1 <?xml version="1.0" encoding="UTF-8" ?>
2 <!DOCTYPE manualpage SYSTEM "./style/manualpage.dtd">
3 <?xml-stylesheet type="text/xsl" href="./style/manual.en.xsl"?>
4 <!-- $LastChangedRevision$ -->
7 Licensed to the Apache Software Foundation (ASF) under one or more
8 contributor license agreements. See the NOTICE file distributed with
9 this work for additional information regarding copyright ownership.
10 The ASF licenses this file to You under the Apache License, Version 2.0
11 (the "License"); you may not use this file except in compliance with
12 the License. You may obtain a copy of the License at
14 http://www.apache.org/licenses/LICENSE-2.0
16 Unless required by applicable law or agreed to in writing, software
17 distributed under the License is distributed on an "AS IS" BASIS,
18 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19 See the License for the specific language governing permissions and
20 limitations under the License.
23 <manualpage metafile="glossary.xml.meta">
25 <title>Glossary</title>
28 <p>This glossary defines some of the common terminology related to Apache in
29 particular, and web serving in general. More information on each concept
30 is provided in the links.</p>
33 <section id="definitions"><title>Definitions</title>
36 <dt><a name="accesscontrol" id="accesscontrol">Access Control</a></dt>
37 <dd>The restriction of access to network realms. In an Apache context
38 usually the restriction of access to certain <em>URLs</em>.<br /> See: <a
39 href="howto/auth.html">Authentication, Authorization, and Access
43 <dt><a name="algorithm" id="algorithm">Algorithm</a></dt>
44 <dd>An unambiguous formula or set of rules for solving a problem in a finite
45 number of steps. Algorithms for encryption are usually called
49 <dt><a name="apacheextensiontool" id="apacheextensiontool">APache
50 eXtension Tool</a> <a name="apxs" id="apxs">(apxs)</a></dt>
51 <dd>A perl script that aids in compiling <glossary
52 ref="module">module</glossary> sources into Dynamic Shared Objects
53 (<glossary ref="dso">DSO</glossary>s) and helps install them in the
54 Apache Web server.<br />
55 See: Manual Page: <program>apxs</program>
58 <dt><a name="apacheportableruntime"
59 id="apacheportableruntime">Apache Portable Runtime</a> <a
60 name="apr" id="apr">(APR)</a></dt>
61 <dd>A set of libraries providing many of the basic interfaces
62 between the server and the operating system. APR is developed
63 parallel to the Apache HTTP Server as an independent project.<br />
64 See: <a href="http://apr.apache.org/">Apache Portable Runtime
68 <dt><a name="authentication" id="authentication">Authentication</a></dt>
69 <dd>The positive identification of a network entity such as a server, a
70 client, or a user.<br />
71 See: <a href="howto/auth.html">Authentication, Authorization, and Access
75 <dt><a name="certificate" id="certificate">Certificate</a></dt>
76 <dd>A data record used for authenticating network entities such
77 as a server or a client. A certificate contains X.509 information pieces
78 about its owner (called the subject) and the signing <glossary
79 ref="certificationauthority">Certification Authority</glossary> (called
80 the issuer), plus the owner's <glossary ref="publickey">public
81 key</glossary> and the
82 signature made by the CA. Network entities verify these signatures
83 using CA certificates.<br />
84 See: <a href="ssl/">SSL/TLS Encryption</a>
87 <dt><a name="certificatsigningrequest"
88 id="certificatsigningrequest">Certificate Signing Request</a>
89 <a name="csr" id="csr">(CSR)</a></dt>
90 <dd>An unsigned <glossary ref="certificate">certificate</glossary> for
91 submission to a <glossary ref="certificationauthority">Certification
92 Authority</glossary>, which signs it with the <glossary
93 ref="privatekey">Private Key</glossary> of their CA
94 <em>Certificate</em>. Once the CSR is signed, it becomes a real
96 See: <a href="ssl/">SSL/TLS Encryption</a>
99 <dt><a name="certificationauthority"
100 id="certificationauthority">Certification Authority</a>
101 <a name="ca" id="ca">(CA)</a></dt>
102 <dd>A trusted third party whose purpose is to sign certificates for network
103 entities it has authenticated using secure means. Other network entities
104 can check the signature to verify that a CA has authenticated the bearer
105 of a certificate.<br />
106 See: <a href="ssl/">SSL/TLS Encryption</a>
109 <dt><a name="cipher" id="cipher">Cipher</a></dt>
110 <dd>An algorithm or system for data encryption. Examples are DES, IDEA, RC4,
112 See: <a href="ssl/">SSL/TLS Encryption</a>
115 <dt><a name="ciphertext" id="ciphertext">Ciphertext</a></dt>
116 <dd>The result after <glossary ref="plaintext">Plaintext</glossary> is
117 passed through a <glossary ref="cipher">Cipher</glossary>.<br /> See: <a
118 href="ssl/">SSL/TLS Encryption</a>
121 <dt><a name="commongatewayinterface" id="commongatewayinterface">Common
122 Gateway Interface</a> <a name="cgi" id="cgi">(CGI)</a></dt>
123 <dd>A standard definition for an interface between a web server and an
124 external program that allows the external program to service requests.
