1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
4 <TITLE>Apache Core Features</TITLE>
7 <!-- Background white, links blue (unvisited), navy (visited), red (active) -->
15 <!--#include virtual="header.html" -->
17 <H1 ALIGN="CENTER">Apache Core Features</H1>
19 These configuration parameters control the core Apache features, and are
24 <LI><A HREF="#accessfilename">AccessFileName</A>
25 <LI><A HREF="#adddefaultcharset">AddDefaultCharset</A>
26 <LI><A HREF="#addmodule">AddModule</A>
27 <LI><A HREF="#allowoverride">AllowOverride</A>
28 <LI><A HREF="#authname">AuthName</A>
29 <LI><A HREF="#authtype">AuthType</A>
30 <LI><A HREF="#clearmodulelist">ClearModuleList</A>
31 <LI><A HREF="#contentdigest">ContentDigest</A>
32 <LI><A HREF="#coredumpdirectory">CoreDumpDirectory</A>
33 <LI><A HREF="#defaulttype">DefaultType</A>
34 <LI><A HREF="#directory"><Directory></A>
35 <LI><A HREF="#directorymatch"><DirectoryMatch></A>
36 <LI><A HREF="#documentroot">DocumentRoot</A>
37 <LI><A HREF="#errordocument">ErrorDocument</A>
38 <LI><A HREF="#errorlog">ErrorLog</A>
39 <LI><A HREF="#files"><Files></A>
40 <LI><A HREF="#filesmatch"><FilesMatch></A>
41 <LI><A HREF="#hostnamelookups">HostNameLookups</A>
42 <LI><A HREF="#identitycheck">IdentityCheck</A>
43 <LI><A HREF="#ifdefine"><IfDefine></A>
44 <LI><A HREF="#ifmodule"><IfModule></A>
45 <LI><A HREF="#include">Include</A>
46 <LI><A HREF="#keepalive">KeepAlive</A>
47 <LI><A HREF="#keepalivetimeout">KeepAliveTimeout</A>
48 <LI><A HREF="#limit"><Limit></A>
49 <LI><A HREF="#limitexcept"><LimitExcept></A>
50 <LI><A HREF="#limitrequestbody">LimitRequestBody</A>
51 <LI><A HREF="#limitrequestfields">LimitRequestFields</A>
52 <LI><A HREF="#limitrequestfieldsize">LimitRequestFieldsize</A>
53 <LI><A HREF="#limitrequestline">LimitRequestLine</A>
54 <LI><A HREF="#limitxmlrequestbody">LimitXMLRequestBody</A>
55 <LI><A HREF="#location"><Location></A>
56 <LI><A HREF="#locationmatch"><LocationMatch></A>
57 <LI><A HREF="#loglevel">LogLevel</A>
58 <LI><A HREF="#maxkeepaliverequests">MaxKeepAliveRequests</A>
59 <LI><A HREF="#namevirtualhost">NameVirtualHost</A>
60 <LI><A HREF="#options">Options</A>
61 <LI><A HREF="#port">Port</A>
62 <LI><A HREF="#require">Require</A>
63 <LI><A HREF="#rlimitcpu">RLimitCPU</A>
64 <LI><A HREF="#rlimitmem">RLimitMEM</A>
65 <LI><A HREF="#rlimitnproc">RLimitNPROC</A>
66 <LI><A HREF="#satisfy">Satisfy</A>
67 <LI><A HREF="#scriptinterpretersource">ScriptInterpreterSource</A>
68 <LI><A HREF="#serveradmin">ServerAdmin</A>
69 <LI><A HREF="#serveralias">ServerAlias</A>
70 <LI><A HREF="#servername">ServerName</A>
71 <LI><A HREF="#serverpath">ServerPath</A>
72 <LI><A HREF="#serverroot">ServerRoot</A>
73 <LI><A HREF="#serversignature">ServerSignature</A>
74 <LI><A HREF="#servertokens">ServerTokens</A>
75 <LI><A HREF="#setinputfilter">SetInputFilter</A>
76 <LI><A HREF="#setoutputfilter">SetOutputFilter</A>
77 <LI><A HREF="#timeout">TimeOut</A>
78 <LI><A HREF="#usecanonicalname">UseCanonicalName</A>
79 <LI><A HREF="#virtualhost"><VirtualHost></A>
83 <H2><A NAME="accessfilename">AccessFileName directive</A></H2>
84 <!--%plaintext <?INDEX {\tt AccessFileName} directive> -->
86 HREF="directive-dict.html#Syntax"
88 ><STRONG>Syntax:</STRONG></A> AccessFileName <EM>filename</em>
89 [<em>filename</em>] ...<BR>
91 HREF="directive-dict.html#Default"
93 ><STRONG>Default:</STRONG></A> <CODE>AccessFileName .htaccess</CODE><BR>
95 HREF="directive-dict.html#Context"
97 ><STRONG>Context:</STRONG></A> server config, virtual host<BR>
99 HREF="directive-dict.html#Status"
101 ><STRONG>Status:</STRONG></A> core<BR>
103 HREF="directive-dict.html#Compatibility"
105 ><STRONG>Compatibility:</STRONG></A> AccessFileName can accept more than
106 one filename only in Apache 1.3 and later<P>
108 When returning a document to the client the server looks for the first existing
109 access control file from this list of names in every directory of the path to
110 the document, if access control files are enabled for that directory.
113 <BLOCKQUOTE><CODE>AccessFileName .acl</CODE></BLOCKQUOTE>
114 before returning the document /usr/local/web/index.html, the
115 server will read /.acl, /usr/.acl, /usr/local/.acl and /usr/local/web/.acl
116 for directives, unless they have been disabled with
118 <Directory /><BR>
119 AllowOverride None<BR>
120 </Directory></CODE>
123 <P><STRONG>See Also:</STRONG>
124 <A HREF="#allowoverride">AllowOverride</a></P>
127 <H2><A NAME="adddefaultcharset">AddDefaultCharset directive</A></H2>
128 <A HREF="directive-dict.html#Syntax" REL="Help"><STRONG>Syntax:</STRONG></A>
129 AddDefaultCharset On|Off|<em>charset</em><BR>
130 <A HREF="directive-dict.html#Context" REL="Help" ><STRONG>Context:</STRONG></A>
132 <A HREF="directive-dict.html#Status" REL="Help" ><STRONG>Status:</STRONG></A>
134 <A HREF="directive-dict.html#Default" REL="Help"><STRONG>Default:</STRONG></A>
135 <CODE>AddDefaultCharset Off</CODE><BR>
136 <A HREF="directive-dict.html#Compatibility" REL="Help"><STRONG>Compatibility:
137 </STRONG></A> AddDefaultCharset is only available in Apache 1.3.12 and
139 This directive specifies the name of the character set that will be added
140 to any response that does not have any parameter on the content
141 type in the HTTP headers. This will override any character set specified
142 in the body of the document via a <CODE>META</CODE> tag. A setting
143 of <CODE>AddDefaultCharset Off</CODE> disables this functionality.
144 <CODE>AddDefaultCharset On</CODE> enables Apache's internal
145 default charset of <code>iso-8859-1</code> as required by the
146 directive. You can also specify an alternate <em>charset</em> to be used;
147 e.g. <code>AddDefaultCharset utf-8</code>.
150 <H2><A NAME="addmodule">AddModule directive</A></H2>
151 <!--%plaintext <?INDEX {\tt AddModule} directive> -->
153 HREF="directive-dict.html#Syntax"
155 ><STRONG>Syntax:</STRONG></A> AddModule <EM>module</em> [<em>module</em>] ...<BR>
157 HREF="directive-dict.html#Context"
159 ><STRONG>Context:</STRONG></A> server config <BR>
161 HREF="directive-dict.html#Status"
163 ><STRONG>Status:</STRONG></A> core<BR>
165 HREF="directive-dict.html#Compatibility"
167 ><STRONG>Compatibility:</STRONG></A> AddModule is only available in
168 Apache 1.2 and later<P>
170 The server can have modules compiled in which are not actively in use.
171 This directive can be used to enable the use of those modules. The
172 server comes with a pre-loaded list of active modules; this list can
173 be cleared with the <A HREF="#clearmodulelist">ClearModuleList</A>
176 <H2><A NAME="allowoverride">AllowOverride directive</A></H2>
177 <!--%plaintext <?INDEX {\tt AllowOverride} directive> -->
179 HREF="directive-dict.html#Syntax"
181 ><STRONG>Syntax:</STRONG></A> AllowOverride All|None|<EM>directive-type</em>
182 [<em>directive-type</em>] ...<BR>
184 HREF="directive-dict.html#Default"
186 ><STRONG>Default:</STRONG></A> <CODE>AllowOverride All</CODE><BR>
188 HREF="directive-dict.html#Context"
190 ><STRONG>Context:</STRONG></A> directory<BR>
192 HREF="directive-dict.html#Status"
194 ><STRONG>Status:</STRONG></A> core<P>
196 <p>When the server finds an .htaccess file (as specified by
197 <A HREF="#accessfilename">AccessFileName</A>) it needs to know which
198 directives declared in that file can override earlier access information.</p>
200 <p>When this directive is set to <code>None</code>, then
201 .htaccess files are completely ignored. In this case, the server
202 will not even attempt to read .htaccess files in the filesystem.</p>
204 <p>When this directive is set to <code>All</code>, then any directive
205 which has the .htaccess <a
206 href="directive-dict.html#Context">Context</a> is allowed in .htaccess
209 <p>The <em>directive-type</em> can be one of the following groupings
214 <!--%plaintext <?INDEX {\tt AuthConfig} override> -->
215 Allow use of the authorization directives
216 (<A HREF="mod_auth_dbm.html#authdbmgroupfile">AuthDBMGroupFile</A>,
217 <A HREF="mod_auth_dbm.html#authdbmuserfile">AuthDBMUserFile</A>,
218 <A HREF="mod_auth.html#authgroupfile">AuthGroupFile</A>,
219 <A HREF="#authname">AuthName</A>, <A HREF="#authtype">AuthType</A>,
220 <A HREF="mod_auth.html#authuserfile">AuthUserFile</A>,
221 <A HREF="#require">Require</A>, <EM>etc.</EM>).
224 <!--%plaintext <?INDEX {\tt FileInfo} override> -->
225 Allow use of the directives controlling document types
226 (<A HREF="mod_mime.html#addencoding">AddEncoding</A>,
227 <A HREF="mod_mime.html#addlanguage">AddLanguage</A>,
228 <A HREF="mod_mime.html#addtype">AddType</A>,
229 <A HREF="#defaulttype">DefaultType</A>,
230 <A HREF="#errordocument">ErrorDocument</A>,
231 <A HREF="mod_negotiation.html#languagepriority">LanguagePriority</A>, <EM>etc.</EM>).
234 <!--%plaintext <?INDEX {\tt Indexes} override> -->
235 Allow use of the directives controlling directory indexing
236 (<A HREF="mod_autoindex.html#adddescription">AddDescription</A>,
237 <A HREF="mod_autoindex.html#addicon">AddIcon</A>,
238 <A HREF="mod_autoindex.html#addiconbyencoding">AddIconByEncoding</A>,
239 <A HREF="mod_autoindex.html#addiconbytype">AddIconByType</A>,
240 <A HREF="mod_autoindex.html#defaulticon">DefaultIcon</A>,
241 <A HREF="mod_dir.html#directoryindex">DirectoryIndex</A>,
242 <A HREF="mod_autoindex.html#fancyindexing">FancyIndexing</A>,
243 <A HREF="mod_autoindex.html#headername">HeaderName</A>,
244 <A HREF="mod_autoindex.html#indexignore">IndexIgnore</A>,
245 <A HREF="mod_autoindex.html#indexoptions">IndexOptions</A>,
246 <A HREF="mod_autoindex.html#readmename">ReadmeName</A>, <EM>etc.</EM>).
249 <!--%plaintext <?INDEX {\tt Limit} override> -->
250 Allow use of the directives controlling host access (Allow, Deny and Order).
253 <!--%plaintext <?INDEX {\tt Options} override> -->
254 Allow use of the directives controlling specific directory features
255 (<A HREF="#options">Options</A> and
256 <A HREF="mod_include.html#xbithack">XBitHack</A>).
259 <P><STRONG>See Also:</STRONG>
260 <A HREF="#accessfilename">AccessFileName</A></P>
263 <H2><A NAME="authname">AuthName directive</A></H2>
264 <!--%plaintext <?INDEX {\tt AuthName} directive> -->
266 HREF="directive-dict.html#Syntax"
268 ><STRONG>Syntax:</STRONG></A> AuthName <EM>auth-domain</EM><BR>
270 HREF="directive-dict.html#Context"
272 ><STRONG>Context:</STRONG></A> directory, .htaccess<BR>
274 HREF="directive-dict.html#Override"
276 ><STRONG>Override:</STRONG></A> AuthConfig<BR>
278 HREF="directive-dict.html#Status"
280 ><STRONG>Status:</STRONG></A> core<P>
282 This directive sets the name of the authorization realm for a directory.
283 This realm is given to the client so that the user knows which username and
284 password to send. <SAMP>AuthName</SAMP> takes a single argument;
285 if the realm name contains spaces, it must be enclosed in quotation marks.
