core - Apache HTTP Server

Description:	Individual directives that are allowed in +`.htaccess` files
Syntax:	`AllowOverrideList None\|directive +[directive-type] ...`
Default:	`AllowOverrideList None`
Context:	directory
Status:	Core
Module:	core

Description:	Base directory for the server run-time files
Syntax:	`DefaultRuntimeDir directory-path`
Default:	`DefaultRuntimeDir DEFAULT_REL_RUNTIMEDIR (logs/)`
Context:	server config
Status:	Core
Module:	core

ErrorLogFormat Directive

- + @@ -1282,14 +1435,16 @@ in case of an error supplementary information is logged in the error log in addition to the actual log message.

Simple example

- ErrorLogFormat "[%t] [%l] [pid %P] %F: %E: [client %a] %M" -

+#Simple example
+ErrorLogFormat "[%t] [%l] [pid %P] %F: %E: [client %a] %M"
+

Specifying connection or request as first parameter allows to specify additional formats, causing additional information to be logged when the first message is logged for a specific - connection or request, respectivly. This additional information is only + connection or request, respectively. This additional information is only logged once per connection/request. If a connection or request is processed without causing any log message, the additional information is not logged either.

@@ -1298,77 +1453,103 @@ in case of an error example, the Referer header is only present if the log message is associated to a request and the log message happens at a time when the Referer header has already been read from the client. If no output is - produced, the default behaviour is to delete everything from the preceeding + produced, the default behavior is to delete everything from the preceding space character to the next space character. This means the log line is implicitly divided into fields on non-whitespace to whitespace transitions. If a format string item does not produce output, the whole field is - ommitted. For example, if the remote address %a in the log + omitted. For example, if the remote address %a in the log format [%t] [%l] [%a] %M is not available, the surrounding brackets are not logged either. Space characters can be escaped with a backslash to prevent them from delimiting a field. The combination '% ' - (percent space) is a zero-witdh field delimiter that does not produce any + (percent space) is a zero-width field delimiter that does not produce any output.

The above behaviour can be changed by adding modifiers to the format +

The above behavior can be changed by adding modifiers to the format string item. A - (minus) modifier causes a minus to be logged if the respective item does not produce any output. In once-per-connection/request formats, it is also possible to use the + (plus) modifier. If an item with the plus modifier does not produce any output, the whole line is - ommitted.

+ omitted.

A number as modifier can be used to assign a log severity level to a format item. The item will only be logged if the severity of the log message is not higher than the specified log severity level. The number can range from 1 (alert) over 4 (warn) and 7 (debug) to 15 (trace8).

For example, here's what would happen if you added modifiers to + the %{Referer}i token, which logs the + Referer request header.

+ +

Description:	Format specification for error log entries
Syntax:	`ErrorLog [connection\|request] format`
Syntax:	`ErrorLogFormat [connection\|request] format`
Context:	server config, virtual host
Status:	Core
Module:	core

+ + + + + + + + + + + + +

Modified Token	Meaning
`%-{Referer}i`	Logs a `-` if `Referer` is not set.
`%+{Referer}i`	Omits the entire line if `Referer` is not set.
`%4{Referer}i`	Logs the `Referer` only if the log message severity + is higher than 4.

Some format string items accept additional parameters in braces.

- - - + + + + + - - - + + + - + - - - + + + - + - + - + - + - + - + - - - + + + - + - + + + - + - + - + - + @@ -1386,24 +1567,37 @@ in case of an error with error log lines. If mod_unique_id is loaded, its unique id will be used as log ID for requests.

Example (somewhat similar to default format)

- ErrorLogFormat "[%{u}t] [%-m:%l] [pid %P] %7F: %E: [client\ %a] - %M% ,\ referer\ %{Referer}i" -

+#Example (default format)
+ErrorLogFormat "[%{u}t] [%-m:%l] [pid %P:tid %T] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i"
+

Example (similar to the 2.2.x format)

- ErrorLogFormat "[%t] [%l] %7F: %E: [client\ %a] - %M% ,\ referer\ %{Referer}i" -

Advanced example with request/connection log IDs

- ErrorLogFormat "[%{uc}t] [%-m:%-l] [R:%L] [C:%{C}L] %7F: %E: %M" - ErrorLogFormat request "[%{uc}t] [R:%L] Request %k on C:%{c}L pid:%P tid:%T" - ErrorLogFormat request "[%{uc}t] [R:%L] UA:'%+{User-Agent}i'" - ErrorLogFormat request "[%{uc}t] [R:%L] Referer:'%+{Referer}i'" - ErrorLogFormat connection "[%{uc}t] [C:%{c}L] local\ %a remote\ %A" +

This would result in error messages such as:


+
+	
+    [Thu May 12 08:28:57.652118 2011] [core:error] [pid 8777:tid 4326490112] [client ::1:58619] File does not exist: /usr/local/apache2/htdocs/favicon.ico
     
