<p>For example, to make the server accept connections on both
port 80 and port 8000, on all interfaces, use:</p>
- <pre class="prettyprint lang-config">
-Listen 80
-Listen 8000
- </pre>
+ <pre class="prettyprint lang-config">Listen 80
+Listen 8000</pre>
<p>To make the server accept connections on port 80 for one interface,
and port 8000 on another, use</p>
- <pre class="prettyprint lang-config">
-Listen 192.0.2.1:80
-Listen 192.0.2.5:8000
- </pre>
+ <pre class="prettyprint lang-config">Listen 192.0.2.1:80
+Listen 192.0.2.5:8000</pre>
<p>IPv6 addresses must be enclosed in square brackets, as in the
following example:</p>
- <pre class="prettyprint lang-config">
- Listen [2001:db8::a00:20ff:fea7:ccea]:80
- </pre>
+ <pre class="prettyprint lang-config"> Listen [2001:db8::a00:20ff:fea7:ccea]:80</pre>
<div class="warning"><p>Overlapping <code class="directive"><a href="./mod/mpm_common.html#listen">Listen</a></code> directives will result in a
<code class="directive"><a href="./mod/mpm_common.html#listen">Listen</a></code> directives, as in the
following examples:</p>
- <pre class="prettyprint lang-config">
-Listen 0.0.0.0:80
-Listen 192.0.2.1:80
- </pre>
+ <pre class="prettyprint lang-config">Listen 0.0.0.0:80
+Listen 192.0.2.1:80</pre>
<p>If your platform supports it and you want httpd to handle IPv4 and
<p>You only need to set the protocol if you are running on non-standard
ports. For example, running an <code>https</code> site on port 8443:</p>
- <pre class="prettyprint lang-config">
- Listen 192.170.2.1:8443 https
- </pre>
+ <pre class="prettyprint lang-config"> Listen 192.170.2.1:8443 https</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
<p>Par exemple, pour faire en sorte que le serveur accepte des connexions
sur les ports 80 et 8000, sur toutes les interfaces, utilisez :</p>
- <pre class="prettyprint lang-config">
-Listen 80
-Listen 8000
- </pre>
+ <pre class="prettyprint lang-config">Listen 80
+Listen 8000</pre>
<p>Pour faire en sorte que le serveur accepte des connexions sur le port 80
pour une interface, et sur le port 8000 pour une
autre interface, utilisez :</p>
- <pre class="prettyprint lang-config">
-Listen 192.0.2.1:80
-Listen 192.0.2.5:8000
- </pre>
+ <pre class="prettyprint lang-config">Listen 192.0.2.1:80
+Listen 192.0.2.5:8000</pre>
<p>Les adresses IPv6 doivent être mises entre crochets, comme dans
l'exemple suivant :</p>
- <pre class="prettyprint lang-config">
- Listen [2001:db8::a00:20ff:fea7:ccea]:80
- </pre>
+ <pre class="prettyprint lang-config"> Listen [2001:db8::a00:20ff:fea7:ccea]:80</pre>
<div class="warning"><p>Des directives <code class="directive"><a href="./mod/mpm_common.html#listen">Listen</a></code>
<code class="directive"><a href="./mod/mpm_common.html#listen">Listen</a></code>, comme dans l'exemple
suivant :</p>
- <pre class="prettyprint lang-config">
-Listen 0.0.0.0:80
-Listen 192.0.2.1:80
- </pre>
+ <pre class="prettyprint lang-config">Listen 0.0.0.0:80
+Listen 192.0.2.1:80</pre>
<p>Si votre plateforme le supporte et si vous souhaitez que httpd gère
des ports non standards. Par exemple, pour travailler en
<code>https</code> sur le port 8443 :</p>
- <pre class="prettyprint lang-config">
- Listen 192.170.2.1:8443 https
- </pre>
+ <pre class="prettyprint lang-config"> Listen 192.170.2.1:8443 https</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
<p>Typically the module will be configured as so;</p>
- <pre class="prettyprint lang-config">
-CacheRoot "/var/cache/apache/"
+ <pre class="prettyprint lang-config">CacheRoot "/var/cache/apache/"
CacheEnable disk /
CacheDirLevels 2
-CacheDirLength 1
- </pre>
+CacheDirLength 1</pre>
<p>Importantly, as the cached files are locally stored, operating system
instructs httpd to open the file when it is started and to re-use
this file-handle for all subsequent access to this file.</p>
- <pre class="prettyprint lang-config">
- CacheFile /usr/local/apache2/htdocs/index.html
- </pre>
+ <pre class="prettyprint lang-config"> CacheFile /usr/local/apache2/htdocs/index.html</pre>
<p>If you intend to cache a large number of files in this manner, you
the difference in the time it takes to read a file for the first time
and the second time;</p>
- <div class="example"><pre>
-colm@coroebus:~$ time cat testfile > /dev/null
+ <div class="example"><pre>colm@coroebus:~$ time cat testfile > /dev/null
real 0m0.065s
user 0m0.000s
sys 0m0.001s
start time (using the mmap system call). httpd will use the in-memory
contents for all subsequent accesses to this file.</p>
- <pre class="prettyprint lang-config">
- MMapFile /usr/local/apache2/htdocs/index.html
- </pre>
+ <pre class="prettyprint lang-config"> MMapFile /usr/local/apache2/htdocs/index.html</pre>
<p>As with the
<p>En général, le module se configure comme suit :</p>
- <pre class="prettyprint lang-config">
-CacheRoot "/var/cache/apache/"
+ <pre class="prettyprint lang-config">CacheRoot "/var/cache/apache/"
CacheEnable disk /
CacheDirLevels 2
-CacheDirLength 1
- </pre>
+CacheDirLength 1</pre>
<p>Il est important de savoir que, les fichiers mis en cache étant stockés
réutiliser le descripteur de fichier mis en cache pour tous les
accès futurs à ce fichier.</p>
- <pre class="prettyprint lang-config">
- CacheFile /usr/local/apache2/htdocs/index.html
- </pre>
+ <pre class="prettyprint lang-config"> CacheFile /usr/local/apache2/htdocs/index.html</pre>
<p>Si vous désirez mettre en cache un grand nombre de fichiers
temps nécessaire à la première lecture d'un fichier et le temps
nécessaire à sa deuxième lecture;</p>
- <div class="example"><pre>
-colm@coroebus:~$ time cat testfile > /dev/null
+ <div class="example"><pre>colm@coroebus:~$ time cat testfile > /dev/null
real 0m0.065s
user 0m0.000s
sys 0m0.001s
utilisera le contenu chargé en mémoire pour satisfaire ultérieurement
toutes les demandes d'accès à ce fichier.</p>
- <pre class="prettyprint lang-config">
- MMapFile /usr/local/apache2/htdocs/index.html
- </pre>
+ <pre class="prettyprint lang-config"> MMapFile /usr/local/apache2/htdocs/index.html</pre>
<p>Comme dans le cas de la directive
try to select a matching variant. If there's no such variant,
the normal negotiation process applies.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SetEnvIf Cookie "language=(.+)" prefer-language=$1
-Header append Vary cookie
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SetEnvIf Cookie "language=(.+)" prefer-language=$1
+Header append Vary cookie</pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
de sélectionner une variante correspondante. S'il n'existe pas de telle
variante, le processus normal de négociation sera lancé.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
-SetEnvIf Cookie "language=(.+)" prefer-language=$1
-Header append Vary cookie
- </pre>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">SetEnvIf Cookie "language=(.+)" prefer-language=$1
+Header append Vary cookie</pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
if <code class="directive"><a href="./mod/core.html#allowoverride">AllowOverride</a></code> is set to
FileInfo.</p>
- <pre class="prettyprint lang-config">
-ErrorDocument 500 "Sorry, our script crashed. Oh dear"<br />
+ <pre class="prettyprint lang-config">ErrorDocument 500 "Sorry, our script crashed. Oh dear"<br />
ErrorDocument 500 /cgi-bin/crash-recover<br />
ErrorDocument 500 http://error.example.com/server_error.html<br />
ErrorDocument 404 /errors/not_found.html <br />
-ErrorDocument 401 /subscription/how_to_subscribe.html
- </pre>
+ErrorDocument 401 /subscription/how_to_subscribe.html</pre>
<p>The syntax of the <code>ErrorDocument</code> directive is:</p>
- <pre class="prettyprint lang-config">
- ErrorDocument <3-digit-code> <action>
- </pre>
+ <pre class="prettyprint lang-config"> ErrorDocument <3-digit-code> <action></pre>
<p>where the action will be treated as:</p>
caused it to be invoked. For instance, a Perl ErrorDocument
script might include the following:</p>
- <pre class="prettyprint lang-perl">
-...
+ <pre class="prettyprint lang-perl">...
print "Content-type: text/html\n"; <br />
printf "Status: %s Condition Intercepted\n", $ENV{"REDIRECT_STATUS"}; <br />
-...
- </pre>
+...</pre>
<p>If the script is dedicated to handling a particular error
<p>In your server configuration file, you'll see a line such as:</p>
- <pre class="prettyprint lang-config">
- # Multi-language error messages<br />
- #Include conf/extra/httpd-multilang-errordoc.conf
- </pre>
+ <pre class="prettyprint lang-config"> # Multi-language error messages<br />
+ #Include conf/extra/httpd-multilang-errordoc.conf</pre>
<p>Uncommenting this <code>Include</code> line will enable this
.htaccess si <code class="directive"><a href="./mod/core.html#allowoverride">AllowOverride</a></code> est
définie à FileInfo.</p>
- <pre class="prettyprint lang-config">
-ErrorDocument 500 "Désolé, notre script s'est
+ <pre class="prettyprint lang-config">ErrorDocument 500 "Désolé, notre script s'est
crashé ; comme c'est dommage !"<br />
ErrorDocument 500 /cgi-bin/crash-recover<br />
ErrorDocument 500 http://error.example.com/server_error.html<br />
ErrorDocument 404 /errors/not_found.html <br />
-ErrorDocument 401 /subscription/how_to_subscribe.html
- </pre>
+ErrorDocument 401 /subscription/how_to_subscribe.html</pre>
<p>La syntaxe de la directive <code>ErrorDocument</code> est :</p>
- <pre class="prettyprint lang-config">
- ErrorDocument <code_3_chiffres> <action>
- </pre>
+ <pre class="prettyprint lang-config"> ErrorDocument <code_3_chiffres> <action></pre>
<p>où action peut être traitée comme :</p>
<ol>
par une directive ErrorDocument pourrait contenir ce qui suit
:</p>
- <pre class="prettyprint lang-perl">
-...
+ <pre class="prettyprint lang-perl">...
print "Content-type: text/html\n"; <br />
printf "Status: %s Condition Intercepted\n", $ENV{"REDIRECT_STATUS"}; <br />
-...
- </pre>
+...</pre>
<p>Si un script est dédié à la gestion d'une condition d'erreur
<p>Dans le fichier de configuration de votre serveur, vous trouverez
un groupe de lignes du style :</p>
- <pre class="prettyprint lang-config">
- # Multi-language error messages<br />
- #Include conf/extra/httpd-multilang-errordoc.conf
- </pre>
+ <pre class="prettyprint lang-config"> # Multi-language error messages<br />
+ #Include conf/extra/httpd-multilang-errordoc.conf</pre>
<p>Décommentez la ligne <code>Include</code> pour activer cette
</code></p><pre>int header_only; /* HEAD request, as opposed to GET */
char *protocol; /* Protocol, as given to us, or HTTP/0.9 */
char *method; /* GET, HEAD, POST, <em>etc.</em> */
-int method_number; /* M_GET, M_POST, <em>etc.</em> */
-
-</pre><p><code>
+int method_number; /* M_GET, M_POST, <em>etc.</em> */</pre><p><code>
/* Info for logging */<br />
<br />
char *the_request;<br />
same set of filters as the main request. A graphical representation
might help:</p>
-<div class="example"><pre>
-Default_handler --> includes_filter --> byterange --> ...
-</pre></div>
+<div class="example"><pre>Default_handler --> includes_filter --> byterange --> ...</pre></div>
<p>If the includes filter creates a sub request, then we don't want the
data from that sub-request to go through the includes filter, because it
might not be SSI data. So, the subrequest adds the following:</p>
-<div class="example"><pre>
-Default_handler --> includes_filter -/-> byterange --> ...
+<div class="example"><pre>Default_handler --> includes_filter -/-> byterange --> ...
/
-Default_handler --> sub_request_core
-</pre></div>
+Default_handler --> sub_request_core</pre></div>
<p>What happens if the subrequest is SSI data? Well, that's easy, the
<code>includes_filter</code> is a resource filter, so it will be added to
arguments. For example, if the hook returns an <code>int</code> and
takes a <code>request_rec *</code> and an <code>int</code> and is
called <code>do_something</code>, then declare it like this:</p>
- <pre class="prettyprint lang-c">
- AP_DECLARE_HOOK(int, do_something, (request_rec *r, int n))
- </pre>
+ <pre class="prettyprint lang-c"> AP_DECLARE_HOOK(int, do_something, (request_rec *r, int n))</pre>
<p>This should go in a header which modules will include if
which is used to record the module functions that use the hook.
This is declared as follows:</p>
- <pre class="prettyprint lang-c">
-APR_HOOK_STRUCT(
+ <pre class="prettyprint lang-c">APR_HOOK_STRUCT(
APR_HOOK_LINK(do_something)
...
-)
- </pre>
+)</pre>
<p>If the return value of a hook is <code>void</code>, then all the
hooks are called, and the caller is implemented like this:</p>
- <pre class="prettyprint lang-c">
- AP_IMPLEMENT_HOOK_VOID(do_something, (request_rec *r, int n), (r, n))
- </pre>
+ <pre class="prettyprint lang-c"> AP_IMPLEMENT_HOOK_VOID(do_something, (request_rec *r, int n), (r, n))</pre>
<p>The second and third arguments are the dummy argument
calling the hook. In other words, this macro expands to
something like this:</p>
- <pre class="prettyprint lang-c">
-void ap_run_do_something(request_rec *r, int n)
+ <pre class="prettyprint lang-c">void ap_run_do_something(request_rec *r, int n)
{
...
do_something(r, n);
-}
- </pre>
+}</pre>
<p>If the hook returns a value, then it can either be run until
the first hook that does something interesting, like so:</p>
- <pre class="prettyprint lang-c">
- AP_IMPLEMENT_HOOK_RUN_FIRST(int, do_something, (request_rec *r, int n), (r, n), DECLINED)
- </pre>
+ <pre class="prettyprint lang-c"> AP_IMPLEMENT_HOOK_RUN_FIRST(int, do_something, (request_rec *r, int n), (r, n), DECLINED)</pre>
<p>The first hook that does <em>not</em> return <code>DECLINED</code>
value other than one of those two stops the loop, and its
return is the return value. Declare these like so:</p>
- <pre class="prettyprint lang-c">
- AP_IMPLEMENT_HOOK_RUN_ALL(int, do_something, (request_rec *r, int n), (r, n), OK, DECLINED)
- </pre>
+ <pre class="prettyprint lang-c"> AP_IMPLEMENT_HOOK_RUN_ALL(int, do_something, (request_rec *r, int n), (r, n), OK, DECLINED)</pre>
<p>Again, <code>OK</code> and <code>DECLINED</code> are the traditional
<p>At appropriate moments in the code, call the hook caller,
like so:</p>
- <pre class="prettyprint lang-c">
-int n, ret;
+ <pre class="prettyprint lang-c">int n, ret;
request_rec *r;
-ret=ap_run_do_something(r, n);
- </pre>
+ret=ap_run_do_something(r, n);</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<p>Include the appropriate header, and define a static function
of the correct type:</p>
- <pre class="prettyprint lang-c">
-static int my_something_doer(request_rec *r, int n)<br />
+ <pre class="prettyprint lang-c">static int my_something_doer(request_rec *r, int n)<br />
{
...
return OK;
-}
- </pre>
+}</pre>
registering function, which is included in the module
structure:</p>
- <pre class="prettyprint lang-c">
-static void my_register_hooks()
+ <pre class="prettyprint lang-c">static void my_register_hooks()
{
ap_hook_do_something(my_something_doer, NULL, NULL, APR_HOOK_MIDDLE);
}
{
...
my_register_hooks /* register hooks */
-};
- </pre>
+};</pre>
example, suppose we want "mod_xyz.c" and "mod_abc.c" to run
before we do, then we'd hook as follows:</p>
- <pre class="prettyprint lang-c">
-static void register_hooks()
+ <pre class="prettyprint lang-c">static void register_hooks()
{
static const char * const aszPre[] = { "mod_xyz.c", "mod_abc.c", NULL };
ap_hook_do_something(my_something_doer, aszPre, NULL, APR_HOOK_MIDDLE);
-}
- </pre>
+}</pre>
<p>Note that the sort used to achieve this is stable, so
done using it, allowing you to still gain a significant performance increase, while
keeping your memory footprint low. Some examples of possible settings are:
</p>
-<pre class="prettyprint lang-config">
-LuaScope once
+<pre class="prettyprint lang-config">LuaScope once
LuaScope thread
-LuaScope server 5 40
-</pre>
+LuaScope server 5 40</pre>
<p>
As a general rule of thumb: If your server has none to low usage, use <code>once</code>
For maximum performance, it is generally recommended that any initialization of libraries,
constants and master tables be kept outside the handle's scope:
</p>
-<pre class="prettyprint lang-lua">
---[[ This is good practice ]]--
+<pre class="prettyprint lang-lua">--[[ This is good practice ]]--
require "string"
require "someLibrary"
local masterTable = {}
function handle(r)
do_stuff()
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
---[[ This is bad practice ]]--
+<pre class="prettyprint lang-lua">--[[ This is bad practice ]]--
require "string"
function handle(r)
local masterTable = {}
local constant = "Foo bar baz"
do_stuff()
-end
-</pre>
+end</pre>
decisions than would otherwise be allowed with said directives.
</p>
-<pre class="prettyprint lang-config">
-LuaHookTranslateName /path/too/foo.lua remap
-</pre>
+<pre class="prettyprint lang-config">LuaHookTranslateName /path/too/foo.lua remap</pre>
-<pre class="prettyprint lang-lua">
---[[
+<pre class="prettyprint lang-lua">--[[
Simple remap example.
This example will rewrite /foo/test.bar to the physical file
/internal/test, somewhat like how mod_alias works.
r.filename = "/internal/" .. barFile
end
return apache2.OK
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
---[[
+<pre class="prettyprint lang-lua">--[[
Advanced remap example.
This example will evaluate some conditions, and based on that,
remap a file to one of two destinations, using a rewrite map.
end
end
return apache2.DECLINED
-end
-</pre>
+end</pre>
document roots of each hostname.
</p>
-<pre class="prettyprint lang-config">
-LuaHookTranslateName /path/too/foo.lua mass_vhost
-</pre>
+<pre class="prettyprint lang-config">LuaHookTranslateName /path/too/foo.lua mass_vhost</pre>
-<pre class="prettyprint lang-lua">
---[[
+<pre class="prettyprint lang-lua">--[[
Simple mass vhost script
This example will check a map for a virtual host and rewrite filename and
document root accordingly.
end
end
return apache2.DECLINED
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
---[[
+<pre class="prettyprint lang-lua">--[[
Advanced mass virtual hosting
This example will query a database for vhost entries and save them for
60 seconds before checking for updates. For best performance, such scripts
return apache2.OK
end
return apache2.DECLINED
-end
-</pre>
+end</pre>
processing, allowing you to either add new requirements that were not previously
supported by httpd, or tweaking existing ones to accommodate your needs.
</p>
-<pre class="prettyprint lang-config">
-LuaHookAuthChecker /path/too/foo.lua check_auth
-</pre>
+<pre class="prettyprint lang-config">LuaHookAuthChecker /path/too/foo.lua check_auth</pre>
-<pre class="prettyprint lang-lua">
---[[
+<pre class="prettyprint lang-lua">--[[
A simple authentication hook that checks a table containing usernames and
passwords of two accounts.
]]--
else
return apache2.OK
end
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
---[[
+<pre class="prettyprint lang-lua">--[[
An advanced authentication checker with a database backend,
caching account entries for 1 minute
]]--
else
return apache2.OK
end
-end
-</pre>
+end</pre>
example below shows you how you can split a single htpasswd file into
groups with different permissions:
</p>
-<pre class="prettyprint lang-config">
-LuaAuthzProvider rights /path/to/lua/script.lua rights_handler
+<pre class="prettyprint lang-config">LuaAuthzProvider rights /path/to/lua/script.lua rights_handler
<Directory /www/private>
Require rights member
</Directory>
<Directory /www/admin>
Require rights admin
-</Directory>
-</pre>
+</Directory></pre>
-<pre class="prettyprint lang-lua">
---[[
+<pre class="prettyprint lang-lua">--[[
This script has two user groups; members and admins, and whichever
is refered to by the "Require rights" directive is checked to see
if the authenticated user belongs to this group.
end
end
return apache2.AUTHZ_DENIED
-end
-</pre>
+end</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
by each backend using IVM variables, and preferring the backend with least
requests served in total:
</p>
-<pre class="prettyprint lang-config">
-LuaHookTranslateName /path/to/script.lua proxy_handler
-</pre>
+<pre class="prettyprint lang-config">LuaHookTranslateName /path/to/script.lua proxy_handler</pre>
-<pre class="prettyprint lang-lua">
---[[
+<pre class="prettyprint lang-lua">--[[
This script uses a basic IVM table to determine where to
send the request.
]]--
r.proxyreq = apache2.PROXYREQ_REVERSE
r.filename = "proxy:" .. backends[backend] .. r.uri
return apache2.DECLINED -- let the proxy handler do this instead
-end
-</pre>
+end</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<p>
Coming soon!
</p>
-<pre class="prettyprint lang-config">
-LuaMapHandler ^/portal/([a-z]+)/ /path/to/lua/script.lua handle_$1
-</pre>
+<pre class="prettyprint lang-config">LuaMapHandler ^/portal/([a-z]+)/ /path/to/lua/script.lua handle_$1</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
is called mod_example.c, compiling, installing and activating the module is
as simple as:
</p>
-<div class="example"><pre>
-apxs -i -a -c mod_example.c
-</pre></div>
+<div class="example"><pre>apxs -i -a -c mod_example.c</pre></div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
-<pre class="prettyprint lang-c">
-module AP_MODULE_DECLARE_DATA example_module =
+<pre class="prettyprint lang-c">module AP_MODULE_DECLARE_DATA example_module =
{
STANDARD20_MODULE_STUFF,
create_dir_conf, /* Per-directory configuration handler */
merge_svr_conf, /* Merge handler for per-server configurations */
directives, /* Any directives we may have for httpd */
register_hooks /* Our hook registering function */
-};
-</pre>
+};</pre>
For now, we're only concerned with the first purpose of the module name,
which comes into play when we need to load the module:
</p>
-<pre class="prettyprint lang-config">
-LoadModule example_module modules/mod_example.so
-</pre>
+<pre class="prettyprint lang-config">LoadModule example_module modules/mod_example.so</pre>
<p>
In essence, this tells the server to open up <code>mod_example.so</code> and look for a module
<code>mod_example</code>, so we'll add a configuration directive that tells
the server to do just that:
</p>
-<pre class="prettyprint lang-config">
-AddHandler example-handler .sum
-</pre>
+<pre class="prettyprint lang-config">AddHandler example-handler .sum</pre>
<p>
What this tells the server is the following: <em>Whenever we receive a request
-<pre class="prettyprint lang-c">
-module AP_MODULE_DECLARE_DATA example_module =
+<pre class="prettyprint lang-c">module AP_MODULE_DECLARE_DATA example_module =
{
STANDARD20_MODULE_STUFF,
NULL,
NULL,
NULL,
register_hooks /* Our hook registering function */
-};
-</pre>
+};</pre>
</p>
-<pre class="prettyprint lang-c">
-static void register_hooks(apr_pool_t *pool)
+<pre class="prettyprint lang-c">static void register_hooks(apr_pool_t *pool)
{
/* Create a hook in the request handler, so we get called when a request arrives */
ap_hook_handler(example_handler, NULL, NULL, APR_HOOK_LAST);
-}
-</pre>
+}</pre>
</p>
-<pre class="prettyprint lang-c">
-static int example_handler(request_rec *r)
+<pre class="prettyprint lang-c">static int example_handler(request_rec *r)
{
/* First off, we need to check if this is a call for the "example-handler" handler.
* If it is, we accept it and do our things, if not, we simply return DECLINED,
* We do so by simply returning the value OK to the server.
*/
return OK;
-}
-</pre>
+}</pre>
</p>
-<pre class="prettyprint lang-c">
-static int example_handler(request_rec *r)
+<pre class="prettyprint lang-c">static int example_handler(request_rec *r)
{
/* Set the appropriate content type */
ap_set_content_type(r, "text/html");
ap_rprintf(r, "Your query string was: %s", r->args);
}
return OK;
-}
-</pre>
+}</pre>
</p>
-<pre class="prettyprint lang-c">
-static int example_handler(request_rec *r)
+<pre class="prettyprint lang-c">static int example_handler(request_rec *r)
{
/* Return 404: Not found */
return HTTP_NOT_FOUND;
-}
-</pre>
+}</pre>
-<pre class="prettyprint lang-c">
-static int example_handler(request_rec *r)
+<pre class="prettyprint lang-c">static int example_handler(request_rec *r)
{
const char* original = "You can't edit this!";
char* copy;
/* Create a copy of the 'original' variable that we can edit. */
copy = apr_pstrdup(r->pool, original);
return OK;
-}
-</pre>
+}</pre>
</p>
-<pre class="prettyprint lang-c">
-static void register_hooks(apr_pool_t *pool)
+<pre class="prettyprint lang-c">static void register_hooks(apr_pool_t *pool)
{
/* Call a function that initializes some stuff */
example_init_function(pool);
/* Create a hook in the request handler, so we get called when a request arrives */
ap_hook_handler(example_handler, NULL, NULL, APR_HOOK_LAST);
-}
-</pre>
+}</pre>
<a href="http://ci.apache.org/projects/httpd/trunk/doxygen/group__APACHE__CORE__SCRIPT.html#gaed25877b529623a4d8f99f819ba1b7bd">
ap_args_to_table</a>(r, &GET); <em>
</em><a href="http://ci.apache.org/projects/httpd/trunk/doxygen/group__APACHE__CORE__DAEMON.html#ga9d426b6382b49754d4f87c55f65af202">
-ap_parse_form_data</a>(r, NULL, &POST, -1, 8192);
-</pre>
+ap_parse_form_data</a>(r, NULL, &POST, -1, 8192);</pre>
-<pre class="prettyprint lang-c">
-/* Get the "digest" key from the query string, if any. */
+<pre class="prettyprint lang-c">/* Get the "digest" key from the query string, if any. */
const char *digestType = apr_table_get(GET, "digest");
/* If no key was returned, we will set a default value instead. */
-if (!digestType) digestType = "sha1";
-</pre>
+if (!digestType) digestType = "sha1";</pre>
-<pre class="prettyprint lang-c">
-static int example_handler(request_rec *r)
+<pre class="prettyprint lang-c">static int example_handler(request_rec *r)
{
int rc, exists;
apr_finfo_t finfo;
}
/* Let the server know that we responded to this request. */
return OK;
-}
-</pre>
+}</pre>
telling an individual module (or a set of modules) how to behave, such as
these directives control how <code>mod_rewrite</code> works:
</p>
-<pre class="prettyprint lang-config">
-RewriteEngine On
+<pre class="prettyprint lang-config">RewriteEngine On
RewriteCond %{REQUEST_URI} ^/foo/bar
-RewriteRule ^/foo/bar/(.*)$ /foobar?page=$1
-</pre>
+RewriteRule ^/foo/bar/(.*)$ /foobar?page=$1</pre>
<p>
Each of these configuration directives are handled by a separate function,
-<pre class="prettyprint lang-c">
-typedef struct {
+<pre class="prettyprint lang-c">typedef struct {
int enabled; /* Enable or disable our module */
const char *path; /* Some path to...something */
int typeOfAction; /* 1 means action A, 2 means action B and so on */
-} example_config;
-</pre>
+} example_config;</pre>
</p>
-<pre class="prettyprint lang-c">
-typedef struct {
+<pre class="prettyprint lang-c">typedef struct {
int enabled; /* Enable or disable our module */
const char *path; /* Some path to...something */
int typeOfAction; /* 1 means action A, 2 means action B and so on */
NULL, /* Merge handler for per-server configurations */
NULL, /* Any directives we may have for httpd */
register_hooks /* Our hook registering function */
-};
-</pre>
+};</pre>
So far so good. To access our new handler, we could add the following to
our configuration:
</p>
-<pre class="prettyprint lang-config">
-<Location /example>
+<pre class="prettyprint lang-config"><Location /example>
SetHandler example-handler
-</Location>
-</pre>
+</Location></pre>
<p>
When we visit, we'll see our current configuration being spit out by our
</p>
-<pre class="prettyprint lang-c">
-module AP_MODULE_DECLARE_DATA example_module =
+<pre class="prettyprint lang-c">module AP_MODULE_DECLARE_DATA example_module =
{
STANDARD20_MODULE_STUFF,
NULL, /* Per-directory configuration handler */
NULL, /* Merge handler for per-server configurations */
example_directives, /* Any directives we may have for httpd */
register_hooks /* Our hook registering function */
-};
-</pre>
+};</pre>
</p>
-<pre class="prettyprint lang-c">
-static const command_rec example_directives[] =
+<pre class="prettyprint lang-c">static const command_rec example_directives[] =
{
AP_INIT_TAKE1("exampleEnabled", example_set_enabled, NULL, RSRC_CONF, "Enable or disable mod_example"),
AP_INIT_TAKE1("examplePath", example_set_path, NULL, RSRC_CONF, "The path to whatever"),
AP_INIT_TAKE2("exampleAction", example_set_action, NULL, RSRC_CONF, "Special action value!"),
{ NULL }
-};
-</pre>
+};</pre>
has an additional parameter defined:</p>
-<pre class="prettyprint lang-c">
-/* Handler for the "exampleEnabled" directive */
+<pre class="prettyprint lang-c">/* Handler for the "exampleEnabled" directive */
const char *example_set_enabled(cmd_parms *cmd, void *cfg, const char *arg)
{
if(!strcasecmp(arg, "on")) config.enabled = 1;
if(!strcasecmp(arg2, "deny")) config.typeOfAction += 0x10;
else config.typeOfAction += 0x20;
return NULL;
-}
-</pre>
+}</pre>
</p>
-<pre class="prettyprint lang-c">
-/* mod_example_config_simple.c: */
+<pre class="prettyprint lang-c">/* mod_example_config_simple.c: */
#include <stdio.h>
#include "apr_hash.h"
#include "ap_config.h"
NULL, /* Merge handler for per-server configurations */
example_directives, /* Any directives we may have for httpd */
register_hooks /* Our hook registering function */
-};
-</pre>
+};</pre>
In our httpd.conf file, we can now change the hard-coded configuration by
adding a few lines:
</p>
-<pre class="prettyprint lang-config">
-ExampleEnabled On
+<pre class="prettyprint lang-config">ExampleEnabled On
ExamplePath "/usr/bin/foo"
-ExampleAction file allow
-</pre>
+ExampleAction file allow</pre>
<p>
And thus we apply the configuration, visit <code>/example</code> on our
within which modules must operate. For example, let's assume you have this
configuration set up for mod_rewrite:
</p>
-<pre class="prettyprint lang-config">
-<Directory "/var/www">
+<pre class="prettyprint lang-config"><Directory "/var/www">
RewriteCond %{HTTP_HOST} ^example.com$
RewriteRule (.*) http://www.example.com/$1
</Directory>
<Directory "/var/www/sub">
RewriteRule ^foobar$ index.php?foobar=true
-</Directory>
-</pre>
+</Directory></pre>
<p>
In this example, you will have set up two different contexts for
</p>
-<pre class="prettyprint lang-c">
-example_config *config = (example_config*) <a href="http://ci.apache.org/projects/httpd/trunk/doxygen/group__APACHE__CORE__CONFIG.html#ga1093a5908a384eacc929b028c79f2a02">ap_get_module_config</a>(r->per_dir_config, &example_module);
-</pre>
+<pre class="prettyprint lang-c">example_config *config = (example_config*) <a href="http://ci.apache.org/projects/httpd/trunk/doxygen/group__APACHE__CORE__CONFIG.html#ga1093a5908a384eacc929b028c79f2a02">ap_get_module_config</a>(r->per_dir_config, &example_module);</pre>
used by the server in various places:
</p>
-<pre class="prettyprint lang-c">
-typedef struct {
+<pre class="prettyprint lang-c">typedef struct {
char context[256];
char path[256];
int typeOfAction;
int enabled;
-} example_config;
-</pre>
+} example_config;</pre>
-<pre class="prettyprint lang-c">
-static int example_handler(request_rec *r)
+<pre class="prettyprint lang-c">static int example_handler(request_rec *r)
{
if(!r->handler || strcmp(r->handler, "example-handler")) return(DECLINED);
example_config *config = (example_config*) ap_get_module_config(r->per_dir_config, &example_module);
ap_rprintf("TypeOfAction: %x\n", config->typeOfAction);
ap_rprintf("Context: %s\n", config->context);
return OK;
-}
-</pre>
+}</pre>
-<pre class="prettyprint lang-c">
-AP_INIT_TAKE1("exampleEnabled", example_set_enabled, NULL, RSRC_CONF, "Enable or disable mod_example"),
-</pre>
+<pre class="prettyprint lang-c">AP_INIT_TAKE1("exampleEnabled", example_set_enabled, NULL, RSRC_CONF, "Enable or disable mod_example"),</pre>
per-directory creator and merger function reference in our tag:</p>
-<pre class="prettyprint lang-c">
-module AP_MODULE_DECLARE_DATA example_module =
+<pre class="prettyprint lang-c">module AP_MODULE_DECLARE_DATA example_module =
{
STANDARD20_MODULE_STUFF,
create_dir_conf, /* Per-directory configuration handler */
NULL, /* Merge handler for per-server configurations */
directives, /* Any directives we may have for httpd */
register_hooks /* Our hook registering function */
-};
-</pre>
+};</pre>
configurations. We do so by creating the function we just referenced in
our name tag as the Per-directory configuration handler:</p>
-<pre class="prettyprint lang-c">
-void* example_create_dir_conf(apr_pool_t* pool, char* context) {
+<pre class="prettyprint lang-c">void* example_create_dir_conf(apr_pool_t* pool, char* context) {
context = context ? context : "(undefined context)";
example_config *cfg = apr_pcalloc(pool, sizeof(example_config));
if(cfg) {
cfg->typeOfAction = 0x11;
}
return cfg;
-}
-</pre>
+}</pre>
configurations. This part of the process particularly applies to scenarios
where you have a parent configuration and a child, such as the following:
</p>
-<pre class="prettyprint lang-config">
-<Directory "/var/www">
+<pre class="prettyprint lang-config"><Directory "/var/www">
ExampleEnabled On
ExamplePath /foo/bar
ExampleAction file allow
</Directory>
<Directory "/var/www/subdir">
ExampleAction file deny
-</Directory>
-</pre>
+</Directory></pre>
<p>
In this example, it is natural to assume that the directory <code>
-<pre class="prettyprint lang-c">
-void* merge_dir_conf(apr_pool_t* pool, void* BASE, void* ADD) {
+<pre class="prettyprint lang-c">void* merge_dir_conf(apr_pool_t* pool, void* BASE, void* ADD) {
example_config* base = (example_config *) BASE ; /* This is what was set in the parent context */
example_config* add = (example_config *) ADD ; /* This is what is set in the new context */
example_config* conf = (example_config *) create_dir_conf(pool, "Merged configuration"); /* This will be the merged configuration */
strcpy(conf->path, strlen(add->path) ? add->path : base->path);
return conf ;
-}
-</pre>
+}</pre>
context aware. First off, we'll create a configuration that lets us test
how the module works:
</p>
-<pre class="prettyprint lang-config">
-<Location "/a">
+<pre class="prettyprint lang-config"><Location "/a">
SetHandler example-handler
ExampleEnabled on
ExamplePath "/foo/bar"
ExampleAction db deny
ExamplePath "/foo/bar/baz"
ExampleEnabled on
-</Location>
-</pre>
+</Location></pre>
<p>
Then we'll assemble our module code. Note, that since we are now using our
</p>
-<pre class="prettyprint lang-c">
-/*$6
+<pre class="prettyprint lang-c">/*$6
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
* mod_example_config.c
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
conf->typeOfAction = add->typeOfAction ? add->typeOfAction : base->typeOfAction;
strcpy(conf->path, strlen(add->path) ? add->path : base->path);
return conf;
-}
-</pre>
+}</pre>
-<pre class="prettyprint lang-c">
-typedef struct {
+<pre class="prettyprint lang-c">typedef struct {
const char* key;
const char* value;
} keyValuePair;
}
}
return OK;
-}
-</pre>
+}</pre>
-<pre class="prettyprint lang-c">
-static int example_handler(request_rec *r)
+<pre class="prettyprint lang-c">static int example_handler(request_rec *r)
{
/*~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~*/
const apr_array_header_t *fields;
ap_rprintf(r, "%s: %s\n", e[i].key, e[i].val);
}
return OK;
-}
-</pre>
+}</pre>
-<pre class="prettyprint lang-c">
-static int util_read(request_rec *r, const char **rbuf, apr_off_t *size)
+<pre class="prettyprint lang-c">static int util_read(request_rec *r, const char **rbuf, apr_off_t *size)
{
/*~~~~~~~~*/
int rc = OK;
ap_rprintf(r, "We read a request body that was %" APR_OFF_T_FMT " bytes long", size);
}
return OK;
-}
- </pre>
+}</pre>
will be called in.</p>
<p>This is the code that was added to <code>mod_mmap_static</code>:</p>
- <div class="example"><pre>
-static void register_hooks(void)
+ <div class="example"><pre>static void register_hooks(void)
{
static const char * const aszPre[]={ "http_core.c",NULL };
ap_hook_post_config(mmap_post_config,NULL,NULL,HOOK_MIDDLE);
creating your module definition. The old definition looked
like</p>
- <div class="example"><pre>
-module MODULE_VAR_EXPORT <var>module_name</var>_module =
+ <div class="example"><pre>module MODULE_VAR_EXPORT <var>module_name</var>_module =
{
STANDARD_MODULE_STUFF,
/* initializer */
};</pre></div>
<p>The new structure is a great deal simpler...</p>
- <div class="example"><pre>
-module MODULE_VAR_EXPORT <var>module_name</var>_module =
+ <div class="example"><pre>module MODULE_VAR_EXPORT <var>module_name</var>_module =
{
STANDARD20_MODULE_STUFF,
/* create per-directory config structures */
<p>以下は、<code>mod_mmap_static</code> に追加したコードです:</p>
- <div class="example"><pre>
-static void register_hooks(void)
+ <div class="example"><pre>static void register_hooks(void)
{
static const char * const aszPre[]={ "http_core.c",NULL };
ap_hook_post_config(mmap_post_config,NULL,NULL,HOOK_MIDDLE);
<p>モジュールの定義を作成する際に注意しなければならない
ステージの数は激減しています。古い定義は次のようになっていました。</p>
- <div class="example"><pre>
-module MODULE_VAR_EXPORT <var>module_name</var>_module =
+ <div class="example"><pre>module MODULE_VAR_EXPORT <var>module_name</var>_module =
{
STANDARD_MODULE_STUFF,
/* initializer */
};</pre></div>
<p>新しい構造体はとってもシンプルです…</p>
- <div class="example"><pre>
-module MODULE_VAR_EXPORT <var>module_name</var>_module =
+ <div class="example"><pre>module MODULE_VAR_EXPORT <var>module_name</var>_module =
{
STANDARD20_MODULE_STUFF,
/* create per-directory config structures */
brigade should have no side effects (such as changing any state
private to the filter).</p>
- <div class="example"><h3>How to handle an empty brigade</h3><pre class="prettyprint lang-c">
- apr_status_t dummy_filter(ap_filter_t *f, apr_bucket_brigade *bb)<br />
+ <div class="example"><h3>How to handle an empty brigade</h3><pre class="prettyprint lang-c"> apr_status_t dummy_filter(ap_filter_t *f, apr_bucket_brigade *bb)<br />
{
if (APR_BRIGADE_EMPTY(bb)) {
return APR_SUCCESS;
}
- ....
- </pre>
+ ....</pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<p>Taking an example which loops through the entire brigade as
follows:</p>
- <div class="example"><h3>Bad output filter -- do not imitate!</h3><pre class="prettyprint lang-c">
-apr_bucket *e = APR_BRIGADE_FIRST(bb);
+ <div class="example"><h3>Bad output filter -- do not imitate!</h3><pre class="prettyprint lang-c">apr_bucket *e = APR_BRIGADE_FIRST(bb);
const char *data;
apr_size_t len;
}
-return ap_pass_brigade(bb);
-</pre>
+return ap_pass_brigade(bb);</pre>
</div>
<p>The above implementation would consume memory proportional to
amount of memory to filter any brigade; a temporary brigade is
needed and must be allocated only once per response, see the <a href="#state">Maintaining state</a> section.</p>
- <div class="example"><h3>Better output filter</h3><pre class="prettyprint lang-c">
-apr_bucket *e;
+ <div class="example"><h3>Better output filter</h3><pre class="prettyprint lang-c">apr_bucket *e;
const char *data;
apr_size_t len;
rv = ap_pass_brigade(f->next, tmpbb);
if (rv) ...;
apr_brigade_cleanup(tmpbb);
-}
-</pre>
+}</pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
temporary brigade in such a structure, to avoid having to allocate
a new brigade per invocation as described in the <a href="#brigade">Brigade structure</a> section.</p>
- <div class="example"><h3>Example code to maintain filter state</h3><pre class="prettyprint lang-c">
-struct dummy_state {
+ <div class="example"><h3>Example code to maintain filter state</h3><pre class="prettyprint lang-c">struct dummy_state {
apr_bucket_brigade *tmpbb;
int filter_state;
....
state->filter_state = ...;
}
- ...
-</pre>
+ ...</pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
script; reading from such a bucket will block when waiting for the
CGI script to produce more output.</p>
- <div class="example"><h3>Example code using non-blocking bucket reads</h3><pre class="prettyprint lang-c">
-apr_bucket *e;
+ <div class="example"><h3>Example code using non-blocking bucket reads</h3><pre class="prettyprint lang-c">apr_bucket *e;
apr_read_type_e mode = APR_NONBLOCK_READ;
while ((e = APR_BRIGADE_FIRST(bb)) != APR_BRIGADE_SENTINEL(bb)) {
/* Next time, try a non-blocking read first. */
mode = APR_NONBLOCK_READ;
...
-}
-</pre>
+}</pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<h2><a name="security" id="security">The Security Phase</a></h2>
<p>Needs Documentation. Code is:</p>
- <pre class="prettyprint lang-c">
-if ((access_status = ap_run_access_checker(r)) != 0) {
+ <pre class="prettyprint lang-c">if ((access_status = ap_run_access_checker(r)) != 0) {
return decl_die(access_status, "check access", r);
}
if ((access_status = ap_run_auth_checker(r)) != 0) {
return decl_die(access_status, "check authorization", r);
-}
- </pre>
+}</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="example" id="example">A Simple Example</a></h2>
- <pre class="prettyprint lang-config">
-# This is a misconfiguration example, do not use on your server
+ <pre class="prettyprint lang-config"># This is a misconfiguration example, do not use on your server
<VirtualHost www.example.dom>
ServerAdmin webgirl@example.dom
DocumentRoot /www/example
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>In order for the server to function properly, it absolutely needs
<p>Suppose that <code>www.example.dom</code> has address 192.0.2.1.
Then consider this configuration snippet:</p>
- <pre class="prettyprint lang-config">
-# This is a misconfiguration example, do not use on your server
+ <pre class="prettyprint lang-config"># This is a misconfiguration example, do not use on your server
<VirtualHost 192.0.2.1>
ServerAdmin webgirl@example.dom
DocumentRoot /www/example
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>This time httpd needs to use reverse DNS to find the
<p>Here is a snippet that avoids both of these problems:</p>
- <pre class="prettyprint lang-config">
-<VirtualHost 192.0.2.1>
+ <pre class="prettyprint lang-config"><VirtualHost 192.0.2.1>
ServerName www.example.dom
ServerAdmin webgirl@example.dom
DocumentRoot /www/example
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
<p>Consider this configuration snippet:</p>
- <pre class="prettyprint lang-config">
-<VirtualHost www.example1.dom>
+ <pre class="prettyprint lang-config"><VirtualHost www.example1.dom>
ServerAdmin webgirl@example1.dom
DocumentRoot /www/example1
</VirtualHost>
<VirtualHost www.example2.dom>
ServerAdmin webguy@example2.dom
DocumentRoot /www/example2
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>Suppose that you've assigned 192.0.2.1 to
<h2><a name="example" id="example">Un exemple simple</a></h2>
- <pre class="prettyprint lang-config">
-# Ceci est un exemple de mauvaise configuration ; ne l'utilisez pas comme base
+ <pre class="prettyprint lang-config"># Ceci est un exemple de mauvaise configuration ; ne l'utilisez pas comme base
# de configuration
<VirtualHost www.example.dom>
ServerAdmin webgirl@example.dom
DocumentRoot /www/example
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>Pour fonctionner correctement, le serveur a absolument besoin de deux
<p>Supposons que l'adresse de <code>www.example.dom</code> soit
192.0.2.1, et examinons cet extrait de configuration :</p>
- <pre class="prettyprint lang-config">
-# Ceci est un exemple de mauvaise configuration ; ne l'utilisez pas comme base
+ <pre class="prettyprint lang-config"># Ceci est un exemple de mauvaise configuration ; ne l'utilisez pas comme base
# de configuration
<VirtualHost 192.0.2.1>
ServerAdmin webgirl@example.dom
DocumentRoot /www/example
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>Cette fois, httpd doit effectuer une recherche DNS inverse pour
<p>Voici un extrait de configuration qui permet d'éviter ces deux
types de problèmes :</p>
- <pre class="prettyprint lang-config">
-<VirtualHost 192.0.2.1>
+ <pre class="prettyprint lang-config"><VirtualHost 192.0.2.1>
ServerName www.example.dom
ServerAdmin webgirl@example.dom
DocumentRoot /www/example
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
<p>Considérons cet extrait de configuration :</p>
- <pre class="prettyprint lang-config">
-<VirtualHost www.example1.dom>
+ <pre class="prettyprint lang-config"><VirtualHost www.example1.dom>
ServerAdmin webgirl@example1.dom
DocumentRoot /www/example1
</VirtualHost>
<VirtualHost www.example2.dom>
ServerAdmin webguy@example2.dom
DocumentRoot /www/example2
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>Supposons que vous ayez assigné 192.0.2.1 à
</a></code> and <code class="module"><a href="./mod/mod_headers.html">mod_headers</a></code> allows you to still accept
these headers:</p>
-<pre class="prettyprint lang-config">
-#
+<pre class="prettyprint lang-config">#
# The following works around a client sending a broken Accept_Encoding
# header.
#
SetEnvIfNoCase ^Accept.Encoding$ ^(.*)$ fix_accept_encoding=$1
-RequestHeader set Accept-Encoding %{fix_accept_encoding}e env=fix_accept_encoding
-</pre>
+RequestHeader set Accept-Encoding %{fix_accept_encoding}e env=fix_accept_encoding</pre>
httpd.conf to deal with known client problems. Since the affected clients
are no longer seen in the wild, this configuration is likely no-longer
necessary.</p>
-<pre class="prettyprint lang-config">
-#
+<pre class="prettyprint lang-config">#
# The following directives modify normal HTTP response behavior.
# The first directive disables keepalive for Netscape 2.x and browsers that
# spoof it. There are known problems with these browser implementations.
#
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
-BrowserMatch "JDK/1\.0" force-response-1.0
-</pre>
+BrowserMatch "JDK/1\.0" force-response-1.0</pre>
particular directories, or to prevent logging of requests
coming from particular hosts.</p>
- <pre class="prettyprint lang-config">
-SetEnvIf Request_URI \.gif image-request
+ <pre class="prettyprint lang-config">SetEnvIf Request_URI \.gif image-request
SetEnvIf Request_URI \.jpg image-request
SetEnvIf Request_URI \.png image-request
-CustomLog logs/access_log common env=!image-request
- </pre>
+CustomLog logs/access_log common env=!image-request</pre>
in limited circumstances. We assume that all your images are in
a directory called <code>/web/images</code>.</p>
- <pre class="prettyprint lang-config">
-SetEnvIf Referer "^http://www\.example\.com/" local_referal
+ <pre class="prettyprint lang-config">SetEnvIf Referer "^http://www\.example\.com/" local_referal
# Allow browsers that do not send Referer info
SetEnvIf Referer "^$" local_referal
<Directory /web/images>
Require env local_referal
-</Directory>
- </pre>
+</Directory></pre>
<p>For more information about this technique, see the
<code class="module"><a href="./mod/mod_setenvif.html">mod_setenvif</a></code> et <code class="module"><a href="./mod/mod_header.html">mod_header</a></code>,
et permettant de prendre en compte ces en-têtes :</p>
-<pre class="prettyprint lang-config">
-# L'exemple suivant montre comment prendre en compte un en-tête<br />
+<pre class="prettyprint lang-config"># L'exemple suivant montre comment prendre en compte un en-tête<br />
# Accept_Encoding non conforme envoyé par un client.
#
SetEnvIfNoCase ^Accept.Encoding$ ^(.*)$ fix_accept_encoding=$1
-RequestHeader set Accept-Encoding %{fix_accept_encoding}e env=fix_accept_encoding
-</pre>
+RequestHeader set Accept-Encoding %{fix_accept_encoding}e env=fix_accept_encoding</pre>
httpd.conf pour tenir compte de problèmes connus avec certains clients.
Comme les clients concernés sont maintenant très peu utilisés, cet
ajout n'est pratiquement plus nécessaire.</p>
-<pre class="prettyprint lang-config">
-#
+<pre class="prettyprint lang-config">#
# The following directives modify normal HTTP response behavior.
# The first directive disables keepalive for Netscape 2.x and browsers that
# spoof it. There are known problems with these browser implementations.
#
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
-BrowserMatch "JDK/1\.0" force-response-1.0
-</pre>
+BrowserMatch "JDK/1\.0" force-response-1.0</pre>
dans le fichier de trace des accès. Il peut être facilement adapté pour
empêcher le traçage de répertoires particuliers, ou de requêtes
en provenance de certains hôtes.</p>
- <pre class="prettyprint lang-config">
-SetEnvIf Request_URI \.gif image-request
+ <pre class="prettyprint lang-config">SetEnvIf Request_URI \.gif image-request
SetEnvIf Request_URI \.jpg image-request
SetEnvIf Request_URI \.png image-request
-CustomLog logs/access_log common env=!image-request
- </pre>
+CustomLog logs/access_log common env=!image-request</pre>
recommandée, mais elle peut fonctionner dans des circonstances bien
définies. Nous supposons que toutes vos images sont enregistrées dans
un répertoire nommé <code>/web/images</code>.</p>
- <pre class="prettyprint lang-config">
-SetEnvIf Referer "^http://www\.example\.com/" local_referal
+ <pre class="prettyprint lang-config">SetEnvIf Referer "^http://www\.example\.com/" local_referal
# Autorise les navigateurs qui n'envoient aucune information de Referer
SetEnvIf Referer "^$" local_referal
<Directory /web/images>
Require env local_referal
-</Directory>
- </pre>
+</Directory></pre>
<p>Pour plus d'informations sur cette technique, voir le tutoriel sur
httpd.conf に次の行を加えるよう推奨されていましたが、
今となっては、問題としていたクライアントは実際には見かけることは
なくなってきたので、この設定はもはや必要ないかもしれません。</p>
-<div class="example"><pre>
-#
+<div class="example"><pre>#
# The following directives modify normal HTTP response behavior.
# The first directive disables keepalive for Netscape 2.x and browsers that
# spoof it. There are known problems with these browser implementations.
これを変更することで、特定のディレクトリのログ収集をやめたり、
特定のホストからのリクエストのログ収集をやめたりすることが簡単にできます。
</p>
- <div class="example"><pre>
-SetEnvIf Request_URI \.gif image-request
+ <div class="example"><pre>SetEnvIf Request_URI \.gif image-request
SetEnvIf Request_URI \.jpg image-request
SetEnvIf Request_URI \.png image-request
CustomLog logs/access_log common env=!image-request</pre></div>
これは推奨されている設定ではありませんが、ある限定された状況では有効です。
ここでは、すべての画像は <code>/web/images</code>
というディレクトリにあると仮定します。</p>
- <div class="example"><pre>
-SetEnvIf Referer "^http://www\.example\.com/" local_referal
+ <div class="example"><pre>SetEnvIf Referer "^http://www\.example\.com/" local_referal
# Allow browsers that do not send Referer info
SetEnvIf Referer "^$" local_referal
<Directory /web/images>
<p>Ŭ¶óÀ̾ðÆ®µéÀÇ ÀÌ¹Ì ¾Ë·ÁÁø ¹®Á¦¸¦ ÇØ°áÇϱâÀ§ÇØ
httpd.conf¿¡ ´ÙÀ½ ³»¿ëÀ» Æ÷ÇÔÇÏ±æ ¹Ù¶õ´Ù.</p>
-<div class="example"><pre>
-#
+<div class="example"><pre>#
# ´ÙÀ½ Áö½Ã¾îµéÀº ÀϹÝÀûÀÎ HTTP ÀÀ´äÀ» º¯°æÇÑ´Ù.
# ù¹ø° Áö½Ã¾î´Â Netscape 2.x¿Í À̸¦ °¡ÀåÇÑ ºê¶ó¿ìÀú¿¡°Ô
# keepalive¸¦ »ç¿ëÇÏÁö ¾Ê´Â´Ù. ÀÌµé ºê¶ó¿ìÀú ±¸Çö¿¡ ¹®Á¦°¡ ÀÖ´Ù.
<p>ÀÌ ¿¹Á¦´Â À̹ÌÁö¿¡ ´ëÇÑ ¿äûÀ» Á¢±Ù ·Î±×¿¡ ±â·ÏÇÏÁö
¾Ê´Â´Ù. ƯÁ¤ µð·ºÅ丮¿¡ ´ëÇÑ È¤Àº ƯÁ¤ È£½ºÆ®¿¡¼ ¿Â
¿äûÀ» ·Î±×ÇÏÁö ¾Êµµ·Ï ½±°Ô ¼öÁ¤ÇÒ ¼ö ÀÖ´Ù.</p>
- <div class="example"><pre>
-SetEnvIf Request_URI \.gif image-request
+ <div class="example"><pre>SetEnvIf Request_URI \.gif image-request
SetEnvIf Request_URI \.jpg image-request
SetEnvIf Request_URI \.png image-request
CustomLog logs/access_log common env=!image-request</pre></div>
¼³Á¤À» ±ÇÀåÇÏÁö´Â ¾ÊÀ¸¸ç, Á¦ÇÑµÈ °æ¿ì¿¡¸¸ µ¿ÀÛÇÑ´Ù.
¿ì¸®´Â ¸ðµç À̹ÌÁö°¡ /web/images µð·ºÅ丮 ¾È¿¡ ÀÖ´Ù°í
°¡Á¤ÇÑ´Ù.</p>
- <div class="example"><pre>
-SetEnvIf Referer "^http://www.example.com/" local_referal
+ <div class="example"><pre>SetEnvIf Referer "^http://www.example.com/" local_referal
# Referer Á¤º¸¸¦ º¸³»Áö ¾Ê´Â ºê¶ó¿ìÀú¸¦ Çã¿ëÇÑ´Ù
SetEnvIf Referer "^$" local_referal
<Directory /web/images>
that evaluate to a string value. For those, the starting point in
the BNF is <code>string</code>.
</p>
-<blockquote>
-<pre>
-expr ::= "<strong>true</strong>" | "<strong>false</strong>"
+<pre>expr ::= "<strong>true</strong>" | "<strong>false</strong>"
| "<strong>!</strong>" expr
| expr "<strong>&&</strong>" expr
| expr "<strong>||</strong>" expr
function ::= funcname "<strong>(</strong>" word "<strong>)</strong>"
-listfunction ::= listfuncname "<strong>(</strong>" word "<strong>)</strong>"
-</pre>
-</blockquote>
+listfunction ::= listfuncname "<strong>(</strong>" word "<strong>)</strong>"</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
evaluate requests:</p>
- <pre class="prettyprint lang-config">
-# Compare the host name to example.com and redirect to www.example.com if it matches
+ <pre class="prettyprint lang-config"># Compare the host name to example.com and redirect to www.example.com if it matches
<If "%{HTTP_HOST} == 'example.com'">
Redirect permanent / http://www.example.com/
</If>
# Only allow access to this content during business hours
<Directory "/foo/bar/business">
Require expr "%{TIME_HOUR} -gt 9 && %{TIME_HOUR} -lt 17"
-</Directory>
- </pre>
+</Directory></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
<p><span>Langues Disponibles: </span><a href="./en/expr.html" hreflang="en" rel="alternate" title="English"> en </a> |
<a href="./fr/expr.html" title="Français"> fr </a></p>
</div>
+<div class="outofdate">Cette traduction peut être périmée. Vérifiez la version
+ anglaise pour les changements récents.</div>
<p>Historiquement, il existe de nombreuses variantes dans la syntaxe
des expressions permettant d'exprimer une condition dans les
<code>string</code>.