286 It must be accompanied by <A HREF="#authtype">AuthType</A> and
287 <A HREF="#require">Require</A> directives, and directives such as
288 <A HREF="mod_auth.html#authuserfile">AuthUserFile</A> and
289 <A HREF="mod_auth.html#authgroupfile">AuthGroupFile</A> to work.<P><HR>
291 <H2><A NAME="authtype">AuthType directive</A></H2>
292 <!--%plaintext <?INDEX {\tt AuthType} directive> -->
294 HREF="directive-dict.html#Syntax"
296 ><STRONG>Syntax:</STRONG></A> AuthType Basic|Digest<BR>
298 HREF="directive-dict.html#Context"
300 ><STRONG>Context:</STRONG></A> directory, .htaccess<BR>
302 HREF="directive-dict.html#Override"
304 ><STRONG>Override:</STRONG></A> AuthConfig<BR>
306 HREF="directive-dict.html#Status"
308 ><STRONG>Status:</STRONG></A> core<P>
310 This directive selects the type of user authentication for a directory.
311 Only <CODE>Basic</CODE> and <CODE>Digest</CODE> are currently implemented.
312 <!--%plaintext <?INDEX {\tt Basic} authentication scheme> -->
313 It must be accompanied by <A HREF="#authname">AuthName</A> and
314 <A HREF="#require">Require</A> directives, and directives such as
315 <A HREF="mod_auth.html#authuserfile">AuthUserFile</A> and
316 <A HREF="mod_auth.html#authgroupfile">AuthGroupFile</A> to work.<P><HR>
318 <H2><A NAME="clearmodulelist">ClearModuleList directive</A></H2>
319 <!--%plaintext <?INDEX {\tt ClearModuleList} directive> -->
321 HREF="directive-dict.html#Syntax"
323 ><STRONG>Syntax:</STRONG></A> ClearModuleList<BR>
325 HREF="directive-dict.html#Context"
327 ><STRONG>Context:</STRONG></A> server config<BR>
329 HREF="directive-dict.html#Status"
331 ><STRONG>Status:</STRONG></A> core<BR>
333 HREF="directive-dict.html#Compatibility"
335 ><STRONG>Compatibility:</STRONG></A> ClearModuleList is only available in
336 Apache 1.2 and later<P>
338 The server comes with a built-in list of active modules. This
339 directive clears the list. It is assumed that the list will then be
340 re-populated using the <A HREF="#addmodule">AddModule</A> directive.<P><HR>
342 <H2><A NAME="contentdigest">ContentDigest directive</A></H2>
343 <!--%plaintext <?INDEX {\tt ContentDigest} directive> -->
345 HREF="directive-dict.html#Syntax"
347 ><STRONG>Syntax:</STRONG></A> ContentDigest on|off<BR>
349 HREF="directive-dict.html#Default"
351 ><STRONG>Default:</STRONG></A> <CODE>ContentDigest off</CODE><BR>
353 HREF="directive-dict.html#Context"
355 ><STRONG>Context:</STRONG></A> server config, virtual host, directory,
358 HREF="directive-dict.html#Override"
360 ><STRONG>Override:</STRONG></A> Options<BR>
362 HREF="directive-dict.html#Status"
364 ><STRONG>Status:</STRONG></A> experimental<BR>
366 HREF="directive-dict.html#Compatibility"
368 ><STRONG>Compatibility:</STRONG></A> ContentDigest is only available in
369 Apache 1.1 and later<P>
371 This directive enables the generation of <CODE>Content-MD5</CODE> headers
372 as defined in RFC1864 respectively RFC2068.<P>
374 MD5 is an algorithm for computing a "message digest" (sometimes called
375 "fingerprint") of arbitrary-length data, with a high degree of confidence
376 that any alterations in the data will be reflected in alterations in the
379 The <CODE>Content-MD5</CODE> header provides an end-to-end message
380 integrity check (MIC) of the entity-body. A proxy or client may check this
381 header for detecting accidental modification of the entity-body
384 <PRE> Content-MD5: AuLb7Dp1rqtRtxz2m9kRpA==</PRE><P>
386 Note that this can cause performance problems on your server
387 since the message digest is computed on every request
388 (the values are not cached).<P>
390 <CODE>Content-MD5</CODE> is only sent for documents served by the
391 core, and not by any module. For example, SSI documents, output from
392 CGI scripts, and byte range responses do not have this header.
396 <H2><A NAME="defaulttype">DefaultType directive</A></H2>
397 <!--%plaintext <?INDEX {\tt DefaultType} directive> -->
399 HREF="directive-dict.html#Syntax"
401 ><STRONG>Syntax:</STRONG></A> DefaultType <EM>MIME-type</EM><BR>
403 HREF="directive-dict.html#Default"
405 ><STRONG>Default:</STRONG></A> <CODE>DefaultType text/html</CODE><BR>
407 HREF="directive-dict.html#Context"
409 ><STRONG>Context:</STRONG></A> server config, virtual host, directory,
412 HREF="directive-dict.html#Override"
414 ><STRONG>Override:</STRONG></A> FileInfo<BR>
416 HREF="directive-dict.html#Status"
418 ><STRONG>Status:</STRONG></A> core<P>
420 There will be times when the server is asked to provide a document
421 whose type cannot be determined by its MIME types mappings.<P>
423 The server must inform the client of the content-type of the document, so in
424 the event of an unknown type it uses the <CODE>DefaultType</CODE>. For
426 <BLOCKQUOTE><CODE>DefaultType image/gif</CODE></BLOCKQUOTE>
427 would be appropriate for a directory which contained many gif images
428 with filenames missing the .gif extension.<P><HR>
430 <H2><A NAME="directory"><Directory> directive</A></H2>
431 <!--%plaintext <?INDEX {\tt Directory} section directive> -->
433 HREF="directive-dict.html#Syntax"
435 ><STRONG>Syntax:</STRONG></A> <Directory <EM>directory-path</EM>>
436 ... </Directory> <BR>
438 HREF="directive-dict.html#Context"
440 ><STRONG>Context:</STRONG></A> server config, virtual host<BR>
442 HREF="directive-dict.html#Status"
444 ><STRONG>Status:</STRONG></A> Core. <P>
446 <Directory> and </Directory> are used to enclose a group
447 of directives which will apply only to the named directory and
448 sub-directories of that directory. Any directive which is allowed in a
449 directory context may be used. <EM>Directory-path</EM> is either the
450 full path to a directory, or a wild-card string. In a wild-card
451 string, `?' matches any single character, and `*' matches any
452 sequences of characters. As of Apache 1.3, you may also use `[]'
453 character ranges like in the shell. Also as of Apache 1.3 none of the
454 wildcards match a `/' character, which more closely mimics the
455 behaviour of Unix shells. Example: <PRE>
456 <Directory /usr/local/httpd/htdocs>
457 Options Indexes FollowSymLinks
461 <P><STRONG>Apache 1.2 and above:</STRONG>
462 Extended regular expressions can also be used, with the addition of the
463 <CODE>~</CODE> character. For example:</P>
466 <Directory ~ "^/www/.*/[0-9]{3}">
469 would match directories in /www/ that consisted of three numbers.
471 <P>If multiple (non-regular expression) directory sections match the
472 directory (or its parents) containing
473 a document, then the directives are applied in the order of shortest match
474 first, interspersed with the directives from the
475 <A HREF="#accessfilename">.htaccess</A> files. For example, with
477 <Directory /><BR>
478 AllowOverride None<BR>
479 </Directory><BR><BR>
480 <Directory /home/*><BR>
481 AllowOverride FileInfo<BR>
482 </Directory></CODE></BLOCKQUOTE>
483 for access to the document <CODE>/home/web/dir/doc.html</CODE> the
486 <LI>Apply directive <CODE>AllowOverride None</CODE> (disabling
487 <CODE>.htaccess</CODE> files).
488 <LI>Apply directive <CODE>AllowOverride FileInfo</CODE> (for directory
489 <CODE>/home/web</CODE>).
490 <LI>Apply any FileInfo directives in <CODE>/home/web/.htaccess</CODE>
494 Regular expression directory sections are handled slightly differently
495 by Apache 1.2 and 1.3. In Apache 1.2 they are interspersed with the normal
496 directory sections and applied in the order they appear in the configuration
497 file. They are applied only once, and apply when the shortest match
498 possible occurs. In Apache 1.3 regular expressions are not considered
499 until after all of the normal sections have been applied. Then all of
500 the regular expressions are tested in the order they appeared in the
501 configuration file. For example, with
503 <Directory ~ abc$><BR>
504 ... directives here ...<BR>
505 </Directory><BR>
507 Suppose that the filename being accessed is
508 <CODE>/home/abc/public_html/abc/index.html</CODE>. The server
509 considers each of <CODE>/</CODE>, <CODE>/home</CODE>, <CODE>/home/abc</CODE>,
510 <CODE>/home/abc/public_html</CODE>, and <CODE>/home/abc/public_html/abc</CODE>
511 in that order. In Apache 1.2, when
512 <CODE>/home/abc</CODE> is considered, the regular expression will match
513 and be applied. In Apache 1.3 the regular expression isn't considered
514 at all at that point in the tree. It won't be considered until after
515 all normal <Directory>s and <CODE>.htaccess</CODE> files have
516 been applied. Then the regular expression will
517 match on <CODE>/home/abc/public_html/abc</CODE> and be applied.
522 Note that the default Apache access for <Directory /> is
523 <SAMP>Allow from All</SAMP>. This means that Apache will serve any file
524 mapped from an URL. It is recommended that you change this with a block
535 and then override this for directories you <EM>want</EM> accessible.
538 HREF="../misc/security_tips.html"
540 page for more details.
544 The directory sections typically occur in the access.conf file, but they
545 may appear in any configuration file. <Directory> directives cannot
546 nest, and cannot appear in a <A HREF="#limit"><Limit></A> or
547 <A HREF="#limitexcept"><LimitExcept></A> section.
550 <STRONG>See also</STRONG>: <A HREF="../sections.html">How Directory,
551 Location and Files sections work</A> for an explanation of how these
552 different sections are combined when a request is received
556 <H2><A NAME="directorymatch"><DirectoryMatch></A></H2>
558 HREF="directive-dict.html#Syntax"
560 ><STRONG>Syntax:</STRONG></A> <DirectoryMatch <EM>regex</EM>>
561 ... </DirectoryMatch> <BR>
563 HREF="directive-dict.html#Context"
565 ><STRONG>Context:</STRONG></A> server config, virtual host<BR>
567 HREF="directive-dict.html#Status"
569 ><STRONG>Status:</STRONG></A> Core.<BR>
571 HREF="directive-dict.html#Compatibility"
573 ><STRONG>Compatibility:</STRONG></A> Available in Apache 1.3 and later
575 <P><DirectoryMatch> and </DirectoryMatch> are used to enclose a
577 directives which will apply only to the named directory and sub-directories
578 of that directory, the same as <A
579 HREF="#directory"><Directory></A>. However, it takes as an
580 argument a regular expression. For example:</P>
583 <DirectoryMatch "^/www/.*/[0-9]{3}">
586 <P>would match directories in /www/ that consisted of three numbers.</P>
588 <P><STRONG>See Also:</STRONG>
589 <A HREF="#directory"><Directory></A> for a description of how
590 regular expressions are mixed in with normal <Directory>s.
592 <STRONG>See also</STRONG>: <A HREF="../sections.html">How Directory,
593 Location and Files sections work</A> for an explanation of how these
594 different sections are combined when a request is received
598 <H2><A NAME="documentroot">DocumentRoot directive</A></H2>
599 <!--%plaintext <?INDEX {\tt DocumentRoot} directive> -->
601 HREF="directive-dict.html#Syntax"
603 ><STRONG>Syntax:</STRONG></A> DocumentRoot <EM>directory-path</EM><BR>
605 HREF="directive-dict.html#Default"
607 ><STRONG>Default:</STRONG></A> <CODE>DocumentRoot
608 /usr/local/apache/htdocs</CODE><BR>
610 HREF="directive-dict.html#Context"
612 ><STRONG>Context:</STRONG></A> server config, virtual host<BR>
614 HREF="directive-dict.html#Status"
616 ><STRONG>Status:</STRONG></A> core<P>
618 This directive sets the directory from which httpd will serve files.
619 Unless matched by a directive like Alias, the server appends the path
620 from the requested URL to the document root to make the path to the
622 <BLOCKQUOTE><CODE>DocumentRoot /usr/web</CODE></BLOCKQUOTE>
623 then an access to <CODE>http://www.my.host.com/index.html</CODE> refers
624 to <CODE>/usr/web/index.html</CODE>.
626 <P>There appears to be a bug in mod_dir which causes problems when the
627 DocumentRoot has a trailing slash (<EM>i.e.</EM>, "DocumentRoot /usr/web/") so
632 <H2><A NAME="errordocument">ErrorDocument directive</A></H2>
633 <!--%plaintext <?INDEX {\tt ErrorDocument} directive> -->
635 HREF="directive-dict.html#Syntax"
637 ><STRONG>Syntax:</STRONG></A> ErrorDocument <EM>error-code document</EM><BR>
639 HREF="directive-dict.html#Context"
641 ><STRONG>Context:</STRONG></A> server config, virtual host, directory,
644 HREF="directive-dict.html#Status"
646 ><STRONG>Status:</STRONG></A> core<BR>
648 HREF="directive-dict.html#Override"
650 ><STRONG>Override:</STRONG></A> FileInfo<BR>
652 HREF="directive-dict.html#Compatibility"
654 ><STRONG>Compatibility:</STRONG></A> The directory and .htaccess contexts
655 are only available in Apache 1.1 and later. The quoting syntax prior to
656 Apache 2.0 was different.<P>
658 In the event of a problem or error, Apache can be configured to do
662 <LI>output a simple hardcoded error message
663 <LI>output a customized message
664 <LI>redirect to a local <em>URL-path</em> to handle the problem/error
665 <LI>redirect to an external <em>URL</em> to handle the problem/error
668 <P>The first option is the default, while options 2-4 are configured
669 using the <CODE>ErrorDocument</CODE> directive, which is followed by
670 the HTTP response code and a URL or a message. Apache will sometimes
671 offer additional information regarding the problem/error.
