1 <?xml version="1.0" encoding="UTF-8" ?>
2 <!DOCTYPE manualpage SYSTEM "./style/manualpage.dtd">
3 <?xml-stylesheet type="text/xsl" href="./style/manual.en.xsl"?>
4 <!-- $LastChangedRevision$ -->
7 Licensed to the Apache Software Foundation (ASF) under one or more
8 contributor license agreements. See the NOTICE file distributed with
9 this work for additional information regarding copyright ownership.
10 The ASF licenses this file to You under the Apache License, Version 2.0
11 (the "License"); you may not use this file except in compliance with
12 the License. You may obtain a copy of the License at
14 http://www.apache.org/licenses/LICENSE-2.0
16 Unless required by applicable law or agreed to in writing, software
17 distributed under the License is distributed on an "AS IS" BASIS,
18 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19 See the License for the specific language governing permissions and
20 limitations under the License.
23 <manualpage metafile="glossary.xml.meta">
25 <title>Glossary</title>
28 <p>This glossary defines some of the common terminology related to Apache in
29 particular, and web serving in general. More information on each concept
30 is provided in the links.</p>
33 <section id="definitions"><title>Definitions</title>
36 <dt><a name="accesscontrol" id="accesscontrol">Access Control</a></dt>
37 <dd>The restriction of access to network realms. In an Apache context
38 usually the restriction of access to certain <em>URLs</em>.<br /> See: <a
39 href="howto/auth.html">Authentication, Authorization, and Access
43 <dt><a name="algorithm" id="algorithm">Algorithm</a></dt>
45 <dd>An unambiguous formula or set of rules for solving a problem in a finite
46 number of steps. Algorithms for encryption are usually called
50 <dt><a name="apacheextensiontool" id="apacheextensiontool">APache
51 eXtension Tool</a> <a name="apxs" id="apxs">(apxs)</a></dt>
52 <dd>A perl script that aids in compiling <glossary
53 ref="module">module</glossary> sources into Dynamic Shared Objects
54 (<glossary ref="dso">DSO</glossary>s) and helps install them in the
55 Apache Web server.<br />
56 See: Manual Page: <program>apxs</program>
59 <dt><a name="apacheportableruntime"
60 id="apacheportableruntime">Apache Portable Runtime</a> <a
61 name="apr" id="apr">(APR)</a></dt>
62 <dd>A set of libraries providing many of the basic interfaces
63 between the server and the operating system. APR is developed
64 parallel to the Apache HTTP Server as an independent project.<br />
65 See: <a href="http://apr.apache.org/">Apache Portable Runtime
69 <dt><a name="authentication" id="authentication">Authentication</a></dt>
70 <dd>The positive identification of a network entity such as a server, a
71 client, or a user.<br />
72 See: <a href="howto/auth.html">Authentication, Authorization, and Access
76 <dt><a name="certificate" id="certificate">Certificate</a></dt>
77 <dd>A data record used for authenticating network entities such
78 as a server or a client. A certificate contains X.509 information pieces
79 about its owner (called the subject) and the signing <glossary
80 ref="certificationauthority">Certification Authority</glossary> (called
81 the issuer), plus the owner's <glossary ref="publickey">public
82 key</glossary> and the
83 signature made by the CA. Network entities verify these signatures
84 using CA certificates.<br />
85 See: <a href="ssl/">SSL/TLS Encryption</a>
88 <dt><a name="certificatsigningrequest"
89 id="certificatsigningrequest">Certificate Signing Request</a>
90 <a name="csr" id="csr">(CSR)</a></dt>
91 <dd>An unsigned <glossary ref="certificate">certificate</glossary> for
92 submission to a <glossary ref="certificationauthority">Certification
93 Authority</glossary>, which signs it with the <glossary
94 ref="privatekey">Private Key</glossary> of their CA
95 <em>Certificate</em>. Once the CSR is signed, it becomes a real
97 See: <a href="ssl/">SSL/TLS Encryption</a>
100 <dt><a name="certificationauthority"
101 id="certificationauthority">Certification Authority</a>
102 <a name="ca" id="ca">(CA)</a></dt>
103 <dd>A trusted third party whose purpose is to sign certificates for network
104 entities it has authenticated using secure means. Other network entities
105 can check the signature to verify that a CA has authenticated the bearer
106 of a certificate.<br />
107 See: <a href="ssl/">SSL/TLS Encryption</a>
110 <dt><a name="cipher" id="cipher">Cipher</a></dt>
111 <dd>An algorithm or system for data encryption. Examples are DES, IDEA, RC4,
113 See: <a href="ssl/">SSL/TLS Encryption</a>
116 <dt><a name="ciphertext" id="ciphertext">Ciphertext</a></dt>
117 <dd>The result after <glossary ref="plaintext">Plaintext</glossary> is
118 passed through a <glossary ref="cipher">Cipher</glossary>.<br /> See: <a
119 href="ssl/">SSL/TLS Encryption</a>
122 <dt><a name="commongatewayinterface" id="commongatewayinterface">Common
123 Gateway Interface</a> <a name="cgi" id="cgi">(CGI)</a></dt>
124 <dd>A standard definition for an interface between a web server and an
125 external program that allows the external program to service requests.
