossary> to the directory where it is
246 placed and all sub-directories. Despite its name, this file can hold
247 almost any type of directive, not just access-control directives.<br />
248 See: <a href="configuring.html">Configuration Files</a>
251 <dt><a name="httpd.conf" id="httpd.conf">httpd.conf</a></dt>
252 <dd>The main Apache <glossary ref="configurationfile">configuration
253 file</glossary>. The default location is
254 <code>/usr/local/apache2/conf/httpd.conf</code>, but it may be moved using
255 run-time or compile-time configuration.<br />
256 See: <a href="configuring.html">Configuration Files</a>
259 <dt><a name="hypertexttransferprotocol"
260 id="hypertexttransferprotocol">HyperText Transfer Protocol</a>
261 <a name="http" id="hhtp">(HTTP)</a></dt>
262 <dd>The standard transmission protocol used on the World Wide Web. Apache
263 implements version 1.1 of the protocol, referred to as HTTP/1.1 and
264 defined by <a href="http://ietf.org/rfc/rfc2616.txt">RFC 2616</a>.
267 <dt><a name="https" id="https">HTTPS</a></dt>
268 <dd>The HyperText Transfer Protocol (Secure), the standard encrypted
269 communication mechanism on the World Wide Web. This is actually just HTTP
270 over <glossary ref="ssl">SSL</glossary>.<br />
271 See: <a href="ssl/">SSL/TLS Encryption</a>
274 <dt><a name="method" id="method">Method</a></dt>
275 <dd>In the context of <glossary ref="http">HTTP</glossary>, an action to
276 perform on a resource, specified on the request line by the client. Some
277 of the methods available in HTTP are <code>GET</code>, <code>POST</code>,
278 and <code>PUT</code>.
281 <dt><a name="messagedigest" id="messagedigest">Message Digest</a></dt>
282 <dd>A hash of a message, which can be used to verify that the contents of
283 the message have not been altered in transit.<br />
284 See: <a href="ssl/">SSL/TLS Encryption</a>
287 <dt><a name="mime-type" id="mime-type">MIME-type</a></dt>
288 <dd>A way to describe the kind of document being transmitted. Its name
289 comes from that fact that its format is borrowed from the Multipurpose
290 Internet Mail Extensions. It consists of a major type and a minor type,
291 separated by a slash. Some examples are <code>text/html</code>,
292 <code>image/gif</code>, and <code>application/octet-stream</code>. In
293 HTTP, the MIME-type is transmitted in the <code>Content-Type</code>
294 <glossary ref="header">header</glossary>.<br />
295 See: <a href="mod/mod_mime.html">mod_mime</a>
298 <dt><a name="module" id="module">Module</a></dt>
299 <dd>An independent part of a program. Much of Apache's functionality is
300 contained in modules that you can choose to include or exclude. Modules
301 that are compiled into the Apache <program>httpd</program> binary are
302 called <dfn>static modules</dfn>, while modules that are stored
303 separately and can be optionally loaded at run-time are called
304 <dfn>dynamic modules</dfn> or <glossary ref="dso">DSOs</glossary>.