673 <P>URLs can begin with a slash (/) for local URLs, or be a full
674 URL which the client can resolve. Alternatively, a message can be
675 provided to be displayed by the browser. Examples:
677 ErrorDocument 500 http://foo.example.com/cgi-bin/tester<BR>
678 ErrorDocument 404 /cgi-bin/bad_urls.pl<BR>
679 ErrorDocument 401 /subscription_info.html<BR>
680 ErrorDocument 403 "Sorry can't allow you access today"
683 <P>Note that when you specify an <CODE>ErrorDocument</CODE> that
684 points to a remote URL (ie. anything with a method such as "http" in
685 front of it), Apache will send a redirect to the client to tell it
686 where to find the document, even if the document ends up being on the
687 same server. This has several implications, the most important being
688 that the client will not receive the original error status code, but
689 instead will receive a redirect status code. This in turn can confuse
690 web robots and other clients which try to determine if a URL is valid
691 using the status code. In addition, if you use a remote URL in an
692 <code>ErrorDocument 401</code>, the client will not know to prompt the
693 user for a password since it will not receive the 401 status
694 code. Therefore, <STRONG>if you use an "ErrorDocument 401" directive
695 then it must refer to a local document.</STRONG>
698 <P>Prior to version 2.0, messages were indicated by prefixing them
699 with a single unmatched double quote character.
701 <P>See Also: <A HREF="../custom-error.html">documentation of customizable
702 responses.</A><P><HR>
704 <H2><A NAME="errorlog">ErrorLog directive</A></H2>
705 <!--%plaintext <?INDEX {\tt ErrorLog} directive> -->
707 HREF="directive-dict.html#Syntax"
709 ><STRONG>Syntax:</STRONG></A> ErrorLog <EM>file-path</EM>|syslog[:<em>facility</em>]
712 HREF="directive-dict.html#Default"
714 ><STRONG>Default:</STRONG></A> <CODE>ErrorLog logs/error_log</CODE> (Unix)<BR>
716 HREF="directive-dict.html#Default"
718 ><STRONG>Default:</STRONG></A> <CODE>ErrorLog logs/error.log</CODE>
719 (Windows and OS/2)<BR>
721 HREF="directive-dict.html#Context"
723 ><STRONG>Context:</STRONG></A> server config, virtual host<BR>
725 HREF="directive-dict.html#Status"
727 ><STRONG>Status:</STRONG></A> core<P>
729 The error log directive sets the name of the file to which the server
730 will log any errors it encounters. If the <em>file-path</em> does not
731 begin with a slash (/) then it is assumed to be relative to the <A
732 HREF="#serverroot">ServerRoot</A>. If the <em>file-path</em> begins
733 with a pipe (|) then it is assumed to be a command to spawn to handle
736 <P><STRONG>Apache 1.3 and above:</STRONG>
737 Using <CODE>syslog</CODE> instead of a filename enables logging via syslogd(8)
738 if the system supports it. The default is to use syslog facility
739 <CODE>local7</CODE>, but you can override this by using the
740 <CODE>syslog:</CODE><EM>facility</EM> syntax where <EM>facility</EM> can be
741 one of the names usually documented in syslog(1).
745 <A HREF="../misc/security_tips.html#serverroot">security tips</A>
746 document for details on why your security could be compromised if
747 the directory where logfiles are stored is writable by anyone other
748 than the user that starts the server.
750 <P><STRONG>See also:</STRONG> <A HREF="#loglevel">LogLevel</A> and
751 <a href="../logs.html">Apache Log Files</a>
754 <H2><A NAME="files"><Files> directive</A></H2>
756 HREF="directive-dict.html#Syntax"
758 ><STRONG>Syntax:</STRONG></A> <Files <EM>filename</EM>>
759 ... </Files><BR>
761 HREF="directive-dict.html#Context"
763 ><STRONG>Context:</STRONG></A> server config, virtual host, .htaccess<BR>
765 HREF="directive-dict.html#Status"
767 ><STRONG>Status:</STRONG></A> core<BR>
769 HREF="directive-dict.html#Compatibility"
771 ><STRONG>Compatibility:</STRONG></A> only available in Apache
774 <P>The <Files> directive provides for access control by
775 filename. It is comparable to the <A
776 HREF="#directory"><Directory></A> directive and
777 <A HREF="#location"><Location></A> directives. It
778 should be matched with a </Files> directive. The
779 directives given within this section will be applied to any
780 object with a basename (last component of filename) matching
781 the specified filename.
782 <CODE><Files></CODE> sections are processed in the
783 order they appear in the configuration file, after the
784 <Directory> sections and <CODE>.htaccess</CODE> files are
785 read, but before <Location> sections. Note that
786 <Files> can be nested inside <Directory>
787 sections to restrict the portion of the filesystem they
790 <P>The <EM>filename</EM> argument should include a filename, or a
791 wild-card string, where `?' matches any single character, and `*' matches any
792 sequences of characters. Extended regular expressions can also be used,
794 the <CODE>~</CODE> character. For example:</P>
797 <Files ~ "\.(gif|jpe?g|png)$">
800 would match most common Internet graphics formats. In Apache 1.3 and
801 later, <A HREF="#filesmatch"><FilesMatch></A> is preferred,
804 <P>Note that unlike <A
805 HREF="#directory"><CODE><Directory></CODE></A> and <A
806 HREF="#location"><CODE><Location></CODE></A> sections,
807 <CODE><Files></CODE> sections can be used inside .htaccess
808 files. This allows users to control access to their own files, at a
813 <STRONG>See also</STRONG>: <A HREF="../sections.html">How Directory,
814 Location and Files sections work</A> for an explanation of how these
815 different sections are combined when a request is received
819 <H2><A NAME="filesmatch"><FilesMatch></A></H2>
821 HREF="directive-dict.html#Syntax"
823 ><STRONG>Syntax:</STRONG></A> <FilesMatch <EM>regex</EM>>
824 ... </FilesMatch><BR>
826 HREF="directive-dict.html#Context"
828 ><STRONG>Context:</STRONG></A> server config, virtual host, .htaccess<BR>
830 HREF="directive-dict.html#Status"
832 ><STRONG>Status:</STRONG></A> core<BR>
834 HREF="directive-dict.html#Compatibility"
836 ><STRONG>Compatibility:</STRONG></A> only available in Apache
839 <P>The <FilesMatch> directive provides for access control by
840 filename, just as the <A HREF="#files"><Files></A> directive
841 does. However, it accepts a regular expression. For example:</P>
844 <FilesMatch "\.(gif|jpe?g|png)$">
847 <P>would match most common Internet graphics formats.</P>
849 <STRONG>See also</STRONG>: <A HREF="../sections.html">How Directory,
850 Location and Files sections work</A> for an explanation of how these
851 different sections are combined when a request is received
855 <H2><A NAME="hostnamelookups">HostNameLookups directive</A></H2>
856 <!--%plaintext <?INDEX {\tt HostNameLookups} directive> -->
858 HREF="directive-dict.html#Syntax"
860 ><STRONG>Syntax:</STRONG></A> HostNameLookups on|off|double<BR>
862 HREF="directive-dict.html#Default"
864 ><STRONG>Default:</STRONG></A> <CODE>HostNameLookups off</CODE><BR>
866 HREF="directive-dict.html#Context"
868 ><STRONG>Context:</STRONG></A> server config, virtual host, directory<BR>
870 HREF="directive-dict.html#Status"
872 ><STRONG>Status:</STRONG></A> core<BR>
874 HREF="directive-dict.html#Compatibility"
876 ><STRONG>Compatibility:</STRONG></A> <CODE>double</CODE> available only in
880 HREF="directive-dict.html#Compatibility"
882 ><STRONG>Compatibility:</STRONG></A> Default was <CODE>on</CODE> prior to
885 This directive enables DNS lookups so that host names can be logged (and
886 passed to CGIs/SSIs in <CODE>REMOTE_HOST</CODE>).
887 The value <CODE>double</CODE> refers to doing double-reverse DNS.
888 That is, after a reverse lookup is performed, a forward lookup is then
889 performed on that result. At least one of the ip addresses in the forward
890 lookup must match the original address. (In "tcpwrappers" terminology
891 this is called <CODE>PARANOID</CODE>.)<P>
893 Regardless of the setting, when <A HREF="mod_access.html">mod_access</A>
894 is used for controlling access by hostname, a double reverse lookup
895 will be performed. This is necessary for security. Note that the
896 result of this double-reverse isn't generally available unless
897 you set <CODE>HostnameLookups double</CODE>. For example, if only
898 <CODE>HostnameLookups on</CODE> and a request is made to an object that
899 is protected by hostname restrictions, regardless of whether the
900 double-reverse fails or not, CGIs will still be passed the single-reverse
901 result in <CODE>REMOTE_HOST</CODE>.<P>
903 The default for this directive was previously <CODE>on</CODE> in
904 versions of Apache prior to 1.3. It was changed to <CODE>off</CODE>
905 in order to save the network traffic for those sites that don't truly
906 need the reverse lookups done. It is also better for the end users
907 because they don't have to suffer the extra latency that a lookup
908 entails. Heavily loaded sites should leave this directive
909 <CODE>off</CODE>, since DNS lookups can take considerable amounts of
911 href="../programs/logresolve.html">logresolve</a>, provided in the
912 <EM>/support</EM> directory, can be used to look up host names from
913 logged IP addresses offline.<P><HR>
915 <H2><A NAME="identitycheck">IdentityCheck directive</A></H2>
916 <!--%plaintext <?INDEX {\tt IdentityCheck} directive> -->
918 HREF="directive-dict.html#Syntax"
920 ><STRONG>Syntax:</STRONG></A> IdentityCheck on|off<BR>
922 HREF="directive-dict.html#Default"
924 ><STRONG>Default:</STRONG></A> <CODE>IdentityCheck off</CODE><BR>
926 HREF="directive-dict.html#Context"
928 ><STRONG>Context:</STRONG></A> server config, virtual host, directory<BR>
930 HREF="directive-dict.html#Status"
932 ><STRONG>Status:</STRONG></A> core<P>
934 This directive enables RFC1413-compliant logging of the remote user name
935 for each connection, where the client machine runs identd or something similar.
936 This information is logged in the access log. <EM>Boolean</EM> is either
937 <CODE>on</CODE> or <CODE>off</CODE>.<P>
939 The information should not be trusted in any way except for rudimentary usage
942 Note that this can cause serious latency problems accessing your server
943 since every request requires one of these lookups to be performed. When
944 firewalls are involved each lookup might possibly fail and add 30 seconds
945 of latency to each hit. So in general this is not very useful on public
946 servers accessible from the Internet.
949 <H2><A NAME="ifdefine"><IfDefine> directive</A></H2>
951 HREF="directive-dict.html#Syntax"
953 ><STRONG>Syntax:</STRONG></A> <IfDefine [!]<EM>parameter-name</EM>> <EM>...</EM>
954 </IfDefine><BR>
956 HREF="directive-dict.html#Default"
958 ><STRONG>Default:</STRONG></A> None<BR>
960 HREF="directive-dict.html#Context"
962 ><STRONG>Context:</STRONG></A> all<BR>
964 HREF="directive-dict.html#Status"
966 ><STRONG>Status:</STRONG></A> Core<BR>
968 HREF="directive-dict.html#Compatibility"
970 ><STRONG>Compatibility:</STRONG></A> <IfDefine> is only available in
975 The <IfDefine <EM>test</EM>>...</IfDefine>
976 section is used to mark directives that are conditional. The
977 directives within an IfDefine section are only
978 processed if the <EM>test</EM> is true. If <EM>test</EM>
979 is false, everything between the start and end markers
982 The <EM>test</EM> in the <IfDefine> section directive
983 can be one of two forms:
986 <LI><EM>parameter-name</EM>
987 <LI><CODE>!</CODE><EM>parameter-name</EM>
990 <P>In the former case, the directives between the start and end markers are
991 only processed if the parameter named <EM>parameter-name</EM> is defined.
992 The second format reverses the test, and only processes the directives if
993 <EM>parameter-name</EM> is <STRONG>not</STRONG> defined.
995 <P>The <EM>parameter-name</EM> argument is a define as given on the
996 <CODE>httpd</CODE> command line via <CODE>-D</CODE><EM>parameter-</EM>, at the
997 time the server was started.
999 <P><IfDefine> sections are nest-able, which can be used to implement
1000 simple multiple-parameter tests.
1005 $ httpd -DReverseProxy ...