 
+    Notice that, as discussed above, some fields are omitted
+    entirely because they are not defined.
+
+    +#Example (similar to the 2.2.x format)
+ErrorLogFormat "[%t] [%l] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i"
+    
+
+
+    +#Advanced example with request/connection log IDs
+ErrorLogFormat "[%{uc}t] [%-m:%-l] [R:%L] [C:%{C}L] %7F: %E: %M"
+ErrorLogFormat request "[%{uc}t] [R:%L] Request %k on C:%{c}L pid:%P tid:%T"
+ErrorLogFormat request "[%{uc}t] [R:%L] UA:'%+{User-Agent}i'"
+ErrorLogFormat request "[%{uc}t] [R:%L] Referer:'%+{Referer}i'"
+ErrorLogFormat connection "[%{uc}t] [C:%{c}L] local\ %a remote\ %A"
+    
+
+
 
 See also
 
@@ -1452,11 +1646,13 @@ request

Format String	Description
`%%`	The percent sign
`%...a`	Remote IP-address and port
`%...A`
`%a`	Client IP address and port of the request
`%{c}a`	Underlying peer IP address and port of the connection (see the + `mod_remoteip` module)
`%A`	Local IP-address and port
`%...{name}e`	Request environment variable `name`
`%...E`
`%{name}e`	Request environment variable name
`%E`	APR/OS error status code and string
`%...F`
`%F`	Source file name and line number of the log call
`%...{name}i`	Request header `name`
`%...k`
`%{name}i`	Request header name
`%k`	Number of keep-alive requests on this connection
`%...l`
`%l`	Loglevel of the message
`%...L`
`%L`	Log ID of the request
`%...{c}L`
`%{c}L`	Log ID of the connection
`%...{C}L`
`%{C}L`	Log ID of the connection if used in connection scope, empty otherwise
`%...m`
`%m`	Name of the module logging the message
`%M`
`%M`	The actual log message
`%...{name}n`	Request note `name`
`%...P`
`%{name}n`	Request note name
`%P`	Process ID of current process
`%...T`
`%T`	Thread ID of current thread
`%...t`
`%{g}T`	System unique thread ID of current thread (the same ID as + displayed by e.g. `top`; currently Linux only)
`%t`	The current time
`%...{u}t`
`%{u}t`	The current time including micro-seconds
`%...{cu}t`
`%{cu}t`	The current time in compact ISO 8601 format, including micro-seconds
`%...v`
`%v`	The canonical `ServerName` of the current server.
`%...V`
`%V`	The server name of the server serving the request according to the `UseCanonicalName` setting.
Description:	File attributes used to create the ETag HTTP response header for static files
Syntax:	`FileETag component ...`
Default:	`FileETag INode MTime Size`
Default:	`FileETag MTime Size`
Context:	server config, virtual host, directory, .htaccess
Override:	FileInfo
Status:	Core
Module:	core
Compatibility:	The default used to be "INode MTime Size" in 2.3.14 and +earlier.


     
     The FileETag directive configures the file
@@ -1477,7 +1673,8 @@ HTTP response header for static files
      
The number of bytes in the file will be included
      All
      All available fields will be used. This is equivalent to:
-         FileETag INode MTime Size
+         FileETag INode MTime Size
+
      None
      If a document is file-based, no ETag field will be
        included in the response
@@ -1498,7 +1695,7 @@ HTTP response header for static files
     Warning
     Do not change the default for directories or locations that have WebDAV
     enabled and use mod_dav_fs as a storage provider.
-    mod_dav_fs uses INode MTime Size
+    mod_dav_fs uses MTime Size
     as a fixed format for ETag comparisons on conditional requests.
     These conditional requests will break if the ETag format is
     changed via FileETag.
@@ -1539,14 +1736,27 @@ filenames
 
     The filename argument should include a filename, or
     a wild-card string, where ? matches any single character,
-    and * matches any sequences of characters.
-    Regular expressions
+    and * matches any sequences of characters.
+    +<Files "cat.html">
+    # Insert stuff that applies to cat.html here
+</Files>
+
+<Files "?at.*">
+    # This would apply to cat.html, bat.html, hat.php and so on.
+</Files>
+
+
+    Regular expressions
     can also be used, with the addition of the
     ~ character. For example:
 
-    
-      <Files ~ "\.(gif|jpe?g|png)$">
-    
+    +<Files ~ "\.(gif|jpe?g|png)$">
+    #...
+</Files>
+
+
 
     would match most common Internet graphics formats. <FilesMatch> is preferred,
     however.
@@ -1580,9 +1790,12 @@ filenames
     does. However, it accepts a regular
     expression. For example:
 
-    
-      <FilesMatch "\.(gif|jpe?g|png)$">
-    
++<FilesMatch "\.(gif|jpe?g|png)$">
+    # ...
+</FilesMatch>
+
+
 
     would match most common Internet graphics formats.
 