</p>
<blockquote>
-<pre>
-expr ::= "<strong>true</strong>" | "<strong>false</strong>"
+<pre>expr ::= "<strong>true</strong>" | "<strong>false</strong>"
| "<strong>!</strong>" expr
| expr "<strong>&&</strong>" expr
| expr "<strong>||</strong>" expr
function ::= funcname "<strong>(</strong>" word "<strong>)</strong>"
-listfunction ::= listfuncname "<strong>(</strong>" word "<strong>)</strong>"
-</pre>
+listfunction ::= listfuncname "<strong>(</strong>" word "<strong>)</strong>"</pre>
</blockquote>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<p>Les exemples suivants montent comment utiliser les
expressions pour évaluer les requêtes :</p>
- <pre class="prettyprint lang-config">
-# Comparer le nom d'hôte avec example.com et rediriger vers
+ <pre class="prettyprint lang-config"># Comparer le nom d'hôte avec example.com et rediriger vers
# www.example.com si le nom d'hôte correspond
<If "%{HTTP_HOST} == 'example.com'">
Redirect permanent / http://www.example.com/
# travail
<Directory "/foo/bar/business">
Require expr "%{TIME_HOUR} -gt 9 && %{TIME_HOUR} -lt 17"
-</Directory>
- </pre>
+</Directory></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
<?xml version="1.0" encoding="ISO-8859-1" ?>
<!DOCTYPE manualpage SYSTEM "./style/manualpage.dtd">
<?xml-stylesheet type="text/xsl" href="./style/manual.fr.xsl"?>
-<!-- English Revision : 1560918 -->
+<!-- English Revision: 1560918:1564957 (outdated) -->
<!-- French translation : Lucien GENTIS -->
<!-- Reviewed by : Vincent Deffontaines -->
<variants>
<variant>en</variant>
- <variant>fr</variant>
+ <variant outdated="yes">fr</variant>
</variants>
</metafile>
the <code>html</code> extension to trigger the launch of the
<code>footer.pl</code> CGI script.</p>
- <pre class="prettyprint lang-config">
-Action add-footer /cgi-bin/footer.pl
-AddHandler add-footer .html
- </pre>
+ <pre class="prettyprint lang-config">Action add-footer /cgi-bin/footer.pl
+AddHandler add-footer .html</pre>
<p>Then the CGI script is responsible for sending the
the <code>send-as-is</code> handler, regardless of their
filename extensions.</p>
- <pre class="prettyprint lang-config">
-<Directory /web/htdocs/asis>
+ <pre class="prettyprint lang-config"><Directory /web/htdocs/asis>
SetHandler send-as-is
-</Directory>
- </pre>
+</Directory></pre>
you may wish to make use of. Specifically, a new record has
been added to the <code>request_rec</code> structure:</p>
- <pre class="prettyprint lang-c">
- char *handler
- </pre>
+ <pre class="prettyprint lang-c"> char *handler</pre>
<p>If you wish to have your module engage a handler, you need
des fichiers possédant une extension <code>html</code> déclenchent
l'exécution du script CGI <code>footer.pl</code>.</p>
- <pre class="prettyprint lang-config">
-Action add-footer /cgi-bin/footer.pl
-AddHandler add-footer .html
- </pre>
+ <pre class="prettyprint lang-config">Action add-footer /cgi-bin/footer.pl
+AddHandler add-footer .html</pre>
<p>À ce moment-là, le script CGI se charge d'envoyer le document
<code>send-as-is</code>, sans tenir compte de l'extension
de leur nom de fichier.</p>
- <pre class="prettyprint lang-config">
-<Directory /web/htdocs/asis>
+ <pre class="prettyprint lang-config"><Directory /web/htdocs/asis>
SetHandler send-as-is
-</Directory>
- </pre>
+</Directory></pre>
Plus précisément, un nouvel enregistrement a été ajouté à la structure
<code>request_rec</code> :</p>
- <pre class="prettyprint lang-c">
- char *handler
- </pre>
+ <pre class="prettyprint lang-c"> char *handler</pre>
<p>Si vous voulez que votre module déclenche l'utilisation d'un
<p>The usage of these directives is:</p>
- <pre class="prettyprint lang-config">
-Require host address
-Require ip ip.address
- </pre>
+ <pre class="prettyprint lang-config">Require host address
+Require ip ip.address</pre>
<p>In the first form, <var>address</var> is a fully qualified
board, and you want to keep them out, you could do the
following:</p>
- <pre class="prettyprint lang-config">
-<RequireAll>
+ <pre class="prettyprint lang-config"><RequireAll>
Require all granted
Require not ip 10.252.46.165
-</RequireAll>
-</pre>
+</RequireAll></pre>
<p>Visitors coming from that address (<code>10.252.46.165</code>)
<p>And, if you'd like to block access from an entire domain,
you can specify just part of an address or domain name:</p>
- <pre class="prettyprint lang-config">
-Require not ip 192.168.205
+ <pre class="prettyprint lang-config">Require not ip 192.168.205
Require not host phishers.example.com moreidiots.example
-Require not host gov
- </pre>
+Require not host gov</pre>
<p>Use of the <code class="directive"><a href="../mod/mod_authz_core.html#requireall">RequireAll</a></code>, <code class="directive"><a href="../mod/mod_authz_core.html#requireany">RequireAny</a></code>, and <code class="directive"><a href="../mod/mod_authz_core.html#requirenone">RequireNone</a></code> directives may be
based on user-agent (the browser type) you might do the
following:</p>
- <pre class="prettyprint lang-config">
-<If "%{HTTP_USER_AGENT} == 'BadBot'">
+ <pre class="prettyprint lang-config"><If "%{HTTP_USER_AGENT} == 'BadBot'">
Require All Denied
-</If>
- </pre>
+</If></pre>
<div class="note"><h3>Warning:</h3>
<p>For example, if you wish to block access to a resource between 8pm
and 6am, you can do this using <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>.</p>
- <pre class="prettyprint lang-config">
-RewriteEngine On
+ <pre class="prettyprint lang-config">RewriteEngine On
RewriteCond %{TIME_HOUR} >=20 [OR]
RewriteCond %{TIME_HOUR} <07
-RewriteRule ^/fridge - [F]
- </pre>
+RewriteRule ^/fridge - [F]</pre>
<p>This will return a 403 Forbidden response for any request after 8pm
<p>Les directives Require s'utilisent comme suit :</p>
- <pre class="prettyprint lang-config">
-Require host address
-Require ip ip.address
- </pre>
+ <pre class="prettyprint lang-config">Require host address
+Require ip ip.address</pre>
<p>Dans la première forme, <var>nom-hôte</var> est un nom de domaine
spamer votre forum, vous pouvez ajouter cette ligne pour lui refuser
l'accès :</p>
- <pre class="prettyprint lang-config">
-<RequireAll>
+ <pre class="prettyprint lang-config"><RequireAll>
Require all granted
Require not ip 10.252.46.165
-</RequireAll>
- </pre>
+</RequireAll></pre>
<p>Les visiteurs possédant cette adresse (<code>10.252.46.165</code>) ne pourront pas voir le
vous pouvez spécifier des adresses IP partielles ou des noms de
domaine, comme ceci :</p>
- <pre class="prettyprint lang-config">
-Require not ip 192.168.205
+ <pre class="prettyprint lang-config">Require not ip 192.168.205
Require not host phishers.example.com moreidiots.example
-Require not host gov
- </pre>
+Require not host gov</pre>
<p>Les directives <code class="directive"><a href="../mod/mod_authz_core.html#requireall">RequireAll</a></code>, <code class="directive"><a href="../mod/mod_authz_core.html#requireany">RequireAny</a></code>, et <code class="directive"><a href="../mod/mod_authz_core.html#requirenone">RequireNone</a></code> ouvrent le champ à des
fonction du user-agent (le type de navigateur), vous pouvez
spécifier ceci :</p>
- <pre class="prettyprint lang-config">
-<If "%{HTTP_USER_AGENT} == 'BadBot'">
+ <pre class="prettyprint lang-config"><If "%{HTTP_USER_AGENT} == 'BadBot'">
Require All Denied
-</If>
- </pre>
+</If></pre>
<div class="note"><h3>Avertissement :</h3>
<p>Par exemple, pour bloquer l'accès à une ressources entre 20h et
6h du matin, vous pouvez utiliser <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> :</p>
- <pre class="prettyprint lang-config">
-RewriteEngine On
+ <pre class="prettyprint lang-config">RewriteEngine On
RewriteCond %{TIME_HOUR} >=20 [OR]
RewriteCond %{TIME_HOUR} <07
-RewriteRule ^/fridge - [F]
- </pre>
+RewriteRule ^/fridge - [F]</pre>
<p>Toute requête arrivant après 20h ou avant 7h du matin provoquera
placed in <code>httpd.conf</code> inside a <Directory
/usr/local/apache/htdocs/secret> section.</p>
- <pre class="prettyprint lang-config">
-AuthType Basic
+ <pre class="prettyprint lang-config">AuthType Basic
AuthName "Restricted Files"
# (Following line optional)
AuthBasicProvider file
AuthUserFile /usr/local/apache/passwd/passwords
-Require user rbowen
- </pre>
+Require user rbowen</pre>
<p>Let's examine each of those directives individually. The <code class="directive"><a href="../mod/mod_authn_core.html#authtype">AuthType</a></code> directive selects
<p>Now, you need to modify your <code>.htaccess</code> file to
look like the following:</p>
- <pre class="prettyprint lang-config">
-AuthType Basic
+ <pre class="prettyprint lang-config">AuthType Basic
AuthName "By Invitation Only"
# Optional line:
AuthBasicProvider file
AuthUserFile /usr/local/apache/passwd/passwords
AuthGroupFile /usr/local/apache/passwd/groups
-Require group GroupName
- </pre>
+Require group GroupName</pre>
<p>Now, anyone that is listed in the group <code>GroupName</code>,
<p>To select a dbm file rather than a text file, for example:</p>
- <pre class="prettyprint lang-config">
-<Directory /www/docs/private>
+ <pre class="prettyprint lang-config"><Directory /www/docs/private>
AuthName "Private"
AuthType Basic
AuthBasicProvider dbm
AuthDBMUserFile /www/passwords/passwd.dbm
Require valid-user
-</Directory>
- </pre>
+</Directory></pre>
<p>Other options are available. Consult the
scheme that meets your needs. In the following example, both the
file and LDAP based authentication providers are being used.</p>
- <pre class="prettyprint lang-config">
-<Directory /www/docs/private>
+ <pre class="prettyprint lang-config"><Directory /www/docs/private>
AuthName "Private"
AuthType Basic
AuthBasicProvider file ldap
AuthUserFile /usr/local/apache/passwd/passwords
AuthLDAPURL ldap://ldaphost/o=yourorg
Require valid-user
-</Directory>
- </pre>
+</Directory></pre>
<p>In this example the file provider will attempt to authenticate
authorization methods can also be used. In this example both file group
authorization as well as LDAP group authorization is being used.</p>
- <pre class="prettyprint lang-config">
-<Directory /www/docs/private>
+ <pre class="prettyprint lang-config"><Directory /www/docs/private>
AuthName "Private"
AuthType Basic
AuthBasicProvider file
AuthGroupFile /usr/local/apache/passwd/groups
Require group GroupName
Require ldap-group cn=mygroup,o=yourorg
-</Directory>
- </pre>
+</Directory></pre>
<p>To take authorization a little further, authorization container
board, and you want to keep them out, you could do the
following:</p>
- <pre class="prettyprint lang-config">
-<RequireAll>
+ <pre class="prettyprint lang-config"><RequireAll>
Require all granted
Require not ip 10.252.46.165
-</RequireAll>
- </pre>
+</RequireAll></pre>
<p>Visitors coming from that address will not be able to see
the content covered by this directive. If, instead, you have a
machine name, rather than an IP address, you can use that.</p>
- <pre class="prettyprint lang-config">
-<RequireAll>
+ <pre class="prettyprint lang-config"><RequireAll>
Require all granted
Require not host host.example.com
-</RequireAll>
- </pre>
+</RequireAll></pre>
<p>And, if you'd like to block access from an entire domain,
you can specify just part of an address or domain name:</p>
- <pre class="prettyprint lang-config">
-<RequireAll>
+ <pre class="prettyprint lang-config"><RequireAll>
Require all granted
Require not ip 192.168.205
Require not host phishers.example.com moreidiots.example
Require not host ke
-</RequireAll>
- </pre>
+</RequireAll></pre>
<p>Using <code class="directive"><a href="../mod/mod_authz_core.html#requireall"><RequireAll></a></code>
fichier <code>httpd.conf</code> à l'intérieur d'une section <Directory
/usr/local/apache/htdocs/secret> :</p>
- <pre class="prettyprint lang-config">
-AuthType Basic
+ <pre class="prettyprint lang-config">AuthType Basic
AuthName "Restricted Files"
# (Following line optional)
AuthBasicProvider file
AuthUserFile /usr/local/apache/passwd/passwords
-Require user rbowen
- </pre>
+Require user rbowen</pre>
<p>Examinons ces directives une à une. La directive <code class="directive"><a href="../mod/mod_authn_core.html#authtype">AuthType</a></code> définit la méthode
<p>Maintenant, vous devez modifier votre fichier
<code>.htaccess</code> comme suit :</p>
- <pre class="prettyprint lang-config">
-AuthType Basic
+ <pre class="prettyprint lang-config">AuthType Basic
AuthName "By Invitation Only"
# Optional line:
AuthBasicProvider file
AuthUserFile /usr/local/apache/passwd/passwords
AuthGroupFile /usr/local/apache/passwd/groups
-Require group GroupName
- </pre>
+Require group GroupName</pre>
<p>Maintenant, quiconque appartient au groupe
<p>Par exemple, pour sélectionner un fichier dbm à la place d'un
fichier texte :</p>
- <pre class="prettyprint lang-config">
-<Directory /www/docs/private>
+ <pre class="prettyprint lang-config"><Directory /www/docs/private>
AuthName "Private"
AuthType Basic
AuthBasicProvider dbm
AuthDBMUserFile /www/passwords/passwd.dbm
Require valid-user
-</Directory>
- </pre>
+</Directory></pre>
<p>D'autres options sont disponibles. Consultez la documentation de
conjointement les fournisseurs d'authentification
file et LDAP :</p>
- <pre class="prettyprint lang-config">
-<Directory /www/docs/private>
+ <pre class="prettyprint lang-config"><Directory /www/docs/private>
AuthName "Private"
AuthType Basic
AuthBasicProvider file ldap
AuthUserFile /usr/local/apache/passwd/passwords
AuthLDAPURL ldap://ldaphost/o=yourorg
Require valid-user
-</Directory>
- </pre>
+</Directory></pre>
<p>Dans cet exemple, le fournisseur file va tenter d'authentifier
autorisation à base de fichier de groupes et une autorisation à base
de groupes LDAP.</p>
- <pre class="prettyprint lang-config">
-<Directory /www/docs/private>
+ <pre class="prettyprint lang-config"><Directory /www/docs/private>
AuthName "Private"
AuthType Basic
AuthBasicProvider file
AuthGroupFile /usr/local/apache/passwd/groups
Require group GroupName
Require ldap-group cn=mygroup,o=yourorg
-</Directory>
- </pre>
+</Directory></pre>
<p>Pour un scénario d'autorisation un peu plus avancé, des
<p>Par exemple, si vous voulez rejeter les spams dont une
machine vous inonde, vous pouvez utiliser ceci :</p>
- <pre class="prettyprint lang-config">
-<RequireAll>
+ <pre class="prettyprint lang-config"><RequireAll>
Require all granted
Require not ip 10.252.46.165
-</RequireAll>
- </pre>
+</RequireAll></pre>
<p>Ainsi, les visiteurs en provenance de cette adresse ne
par contre, vous connaissez le nom de la machine, vous pouvez
utiliser ceci :</p>
- <pre class="prettyprint lang-config">
-<RequireAll>
+ <pre class="prettyprint lang-config"><RequireAll>
Require all granted
Require not host host.example.com
-</RequireAll>
- </pre>
+</RequireAll></pre>
<p>Et si vous voulez interdire l'accès à toutes les machines
d'un domaine, vous pouvez spécifier une partie seulement de
l'adresse ou du nom de domaine :</p>
- <pre class="prettyprint lang-config">
-<RequireAll>
+ <pre class="prettyprint lang-config"><RequireAll>
Require all granted
Require not ip 192.168.205
Require not host phishers.example.com moreidiots.example
Require not host ke
-</RequireAll>
- </pre>
+</RequireAll></pre>
<p>L'utilisation de la directive <code class="directive"><a href="../mod/mod_authz_core.html#requireall"><RequireAll></a></code>
directive has not been commented out. A correctly configured directive
may look like this:
- <pre class="prettyprint lang-config">
- LoadModule cgi_module modules/mod_cgi.so
- </pre>
+ <pre class="prettyprint lang-config"> LoadModule cgi_module modules/mod_cgi.so</pre>
</div>
<h3><a name="scriptalias" id="scriptalias">ScriptAlias</a></h3>
<p>The <code class="directive"><a href="../mod/mod_alias.html#scriptalias">ScriptAlias</a></code>
directive looks like:</p>
- <pre class="prettyprint lang-config">
- ScriptAlias /cgi-bin/ /usr/local/apache2/cgi-bin/
- </pre>
+ <pre class="prettyprint lang-config"> ScriptAlias /cgi-bin/ /usr/local/apache2/cgi-bin/</pre>
<p>The example shown is from your default <code>httpd.conf</code>
file, to specify that CGI execution was permitted in a particular
directory:</p>
- <pre class="prettyprint lang-config">
-<Directory /usr/local/apache2/htdocs/somedir>
+ <pre class="prettyprint lang-config"><Directory /usr/local/apache2/htdocs/somedir>
Options +ExecCGI
-</Directory>
- </pre>
+</Directory></pre>
<p>The above directive tells Apache to permit the execution
files with the <code>cgi</code> or <code>pl</code> extension as CGI
programs:</p>
- <pre class="prettyprint lang-config">
- AddHandler cgi-script .cgi .pl
- </pre>
+ <pre class="prettyprint lang-config"> AddHandler cgi-script .cgi .pl</pre>
<code>.cgi</code> in users' directories, you can use the
following configuration.</p>
- <pre class="prettyprint lang-config">
-<Directory /home/*/public_html>
+ <pre class="prettyprint lang-config"><Directory /home/*/public_html>
Options +ExecCGI
AddHandler cgi-script .cgi
-</Directory>
- </pre>
+</Directory></pre>
<p>If you wish designate a <code>cgi-bin</code> subdirectory of
a user's directory where everything will be treated as a CGI
program, you can use the following.</p>
- <pre class="prettyprint lang-config">
-<Directory /home/*/public_html/cgi-bin>
+ <pre class="prettyprint lang-config"><Directory /home/*/public_html/cgi-bin>
Options ExecCGI
SetHandler cgi-script
-</Directory>
- </pre>
+</Directory></pre>
file called <code>first.pl</code>, and put it in your
<code>cgi-bin</code> directory.</p>
- <pre class="prettyprint lang-perl">
-#!/usr/bin/perl
+ <pre class="prettyprint lang-perl">#!/usr/bin/perl
print "Content-type: text/html\n\n";
-print "Hello, World.";
- </pre>
+print "Hello, World.";</pre>
<p>Even if you are not familiar with Perl, you should be able
interpreter (often <code>perl</code>) indicated in the first
line of your CGI program, which will look something like:</p>
- <pre class="prettyprint lang-perl">
- #!/usr/bin/perl
- </pre>
+ <pre class="prettyprint lang-perl"> #!/usr/bin/perl</pre>
<p>Make sure that this is in fact the path to the
<a href="../env.html">add your own environment variables</a>
to the basic ones provided by default.</p>
- <pre class="prettyprint lang-perl">
-#!/usr/bin/perl
+ <pre class="prettyprint lang-perl">#!/usr/bin/perl
use strict;
use warnings;
print "Content-type: text/html\n\n";
foreach my $key (keys %ENV) {
print "$key --> $ENV{$key}<br>";
-}
- </pre>
+}</pre>
commentée dans votre <code>httpd.conf</code>. Une directive correcte
doit ressembler à ceci :
- <pre class="prettyprint lang-config">
- LoadModule cgi_module modules/mod_cgi.so
- </pre>
+ <pre class="prettyprint lang-config"> LoadModule cgi_module modules/mod_cgi.so</pre>
</div>
<h3><a name="scriptalias" id="scriptalias">ScriptAlias</a></h3>
<p>La directive <code class="directive"><a href="../mod/mod_alias.html#scriptalias">ScriptAlias</a></code> se présente comme suit
:</p>
- <pre class="prettyprint lang-config">
- ScriptAlias /cgi-bin/ /usr/local/apache2/cgi-bin/
- </pre>
+ <pre class="prettyprint lang-config"> ScriptAlias /cgi-bin/ /usr/local/apache2/cgi-bin/</pre>
<p>Cet exemple est tiré de votre fichier de configuration
l'exécution des programmes CGI est permise depuis un répertoire
particulier :</p>
- <pre class="prettyprint lang-config">
-<Directory /usr/local/apache2/htdocs/somedir>
+ <pre class="prettyprint lang-config"><Directory /usr/local/apache2/htdocs/somedir>
Options +ExecCGI
-</Directory>
- </pre>
+</Directory></pre>
<p>La directive ci-dessus indique à Apache qu'il doit permettre
extension <code>cgi</code> ou <code>pl</code> en tant que
programmes CGI :</p>
- <pre class="prettyprint lang-config">
- AddHandler cgi-script .cgi .pl
- </pre>
+ <pre class="prettyprint lang-config"> AddHandler cgi-script .cgi .pl</pre>
répertoire utilisateur, vous pouvez utiliser la configuration
suivante :</p>
- <pre class="prettyprint lang-config">
-<Directory /home/*/public_html>
+ <pre class="prettyprint lang-config"><Directory /home/*/public_html>
Options +ExecCGI
AddHandler cgi-script .cgi
-</Directory>
- </pre>
+</Directory></pre>
<p>Pour indiquer un sous-répertoire <code>cgi-bin</code> d'un
répertoire utilisateur où tout fichier sera traité en tant que
programme CGI, vous pouvez utiliser ceci :</p>
- <pre class="prettyprint lang-config">
-<Directory /home/*/public_html/cgi-bin>
+ <pre class="prettyprint lang-config"><Directory /home/*/public_html/cgi-bin>
Options ExecCGI
SetHandler cgi-script
-</Directory>
- </pre>
+</Directory></pre>
<code>premier.pl</code>, et placez le dans votre répertoire
<code>cgi-bin</code>.</p>
- <pre class="prettyprint lang-perl">
-#!/usr/bin/perl
+ <pre class="prettyprint lang-perl">#!/usr/bin/perl
print "Content-type: text/html\n\n";
-print "Hello, World.";
- </pre>
+print "Hello, World.";</pre>
<p>Même si Perl ne vous est pas familier, vous devriez être
trouve à la première ligne de votre programme CGI et qui va
ressembler à ceci :</p>
- <pre class="prettyprint lang-perl">
- #!/usr/bin/perl
- </pre>
+ <pre class="prettyprint lang-perl"> #!/usr/bin/perl</pre>
<p>Assurez-vous qu'il s'agit bien du chemin correct vers
variables d'environnement</a> aux variables de base fournies par
défaut.</p>
- <pre class="prettyprint lang-perl">
-#!/usr/bin/perl
+ <pre class="prettyprint lang-perl">#!/usr/bin/perl
use strict;
use warnings;
print "Content-type: text/html\n\n";
foreach my $key (keys %ENV) {
print "$key --> $ENV{$key}<br>";
-}
- </pre>
+}</pre>
というファイルに保存し、それを <code>cgi-bin</code>
ディレクトリに置いてください。</p>
- <pre class="prettyprint lang-perl">
-#!/usr/bin/perl<br />
+ <pre class="prettyprint lang-perl">#!/usr/bin/perl<br />
print "Content-type: text/html\n\n";<br />
-print "Hello, World.";
- </pre>
+print "Hello, World.";</pre>
<p>Perl に精通していなくても、
<a href="../env.html">あなた自身の環境変数を加える</a>ための、
多くの異なる方法を用意してします。</p>
- <pre class="prettyprint lang-perl">
-#!/usr/bin/perl
+ <pre class="prettyprint lang-perl">#!/usr/bin/perl
print "Content-type: text/html\n\n";
foreach $key (keys %ENV) {
print "$key --> $ENV{$key}<br>";
-}
- </pre>
+}</pre>
</div>
<div class="example"><h3>Section from your <code>httpd.conf</code>
- file</h3><pre class="prettyprint lang-config">
-<Directory /www/htdocs/example>
+ file</h3><pre class="prettyprint lang-config"><Directory /www/htdocs/example>
AddType text/example .exm
-</Directory>
- </pre>
+</Directory></pre>
</div>
<p>However, putting this configuration in your server configuration
prevent script execution while allowing anything else to be set in
<code>.htaccess</code> you can use:</p>
- <pre class="prettyprint lang-config">
-<Directory /www/htdocs>
+ <pre class="prettyprint lang-config"><Directory /www/htdocs>
AllowOverride All
</Directory>
<Location />
Options +IncludesNoExec -ExecCGI<br />
-</Location>
- </pre>
+</Location></pre>
<div class="note">This example assumes that your <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> is <code>/www/htdocs</code>.</div>
<p><code>.htaccess</code> file contents:</p>
- <pre class="prettyprint lang-config">
-AuthType Basic
+ <pre class="prettyprint lang-config">AuthType Basic
AuthName "Password Required"
AuthUserFile /www/passwords/password.file
AuthGroupFile /www/passwords/group.file
-Require Group admins
- </pre>
+Require Group admins</pre>
<p>Note that <code>AllowOverride AuthConfig</code> must be in effect
the following configuration directives, placed in a
<code>.htaccess</code> file in the desired directory:</p>
- <pre class="prettyprint lang-config">
-Options +Includes
+ <pre class="prettyprint lang-config">Options +Includes
AddType text/html shtml
-AddHandler server-parsed shtml
- </pre>
+AddHandler server-parsed shtml</pre>
<p>Note that <code>AllowOverride Options</code> and <code>AllowOverride
the execution of CGI programs in a particular directory. This may be
implemented with the following configuration:</p>
- <pre class="prettyprint lang-config">
-Options +ExecCGI
-AddHandler cgi-script cgi pl
- </pre>
+ <pre class="prettyprint lang-config">Options +ExecCGI
+AddHandler cgi-script cgi pl</pre>
<p>Alternately, if you wish to have all files in the given directory be
considered to be CGI programs, this may be done with the following
configuration:</p>
- <pre class="prettyprint lang-config">
-Options +ExecCGI
-SetHandler cgi-script
- </pre>
+ <pre class="prettyprint lang-config">Options +ExecCGI
+SetHandler cgi-script</pre>
<p>Note that <code>AllowOverride Options</code> and <code>AllowOverride
<code>.config</code>, vous pouvez mettre ceci dans le fichier de
configuration de votre serveur :</p>
- <pre class="prettyprint lang-config">
- AccessFileName .config
- </pre>
+ <pre class="prettyprint lang-config"> AccessFileName .config</pre>
</div>
</div>
<div class="example"><h3>Section de votre fichier
- <code>httpd.conf</code></h3><pre class="prettyprint lang-config">
-<Directory /www/htdocs/example>
+ <code>httpd.conf</code></h3><pre class="prettyprint lang-config"><Directory /www/htdocs/example>
AddType text/example .exm
-</Directory>
- </pre>
+</Directory></pre>
</div>
<p>Cependant, la perte de performances sera moindre si vous
définition de toute autre option dans les fichiers
<code>.htaccess</code>, vous pouvez utiliser :</p>
- <pre class="prettyprint lang-config">
-<Directory /www/htdocs>
+ <pre class="prettyprint lang-config"><Directory /www/htdocs>
AllowOverride All
</Directory>
<Location />
Options +IncludesNoExec -ExecCGI<br />
-</Location>
- </pre>
+</Location></pre>
<div class="note">Dans cet exemple, on considère que le chemin défini par la
<p>Contenu du fichier <code>.htaccess</code> :</p>
- <pre class="prettyprint lang-config">
-AuthType Basic
+ <pre class="prettyprint lang-config">AuthType Basic
AuthName "Password Required"
AuthUserFile /www/passwords/password.file
AuthGroupFile /www/passwords/group.file
-Require Group admins
- </pre>
+Require Group admins</pre>
<p>Notez que <code>AllowOverride AuthConfig</code> doit être présent
placées dans un fichier <code>.htaccess</code> enregistré dans le
répertoire considéré :</p>
- <pre class="prettyprint lang-config">
-Options +Includes
+ <pre class="prettyprint lang-config">Options +Includes
AddType text/html shtml
-AddHandler server-parsed shtml
- </pre>
+AddHandler server-parsed shtml</pre>
<p>Notez que <code>AllowOverride Options</code> et <code>AllowOverride
dans un répertoire particulier. Pour y parvenir, vous pouvez
utiliser la configuration suivante :</p>
- <pre class="prettyprint lang-config">
-Options +ExecCGI
-AddHandler cgi-script cgi pl
- </pre>
+ <pre class="prettyprint lang-config">Options +ExecCGI
+AddHandler cgi-script cgi pl</pre>
<p>Alternativement, si vous souhaitez que tous les fichiers d'un
répertoire donné soient considérés comme des programmes CGI, vous
pouvez utiliser la configuration suivante :</p>
- <pre class="prettyprint lang-config">
-Options +ExecCGI
-SetHandler cgi-script
- </pre>
+ <pre class="prettyprint lang-config">Options +ExecCGI
+SetHandler cgi-script</pre>
<p>Notez que <code>AllowOverride Options</code> et <code>AllowOverride
You can, likewise, disable the feature for all but a few users by
using a configuration like the following:</p>
- <pre class="prettyprint lang-config">
- UserDir disabled<br />
- UserDir enabled rbowen krietz
- </pre>
+ <pre class="prettyprint lang-config"> UserDir disabled<br />
+ UserDir enabled rbowen krietz</pre>
<p>See <code class="directive"><a href="../mod/mod_userdir.html#userdir">UserDir</a></code>
directive to make a particular subdirectory of a user's home directory
cgi-enabled.</p>
- <pre class="prettyprint lang-config">
-<Directory /home/*/public_html/cgi-bin/>
+ <pre class="prettyprint lang-config"><Directory /home/*/public_html/cgi-bin/>
Options ExecCGI
SetHandler cgi-script
-</Directory>
- </pre>
+</Directory></pre>
<p>Then, presuming that <code>UserDir</code> is set to
utilisateurs sauf certains d'entre eux en utilisant une
configuration du style :</p>
- <pre class="prettyprint lang-config">
- UserDir disabled<br />
- UserDir enabled rbowen krietz
- </pre>
+ <pre class="prettyprint lang-config"> UserDir disabled<br />
+ UserDir enabled rbowen krietz</pre>
<p>Vous trouverez d'autres exemples dans la documentation de
vous pouvez utiliser une section <code class="directive"><a href="../mod/core.html#directory"><Directory></a></code> pour activer CGI dans un
sous-répertoire particulier d'un répertoire home utilisateur.</p>
- <pre class="prettyprint lang-config">
-<Directory /home/*/public_html/cgi-bin/>
+ <pre class="prettyprint lang-config"><Directory /home/*/public_html/cgi-bin/>
Options ExecCGI
SetHandler cgi-script
-</Directory>
- </pre>
+</Directory></pre>
<p>Avec la configuration ci-dessus, et en supposant que
<p>To permit SSI on your server, you must have the following
directive either in your <code>httpd.conf</code> file, or in a
<code>.htaccess</code> file:</p>
-<pre class="prettyprint lang-config">
- Options +Includes
-</pre>
+<pre class="prettyprint lang-config"> Options +Includes</pre>
<p>This tells Apache that you want to permit files to be parsed
do this. You can tell Apache to parse any file with a
particular file extension, such as <code>.shtml</code>, with
the following directives:</p>
-<pre class="prettyprint lang-config">
- AddType text/html .shtml<br />
- AddOutputFilter INCLUDES .shtml
-</pre>
+<pre class="prettyprint lang-config"> AddType text/html .shtml<br />
+ AddOutputFilter INCLUDES .shtml</pre>
<p>One disadvantage to this approach is that if you wanted to
directives would be executed.</p>
<p>The other method is to use the <code class="directive"><a href="../mod/mod_include.html#xbithack">XBitHack</a></code> directive:</p>
-<pre class="prettyprint lang-config">
- XBitHack on
-</pre>
+<pre class="prettyprint lang-config"> XBitHack on</pre>
<p><code class="directive"><a href="../mod/mod_include.html#xbithack">XBitHack</a></code>
<p>In your configuration file, you could put the following
line:</p>
-<pre class="prettyprint lang-config">
- BrowserMatchNoCase macintosh Mac<br />
- BrowserMatchNoCase MSIE InternetExplorer
-</pre>
+<pre class="prettyprint lang-config"> BrowserMatchNoCase macintosh Mac<br />
+ BrowserMatchNoCase MSIE InternetExplorer</pre>
<p>This will set environment variables ``Mac'' and
devez ajouter la directive suivante dans votre fichier
<code>httpd.conf</code>, ou dans un fichier <code>.htaccess</code>
:</p>
-<pre class="prettyprint lang-config">
- Options +Includes
-</pre>
+<pre class="prettyprint lang-config"> Options +Includes</pre>
<p>Cette directive indique à Apache que vous désirez permettre la
directives SSI. Vous devez indiquer à Apache quels fichiers seront
concernés. Vous pouvez y parvenir en indiquant une extension, comme
<code>.shtml</code>, à l'aide des directives suivantes :</p>
-<pre class="prettyprint lang-config">
- AddType text/html .shtml<br />
- AddOutputFilter INCLUDES .shtml
-</pre>
+<pre class="prettyprint lang-config"> AddType text/html .shtml<br />
+ AddOutputFilter INCLUDES .shtml</pre>
<p>Un des désavantages de cette approche réside dans le fait que si
SSI qu'elle contient soient traitées.</p>
<p>Une autre méthode consiste à utiliser la directive <code class="directive"><a href="../mod/mod_include.html#xbithack">XBitHack</a></code> :</p>
-<pre class="prettyprint lang-config">
- XBitHack on
-</pre>
+<pre class="prettyprint lang-config"> XBitHack on</pre>
<p>La directive <code class="directive"><a href="../mod/mod_include.html#xbithack">XBitHack</a></code>
<p>Vous pouvez ajouter les lignes suivantes dans votre fichier de
configuration :</p>
-<pre class="prettyprint lang-config">
- BrowserMatchNoCase macintosh Mac<br />
- BrowserMatchNoCase MSIE InternetExplorer
-</pre>
+<pre class="prettyprint lang-config"> BrowserMatchNoCase macintosh Mac<br />
+ BrowserMatchNoCase MSIE InternetExplorer</pre>
<p>Ces lignes définissent les variables d'environnement "Mac" et
<p>Do this by specifying the name of the module in your
<code class="directive">LogLevel</code> directive:</p>
- <pre class="prettyprint lang-config">
- LogLevel info rewrite:trace5
- </pre>
+ <pre class="prettyprint lang-config"> LogLevel info rewrite:trace5</pre>
<p>This sets the main <code class="directive">LogLevel</code> to info, but
<p>A typical configuration for the access log might look as
follows.</p>
- <pre class="prettyprint lang-config">
-LogFormat "%h %l %u %t \"%r\" %>s %b" common
-CustomLog logs/access_log common
- </pre>
+ <pre class="prettyprint lang-config">LogFormat "%h %l %u %t \"%r\" %>s %b" common
+CustomLog logs/access_log common</pre>
<p>This defines the <em>nickname</em> <code>common</code> and
<p>Another commonly used format string is called the Combined
Log Format. It can be used as follows.</p>
- <pre class="prettyprint lang-config">
-LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combined
-CustomLog log/access_log combined
- </pre>
+ <pre class="prettyprint lang-config">LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combined
+CustomLog log/access_log combined</pre>
<p>This format is exactly the same as the Common Log Format,
information. The last two <code class="directive"><a href="./mod/mod_log_config.html#customlog">CustomLog</a></code> lines show how
to mimic the effects of the <code>ReferLog</code> and <code>AgentLog</code> directives.</p>
- <pre class="prettyprint lang-config">
-LogFormat "%h %l %u %t \"%r\" %>s %b" common
+ <pre class="prettyprint lang-config">LogFormat "%h %l %u %t \"%r\" %>s %b" common
CustomLog logs/access_log common
CustomLog logs/referer_log "%{Referer}i -> %U"
-CustomLog logs/agent_log "%{User-agent}i"
- </pre>
+CustomLog logs/agent_log "%{User-agent}i"</pre>
<p>This example also shows that it is not necessary to define a
include or exclude requests where the environment variable is
set. Some examples:</p>
- <pre class="prettyprint lang-config">
-# Mark requests from the loop-back interface
+ <pre class="prettyprint lang-config"># Mark requests from the loop-back interface
SetEnvIf Remote_Addr "127\.0\.0\.1" dontlog
# Mark requests for the robots.txt file
SetEnvIf Request_URI "^/robots\.txt$" dontlog
# Log what remains
-CustomLog logs/access_log common env=!dontlog
- </pre>
+CustomLog logs/access_log common env=!dontlog</pre>
<p>As another example, consider logging requests from
english-speakers to one log file, and non-english speakers to a
different log file.</p>
- <pre class="prettyprint lang-config">
- SetEnvIf Accept-Language "en" english<br />
+ <pre class="prettyprint lang-config"> SetEnvIf Accept-Language "en" english<br />
CustomLog logs/english_log common env=english<br />
- CustomLog logs/non_english_log common env=!english
- </pre>
+ CustomLog logs/non_english_log common env=!english</pre>
<p>In a caching scenario one would want to know about
the efficiency of the cache. A very simple method to
find this out would be:</p>
- <pre class="prettyprint lang-config">
-SetEnv CACHE_MISS 1
+ <pre class="prettyprint lang-config">SetEnv CACHE_MISS 1
LogFormat "%h %l %u %t "%r " %>s %b %{CACHE_MISS}e" common-cache
-CustomLog logs/access_log common-cache
- </pre>
+CustomLog logs/access_log common-cache</pre>
<p><code class="module"><a href="./mod/mod_cache.html">mod_cache</a></code> will run before
<p>In addition to the <code>env=</code> syntax, <code class="directive"><a href="./mod/mod_log_config.html#logformat">LogFormat</a></code> supports logging values
conditional upon the HTTP response code:</p>
- <pre class="prettyprint lang-config">
-LogFormat "%400,501{User-agent}i" browserlog
-LogFormat "%!200,304,302{Referer}i" refererlog
- </pre>
+ <pre class="prettyprint lang-config">LogFormat "%400,501{User-agent}i" browserlog
+LogFormat "%!200,304,302{Referer}i" refererlog</pre>
<p>In the first example, the <code>User-agent</code> will be
for this purpose. For example, to rotate the logs every 24 hours, you
can use:</p>
- <pre class="prettyprint lang-config">
- CustomLog "|/usr/local/apache/bin/rotatelogs /var/log/access_log 86400" common
- </pre>
+ <pre class="prettyprint lang-config"> CustomLog "|/usr/local/apache/bin/rotatelogs /var/log/access_log 86400" common</pre>
<p>Notice that quotes are used to enclose the entire command
a shell. Use "<code>|$</code>" instead of "<code>|</code>"
to spawn using a shell (usually with <code>/bin/sh -c</code>):</p>
- <pre class="prettyprint lang-config">
-# Invoke "rotatelogs" using a shell
-CustomLog "|$/usr/local/apache/bin/rotatelogs /var/log/access_log 86400" common
- </pre>
+ <pre class="prettyprint lang-config"># Invoke "rotatelogs" using a shell
+CustomLog "|$/usr/local/apache/bin/rotatelogs /var/log/access_log 86400" common</pre>
<p>This was the default behaviour for Apache 2.2.
later split the log into individual files. For example,
consider the following directives.</p>
- <pre class="prettyprint lang-config">
-LogFormat "%v %l %u %t \"%r\" %>s %b" comonvhost
-CustomLog logs/access_log comonvhost
- </pre>
+ <pre class="prettyprint lang-config">LogFormat "%v %l %u %t \"%r\" %>s %b" comonvhost
+CustomLog logs/access_log comonvhost</pre>
<p>The <code>%v</code> is used to log the name of the virtual
<p>Pour ce faire, vous devez spécifier le nom du module dans votre
directive <code class="directive">LogLevel</code> :</p>
- <pre class="prettyprint lang-config">
- LogLevel info rewrite:trace5
- </pre>
+ <pre class="prettyprint lang-config"> LogLevel info rewrite:trace5</pre>
<p>Dans cet exemple, le niveau de journalisation général est défini
<p>Voici une configuration typique pour le journal des accès :</p>
- <pre class="prettyprint lang-config">
-LogFormat "%h %l %u %t \"%r\" %>s %b" common
-CustomLog logs/access_log common
- </pre>
+ <pre class="prettyprint lang-config">LogFormat "%h %l %u %t \"%r\" %>s %b" common
+CustomLog logs/access_log common</pre>
<p>Ici est définie l'<em>identité</em> <code>common</code> qui est
"Combined Log Format" (Format de journalisation combiné). Il s'utilise
comme suit :</p>
- <pre class="prettyprint lang-config">
-LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combined
-CustomLog log/access_log combined
- </pre>
+ <pre class="prettyprint lang-config">LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combined
+CustomLog log/access_log combined</pre>
<p>Ce format est identique au Common Log Format, avec deux champs
comment simuler les effets des directives <code>ReferLog</code> et
<code>AgentLog</code>.</p>
- <pre class="prettyprint lang-config">
-LogFormat "%h %l %u %t \"%r\" %>s %b" common
+ <pre class="prettyprint lang-config">LogFormat "%h %l %u %t \"%r\" %>s %b" common
CustomLog logs/access_log common
CustomLog logs/referer_log "%{Referer}i -> %U"
-CustomLog logs/agent_log "%{User-agent}i"
- </pre>
+CustomLog logs/agent_log "%{User-agent}i"</pre>
<p>Cet exemple montre aussi qu'il n'est pas obligatoire d'associer
la variable d'environnement est définie.
Quelques exemples :</p>
- <pre class="prettyprint lang-config">
-# Marque les requêtes en provenance de l'interface loop-back
+ <pre class="prettyprint lang-config"># Marque les requêtes en provenance de l'interface loop-back
SetEnvIf Remote_Addr "127\.0\.0\.1" dontlog
# Marque les requêtes pour le fichier robots.txt
SetEnvIf Request_URI "^/robots\.txt$" dontlog
# Journalise toutes les autres requêtes
-CustomLog logs/access_log common env=!dontlog
- </pre>
+CustomLog logs/access_log common env=!dontlog</pre>
<p>Autre exemple, imaginons l'enregistrement des requêtes en provenance
d'utilisateurs de langue anglaise dans un journal, et celles des autres
utilisateurs dans un autre journal.</p>
- <pre class="prettyprint lang-config">
- SetEnvIf Accept-Language "en" english<br />
+ <pre class="prettyprint lang-config"> SetEnvIf Accept-Language "en" english<br />
CustomLog logs/english_log common env=english<br />
- CustomLog logs/non_english_log common env=!english
- </pre>
+ CustomLog logs/non_english_log common env=!english</pre>
<p>Dans le contexte d'une mise en cache, il peut être
intéressant de connaître l'efficacité du cache. Pour y parvenir,
on pourrait utiliser cette méthode simple :</p>
- <pre class="prettyprint lang-config">
-SetEnv CACHE_MISS 1
+ <pre class="prettyprint lang-config">SetEnv CACHE_MISS 1
LogFormat "%h %l %u %t "%r " %>s %b %{CACHE_MISS}e" common-cache
-CustomLog logs/access_log common-cache
- </pre>
+CustomLog logs/access_log common-cache</pre>
<p><code class="module"><a href="./mod/mod_cache.html">mod_cache</a></code> va s'exécuter avant
valeurs de journalisation conditionnelles basées sur le code de la
réponse HTTP :</p>
- <pre class="prettyprint lang-config">
-LogFormat "%400,501{User-agent}i" browserlog
-LogFormat "%!200,304,302{Referer}i" refererlog
- </pre>
+ <pre class="prettyprint lang-config">LogFormat "%400,501{User-agent}i" browserlog
+LogFormat "%!200,304,302{Referer}i" refererlog</pre>
<p>Dans le premier exemple, le <code>User-agent</code> sera
appelé <code class="program"><a href="./programs/rotatelogs.html">rotatelogs</a></code>. Par exemple, pour une rotation des
journaux toutes les 24 heures, ajoutez ces lignes :</p>
- <pre class="prettyprint lang-config">
- CustomLog "|/usr/local/apache/bin/rotatelogs /var/log/access_log 86400" common
- </pre>
+ <pre class="prettyprint lang-config"> CustomLog "|/usr/local/apache/bin/rotatelogs /var/log/access_log 86400" common</pre>
<p>Notez que l'ensemble de la commande qui sera appelée par le tube de
au lieu de "<code>|</code>" (en général avec <code>/bin/sh -c</code>)
:</p>
- <pre class="prettyprint lang-config">
-# Invocation de "rotatelogs" en utilisant un shell
-CustomLog "|$/usr/local/apache/bin/rotatelogs /var/log/access_log 86400" common
- </pre>
+ <pre class="prettyprint lang-config"># Invocation de "rotatelogs" en utilisant un shell
+CustomLog "|$/usr/local/apache/bin/rotatelogs /var/log/access_log 86400" common</pre>
journal, puis de séparer ultérieurement le journal en plusieurs journaux
individuels. Considérons par exemple les directives suivantes :</p>
- <pre class="prettyprint lang-config">
-LogFormat "%v %l %u %t \"%r\" %>s %b" comonvhost
-CustomLog logs/access_log comonvhost
- </pre>
+ <pre class="prettyprint lang-config">LogFormat "%v %l %u %t \"%r\" %>s %b" comonvhost
+CustomLog logs/access_log comonvhost</pre>
<p>Le champ <code>%v</code> sert à enregistrer le nom de l'hôte virtuel qui
Linux (Xen) system:
</p>
- <div class="example"><pre>
-top - 23:10:58 up 71 days, 6:14, 4 users, load average: 0.25, 0.53, 0.47
+ <div class="example"><pre>top - 23:10:58 up 71 days, 6:14, 4 users, load average: 0.25, 0.53, 0.47
Tasks: 163 total, 1 running, 162 sleeping, 0 stopped, 0 zombie
Cpu(s): 11.6%us, 0.7%sy, 0.0%ni, 87.3%id, 0.4%wa, 0.0%hi, 0.0%si, 0.0%st
Mem: 2621656k total, 2178684k used, 442972k free, 100500k buffers
The output of free looks like this:
</p>
- <div class="example"><pre>
-sctemme@brutus:~$ free
+ <div class="example"><pre>sctemme@brutus:~$ free
total used free shared buffers cached
Mem: 4026028 3901892 124136 0 253144 841044
-/+ buffers/cache: 2807704 1218324
-Swap: 3903784 12540 3891244
- </pre></div>
+Swap: 3903784 12540 3891244</pre></div>
<h4><a name="vmstat" id="vmstat">vmstat
</p>
- <div class="example"><pre>
-[sctemme@GayDeceiver sctemme]$ vmstat 5 3
+ <div class="example"><pre>[sctemme@GayDeceiver sctemme]$ vmstat 5 3
procs memory swap io system cpu
r b w swpd free buff cache si so bi bo in cs us sy id
0 0 0 0 186252 6688 37516 0 0 12 5 47 311 0 1 99
0 0 0 0 186244 6696 37516 0 0 0 16 41 314 0 0 100
- 0 0 0 0 186236 6704 37516 0 0 0 9 44 314 0 0 100
- </pre></div>
+ 0 0 0 0 186236 6704 37516 0 0 0 9 44 314 0 0 100</pre></div>
<p>And this is output of a server that is under a load of one
hundred simultaneous connections fetching static content:
</p>
- <div class="example"><pre>
-[sctemme@GayDeceiver sctemme]$ vmstat 5 3
+ <div class="example"><pre>[sctemme@GayDeceiver sctemme]$ vmstat 5 3
procs memory swap io system cpu
r b w swpd free buff cache si so bi bo in cs us sy id
1 0 1 0 162580 6848 40056 0 0 11 5 150 324 1 1 98
6 0 1 0 163280 6856 40248 0 0 0 66 6384 1117 42 25 32
-11 0 0 0 162780 6864 40436 0 0 0 61 6309 1165 33 28 40
- </pre></div>
+11 0 0 0 162780 6864 40436 0 0 0 61 6309 1165 33 28 40</pre></div>
<p>The first line gives averages since the last reboot. The
subsequent lines give information for five second
can be specified on a per module basis:
</p>
- <pre class="prettyprint lang-config">
- LogLevel debug mod_ssl:warn
- </pre>
+ <pre class="prettyprint lang-config"> LogLevel debug mod_ssl:warn</pre>
<p>
</p>
- <div class="example"><pre>
-195.54.228.42 - - [24/Mar/2007:23:05:11 -0400] "GET /sander/feed/ HTTP/1.1" 200 9747
+ <div class="example"><pre>195.54.228.42 - - [24/Mar/2007:23:05:11 -0400] "GET /sander/feed/ HTTP/1.1" 200 9747
64.34.165.214 - - [24/Mar/2007:23:10:11 -0400] "GET /sander/feed/atom HTTP/1.1" 200 9068
60.28.164.72 - - [24/Mar/2007:23:11:41 -0400] "GET / HTTP/1.0" 200 618
85.140.155.56 - - [24/Mar/2007:23:14:12 -0400] "GET /sander/2006/09/27/44/ HTTP/1.1" 200 14172
85.140.155.56 - - [24/Mar/2007:23:14:15 -0400] "GET /sander/2006/09/21/gore-tax-pollution/ HTTP/1.1" 200 15147
74.6.72.187 - - [24/Mar/2007:23:18:11 -0400] "GET /sander/2006/09/27/44/ HTTP/1.0" 200 14172
-74.6.72.229 - - [24/Mar/2007:23:24:22 -0400] "GET /sander/2006/11/21/os-java/ HTTP/1.0" 200 13457
- </pre></div>
+74.6.72.229 - - [24/Mar/2007:23:24:22 -0400] "GET /sander/2006/11/21/os-java/ HTTP/1.0" 200 13457</pre></div>
<table>
<tr>
pre-rendered blog pages:
</p>
-<pre class="prettyprint lang-config">
-Listen *:8001
+<pre class="prettyprint lang-config">Listen *:8001
<VirtualHost *:8001>
ServerName blog.sandla.org:8001
ServerAdmin sander@temme.net
Options +ExecCGI
Require all granted
</Directory>
- </VirtualHost>
-</pre>
+ </VirtualHost></pre>
<p>
<code>httpd.conf</code>:
</p>
-<pre class="prettyprint lang-config">
-CacheRoot /raid1/cacheroot
+<pre class="prettyprint lang-config">CacheRoot /raid1/cacheroot
CacheEnable disk /
# A page modified 100 minutes ago will expire in 10 minutes
CacheLastModifiedFactor .1
# Always check again after 6 hours
-CacheMaxExpire 21600
-</pre>
+CacheMaxExpire 21600</pre>
<p>This configuration will try to cache any and all content
Unfortunately there does currently not exist a way to cache
these headers.
</p>
-<pre class="prettyprint lang-config">
-<FilesMatch \.(jpe?g|png|gif|js|css|x?html|xml)>
+<pre class="prettyprint lang-config"><FilesMatch \.(jpe?g|png|gif|js|css|x?html|xml)>
FileETag None
-</FilesMatch>
-</pre>
+</FilesMatch></pre>
<p>
matching the criteria. Here's an example which disables lookups
except for <code>.html</code> and <code>.cgi</code> files:</p>
- <pre class="prettyprint lang-config">
-HostnameLookups off
+ <pre class="prettyprint lang-config">HostnameLookups off
<Files ~ "\.(html|cgi)$">
HostnameLookups on
-</Files>
- </pre>
+</Files></pre>
<p>But even still, if you just need DNS names in some CGIs you
system calls to check up on symlinks. One extra call per
filename component. For example, if you had:</p>
- <pre class="prettyprint lang-config">
-DocumentRoot /www/htdocs
+ <pre class="prettyprint lang-config">DocumentRoot /www/htdocs
<Directory />
Options SymLinksIfOwnerMatch
-</Directory>
- </pre>
+</Directory></pre>
<p>and a request is made for the URI <code>/index.html</code>.
every single request. If you really desire the symlinks
security checking you can do something like this:</p>
- <pre class="prettyprint lang-config">
-DocumentRoot /www/htdocs
+ <pre class="prettyprint lang-config">DocumentRoot /www/htdocs
<Directory />
Options FollowSymLinks
</Directory>
<Directory /www/htdocs>
Options -FollowSymLinks +SymLinksIfOwnerMatch
-</Directory>
- </pre>
+</Directory></pre>
<p>This at least avoids the extra checks for the
<code>.htaccess</code> for each filename component. For
example,</p>
- <pre class="prettyprint lang-config">
-DocumentRoot /www/htdocs
+ <pre class="prettyprint lang-config">DocumentRoot /www/htdocs
<Directory />
AllowOverride all
-</Directory>
- </pre>
+</Directory></pre>
<p>and a request is made for the URI <code>/index.html</code>.
do not match the code, they're contrived for pedagogical
purposes):</p>
- <pre class="prettyprint lang-c">
- for (;;) {
+ <pre class="prettyprint lang-c"> for (;;) {
for (;;) {
fd_set accept_fds;
if (new_connection != -1) break;
}
process_the(new_connection);
- }
- </pre>
+ }</pre>
<p>But this naive implementation has a serious starvation problem.
entry into the inner loop. The loop looks like this
(differences highlighted):</p>
- <pre class="prettyprint lang-c">
- for (;;) {
+ <pre class="prettyprint lang-c"> for (;;) {
<strong>accept_mutex_on ();</strong>
for (;;) {
fd_set accept_fds;
}
<strong>accept_mutex_off ();</strong>
process the new_connection;
- }
- </pre>
+ }</pre>
<p><a id="serialize" name="serialize">The functions</a>
<code>http_main.c</code>). The function looks roughly like
this:</p>
- <pre class="prettyprint lang-c">
- void lingering_close (int s)
+ <pre class="prettyprint lang-c"> void lingering_close (int s)
{
char junk_buffer[2048];
}
close (s);
- }
- </pre>
+ }</pre>
<p>This naturally adds some expense at the end of a connection,
Voici un exemple qui désactive les recherches DNS sauf pour les fichiers
<code>.html</code> et <code>.cgi</code> :</p>
- <pre class="prettyprint lang-config">
-HostnameLookups off
+ <pre class="prettyprint lang-config">HostnameLookups off
<Files ~ "\.(html|cgi)$">
HostnameLookups on
-</Files>
- </pre>
+</Files></pre>
<p>Mais même dans ce cas, si vous n'avez besoin de noms DNS que dans
symboliques. Un appel supplémentaire par élément du chemin du fichier.
Par exemple, si vous avez :</p>
- <pre class="prettyprint lang-config">
-DocumentRoot /www/htdocs
+ <pre class="prettyprint lang-config">DocumentRoot /www/htdocs
<Directory />
Options SymLinksIfOwnerMatch
-</Directory>
- </pre>
+</Directory></pre>
<p>et si une requête demande l'URI <code>/index.html</code>, Apache
vérifier la sécurité des liens symboliques, vous pouvez utiliser une
configuration du style :</p>
- <pre class="prettyprint lang-config">
-DocumentRoot /www/htdocs
+ <pre class="prettyprint lang-config">DocumentRoot /www/htdocs
<Directory />
Options FollowSymLinks
</Directory>
<Directory /www/htdocs>
Options -FollowSymLinks +SymLinksIfOwnerMatch
-</Directory>
- </pre>
+</Directory></pre>
<p>Ceci évite au moins les vérifications supplémentaires pour le chemin
pour chaque élément du chemin du fichier demandé. Par exemple, si vous
avez : </p>
- <pre class="prettyprint lang-config">
-DocumentRoot /www/htdocs
+ <pre class="prettyprint lang-config">DocumentRoot /www/htdocs
<Directory />
AllowOverride all
-</Directory>
- </pre>
+</Directory></pre>
<p>et qu'une requête demande l'URI <code>/index.html</code>, Apache
(ces exemples ne sont pas extraits du code d'Apache, ils ne sont
proposés qu'à des fins pédagogiques) :</p>
- <pre class="prettyprint lang-c">
- for (;;) {
+ <pre class="prettyprint lang-c"> for (;;) {
for (;;) {
fd_set accept_fds;
if (new_connection != -1) break;
}
process_the(new_connection);
- }
- </pre>
+ }</pre>
<p>Mais cette implémentation rudimentaire présente une sérieuse lacune.
entrées dans la boucle interne. La boucle ressemble à ceci (les
différences sont mises en surbrillance) :</p>
- <pre class="prettyprint lang-c">
- for (;;) {
+ <pre class="prettyprint lang-c"> for (;;) {
<strong>accept_mutex_on ();</strong>
for (;;) {
fd_set accept_fds;
}
<strong>accept_mutex_off ();</strong>
process the new_connection;
- }
- </pre>
+ }</pre>
<p><a id="serialize" name="serialize">Les fonctions</a>
<code>http_main.c</code>). La fonction ressemble approximativement à
ceci :</p>
- <pre class="prettyprint lang-c">
- void lingering_close (int s)
+ <pre class="prettyprint lang-c"> void lingering_close (int s)
{
char junk_buffer[2048];
}
close (s);
- }
- </pre>
+ }</pre>
<p>Ceci ajoute naturellement un peu de charge à la fin d'une connexion,
<p>In the server configuration file, put</p>
- <pre class="prettyprint lang-config">
-<Directory />
+ <pre class="prettyprint lang-config"><Directory />
AllowOverride None
-</Directory>
- </pre>
+</Directory></pre>
<p>This prevents the use of <code>.htaccess</code> files in all
work around this, add the following block to your server's
configuration:</p>
- <pre class="prettyprint lang-config">
-<Directory />
+ <pre class="prettyprint lang-config"><Directory />
Require all denied
-</Directory>
- </pre>
+</Directory></pre>
<p>This will forbid default access to filesystem locations. Add
appropriate <code class="directive"><a href="../mod/core.html#directory">Directory</a></code> blocks to
allow access only in those areas you wish. For example,</p>
- <pre class="prettyprint lang-config">
-<Directory /usr/users/*/public_html>
+ <pre class="prettyprint lang-config"><Directory /usr/users/*/public_html>
Require all granted
</Directory>
<Directory /usr/local/httpd>
Require all granted
-</Directory>
- </pre>
+</Directory></pre>
<p>Pay particular attention to the interactions of <code class="directive"><a href="../mod/core.html#location">Location</a></code> and <code class="directive"><a href="../mod/core.html#directory">Directory</a></code> directives; for instance, even
you probably commented out the following in your server configuration
file:</p>
- <pre class="prettyprint lang-config">
-<Files ".ht*">
+ <pre class="prettyprint lang-config"><Files ".ht*">
Require all denied
-</Files>
- </pre>
+</Files></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<p>Ajoutez dans le fichier de configuration du serveur</p>
- <pre class="prettyprint lang-config">
-<Directory />
+ <pre class="prettyprint lang-config"><Directory />
AllowOverride None
-</Directory>
- </pre>
+</Directory></pre>
<p>Ceci interdit l'utilisation des fichiers <code>.htaccess</code> dans
fichiers. Pour l'éviter, ajoutez le bloc suivant à la configuration
de votre serveur :</p>
- <pre class="prettyprint lang-config">
-<Directory />
+ <pre class="prettyprint lang-config"><Directory />
Require all denied
-</Directory>
- </pre>
+</Directory></pre>
<p>ceci va interdire l'accès par défaut à tous les fichiers du système de
<code class="directive"><a href="../mod/core.html#directory">Directory</a></code> appropriés correspondant
aux répertoires auxquels vous voulez autorisez l'accès. Par exemple,</p>
- <pre class="prettyprint lang-config">
-<Directory /usr/users/*/public_html>
+ <pre class="prettyprint lang-config"><Directory /usr/users/*/public_html>
Require all granted
</Directory>
<Directory /usr/local/httpd>
Require all granted
-</Directory>
- </pre>
+</Directory></pre>
<p>Portez une attention particulière aux interactions entre les directives
qui signifie que vous avez probablement mis en commentaire ce qui suit dans
le fichier de configuration de votre serveur :</p>
- <pre class="prettyprint lang-config">
-<Files ".ht*">
+ <pre class="prettyprint lang-config"><Files ".ht*">
Require all denied
-</Files>
- </pre>
+</Files></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<p>Using <code>none</code> for an argument will disable any accept filters
for that protocol. This is useful for protocols that require a server
send data first, such as <code>ftp:</code> or <code>nntp</code>:</p>
- <pre class="prettyprint lang-config">
- AcceptFilter nntp none
- </pre>
+ <pre class="prettyprint lang-config"> AcceptFilter nntp none</pre>
<p>The default protocol names are <code>https</code> for port 443
directive.</p>
<p>The default values on FreeBSD are:</p>
- <pre class="prettyprint lang-config">
-AcceptFilter http httpready
-AcceptFilter https dataready
- </pre>
+ <pre class="prettyprint lang-config">AcceptFilter http httpready
+AcceptFilter https dataready</pre>
<p>The <code>httpready</code> accept filter buffers entire HTTP requests at
accf_data(9)</a> filter is used.</p>
<p>The default values on Linux are:</p>
- <pre class="prettyprint lang-config">
-AcceptFilter http data
-AcceptFilter https data
- </pre>
+ <pre class="prettyprint lang-config">AcceptFilter http data
+AcceptFilter https data</pre>
<p>Linux's <code>TCP_DEFER_ACCEPT</code> does not support buffering http
tcp(7)</a> man page.</p>
<p>The default values on Windows are:</p>
- <pre class="prettyprint lang-config">
-AcceptFilter http data
-AcceptFilter https data
- </pre>
+ <pre class="prettyprint lang-config">AcceptFilter http data
+AcceptFilter https data</pre>
<p>Window's mpm_winnt interprets the AcceptFilter to toggle the AcceptEx()
the request, so you can use the following configuration to enable
such a script:</p>
- <pre class="prettyprint lang-config">
-<Files "mypaths.shtml">
+ <pre class="prettyprint lang-config"><Files "mypaths.shtml">
Options +Includes
SetOutputFilter INCLUDES
AcceptPathInfo On
-</Files>
- </pre>
+</Files></pre>
<code>/usr/local/.acl</code> and <code>/usr/local/web/.acl</code>
for directives, unless they have been disabled with</p>
- <pre class="prettyprint lang-config">
-<Directory />
+ <pre class="prettyprint lang-config"><Directory />
AllowOverride None
-</Directory>
- </pre>
+</Directory></pre>
<h3>See also</h3>
<p>Example:</p>
- <pre class="prettyprint lang-config">
-AllowOverride None
-AllowOverrideList Redirect RedirectMatch
- </pre>
+ <pre class="prettyprint lang-config">AllowOverride None
+AllowOverrideList Redirect RedirectMatch</pre>
<p>In the example above only the <code>Redirect</code> and
<p>Example:</p>
- <pre class="prettyprint lang-config">
-AllowOverride AuthConfig
-AllowOverrideList CookieTracking CookieName
- </pre>
+ <pre class="prettyprint lang-config">AllowOverride AuthConfig
+AllowOverrideList CookieTracking CookieName</pre>
<p>In the example above <code class="directive"><a href="#allowoverride">AllowOverride
will be relative to <code class="directive">ServerRoot</code>.</p>
<p><strong>Example</strong></p>
- <pre class="prettyprint lang-config">
-DefaultRuntimeDir scratch/
- </pre>
+ <pre class="prettyprint lang-config">DefaultRuntimeDir scratch/</pre>
<p>The default location of <code class="directive">DefaultRuntimeDir</code> may be
the <code>${VAR}</code> syntax. The variable is always globally defined
and not limited to the scope of the surrounding config section.</p>
- <pre class="prettyprint lang-config">
-<IfDefine TEST>
+ <pre class="prettyprint lang-config"><IfDefine TEST>
Define servername test.example.com
</IfDefine>
<IfDefine !TEST>
Define SSL
</IfDefine>
-DocumentRoot /var/www/${servername}/htdocs
- </pre>
+DocumentRoot /var/www/${servername}/htdocs</pre>
<p>Variable names may not contain colon ":" characters, to avoid clashes
<code>/home/user/public_html</code>, but <code><Directory
/home/*/public_html></code> will match. Example:</p>
- <pre class="prettyprint lang-config">
-<Directory "/usr/local/httpd/htdocs">
+ <pre class="prettyprint lang-config"><Directory "/usr/local/httpd/htdocs">
Options Indexes FollowSymLinks
-</Directory>
- </pre>
+</Directory></pre>
<div class="note">
expressions</a> can also be used, with the addition of the
<code>~</code> character. For example:</p>
- <pre class="prettyprint lang-config">
-<Directory ~ "^/www/[0-9]{3}">
+ <pre class="prettyprint lang-config"><Directory ~ "^/www/[0-9]{3}">
-</Directory>
-</pre>
+</Directory></pre>
<p>would match directories in <code>/www/</code> that consisted of
first, interspersed with the directives from the <a href="#accessfilename">.htaccess</a> files. For example,
with</p>
- <pre class="prettyprint lang-config">
-<Directory />
+ <pre class="prettyprint lang-config"><Directory />
AllowOverride None
</Directory>
<Directory "/home">
AllowOverride FileInfo
-</Directory>
- </pre>
+</Directory></pre>
<p>for access to the document <code>/home/web/dir/doc.html</code>
expressions are tested in the order they appeared in the
configuration file. For example, with</p>
- <pre class="prettyprint lang-config">
-<Directory ~ "abc$">
+ <pre class="prettyprint lang-config"><Directory ~ "abc$">
# ... directives here ...
-</Directory>
- </pre>
+</Directory></pre>
<p>the regular expression section won't be considered until after
recommended that you change this with a block such
as</strong></p>
- <pre class="prettyprint lang-config">
-<Directory />
+ <pre class="prettyprint lang-config"><Directory />
Require all denied
-</Directory>
- </pre>
+</Directory></pre>
<p><strong>and then override this for directories you
However, it takes as an argument a
<a class="glossarylink" href="../glossary.html#regex" title="see glossary">regular expression</a>. For example:</p>
- <pre class="prettyprint lang-config">
-<DirectoryMatch "^/www/(.+/)?[0-9]{3}">
+ <pre class="prettyprint lang-config"><DirectoryMatch "^/www/(.+/)?[0-9]{3}">
# ...
-</DirectoryMatch>
-</pre>
+</DirectoryMatch></pre>
<p>would match directories in <code>/www/</code> that consisted of three
<code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>. In order to prevent confusion, numbered
(unnamed) backreferences are ignored. Use named groups instead.</p>
-<pre class="prettyprint lang-config">
-<DirectoryMatch ^/var/www/combined/(?<sitename>[^/]+)>
+<pre class="prettyprint lang-config"><DirectoryMatch ^/var/www/combined/(?<sitename>[^/]+)>
require ldap-group cn=%{env:MATCH_SITENAME},ou=combined,o=Example
-</DirectoryMatch>
-</pre>
+</DirectoryMatch></pre>
<h3>See also</h3>
in the same scope has not been applied.
For example: In </p>
- <pre class="prettyprint lang-config">
-<If "-z req('Host')">
+ <pre class="prettyprint lang-config"><If "-z req('Host')">
# ...
</If>
<Else>
# ...
-</Else>
- </pre>
+</Else></pre>
<p> The <code class="directive"><If></code> would match HTTP/1.0
<code class="directive"><ElseIf></code> section in the same scope has
not been applied. For example: In </p>
- <pre class="prettyprint lang-config">
-<If "-R '10.1.0.0/16'">
+ <pre class="prettyprint lang-config"><If "-R '10.1.0.0/16'">
#...
</If>
<ElseIf "-R '10.0.0.0/8'">
</ElseIf>
<Else>
#...
-</Else>
- </pre>
+</Else></pre>
<p>The <code class="directive"><ElseIf></code> would match if
<p>For NFS mounted files, this feature may be disabled explicitly for
the offending files by specifying:</p>
- <pre class="prettyprint lang-config">
-<Directory "/path-to-nfs-files">
+ <pre class="prettyprint lang-config"><Directory "/path-to-nfs-files">
EnableMMAP Off
-</Directory>
- </pre>
+</Directory></pre>
</div>
<p>For network mounted files, this feature may be disabled explicitly
for the offending files by specifying:</p>
- <pre class="prettyprint lang-config">
-<Directory "/path-to-nfs-files">
+ <pre class="prettyprint lang-config"><Directory "/path-to-nfs-files">
EnableSendfile Off
-</Directory>
- </pre>
+</Directory></pre>
<p>Please note that the per-directory and .htaccess configuration
of <code class="directive">EnableSendfile</code> is not supported by
configuration parsing. The typical use is for reporting required
modules which are missing from the configuration.</p>
- <pre class="prettyprint lang-config">
-# Example
+ <pre class="prettyprint lang-config"># Example
# ensure that mod_include is loaded
<IfModule !include_module>
Error "mod_include is required by mod_foo. Load it with LoadModule."
<IfDefine !NOSSL>
Error "Either SSL or NOSSL must be defined."
</IfDefine>
-</IfDefine>
- </pre>
+</IfDefine></pre>
full URL which the client can resolve. Alternatively, a message
can be provided to be displayed by the browser. Examples:</p>
- <pre class="prettyprint lang-config">
-ErrorDocument 500 http://foo.example.com/cgi-bin/tester
+ <pre class="prettyprint lang-config">ErrorDocument 500 http://foo.example.com/cgi-bin/tester
ErrorDocument 404 /cgi-bin/bad_urls.pl
ErrorDocument 401 /subscription_info.html
ErrorDocument 403 "Sorry can't allow you access today"
-ErrorDocument 403 Forbidden!
- </pre>
+ErrorDocument 403 Forbidden!</pre>
<p>Additionally, the special value <code>default</code> can be used
Apache httpd's simple hardcoded message for configurations that would
otherwise inherit an existing <code class="directive">ErrorDocument</code>.</p>
- <pre class="prettyprint lang-config">
-ErrorDocument 404 /cgi-bin/bad_urls.pl
+ <pre class="prettyprint lang-config">ErrorDocument 404 /cgi-bin/bad_urls.pl
<Directory /web/docs>
ErrorDocument 404 default
-</Directory>
- </pre>
+</Directory></pre>
<p>Note that when you specify an <code class="directive">ErrorDocument</code>
supplementary information is logged in the error log in addition to the
actual log message.</p>
- <pre class="prettyprint lang-config">
-#Simple example
-ErrorLogFormat "[%t] [%l] [pid %P] %F: %E: [client %a] %M"
- </pre>
+ <pre class="prettyprint lang-config">#Simple example
+ErrorLogFormat "[%t] [%l] [pid %P] %F: %E: [client %a] %M"</pre>
<p>Specifying <code>connection</code> or <code>request</code> as first
with error log lines. If <code class="module"><a href="../mod/mod_unique_id.html">mod_unique_id</a></code> is loaded, its
unique id will be used as log ID for requests.</p>
- <pre class="prettyprint lang-config">
-#Example (default format for threaded MPMs)
-ErrorLogFormat "[%{u}t] [%-m:%l] [pid %P:tid %T] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i"
- </pre>
+ <pre class="prettyprint lang-config">#Example (default format for threaded MPMs)
+ErrorLogFormat "[%{u}t] [%-m:%l] [pid %P:tid %T] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i"</pre>
<p>This would result in error messages such as:</p>
<p>Notice that, as discussed above, some fields are omitted
entirely because they are not defined.</p>
- <pre class="prettyprint lang-config">
-#Example (similar to the 2.2.x format)
-ErrorLogFormat "[%t] [%l] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i"
- </pre>
+ <pre class="prettyprint lang-config">#Example (similar to the 2.2.x format)
+ErrorLogFormat "[%t] [%l] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i"</pre>
- <pre class="prettyprint lang-config">
-#Advanced example with request/connection log IDs
+ <pre class="prettyprint lang-config">#Advanced example with request/connection log IDs
ErrorLogFormat "[%{uc}t] [%-m:%-l] [R:%L] [C:%{C}L] %7F: %E: %M"
ErrorLogFormat request "[%{uc}t] [R:%L] Request %k on C:%{c}L pid:%P tid:%T"
ErrorLogFormat request "[%{uc}t] [R:%L] UA:'%+{User-Agent}i'"
ErrorLogFormat request "[%{uc}t] [R:%L] Referer:'%+{Referer}i'"
-ErrorLogFormat connection "[%{uc}t] [C:%{c}L] local\ %a remote\ %A"
- </pre>
+ErrorLogFormat connection "[%{uc}t] [C:%{c}L] local\ %a remote\ %A"</pre>
<p>The <var>filename</var> argument should include a filename, or
a wild-card string, where <code>?</code> matches any single character,
and <code>*</code> matches any sequences of characters.</p>
- <pre class="prettyprint lang-config">
-<Files "cat.html">
+ <pre class="prettyprint lang-config"><Files "cat.html">
# Insert stuff that applies to cat.html here
</Files>
<Files "?at.*">
# This would apply to cat.html, bat.html, hat.php and so on.
-</Files>
-</pre>
+</Files></pre>
<p><a class="glossarylink" href="../glossary.html#regex" title="see glossary">Regular expressions</a>
can also be used, with the addition of the
<code>~</code> character. For example:</p>
- <pre class="prettyprint lang-config">
-<Files ~ "\.(gif|jpe?g|png)$">
+ <pre class="prettyprint lang-config"><Files ~ "\.(gif|jpe?g|png)$">
#...
-</Files>
-</pre>
+</Files></pre>
<p>would match most common Internet graphics formats. <code class="directive"><a href="#filesmatch"><FilesMatch></a></code> is preferred,
does. However, it accepts a <a class="glossarylink" href="../glossary.html#regex" title="see glossary">regular
expression</a>. For example:</p>
-<pre class="prettyprint lang-config">
-<FilesMatch "\.(gif|jpe?g|png)$">
+<pre class="prettyprint lang-config"><FilesMatch "\.(gif|jpe?g|png)$">
# ...
-</FilesMatch>
-</pre>
+</FilesMatch></pre>
<p>would match most common Internet graphics formats.</p>
<code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>. In order to prevent confusion, numbered
(unnamed) backreferences are ignored. Use named groups instead.</p>
-<pre class="prettyprint lang-config">
-<FilesMatch ^(?<sitename>[^/]+)>
+<pre class="prettyprint lang-config"><FilesMatch ^(?<sitename>[^/]+)>
require ldap-group cn=%{env:MATCH_SITENAME},ou=combined,o=Example
-</FilesMatch>
-</pre>
+</FilesMatch></pre>
<h3>See also</h3>
<code class="directive">ForceType</code> settings
by using the value of <code>None</code>:</p>
- <pre class="prettyprint lang-config">
-# force all files to be image/gif:
+ <pre class="prettyprint lang-config"># force all files to be image/gif:
<Location /images>
ForceType image/gif
</Location>
# but normal mime-type associations here:
<Location /images/mixed>
ForceType None
-</Location>
- </pre>
+</Location></pre>
<p>This directive primarily overrides the content types generated for
multiple-parameter tests. Example:</p>
<div class="example"><p><code>httpd -DReverseProxy -DUseCache -DMemCache ...</code></p></div>
- <pre class="prettyprint lang-config">
-<IfDefine ReverseProxy>
+ <pre class="prettyprint lang-config"><IfDefine ReverseProxy>
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
<IfDefine UseCache>
LoadModule cache_disk_module modules/mod_cache_disk.so
</IfDefine>
</IfDefine>
-</IfDefine>
- </pre>
+</IfDefine></pre>
</div>
<p>Examples:</p>
- <pre class="prettyprint lang-config">
-Include /usr/local/apache2/conf/ssl.conf
-Include /usr/local/apache2/conf/vhosts/*.conf
- </pre>
+ <pre class="prettyprint lang-config">Include /usr/local/apache2/conf/ssl.conf
+Include /usr/local/apache2/conf/vhosts/*.conf</pre>
<p>Or, providing paths relative to your <code class="directive"><a href="#serverroot">ServerRoot</a></code> directory:</p>
- <pre class="prettyprint lang-config">
-Include conf/ssl.conf
-Include conf/vhosts/*.conf
- </pre>
+ <pre class="prettyprint lang-config">Include conf/ssl.conf
+Include conf/vhosts/*.conf</pre>
<p>Wildcards may be included in the directory or file portion of the
only to the methods <code>POST</code>, <code>PUT</code>, and
<code>DELETE</code>, leaving all other methods unprotected:</p>
- <pre class="prettyprint lang-config">
-<Limit POST PUT DELETE>
+ <pre class="prettyprint lang-config"><Limit POST PUT DELETE>
Require valid-user
-</Limit>
- </pre>
+</Limit></pre>
<p>The method names listed can be one or more of: <code>GET</code>,
<code>Require group editors</code> directive will be ignored
in all cases:</p>
- <pre class="prettyprint lang-config">
-<LimitExcept GET>
+ <pre class="prettyprint lang-config"><LimitExcept GET>
Require valid-user
</LimitExcept>
<Limit POST>
Require group editors
-</Limit>
- </pre>
+</Limit></pre>
</div>
<p>For example:</p>
- <pre class="prettyprint lang-config">
-<LimitExcept POST GET>
+ <pre class="prettyprint lang-config"><LimitExcept POST GET>
Require valid-user
-</LimitExcept>
- </pre>
+</LimitExcept></pre>
/private1, /private1/ and /private1/file.txt will have the enclosed
directives applied, but /private1other would not.