125 The interface was originally defined by <a
126 href="http://hoohoo.ncsa.uiuc.edu/cgi/overview.html">NCSA</a> but there
127 is also an <a href="http://cgi-spec.golux.com/">RFC project</a>.<br />
128 See: <a href="howto/cgi.html">Dynamic Content with CGI</a>
131 <dt><a name="configurationdirective"
132 id="configurationdirective">Configuration Directive</a></dt>
133 <dd>See: <glossary ref="directive">Directive</glossary></dd>
135 <dt><a name="configurationfile" id="configurationfile">Configuration
137 <dd>A text file containing <glossary ref="directive">Directives</glossary>
138 that control the configuration of Apache.<br />
139 See: <a href="configuring.html">Configuration Files</a>
142 <dt><a name="connect" id="connect">CONNECT</a></dt>
143 <dd>An HTTP <glossary ref="method">method</glossary> for proxying raw data
144 channels over HTTP. It can be used to encapsulate other protocols, such as
148 <dt><a name="context" id="context">Context</a></dt>
149 <dd>An area in the <glossary ref="configurationfile">configuration
150 files</glossary> where certain types of <glossary
151 ref="directive">directives</glossary> are allowed.<br />
152 See: <a href="mod/directive-dict.html#Context">Terms Used to Describe
153 Apache Directives</a>
156 <dt><a name="digitalsignature" id="digitalsignature">Digital
158 <dd>An encrypted text block that validates a certificate or other file. A
159 <glossary ref="certificationauthority">Certification Authority</glossary>
160 creates a signature by generating a hash of the <em>Public Key</em>
161 embedded in a <em>Certificate</em>, then encrypting the hash with its own
162 <em>Private Key</em>. Only the CA's public key can decrypt the signature,
163 verifying that the CA has authenticated the network entity that owns the
164 <em>Certificate</em>.<br />
165 See: <a href="ssl/">SSL/TLS Encryption</a>
168 <dt><a name="directive" id="directive">Directive</a></dt>
169 <dd>A configuration command that controls one or more aspects of Apache's
170 behavior. Directives are placed in the <glossary
171 ref="configurationfile">Configuration File</glossary><br />
172 See: <a href="mod/directives.html">Directive Index</a>
175 <dt><a name="dynamicsharedobject" id="dynamicsharedobject">Dynamic
176 Shared Object</a> <a name="dso" id="dso">(DSO)</a></dt>
177 <dd><glossary ref="module">Modules</glossary> compiled separately from the
178 Apache <program>httpd</program> binary that can be loaded on-demand.<br />
179 See: <a href="dso.html">Dynamic Shared Object Support</a>
182 <dt><a name="environmentvariable" id="environmentvariable">Environment
183 Variable</a> <a name="env-variable"
184 id="env-variable">(env-variable)</a></dt>
185 <dd>Named variables managed by the operating system shell and used to store
186 information and communicate between programs. Apache also contains
187 internal variables that are referred to as environment variables, but are
188 stored in internal Apache structures, rather than in the shell
190 See: <a href="env.html">Environment Variables in Apache</a>
193 <dt><a name="export-crippled" id="export-crippled">Export-Crippled</a></dt>
194 <dd>Diminished in cryptographic strength (and security) in order to comply
195 with the United States' Export Administration Regulations (EAR).
