1 <?xml version='1.0' encoding='UTF-8' ?>
2 <!DOCTYPE manualpage SYSTEM "./style/manualpage.dtd">
3 <?xml-stylesheet type="text/xsl" href="./style/manual.en.xsl"?>
4 <!-- $LastChangedRevision$ -->
7 Licensed to the Apache Software Foundation (ASF) under one or more
8 contributor license agreements. See the NOTICE file distributed with
9 this work for additional information regarding copyright ownership.
10 The ASF licenses this file to You under the Apache License, Version 2.0
11 (the "License"); you may not use this file except in compliance with
12 the License. You may obtain a copy of the License at
14 http://www.apache.org/licenses/LICENSE-2.0
16 Unless required by applicable law or agreed to in writing, software
17 distributed under the License is distributed on an "AS IS" BASIS,
18 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
19 See the License for the specific language governing permissions and
20 limitations under the License.
23 <manualpage metafile="upgrading.xml.meta">
25 <title>Upgrading to 2.4 from 2.2</title>
28 <p>In order to assist folks upgrading, we maintain a document
29 describing information critical to existing Apache HTTP Server users. These
30 are intended to be brief notes, and you should be able to find
31 more information in either the <a
32 href="new_features_2_4.html">New Features</a> document, or in
33 the <code>src/CHANGES</code> file. Application and module developers
34 can find a summary of API changes in the <a href="developer/new_api_2_4.html"
35 >API updates</a> overview.</p>
37 <p>This document describes changes in server behavior that might
38 require you to change your configuration or how you use the server
39 in order to continue using 2.4 as you are currently using 2.2.
40 To take advantage of new features in 2.4, see the New Features
43 <p>This document describes only the changes from 2.2 to 2.4. If you
44 are upgrading from version 2.0, you should also consult the <a
45 href="http://httpd.apache.org/docs/2.2/upgrading.html">2.0 to 2.2
46 upgrading document.</a></p>
49 <seealso><a href="new_features_2_4.html">Overview of new features in
50 Apache HTTP Server 2.4</a></seealso>
52 <section id="compile-time">
53 <title>Compile-Time Configuration Changes</title>
55 <p>The compilation process is very similar to the one used in
56 version 2.2. Your old <code>configure</code> command line (as
57 found in <code>build/config.nice</code> in the installed server
58 directory) can be used in most cases. There are some changes in
59 the default settings. Some details of changes:</p>
62 <li>These modules have been removed: mod_authn_default,
63 mod_authz_default, mod_mem_cache. If you were using
64 mod_mem_cache in 2.2, look at <module>mod_cache_disk</module> in
67 <li>All load balancing implementations have been moved to
68 individual, self-contained mod_proxy submodules, e.g.
69 <module>mod_lbmethod_bybusyness</module>. You might need
70 to build and load any of these that your configuration
73 <li>Platform support has been removed for BeOS, TPF, and
74 even older platforms such as A/UX, Next, and Tandem. These were
75 believed to be broken anyway.</li>
77 <li>configure: dynamic modules (DSO) are built by default</li>
79 <li>configure: By default, only a basic set of modules is loaded. The
80 other <directive>LoadModule</directive> directives are commented
83 <li>configure: the "most" module set gets built by default</li>
85 <li>configure: the "reallyall" module set adds developer modules
91 <section id="run-time">
92 <title>Run-Time Configuration Changes</title>
93 <p>There have been significant changes in authorization configuration,
94 and other minor configuration changes, that could require changes to your 2.2
95 configuration files before using them for 2.4.</p>
98 <title>Authorization</title>
100 <p>Any configuration file that uses authorization will likely
103 <p>You should review the <a href="howto/auth.html">Authentication,
104 Authorization and Access Control Howto</a>, especially the section
105 <a href="howto/auth.html#beyond">Beyond just authorization</a>
106 which explains the new mechanisms for controlling the order in
107 which the authorization directives are applied.</p>