</p>
- <pre class="prettyprint lang-config">
-<Location /private1>
+ <pre class="prettyprint lang-config"><Location /private1>
# ...
-</Location>
- </pre>
+</Location></pre>
<p>
In the example below, where a trailing slash is used, requests to
/private2/ and /private2/file.txt will have the enclosed
directives applied, but /private2 and /private2other would not.
</p>
- <pre class="prettyprint lang-config">
-<Location /private2<em>/</em>>
+ <pre class="prettyprint lang-config"><Location /private2<em>/</em>>
# ...
-</Location>
- </pre>
+</Location></pre>
<div class="note"><h3>When to use <code class="directive"><Location></code></h3>
can also be used, with the addition of the <code>~</code>
character. For example:</p>
- <pre class="prettyprint lang-config">
-<Location ~ "/(extra|special)/data">
+ <pre class="prettyprint lang-config"><Location ~ "/(extra|special)/data">
#...
-</Location>
-</pre>
+</Location></pre>
<p>would match URLs that contained the substring <code>/extra/data</code>
directive. For example, to enable status requests, but allow them
only from browsers at <code>example.com</code>, you might use:</p>
- <pre class="prettyprint lang-config">
-<Location /status>
+ <pre class="prettyprint lang-config"><Location /status>
SetHandler server-status
Require host example.com
-</Location>
- </pre>
+</Location></pre>
<div class="note"><h3>Note about / (slash)</h3>
it takes a <a class="glossarylink" href="../glossary.html#regex" title="see glossary">regular expression</a>
as an argument instead of a simple string. For example:</p>
- <pre class="prettyprint lang-config">
-<LocationMatch "/(extra|special)/data">
+ <pre class="prettyprint lang-config"><LocationMatch "/(extra|special)/data">
# ...
-</LocationMatch>
-</pre>
+</LocationMatch></pre>
<p>would match URLs that contained the substring <code>/extra/data</code>
<code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>. In order to prevent confusion, numbered
(unnamed) backreferences are ignored. Use named groups instead.</p>
-<pre class="prettyprint lang-config">
-<LocationMatch ^/combined/(?<sitename>[^/]+)>
+<pre class="prettyprint lang-config"><LocationMatch ^/combined/(?<sitename>[^/]+)>
require ldap-group cn=%{env:MATCH_SITENAME},ou=combined,o=Example
-</LocationMatch>
-</pre>
+</LocationMatch></pre>
<h3>See also</h3>
as module specification. This means the following three specifications
are equivalent:</p>
- <pre class="prettyprint lang-config">
-LogLevel info ssl:warn
+ <pre class="prettyprint lang-config">LogLevel info ssl:warn
LogLevel info mod_ssl.c:warn
-LogLevel info ssl_module:warn
- </pre>
+LogLevel info ssl_module:warn</pre>
<p>It is also possible to change the level per directory:</p>
- <pre class="prettyprint lang-config">
-LogLevel info
+ <pre class="prettyprint lang-config">LogLevel info
<Directory "/usr/local/apache/htdocs/app">
LogLevel debug
-</Directory>
- </pre>
+</Directory></pre>
<div class="note">
<p>Examples:</p>
- <pre class="prettyprint lang-config">
- LogLevelOverride 192.0.2.0/24 ssl:trace6
- LogLevelOverride 192.0.2.7 ssl:trace8
- </pre>
+ <pre class="prettyprint lang-config"> LogLevelOverride 192.0.2.0/24 ssl:trace6
+ LogLevelOverride 192.0.2.7 ssl:trace8</pre>
<div class="note">
<code>/var/httpd/locks</code>. The mutex mechanism for all other mutexes
will be changed from the compiled-in default to <code>sysvsem</code>.</p>
- <pre class="prettyprint lang-config">
-Mutex sysvsem default
-Mutex fcntl:/var/httpd/locks mpm-accept
- </pre>
+ <pre class="prettyprint lang-config">Mutex sysvsem default
+Mutex fcntl:/var/httpd/locks mpm-accept</pre>
</div>
<p>For example, without any <code>+</code> and <code>-</code> symbols:</p>
- <pre class="prettyprint lang-config">
-<Directory "/web/docs">
+ <pre class="prettyprint lang-config"><Directory "/web/docs">
Options Indexes FollowSymLinks
</Directory>
<Directory "/web/docs/spec">
Options Includes
-</Directory>
- </pre>
+</Directory></pre>
<p>then only <code>Includes</code> will be set for the
<code class="directive">Options</code> directive uses the <code>+</code> and
<code>-</code> symbols:</p>
- <pre class="prettyprint lang-config">
-<Directory "/web/docs">
+ <pre class="prettyprint lang-config"><Directory "/web/docs">
Options Indexes FollowSymLinks
</Directory>
<Directory "/web/docs/spec">
Options +Includes -Indexes
-</Directory>
- </pre>
+</Directory></pre>
<p>then the options <code>FollowSymLinks</code> and
alternate names for a host, for use with <a href="../vhosts/name-based.html">name-based virtual hosts</a>. The
<code class="directive">ServerAlias</code> may include wildcards, if appropriate.</p>
- <pre class="prettyprint lang-config">
-<VirtualHost *:80>
+ <pre class="prettyprint lang-config"><VirtualHost *:80>
ServerName server.example.com
ServerAlias server server2.example.com server2
ServerAlias *.example.com
UseCanonicalName Off
# ...
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>Name-based virtual hosts for the best-matching set of <code class="directive"><a href="#virtualhost"><virtualhost></a></code>s are processed
<code>http://servername/status</code> was called, you might put
the following into <code>httpd.conf</code>:</p>
- <pre class="prettyprint lang-config">
-<Location "/status">
+ <pre class="prettyprint lang-config"><Location "/status">
SetHandler server-status
-</Location>
- </pre>
+</Location></pre>
<p>You could also use this directive to configure a particular
handler for files with a particular file extension. For example:</p>
- <pre class="prettyprint lang-config">
-<FilesMatch \.php$>
+ <pre class="prettyprint lang-config"><FilesMatch \.php$>
SetHandler application/x-httpd-php
-</FilesMatch>
- </pre>
+</FilesMatch></pre>
<p>You can override an earlier defined <code class="directive">SetHandler</code>
in the <code>/www/data/</code> directory for server-side
includes.</p>
- <pre class="prettyprint lang-config">
-<Directory "/www/data/">
+ <pre class="prettyprint lang-config"><Directory "/www/data/">
SetOutputFilter INCLUDES
-</Directory>
- </pre>
+</Directory></pre>
<p>If more than one filter is specified, they must be separated
</ul>
- <pre class="prettyprint lang-config">
-<VirtualHost 10.1.2.3:80>
+ <pre class="prettyprint lang-config"><VirtualHost 10.1.2.3:80>
ServerAdmin webmaster@host.example.com
DocumentRoot /www/docs/host.example.com
ServerName host.example.com
ErrorLog logs/host.example.com-error_log
TransferLog logs/host.example.com-access_log
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
the optional port number could not be determined otherwise. An
IPv6 example is shown below:</p>
- <pre class="prettyprint lang-config">
-<VirtualHost [2001:db8::a00:20ff:fea7:ccea]:80>
+ <pre class="prettyprint lang-config"><VirtualHost [2001:db8::a00:20ff:fea7:ccea]:80>
ServerAdmin webmaster@host.example.com
DocumentRoot /www/docs/host.example.com
ServerName host.example.com
ErrorLog logs/host.example.com-error_log
TransferLog logs/host.example.com-access_log
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>Each Virtual Host must correspond to a different IP address,
configuration parsing is not halted. The typical use it to check
whether some user define options are set, and warn if not.</p>
- <pre class="prettyprint lang-config">
-# Example
+ <pre class="prettyprint lang-config"># Example
# tell when ReverseProxy is not set
<IfDefine !ReverseProxy>
Warning "reverse proxy is not started, hope this is okay!"
<IfDefine ReverseProxy>
# define custom proxy configuration
-</IfDefine>
- </pre>
+</IfDefine></pre>
filtre d'acceptation pour ce protocole. Ceci s'avère utile pour les
protocoles qui nécessitent l'envoi de données par le serveur en
premier, comme <code>ftp:</code> ou <code>nntp</code>:</p>
- <pre class="prettyprint lang-config">
- AcceptFilter nntp none
- </pre>
+ <pre class="prettyprint lang-config"> AcceptFilter nntp none</pre>
<p>Les noms de protocoles par défaut sont <code>https</code> pour le
ajoutez l'argument <var>protocol</var> à la directive <code class="directive"><a href="../mod/mpm_common.html#listen">Listen</a></code>.</p>
<p>Sous FreeBSD, les valeurs par défaut sont :</p>
- <pre class="prettyprint lang-config">
-AcceptFilter http httpready
-AcceptFilter https dataready
- </pre>
+ <pre class="prettyprint lang-config">AcceptFilter http httpready
+AcceptFilter https dataready</pre>
<p>Le filtre d'acceptation <code>httpready</code> met en tampon des
HTTPS sont chiffrées, celles-ci n'autorisent que le filtre <a href="http://www.freebsd.org/cgi/man.cgi?query=accf_data& sektion=9">accf_data(9)</a>.</p>
<p>Sous Linux, les valeurs par défaut sont :</p>
- <pre class="prettyprint lang-config">
-AcceptFilter http data
-AcceptFilter https data
- </pre>
+ <pre class="prettyprint lang-config">AcceptFilter http data
+AcceptFilter https data</pre>
<p>Le filtre <code>TCP_DEFER_ACCEPT</code> de Linux ne supporte pas
manuel Linux de <a href="http://homepages.cwi.nl/~aeb/linux/man2html/man7/ tcp.7.html">tcp(7)</a>.</p>
<p>Sous Windows, les valeurs par défaut sont :</p>
- <pre class="prettyprint lang-config">
-AcceptFilter http data
-AcceptFilter https data
- </pre>
+ <pre class="prettyprint lang-config">AcceptFilter http data
+AcceptFilter https data</pre>
<p>Le module MPM pour Windows mpm_winnt utilise la directive
sur <code>PATH_INFO</code>. Le gestionnaire de base va en général
rejeter la requête, et vous pouvez utiliser la configuration
suivante pour utiliser un tel script :</p>
-<pre class="prettyprint lang-config">
-<Files "mypaths.shtml">
+<pre class="prettyprint lang-config"><Files "mypaths.shtml">
Options +Includes
SetOutputFilter INCLUDES
AcceptPathInfo On
-</Files>
- </pre>
+</Files></pre>
pour y lire d'éventuelles directives, à moins quelles n'aient été
désactivées avec</p>
- <pre class="prettyprint lang-config">
-<Directory />
+ <pre class="prettyprint lang-config"><Directory />
AllowOverride None
-</Directory>
- </pre>
+</Directory></pre>
<h3>Voir aussi</h3>
<p>Example:</p>
- <pre class="prettyprint lang-config">
-AllowOverride None
-AllowOverrideList Redirect RedirectMatch
- </pre>
+ <pre class="prettyprint lang-config">AllowOverride None
+AllowOverrideList Redirect RedirectMatch</pre>
<p>Dans l'exemple ci-dessus, seules les directives
<p>Example:</p>
- <pre class="prettyprint lang-config">
-AllowOverride AuthConfig
-AllowOverrideList CookieTracking CookieName
- </pre>
+ <pre class="prettyprint lang-config">AllowOverride AuthConfig
+AllowOverrideList CookieTracking CookieName</pre>
<p>Dans l'exemple ci-dessus, la directive <code class="directive"><a href="#allowoverride">AllowOverride</a></code> autorise les directives du
<code class="directive">ServerRoot</code>.</p>
<p><strong>Example</strong></p>
- <pre class="prettyprint lang-config">
-DefaultRuntimeDir scratch/
- </pre>
+ <pre class="prettyprint lang-config">DefaultRuntimeDir scratch/</pre>
<p>La valeur par défaut de la directive
La portée de la variable est toujours globale, et n'est jamais
limitée à la section de configuration courante.</p>
- <pre class="prettyprint lang-config">
-<IfDefine TEST>
+ <pre class="prettyprint lang-config"><IfDefine TEST>
Define servername test.example.com
</IfDefine>
<IfDefine !TEST>
Define SSL
</IfDefine>
- DocumentRoot /var/www/${servername}/htdocs
- </pre>
+ DocumentRoot /var/www/${servername}/htdocs</pre>
<p>Le caractère ":" est interdit dans les noms de variables afin
* <code>/home/user/public_html</code>, alors que <code><Directory
/home/*/public_html></code> conviendra. Exemple :</p>
- <pre class="prettyprint lang-config">
-<Directory "/usr/local/httpd/htdocs">
+ <pre class="prettyprint lang-config"><Directory "/usr/local/httpd/htdocs">
Options Indexes FollowSymLinks
-</Directory>
- </pre>
+</Directory></pre>
<div class="note">
peuvent aussi être utilisées en ajoutant le caractère
<code>~</code>. Par exemple :</p>
- <pre class="prettyprint lang-config">
-<Directory ~ "^/www/[0-9]{3}">
+ <pre class="prettyprint lang-config"><Directory ~ "^/www/[0-9]{3}">
-</Directory>
-</pre>
+</Directory></pre>
<p>pourra correspondre à tout répertoire situé dans /www/ et dont le
directives des fichiers <a href="#accessfilename">.htaccess</a>. Par
exemple, avec</p>
- <pre class="prettyprint lang-config">
-<Directory />
+ <pre class="prettyprint lang-config"><Directory />
AllowOverride None
</Directory>
<Directory "/home">
AllowOverride FileInfo
-</Directory>
- </pre>
+</Directory></pre>
<p>l'accès au document <code>/home/web/dir/doc.html</code> emprunte
testés selon l'ordre dans lequel ils apparaissent dans le fichier de
configuration. Par exemple, avec</p>
- <pre class="prettyprint lang-config">
-<Directory ~ "abc$">
+ <pre class="prettyprint lang-config"><Directory ~ "abc$">
# ... directives ici ...
-</Directory>
- </pre>
+</Directory></pre>
<p>la section avec expression rationnelle ne sera prise en compte
correspondant à une URL. Il est recommandé de modifier cette
situation à l'aide d'un bloc du style</strong></p>
- <pre class="prettyprint lang-config">
-<Directory />
+ <pre class="prettyprint lang-config"><Directory />
Require all denied
-</Directory>
- </pre>
+</Directory></pre>
<p><strong>puis d'affiner la configuration pour les répertoires que vous
précisé (et aux fichiers qu'il contient), comme pour la section <code class="directive"><a href="#directory"><Directory></a></code>. Cependant, le
répertoire est précisé sous la forme d'une <a class="glossarylink" href="../glossary.html#regex" title="voir glossaire">expression rationnelle</a>. Par exemple :</p>
- <pre class="prettyprint lang-config">
-<DirectoryMatch "^/www/(.+/)?[0-9]{3}">
+ <pre class="prettyprint lang-config"><DirectoryMatch "^/www/(.+/)?[0-9]{3}">
# ...
-</DirectoryMatch>
-</pre>
+</DirectoryMatch></pre>
<p>conviendrait pour les sous-répertoires de <code>/www/</code> dont
nommées) sont ignorées. Vous devez utiliser à la place des groupes
nommés.</p>
-<pre class="prettyprint lang-config">
-<DirectoryMatch ^/var/www/combined/(?<sitename>[^/]+)>
+<pre class="prettyprint lang-config"><DirectoryMatch ^/var/www/combined/(?<sitename>[^/]+)>
require ldap-group cn=%{env:MATCH_SITENAME},ou=combined,o=Example
-</DirectoryMatch>
-</pre>
+</DirectoryMatch></pre>
<h3>Voir aussi</h3>
supérieure et dans la même portée n'ont pas été satisfaites. Par
exemple, dans :</p>
- <pre class="prettyprint lang-config">
-<If "-z req('Host')">
+ <pre class="prettyprint lang-config"><If "-z req('Host')">
# ...
</If>
<Else>
# ...
-</Else>
- </pre>
+</Else></pre>
<p>La condition de la section <code class="directive"><If></code> serait satisfaite pour les requêtes
ou <code class="directive"><ElseIf></code> de la même portée ne
l'est pas. Par exemple, dans :</p>
- <pre class="prettyprint lang-config">
-<If "-R '10.1.0.0/16'">
+ <pre class="prettyprint lang-config"><If "-R '10.1.0.0/16'">
#...
</If>
<ElseIf "-R '10.0.0.0/8'">
</ElseIf>
<Else>
#...
-</Else>
- </pre>
+</Else></pre>
<p>La condition correspondant à la section <code class="directive"><ElseIf></code> est satisfaite si l'adresse
explicitement désactivée pour les fichiers concernés en spécifiant
:</p>
- <pre class="prettyprint lang-config">
-<Directory "/path-to-nfs-files">
+ <pre class="prettyprint lang-config"><Directory "/path-to-nfs-files">
EnableMMAP Off
-</Directory>
- </pre>
+</Directory></pre>
</div>
explicitement désactivée pour les fichiers concernés en spécifiant
:</p>
- <pre class="prettyprint lang-config">
-<Directory "/path-to-nfs-files">
+ <pre class="prettyprint lang-config"><Directory "/path-to-nfs-files">
EnableSendfile Off
-</Directory>
- </pre>
+</Directory></pre>
<p>Veuillez noter que la configuration de la directive
<code class="directive">EnableSendfile</code> dans un contexte de répertoire
directive peut être utilisée pour générer un message d'erreur
personnalisé, et interrompre la lecture de la configuration. </p>
- <pre class="prettyprint lang-config">
-# Exemple
+ <pre class="prettyprint lang-config"># Exemple
# vérification du chargement de mod_include
<IfModule !include_module>
Error "mod_include is required by mod_foo. Load it with LoadModule."
<IfDefine !NOSSL>
Error "Either SSL or NOSSL must be defined."
</IfDefine>
-</IfDefine>
- </pre>
+</IfDefine></pre>
Alternativement, un message à afficher par le navigateur pourra être
fourni. Exemples :</p>
- <pre class="prettyprint lang-config">
-ErrorDocument 500 http://foo.example.com/cgi-bin/tester
+ <pre class="prettyprint lang-config">ErrorDocument 500 http://foo.example.com/cgi-bin/tester
ErrorDocument 404 /cgi-bin/bad_urls.pl
ErrorDocument 401 /subscription_info.html
ErrorDocument 403 "Sorry can't allow you access today"
-ErrorDocument 403 Forbidden!
- </pre>
+ErrorDocument 403 Forbidden!</pre>
<p>De plus, on peut spécifier la valeur spéciale <code>default</code>
les configurations qui sans cela, hériteraient d'une directive
<code class="directive">ErrorDocument</code> existante.</p>
- <pre class="prettyprint lang-config">
-ErrorDocument 404 /cgi-bin/bad_urls.pl
+ <pre class="prettyprint lang-config">ErrorDocument 404 /cgi-bin/bad_urls.pl
<Directory /web/docs>
ErrorDocument 404 default
-</Directory>
- </pre>
+</Directory></pre>
<p>Notez que lorsque vous spécifiez une directive
spécifier quelles informations supplémentaires vont être enregistrées
dans le journal des erreurs en plus du message habituel.</p>
- <pre class="prettyprint lang-config">
-# Exemple simple
-ErrorLogFormat "[%t] [%l] [pid %P] %F: %E: [client %a] %M"
- </pre>
+ <pre class="prettyprint lang-config"># Exemple simple
+ErrorLogFormat "[%t] [%l] [pid %P] %F: %E: [client %a] %M"</pre>
<p>La spécification de <code>connection</code> ou
c'est son identifiant unique qui sera utilisé comme identifiant de
journal pour les requêtes.</p>
- <pre class="prettyprint lang-config">
-# Exemple (format par défaut pour les MPMs threadés)
-ErrorLogFormat "[%{u}t] [%-m:%l] [pid %P:tid %T] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i"
- </pre>
+ <pre class="prettyprint lang-config"># Exemple (format par défaut pour les MPMs threadés)
+ErrorLogFormat "[%{u}t] [%-m:%l] [pid %P:tid %T] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i"</pre>
<p>Cet exemple renverrait un message d'erreur du style :</p>
<p>Notez que, comme indiqué plus haut, certains champs sont
totalement supprimés s'ils n'ont pas été définis.</p>
- <pre class="prettyprint lang-config">
-# Exemple (similaire au format 2.2.x)
-ErrorLogFormat "[%t] [%l] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i"
- </pre>
+ <pre class="prettyprint lang-config"># Exemple (similaire au format 2.2.x)
+ErrorLogFormat "[%t] [%l] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i"</pre>
- <pre class="prettyprint lang-config">
-# Exemple avancé avec identifiants journal de requête/connexion
+ <pre class="prettyprint lang-config"># Exemple avancé avec identifiants journal de requête/connexion
ErrorLogFormat "[%{uc}t] [%-m:%-l] [R:%L] [C:%{C}L] %7F: %E: %M"
ErrorLogFormat request "[%{uc}t] [R:%L] Request %k on C:%{c}L pid:%P tid:%T"
ErrorLogFormat request "[%{uc}t] [R:%L] UA:'%+{User-Agent}i'"
ErrorLogFormat request "[%{uc}t] [R:%L] Referer:'%+{Referer}i'"
-ErrorLogFormat connection "[%{uc}t] [C:%{c}L] local\ %a remote\ %A"
- </pre>
+ErrorLogFormat connection "[%{uc}t] [C:%{c}L] local\ %a remote\ %A"</pre>
ou une chaîne de caractères avec caractères génériques, où
<code>?</code> remplace un caractère, et <code>*</code> toute chaîne
de caractères.</p>
- <pre class="prettyprint lang-config">
-<Files "cat.html">
+ <pre class="prettyprint lang-config"><Files "cat.html">
# Insérer ici des directives qui s'appliquent au fichier cat.html
</Files>
<Files "?at.*">
# Les directives insérées ici s'appliqueront aux fichiers
# cat.html, bat.html, hat.php, et ainsi de suite.
-</Files>
-</pre>
+</Files></pre>
<p>On peut aussi utiliser les <a class="glossarylink" href="../glossary.html#regex" title="voir glossaire">Expressions rationnelles</a> en ajoutant la
caractère <code>~</code>. Par exemple :</p>
- <pre class="prettyprint lang-config">
-<Files ~ "\.(gif|jpe?g|png)$">
+ <pre class="prettyprint lang-config"><Files ~ "\.(gif|jpe?g|png)$">
#...
-</Files>
-</pre>
+</Files></pre>
<p>correspondrait à la plupart des formats graphiques de l'Internet.
<a class="glossarylink" href="../glossary.html#regex" title="voir glossaire">expressions rationnelles</a>. Par
exemple :</p>
- <pre class="prettyprint lang-config">
-<FilesMatch "\.(gif|jpe?g|png)$">
+ <pre class="prettyprint lang-config"><FilesMatch "\.(gif|jpe?g|png)$">
# ...
-</FilesMatch>
-</pre>
+</FilesMatch></pre>
<p>correspondrait à la plupart des formats graphiques de
nommées) sont ignorées. Vous devez utiliser à la place des groupes
nommés.</p>
-<pre class="prettyprint lang-config">
-<FilesMatch ^(?<sitename>[^/]+)>
+<pre class="prettyprint lang-config"><FilesMatch ^(?<sitename>[^/]+)>
require ldap-group cn=%{env:MATCH_SITENAME},ou=combined,o=Example
-</FilesMatch>
-</pre>
+</FilesMatch></pre>
<h3>Voir aussi</h3>
<code class="directive">ForceType</code> en affectant la valeur
<code>None</code> à l'argument <var>type médium</var> :</p>
- <pre class="prettyprint lang-config">
-# force le type MIME de tous les fichiers à image/gif:
+ <pre class="prettyprint lang-config"># force le type MIME de tous les fichiers à image/gif:
<Location /images>
ForceType image/gif
</Location>
# dans le sous-répertoire suivant :
<Location /images/mixed>
ForceType None
-</Location>
- </pre>
+</Location></pre>
<p>A la base, cette directive écrase le type de contenu généré pour
multi-paramètres simple. Exemple :</p>
<div class="example"><p><code>httpd -DReverseProxy -DUseCache -DMemCache ...</code></p></div>
- <pre class="prettyprint lang-config">
-<IfDefine ReverseProxy>
+ <pre class="prettyprint lang-config"><IfDefine ReverseProxy>
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_http_module modules/mod_proxy_http.so
<IfDefine UseCache>
LoadModule cache_disk_module modules/mod_cache_disk.so
</IfDefine>
</IfDefine>
-</IfDefine>
- </pre>
+</IfDefine></pre>
</div>
<p>Exemples :</p>
- <pre class="prettyprint lang-config">
-Include /usr/local/apache2/conf/ssl.conf
-Include /usr/local/apache2/conf/vhosts/*.conf
- </pre>
+ <pre class="prettyprint lang-config">Include /usr/local/apache2/conf/ssl.conf
+Include /usr/local/apache2/conf/vhosts/*.conf</pre>
<p>ou encore, avec des chemins relatifs au répertoire défini par la
directive <code class="directive"><a href="#serverroot">ServerRoot</a></code> :</p>
- <pre class="prettyprint lang-config">
-Include conf/ssl.conf
-Include conf/vhosts/*.conf
- </pre>
+ <pre class="prettyprint lang-config">Include conf/ssl.conf
+Include conf/vhosts/*.conf</pre>
<p>On peut aussi insérer des caractères génériques dans la partie
<code>DELETE</code>, en laissant les autres méthodes sans protection
:</p>
- <pre class="prettyprint lang-config">
-<Limit POST PUT DELETE>
+ <pre class="prettyprint lang-config"><Limit POST PUT DELETE>
Require valid-user
-</Limit>
- </pre>
+</Limit></pre>
<p>La liste des noms de méthodes peut contenir une ou plusieurs
<code>POST</code>, et la directive <code>Require group
editors</code> sera ignorée dans tous les cas :</p>
- <pre class="prettyprint lang-config">
-<LimitExcept GET>
+ <pre class="prettyprint lang-config"><LimitExcept GET>
Require valid-user
</LimitExcept>
<Limit POST>
Require group editors
-</Limit>
- </pre>
+</Limit></pre>
</div>
<p>Par exemple :</p>
- <pre class="prettyprint lang-config">
-<LimitExcept POST GET>
+ <pre class="prettyprint lang-config"><LimitExcept POST GET>
Require valid-user
-</LimitExcept>
- </pre>
+</LimitExcept></pre>
directives contenues dans la section s'appliqueront à /private1,
/private1/ et /private1/file.txt, mais pas à /private1other.
</p>
- <pre class="prettyprint lang-config">
-<Location /private1>
+ <pre class="prettyprint lang-config"><Location /private1>
# ...
-</Location>
- </pre>
+</Location></pre>
<p>
De même, dans l'exemple ci-dessous, où l'on utilise un slash de fin, les
directives contenues dans la section s'appliqueront à /private2/ et
à /private2/file.txt, mais pas à /private2other.
</p>
- <pre class="prettyprint lang-config">
-<Location /private2<em>/</em>>
+ <pre class="prettyprint lang-config"><Location /private2<em>/</em>>
# ...
-</Location>
- </pre>
+</Location></pre>
<div class="note"><h3>Quand utiliser la section <code class="directive"><Location></code></h3>
rationnelles</a>, moyennant l'addition d'un caractère
<code>~</code>. Par exemple :</p>
- <pre class="prettyprint lang-config">
-<Location ~ "/(extra|special)/data">
+ <pre class="prettyprint lang-config"><Location ~ "/(extra|special)/data">
#...
-</Location>
-</pre>
+</Location></pre>
<p>concernerait les URLs contenant les sous-chaîne
appartenant au domaine <code>example.com</code>, vous pouvez
utiliser :</p>
- <pre class="prettyprint lang-config">
-<Location /status>
+ <pre class="prettyprint lang-config"><Location /status>
SetHandler server-status
Require host example.com
-</Location>
- </pre>
+</Location></pre>
<div class="note"><h3>Note à propos du slash (/)</h3>
spécifier les URLs concernées est une <a class="glossarylink" href="../glossary.html#regex" title="voir glossaire">expression rationnelle</a> au lieu d'une simple
chaîne de caractères. Par exemple :</p>
- <pre class="prettyprint lang-config">
-<LocationMatch "/(extra|special)/data">
+ <pre class="prettyprint lang-config"><LocationMatch "/(extra|special)/data">
# ...
-</LocationMatch>
-</pre>
+</LocationMatch></pre>
<p>correspondrait à toute URL contenant les sous-chaînes
nommées) sont ignorées. Vous devez utiliser à la place des groupes
nommés.</p>
-<pre class="prettyprint lang-config">
-<LocationMatch ^/combined/(?<sitename>[^/]+)>
+<pre class="prettyprint lang-config"><LocationMatch ^/combined/(?<sitename>[^/]+)>
require ldap-group cn=%{env:MATCH_SITENAME},ou=combined,o=Example
-</LocationMatch>
-</pre>
+</LocationMatch></pre>
<h3>Voir aussi</h3>
identificateur, avec ou sans le suffixe <code>_module</code>. Les
trois spécifications suivantes sont donc équivalentes :</p>
- <pre class="prettyprint lang-config">
-LogLevel info ssl:warn
+ <pre class="prettyprint lang-config">LogLevel info ssl:warn
LogLevel info mod_ssl.c:warn
-LogLevel info ssl_module:warn
- </pre>
+LogLevel info ssl_module:warn</pre>
<p>Il est aussi possible d'attribuer un niveau de journalisation par
répertoire :</p>
- <pre class="prettyprint lang-config">
-LogLevel info
+ <pre class="prettyprint lang-config">LogLevel info
<Directory "/usr/local/apache/htdocs/app">
LogLevel debug
-</Directory>
- </pre>
+</Directory></pre>
<div class="note">
<p>Exemples:</p>
- <pre class="prettyprint lang-config">
- LogLevelOverride 192.0.2.0/24 ssl:trace6
- LogLevelOverride 192.0.2.7 ssl:trace8
- </pre>
+ <pre class="prettyprint lang-config"> LogLevelOverride 192.0.2.0/24 ssl:trace6
+ LogLevelOverride 192.0.2.7 ssl:trace8</pre>
<div class="note">
mutex par défaut pour tous les autres mutex deviendra
<code>sysvsem</code>.</p>
- <pre class="prettyprint lang-config">
-Mutex sysvsem default
-Mutex fcntl:/var/httpd/locks mpm-accept
- </pre>
+ <pre class="prettyprint lang-config">Mutex sysvsem default
+Mutex fcntl:/var/httpd/locks mpm-accept</pre>
</div>
<p>Par exemple, sans aucun symbole <code>+</code> et <code>-</code>
:</p>
- <pre class="prettyprint lang-config">
-<Directory "/web/docs">
+ <pre class="prettyprint lang-config"><Directory "/web/docs">
Options Indexes FollowSymLinks
</Directory>
<Directory "/web/docs/spec">
Options Includes
-</Directory>
- </pre>
+</Directory></pre>
<p>ici, seule l'option <code>Includes</code> sera prise en compte
seconde directive <code class="directive">Options</code> utilise les
symboles <code>+</code> et <code>-</code> :</p>
- <pre class="prettyprint lang-config">
-<Directory "/web/docs">
+ <pre class="prettyprint lang-config"><Directory "/web/docs">
Options Indexes FollowSymLinks
</Directory>
<Directory "/web/docs/spec">
Options +Includes -Indexes
-</Directory>
- </pre>
+</Directory></pre>
<p>alors, les options <code>FollowSymLinks</code> et
nom</a>. La directive <code class="directive">ServerAlias</code> peut
contenir des caractères génériques, si nécessaire.</p>
- <pre class="prettyprint lang-config">
-<VirtualHost *:80>
+ <pre class="prettyprint lang-config"><VirtualHost *:80>
ServerName server.example.com
ServerAlias server server2.example.com server2
ServerAlias *.example.com
UseCanonicalName Off
# ...
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>La recherche du serveur virtuel à base de nom correspondant au
plus près à la requête s'effectue selon l'ordre d'apparition des
serveur/status</code> est appelée, vous pouvez ajouter ceci dans
<code>httpd.conf</code> :</p>
- <pre class="prettyprint lang-config">
-<Location "/status">
+ <pre class="prettyprint lang-config"><Location "/status">
SetHandler server-status
-</Location>
- </pre>
+</Location></pre>
<p>Vous pouvez aussi utiliser cette directive pour associer un
gestionnaire à des fichiers possèdant une extension de nom de
fichier particulière. Par exemple :</p>
- <pre class="prettyprint lang-config">
-<FilesMatch \.php$>
+ <pre class="prettyprint lang-config"><FilesMatch \.php$>
SetHandler application/x-httpd-php
-</FilesMatch>
- </pre>
+</FilesMatch></pre>
<p>Vous pouvez écraser la définition antérieure d'une directive
fichiers du répertoire <code>/www/data/</code> comme des inclusions
côté serveur (SSI) :</p>
- <pre class="prettyprint lang-config">
-<Directory "/www/data/">
+ <pre class="prettyprint lang-config"><Directory "/www/data/">
SetOutputFilter INCLUDES
-</Directory>
- </pre>
+</Directory></pre>
<p>Si la directive comporte plusieurs filtres, ils doivent être
</ul>
- <pre class="prettyprint lang-config">
-<VirtualHost 10.1.2.3:80>
+ <pre class="prettyprint lang-config"><VirtualHost 10.1.2.3:80>
ServerAdmin webmaster@host.example.com
DocumentRoot /www/docs/host.example.com
ServerName host.example.com
ErrorLog logs/host.example.com-error_log
TransferLog logs/host.example.com-access_log
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
déterminé. Voici un exemple de serveur virtuel avec adresse IPv6
:</p>
- <pre class="prettyprint lang-config">
-<VirtualHost [2001:db8::a00:20ff:fea7:ccea]:80>
+ <pre class="prettyprint lang-config"><VirtualHost [2001:db8::a00:20ff:fea7:ccea]:80>
ServerAdmin webmaster@host.example.com
DocumentRoot /www/docs/host.example.com
ServerName host.example.com
ErrorLog logs/host.example.com-error_log
TransferLog logs/host.example.com-access_log
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>Chaque serveur virtuel doit correspondre à une adresse IP, un
vérification de la définition de certaines options définies par
l'utilisateur, et l'envoi d'un avertissement éventuel.</p>
- <pre class="prettyprint lang-config">
-# Exemple
+ <pre class="prettyprint lang-config"># Exemple
# signale que ReverseProxy n'est pas défini
<IfDefine !ReverseProxy>
Warning "le mandataire inverse n'a pas été spécifié, veuillez corriger
<IfDefine ReverseProxy>
# définition de la configuration personnalisée du mandataire
-</IfDefine>
- </pre>
+</IfDefine></pre>
<dt>A (partial) domain-name</dt>
<dd>
- <pre class="prettyprint lang-config">
-Allow from example.org
-Allow from .net example.edu
- </pre>
+ <pre class="prettyprint lang-config">Allow from example.org
+Allow from .net example.edu</pre>
<p>Hosts whose names match, or end in, this string are allowed
access. Only complete components are matched, so the above
<dt>A full IP address</dt>
<dd>
- <pre class="prettyprint lang-config">
-Allow from 10.1.2.3
-Allow from 192.168.1.104 192.168.1.205
- </pre>
+ <pre class="prettyprint lang-config">Allow from 10.1.2.3
+Allow from 192.168.1.104 192.168.1.205</pre>
<p>An IP address of a host allowed access</p></dd>
<dt>A partial IP address</dt>
<dd>
- <pre class="prettyprint lang-config">
-Allow from 10.1
-Allow from 10 172.20 192.168.2
- </pre>
+ <pre class="prettyprint lang-config">Allow from 10.1
+Allow from 10 172.20 192.168.2</pre>
<p>The first 1 to 3 bytes of an IP address, for subnet
restriction.</p></dd>
<dt>A network/netmask pair</dt>
<dd>
- <pre class="prettyprint lang-config">
- Allow from 10.1.0.0/255.255.0.0
- </pre>
+ <pre class="prettyprint lang-config"> Allow from 10.1.0.0/255.255.0.0</pre>
<p>A network a.b.c.d, and a netmask w.x.y.z. For more
fine-grained subnet restriction.</p></dd>
<dt>A network/nnn CIDR specification</dt>
<dd>
- <pre class="prettyprint lang-config">
- Allow from 10.1.0.0/16
- </pre>
+ <pre class="prettyprint lang-config"> Allow from 10.1.0.0/16</pre>
<p>Similar to the previous case, except the netmask consists of
nnn high-order 1 bits.</p></dd>
<p>IPv6 addresses and IPv6 subnets can be specified as shown
below:</p>
- <pre class="prettyprint lang-config">
-Allow from 2001:db8::a00:20ff:fea7:ccea
-Allow from 2001:db8::a00:20ff:fea7:ccea/10
- </pre>
+ <pre class="prettyprint lang-config">Allow from 2001:db8::a00:20ff:fea7:ccea
+Allow from 2001:db8::a00:20ff:fea7:ccea/10</pre>
<p>The third format of the arguments to the
<code>User-Agent</code> (browser type), <code>Referer</code>, or
other HTTP request header fields.</p>
- <pre class="prettyprint lang-config">
-SetEnvIf User-Agent ^KnockKnock/2\.0 let_me_in
+ <pre class="prettyprint lang-config">SetEnvIf User-Agent ^KnockKnock/2\.0 let_me_in
<Directory /docroot>
Order Deny,Allow
Deny from all
Allow from env=let_me_in
-</Directory>
- </pre>
+</Directory></pre>
<p>In this case, browsers with a user-agent string beginning
<p>In the following example, all hosts in the example.org domain
are allowed access; all other hosts are denied access.</p>
- <pre class="prettyprint lang-config">
-Order Deny,Allow
+ <pre class="prettyprint lang-config">Order Deny,Allow
Deny from all
-Allow from example.org
- </pre>
+Allow from example.org</pre>
<p>In the next example, all hosts in the example.org domain are
state is to <code class="directive"><a href="#deny">Deny</a></code>
access to the server.</p>
- <pre class="prettyprint lang-config">
-Order Allow,Deny
+ <pre class="prettyprint lang-config">Order Allow,Deny
Allow from example.org
-Deny from foo.example.org
- </pre>
+Deny from foo.example.org</pre>
<p>On the other hand, if the <code class="directive">Order</code> in the
directives because of its effect on the default access state. For
example,</p>
- <pre class="prettyprint lang-config">
-<Directory /www>
+ <pre class="prettyprint lang-config"><Directory /www>
Order Allow,Deny
-</Directory>
- </pre>
+</Directory></pre>
<p>will Deny all access to the <code>/www</code> directory
people outside of your network provide a password, you could use a
configuration similar to the following:</p>
- <pre class="prettyprint lang-config">
-Require valid-user
+ <pre class="prettyprint lang-config">Require valid-user
Allow from 192.168.1
-Satisfy Any
- </pre>
+Satisfy Any</pre>
<p>
is to relax access restrictions for a subdirectory:
</p>
- <pre class="prettyprint lang-config">
-<Directory /var/www/private>
+ <pre class="prettyprint lang-config"><Directory /var/www/private>
Require valid-user
</Directory>
<Directory /var/www/private/public>
Allow from all
Satisfy Any
-</Directory>
- </pre>
+</Directory></pre>
<p>In the above example, authentication will be required for the
<dt>Un nom de domaine (partiel)</dt>
<dd>
- <pre class="prettyprint lang-config">
-Allow from example.org
-Allow from .net example.edu
- </pre>
+ <pre class="prettyprint lang-config">Allow from example.org
+Allow from .net example.edu</pre>
<p>Les hôtes dont les noms correspondent ou se terminent par la
chaîne spécifiée ont l'autorisation d'accès. Seules les
<dt>Une adresse IP complète</dt>
<dd>
- <pre class="prettyprint lang-config">
-Allow from 10.1.2.3
-Allow from 192.168.1.104 192.168.1.205
- </pre>
+ <pre class="prettyprint lang-config">Allow from 10.1.2.3
+Allow from 192.168.1.104 192.168.1.205</pre>
<p>L'adresse IP d'un hôte auquel on a accordé l'accès</p></dd>
<dt>Une adresse IP partielle</dt>
<dd>
- <pre class="prettyprint lang-config">
-Allow from 10.1
-Allow from 10 172.20 192.168.2
- </pre>
+ <pre class="prettyprint lang-config">Allow from 10.1
+Allow from 10 172.20 192.168.2</pre>
<p>De un à trois des premiers octets d'une adresse IP, afin de
restreindre l'accès à un sous-réseau.</p></dd>
<dt>Une paire réseau/masque de sous-réseau</dt>
<dd>
- <pre class="prettyprint lang-config">
- Allow from 10.1.0.0/255.255.0.0
- </pre>
+ <pre class="prettyprint lang-config"> Allow from 10.1.0.0/255.255.0.0</pre>
<p>Un réseau a.b.c.d, et un masque de sous-réseau w.x.y.z, pour
une définition plus précise de la restriction d'accès imposée à un
<dt>Une spécification CIDR réseau/nnn</dt>
<dd>
- <pre class="prettyprint lang-config">
- Allow from 10.1.0.0/16
- </pre>
+ <pre class="prettyprint lang-config"> Allow from 10.1.0.0/16</pre>
<p>Identique au cas précédent, mis à part que le masque est
constitué des nnn bits de poids fort.</p></dd>
<p>On peut spécifier des adresses et sous-réseaux IPv6 de la manière
suivante :</p>
- <pre class="prettyprint lang-config">
-Allow from 2001:db8::a00:20ff:fea7:ccea
-Allow from 2001:db8::a00:20ff:fea7:ccea/10
- </pre>
+ <pre class="prettyprint lang-config">Allow from 2001:db8::a00:20ff:fea7:ccea
+Allow from 2001:db8::a00:20ff:fea7:ccea/10</pre>
<p>Le troisième format d'argument de la directive
(type de navigateur) des clients, le <code>Referer</code>, ou
d'autres champs d'en-tête de la requête HTTP.</p>
- <pre class="prettyprint lang-config">
-SetEnvIf User-Agent ^KnockKnock/2\.0 let_me_in
+ <pre class="prettyprint lang-config">SetEnvIf User-Agent ^KnockKnock/2\.0 let_me_in
<Directory /docroot>
Order Deny,Allow
Deny from all
Allow from env=let_me_in
-</Directory>
- </pre>
+</Directory></pre>
<p>Dans cet exemple, les navigateurs dont la chaîne user-agent
l'autorisation d'accès ; tous les autres voient leur accès
refusé.</p>
- <pre class="prettyprint lang-config">
-Order Deny,Allow
+ <pre class="prettyprint lang-config">Order Deny,Allow
Deny from all
-Allow from example.org
- </pre>
+Allow from example.org</pre>
<p>Dans l'exemple suivant, tous les hôtes du domaine example.org ont
sur <code class="directive"><a href="#deny">Deny</a></code>, et consiste donc en un
refus d'accès.</p>
- <pre class="prettyprint lang-config">
-Order Allow,Deny
+ <pre class="prettyprint lang-config">Order Allow,Deny
Allow from example.org
-Deny from foo.example.org
- </pre>
+Deny from foo.example.org</pre>
<p>Par contre, si la valeur de la directive
l'abscence de directives <code class="directive"><a href="#allow">Allow</a></code> et <code class="directive"><a href="#deny">Deny</a></code> associées, à cause de
son influence sur le statut par défaut. Par exemple,</p>
- <pre class="prettyprint lang-config">
-<Directory /www>
+ <pre class="prettyprint lang-config"><Directory /www>
Order Allow,Deny
-</Directory>
- </pre>
+</Directory></pre>
<p>va interdire tout accès au répertoire <code>/www</code> à cause
que l'accès à cette zone nécessite un mot de passe pour les autres
utilisateurs, vous pouvez utiliser une configuration du style :</p>
- <pre class="prettyprint lang-config">
-Require valid-user
+ <pre class="prettyprint lang-config">Require valid-user
Allow from 192.168.1
-Satisfy Any
- </pre>
+Satisfy Any</pre>
<p>
répertoire parent :
</p>
- <pre class="prettyprint lang-config">
-<Directory /var/www/private>
+ <pre class="prettyprint lang-config"><Directory /var/www/private>
Require valid-user
</Directory>
<Directory /var/www/private/public>
Allow from all
Satisfy Any
-</Directory>
- </pre>
+</Directory></pre>
<p>Dans l'exemple ci-dessus, l'accès au répertoire
environment variables. The handler used for the particular request
is passed using the <code>REDIRECT_HANDLER</code> variable.</p>
- <div class="example"><h3>Example: MIME type</h3><pre class="prettyprint lang-config">
-# Requests for files of a particular MIME content type:
-Action image/gif /cgi-bin/images.cgi
- </pre>
+ <div class="example"><h3>Example: MIME type</h3><pre class="prettyprint lang-config"># Requests for files of a particular MIME content type:
+Action image/gif /cgi-bin/images.cgi</pre>
</div>
<p>In this example, requests for files with a MIME content
type of <code>image/gif</code> will be handled by the
specified cgi script <code>/cgi-bin/images.cgi</code>.</p>
- <div class="example"><h3>Example: File extension</h3><pre class="prettyprint lang-config">
-# Files of a particular file extension
+ <div class="example"><h3>Example: File extension</h3><pre class="prettyprint lang-config"># Files of a particular file extension
AddHandler my-file-type .xyz
-Action my-file-type /cgi-bin/program.cgi
- </pre>
+Action my-file-type /cgi-bin/program.cgi</pre>
</div>
<p>In this example, requests for files with a file extension of
<code>.xyz</code> are handled by the specified cgi script
if you want to use the <code class="directive">Action</code> directive in
virtual locations.</p>
- <pre class="prettyprint lang-config">
-<Location /news>
+ <pre class="prettyprint lang-config"><Location /news>
SetHandler news-handler
Action news-handler /cgi-bin/news.cgi virtual
-</Location>
- </pre>
+</Location></pre>
<h3>See also</h3>
(<em>e.g.</em>, foo.html?hi). Otherwise, the request will
proceed normally.</p>
- <pre class="prettyprint lang-config">
-# All GET requests go here
+ <pre class="prettyprint lang-config"># All GET requests go here
Script GET /cgi-bin/search
# A CGI PUT handler
-Script PUT /~bob/put.cgi
- </pre>
+Script PUT /~bob/put.cgi</pre>
</div>
requête particulière est transmis à l'aide de la variable
<code>REDIRECT_HANDLER</code>.</p>
- <div class="example"><h3>Exemple : type MIME</h3><pre class="prettyprint lang-config">
-# Requests for files of a particular MIME content type:
-Action image/gif /cgi-bin/images.cgi
- </pre>
+ <div class="example"><h3>Exemple : type MIME</h3><pre class="prettyprint lang-config"># Requests for files of a particular MIME content type:
+Action image/gif /cgi-bin/images.cgi</pre>
</div>
<p>Dans cet exemple, les requêtes pour des fichiers possédant
le type de contenu MIME <code>image/gif</code> seront traitées par
le script CGI <code>/cgi-bin/images.cgi</code>.</p>
- <div class="example"><h3>Example: File extension</h3><pre class="prettyprint lang-config">
-# Files of a particular file extension
+ <div class="example"><h3>Example: File extension</h3><pre class="prettyprint lang-config"># Files of a particular file extension
AddHandler my-file-type .xyz
-Action my-file-type /cgi-bin/program.cgi
- </pre>
+Action my-file-type /cgi-bin/program.cgi</pre>
</div>
<p>Dans cet exemple, les requêtes pour des fichiers possédant
l'extension <code>.xyz</code> seront traitées par
directive <code class="directive">Action</code> pour des localisations
virtuelles.</p>
- <pre class="prettyprint lang-config">
-<Location /news>
+ <pre class="prettyprint lang-config"><Location /news>
SetHandler news-handler
Action news-handler /cgi-bin/news.cgi virtual
-</Location>
- </pre>
+</Location></pre>
<h3>Voir aussi</h3>
foo.html?hi). Dans le cas contraire, la requête sera traitée
normalement.</p>
- <pre class="prettyprint lang-config">
-# All GET requests go here
+ <pre class="prettyprint lang-config"># All GET requests go here
Script GET /cgi-bin/search
# A CGI PUT handler
-Script PUT /~bob/put.cgi
- </pre>
+Script PUT /~bob/put.cgi</pre>
</div>
all the directives to have an effect. For example, the following
configuration will work as expected:</p>
- <pre class="prettyprint lang-config">
-Alias /foo/bar /baz
-Alias /foo /gaq
- </pre>
+ <pre class="prettyprint lang-config">Alias /foo/bar /baz
+Alias /foo /gaq</pre>
<p>But if the above two directives were reversed in order, the
<var>URL-path</var> is case-sensitive, even on case-insensitive
file systems.</p>
- <pre class="prettyprint lang-config">
- Alias /image /ftp/pub/image
- </pre>
+ <pre class="prettyprint lang-config"> Alias /image /ftp/pub/image</pre>
<p>A request for <code>http://example.com/image/foo.gif</code> would cause
<var>URL-path</var> then the server will require a trailing / in
order to expand the alias. That is, if you use</p>
- <pre class="prettyprint lang-config">
- Alias /icons/ /usr/local/apache/icons/
- </pre>
+ <pre class="prettyprint lang-config"> Alias /icons/ /usr/local/apache/icons/</pre>
<p>then the url <code>/icons</code> will not be aliased, as it lacks
directory outside of your <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code>, you may need to explicitly
permit access to the target directory.</p>
- <pre class="prettyprint lang-config">
-Alias /image /ftp/pub/image
+ <pre class="prettyprint lang-config">Alias /image /ftp/pub/image
<Directory /ftp/pub/image>
Require all granted
-</Directory>
- </pre>
+</Directory></pre>
<p>Any number slashes in the <var>URL-path</var> parameter
example, to activate the <code>/icons</code> directory, one might
use:</p>
- <pre class="prettyprint lang-config">
- AliasMatch ^/icons(.*) /usr/local/apache/icons$1
- </pre>
+ <pre class="prettyprint lang-config"> AliasMatch ^/icons(.*) /usr/local/apache/icons$1</pre>
<p>The full range of <a class="glossarylink" href="../glossary.html#regex" title="see glossary">regular expression</a>
it is possible to construct an alias with case-insensitive
matching of the URL-path:</p>
- <pre class="prettyprint lang-config">
- AliasMatch (?i)^/image(.*) /ftp/pub/image$1
- </pre>
+ <pre class="prettyprint lang-config"> AliasMatch (?i)^/image(.*) /ftp/pub/image$1</pre>
<p>One subtle difference
<p>For example, suppose you want to replace this with AliasMatch:</p>
- <pre class="prettyprint lang-config">
- Alias /image/ /ftp/pub/image/
- </pre>
+ <pre class="prettyprint lang-config"> Alias /image/ /ftp/pub/image/</pre>
<p>This is NOT equivalent - don't do this! This will send all
requests that have /image/ anywhere in them to /ftp/pub/image/:</p>
- <pre class="prettyprint lang-config">
- AliasMatch /image/ /ftp/pub/image/
- </pre>
+ <pre class="prettyprint lang-config"> AliasMatch /image/ /ftp/pub/image/</pre>
<p>This is what you need to get the same effect:</p>
- <pre class="prettyprint lang-config">
- AliasMatch ^/image/(.*)$ /ftp/pub/image/$1
- </pre>
+ <pre class="prettyprint lang-config"> AliasMatch ^/image/(.*)$ /ftp/pub/image/$1</pre>
<p>Of course, there's no point in
you do more complicated things. For example, you could
serve different kinds of files from different directories:</p>
- <pre class="prettyprint lang-config">
- AliasMatch ^/image/(.*)\.jpg$ /files/jpg.images/$1.jpg<br />
- AliasMatch ^/image/(.*)\.gif$ /files/gif.images/$1.gif
- </pre>
+ <pre class="prettyprint lang-config"> AliasMatch ^/image/(.*)\.jpg$ /files/jpg.images/$1.jpg<br />
+ AliasMatch ^/image/(.*)\.gif$ /files/gif.images/$1.gif</pre>
<p>Multiple leading slashes in the requested URL are discarded
<em>URL</em>. Additional path information beyond the matched
<em>URL-Path</em> will be appended to the target URL.</p>
- <pre class="prettyprint lang-config">
-# Redirect to a URL on a different host
+ <pre class="prettyprint lang-config"># Redirect to a URL on a different host
Redirect /service http://foo2.example.com/service
# Redirect to a URL on the same host
-Redirect /one /two
- </pre>
+Redirect /one /two</pre>
<p>If the client requests <code>http://example.com/service/foo.txt</code>,
HTTP status code, known to the Apache HTTP Server (see the function
<code>send_error_response</code> in http_protocol.c).</p>
- <pre class="prettyprint lang-config">
-Redirect permanent /one http://example.com/two
-Redirect 303 /three http://example.com/other
- </pre>
+ <pre class="prettyprint lang-config">Redirect permanent /one http://example.com/two
+Redirect 303 /three http://example.com/other</pre>
example, to redirect all GIF files to like-named JPEG files on
another server, one might use:</p>
- <pre class="prettyprint lang-config">
- RedirectMatch (.*)\.gif$ http://other.example.com$1.jpg
- </pre>
+ <pre class="prettyprint lang-config"> RedirectMatch (.*)\.gif$ http://other.example.com$1.jpg</pre>
<p>The considerations related to the difference between
to scripts beginning with the second argument, which is a full
pathname in the local filesystem.</p>
- <pre class="prettyprint lang-config">
- ScriptAlias /cgi-bin/ /web/cgi-bin/
- </pre>
+ <pre class="prettyprint lang-config"> ScriptAlias /cgi-bin/ /web/cgi-bin/</pre>
<p>A request for <code>http://example.com/cgi-bin/foo</code> would cause the
server to run the script <code>/web/cgi-bin/foo</code>. This configuration
is essentially equivalent to:</p>
- <pre class="prettyprint lang-config">
-Alias /cgi-bin/ /web/cgi-bin/
+ <pre class="prettyprint lang-config">Alias /cgi-bin/ /web/cgi-bin/
<Location /cgi-bin >
SetHandler cgi-script
Options +ExecCGI
-</Location>
- </pre>
+</Location></pre>
<p><code class="directive">ScriptAlias</code> can also be used in conjunction with
a script or handler you have. For example:</p>
- <pre class="prettyprint lang-config">
- ScriptAlias /cgi-bin/ /web/cgi-handler.pl
- </pre>
+ <pre class="prettyprint lang-config"> ScriptAlias /cgi-bin/ /web/cgi-handler.pl</pre>
<p>In this scenario all files requested in <code>/cgi-bin/</code> will be
choose to place your CGI scripts in a directory already
accessible from the web, do not use
<code class="directive">ScriptAlias</code>. Instead, use <code class="directive"><a href="../mod/core.html#directory"><Directory></a></code>, <code class="directive"><a href="../mod/core.html#sethandler">SetHandler</a></code>, and <code class="directive"><a href="../mod/core.html#options">Options</a></code> as in:
- <pre class="prettyprint lang-config">
-<Directory /usr/local/apache2/htdocs/cgi-bin >
+ <pre class="prettyprint lang-config"><Directory /usr/local/apache2/htdocs/cgi-bin >
SetHandler cgi-script
Options ExecCGI
-</Directory>
- </pre>
+</Directory></pre>
This is necessary since multiple <var>URL-paths</var> can map
to the same filesystem location, potentially bypassing the
example, to activate the standard <code>/cgi-bin</code>, one
might use:</p>
- <pre class="prettyprint lang-config">
- ScriptAliasMatch ^/cgi-bin(.*) /usr/local/apache/cgi-bin$1
- </pre>
+ <pre class="prettyprint lang-config"> ScriptAliasMatch ^/cgi-bin(.*) /usr/local/apache/cgi-bin$1</pre>
<p>As for AliasMatch, the full range of <a class="glossarylink" href="../glossary.html#rexex" title="see glossary">regular
For example, it is possible to construct an alias with case-insensitive
matching of the URL-path:</p>
- <pre class="prettyprint lang-config">
- ScriptAliasMatch (?i)^/cgi-bin(.*) /usr/local/apache/cgi-bin$1
- </pre>
+ <pre class="prettyprint lang-config"> ScriptAliasMatch (?i)^/cgi-bin(.*) /usr/local/apache/cgi-bin$1</pre>
<p>The considerations related to the difference between
au moins précis afin que toutes les directives puissent
éventuellement s'appliquer, comme dans l'exemple suivant :</p>
- <pre class="prettyprint lang-config">
-Alias /foo/bar /baz
-Alias /foo /gaq
- </pre>
+ <pre class="prettyprint lang-config">Alias /foo/bar /baz
+Alias /foo /gaq</pre>
<p>Si l'ordre des directives était inversé, la directive <code class="directive"><a href="#alias">Alias</a></code> ayant pour argument
est sensible à la casse, même sur les systèmes de fichiers
insensibles à la casse.</p>
- <pre class="prettyprint lang-config">
- Alias /image /ftp/pub/image
- </pre>
+ <pre class="prettyprint lang-config"> Alias /image /ftp/pub/image</pre>
<p>Une requête pour <code>http://example.com/image/foo.gif</code> fera
URL</var>, vous devrez aussi ajouter un slash de fin au chemin de la
requête. Autrement dit, si vous définissez</p>
- <pre class="prettyprint lang-config">
- Alias /icons/ /usr/local/apache/icons/
- </pre>
+ <pre class="prettyprint lang-config"> Alias /icons/ /usr/local/apache/icons/</pre>
<p>l'alias précédent ne s'appliquera pas à l'url
<code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code>, vous devrez
probablement permettre explicitement l'accès à ce répertoire.</p>
- <pre class="prettyprint lang-config">
-Alias /image /ftp/pub/image
+ <pre class="prettyprint lang-config">Alias /image /ftp/pub/image
<Directory /ftp/pub/image>
Require all granted
-</Directory>
- </pre>
+</Directory></pre>
<p>Le nombre de slashes dans le paramètre <var>chemin URL</var> doit
Par exemple, pour activer le répertoire <code>/icons</code>, on peut
utiliser :</p>
- <pre class="prettyprint lang-config">
- AliasMatch ^/icons(.*) /usr/local/apache/icons$1
- </pre>
+ <pre class="prettyprint lang-config"> AliasMatch ^/icons(.*) /usr/local/apache/icons$1</pre>
<p>Toute la puissance des <a class="glossarylink" href="../glossary.html#regex" title="voir glossaire">expressions
il est possible de construire un alias avec un modèle de chemin URL
insensible à la casse :</p>
- <pre class="prettyprint lang-config">
- AliasMatch (?i)^/image(.*) /ftp/pub/image$1
- </pre>
+ <pre class="prettyprint lang-config"> AliasMatch (?i)^/image(.*) /ftp/pub/image$1</pre>
<p>Il existe une différence subtile entre <code class="directive"><a href="#alias">Alias</a></code> et <code class="directive"><a href="#aliasmatch">AliasMatch</a></code> : <code class="directive"><a href="#alias">Alias</a></code> copie automatiquement toute
<p>Par exemple, supposons que nous voulions reformuler cet alias
avec AliasMatch :</p>
- <pre class="prettyprint lang-config">
- Alias /image/ /ftp/pub/image/
- </pre>
+ <pre class="prettyprint lang-config"> Alias /image/ /ftp/pub/image/</pre>
<p>Le simple remplacement d'Alias par AliasMatch ne produira pas le
même résultat. Ainsi, ce qui suit va rediriger toutes les requêtes
qui contiennent /image/ vers /ftp/pub/image/ :</p>
- <pre class="prettyprint lang-config">
- AliasMatch /image/ /ftp/pub/image/
- </pre>
+ <pre class="prettyprint lang-config"> AliasMatch /image/ /ftp/pub/image/</pre>
<p>Voici la directive AliasMatch qui produira le même résultat que
la directive Alias ci-dessus :</p>
- <pre class="prettyprint lang-config">
- AliasMatch ^/image/(.*)$ /ftp/pub/image/$1
- </pre>
+ <pre class="prettyprint lang-config"> AliasMatch ^/image/(.*)$ /ftp/pub/image/$1</pre>
<p>Bien entendu, il n'y a aucune raison d'utiliser <code class="directive"><a href="#aliasmatch">AliasMatch</a></code> dans le cas où <code class="directive"><a href="#alias">Alias</a></code> suffit. <code class="directive"><a href="#aliasmatch">AliasMatch</a></code> vous permet d'effectuer
servir différentes sortes de fichiers à partir de répertoires
différents :</p>
- <pre class="prettyprint lang-config">
- AliasMatch ^/image/(.*)\.jpg$ /fichiers/jpg.images/$1.jpg<br />
- AliasMatch ^/image/(.*)\.gif$ /fichiers/gif.images/$1.gif
- </pre>
+ <pre class="prettyprint lang-config"> AliasMatch ^/image/(.*)\.jpg$ /fichiers/jpg.images/$1.jpg<br />
+ AliasMatch ^/image/(.*)\.gif$ /fichiers/gif.images/$1.gif</pre>
<p>Les éventuels slashes de tête multiples seront supprimés par le
élément de chemin supplémentaire situé en aval du <em>chemin
URL</em> sera ajouté à l'URL cible.</p>
- <pre class="prettyprint lang-config">
-# Redirige vers une URL sur un serveur différent
+ <pre class="prettyprint lang-config"># Redirige vers une URL sur un serveur différent
Redirect /service http://foo2.example.com/service
# Redirige vers une URL sur le même serveur
-Redirect /one /two
- </pre>
+Redirect /one /two</pre>
<p>Si le client effectue une requête pour l'URL
fonction <code>send_error_response</code> dans
http_protocol.c).</p>
- <pre class="prettyprint lang-config">
-Redirect permanent /one http://example.com/two
-Redirect 303 /three http://example.com/other
- </pre>
+ <pre class="prettyprint lang-config">Redirect permanent /one http://example.com/two
+Redirect 303 /three http://example.com/other</pre>
les fichiers GIF vers les fichiers JPEG de même nom sur un autre
serveur, on peut utiliser :</p>
- <pre class="prettyprint lang-config">
- RedirectMatch (.*)\.gif$ http://autre.example.com$1.jpg
- </pre>
+ <pre class="prettyprint lang-config"> RedirectMatch (.*)\.gif$ http://autre.example.com$1.jpg</pre>
<p>Les remarques à propos de la différence entre <code class="directive"><a href="#alias">Alias</a></code> et <code class="directive"><a href="#aliasmatch">AliasMatch</a></code> s'appliquent aussi à la
second argument, qui est un chemin complet dans le système de
fichiers local.</p>
- <pre class="prettyprint lang-config">
- ScriptAlias /cgi-bin/ /web/cgi-bin/
- </pre>
+ <pre class="prettyprint lang-config"> ScriptAlias /cgi-bin/ /web/cgi-bin/</pre>
<p>Une requête pour <code>http://example.com/cgi-bin/foo</code>
ferait exécuter par le serveur le script
<code>/web/cgi-bin/foo</code>. Cette configuration est sensiblement
équivalente à :</p>
- <pre class="prettyprint lang-config">
-Alias /cgi-bin/ /web/cgi-bin/
+ <pre class="prettyprint lang-config">Alias /cgi-bin/ /web/cgi-bin/
<Location /cgi-bin >
SetHandler cgi-script
Options +ExecCGI
-</Location>
- </pre>
+</Location></pre>
<p>Vous pouvez aussi utiliser <code class="directive">ScriptAlias</code>
avec un script ou gestionnaire de votre cru. Par exemple :</p>
- <pre class="prettyprint lang-config">
- ScriptAlias /cgi-bin/ /web/cgi-handler.pl
- </pre>
+ <pre class="prettyprint lang-config"> ScriptAlias /cgi-bin/ /web/cgi-handler.pl</pre>
<p>Dans ce scénario, tous les fichiers faisant l'objet d'une requête
Si vous choisissez de placer vos scripts CGI dans un répertoire
accessible depuis le web, n'utilisez pas
<code class="directive">ScriptAlias</code>. Utilisez plutôt <code class="directive"><a href="../mod/core.html#directory"><Directory></a></code>, <code class="directive"><a href="../mod/core.html#sethandler">SetHandler</a></code>, et <code class="directive"><a href="../mod/core.html#options">Options</a></code> comme dans l'exemple suivant :
- <pre class="prettyprint lang-config">
-<Directory /usr/local/apache2/htdocs/cgi-bin >
+ <pre class="prettyprint lang-config"><Directory /usr/local/apache2/htdocs/cgi-bin >
SetHandler cgi-script
Options ExecCGI
-</Directory>
- </pre>
+</Directory></pre>
Ceci est nécessaire car plusieurs <var>chemins URL</var> peuvent
correspondre à la même zone du système de fichiers, court-circuitant
comme nom de fichier. Par exemple, pour activer le répertoire
standard <code>/cgi-bin</code>, on peut utiliser :</p>
- <pre class="prettyprint lang-config">
- ScriptAliasMatch ^/cgi-bin(.*) /usr/local/apache/cgi-bin$1
- </pre>
+ <pre class="prettyprint lang-config"> ScriptAliasMatch ^/cgi-bin(.*) /usr/local/apache/cgi-bin$1</pre>
<p>Comme dans le cas d'AliasMatch, toute la puissance des <a class="glossarylink" href="../glossary.html#rexex" title="voir glossaire">expressions rationnelles</a> peut être mise à
contribution. Par exemple, il est possible de construire un alias
avec une comparaison du modèle du chemin URL insensible à la casse :</p>
- <pre class="prettyprint lang-config">
- ScriptAliasMatch (?i)^/cgi-bin(.*) /usr/local/apache/cgi-bin$1
- </pre>
+ <pre class="prettyprint lang-config"> ScriptAliasMatch (?i)^/cgi-bin(.*) /usr/local/apache/cgi-bin$1</pre>
<p>Les remarques à propos de la différence entre <code class="directive"><a href="#alias">Alias</a></code> et <code class="directive"><a href="#aliasmatch">AliasMatch</a></code> s'appliquent aussi à la
<p>This module makes it easy to restrict which handlers may be used for a
request. A possible configuration would be:</p>
-<pre class="prettyprint lang-config">
-<Location />
+<pre class="prettyprint lang-config"><Location />
AllowHandlers not server-info server-status balancer-manager ldap-status
-</Location>
-</pre>
+</Location></pre>
<p>It also registers a handler named <code>forbidden</code> that simply
handlers again in a later config section, even if some headers were denied
earlier in the configuration merge order:</p>
-<pre class="prettyprint lang-config">
-<Location /server-status>
+<pre class="prettyprint lang-config"><Location /server-status>
AllowHandlers all
SetHandler server-status
-</Location>
-</pre>
+</Location></pre>
<p>This module makes it easy to restrict what HTTP methods can
used on an server. The most common configuration would be:</p>
-<pre class="prettyprint lang-config">
-<Location />
+<pre class="prettyprint lang-config"><Location />
AllowMethods GET POST OPTIONS
-</Location>
-</pre>
+</Location></pre>
</div>
equivalent. The <code>reset</code> keyword can be used
turn off <code class="module"><a href="../mod/mod_allowmethods.html">mod_allowmethods</a></code> in a deeper nested context:</p>
-<pre class="prettyprint lang-config">
-<Location /svn>
+<pre class="prettyprint lang-config"><Location /svn>
AllowMethods reset
-</Location>
-</pre>
+</Location></pre>
<div class="note"><h3>Caution</h3>
acceptées par le serveur. La configuration la plus courante
est du style :</p>
-<pre class="prettyprint lang-config">
-<Location />
+<pre class="prettyprint lang-config"><Location />
AllowMethods GET POST OPTIONS
-</Location>
-</pre>
+</Location></pre>
</div>
<code class="module"><a href="../mod/mod_allowmethods.html">mod_allowmethods</a></code> dans les niveaux inférieurs
d'imbrication :</p>
-<pre class="prettyprint lang-config">
-<Location /svn>
+<pre class="prettyprint lang-config"><Location /svn>
AllowMethods reset
-</Location>
-</pre>
+</Location></pre>
<div class="note"><h3>Avertissement</h3>
<p>In this example, we pass a fixed username and password to a
backend server.</p>
- <div class="example"><h3>Fixed Example</h3><pre class="prettyprint lang-config">
-<Location /demo>
+ <div class="example"><h3>Fixed Example</h3><pre class="prettyprint lang-config"><Location /demo>
AuthBasicFake demo demopass
-</Location>
- </pre>
+</Location></pre>
</div>
<p>In this example, we pass the email address extracted from a client
directive. Like the FakeBasicAuth option, the password is set to the
fixed string "password".</p>
- <div class="example"><h3>Certificate Example</h3><pre class="prettyprint lang-config">
-<Location /secure>
+ <div class="example"><h3>Certificate Example</h3><pre class="prettyprint lang-config"><Location /secure>
AuthBasicFake %{SSL_CLIENT_S_DN_Email}
-</Location>
- </pre>
+</Location></pre>
</div>
<p>Extending the above example, we generate a password by hashing the
backend server. This can be used to gate into legacy systems that do
not support client certificates.</p>
- <div class="example"><h3>Password Example</h3><pre class="prettyprint lang-config">
-<Location /secure>
+ <div class="example"><h3>Password Example</h3><pre class="prettyprint lang-config"><Location /secure>
AuthBasicFake %{SSL_CLIENT_S_DN_Email} %{sha1:passphrase-%{SSL_CLIENT_S_DN_Email}}
-</Location>
- </pre>
+</Location></pre>
</div>
- <div class="example"><h3>Exclusion Example</h3><pre class="prettyprint lang-config">
-<Location /public>
+ <div class="example"><h3>Exclusion Example</h3><pre class="prettyprint lang-config"><Location /public>
AuthBasicFake off
-</Location>
- </pre>
+</Location></pre>
</div>
The default <code>file</code> provider is implemented
by the <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code> module. Make sure
that the chosen provider module is present in the server.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-<Location /secure>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"><Location /secure>
AuthType basic
AuthName "private area"
AuthBasicProvider dbm
AuthDBMType SDBM
AuthDBMUserFile /www/etc/dbmpasswd
Require valid-user
-</Location>
- </pre>
+</Location></pre>
</div>
<p> Providers are queried in order until a provider finds a match
for the requested username, at which point this sole provider will
prédéfinis sont transmis à un serveur d'arrière-plan :</p>
<div class="example"><h3>Exemple de transmission d'un nom d'utilisateur et
- d'un mot de passe prédéfinis</h3><pre class="prettyprint lang-config">
-<Location /demo>
+ d'un mot de passe prédéfinis</h3><pre class="prettyprint lang-config"><Location /demo>
AuthBasicFake demo demopass
-</Location>
- </pre>
+</Location></pre>
</div>
<p>Dans l'exemple suivant, l'adresse email extraite d'un certificat
FakeBasicAuth, le mot de passe se voit attribué le contenu fixe de
la chaîne "password".</p>
- <div class="example"><h3>Exemple d'utilisation avec un certificat</h3><pre class="prettyprint lang-config">
-<Location /secure>
+ <div class="example"><h3>Exemple d'utilisation avec un certificat</h3><pre class="prettyprint lang-config"><Location /secure>
AuthBasicFake %{SSL_CLIENT_S_DN_Email}
-</Location>
- </pre>
+</Location></pre>
</div>
<p>Pour compléter l'exemple précédent, il est possible de générer la
certificats clients.</p>
<div class="example"><h3>Exemple de génération de mot de passe par hashage de
- l'adresse email</h3><pre class="prettyprint lang-config">
-<Location /secure>
+ l'adresse email</h3><pre class="prettyprint lang-config"><Location /secure>
AuthBasicFake %{SSL_CLIENT_S_DN_Email} %{sha1:passphrase-%{SSL_CLIENT_S_DN_Email}}
-</Location>
- </pre>
+</Location></pre>
</div>
- <div class="example"><h3>Désactivation de l'authentification simulée</h3><pre class="prettyprint lang-config">
-<Location /public>
+ <div class="example"><h3>Désactivation de l'authentification simulée</h3><pre class="prettyprint lang-config"><Location /public>
AuthBasicFake off
-</Location>
- </pre>
+</Location></pre>
</div>
implémentant le fournisseur choisi soit bien présent dans le
serveur.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
-<Location /secure>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"><Location /secure>
AuthType basic
AuthName "private area"
AuthBasicProvider dbm
AuthDBMType SDBM
AuthDBMUserFile /www/etc/dbmpasswd
Require valid-user
-</Location>
- </pre>
+</Location></pre>
</div>
<p>Les fournisseurs sont sollicités dans l'ordre jusqu'à ce que l'un
d'entre eux trouve une correspondance pour le nom d'utilisateur de
<p>Appropriate user (text) files can be created using the
<code class="program"><a href="../programs/htdigest.html">htdigest</a></code> tool.</p>
- <div class="example"><h3>Example:</h3><pre class="prettyprint lang-config">
-<Location /private/>
+ <div class="example"><h3>Example:</h3><pre class="prettyprint lang-config"><Location /private/>
AuthType Digest
AuthName "private area"
AuthDigestDomain /private/ http://mirror.my.dom/private2/
AuthDigestProvider file
AuthUserFile /web/auth/.digest_pw
Require valid-user
-</Location>
- </pre>
+</Location></pre>
</div>
<div class="note"><h3>Note</h3>
express your value as KBytes or MBytes. For example, the following
directives are all equivalent:</p>
-<pre class="prettyprint lang-config">
-AuthDigestShmemSize 1048576
+<pre class="prettyprint lang-config">AuthDigestShmemSize 1048576
AuthDigestShmemSize 1024K
-AuthDigestShmemSize 1M
- </pre>
+AuthDigestShmemSize 1M</pre>
</div>
<p>On peut créer les fichiers utilisateur appropriés (au format
texte) à l'aide de l'outil <code class="program"><a href="../programs/htdigest.html">htdigest</a></code>.</p>
- <div class="example"><h3>Exemple :</h3><pre class="prettyprint lang-config">
-<Location /private/>
+ <div class="example"><h3>Exemple :</h3><pre class="prettyprint lang-config"><Location /private/>
AuthType Digest
AuthName "private area"
AuthDigestDomain /private/ http://mirror.my.dom/private2/
AuthDigestProvider file
AuthUserFile /web/auth/.digest_pw
Require valid-user
-</Location>
- </pre>
+</Location></pre>
</div>
<div class="note"><h3>Note</h3>
MégaOctets. Par exemple, les directives qui suivent sont toutes
équivalentes :</p>
- <pre class="prettyprint lang-config">
-AuthDigestShmemSize 1048576
+ <pre class="prettyprint lang-config">AuthDigestShmemSize 1048576
AuthDigestShmemSize 1024K
-AuthDigestShmemSize 1M
- </pre>
+AuthDigestShmemSize 1M</pre>
</div>
a file using <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>. If authentication is unsuccessful,
the user will be redirected to the form login page.</p>
- <div class="example"><h3>Basic example</h3><pre class="prettyprint lang-config">
-AuthFormProvider file
+ <div class="example"><h3>Basic example</h3><pre class="prettyprint lang-config">AuthFormProvider file
AuthUserFile conf/passwd
AuthType form
AuthName realm
AuthFormLoginRequiredLocation http://example.com/login.html
Session On
SessionCookieName session path=/
-SessionCryptoPassphrase secret
- </pre>
+SessionCryptoPassphrase secret</pre>
</div>
<p>The directive <code class="directive"><a href="../mod/mod_authn_core.html#authtype">AuthType</a></code> will enable
directive. Typically this login page will contain an HTML form, asking the user to
provide their usename and password.</p>
- <div class="example"><h3>Example login form</h3><pre class="prettyprint lang-html">
-<form method="POST" action="/dologin.html">
+ <div class="example"><h3>Example login form</h3><pre class="prettyprint lang-html"><form method="POST" action="/dologin.html">
Username: <input type="text" name="httpd_username" value="" />
Password: <input type="password" name="httpd_password" value="" />
<input type="submit" name="login" value="Login" />
-</form>
- </pre>
+</form></pre>
</div>
<p>The part that does the actual login is handled by the <var>form-login-handler</var>.