126 The interface was originally defined by <a
127 href="http://hoohoo.ncsa.uiuc.edu/cgi/overview.html">NCSA</a> but there
128 is also an <a href="http://cgi-spec.golux.com/">RFC project</a>.<br />
129 See: <a href="howto/cgi.html">Dynamic Content with CGI</a>
132 <dt><a name="configurationdirective"
133 id="configurationdirective">Configuration Directive</a></dt>
134 <dd>See: <glossary ref="directive">Directive</glossary></dd>
136 <dt><a name="configurationfile" id="configurationfile">Configuration
138 <dd>A text file containing <glossary ref="directive">Directives</glossary>
139 that control the configuration of Apache.<br />
140 See: <a href="configuring.html">Configuration Files</a>
143 <dt><a name="connect" id="connect">CONNECT</a></dt>
144 <dd>An HTTP <glossary ref="method">method</glossary> for proxying raw data
145 channels over HTTP. It can be used to encapsulate other protocols, such as
149 <dt><a name="context" id="context">Context</a></dt>
150 <dd>An area in the <glossary ref="configurationfile">configuration
151 files</glossary> where certain types of <glossary
152 ref="directive">directives</glossary> are allowed.<br />
153 See: <a href="mod/directive-dict.html#Context">Terms Used to Describe
154 Apache Directives</a>
157 <dt><a name="digitalsignature" id="digitalsignature">Digital
159 <dd>An encrypted text block that validates a certificate or other file. A
160 <glossary ref="certificationauthority">Certification Authority</glossary>
161 creates a signature by generating a hash of the <em>Public Key</em>
162 embedded in a <em>Certificate</em>, then encrypting the hash with its own
163 <em>Private Key</em>. Only the CA's public key can decrypt the signature,
164 verifying that the CA has authenticated the network entity that owns the
165 <em>Certificate</em>.<br />
166 See: <a href="ssl/">SSL/TLS Encryption</a>
169 <dt><a name="directive" id="directive">Directive</a></dt>
170 <dd>A configuration command that controls one or more aspects of Apache's
171 behavior. Directives are placed in the <glossary
172 ref="configurationfile">Configuration File</glossary><br />
173 See: <a href="mod/directives.html">Directive Index</a>
176 <dt><a name="dynamicsharedobject" id="dynamicsharedobject">Dynamic
177 Shared Object</a> <a name="dso" id="dso">(DSO)</a></dt>
178 <dd><glossary ref="module">Modules</glossary> compiled separately from the
179 Apache <program>httpd</program> binary that can be loaded on-demand.<br />
180 See: <a href="dso.html">Dynamic Shared Object Support</a>
183 <dt><a name="environmentvariable" id="environmentvariable">Environment
184 Variable</a> <a name="env-variable"
185 id="env-variable">(env-variable)</a></dt>
186 <dd>Named variables managed by the operating system shell and used to store
187 information and communicate between programs. Apache also contains
188 internal variables that are referred to as environment variables, but are
189 stored in internal Apache structures, rather than in the shell
191 See: <a href="env.html">Environment Variables in Apache</a>
194 <dt><a name="export-crippled" id="export-crippled">Export-Crippled</a></dt>
195 <dd>Diminished in cryptographic strength (and security) in order to comply
196 with the United States' Export Administration Regulations (EAR).