1008 <IfDefine ReverseProxy>
1009 LoadModule rewrite_module modules/mod_rewrite.so
1010 LoadModule proxy_module modules/libproxy.so
1016 <H2><A NAME="ifmodule"><IfModule> directive</A></H2>
1018 HREF="directive-dict.html#Syntax"
1020 ><STRONG>Syntax:</STRONG></A> <IfModule [!]<EM>module-name</EM>>
1022 </IfModule><BR>
1024 HREF="directive-dict.html#Default"
1026 ><STRONG>Default:</STRONG></A> None<BR>
1028 HREF="directive-dict.html#Context"
1030 ><STRONG>Context:</STRONG></A> all<BR>
1032 HREF="directive-dict.html#Status"
1034 ><STRONG>Status:</STRONG></A> Core<BR>
1036 HREF="directive-dict.html#Compatibility"
1038 ><STRONG>Compatibility:</STRONG></A> IfModule is only available in 1.2 and
1043 The <IfModule <EM>test</EM>>...</IfModule>
1044 section is used to mark directives that are conditional. The
1045 directives within an IfModule section are only
1046 processed if the <EM>test</EM> is true. If <EM>test</EM>
1047 is false, everything between the start and end markers
1050 The <EM>test</EM> in the <IfModule> section directive
1051 can be one of two forms:
1054 <LI><EM>module name</EM>
1055 <LI>!<EM>module name</EM>
1058 <P>In the former case, the directives between the start and end markers
1059 are only processed if the module named <EM>module name</EM> is compiled
1060 in to Apache. The second format reverses the test, and only processes
1061 the directives if <EM>module name</EM> is <STRONG>not</STRONG> compiled in.
1063 <P>The <EM>module name</EM> argument is a module name as given as the file
1064 name of the module, at the time it was compiled. For example,
1065 <CODE>mod_rewrite.c</CODE>.
1067 <P><IfModule> sections are nest-able, which can be used to implement
1068 simple multiple-module tests.
1072 <H2><A NAME="include">Include directive</A></H2>
1073 <STRONG>Syntax:</STRONG> Include <EM>file-path</EM>|<em>directory-path</em><BR>
1075 HREF="directive-dict.html#Context"
1077 ><STRONG>Context:</STRONG></A> server config<BR>
1079 HREF="directive-dict.html#Status"
1081 ><STRONG>Status:</STRONG></A> Core<BR>
1083 HREF="directive-dict.html#Compatibility"
1085 ><STRONG>Compatibility:</STRONG></A> Include is only available in Apache 1.3
1088 This directive allows inclusion of other configuration files from within the
1089 server configuration files.
1091 <P>If <CODE>Include</CODE> points to a directory, rather than a file,
1092 Apache will read all files in that directory, and any subdirectory,
1093 and parse those as configuration files.
1097 <H2><A NAME="keepalive">KeepAlive directive</A></H2>
1098 <STRONG>Syntax:</STRONG> KeepAlive on/off<BR>
1099 <STRONG>Default:</STRONG> <CODE>KeepAlive On</CODE><BR>
1101 HREF="directive-dict.html#Context"
1103 ><STRONG>Context:</STRONG></A> server config<BR>
1105 HREF="directive-dict.html#Status"
1107 ><STRONG>Status:</STRONG></A> Core<BR>
1109 HREF="directive-dict.html#Compatibility"
1111 ><STRONG>Compatibility:</STRONG></A> KeepAlive is only available in Apache
1114 <p>The Keep-Alive extension to HTTP/1.0 and the persistent connection
1115 feature of HTTP/1.1 provide long-lived HTTP sessions which allow
1116 multiple requests to be sent over the same TCP connection. In some
1117 cases this has been shown to result in an almost 50% speedup in
1118 latency times for HTML documents with many images. To enable
1119 Keep-Alive connections in Apache 1.2 and later, set <code>KeepAlive
1122 <p>For HTTP/1.0 clients, Keep-Alive connections will only be used if
1123 they are specifically requested by a client. In addition, a
1124 Keep-Alive connection with an HTTP/1.0 client can only be used when
1125 the length of the content is known in advance. This implies that
1126 dynamic content such as CGI output, SSI pages, and server-generated
1127 directory listings will generally not use Keep-Alive connections to
1128 HTTP/1.0 clients. For HTTP/1.1 clients, persistent connections are
1129 the default unless otherwise specified. If the client requests it,
1130 chunked encoding will be used in order to send content of unknown
1131 length over persistent connections.</p>
1134 HREF="#maxkeepaliverequests">MaxKeepAliveRequests</A>.</P>
1138 <H2><A NAME="keepalivetimeout">KeepAliveTimeout directive</A></H2>
1140 HREF="directive-dict.html#Syntax"
1142 ><STRONG>Syntax:</STRONG></A> KeepAliveTimeout <EM>seconds</EM><BR>
1144 HREF="directive-dict.html#Default"
1146 ><STRONG>Default:</STRONG></A> <CODE>KeepAliveTimeout 15</CODE><BR>
1148 HREF="directive-dict.html#Context"
1150 ><STRONG>Context:</STRONG></A> server config<BR>
1152 HREF="directive-dict.html#Status"
1154 ><STRONG>Status:</STRONG></A> Core<BR>
1156 HREF="directive-dict.html#Compatibility"
1158 ><STRONG>Compatibility:</STRONG></A> KeepAliveTimeout is only available in
1159 Apache 1.1 and later.<P>
1161 <p>The number of seconds Apache will wait for a subsequent request
1162 before closing the connection. Once a request has been received, the
1163 timeout value specified by the <A
1164 HREF="#timeout"><CODE>Timeout</CODE></A> directive applies.</p>
1166 <p>Setting <code>KeepAliveTimeout</code> to a high value may
1167 cause performance problems in heavily loaded servers. The
1168 higher the timeout, the more server processes will be kept
1169 occupied waiting on connections with idle clients.</p>
1174 <H2><A NAME="limit"><Limit> directive</A></H2>
1175 <!--%plaintext <?INDEX {\tt Limit} section directive> -->
1177 HREF="directive-dict.html#Syntax"
1179 ><STRONG>Syntax:</STRONG></A>
1180 <Limit <EM>method</em> [<em>method</EM>] ... > ... </Limit><BR>
1182 HREF="directive-dict.html#Context"
1184 ><STRONG>Context:</STRONG></A> any<BR>
1186 HREF="directive-dict.html#Status"
1188 ><STRONG>Status:</STRONG></A> core<P>
1190 Access controls are normally effective for <STRONG>all</STRONG> access
1191 methods, and this is the usual desired behaviour. <STRONG>In the
1192 general case, access control directives should not be placed within a
1193 <CODE><limit></CODE> section.</STRONG>
1195 <P>The purpose of the <Limit> directive is to restrict the effect
1196 of the access controls to the nominated HTTP methods. For all other
1197 methods, the access restrictions that are enclosed in the
1198 <Limit> bracket <STRONG>will have no effect</STRONG>. The
1199 following example applies the access control only to the methods POST,
1200 PUT, and DELETE, leaving all other methods unprotected:
1203 <Limit POST PUT DELETE><BR>
1204 Require valid-user<BR>
1205 </Limit></CODE></BLOCKQUOTE>
1207 The method names listed can be one or more of: GET, POST, PUT, DELETE,
1208 CONNECT, OPTIONS, TRACE, PATCH, PROPFIND, PROPPATCH, MKCOL, COPY,
1209 MOVE, LOCK, and UNLOCK. <STRONG>The method name is
1210 case-sensitive.</STRONG> If GET is used it will also restrict HEAD
1215 <H2><A NAME="limitexcept"><LimitExcept> directive</A></H2>
1216 <!--%plaintext <?INDEX {\tt LimitExcept} section directive> -->
1218 HREF="directive-dict.html#Syntax"
1220 ><STRONG>Syntax:</STRONG></A>
1221 <LimitExcept <EM>method</em> [<em>method</EM>] ... > ... </LimitExcept><BR>
1223 HREF="directive-dict.html#Context"
1225 ><STRONG>Context:</STRONG></A> any<BR>
1227 HREF="directive-dict.html#Status"
1229 ><STRONG>Status:</STRONG></A> core<BR>
1231 HREF="directive-dict.html#Compatibility"
1233 ><STRONG>Compatibility:</STRONG></A> Available in Apache 1.3.5 and later<P>
1235 <LimitExcept> and </LimitExcept> are used to enclose a group of
1236 access control directives which will then apply to any HTTP access method
1237 <STRONG>not</STRONG> listed in the arguments; i.e., it is the opposite of a
1238 <A HREF="#limit"><Limit></A> section and can be used to control both
1239 standard and nonstandard/unrecognized methods. See the documentation for
1240 <A HREF="#limit"><Limit></A> for more details.
1244 <H2><A NAME="limitrequestbody">LimitRequestBody directive</A></H2>
1245 <!--%plaintext <?INDEX {\tt LimitRequestBody} directive> -->
1247 HREF="directive-dict.html#Syntax"
1249 ><STRONG>Syntax:</STRONG></A> LimitRequestBody <EM>bytes</EM><BR>
1251 HREF="directive-dict.html#Default"
1253 ><STRONG>Default:</STRONG></A> <CODE>LimitRequestBody 0</CODE><BR>
1255 HREF="directive-dict.html#Context"
1257 ><STRONG>Context:</STRONG></A> server config, virtual host, directory,
1260 HREF="directive-dict.html#Status"
1262 ><STRONG>Status:</STRONG></A> core<BR>
1264 HREF="directive-dict.html#Compatibility"
1266 ><STRONG>Compatibility:</STRONG></A> LimitRequestBody is only available in
1267 Apache 1.3.2 and later.
1270 <p>This directive specifies the number of <em>bytes</em> from 0
1271 (meaning unlimited) to 2147483647 (2GB) that are allowed in a request
1272 body. The default value is defined by the compile-time constant
1273 <CODE>DEFAULT_LIMIT_REQUEST_BODY</CODE> (0 as distributed).
1276 The LimitRequestBody directive allows the user to set a
1277 limit on the allowed size of an HTTP request message body within
1278 the context in which the directive is given (server, per-directory,
1279 per-file or per-location). If the client request exceeds that limit,
1280 the server will return an error response instead of servicing the request.
1281 The size of a normal request message body will vary greatly depending
1282 on the nature of the resource and the methods allowed on that resource.
1283 CGI scripts typically use the message body for passing form information
1284 to the server. Implementations of the PUT method will require a value
1285 at least as large as any representation that the server wishes
1286 to accept for that resource.
1289 This directive gives the server administrator greater control over abnormal
1290 client request behavior, which may be useful for avoiding some forms
1291 of denial-of-service attacks.
1296 <H2><A NAME="limitrequestfields">LimitRequestFields directive</A></H2>
1297 <!--%plaintext <?INDEX {\tt LimitRequestFields} directive> -->
1299 HREF="directive-dict.html#Syntax"
1301 ><STRONG>Syntax:</STRONG></A> LimitRequestFields <EM>number</EM><BR>
1303 HREF="directive-dict.html#Default"
1305 ><STRONG>Default:</STRONG></A> <CODE>LimitRequestFields 100</CODE><BR>
1307 HREF="directive-dict.html#Context"
1309 ><STRONG>Context:</STRONG></A> server config<BR>
1311 HREF="directive-dict.html#Status"
1313 ><STRONG>Status:</STRONG></A> core<BR>
1315 HREF="directive-dict.html#Compatibility"
1317 ><STRONG>Compatibility:</STRONG></A> LimitRequestFields is only available in
1318 Apache 1.3.2 and later.
1321 <p><em>Number</em> is an integer from 0 (meaning unlimited) to 32767.
1322 The default value is defined by the compile-time constant
1323 <CODE>DEFAULT_LIMIT_REQUEST_FIELDS</CODE> (100 as distributed).
1326 The LimitRequestFields directive allows the server administrator to modify
1327 the limit on the number of request header fields allowed in an HTTP request.
1328 A server needs this value to be larger than the number of fields that a
1329 normal client request might include. The number of request header fields
1330 used by a client rarely exceeds 20, but this may vary among different
1331 client implementations, often depending upon the extent to which a user
1332 has configured their browser to support detailed content negotiation.
1333 Optional HTTP extensions are often expressed using request header fields.
1336 This directive gives the server administrator greater control over abnormal
1337 client request behavior, which may be useful for avoiding some forms
1338 of denial-of-service attacks. The value should be increased if normal
1339 clients see an error response from the server that indicates too many
1340 fields were sent in the request.<P>
1344 <H2><A NAME="limitrequestfieldsize">LimitRequestFieldsize directive</A></H2>
1345 <!--%plaintext <?INDEX {\tt LimitRequestFieldsize} directive> -->
1347 HREF="directive-dict.html#Syntax"
1349 ><STRONG>Syntax:</STRONG></A> LimitRequestFieldsize <EM>bytes</EM><BR>
1351 HREF="directive-dict.html#Default"
1353 ><STRONG>Default:</STRONG></A> <CODE>LimitRequestFieldsize 8190</CODE><BR>
1355 HREF="directive-dict.html#Context"
1357 ><STRONG>Context:</STRONG></A> server config<BR>
1359 HREF="directive-dict.html#Status"
1361 ><STRONG>Status:</STRONG></A> core<BR>
1363 HREF="directive-dict.html#Compatibility"
1365 ><STRONG>Compatibility:</STRONG></A> LimitRequestFieldsize is only available in
1366 Apache 1.3.2 and later.
1369 This directive specifies the number of <em>bytes</em> from 0 to the
1370 value of the compile-time constant
1371 <CODE>DEFAULT_LIMIT_REQUEST_FIELDSIZE</CODE> (8190 as distributed)
1372 that will be allowed in an HTTP request header.