The action of the form should point at this handler, which is configured within
Apache httpd as follows:</p>
- <div class="example"><h3>Form login handler example</h3><pre class="prettyprint lang-config">
-<Location /dologin.html>
+ <div class="example"><h3>Form login handler example</h3><pre class="prettyprint lang-config"><Location /dologin.html>
SetHandler form-login-handler
AuthFormLoginRequiredLocation http://example.com/login.html
AuthFormLoginSuccessLocation http://example.com/success.html
Session On
SessionCookieName session path=/
SessionCryptoPassphrase secret
-</Location>
- </pre>
+</Location></pre>
</div>
<p>The URLs specified by the
form, as in the example below. As a result, the same <var>form-login-handler</var> can be
reused for different areas of a website.</p>
- <div class="example"><h3>Example login form with location</h3><pre class="prettyprint lang-html">
-<form method="POST" action="/dologin.html">
+ <div class="example"><h3>Example login form with location</h3><pre class="prettyprint lang-html"><form method="POST" action="/dologin.html">
Username: <input type="text" name="httpd_username" value="" />
Password: <input type="password" name="httpd_password" value="" />
<input type="submit" name="login" value="Login" />
<input type="hidden" name="httpd_location" value="http://example.com/success.html" />
-</form>
- </pre>
+</form></pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
returned by the <var>HTTP_UNAUTHORIZED</var> status code with a custom error document
containing the login form, as follows:</p>
- <div class="example"><h3>Basic inline example</h3><pre class="prettyprint lang-config">
-AuthFormProvider file
+ <div class="example"><h3>Basic inline example</h3><pre class="prettyprint lang-config">AuthFormProvider file
ErrorDocument 401 /login.shtml
AuthUserFile conf/passwd
AuthType form
AuthFormLoginRequiredLocation http://example.com/login.html
Session On
SessionCookieName session path=/
-SessionCryptoPassphrase secret
- </pre>
+SessionCryptoPassphrase secret</pre>
</div>
<p>The error document page should contain a login form with an empty action property,
the original protected URL, without the page having to know what that
URL is.</p>
- <div class="example"><h3>Example inline login form</h3><pre class="prettyprint lang-html">
-<form method="POST" <strong>action=""</strong>>
+ <div class="example"><h3>Example inline login form</h3><pre class="prettyprint lang-html"><form method="POST" <strong>action=""</strong>>
Username: <input type="text" name="httpd_username" value="" />
Password: <input type="password" name="httpd_password" value="" />
<input type="submit" name="login" value="Login" />
-</form>
-</pre>
+</form></pre>
</div>
<p>When the end user has filled in their login details, the form will make
<p>To enable body preservation, add three additional fields to the login form as
per the example below.</p>
- <div class="example"><h3>Example with body preservation</h3><pre class="prettyprint lang-html">
-<form method="POST" action="">
+ <div class="example"><h3>Example with body preservation</h3><pre class="prettyprint lang-html"><form method="POST" action="">
Username: <input type="text" name="httpd_username" value="" />
Password: <input type="password" name="httpd_password" value="" />
<input type="submit" name="login" value="Login" />
<br /> <strong><input type="hidden" name="httpd_method" value="POST" />
<input type="hidden" name="httpd_mimetype" value="application/x-www-form-urlencoded" />
<input type="hidden" name="httpd_body" value="name1=value1&name2=value2" /></strong><br />
-</form>
- </pre>
+</form></pre>
</div>
<p>How the method, mimetype and body of the original request are embedded within the
<p>Another option is to render the login form using a CGI script or other dynamic
technology.</p>
- <div class="example"><h3>CGI example</h3><pre class="prettyprint lang-config">
- AuthFormProvider file
+ <div class="example"><h3>CGI example</h3><pre class="prettyprint lang-config"> AuthFormProvider file
ErrorDocument 401 /cgi-bin/login.cgi
- ...
- </pre>
+ ...</pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
logout. This URL might explain to the user that they have been logged out, and
give the user the option to log in again.</p>
- <div class="example"><h3>Basic logout example</h3><pre class="prettyprint lang-config">
-SetHandler form-logout-handler
+ <div class="example"><h3>Basic logout example</h3><pre class="prettyprint lang-config">SetHandler form-logout-handler
AuthName realm
AuthFormLogoutLocation http://example.com/loggedout.html
Session On
SessionCookieName session path=/
-SessionCryptoPassphrase secret
- </pre>
+SessionCryptoPassphrase secret</pre>
</div>
<p>Note that logging a user out does not delete the session; it merely removes
value, like 1 (setting the directive to zero would mean no session age limit).
</p>
- <div class="example"><h3>Basic session expiry example</h3><pre class="prettyprint lang-config">
-SetHandler form-logout-handler
+ <div class="example"><h3>Basic session expiry example</h3><pre class="prettyprint lang-config">SetHandler form-logout-handler
AuthFormLogoutLocation http://example.com/loggedout.html
Session On
SessionMaxAge 1
SessionCookieName session path=/
-SessionCryptoPassphrase secret
- </pre>
+SessionCryptoPassphrase secret</pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<p>When a URI is accessed that is served by the handler <code>form-logout-handler</code>,
the page specified by this directive will be shown to the end user. For example:</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-<Location /logout>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"><Location /logout>
SetHandler form-logout-handler
AuthFormLogoutLocation http://example.com/loggedout.html
Session on
#...
-</Location>
- </pre>
+</Location></pre>
</div>
<p>An attempt to access the URI <var>/logout/</var> will result in the user being logged
by the <code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code> module. Make sure
that the chosen provider module is present in the server.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-<Location /secure>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"><Location /secure>
AuthType form
AuthName "private area"
AuthFormProvider dbm
AuthDBMUserFile /www/etc/dbmpasswd
Require valid-user
#...
-</Location>
- </pre>
+</Location></pre>
</div>
<p>Providers are implemented by <code class="module"><a href="../mod/mod_authn_dbm.html">mod_authn_dbm</a></code>,
l'utilisateur sera redirigé vers la page du formulaire de
connexion.</p>
- <div class="example"><h3>Exemple simple</h3><pre class="prettyprint lang-config">
-AuthFormProvider file
+ <div class="example"><h3>Exemple simple</h3><pre class="prettyprint lang-config">AuthFormProvider file
AuthUserFile conf/passwd
AuthType form
AuthName realm
AuthFormLoginRequiredLocation http://example.com/login.html
Session On
SessionCookieName session path=/
-SessionCryptoPassphrase secret
- </pre>
+SessionCryptoPassphrase secret</pre>
</div>
<p>L'authentification <code class="module"><a href="../mod/mod_auth_form.html">mod_auth_form</a></code> est activée
En général, la page de connexion contiendra un formulaire HTML
demandant à l'utilisateur de fournir un nom et un mot de passe.</p>
- <div class="example"><h3>Exemple de formulaire de connexion</h3><pre class="prettyprint lang-html">
-<form method="POST" action="/dologin.html">
+ <div class="example"><h3>Exemple de formulaire de connexion</h3><pre class="prettyprint lang-html"><form method="POST" action="/dologin.html">
Username: <input type="text" name="httpd_username" value="" />
Password: <input type="password" name="httpd_password" value="" />
<input type="submit" name="login" value="Login" />
-</form>
- </pre>
+</form></pre>
</div>
<p>La partie où s'effectue la connexion proprement dite est
que l'on configure dans Apache httpd comme suit :</p>
<div class="example"><h3>Exemple de configuration du gestionnaire de
- formulaire de connexion</h3><pre class="prettyprint lang-config">
-<Location /dologin.html>
+ formulaire de connexion</h3><pre class="prettyprint lang-config"><Location /dologin.html>
SetHandler form-login-handler
AuthFormLoginRequiredLocation http://example.com/login.html
AuthFormLoginSuccessLocation http://example.com/success.html
Session On
SessionCookieName session path=/
SessionCryptoPassphrase secret
-</Location>
- </pre>
+</Location></pre>
</div>
<p>L'URL spécifiée par la directive
<var>form-login-handler</var> pourra être utilisé pour différentes
zones du site web.</p>
- <div class="example"><h3>Exemple de formulaire d'authentification multizone</h3><pre class="prettyprint lang-html">
-<form method="POST" action="/dologin.html">
+ <div class="example"><h3>Exemple de formulaire d'authentification multizone</h3><pre class="prettyprint lang-html"><form method="POST" action="/dologin.html">
Username: <input type="text" name="httpd_username" value="" />
Password: <input type="password" name="httpd_password" value="" />
<input type="submit" name="login" value="Login" />
<input type="hidden" name="httpd_location" value="http://example.com/success.html" />
-</form>
- </pre>
+</form></pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<var>HTTP_UNAUTHORIZED</var> par un message d'erreur personnalisé
contenant le formulaire de connexion comme suit :</p>
- <div class="example"><h3>Exemple simple d'authentification à la volée</h3><pre class="prettyprint lang-config">
-AuthFormProvider file
+ <div class="example"><h3>Exemple simple d'authentification à la volée</h3><pre class="prettyprint lang-config">AuthFormProvider file
ErrorDocument 401 /login.shtml
AuthUserFile conf/passwd
AuthType form
AuthFormLoginRequiredLocation http://example.com/login.html
Session On
SessionCookieName session path=/
-SessionCryptoPassphrase secret
- </pre>
+SessionCryptoPassphrase secret</pre>
</div>
<p>La page du message d'erreur doit contenir un formulaire de
protégée originale, cette dernière n'ayant pas besoin d'être
connue de la page en cours.</p>
- <div class="example"><h3>Exemple de formulaire de connexion à la volée</h3><pre class="prettyprint lang-html">
-<form method="POST" <strong>action=""</strong>>
+ <div class="example"><h3>Exemple de formulaire de connexion à la volée</h3><pre class="prettyprint lang-html"><form method="POST" <strong>action=""</strong>>
Username: <input type="text" name="httpd_username" value="" />
Password: <input type="password" name="httpd_password" value="" />
<input type="submit" name="login" value="Login" />
-</form>
-</pre>
+</form></pre>
</div>
<p>Lorsque l'utilisateur final a entré ses informations de
comme dans l'exemple suivant :</p>
<div class="example"><h3>Exemple de formulaire avec conservation du
- contenu</h3><pre class="prettyprint lang-html">
-<form method="POST" action="">
+ contenu</h3><pre class="prettyprint lang-html"><form method="POST" action="">
Username: <input type="text" name="httpd_username" value="" />
Password: <input type="password" name="httpd_password" value="" />
<input type="submit" name="login" value="Login" />
<br /> <strong><input type="hidden" name="httpd_method" value="POST" />
<input type="hidden" name="httpd_mimetype" value="application/x-www-form-urlencoded" />
<input type="hidden" name="httpd_body" value="name1=value1&name2=value2" /></strong><br />
-</form>
- </pre>
+</form></pre>
</div>
<p>La manière dont la méthode, le type MIME et le contenu de la
connexion en utilisant un script CGI ou une autre technologie
dynamique.</p>
- <div class="example"><h3>Exemple avec script CGI</h3><pre class="prettyprint lang-config">
- AuthFormProvider file
+ <div class="example"><h3>Exemple avec script CGI</h3><pre class="prettyprint lang-config"> AuthFormProvider file
ErrorDocument 401 /cgi-bin/login.cgi
- ...
- </pre>
+ ...</pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
donner la possibilité de se connecter à nouveau.</p>
<div class="example"><h3>Exemple simple de configuration de la
- déconnexion</h3><pre class="prettyprint lang-config">
-SetHandler form-logout-handler
+ déconnexion</h3><pre class="prettyprint lang-config">SetHandler form-logout-handler
AuthName realm
AuthFormLogoutLocation http://example.com/loggedout.html
Session On
SessionCookieName session path=/
-SessionCryptoPassphrase secret
- </pre>
+SessionCryptoPassphrase secret</pre>
</div>
<p>Notez que la déconnexion d'un utilisateur ne supprime pas la
</p>
<div class="example"><h3>Exemple simple avec durée de validité de session
- limitée</h3><pre class="prettyprint lang-config">
-SetHandler form-logout-handler
+ limitée</h3><pre class="prettyprint lang-config">SetHandler form-logout-handler
AuthFormLogoutLocation http://example.com/loggedout.html
Session On
SessionMaxAge 1
SessionCookieName session path=/
-SessionCryptoPassphrase secret
- </pre>
+SessionCryptoPassphrase secret</pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<code>form-logout-handler</code>, la page spécifiée par cette
directive sera présentée à l'utilisateur final. Par exemple :</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
-<Location /logout>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"><Location /logout>
SetHandler form-logout-handler
AuthFormLogoutLocation http://example.com/loggedout.html
Session on
#...
-</Location>
- </pre>
+</Location></pre>
</div>
<p>Si un utilisateur tente d'accéder à l'URI <var>/logout/</var>, il
<code class="module"><a href="../mod/mod_authn_file.html">mod_authn_file</a></code>. Assurez-vous que le fournisseur
choisi soit bien présent dans le serveur.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
-<Location /secure>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"><Location /secure>
AuthType form
AuthName "private area"
AuthFormProvider dbm
AuthDBMUserFile /www/etc/dbmpasswd
Require valid-user
#...
-</Location>
- </pre>
+</Location></pre>
</div>
<p>Les différents fournisseurs sont implémentés par les modules
(<code class="directive"><a href="#anonymous_logemail">Anonymous_LogEmail</a></code>)</li>
</ul>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-<Directory /var/www/html/private>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"><Directory /var/www/html/private>
AuthName "Use 'anonymous' & Email address for guest entry"
AuthType Basic
AuthBasicProvider file anon
Anonymous anonymous guest www test welcome
Require valid-user
-</Directory>
- </pre>
+</Directory></pre>
</div>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
'<code>anonymous</code>' is always one of the allowed
userIDs.</p>
- <div class="example"><h3>Example:</h3><pre class="prettyprint lang-config">
- Anonymous anonymous "Not Registered" "I don't know"
- </pre>
+ <div class="example"><h3>Example:</h3><pre class="prettyprint lang-config"> Anonymous anonymous "Not Registered" "I don't know"</pre>
</div>
<p>This would allow the user to enter without password
(<code class="directive"><a href="#anonymous_logemail">Anonymous_LogEmail</a></code>)</li>
</ul>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
-<Directory /var/www/html/private>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"><Directory /var/www/html/private>
AuthName "Use 'anonymous' & Email address for guest entry"
AuthType Basic
AuthBasicProvider file anon
Anonymous anonymous guest www test welcome
Require valid-user
-</Directory>
- </pre>
+</Directory></pre>
</div>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
Il est fortement conseillé d'intégrer l'utilisateur spécial
'<code>anonymous</code>' dans la liste des identifiants.</p>
- <div class="example"><h3>Exemple:</h3><pre class="prettyprint lang-config">
- Anonymous anonymous "Not Registered" "I don't know"
- </pre>
+ <div class="example"><h3>Exemple:</h3><pre class="prettyprint lang-config"> Anonymous anonymous "Not Registered" "I don't know"</pre>
</div>
<p>Dans cet exemple, l'utilisateur peut accéder au site sans
<p>This example checks for passwords in two different text
files.</p>
- <div class="example"><h3>Checking multiple text password files</h3><pre class="prettyprint lang-config">
-# Check here first
+ <div class="example"><h3>Checking multiple text password files</h3><pre class="prettyprint lang-config"># Check here first
<AuthnProviderAlias file file1>
AuthUserFile /www/conf/passwords1
</AuthnProviderAlias>
AuthType Basic
AuthName "Protected Area"
Require valid-user
-</Directory>
- </pre>
+</Directory></pre>
</div>
<p>The example below creates two different ldap authentication
a single authenticated location to be serviced by multiple ldap
hosts:</p>
- <div class="example"><h3>Checking multiple LDAP servers</h3><pre class="prettyprint lang-config">
-<AuthnProviderAlias ldap ldap-alias1>
+ <div class="example"><h3>Checking multiple LDAP servers</h3><pre class="prettyprint lang-config"><AuthnProviderAlias ldap ldap-alias1>
AuthLDAPBindDN cn=youruser,o=ctx
AuthLDAPBindPassword yourpassword
AuthLDAPURL ldap://ldap.host/o=ctx
# Note that Require ldap-* would not work here, since the
# AuthnProviderAlias does not provide the config to authorization providers
# that are implemented in the same module as the authentication provider.
-</Directory>
- </pre>
+</Directory></pre>
</div>
<p>For example:</p>
- <pre class="prettyprint lang-config">
- AuthName "Top Secret"
- </pre>
+ <pre class="prettyprint lang-config"> AuthName "Top Secret"</pre>
<p>The string provided for the <code>AuthName</code> is what will
in the following example, clients may access the
<code>/www/docs/public</code> directory without authenticating:</p>
- <pre class="prettyprint lang-config">
-<Directory /www/docs>
+ <pre class="prettyprint lang-config"><Directory /www/docs>
AuthType Basic
AuthName Documents
AuthBasicProvider file
<Directory /www/docs/public>
AuthType None
Require all granted
-</Directory>
- </pre>
+</Directory></pre>
<div class="note">When disabling authentication, note that clients which have
textes différents.</p>
<div class="example"><h3>Vérification dans plusieurs fichiers de mots de
- passe au format texte</h3><pre class="prettyprint lang-config">
-# Première vérification
+ passe au format texte</h3><pre class="prettyprint lang-config"># Première vérification
<AuthnProviderAlias file file1>
AuthUserFile /www/conf/passwords1
</AuthnProviderAlias>
AuthType Basic
AuthName "Protected Area"
Require valid-user
-</Directory>
- </pre>
+</Directory></pre>
</div>
ldap :</p>
<div class="example"><h3>Vérification auprès de plusieurs serveurs
- LDAP</h3><pre class="prettyprint lang-config">
-<AuthnProviderAlias ldap ldap-alias1>
+ LDAP</h3><pre class="prettyprint lang-config"><AuthnProviderAlias ldap ldap-alias1>
AuthLDAPBindDN cn=youruser,o=ctx
AuthLDAPBindPassword yourpassword
AuthLDAPURL ldap://ldap.host/o=ctx
# AuthnProviderAlias ne fournit pas de configuration pour les
# fournisseurs d'autorisation implémentés dans le même module que le
# fournisseur d'authentification.
-</Directory>
- </pre>
+</Directory></pre>
</div>
<p>Par exemple :</p>
- <pre class="prettyprint lang-config">
- AuthName "Top Secret"
- </pre>
+ <pre class="prettyprint lang-config"> AuthName "Top Secret"</pre>
<p>La chaîne fournie comme argument à <code>AuthName</code>
l'exemple suivant, les clients peuvent accéder au répertoire
<code>/www/docs/public</code> sans devoir s'authentifier :</p>
- <pre class="prettyprint lang-config">
-<Directory /www/docs>
+ <pre class="prettyprint lang-config"><Directory /www/docs>
AuthType Basic
AuthName Documents
AuthBasicProvider file
<Directory /www/docs/public>
AuthType None
Require all granted
-</Directory>
- </pre>
+</Directory></pre>
<div class="note">Veuillez noter que, lorsque l'authentification n'est pas
<p>This simple example shows use of this module in the context of
the Authentication and DBD frameworks.</p>
-<pre class="prettyprint lang-config">
-# mod_dbd configuration
+<pre class="prettyprint lang-config"># mod_dbd configuration
# UPDATED to include authentication cacheing
DBDriver pgsql
DBDParams "dbname=apacheauth user=apache password=xxxxxx"
# mod_authn_dbd SQL query to authenticate a user
AuthDBDUserPWQuery "SELECT password FROM authn WHERE user = %s"
-</Directory>
-</pre>
+</Directory></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
will be passed as a single string parameter when the SQL query is
executed. It may be referenced within the query statement using
a <code>%s</code> format specifier.</p>
- <pre class="prettyprint lang-config">
-AuthDBDUserPWQuery "SELECT password FROM authn WHERE user = %s"
-</pre>
+ <pre class="prettyprint lang-config">AuthDBDUserPWQuery "SELECT password FROM authn WHERE user = %s"</pre>
<p>The first column value of the first row returned by the query
statement should be a string containing the encrypted password.
The user's ID and the realm, in that order, will be passed as string
parameters when the SQL query is executed. They may be referenced
within the query statement using <code>%s</code> format specifiers.</p>
- <pre class="prettyprint lang-config">
-AuthDBDUserRealmQuery "SELECT password FROM authn WHERE user = %s AND realm = %s"
-</pre>
+ <pre class="prettyprint lang-config">AuthDBDUserRealmQuery "SELECT password FROM authn WHERE user = %s AND realm = %s"</pre>
<p>The first column value of the first row returned by the query
statement should be a string containing the encrypted password.
<p>Voici un exemple simple d'utilisation de ce module dans un contexte
d'authentification et de bases de données.</p>
-<pre class="prettyprint lang-config">
-# configuration de mod_dbd modifiée pour inclure la mise en cache de
+<pre class="prettyprint lang-config"># configuration de mod_dbd modifiée pour inclure la mise en cache de
# l'authentification
DBDriver pgsql
DBDParams "dbname=apacheauth user=apache password=xxxxxx"
# la requête SQL de mod_authn_dbd pour authentifier un utilisateur
AuthDBDUserPWQuery "SELECT password FROM authn WHERE user = %s"
-</Directory>
-</pre>
+</Directory></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
paramètre sous forme d'une seule chaîne de caractères lorsque la
requête sera exécutée. Cet identifiant est référencé dans la requête
en utilisant le spécificateur de format <code>%s</code>.</p>
- <pre class="prettyprint lang-config">
-AuthDBDUserPWQuery "SELECT password FROM authn WHERE user = %s"
-</pre>
+ <pre class="prettyprint lang-config">AuthDBDUserPWQuery "SELECT password FROM authn WHERE user = %s"</pre>
<p>La première colonne du premier enregistrement renvoyé par la
requête se présentera sous la forme d'une chaîne de caractères
sont passés dans cet ordre comme paramètres à l'exécution de la
requête. Ils sont référencés dans la chaîne de la requête en
utilisant des spécificateurs de format <code>%s</code>.</p>
- <pre class="prettyprint lang-config">
-AuthDBDUserRealmQuery "SELECT password FROM authn WHERE user = %s AND realm = %s"
-</pre>
+ <pre class="prettyprint lang-config">AuthDBDUserRealmQuery "SELECT password FROM authn WHERE user = %s AND realm = %s"</pre>
<p>La première colonne du premier enregistrement renvoyé par la
requête se présentera sous la forme d'une chaîne de caractères
</ol>
<p>A simple usage example to accelerate <code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code>
using dbm as a cache engine:</p>
- <pre class="prettyprint lang-config">
-#AuthnCacheSOCache is optional. If specified, it is server-wide
+ <pre class="prettyprint lang-config">#AuthnCacheSOCache is optional. If specified, it is server-wide
AuthnCacheSOCache dbm
<Directory /usr/www/myhost/private>
AuthType Basic
Require valid-user
#Optional
AuthnCacheContext dbd-authn-example
-</Directory>
- </pre>
+</Directory></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<p>For example, to cache credentials found by <code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code>
or by a custom provider <var>myprovider</var>, but leave those looked
up by lightweight providers like file or dbm lookup alone:</p>
- <pre class="prettyprint lang-config">
-AuthnCacheProvideFor dbd myprovider
- </pre>
+ <pre class="prettyprint lang-config">AuthnCacheProvideFor dbd myprovider</pre>
</div>
<p>Voici un exemple simple permettant d'accélérer
<code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code> et utilisant dbm comme moteur de la
mise en cache :</p>
- <pre class="prettyprint lang-config">
- #AuthnCacheSOCache est optionnel. S'il est défini, il l'est pour
+ <pre class="prettyprint lang-config"> #AuthnCacheSOCache est optionnel. S'il est défini, il l'est pour
#l'ensemble du serveur
AuthnCacheSOCache dbm
<Directory /usr/www/myhost/private>
Require valid-user
#Optionnel
AuthnCacheContext dbd-authn-example
-</Directory>
- </pre>
+</Directory></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
trouvées par <code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code> ou par un fournisseur
personnalisé <var>mon-fournisseur</var>, et ne pas mettre en cache
celles trouvées par les fournisseurs légers comme file ou dbm :</p>
- <pre class="prettyprint lang-config">
-AuthnCacheProvideFor dbd mon-fournisseur
- </pre>
+ <pre class="prettyprint lang-config">AuthnCacheProvideFor dbd mon-fournisseur</pre>
</div>
expected to authenticate the client using the provided user id and
password. Example application:
-<pre class="prettyprint lang-perl">
-#!/usr/bin/perl
+<pre class="prettyprint lang-perl">#!/usr/bin/perl
use FCGI;
while (FCGI::accept >= 0) {
die if $ENV{'FCGI_APACHE_ROLE'} ne "AUTHENTICATOR";
else {
print "Status: 401\n\n";
}
-}
-</pre>
+}</pre>
Example configuration:
-<pre class="prettyprint lang-config">
-AuthnzFcgiDefineProvider authn FooAuthn fcgi://localhost:10102/
+<pre class="prettyprint lang-config">AuthnzFcgiDefineProvider authn FooAuthn fcgi://localhost:10102/
<Location /protected/>
AuthType Basic
AuthName "Restricted"
AuthBasicProvider FooAuthn
Require ...
-</Location>
-</pre>
+</Location></pre>
</dd>
AuthnzFcgiDefineProvider</a></code>. When invoked, the application
is expected to authorize the client using the provided user id and other
request data. Example application:
-<pre class="prettyprint lang-perl">
-#!/usr/bin/perl
+<pre class="prettyprint lang-perl">#!/usr/bin/perl
use FCGI;
while (FCGI::accept >= 0) {
die if $ENV{'FCGI_APACHE_ROLE'} ne "AUTHORIZER";
else {
print "Status: 403\n\n";
}
-}
-</pre>
+}</pre>
Example configuration:
-<pre class="prettyprint lang-config">
-AuthnzFcgiDefineProvider authz FooAuthz fcgi://localhost:10103/
+<pre class="prettyprint lang-config">AuthnzFcgiDefineProvider authz FooAuthz fcgi://localhost:10103/
<Location /protected/>
AuthType ...
AuthName ...
AuthBasicProvider ...
Require FooAuthz
-</Location>
-</pre>
+</Location></pre>
</dd>
authorization phase (via <code class="directive">Require</code>), mod_authnz_fcgi
will return success for the authorization phase without invoking the
application. Example application:
-<pre class="prettyprint lang-perl">
-#!/usr/bin/perl
+<pre class="prettyprint lang-perl">#!/usr/bin/perl
use FCGI;
while (FCGI::accept >= 0) {
die if $ENV{'FCGI_APACHE_ROLE'};
else {
print "Status: 401\n\n";
}
-}
-</pre>
+}</pre>
Example configuration:
-<pre class="prettyprint lang-config">
-AuthnzFcgiDefineProvider authnz FooAuthnz fcgi://localhost:10103/
+<pre class="prettyprint lang-config">AuthnzFcgiDefineProvider authnz FooAuthnz fcgi://localhost:10103/
<Location /protected/>
AuthType Basic
AuthName "Restricted"
AuthBasicProvider FooAuthnz
Require FooAuthnz
-</Location>
-</pre>
+</Location></pre>
</dd>
provider type <em>authn</em> using <code class="directive"><a href="#authnzfcgidefineprovider">
AuthnzFcgiDefineProvider</a></code>. <code class="directive"><a href="#authnzfcgicheckauthnprovider">AuthnzFcgiCheckAuthnProvider</a></code>
specifies when it is called. Example application:
-<pre class="prettyprint lang-perl">
-#!/usr/bin/perl
+<pre class="prettyprint lang-perl">#!/usr/bin/perl
use FCGI;
while (FCGI::accept >= 0) {
die if $ENV{'FCGI_APACHE_ROLE'} ne "AUTHENTICATOR";
# If a response body is written here, it will be returned to
# the client.
}
-}
-</pre>
+}</pre>
Example configuration:
-<pre class="prettyprint lang-config">
-AuthnzFcgiDefineProvider authn FooAuthn fcgi://localhost:10103/
+<pre class="prettyprint lang-config">AuthnzFcgiDefineProvider authn FooAuthn fcgi://localhost:10103/
<Location /protected/>
AuthType ...
AuthName ...
RequireBasicAuth Off \
UserExpr "%{reqenv:REMOTE_USER}"
Require ...
-</Location>
-</pre>
+</Location></pre>
</dd>
separate providers as follows, even if they map to the same
application:
-<pre class="prettyprint lang-config">
-AuthnzFcgiDefineProvider authn FooAuthn fcgi://localhost:10102/
-AuthnzFcgiDefineProvider authz FooAuthz fcgi://localhost:10102/
-</pre>
+<pre class="prettyprint lang-config">AuthnzFcgiDefineProvider authn FooAuthn fcgi://localhost:10102/
+AuthnzFcgiDefineProvider authz FooAuthz fcgi://localhost:10102/</pre>
Specify the authn provider on
and the authz provider on
<code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code>:
-<pre class="prettyprint lang-config">
-AuthType Basic
+<pre class="prettyprint lang-config">AuthType Basic
AuthName "Restricted"
AuthBasicProvider FooAuthn
-Require FooAuthz
-</pre>
+Require FooAuthz</pre>
</li>
(authentication and authorizer in one invocation), define a
single provider as follows:
-<pre class="prettyprint lang-config">
-AuthnzFcgiDefineProvider authnz FooAuthnz fcgi://localhost:10103/
-</pre>
+<pre class="prettyprint lang-config">AuthnzFcgiDefineProvider authnz FooAuthnz fcgi://localhost:10103/</pre>
Specify the authnz provider on both <code class="directive">AuthBasicProvider</code>
and <code class="directive">Require</code>:
-<pre class="prettyprint lang-config">
-AuthType Basic
+<pre class="prettyprint lang-config">AuthType Basic
AuthName "Restricted"
AuthBasicProvider FooAuthnz
-Require FooAuthnz
-</pre>
+Require FooAuthnz</pre>
</li>
</ol>
to configure a log level specific to mod_authnz_fcgi. For
example:</p>
-<pre class="prettyprint lang-config">
-LogLevel info authnz_fcgi:trace8
-</pre>
+<pre class="prettyprint lang-config">LogLevel info authnz_fcgi:trace8</pre>
</div>
<code>ldap://ldap/o=Example?cn</code> (i.e., <code>cn</code> is
used for searches), the following Require directives could be used
to restrict access:</p>
-<pre class="prettyprint lang-config">
-Require ldap-user "Barbara Jenson"
+<pre class="prettyprint lang-config">Require ldap-user "Barbara Jenson"
Require ldap-user "Fred User"
-Require ldap-user "Joe Manager"
-</pre>
+Require ldap-user "Joe Manager"</pre>
<p>Because of the way that <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> handles this
group. Note: Do not surround the group name with quotes.
For example, assume that the following entry existed in
the LDAP directory:</p>
-<div class="example"><pre>
-dn: cn=Administrators, o=Example
+<div class="example"><pre>dn: cn=Administrators, o=Example
objectClass: groupOfUniqueNames
uniqueMember: cn=Barbara Jenson, o=Example
-uniqueMember: cn=Fred User, o=Example
-</pre></div>
+uniqueMember: cn=Fred User, o=Example</pre></div>
<p>The following directive would grant access to both Fred and
Barbara:</p>
if <code class="directive"><a href="#authldapmaxsubgroupdepth">AuthLDAPMaxSubGroupDepth</a></code>
is set to a value greater than 0. For example, assume the following entries
exist in the LDAP directory:</p>
-<div class="example"><pre>
-dn: cn=Employees, o=Example
+<div class="example"><pre>dn: cn=Employees, o=Example
objectClass: groupOfUniqueNames
uniqueMember: cn=Managers, o=Example
uniqueMember: cn=Administrators, o=Example
dn: cn=Temporary Employees, o=Example
objectClass: groupOfUniqueNames
uniqueMember: cn=Jim Swenson, o=Example
-uniqueMember: cn=Elliot Rhodes, o=Example
-</pre></div>
+uniqueMember: cn=Elliot Rhodes, o=Example</pre></div>
<p>The following directives would allow access for Bob Ellis, Tom Jackson,
Barbara Jensen, Fred User, Allan Jefferson, and Paul Tilley but would not
allow access for Jim Swenson, or Elliot Rhodes (since they are at a
sub-group depth of 2):</p>
-<pre class="prettyprint lang-config">
-Require ldap-group cn=Employees, o-Example
-AuthLDAPMaxSubGroupDepth 1
-</pre>
+<pre class="prettyprint lang-config">Require ldap-group cn=Employees, o-Example
+AuthLDAPMaxSubGroupDepth 1</pre>
<p>Behavior of this directive is modified by the <code class="directive"><a href="#authldapgroupattribute">AuthLDAPGroupAttribute</a></code>, <code class="directive"><a href="#authldapgroupattributeisdn">AuthLDAPGroupAttributeIsDN</a></code>, <code class="directive"><a href="#authldapmaxsubgroupdepth">AuthLDAPMaxSubGroupDepth</a></code>, <code class="directive"><a href="#authldapsubgroupattribute">AuthLDAPSubGroupAttribute</a></code>, and <code class="directive"><a href="#authldapsubgroupclass">AuthLDAPSubGroupClass</a></code>
<li>
Grant access to anyone who exists in the LDAP directory,
using their UID for searches.
-<pre class="prettyprint lang-config">
-AuthLDAPURL "ldap://ldap1.example.com:389/ou=People, o=Example?uid?sub?(objectClass=*)"
-Require valid-user
-</pre>
+<pre class="prettyprint lang-config">AuthLDAPURL "ldap://ldap1.example.com:389/ou=People, o=Example?uid?sub?(objectClass=*)"
+Require valid-user</pre>
</li>
that have useful defaults omitted. Also, note the use of a
redundant LDAP server.
<pre class="prettyprint lang-config">AuthLDAPURL "ldap://ldap1.example.com ldap2.example.com/ou=People, o=Example"
-Require valid-user
-</pre>
+Require valid-user</pre>
</li>
this approach is not recommended: it's a better idea to
choose an attribute that is guaranteed unique in your
directory, such as <code>uid</code>.
-<pre class="prettyprint lang-config">
-AuthLDAPURL "ldap://ldap.example.com/ou=People, o=Example?cn"
-Require valid-user
-</pre>
+<pre class="prettyprint lang-config">AuthLDAPURL "ldap://ldap.example.com/ou=People, o=Example?cn"
+Require valid-user</pre>
</li>
<li>
Grant access to anybody in the Administrators group. The
users must authenticate using their UID.
-<pre class="prettyprint lang-config">
-AuthLDAPURL ldap://ldap.example.com/o=Example?uid
-Require ldap-group cn=Administrators, o=Example
-</pre>
+<pre class="prettyprint lang-config">AuthLDAPURL ldap://ldap.example.com/o=Example?uid
+Require ldap-group cn=Administrators, o=Example</pre>
</li>
Grant access to anybody in the group whose name matches the
hostname of the virtual host. In this example an
<a href="../expr.html">expression</a> is used to build the filter.
-<pre class="prettyprint lang-config">
-AuthLDAPURL ldap://ldap.example.com/o=Example?uid
-Require ldap-group cn=%{SERVER_NAME}, o=Example
-</pre>
+<pre class="prettyprint lang-config">AuthLDAPURL ldap://ldap.example.com/o=Example?uid
+Require ldap-group cn=%{SERVER_NAME}, o=Example</pre>
</li>
of <code>qpagePagerID</code>. The example will grant access
only to people (authenticated via their UID) who have
alphanumeric pagers:
-<pre class="prettyprint lang-config">
-AuthLDAPURL ldap://ldap.example.com/o=Example?uid??(qpagePagerID=*)
-Require valid-user
-</pre>
+<pre class="prettyprint lang-config">AuthLDAPURL ldap://ldap.example.com/o=Example?uid??(qpagePagerID=*)
+Require valid-user</pre>
</li>
a pager, plus grant access to Joe Manager, who doesn't
have a pager, but does need to access the same
resource:</p>
-<pre class="prettyprint lang-config">
-AuthLDAPURL ldap://ldap.example.com/o=Example?uid??(|(qpagePagerID=*)(uid=jmanager))
-Require valid-user
-</pre>
+<pre class="prettyprint lang-config">AuthLDAPURL ldap://ldap.example.com/o=Example?uid??(|(qpagePagerID=*)(uid=jmanager))
+Require valid-user</pre>
<p>This last may look confusing at first, so it helps to
subtree search for the attribute <em>userPrincipalName</em>, with
an empty search root, like so:</p>
-<pre class="prettyprint lang-config">
-AuthLDAPBindDN apache@example.com
+<pre class="prettyprint lang-config">AuthLDAPBindDN apache@example.com
AuthLDAPBindPassword password
-AuthLDAPURL ldap://10.0.0.1:3268/?userPrincipalName?sub
-</pre>
+AuthLDAPURL ldap://10.0.0.1:3268/?userPrincipalName?sub</pre>
<p>Users will need to enter their User Principal Name as a login, in
authentication to it is a matter of adding the following
directives to <em>every</em> <code>.htaccess</code> file
that gets created in the web</p>
-<pre class="prettyprint lang-config">
-AuthLDAPURL "the url"
+<pre class="prettyprint lang-config">AuthLDAPURL "the url"
AuthGroupFile mygroupfile
-Require group mygroupfile
-</pre>
+Require group mygroupfile</pre>
<h3><a name="howitworks" id="howitworks">How It Works</a></h3>
<p>If the value begins with exec: the resulting command will be
executed and the first line returned to standard output by the
program will be used as the password.</p>
-<div class="example"><pre>
-#Password used as-is
+<div class="example"><pre>#Password used as-is
AuthLDAPBindPassword secret
#Run /path/to/program to get my password
AuthLDAPBindPassword exec:/path/to/program
#Run /path/to/otherProgram and provide arguments
-AuthLDAPBindPassword "exec:/path/to/otherProgram argument1"
-</pre></div>
+AuthLDAPBindPassword "exec:/path/to/otherProgram argument1"</pre></div>
</div>
<code class="directive"><a href="#authldapbinddn">AuthLDAPBindDN</a></code>.
</p>
- <pre class="prettyprint lang-config"> AuthLDAPInitialBindPattern (.+) $1@example.com </pre>
+ <pre class="prettyprint lang-config"> AuthLDAPInitialBindPattern (.+) $1@example.com</pre>
<pre class="prettyprint lang-config"> AuthLDAPInitialBindPattern (.+) cn=$1,dc=example,dc=com</pre>
<code>cn</code> sera utilisé pour les recherches), on pourra
utiliser les directives Require suivantes pour restreindre l'accès
:</p>
-<pre class="prettyprint lang-config">
-Require ldap-user "Barbara Jenson"
+<pre class="prettyprint lang-config">Require ldap-user "Barbara Jenson"
Require ldap-user "Fred User"
-Require ldap-user "Joe Manager"
-</pre>
+Require ldap-user "Joe Manager"</pre>
<p>De par la manière dont <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code> traite
DN du groupe LDAP. Note : n'entourez pas le nom du groupe avec des
guillemets. Par exemple, supposons que l'entrée suivante existe dans
l'annuaire LDAP :</p>
-<div class="example"><pre>
-dn: cn=Administrators, o=Example
+<div class="example"><pre>dn: cn=Administrators, o=Example
objectClass: groupOfUniqueNames
uniqueMember: cn=Barbara Jenson, o=Example
-uniqueMember: cn=Fred User, o=Example
-</pre></div>
+uniqueMember: cn=Fred User, o=Example</pre></div>
<p>La directive suivante autoriserait alors l'accès à Fred et
Barbara :</p>
groupe LDAP spécifié si la directive <code class="directive"><a href="#authldapmaxsubgroupdepth">AuthLDAPMaxSubGroupDepth</a></code> a été
définie à une valeur supérieure à 0. Par exemple, supposons que les
entrées suivantes existent dans l'annuaire LDAP :</p>
-<div class="example"><pre>
-dn: cn=Employees, o=Example
+<div class="example"><pre>dn: cn=Employees, o=Example
objectClass: groupOfUniqueNames
uniqueMember: cn=Managers, o=Example
uniqueMember: cn=Administrators, o=Example
dn: cn=Temporary Employees, o=Example
objectClass: groupOfUniqueNames
uniqueMember: cn=Jim Swenson, o=Example
-uniqueMember: cn=Elliot Rhodes, o=Example
-</pre></div>
+uniqueMember: cn=Elliot Rhodes, o=Example</pre></div>
<p>Les directives suivantes autoriseraient alors l'accès à Bob
Ellis, Tom Jackson, Barbara Jensen, Fred User, Allan Jefferson, et
Paul Tilley, mais l'interdiraient à Jim Swenson, ou Elliot Rhodes
(car ils sont situés dans un sous-groupe de niveau de profondeur 2)
:</p>
-<pre class="prettyprint lang-config">
-Require ldap-group cn=Employees, o-Example
-AuthLDAPMaxSubGroupDepth 1
-</pre>
+<pre class="prettyprint lang-config">Require ldap-group cn=Employees, o-Example
+AuthLDAPMaxSubGroupDepth 1</pre>
<p>Le comportement de cette directive est modifié par les directives
Accorde l'autorisation d'accès à tout utilisateur présent dans
l'annuaire LDAP, en utilisant son UID pour effectuer la
recherche :
-<pre class="prettyprint lang-config">
-AuthLDAPURL "ldap://ldap1.example.com:389/ou=People, o=Example?uid?sub?(objectClass=*)"
-Require valid-user
-</pre>
+<pre class="prettyprint lang-config">AuthLDAPURL "ldap://ldap1.example.com:389/ou=People, o=Example?uid?sub?(objectClass=*)"
+Require valid-user</pre>
</li>
dont les valeurs par défaut conviennent sont omis. Notez aussi
la présence d'un annuaire LDAP redondant :
<pre class="prettyprint lang-config">AuthLDAPURL "ldap://ldap1.example.com ldap2.example.com/ou=People, o=Example"
-Require valid-user
-</pre>
+Require valid-user</pre>
</li>
approche n'est pas recommandée : il est préférable de choisir un
attribut de votre annuaire dont l'unicité soit garantie, comme
<code>uid</code>.
-<pre class="prettyprint lang-config">
-AuthLDAPURL "ldap://ldap.example.com/ou=People, o=Example?cn"
-Require valid-user
-</pre>
+<pre class="prettyprint lang-config">AuthLDAPURL "ldap://ldap.example.com/ou=People, o=Example?cn"
+Require valid-user</pre>
</li>
Accorde l'autorisation d'accès à tout utilisateur appartenant au
groupe Administrateurs. Les utilisateurs doivent s'authentifier
en utilisant leur UID :
-<pre class="prettyprint lang-config">
-AuthLDAPURL ldap://ldap.example.com/o=Example?uid
-Require ldap-group cn=Administrators, o=Example
-</pre>
+<pre class="prettyprint lang-config">AuthLDAPURL ldap://ldap.example.com/o=Example?uid
+Require ldap-group cn=Administrators, o=Example</pre>
</li>
nom correspond au nom d'hôte du serveur virtuel. Dans cet exemple,
on utilise une <a href="../expr.html">expression</a> pour
construire le filtre.
-<pre class="prettyprint lang-config">
-AuthLDAPURL ldap://ldap.example.com/o=Example?uid
-Require ldap-group cn=%{SERVER_NAME}, o=Example
-</pre>
+<pre class="prettyprint lang-config">AuthLDAPURL ldap://ldap.example.com/o=Example?uid
+Require ldap-group cn=%{SERVER_NAME}, o=Example</pre>
</li>
attribut LDAP <code>qpagePagerID</code>. Seuls ces utilisateurs
(authentifiés via leur UID) se verront accorder l'autorisation
d'accès :
-<pre class="prettyprint lang-config">
-AuthLDAPURL ldap://ldap.example.com/o=Example?uid??(qpagePagerID=*)
-Require valid-user
-</pre>
+<pre class="prettyprint lang-config">AuthLDAPURL ldap://ldap.example.com/o=Example?uid??(qpagePagerID=*)
+Require valid-user</pre>
</li>
tout utilisateur disposant d'un bippeur ainsi qu'à Joe Manager
qui ne possède pas de bippeur, mais doit tout de même pouvoir
accéder à la ressource :</p>
-<pre class="prettyprint lang-config">
-AuthLDAPURL ldap://ldap.example.com/o=Example?uid??(|(qpagePagerID=*)(uid=jmanager))
-Require valid-user
-</pre>
+<pre class="prettyprint lang-config">AuthLDAPURL ldap://ldap.example.com/o=Example?uid??(|(qpagePagerID=*)(uid=jmanager))
+Require valid-user</pre>
<p>Ce dernier exemple peut sembler confus au premier abord ; en
l'attribut <em>userPrincipalName</em>, avec une base de recherche
vide, comme suit :</p>
-<pre class="prettyprint lang-config">
-AuthLDAPBindDN apache@example.com
+<pre class="prettyprint lang-config">AuthLDAPBindDN apache@example.com
AuthLDAPBindPassword password
-AuthLDAPURL ldap://10.0.0.1:3268/?userPrincipalName?sub
-</pre>
+AuthLDAPURL ldap://10.0.0.1:3268/?userPrincipalName?sub</pre>
<p>Les utilisateurs devront s'authentifier en entrant leur UPN, de
l'authentification LDAP consiste à ajouter les directives suivantes
à <em>chaque</em> fichier <code>.htaccess</code> qui sera créé dans
le site web :</p>
-<pre class="prettyprint lang-config">
-AuthLDAPURL "the url"
+<pre class="prettyprint lang-config">AuthLDAPURL "the url"
AuthGroupFile mygroupfile
-Require group mygroupfile
-</pre>
+Require group mygroupfile</pre>
<h3><a name="howitworks" id="howitworks">Comment ça marche</a></h3>
<p>Si la valeur commence par exec:, la commande résultante sera
exécutée, et la première ligne renvoyée sur la sortie standard sera
utilisée comme mot de passe.</p>
-<div class="example"><pre>
-#Mot de passe utilisé tel quel
+<div class="example"><pre>#Mot de passe utilisé tel quel
AuthLDAPBindPassword secret
#Exécute /path/to/program pour obtenir le mot de passe
AuthLDAPBindPassword exec:/path/to/program
#Exécute /path/to/otherProgram avec un argument pour obtenir le mot de passe
-AuthLDAPBindPassword "exec:/path/to/otherProgram argument1"
-</pre></div>
+AuthLDAPBindPassword "exec:/path/to/otherProgram argument1"</pre></div>
</div>
utiliser de nom d'utilisateur dédié via la directive <code class="directive"><a href="#authldapbinddn">AuthLDAPBindDN</a></code>.
</p>
- <pre class="prettyprint lang-config"> AuthLDAPInitialBindPattern (.+) $1@example.com </pre>
+ <pre class="prettyprint lang-config"> AuthLDAPInitialBindPattern (.+) $1@example.com</pre>
<pre class="prettyprint lang-config"> AuthLDAPInitialBindPattern (.+) cn=$1,dc=example,dc=com</pre>
not belong to either the <code>temps</code> group or the
LDAP group <code>Temporary Employees</code>.</p>
- <pre class="prettyprint lang-config">
-<Directory /www/mydocs>
+ <pre class="prettyprint lang-config"><Directory /www/mydocs>
<RequireAll>
<RequireAny>
Require user superadmin
Require ldap-group cn=Temporary Employees,o=Airius
</RequireNone>
</RequireAll>
-</Directory>
- </pre>
+</Directory></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<code>User-Agent</code> (browser type), <code>Referer</code>, or
other HTTP request header fields.</p>
- <pre class="prettyprint lang-config">
-SetEnvIf User-Agent ^KnockKnock/2\.0 let_me_in
+ <pre class="prettyprint lang-config">SetEnvIf User-Agent ^KnockKnock/2\.0 let_me_in
<Directory /docroot>
Require env let_me_in
-</Directory>
- </pre>
+</Directory></pre>
<p>In this case, browsers with a user-agent string beginning
'granted' or 'denied'. The following examples will grant or deny
access to all requests.</p>
- <pre class="prettyprint lang-config">
- Require all granted
- </pre>
+ <pre class="prettyprint lang-config"> Require all granted</pre>
- <pre class="prettyprint lang-config">
- Require all denied
- </pre>
+ <pre class="prettyprint lang-config"> Require all denied</pre>
<p>The following example will only allow GET, HEAD, POST, and OPTIONS
requests:</p>
- <pre class="prettyprint lang-config">
- Require method GET POST OPTIONS
- </pre>
+ <pre class="prettyprint lang-config"> Require method GET POST OPTIONS</pre>
<p>The following example will allow GET, HEAD, POST, and OPTIONS
requests without authentication, and require a valid user for all other
methods:</p>
- <pre class="prettyprint lang-config">
-<RequireAny>
- Require method GET POST OPTIONS
- Require valid-user
-</RequireAny>
- </pre>
+ <pre class="prettyprint lang-config"><RequireAny>
+ Require method GET POST OPTIONS
+ Require valid-user
+</RequireAny></pre>
<p>The <code>expr</code> provider allows to base authorization
decisions on arbitrary expressions.</p>
- <pre class="prettyprint lang-config">
- Require expr "%{TIME_HOUR} -ge 9 && %{TIME_HOUR} -le 17"
- </pre>
+ <pre class="prettyprint lang-config"> Require expr "%{TIME_HOUR} -ge 9 && %{TIME_HOUR} -le 17"</pre>
<p>The syntax is described in the <a href="../expr.html">ap_expr</a>
multiple ldap hosts:
</p>
- <pre class="prettyprint lang-config">
-<AuthzProviderAlias ldap-group ldap-group-alias1 cn=my-group,o=ctx>
+ <pre class="prettyprint lang-config"><AuthzProviderAlias ldap-group ldap-group-alias1 cn=my-group,o=ctx>
AuthLDAPBindDN cn=youruser,o=ctx
AuthLDAPBindPassword yourpassword
AuthLDAPURL ldap://ldap.host/o=ctx
#implied OR operation
Require ldap-group-alias1
Require ldap-group-alias2
-</Directory>
- </pre>
+</Directory></pre>
preceding sections. Thus only users belong to the group
<code>gamma</code> may access <code>/www/docs/ab/gamma</code>.</div>
- <pre class="prettyprint lang-config">
-<Directory /www/docs>
+ <pre class="prettyprint lang-config"><Directory /www/docs>
AuthType Basic
AuthName Documents
AuthBasicProvider file
<Directory /www/docs/ab/gamma>
Require group gamma
-</Directory>
- </pre>
+</Directory></pre>
</div>
and <code class="directive"><a href="../mod/mod_authz_groupfile.html#authgroupfile">AuthGroupFile</a></code> (to
define users and groups) in order to work correctly. Example:</p>
- <pre class="prettyprint lang-config">
-AuthType Basic
+ <pre class="prettyprint lang-config">AuthType Basic
AuthName "Restricted Resource"
AuthBasicProvider file
AuthUserFile /web/users
AuthGroupFile /web/groups
-Require group admin
- </pre>
+Require group admin</pre>
<p>Access controls which are applied in this way are effective for
and <code>beta</code> groups are authorized, except for those who
are also in the <code>reject</code> group.</p>
- <pre class="prettyprint lang-config">
-<Directory /www/docs>
+ <pre class="prettyprint lang-config"><Directory /www/docs>
<RequireAll>
Require group alpha beta
Require not group reject
</RequireAll>
-</Directory>
- </pre>
+</Directory></pre>
<p>When multiple <code class="directive">Require</code> directives are
l'utilisateur ne doit appartenir ni au groupe <code>temps</code>, ni
au groupe LDAP <code>Employés temporaires</code>.</p>
- <pre class="prettyprint lang-config">
-<Directory /www/mydocs>
+ <pre class="prettyprint lang-config"><Directory /www/mydocs>
<RequireAll>
<RequireAny>
Require user superadmin
Require ldap-group cn=Employés temporaires,o=Airius
</RequireNone>
</RequireAll>
-</Directory>
- </pre>
+</Directory></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<code>User-Agent</code> (type de navigateur), <code>Referer</code>,
entre autres.</p>
- <pre class="prettyprint lang-config">
-SetEnvIf User-Agent ^KnockKnock/2\.0 let_me_in
+ <pre class="prettyprint lang-config">SetEnvIf User-Agent ^KnockKnock/2\.0 let_me_in
<Directory /docroot>
Require env let_me_in
-</Directory>
- </pre>
+</Directory></pre>
<p>Avec cet exemple, les navigateurs dont la chaîne user-agent
sont : 'granted' ou 'denied'. Les exemples suivants autorisent ou
interdisent l'accès à toutes les requêtes.</p>
- <pre class="prettyprint lang-config">
- Require all granted
- </pre>
+ <pre class="prettyprint lang-config"> Require all granted</pre>
- <pre class="prettyprint lang-config">
- Require all denied
- </pre>
+ <pre class="prettyprint lang-config"> Require all denied</pre>
<p>Dans l'exemple suivant, seules les méthodes GET, HEAD, POST, et
OPTIONS sont autorisées :</p>
- <pre class="prettyprint lang-config">
- Require method GET POST OPTIONS
- </pre>
+ <pre class="prettyprint lang-config"> Require method GET POST OPTIONS</pre>
<p>Dans l'exemple suivant, les méthodes GET, HEAD, POST, et OPTIONS
sont autorisées sans authentification, alors que toutes les autres
méthodes nécessitent un utilisateur valide :</p>
- <pre class="prettyprint lang-config">
-<RequireAny>
- Require method GET POST OPTIONS
- Require valid-user
-</RequireAny>
- </pre>
+ <pre class="prettyprint lang-config"><RequireAny>
+ Require method GET POST OPTIONS
+ Require valid-user
+</RequireAny></pre>
<p>Le fournisseur <code>expr</code> permet d'accorder l'autorisation
d'accès en fonction d'expressions arbitraires.</p>
- <pre class="prettyprint lang-config">
- Require expr "%{TIME_HOUR} -ge 9 && %{TIME_HOUR} -le 17"
- </pre>
+ <pre class="prettyprint lang-config"> Require expr "%{TIME_HOUR} -ge 9 && %{TIME_HOUR} -le 17"</pre>
<p>La syntaxe de l'expression est décrite dans la documentation de <a href="../expr.html">ap_expr</a>.</p>
serveurs ldap :
</p>
- <pre class="prettyprint lang-config">
-<AuthzProviderAlias ldap-group ldap-group-alias1 cn=my-group,o=ctx>
+ <pre class="prettyprint lang-config"><AuthzProviderAlias ldap-group ldap-group-alias1 cn=my-group,o=ctx>
AuthLDAPBindDN cn=youruser,o=ctx
AuthLDAPBindPassword yourpassword
AuthLDAPURL ldap://ldap.host/o=ctx
#Opération logique implicite : OU inclusif
Require ldap-group-alias1
Require ldap-group-alias2
-</Directory>
- </pre>
+</Directory></pre>
appartenant au groupe <code>gamma</code> sont autorisés à accéder à
<code>/www/docs/ab/gamma</code>.</div>
- <pre class="prettyprint lang-config">
-<Directory /www/docs>
+ <pre class="prettyprint lang-config"><Directory /www/docs>
AuthType Basic
AuthName Documents
AuthBasicProvider file
<Directory /www/docs/ab/gamma>
Require group gamma
-</Directory>
- </pre>
+</Directory></pre>
</div>
de directives telles que <code class="directive"><a href="../mod/mod_authn_file.html#authuserfile">AuthUserFile</a></code> et <code class="directive"><a href="../mod/mod_authz_groupfile.html#authgroupfile">AuthGroupFile</a></code> (pour la
définition des utilisateurs et des groupes). Exemple :</p>
- <pre class="prettyprint lang-config">
-AuthType Basic
+ <pre class="prettyprint lang-config">AuthType Basic
AuthName "Restricted Resource"
AuthBasicProvider file
AuthUserFile /web/users
AuthGroupFile /web/groups
-Require group admin
- </pre>
+Require group admin</pre>
<p>Les contrôles d'accès appliqués de cette manière sont effectifs
d'accès, à l'exception de ceux appartenant au groupe
<code>reject</code>.</p>
- <pre class="prettyprint lang-config">
-<Directory /www/docs>
+ <pre class="prettyprint lang-config"><Directory /www/docs>
<RequireAll>
Require group alpha beta
Require not group reject
</RequireAll>
-</Directory>
- </pre>
+</Directory></pre>
<p>Lorsque plusieurs directives <code class="directive">Require</code> sont
<p>This directive specifies group membership that is required for the
user to gain access.</p>
- <pre class="prettyprint lang-config">
- Require dbd-group team
- AuthzDBDQuery "SELECT group FROM authz WHERE user = %s"
- </pre>
+ <pre class="prettyprint lang-config"> Require dbd-group team
+ AuthzDBDQuery "SELECT group FROM authz WHERE user = %s"</pre>
<p>This directive specifies a query to be run indicating the user
has logged in.</p>
- <pre class="prettyprint lang-config">
- Require dbd-login
- AuthzDBDQuery "UPDATE authn SET login = 'true' WHERE user = %s"
- </pre>
+ <pre class="prettyprint lang-config"> Require dbd-login
+ AuthzDBDQuery "UPDATE authn SET login = 'true' WHERE user = %s"</pre>
<p>This directive specifies a query to be run indicating the user
has logged out.</p>
- <pre class="prettyprint lang-config">
- Require dbd-logout
- AuthzDBDQuery "UPDATE authn SET login = 'false' WHERE user = %s"
- </pre>
+ <pre class="prettyprint lang-config"> Require dbd-logout
+ AuthzDBDQuery "UPDATE authn SET login = 'false' WHERE user = %s"</pre>
<div class="section">
<h2><a name="example" id="example">Configuration example</a></h2>
-<pre class="prettyprint lang-config">
-# mod_dbd configuration
+<pre class="prettyprint lang-config"># mod_dbd configuration
DBDriver pgsql
DBDParams "dbname=apacheauth user=apache pass=xxxxxx"
Require dbd-logout
AuthzDBDQuery "UPDATE authn SET login = 'false' WHERE user = %s"
</Files>
-</Directory>
-</pre>
+</Directory></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
The first column value of each row returned by the query statement
should be a string containing a group name. Zero, one, or more rows
may be returned.