197 Export-crippled cryptographic software is limited to a small key size,
198 resulting in <em>Ciphertext</em> which usually can be decrypted by brute
200 See: <a href="ssl/">SSL/TLS Encryption</a>
203 <dt><a name="filter" id="filter">Filter</a></dt>
204 <dd>A process that is applied to data that is sent or received by the
205 server. Input filters process data sent by the client to the server,
206 while output filters process documents on the server before they are sent
207 to the client. For example, the <code>INCLUDES</code> output filter
208 processes documents for <glossary ref="ssi">Server Side
209 Includes</glossary>.<br />
210 See: <a href="filter.html">Filters</a>
213 <dt><a name="fully-qualifieddomain-name"
214 id="fully-qualifieddomain-name">Fully-Qualified Domain-Name</a>
215 <a name="fqdn" id="fqdn">(FQDN)</a></dt>
216 <dd>The unique name of a network entity, consisting of a hostname and a
217 domain name that can resolve to an IP address. For example,
218 <code>www</code> is a hostname, <code>example.com</code> is a domain name,
219 and <code>www.example.com</code> is a fully-qualified domain name.
222 <dt><a name="handler" id="handler">Handler</a></dt>
223 <dd>An internal Apache representation of the action to be performed when a
224 file is called. Generally, files have implicit handlers, based on the file
225 type. Normally, all files are simply served by the server, but certain
226 file types are "handled" separately. For example, the
227 <code>cgi-script</code> handler designates files to be processed as
228 <glossary ref="cgi">CGIs</glossary>.<br />
229 See: <a href="handler.html">Apache's Handler Use</a>
232 <dt><a name="hash" id="hash">Hash</a></dt>
233 <dd>A mathematical one-way, irreversable algorithm generating a string with
234 fixed-length from another string of any length. Different input strings
235 will usually produce different hashes (depending on the hash function).
238 <dt><a name="header" id="header">Header</a></dt>
239 <dd>The part of the <glossary ref="http">HTTP</glossary> request and
240 response that is sent before the actual content, and that contains
241 meta-information describing the content.
244 <dt><a name="htaccess" id="htaccess">.htaccess</a></dt>
245 <dd>A <glossary ref="configurationfile">configuration file</glossary> that
246 is placed inside the web tree and applies configuration <glossary
247 ref="directive">directives</glossary> to the directory where it is
248 placed and all sub-directories. Despite its name, this file can hold
249 almost any type of directive, not just access-control directives.<br />
250 See: <a href="configuring.html">Configuration Files</a>
253 <dt><a name="httpd.conf" id="httpd.conf">httpd.conf</a></dt>
254 <dd>The main Apache <glossary ref="configurationfile">configuration
255 file</glossary>. The default location is
256 <code>/usr/local/apache2/conf/httpd.conf</code>, but it may be moved using
257 run-time or compile-time configuration.<br />
258 See: <a href="configuring.html">Configuration Files</a>
261 <dt><a name="hypertexttransferprotocol"
262 id="hypertexttransferprotocol">HyperText Transfer Protocol</a>
263 <a name="http" id="hhtp">(HTTP)</a></dt>
264 <dd>The standard transmission protocol used on the World Wide Web. Apache
265 implements version 1.1 of the protocol, referred to as HTTP/1.1 and
266 defined by <a href="http://ietf.org/rfc/rfc2616.txt">RFC 2616</a>.
269 <dt><a name="https" id="https">HTTPS</a></dt>
270 <dd>The HyperText Transfer Protocol (Secure), the standard encrypted
271 communication mechanism on the World Wide Web. This is actually just HTTP
272 over <glossary ref="ssl">SSL</glossary>.<br />
273 See: <a href="ssl/">SSL/TLS Encryption</a>
276 <dt><a name="method" id="method">Method</a></dt>
277 <dd>In the context of <glossary ref="http">HTTP</glossary>, an action to
278 perform on a resource, specified on the request line by the client. Some
279 of the methods available in HTTP are <code>GET</code>, <code>POST</code>,
280 and <code>PUT</code>.