1375 The LimitRequestFieldsize directive allows the server administrator to reduce
1376 the limit on the allowed size of an HTTP request header field below the
1377 normal input buffer size compiled with the server. A server needs this
1378 value to be large enough to hold any one header field from a normal client
1379 request. The size of a normal request header field will vary greatly
1380 among different client implementations, often depending upon the extent
1381 to which a user has configured their browser to support detailed
1382 content negotiation.
1385 This directive gives the server administrator greater control over abnormal
1386 client request behavior, which may be useful for avoiding some forms
1387 of denial-of-service attacks. Under normal conditions, the value should
1388 not be changed from the default.<P>
1392 <H2><A NAME="limitrequestline">LimitRequestLine directive</A></H2>
1393 <!--%plaintext <?INDEX {\tt LimitRequestLine} directive> -->
1395 HREF="directive-dict.html#Syntax"
1397 ><STRONG>Syntax:</STRONG></A> LimitRequestLine <EM>bytes</EM><BR>
1399 HREF="directive-dict.html#Default"
1401 ><STRONG>Default:</STRONG></A> <CODE>LimitRequestLine 8190</CODE><BR>
1403 HREF="directive-dict.html#Context"
1405 ><STRONG>Context:</STRONG></A> server config<BR>
1407 HREF="directive-dict.html#Status"
1409 ><STRONG>Status:</STRONG></A> core<BR>
1411 HREF="directive-dict.html#Compatibility"
1413 ><STRONG>Compatibility:</STRONG></A> LimitRequestLine is only available in
1414 Apache 1.3.2 and later.
1417 This directive sets the number of <em>bytes</em> from 0 to the value
1418 of the compile-time constant <CODE>DEFAULT_LIMIT_REQUEST_LINE</CODE>
1419 (8190 as distributed) that will be allowed on the HTTP request-line.
1422 The LimitRequestLine directive allows the server administrator to reduce
1423 the limit on the allowed size of a client's HTTP request-line below the
1424 normal input buffer size compiled with the server. Since the request-line
1425 consists of the HTTP method, URI, and protocol version, the
1426 LimitRequestLine directive places a restriction on the length of a
1427 request-URI allowed for a request on the server. A server needs this
1428 value to be large enough to hold any of its resource names, including
1429 any information that might be passed in the query part of a GET request.
1432 This directive gives the server administrator greater control over abnormal
1433 client request behavior, which may be useful for avoiding some forms
1434 of denial-of-service attacks. Under normal conditions, the value should
1435 not be changed from the default.<P>
1440 <H2><A NAME="limitxmlrequestbody">LimitXMLRequestBody directive</A></H2>
1442 HREF="directive-dict.html#Syntax"
1444 ><STRONG>Syntax:</STRONG></A> LimitXMLRequestBody <EM>number</EM><BR>
1446 HREF="directive-dict.html#Default"
1448 ><STRONG>Default:</STRONG></A> <CODE>LimitXMLRequestBody 1000000</CODE><BR>
1450 HREF="directive-dict.html#Context"
1452 ><STRONG>Context:</STRONG></A> server config<BR>
1454 HREF="directive-dict.html#Status"
1456 ><STRONG>Status:</STRONG></A> core<BR>
1458 <P>Limit (in bytes) on maximum size of an XML-based request body.</p>
1462 <H2><A NAME="location"><Location> directive</A></H2>
1465 HREF="directive-dict.html#Syntax"
1467 ><STRONG>Syntax:</STRONG></A> <Location <EM>URL-path</EM>|<em>URL</em>>
1468 ... </Location><BR>
1470 HREF="directive-dict.html#Context"
1472 ><STRONG>Context:</STRONG></A> server config, virtual host<BR>
1474 HREF="directive-dict.html#Status"
1476 ><STRONG>Status:</STRONG></A> core<BR>
1478 HREF="directive-dict.html#Compatibility"
1480 ><STRONG>Compatibility:</STRONG></A> Location is only available in Apache
1483 <P>The <Location> directive provides for access control by
1484 URL. It is similar to the <A
1485 HREF="#directory"><Directory></A> directive, and
1486 starts a subsection which is terminated with a </Location>
1487 directive. <CODE><Location></CODE> sections are processed in the
1488 order they appear in the configuration file, after the
1489 <Directory> sections and <CODE>.htaccess</CODE> files are
1490 read, and after the <Files> sections.</P>
1492 <P>Note that URLs do not have to line up with the filesystem at all,
1493 it should be emphasized that <Location> operates completely outside
1496 <P>For all origin (non-proxy) requests, the URL to be matched is
1497 of the form <CODE>/path/</CODE>, and you should not include any
1498 <CODE>http://servername</CODE> prefix. For proxy requests, the URL
1499 to be matched is of the form <CODE>scheme://servername/path</CODE>,
1500 and you must include the prefix.
1502 <P>The URL may use wildcards In a wild-card string, `?' matches any
1503 single character, and `*' matches any sequences of characters.
1505 <P><STRONG>Apache 1.2 and above:</STRONG>
1506 Extended regular expressions can also be used, with the addition of
1507 the <CODE>~</CODE> character.
1512 <Location ~ "/(extra|special)/data">
1515 <P>would match URLs that contained the substring "/extra/data" or
1516 "/special/data". In Apache 1.3 and above, a new directive
1517 <A HREF="#locationmatch"><LocationMatch></A> exists which
1518 behaves identical to the regex version of
1519 <CODE><Location></CODE>.
1521 <P>The <CODE>Location</CODE> functionality is especially useful when
1522 combined with the <CODE><A
1523 HREF="mod_mime.html#sethandler">SetHandler</A></CODE> directive. For example,
1524 to enable status requests, but allow them only
1525 from browsers at foo.com, you might use:
1528 <Location /status>
1529 SetHandler server-status
1536 <P><STRONG>Apache 1.3 and above note about / (slash)</STRONG>: The slash
1537 character has special
1538 meaning depending on where in a URL it appears. People may be used
1539 to its behaviour in the filesystem where multiple adjacent slashes are
1540 frequently collapsed to a single slash (<EM>i.e.</EM>, <CODE>/home///foo</CODE>
1541 is the same as <CODE>/home/foo</CODE>). In URL-space this is not
1542 necessarily true. The <CODE><LocationMatch></CODE> directive
1543 and the regex version of <CODE><Location></CODE> require you
1544 to explicitly specify multiple slashes if that is your intention.
1545 For example, <CODE><LocationMatch ^/abc></CODE> would match the
1546 request URL <CODE>/abc</CODE> but not the request URL <CODE>//abc</CODE>.
1547 The (non-regex) <CODE><Location></CODE> directive behaves
1548 similarly when used for proxy requests. But when (non-regex)
1549 <CODE><Location></CODE> is used for non-proxy requests it will
1550 implicitly match multiple slashes with a single slash. For example,
1551 if you specify <CODE><Location /abc/def></CODE> and the request
1552 is to <CODE>/abc//def</CODE> then it will match.
1555 <STRONG>See also</STRONG>: <A HREF="../sections.html">How Directory,
1556 Location and Files sections work</A> for an explanation of how these
1557 different sections are combined when a request is received
1561 <H2><A NAME="locationmatch"><LocationMatch></A></H2>
1564 HREF="directive-dict.html#Syntax"
1566 ><STRONG>Syntax:</STRONG></A> <LocationMatch <EM>regex</EM>>
1567 ... </LocationMatch><BR>
1569 HREF="directive-dict.html#Context"
1571 ><STRONG>Context:</STRONG></A> server config, virtual host<BR>
1573 HREF="directive-dict.html#Status"
1575 ><STRONG>Status:</STRONG></A> core<BR>
1577 HREF="directive-dict.html#Compatibility"
1579 ><STRONG>Compatibility:</STRONG></A> LocationMatch is only available in
1580 Apache 1.3 and later.<P>
1582 <P>The <LocationMatch> directive provides for access control by
1583 URL, in an identical manner to <A
1584 HREF="#location"><Location></A>. However, it takes a regular
1585 expression as an argument instead of a simple string. For example:</P>
1588 <LocationMatch "/(extra|special)/data">
1591 <P>would match URLs that contained the substring "/extra/data" or
1592 "/special/data".</P>
1594 <STRONG>See also</STRONG>: <A HREF="../sections.html">How Directory,
1595 Location and Files sections work</A> for an explanation of how these
1596 different sections are combined when a request is received
1600 <H2><A NAME="loglevel">LogLevel directive</A></H2>
1602 HREF="directive-dict.html#Syntax"
1604 ><STRONG>Syntax:</STRONG></A> LogLevel <EM>level</EM><BR>
1606 HREF="directive-dict.html#Default"
1608 ><STRONG>Default:</STRONG></A> <CODE>LogLevel warn</CODE><BR>
1610 HREF="directive-dict.html#Context"
1612 ><STRONG>Context:</STRONG></A> server config, virtual host<BR>
1614 HREF="directive-dict.html#Status"
1616 ><STRONG>Status:</STRONG></A> core<BR>
1618 HREF="directive-dict.html#Compatibility"
1620 ><STRONG>Compatibility:</STRONG></A> LogLevel is only available in 1.3 or
1623 <P>LogLevel adjusts the verbosity of the messages recorded in the
1624 error logs (see <A HREF="#errorlog">ErrorLog</A> directive).
1625 The following <EM>level</EM>s are available, in order of
1626 decreasing significance:
1629 <TR><TH ALIGN="LEFT"><STRONG>Level</STRONG>
1630 <TH ALIGN="LEFT"><STRONG>Description</STRONG>
1631 <TR><TH><TH ALIGN="LEFT"><STRONG>Example</STRONG>
1632 <TR><TD><CODE>emerg</CODE>
1633 <TD>Emergencies - system is unusable.
1634 <TR><TD><TD>"Child cannot open lock file. Exiting"
1635 <TR><TD><CODE>alert</CODE>
1636 <TD>Action must be taken immediately.
1637 <TR><TD><TD>"getpwuid: couldn't determine user name from uid"
1638 <TR><TD><CODE>crit</CODE>
1639 <TD>Critical Conditions.
1640 <TR><TD><TD>"socket: Failed to get a socket, exiting child"
1641 <TR><TD><CODE>error</CODE>
1642 <TD>Error conditions.
1643 <TR><TD><TD>"Premature end of script headers"
1644 <TR><TD><CODE>warn</CODE>
1645 <TD>Warning conditions.
1646 <TR><TD><TD>"child process 1234 did not exit, sending another SIGHUP"
1647 <TR><TD><CODE>notice</CODE>
1648 <TD>Normal but significant condition.
1649 <TR><TD><TD>"httpd: caught SIGBUS, attempting to dump core in ..."
1650 <TR><TD><CODE>info</CODE>
1652 <TR><TD><TD>"Server seems busy, (you may need to increase StartServers, or
1653 Min/MaxSpareServers)..."
1654 <TR><TD><CODE>debug</CODE>
1655 <TD>Debug-level messages
1656 <TR><TD><TD>"Opening config file ..."
1659 <P>When a particular level is specified, messages from all other levels
1660 of higher significance will be reported as well. <EM>E.g.</EM>, when
1661 <CODE>LogLevel info</CODE> is specified, then messages with log levels of
1662 <CODE>notice</CODE> and <CODE>warn</CODE> will also be posted.
1664 Using a level of at least <CODE>crit</CODE> is recommended.
1667 <H2><A NAME="maxkeepaliverequests">MaxKeepAliveRequests directive</A></H2>
1669 HREF="directive-dict.html#Syntax"
1671 ><STRONG>Syntax:</STRONG></A> MaxKeepAliveRequests <EM>number</EM><BR>
1673 HREF="directive-dict.html#Default"
1675 ><STRONG>Default:</STRONG></A> <CODE>MaxKeepAliveRequests 100</CODE><BR>
1677 HREF="directive-dict.html#Context"
1679 ><STRONG>Context:</STRONG></A> server config<BR>
1681 HREF="directive-dict.html#Status"
1683 ><STRONG>Status:</STRONG></A> core<BR>
1685 HREF="directive-dict.html#Compatibility"
1687 ><STRONG>Compatibility:</STRONG></A> Only available in Apache
1690 <P>The MaxKeepAliveRequests directive limits the number of requests
1691 allowed per connection when <A HREF="#keepalive">KeepAlive</A> is
1692 on. If it is set to "<CODE>0</CODE>", unlimited requests will be
1693 allowed. We recommend that this setting be kept to a high value for
1694 maximum server performance.</P><HR>
1696 <H2><A NAME="namevirtualhost">NameVirtualHost directive</A></H2>
1697 <!--%plaintext <?INDEX {\tt NameVirtualHost} directive> -->
1699 HREF="directive-dict.html#Syntax"
1701 ><STRONG>Syntax:</STRONG></A> NameVirtualHost <EM>addr</EM>[:<EM>port</EM>]<BR>
1703 HREF="directive-dict.html#Context"
1705 ><STRONG>Context:</STRONG></A> server config<BR>
1707 HREF="directive-dict.html#Status"
1709 ><STRONG>Status:</STRONG></A> core<BR>
1711 HREF="directive-dict.html#Compatibility"
1713 ><STRONG>Compatibility:</STRONG></A> NameVirtualHost is only available in
1714 Apache 1.3 and later<P>
1716 The NameVirtualHost directive is a required directive if you want to configure
1717 <A HREF="../vhosts/">name-based virtual hosts</A>.<P>
1719 Although <EM>addr</EM> can be hostname it is recommended that you always use
1720 an IP address, <EM>e.g.</EM>
1722 <BLOCKQUOTE><CODE>NameVirtualHost 111.22.33.44</CODE></BLOCKQUOTE>
1724 With the NameVirtualHost directive you specify the IP address on which
1725 the server will receive requests for the name-based virtual hosts.