- <pre class="prettyprint lang-config">
-Require dbd-group
-AuthzDBDQuery "SELECT group FROM groups WHERE user = %s"
-</pre>
+ <pre class="prettyprint lang-config">Require dbd-group
+AuthzDBDQuery "SELECT group FROM groups WHERE user = %s"</pre>
</li>
<li>When used with a <code>Require dbd-login</code> or
but will instead execute a SQL statement designed to log the user
in or out. The user must already be authenticated with
<code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code>.
- <pre class="prettyprint lang-config">
-Require dbd-login
-AuthzDBDQuery "UPDATE authn SET login = 'true' WHERE user = %s"
-</pre>
+ <pre class="prettyprint lang-config">Require dbd-login
+AuthzDBDQuery "UPDATE authn SET login = 'true' WHERE user = %s"</pre>
</li>
</ul>
specific to the user. The user's ID will be passed as a single string
parameter when the SQL query is executed. It may be referenced within
the query statement using a <code>%s</code> format specifier.</p>
- <pre class="prettyprint lang-config">
-AuthzDBDRedirectQuery "SELECT userpage FROM userpages WHERE user = %s"
-</pre>
+ <pre class="prettyprint lang-config">AuthzDBDRedirectQuery "SELECT userpage FROM userpages WHERE user = %s"</pre>
<p>The first column value of the first row returned by the query
statement should be a string containing a URL to which to redirect
<p>Cette directive permet de spécifier à quel groupe un utilisateur
doit appartenir pour obtenir l'autorisation d'accès.</p>
- <pre class="prettyprint lang-config">
- Require dbd-group team
- AuthzDBDQuery "SELECT group FROM authz WHERE user = %s"
- </pre>
+ <pre class="prettyprint lang-config"> Require dbd-group team
+ AuthzDBDQuery "SELECT group FROM authz WHERE user = %s"</pre>
<p>Cette directive permet de spécifier une requête à exécuter pour
indiquer que l'utilisateur s'est authentifié.</p>
- <pre class="prettyprint lang-config">
- Require dbd-login
- AuthzDBDQuery "UPDATE authn SET login = 'true' WHERE user = %s"
- </pre>
+ <pre class="prettyprint lang-config"> Require dbd-login
+ AuthzDBDQuery "UPDATE authn SET login = 'true' WHERE user = %s"</pre>
<p>Cette directive permet de spécifier une requête à exécuter pour
indiquer que l'utilisateur s'est déconnecté.</p>
- <pre class="prettyprint lang-config">
- Require dbd-logout
- AuthzDBDQuery "UPDATE authn SET login = 'false' WHERE user = %s"
- </pre>
+ <pre class="prettyprint lang-config"> Require dbd-logout
+ AuthzDBDQuery "UPDATE authn SET login = 'false' WHERE user = %s"</pre>
<div class="section">
<h2><a name="example" id="example">Exemple de configuration</a></h2>
-<pre class="prettyprint lang-config">
-# configuration de mod_dbd
+<pre class="prettyprint lang-config"># configuration de mod_dbd
DBDriver pgsql
DBDParams "dbname=apacheauth user=apache pass=xxxxxx"
Require dbd-logout
AuthzDBDQuery "UPDATE authn SET login = 'false' WHERE user = %s"
</Files>
-</Directory>
-</pre>
+</Directory></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
doit contenir une chaîne de caractères correspondant à un nom de
groupe. La requête peut renvoyer zéro, un ou plusieurs
enregistrements.
- <pre class="prettyprint lang-config">
-Require dbd-group
-AuthzDBDQuery "SELECT group FROM groups WHERE user = %s"
-</pre>
+ <pre class="prettyprint lang-config">Require dbd-group
+AuthzDBDQuery "SELECT group FROM groups WHERE user = %s"</pre>
</li>
<li>Avec la directive <code>Require dbd-login</code> ou
mais au contraire exécutera une requête SQL permettant d'enregistrer
la connexion ou la déconnexion de l'utilisateur. Ce dernier doit
être déjà authentifié avec <code class="module"><a href="../mod/mod_authn_dbd.html">mod_authn_dbd</a></code>.
- <pre class="prettyprint lang-config">
-Require dbd-login
-AuthzDBDQuery "UPDATE authn SET login = 'true' WHERE user = %s"
-</pre>
+ <pre class="prettyprint lang-config">Require dbd-login
+AuthzDBDQuery "UPDATE authn SET login = 'true' WHERE user = %s"</pre>
</li>
</ul>
forme d'une simple chaîne lorsque la requête SQL sera exécutée. Il y
sera fait référence dans la requête en utilisant le spécificateur de
format <code>%s</code>.</p>
- <pre class="prettyprint lang-config">
-AuthzDBDRedirectQuery "SELECT userpage FROM userpages WHERE user = %s"
-</pre>
+ <pre class="prettyprint lang-config">AuthzDBDRedirectQuery "SELECT userpage FROM userpages WHERE user = %s"</pre>
<p>La première colonne du premier enregistrement renvoyé par la
requête doit contenir une chaîne de caractères correspondant à une
<p>This directive specifies group membership that is required for the
user to gain access.</p>
- <pre class="prettyprint lang-config">
- Require dbm-group admin
- </pre>
+ <pre class="prettyprint lang-config"> Require dbm-group admin</pre>
<p>When this directive is specified, the user must be a member of the group
assigned to the file being accessed.</p>
- <pre class="prettyprint lang-config">
- Require dbm-file-group
- </pre>
+ <pre class="prettyprint lang-config"> Require dbm-file-group</pre>
<p><em>Note that using mod_authz_dbm requires you to require <code>dbm-group</code>
instead of <code>group</code>:</em>
</p>
-<pre class="prettyprint lang-config">
-<Directory "/foo/bar">
+<pre class="prettyprint lang-config"><Directory "/foo/bar">
AuthType Basic
AuthName "Secure Area"
AuthBasicProvider dbm
AuthDBMUserFile site/data/users
AuthDBMGroupFile site/data/users
Require dbm-group admin
-</Directory>
-</pre>
+</Directory></pre>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
accomplished by first setting the group and password files to
point to the same DBM:</p>
- <pre class="prettyprint lang-config">
-AuthDBMGroupFile /www/userbase
-AuthDBMUserFile /www/userbase
- </pre>
+ <pre class="prettyprint lang-config">AuthDBMGroupFile /www/userbase
+AuthDBMUserFile /www/userbase</pre>
<p>The key for the single DBM is the username. The value consists
<p>Cette directive permet de spécifier à quel groupe un utilisateur
doit appartenir pour obtenir l'autorisation d'accès.</p>
- <pre class="prettyprint lang-config">
- Require dbm-group admin
- </pre>
+ <pre class="prettyprint lang-config"> Require dbm-group admin</pre>
<p>Lorsque cette directive est définie, l'utilisateur doit
appartenir au groupe du fichier pour pouvoir y accéder.</p>
- <pre class="prettyprint lang-config">
- Require dbm-file-group
- </pre>
+ <pre class="prettyprint lang-config"> Require dbm-file-group</pre>
groupes d'authentification qui était auparavant <code>group</code> est
maintenant <code>dbm-group</code> :</em>
</p>
-<pre class="prettyprint lang-config">
-<Directory "/foo/bar">
+<pre class="prettyprint lang-config"><Directory "/foo/bar">
AuthType Basic
AuthName "Secure Area"
AuthBasicProvider dbm
AuthDBMUserFile site/data/users
AuthDBMGroupFile site/data/users
Require dbm-group admin
-</Directory>
-</pre>
+</Directory></pre>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
à verrouiller. Pour ce faire, on attribue le même nom de fichier
DBM aux fichiers de groupes et de mots de passe :</p>
- <pre class="prettyprint lang-config">
-AuthDBMGroupFile /www/userbase
-AuthDBMUserFile /www/userbase
- </pre>
+ <pre class="prettyprint lang-config">AuthDBMGroupFile /www/userbase
+AuthDBMUserFile /www/userbase</pre>
<p>La clé du fichier DBM unique est le nom d'utilisateur. La
<p>This directive specifies group membership that is required for the
user to gain access.</p>
- <pre class="prettyprint lang-config">
- Require group admin
- </pre>
+ <pre class="prettyprint lang-config"> Require group admin</pre>
<p>When this directive is specified, the user must be a member of the group
assigned to the file being accessed.</p>
- <pre class="prettyprint lang-config">
- Require file-group
- </pre>
+ <pre class="prettyprint lang-config"> Require file-group</pre>
<p>Cette directive permet de spécifier à quel groupe un utilisateur
doit appartenir pour obtenir l'autorisation d'accès.</p>
- <pre class="prettyprint lang-config">
- Require group admin
- </pre>
+ <pre class="prettyprint lang-config"> Require group admin</pre>
<p>Lorsque cette directive est définie, l'utilisateur doit
appartenir au groupe du fichier pour pouvoir y accéder.</p>
- <pre class="prettyprint lang-config">
- Require file-group
- </pre>
+ <pre class="prettyprint lang-config"> Require file-group</pre>
<p>A full IP address:</p>
- <pre class="prettyprint lang-config">
-Require ip 10.1.2.3
-Require ip 192.168.1.104 192.168.1.205
- </pre>
+ <pre class="prettyprint lang-config">Require ip 10.1.2.3
+Require ip 192.168.1.104 192.168.1.205</pre>
<p>An IP address of a host allowed access</p>
<p>A partial IP address:</p>
- <pre class="prettyprint lang-config">
-Require ip 10.1
-Require ip 10 172.20 192.168.2
- </pre>
+ <pre class="prettyprint lang-config">Require ip 10.1
+Require ip 10 172.20 192.168.2</pre>
<p>The first 1 to 3 bytes of an IP address, for subnet
restriction.</p>
<p>A network/netmask pair:</p>
- <pre class="prettyprint lang-config">
- Require ip 10.1.0.0/255.255.0.0
- </pre>
+ <pre class="prettyprint lang-config"> Require ip 10.1.0.0/255.255.0.0</pre>
<p>A network a.b.c.d, and a netmask w.x.y.z. For more
fine-grained subnet restriction.</p>
<p>A network/nnn CIDR specification:</p>
- <pre class="prettyprint lang-config">
- Require ip 10.1.0.0/16
- </pre>
+ <pre class="prettyprint lang-config"> Require ip 10.1.0.0/16</pre>
<p>Similar to the previous case, except the netmask consists of
nnn high-order 1 bits.</p>
<p>IPv6 addresses and IPv6 subnets can be specified as shown
below:</p>
- <pre class="prettyprint lang-config">
-Require ip 2001:db8::a00:20ff:fea7:ccea
-Require ip 2001:db8::a00:20ff:fea7:ccea/10
- </pre>
+ <pre class="prettyprint lang-config">Require ip 2001:db8::a00:20ff:fea7:ccea
+Require ip 2001:db8::a00:20ff:fea7:ccea/10</pre>
<p>Note: As the IP addresses are parsed on startup, expressions are
<p>A (partial) domain-name</p>
- <pre class="prettyprint lang-config">
-Require host example.org
-Require host .net example.edu
- </pre>
+ <pre class="prettyprint lang-config">Require host example.org
+Require host .net example.edu</pre>
<p>Hosts whose names match, or end in, this string are allowed
<p>This allows a convenient way to match connections that originate from
the local host:</p>
- <pre class="prettyprint lang-config">
- Require local
- </pre>
+ <pre class="prettyprint lang-config"> Require local</pre>
<p>Une adresse IP complète :</p>
- <pre class="prettyprint lang-config">
-Require ip 10.1.2.3
-Require ip 192.168.1.104 192.168.1.205
- </pre>
+ <pre class="prettyprint lang-config">Require ip 10.1.2.3
+Require ip 192.168.1.104 192.168.1.205</pre>
<p>L'adresse IP d'un hôte pour qui l'accès est accordé</p>
<p>Une adresse IP partielle :</p>
- <pre class="prettyprint lang-config">
-Require ip 10.1
-Require ip 10 172.20 192.168.2
- </pre>
+ <pre class="prettyprint lang-config">Require ip 10.1
+Require ip 10 172.20 192.168.2</pre>
<p>Les 1 à 3 premiers octets d'une adresse IP, pour une restriction
à un sous-réseau.</p>
<p>Une paire réseau/masque de sous-réseau :</p>
- <pre class="prettyprint lang-config">
- Require ip 10.1.0.0/255.255.0.0
- </pre>
+ <pre class="prettyprint lang-config"> Require ip 10.1.0.0/255.255.0.0</pre>
<p>Un réseau a.b.c.d, et un masque de sous-réseau w.x.y.z. pour une
restriction de sous-réseau plus fine.</p>
<p>Une spécification CIDR réseau/nnn :</p>
- <pre class="prettyprint lang-config">
- Require ip 10.1.0.0/16
- </pre>
+ <pre class="prettyprint lang-config"> Require ip 10.1.0.0/16</pre>
<p>Identique au cas précédent, excepté que le masque de sous-réseau
représente les nnn premiers bits de poids fort.</p>
<p>On peut spécifier des adresses et des sous-réseaux IPv6 comme
suit :</p>
- <pre class="prettyprint lang-config">
-Require ip 2001:db8::a00:20ff:fea7:ccea
-Require ip 2001:db8::a00:20ff:fea7:ccea/10
- </pre>
+ <pre class="prettyprint lang-config">Require ip 2001:db8::a00:20ff:fea7:ccea
+Require ip 2001:db8::a00:20ff:fea7:ccea/10</pre>
<p>Note: comme les adresses IP sont lues au démarrage, les
<p>Un nom de domaine (éventuellement partiel)</p>
- <pre class="prettyprint lang-config">
-Require host example.org
-Require host .net example.edu
- </pre>
+ <pre class="prettyprint lang-config">Require host example.org
+Require host .net example.edu</pre>
<p>Les hôtes dont les noms correspondent ou se terminent par la
<p>L'exemple suivant montre une méthode simple pour sélectionner les
connexions en provenance de l'hôte local :</p>
- <pre class="prettyprint lang-config">
- Require local
- </pre>
+ <pre class="prettyprint lang-config"> Require local</pre>
files in <code>/home/smith/public_html/private</code> unless they
were owned by <code>jones</code> instead of <code>smith</code>.</p>
- <pre class="prettyprint lang-config">
-<Directory /home/*/public_html/private>
+ <pre class="prettyprint lang-config"><Directory /home/*/public_html/private>
AuthType Basic
AuthName MyPrivateFiles
AuthBasicProvider dbm
AuthDBMUserFile /usr/local/apache2/etc/.htdbm-all
Require file-owner
-</Directory>
- </pre>
+</Directory></pre>
authorized to access the <code>project-foo</code> directories of
each other.</p>
- <pre class="prettyprint lang-config">
-<Directory /home/*/public_html/project-foo>
+ <pre class="prettyprint lang-config"><Directory /home/*/public_html/project-foo>
AuthType Basic
AuthName "Project Foo Files"
AuthBasicProvider dbm
Satisfy All
Require file-group
-</Directory>
- </pre>
+</Directory></pre>
</div>
propriétaire ne soit <code>jones</code> au lieu de
<code>smith</code>.</p>
- <pre class="prettyprint lang-config">
-<Directory /home/*/public_html/private>
+ <pre class="prettyprint lang-config"><Directory /home/*/public_html/private>
AuthType Basic
AuthName MyPrivateFiles
AuthBasicProvider dbm
AuthDBMUserFile /usr/local/apache2/etc/.htdbm-all
Require file-owner
-</Directory>
- </pre>
+</Directory></pre>
<code>foo</code>, ils seront autorisés à accéder aux
répertoires <code>project-foo</code> de chacun d'entre eux.</p>
- <pre class="prettyprint lang-config">
-<Directory /home/*/public_html/project-foo>
+ <pre class="prettyprint lang-config"><Directory /home/*/public_html/project-foo>
AuthType Basic
AuthName "Project Foo Files"
AuthBasicProvider dbm
Satisfy All
Require file-group
-</Directory>
- </pre>
+</Directory></pre>
</div>
<p>This directive specifies a list of users that are allowed to gain
access.</p>
- <pre class="prettyprint lang-config">
- Require user john paul george ringo
- </pre>
+ <pre class="prettyprint lang-config"> Require user john paul george ringo</pre>
<p>When this directive is specified, any successfully authenticated
user will be allowed to gain access.</p>
- <pre class="prettyprint lang-config">
- Require valid-user
- </pre>
+ <pre class="prettyprint lang-config"> Require valid-user</pre>
<p>Cette directive permet de spécifier une liste d'utilisateurs
autorisés à accéder à la ressource.</p>
- <pre class="prettyprint lang-config">
- Require user john paul george ringo
- </pre>
+ <pre class="prettyprint lang-config"> Require user john paul george ringo</pre>
<p>Lorsque cette directive est définie, tout utilisateur qui s'est
authentifié avec succès aura l'autorisation d'accès à la ressource.</p>
- <pre class="prettyprint lang-config">
- Require valid-user
- </pre>
+ <pre class="prettyprint lang-config"> Require valid-user</pre>
is displayed if the client is image-incapable, has image loading
disabled, or fails to retrieve the icon.</p>
- <pre class="prettyprint lang-config">
-AddAlt "PDF file" *.pdf
-AddAlt Compressed *.gz *.zip *.Z
- </pre>
+ <pre class="prettyprint lang-config">AddAlt "PDF file" *.pdf
+AddAlt Compressed *.gz *.zip *.Z</pre>
</div>
This alternate text is displayed if the client is image-incapable,
has image loading disabled, or fails to retrieve the icon.</p>
- <pre class="prettyprint lang-config">
- AddAltByEncoding gzip x-gzip
- </pre>
+ <pre class="prettyprint lang-config"> AddAltByEncoding gzip x-gzip</pre>
</div>
This alternate text is displayed if the client is image-incapable,
has image loading disabled, or fails to retrieve the icon.</p>
- <pre class="prettyprint lang-config">
- AddAltByType 'plain text' text/plain
- </pre>
+ <pre class="prettyprint lang-config"> AddAltByType 'plain text' text/plain</pre>
</div>
expression or full filename for files to describe.
<var>String</var> is enclosed in double quotes (<code>"</code>).</p>
- <pre class="prettyprint lang-config">
-AddDescription "The planet Mars" mars.gif
-AddDescription "My friend Marshall" friends/mars.gif
- </pre>
+ <pre class="prettyprint lang-config">AddDescription "The planet Mars" mars.gif
+AddDescription "My friend Marshall" friends/mars.gif</pre>
<p>The typical, default description field is 23 bytes wide. 6
is unnecessary if you're using <code>IndexOptions
HTMLTable</code>.</p>
- <pre class="prettyprint lang-config">
-#Examples
+ <pre class="prettyprint lang-config">#Examples
AddIcon (IMG,/icons/image.png) .gif .jpg .png
AddIcon /icons/dir.png ^^DIRECTORY^^
-AddIcon /icons/backup.png *~
- </pre>
+AddIcon /icons/backup.png *~</pre>
<p><code class="directive"><a href="#addiconbytype">AddIconByType</a></code>
<p><var>MIME-encoding</var> is a valid content-encoding, such as
<code>x-compress</code>.</p>
- <pre class="prettyprint lang-config">
- AddIconByEncoding /icons/compress.png x-compress
- </pre>
+ <pre class="prettyprint lang-config"> AddIconByEncoding /icons/compress.png x-compress</pre>
</div>
<p><var>MIME-type</var> is a wildcard expression matching
required the mime types.</p>
- <pre class="prettyprint lang-config">
- AddIconByType (IMG,/icons/image.png) image/*
- </pre>
+ <pre class="prettyprint lang-config"> AddIconByType (IMG,/icons/image.png) image/*</pre>
</div>
<var>Url-path</var> is a (%-escaped) relative URL to the icon,
or a fully qualified remote URL.</p>
- <pre class="prettyprint lang-config">
- DefaultIcon /icon/unknown.png
- </pre>
+ <pre class="prettyprint lang-config"> DefaultIcon /icon/unknown.png</pre>
</div>
of the file that will be inserted at the top of the index
listing. <var>Filename</var> is the name of the file to include.</p>
- <pre class="prettyprint lang-config">
- HeaderName HEADER.html
- </pre>
+ <pre class="prettyprint lang-config"> HeaderName HEADER.html</pre>
<div class="note">
access the directory being indexed. If <var>Filename</var> begins
with a slash, it will be taken to be relative to the <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code>.</p>
- <pre class="prettyprint lang-config">
- HeaderName /include/HEADER.html
- </pre>
+ <pre class="prettyprint lang-config"> HeaderName /include/HEADER.html</pre>
<p><var>Filename</var> must resolve to a document with a major
actual file type (as opposed to its output) is marked as
<code>text/html</code> such as with a directive like:</p>
- <pre class="prettyprint lang-config">
- AddType text/html .cgi
- </pre>
+ <pre class="prettyprint lang-config"> AddType text/html .cgi</pre>
<p><a href="../content-negotiation.html">Content negotiation</a>
<p>The <code class="directive">IndexHeadInsert</code> directive specifies a
string to insert in the <var><head></var> section of the HTML
generated for the index page.</p>
- <pre class="prettyprint lang-config">
- IndexHeadInsert "<link rel=\"sitemap\" href=\"/sitemap.html\">"
- </pre>
+ <pre class="prettyprint lang-config"> IndexHeadInsert "<link rel=\"sitemap\" href=\"/sitemap.html\">"</pre>
</div>
files. By default, the list contains <code>.</code> (the current
directory).</p>
- <pre class="prettyprint lang-config">
- IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
- </pre>
+ <pre class="prettyprint lang-config"> IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t</pre>
<div class="note"><h3>Regular Expressions</h3>
any files ignored by <code class="directive">IndexIgnore</code> otherwise
inherited from other configuration sections. </p>
- <pre class="prettyprint lang-config">
-<Directory /var/www>
+ <pre class="prettyprint lang-config"><Directory /var/www>
IndexIgnore *.bak .??* *~ *# HEADER* README* RCS CVS *,v *,t
</Directory>
<Directory /var/www/backups>
IndexIgnoreReset ON
IndexIgnore .??* *# HEADER* README* RCS CVS *,v *,t
-</Directory>
- </pre>
+</Directory></pre>
<div class="warning"><p> Review the default configuration for a list of
(It depends on whether the underlying file system
uses Unicode filenames or not.)
- <pre class="prettyprint lang-config">
- IndexOptions Charset=UTF-8
- </pre>
+ <pre class="prettyprint lang-config"> IndexOptions Charset=UTF-8</pre>
</dd>
specify the MIME content-type of the generated page. The default
is <var>text/html</var>.
- <pre class="prettyprint lang-config">
- IndexOptions Type=text/plain
- </pre>
+ <pre class="prettyprint lang-config"> IndexOptions Type=text/plain</pre>
</dd>
<li>Multiple <code class="directive">IndexOptions</code> directives for a
single directory are now merged together. The result of:
- <pre class="prettyprint lang-config">
-<Directory /foo>
+ <pre class="prettyprint lang-config"><Directory /foo>
IndexOptions HTMLTable
IndexOptions SuppressColumnsorting
-</Directory>
- </pre>
+</Directory></pre>
<p>will be the equivalent of</p>
- <pre class="prettyprint lang-config">
- IndexOptions HTMLTable SuppressColumnsorting
- </pre>
+ <pre class="prettyprint lang-config"> IndexOptions HTMLTable SuppressColumnsorting</pre>
</li>
clears all inherited options and any incremental settings encountered
so far. Consider the following example:</p>
- <pre class="prettyprint lang-config">
-IndexOptions +ScanHTMLTitles -IconsAreLinks FancyIndexing<br />
-IndexOptions +SuppressSize
- </pre>
+ <pre class="prettyprint lang-config">IndexOptions +ScanHTMLTitles -IconsAreLinks FancyIndexing<br />
+IndexOptions +SuppressSize</pre>
<p>The net effect is equivalent to <code>IndexOptions FancyIndexing
<p>The <code class="directive">IndexStyleSheet</code> directive sets the name of
the file that will be used as the CSS for the index listing.
</p>
- <pre class="prettyprint lang-config">
- IndexStyleSheet "/css/style.css"
- </pre>
+ <pre class="prettyprint lang-config"> IndexStyleSheet "/css/style.css"</pre>
<p>Using this directive in conjunction with <code>IndexOptions
relative to the <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code>.
</p>
- <pre class="prettyprint lang-config">
-# Example 1
-ReadmeName FOOTER.html
- </pre>
+ <pre class="prettyprint lang-config"># Example 1
+ReadmeName FOOTER.html</pre>
- <pre class="prettyprint lang-config">
-# Example 2
-ReadmeName /include/FOOTER.html
- </pre>
+ <pre class="prettyprint lang-config"># Example 2
+ReadmeName /include/FOOTER.html</pre>
<p>See also <code class="directive"><a href="#headername">HeaderName</a></code>, where this behavior is described in greater
peut pas afficher d'images, si le chargement d'images est désactivé
ou si l'icône ne peut pas être trouvé.</p>
- <pre class="prettyprint lang-config">
-AddAlt "PDF file" *.pdf
-AddAlt Compressed *.gz *.zip *.Z
- </pre>
+ <pre class="prettyprint lang-config">AddAlt "PDF file" *.pdf
+AddAlt Compressed *.gz *.zip *.Z</pre>
</div>
peut pas afficher d'images, si le chargement d'images est désactivé
ou si l'icône ne peut pas être trouvé.</p>
- <pre class="prettyprint lang-config">
- AddAltByEncoding gzip x-gzip
- </pre>
+ <pre class="prettyprint lang-config"> AddAltByEncoding gzip x-gzip</pre>
</div>
peut pas afficher d'images, si le chargement d'images est désactivé
ou si l'icône ne peut pas être trouvé.</p>
- <pre class="prettyprint lang-config">
- AddAltByType 'Fichier texte' text/plain
- </pre>
+ <pre class="prettyprint lang-config"> AddAltByType 'Fichier texte' text/plain</pre>
</div>
<var>texte</var> doit être entouré de guillemets
(<code>"</code>).</p>
- <pre class="prettyprint lang-config">
-AddDescription "The planet Mars" mars.gif
-AddDescription "My friend Marshall" friends/mars.gif
- </pre>
+ <pre class="prettyprint lang-config">AddDescription "The planet Mars" mars.gif
+AddDescription "My friend Marshall" friends/mars.gif</pre>
<p>La taille par défaut, habituelle du champ de description est de
et n'est donc pas nécessaire si vous utilisez <code>IndexOptions
HTMLTable</code>.</p>
- <pre class="prettyprint lang-config">
-#Examples
+ <pre class="prettyprint lang-config">#Examples
AddIcon (IMG,/icons/image.png) .gif .jpg .png
AddIcon /icons/dir.png ^^DIRECTORY^^
-AddIcon /icons/backup.png *~
- </pre>
+AddIcon /icons/backup.png *~</pre>
<p>Lorsque c'est possible, il est préférable d'utiliser <code class="directive"><a href="#addiconbytype">AddIconByType</a></code> plutôt que
<p><var>codage MIME</var> doit être un codage valide, comme
<code>x-compress</code>.</p>
- <pre class="prettyprint lang-config">
- AddIconByEncoding /icons/compress.png x-compress
- </pre>
+ <pre class="prettyprint lang-config"> AddIconByEncoding /icons/compress.png x-compress</pre>
</div>
<p><var>type MIME</var> est une expression avec caractères
génériques représentant le type MIME.</p>
- <pre class="prettyprint lang-config">
- AddIconByType (IMG,/icons/image.png) image/*
- </pre>
+ <pre class="prettyprint lang-config"> AddIconByType (IMG,/icons/image.png) image/*</pre>
</div>
<var>chemin URL</var> est une URL relative (échappée par des
caractères '%') vers l'icône ou une URL pleinement qualifiée.</p>
- <pre class="prettyprint lang-config">
- DefaultIcon /icon/unknown.png
- </pre>
+ <pre class="prettyprint lang-config"> DefaultIcon /icon/unknown.png</pre>
</div>
le nom du fichier qui sera inséré au début de la page contenant
l'index. <var>nom fichier</var> est le nom du fichier à inclure.</p>
- <pre class="prettyprint lang-config">
- HeaderName HEADER.html
- </pre>
+ <pre class="prettyprint lang-config"> HeaderName HEADER.html</pre>
<div class="note">
considéré comme relatif au répertoire défini par la directive
<code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code>.</p>
- <pre class="prettyprint lang-config">
- HeaderName /include/HEADER.html
- </pre>
+ <pre class="prettyprint lang-config"> HeaderName /include/HEADER.html</pre>
<p><var>nom fichier</var> doit correspondre à un document dont le
sortie) est marqué comme <code>text/html</code> par exemple à
l'aide d'une directive comme :</p>
- <pre class="prettyprint lang-config">
- AddType text/html .cgi
- </pre>
+ <pre class="prettyprint lang-config"> AddType text/html .cgi</pre>
<p>Une <a href="../content-negotiation.html">négociation de
spécifier une chaîne de caractères à insérer dans la section
<var><head></var> du code HTML généré pour la page
d'index.</p>
- <pre class="prettyprint lang-config">
- IndexHeadInsert "<link rel=\"sitemap\" href=\"/sitemap.html\">"
- </pre>
+ <pre class="prettyprint lang-config"> IndexHeadInsert "<link rel=\"sitemap\" href=\"/sitemap.html\">"</pre>
</div>
ignorer. Par défaut, la liste contient <code>.</code> (le répertoire
courant).</p>
- <pre class="prettyprint lang-config">
- IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
- </pre>
+ <pre class="prettyprint lang-config"> IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t</pre>
<div class="note"><h3>Expressions rationnelles</h3>
<code class="directive">IndexIgnore</code> et héritée par ailleurs d'autres
sections de configuration.</p>
- <pre class="prettyprint lang-config">
-<Directory /var/www>
+ <pre class="prettyprint lang-config"><Directory /var/www>
IndexIgnore *.bak .??* *~ *# HEADER* README* RCS CVS *,v *,t
</Directory>
<Directory /var/www/backups>
IndexIgnoreReset ON
IndexIgnore .??* *# HEADER* README* RCS CVS *,v *,t
-</Directory>
- </pre>
+</Directory></pre>
<div class="warning"><p>Revoyez la configuration par défaut pour une
système de fichiers sous-jacent utilise les noms de fichiers en
Unicode ou non).
- <pre class="prettyprint lang-config">
- IndexOptions Charset=UTF-8
- </pre>
+ <pre class="prettyprint lang-config"> IndexOptions Charset=UTF-8</pre>
</dd>
MIME de la page générée. La valeur par défaut est
<var>text/html</var>.
- <pre class="prettyprint lang-config">
- IndexOptions Type=text/plain
- </pre>
+ <pre class="prettyprint lang-config"> IndexOptions Type=text/plain</pre>
</dd>
apparaissant dans la même section directory sont maintenant
fusionnées. Le résultat de :
- <pre class="prettyprint lang-config">
-<Directory /foo>
+ <pre class="prettyprint lang-config"><Directory /foo>
IndexOptions HTMLTable
IndexOptions SuppressColumnsorting
-</Directory>
- </pre>
+</Directory></pre>
<p>est équivalent à</p>
- <pre class="prettyprint lang-config">
- IndexOptions HTMLTable SuppressColumnsorting
- </pre>
+ <pre class="prettyprint lang-config"> IndexOptions HTMLTable SuppressColumnsorting</pre>
</li>
définition incrémentale. Considérons l'exemple
suivant :</p>
- <pre class="prettyprint lang-config">
-IndexOptions +ScanHTMLTitles -IconsAreLinks FancyIndexing<br />
-IndexOptions +SuppressSize
- </pre>
+ <pre class="prettyprint lang-config">IndexOptions +ScanHTMLTitles -IconsAreLinks FancyIndexing<br />
+IndexOptions +SuppressSize</pre>
<p>L'effet global est équivalent à l'effet qu'aurait provoqué
définir le nom du fichier qui servira de feuille de style CSS pour
l'index.
</p>
- <pre class="prettyprint lang-config">
- IndexStyleSheet "/css/style.css"
- </pre>
+ <pre class="prettyprint lang-config"> IndexStyleSheet "/css/style.css"</pre>
<p>L'utilisation de cette directive en conjonction avec <code>IndexOptions
comme relatif au répertoire défini par la directive <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code>.
</p>
- <pre class="prettyprint lang-config">
-# Example 1
-ReadmeName FOOTER.html
- </pre>
+ <pre class="prettyprint lang-config"># Example 1
+ReadmeName FOOTER.html</pre>
- <pre class="prettyprint lang-config">
-# Example 2
-ReadmeName /include/FOOTER.html
- </pre>
+ <pre class="prettyprint lang-config"># Example 2
+ReadmeName /include/FOOTER.html</pre>
<p>Voir aussi la directive <code class="directive"><a href="#headername">HeaderName</a></code>, où cette fonctionnalité est décrite plus en
<code class="module"><a href="../mod/mod_autoindex.html">mod_autoindex</a></code> tarafından son argüman olarak ele
alınacak ve çözümleme işlemi o noktada duracaktır.</p>
- <div class="example"><pre>
-<form action="" method="get">
+ <div class="example"><pre><form action="" method="get">
<input type="text" name="P" value="*" /> ile eşleşen
<select name="C">
<option value="N" selected="selected">isme</option>
<code class="directive"><a href="../mod/mod_mime.html#addoutputfilter">AddOutputFilter</a></code> or
<code class="directive"><a href="../mod/mod_filter.html#addoutputfilterbytype">AddOutputFilterByType</a></code> directives.</p>
- <div class="example"><h3>Using buffer with mod_include</h3><pre class="prettyprint lang-config">
- AddOutputFilterByType INCLUDES;BUFFER text/html
- </pre>
+ <div class="example"><h3>Using buffer with mod_include</h3><pre class="prettyprint lang-config"> AddOutputFilterByType INCLUDES;BUFFER text/html</pre>
</div>
<div class="warning">The buffer filters read the request/response into
directives <code class="directive"><a href="../mod/core.html#setinputfilter">SetInputFilter</a></code>,
<code class="directive"><a href="../mod/core.html#setoutputfilter">SetOutputFilter</a></code>, <code class="directive"><a href="../mod/mod_mime.html#addoutputfilter">AddOutputFilter</a></code> ou <code class="directive"><a href="../mod/mod_filter.html#addoutputfilterbytype">AddOutputFilterByType</a></code>.</p>
- <div class="example"><h3>Utilisation d'un tampon avec mod_include</h3><pre class="prettyprint lang-config">
- AddOutputFilterByType INCLUDES;BUFFER text/html
- </pre>
+ <div class="example"><h3>Utilisation d'un tampon avec mod_include</h3><pre class="prettyprint lang-config"> AddOutputFilterByType INCLUDES;BUFFER text/html</pre>
</div>
<div class="warning">Les filtres de mise en tampon lisent la
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="sampleconf" id="sampleconf">Sample Configuration</a></h2>
- <div class="example"><h3>Sample httpd.conf</h3><pre class="prettyprint lang-config">
-#
+ <div class="example"><h3>Sample httpd.conf</h3><pre class="prettyprint lang-config">#
# Sample Cache Configuration
#
LoadModule cache_module modules/mod_cache.so
# When acting as a proxy, don't cache the list of security updates
CacheDisable http://security.update.server/update-list/
-</IfModule>
- </pre>
+</IfModule></pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h3>Example configuration</h3>
- <div class="example"><h3>Enabling the cache lock</h3><pre class="prettyprint lang-config">
-#
+ <div class="example"><h3>Enabling the cache lock</h3><pre class="prettyprint lang-config">#
# Enable the cache lock
#
<IfModule mod_cache.c>
CacheLock on
CacheLockPath /tmp/mod_cache-lock
CacheLockMaxAge 5
-</IfModule>
- </pre>
+</IfModule></pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
place the <strong>CACHE</strong> filter before the <strong>DEFLATE</strong>
filter as in the example below:</p>
- <pre class="prettyprint lang-config">
-# Cache content before optional compression
+ <pre class="prettyprint lang-config"># Cache content before optional compression
CacheQuickHandler off
-AddOutputFilterByType CACHE;DEFLATE text/plain
- </pre>
+AddOutputFilterByType CACHE;DEFLATE text/plain</pre>
<p>Another option is to have content cached before personalisation is applied
example templates containing tags understood by
<code class="module"><a href="../mod/mod_include.html">mod_include</a></code> are cached before being parsed:</p>
- <pre class="prettyprint lang-config">
-# Cache content before mod_include and mod_deflate
+ <pre class="prettyprint lang-config"># Cache content before mod_include and mod_deflate
CacheQuickHandler off
-AddOutputFilterByType CACHE;INCLUDES;DEFLATE text/html
- </pre>
+AddOutputFilterByType CACHE;INCLUDES;DEFLATE text/html</pre>
<p>You may place the <strong>CACHE</strong> filter anywhere you wish within the
<code class="module"><a href="../mod/mod_include.html">mod_include</a></code>, but before being processed by
<code class="module"><a href="../mod/mod_deflate.html">mod_deflate</a></code>:</p>
- <pre class="prettyprint lang-config">
-# Cache content between mod_include and mod_deflate
+ <pre class="prettyprint lang-config"># Cache content between mod_include and mod_deflate
CacheQuickHandler off
-AddOutputFilterByType INCLUDES;CACHE;DEFLATE text/html
- </pre>
+AddOutputFilterByType INCLUDES;CACHE;DEFLATE text/html</pre>
<div class="warning"><h3>Warning:</h3>If the location of the
<code class="directive"><a href="../mod/mod_log_config.html#logformat">LogFormat</a></code> directive as
follows:</p>
- <pre class="prettyprint lang-config">
- LogFormat "%{cache-status}e ..."
- </pre>
+ <pre class="prettyprint lang-config"> LogFormat "%{cache-status}e ..."</pre>
<p>Based on the caching decision made, the reason is also written to the
<p>This makes it possible to support conditional logging of cached requests
as per the following example:</p>
- <pre class="prettyprint lang-config">
-CustomLog cached-requests.log common env=cache-hit
+ <pre class="prettyprint lang-config">CustomLog cached-requests.log common env=cache-hit
CustomLog uncached-requests.log common env=cache-miss
CustomLog revalidated-requests.log common env=cache-revalidate
-CustomLog invalidated-requests.log common env=cache-invalidate
- </pre>
+CustomLog invalidated-requests.log common env=cache-invalidate</pre>
<p>For module authors, a hook called <var>cache_status</var> is available,
with the document. The value specified with the <code class="directive">CacheMaxExpire</code>
directive does <em>not</em> override this setting.</p>
- <pre class="prettyprint lang-config">
- CacheDefaultExpire 86400
- </pre>
+ <pre class="prettyprint lang-config"> CacheDefaultExpire 86400</pre>
</div>
is used, this directive must appear within a server or virtual host context, otherwise
the setting will be ignored.</p>
- <pre class="prettyprint lang-config">
-# Enable the X-Cache-Detail header
-CacheDetailHeader on
- </pre>
+ <pre class="prettyprint lang-config"># Enable the X-Cache-Detail header
+CacheDetailHeader on</pre>
<div class="example"><p><code>
<code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code> to <em>not</em> cache urls at or below
<var>url-string</var>.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- CacheDisable /local_files
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> CacheDisable /local_files</pre>
</div>
<p>If used in a <code class="directive"><Location></code> directive,
the path needs to be specified below the Location, or if the word "on"
is used, caching for the whole location will be disabled.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-<Location /foo>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"><Location /foo>
CacheDisable on
-</Location>
- </pre>
+</Location></pre>
</div>
<p>The <code>no-cache</code> environment variable can be set to
<p>When acting as a forward proxy server, <var>url-string</var> must
minimally begin with a protocol for which caching should be enabled.</p>
- <pre class="prettyprint lang-config">
-# Cache content (normal handler only)
+ <pre class="prettyprint lang-config"># Cache content (normal handler only)
CacheQuickHandler off
<Location /foo>
CacheEnable disk
CacheEnable disk ftp://
# Cache forward proxy content from www.example.org (normal or quick handler)
-CacheEnable disk http://www.example.org/
- </pre>
+CacheEnable disk http://www.example.org/</pre>
<p>A hostname starting with a <strong>"*"</strong> matches all hostnames with
that suffix. A hostname starting with <strong>"."</strong> matches all
hostnames containing the domain components that follow.</p>
- <pre class="prettyprint lang-config">
-# Match www.example.org, and fooexample.org
+ <pre class="prettyprint lang-config"># Match www.example.org, and fooexample.org
CacheEnable disk http://*example.org/
# Match www.example.org, but not fooexample.org
-CacheEnable disk http://.example.org/
- </pre>
+CacheEnable disk http://.example.org/</pre>
<p> The <code>no-cache</code> environment variable can be set to
server and was not served from cache.</dd>
</dl>
- <pre class="prettyprint lang-config">
-# Enable the X-Cache header
-CacheHeader on
- </pre>
+ <pre class="prettyprint lang-config"># Enable the X-Cache header
+CacheHeader on</pre>
- <pre class="prettyprint lang-config">
- X-Cache: HIT from localhost
- </pre>
+ <pre class="prettyprint lang-config"> X-Cache: HIT from localhost</pre>
tells the server to attempt to serve the resource from the cache even
if the request contains no-cache header values.</p>
- <pre class="prettyprint lang-config">
- CacheIgnoreCacheControl On
- </pre>
+ <pre class="prettyprint lang-config"> CacheIgnoreCacheControl On</pre>
<div class="warning"><h3>Warning:</h3>
behaviour), <code class="directive">CacheIgnoreHeaders</code> can be set to
<code>None</code>.</p>
- <div class="example"><h3>Example 1</h3><pre class="prettyprint lang-config">
- CacheIgnoreHeaders Set-Cookie
- </pre>
+ <div class="example"><h3>Example 1</h3><pre class="prettyprint lang-config"> CacheIgnoreHeaders Set-Cookie</pre>
</div>
- <div class="example"><h3>Example 2</h3><pre class="prettyprint lang-config">
- CacheIgnoreHeaders None
- </pre>
+ <div class="example"><h3>Example 2</h3><pre class="prettyprint lang-config"> CacheIgnoreHeaders None</pre>
</div>
<div class="warning"><h3>Warning:</h3>
<code class="directive">CacheDefaultExpire</code> directive will be used to
generate an expiration date.</p>
- <pre class="prettyprint lang-config">
- CacheIgnoreNoLastMod On
- </pre>
+ <pre class="prettyprint lang-config"> CacheIgnoreNoLastMod On</pre>
</div>
view the request is treated as if having no query string when this
directive is enabled.</p>
- <pre class="prettyprint lang-config">
- CacheIgnoreQueryString On
- </pre>
+ <pre class="prettyprint lang-config"> CacheIgnoreQueryString On</pre>
<p><code>CacheIgnoreURLSessionIdentifiers None</code> clears the list of ignored
identifiers. Otherwise, each identifier is added to the list.</p>
- <div class="example"><h3>Example 1</h3><pre class="prettyprint lang-config">
- CacheIgnoreURLSessionIdentifiers jsessionid
- </pre>
+ <div class="example"><h3>Example 1</h3><pre class="prettyprint lang-config"> CacheIgnoreURLSessionIdentifiers jsessionid</pre>
</div>
- <div class="example"><h3>Example 2</h3><pre class="prettyprint lang-config">
- CacheIgnoreURLSessionIdentifiers None
- </pre>
+ <div class="example"><h3>Example 2</h3><pre class="prettyprint lang-config"> CacheIgnoreURLSessionIdentifiers None</pre>
</div>
should be cached beneath the same cache key, a new base URL can be specified
with this directive.</p>
- <pre class="prettyprint lang-config">
-# Override the base URL of the cache key.
-CacheKeyBaseURL http://www.example.com/
- </pre>
+ <pre class="prettyprint lang-config"># Override the base URL of the cache key.
+CacheKeyBaseURL http://www.example.com/</pre>
<div class="warning">Take care when setting this directive. If two separate virtual
<code class="directive">CacheMaxExpire</code>, then the latter takes
precedence.</p>
- <pre class="prettyprint lang-config">
- CacheLastModifiedFactor 0.5
- </pre>
+ <pre class="prettyprint lang-config"> CacheLastModifiedFactor 0.5</pre>
</div>
<p>In a minimal configuration the following directive is all that is needed to
enable the thundering herd lock in the default run-time file directory.</p>
- <pre class="prettyprint lang-config">
-# Enable cache lock
-CacheLock on
- </pre>
+ <pre class="prettyprint lang-config"># Enable cache lock
+CacheLock on</pre>
<p>Locks consist of empty files that only exist for stale URLs in flight, so this
server. Thus, documents will be out of date at most this number of seconds. This maximum
value is enforced even if an expiry date was supplied with the document.</p>
- <pre class="prettyprint lang-config">
- CacheMaxExpire 604800
- </pre>
+ <pre class="prettyprint lang-config"> CacheMaxExpire 604800</pre>
</div>
server. This is only used if no valid expire time was supplied with the document.</p>
- <pre class="prettyprint lang-config">
- CacheMinExpire 3600
- </pre>
+ <pre class="prettyprint lang-config"> CacheMinExpire 3600</pre>
</div>
slower than the default, it allows the cache to be used in cases where full
processing is required, such as when content is subject to authorization.</p>
- <pre class="prettyprint lang-config">
-# Run cache as a normal handler
-CacheQuickHandler off
- </pre>
+ <pre class="prettyprint lang-config"># Run cache as a normal handler
+CacheQuickHandler off</pre>
<p>It is also possible, when the quick handler is disabled, for the
caching is to be performed, by adding the <strong>CACHE</strong> filter to
the chain.</p>
- <pre class="prettyprint lang-config">
-# Cache content before mod_include and mod_deflate
+ <pre class="prettyprint lang-config"># Cache content before mod_include and mod_deflate
CacheQuickHandler off
-AddOutputFilterByType CACHE;INCLUDES;DEFLATE text/html
- </pre>
+AddOutputFilterByType CACHE;INCLUDES;DEFLATE text/html</pre>
<p>If the CACHE filter is specified more than once, the last instance will
and the raw 5xx responses returned to the client on request, the 5xx response so
returned to the client will not invalidate the content in the cache.</p>
- <pre class="prettyprint lang-config">
-# Serve stale data on error.
-CacheStaleOnError on
- </pre>
+ <pre class="prettyprint lang-config"># Serve stale data on error.
+CacheStaleOnError on</pre>
the origin server, and the response may be fulfilled from cache
if the backend resource has not changed.</p>
- <pre class="prettyprint lang-config">
- CacheStoreExpired On
- </pre>
+ <pre class="prettyprint lang-config"> CacheStoreExpired On</pre>
</div>
tells the server to attempt to cache the resource even if it contains
no-store header values.</p>
- <pre class="prettyprint lang-config">
- CacheStoreNoStore On
- </pre>
+ <pre class="prettyprint lang-config"> CacheStoreNoStore On</pre>
<div class="warning"><h3>Warning:</h3>
tells the server to attempt to cache the resource even if it contains
private header values.</p>
- <pre class="prettyprint lang-config">
- CacheStorePrivate On
- </pre>
+ <pre class="prettyprint lang-config"> CacheStorePrivate On</pre>
<div class="warning"><h3>Warning:</h3>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="sampleconf" id="sampleconf">Exemple de configuration</a></h2>
- <div class="example"><h3>Extrait de httpd.conf</h3><pre class="prettyprint lang-config">
-#
+ <div class="example"><h3>Extrait de httpd.conf</h3><pre class="prettyprint lang-config">#
# Exemple de configuration du cache
#
LoadModule cache_module modules/mod_cache.so
# Lorsqu'on sert de mandataire, on ne met pas en cache la liste
# des mises à jour de sécurité
CacheDisable http://security.update.server/update-list/
-</IfModule>
- </pre>
+</IfModule></pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h3>Exemple de configuration</h3>
- <div class="example"><h3>Activation du verrouillage du cache</h3><pre class="prettyprint lang-config">
-#
+ <div class="example"><h3>Activation du verrouillage du cache</h3><pre class="prettyprint lang-config">#
# Active le verrouillage du cache
#
<IfModule mod_cache.c>
CacheLock on
CacheLockPath /tmp/mod_cache-lock
CacheLockMaxAge 5
-</IfModule>
- </pre>
+</IfModule></pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
avant le filtre <strong>DEFLATE</strong> comme dans l'exemple suivant
:</p>
- <pre class="prettyprint lang-config">
-# Mise en cache du contenu avant la compression optionnelle
+ <pre class="prettyprint lang-config"># Mise en cache du contenu avant la compression optionnelle
CacheQuickHandler off
-AddOutputFilterByType CACHE;DEFLATE text/plain
- </pre>
+AddOutputFilterByType CACHE;DEFLATE text/plain</pre>
<p>Une autre possibilité consiste à mettre en cache le contenu avant
<code class="module"><a href="../mod/mod_include.html">mod_include</a></code> sont mis en cache avant d'être
interprétés :</p>
- <pre class="prettyprint lang-config">
-# Mise en cache du contenu avant l'intervention de mod_include et
+ <pre class="prettyprint lang-config"># Mise en cache du contenu avant l'intervention de mod_include et
# mod_deflate
CacheQuickHandler off
-AddOutputFilterByType CACHE;INCLUDES;DEFLATE text/html
- </pre>
+AddOutputFilterByType CACHE;INCLUDES;DEFLATE text/html</pre>
<p>Vous pouvez insérer le filtre <strong>CACHE</strong> en tout point
en cache après avoir été interprété par <code class="module"><a href="../mod/mod_include.html">mod_include</a></code>,
mais avant d'être traité par <code class="module"><a href="../mod/mod_deflate.html">mod_deflate</a></code> :</p>
- <pre class="prettyprint lang-config">
-# Mise en cache du contenu entre les interventions de mod_include et
+ <pre class="prettyprint lang-config"># Mise en cache du contenu entre les interventions de mod_include et
# mod_deflate
CacheQuickHandler off
-AddOutputFilterByType INCLUDES;CACHE;DEFLATE text/html
- </pre>
+AddOutputFilterByType INCLUDES;CACHE;DEFLATE text/html</pre>
<div class="warning"><h3>Avertissement :</h3>Si pour une raison
interne à la requête sous la clé <strong>cache-status</strong>.
Cette information peut être journalisée via la directive <code class="directive"><a href="../mod/mod_log_config.html#logformat">LogFormat</a></code> comme suit :</p>
- <pre class="prettyprint lang-config">
- LogFormat "%{cache-status}e ..."
- </pre>
+ <pre class="prettyprint lang-config"> LogFormat "%{cache-status}e ..."</pre>
<p>En fonction de la décision prise, l'information est aussi écrite
du traitement des requêtes par rapport au cache comme dans l'exemple
suivant :</p>
- <pre class="prettyprint lang-config">
-CustomLog cached-requests.log common env=cache-hit
+ <pre class="prettyprint lang-config">CustomLog cached-requests.log common env=cache-hit
CustomLog uncached-requests.log common env=cache-miss
CustomLog revalidated-requests.log common env=cache-revalidate
-CustomLog invalidated-requests.log common env=cache-invalidate
- </pre>
+CustomLog invalidated-requests.log common env=cache-invalidate</pre>
<p>Pour les concepteurs de modules, une accroche (hook) nommée
<code class="directive">CacheMaxExpire</code> si cette dernière est
utilisée.</p>
- <pre class="prettyprint lang-config">
- CacheDefaultExpire 86400
- </pre>
+ <pre class="prettyprint lang-config"> CacheDefaultExpire 86400</pre>
</div>
rapide qui est utilisé, elle doit se situer dans un contexte de
serveur principal ou de serveur virtuel, sinon elle sera ignorée.</p>
- <pre class="prettyprint lang-config">
-# Active l'en-tête X-Cache-Detail
-CacheDetailHeader on
- </pre>
+ <pre class="prettyprint lang-config"># Active l'en-tête X-Cache-Detail
+CacheDetailHeader on</pre>
<div class="example"><p><code>
spécifiée par <var>chaîne URL</var>, ainsi que les URLs de niveaux
inférieurs.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
- CacheDisable /fichiers_locaux
- </pre>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"> CacheDisable /fichiers_locaux</pre>
</div>
<p>Si la directive se trouve à l'intérieur d'une section <code class="directive"><Location></code>, le chemin doit être spécifié en
cache sera désactivée pour l'ensemble de l'arborescence concernée
par la section Location.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
-<Location /foo>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"><Location /foo>
CacheDisable on
-</Location>
- </pre>
+</Location></pre>
</div>
<p>Avec les versions 2.2.12 et ultérieures, on peut définir la
URL</var> doit au moins débuter par un protocole pour lequel la mise
en cache doit être activée.</p>
- <pre class="prettyprint lang-config">
-# Mise en cache de contenu (gestionnaire normal seulement)
+ <pre class="prettyprint lang-config"># Mise en cache de contenu (gestionnaire normal seulement)
CacheQuickHandler off
<Location /foo>
CacheEnable disk
CacheEnable disk ftp://
# Mise en cache des contenus mandatés en direct depuis www.example.org (gestionnaire normal ou rapide)
-CacheEnable disk http://www.example.org/
- </pre>
+CacheEnable disk http://www.example.org/</pre>
<p>Un nom d'hôte commençant par un caractère <strong>"*"</strong>
<strong>"."</strong> correspondra à tout nom d'hôte contenant le
composant de nom de domaine qui suit ce caractère.</p>
- <pre class="prettyprint lang-config">
-# Correspond à www.example.org et fooexample.org
+ <pre class="prettyprint lang-config"># Correspond à www.example.org et fooexample.org
CacheEnable disk http://*example.org/
# Correspond à www.example.org, mais pas à fooexample.org
-CacheEnable disk http://.example.org/
- </pre>
+CacheEnable disk http://.example.org/</pre>
<p>Depuis la version 2.2.12, on peut définir la variable
depuis le cache, mais directement depuis le serveur demandé.</dd>
</dl>
- <pre class="prettyprint lang-config">
-# Active l'en-tête X-Cache
-CacheHeader on
- </pre>
+ <pre class="prettyprint lang-config"># Active l'en-tête X-Cache
+CacheHeader on</pre>
- <pre class="prettyprint lang-config">
- X-Cache: HIT from localhost
- </pre>
+ <pre class="prettyprint lang-config"> X-Cache: HIT from localhost</pre>
cache, même si la requête contient un en-tête
no-cache.</p>
- <pre class="prettyprint lang-config">
- CacheIgnoreCacheControl On
- </pre>
+ <pre class="prettyprint lang-config"> CacheIgnoreCacheControl On</pre>
<div class="warning"><h3>Avertissement :</h3>
<code class="directive">CacheIgnoreHeaders</code> peut être définie à
<code>None</code>.</p>
- <div class="example"><h3>Exemple 1</h3><pre class="prettyprint lang-config">
- CacheIgnoreHeaders Set-Cookie
- </pre>
+ <div class="example"><h3>Exemple 1</h3><pre class="prettyprint lang-config"> CacheIgnoreHeaders Set-Cookie</pre>
</div>
- <div class="example"><h3>Exemple 2</h3><pre class="prettyprint lang-config">
- CacheIgnoreHeaders None
- </pre>
+ <div class="example"><h3>Exemple 2</h3><pre class="prettyprint lang-config"> CacheIgnoreHeaders None</pre>
</div>
<div class="warning"><h3>Avertissement :</h3>
d'expiration.
</p>
- <pre class="prettyprint lang-config">
- CacheIgnoreNoLastMod On
- </pre>
+ <pre class="prettyprint lang-config"> CacheIgnoreNoLastMod On</pre>
</div>
traitée comme si elle ne possèdait pas de chaîne de paramètres
lorsque cette directive est activée.</p>
- <pre class="prettyprint lang-config">
- CacheIgnoreQueryString On
- </pre>
+ <pre class="prettyprint lang-config"> CacheIgnoreQueryString On</pre>
des identifiants ignorés. Autrement, chaque identifiant spécifié est
ajouté à la liste.</p>
- <div class="example"><h3>Exemple 1</h3><pre class="prettyprint lang-config">
- CacheIgnoreURLSessionIdentifiers jsessionid
- </pre>
+ <div class="example"><h3>Exemple 1</h3><pre class="prettyprint lang-config"> CacheIgnoreURLSessionIdentifiers jsessionid</pre>
</div>
- <div class="example"><h3>Exemple 2</h3><pre class="prettyprint lang-config">
- CacheIgnoreURLSessionIdentifiers None
- </pre>
+ <div class="example"><h3>Exemple 2</h3><pre class="prettyprint lang-config"> CacheIgnoreURLSessionIdentifiers None</pre>
</div>
machines, si toutes les entrées du cache doivent posséder la même clé,
cette directive permet de spécifier une nouvelle URL de base.</p>
- <pre class="prettyprint lang-config">
-# Remplace l'URL de base de la clé de cache.
-CacheKeyBaseURL http://www.example.com/
- </pre>
+ <pre class="prettyprint lang-config"># Remplace l'URL de base de la clé de cache.
+CacheKeyBaseURL http://www.example.com/</pre>
<div class="warning">Prenez garde en définissant cette directive. Si
directive <code class="directive">CacheMaxExpire</code>, c'est ce dernier
qui l'emporte.</p>
- <pre class="prettyprint lang-config">
- CacheLastModifiedFactor 0.5
- </pre>
+ <pre class="prettyprint lang-config"> CacheLastModifiedFactor 0.5</pre>
</div>
défaut des fichiers run-time est
la suivante :</p>
- <pre class="prettyprint lang-config">
-# Active le verrouillage du cache
-CacheLock on
- </pre>
+ <pre class="prettyprint lang-config"># Active le verrouillage du cache
+CacheLock on</pre>
<p>Les verrous sont des fichiers vides qui n'existent que pour les
sera pas à jour. L'utilisation de cette valeur maximale est forcée,
même si le document possède une date d'expiration.</p>
- <pre class="prettyprint lang-config">
- CacheMaxExpire 604800
- </pre>
+ <pre class="prettyprint lang-config"> CacheMaxExpire 604800</pre>
que dans le cas où le document ne possède aucune date d'expiration
valide.</p>
- <pre class="prettyprint lang-config">
- CacheMinExpire 3600
- </pre>
+ <pre class="prettyprint lang-config"> CacheMinExpire 3600</pre>
</div>
traitement complet de la requête est nécessaire, comme par exemple
lorsque le contenu est soumis à autorisation.</p>
- <pre class="prettyprint lang-config">
-# Exécute le cache comme un gestionnaire normal
-CacheQuickHandler off
- </pre>
+ <pre class="prettyprint lang-config"># Exécute le cache comme un gestionnaire normal
+CacheQuickHandler off</pre>
<p>Lorsque le gestionnaire rapide est désactivé, l'administrateur a
de filtrage où la mise en cache sera effectuée, en utilisant le
filtre <strong>CACHE</strong>.</p>
- <pre class="prettyprint lang-config">
-# Mise en cache du contenu avant l'intervention de mod_include et
+ <pre class="prettyprint lang-config"># Mise en cache du contenu avant l'intervention de mod_include et
# mod_deflate
CacheQuickHandler off
-AddOutputFilterByType CACHE;INCLUDES;DEFLATE text/html
- </pre>
+AddOutputFilterByType CACHE;INCLUDES;DEFLATE text/html</pre>
<p>Si le filtre CACHE est spécifié plusieurs fois, c'est la dernière
réponse 5xx renvoyée au client n'invalidera pas le contenu dans le
cache. </p>
- <pre class="prettyprint lang-config">
-# Sert des données non mises à jour en cas d'erreur.
-CacheStaleOnError on
- </pre>
+ <pre class="prettyprint lang-config"># Sert des données non mises à jour en cas d'erreur.
+CacheStaleOnError on</pre>
de la part du serveur d'origine, et la réponse sera renvoyée à
partir du cache si la ressource d'arrière-plan n'a pas été modifiée.</p>
- <pre class="prettyprint lang-config">
- CacheStoreExpired On
- </pre>
+ <pre class="prettyprint lang-config"> CacheStoreExpired On</pre>
un en-tête no-store.</p>
- <pre class="prettyprint lang-config">
- CacheStoreNoStore On
- </pre>
+ <pre class="prettyprint lang-config"> CacheStoreNoStore On</pre>
contient un en-tête private.</p>
- <pre class="prettyprint lang-config">
- CacheStorePrivate On
- </pre>
+ <pre class="prettyprint lang-config"> CacheStorePrivate On</pre>
maximum size, in bytes, for a document to be considered for storage in
the cache.</p>
- <pre class="prettyprint lang-config">
- CacheMaxFileSize 64000
- </pre>
+ <pre class="prettyprint lang-config"> CacheMaxFileSize 64000</pre>
</div>
minimum size, in bytes, for a document to be considered for storage
in the cache.</p>
- <pre class="prettyprint lang-config">
- CacheMinFileSize 64
- </pre>
+ <pre class="prettyprint lang-config"> CacheMinFileSize 64</pre>
</div>
<p>This directive only takes effect when the data is being saved to the
cache, as opposed to data being served from the cache.</p>
- <pre class="prettyprint lang-config">
- CacheReadSize 102400
- </pre>
+ <pre class="prettyprint lang-config"> CacheReadSize 102400</pre>
</div>
ensure that the server does not buffer excessively should data arrive faster
than expected.</p>
- <pre class="prettyprint lang-config">
- CacheReadTime 1000
- </pre>
+ <pre class="prettyprint lang-config"> CacheReadTime 1000</pre>
</div>
a configuration file processing error. The <code class="directive"><a href="#cachedirlevels">CacheDirLevels</a></code> and <code class="directive"><a href="#cachedirlength">CacheDirLength</a></code> directives define
the structure of the directories under the specified root directory.</p>
- <pre class="prettyprint lang-config">
- CacheRoot c:/cacheroot
- </pre>
+ <pre class="prettyprint lang-config"> CacheRoot c:/cacheroot</pre>
</div>
définir la taille maximale d'un document, en octets, pour que
celui-ci puisse faire l'objet d'un stockage dans le cache.</p>
- <pre class="prettyprint lang-config">
- CacheMaxFileSize 64000
- </pre>
+ <pre class="prettyprint lang-config"> CacheMaxFileSize 64000</pre>
</div>
définir la taille minimale d'un document, en octets, pour que
celui-ci puisse faire l'objet d'un stockage dans le cache.</p>
- <pre class="prettyprint lang-config">
- CacheMinFileSize 64
- </pre>
+ <pre class="prettyprint lang-config"> CacheMinFileSize 64</pre>
</div>
enregistrées dans le cache, et non lorsque les données sont servies à
partir du cache.</p>
- <pre class="prettyprint lang-config">
- CacheReadSize 102400
- </pre>
+ <pre class="prettyprint lang-config"> CacheReadSize 102400</pre>
</div>
que le serveur n'effectue pas une mise en tampon excessive au cas
où les données arriveraient plus vite que prévu.</p>
- <pre class="prettyprint lang-config">
- CacheReadTime 1000
- </pre>
+ <pre class="prettyprint lang-config"> CacheReadTime 1000</pre>
</div>
définir la structure des sous-répertoires du répertoire racine
spécifié.</p>
- <pre class="prettyprint lang-config">
- CacheRoot c:/cacheroot
- </pre>
+ <pre class="prettyprint lang-config"> CacheRoot c:/cacheroot</pre>
</div>
however the caching of partial content is not yet supported by this
module.</p>
- <pre class="prettyprint lang-config">
-# Turn on caching
+ <pre class="prettyprint lang-config"># Turn on caching
CacheSocache shmcb
CacheSocacheMaxSize 102400
<Location /foo>
<Location /foo>
CacheEnable socache
CacheEnable disk
-</Location>
- </pre>
+</Location></pre>
<div class="note"><h3>Note:</h3>
implementations</a> of shared object caches are available to choose
from.</p>
- <pre class="prettyprint lang-config">
- CacheSocache shmcb
- </pre>
+ <pre class="prettyprint lang-config"> CacheSocache shmcb</pre>
</div>
responses larger than those cacheable within
<code class="module"><a href="../mod/mod_cache_socache.html">mod_cache_socache</a></code>.</p>
- <pre class="prettyprint lang-config">
- CacheSocacheMaxSize 102400
- </pre>
+ <pre class="prettyprint lang-config"> CacheSocacheMaxSize 102400</pre>
</div>
the cache. This value overrides the freshness lifetime defined for the
document by the HTTP protocol.</p>
- <pre class="prettyprint lang-config">
- CacheSocacheMaxTime 86400
- </pre>
+ <pre class="prettyprint lang-config"> CacheSocacheMaxTime 86400</pre>
</div>
only stored for its freshness lifetime, there will be no opportunity to
revalidate the response to make it fresh again.</p>
- <pre class="prettyprint lang-config">
- CacheSocacheMinTime 600
- </pre>
+ <pre class="prettyprint lang-config"> CacheSocacheMinTime 600</pre>
</div>
<p>This directive only takes effect when the data is being saved to the
cache, as opposed to data being served from the cache.</p>
- <pre class="prettyprint lang-config">
- CacheReadSize 102400
- </pre>
+ <pre class="prettyprint lang-config"> CacheReadSize 102400</pre>
</div>
to ensure that the server does not buffer excessively should data arrive faster
than expected.</p>
- <pre class="prettyprint lang-config">
- CacheSocacheReadTime 1000
- </pre>
+ <pre class="prettyprint lang-config"> CacheSocacheReadTime 1000</pre>
</div>
stockées simultanément ; cependant, la mise en cache de contenus
partiels n'est pas encore supportée par ce module.</p>
- <pre class="prettyprint lang-config">
-# Activation de la mise en cache
+ <pre class="prettyprint lang-config"># Activation de la mise en cache
CacheSocache shmcb
CacheSocacheMaxSize 102400
<Location /foo>
<Location /foo>
CacheEnable socache
CacheEnable disk
-</Location>
- </pre>
+</Location></pre>
<div class="note"><h3>Note :</h3>
possible de choisir entre plusieurs <a href="../socache.html">implémentations</a> de caches d'objets
partagés.</p>
- <pre class="prettyprint lang-config">
- CacheSocache shmcb
- </pre>
+ <pre class="prettyprint lang-config"> CacheSocache shmcb</pre>
</div>
la taille est trop importante pour pouvoir être mises en cache par
<code class="module"><a href="../mod/mod_cache_socache.html">mod_cache_socache</a></code>.</p>
- <pre class="prettyprint lang-config">
- CacheSocacheMaxSize 102400
- </pre>
+ <pre class="prettyprint lang-config"> CacheSocacheMaxSize 102400</pre>
</div>
le cache avant péremption. Cette définition l'emporte sur la durée
de fraîcheur définie pour le document par le protocole HTTP.</p>
- <pre class="prettyprint lang-config">
- CacheSocacheMaxTime 86400
- </pre>
+ <pre class="prettyprint lang-config"> CacheSocacheMaxTime 86400</pre>
</div>
pour une durée égale à sa durée de fraîcheur, elle n'a pas besoin
d'être rafraîchie.</p>
- <pre class="prettyprint lang-config">
- CacheSocacheMinTime 600
- </pre>
+ <pre class="prettyprint lang-config"> CacheSocacheMinTime 600</pre>
</div>
stockées dans le cache, et non lorsqu'elles sont servies depuis le
cache.</p>
- <pre class="prettyprint lang-config">
- CacheReadSize 102400
- </pre>
+ <pre class="prettyprint lang-config"> CacheReadSize 102400</pre>
</div>
manière excessive dans le cas où les données arriveraient plus vite
que prévu.</p>
- <pre class="prettyprint lang-config">
- CacheSocacheReadTime 1000
- </pre>
+ <pre class="prettyprint lang-config"> CacheSocacheReadTime 1000</pre>
</div>
will use its contents to generate additional MIME header
information.</p>
- <div class="example"><h3>Example:</h3><pre class="prettyprint lang-config">
- MetaSuffix .meta
- </pre>
+ <div class="example"><h3>Example:</h3><pre class="prettyprint lang-config"> MetaSuffix .meta</pre>
</div>
</div>
son contenu pour générer les informations quant aux en-têtes MIME
additionnels.</p>
- <div class="example"><h3>Exemple :</h3><pre class="prettyprint lang-config">
- MetaSuffix .meta
- </pre>
+ <div class="example"><h3>Exemple :</h3><pre class="prettyprint lang-config"> MetaSuffix .meta</pre>
</div>
</div>
taken relative to the <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>.