196 Export-crippled cryptographic software is limited to a small key size,
197 resulting in <em>Ciphertext</em> which usually can be decrypted by brute
199 See: <a href="ssl/">SSL/TLS Encryption</a>
202 <dt><a name="filter" id="filter">Filter</a></dt>
203 <dd>A process that is applied to data that is sent or received by the
204 server. Input filters process data sent by the client to the server,
205 while output filters process documents on the server before they are sent
206 to the client. For example, the <code>INCLUDES</code> output filter
207 processes documents for <glossary ref="ssi">Server Side
208 Includes</glossary>.<br />
209 See: <a href="filter.html">Filters</a>
212 <dt><a name="fully-qualifieddomain-name"
213 id="fully-qualifieddomain-name">Fully-Qualified Domain-Name</a>
214 <a name="fqdn" id="fqdn">(FQDN)</a></dt>
215 <dd>The unique name of a network entity, consisting of a hostname and a
216 domain name that can resolve to an IP address. For example,
217 <code>www</code> is a hostname, <code>example.com</code> is a domain name,
218 and <code>www.example.com</code> is a fully-qualified domain name.
221 <dt><a name="handler" id="handler">Handler</a></dt>
222 <dd>An internal Apache representation of the action to be performed when a
223 file is called. Generally, files have implicit handlers, based on the file
224 type. Normally, all files are simply served by the server, but certain
225 file types are "handled" separately. For example, the
226 <code>cgi-script</code> handler designates files to be processed as
227 <glossary ref="cgi">CGIs</glossary>.<br />
228 See: <a href="handler.html">Apache's Handler Use</a>
231 <dt><a name="hash" id="hash">Hash</a></dt>
232 <dd>A mathematical one-way, irreversible algorithm generating a string with
233 fixed-length from another string of any length. Different input strings
234 will usually produce different hashes (depending on the hash function).
237 <dt><a name="header" id="header">Header</a></dt>
238 <dd>The part of the <glossary ref="http">HTTP</glossary> request and
239 response that is sent before the actual content, and that contains
240 meta-information describing the content.
243 <dt><a name="htaccess" id="htaccess">.htaccess</a></dt>
244 <dd>A <glossary ref="configurationfile">configuration file</glossary> that
245 is placed inside the web tree and applies configuration <glossary
246 ref="directive">directives</glossary> to the directory where it is
247 placed and all sub-directories. Despite its name, this file can hold
248 almost any type of directive, not just access-control directives.<br />
249 See: <a href="configuring.html">Configuration Files</a>
252 <dt><a name="httpd.conf" id="httpd.conf">httpd.conf</a></dt>
253 <dd>The main Apache <glossary ref="configurationfile">configuration
254 file</glossary>. The default location is
255 <code>/usr/local/apache2/conf/httpd.conf</code>, but it may be moved using
256 run-time or compile-time configuration.<br />
257 See: <a href="configuring.html">Configuration Files</a>
260 <dt><a name="hypertexttransferprotocol"
261 id="hypertexttransferprotocol">HyperText Transfer Protocol</a>
262 <a name="http" id="hhtp">(HTTP)</a></dt>
263 <dd>The standard transmission protocol used on the World Wide Web. Apache
264 implements version 1.1 of the protocol, referred to as HTTP/1.1 and
265 defined by <a href="http://ietf.org/rfc/rfc2616.txt">RFC 2616</a>.
268 <dt><a name="https" id="https">HTTPS</a></dt>
269 <dd>The HyperText Transfer Protocol (Secure), the standard encrypted
270 communication mechanism on the World Wide Web. This is actually just HTTP
271 over <glossary ref="ssl">SSL</glossary>.<br />
272 See: <a href="ssl/">SSL/TLS Encryption</a>
275 <dt><a name="method" id="method">Method</a></dt>
276 <dd>In the context of <glossary ref="http">HTTP</glossary>, an action to
277 perform on a resource, specified on the request line by the client. Some
278 of the methods available in HTTP are <code>GET</code>, <code>POST</code>,
279 and <code>PUT</code>.