1726 This will usually be the address to which your name-based virtual host
1727 names resolve. In cases where a firewall or other proxy receives the
1728 requests and forwards them on a different IP address to the server,
1729 you must specify the IP address of the physical interface on the
1730 machine which will be servicing the requests. If you have multiple
1731 name-based hosts on multiple addresses, repeat the directive for each
1734 Note: the "main server" and any _default_ servers will <STRONG>never</STRONG>
1735 be served for a request to a NameVirtualHost IP Address (unless for some
1736 reason you specify NameVirtualHost but then don't define any VirtualHosts
1737 for that address).<P>
1739 Optionally you can specify a port number on which the name-based
1740 virtual hosts should be used, <EM>e.g.</EM>
1742 <BLOCKQUOTE><CODE>NameVirtualHost 111.22.33.44:8080</CODE></BLOCKQUOTE>
1744 <STRONG>See also:</STRONG>
1745 <A HREF="../vhosts/">Apache Virtual Host documentation</A>
1748 <H2><A NAME="options">Options directive</A></H2>
1749 <!--%plaintext <?INDEX {\tt Options} directive> -->
1751 HREF="directive-dict.html#Syntax"
1753 ><STRONG>Syntax:</STRONG></A> Options [+|-]<em>option</em> [[+|-]<em>option</em>] ...</EM><BR>
1755 HREF="directive-dict.html#Context"
1757 ><STRONG>Context:</STRONG></A> server config, virtual host, directory,
1760 HREF="directive-dict.html#Override"
1762 ><STRONG>Override:</STRONG></A> Options<BR>
1764 HREF="directive-dict.html#Status"
1766 ><STRONG>Status:</STRONG></A> core<P>
1768 The Options directive controls which server features are available in
1769 a particular directory.
1771 <EM>option</EM> can be set to <CODE>None</CODE>, in which case none of
1772 the extra features are enabled, or one or more of the following:
1775 <DD>All options except for MultiViews. This is the default setting.
1778 <!--%plaintext <?INDEX {\tt ExecCGI} option> -->
1779 Execution of CGI scripts is permitted.
1782 <!--%plaintext <?INDEX {\tt FollowSymLinks} option> -->
1783 The server will follow symbolic links in this directory.
1785 <STRONG>Note</STRONG>: even though the server follows the symlink it
1787 change the pathname used to match against <CODE><Directory></CODE>
1790 <STRONG>Note</STRONG>: this option gets ignored if set inside a
1791 <Location> section.
1795 <!--%plaintext <?INDEX {\tt Includes} option> -->
1796 Server-side includes are permitted.
1799 <!--%plaintext <?INDEX {\tt IncludesNOEXEC} option> -->
1800 Server-side includes are permitted, but the #exec command and
1801 #include of CGI scripts are disabled.
1804 <!--%plaintext <?INDEX {\tt Indexes} option> -->
1805 If a URL which maps to a directory is requested, and the there is no
1806 DirectoryIndex (<EM>e.g.</EM>, index.html) in that directory, then the server will
1807 return a formatted listing of the directory.
1810 <!--%plaintext <?INDEX {\tt MultiViews} option> -->
1811 <A HREF="../content-negotiation.html">Content negotiated</A> MultiViews are
1813 <DT>SymLinksIfOwnerMatch
1815 <!--%plaintext <?INDEX {\tt SymLinksIfOwnerMatch} option> -->
1816 The server will only follow symbolic links for which the target
1817 file or directory is owned by the same user id as the link.
1819 <STRONG>Note</STRONG>: this option gets ignored if set inside a
1820 <Location> section.
1823 Normally, if multiple <CODE>Options</CODE> could apply to a directory,
1824 then the most specific one is taken complete; the options are not
1825 merged. However if <EM>all</EM> the options on the <CODE>Options</CODE>
1826 directive are preceded by a + or - symbol, the options are
1827 merged. Any options preceded by a + are added to the options
1828 currently in force, and any options preceded by a - are removed from
1829 the options currently in force. <P>
1831 For example, without any + and - symbols:
1834 <Directory /web/docs> <BR>
1835 Options Indexes FollowSymLinks<BR>
1836 </Directory><BR>
1837 <Directory /web/docs/spec> <BR>
1838 Options Includes<BR>
1840 </CODE></BLOCKQUOTE>
1841 then only <CODE>Includes</CODE> will be set for the /web/docs/spec
1842 directory. However if the second <CODE>Options</CODE> directive uses the +
1846 <Directory /web/docs> <BR>
1847 Options Indexes FollowSymLinks<BR>
1848 </Directory><BR>
1849 <Directory /web/docs/spec> <BR>
1850 Options +Includes -Indexes<BR>
1852 </CODE></BLOCKQUOTE>
1853 then the options <CODE>FollowSymLinks</CODE> and <CODE>Includes</CODE>
1854 are set for the /web/docs/spec directory.<P>
1856 <STRONG>Note:</STRONG> Using <CODE>-IncludesNOEXEC</CODE> or
1857 <CODE>-Includes</CODE>
1858 disables server-side includes completely regardless of the previous setting.<P>
1860 The default in the absence of any other settings is <CODE>All</CODE>.<P>
1865 <H2><A NAME="port">Port directive</A></H2>
1866 <!--%plaintext <?INDEX {\tt Port} directive> -->
1868 HREF="directive-dict.html#Syntax"
1870 ><STRONG>Syntax:</STRONG></A> Port <EM>number</EM><BR>
1872 HREF="directive-dict.html#Default"
1874 ><STRONG>Default:</STRONG></A> <CODE>Port 80</CODE><BR>
1876 HREF="directive-dict.html#Context"
1878 ><STRONG>Context:</STRONG></A> server config<BR>
1880 HREF="directive-dict.html#Status"
1882 ><STRONG>Status:</STRONG></A> core<P>
1884 <EM>Number</EM> is a number from 0 to 65535; some port numbers
1886 1024) are reserved for particular protocols. See <CODE>/etc/services</CODE>
1887 for a list of some defined ports; the standard port for the http protocol
1890 The Port directive has two behaviors, the first of which is necessary for
1891 NCSA backwards compatibility (and which is confusing in the context of
1896 In the absence of any <A HREF="mpm_common.html#listen">Listen</A>
1897 directives specifying a port number,
1898 a Port directive given in the "main server"
1899 (<EM>i.e.</EM>, outside any <A HREF="#virtualhost"><VirtualHost></A> section)
1900 sets the network port on which the server listens.
1901 If there are any Listen directives specifying
1902 <CODE>:number</CODE> then Port has no effect on what address the server
1905 <LI>The Port directive
1906 sets the <CODE>SERVER_PORT</CODE> environment variable (for
1907 <A HREF="mod_cgi.html">CGI</A> and <A HREF="mod_include.html">SSI</A>),
1908 and is used when the server must generate a URL that refers to itself
1909 (for example when creating an external redirect to itself). This
1910 behaviour is modified by
1911 <A HREF="#usecanonicalname">UseCanonicalName</A>.
1914 In no event does a Port setting affect
1915 what ports a <A HREF="#virtualhost">VirtualHost</A> responds on, the
1916 VirtualHost directive itself is used for that.<P>
1918 The primary behaviour of Port should be considered to be similar to that of
1919 the <A HREF="#servername">ServerName</A> directive. The ServerName
1920 and Port together specify what you consider to be the <EM>canonical</EM>
1921 address of the server.
1922 (See also <A HREF="#usecanonicalname">UseCanonicalName</A>.)<P>
1924 Port 80 is one of Unix's special ports. All ports numbered below 1024
1925 are reserved for system use, <EM>i.e.</EM>, regular (non-root) users
1926 cannot make use of them; instead they can only use higher port
1927 numbers. To use port 80, you must start the server from the root
1928 account. After binding to the port and before accepting requests,
1929 Apache will change to a low privileged user as set by the <A
1930 HREF="mpm_common.html#user">User directive</A>.<P>
1932 If you cannot use port 80, choose any other unused port. Non-root users
1933 will have to choose a port number higher than 1023, such as 8000.<P>
1935 SECURITY: if you do start the server as root, be sure not to set <A
1936 HREF="mpm_common.html#user">User</A> to root. If you run the server as
1937 root whilst handling connections, your site may be open to a major
1938 security attack.<P><HR>
1940 <H2><A NAME="require">Require directive</A></H2>
1941 <!--%plaintext <?INDEX {\tt Require} directive> -->
1943 HREF="directive-dict.html#Syntax"
1945 ><STRONG>Syntax:</STRONG></A> Require <EM>entity-name</em> [<em>entity-name</em>] ...</EM><BR>
1947 HREF="directive-dict.html#Context"
1949 ><STRONG>Context:</STRONG></A> directory, .htaccess<BR>
1951 HREF="directive-dict.html#Override"
1953 ><STRONG>Override:</STRONG></A> AuthConfig<BR>
1955 HREF="directive-dict.html#Status"
1957 ><STRONG>Status:</STRONG></A> core<P>
1959 This directive selects which authenticated users can access a directory.
1960 The allowed syntaxes are:
1962 <LI>Require user <EM>userid</em> [<em>userid</em>] ...<P>
1963 Only the named users can access the directory.<P>
1964 <LI>Require group <EM>group-name</em> [<em>group-name</em>] ...<P>
1965 Only users in the named groups can access the directory.<P>
1966 <LI>Require valid-user<P>
1967 All valid users can access the directory.
1970 Require must be accompanied by <A HREF="#authname">AuthName</A> and
1971 <A HREF="#authtype">AuthType</A> directives, and directives such as
1972 <A HREF="mod_auth.html#authuserfile">AuthUserFile</A> and
1973 <A HREF="mod_auth.html#authgroupfile">AuthGroupFile</A> (to define users and
1974 groups) in order to work correctly. Example:
1977 AuthName "Restricted Directory"<BR>
1978 AuthUserFile /web/users<BR>
1979 AuthGroupFile /web/groups<BR>
1980 Require group admin<BR>
1981 </CODE></BLOCKQUOTE>
1983 Access controls which are applied in this way are effective for
1984 <STRONG>all</STRONG> methods. <STRONG>This is what is normally
1985 desired.</STRONG> If you wish to apply access controls only to
1986 specific methods, while leaving other methods unprotected, then place
1987 the <CODE>Require</CODE> statement into a <A
1988 HREF="#limit"><Limit></A> section<P>
1989 <P>See also <A HREF="#satisfy">Satisfy</A> and <A HREF="mod_access.html">mod_access</A>.
1992 <H2><A NAME="rlimit">RLimitCPU</A> <A NAME="rlimitcpu">directive</A></H2>
1993 <!--%plaintext <?INDEX {\tt RLimitCPU} directive> -->
1995 HREF="directive-dict.html#Syntax"
1997 ><STRONG>Syntax:</STRONG></A> RLimitCPU <EM>number</EM>|max
1998 [<em>number</em>|max]
2001 HREF="directive-dict.html#Default"
2003 ><STRONG>Default:</STRONG></A> <EM>Unset; uses operating system defaults</EM>
2006 HREF="directive-dict.html#Context"
2008 ><STRONG>Context:</STRONG></A> server config, virtual host<BR>
2010 HREF="directive-dict.html#Status"
2012 ><STRONG>Status:</STRONG></A> core<BR>
2014 HREF="directive-dict.html#Compatibility"
2016 ><STRONG>Compatibility:</STRONG></A> RLimitCPU is only available in Apache 1.2
2017 and later. Moved in version 2.0 to the <A HREF="../mpm.html">MPMs</A>.<P>
2019 Takes 1 or 2 parameters. The first parameter sets the soft resource limit
2020 for all processes and the second parameter sets the maximum resource limit.