</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- ScriptLog logs/cgi_log
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> ScriptLog logs/cgi_log</pre>
</div>
<p>This log will be opened as the user the child processes run
répertoire défini par la directive <code class="directive"><a href="../mod/core.html#serverroot">ServerRoot</a></code>.
</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
- ScriptLog logs/cgi_log
- </pre>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"> ScriptLog logs/cgi_log</pre>
</div>
<p>Ce journal sera ouvert par l'utilisateur sous lequel les
the CGI program. If the time is exceeded, the request and CGI are
terminated.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- CGIDScriptTimeout 20
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> CGIDScriptTimeout 20</pre>
</div>
will be relative to the value of
<code class="directive"><a href="../mod/core.html#defaultruntimedir">DefaultRuntimeDir</a></code>.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- ScriptSock /var/run/cgid.sock
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> ScriptSock /var/run/cgid.sock</pre>
</div>
reçues en sortie du programme CGI. Si ce temps est dépassé, la requête et le
programme CGI se terminent.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
- CGIDScriptTimeout 20
- </pre>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"> CGIDScriptTimeout 20</pre>
</div>
<p>Si <var>chemin fichier</var> n'est pas un chemin absolu, il est
relatif au chemin défini par la directive <code class="directive"><a href="../mod/core.html#defaultruntimedir">DefaultRuntimeDir</a></code>.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
- ScriptSock /var/run/cgid.sock
- </pre>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"> ScriptSock /var/run/cgid.sock</pre>
</div>
<a class="glossarylink" href="../glossary.html#apr" title="see glossary">APR</a>. Generally, this means that it must be
supported by iconv.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-<Directory /export/home/trawick/apacheinst/htdocs/convert>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"><Directory /export/home/trawick/apacheinst/htdocs/convert>
CharsetSourceEnc UTF-16BE
CharsetDefault ISO-8859-1
-</Directory>
- </pre>
+</Directory></pre>
</div>
<div class="note">
<a class="glossarylink" href="../glossary.html#apr" title="see glossary">APR</a>. Generally, this means that it must be
supported by iconv.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-<Directory /export/home/trawick/apacheinst/htdocs/convert>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"><Directory /export/home/trawick/apacheinst/htdocs/convert>
CharsetSourceEnc UTF-16BE
CharsetDefault ISO-8859-1
-</Directory>
- </pre>
+</Directory></pre>
</div>
<p>The character set names in this example work with the iconv
jeux de caractères dans <a class="glossarylink" href="../glossary.html#apr" title="voir glossaire">APR</a>. En général, cela
implique qu'elle doit être reconnue par iconv.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
-<Directory /export/home/trawick/apacheinst/htdocs/convert>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"><Directory /export/home/trawick/apacheinst/htdocs/convert>
CharsetSourceEnc UTF-16BE
CharsetDefault ISO-8859-1
-</Directory>
- </pre>
+</Directory></pre>
</div>
<div class="note">
jeux de caractères dans <a class="glossarylink" href="../glossary.html#apr" title="voir glossaire">APR</a>. En général, cela
implique qu'elle doit être reconnue par iconv.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
-<Directory /export/home/trawick/apacheinst/htdocs/convert>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"><Directory /export/home/trawick/apacheinst/htdocs/convert>
CharsetSourceEnc UTF-16BE
CharsetDefault ISO-8859-1
-</Directory>
- </pre>
+</Directory></pre>
</div>
<p>Les noms de jeux de caractères de cet exemple sont reconnus par
or any of the directives supported by the <code class="module"><a href="../mod/mod_filter.html">mod_filter</a></code>
module.</p>
- <div class="example"><h3>Configuring the filter</h3><pre class="prettyprint lang-config">
-<Location /data/images>
+ <div class="example"><h3>Configuring the filter</h3><pre class="prettyprint lang-config"><Location /data/images>
SetOutputFilter DATA
-</Location>
- </pre>
+</Location></pre>
</div>
</div>
pile des filtres via la directive <code class="directive"><a href="../mod/core.html#setoutputfilter">SetOutputFilter</a></code>, ou toute autre directive
supportée par le module <code class="module"><a href="../mod/mod_filter.html">mod_filter</a></code>.</p>
- <div class="example"><h3>Configuration du filtre</h3><pre class="prettyprint lang-config">
-<Location /data/images>
+ <div class="example"><h3>Configuration du filtre</h3><pre class="prettyprint lang-config"><Location /data/images>
SetOutputFilter DATA
-</Location>
- </pre>
+</Location></pre>
</div>
</div>
file using the <code class="directive"><a href="../mod/mod_dav_fs.html#davlockdb">DavLockDB</a></code>
directive:</p>
- <pre class="prettyprint lang-config">
- DavLockDB /usr/local/apache2/var/DavLock
- </pre>
+ <pre class="prettyprint lang-config"> DavLockDB /usr/local/apache2/var/DavLock</pre>
<p>The directory containing the lock database file must be
directive. The "normal" <code class="directive"><a href="../mod/core.html#limitrequestbody">LimitRequestBody</a></code> directive has no effect on DAV
requests.</p>
- <div class="example"><h3>Full Example</h3><pre class="prettyprint lang-config">
-DavLockDB /usr/local/apache2/var/DavLock
+ <div class="example"><h3>Full Example</h3><pre class="prettyprint lang-config">DavLockDB /usr/local/apache2/var/DavLock
<Directory /usr/local/apache2/htdocs/foo>
Require all granted
<LimitExcept GET POST OPTIONS>
Require user admin
</LimitExcept>
-</Directory>
- </pre>
+</Directory></pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
will run the script, and one of which will allow it to be
downloaded and manipulated with DAV.</p>
-<pre class="prettyprint lang-config">
-Alias /phparea /home/gstein/php_files
+<pre class="prettyprint lang-config">Alias /phparea /home/gstein/php_files
Alias /php-source /home/gstein/php_files
<Location /php-source>
DAV On
ForceType text/plain
-</Location>
-</pre>
+</Location></pre>
<p>With this setup, <code>http://example.com/phparea</code> can be
<p>Use the <code class="directive">Dav</code> directive to enable the
WebDAV HTTP methods for the given container:</p>
- <pre class="prettyprint lang-config">
-<Location /foo>
+ <pre class="prettyprint lang-config"><Location /foo>
Dav On
-</Location>
- </pre>
+</Location></pre>
<p>The value <code>On</code> is actually an alias for the default
(like 600 seconds) to reduce the chance of the client losing
the lock due to network latency.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-<Location /MSWord>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"><Location /MSWord>
DavMinTimeout 600
-</Location>
- </pre>
+</Location></pre>
</div>
</div>
verrous DAV via une directive <code class="directive"><a href="../mod/mod_dav_fs.html#davlockdb">DavLockDB</a></code> dans la section globale de
votre fichier <code>httpd.conf</code> :</p>
- <pre class="prettyprint lang-config">
- DavLockDB /usr/local/apache2/var/DavLock
- </pre>
+ <pre class="prettyprint lang-config"> DavLockDB /usr/local/apache2/var/DavLock</pre>
<p>Le répertoire contenant le fichier de la base de données des
directive <code class="directive"><a href="../mod/core.html#limitrequestbody">LimitRequestBody</a></code>
"habituelle" n'a aucune incidence sur les requêtes DAV.</p>
- <div class="example"><h3>Exemple complet</h3><pre class="prettyprint lang-config">
-DavLockDB /usr/local/apache2/var/DavLock
+ <div class="example"><h3>Exemple complet</h3><pre class="prettyprint lang-config">DavLockDB /usr/local/apache2/var/DavLock
<Directory /usr/local/apache2/htdocs/foo>
Require all granted
<LimitExcept GET POST OPTIONS>
Require user admin
</LimitExcept>
-</Directory>
- </pre>
+</Directory></pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
script, alors que l'autre peut être utilisée pour le télécharger et
le manipuler avec DAV.</p>
-<pre class="prettyprint lang-config">
-Alias /phparea /home/gstein/php_files
+<pre class="prettyprint lang-config">Alias /phparea /home/gstein/php_files
Alias /php-source /home/gstein/php_files
<Location /php-source>
DAV On
ForceType text/plain
-</Location>
-</pre>
+</Location></pre>
<p>Avec cette configuration, on peut utiliser
<p>La directive <code class="directive">Dav</code> active les
méthodes HTTP WebDAV pour le conteneur condidéré :</p>
- <pre class="prettyprint lang-config">
-<Location /foo>
+ <pre class="prettyprint lang-config"><Location /foo>
Dav On
-</Location>
- </pre>
+</Location></pre>
<p>La valeur <code>On</code> est en fait un alias vers le
de perte du verrou par le client suite à une surcharge du
réseau.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
-<Location /MSWord>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"><Location /MSWord>
DavMinTimeout 600
-</Location>
- </pre>
+</Location></pre>
</div>
</div>
will be invoked by using the <code class="directive"><a href="../mod/mod_dav.html#dav">Dav</a></code>
directive:</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- Dav filesystem
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> Dav filesystem</pre>
</div>
<p>Since <code>filesystem</code> is the default provider for
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- DavLockDB var/DavLock
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> DavLockDB var/DavLock</pre>
</div>
<p>The directory containing the lock database file must be
de <code class="module"><a href="../mod/mod_dav.html">mod_dav</a></code> sont invoqués via la directive
<code class="directive"><a href="../mod/mod_dav.html#dav">Dav</a></code> :</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
- Dav filesystem
- </pre>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"> Dav filesystem</pre>
</div>
<p>Comme <code>filesystem</code> est le fournisseur par défaut de
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
- DavLockDB var/DavLock
- </pre>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"> DavLockDB var/DavLock</pre>
</div>
<p>Les utilisateur et groupe sous lesquels Apache s'exécute et qui
<code class="module"><a href="../mod/mod_dav_lock.html">mod_dav_lock</a></code> uses a SDBM database to track user
locks.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- DavGenericLockDB var/DavLock
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> DavGenericLockDB var/DavLock</pre>
</div>
<p>The directory containing the lock database file must be
<code class="module"><a href="../mod/mod_dav_lock.html">mod_dav_lock</a></code> utilise une base de données SDBM pour
surveiller les verrous utilisateurs.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
- DavGenericLockDB var/DavLock
- </pre>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"> DavGenericLockDB var/DavLock</pre>
</div>
<p>Les utilisateur et groupe sous lesquels Apache s'exécute et qui
<p><code class="module"><a href="../mod/mod_dbd.html">mod_dbd</a></code> exports five functions for other modules
to use. The API is as follows:</p>
-<pre class="prettyprint lang-c">
-typedef struct {
+<pre class="prettyprint lang-c">typedef struct {
apr_dbd_t *handle;
apr_dbd_driver_t *driver;
apr_hash_t *prepared;
APR_DECLARE_OPTIONAL_FN(void, ap_dbd_close, (server_rec*, ap_dbd_t*));
APR_DECLARE_OPTIONAL_FN(ap_dbd_t*, ap_dbd_acquire, (request_rec*));
APR_DECLARE_OPTIONAL_FN(ap_dbd_t*, ap_dbd_cacquire, (conn_rec*));
-APR_DECLARE_OPTIONAL_FN(void, ap_dbd_prepare, (server_rec*, const char*, const char*));
-</pre>
+APR_DECLARE_OPTIONAL_FN(void, ap_dbd_prepare, (server_rec*, const char*, const char*));</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<p><code class="module"><a href="../mod/mod_dbd.html">mod_dbd</a></code> exporte cinq fonctions que d'autres
modules pourront utiliser. L'API se présente comme suit :</p>
- <pre class="prettyprint lang-c">
-typedef struct {
+ <pre class="prettyprint lang-c">typedef struct {
apr_dbd_t *handle;
apr_dbd_driver_t *driver;
apr_hash_t *prepared;
APR_DECLARE_OPTIONAL_FN(void, ap_dbd_close, (server_rec*, ap_dbd_t*));
APR_DECLARE_OPTIONAL_FN(ap_dbd_t*, ap_dbd_acquire, (request_rec*));
APR_DECLARE_OPTIONAL_FN(ap_dbd_t*, ap_dbd_cacquire, (conn_rec*));
-APR_DECLARE_OPTIONAL_FN(void, ap_dbd_prepare, (server_rec*, const char*, const char*));
-</pre>
+APR_DECLARE_OPTIONAL_FN(void, ap_dbd_prepare, (server_rec*, const char*, const char*));</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
</div>
<p>This is a simple configuration that compresses common text-based content types.</p>
- <div class="example"><h3>Compress only a few types</h3><pre class="prettyprint lang-config">
- AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript
- </pre>
+ <div class="example"><h3>Compress only a few types</h3><pre class="prettyprint lang-config"> AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript</pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
will enable compression for documents in the container where it
is placed:</p>
- <pre class="prettyprint lang-config">
-SetOutputFilter DEFLATE
-SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip
- </pre>
+ <pre class="prettyprint lang-config">SetOutputFilter DEFLATE
+SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip</pre>
<p>If you want to restrict the compression to particular MIME types
enabling compression only for the html files of the Apache
documentation:</p>
- <pre class="prettyprint lang-config">
-<Directory "/your-server-root/manual">
+ <pre class="prettyprint lang-config"><Directory "/your-server-root/manual">
AddOutputFilterByType DEFLATE text/html
-</Directory>
- </pre>
+</Directory></pre>
<div class="note"><h3>Note</h3>
this feature you have to insert the <code>INFLATE</code> filter into
the outputfilter chain using <code class="directive"><a href="../mod/core.html#setoutputfilter">SetOutputFilter</a></code> or <code class="directive"><a href="../mod/mod_mime.html#addoutputfilter">AddOutputFilter</a></code>, for example:</p>
- <pre class="prettyprint lang-config">
-<Location /dav-area>
+ <pre class="prettyprint lang-config"><Location /dav-area>
ProxyPass http://example.com/
SetOutputFilter INFLATE
-</Location>
- </pre>
+</Location></pre>
<p>This Example will uncompress gzip'ed output from example.com, so other
this feature you have to insert the <code>DEFLATE</code> filter into
the input filter chain using <code class="directive"><a href="../mod/core.html#setinputfilter">SetInputFilter</a></code> or <code class="directive"><a href="../mod/mod_mime.html#addinputfilter">AddInputFilter</a></code>, for example:</p>
- <pre class="prettyprint lang-config">
-<Location /dav-area>
+ <pre class="prettyprint lang-config"><Location /dav-area>
SetInputFilter DEFLATE
-</Location>
- </pre>
+</Location></pre>
<p>Now if a request contains a <code>Content-Encoding:
in a typical configuration where the addition of the <code>DEFLATE</code>
filter depends on the <code>User-Agent</code>, you should add:</p>
- <pre class="prettyprint lang-config">
- Header append Vary User-Agent
- </pre>
+ <pre class="prettyprint lang-config"> Header append Vary User-Agent</pre>
<p>If your decision about compression depends on other information
<code>Vary</code> header to the value <code>*</code>. This prevents
compliant proxies from caching entirely.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- Header set Vary *
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> Header set Vary *</pre>
</div>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
the directive. You can use that note for statistical purposes by
adding the value to your <a href="../logs.html#accesslog">access log</a>.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- DeflateFilterNote ratio
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> DeflateFilterNote ratio
LogFormat '"%r" %b (%{ratio}n) "%{User-agent}i"' deflate
- CustomLog logs/deflate_log deflate
- </pre>
+ CustomLog logs/deflate_log deflate</pre>
</div>
<p>If you want to extract more accurate values from your logs, you
<p>Thus you may log it this way:</p>
- <div class="example"><h3>Accurate Logging</h3><pre class="prettyprint lang-config">
-DeflateFilterNote Input instream
+ <div class="example"><h3>Accurate Logging</h3><pre class="prettyprint lang-config">DeflateFilterNote Input instream
DeflateFilterNote Output outstream
DeflateFilterNote Ratio ratio
LogFormat '"%r" %{outstream}n/%{instream}n (%{ratio}n%%)' deflate
-CustomLog logs/deflate_log deflate
-</pre>
+CustomLog logs/deflate_log deflate</pre>
</div>
<h3>See also</h3>
<p>Voici un exemple simple de configuration qui permet de comprimer
les types de contenu à base de texte.</p>
- <div class="example"><h3>Ne comprime que certains types de documents</h3><pre class="prettyprint lang-config">
- AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript
- </pre>
+ <div class="example"><h3>Ne comprime que certains types de documents</h3><pre class="prettyprint lang-config"> AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript</pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
directive suivante active la compression des documents dans le
conteneur où elle est placée :</p>
- <pre class="prettyprint lang-config">
-SetOutputFilter DEFLATE
-SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip
- </pre>
+ <pre class="prettyprint lang-config">SetOutputFilter DEFLATE
+SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip</pre>
<p>Si vous voulez limiter la compression à certains types MIME
où la compression n'est activée que pour les fichiers html de la
documentation d'Apache :</p>
- <pre class="prettyprint lang-config">
-<Directory "/your-server-root/manual">
+ <pre class="prettyprint lang-config"><Directory "/your-server-root/manual">
AddOutputFilterByType DEFLATE text/html
-</Directory>
- </pre>
+</Directory></pre>
<div class="note"><h3>Note</h3>
<code class="directive"><a href="../mod/mod_mime.html#addoutputfilter">AddOutputFilter</a></code>, comme
dans l'exemple suivant :</p>
- <pre class="prettyprint lang-config">
-<Location /dav-area>
+ <pre class="prettyprint lang-config"><Location /dav-area>
ProxyPass http://example.com/
SetOutputFilter INFLATE
-</Location>
- </pre>
+</Location></pre>
<p>Dans cet exemple, les sorties comprimées par gzip en
<code class="directive"><a href="../mod/mod_mime.html#addinputfilter">AddInputFilter</a></code>, comme
dans l'exemple suivant :</p>
- <pre class="prettyprint lang-config">
-<Location /dav-area>
+ <pre class="prettyprint lang-config"><Location /dav-area>
SetInputFilter DEFLATE
-</Location>
- </pre>
+</Location></pre>
<p>Désormais, si une requête contient un en-tête
<code>DEFLATE</code> dépend du contenu de l'en-tête
<code>User-Agent</code>, vous devez spécifier :</p>
- <pre class="prettyprint lang-config">
- Header append Vary User-Agent
- </pre>
+ <pre class="prettyprint lang-config"> Header append Vary User-Agent</pre>
<p>Si votre décision de comprimer le contenu dépend d'autres
<code>Vary</code> la valeur <code>*</code>, ce qui permet d'empêcher
les mandataires compatibles de tout mettre en cache.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
- Header set Vary *
- </pre>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"> Header set Vary *</pre>
</div>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
d'un argument de la directive. Vous pouvez utiliser cette note à des
fins statistiques en enregistrant sa valeur dans votre <a href="../logs.html#accesslog">journal des accès</a>.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
- DeflateFilterNote ratio
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"> DeflateFilterNote ratio
LogFormat '"%r" %b (%{ratio}n) "%{User-agent}i"' deflate
- CustomLog logs/deflate_log deflate
- </pre>
+ CustomLog logs/deflate_log deflate</pre>
</div>
<p>Pour extraire des informations plus précises de vos journaux,
<p>Vous pouvez donc configurer votre journalisation de la manière
suivante :</p>
- <div class="example"><h3>Journalisation détaillée</h3><pre class="prettyprint lang-config">
-DeflateFilterNote Input instream
+ <div class="example"><h3>Journalisation détaillée</h3><pre class="prettyprint lang-config">DeflateFilterNote Input instream
DeflateFilterNote Output outstream
DeflateFilterNote Ratio ratio
LogFormat '"%r" %{outstream}n/%{instream}n (%{ratio}n%%)' deflate
-CustomLog logs/deflate_log deflate
-</pre>
+CustomLog logs/deflate_log deflate</pre>
</div>
<h3>Voir aussi</h3>
by the various old modem standards. So, you can browse your site with a 56k
V.92 modem, by adding something like this:</p>
-<pre class="prettyprint lang-config">
-<Location /mysite>
+<pre class="prettyprint lang-config"><Location /mysite>
ModemStandard V.92
-</Location>
-</pre>
+</Location></pre>
<p>Previously to do bandwidth rate limiting modules would have to block an entire
</table>
<p>Specify what modem standard you wish to simulate.</p>
-<pre class="prettyprint lang-config">
-<Location /mysite>
+<pre class="prettyprint lang-config"><Location /mysite>
ModemStandard V.26bis
-</Location>
-</pre>
+</Location></pre>
modems. Ainsi, il est possible de naviguer sur votre site avec un modem
56k V.92 en positionnant une configuration de ce type :</p>
-<pre class="prettyprint lang-config">
-<Location /mysite>
+<pre class="prettyprint lang-config"><Location /mysite>
ModemStandard V.92
-</Location>
-</pre>
+</Location></pre>
<p>Auparavant, pour faire des modules de limitation de bande passante,
<p>Cette directive permet de spécifier le standard de modem que vous
souhaitez simuler.</p>
-<pre class="prettyprint lang-config">
-<Location /mysite>
+<pre class="prettyprint lang-config"><Location /mysite>
ModemStandard V.26bis
-</Location>
-</pre>
+</Location></pre>
set, the server will generate its own listing of the
directory.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- DirectoryIndex index.html
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> DirectoryIndex index.html</pre>
</div>
<p>then a request for <code>http://example.com/docs/</code> would
<p>Note that the documents do not need to be relative to the
directory;</p>
- <pre class="prettyprint lang-config">
- DirectoryIndex index.html index.txt /cgi-bin/index.pl
- </pre>
+ <pre class="prettyprint lang-config"> DirectoryIndex index.html index.txt /cgi-bin/index.pl</pre>
<p>would cause the CGI script <code>/cgi-bin/index.pl</code> to be
directives within the <a href="../sections.html"><em>same context</em></a> will add
to the list of resources to look for rather than replace:
</p>
- <pre class="prettyprint lang-config">
-# Example A: Set index.html as an index page, then add index.php to that list as well.
+ <pre class="prettyprint lang-config"># Example A: Set index.html as an index page, then add index.php to that list as well.
<Directory /foo>
DirectoryIndex index.html
DirectoryIndex index.php
DirectoryIndex index.html
DirectoryIndex disabled
DirectoryIndex index.php
-</Directory>
- </pre>
+</Directory></pre>
</ul>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- DirectoryIndexRedirect on
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> DirectoryIndexRedirect on</pre>
</div>
<p>A request for <code>http://example.com/docs/</code> would
be aware that there are possible security implications to doing
this.</p>
- <pre class="prettyprint lang-config">
-# see security warning below!
+ <pre class="prettyprint lang-config"># see security warning below!
<Location /some/path>
DirectorySlash Off
SetHandler some-handler
-</Location>
- </pre>
+</Location></pre>
<div class="warning"><h3>Security Warning</h3>
<p>Use this to set a handler for any URL that doesn't map to anything
in your filesystem, and would otherwise return HTTP 404 (Not Found).
For example</p>
- <pre class="prettyprint lang-config">
- FallbackResource /not-404.php
- </pre>
+ <pre class="prettyprint lang-config"> FallbackResource /not-404.php</pre>
<p>will cause requests for non-existent files to be handled by
<code>not-404.php</code>, while requests for files that exist
<code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>, and the use of the <code>-f</code> and
<code>-d</code> tests for file and directory existence. This now
requires only one line of configuration.</p>
- <pre class="prettyprint lang-config">
- FallbackResource /index.php
- </pre>
+ <pre class="prettyprint lang-config"> FallbackResource /index.php</pre>
<p>Existing files, such as images, css files, and so on, will be
served normally.</p>
if inheritance from a parent directory is not desired.</p>
<p>In a sub-URI, such as <em>http://example.com/blog/</em> this
<em>sub-URI</em> has to be supplied as <var>local-url</var>:</p>
- <pre class="prettyprint lang-config">
-<Directory /web/example.com/htdocs/blog>
+ <pre class="prettyprint lang-config"><Directory /web/example.com/htdocs/blog>
FallbackResource /blog/index.php
</Directory>
<Directory /web/example.com/htdocs/blog/images>
FallbackResource disabled
-</Directory>
- </pre>
+</Directory></pre>
</div>
<code>Indexes</code> est définie, le serveur générera son propre
listing du répertoire.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
- DirectoryIndex index.html
- </pre>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"> DirectoryIndex index.html</pre>
</div>
<p>Avec cette configuration, une requête pour l'URL
<p>Notez qu'il n'est pas nécessaire que les documents soient
relatifs au répertoire ;</p>
- <pre class="prettyprint lang-config">
- DirectoryIndex index.html index.txt /cgi-bin/index.pl
- </pre>
+ <pre class="prettyprint lang-config"> DirectoryIndex index.html index.txt /cgi-bin/index.pl</pre>
<p>provoquerait l'exécution du script CGI
contexte</em></a> permet d'ajouter des ressources à rechercher plutôt
que de remplacer celle déjà définies :
</p>
- <pre class="prettyprint lang-config">
-# Exemple A: définit index.html comme page d'index, ainsi qu'index.php.
+ <pre class="prettyprint lang-config"># Exemple A: définit index.html comme page d'index, ainsi qu'index.php.
<Directory /foo>
DirectoryIndex index.html
DirectoryIndex index.php
DirectoryIndex index.html
DirectoryIndex disabled
DirectoryIndex index.php
-</Directory>
- </pre>
+</Directory></pre>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
- DirectoryIndexRedirect on
- </pre>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"> DirectoryIndexRedirect on</pre>
</div>
<p>Une requête pour <code>http://example.com/docs/</code> se
Gardez cependant à l'esprit que ceci peut avoir des répercutions en
matière de sécurité.</p>
- <pre class="prettyprint lang-config">
-# voir l'avertissement de sécurité ci-dessous !
+ <pre class="prettyprint lang-config"># voir l'avertissement de sécurité ci-dessous !
<Location /some/path>
DirectorySlash Off
SetHandler some-handler
-</Location>
- </pre>
+</Location></pre>
<div class="warning"><h3>Avertissement de sécurité</h3>
et qui provoquerait sans cela l'envoi d'un code d'erreur HTTP 404
(Not Found).
Par exemple</p>
- <pre class="prettyprint lang-config">
- FallbackResource /not-404.php
- </pre>
+ <pre class="prettyprint lang-config"> FallbackResource /not-404.php</pre>
<p>fait en sorte que les requêtes ne correspondant à aucun fichier
soient traitées par <code>non-404.php</code>, sans affecter les
conditionnels <code>-f</code> et <code>-d</code> pour vérifier
l'existence des fichiers et répertoires. Maintenant, une seule ligne
de configuration est nécessaire.</p>
- <pre class="prettyprint lang-config">
- FallbackResource /index.php
- </pre>
+ <pre class="prettyprint lang-config"> FallbackResource /index.php</pre>
<p>Les fichiers existants comme des images, des fichiers css, etc...
seront traités normalement.</p>
<p>Pour un URI intermédiaire tel que
<em>http://example.com/blog/</em>, cet URI intermédiaire doit être
spécifié en tant que <var>url-locale</var> :</p>
- <pre class="prettyprint lang-config">
-<Directory /web/example.com/htdocs/blog>
+ <pre class="prettyprint lang-config"><Directory /web/example.com/htdocs/blog>
FallbackResource /blog/index.php
</Directory>
<Directory /web/example.com/htdocs/blog/images>
FallbackResource disabled
-</Directory>
- </pre>
+</Directory></pre>
</div>
the below directives. Additionally, <code class="module"><a href="../mod/mod_dumpio.html">mod_dumpio</a></code>
needs to be configured to <code class="directive"><a href="../mod/core.html#loglevel">LogLevel</a></code> <code>trace7</code>:
</p>
- <pre class="prettyprint lang-config">
- LogLevel dumpio:trace7
- </pre>
+ <pre class="prettyprint lang-config"> LogLevel dumpio:trace7</pre>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
</table>
<p>Enable dumping of all input.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- DumpIOInput On
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> DumpIOInput On</pre>
</div>
</div>
</table>
<p>Enable dumping of all output.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- DumpIOOutput On
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> DumpIOOutput On</pre>
</div>
</div>
<p>The <code class="directive">ProtocolEcho</code> directive enables or
disables the echo server.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- ProtocolEcho On
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> ProtocolEcho On</pre>
</div>
</div>
<p>La directive <code class="directive">ProtocolEcho</code> permet d'activer
ou de désactiver le serveur d'écho.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
- ProtocolEcho On
- </pre>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"> ProtocolEcho On</pre>
</div>
</div>
native OS environment of the shell which invoked the
<code class="program"><a href="../programs/httpd.html">httpd</a></code> process.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- PassEnv LD_LIBRARY_PATH
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> PassEnv LD_LIBRARY_PATH</pre>
</div>
</div>
<p>Sets an internal environment variable, which is then available to Apache
HTTP Server modules, and passed on to CGI scripts and SSI pages.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- SetEnv SPECIAL_PATH /foo/bin
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> SetEnv SPECIAL_PATH /foo/bin</pre>
</div>
<p> If you omit the <var>value</var> argument, the variable is set to
<p>Removes one or more internal environment variables from those passed
on to CGI scripts and SSI pages.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- UnsetEnv LD_LIBRARY_PATH
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> UnsetEnv LD_LIBRARY_PATH</pre>
</div>
</div>
valeurs sont issues de l'environnement natif de l'OS associé au
shell qui a invoqué le processus <code class="program"><a href="../programs/httpd.html">httpd</a></code>.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
- PassEnv LD_LIBRARY_PATH
- </pre>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"> PassEnv LD_LIBRARY_PATH</pre>
</div>
</div>
ensuite disponible pour les modules du serveur HTTP Apache et
transmise aux scripts CGI et aux pages SSI.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
- SetEnv SPECIAL_PATH /foo/bin
- </pre>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"> SetEnv SPECIAL_PATH /foo/bin</pre>
</div>
<p>Si l'argument <var>valeur</var> est absent, la variable est
<p>Supprime une ou plusieurs variables d'environnement internes parmi celles
qui sont transmises aux scripts CGI et aux pages SSI.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
- UnsetEnv LD_LIBRARY_PATH
- </pre>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"> UnsetEnv LD_LIBRARY_PATH</pre>
</div>
</div>
<p>To activate the example module, include a block similar to
the following in your <code>httpd.conf</code> file:</p>
-<pre class="prettyprint lang-config">
-<Location /example-info>
+<pre class="prettyprint lang-config"><Location /example-info>
SetHandler example-handler
-</Location>
-</pre>
+</Location></pre>
<p>As an alternative, you can put the following into a <a href="core.html#accessfilename"><code>.htaccess</code></a> file
and then request the file "test.example" from that location:</p>
-<pre class="prettyprint lang-config">
- AddHandler example-handler .example
-</pre>
+<pre class="prettyprint lang-config"> AddHandler example-handler .example</pre>
<p>After reloading/restarting your server, you should be able
<p>Pour activer le module example, ajoutez à votre fichier
<code>httpd.conf</code> un bloc du style :</p>
-<pre class="prettyprint lang-config">
-<Location /example-info>
+<pre class="prettyprint lang-config"><Location /example-info>
SetHandler example-handler
-</Location>
-</pre>
+</Location></pre>
<p>Vous pouvez aussi ajouter ce qui suit dans un fichier <a href="core.html#accessfilename"><code>.htaccess</code></a>, puis
accéder au fichier "test.example" à partir du répertoire
correspondant :</p>
-<pre class="prettyprint lang-config">
- AddHandler example-handler .example
- </pre>
+<pre class="prettyprint lang-config"> AddHandler example-handler .example</pre>
<code class="directive"><a href="#expiresbytype">ExpiresByType</a></code> directives
can also be defined in a more readable syntax of the form:</p>
- <pre class="prettyprint lang-config">
-ExpiresDefault "<var>base</var> [plus <var>num</var> <var>type</var>] [<var>num</var> <var>type</var>] ..."
-ExpiresByType type/encoding "<var>base</var> [plus <var>num</var> <var>type</var>] [<var>num</var> <var>type</var>] ..."
- </pre>
+ <pre class="prettyprint lang-config">ExpiresDefault "<var>base</var> [plus <var>num</var> <var>type</var>] [<var>num</var> <var>type</var>] ..."
+ExpiresByType type/encoding "<var>base</var> [plus <var>num</var> <var>type</var>] [<var>num</var> <var>type</var>] ..."</pre>
<p>where <var>base</var> is one of:</p>
make documents expire 1 month after being accessed, by
default:</p>
- <pre class="prettyprint lang-config">
-ExpiresDefault "access plus 1 month"
+ <pre class="prettyprint lang-config">ExpiresDefault "access plus 1 month"
ExpiresDefault "access plus 4 weeks"
-ExpiresDefault "access plus 30 days"
- </pre>
+ExpiresDefault "access plus 30 days"</pre>
<p>The expiry time can be fine-tuned by adding several
'<var>num</var> <var>type</var>' clauses:</p>
- <pre class="prettyprint lang-config">
-ExpiresByType text/html "access plus 1 month 15 days 2 hours"
-ExpiresByType image/gif "modification plus 5 hours 3 minutes"
- </pre>
+ <pre class="prettyprint lang-config">ExpiresByType text/html "access plus 1 month 15 days 2 hours"
+ExpiresByType image/gif "modification plus 5 hours 3 minutes"</pre>
<p>Note that if you use a modification date based setting, the
the same images (<em>i.e.</em>, the images will be accessed
repeatedly within a relatively short timespan).</p>
- <div class="example"><h3>Example:</h3><pre class="prettyprint lang-config">
-# enable expirations
+ <div class="example"><h3>Example:</h3><pre class="prettyprint lang-config"># enable expirations
ExpiresActive On
# expire GIF images after a month in the client's cache
ExpiresByType image/gif A2592000
# HTML documents are good for a week from the
# time they were changed
-ExpiresByType text/html M604800
- </pre>
+ExpiresByType text/html M604800</pre>
</div>
<p>Note that this directive only has effect if
<p>Pour une syntaxe plus lisible, on peut aussi utiliser les
directives <code class="directive"><a href="#expiresdefault">ExpiresDefault</a></code> et <code class="directive"><a href="#expiresbytype">ExpiresByType</a></code> comme suit :</p>
- <pre class="prettyprint lang-config">
-ExpiresDefault "<var>base</var> [plus <var>num</var> <var>type</var>] [<var>num</var> <var>type</var>] ..."
-ExpiresByType type/encoding "<var>base</var> [plus <var>num</var> <var>type</var>] [<var>num</var> <var>type</var>] ..."
- </pre>
+ <pre class="prettyprint lang-config">ExpiresDefault "<var>base</var> [plus <var>num</var> <var>type</var>] [<var>num</var> <var>type</var>] ..."
+ExpiresByType type/encoding "<var>base</var> [plus <var>num</var> <var>type</var>] [<var>num</var> <var>type</var>] ..."</pre>
<p>où <var>base</var> peut être :</p>
<p>Par exemple, pour faire expirer par défaut les documents 1 mois
après leur accès, on peut utiliser une des directives suivantes :</p>
- <pre class="prettyprint lang-config">
-ExpiresDefault "access plus 1 month"
+ <pre class="prettyprint lang-config">ExpiresDefault "access plus 1 month"
ExpiresDefault "access plus 4 weeks"
-ExpiresDefault "access plus 30 days"
- </pre>
+ExpiresDefault "access plus 30 days"</pre>
<p>La date d'expiration peut être définie plus précisément en
ajoutant plusieurs clauses '<var>num</var> <var>type</var>' :</p>
- <pre class="prettyprint lang-config">
-ExpiresByType text/html "access plus 1 month 15 days 2 hours"
-ExpiresByType image/gif "modification plus 5 hours 3 minutes"
- </pre>
+ <pre class="prettyprint lang-config">ExpiresByType text/html "access plus 1 month 15 days 2 hours"
+ExpiresByType image/gif "modification plus 5 hours 3 minutes"</pre>
<p>Notez que si vous utilisez une configuration basée sur la date de
images sont alors accédées de manière répétitive dans un intervalle
de temps assez court).</p>
- <div class="example"><h3>Exemple :</h3><pre class="prettyprint lang-config">
-# active la génération des en-têtes Expires
+ <div class="example"><h3>Exemple :</h3><pre class="prettyprint lang-config"># active la génération des en-têtes Expires
ExpiresActive On
# les images GIF expirent au bout d'un mois dans le cache du
# client
ExpiresByType image/gif A2592000
# les documents HTML restent valables une semaine après leur date
# de dernière modification
-ExpiresByType text/html M604800
- </pre>
+ExpiresByType text/html M604800</pre>
</div>
<p>Notez que cette directive ne produit d'effet que si
<h2><a name="examples" id="examples">Examples</a></h2>
<h3>Generating HTML from some other type of response</h3>
- <pre class="prettyprint lang-config">
-# mod_ext_filter directive to define a filter
+ <pre class="prettyprint lang-config"># mod_ext_filter directive to define a filter
# to HTML-ize text/c files using the external
# program /usr/bin/enscript, with the type of
# the result set to text/html
# mod_mime directive to set the type of .c
# files to text/c
AddType text/c .c
-</Directory>
- </pre>
+</Directory></pre>
Please refer to <code class="module"><a href="../mod/mod_deflate.html">mod_deflate</a></code> for a practical
implementation.</p>
- <pre class="prettyprint lang-config">
-# mod_ext_filter directive to define the external filter
+ <pre class="prettyprint lang-config"># mod_ext_filter directive to define the external filter
ExtFilterDefine gzip mode=output cmd=/bin/gzip
<Location /gzipped>
# mod_headers directive to add
# "Content-Encoding: gzip" header field
Header set Content-Encoding gzip
-</Location>
- </pre>
+</Location></pre>
<h3>Slowing down the server</h3>
- <pre class="prettyprint lang-config">
-# mod_ext_filter directive to define a filter
+ <pre class="prettyprint lang-config"># mod_ext_filter directive to define a filter
# which runs everything through cat; cat doesn't
# modify anything; it just introduces extra pathlength
# and consumes more resources
# be run several times on output
#
SetOutputFilter slowdown;slowdown;slowdown
-</Location>
- </pre>
+</Location></pre>
<h3>Using sed to replace text in the response</h3>
- <pre class="prettyprint lang-config">
-# mod_ext_filter directive to define a filter which
+ <pre class="prettyprint lang-config"># mod_ext_filter directive to define a filter which
# replaces text in the response
#
ExtFilterDefine fixtext mode=output intype=text/html \
# core directive to cause the fixtext filter to
# be run on output
SetOutputFilter fixtext
-</Location>
- </pre>
+</Location></pre>
<h3>Tracing another filter</h3>
- <pre class="prettyprint lang-config">
-# Trace the data read and written by mod_deflate
+ <pre class="prettyprint lang-config"># Trace the data read and written by mod_deflate
# for a particular client (IP 192.168.1.31)
# experiencing compression problems.
# This filter will trace what goes into mod_deflate.
<Directory /usr/local/docs>
SetEnvIf Remote_Addr 192.168.1.31 trace_this_client
SetOutputFilter tracebefore;deflate;traceafter
-</Directory>
- </pre>
+</Directory></pre>
- <div class="example"><h3>Here is the filter which traces the data:</h3><pre class="prettyprint lang-perl">
-#!/usr/local/bin/perl -w
+ <div class="example"><h3>Here is the filter which traces the data:</h3><pre class="prettyprint lang-perl">#!/usr/local/bin/perl -w
use strict;
open(SAVE, ">$ARGV[0]")
print $_;
}
-close(SAVE);
- </pre>
+close(SAVE);</pre>
</div>
</div>
filter is removed and the request continues without it.</dd>
</dl>
- <pre class="prettyprint lang-config">
- ExtFilterOptions LogStderr
- </pre>
+ <pre class="prettyprint lang-config"> ExtFilterOptions LogStderr</pre>
<p>Messages written to the filter's standard error will be stored
<h3>Générer du HTML à partir d'un autre type de
contenu</h3>
- <pre class="prettyprint lang-config">
-# la directive de mod_ext_filter définissant un filtre
+ <pre class="prettyprint lang-config"># la directive de mod_ext_filter définissant un filtre
# permettant de mettre des fichiers text/c au format HTML en
# utilisant le programme externe /usr/bin/enscript, le type du
# fichier résultant étant défini à text/html
# directive de mod_mime définissant le type des fichiers dont
# le nom possède l'extension .c à text/c
AddType text/c .c
-</Directory>
- </pre>
+</Directory></pre>
<code class="module"><a href="../mod/mod_deflate.html">mod_deflate</a></code> pour un exemple d'implémentation plus
pratique.</p>
- <pre class="prettyprint lang-config">
-# la directive de mod_ext_filter qui définit le filtre externe
+ <pre class="prettyprint lang-config"># la directive de mod_ext_filter qui définit le filtre externe
ExtFilterDefine gzip mode=output cmd=/bin/gzip
<Location /gzipped>
# la directive de mod_headers permettant d'ajouter le champ
# d'en-tête "Content-Encoding: gzip"
Header set Content-Encoding gzip
-</Location>
- </pre>
+</Location></pre>
<h3>Ralentissement du serveur</h3>
- <pre class="prettyprint lang-config">
-# directive de mod_ext_filter définissant un filtre qui fait
+ <pre class="prettyprint lang-config"># directive de mod_ext_filter définissant un filtre qui fait
# passer tous les flux en sortie par la commande cat ; cat ne
# modifie rien ; elle ne fait que compliquer le cheminement des
# flux et consommer des ressources supplémentaires
# sortie avec le filtre slowdown
#
SetOutputFilter slowdown;slowdown;slowdown
-</Location>
- </pre>
+</Location></pre>
<h3>Utilisation de sed pour remplacer du texte dans la
réponse</h3>
- <pre class="prettyprint lang-config">
-# directive de mod_ext_filter définissant un filtre qui
+ <pre class="prettyprint lang-config"># directive de mod_ext_filter définissant un filtre qui
# remplace du texte dans la réponse
#
ExtFilterDefine fixtext mode=output intype=text/html \
# directive de base permettant de traiter la sortie avec le
# filtre fixtext
SetOutputFilter fixtext
-</Location>
- </pre>
+</Location></pre>
<h3>Tracer un autre filtre</h3>
- <pre class="prettyprint lang-config">
-# Trace les données lues et écrites par mod_deflate pour un
+ <pre class="prettyprint lang-config"># Trace les données lues et écrites par mod_deflate pour un
# client particulier (IP 192.168.1.31) qui a des problèmes de
# compression.
# Ce premier filtre va tracer ce qui entre dans mod_deflate.
<Directory /usr/local/docs>
SetEnvIf Remote_Addr 192.168.1.31 trace_this_client
SetOutputFilter tracebefore;deflate;traceafter
-</Directory>
- </pre>
+</Directory></pre>
- <div class="example"><h3>Voici le filtre qui trace les données :</h3><pre class="prettyprint lang-perl">
-#!/usr/local/bin/perl -w
+ <div class="example"><h3>Voici le filtre qui trace les données :</h3><pre class="prettyprint lang-perl">#!/usr/local/bin/perl -w
use strict;
open(SAVE, ">$ARGV[0]")
print $_;
}
-close(SAVE);
- </pre>
+close(SAVE);</pre>
</div>
</div>
sans lui.</dd>
</dl>
- <pre class="prettyprint lang-config">
- ExtFilterOptions LogStderr
- </pre>
+ <pre class="prettyprint lang-config"> ExtFilterOptions LogStderr</pre>
<p>Les messages envoyés vers la sortie d'erreurs standard du filtre
with filenames rewritten by <code class="module"><a href="../mod/mod_alias.html">mod_alias</a></code> or
<code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- CacheFile /usr/local/apache/htdocs/index.html
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> CacheFile /usr/local/apache/htdocs/index.html</pre>
</div>
</div>
with filenames rewritten by <code class="module"><a href="../mod/mod_alias.html">mod_alias</a></code> or
<code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- MMapFile /usr/local/apache/htdocs/index.html
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> MMapFile /usr/local/apache/htdocs/index.html</pre>
</div>
</div>
fichiers réécrits par <code class="module"><a href="../mod/mod_alias.html">mod_alias</a></code> ou
<code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
- CacheFile /usr/local/apache/htdocs/index.html
- </pre>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"> CacheFile /usr/local/apache/htdocs/index.html</pre>
</div>
</div>
fichiers réécrits par <code class="module"><a href="../mod/mod_alias.html">mod_alias</a></code> ou
<code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
- MMapFile /usr/local/apache/htdocs/index.html
- </pre>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"> MMapFile /usr/local/apache/htdocs/index.html</pre>
</div>
</div>
<dl>
<dt>Server side Includes (SSI)</dt>
<dd>A simple case of replacing <code class="directive">AddOutputFilterByType</code>
- <pre class="prettyprint lang-config">
-FilterDeclare SSI
+ <pre class="prettyprint lang-config">FilterDeclare SSI
FilterProvider SSI INCLUDES "%{CONTENT_TYPE} =~ m|^text/html|"
-FilterChain SSI
- </pre>
+FilterChain SSI</pre>
</dd>
<dt>Server side Includes (SSI)</dt>
<dd>The same as the above but dispatching on handler (classic
SSI behaviour; .shtml files get processed).
- <pre class="prettyprint lang-config">
-FilterProvider SSI INCLUDES "%{HANDLER} = 'server-parsed'"
-FilterChain SSI
- </pre>
+ <pre class="prettyprint lang-config">FilterProvider SSI INCLUDES "%{HANDLER} = 'server-parsed'"
+FilterChain SSI</pre>
</dd>
<dt>Emulating mod_gzip with mod_deflate</dt>
<dd>Insert INFLATE filter only if "gzip" is NOT in the
Accept-Encoding header. This filter runs with ftype CONTENT_SET.
- <pre class="prettyprint lang-config">
-FilterDeclare gzip CONTENT_SET
+ <pre class="prettyprint lang-config">FilterDeclare gzip CONTENT_SET
FilterProvider gzip inflate "%{req:Accept-Encoding} !~ /gzip/"
-FilterChain gzip
- </pre>
+FilterChain gzip</pre>
</dd>
<dt>Image Downsampling</dt>
<dd>Suppose we want to downsample all web images, and have filters
for GIF, JPEG and PNG.
- <pre class="prettyprint lang-config">
-FilterProvider unpack jpeg_unpack "%{CONTENT_TYPE} = 'image/jpeg'"
+ <pre class="prettyprint lang-config">FilterProvider unpack jpeg_unpack "%{CONTENT_TYPE} = 'image/jpeg'"
FilterProvider unpack gif_unpack "%{CONTENT_TYPE} = 'image/gif'"
FilterProvider unpack png_unpack "%{CONTENT_TYPE} = 'image/png'"
FilterProvider repack png_pack "%{CONTENT_TYPE} = 'image/png'"
<Location /image-filter>
FilterChain unpack downsample repack
-</Location>
- </pre>
+</Location></pre>
</dd>
</dl>
<code>text/html</code> or <code>text/plain</code> before it is sent
to the client.</p>
- <pre class="prettyprint lang-config">
- AddOutputFilterByType DEFLATE text/html text/plain
- </pre>
+ <pre class="prettyprint lang-config"> AddOutputFilterByType DEFLATE text/html text/plain</pre>
<p>If you want the content to be processed by more than one filter, their
<code>INCLUDES</code> filter and then by the <code>DEFLATE</code>
filter.</p>
- <pre class="prettyprint lang-config">
-<Location /cgi-bin/>
+ <pre class="prettyprint lang-config"><Location /cgi-bin/>
Options Includes
AddOutputFilterByType INCLUDES;DEFLATE text/html
-</Location>
- </pre>
+</Location></pre>
<p>The BNF for the fragment format is as follows:</p>
- <pre>
- stream = 0*(fragment)
+ <pre> stream = 0*(fragment)
fragment = header CRLF body CRLF
body = <the binary content of the fragment>
SPC = <a single space>
- CRLF = <a carriage return, followed by a line feed>
- </pre>
+ CRLF = <a carriage return, followed by a line feed></pre>
<p>All fragments for a connection or a request will share the same
UUID, depending on whether connections or requests are being recorded.
requests will be captured within the same connection if keepalive is
present.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- FirehoseConnectionInput connection-input.firehose
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> FirehoseConnectionInput connection-input.firehose</pre>
</div>
</div>
Multiple requests will be captured within the same connection if
keepalive is present.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- FirehoseConnectionOutput connection-output.firehose
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> FirehoseConnectionOutput connection-output.firehose</pre>
</div>
</div>
</table>
<p>Capture traffic being received by mod_proxy.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- FirehoseProxyConnectionInput proxy-input.firehose
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> FirehoseProxyConnectionInput proxy-input.firehose</pre>
</div>
</div>
</table>
<p>Capture traffic being sent out by mod_proxy.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- FirehoseProxyConnectionOutput proxy-output.firehose
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> FirehoseProxyConnectionOutput proxy-output.firehose</pre>
</div>
</div>
<p>Capture traffic coming into the server on each request. Requests
will be captured separately, regardless of the presence of keepalive.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- FirehoseRequestInput request-input.firehose
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> FirehoseRequestInput request-input.firehose</pre>
</div>
</div>
<p>Capture traffic going out of the server on each request. Requests
will be captured separately, regardless of the presence of keepalive.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- FirehoseRequestOutput request-output.firehose
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> FirehoseRequestOutput request-output.firehose</pre>
</div>
</div>
order in the configuration file and by placement in <a href="../sections.html#mergin">configuration sections</a>. These
two directives have a different effect if reversed:</p>
- <pre class="prettyprint lang-config">
-RequestHeader append MirrorID "mirror 12"
-RequestHeader unset MirrorID
- </pre>
+ <pre class="prettyprint lang-config">RequestHeader append MirrorID "mirror 12"
+RequestHeader unset MirrorID</pre>
<p>This way round, the <code>MirrorID</code> header is not set. If
Copy all request headers that begin with "TS" to the
response headers:
- <pre class="prettyprint lang-config">
- Header echo ^TS
- </pre>
+ <pre class="prettyprint lang-config"> Header echo ^TS</pre>
</li>
the client to intuit load on the server or in isolating
bottlenecks between the client and the server.
- <pre class="prettyprint lang-config">
- Header set MyHeader "%D %t"
- </pre>
+ <pre class="prettyprint lang-config"> Header set MyHeader "%D %t"</pre>
<p>results in this header being added to the response:</p>
<li>
Say hello to Joe
- <pre class="prettyprint lang-config">
-Header set MyHeader "Hello Joe. It took %D microseconds for Apache to serve this request."
- </pre>
+ <pre class="prettyprint lang-config">Header set MyHeader "Hello Joe. It took %D microseconds for Apache to serve this request."</pre>
<p>results in this header being added to the response:</p>
stimulus. Note that this example requires the services of the
<code class="module"><a href="../mod/mod_setenvif.html">mod_setenvif</a></code> module.
- <pre class="prettyprint lang-config">
-SetEnvIf MyRequestHeader myvalue HAVE_MyRequestHeader
-Header set MyHeader "%D %t mytext" env=HAVE_MyRequestHeader
- </pre>
+ <pre class="prettyprint lang-config">SetEnvIf MyRequestHeader myvalue HAVE_MyRequestHeader
+Header set MyHeader "%D %t mytext" env=HAVE_MyRequestHeader</pre>
<p>If the header <code>MyRequestHeader: myvalue</code> is present on
description</a>) by replacing <var>https:</var> with
<var>http:</var> in the <var>Destination</var> header:
- <pre class="prettyprint lang-config">
- RequestHeader edit Destination ^https: http: early
- </pre>
+ <pre class="prettyprint lang-config"> RequestHeader edit Destination ^https: http: early</pre>
</li>
<code>NO_STORE</code> environment variables all existed for the
request):
- <pre class="prettyprint lang-config">
-Header merge Cache-Control no-cache env=CGI
+ <pre class="prettyprint lang-config">Header merge Cache-Control no-cache env=CGI
Header merge Cache-Control no-cache env=NO_CACHE
-Header merge Cache-Control no-store env=NO_STORE
- </pre>
+Header merge Cache-Control no-store env=NO_STORE</pre>
<p>then the response would contain the following header:</p>
</li>
<li>
Set a test cookie if and only if the client didn't send us a cookie
- <pre class="prettyprint lang-config">
- Header set Set-Cookie testcookie "expr=-z %{req:Cookie}"
- </pre>
+ <pre class="prettyprint lang-config"> Header set Set-Cookie testcookie "expr=-z %{req:Cookie}"</pre>
</li>
</ol>
ces deux directives ont un effet différent si leur ordre est inversé
:</p>
- <pre class="prettyprint lang-config">
-RequestHeader append MirrorID "mirror 12"
-RequestHeader unset MirrorID
- </pre>
+ <pre class="prettyprint lang-config">RequestHeader append MirrorID "mirror 12"
+RequestHeader unset MirrorID</pre>
<p>Dans cet ordre, l'en-tête <code>MirrorID</code> n'est pas défini.
Copie tous les en-têtes de requête qui commencent par "TS" vers
les en-têtes de la réponse :
- <pre class="prettyprint lang-config">
- Header echo ^TS
- </pre>
+ <pre class="prettyprint lang-config"> Header echo ^TS</pre>
</li>
isoler les goulets d'étranglement entre le client et le
serveur.
- <pre class="prettyprint lang-config">
- Header set mon-en-tête "%D %t"
- </pre>
+ <pre class="prettyprint lang-config"> Header set mon-en-tête "%D %t"</pre>
<p>le résultat est l'ajout à la réponse d'un en-tête du type :</p>
<p>le résultat est l'ajout à la réponse d'un en-tête du type :</p>
- <pre class="prettyprint lang-config">
- Header set MyHeader "Bonjour Joe. Il a fallu D=3775428 microsecondes à Apache
- pour servir cette requête."
- </pre>
+ <pre class="prettyprint lang-config"> Header set MyHeader "Bonjour Joe. Il a fallu D=3775428 microsecondes à Apache
+ pour servir cette requête."</pre>
</li>
exemple nécessite les services du module
<code class="module"><a href="../mod/mod_setenvif.html">mod_setenvif</a></code>.
- <pre class="prettyprint lang-config">
-SetEnvIf MyRequestHeader myvalue HAVE_MyRequestHeader
-Header set MyHeader "%D %t mytext" env=HAVE_MyRequestHeader
- </pre>
+ <pre class="prettyprint lang-config">SetEnvIf MyRequestHeader myvalue HAVE_MyRequestHeader
+Header set MyHeader "%D %t mytext" env=HAVE_MyRequestHeader</pre>
<p>Si l'en-tête <code>mon-en-tête-requête: mavaleur</code> est
du problème</a>) en remplaçant <var>https:</var> par
<var>http:</var> dans l'en-tête <var>Destination</var> :
- <pre class="prettyprint lang-config">
- RequestHeader edit Destination ^https: http: early
- </pre>
+ <pre class="prettyprint lang-config"> RequestHeader edit Destination ^https: http: early</pre>
</li>
<code>NO_CACHE</code> et <code>NO_STORE</code> existent pour la
requête) :
- <pre class="prettyprint lang-config">
-Header merge Cache-Control no-cache env=CGI
+ <pre class="prettyprint lang-config">Header merge Cache-Control no-cache env=CGI
Header merge Cache-Control no-cache env=NO_CACHE
-Header merge Cache-Control no-store env=NO_STORE
- </pre>
+Header merge Cache-Control no-store env=NO_STORE</pre>
<p>alors, la réponse contiendra l'en-tête suivant :</p>
<li>
Définit un cookie de test si et seulement si le client n'envoie
pas de cookie
- <pre class="prettyprint lang-config">
- Header set Set-Cookie testcookie "expr=-z %{req:Cookie}"
- </pre>
+ <pre class="prettyprint lang-config"> Header set Set-Cookie testcookie "expr=-z %{req:Cookie}"</pre>
</li>
</ol>
status information. This address will usually correspond to a configured
<code class="directive"><a href="../mod/mod_heartmonitor.html#heartbeatlisten">HeartbeatListen</a></code> on a
frontend proxy system.</p>
-<pre class="prettyprint lang-config">
-HeartbeatAddress 239.0.0.1:27999
-</pre>
+<pre class="prettyprint lang-config">HeartbeatAddress 239.0.0.1:27999</pre>
</div>
address will usually correspond to a configured <code class="directive"><a href="../mod/mod_heartbeat.html#heartbeataddress">HeartbeatAddress</a></code> on an origin server.
</p>
- <pre class="prettyprint lang-config">
- HeartbeatListen 239.0.0.1:27999
- </pre>
+ <pre class="prettyprint lang-config"> HeartbeatListen 239.0.0.1:27999</pre>
<p> This module is inactive until this directive is used.</p>
parse them and assign the resulting document the mime type of
<code>text/html</code>:</p>
- <pre class="prettyprint lang-config">
-AddType text/html .shtml
-AddOutputFilter INCLUDES .shtml
- </pre>
+ <pre class="prettyprint lang-config">AddType text/html .shtml
+AddOutputFilter INCLUDES .shtml</pre>
<p>The following directive must be given for the directories
<code class="directive"><a href="../mod/core.html#allowoverride">AllowOverride</a></code> <code>Options</code>
is set):</p>
- <pre class="prettyprint lang-config">
- Options +Includes
- </pre>
+ <pre class="prettyprint lang-config"> Options +Includes</pre>
<p>For backwards compatibility, the <code>server-parsed</code>
<p>This directive changes the string that <code class="module"><a href="../mod/mod_include.html">mod_include</a></code>
looks for to mark the end of an include element.</p>
- <pre class="prettyprint lang-config">
- SSIEndTag "%>"
- </pre>
+ <pre class="prettyprint lang-config"> SSIEndTag "%>"</pre>
<p>This directive has the same effect as the <code><!--#config
errmsg=<var>message</var> --></code> element.</p>
- <pre class="prettyprint lang-config">
- SSIErrorMsg "<!-- Error -->"
- </pre>
+ <pre class="prettyprint lang-config"> SSIErrorMsg "<!-- Error -->"</pre>
</div>
output of a file each processing different commands (possibly at
different times).</p>
- <pre class="prettyprint lang-config">
- SSIStartTag "<%"<br />
- SSIEndTag "%>"
- </pre>
+ <pre class="prettyprint lang-config"> SSIStartTag "<%"<br />
+ SSIEndTag "%>"</pre>
<p>The example given above, which also specifies a matching
<p>This directive has the same effect as the <code><!--#config
timefmt=<var>formatstring</var> --></code> element.</p>
- <pre class="prettyprint lang-config">
- SSITimeFormat "%R, %B %d, %Y"
- </pre>
+ <pre class="prettyprint lang-config"> SSITimeFormat "%R, %B %d, %Y"</pre>
<p>The above directive would cause times to be displayed in the
<p>This directive changes the string that <code class="module"><a href="../mod/mod_include.html">mod_include</a></code>
displays when a variable is not set and "echoed".</p>
- <pre class="prettyprint lang-config">
- SSIUndefinedEcho "<!-- undef -->"
- </pre>
+ <pre class="prettyprint lang-config"> SSIUndefinedEcho "<!-- undef -->"</pre>
</div>
<p>To configure <code class="module"><a href="../mod/mod_info.html">mod_info</a></code>, add the following to your
<code>httpd.conf</code> file.</p>
- <pre class="prettyprint lang-config">
-<Location /server-info>
+ <pre class="prettyprint lang-config"><Location /server-info>
SetHandler server-info
-</Location>
- </pre>
+</Location></pre>
<p>You may wish to use <code class="module"><a href="../mod/mod_authz_host.html">mod_authz_host</a></code> inside the
directive to limit access to your server configuration
information:</p>
- <pre class="prettyprint lang-config">
-<Location /server-info>
+ <pre class="prettyprint lang-config"><Location /server-info>
SetHandler server-info
Require host example.com
-</Location>
- </pre>
+</Location></pre>
<p>Once configured, the server information is obtained by
<p>You will probably want to use <code class="module"><a href="../mod/mod_authz_host.html">mod_authz_host</a></code>
to limit access to your server configuration information.</p>
- <div class="example"><h3>Access control</h3><pre class="prettyprint lang-config">
-<Location /server-info>
+ <div class="example"><h3>Access control</h3><pre class="prettyprint lang-config"><Location /server-info>
SetHandler server-info
Order allow,deny
# Allow access from server itself
Allow from 127.0.0.1
# Additionally, allow access from local workstation
Allow from 192.168.1.17
-</Location>
- </pre>
+</Location></pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
HTML interpreted, <strong>Additional Information</strong> for
the module <var>module-name</var>. Example:</p>
- <pre class="prettyprint lang-config">
-AddModuleInfo mod_deflate.c 'See <a \
+ <pre class="prettyprint lang-config">AddModuleInfo mod_deflate.c 'See <a \
href="http://httpd.apache.org/docs/trunk/mod/mod_deflate.html">\
- http://httpd.apache.org/docs/trunk/mod/mod_deflate.html</a>'
- </pre>
+ http://httpd.apache.org/docs/trunk/mod/mod_deflate.html</a>'</pre>
</div>
<p>Pour activer <code class="module"><a href="../mod/mod_info.html">mod_info</a></code>, ajoutez les lignes
suivantes à votre fichier <code>httpd.conf</code>.</p>
- <pre class="prettyprint lang-config">
-<Location /server-info>
+ <pre class="prettyprint lang-config"><Location /server-info>
SetHandler server-info
-</Location>
- </pre>
+</Location></pre>
<p>Il est recommandé d'utiliser <code class="module"><a href="../mod/mod_authz_host.html">mod_authz_host</a></code> à
l'intérieur de la section <code class="directive"><a href="../mod/core.html#location"><Location></a></code> afin de restreindre l'accès aux
informations de configuration de votre serveur :</p>
- <pre class="prettyprint lang-config">
-<Location /server-info>
+ <pre class="prettyprint lang-config"><Location /server-info>
SetHandler server-info
Require host example.com
-</Location>
- </pre>
+</Location></pre>
<p>Une fois cette configuration effectuée, les informations du
restreindre l'accès aux informations de configuration de votre
serveur.</p>
- <div class="example"><h3>Contrôle d'accès</h3><pre class="prettyprint lang-config">
-<Location /server-info>
+ <div class="example"><h3>Contrôle d'accès</h3><pre class="prettyprint lang-config"><Location /server-info>
SetHandler server-info
Order allow,deny
# Autorisation d'accès depuis le serveur lui-même
# Autorisation d'accès depuis une station de travail du réseau
# local
Allow from 192.168.1.17
-</Location>
- </pre>
+</Location></pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
en tant qu'<strong>Information supplémentaire</strong> interprétée
en HTML pour le module <var>nom-module</var>. Exemple :</p>
- <pre class="prettyprint lang-config">
-AddModuleInfo mod_deflate.c 'See <a \
+ <pre class="prettyprint lang-config">AddModuleInfo mod_deflate.c 'See <a \
href="http://httpd.apache.org/docs/trunk/mod/mod_deflate.html">\
- http://httpd.apache.org/docs/trunk/mod/mod_deflate.html</a>'
- </pre>
+ http://httpd.apache.org/docs/trunk/mod/mod_deflate.html</a>'</pre>
</div>
it to them with their file extensions. To enable any .dll file to be
processed as an ISAPI extension, edit the httpd.conf file and add the
following line:</p>
- <pre class="prettyprint lang-config">
- AddHandler isapi-handler .dll
- </pre>
+ <pre class="prettyprint lang-config"> AddHandler isapi-handler .dll</pre>
<div class="note">In older versions of the Apache server,
requested module loaded. However, you may preload and keep a
specific module loaded by using the following syntax in your
httpd.conf:</p>
- <pre class="prettyprint lang-config">
- ISAPICacheFile c:/WebWork/Scripts/ISAPI/mytest.dll
- </pre>
+ <pre class="prettyprint lang-config"> ISAPICacheFile c:/WebWork/Scripts/ISAPI/mytest.dll</pre>
<p>Whether or not you have preloaded an ISAPI extension, all
<code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code> to increase the performance of HTTP Basic
authentication provided by <code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code>.</p>
- <pre class="prettyprint lang-config">
-# Enable the LDAP connection pool and shared
+ <pre class="prettyprint lang-config"># Enable the LDAP connection pool and shared
# memory cache. Enable the LDAP cache status
# handler. Requires that mod_ldap and mod_authnz_ldap
# be loaded. Change the "yourdomain.example.com" to
AuthBasicProvider ldap
AuthLDAPURL ldap://127.0.0.1/dc=example,dc=com?uid?one
Require valid-user
-</Location>
- </pre>
+</Location></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
following directives could be used to access the
<code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code> cache information:</p>
- <pre class="prettyprint lang-config">
-<Location /server/cache-info>
+ <pre class="prettyprint lang-config"><Location /server/cache-info>
SetHandler ldap-status
-</Location>
- </pre>
+</Location></pre>
<p>By fetching the URL <code>http://servername/cache-info</code>,
as well as the type of encryption to be used on the connection (none, SSL or
TLS/STARTTLS).</p>
- <pre class="prettyprint lang-config">
-# Establish an SSL LDAP connection on port 636. Requires that
+ <pre class="prettyprint lang-config"># Establish an SSL LDAP connection on port 636. Requires that
# mod_ldap and mod_authnz_ldap be loaded. Change the
# "yourdomain.example.com" to match your domain.
AuthBasicProvider ldap
AuthLDAPURL ldaps://127.0.0.1/dc=example,dc=com?uid?one
Require valid-user
-</Location>
- </pre>
+</Location></pre>
- <pre class="prettyprint lang-config">
-# Establish a TLS LDAP connection on port 389. Requires that
+ <pre class="prettyprint lang-config"># Establish a TLS LDAP connection on port 389. Requires that
# mod_ldap and mod_authnz_ldap be loaded. Change the
# "yourdomain.example.com" to match your domain.
AuthBasicProvider ldap
AuthLDAPURL ldap://127.0.0.1/dc=example,dc=com?uid?one TLS
Require valid-user
-</Location>
- </pre>
+</Location></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
an error when an attempt is made to contact the LDAP server at
runtime.</p>
- <pre class="prettyprint lang-config">
-# Specify a Netscape CA certificate file
+ <pre class="prettyprint lang-config"># Specify a Netscape CA certificate file
LDAPTrustedGlobalCert CA_CERT7_DB /certs/cert7.db
# Specify an optional key3.db file for client certificate support
LDAPTrustedGlobalCert CERT_KEY3_DB /certs/key3.db
LDAPTrustedClientCert CERT_NICKNAME <nickname> [password]
AuthLDAPURL ldaps://127.0.0.1/dc=example,dc=com?uid?one
Require valid-user
-</Location>
- </pre>
+</Location></pre>
LDAPTrustedMode parameter. If an ldaps:// URL is specified,
SSL mode is forced, override this directive.</p>
- <pre class="prettyprint lang-config">
-# Specify two CA certificate files
+ <pre class="prettyprint lang-config"># Specify two CA certificate files
LDAPTrustedGlobalCert CA_DER /certs/cacert1.der
LDAPTrustedGlobalCert CA_BASE64 /certs/cacert2.pem
# Specify a client certificate file and key
LDAPTrustedGlobalCert CERT_BASE64 /certs/cert1.pem
LDAPTrustedGlobalCert KEY_BASE64 /certs/key1.pem [password]
# Do not use this directive, as it will throw an error
-#LDAPTrustedClientCert CERT_BASE64 /certs/cert1.pem
- </pre>
+#LDAPTrustedClientCert CERT_BASE64 /certs/cert1.pem</pre>
(ldaps://) support has been deprecated to be replaced with TLS,
although the SSL functionality still works.</p>
- <pre class="prettyprint lang-config">
-# Specify two CA certificate files
+ <pre class="prettyprint lang-config"># Specify two CA certificate files
LDAPTrustedGlobalCert CA_DER /certs/cacert1.der
LDAPTrustedGlobalCert CA_BASE64 /certs/cacert2.pem
<Location /ldap-status>
AuthBasicProvider ldap
AuthLDAPURL ldaps://127.0.0.1/dc=example,dc=com?uid?one
Require valid-user
-</Location>
- </pre>
+</Location></pre>
l'authentification HTTP de base fournie par
<code class="module"><a href="../mod/mod_authnz_ldap.html">mod_authnz_ldap</a></code>.</p>
- <pre class="prettyprint lang-config">
-# Active la conservation des connexions LDAP et le cache partagé en
+ <pre class="prettyprint lang-config"># Active la conservation des connexions LDAP et le cache partagé en
# mémoire. Active le gestionnaire de statut du cache LDAP.
# Nécessite le chargement de mod_ldap et de mod_authnz_ldap.
# Remplacez "votre-domaine.example.com" par le nom de votre
AuthBasicProvider ldap
AuthLDAPURL ldap://127.0.0.1/dc=example,dc=com?uid?one
Require valid-user
-</Location>
- </pre>
+</Location></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
suivantes pour accéder aux informations du cache de
<code class="module"><a href="../mod/mod_ldap.html">mod_ldap</a></code> :</p>
- <pre class="prettyprint lang-config">
-<Location /server/cache-info>
+ <pre class="prettyprint lang-config"><Location /server/cache-info>
SetHandler ldap-status
-</Location>
- </pre>
+</Location></pre>
<p>En se connectant à l'URL
ainsi que le type de chiffrement à utiliser pour la connexion (none,
SSL ou TLS/STARTTLS).</p>
- <pre class="prettyprint lang-config">
-# Etablissement d'une connexion SSL LDAP sur le port 636.