109 <section id="access">
110 <title>Access control</title>
112 <p>In 2.2, access control based on client hostname, IP address,
113 and other characteristics of client requests was done using the
114 directives <directive
115 module="mod_access_compat">Order</directive>, <directive
116 module="mod_access_compat">Allow</directive>, <directive
117 module="mod_access_compat">Deny</directive>, and <directive
118 module="mod_access_compat">Satisfy</directive>.</p>
120 <p>In 2.4, such access control is done in the same way as other
121 authorization checks, using the new module
122 <module>mod_authz_host</module>. The old access control idioms
123 should be replaced by the new authentication mechanisms,
124 although for compatibility with old configurations, the new
125 module <module>mod_access_compat</module> is provided.</p>
127 <p>Here are some examples of old and new ways to do the same
130 <p>In this example, all requests are denied.</p>
132 <title>2.2 configuration:</title>
133 Order deny,allow<br />
137 <title>2.4 configuration:</title>
141 <p>In this example, all requests are allowed.</p>
143 <title>2.2 configuration:</title>
144 Order allow,deny<br />
148 <title>2.4 configuration:</title>
152 <p>In the following example, all hosts in the example.org domain
153 are allowed access; all other hosts are denied access.</p>
156 <title>2.2 configuration:</title>
157 Order Deny,Allow<br />
159 Allow from example.org
162 <title>2.4 configuration:</title>
163 Require host example.org
169 <section id="config">
170 <title>Other configuration changes</title>
172 <p>Some other small adjustments may be necessary for particular
173 configurations as discussed below.</p>
176 <li><directive>MaxRequestsPerChild</directive> has been renamed to
177 <directive module="mpm_common">MaxConnectionsPerChild</directive>,
178 describes more accurately what it does. The old name is still
181 <li><directive>MaxClients</directive> has been renamed to
182 <directive module="mpm_common">MaxRequestWorkers</directive>,
183 which describes more accurately what it does. For async MPMs, like
184 <module>event</module>, the maximum number of clients is not
185 equivalent than the number of worker threads. The old name is still
188 <li>The <directive module="core">DefaultType</directive>
189 directive no longer has any effect, other than to emit a
190 warning if it's used with any value other than
191 <code>none</code>. You need to use other configuration
192 settings to replace it in 2.4.
195 <li><directive module="core">EnableSendfile</directive> now
196 defaults to Off.</li>
198 <li><directive module="core">FileETag</directive> now
199 defaults to "MTime Size" (without INode).</li>
201 <li><module>mod_log_config</module>: <a
202 href="modules/mod_log_config.html#formats">${cookie}C</a>
203 matches whole cookie names. Previously any substring would
206 <li><module>mod_dav_fs</module>: The format of the <directive
207 module="mod_dav_fs">DavLockDB</directive> file has changed for
208 systems with inodes. The old <directive
209 module="mod_dav_fs">DavLockDB</directive> file must be deleted on
213 <li><directive module="core">KeepAlive</directive> only
214 accepts values of <code>On</code> or <code>Off</code>.
215 Previously, any value other than "Off" or "0" was treated as
218 <li>Directives AcceptMutex, LockFile, RewriteLock, SSLMutex,
219 SSLStaplingMutex, and WatchdogMutexPath have been replaced
220 with a single <directive module="core">Mutex</directive>
221 directive. You will need to evaluate any use of these removed
222 directives in your 2.2 configuration to determine if they can
223 just be deleted or will need to be replaced using <directive
224 module="core">Mutex</directive>.</li>
226 <li><module>mod_cache</module>: <directive
227 module="mod_cache">CacheIgnoreURLSessionIdentifiers</directive>
228 now does an exact match against the query string instead of a
229 partial match. If your configuration was using partial
230 strings, e.g. using <code>sessionid</code> to match
231 <code>/someapplication/image.gif;jsessionid=123456789</code>,
232 then you will need to change to the full string
233 <code>jsessionid</code>.