@@ -1615,9 +1828,8 @@ media type in the HTTP Content-Type header field
     GIF files, but did not want to label them all with .gif,
     you might want to use:
 
-    
-      ForceType image/gif
-    
+    ForceType image/gif
+
 
     Note that this directive overrides other indirect media type
     associations defined in mime.types or via the
@@ -1627,21 +1839,18 @@ media type in the HTTP Content-Type header field
     ForceType settings
     by using the value of None:
 
-    
-      # force all files to be image/gif:

-      <Location /images>

-        
-          ForceType image/gif

-        
-      </Location>

-      

-      # but normal mime-type associations here:

-      <Location /images/mixed>

-      
-        ForceType None

-      
-      </Location>
-    
+    +# force all files to be image/gif:
+<Location /images>
+  ForceType image/gif
+</Location>
+
+# but normal mime-type associations here:
+<Location /images/mixed>
+  ForceType None
+</Location>
+    
+
 
     This directive primarily overrides the content types generated for
     static files served out of the filesystem.  For resources other than
@@ -1659,7 +1868,7 @@ media type in the HTTP Content-Type header field
 Status:Core
 Module:core
 
-    
When the server has been compiled with gprof profiling suppport,
+    
When the server has been compiled with gprof profiling support,
     GprofDir causes gmon.out files to
     be written to the specified directory when the process exits.  If the
     argument ends with a percent symbol ('%'), subdirectories are created
@@ -1709,6 +1918,10 @@ media type in the HTTP Content-Type header field
     directory, can be used to look up host names from logged IP addresses
     offline.
 
+    Finally, if you have hostname-based Require
+    directives, a hostname lookup will be performed regardless of
+    the setting of HostnameLookups.
+
 
 
 <If> Directive
@@ -1726,9 +1939,8 @@ satisfied by a request at runtime
     directives if and only if the expression evaluates to true.
     For example:
 
-    
-        <If "-z req('Host')">
-    
+    <If "-z req('Host')">
+
 
     would match HTTP/1.0 requests without a Host: header.
     Expressions may contain various shell-like operators for string
@@ -1737,9 +1949,8 @@ satisfied by a request at runtime
     and others (-n, -z, -f, ...).
     It is also possible to use regular expressions, 
 
-    
-        <If "%{QUERY_STRING =~ /(delete|commit)=.*?elem/">
-    
+    <If "%{QUERY_STRING} =~ /(delete|commit)=.*?elem/">
+
 
     shell-like pattern matches and many other operations. These operations
     can be done on request headers (req), environment variables
@@ -1803,32 +2014,23 @@ if a test is true at startup
     nest-able, which can be used to implement simple
     multiple-parameter tests. Example:
 
-    
-      httpd -DReverseProxy -DUseCache -DMemCache ...

-      

-      # httpd.conf

-      <IfDefine ReverseProxy>

-      
-        LoadModule proxy_module   modules/mod_proxy.so

-        LoadModule proxy_http_module   modules/mod_proxy_http.so

-        <IfDefine UseCache>

-        
-          LoadModule cache_module   modules/mod_cache.so

-          <IfDefine MemCache>

-          
-            LoadModule mem_cache_module   modules/mod_mem_cache.so

-          
-          </IfDefine>

-          <IfDefine !MemCache>

-          
-            LoadModule cache_disk_module   modules/mod_cache_disk.so

-          
-          </IfDefine>
-        
-        </IfDefine>
-      
-      </IfDefine>
-    
+    httpd -DReverseProxy -DUseCache -DMemCache ...
+    +<IfDefine ReverseProxy>
+  LoadModule proxy_module   modules/mod_proxy.so
+  LoadModule proxy_http_module   modules/mod_proxy_http.so
+  <IfDefine UseCache>
+    LoadModule cache_module   modules/mod_cache.so
+    <IfDefine MemCache>
+      LoadModule mem_cache_module   modules/mod_mem_cache.so
+    </IfDefine>
+    <IfDefine !MemCache>
+      LoadModule cache_disk_module   modules/mod_cache_disk.so
+    </IfDefine>
+  </IfDefine>
+</IfDefine>
+    
+
 
 
 
@@ -1889,7 +2091,7 @@ later.
 
-
+
@@ -1910,72 +2112,71 @@ wildcard matching available in 2.3.6 and later
     wildcard syntax shown below, to include files that match a particular
     pattern, such as *.conf, for example.
 