+ <pre class="prettyprint lang-config"># Etablissement d'une connexion SSL LDAP sur le port 636.
# Nécessite le chargement de mod_ldap et mod_authnz_ldap.
# Remplacez "votre-domaine.example.com" par le nom de votre
# domaine.
AuthBasicProvider ldap
AuthLDAPURL ldaps://127.0.0.1/dc=example,dc=com?uid?one
Require valid-user
-</Location>
- </pre>
+</Location></pre>
- <pre class="prettyprint lang-config">
-# Etablissement d'une connexion TLS LDAP sur le port 389.
+ <pre class="prettyprint lang-config"># Etablissement d'une connexion TLS LDAP sur le port 389.
# Nécessite le chargement de mod_ldap et mod_authnz_ldap.
# Remplacez "votre-domaine.example.com" par le nom de votre
# domaine.
AuthBasicProvider ldap
AuthLDAPURL ldap://127.0.0.1/dc=example,dc=com?uid?one TLS
Require valid-user
-</Location>
- </pre>
+</Location></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
de STARTTLS engendrera une erreur lors des tentatives de
contacter le serveur LDAP pendant l'exécution.</p>
- <pre class="prettyprint lang-config">
-# Spécifie un fichier de certificats de CA Netscape
+ <pre class="prettyprint lang-config"># Spécifie un fichier de certificats de CA Netscape
LDAPTrustedGlobalCert CA_CERT7_DB /certs/cert7.db
# Spécifie un fichier key3db optionnel pour le support des
# certificats clients
LDAPTrustedClientCert CERT_NICKNAME <nickname> [password]
AuthLDAPURL ldaps://127.0.0.1/dc=example,dc=com?uid?one
Require valid-user
-</Location>
- </pre>
+</Location></pre>
ldaps:// est spécifiée, le mode SSL est forcé, et l'emporte sur
cette directive.</p>
- <pre class="prettyprint lang-config">
-# Spécifie deux fichiers contenant des certificats de CA
+ <pre class="prettyprint lang-config"># Spécifie deux fichiers contenant des certificats de CA
LDAPTrustedGlobalCert CA_DER /certs/cacert1.der
LDAPTrustedGlobalCert CA_BASE64 /certs/cacert2.pem
# Spécifie un fichier contenant des certificats clients
LDAPTrustedGlobalCert KEY_BASE64 /certs/key1.pem [password]
# N'utilisez pas cette directive, sous peine de provoquer
# une erreur
-#LDAPTrustedClientCert CERT_BASE64 /certs/cert1.pem
- </pre>
+#LDAPTrustedClientCert CERT_BASE64 /certs/cert1.pem</pre>
OpenLDAP indique que le support SSL (ldaps://) tend à être
remplacé par TLS, bien que le mode SSL fonctionne toujours.</p>
- <pre class="prettyprint lang-config">
-# Spécifie deux fichiers contenant des certificats de CA
+ <pre class="prettyprint lang-config"># Spécifie deux fichiers contenant des certificats de CA
LDAPTrustedGlobalCert CA_DER /certs/cacert1.der
LDAPTrustedGlobalCert CA_BASE64 /certs/cacert2.pem
<Location /ldap-status>
AuthBasicProvider ldap
AuthLDAPURL ldaps://127.0.0.1/dc=example,dc=com?uid?one
Require valid-user
-</Location>
- </pre>
+</Location></pre>
<p>For example, the following two sets of directives have
exactly the same effect:</p>
- <pre class="prettyprint lang-config">
-# CustomLog with format nickname
+ <pre class="prettyprint lang-config"># CustomLog with format nickname
LogFormat "%h %l %u %t \"%r\" %>s %b" common
CustomLog logs/access_log common
# CustomLog with explicit format string
-CustomLog logs/access_log "%h %l %u %t \"%r\" %>s %b"
- </pre>
+CustomLog logs/access_log "%h %l %u %t \"%r\" %>s %b"</pre>
<p>The third argument is optional and controls whether or
images on your server in a separate logfile but not in your main
log, you can use:</p>
- <pre class="prettyprint lang-config">
-SetEnvIf Request_URI \.gif$ gif-image
+ <pre class="prettyprint lang-config">SetEnvIf Request_URI \.gif$ gif-image
CustomLog gif-requests.log common env=gif-image
-CustomLog nongif-requests.log common env=!gif-image
- </pre>
+CustomLog nongif-requests.log common env=!gif-image</pre>
<p>Or, to reproduce the behavior of the old RefererIgnore
directive, you might use the following:</p>
- <pre class="prettyprint lang-config">
-SetEnvIf Referer example\.com localreferer
-CustomLog referer.log referer env=!localreferer
- </pre>
+ <pre class="prettyprint lang-config">SetEnvIf Referer example\.com localreferer
+CustomLog referer.log referer env=!localreferer</pre>
</div>
to define another nickname. Note that the nickname should not contain
percent signs (<code>%</code>).</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost_common</pre>
</div>
which does not define a nickname. Common Log Format is used if no
other format has been specified.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\""
-TransferLog logs/access_log
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\""
+TransferLog logs/access_log</pre>
</div>
</div>
<li>
Log message after request to /foo/* is processed:
- <pre class="prettyprint lang-config">
-<Location /foo/>
- LogMessage "/foo/ has been requested"
-</Location>
- </pre>
+ <pre class="prettyprint lang-config"><Location /foo/>
+ LogMessage "/foo/ has been requested"
+</Location></pre>
</li>
<li>
Log message if request to /foo/* is processed in a sub-request:
- <pre class="prettyprint lang-config">
-<Location /foo/>
- LogMessage "subrequest to /foo/" hook=type_checker expr=%{IS_SUBREQ}
-</Location>
- </pre>
+ <pre class="prettyprint lang-config"><Location /foo/>
+ LogMessage "subrequest to /foo/" hook=type_checker expr=%{IS_SUBREQ}
+</Location></pre>
The default log_transaction hook is not executed for sub-requests,
<li>
Log message if an IPv6 client causes a request timeout:
- <pre class="prettyprint lang-config">
- LogMessage "IPv6 timeout from %{REMOTE_ADDR}" "expr=-T %{IPV6} && %{REQUEST_STATUS} = 408"
- </pre>
+ <pre class="prettyprint lang-config"> LogMessage "IPv6 timeout from %{REMOTE_ADDR}" "expr=-T %{IPV6} && %{REQUEST_STATUS} = 408"</pre>
Note the placing of the double quotes for the <code>expr=</code> argument.
</li>
<li>
Log the value of the "X-Foo" request environment variable in each
stage of the request:
- <pre class="prettyprint lang-config">
-<Location />
- LogMessage "%{reqenv:X-Foo}" hook=all
-</Location>
- </pre>
+ <pre class="prettyprint lang-config"><Location />
+ LogMessage "%{reqenv:X-Foo}" hook=all
+</Location></pre>
Together with microsecond time stamps in the error log,
<code>hook=all</code> also lets you determine the times spent
<p>The basic module loading directive is</p>
-<pre class="prettyprint lang-config">
- LoadModule lua_module modules/mod_lua.so
-</pre>
+<pre class="prettyprint lang-config"> LoadModule lua_module modules/mod_lua.so</pre>
<p>
<code>mod_lua</code> provides a handler named <code>lua-script</code>,
which can be used with an <code>AddHandler</code> directive:</p>
-<pre class="prettyprint lang-config">
-AddHandler lua-script .lua
-</pre>
+<pre class="prettyprint lang-config">AddHandler lua-script .lua</pre>
<p>
return 501
end
return apache2.OK
-end
-</pre>
+end</pre>
<p>
else
return apache2.AUTHZ_DENIED
end
-end
-</pre>
+end</pre>
<p>The following configuration registers this function as provider
<code>foo</code> and configures it for URL <code>/</code>:</p>
-<pre class="prettyprint lang-config">
-LuaAuthzProvider foo authz_provider.lua authz_check_foo
+<pre class="prettyprint lang-config">LuaAuthzProvider foo authz_provider.lua authz_check_foo
<Location />
Require foo 10.1.2.3 john_doe
-</Location>
-</pre>
+</Location></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
end
-- we don't care about this URL, give another module a chance
return apache2.DECLINED
-end
-</pre>
+end</pre>
return apache2.DECLINED
end
return apache2.DECLINED
-end
-</pre>
+end</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<p>The request_rec object has (at least) the following methods:</p>
-<pre class="prettyprint lang-lua">
-r:flush() -- flushes the output buffer.
+<pre class="prettyprint lang-lua">r:flush() -- flushes the output buffer.
-- Returns true if the flush was successful, false otherwise.
while we_have_stuff_to_send do
r:puts("Bla bla bla\n") -- print something to client
r:flush() -- flush the buffer (send to client)
r.usleep(500000) -- fake processing time for 0.5 sec. and repeat
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
-r:addoutputfilter(name|function) -- add an output filter:
+<pre class="prettyprint lang-lua">r:addoutputfilter(name|function) -- add an output filter:
-r:addoutputfilter("fooFilter") -- add the fooFilter to the output stream
-</pre>
+r:addoutputfilter("fooFilter") -- add the fooFilter to the output stream</pre>
-<pre class="prettyprint lang-lua">
-r:sendfile(filename) -- sends an entire file to the client, using sendfile if supported by the current platform:
+<pre class="prettyprint lang-lua">r:sendfile(filename) -- sends an entire file to the client, using sendfile if supported by the current platform:
if use_sendfile_thing then
r:sendfile("/var/www/large_file.img")
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
-r:parseargs() -- returns two tables; one standard key/value table for regular GET data,
+<pre class="prettyprint lang-lua">r:parseargs() -- returns two tables; one standard key/value table for regular GET data,
-- and one for multi-value data (fx. foo=1&foo=2&foo=3):
local GET, GETMULTI = r:parseargs()
-r:puts("Your name is: " .. GET['name'] or "Unknown")
-</pre>
+r:puts("Your name is: " .. GET['name'] or "Unknown")</pre>
-<pre class="prettyprint lang-lua">
-r:parsebody([sizeLimit]) -- parse the request body as a POST and return two lua tables,
+<pre class="prettyprint lang-lua">r:parsebody([sizeLimit]) -- parse the request body as a POST and return two lua tables,
-- just like r:parseargs().
-- An optional number may be passed to specify the maximum number
-- of bytes to parse. Default is 8192 bytes:
local POST, POSTMULTI = r:parsebody(1024*1024)
-r:puts("Your name is: " .. POST['name'] or "Unknown")
-</pre>
+r:puts("Your name is: " .. POST['name'] or "Unknown")</pre>
-<pre class="prettyprint lang-lua">
-r:puts("hello", " world", "!") -- print to response body, self explanatory
-</pre>
+<pre class="prettyprint lang-lua">r:puts("hello", " world", "!") -- print to response body, self explanatory</pre>
-<pre class="prettyprint lang-lua">
-r:write("a single string") -- print to response body, self explanatory
-</pre>
+<pre class="prettyprint lang-lua">r:write("a single string") -- print to response body, self explanatory</pre>
-<pre class="prettyprint lang-lua">
-r:escape_html("<html>test</html>") -- Escapes HTML code and returns the escaped result
-</pre>
+<pre class="prettyprint lang-lua">r:escape_html("<html>test</html>") -- Escapes HTML code and returns the escaped result</pre>
-<pre class="prettyprint lang-lua">
-r:base64_encode(string) -- Encodes a string using the Base64 encoding standard:
+<pre class="prettyprint lang-lua">r:base64_encode(string) -- Encodes a string using the Base64 encoding standard:
-local encoded = r:base64_encode("This is a test") -- returns VGhpcyBpcyBhIHRlc3Q=
-</pre>
+local encoded = r:base64_encode("This is a test") -- returns VGhpcyBpcyBhIHRlc3Q=</pre>
-<pre class="prettyprint lang-lua">
-r:base64_decode(string) -- Decodes a Base64-encoded string:
+<pre class="prettyprint lang-lua">r:base64_decode(string) -- Decodes a Base64-encoded string:
-local decoded = r:base64_decode("VGhpcyBpcyBhIHRlc3Q=") -- returns 'This is a test'
-</pre>
+local decoded = r:base64_decode("VGhpcyBpcyBhIHRlc3Q=") -- returns 'This is a test'</pre>
-<pre class="prettyprint lang-lua">
-r:md5(string) -- Calculates and returns the MD5 digest of a string (binary safe):
+<pre class="prettyprint lang-lua">r:md5(string) -- Calculates and returns the MD5 digest of a string (binary safe):
-local hash = r:md5("This is a test") -- returns ce114e4501d2f4e2dcea3e17b546f339
-</pre>
+local hash = r:md5("This is a test") -- returns ce114e4501d2f4e2dcea3e17b546f339</pre>
-<pre class="prettyprint lang-lua">
-r:sha1(string) -- Calculates and returns the SHA1 digest of a string (binary safe):
+<pre class="prettyprint lang-lua">r:sha1(string) -- Calculates and returns the SHA1 digest of a string (binary safe):
-local hash = r:sha1("This is a test") -- returns a54d88e06612d820bc3be72877c74f257b561b19
-</pre>
+local hash = r:sha1("This is a test") -- returns a54d88e06612d820bc3be72877c74f257b561b19</pre>
-<pre class="prettyprint lang-lua">
-r:escape(string) -- URL-Escapes a string:
+<pre class="prettyprint lang-lua">r:escape(string) -- URL-Escapes a string:
local url = "http://foo.bar/1 2 3 & 4 + 5"
-local escaped = r:escape(url) -- returns 'http%3a%2f%2ffoo.bar%2f1+2+3+%26+4+%2b+5'
-</pre>
+local escaped = r:escape(url) -- returns 'http%3a%2f%2ffoo.bar%2f1+2+3+%26+4+%2b+5'</pre>
-<pre class="prettyprint lang-lua">
-r:unescape(string) -- Unescapes an URL-escaped string:
+<pre class="prettyprint lang-lua">r:unescape(string) -- Unescapes an URL-escaped string:
local url = "http%3a%2f%2ffoo.bar%2f1+2+3+%26+4+%2b+5"
-local unescaped = r:unescape(url) -- returns 'http://foo.bar/1 2 3 & 4 + 5'
-</pre>
+local unescaped = r:unescape(url) -- returns 'http://foo.bar/1 2 3 & 4 + 5'</pre>
-<pre class="prettyprint lang-lua">
-r:construct_url(string) -- Constructs an URL from an URI
+<pre class="prettyprint lang-lua">r:construct_url(string) -- Constructs an URL from an URI
-local url = r:construct_url(r.uri)
-</pre>
+local url = r:construct_url(r.uri)</pre>
-<pre class="prettyprint lang-lua">
-r.mpm_query(number) -- Queries the server for MPM information using ap_mpm_query:
+<pre class="prettyprint lang-lua">r.mpm_query(number) -- Queries the server for MPM information using ap_mpm_query:
local mpm = r.mpm_query(14)
if mpm == 1 then
r:puts("This server uses the Event MPM")
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
-r:expr(string) -- Evaluates an <a href="../expr.html">expr</a> string.
+<pre class="prettyprint lang-lua">r:expr(string) -- Evaluates an <a href="../expr.html">expr</a> string.
if r:expr("%{HTTP_HOST} =~ /^www/") then
r:puts("This host name starts with www")
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
-r:scoreboard_process(a) -- Queries the server for information about the process at position <code>a</code>:
+<pre class="prettyprint lang-lua">r:scoreboard_process(a) -- Queries the server for information about the process at position <code>a</code>:
local process = r:scoreboard_process(1)
-r:puts("Server 1 has PID " .. process.pid)
-</pre>
+r:puts("Server 1 has PID " .. process.pid)</pre>
-<pre class="prettyprint lang-lua">
-r:scoreboard_worker(a, b) -- Queries for information about the worker thread, <code>b</code>, in process <code>a</code>:
+<pre class="prettyprint lang-lua">r:scoreboard_worker(a, b) -- Queries for information about the worker thread, <code>b</code>, in process <code>a</code>:
local thread = r:scoreboard_worker(1, 1)
-r:puts("Server 1's thread 1 has thread ID " .. thread.tid .. " and is in " .. thread.status .. " status")
-</pre>
+r:puts("Server 1's thread 1 has thread ID " .. thread.tid .. " and is in " .. thread.status .. " status")</pre>
-<pre class="prettyprint lang-lua">
-r:clock() -- Returns the current time with microsecond precision
-</pre>
+<pre class="prettyprint lang-lua">r:clock() -- Returns the current time with microsecond precision</pre>
-<pre class="prettyprint lang-lua">
-r:requestbody(filename) -- Reads and returns the request body of a request.
+<pre class="prettyprint lang-lua">r:requestbody(filename) -- Reads and returns the request body of a request.
-- If 'filename' is specified, it instead saves the
-- contents to that file:
local input = r:requestbody()
r:puts("You sent the following request body to me:\n")
-r:puts(input)
-</pre>
+r:puts(input)</pre>
-<pre class="prettyprint lang-lua">
-r:add_input_filter(filter_name) -- Adds 'filter_name' as an input filter
-</pre>
+<pre class="prettyprint lang-lua">r:add_input_filter(filter_name) -- Adds 'filter_name' as an input filter</pre>
-<pre class="prettyprint lang-lua">
-r.module_info(module_name) -- Queries the server for information about a module
+<pre class="prettyprint lang-lua">r.module_info(module_name) -- Queries the server for information about a module
local mod = r.module_info("mod_lua.c")
if mod then
for k, v in pairs(mod.commands) do
r:puts( ("%s: %s\n"):format(k,v)) -- print out all directives accepted by this module
end
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
-r:loaded_modules() -- Returns a list of modules loaded by httpd:
+<pre class="prettyprint lang-lua">r:loaded_modules() -- Returns a list of modules loaded by httpd:
for k, module in pairs(r:loaded_modules()) do
r:puts("I have loaded module " .. module .. "\n")
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
-r:runtime_dir_relative(filename) -- Compute the name of a run-time file (e.g., shared memory "file")
- -- relative to the appropriate run-time directory.
-</pre>
+<pre class="prettyprint lang-lua">r:runtime_dir_relative(filename) -- Compute the name of a run-time file (e.g., shared memory "file")
+ -- relative to the appropriate run-time directory.</pre>
-<pre class="prettyprint lang-lua">
-r:server_info() -- Returns a table containing server information, such as
- -- the name of the httpd executable file, mpm used etc.
-</pre>
+<pre class="prettyprint lang-lua">r:server_info() -- Returns a table containing server information, such as
+ -- the name of the httpd executable file, mpm used etc.</pre>
-<pre class="prettyprint lang-lua">
-r:set_document_root(file_path) -- Sets the document root for the request to file_path
-</pre>
+<pre class="prettyprint lang-lua">r:set_document_root(file_path) -- Sets the document root for the request to file_path</pre>
-<pre class="prettyprint lang-lua">
-r:set_context_info(prefix, docroot) -- Sets the context prefix and context document root for a request
-</pre>
+<pre class="prettyprint lang-lua">r:set_context_info(prefix, docroot) -- Sets the context prefix and context document root for a request</pre>
-<pre class="prettyprint lang-lua">
-r:os_escape_path(file_path) -- Converts an OS path to a URL in an OS dependent way
-</pre>
+<pre class="prettyprint lang-lua">r:os_escape_path(file_path) -- Converts an OS path to a URL in an OS dependent way</pre>
-<pre class="prettyprint lang-lua">
-r:escape_logitem(string) -- Escapes a string for logging
-</pre>
+<pre class="prettyprint lang-lua">r:escape_logitem(string) -- Escapes a string for logging</pre>
-<pre class="prettyprint lang-lua">
-r.strcmp_match(string, pattern) -- Checks if 'string' matches 'pattern' using strcmp_match (globs).
+<pre class="prettyprint lang-lua">r.strcmp_match(string, pattern) -- Checks if 'string' matches 'pattern' using strcmp_match (globs).
-- fx. whether 'www.example.com' matches '*.example.com':
local match = r.strcmp_match("foobar.com", "foo*.com")
if match then
r:puts("foobar.com matches foo*.com")
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
-r:set_keepalive() -- Sets the keepalive status for a request. Returns true if possible, false otherwise.
-</pre>
+<pre class="prettyprint lang-lua">r:set_keepalive() -- Sets the keepalive status for a request. Returns true if possible, false otherwise.</pre>
-<pre class="prettyprint lang-lua">
-r:make_etag() -- Constructs and returns the etag for the current request.
-</pre>
+<pre class="prettyprint lang-lua">r:make_etag() -- Constructs and returns the etag for the current request.</pre>
-<pre class="prettyprint lang-lua">
-r:send_interim_response(clear) -- Sends an interim (1xx) response to the client.
- -- if 'clear' is true, available headers will be sent and cleared.
-</pre>
+<pre class="prettyprint lang-lua">r:send_interim_response(clear) -- Sends an interim (1xx) response to the client.
+ -- if 'clear' is true, available headers will be sent and cleared.</pre>
-<pre class="prettyprint lang-lua">
-r:custom_response(status_code, string) -- Construct and set a custom response for a given status code.
+<pre class="prettyprint lang-lua">r:custom_response(status_code, string) -- Construct and set a custom response for a given status code.
-- This works much like the ErrorDocument directive:
-r:custom_response(404, "Baleted!")
-</pre>
+r:custom_response(404, "Baleted!")</pre>
-<pre class="prettyprint lang-lua">
-r.exists_config_define(string) -- Checks whether a configuration definition exists or not:
+<pre class="prettyprint lang-lua">r.exists_config_define(string) -- Checks whether a configuration definition exists or not:
if r.exists_config_define("FOO") then
r:puts("httpd was probably run with -DFOO, or it was defined in the configuration")
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
-r:state_query(string) -- Queries the server for state information
-</pre>
+<pre class="prettyprint lang-lua">r:state_query(string) -- Queries the server for state information</pre>
-<pre class="prettyprint lang-lua">
-r:stat(filename [,wanted]) -- Runs stat() on a file, and returns a table with file information:
+<pre class="prettyprint lang-lua">r:stat(filename [,wanted]) -- Runs stat() on a file, and returns a table with file information:
local info = r:stat("/var/www/foo.txt")
if info then
r:puts("This file exists and was last modified at: " .. info.modified)
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
-r:regex(string, pattern [,flags]) -- Runs a regular expression match on a string, returning captures if matched:
+<pre class="prettyprint lang-lua">r:regex(string, pattern [,flags]) -- Runs a regular expression match on a string, returning captures if matched:
local matches = r:regex("foo bar baz", [[foo (\w+) (\S*)]])
if matches then
-- Flags can be a bitwise combination of:
-- 0x01: Ignore case
--- 0x02: Multiline search
-</pre>
+-- 0x02: Multiline search</pre>
-<pre class="prettyprint lang-lua">
-r.usleep(number_of_microseconds) -- Puts the script to sleep for a given number of microseconds.
-</pre>
+<pre class="prettyprint lang-lua">r.usleep(number_of_microseconds) -- Puts the script to sleep for a given number of microseconds.</pre>
-<pre class="prettyprint lang-lua">
-r:dbacquire(dbType[, dbParams]) -- Acquires a connection to a database and returns a database class.
- -- See '<a href="#databases">Database connectivity</a>' for details.
-</pre>
+<pre class="prettyprint lang-lua">r:dbacquire(dbType[, dbParams]) -- Acquires a connection to a database and returns a database class.
+ -- See '<a href="#databases">Database connectivity</a>' for details.</pre>
-<pre class="prettyprint lang-lua">
-r:ivm_set("key", value) -- Set an Inter-VM variable to hold a specific value.
+<pre class="prettyprint lang-lua">r:ivm_set("key", value) -- Set an Inter-VM variable to hold a specific value.
-- These values persist even though the VM is gone or not being used,
-- and so should only be used if MaxConnectionsPerChild is > 0
-- Values can be numbers, strings and booleans, and are stored on a
r:ivm_set("cached_data", foo) -- set it globally
end
r:puts("Cached data is: ", foo)
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
-r:htpassword(string [,algorithm [,cost]]) -- Creates a password hash from a string.
+<pre class="prettyprint lang-lua">r:htpassword(string [,algorithm [,cost]]) -- Creates a password hash from a string.
-- algorithm: 0 = APMD5 (default), 1 = SHA, 2 = BCRYPT, 3 = CRYPT.
- -- cost: only valid with BCRYPT algorithm (default = 5).
-</pre>
+ -- cost: only valid with BCRYPT algorithm (default = 5).</pre>
-<pre class="prettyprint lang-lua">
-r:mkdir(dir [,mode]) -- Creates a directory and sets mode to optional mode paramter.
-</pre>
+<pre class="prettyprint lang-lua">r:mkdir(dir [,mode]) -- Creates a directory and sets mode to optional mode paramter.</pre>
-<pre class="prettyprint lang-lua">
-r:mkrdir(dir [,mode]) -- Creates directories recursive and sets mode to optional mode paramter.
-</pre>
+<pre class="prettyprint lang-lua">r:mkrdir(dir [,mode]) -- Creates directories recursive and sets mode to optional mode paramter.</pre>
-<pre class="prettyprint lang-lua">
-r:rmdir(dir) -- Removes a directory.
-</pre>
+<pre class="prettyprint lang-lua">r:rmdir(dir) -- Removes a directory.</pre>
-<pre class="prettyprint lang-lua">
-r:touch(file [,mtime]) -- Sets the file modification time to current time or to optional mtime msec value.
-</pre>
+<pre class="prettyprint lang-lua">r:touch(file [,mtime]) -- Sets the file modification time to current time or to optional mtime msec value.</pre>
-<pre class="prettyprint lang-lua">
-r:get_direntries(dir) -- Returns a table with all directory entries.
+<pre class="prettyprint lang-lua">r:get_direntries(dir) -- Returns a table with all directory entries.
function handle(r)
local dir = r.context_document_root
r:puts( ("%s %s %10i %s\n"):format(ftype, mtime, info.size, f) )
end
end
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
-r.date_parse_rfc(string) -- Parses a date/time string and returns seconds since epoche.
-</pre>
+<pre class="prettyprint lang-lua">r.date_parse_rfc(string) -- Parses a date/time string and returns seconds since epoche.</pre>
-<pre class="prettyprint lang-lua">
-r:getcookie(key) -- Gets a HTTP cookie
-</pre>
+<pre class="prettyprint lang-lua">r:getcookie(key) -- Gets a HTTP cookie</pre>
-<pre class="prettyprint lang-lua">
-r:setcookie(key, value, secure, expires) -- Sets a HTTP cookie, for instance:
-r:setcookie("foo", "bar and stuff", false, os.time() + 86400)
-</pre>
+<pre class="prettyprint lang-lua">r:setcookie(key, value, secure, expires) -- Sets a HTTP cookie, for instance:
+r:setcookie("foo", "bar and stuff", false, os.time() + 86400)</pre>
-<pre class="prettyprint lang-lua">
-r:wsupgrade() -- Upgrades a connection to WebSockets if possible (and requested):
+<pre class="prettyprint lang-lua">r:wsupgrade() -- Upgrades a connection to WebSockets if possible (and requested):
if r:wsupgrade() then -- if we can upgrade:
r:wswrite("Welcome to websockets!") -- write something to the client
r:wsclose() -- goodbye!
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
-r:wsread() -- Reads a WebSocket frame from a WebSocket upgraded connection (see above):
+<pre class="prettyprint lang-lua">r:wsread() -- Reads a WebSocket frame from a WebSocket upgraded connection (see above):
local line, isFinal = r:wsread() -- isFinal denotes whether this is the final frame.
-- If it isn't, then more frames can be read
-r:wswrite("You wrote: " .. line)
-</pre>
+r:wswrite("You wrote: " .. line)</pre>
-<pre class="prettyprint lang-lua">
-r:wswrite(line) -- Writes a frame to a WebSocket client:
-r:wswrite("Hello, world!")
-</pre>
+<pre class="prettyprint lang-lua">r:wswrite(line) -- Writes a frame to a WebSocket client:
+r:wswrite("Hello, world!")</pre>
-<pre class="prettyprint lang-lua">
-r:wsclose() -- Closes a WebSocket request and terminates it for httpd:
+<pre class="prettyprint lang-lua">r:wsclose() -- Closes a WebSocket request and terminates it for httpd:
if r:wsupgrade() then
r:wswrite("Write something: ")
r:wswrite("You wrote: " .. line);
r:wswrite("Goodbye!")
r:wsclose()
-end
-</pre>
+end</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="logging" id="logging">Logging Functions</a></h2>
-<pre class="prettyprint lang-lua">
- -- examples of logging messages<br />
+<pre class="prettyprint lang-lua"> -- examples of logging messages<br />
r:trace1("This is a trace log message") -- trace1 through trace8 can be used <br />
r:debug("This is a debug log message")<br />
r:info("This is an info log message")<br />
function as buckets are sent down the filter chain. The core structure of
such a function is:
</p>
- <pre class="prettyprint lang-lua">
-function filter(r)
+ <pre class="prettyprint lang-lua">function filter(r)
-- Our first yield is to signal that we are ready to receive buckets.
-- Before this yield, we can set up our environment, check for conditions,
-- and, if we deem it necessary, decline filtering a request alltogether:
-- can be done by doing a final yield here. Both input and output filters
-- can append data to the content in this phase.
coroutine.yield([optional footer to be appended to the content])
-end
- </pre>
+end</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
as well as mod_dbd.
</p>
<p>The example below shows how to acquire a database handle and return information from a table:</p>
- <pre class="prettyprint lang-lua">
-function handle(r)
+ <pre class="prettyprint lang-lua">function handle(r)
-- Acquire a database handle
local database, err = r:dbacquire("mysql", "server=localhost,user=someuser,pass=somepass,dbname=mydb")
if not err then
else
r:puts("Could not connect to the database: " .. err)
end
-end
- </pre>
+end</pre>
<p>
To utilize <code class="module"><a href="../mod/mod_dbd.html">mod_dbd</a></code>, specify <code>mod_dbd</code>
as the database type, or leave the field blank:
</p>
- <pre class="prettyprint lang-lua">
- local database = r:dbacquire("mod_dbd")
- </pre>
+ <pre class="prettyprint lang-lua"> local database = r:dbacquire("mod_dbd")</pre>
<h3><a name="database_object" id="database_object">Database object and contained functions</a></h3>
<p>The database object returned by <code>dbacquire</code> has the following methods:</p>
<p><strong>Normal select and query from a database:</strong></p>
- <pre class="prettyprint lang-lua">
--- Run a statement and return the number of rows affected:
+ <pre class="prettyprint lang-lua">-- Run a statement and return the number of rows affected:
local affected, errmsg = database:query(r, "DELETE FROM `tbl` WHERE 1")
-- Run a statement and return a result set that can be used synchronously or async:
-local result, errmsg = database:select(r, "SELECT * FROM `people` WHERE 1")
- </pre>
+local result, errmsg = database:select(r, "SELECT * FROM `people` WHERE 1")</pre>
<p><strong>Using prepared statements (recommended):</strong></p>
- <pre class="prettyprint lang-lua">
--- Create and run a prepared statement:
+ <pre class="prettyprint lang-lua">-- Create and run a prepared statement:
local statement, errmsg = database:prepare(r, "DELETE FROM `tbl` WHERE `age` > %u")
if not errmsg then
local result, errmsg = statement:query(20) -- run the statement with age > 20
local statement, errmsg = database:prepared(r, "someTag")
if not errmsg then
local result, errmsg = statement:select("John Doe", 123) -- inject the values "John Doe" and 123 into the statement
-end
-
-</pre>
+end</pre>
<p><strong>Escaping values, closing databases etc:</strong></p>
- <pre class="prettyprint lang-lua">
--- Escape a value for use in a statement:
+ <pre class="prettyprint lang-lua">-- Escape a value for use in a statement:
local escaped = database:escape(r, [["'|blabla]])
-- Close a database connection and free up handles:
database:close()
-- Check whether a database connection is up and running:
-local connected = database:active()
- </pre>
+local connected = database:active()</pre>
<h3><a name="result_sets" id="result_sets">Working with result sets</a></h3>
<code>result(-1)</code> fetches the next available row in the set, asynchronously.<br />
<code>result(N)</code> fetches row number <code>N</code>, asynchronously:
</p>
- <pre class="prettyprint lang-lua">
--- fetch a result set using a regular query:
+ <pre class="prettyprint lang-lua">-- fetch a result set using a regular query:
local result, err = db:select(r, "SELECT * FROM `tbl` WHERE 1")
local rows = result(0) -- Fetch ALL rows synchronously
local row = result(-1) -- Fetch the next available row, asynchronously
-local row = result(1234) -- Fetch row number 1234, asynchronously
- </pre>
+local row = result(1234) -- Fetch row number 1234, asynchronously</pre>
<p>One can construct a function that returns an iterative function to iterate over all rows
in a synchronous or asynchronous way, depending on the async argument:
</p>
- <pre class="prettyprint lang-lua">
-function rows(resultset, async)
+ <pre class="prettyprint lang-lua">function rows(resultset, async)
local a = 0
local function getnext()
a = a + 1
....
end
end
-end
- </pre>
+end</pre>
<h3><a name="closing_databases" id="closing_databases">Closing a database connection</a></h3>
if you leave the closing up to mod_lua. Essentially, the following two measures are
the same:
</p>
- <pre class="prettyprint lang-lua">
--- Method 1: Manually close a handle
+ <pre class="prettyprint lang-lua">-- Method 1: Manually close a handle
local database = r:dbacquire("mod_dbd")
database:close() -- All done
-- Method 2: Letting the garbage collector close it
local database = r:dbacquire("mod_dbd")
database = nil -- throw away the reference
-collectgarbage() -- close the handle via GC
-</pre>
+collectgarbage() -- close the handle via GC</pre>
<h3><a name="database_caveat" id="database_caveat">Precautions when working with databases</a></h3>
<p>After a lua function has been registered as authorization provider, it can be used
with the <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> directive:</p>
-<pre class="prettyprint lang-config">
-LuaRoot /usr/local/apache2/lua
+<pre class="prettyprint lang-config">LuaRoot /usr/local/apache2/lua
LuaAuthzProvider foo authz.lua authz_check_foo
<Location />
Require foo johndoe
-</Location>
-</pre>
+</Location></pre>
-<pre class="prettyprint lang-lua">
-require "apache2"
+<pre class="prettyprint lang-lua">require "apache2"
function authz_check_foo(r, who)
if r.user ~= who then return apache2.AUTHZ_DENIED
return apache2.AUTHZ_GRANTED
-end
-</pre>
+end</pre>
<p>In general stat or forever is good for production, and stat or never
for development.</p>
- <div class="example"><h3>Examples:</h3><pre class="prettyprint lang-config">
-LuaCodeCache stat
+ <div class="example"><h3>Examples:</h3><pre class="prettyprint lang-config">LuaCodeCache stat
LuaCodeCache forever
-LuaCodeCache never
- </pre>
+LuaCodeCache never</pre>
</div>
a request. This can be used to implement arbitrary authentication
and authorization checking. A very simple example:
</p>
-<pre class="prettyprint lang-lua">
-require 'apache2'
+<pre class="prettyprint lang-lua">require 'apache2'
-- fake authcheck hook
-- If request has no auth info, set the response header and
return 401
end
return apache2.OK
-end
-</pre>
+end</pre>
<div class="note"><h3>Ordering</h3><p>The optional arguments "early" or "late"
control when this script runs relative to other modules.</p></div>
<code>apache2.OK</code> to tell httpd to log as normal.
</p>
<p>Example:</p>
-<pre class="prettyprint lang-config">
-LuaHookLog /path/to/script.lua logger
-</pre>
+<pre class="prettyprint lang-config">LuaHookLog /path/to/script.lua logger</pre>
-<pre class="prettyprint lang-lua">
--- /path/to/script.lua --
+<pre class="prettyprint lang-lua">-- /path/to/script.lua --
function logger(r)
-- flip a coin:
-- If 1, then we write to our own Lua log and tell httpd not to log
r.uri = r.uri:gsub("somesecretstuff", "") -- sanitize the URI
return apache2.OK -- tell httpd to log it.
end
-end
-</pre>
+end</pre>
</div>
<p>Like <code class="directive">LuaHookTranslateName</code> but executed at the
map-to-storage phase of a request. Modules like mod_cache run at this phase,
which makes for an interesting example on what to do here:</p>
- <pre class="prettyprint lang-config">
- LuaHookMapToStorage /path/to/lua/script.lua check_cache
- </pre>
+ <pre class="prettyprint lang-config"> LuaHookMapToStorage /path/to/lua/script.lua check_cache</pre>
- <pre class="prettyprint lang-lua">
-require"apache2"
+ <pre class="prettyprint lang-lua">require"apache2"
cached_files = {}
function read_file(filename)
end
end
return apache2.DECLINED -- If we had nothing to do, let others serve this.
-end
- </pre>
+end</pre>
<p>Example:</p>
-<pre class="prettyprint lang-config">
-# httpd.conf
-LuaHookTranslateName /scripts/conf/hooks.lua silly_mapper
-</pre>
+<pre class="prettyprint lang-config"># httpd.conf
+LuaHookTranslateName /scripts/conf/hooks.lua silly_mapper</pre>
-<pre class="prettyprint lang-lua">
--- /scripts/conf/hooks.lua --
+<pre class="prettyprint lang-lua">-- /scripts/conf/hooks.lua --
require "apache2"
function silly_mapper(r)
if r.uri == "/" then
else
return apache2.DECLINED
end
-end
-</pre>
+end</pre>
<div class="note"><h3>Context</h3><p>This directive is not valid in <code class="directive"><a href="../mod/core.html#directory"><Directory></a></code>, <code class="directive"><a href="../mod/core.html#files"><Files></a></code>, or htaccess
This phase is where requests are assigned a content type and a handler, and thus can
be used to modify the type and handler based on input:
</p>
- <pre class="prettyprint lang-config">
- LuaHookTypeChecker /path/to/lua/script.lua type_checker
- </pre>
+ <pre class="prettyprint lang-config"> LuaHookTypeChecker /path/to/lua/script.lua type_checker</pre>
- <pre class="prettyprint lang-lua">
- function type_checker(r)
+ <pre class="prettyprint lang-lua"> function type_checker(r)
if r.uri:match("%.to_gif$") then -- match foo.png.to_gif
r.content_type = "image/gif" -- assign it the image/gif type
r.handler = "gifWizard" -- tell the gifWizard module to handle this
end
return apache2.DECLINED
- end
- </pre>
+ end</pre>
</div>
onto the Lua script:
</p>
-<pre class="prettyprint lang-config">
-LuaInputFilter myInputFilter /www/filter.lua input_filter
+<pre class="prettyprint lang-config">LuaInputFilter myInputFilter /www/filter.lua input_filter
<FilesMatch "\.lua>
SetInputFilter myInputFilter
-</FilesMatch>
-</pre>
+</FilesMatch></pre>
-<pre class="prettyprint lang-lua">
---[[
+<pre class="prettyprint lang-lua">--[[
Example input filter that converts all POST data to uppercase.
]]--
function input_filter(r)
end
-- No more buckets available.
coroutine.yield("&filterSignature=1234") -- Append signature at the end
-end
-</pre>
+end</pre>
<p>
The input filter supports denying/skipping a filter if it is deemed unwanted:
</p>
-<pre class="prettyprint lang-lua">
-function input_filter(r)
+<pre class="prettyprint lang-lua">function input_filter(r)
if not good then
return -- Simply deny filtering, passing on the original content instead
end
coroutine.yield() -- wait for buckets
... -- insert filter stuff here
-end
-</pre>
+end</pre>
<p>
See "<a href="#modifying_buckets">Modifying contents with Lua
match groups into both the file path and the function name.
Be careful writing your regular expressions to avoid security
issues.</p>
- <div class="example"><h3>Examples:</h3><pre class="prettyprint lang-config">
- LuaMapHandler /(\w+)/(\w+) /scripts/$1.lua handle_$2
- </pre>
+ <div class="example"><h3>Examples:</h3><pre class="prettyprint lang-config"> LuaMapHandler /(\w+)/(\w+) /scripts/$1.lua handle_$2</pre>
</div>
<p>This would match uri's such as /photos/show?id=9
to the file /scripts/photos.lua and invoke the
handler function handle_show on the lua vm after
loading that file.</p>
-<pre class="prettyprint lang-config">
- LuaMapHandler /bingo /scripts/wombat.lua
-</pre>
+<pre class="prettyprint lang-config"> LuaMapHandler /bingo /scripts/wombat.lua</pre>
<p>This would invoke the "handle" function, which
is the default if no specific function name is
onto the Lua script:
</p>
-<pre class="prettyprint lang-config">
-LuaOutputFilter myOutputFilter /www/filter.lua output_filter
+<pre class="prettyprint lang-config">LuaOutputFilter myOutputFilter /www/filter.lua output_filter
<FilesMatch "\.lua>
SetOutputFilter myOutputFilter
-</FilesMatch>
-</pre>
+</FilesMatch></pre>
-<pre class="prettyprint lang-lua">
---[[
+<pre class="prettyprint lang-lua">--[[
Example output filter that escapes all HTML entities in the output
]]--
function output_filter(r)
coroutine.yield(output) -- Send converted data down the chain
end
-- No more buckets available.
-end
-</pre>
+end</pre>
<p>
As with the input filter, the output filter supports denying/skipping a filter
if it is deemed unwanted:
</p>
-<pre class="prettyprint lang-lua">
-function output_filter(r)
+<pre class="prettyprint lang-lua">function output_filter(r)
if not r.content_type:match("text/html") then
return -- Simply deny filtering, passing on the original content instead
end
coroutine.yield() -- wait for buckets
... -- insert filter stuff here
-end
-</pre>
+end</pre>
<div class="note"><h3>Lua filters with <code class="module"><a href="../mod/mod_filter.html">mod_filter</a></code></h3>
<p> When a Lua filter is used as the underlying provider via the
conventions as lua. This just munges the package.path in the
lua vms.</p>
- <div class="example"><h3>Examples:</h3><pre class="prettyprint lang-config">
-LuaPackagePath /scripts/lib/?.lua
-LuaPackagePath /scripts/lib/?/init.lua
- </pre>
+ <div class="example"><h3>Examples:</h3><pre class="prettyprint lang-config">LuaPackagePath /scripts/lib/?.lua
+LuaPackagePath /scripts/lib/?/init.lua</pre>
</div>
</div>
<p>La directive de base pour le chargement du module est</p>
-<pre class="prettyprint lang-config">
- LoadModule lua_module modules/mod_lua.so
-</pre>
+<pre class="prettyprint lang-config"> LoadModule lua_module modules/mod_lua.so</pre>
<p>
<code>lua-script</code> qui peut être utilisé avec une directive
<code>AddHandler</code> :</p>
-<pre class="prettyprint lang-config">
-AddHandler lua-script .lua
-</pre>
+<pre class="prettyprint lang-config">AddHandler lua-script .lua</pre>
<p>
return 501
end
return apache2.OK
-end
-</pre>
+end</pre>
<p>
else
return apache2.AUTHZ_DENIED
end
-end
-</pre>
+end</pre>
<p>La configuration suivante enregistre cette fonction en tant que
fournisseur <code>foo</code>, et la configure por l'URL <code>/</code> :</p>
-<pre class="prettyprint lang-config">
-LuaAuthzProvider foo authz_provider.lua authz_check_foo
+<pre class="prettyprint lang-config">LuaAuthzProvider foo authz_provider.lua authz_check_foo
<Location />
Require foo 10.1.2.3 john_doe
-</Location>
-</pre>
+</Location></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
end
-- on ne gère pas cette URL et on donne sa chance à un autre module
return apache2.DECLINED
-end
-</pre>
+end</pre>
return apache2.DECLINED
end
return apache2.DECLINED
-end
-</pre>
+end</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<p>L'objet request_rec possède (au minimum) les méthodes suivantes :</p>
-<pre class="prettyprint lang-lua">
-r:flush() -- vide le tampon de sortie
+<pre class="prettyprint lang-lua">r:flush() -- vide le tampon de sortie
-- Renvoie true si le vidage a été effectué avec succès,
false dans le cas contraire.
r:puts("Bla bla bla\n") -- envoi des données à envoyer vers le tampon
r:flush() -- vidage du tampon (envoi au client)
r.usleep(500000) -- mise en attente pendant 0.5 secondes et bouclage
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
-r:addoutputfilter(name|function) -- ajoute un filtre en sortie
+<pre class="prettyprint lang-lua">r:addoutputfilter(name|function) -- ajoute un filtre en sortie
-r:addoutputfilter("fooFilter") -- insère le filtre fooFilter dans le flux de sortie
-</pre>
+r:addoutputfilter("fooFilter") -- insère le filtre fooFilter dans le flux de sortie</pre>
-<pre class="prettyprint lang-lua">
-r:sendfile(filename) -- envoie un fichier entier au client en
+<pre class="prettyprint lang-lua">r:sendfile(filename) -- envoie un fichier entier au client en
utilisant sendfile s'il est supporté par la plateforme :
if use_sendfile_thing then
r:sendfile("/var/www/large_file.img")
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
-r:parseargs() -- renvoie deux tables : une table standard de couples
+<pre class="prettyprint lang-lua">r:parseargs() -- renvoie deux tables : une table standard de couples
clé/valeur pour les données GET simples, et une autre pour les données
multivaluées (par exemple foo=1&foo=2&foo=3) :
local GET, GETMULTI = r:parseargs()
-r:puts("Votre nom est : " .. GET['name'] or "Unknown")
-</pre>
+r:puts("Votre nom est : " .. GET['name'] or "Unknown")</pre>
-<pre class="prettyprint lang-lua">
-r:parsebody()([sizeLimit]) -- interprète le corps de la requête
+<pre class="prettyprint lang-lua">r:parsebody()([sizeLimit]) -- interprète le corps de la requête
en tant que POST et renvoie deux tables lua, comme r:parseargs(). Un nombre optionnel
peut être fourni pour spécifier le nombre maximal d'octets à
interpréter. La valeur par défaut est 8192.
local POST, POSTMULTI = r:parsebody(1024*1024)
-r:puts("Votre nom est : " .. POST['name'] or "Unknown")
-</pre>
+r:puts("Votre nom est : " .. POST['name'] or "Unknown")</pre>
-<pre class="prettyprint lang-lua">
-r:puts("bonjour", " le monde", "!") -- affichage dans le corps de la réponse
-</pre>
+<pre class="prettyprint lang-lua">r:puts("bonjour", " le monde", "!") -- affichage dans le corps de la réponse</pre>
-<pre class="prettyprint lang-lua">
-r:write("une simple chaîne") -- affichage dans le
-corps de la réponse
-</pre>
+<pre class="prettyprint lang-lua">r:write("une simple chaîne") -- affichage dans le
+corps de la réponse</pre>
-<pre class="prettyprint lang-lua">
-r:escape_html("<html>test</html>") -- Echappe le
-code HTML et renvoie le résultat
-</pre>
+<pre class="prettyprint lang-lua">r:escape_html("<html>test</html>") -- Echappe le
+code HTML et renvoie le résultat</pre>
-<pre class="prettyprint lang-lua">
-r:base64_encode(string) -- Encode une chaîne à l'aide du
+<pre class="prettyprint lang-lua">r:base64_encode(string) -- Encode une chaîne à l'aide du
standard de codage Base64.
-local encoded = r:base64_encode("This is a test") -- returns VGhpcyBpcyBhIHRlc3Q=
-</pre>
+local encoded = r:base64_encode("This is a test") -- returns VGhpcyBpcyBhIHRlc3Q=</pre>
-<pre class="prettyprint lang-lua">
-r:base64_decode(string) -- Décode une chaîne codée en Base64.
+<pre class="prettyprint lang-lua">r:base64_decode(string) -- Décode une chaîne codée en Base64.
-local decoded = r:base64_decode("VGhpcyBpcyBhIHRlc3Q=") -- returns 'This is a test'
-</pre>
+local decoded = r:base64_decode("VGhpcyBpcyBhIHRlc3Q=") -- returns 'This is a test'</pre>
-<pre class="prettyprint lang-lua">
-r:md5(string) -- Calcule et renvoie le condensé MD5 d'une chaîne
+<pre class="prettyprint lang-lua">r:md5(string) -- Calcule et renvoie le condensé MD5 d'une chaîne
en mode binaire (binary safe).
-local hash = r:md5("This is a test") -- returns ce114e4501d2f4e2dcea3e17b546f339
-</pre>
+local hash = r:md5("This is a test") -- returns ce114e4501d2f4e2dcea3e17b546f339</pre>
-<pre class="prettyprint lang-lua">
-r:sha1(string) -- Calcule et renvoie le condensé SHA1 d'une chaîne
+<pre class="prettyprint lang-lua">r:sha1(string) -- Calcule et renvoie le condensé SHA1 d'une chaîne
en mode binaire (binary safe).
-local hash = r:sha1("This is a test") -- returns a54d88e06612d820bc3be72877c74f257b561b19
-</pre>
+local hash = r:sha1("This is a test") -- returns a54d88e06612d820bc3be72877c74f257b561b19</pre>
-<pre class="prettyprint lang-lua">
-r:escape(string) -- Echappe une chaîne de type URL.
+<pre class="prettyprint lang-lua">r:escape(string) -- Echappe une chaîne de type URL.
local url = "http://foo.bar/1 2 3 & 4 + 5"
-local escaped = r:escape(url) -- renvoie 'http%3a%2f%2ffoo.bar%2f1+2+3+%26+4+%2b+5'
-</pre>
+local escaped = r:escape(url) -- renvoie 'http%3a%2f%2ffoo.bar%2f1+2+3+%26+4+%2b+5'</pre>
-<pre class="prettyprint lang-lua">
-r:unescape(string) -- Déséchappe une chaîne de type URL.
+<pre class="prettyprint lang-lua">r:unescape(string) -- Déséchappe une chaîne de type URL.
local url = "http%3a%2f%2ffoo.bar%2f1+2+3+%26+4+%2b+5"
-local unescaped = r:unescape(url) -- renvoie 'http://foo.bar/1 2 3 & 4 + 5'
-</pre>
+local unescaped = r:unescape(url) -- renvoie 'http://foo.bar/1 2 3 & 4 + 5'</pre>
-<pre class="prettyprint lang-lua">
-r:construct_url(string) -- Construit une URL à partir d'un URI
+<pre class="prettyprint lang-lua">r:construct_url(string) -- Construit une URL à partir d'un URI
-local url = r:construct_url(r.uri)
-</pre>
+local url = r:construct_url(r.uri)</pre>
-<pre class="prettyprint lang-lua">
-r.mpm_query(number) -- Interroge le serveur à propos de son
+<pre class="prettyprint lang-lua">r.mpm_query(number) -- Interroge le serveur à propos de son
module MPM via la requête ap_mpm_query.
local mpm = r.mpm_query(14)
if mpm == 1 then
r:puts("Ce serveur utilise le MPM Event")
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
-r:expr(string) -- Evalue une chaîne de type <a href="../expr.html">expr</a>.
+<pre class="prettyprint lang-lua">r:expr(string) -- Evalue une chaîne de type <a href="../expr.html">expr</a>.
if r:expr("%{HTTP_HOST} =~ /^www/") then
r:puts("Ce nom d'hôte commence par www")
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
-r:scoreboard_process(a) -- Interroge le serveur à propos du
+<pre class="prettyprint lang-lua">r:scoreboard_process(a) -- Interroge le serveur à propos du
processus à la position <code>a</code>.
local process = r:scoreboard_process(1)
-r:puts("Le serveur 1 a comme PID " .. process.pid)
-</pre>
+r:puts("Le serveur 1 a comme PID " .. process.pid)</pre>
-<pre class="prettyprint lang-lua">
-r:scoreboard_worker(a, b) -- Interroge le serveur à propos du
+<pre class="prettyprint lang-lua">r:scoreboard_worker(a, b) -- Interroge le serveur à propos du
thread <code>b</code>, dans le processus <code>a</code>.
local thread = r:scoreboard_worker(1, 1)
r:puts("L'ID du thread 1 du serveur 1 est " .. thread.tid .. " et son
-état est " .. thread.status)
-</pre>
+état est " .. thread.status)</pre>
-<pre class="prettyprint lang-lua">
-r:clock() -- Renvoie l'heure courante avec une précision d'une
-microseconde.
-</pre>
+<pre class="prettyprint lang-lua">r:clock() -- Renvoie l'heure courante avec une précision d'une
+microseconde.</pre>
-<pre class="prettyprint lang-lua">
-r:requestbody(filename) -- Lit et renvoie le corps d'une requête. Si
+<pre class="prettyprint lang-lua">r:requestbody(filename) -- Lit et renvoie le corps d'une requête. Si
'filename' est spécifié, le corps de requête n'est pas renvoyé, mais
sauvegardé dans le fichier correspondant.
local input = r:requestbody()
r:puts("Vous m'avez envoyé le corps de requête suivant :\n")
-r:puts(input)
-</pre>
+r:puts(input)</pre>
-<pre class="prettyprint lang-lua">
-r:add_input_filter(filter_name) -- Ajoute le filtre en entrée
-'filter_name'.
-</pre>
+<pre class="prettyprint lang-lua">r:add_input_filter(filter_name) -- Ajoute le filtre en entrée
+'filter_name'.</pre>
-<pre class="prettyprint lang-lua">
-r:module_info(module_name) -- Interroge le serveur à propos d'un
+<pre class="prettyprint lang-lua">r:module_info(module_name) -- Interroge le serveur à propos d'un
module.
local mod = r.module_info("mod_lua.c")
for k, v in pairs(mod.commands) do
r:puts( ("%s: %s\n"):format(k,v)) -- affiche toutes les directives implémentées par ce module
end
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
-r:loaded_modules() -- Renvoie une liste des modules chargés par
+<pre class="prettyprint lang-lua">r:loaded_modules() -- Renvoie une liste des modules chargés par
httpd.
for k, module in pairs(r:loaded_modules()) do
r:puts("J'ai chargé le module " .. module .. "\n")
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
-r:runtime_dir_relative(filename) -- Génère le nom d'un fichier run-time
+<pre class="prettyprint lang-lua">r:runtime_dir_relative(filename) -- Génère le nom d'un fichier run-time
(par exemple la mémoire partagée "file") relativement au répertoire de
-run-time.
-</pre>
+run-time.</pre>
-<pre class="prettyprint lang-lua">
-r:server_info() -- Renvoie une table contenant des informations
+<pre class="prettyprint lang-lua">r:server_info() -- Renvoie une table contenant des informations
à propos du serveur, comme le nom de l'exécutable httpd, le
-module mpm utilisé, etc...
-</pre>
+module mpm utilisé, etc...</pre>
-<pre class="prettyprint lang-lua">
-r:set_document_root(file_path) -- Définit la racine des
-documents pour la requête à file_path.
-</pre>
+<pre class="prettyprint lang-lua">r:set_document_root(file_path) -- Définit la racine des
+documents pour la requête à file_path.</pre>
-<pre class="prettyprint lang-lua">
-r:add_version_component(component_string) -- Ajoute un élément à
-la bannière du serveur.
-</pre>
+<pre class="prettyprint lang-lua">r:add_version_component(component_string) -- Ajoute un élément à
+la bannière du serveur.</pre>
-<pre class="prettyprint lang-lua">
-r:set_context_info(prefix, docroot) -- Définit le préfixe et la
-racine des documents du contexte pour une requête.
-</pre>
+<pre class="prettyprint lang-lua">r:set_context_info(prefix, docroot) -- Définit le préfixe et la
+racine des documents du contexte pour une requête.</pre>
-<pre class="prettyprint lang-lua">
-r:os_escape_path(file_path) -- Convertit un chemin du système de
-fichiers en URL indépendamment du système d'exploitation.
-</pre>
+<pre class="prettyprint lang-lua">r:os_escape_path(file_path) -- Convertit un chemin du système de
+fichiers en URL indépendamment du système d'exploitation.</pre>
-<pre class="prettyprint lang-lua">
-r:escape_logitem(string) -- Echappe une chaîne pour
-journalisation.
-</pre>
+<pre class="prettyprint lang-lua">r:escape_logitem(string) -- Echappe une chaîne pour
+journalisation.</pre>
-<pre class="prettyprint lang-lua">
-r.strcmp_match(string, pattern) -- Vérifie si 'string' correspond à
+<pre class="prettyprint lang-lua">r.strcmp_match(string, pattern) -- Vérifie si 'string' correspond à
'pattern' via la fonction strcmp_match (GLOBs). Par exemple, est-ce que
'www.example.com' correspond à '*.example.com' ?
local match = r.strcmp_match("foobar.com", "foo*.com")
if match then
r:puts("foobar.com matches foo*.com")
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
-r:set_keepalive() -- Définit l'état de persistance d'une
+<pre class="prettyprint lang-lua">r:set_keepalive() -- Définit l'état de persistance d'une
requête. Renvoie true dans la mesure du possible, false dans le
-cas contraire.
-</pre>
+cas contraire.</pre>
-<pre class="prettyprint lang-lua">
-r:make_etag() -- Génère et renvoie le etag pour la requête
-courante.
-</pre>
+<pre class="prettyprint lang-lua">r:make_etag() -- Génère et renvoie le etag pour la requête
+courante.</pre>
-<pre class="prettyprint lang-lua">
-r:send_interim_response(clear) -- Renvoie une réponse d'intérim (1xx) au
+<pre class="prettyprint lang-lua">r:send_interim_response(clear) -- Renvoie une réponse d'intérim (1xx) au
client. Si 'clear' est vrai, les en-têtes disponibles seront envoyés et
-effacés.
-</pre>
+effacés.</pre>
-<pre class="prettyprint lang-lua">
-r:custom_response(status_code, string) -- Génère et définit une réponse
+<pre class="prettyprint lang-lua">r:custom_response(status_code, string) -- Génère et définit une réponse
personnalisée pour un code d'état particulier. Le fonctionnement est
très proche de celui de la directive ErrorDocument.
-r:custom_response(404, "Baleted!")
-</pre>
+r:custom_response(404, "Baleted!")</pre>
-<pre class="prettyprint lang-lua">
-r.exists_config_define(string) -- Vérifie si une définition de
+<pre class="prettyprint lang-lua">r.exists_config_define(string) -- Vérifie si une définition de
configuration existe.
if r.exists_config_define("FOO") then
r:puts("httpd a probablement été lancé avec l'option -DFOO, ou FOO a
été défini dans la configuration")
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
-r:state_query(string) -- Interroge le serveur à propos de son
-état.
-</pre>
+<pre class="prettyprint lang-lua">r:state_query(string) -- Interroge le serveur à propos de son
+état.</pre>
-<pre class="prettyprint lang-lua">
-r:stat(filename [,wanted]) -- Exécute stat() sur un fichier, et renvoie
+<pre class="prettyprint lang-lua">r:stat(filename [,wanted]) -- Exécute stat() sur un fichier, et renvoie
une table contenant des informations à propos de ce fichier.
local info = r:stat("/var/www/foo.txt")
if info then
r:puts("Ce fichier existe et a été modifié pour la dernière fois à : " .. info.modified)
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
-r:regex(string, pattern [,flags]) -- Exécute une recherche à base
+<pre class="prettyprint lang-lua">r:regex(string, pattern [,flags]) -- Exécute une recherche à base
d'expression rationnelle sur une chaîne, et renvoie les
éventuelles correspondances trouvées.
-- les drapeaux peuvent être une combibaison bit à bit de :
-- 0x01: insensibilité à la casse
--- 0x02: recherche multiligne
-</pre>
+-- 0x02: recherche multiligne</pre>
-<pre class="prettyprint lang-lua">
-r.usleep(microsecondes) -- Interrompt l'exécution du script pendant le nombre de microsecondes spécifié.
-</pre>
+<pre class="prettyprint lang-lua">r.usleep(microsecondes) -- Interrompt l'exécution du script pendant le nombre de microsecondes spécifié.</pre>
-<pre class="prettyprint lang-lua">
-r:dbacquire(dbType[, dbParams]) -- Acquiert une connexion à une
+<pre class="prettyprint lang-lua">r:dbacquire(dbType[, dbParams]) -- Acquiert une connexion à une
base de données et renvoie une classe database. Voir '<a href="#databases">Connectivité aux bases de données</a>' pour plus de
-détails.
-</pre>
+détails.</pre>
-<pre class="prettyprint lang-lua">
-r:ivm_set("key", value) -- Défini une variable Inter-VM avec une valeur spécifique.
+<pre class="prettyprint lang-lua">r:ivm_set("key", value) -- Défini une variable Inter-VM avec une valeur spécifique.
-- Ces valeurs sont conservées même si la VM est
-- arrêtée ou non utilisée, et ne doivent donc être
-- utilisées que si MaxConnectionsPerChild > 0.
r:ivm_set("cached_data", foo) -- définition globale de la variable
end
r:puts("La donnée en cache est : ", foo)
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
-r:htpassword(string [,algorithm [,cost]]) -- Génère un hash de mot de passe à partir d'une chaîne.
+<pre class="prettyprint lang-lua">r:htpassword(string [,algorithm [,cost]]) -- Génère un hash de mot de passe à partir d'une chaîne.
-- algorithm: 0 = APMD5 (défaut), 1 = SHA, 2 = BCRYPT, 3 = CRYPT.
- -- cost: ne s'utilise qu'avec l'algorythme BCRYPT (défaut = 5).
-</pre>
+ -- cost: ne s'utilise qu'avec l'algorythme BCRYPT (défaut = 5).</pre>
-<pre class="prettyprint lang-lua">
-r:mkdir(dir [,mode]) -- Crée un répertoire et définit son mode via le paramètre optionnel mode.
-</pre>
+<pre class="prettyprint lang-lua">r:mkdir(dir [,mode]) -- Crée un répertoire et définit son mode via le paramètre optionnel mode.</pre>
-<pre class="prettyprint lang-lua">
-r:mkrdir(dir [,mode]) -- Crée des répertoires de manière récursive et définit leur mode via le paramètre optionnel mode.
-</pre>
+<pre class="prettyprint lang-lua">r:mkrdir(dir [,mode]) -- Crée des répertoires de manière récursive et définit leur mode via le paramètre optionnel mode.</pre>
-<pre class="prettyprint lang-lua">
-r:rmdir(dir) -- Supprime un répertoire.
-</pre>
+<pre class="prettyprint lang-lua">r:rmdir(dir) -- Supprime un répertoire.</pre>
-<pre class="prettyprint lang-lua">
-r:touch(file [,mtime]) -- Définit la date de modification d'un fichier à la date courante ou à la valeur optionnelle mtime en msec.
-</pre>
+<pre class="prettyprint lang-lua">r:touch(file [,mtime]) -- Définit la date de modification d'un fichier à la date courante ou à la valeur optionnelle mtime en msec.</pre>
-<pre class="prettyprint lang-lua">
-r:get_direntries(dir) -- Renvoie une table contenant toutes les entrées de répertoires.
+<pre class="prettyprint lang-lua">r:get_direntries(dir) -- Renvoie une table contenant toutes les entrées de répertoires.
-- Renvoie un chemin sous forme éclatée en chemin, fichier, extension
function handle(r)
r:puts( ("%s %s %10i %s\n"):format(ftype, mtime, info.size, f) )
end
end
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
-r.date_parse_rfc(string) -- Interprète une chaîne date/heure et renvoie l'équivalent en secondes depuis epoche.
-</pre>
+<pre class="prettyprint lang-lua">r.date_parse_rfc(string) -- Interprète une chaîne date/heure et renvoie l'équivalent en secondes depuis epoche.</pre>
-<pre class="prettyprint lang-lua">
-r:getcookie(key) -- Obtient un cookie HTTP
-</pre>
+<pre class="prettyprint lang-lua">r:getcookie(key) -- Obtient un cookie HTTP</pre>
-<pre class="prettyprint lang-lua">
-r:setcookie(key, value, secure, expires) -- Définit un cookie HTTP, par exemple :
-r:setcookie("foo", "bar and stuff", false, os.time() + 86400)
-</pre>
+<pre class="prettyprint lang-lua">r:setcookie(key, value, secure, expires) -- Définit un cookie HTTP, par exemple :
+r:setcookie("foo", "bar and stuff", false, os.time() + 86400)</pre>
-<pre class="prettyprint lang-lua">
-r:wsupgrade() -- Met à jour une connexion vers les WebSockets si possible (et si demandé) :
+<pre class="prettyprint lang-lua">r:wsupgrade() -- Met à jour une connexion vers les WebSockets si possible (et si demandé) :
if r:wsupgrade() then -- si la mise à jour est possible :
r:wswrite("Bienvenue dans les websockets!") -- écrit quelque chose à l'intention du client
r:wsclose() -- Au revoir !