282 <dt><a name="messagedigest" id="messagedigest">Message Digest</a></dt>
283 <dd>A hash of a message, which can be used to verify that the contents of
284 the message have not been altered in transit.<br />
285 See: <a href="ssl/">SSL/TLS Encryption</a>
288 <dt><a name="mime-type" id="mime-type">MIME-type</a></dt>
289 <dd>A way to describe the kind of document being transmitted. Its name
290 comes from that fact that its format is borrowed from the Multipurpose
291 Internet Mail Extensions. It consists of a major type and a minor type,
292 separated by a slash. Some examples are <code>text/html</code>,
293 <code>image/gif</code>, and <code>application/octet-stream</code>. In
294 HTTP, the MIME-type is transmitted in the <code>Content-Type</code>
295 <glossary ref="header">header</glossary>.<br />
296 See: <a href="mod/mod_mime.html">mod_mime</a>
299 <dt><a name="module" id="module">Module</a></dt>
300 <dd>An independent part of a program. Much of Apache's functionality is
301 contained in modules that you can choose to include or exclude. Modules
302 that are compiled into the Apache <program>httpd</program> binary are
303 called <dfn>static modules</dfn>, while modules that are stored
304 separately and can be optionally loaded at run-time are called
305 <dfn>dynamic modules</dfn> or <glossary ref="dso">DSOs</glossary>.
306 Modules that are included by default
307 are called <dfn>base modules</dfn>. Many modules are available for Apache
308 that are not distributed as part of the Apache HTTP Server <glossary
309 ref="tarball">tarball</glossary>. These are referred to as
310 <dfn>third-party modules</dfn>.<br />
311 See: <a href="mod/">Module Index</a>
314 <dt><a name="modulemagicnumber" id="modulemagicnumber">Module Magic
315 Number</a> (<a name="mmn" id="mmn">MMN</a>)</dt>
316 <dd>Module Magic Number is a constant defined in the Apache source code that
317 is associated with binary compatibility of modules. It is changed when
318 internal Apache structures, function calls and other significant parts of
319 API change in such a way that binary compatibility cannot be guaranteed
320 any more. On MMN change, all third party modules have to be at least
321 recompiled, sometimes even slightly changed in order to work with the new
325 <dt><a name="openssl" id="openssl">OpenSSL</a></dt>
326 <dd>The Open Source toolkit for SSL/TLS<br />
327 See <a href="http://www.openssl.org/">http://www.openssl.org/</a>#
330 <dt><a name="passphrase" id="passphrase">Pass Phrase</a></dt>
331 <dd>The word or phrase that protects private key files. It prevents
332 unauthorized users from encrypting them. Usually it's just the secret
333 encryption/decryption key used for <glossary
334 ref="cipher">Ciphers</glossary>.<br />
335 See: <a href="ssl/">SSL/TLS Encryption</a>
338 <dt><a name="plaintext" id="plaintext">Plaintext</a></dt>
339 <dd>The unencrypted text.</dd>
341 <dt><a name="privatekey" id="privatekey">Private Key</a></dt>
342 <dd>The secret key in a <glossary ref="publickeycryptography">Public Key
343 Cryptography</glossary> system, used to decrypt incoming messages and
344 sign outgoing ones.<br />
345 See: <a href="ssl/">SSL/TLS Encryption</a>
348 <dt><a name="proxy" id="proxy">Proxy</a></dt>
349 <dd>An intermediate server that sits between the client and the <em>origin
350 server</em>. It accepts requests from clients, transmits those requests
351 on to the origin server, and then returns the response from the origin
352 server to the client. If several clients request the same content, the
353 proxy can deliver that content from its cache, rather than requesting it
354 from the origin server each time, thereby reducing response time.<br />
355 See: <a href="mod/mod_proxy.html">mod_proxy</a>
358 <dt><a name="publickey" id="publickey">Public Key</a></dt>
359 <dd>The publicly available key in a <glossary
360 ref="publickeycryptography">Public Key Cryptography</glossary> system,
361 used to encrypt messages bound for its owner and to decrypt signatures
362 made by its owner.<br />
363 See: <a href="ssl/">SSL/TLS Encryption</a>
366 <dt><a name="publickeycryptography"
367 id="publickeycryptography">Public Key Cryptography</a></dt>
368 <dd>The study and application of asymmetric encryption systems, which use
369 one key for encryption and another for decryption. A corresponding pair of
370 such keys constitutes a key pair. Also called Asymmetric Cryptography.
372 See: <a href="ssl/">SSL/TLS Encryption</a>
375 <dt><a name="regularexpresion" id="regularexpresion">Regular Expression</a>
376 <a name="regex" id="regex">(Regex)</a></dt>
377 <dd>A way of describing a pattern in text - for example, "all the words that
378 begin with the letter A" or "every 10-digit phone number" or even "Every
379 sentence with two commas in it, and no capital letter Q". Regular
380 expressions are useful in Apache because they let you apply certain
381 attributes against collections of files or resources in very flexible ways
382 - for example, all .gif and .jpg files under any "images" directory could
383 be written as "<code>/images/.*(jpg|gif)$</code>". Apache uses Perl
384 Compatible Regular Expressions provided by the <a
385 href="http://www.pcre.org/">PCRE</a> library.