-    When a wildcard is specified for a file component of
-    the path, and no file matches the wildcard, the
-    Include
-    directive will be silently ignored. When a wildcard is
-    specified for a directory component of the path, and
-    no directory matches the wildcard, the
-    Include directive will
-    fail with an error saying the directory cannot be found.
-    
-
-    For further control over the behaviour of the server when no files or
-    directories match, prefix the path with the modifiers optional
-    or strict. If optional is specified, any wildcard
-    file or directory that does not match will be silently ignored. If
-    strict is specified, any wildcard file or directory that does
-    not match at least one file will cause server startup to fail.
-
-    When a directory or file component of the path is
-    specified exactly, and that directory or file does not exist,
-    Include directive will fail with an
-    error saying the file or directory cannot be found.
+    The Include directive will
+    fail with an error if a wildcard expression does not
+    match any file. The IncludeOptional
+    directive can be used if non-matching wildcards should be ignored.
The file path specified may be an absolute path, or may be relative
     to the ServerRoot directory.
Examples:
 
-    
-      Include /usr/local/apache2/conf/ssl.conf

-      Include /usr/local/apache2/conf/vhosts/*.conf
-    
+    +Include /usr/local/apache2/conf/ssl.conf
+Include /usr/local/apache2/conf/vhosts/*.conf
+    
+
 
     Or, providing paths relative to your ServerRoot directory:
 
-    
-      Include conf/ssl.conf

-      Include conf/vhosts/*.conf
-    
+    +Include conf/ssl.conf
+Include conf/vhosts/*.conf
+    
+
 
     Wildcards may be included in the directory or file portion of the
-    path. In the following example, the server will fail to load if no
-    directories match conf/vhosts/*, but will load successfully if no
-    files match *.conf.
+    path. This example will fail if there is no subdirectory in conf/vhosts
+    that contains at least one *.conf file:
 
-    
-      Include conf/vhosts/*/vhost.conf

-      Include conf/vhosts/*/*.conf
-    
+    Include conf/vhosts/*/*.conf
 
-    In this example, the server will fail to load if either
-    conf/vhosts/* matches no directories, or if *.conf matches no files:
 
-    
-      Include strict conf/vhosts/*/*.conf
-    
+    Alternatively, the following command will just be ignored in case of
+    missing files or directories:
+
+    IncludeOptional conf/vhosts/*/*.conf
 
-    In this example, the server load successfully if either conf/vhosts/*
-    matches no directories, or if *.conf matches no files:
 
-    
-      Include optional conf/vhosts/*/*.conf
-    
 
+See also
+
+IncludeOptional
+apachectl
+
+
+
+IncludeOptional Directive
+

 Description: Includes other configuration files from within
 the server configuration files
Syntax: Include [optional|strict] file-path|directory-path|wildcard
Syntax: Include file-path|directory-path|wildcard
 Context: server config, virtual host, directory
 Status: Core
 Module: core
 
     
 
     
+
+
+
+
+
+
+Description: Includes other configuration files from within
+the server configuration files
Syntax: IncludeOptional file-path|directory-path|wildcard
Context: server config, virtual host, directory
Status: Core
Module: core
Compatibility: Available in 2.3.6 and later
+    This directive allows inclusion of other configuration files
+    from within the server configuration files. It works identically to the
+    Include directive, with the
+    exception that if wildcards do not match any file or directory, the
+    IncludeOptional directive will be
+    silently ignored instead of causing an error.
 
 See also
 
+Include
 apachectl

Description:	Includes other configuration files from within the server configuration files
Syntax:	`Include [optional\|strict] file-path\|directory-path\|wildcard`
Syntax:	`Include file-path\|directory-path\|wildcard`
Context:	server config, virtual host, directory
Status:	Core
Module:	core

Description:	Includes other configuration files from within +the server configuration files
Syntax:	`IncludeOptional file-path\|directory-path\|wildcard`
Context:	server config, virtual host, directory
Status:	Core
Module:	core
Compatibility:	Available in 2.3.6 and later

The method names listed can be one or more of: GET, POST, PUT, DELETE, @@ -2114,18 +2314,15 @@ methods Require group editors directive will be ignored in all cases:

For a full description of how this directive is interpreted by proxy requests, see the mod_proxy documentation.

@@ -2279,14 +2473,13 @@ will be accepted from the client

For example:

- LimitRequestFields 50 -

LimitRequestFields 50

Warning

When name-based virtual hosting is used, the value for this directive is taken from the default (first-listed) virtual host for the - local IP and port combination

. + local IP and port combination.

@@ -2306,7 +2499,7 @@ client that will be allowed in an HTTP request header.

The LimitRequestFieldSize directive - allows the server administrator to reduce or increase the limit + allows the server administrator to set the limit on the allowed size of an HTTP request header field. A server needs this value to be large enough to hold any one header field from a normal client request. The size of a normal request header @@ -2321,16 +2514,15 @@ client

For example:

- LimitRequestFieldSize 4094 -

LimitRequestFieldSize 4094

Under normal conditions, the value should not be changed from the default.