2021 Either parameter can be a number, or <EM>max</EM> to indicate to the server
2022 that the limit should be set to the maximum allowed by the operating system
2023 configuration. Raising the maximum resource limit requires that the server
2024 is running as root, or in the initial startup phase.<P>
2026 This applies to processes forked off from Apache children servicing requests,
2027 not the Apache children themselves. This includes CGI scripts and SSI
2028 exec commands, but not any processes forked off from the Apache parent
2029 such as piped logs.<P>
2031 CPU resource limits are expressed in seconds per process.<P>
2033 See also <A HREF="#rlimitmem">RLimitMEM</A> or
2034 <A HREF="#rlimitnproc">RLimitNPROC</A>.<P><HR>
2036 <H2><A NAME="rlimitmem">RLimitMEM directive</A></H2>
2037 <!--%plaintext <?INDEX {\tt RLimitMEM} directive> -->
2039 HREF="directive-dict.html#Syntax"
2041 ><STRONG>Syntax:</STRONG></A> RLimitMEM <em>number</em>|max
2042 [<em>number</em>|max]<br>
2044 HREF="directive-dict.html#Default"
2046 ><STRONG>Default:</STRONG></A> <EM>Unset; uses operating system defaults</EM>
2049 HREF="directive-dict.html#Context"
2051 ><STRONG>Context:</STRONG></A> server config, virtual host<BR>
2053 HREF="directive-dict.html#Status"
2055 ><STRONG>Status:</STRONG></A> core<BR>
2057 HREF="directive-dict.html#Compatibility"
2059 ><STRONG>Compatibility:</STRONG></A> RLimitMEM is only available in Apache 1.2
2060 and later. Moved in version 2.0 to the <A HREF="../mpm.html">MPMs</A>.<P>
2062 Takes 1 or 2 parameters. The first parameter sets the soft resource limit for
2063 all processes and the second parameter sets the maximum resource limit. Either
2064 parameter can be a number, or <EM>max</EM> to indicate to the server that the
2065 limit should be set to the maximum allowed by the operating system
2066 configuration. Raising the maximum resource limit requires that the
2067 server is running as root, or in the initial startup phase.<P>
2069 This applies to processes forked off from Apache children servicing requests,
2070 not the Apache children themselves. This includes CGI scripts and SSI
2071 exec commands, but not any processes forked off from the Apache parent
2072 such as piped logs.<P>
2074 Memory resource limits are expressed in bytes per process.<P>
2076 See also <A HREF="#rlimitcpu">RLimitCPU</A> or
2077 <A HREF="#rlimitnproc">RLimitNPROC</A>.<P><HR>
2079 <H2><A NAME="rlimitnproc">RLimitNPROC directive</A></H2>
2080 <!--%plaintext <?INDEX {\tt RLimitNPROC} directive> -->
2082 HREF="directive-dict.html#Syntax"
2084 ><STRONG>Syntax:</STRONG></A> RLimitNPROC <em>number</em>|max
2085 [<em>number</em>|max]<BR>
2087 HREF="directive-dict.html#Default"
2089 ><STRONG>Default:</STRONG></A> <EM>Unset; uses operating system defaults</EM>
2092 HREF="directive-dict.html#Context"
2094 ><STRONG>Context:</STRONG></A> server config, virtual host<BR>
2096 HREF="directive-dict.html#Status"
2098 ><STRONG>Status:</STRONG></A> core<BR>
2100 HREF="directive-dict.html#Compatibility"
2102 ><STRONG>Compatibility:</STRONG></A> RLimitNPROC is only available in Apache
2103 1.2 and later. Moved in version 2.0 to the <A HREF="../mpm.html">MPMs</A>.<P>
2105 Takes 1 or 2 parameters. The first parameter sets the soft resource limit
2106 for all processes and the second parameter sets the maximum resource limit.
2107 Either parameter can be a number, or <code>max</code> to indicate to the server
2108 that the limit should be set to the maximum allowed by the operating system
2109 configuration. Raising the maximum resource limit requires that the server
2110 is running as root, or in the initial startup phase.<P>
2112 This applies to processes forked off from Apache children servicing requests,
2113 not the Apache children themselves. This includes CGI scripts and SSI
2114 exec commands, but not any processes forked off from the Apache parent
2115 such as piped logs.<P>
2117 Process limits control the number of processes per user.<P>
2119 Note: If CGI processes are <STRONG>not</STRONG> running under userids other
2121 web server userid, this directive will limit the number of processes that the
2122 server itself can create. Evidence of this situation will be indicated by
2123 <STRONG><EM>cannot fork</EM></STRONG> messages in the error_log.<P>
2125 See also <A HREF="#rlimitmem">RLimitMEM</A> or
2126 <A HREF="#rlimitcpu">RLimitCPU</A>.
2130 <H2><A NAME="satisfy">Satisfy directive</A></H2>
2131 <!--%plaintext <?INDEX {\tt Satisfy} directive> -->
2133 HREF="directive-dict.html#Syntax"
2135 ><STRONG>Syntax:</STRONG></A> Satisfy any|all<BR>
2137 HREF="directive-dict.html#Default"
2139 ><STRONG>Default:</STRONG></A> Satisfy all<BR>
2141 HREF="directive-dict.html#Context"
2143 ><STRONG>Context:</STRONG></A> directory, .htaccess<BR>
2145 HREF="directive-dict.html#Status"
2147 ><STRONG>Status:</STRONG></A> core<BR>
2149 HREF="directive-dict.html#Compatibility"
2151 ><STRONG>Compatibility:</STRONG></A> Satisfy is only available in Apache 1.2
2154 Access policy if both <CODE>Allow</CODE> and <CODE>Require</CODE>
2155 used. The parameter can be
2156 either <EM>'all'</EM> or <EM>'any'</EM>. This directive is only useful
2157 if access to a particular area is being restricted by both
2158 username/password <EM>and</EM> client host address. In this case the
2159 default behavior ("all") is to require that the client passes the
2160 address access restriction <EM>and</EM> enters a valid username and
2161 password. With the "any" option the client will be granted access if
2162 they either pass the host restriction or enter a valid username and
2163 password. This can be used to password restrict an area, but to let
2164 clients from particular addresses in without prompting for a password.
2166 See also <A HREF="#require">Require</A> and
2167 <A HREF="mod_access.html">mod_access</A>.
2171 <H2><A NAME="scriptinterpretersource">ScriptInterpreterSource directive</A></H2>
2172 <!--%plaintext <?INDEX {\tt ScriptInterpreterSource} directive> -->
2174 HREF="directive-dict.html#Syntax"
2176 ><STRONG>Syntax:</STRONG></A> ScriptInterpreterSource registry|script<BR>
2178 HREF="directive-dict.html#Default"
2180 ><STRONG>Default:</STRONG></A> <CODE>ScriptInterpreterSource script</CODE>
2183 HREF="directive-dict.html#Context"
2185 ><STRONG>Context:</STRONG></A> directory, .htaccess<BR>
2187 HREF="directive-dict.html#Status"
2189 ><STRONG>Status:</STRONG></A> core (Windows only)<P>
2191 This directive is used to control how Apache 1.3.5 and later finds the interpreter
2192 used to run CGI scripts. The default technique is to use the interpreter pointed to by
2193 the #! line in the script. Setting ScriptInterpreterSource registry will cause the
2194 Windows Registry to be searched using the script file extension (e.g., .pl) as a search key.
2197 <H2><A NAME="serveradmin">ServerAdmin directive</A></H2>
2198 <!--%plaintext <?INDEX {\tt ServerAdmin} directive> -->
2200 HREF="directive-dict.html#Syntax"
2202 ><STRONG>Syntax:</STRONG></A> ServerAdmin <EM>email-address</EM><BR>
2204 HREF="directive-dict.html#Context"
2206 ><STRONG>Context:</STRONG></A> server config, virtual host<BR>
2208 HREF="directive-dict.html#Status"
2210 ><STRONG>Status:</STRONG></A> core<P>
2212 The ServerAdmin sets the e-mail address that the server includes in any
2213 error messages it returns to the client.<P>
2215 It may be worth setting up a dedicated address for this, <EM>e.g.</EM>
2216 <BLOCKQUOTE><CODE>ServerAdmin www-admin@foo.bar.com</CODE></BLOCKQUOTE>
2217 as users do not always mention that they are talking about the server!<P><HR>
2219 <H2><A NAME="serveralias">ServerAlias directive</A></H2>
2222 HREF="directive-dict.html#Syntax"
2224 ><STRONG>Syntax:</STRONG></A> ServerAlias <EM>hostname</em> [<em>hostname</em>] ...<BR>
2226 HREF="directive-dict.html#Context"
2228 ><STRONG>Context:</STRONG></A> virtual host<BR>
2230 HREF="directive-dict.html#Status"
2232 ><STRONG>Status:</STRONG></A> core<BR>
2234 HREF="directive-dict.html#Compatibility"
2236 ><STRONG>Compatibility:</STRONG></A> ServerAlias is only available in Apache
2239 The ServerAlias directive sets the alternate names for a host, for use
2241 <A HREF="../vhosts/name-based.html">name-based virtual hosts</A>.
2243 <P><STRONG>See also:</STRONG>
2244 <A HREF="../vhosts/">Apache Virtual Host documentation</A>
2248 <H2><A NAME="servername">ServerName directive</A></H2>
2249 <!--%plaintext <?INDEX {\tt ServerName} directive> -->
2251 HREF="directive-dict.html#Syntax"
2253 ><STRONG>Syntax:</STRONG></A> ServerName <EM>fully-qualified-domain-name</EM>
2256 HREF="directive-dict.html#Context"
2258 ><STRONG>Context:</STRONG></A> server config, virtual host<BR>
2260 HREF="directive-dict.html#Status"
2262 ><STRONG>Status:</STRONG></A> core<P>
2264 The ServerName directive sets the hostname of the server; this is
2265 used when creating redirection URLs. If it is not specified, then the
2266 server attempts to deduce it from its own IP address; however this may
2267 not work reliably, or may not return the preferred hostname. For example:
2268 <BLOCKQUOTE><CODE>ServerName www.example.com</CODE></BLOCKQUOTE>
2269 would be used if the canonical (main) name of the actual machine
2270 were <CODE>simple.example.com</CODE>.<P>
2272 If you are using <A HREF="../vhosts/name-based.html">name-based
2273 virtual hosts</A>, the <CODE>ServerName</CODE> inside a
2274 <A HREF="#virtualhost"><CODE><VirtualHost></CODE></A>
2275 section specifies what hostname must appear in the request's
2276 <CODE>Host:</CODE> header to match this virtual host.<P>
2278 <P><STRONG>See Also</STRONG>:<BR>
2279 <A HREF="../dns-caveats.html">DNS Issues</A><BR>
2280 <A HREF="../vhosts/">Apache virtual host documentation</A><BR>
2281 <A HREF="#usecanonicalname">UseCanonicalName</A><BR>
2282 <A HREF="#namevirtualhost">NameVirtualHost</A><BR>
2283 <A HREF="#serveralias">ServerAlias</A><BR>
2287 <H2><A NAME="serverpath">ServerPath directive</A></H2>
2290 HREF="directive-dict.html#Syntax"
2292 ><STRONG>Syntax:</STRONG></A> ServerPath <EM>directory-path</EM><BR>
2294 HREF="directive-dict.html#Context"
2296 ><STRONG>Context:</STRONG></A> virtual host<BR>
2298 HREF="directive-dict.html#Status"
2300 ><STRONG>Status:</STRONG></A> core<BR>
2302 HREF="directive-dict.html#Compatibility"
2304 ><STRONG>Compatibility:</STRONG></A> ServerPath is only available in Apache
2307 The ServerPath directive sets the legacy URL pathname for a host, for
2308 use with <A HREF="../vhosts/">name-based virtual hosts</A>.
2310 <P><STRONG>See also:</STRONG>
2311 <A HREF="../vhosts/">Apache Virtual Host documentation</A>
2315 <H2><A NAME="serverroot">ServerRoot directive</A></H2>
2316 <!--%plaintext <?INDEX {\tt ServerRoot} directive> -->
2318 HREF="directive-dict.html#Syntax"
2320 ><STRONG>Syntax:</STRONG></A> ServerRoot <EM>directory-path</EM><BR>
2322 HREF="directive-dict.html#Default"
2324 ><STRONG>Default:</STRONG></A> <CODE>ServerRoot /usr/local/apache</CODE><BR>
2326 HREF="directive-dict.html#Context"
2328 ><STRONG>Context:</STRONG></A> server config<BR>
2330 HREF="directive-dict.html#Status"
2332 ><STRONG>Status:</STRONG></A> core<P>
2334 The ServerRoot directive sets the directory in which the server lives.
2335 Typically it will contain the subdirectories <CODE>conf/</CODE> and
2336 <CODE>logs/</CODE>. Relative paths for other configuration files are taken
2337 as relative to this directory.<P>
2339 See also <A HREF="../invoking.html">the <CODE>-d</CODE> option to httpd</A>.<P>
2340 See also <A HREF="../misc/security_tips.html#serverroot">the security tips</A>
2341 for information on how to properly set permissions on the ServerRoot.<P>
2345 <H2><A NAME="serversignature">ServerSignature directive</A></H2>
2346 <!--%plaintext <?INDEX {\tt ServerSignature} directive> -->
2348 HREF="directive-dict.html#Syntax"
2350 ><STRONG>Syntax:</STRONG></A> ServerSignature On|Off|EMail<BR>
2352 HREF="directive-dict.html#Default"
2354 ><STRONG>Default:</STRONG></A> <CODE>ServerSignature Off</CODE><BR>
2356 HREF="directive-dict.html#Context"
2358 ><STRONG>Context:</STRONG></A> server config, virtual host, directory,
2361 HREF="directive-dict.html#Status"
2363 ><STRONG>Status:</STRONG></A> core<BR>
2365 HREF="directive-dict.html#Compatibility"
2367 ><STRONG>Compatibility:</STRONG></A> ServerSignature is only available in
2371 The ServerSignature directive allows the configuration of a trailing
2372 footer line under server-generated documents (error messages,
2373 mod_proxy ftp directory listings, mod_info output, ...). The reason
2374 why you would want to enable such a footer line is that in a chain
2375 of proxies, the user often has no possibility to tell which of the
2376 chained servers actually produced a returned error message.<BR>
2377 The <SAMP>Off</SAMP> setting, which is the default, suppresses the
2378 error line (and is therefore compatible with the behavior of
2379 Apache-1.2 and below). The <SAMP>On</SAMP> setting simply adds a
2380 line with the server version number and <A
2381 HREF="#servername">ServerName</A> of the serving virtual host, and
2382 the <SAMP>EMail</SAMP> setting additionally creates a "mailto:"
2383 reference to the <A HREF="#serveradmin">ServerAdmin</A> of the
2384 referenced document.