388 <dt><a name="reverseproxy" id="reverseproxy">Reverse Proxy</a></dt>
389 <dd>A <glossary ref="proxy">proxy</glossary> server that appears to the client
390 as if it is an <em>origin server</em>. This is useful to hide the real
391 origin server from the client for security reasons, or to load balance.
394 <dt><a name="securesocketslayer" id="securesocketslayer">Secure Sockets
395 Layer</a> <a name="ssl" id="ssl">(SSL)</a></dt>
396 <dd>A protocol created by Netscape Communications Corporation for general
397 communication authentication and encryption over TCP/IP networks. The most
398 popular usage is <em>HTTPS</em>, i.e. the HyperText Transfer Protocol (HTTP)
400 See: <a href="ssl/">SSL/TLS Encryption</a>
403 <dt><a name="serversideincludes" id="serversideincludes">Server Side
404 Includes</a> <a name="ssi" id="ssi">(SSI)</a></dt>
405 <dd>A technique for embedding processing directives inside HTML files.<br />
406 See: <a href="howto/ssi.html">Introduction to Server Side Includes</a>
409 <dt><a name="session" id="session">Session</a></dt>
410 <dd>The context information of a communication in general.</dd>
412 <dt><a name="ssleay" id="ssleay">SSLeay</a></dt>
413 <dd>The original SSL/TLS implementation library developed by Eric A.
417 <dt><a name="symmetriccryptophraphy" id="symmetriccryptophraphy">Symmetric
418 Cryptography</a></dt>
419 <dd>The study and application of <em>Ciphers</em> that use a single secret key
420 for both encryption and decryption operations.<br />
421 See: <a href="ssl/">SSL/TLS Encryption</a>
424 <dt><a name="tarball" id="tarball">Tarball</a></dt>
425 <dd>A package of files gathered together using the <code>tar</code> utility.
426 Apache distributions are stored in compressed tar archives or using
430 <dt><a name="transportlayersecurity" id="transportlayersecurity">Transport
431 Layer Security</a> <a name="tls" id="tls">(TLS)</a></dt>
432 <dd>The successor protocol to SSL, created by the Internet Engineering Task
433 Force (IETF) for general communication authentication and encryption over
434 TCP/IP networks. TLS version 1 is nearly identical with SSL version 3.<br />
435 See: <a href="ssl/">SSL/TLS Encryption</a>
438 <dt><a name="uniformresourcelocator" id="uniformresourcelocator">Uniform
439 Resource Locator</a> <a name="url" id="url">(URL)</a></dt>
440 <dd>The name/address of a resource on the Internet. This is the common
441 informal term for what is formally called a <glossary
442 ref="uniformresourceidentifier">Uniform Resource Identifier</glossary>.
443 URLs are usually made up of a scheme, like <code>http</code> or
444 <code>https</code>, a hostname, and a path. A URL for this page might
445 be <code>http://httpd.apache.org/docs/&httpd.docs;/glossary.html</code>.
448 <dt><a name="uniformresourceidentifier"
449 id="uniformresourceidentifier">Uniform Resource Identifier</a>
450 <a name="URI" id="URI">(URI)</a></dt>
451 <dd>A compact string of characters for identifying an abstract or physical
452 resource. It is formally defined by <a
453 href="http://www.ietf.org/rfc/rfc2396.txt">RFC 2396</a>. URIs used on the
454 world-wide web are commonly referred to as <glossary
455 ref="url">URLs</glossary>.
458 <dt><a name="virtualhosting" id="virtualhosting">Virtual Hosting</a></dt>
459 <dd>Serving multiple websites using a single instance of Apache. <em>IP
460 virtual hosting</em> differentiates between websites based on their IP
461 address, while <em>name-based virtual hosting</em> uses only the name of the
462 host and can therefore host many sites on the same IP address.<br />
463 See: <a href="vhosts/">Apache Virtual Host documentation</a>
466 <dt><a name="x.509" id="x.509">X.509</a></dt>
467 <dd>An authentication certificate scheme recommended by the International
468 Telecommunication Union (ITU-T) which is used for SSL/TLS authentication.<br
469 /> See: <a href="ssl/">SSL/TLS Encryption</a>