Warning

When name-based virtual hosting is used, the value for this - directive is taken from the default (first-listed) virtual host best + directive is taken from the default (first-listed) virtual host best matching the current IP address and port combination.

@@ -2350,7 +2542,7 @@ from the client allowed on the HTTP request-line.

The LimitRequestLine directive allows - the server administrator to reduce or increase the limit on the allowed size + the server administrator to set the limit on the allowed size of a client's HTTP request-line. Since the request-line consists of the HTTP method, URI, and protocol version, the LimitRequestLine directive places a @@ -2365,16 +2557,16 @@ from the client

For example:

- LimitRequestLine 4094 -

LimitRequestLine 4094

Under normal conditions, the value should not be changed from - the default.

+ the default. Also, you can't set this higher than 8190 without + modifying the source and rebuilding.

In the example below, where a trailing slash is used, requests to /private2/ and /private2/file.txt will have the enclosed directives applied, but /private2 and /private2other would not.

When to use `<Location>`

@@ -2484,9 +2679,12 @@ URLs can also be used, with the addition of the ~ character. For example:

- <Location ~ "/(extra|special)/data"> -

+<Location ~ "/(extra|special)/data">
+    #...
+</Location>
+

would match URLs that contained the substring /extra/data or /special/data. The directive <LocationMatch> behaves @@ -2500,14 +2698,13 @@ URLs directive. For example, to enable status requests, but allow them only from browsers at example.com, you might use:

- <Location /status> - - SetHandler server-status - Require host example.com - - </Location> -

+<Location /status>
+  SetHandler server-status
+  Require host example.com
+</Location>
+

Note about / (slash)

The slash character has special meaning depending on where in a @@ -2553,9 +2750,12 @@ matching URLs it takes a regular expression as an argument instead of a simple string. For example:

- <LocationMatch "/(extra|special)/data"> -

+<LocationMatch "/(extra|special)/data">
+    # ...
+</LocationMatch>
+

would match URLs that contained the substring /extra/data or /special/data.

@@ -2731,9 +2931,8 @@ matching URLs

For example:

- LogLevel notice -

LogLevel notice

Note

When logging to a regular file messages of the level @@ -2750,20 +2949,22 @@ matching URLs as module specification. This means the following three specifications are equivalent:

- LogLevel info ssl:warn - LogLevel info mod_ssl.c:warn - LogLevel info ssl_module:warn -

+LogLevel info ssl:warn
+LogLevel info mod_ssl.c:warn
+LogLevel info ssl_module:warn
+

It is also possible to change the level per directory:

- LogLevel info - <Directory /usr/local/apache/htdocs/app> - LogLevel debug - </Files> -

+LogLevel info
+<Directory "/usr/local/apache/htdocs/app">
+  LogLevel debug
+</Directory>
+

Per directory loglevel configuration only affects messages that are @@ -2793,9 +2994,110 @@ connection

For example:

- MaxKeepAliveRequests 500 -

MaxKeepAliveRequests 500

+ + +

MaxRangeOverlaps Directive

+ + + + + + + + +

Description:	Number of overlapping ranges (eg: `100-200,150-300`) allowed before returning the complete + resource
Syntax:	`MaxRangeOverlaps default \| unlimited \| none \| number-of-ranges`
Default:	`MaxRangeOverlaps 20`
Context:	server config, virtual host, directory
Status:	Core
Module:	core
Compatibility:	Available in Apache HTTP Server 2.3.15 and later

The MaxRangeOverlaps directive + limits the number of overlapping HTTP ranges the server is willing to + return to the client. If more overlapping ranges then permitted are requested, + the complete resource is returned instead.

+ +

default: Limits the number of overlapping ranges to a compile-time default of 20.
none: No overlapping Range headers are allowed.
unlimited: The server does not limit the number of overlapping ranges it is + willing to satisfy.
number-of-ranges: A positive number representing the maximum number of overlapping ranges the + server is willing to satisfy.

+ +

MaxRangeReversals Directive

+ + + + + + + + +

Description:	Number of range reversals (eg: `100-200,50-70`) allowed before returning the complete + resource
Syntax:	`MaxRangeReversals default \| unlimited \| none \| number-of-ranges`
Default:	`MaxRangeReversals 20`
Context:	server config, virtual host, directory
Status:	Core
Module:	core
Compatibility:	Available in Apache HTTP Server 2.3.15 and later

The MaxRangeReversals directive + limits the number of HTTP Range reversals the server is willing to + return to the client. If more ranges reversals then permitted are requested, + the complete resource is returned instead.

+ +

default: Limits the number of range reversals to a compile-time default of 20.
none: No Range reversals headers are allowed.
unlimited: The server does not limit the number of range reversals it is + willing to satisfy.
number-of-ranges: A positive number representing the maximum number of range reversals the + server is willing to satisfy.