2388 <H2><A NAME="servertokens">ServerTokens directive</A></H2>
2389 <!--%plaintext <?INDEX {\tt ServerTokens} directive> -->
2391 HREF="directive-dict.html#Syntax"
2393 ><STRONG>Syntax:</STRONG></A> ServerTokens Minimal|ProductOnly|OS|Full<BR>
2395 HREF="directive-dict.html#Default"
2397 ><STRONG>Default:</STRONG></A> <CODE>ServerTokens Full</CODE><BR>
2399 HREF="directive-dict.html#Context"
2401 ><STRONG>Context:</STRONG></A> server config <BR>
2403 HREF="directive-dict.html#Status"
2405 ><STRONG>Status:</STRONG></A> core<BR>
2407 HREF="directive-dict.html#Compatibility"
2409 ><STRONG>Compatibility:</STRONG></A> ServerTokens is only available
2410 in Apache 1.3 and later; the <code>ProductOnly</code> keyword is
2411 only available in versions later than 1.3.12
2414 This directive controls whether <SAMP>Server</SAMP> response header
2415 field which is sent back to clients includes a description of the generic
2416 OS-type of the server as well as information about compiled-in modules.
2419 <DT><CODE>ServerTokens Prod[uctOnly]</CODE>
2421 <DD>Server sends (<EM>e.g.</EM>): <SAMP>Server: Apache</SAMP>
2423 <DT><CODE>ServerTokens Min[imal]</CODE>
2425 <DD>Server sends (<EM>e.g.</EM>): <SAMP>Server: Apache/1.3.0</SAMP>
2427 <DT><CODE>ServerTokens OS</CODE>
2429 <DD>Server sends (<EM>e.g.</EM>): <SAMP>Server: Apache/1.3.0 (Unix)</SAMP>
2431 <DT><CODE>ServerTokens Full</CODE> (or not specified)
2433 <DD>Server sends (<EM>e.g.</EM>): <SAMP>Server: Apache/1.3.0 (Unix) PHP/3.0
2438 This setting applies to the entire server, and cannot be enabled or
2439 disabled on a virtualhost-by-virtualhost basis.
2444 <H2><A NAME="setinputfilter">SetInputFilter directive</A></H2>
2446 HREF="directive-dict.html#Syntax"
2448 ><STRONG>Syntax:</STRONG></A> SetInputFilter <EM>filter</EM>
2449 [<EM>filter</EM>] ...<BR>
2451 HREF="directive-dict.html#Default"
2453 ><STRONG>Default:</STRONG></A> none<BR>
2455 HREF="directive-dict.html#Context"
2457 ><STRONG>Context:</STRONG></A> directory<BR>
2459 HREF="directive-dict.html#Status"
2461 ><STRONG>Status:</STRONG></A> core</P>
2463 <p>The <code>SetInputFilter</code> directive sets the filters
2464 which will process client requests when they are received by the
2467 <p>The order of the arguments determines the order in which the
2468 filters will process the content.</p>
2470 <p>See also the <a href="../filter.html">Filters</a> documentation.</p>
2474 <H2><A NAME="setoutputfilter">SetOutputFilter directive</A></H2>
2476 HREF="directive-dict.html#Syntax"
2478 ><STRONG>Syntax:</STRONG></A> SetOutputFilter <EM>filter</EM>
2479 [<EM>filter</EM>] ...<BR>
2481 HREF="directive-dict.html#Default"
2483 ><STRONG>Default:</STRONG></A> none<BR>
2485 HREF="directive-dict.html#Context"
2487 ><STRONG>Context:</STRONG></A> directory<BR>
2489 HREF="directive-dict.html#Status"
2491 ><STRONG>Status:</STRONG></A> core</P>
2493 <P>The <code>SetOutputFilter</code> directive sets the filters which
2494 will process responses from the server before they are sent to the
2495 client. For example, the following configuration will process
2496 all files in the <code>/www/data/</code> directory for
2497 server-side includes.</P>
2500 <Directory /www/data/><BR>
2501 SetOutputFilter INCLUDES<BR>
2503 </CODE></BLOCKQUOTE>
2505 <p>The order of the arguments determines the order in which the
2506 filters will process the content.</p>
2508 <p>See also the <a href="../filter.html">Filters</a> documentation.</p>
2511 <H2><A NAME="timeout">TimeOut directive</A></H2>
2512 <!--%plaintext <?INDEX {\tt TimeOut} directive> -->
2514 HREF="directive-dict.html#Syntax"
2516 ><STRONG>Syntax:</STRONG></A> TimeOut <EM>number</EM><BR>
2518 HREF="directive-dict.html#Default"
2520 ><STRONG>Default:</STRONG></A> <CODE>TimeOut 300</CODE><BR>
2522 HREF="directive-dict.html#Context"
2524 ><STRONG>Context:</STRONG></A> server config<BR>
2526 HREF="directive-dict.html#Status"
2528 ><STRONG>Status:</STRONG></A> core<P>
2530 The TimeOut directive currently defines the amount of time Apache will
2531 wait for three things:
2534 <LI>The total amount of time it takes to receive a GET request.
2535 <LI>The amount of time between receipt of TCP packets on a POST or
2537 <LI>The amount of time between ACKs on transmissions of TCP packets
2541 We plan on making these separately configurable at some point down the
2542 road. The timer used to default to 1200 before 1.2, but has been
2543 lowered to 300 which is still far more than necessary in most
2544 situations. It is not set any lower by default because there may
2545 still be odd places in the code where the timer is not reset when
2550 <H2><A NAME="usecanonicalname">UseCanonicalName directive</A></H2>
2551 <!--%plaintext <?INDEX {\tt UseCanonicalName} directive> -->
2552 <A HREF="directive-dict.html#Syntax" REL="Help">
2553 <STRONG>Syntax:</STRONG></A> UseCanonicalName on|off|dns<BR>
2554 <A HREF="directive-dict.html#Default" REL="Help">
2555 <STRONG>Default:</STRONG></A> <CODE>UseCanonicalName on</CODE><BR>
2556 <A HREF="directive-dict.html#Context" REL="Help">
2557 <STRONG>Context:</STRONG></A> server config, virtual host, directory<BR>
2558 <A HREF="directive-dict.html#Override" REL="Help">
2559 <STRONG>Override:</STRONG></A> Options<BR>
2560 <A HREF="directive-dict.html#Compatibility" REL="Help">
2561 <STRONG>Compatibility:</STRONG></A> UseCanonicalName is only available in
2562 Apache 1.3 and later<P>
2564 In many situations Apache has to construct a <EM>self-referential</EM>
2565 URL. That is, a URL which refers back to the same server.
2566 With <CODE>UseCanonicalName on</CODE> (and in all versions prior to
2567 1.3) Apache will use the <A HREF="#servername">ServerName</A> and <A
2568 HREF="#port">Port</A> directives to construct a canonical name for the
2569 server. This name is used in all self-referential URLs, and for the
2570 values of <CODE>SERVER_NAME</CODE> and <CODE>SERVER_PORT</CODE> in CGIs.
2572 <P>With <CODE>UseCanonicalName off</CODE> Apache will form
2573 self-referential URLs using the hostname and port supplied
2574 by the client if any are supplied (otherwise it will use the
2575 canonical name). These values are the same that are used to
2576 implement <A HREF="../vhosts/name-based.html">name based virtual
2577 hosts</A>, and are available with the same clients. The CGI variables
2578 <CODE>SERVER_NAME</CODE> and <CODE>SERVER_PORT</CODE> will be constructed
2579 from the client supplied values as well.
2581 <P>An example where this may be useful is on an intranet server where
2582 you have users connecting to the machine using short names such as
2583 <CODE>www</CODE>. You'll notice that if the users type a shortname,
2584 and a URL which is a directory, such as <CODE>http://www/splat</CODE>,
2585 <EM>without the trailing slash</EM> then Apache will redirect them to
2586 <CODE>http://www.domain.com/splat/</CODE>. If you have authentication
2587 enabled, this will cause the user to have to reauthenticate twice (once
2588 for <CODE>www</CODE> and once again for <CODE>www.domain.com</CODE>).
2589 But if <CODE>UseCanonicalName</CODE> is set off, then Apache will redirect
2590 to <CODE>http://www/splat/</CODE>.
2592 <P>There is a third option, <CODE>UseCanonicalName DNS</CODE>, which
2593 is intended for use with mass IP-based virtual hosting to support
2594 ancient clients that do not provide a <CODE>Host:</CODE> header. With
2595 this option Apache does a reverse DNS lookup on the server IP address
2596 that the client connected to in order to work out self-referential URLs.
2598 <P><STRONG>Warning:</STRONG> if CGIs make assumptions about the values of
2599 <CODE>SERVER_NAME</CODE> they may be broken by this option. The client
2600 is essentially free to give whatever value they want as a hostname.
2601 But if the CGI is only using <CODE>SERVER_NAME</CODE> to construct
2602 self-referential URLs then it should be just fine.
2604 <P><STRONG>See also:</STRONG>
2605 <A HREF="#servername">ServerName</A>,
2606 <A HREF="#port">Port</A>
2610 <H2><A NAME="virtualhost"><VirtualHost> directive</A></H2>
2611 <!--%plaintext <?INDEX {\tt VirtualHost} section directive> -->
2613 HREF="directive-dict.html#Syntax"
2615 ><STRONG>Syntax:</STRONG></A> <VirtualHost <EM>addr</EM>[:<EM>port</EM>]
2616 [<EM>addr</EM>[:<EM>port</EM>]] ...> ...
2617 </VirtualHost> <BR>
2619 HREF="directive-dict.html#Context"
2621 ><STRONG>Context:</STRONG></A> server config<BR>
2623 HREF="directive-dict.html#Status"
2625 ><STRONG>Status:</STRONG></A> Core.<BR>
2627 HREF="directive-dict.html#Compatibility"
2629 ><STRONG>Compatibility:</STRONG></A> Non-IP address-based Virtual Hosting only
2630 available in Apache 1.1 and later.<BR>
2632 HREF="directive-dict.html#Compatibility"
2634 ><STRONG>Compatibility:</STRONG></A> Multiple address support only available in
2635 Apache 1.2 and later.<P>
2637 <VirtualHost> and </VirtualHost> are used to enclose a group of
2638 directives which will apply only to a particular virtual host.
2639 Any directive which is allowed in a virtual host context may be used.
2640 When the server receives a request for a document on a particular virtual
2641 host, it uses the configuration directives enclosed in the <VirtualHost>
2642 section. <EM>Addr</EM> can be
2644 <LI>The IP address of the virtual host
2645 <LI>A fully qualified domain name for the IP address of the virtual host.
2649 <VirtualHost 10.1.2.3> <BR>
2650 ServerAdmin webmaster@host.foo.com <BR>
2651 DocumentRoot /www/docs/host.foo.com <BR>
2652 ServerName host.foo.com <BR>
2653 ErrorLog logs/host.foo.com-error_log <BR>
2654 TransferLog logs/host.foo.com-access_log <BR>
2655 </VirtualHost>
2656 </CODE></BLOCKQUOTE>
2658 Each VirtualHost must correspond to a different IP address, different port
2660 different host name for the server, in the former case the server
2661 machine must be configured to accept IP packets for multiple
2662 addresses. (If the machine does not have multiple network interfaces,
2663 then this can be accomplished with the <CODE>ifconfig alias</CODE>
2664 command (if your OS supports it), or with kernel patches like <A
2665 HREF="../misc/vif-info.html">VIF</A> (for SunOS(TM) 4.1.x)).<P>
2667 The special name <CODE>_default_</CODE> can be specified in which case
2668 this virtual host will match any IP address that is not explicitly listed
2669 in another virtual host. In the absence of any _default_ virtual host
2670 the "main" server config, consisting of all those definitions outside
2671 any VirtualHost section, is used when no match occurs.<P>
2673 You can specify a <CODE>:port</CODE> to change the port that is matched.
2674 If unspecified then it defaults to the same port as the most recent
2675 <CODE><A HREF="#port">Port</A></CODE> statement of the main server. You
2676 may also specify <CODE>:*</CODE> to match all ports on that address.
2677 (This is recommended when used with <CODE>_default_</CODE>.)<P>
2679 <STRONG>SECURITY</STRONG>: See the
2680 <A HREF="../misc/security_tips.html">security tips</A>
2681 document for details on why your security could be compromised if
2682 the directory where logfiles are stored is writable by anyone other
2683 than the user that starts the server.
2685 <P><STRONG>NOTE</STRONG>: The use of <VirtualHost> does
2686 <STRONG>not</STRONG> affect what addresses Apache listens on. You may
2687 need to ensure that Apache is listening on the correct addresses using
2688 <A HREF="mpm_common.html#listen">Listen</A>.
2690 <P><STRONG>See also:</STRONG>
2691 <A HREF="../vhosts/">Apache Virtual Host documentation</A><BR>
2692 <STRONG>See also:</STRONG>
2693 <A HREF="../dns-caveats.html">Warnings about DNS and Apache</A><BR>
2694 <STRONG>See also:</STRONG>
2695 <A HREF="../bind.html">Setting which addresses and ports Apache uses</A><BR>
2696 <STRONG>See also</STRONG>: <A HREF="../sections.html">How Directory,
2697 Location and Files sections work</A> for an explanation of how these
2698 different sections are combined when a request is received
2701 <!--#include virtual="footer.html" -->