305 Modules that are included by default
306 are called <dfn>base modules</dfn>. Many modules are available for Apache
307 that are not distributed as part of the Apache HTTP Server <glossary
308 ref="tarball">tarball</glossary>. These are referred to as
309 <dfn>third-party modules</dfn>.<br />
310 See: <a href="mod/">Module Index</a>
313 <dt><a name="modulemagicnumber" id="modulemagicnumber">Module Magic
314 Number</a> (<a name="mmn" id="mmn">MMN</a>)</dt>
315 <dd>Module Magic Number is a constant defined in the Apache source code that
316 is associated with binary compatibility of modules. It is changed when
317 internal Apache structures, function calls and other significant parts of
318 API change in such a way that binary compatibility cannot be guaranteed
319 any more. On MMN change, all third party modules have to be at least
320 recompiled, sometimes even slightly changed in order to work with the new
324 <dt><a name="openssl" id="openssl">OpenSSL</a></dt>
325 <dd>The Open Source toolkit for SSL/TLS<br />
326 See <a href="http://www.openssl.org/">http://www.openssl.org/</a>#
329 <dt><a name="passphrase" id="passphrase">Pass Phrase</a></dt>
330 <dd>The word or phrase that protects private key files. It prevents
331 unauthorized users from encrypting them. Usually it's just the secret
332 encryption/decryption key used for <glossary
333 ref="cipher">Ciphers</glossary>.<br />
334 See: <a href="ssl/">SSL/TLS Encryption</a>
337 <dt><a name="plaintext" id="plaintext">Plaintext</a></dt>
338 <dd>The unencrypted text.</dd>
340 <dt><a name="privatekey" id="privatekey">Private Key</a></dt>
341 <dd>The secret key in a <glossary ref="publickeycryptography">Public Key
342 Cryptography</glossary> system, used to decrypt incoming messages and
343 sign outgoing ones.<br />
344 See: <a href="ssl/">SSL/TLS Encryption</a>
347 <dt><a name="proxy" id="proxy">Proxy</a></dt>
348 <dd>An intermediate server that sits between the client and the <em>origin
349 server</em>. It accepts requests from clients, transmits those requests
350 on to the origin server, and then returns the response from the origin
351 server to the client. If several clients request the same content, the
352 proxy can deliver that content from its cache, rather than requesting it
353 from the origin server each time, thereby reducing response time.<br />
354 See: <a href="mod/mod_proxy.html">mod_proxy</a>
357 <dt><a name="publickey" id="publickey">Public Key</a></dt>
358 <dd>The publicly available key in a <glossary
359 ref="publickeycryptography">Public Key Cryptography</glossary> system,
360 used to encrypt messages bound for its owner and to decrypt signatures
361 made by its owner.<br />
362 See: <a href="ssl/">SSL/TLS Encryption</a>
365 <dt><a name="publickeycryptography"
366 id="publickeycryptography">Public Key Cryptography</a></dt>
367 <dd>The study and application of asymmetric encryption systems, which use
368 one key for encryption and another for decryption. A corresponding pair of
369 such keys constitutes a key pair. Also called Asymmetric Cryptography.
371 See: <a href="ssl/">SSL/TLS Encryption</a>
374 <dt><a name="regularexpresion" id="regularexpresion">Regular Expression</a>
375 <a name="regex" id="regex">(Regex)</a></dt>
376 <dd>A way of describing a pattern in text - for example, "all the words that
377 begin with the letter A" or "every 10-digit phone number" or even "Every
378 sentence with two commas in it, and no capital letter Q". Regular
379 expressions are useful in Apache because they let you apply certain
380 attributes against collections of files or resources in very flexible ways
381 - for example, all .gif and .jpg files under any "images" directory could
382 be written as "<code>/images/.*(jpg|gif)$</code>". In places where
383 regular expressions are used to replace strings, the special variables
384 $1 ... $9 contain backreferences to the grouped parts (in parentheses) of
385 the matched expression. The special variable $0 contains a backerference
386 to the whole matched expression. To write a literal dollar sign in a
387 replacement string, it can be escaped with a backslash. Historically, the
388 variable & could be used as alias for $0 in some places. This is no
389 longer possible since version 2.3.6. Apache uses Perl Compatible Regular
390 Expressions provided by the <a href="http://www.pcre.org/">PCRE</a>
391 library. You can find more documentation about PCRE's regular expression
392 syntax at that site, or at
393 <a href="http://en.wikipedia.org/wiki/PCRE">Wikipedia</a>.
396 <dt><a name="reverseproxy" id="reverseproxy">Reverse Proxy</a></dt>
397 <dd>A <glossary ref="proxy">proxy</glossary> server that appears to the client
398 as if it is an <em>origin server</em>. This is useful to hide the real
399 origin server from the client for security reasons, or to load balance.