+ +

MaxRanges Directive

+ + + + + + + + +

Description:	Number of ranges allowed before returning the complete +resource
Syntax:	`MaxRanges default \| unlimited \| none \| number-of-ranges`
Default:	`MaxRanges 200`
Context:	server config, virtual host, directory
Status:	Core
Module:	core
Compatibility:	Available in Apache HTTP Server 2.3.15 and later

The MaxRanges directive + limits the number of HTTP ranges the server is willing to + return to the client. If more ranges then permitted are requested, + the complete resource is returned instead.

+ +

default: Limits the number of ranges to a compile-time default of 200.
none: Range headers are ignored.
unlimited: The server does not limit the number of ranges it is + willing to satisfy.
number-of-ranges: A positive number representing the maximum number of ranges the + server is willing to satisfy.

@@ -2929,9 +3231,11 @@ or specified mutexes

With the file-based mechanisms fcntl and flock, the path, if provided, is a directory where the lock file will be created. - The default directory is httpd's run-time file directory relative to - ServerRoot. Always use a local disk - filesystem for /path/to/mutex and never a directory residing + The default directory is httpd's run-time file directory, + DefaultRuntimeDir. If a relative + path is provided, it is relative to + DefaultRuntimeDir. Always use a local + disk filesystem for /path/to/mutex and never a directory residing on a NFS- or AFS-filesystem. The basename of the file will be the mutex type, an optional instance string provided by the module, and unless the OmitPID keyword is specified, the process id of the httpd @@ -3013,16 +3317,17 @@ or specified mutexes /var/httpd/locks. The mutex mechanism for all other mutexes will be changed from the compiled-in default to sysvsem.

- Mutex default sysvsem - Mutex mpm-accept fcntl:/var/httpd/locks -

+Mutex sysvsem default
+Mutex fcntl:/var/httpd/locks mpm-accept
+

NameVirtualHost Directive

- @@ -3084,9 +3389,11 @@ directory

Even though the server follows the symlink it does not change the pathname used to match against <Directory> sections.

Note also, that this option gets ignored if set - inside a <Location> - section.

+ +

The FollowSymLinks and + SymLinksIfOwnerMatch Options work only in <Directory> sections or + .htaccess files.

Omitting this option should not be considered a security restriction, since symlink testing is subject to race conditions that make it circumventable.

@@ -3134,12 +3441,15 @@ directory target file or directory is owned by the same user id as the link. -

Note

This option gets ignored if - set inside a <Location> section.

Note

The FollowSymLinks and + SymLinksIfOwnerMatch Options work only in <Directory> sections or + .htaccess files.

This option should not be considered a security restriction, since symlink testing is subject to race conditions that make it - circumventable.

- + circumventable.

Normally, if multiple Options could @@ -3161,38 +3471,32 @@ directory

For example, without any + and - symbols:

- <Directory /web/docs> - - Options Indexes FollowSymLinks - - </Directory> - - <Directory /web/docs/spec> - - Options Includes - - </Directory> -

+<Directory "/web/docs">
+  Options Indexes FollowSymLinks
+</Directory>
+
+<Directory "/web/docs/spec">
+  Options Includes
+</Directory>
+

then only Includes will be set for the /web/docs/spec directory. However if the second Options directive uses the + and - symbols:

- <Directory /web/docs> - - Options Indexes FollowSymLinks - - </Directory> - - <Directory /web/docs/spec> - - Options +Includes -Indexes - - </Directory> -

+<Directory "/web/docs">
+  Options Indexes FollowSymLinks
+</Directory>
+
+<Directory "/web/docs/spec">
+  Options +Includes -Indexes
+</Directory>
+

then the options FollowSymLinks and Includes are set for the /web/docs/spec @@ -3228,17 +3532,33 @@ On Windows from Apache 2.3.3 and later.

For example, if you are running https on a non-standard port, specify the protocol explicitly:

- Protocol https -

Protocol https

You can also specify the protocol using the Listen directive.

RegisterHttpMethod Directive

Description:	Designates an IP address for name-virtual +
Description:	DEPRECATED: Designates an IP address for name-virtual hosting
Syntax:	`NameVirtualHost addr[:port]`
Context:	server config

+ + + + + +

Description:	Register non-standard HTTP methods
Syntax:	`RegisterHttpMethod method [method [...]]`
Context:	server config
Status:	Core
Module:	core

HTTP Methods that are not conforming to the relvant RFCs are normally +rejected by request processing in Apache HTTPD. To avoid this, modules +can register non-standard HTTP methods they support. +The RegisterHttpMethod allows to register such +methods manually. This can be useful for if such methods are forwared +for external processing, e.g. to a CGI script.