283 <dt><a name="messagedigest" id="messagedigest">Message Digest</a></dt>
284 <dd>A hash of a message, which can be used to verify that the contents of
285 the message have not been altered in transit.<br />
286 See: <a href="ssl/">SSL/TLS Encryption</a>
289 <dt><a name="mime-type" id="mime-type">MIME-type</a></dt>
290 <dd>A way to describe the kind of document being transmitted. Its name
291 comes from that fact that its format is borrowed from the Multipurpose
292 Internet Mail Extensions. It consists of a major type and a minor type,
293 separated by a slash. Some examples are <code>text/html</code>,
294 <code>image/gif</code>, and <code>application/octet-stream</code>. In
295 HTTP, the MIME-type is transmitted in the <code>Content-Type</code>
296 <glossary ref="header">header</glossary>.<br />
297 See: <a href="mod/mod_mime.html">mod_mime</a>
300 <dt><a name="module" id="module">Module</a></dt>
301 <dd>An independent part of a program. Much of Apache's functionality is
302 contained in modules that you can choose to include or exclude. Modules
303 that are compiled into the Apache <program>httpd</program> binary are
304 called <dfn>static modules</dfn>, while modules that are stored
305 separately and can be optionally loaded at run-time are called
306 <dfn>dynamic modules</dfn> or <glossary ref="dso">DSOs</glossary>.
307 Modules that are included by default
308 are called <dfn>base modules</dfn>. Many modules are available for Apache
309 that are not distributed as part of the Apache HTTP Server <glossary
310 ref="tarball">tarball</glossary>. These are referred to as
311 <dfn>third-party modules</dfn>.<br />
312 See: <a href="mod/">Module Index</a>
315 <dt><a name="modulemagicnumber" id="modulemagicnumber">Module Magic
316 Number</a> (<a name="mmn" id="mmn">MMN</a>)</dt>
317 <dd>Module Magic Number is a constant defined in the Apache source code that
318 is associated with binary compatibility of modules. It is changed when
319 internal Apache structures, function calls and other significant parts of
320 API change in such a way that binary compatibility cannot be guaranteed
321 any more. On MMN change, all third party modules have to be at least
322 recompiled, sometimes even slightly changed in order to work with the new
326 <dt><a name="openssl" id="openssl">OpenSSL</a></dt>
327 <dd>The Open Source toolkit for SSL/TLS<br />
328 See <a href="http://www.openssl.org/">http://www.openssl.org/</a>#
331 <dt><a name="passphrase" id="passphrase">Pass Phrase</a></dt>
332 <dd>The word or phrase that protects private key files. It prevents
333 unauthorized users from encrypting them. Usually it's just the secret
334 encryption/decryption key used for <glossary
335 ref="cipher">Ciphers</glossary>.<br />
336 See: <a href="ssl/">SSL/TLS Encryption</a>
339 <dt><a name="plaintext" id="plaintext">Plaintext</a></dt>
340 <dd>The unencrypted text.</dd>
342 <dt><a name="privatekey" id="privatekey">Private Key</a></dt>
343 <dd>The secret key in a <glossary ref="publickeycryptography">Public Key
344 Cryptography</glossary> system, used to decrypt incoming messages and
345 sign outgoing ones.<br />
346 See: <a href="ssl/">SSL/TLS Encryption</a>
349 <dt><a name="proxy" id="proxy">Proxy</a></dt>
350 <dd>An intermediate server that sits between the client and the <em>origin
351 server</em>. It accepts requests from clients, transmits those requests
352 on to the origin server, and then returns the response from the origin
353 server to the client. If several clients request the same content, the
354 proxy can deliver that content from its cache, rather than requesting it
355 from the origin server each time, thereby reducing response time.<br />
356 See: <a href="mod/mod_proxy.html">mod_proxy</a>
359 <dt><a name="publickey" id="publickey">Public Key</a></dt>
360 <dd>The publicly available key in a <glossary
361 ref="publickeycryptography">Public Key Cryptography</glossary> system,
362 used to encrypt messages bound for its owner and to decrypt signatures
363 made by its owner.<br />
364 See: <a href="ssl/">SSL/TLS Encryption</a>
367 <dt><a name="publickeycryptography"
368 id="publickeycryptography">Public Key Cryptography</a></dt>
369 <dd>The study and application of asymmetric encryption systems, which use
370 one key for encryption and another for decryption. A corresponding pair of
371 such keys constitutes a key pair. Also called Asymmetric Cryptography.
373 See: <a href="ssl/">SSL/TLS Encryption</a>
376 <dt><a name="regularexpresion" id="regularexpresion">Regular Expression</a>
377 <a name="regex" id="regex">(Regex)</a></dt>
378 <dd>A way of describing a pattern in text - for example, "all the words that
379 begin with the letter A" or "every 10-digit phone number" or even "Every
380 sentence with two commas in it, and no capital letter Q". Regular
381 expressions are useful in Apache because they let you apply certain
382 attributes against collections of files or resources in very flexible ways
383 - for example, all .gif and .jpg files under any "images" directory could
384 be written as "<code>/images/.*(jpg|gif)$</code>". Apache uses Perl
385 Compatible Regular Expressions provided by the <a
386 href="http://www.pcre.org/">PCRE</a> library.