402 <dt><a name="securesocketslayer" id="securesocketslayer">Secure Sockets
403 Layer</a> <a name="ssl" id="ssl">(SSL)</a></dt>
404 <dd>A protocol created by Netscape Communications Corporation for general
405 communication authentication and encryption over TCP/IP networks. The most
406 popular usage is <em>HTTPS</em>, i.e. the HyperText Transfer Protocol (HTTP)
408 See: <a href="ssl/">SSL/TLS Encryption</a>
411 <dt><a name="servernameindication" id="servernameindication">Server Name
412 Indication</a> <a name="sni" id="sni">(SNI)</a></dt>
413 <dd>An SSL function that allows passing the desired server
414 hostname in the initial SSL handshake message, so that the web
415 server can select the correct virtual host configuration to use
416 in processing the SSL handshake. It was added to SSL starting
417 with the TLS extensions, RFC 3546. <br />
418 See: <a href="ssl/ssl_faq.html">the SSL FAQ</a>
419 and <a href="http://www.ietf.org/rfc/rfc3546.txt">RFC 3546</a>
422 <dt><a name="serversideincludes" id="serversideincludes">Server Side
423 Includes</a> <a name="ssi" id="ssi">(SSI)</a></dt>
424 <dd>A technique for embedding processing directives inside HTML files.<br />
425 See: <a href="howto/ssi.html">Introduction to Server Side Includes</a>
428 <dt><a name="session" id="session">Session</a></dt>
429 <dd>The context information of a communication in general.</dd>
431 <dt><a name="ssleay" id="ssleay">SSLeay</a></dt>
432 <dd>The original SSL/TLS implementation library developed by Eric A.
436 <dt><a name="symmetriccryptophraphy" id="symmetriccryptophraphy">Symmetric
437 Cryptography</a></dt>
438 <dd>The study and application of <em>Ciphers</em> that use a single secret key
439 for both encryption and decryption operations.<br />
440 See: <a href="ssl/">SSL/TLS Encryption</a>
443 <dt><a name="tarball" id="tarball">Tarball</a></dt>
444 <dd>A package of files gathered together using the <code>tar</code> utility.
445 Apache distributions are stored in compressed tar archives or using
449 <dt><a name="transportlayersecurity" id="transportlayersecurity">Transport
450 Layer Security</a> <a name="tls" id="tls">(TLS)</a></dt>
451 <dd>The successor protocol to SSL, created by the Internet Engineering Task
452 Force (IETF) for general communication authentication and encryption over
453 TCP/IP networks. TLS version 1 is nearly identical with SSL version 3.<br />
454 See: <a href="ssl/">SSL/TLS Encryption</a>
457 <dt><a name="uniformresourcelocator" id="uniformresourcelocator">Uniform
458 Resource Locator</a> <a name="url" id="url">(URL)</a></dt>
459 <dd>The name/address of a resource on the Internet. This is the common
460 informal term for what is formally called a <glossary
461 ref="uniformresourceidentifier">Uniform Resource Identifier</glossary>.
462 URLs are usually made up of a scheme, like <code>http</code> or
463 <code>https</code>, a hostname, and a path. A URL for this page might
464 be <code>http://httpd.apache.org/docs/&httpd.docs;/glossary.html</code>.
467 <dt><a name="uniformresourceidentifier"
468 id="uniformresourceidentifier">Uniform Resource Identifier</a>
469 <a name="URI" id="URI">(URI)</a></dt>
470 <dd>A compact string of characters for identifying an abstract or physical
471 resource. It is formally defined by <a
472 href="http://www.ietf.org/rfc/rfc2396.txt">RFC 2396</a>. URIs used on the
473 world-wide web are commonly referred to as <glossary
474 ref="url">URLs</glossary>.
477 <dt><a name="virtualhosting" id="virtualhosting">Virtual Hosting</a></dt>
478 <dd>Serving multiple websites using a single instance of Apache. <em>IP
479 virtual hosting</em> differentiates between websites based on their IP
480 address, while <em>name-based virtual hosting</em> uses only the name of the
481 host and can therefore host many sites on the same IP address.<br />
482 See: <a href="vhosts/">Apache Virtual Host documentation</a>
485 <dt><a name="x.509" id="x.509">X.509</a></dt>
486 <dd>An authentication certificate scheme recommended by the International
487 Telecommunication Union (ITU-T) which is used for SSL/TLS authentication.<br
488 /> See: <a href="ssl/">SSL/TLS Encryption</a>