RLimitCPU Directive

@@ -3377,15 +3697,13 @@ later by the shebang line (first line, starting with #!) in the script. On Win32 systems this line usually looks like:

- #!C:/Perl/bin/perl.exe -

#!C:/Perl/bin/perl.exe

or, if perl is in the PATH, simply:

- #!perl -

#!perl

Setting ScriptInterpreterSource Registry will cause the Windows Registry tree HKEY_CLASSES_ROOT to be @@ -3479,9 +3797,8 @@ messages sent to the client

It may be worth setting up a dedicated address for this, e.g.

- ServerAdmin www-admin@foo.example.com -

ServerAdmin www-admin@foo.example.com

as users do not always mention that they are talking about the server!

@@ -3500,15 +3817,25 @@ to name-virtual hosts alternate names for a host, for use with name-based virtual hosts. The ServerAlias may include wildcards, if appropriate.

- <VirtualHost *:80> - ServerName server.example.com - ServerAlias server server2.example.com server2 - ServerAlias *.example.com - UseCanonicalName Off - # ... - </VirtualHost> -

+<VirtualHost *:80>
+  ServerName server.example.com
+  ServerAlias server server2.example.com server2
+  ServerAlias *.example.com
+  UseCanonicalName Off
+  # ...
+</VirtualHost>
+

+ + +

Name-based virtual hosts for the best-matching set of <virtualhost>s are processed + in the order they appear in the configuration. The first matching ServerName or ServerAlias is used, with no different precedence for wildcards + (nor for ServerName vs. ServerAlias).

+ +

The complete list of names in the VirtualHost + directive are treated just like a (non wildcard) + ServerAlias.

Example

- ServerRoot /home/httpd -

ServerRoot "/home/httpd"

The default location of ServerRoot may be + modified by using the --prefix argument to + configure, and + most third-party distributions of the server have a different + default location from the one listed above.

ServerTokens Full (or not specified): Server sends (e.g.): Server: Apache/2.4.1 +; Server sends (e.g.): Server: Apache/2.4.2 (Unix) PHP/4.2.2 MyMod/1.2
ServerTokens Prod[uctOnly]
ServerTokens Min[imal]: Server sends (e.g.): Server: - Apache/2.4.1
ServerTokens OS: Server sends (e.g.): Server: Apache/2.4.1 +; Server sends (e.g.): Server: Apache/2.4.2 (Unix)


@@ -3778,29 +4109,37 @@ handler
     of extension, you might put the following into an
     .htaccess file in that directory:
 
-    
-      SetHandler imap-file
-    
+    SetHandler imap-file
+
 
     Another example: if you wanted to have the server display a
     status report whenever a URL of
     http://servername/status was called, you might put
     the following into httpd.conf:
 
-    
-      <Location /status>

-      
-        SetHandler server-status

-      
-      </Location>
-    
+    +<Location "/status">
+  SetHandler server-status
+</Location>
+    
+
+
+    You could also use this directive to configure a particular
+    handler for files with a particular file extension. For example:
+
+    +<FilesMatch \.php$>
+    SetHandler application/x-httpd-php
+</FilesMatch>
+    
+
 
     You can override an earlier defined SetHandler
     directive by using the value None.
 
     Note
     Because SetHandler overrides default handlers,
-    normal behaviour such as handling of URLs ending in a slash (/) as
+    normal behavior such as handling of URLs ending in a slash (/) as
     directories or index files is suppressed.
 
 See also
@@ -3857,13 +4196,12 @@ server
     in the /www/data/ directory for server-side
     includes.
 
-    
-      <Directory /www/data/>

-      
-        SetOutputFilter INCLUDES

-      
-      </Directory>
-    
+    +<Directory "/www/data/">
+  SetOutputFilter INCLUDES
+</Directory>
+    
+
 
     If more than one filter is specified, they must be separated
     by semicolons in the order in which they should process the
@@ -3880,7 +4218,7 @@ server
 Description:Amount of time the server will wait for
 certain events before failing a request
 Syntax:TimeOut seconds
-Default:TimeOut 300
+Default:TimeOut 60
 Context:server config, virtual host
 Status:Core
 Module:core
@@ -3913,7 +4251,7 @@ certain events before failing a request
 

 TraceEnable Directive
 
-
+
@@ -3937,6 +4275,13 @@ certain events before failing a request
     reflect the full headers and all chunk headers with the response
     body.  As a proxy server, the request body is not restricted to 64k.
 
+    Note
+    Despite claims to the contrary, TRACE is not
+    a security vulnerability and there is no viable reason for
+    it to be disabled. Doing so necessarily makes your server
+    non-compliant.
+    
+
 
UnDefine Directive
@@ -3990,8 +4335,8 @@ port
     http://www.example.com/splat/. If you have
     authentication enabled, this will cause the user to have to
     authenticate twice (once for www and once again
-    for www.example.com -- see the
-    FAQ on this subject for more information). But if
+    for www.example.com -- see 
+    the FAQ on this subject for more information). But if
     UseCanonicalName is set Off, then
     Apache httpd will redirect to http://www/splat/.
 