236 <li><module>mod_ldap</module>: <directive
237 module="mod_ldap">LDAPTrustedClientCert</directive> is now
238 consistently a per-directory setting only. If you use this
239 directive, review your configuration to make sure it is
240 present in all the necessary directory contexts.</li>
242 <li><module>mod_filter</module>: <directive
243 module="mod_filter">FilterProvider</directive> syntax has changed and
244 now uses a boolean expression to determine if a filter is applied.
247 <li><module>mod_include</module>:
249 <li>The <code>#if expr</code> element now uses the new <a
250 href="expr.html">expression parser</a>. The old syntax can be
251 restored with the new directive <directive module="mod_include"
252 >SSILegacyExprParser</directive>.
254 <li>An SSI* config directive in directory scope no longer causes
255 all other per-directory SSI* directives to be reset to their
260 <li><module>mod_charset_lite</module>: The <code>DebugLevel</code>
261 option has been removed in favour of per-module <directive
262 module="core">LogLevel</directive> configuration.
265 <li><module>mod_ext-filter</module>: The <code>DebugLevel</code>
266 option has been removed in favour of per-module <directive
267 module="core">LogLevel</directive> configuration.
270 <li><module>mod_ssl</module>: CRL based revocation checking
271 now needs to be explicitly configured through <directive
272 module="mod_ssl">SSLCARevocationCheck</directive>.
275 <li><module>mod_substitute</module>: The maximum line length is now
279 <li><module>mod_reqtimeout</module>: If the module is loaded, it
280 will now set some default timeouts.</li>
287 <title>Misc Changes</title>
290 <li><module>mod_autoindex</module>: will now extract titles and
291 display descriptions for .xhtml files, which were previously
294 <li><module>mod_ssl</module>: The default format of the <code>*_DN</code>
295 variables has changed. The old format can still be used with the new
296 <code>LegacyDNStringFormat</code> argument to <directive
297 module="mod_ssl">SSLOptions</directive>. The SSLv2 protocol is
298 no longer supported.</li>
300 <li><program>htpasswd</program> now uses MD5 hash by default on
303 <li>The <directive module="core">NameVirtualHost</directive>
304 directive no longer has any effect, other than to emit a
305 warning. Any address/port combination appearing in multiple
306 virtual hosts is implicitly treated as a name-based virtual host.
309 <li><module>mod_deflate</module> will now skip compression if it knows
310 that the size overhead added by the compression is larger than the data
314 <li>Multi-language error documents from 2.2.x may not work unless
315 they are adjusted to the new syntax of <module>mod_include</module>'s
316 <code>#if expr=</code> element or the directive
317 <directive module="mod_include">SSILegacyExprParser</directive> is
318 enabled for the directory containing the error documents.
325 <section id="third-party">
326 <title>Third Party Modules</title>
327 <p>All modules must be recompiled for 2.4 before being loaded.</p>
329 <p>Many third-party modules designed for version 2.2 will
330 otherwise work unchanged with the Apache HTTP Server version 2.4.
331 Some will require changes; see the <a href="developer/new_api_2_4.html">API
332 update</a> overview.</p>
335 <section id="commonproblems">
336 <title>Common problems when upgrading</title>
337 <ul><li>Startup errors:
339 <li><code>Invalid command 'User', perhaps misspelled or defined by a module not included in the server configuration</code> - load module <module>mod_unixd</module></li>
340 <li><code>Invalid command 'Require', perhaps misspelled or defined by a module not included in the server configuration</code>, or
341 <code>Invalid command 'Order', perhaps misspelled or defined by a module not included in the server configuration</code>
342 - load module <module>mod_access_compat</module>, or update configuration to 2.4 authorization directives.</li>
343 <li><code>Ignoring deprecated use of DefaultType in line NN of /path/to/httpd.conf</code> - remove <directive module="core">DefaultType</directive>
344 and replace with other configuration settings.</li>
346 <li>Errors serving requests:
348 <li><code>configuration error: couldn't check user: /path</code> -
349 load module <module>mod_authn_core</module>.</li>