389 <dt><a name="reverseproxy" id="reverseproxy">Reverse Proxy</a></dt>
390 <dd>A <glossary ref="proxy">proxy</glossary> server that appears to the client
391 as if it is an <em>origin server</em>. This is useful to hide the real
392 origin server from the client for security reasons, or to load balance.
395 <dt><a name="securesocketslayer" id="securesocketslayer">Secure Sockets
396 Layer</a> <a name="ssl" id="ssl">(SSL)</a></dt>
397 <dd>A protocol created by Netscape Communications Corporation for general
398 communication authentication and encryption over TCP/IP networks. The most
399 popular usage is <em>HTTPS</em>, i.e. the HyperText Transfer Protocol (HTTP)
401 See: <a href="ssl/">SSL/TLS Encryption</a>
404 <dt><a name="serversideincludes" id="serversideincludes">Server Side
405 Includes</a> <a name="ssi" id="ssi">(SSI)</a></dt>
406 <dd>A technique for embedding processing directives inside HTML files.<br />
407 See: <a href="howto/ssi.html">Introduction to Server Side Includes</a>
410 <dt><a name="session" id="session">Session</a></dt>
411 <dd>The context information of a communication in general.</dd>
413 <dt><a name="ssleay" id="ssleay">SSLeay</a></dt>
414 <dd>The original SSL/TLS implementation library developed by Eric A.
418 <dt><a name="symmetriccryptophraphy" id="symmetriccryptophraphy">Symmetric
419 Cryptography</a></dt>
420 <dd>The study and application of <em>Ciphers</em> that use a single secret key
421 for both encryption and decryption operations.<br />
422 See: <a href="ssl/">SSL/TLS Encryption</a>
425 <dt><a name="tarball" id="tarball">Tarball</a></dt>
426 <dd>A package of files gathered together using the <code>tar</code> utility.
427 Apache distributions are stored in compressed tar archives or using
431 <dt><a name="transportlayersecurity" id="transportlayersecurity">Transport
432 Layer Security</a> <a name="tls" id="tls">(TLS)</a></dt>
433 <dd>The successor protocol to SSL, created by the Internet Engineering Task
434 Force (IETF) for general communication authentication and encryption over
435 TCP/IP networks. TLS version 1 and is nearly identical with SSL version
437 See: <a href="ssl/">SSL/TLS Encryption</a>
440 <dt><a name="uniformresourcelocator" id="uniformresourcelocator">Uniform
441 Resource Locator</a> <a name="url" id="url">(URL)</a></dt>
442 <dd>The name/address of a resource on the Internet. This is the common
443 informal term for what is formally called a <glossary
444 ref="uniformresourceidentifier">Uniform Resource Identifier</glossary>.
445 URLs are usually made up of a scheme, like <code>http</code> or
446 <code>https</code>, a hostname, and a path. A URL for this page might
447 be <code>http://httpd.apache.org/docs/&httpd.docs;/glossary.html</code>.
450 <dt><a name="uniformresourceidentifier"
451 id="uniformresourceidentifier">Uniform Resource Identifier</a>
452 <a name="URI" id="URI">(URI)</a></dt>
453 <dd>A compact string of characters for identifying an abstract or physical
454 resource. It is formally defined by <a
455 href="http://www.ietf.org/rfc/rfc2396.txt">RFC 2396</a>. URIs used on the
456 world-wide web are commonly referred to as <glossary
457 ref="url">URLs</glossary>.
460 <dt><a name="virtualhosting" id="virtualhosting">Virtual Hosting</a></dt>
461 <dd>Serving multiple websites using a single instance of Apache. <em>IP
462 virtual hosting</em> differentiates between websites based on their IP
463 address, while <em>name-based virtual hosting</em> uses only the name of the
464 host and can therefore host many sites on the same IP address.<br />
465 See: <a href="vhosts/">Apache Virtual Host documentation</a>
468 <dt><a name="x.509" id="x.509">X.509</a></dt>
469 <dd>An authentication certificate scheme recommended by the International
470 Telecommunication Union (ITU-T) which is used for SSL/TLS authentication.<br
471 /> See: <a href="ssl/">SSL/TLS Encryption</a>