@@ -4100,41 +4445,39 @@ hostname or IP address
       A fully qualified domain name for the IP address of the
       virtual host (not recommended);
 
-      The character *, which acts as a wildcard and matches 
+      
The character *, which acts as a wildcard and matches
       any IP address.
-  
+
       The string _default_, which is an alias for *
 
     
 
-    Example

-      <VirtualHost 10.1.2.3:80>

-      
-        ServerAdmin webmaster@host.example.com

-        DocumentRoot /www/docs/host.example.com

-        ServerName host.example.com

-        ErrorLog logs/host.example.com-error_log

-        TransferLog logs/host.example.com-access_log

-      
-      </VirtualHost>
-    
+    +<VirtualHost 10.1.2.3:80>
+  ServerAdmin webmaster@host.example.com
+  DocumentRoot /www/docs/host.example.com
+  ServerName host.example.com
+  ErrorLog logs/host.example.com-error_log
+  TransferLog logs/host.example.com-access_log
+</VirtualHost>
+    
+
 
 
     IPv6 addresses must be specified in square brackets because
     the optional port number could not be determined otherwise.  An
     IPv6 example is shown below:
 
-    
-      <VirtualHost [2001:db8::a00:20ff:fea7:ccea]:80>

-      
-        ServerAdmin webmaster@host.example.com

-        DocumentRoot /www/docs/host.example.com

-        ServerName host.example.com

-        ErrorLog logs/host.example.com-error_log

-        TransferLog logs/host.example.com-access_log

-      
-      </VirtualHost>
-    
+    +<VirtualHost [2001:db8::a00:20ff:fea7:ccea]:80>
+  ServerAdmin webmaster@host.example.com
+  DocumentRoot /www/docs/host.example.com
+  ServerName host.example.com
+  ErrorLog logs/host.example.com-error_log
+  TransferLog logs/host.example.com-access_log
+</VirtualHost>
+    
+
 
     Each Virtual Host must correspond to a different IP address,
     different port number or a different host name for the server,
@@ -4156,18 +4499,18 @@ hostname or IP address
     ServerName from the "main"
     server configuration will be inherited.
 
-    When a request is received, the server first maps it to the best matching 
-    <VirtualHost> based on the local 
-    IP address and port combination only.  Non-wildcards have a higher 
-    precedence. If no match based on IP and port occurs at all, the 
+    
When a request is received, the server first maps it to the best matching
+    <VirtualHost> based on the local
+    IP address and port combination only.  Non-wildcards have a higher
+    precedence. If no match based on IP and port occurs at all, the
     "main" server configuration is used.
-    
+
     If multiple virtual hosts contain the best matching IP address and port,
-    the server selects from these virtual hosts the best match based on the 
-    requested hostname.  If no matching name-based virtual host is found, 
-    then the first listed virtual host that matched the IP address will be 
+    the server selects from these virtual hosts the best match based on the
+    requested hostname.  If no matching name-based virtual host is found,
+    then the first listed virtual host that matched the IP address will be
     used.  As a consequence, the first listed virtual host for a given IP address
-    and port combination is default virtual host for that IP and port 
+    and port combination is default virtual host for that IP and port
     combination.
 
     Security
@@ -4197,7 +4540,28 @@ hostname or IP address
  fr  |
  ja  |
  tr 
-

-Copyright 2011 The Apache Software Foundation.
Licensed under the Apache License, Version 2.0.
-Modules | Directives | FAQ | Glossary | Sitemap
+
Comments
Notice:
This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our mailing lists.
+

+Copyright 2012 The Apache Software Foundation.
Licensed under the Apache License, Version 2.0.
+Modules | Directives | FAQ | Glossary | Sitemap
\ No newline at end of file
Description: Determines the behaviour on TRACE requests
Description: Determines the behavior on TRACE requests
 Syntax: TraceEnable [on|off|extended]
 Default: TraceEnable on
 Context: server config, virtual host

Description:	Determines the behaviour on `TRACE` requests
Description:	Determines the behavior on `TRACE` requests
Syntax:	`TraceEnable [on\|off\|extended]`
Default:	`TraceEnable on`
Context:	server config, virtual host

Apache Core Features

See also

See also

Security

Implicit disabling of Options

See also

Only available in <Directory> sections

See also

See also

Example

Example

Example

Example

Simple example

Example (somewhat similar to default format)

Example (similar to the 2.2.x format)

Advanced example with request/connection log IDs

See also

Warning

See also

See also

Example

Warning

Warning

Warning

When to use <Location>

Note about / (slash)

Note

Note

Note

See also

See also

Example

See also

Note

See also

Note

Example

Security

When to use `<Location>`