-end
-</pre>
+end</pre>
-<pre class="prettyprint lang-lua">
-r:wsread() -- Lit un cadre de websocket depuis une connexion vers websocket mise à jour (voir ci-dessus) :
+<pre class="prettyprint lang-lua">r:wsread() -- Lit un cadre de websocket depuis une connexion vers websocket mise à jour (voir ci-dessus) :
local line, isFinal = r:wsread() -- isFinal indique s'il s'agit du cadre final.
-- dans le cas contraire, on peut lire les cadres suivants
-r:wswrite("Vous avez écrit : " .. line)
-</pre>
+r:wswrite("Vous avez écrit : " .. line)</pre>
-<pre class="prettyprint lang-lua">
-r:wswrite(line) -- écrit un cadre vers un client WebSocket :
-r:wswrite("Bonjour le Monde !")
-</pre>
+<pre class="prettyprint lang-lua">r:wswrite(line) -- écrit un cadre vers un client WebSocket :
+r:wswrite("Bonjour le Monde !")</pre>
-<pre class="prettyprint lang-lua">
-r:wsclose() -- ferme une requête WebSocket et l'achève pour httpd :
+<pre class="prettyprint lang-lua">r:wsclose() -- ferme une requête WebSocket et l'achève pour httpd :
if r:wsupgrade() then
r:wswrite("Ecrire quelque chose : ")
r:wswrite("Vous avez écrit : " .. line);
r:wswrite("Au revoir !")
r:wsclose()
-end
-</pre>
+end</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="logging" id="logging">Fonctions de journalisation</a></h2>
-<pre class="prettyprint lang-lua">
- -- exemples de messages de journalisation
+<pre class="prettyprint lang-lua"> -- exemples de messages de journalisation
r:trace1("Ceci est un message de journalisation de niveau
trace") -- les niveaux valides vont de trace1 à trace8 <br />
r:debug("Ceci est un message de journalisation de niveau debug")<br />
paquets de données sont envoyés à la chaîne de filtrage. La
structure de base d'une telle fonction est :
</p>
- <pre class="prettyprint lang-lua">
-function filter(r)
+ <pre class="prettyprint lang-lua">function filter(r)
-- Nous indiquons tout d'abord que nous sommes prêts à recevoir des
-- blocs de données.
-- Avant ceci, nous pouvons définir notre environnement, tester
-- arrêt. Les filtres d'entrée comme de sortie peuvent servir à ajouter des éléments à la fin
-- des données à cette étape.
coroutine.yield([optional footer to be appended to the content])
-end
- </pre>
+end</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
</p>
<p>L'exemple suivant montre comment se connecter à une base de
données et extraire des informations d'une table :</p>
- <pre class="prettyprint lang-lua">
-function handle(r)
+ <pre class="prettyprint lang-lua">function handle(r)
-- connexion à la base de données
local database, err = r:dbacquire("mysql", "server=localhost,user=someuser,pass=somepass,dbname=mydb")
if not err then
else
r:puts("Connexion à la base de données impossible : " .. err)
end
-end
- </pre>
+end</pre>
<p>
Pour utiliser <code class="module"><a href="../mod/mod_dbd.html">mod_dbd</a></code>, spécifiez
<code>mod_dbd</code> comme type de base de données, ou laissez le champ
vide :
</p>
- <pre class="prettyprint lang-lua">
- local database = r:dbacquire("mod_dbd")
- </pre>
+ <pre class="prettyprint lang-lua"> local database = r:dbacquire("mod_dbd")</pre>
<h3><a name="database_object" id="database_object">L'objet database et ses méthodes</a></h3>
les méthodes suivantes :</p>
<p><strong>Sélection normale et requête vers une base de données
:</strong></p>
- <pre class="prettyprint lang-lua">
--- Exécution d'une requête et renvoie du nombre d'enregistrements
+ <pre class="prettyprint lang-lua">-- Exécution d'une requête et renvoie du nombre d'enregistrements
affectés :
local affected, errmsg = database:query(r, "DELETE FROM `tbl` WHERE 1")
-- Exécution d'une requête et renvoie du résultat qui peut être utilisé
en mode synchrone ou asynchrone :
-local result, errmsg = database:select(r, "SELECT * FROM `people` WHERE 1")
- </pre>
+local result, errmsg = database:select(r, "SELECT * FROM `people` WHERE 1")</pre>
<p><strong>Utilisation de requêtes préparées (recommandé) :</strong></p>
- <pre class="prettyprint lang-lua">
--- Création et exécution d'une requête préparée :
+ <pre class="prettyprint lang-lua">-- Création et exécution d'une requête préparée :
local statement, errmsg = database:prepare(r, "DELETE FROM `tbl` WHERE `age` > %u")
if not errmsg then
local result, errmsg = statement:query(20) -- exécute la requête pour age > 20
local statement, errmsg = database:prepared(r, "someTag")
if not errmsg then
local result, errmsg = statement:select("John Doe", 123) -- injecte les valeurs "John Doe" et 123 dans la requête
-end
-
-</pre>
+end</pre>
<p><strong>Echappement de valeurs, fermeture de la base données,
etc...</strong></p>
- <pre class="prettyprint lang-lua">
--- Echappe une valeur pour pouvoir l'utiliser dans une requête :
+ <pre class="prettyprint lang-lua">-- Echappe une valeur pour pouvoir l'utiliser dans une requête :
local escaped = database:escape(r, [["'|blabla]])
-- Ferme une base de données et libère les liens vers cette dernière :
-- Vérifie si une connexion à une base de données est en service et
opérationnelle :
-local connected = database:active()
- </pre>
+local connected = database:active()</pre>
<h3><a name="result_sets" id="result_sets">Travail avec les jeux d'enregistrements renvoyés par les requêtes</a></h3>
<code>result(N)</code> sélectionne l'enregistrement numéro
<code>N</code> en mode asynchrone.
</p>
- <pre class="prettyprint lang-lua">
--- extrait un jeu d'enregistrements via une requête régulière :
+ <pre class="prettyprint lang-lua">-- extrait un jeu d'enregistrements via une requête régulière :
local result, err = db:select(r, "SELECT * FROM `tbl` WHERE 1")
local rows = result(0) -- sélectionne tous les enregistrements en mode synchrone
local row = result(-1) -- sélectionne le prochain enregistrement disponible en mode asynchrone
-local row = result(1234) -- sélectionne l'enregistrement 1234 en mode asynchrone
- </pre>
+local row = result(1234) -- sélectionne l'enregistrement 1234 en mode asynchrone</pre>
<p>Il est possible de construire une fonction qui renvoie une
fonction itérative permettant de traiter tous les enregistrement en mode
synchrone ou asynchrone selon la valeur de l'argument async :
</p>
- <pre class="prettyprint lang-lua">
-function rows(resultset, async)
+ <pre class="prettyprint lang-lua">function rows(resultset, async)
local a = 0
local function getnext()
a = a + 1
....
end
end
-end
- </pre>
+end</pre>
<h3><a name="closing_databases" id="closing_databases">Fermeture d'une connexion à une base de données</a></h3>
pas avoir trop de connexions vers la base de données inutilisées. Les
deux mesures suivantes sont pratiquement identiques :
</p>
- <pre class="prettyprint lang-lua">
--- Méthode 1 : fermeture manuelle de la connexion
+ <pre class="prettyprint lang-lua">-- Méthode 1 : fermeture manuelle de la connexion
local database = r:dbacquire("mod_dbd")
database:close() -- c'est tout
-- Méthode 2 : on laisse le collecteur de résidus la fermer
local database = r:dbacquire("mod_dbd")
database = nil -- on coupe le lien
-collectgarbage() -- fermeture de la connexion par le collecteur de résidus
-</pre>
+collectgarbage() -- fermeture de la connexion par le collecteur de résidus</pre>
<h3><a name="database_caveat" id="database_caveat">Précautions à prendre lorsque l'on travaille avec les bases
d'autorisation, elle peut être appelée via la directive <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code> :</p>
-<pre class="prettyprint lang-config">
-LuaRoot /usr/local/apache2/lua
+<pre class="prettyprint lang-config">LuaRoot /usr/local/apache2/lua
LuaAuthzProvider foo authz.lua authz_check_foo
<Location />
Require foo johndoe
-</Location>
-</pre>
+</Location></pre>
-<pre class="prettyprint lang-lua">
-require "apache2"
+<pre class="prettyprint lang-lua">require "apache2"
function authz_check_foo(r, who)
if r.user ~= who then return apache2.AUTHZ_DENIED
return apache2.AUTHZ_GRANTED
-end
-</pre>
+end</pre>
serveur en production, et les valeurs stat ou never pour un serveur
en développement.</p>
- <div class="example"><h3>Exemples :</h3><pre class="prettyprint lang-config">
-LuaCodeCache stat
+ <div class="example"><h3>Exemples :</h3><pre class="prettyprint lang-config">LuaCodeCache stat
LuaCodeCache forever
-LuaCodeCache never
- </pre>
+LuaCodeCache never</pre>
</div>
implémenter une vérification arbitraire de l'authentification et de
l'autorisation. Voici un exemple très simple :
</p>
-<pre class="prettyprint lang-lua">
-require 'apache2'
+<pre class="prettyprint lang-lua">require 'apache2'
-- fonction d'accroche authcheck fictive
-- Si la requête ne contient aucune donnée d'authentification, l'en-tête
return 401
end
return apache2.OK
-end
-</pre>
+end</pre>
<div class="note"><h3>Ordonnancement</h3><p>Les arguments optionnels
"early" ou "late" permettent de contrôler le moment auquel ce script
normale.
</p>
<p>Exemple :</p>
-<pre class="prettyprint lang-config">
-LuaHookLog /path/to/script.lua logger
-</pre>
+<pre class="prettyprint lang-config">LuaHookLog /path/to/script.lua logger</pre>
-<pre class="prettyprint lang-lua">
--- /path/to/script.lua --
+<pre class="prettyprint lang-lua">-- /path/to/script.lua --
function logger(r)
-- on joue à pile ou face :
-- Si on obtient 1, on écrit dans notre propre journal Lua et on dit
r.uri = r.uri:gsub("somesecretstuff", "") -- nettoie les données
return apache2.OK -- et httpd doit alors les enregistrer.
end
-end
-</pre>
+end</pre>
</div>
phase map-to-storage du traitement de la requête. Les modules comme
mod_cache agissent pendant cette phase, ce qui permet de présenter
un exemple intéressant de ce que l'on peut faire ici :</p>
- <pre class="prettyprint lang-config">
- LuaHookMapToStorage /path/to/lua/script.lua check_cache
- </pre>
+ <pre class="prettyprint lang-config"> LuaHookMapToStorage /path/to/lua/script.lua check_cache</pre>
- <pre class="prettyprint lang-lua">
-require"apache2"
+ <pre class="prettyprint lang-lua">require"apache2"
cached_files = {}
function read_file(filename)
end
end
return apache2.DECLINED -- If we had nothing to do, let others serve this.
-end
- </pre>
+end</pre>
<p>Exemple :</p>
-<pre class="prettyprint lang-config">
-# httpd.conf
-LuaHookTranslateName /scripts/conf/hooks.lua silly_mapper
-</pre>
+<pre class="prettyprint lang-config"># httpd.conf
+LuaHookTranslateName /scripts/conf/hooks.lua silly_mapper</pre>
-<pre class="prettyprint lang-lua">
--- /scripts/conf/hooks.lua --
+<pre class="prettyprint lang-lua">-- /scripts/conf/hooks.lua --
require "apache2"
function silly_mapper(r)
if r.uri == "/" then
else
return apache2.DECLINED
end
-end
-</pre>
+end</pre>
<div class="note"><h3>Contexte</h3><p>Cette directive ne peut être
sont transmis au script Lua :
</p>
-<pre class="prettyprint lang-config">
-LuaInputFilter myInputFilter /www/filter.lua input_filter
+<pre class="prettyprint lang-config">LuaInputFilter myInputFilter /www/filter.lua input_filter
<FilesMatch "\.lua>
SetInputFilter myInputFilter
-</FilesMatch>
-</pre>
+</FilesMatch></pre>
-<pre class="prettyprint lang-lua">
---[[
+<pre class="prettyprint lang-lua">--[[
Exemple de filtre en entrée qui convertit toutes les données POST en
majuscules.
]]--
end
-- plus aucune donnée à traiter.
coroutine.yield("&filterSignature=1234") -- Ajoute une signature à la fin
-end
-</pre>
+end</pre>
<p>
Le filtre en entrée peut interdire ou sauter un filtre s'il est
considéré comme indésirable :
</p>
-<pre class="prettyprint lang-lua">
-function input_filter(r)
+<pre class="prettyprint lang-lua">function input_filter(r)
if not good then
return -- Empêche tout simplement le filtrage et transmet le contenu original
end
coroutine.yield() -- attend des paquets de données
... -- insert les filtres ici
-end
-</pre>
+end</pre>
<p>
Voir "<a href="#modifying_buckets">Modification de contenu avec les
d'interpolation dans le chemin du fichier et le nom de la fonction.
Prenez garde aux problèmes de sécurité en écrivant vos expressions
rationnelles.</p>
- <div class="example"><h3>Exemples :</h3><pre class="prettyprint lang-config">
- LuaMapHandler /(\w+)/(\w+) /scripts/$1.lua handle_$2
- </pre>
+ <div class="example"><h3>Exemples :</h3><pre class="prettyprint lang-config"> LuaMapHandler /(\w+)/(\w+) /scripts/$1.lua handle_$2</pre>
</div>
<p>Cette directive va faire correspondre des uri comme
/photos/show?id=9 au fichier /scripts/photos.lua, et invoquera la
fonction de gestionnaire handle_show au niveau de la vm lua
après chargement de ce fichier.</p>
-<pre class="prettyprint lang-config">
- LuaMapHandler /bingo /scripts/wombat.lua
-</pre>
+<pre class="prettyprint lang-config"> LuaMapHandler /bingo /scripts/wombat.lua</pre>
<p>Cette directive invoquera la fonction "handle" qui est la
valeur par défaut si aucun nom de fonction spécifique n'est
sont transmis au script Lua :
</p>
-<pre class="prettyprint lang-config">
-LuaOutputFilter myOutputFilter /www/filter.lua output_filter
+<pre class="prettyprint lang-config">LuaOutputFilter myOutputFilter /www/filter.lua output_filter
<FilesMatch "\.lua>
SetOutputFilter myOutputFilter
-</FilesMatch>
-</pre>
+</FilesMatch></pre>
-<pre class="prettyprint lang-lua">
---[[
+<pre class="prettyprint lang-lua">--[[
Exemple de filtre en sortie qui échappe toutes les entités HTML en
sortie
]]--
coroutine.yield(output) -- Envoie les données traitées à la chaîne
end
-- plus aucune donnée à traiter.
-end
-</pre>
+end</pre>
<p>
Comme les filres en entrée, le filtre en sortie peut interdire ou sauter un filtre s'il est
considéré comme indésirable :
</p>
-<pre class="prettyprint lang-lua">
-function output_filter(r)
+<pre class="prettyprint lang-lua">function output_filter(r)
if not r.content_type:match("text/html") then
return -- Empêche tout simplement le filtrage et transmet le contenu original
end
coroutine.yield() -- attend des paquets de données
... -- insert les filtres ici
-end
-</pre>
+end</pre>
<div class="note"><h3>Les filtres Lua avec <code class="module"><a href="../mod/mod_filter.html">mod_filter</a></code></h3>
<p>Lorsqu'on utilise un filtre Lua comme fournisseur sous-jacent via la
chemins de recherche du module lua. Elle suit les mêmes conventions
que lua. Ceci modifie le package.path dans les vms lua.</p>
- <div class="example"><h3>Exemples :</h3><pre class="prettyprint lang-config">
-LuaPackagePath /scripts/lib/?.lua
-LuaPackagePath /scripts/lib/?/init.lua
- </pre>
+ <div class="example"><h3>Exemples :</h3><pre class="prettyprint lang-config">LuaPackagePath /scripts/lib/?.lua
+LuaPackagePath /scripts/lib/?/init.lua</pre>
</div>
</div>
<p>For example, you might use a macro to define a <code class="directive"><VirtualHost></code> block, in order to define
multiple similar virtual hosts:</p>
-<pre class="prettyprint lang-config">
-<Macro VHost $name $domain>
+<pre class="prettyprint lang-config"><Macro VHost $name $domain>
<VirtualHost *:80>
ServerName $domain
ServerAlias www.$domain
ErrorLog /var/log/httpd/$name.error_log
CustomLog /var/log/httpd/$name.access_log combined
</VirtualHost>
-</Macro>
-</pre>
+</Macro></pre>
<p>Macro names are case-insensitive, like httpd configuration
<p>You would then invoke this macro several times to create virtual
hosts:</p>
-<pre class="prettyprint lang-config">
-Use VHost example example.com
+<pre class="prettyprint lang-config">Use VHost example example.com
Use VHost myhost hostname.org
Use VHost apache apache.org
-UndefMacro VHost
-</pre>
+UndefMacro VHost</pre>
<p>At server startup time, each of these <code class="directive">Use</code>
<p>If you want to use a value within another string, it is useful to
surround the parameter in braces, to avoid confusion:</p>
-<pre class="prettyprint lang-config">
-<Macro DocRoot ${docroot}>
+<pre class="prettyprint lang-config"><Macro DocRoot ${docroot}>
DocumentRoot /var/www/${docroot}/htdocs
-</Macro>
-</pre>
+</Macro></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<p>A common usage of <code class="module"><a href="../mod/mod_macro.html">mod_macro</a></code> is for the creation of
dynamically-generated virtual hosts.</p>
-<pre class="prettyprint lang-config">
-## Define a VHost Macro for repetitive configurations
+<pre class="prettyprint lang-config">## Define a VHost Macro for repetitive configurations
<Macro VHost $host $port $dir>
Listen $port
Use VHost www.apache.org 80 /vhosts/apache/htdocs
Use VHost example.org 8080 /vhosts/example/htdocs
-Use VHost www.example.fr 1234 /vhosts/example.fr/htdocs
-</pre>
+Use VHost www.example.fr 1234 /vhosts/example.fr/htdocs</pre>
avoids confusion in a complex configuration file where there may be
conflicts in variable names.</p>
-<pre class="prettyprint lang-config">
-<Macro DirGroup $dir $group>
+<pre class="prettyprint lang-config"><Macro DirGroup $dir $group>
<Directory $dir>
Require group $group
</Directory>
Use DirGroup /www/apache/private private
Use DirGroup /www/apache/server admin
-UndefMacro DirGroup
-</pre>
+UndefMacro DirGroup</pre>
with such characters.
</p>
- <pre class="prettyprint lang-config">
-<Macro LocalAccessPolicy>
+ <pre class="prettyprint lang-config"><Macro LocalAccessPolicy>
Require ip 10.2.16.0/24
</Macro>
<Macro RestrictedAccessPolicy $ipnumbers>
Require ip $ipnumbers
-</Macro>
- </pre>
+</Macro></pre>
</div>
<p>The <code class="directive">UndefMacro</code> directive undefines a macro
which has been defined before hand.</p>
- <pre class="prettyprint lang-config">
-UndefMacro LocalAccessPolicy
-UndefMacro RestrictedAccessPolicy
- </pre>
+ <pre class="prettyprint lang-config">UndefMacro LocalAccessPolicy
+UndefMacro RestrictedAccessPolicy</pre>
</div>
associated to their corresponding initial parameters and are substituted
before processing.</p>
- <pre class="prettyprint lang-config">
-Use LocalAccessPolicy
+ <pre class="prettyprint lang-config">Use LocalAccessPolicy
...
-Use RestrictedAccessPolicy "192.54.172.0/24 192.54.148.0/24"
- </pre>
+Use RestrictedAccessPolicy "192.54.172.0/24 192.54.148.0/24"</pre>
<p>is equivalent, with the macros defined above, to:</p>
- <pre class="prettyprint lang-config">
-Require ip 10.2.16.0/24
+ <pre class="prettyprint lang-config">Require ip 10.2.16.0/24
...
-Require ip 192.54.172.0/24 192.54.148.0/24
- </pre>
+Require ip 192.54.172.0/24 192.54.148.0/24</pre>
</div>
<code class="directive"><VirtualHost></code>, afin de pouvoir
définir de nombreux serveurs virtuels similaires :</p>
- <pre class="prettyprint lang-config">
-<Macro VHost $name $domain>
+ <pre class="prettyprint lang-config"><Macro VHost $name $domain>
<VirtualHost *:80>
ServerName $domain
ServerAlias www.$domain
ErrorLog /var/log/httpd/$name.error_log
CustomLog /var/log/httpd/$name.access_log combined
</VirtualHost>
-</Macro>
-</pre>
+</Macro></pre>
<p>Comme les directives de configuration httpd, les noms des macros sont
<p>Vous pouvez alors invoquer cette macro autant de fois que vous le
voulez pour créer des serveurs virtuels </p>
-<pre class="prettyprint lang-config">
-Use VHost example example.com
+<pre class="prettyprint lang-config">Use VHost example example.com
Use VHost myhost hostname.org
Use VHost apache apache.org
-UndefMacro VHost
- </pre>
+UndefMacro VHost</pre>
<p>Au démarrage du serveur, chacune de ces invocations
<p>Si vous désirez insérer une valeur dans une chaîne, il est conseillé
de l'entourer d'accolades afin d'éviter toute confusion :</p>
-<pre class="prettyprint lang-config">
-<Macro DocRoot ${docroot}>
+<pre class="prettyprint lang-config"><Macro DocRoot ${docroot}>
DocumentRoot /var/www/${docroot}/htdocs
-</Macro>
-</pre>
+</Macro></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<p>Un exemple typique d'utilisation de <code class="module"><a href="../mod/mod_macro.html">mod_macro</a></code> est la
création dynamique de serveurs virtuels.</p>
-<pre class="prettyprint lang-config">
-## Définition d'une macro VHost pour les configurations répétitives
+<pre class="prettyprint lang-config">## Définition d'une macro VHost pour les configurations répétitives
<Macro VHost $host $port $dir>
Listen $port
Use VHost www.apache.org 80 /vhosts/apache/htdocs
Use VHost example.org 8080 /vhosts/example/htdocs
-Use VHost www.example.fr 1234 /vhosts/example.fr/htdocs
-</pre>
+Use VHost www.example.fr 1234 /vhosts/example.fr/htdocs</pre>
fichier de configuration complexe où des conflits entre noms de
variables peuvent survenir.</p>
-<pre class="prettyprint lang-config">
-<Macro DirGroup $dir $group>
+<pre class="prettyprint lang-config"><Macro DirGroup $dir $group>
<Directory $dir>
Require group $group
</Directory>
Use DirGroup /www/apache/private private
Use DirGroup /www/apache/server admin
-UndefMacro DirGroup
-</pre>
+UndefMacro DirGroup</pre>
de même avec les noms de macros.
</p>
- <pre class="prettyprint lang-config">
-<Macro LocalAccessPolicy>
+ <pre class="prettyprint lang-config"><Macro LocalAccessPolicy>
Require ip 10.2.16.0/24
</Macro>
<Macro RestrictedAccessPolicy $ipnumbers>
Require ip $ipnumbers
-</Macro>
- </pre>
+</Macro></pre>
</div>
argument sont attribuées aux paramètres correspondants et
substituées avant l'interprétation du texte de la macro.</p>
- <pre class="prettyprint lang-config">
-Use LocalAccessPolicy
+ <pre class="prettyprint lang-config">Use LocalAccessPolicy
...
-Use RestrictedAccessPolicy "192.54.172.0/24 192.54.148.0/24"
- </pre>
+Use RestrictedAccessPolicy "192.54.172.0/24 192.54.148.0/24"</pre>
<p>est équivalent, avec les macros définies ci-dessus à :</p>
- <pre class="prettyprint lang-config">
-Require ip 10.2.16.0/24
+ <pre class="prettyprint lang-config">Require ip 10.2.16.0/24
...
-Require ip 192.54.172.0/24 192.54.148.0/24
- </pre>
+Require ip 192.54.172.0/24 192.54.148.0/24</pre>
</div>
script, but not the file <code>bar.cgi.html</code>, then instead
of using <code>AddHandler cgi-script .cgi</code>, use</p>
- <div class="example"><h3>Configure handler based on final extension only</h3><pre class="prettyprint lang-config">
-<FilesMatch \.cgi$>
+ <div class="example"><h3>Configure handler based on final extension only</h3><pre class="prettyprint lang-config"><FilesMatch \.cgi$>
SetHandler cgi-script
-</FilesMatch>
- </pre>
+</FilesMatch></pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
overriding any mappings that already exist for the same
<var>extension</var>.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-AddLanguage ja .ja
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">AddLanguage ja .ja
AddCharset EUC-JP .euc
AddCharset ISO-2022-JP .jis
-AddCharset SHIFT_JIS .sjis
- </pre>
+AddCharset SHIFT_JIS .sjis</pre>
</div>
<p>Then the document <code>xxxx.ja.jis</code> will be treated
overriding any mappings that already exist for the same
<var>extension</var>.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-AddEncoding x-gzip .gz
-AddEncoding x-compress .Z
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">AddEncoding x-gzip .gz
+AddEncoding x-compress .Z</pre>
</div>
<p>This will cause filenames containing the <code>.gz</code> extension
activate CGI scripts with the file extension <code>.cgi</code>, you
might use:</p>
- <pre class="prettyprint lang-config">
- AddHandler cgi-script .cgi
- </pre>
+ <pre class="prettyprint lang-config"> AddHandler cgi-script .cgi</pre>
<p>Once that has been put into your httpd.conf file, any file containing
This directive overrides any mappings that already exist for the same
<var>extension</var>.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-AddEncoding x-compress .Z
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">AddEncoding x-compress .Z
AddLanguage en .en
-AddLanguage fr .fr
- </pre>
+AddLanguage fr .fr</pre>
</div>
<p>Then the document <code>xxxx.en.Z</code> will be treated as
extension, the last one encountered is the one that is used.
That is, for the case of:</p>
- <pre class="prettyprint lang-config">
-AddLanguage en .en
+ <pre class="prettyprint lang-config">AddLanguage en .en
AddLanguage en-gb .en
-AddLanguage en-us .en
- </pre>
+AddLanguage en-us .en</pre>
<p>documents with the extension <code>.en</code> would be treated as
<code>.shtml</code> files for server-side includes and will then
compress the output using <code class="module"><a href="../mod/mod_deflate.html">mod_deflate</a></code>.</p>
- <pre class="prettyprint lang-config">
- AddOutputFilter INCLUDES;DEFLATE shtml
- </pre>
+ <pre class="prettyprint lang-config"> AddOutputFilter INCLUDES;DEFLATE shtml</pre>
<p>If more than one filter is specified, they must be separated
the <code class="directive"><a href="#addoutputfilter">AddOutputFilter</a></code>
directive.</p>
- <pre class="prettyprint lang-config">
-# Effective filter "DEFLATE"
+ <pre class="prettyprint lang-config"># Effective filter "DEFLATE"
AddOutputFilter DEFLATE shtml
<Location /foo>
# Effective filter "INCLUDES", replacing "DEFLATE"
<Location /bar/baz/buz>
# No effective filter, replacing "BUFFER"
RemoveOutputFilter shtml
-</Location>
- </pre>
+</Location></pre>
<h3>See also</h3>
<code class="directive"><a href="#typesconfig">TypesConfig</a></code> file.
</div>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- AddType image/gif .gif
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> AddType image/gif .gif</pre>
</div>
<p>Or, to specify multiple file extensions in one directive:</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- AddType image/jpeg jpeg jpg jpe
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> AddType image/jpeg jpeg jpg jpe</pre>
</div>
<p>The <var>extension</var> argument is case-insensitive and can
can be achieved by qualifying a <var>media-type</var> with
<code>qs</code>:</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- AddType application/rss+xml;qs=0.8 .xml
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> AddType application/rss+xml;qs=0.8 .xml</pre>
</div>
<p>This is useful in situations, <em>e.g.</em> when a client
by <code class="directive"><a href="#addlanguage">AddLanguage</a></code>, then no
Content-Language header field will be generated.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- DefaultLanguage en
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> DefaultLanguage en</pre>
</div>
<h3>See also</h3>
<p>This directive is recommended when you have a virtual filesystem.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- ModMimeUsePathInfo On
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> ModMimeUsePathInfo On</pre>
</div>
<p>If you have a request for <code>/index.php/foo.shtml</code>
and filters to participate in Multviews, but will exclude unknown
files:</p>
- <pre class="prettyprint lang-config">
- MultiviewsMatch Handlers Filters
- </pre>
+ <pre class="prettyprint lang-config"> MultiviewsMatch Handlers Filters</pre>
<p><code class="directive">MultiviewsMatch</code> is not allowed in a
<p>The <var>extension</var> argument is case-insensitive and can
be specified with or without a leading dot.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- RemoveCharset .html .shtml
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> RemoveCharset .html .shtml</pre>
</div>
</div>
any associations inherited from parent directories or the
server config files. An example of its use might be:</p>
- <div class="example"><h3>/foo/.htaccess:</h3><pre class="prettyprint lang-config">
-AddEncoding x-gzip .gz
+ <div class="example"><h3>/foo/.htaccess:</h3><pre class="prettyprint lang-config">AddEncoding x-gzip .gz
AddType text/plain .asc
<Files *.gz.asc>
RemoveEncoding .gz
-</Files>
- </pre>
+</Files></pre>
</div>
<p>This will cause <code>foo.gz</code> to be marked as being
associations inherited from parent directories or the server
config files. An example of its use might be:</p>
- <div class="example"><h3>/foo/.htaccess:</h3><pre class="prettyprint lang-config">
- AddHandler server-parsed .html
- </pre>
+ <div class="example"><h3>/foo/.htaccess:</h3><pre class="prettyprint lang-config"> AddHandler server-parsed .html</pre>
</div>
- <div class="example"><h3>/foo/bar/.htaccess:</h3><pre class="prettyprint lang-config">
- RemoveHandler .html
- </pre>
+ <div class="example"><h3>/foo/bar/.htaccess:</h3><pre class="prettyprint lang-config"> RemoveHandler .html</pre>
</div>
<p>This has the effect of returning <code>.html</code> files in
<p>The <var>extension</var> argument is case-insensitive and can
be specified with or without a leading dot.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- RemoveOutputFilter shtml
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> RemoveOutputFilter shtml</pre>
</div>
<h3>See also</h3>
directories or the server config files. An example of its use
might be:</p>
- <div class="example"><h3>/foo/.htaccess:</h3><pre class="prettyprint lang-config">
- RemoveType .cgi
- </pre>
+ <div class="example"><h3>/foo/.htaccess:</h3><pre class="prettyprint lang-config"> RemoveType .cgi</pre>
</div>
<p>This will remove any special handling of <code>.cgi</code>
used, in which case the more specific setting overrides the main
server's file.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- MimeMagicFile conf/magic
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> MimeMagicFile conf/magic</pre>
</div>
</div>
and the <code>.var</code> file should be associated with the
<code>type-map</code> handler with an <code class="directive"><a href="../mod/mod_mime.html#addhandler">AddHandler</a></code> directive:</p>
- <pre class="prettyprint lang-config">
- AddHandler type-map .var
- </pre>
+ <pre class="prettyprint lang-config"> AddHandler type-map .var</pre>
<p>A request for <code>document.html.var</code> in this directory will
(equally acceptable) then the first matching variant, <code>en</code>,
will be served.</p>
- <pre class="prettyprint lang-config">
-LanguagePriority en fr de
-ForceLanguagePriority Prefer
- </pre>
+ <pre class="prettyprint lang-config">LanguagePriority en fr de
+ForceLanguagePriority Prefer</pre>
<p><code>ForceLanguagePriority Fallback</code> uses
language response, but such a variant isn't found, then the first
variant from the <code class="directive"><a href="#languagepriority">LanguagePriority</a></code> list below will be served.</p>
- <pre class="prettyprint lang-config">
-LanguagePriority en fr de
-ForceLanguagePriority Fallback
- </pre>
+ <pre class="prettyprint lang-config">LanguagePriority en fr de
+ForceLanguagePriority Fallback</pre>
<p>Both options, <code>Prefer</code> and <code>Fallback</code>, may be
express a preference, when handling a Multiviews request. The list
of <var>MIME-lang</var> are in order of decreasing preference.</p>
- <pre class="prettyprint lang-config">
- LanguagePriority en fr de
- </pre>
+ <pre class="prettyprint lang-config"> LanguagePriority en fr de</pre>
<p>For a request for <code>foo.html</code>, where
et le fichier <code>.var</code> doit être associé au gestionnaire
<code>type-map</code> via une directive <code class="directive"><a href="../mod/mod_mime.html#addhandler">AddHandler</a></code> :</p>
- <pre class="prettyprint lang-config">
- AddHandler type-map .var
- </pre>
+ <pre class="prettyprint lang-config"> AddHandler type-map .var</pre>
<p>A l'arrivée d'une requête pour la ressource
première variante acceptable de langue <code>en</code> qui sera
servie.</p>
- <pre class="prettyprint lang-config">
-LanguagePriority en fr de
-ForceLanguagePriority Prefer
- </pre>
+ <pre class="prettyprint lang-config">LanguagePriority en fr de
+ForceLanguagePriority Prefer</pre>
<p><code>ForceLanguagePriority Fallback</code> utilise la directive
dans cette langue n'est trouvée, c'est la première variante de la
liste définie par la directive <code class="directive"><a href="#languagepriority">LanguagePriority</a></code> qui sera servie.</p>
- <pre class="prettyprint lang-config">
-LanguagePriority en fr de
-ForceLanguagePriority Fallback
- </pre>
+ <pre class="prettyprint lang-config">LanguagePriority en fr de
+ForceLanguagePriority Fallback</pre>
<p>Les deux options, <code>Prefer</code> et <code>Fallback</code>,
<var>langages-MIME</var> dans un ordre de préférences
décroissantes.</p>
- <pre class="prettyprint lang-config">
- LanguagePriority en fr de
- </pre>
+ <pre class="prettyprint lang-config"> LanguagePriority en fr de</pre>
<p>Dans le cas d'une requête pour <code>foo.html</code>, si
<p>A typical configuration protecting a server serving static content
might be as follows:</p>
- <pre class="prettyprint lang-config">
-<Location />
+ <pre class="prettyprint lang-config"><Location />
SetOutputFilter POLICY_TYPE;POLICY_LENGTH;POLICY_KEEPALIVE;POLICY_VARY;POLICY_VALIDATION; \
POLICY_CONDITIONAL;POLICY_NOCACHE;POLICY_MAXAGE;POLICY_VERSION
# suppress policy protection for server-status
<Location /server-status>
PolicyFilter off
-</Location>
- </pre>
+</Location></pre>
</div>
<p>When logged or enforced, a response that should have been conditional
but wasn't will be rejected.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-# non-functional conditional responses should be rejected
-PolicyConditional enforce
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"># non-functional conditional responses should be rejected
+PolicyConditional enforce</pre>
</div>
</div>
variable is present and equal to the ignore-value, all policies will
be ignored.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-# downgrade if POLICY_CONTROL was present
-PolicyEnvironment POLICY_CONTROL log ignore
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"># downgrade if POLICY_CONTROL was present
+PolicyEnvironment POLICY_CONTROL log ignore</pre>
</div>
</div>
</table>
<p>Master switch to enable or disable policies for a given URL space.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-# enabled by default
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"># enabled by default
<Location />
PolicyFilter on
</Location>
# suppress policy protection for server-status
<Location /server-status>
PolicyFilter off
-</Location>
-</pre>
+</Location></pre>
</div>
</div>
<code>Content-Length</code> header and a <code>Transfer-Encoding</code>
of <code>chunked</code> will be rejected.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-# missing Content-Length or Transfer-Encoding should be rejected
-PolicyKeepalive enforce
-</pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"># missing Content-Length or Transfer-Encoding should be rejected
+PolicyKeepalive enforce</pre>
</div>
</div>
<p>When logged or enforced, a response that lacks an explicit
<code>Content-Length</code> header will be rejected.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-# missing Content-Length header should be rejected
-PolicyLength enforce
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"># missing Content-Length header should be rejected
+PolicyLength enforce</pre>
</div>
</div>
<code>Expires</code> header, or where the explicit freshness lifetime is
smaller than the given value, will be rejected.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-# reject responses with a freshness lifetime shorter than a day
-PolicyMaxage enforce 86400
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"># reject responses with a freshness lifetime shorter than a day
+PolicyMaxage enforce 86400</pre>
</div>
using the <code>Cache-Control</code> or <code>Pragma</code> headers will
be rejected.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-# Cache-Control: no-cache will be rejected
-PolicyNocache enforce
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"># Cache-Control: no-cache will be rejected
+PolicyNocache enforce</pre>
</div>
header, where the <code>Content-Type</code> header is malformed, or where the
header does not match the given pattern or patterns will be rejected.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-# enforce json or XML
-PolicyType enforce application/json text/xml
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"># enforce json or XML
+PolicyType enforce application/json text/xml</pre>
</div>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-# malformed content type should be rejected
-PolicyType enforce */*
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"># malformed content type should be rejected
+PolicyType enforce */*</pre>
</div>
<code>ETag</code> header or a <code>Last-Modified</code> header, or where
either header is syntactically incorrect, will be rejected.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-# no ETag or Last-Modified will be rejected
-PolicyValidation enforce
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"># no ETag or Last-Modified will be rejected
+PolicyValidation enforce</pre>
</div>
header which in turn contains one of the headers listed, will be
rejected.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-# reject reponses with "User-Agent" listed in the Vary header
-PolicyVary enforce User-Agent
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"># reject reponses with "User-Agent" listed in the Vary header
+PolicyVary enforce User-Agent</pre>
</div>
<p>When logged or enforced, a request with a version lower than specified
will be rejected.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-# reject requests with an HTTP version older than HTTP/1.1
-PolicyVersion enforce HTTP/1.1
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"># reject requests with an HTTP version older than HTTP/1.1
+PolicyVersion enforce HTTP/1.1</pre>
</div>
<p>In addition, if you wish to have caching enabled, consult
the documentation from <code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code>.</p>
- <div class="example"><h3>Reverse Proxy</h3><pre class="prettyprint lang-config">
-ProxyPass /foo http://foo.example.com/bar
-ProxyPassReverse /foo http://foo.example.com/bar
- </pre>
+ <div class="example"><h3>Reverse Proxy</h3><pre class="prettyprint lang-config">ProxyPass /foo http://foo.example.com/bar
+ProxyPassReverse /foo http://foo.example.com/bar</pre>
</div>
- <div class="example"><h3>Forward Proxy</h3><pre class="prettyprint lang-config">
-ProxyRequests On
+ <div class="example"><h3>Forward Proxy</h3><pre class="prettyprint lang-config">ProxyRequests On
ProxyVia On
<Proxy *>
Require host internal.example.com
-</Proxy>
- </pre>
+</Proxy></pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<code class="directive"><a href="#proxypassmatch">ProxyPassMatch</a></code> when used
for a reverse proxy:</p>
- <pre class="prettyprint lang-config">
- ProxyPass /example http://backend.example.com connectiontimeout=5 timeout=30
- </pre>
+ <pre class="prettyprint lang-config"> ProxyPass /example http://backend.example.com connectiontimeout=5 timeout=30</pre>
<p>This will create a worker associated with the origin server URL
values. When used in a forward proxy, workers are usually defined
via the <code class="directive"><a href="#proxyset">ProxySet</a></code> directive:</p>
- <pre class="prettyprint lang-config">
- ProxySet http://backend.example.com connectiontimeout=5 timeout=30
- </pre>
+ <pre class="prettyprint lang-config"> ProxySet http://backend.example.com connectiontimeout=5 timeout=30</pre>
<p>or alternatively using <code class="directive"><a href="#proxy">Proxy</a></code>
and <code class="directive"><a href="#proxyset">ProxySet</a></code>:</p>
- <pre class="prettyprint lang-config">
-<Proxy http://backend.example.com>
+ <pre class="prettyprint lang-config"><Proxy http://backend.example.com>
ProxySet connectiontimeout=5 timeout=30
-</Proxy>
- </pre>
+</Proxy></pre>
<p>Using explicitly configured workers in the forward mode is
<p>The URL identifying a direct worker is the URL of its
origin server including any path components given:</p>
- <pre class="prettyprint lang-config">
-ProxyPass /examples http://backend.example.com/examples
-ProxyPass /docs http://backend.example.com/docs
- </pre>
+ <pre class="prettyprint lang-config">ProxyPass /examples http://backend.example.com/examples
+ProxyPass /docs http://backend.example.com/docs</pre>
<p>This example defines two different workers, each using a separate
the URL of some worker is a leading substring of the URL of another
worker defined later in the configuration file. In the following example</p>
- <pre class="prettyprint lang-config">
-ProxyPass /apps http://backend.example.com/ timeout=60
-ProxyPass /examples http://backend.example.com/examples timeout=10
- </pre>
+ <pre class="prettyprint lang-config">ProxyPass /apps http://backend.example.com/ timeout=60
+ProxyPass /examples http://backend.example.com/examples timeout=10</pre>
<p>the second worker isn't actually created. Instead the first
<p>You can control who can access your proxy via the <code class="directive"><a href="#proxy"><Proxy></a></code> control block as in
the following example:</p>
- <pre class="prettyprint lang-config">
-<Proxy *>
+ <pre class="prettyprint lang-config"><Proxy *>
Require ip 192.168.0
-</Proxy>
- </pre>
+</Proxy></pre>
<p>For more information on access control directives, see
<p>These are the <code>force-proxy-request-1.0</code> and
<code>proxy-nokeepalive</code> notes.</p>
- <pre class="prettyprint lang-config">
-<Location /buggyappserver/>
+ <pre class="prettyprint lang-config"><Location /buggyappserver/>
ProxyPass http://buggyappserver:7001/foo/
SetEnv force-proxy-request-1.0 1
SetEnv proxy-nokeepalive 1
-</Location>
- </pre>
+</Location></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
always served directly, without forwarding to the configured
<code class="directive"><a href="#proxyremote">ProxyRemote</a></code> proxy server(s).</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-ProxyRemote * http://firewall.example.com:81
-NoProxy .example.com 192.168.112.0/21
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">ProxyRemote * http://firewall.example.com:81
+NoProxy .example.com 192.168.112.0/21</pre>
</div>
<p>The <var>host</var> arguments to the <code class="directive">NoProxy</code>
<code>yournetwork.example.com</code> to access content via your proxy
server:</p>
- <pre class="prettyprint lang-config">
-<Proxy *>
+ <pre class="prettyprint lang-config"><Proxy *>
Require host yournetwork.example.com
-</Proxy>
- </pre>
+</Proxy></pre>
<p>The following example will process all files in the <code>foo</code>
directory of <code>example.com</code> through the <code>INCLUDES</code>
filter when they are sent through the proxy server:</p>
- <pre class="prettyprint lang-config">
-<Proxy http://example.com/foo/*>
+ <pre class="prettyprint lang-config"><Proxy http://example.com/foo/*>
SetOutputFilter INCLUDES
-</Proxy>
- </pre>
+</Proxy></pre>
<div class="note"><h3>Differences from the Location configuration section</h3>
<p>Note that the DNS lookups may slow down the startup time of the
server.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- ProxyBlock news.example.com auctions.example.com friends.example.com
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> ProxyBlock news.example.com auctions.example.com friends.example.com</pre>
</div>
<p>Note that <code>example</code> would also be sufficient to match any
<p>Note also that</p>
- <pre class="prettyprint lang-config">
- ProxyBlock *
- </pre>
+ <pre class="prettyprint lang-config"> ProxyBlock *</pre>
<p>blocks connections to all sites.</p>
response to the same host with the configured <var>Domain</var> appended
will be generated.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- ProxyRemote * http://firewall.example.com:81<br />
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> ProxyRemote * http://firewall.example.com:81<br />
NoProxy .example.com 192.168.112.0/21<br />
- ProxyDomain .example.com
- </pre>
+ ProxyDomain .example.com</pre>
</div>
</div>
<code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>. In order to prevent confusion, numbered
(unnamed) backreferences are ignored. Use named groups instead.</p>
-<pre class="prettyprint lang-config">
-<ProxyMatch ^http://(?<sitename>[^/]+)>
+<pre class="prettyprint lang-config"><ProxyMatch ^http://(?<sitename>[^/]+)>
require ldap-group cn=%{env:MATCH_SITENAME},ou=combined,o=Example
-</ProxyMatch>
-</pre>
+</ProxyMatch></pre>
<h3>See also</h3>
<code>Max-Forwards</code> header supplied with the request. This may
be set to prevent infinite proxy loops, or a DoS attack.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- ProxyMaxForwards 15
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> ProxyMaxForwards 15</pre>
</div>
<p>Note that setting <code class="directive">ProxyMaxForwards</code> is a
<p>Suppose the local server has address <code>http://example.com/</code>;
then</p>
- <pre class="prettyprint lang-config">
-<Location /mirror/foo/>
+ <pre class="prettyprint lang-config"><Location /mirror/foo/>
ProxyPass http://backend.example.com/
-</Location>
- </pre>
+</Location></pre>
<p>will cause a local request for
the below syntax is that it allows for dynamic control via the
<a href="mod_proxy_balancer.html#balancer_manager">Balancer Manager</a> interface:</p>
- <pre class="prettyprint lang-config">
- ProxyPass /mirror/foo/ http://backend.example.com/
- </pre>
+ <pre class="prettyprint lang-config"> ProxyPass /mirror/foo/ http://backend.example.com/</pre>
<div class="warning">
<p>The <code>!</code> directive is useful in situations where you don't want
to reverse-proxy a subdirectory, <em>e.g.</em></p>
- <pre class="prettyprint lang-config">
-<Location /mirror/foo/>
+ <pre class="prettyprint lang-config"><Location /mirror/foo/>
ProxyPass http://backend.example.com/
</Location>
<Location /mirror/foo/i>
ProxyPass !
-</Location>
- </pre>
+</Location></pre>
- <pre class="prettyprint lang-config">
-ProxyPass /mirror/foo/i !
-ProxyPass /mirror/foo http://backend.example.com
- </pre>
+ <pre class="prettyprint lang-config">ProxyPass /mirror/foo/i !
+ProxyPass /mirror/foo http://backend.example.com</pre>
<p>will proxy all requests to <code>/mirror/foo</code> to
among all child processes, except when only one child process is allowed
by configuration or MPM design.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- ProxyPass /example http://backend.example.com max=20 ttl=120 retry=300
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> ProxyPass /example http://backend.example.com max=20 ttl=120 retry=300</pre>
</div>
<table class="bordered"><tr><th>BalancerMember parameters</th></tr></table>
</table>
<p>A sample balancer setup</p>
- <pre class="prettyprint lang-config">
-ProxyPass /special-area http://special.example.com smax=5 max=10
+ <pre class="prettyprint lang-config">ProxyPass /special-area http://special.example.com smax=5 max=10
ProxyPass / balancer://mycluster/ stickysession=JSESSIONID|jsessionid nofailover=On
<Proxy balancer://mycluster>
BalancerMember ajp://1.2.3.4:8009
BalancerMember ajp://1.2.3.5:8009 loadfactor=20
# Less powerful server, don't send as many requests there,
BalancerMember ajp://1.2.3.6:8009 loadfactor=5
-</Proxy>
- </pre>
+</Proxy></pre>
<p>Setting up a hot-standby, that will only be used if no other
members are available</p>
- <pre class="prettyprint lang-config">
-ProxyPass / balancer://hotcluster/
+ <pre class="prettyprint lang-config">ProxyPass / balancer://hotcluster/
<Proxy balancer://hotcluster>
BalancerMember ajp://1.2.3.4:8009 loadfactor=1
BalancerMember ajp://1.2.3.5:8009 loadfactor=2
# The server below is on hot standby
BalancerMember ajp://1.2.3.6:8009 status=+H
ProxySet lbmethod=bytraffic
-</Proxy>
- </pre>
+</Proxy></pre>
<p>Normally, mod_proxy will canonicalise ProxyPassed URLs.
scheme can be accomplished with <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> as in the
following example.</p>
- <pre class="prettyprint lang-config">
-RewriteEngine On
+ <pre class="prettyprint lang-config">RewriteEngine On
RewriteCond %{HTTPS} =off
RewriteRule . - [E=protocol:http]
RewriteRule ^/mirror/foo/(.*) %{ENV:protocol}://backend.example.com/$1 [P]
ProxyPassReverse /mirror/foo/ http://backend.example.com/
-ProxyPassReverse /mirror/foo/ https://backend.example.com/
- </pre>
+ProxyPassReverse /mirror/foo/ https://backend.example.com/</pre>
</div>
<p>Suppose the local server has address <code>http://example.com/</code>;
then</p>
- <pre class="prettyprint lang-config">
- ProxyPassMatch ^(/.*\.gif)$ http://backend.example.com$1
- </pre>
+ <pre class="prettyprint lang-config"> ProxyPassMatch ^(/.*\.gif)$ http://backend.example.com$1</pre>
<p>will cause a local request for
<p>The URL argument must be parsable as a URL <em>before</em> regexp
substitutions (as well as after). This limits the matches you can use.
For instance, if we had used</p>
- <pre class="prettyprint lang-config">
- ProxyPassMatch ^(/.*\.gif)$ http://backend.example.com:8000$1
- </pre>
+ <pre class="prettyprint lang-config"> ProxyPassMatch ^(/.*\.gif)$ http://backend.example.com:8000$1</pre>
<p>in our previous example, it would fail with a syntax error
at server startup. This is a bug (PR 46665 in the ASF bugzilla),
and the workaround is to reformulate the match:</p>
- <pre class="prettyprint lang-config">
- ProxyPassMatch ^/(.*\.gif)$ http://backend.example.com:8000/$1
- </pre>
+ <pre class="prettyprint lang-config"> ProxyPassMatch ^/(.*\.gif)$ http://backend.example.com:8000/$1</pre>
</div>
<p>The <code>!</code> directive is useful in situations where you don't want
<p>For example, suppose the local server has address
<code>http://example.com/</code>; then</p>
- <pre class="prettyprint lang-config">
-ProxyPass /mirror/foo/ http://backend.example.com/
+ <pre class="prettyprint lang-config">ProxyPass /mirror/foo/ http://backend.example.com/
ProxyPassReverse /mirror/foo/ http://backend.example.com/
ProxyPassReverseCookieDomain backend.example.com public.example.com
-ProxyPassReverseCookiePath / /mirror/foo/
- </pre>
+ProxyPassReverseCookiePath / /mirror/foo/</pre>
<p>will not only cause a local request for the
In the example given with
<code class="directive"><a href="#proxypassreverse">ProxyPassReverse</a></code>, the directive:
</p>
- <pre class="prettyprint lang-config">
- ProxyPassReverseCookiePath / /mirror/foo/
- </pre>
+ <pre class="prettyprint lang-config"> ProxyPassReverseCookiePath / /mirror/foo/</pre>
<p>
will rewrite a cookie with backend path <code>/</code> (or
to <code>0</code> to indicate that the system's default buffer size should
be used.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- ProxyReceiveBufferSize 2048
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> ProxyReceiveBufferSize 2048</pre>
</div>
</div>
are supported by this module. When using <code>https</code>, the requests
are forwarded through the remote proxy using the HTTP CONNECT method.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-ProxyRemote http://goodguys.example.com/ http://mirrorguys.example.com:8000
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">ProxyRemote http://goodguys.example.com/ http://mirrorguys.example.com:8000
ProxyRemote * http://cleverproxy.localdomain
-ProxyRemote ftp http://ftpproxy.mydomain:8080
- </pre>
+ProxyRemote ftp http://ftpproxy.mydomain:8080</pre>
</div>
<p>In the last example, the proxy will forward FTP requests, encapsulated
<code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> instead of a
<code class="directive"><a href="#proxypass">ProxyPass</a></code> directive.</p>
- <div class="example"><pre class="prettyprint lang-config">
-<Proxy balancer://hotcluster>
+ <div class="example"><pre class="prettyprint lang-config"><Proxy balancer://hotcluster>
BalancerMember http://www2.example.com:8080 loadfactor=1
BalancerMember http://www3.example.com:8080 loadfactor=2
ProxySet lbmethod=bytraffic
-</Proxy>
- </pre>
+</Proxy></pre>
</div>
- <pre class="prettyprint lang-config">
-<Proxy http://backend>
+ <pre class="prettyprint lang-config"><Proxy http://backend>
ProxySet keepalive=On
-</Proxy>
- </pre>
+</Proxy></pre>
- <pre class="prettyprint lang-config">
- ProxySet balancer://foo lbmethod=bytraffic timeout=15
- </pre>
+ <pre class="prettyprint lang-config"> ProxySet balancer://foo lbmethod=bytraffic timeout=15</pre>
- <pre class="prettyprint lang-config">
- ProxySet ajp://backend:7001 timeout=15
- </pre>
+ <pre class="prettyprint lang-config"> ProxySet ajp://backend:7001 timeout=15</pre>
<div class="warning"><h3>Warning</h3>
<p>Si en outre, vous désirez activer la mise en cache, consultez la
documentation de <code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code>.</p>
- <div class="example"><h3>Mandataire inverse</h3><pre class="prettyprint lang-config">
-ProxyPass /foo http://foo.example.com/bar
-ProxyPassReverse /foo http://foo.example.com/bar
- </pre>
+ <div class="example"><h3>Mandataire inverse</h3><pre class="prettyprint lang-config">ProxyPass /foo http://foo.example.com/bar
+ProxyPassReverse /foo http://foo.example.com/bar</pre>
</div>
- <div class="example"><h3>Mandataire direct</h3><pre class="prettyprint lang-config">
-ProxyRequests On
+ <div class="example"><h3>Mandataire direct</h3><pre class="prettyprint lang-config">ProxyRequests On
ProxyVia On
<Proxy *>
Require host internal.example.com
-</Proxy>
- </pre>
+</Proxy></pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
Ils sont en général définis via les directives <code class="directive"><a href="#proxypass">ProxyPass</a></code> ou <code class="directive"><a href="#proxypassmatch">ProxyPassMatch</a></code> lorsqu'on les
utilise dans le cadre d'un mandataire inverse :</p>
- <div class="example"><pre class="prettyprint lang-config">
- ProxyPass /example http://backend.example.com connectiontimeout=5 timeout=30
- </pre>
+ <div class="example"><pre class="prettyprint lang-config"> ProxyPass /example http://backend.example.com connectiontimeout=5 timeout=30</pre>
</div>
d'un mandataire direct, les workers sont en général définis via la
directive <code class="directive"><a href="#proxyset">ProxySet</a></code>,</p>
- <div class="example"><pre class="prettyprint lang-config">
- ProxySet http://backend.example.com connectiontimeout=5 timeout=30
- </pre>
+ <div class="example"><pre class="prettyprint lang-config"> ProxySet http://backend.example.com connectiontimeout=5 timeout=30</pre>
</div>
<p>ou encore via les directives <code class="directive"><a href="#proxy">Proxy</a></code> et <code class="directive"><a href="#proxyset">ProxySet</a></code> :</p>
- <pre class="prettyprint lang-config">
-<Proxy http://backend.example.com>
+ <pre class="prettyprint lang-config"><Proxy http://backend.example.com>
ProxySet connectiontimeout=5 timeout=30
-</Proxy>
- </pre>
+</Proxy></pre>
<p>L'utilisation de workers définis explicitement dans le mode
<p>L'URL qui identifie un worker correspond à l'URL de son serveur
original, y compris un éventuel chemin donné :</p>
- <pre class="prettyprint lang-config">
-ProxyPass /examples http://backend.example.com/examples
-ProxyPass /docs http://backend.example.com/docs
- </pre>
+ <pre class="prettyprint lang-config">ProxyPass /examples http://backend.example.com/examples
+ProxyPass /docs http://backend.example.com/docs</pre>
<p>Dans cet exemple, deux workers différents sont définis, chacun
correspond au début de l'URL d'un autre worker défini plus loin
dans le fichier de configuration. Dans l'exemple suivant,</p>
- <pre class="prettyprint lang-config">
-ProxyPass /apps http://backend.example.com/ timeout=60
-ProxyPass /examples http://backend.example.com/examples timeout=10
- </pre>
+ <pre class="prettyprint lang-config">ProxyPass /apps http://backend.example.com/ timeout=60
+ProxyPass /examples http://backend.example.com/examples timeout=10</pre>
<p>le second worker n'est pas vraiment créé. C'est le premier
de contrôle <code class="directive"><a href="#proxy"><Proxy></a></code> comme dans
l'exemple suivant :</p>
- <pre class="prettyprint lang-config">
-<Proxy *>
+ <pre class="prettyprint lang-config"><Proxy *>
Require ip 192.168.0
-</Proxy>
- </pre>
+</Proxy></pre>
<p>Pour plus de détails sur les directives de contrôle d'accès,
<p>Il s'agit des variables <code>force-proxy-request-1.0</code> et
<code>proxy-nokeepalive</code>.</p>
- <pre class="prettyprint lang-config">
-<Location /buggyappserver/>
+ <pre class="prettyprint lang-config"><Location /buggyappserver/>
ProxyPass http://buggyappserver:7001/foo/
SetEnv force-proxy-request-1.0 1
SetEnv proxy-nokeepalive 1
-</Location>
- </pre>
+</Location></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
sans être redirigée vers le(s) serveur(s) mandataire(s) défini(s) par
la directive <code class="directive"><a href="#proxyremote">ProxyRemote</a></code>.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
-ProxyRemote * http://firewall.example.com:81
-NoProxy .example.com 192.168.112.0/21
- </pre>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">ProxyRemote * http://firewall.example.com:81
+NoProxy .example.com 192.168.112.0/21</pre>
</div>
<p>Le type des arguments <var>serveur</var> de la directive
contenu via votre serveur mandataire que les hôtes appartenant à
<code>votre-reseau.example.com</code> :</p>
- <pre class="prettyprint lang-config">
-<Proxy *>
+ <pre class="prettyprint lang-config"><Proxy *>
Require host votre-reseau.example.com
-</Proxy>
- </pre>
+</Proxy></pre>
<p>Dans l'exemple suivant, tous les fichiers du répertoire
filtre <code>INCLUDES</code> lorsqu'ils seront envoyés par
l'intermédiaire du serveur mandataire :</p>
- <pre class="prettyprint lang-config">
-<Proxy http://example.com/foo/*>
+ <pre class="prettyprint lang-config"><Proxy http://example.com/foo/*>
SetOutputFilter INCLUDES
-</Proxy>
- </pre>
+</Proxy></pre>
<div class="note"><h3>Différences avec la section de configuration Location</h3>
<p>Notez que les recherches DNS peuvent ralentir le processus de
démarrage du serveur.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
- ProxyBlock news.example.com auctions.example.com friends.example.com
- </pre>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"> ProxyBlock news.example.com auctions.example.com friends.example.com</pre>
</div>
<p>Notez qu'<code>example</code> suffirait aussi pour atteindre
<p>Notez aussi que</p>
- <pre class="prettyprint lang-config">
- ProxyBlock *
- </pre>
+ <pre class="prettyprint lang-config"> ProxyBlock *</pre>
<p>bloque les connexions vers tous les sites.</p>
générer une réponse de redirection vers le même hôte suffixé par le
<var>Domaine</var> spécifié.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
- ProxyRemote * http://firewall.example.com:81<br />
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"> ProxyRemote * http://firewall.example.com:81<br />
NoProxy .example.com 192.168.112.0/21<br />
- ProxyDomain .example.com
- </pre>
+ ProxyDomain .example.com</pre>
</div>
</div>
nommées) sont ignorées. Vous devez utiliser à la place des groupes
nommés.</p>
-<pre class="prettyprint lang-config">
-<ProxyMatch ^http://(?<sitename>[^/]+)>
+<pre class="prettyprint lang-config"><ProxyMatch ^http://(?<sitename>[^/]+)>
require ldap-group cn=%{env:MATCH_SITENAME},ou=combined,o=Example
-</ProxyMatch>
-</pre>
+</ProxyMatch></pre>
<h3>Voir aussi</h3>
contre les boucles infinies de mandataires ou contre les attaques de
type déni de service.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
- ProxyMaxForwards 15
- </pre>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"> ProxyMaxForwards 15</pre>
</div>
<p>Notez que la définition de la directive
<p>Supposons que le serveur local a pour adresse
<code>http://example.com/</code> ; alors la ligne</p>
- <pre class="prettyprint lang-config">
-<Location /mirror/foo/>
+ <pre class="prettyprint lang-config"><Location /mirror/foo/>
ProxyPass http://backend.example.com/
-</Location>
- </pre>
+</Location></pre>
<p>va convertir en interne toute requête pour
présente en très grand nombre. Elle possède l'avantage de
permettre un contrôle dynamique via l'interface <a href="mod_proxy_balancer.html#balancer_manager">Balancer Manager</a> :</p>
- <pre class="prettyprint lang-config">
- ProxyPass /miroir/foo/ http://backend.example.com/
- </pre>
+ <pre class="prettyprint lang-config"> ProxyPass /miroir/foo/ http://backend.example.com/</pre>
<div class="warning">
<p>Le drapeau <code>!</code> permet de soustraire un sous-répertoire
du mandat inverse, comme dans l'exemple suivant :</p>
- <pre class="prettyprint lang-config">
-<Location /mirror/foo/>
+ <pre class="prettyprint lang-config"><Location /mirror/foo/>
ProxyPass http://backend.example.com/
</Location>
<Location /mirror/foo/i>
ProxyPass !
-</Location>
- </pre>
+</Location></pre>
- <pre class="prettyprint lang-config">
-ProxyPass /mirror/foo/i !
-ProxyPass /mirror/foo http://backend.example.com
- </pre>
+ <pre class="prettyprint lang-config">ProxyPass /mirror/foo/i !
+ProxyPass /mirror/foo http://backend.example.com</pre>
<p>va mandater toutes les requêtes pour <code>/miroir/foo</code>
enfants, sauf si un seul processus enfant est autorisé par la
configuration ou la conception du module multi-processus (MPM).</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
- ProxyPass /example http://backend.example.com max=20 ttl=120 retry=300
- </pre>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"> ProxyPass /example http://backend.example.com max=20 ttl=120 retry=300</pre>
</div>
<table class="bordered"><tr><th>Paramètres de BalancerMember</th></tr></table>
</table>
<p>Exemple de configuration d'un répartiteur de charge</p>
- <pre class="prettyprint lang-config">
-ProxyPass /special-area http://special.example.com smax=5 max=10
+ <pre class="prettyprint lang-config">ProxyPass /special-area http://special.example.com smax=5 max=10
ProxyPass / balancer://mycluster/ stickysession=JSESSIONID|jsessionid nofailover=On
<Proxy balancer://mycluster>
BalancerMember ajp://1.2.3.4:8009
BalancerMember ajp://1.2.3.5:8009 loadfactor=20
# Less powerful server, don't send as many requests there,
BalancerMember ajp://1.2.3.6:8009 loadfactor=5
-</Proxy>
- </pre>
+</Proxy></pre>
<p>Configuration d'un serveur cible de réserve qui ne sera utilisé que si
aucun autre serveur cible n'est disponible</p>
- <pre class="prettyprint lang-config">
-ProxyPass / balancer://hotcluster/
+ <pre class="prettyprint lang-config">ProxyPass / balancer://hotcluster/
<Proxy balancer://hotcluster>
BalancerMember ajp://1.2.3.4:8009 loadfactor=1
BalancerMember ajp://1.2.3.5:8009 loadfactor=2
# The server below is on hot standby
BalancerMember ajp://1.2.3.6:8009 status=+H
ProxySet lbmethod=bytraffic
-</Proxy>
- </pre>
+</Proxy></pre>
<p>Normalement, mod_proxy va mettre sous leur forme canonique les
protocole peut être effectuée à l'aide de
<code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> comme dans l'exemple suivant :</p>
- <pre class="prettyprint lang-config">
-RewriteEngine On
+ <pre class="prettyprint lang-config">RewriteEngine On
RewriteCond %{HTTPS} =off
RewriteRule . - [E=protocol:http]
RewriteRule ^/mirror/foo/(.*) %{ENV:protocol}://backend.example.com/$1 [P]
ProxyPassReverse /mirror/foo/ http://backend.example.com/
-ProxyPassReverse /mirror/foo/ https://backend.example.com/
- </pre>
+ProxyPassReverse /mirror/foo/ https://backend.example.com/</pre>
<p>Supposons que le serveur local a pour adresse
<code>http://example.com/</code> ; alors</p>
- <pre class="prettyprint lang-config">
- ProxyPassMatch ^(/.*\.gif)$ http://backend.example.com$1
- </pre>
+ <pre class="prettyprint lang-config"> ProxyPassMatch ^(/.*\.gif)$ http://backend.example.com$1</pre>
<p>va provoquer la conversion interne de la requête locale
<em>avant</em> les substitutions d'expressions rationnelles (et
doit aussi l'être après). Ceci limite les correspondances que vous
pouvez utiliser. Par exemple, si l'on avait utilisé</p>
- <pre class="prettyprint lang-config">
- ProxyPassMatch ^(/.*\.gif)$ http://backend.example.com:8000$1
- </pre>
+ <pre class="prettyprint lang-config"> ProxyPassMatch ^(/.*\.gif)$ http://backend.example.com:8000$1</pre>
<p>dans l'exemple précédent, nous aurions provoqué une erreur de
syntaxe au démarrage du serveur. C'est une bogue (PR 46665 dans
ASF bugzilla), et il est possible de la contourner en reformulant
la correspondance :</p>
- <pre class="prettyprint lang-config">
- ProxyPassMatch ^/(.*\.gif)$ http://backend.example.com:8000/$1
- </pre>
+ <pre class="prettyprint lang-config"> ProxyPassMatch ^/(.*\.gif)$ http://backend.example.com:8000/$1</pre>
</div>
<p>Supposons par exemple que le serveur local a pour adresse
<code>http://example.com/</code> ; alors</p>
- <pre class="prettyprint lang-config">
-ProxyPass /mirror/foo/ http://backend.example.com/
+ <pre class="prettyprint lang-config">ProxyPass /mirror/foo/ http://backend.example.com/
ProxyPassReverse /mirror/foo/ http://backend.example.com/
ProxyPassReverseCookieDomain backend.example.com public.example.com
-ProxyPassReverseCookiePath / /mirror/foo/
- </pre>
+ProxyPassReverseCookiePath / /mirror/foo/</pre>
<p>ne va pas seulement provoquer la conversion interne d'une requête
</p><p>
Dans l'exemple fourni avec la directive <code class="directive"><a href="#proxypassreverse">ProxyPassReverse</a></code>, la directive :
</p>
- <pre class="prettyprint lang-config">
- ProxyPassReverseCookiePath / /mirror/foo/
- </pre>
+ <pre class="prettyprint lang-config"> ProxyPassReverseCookiePath / /mirror/foo/</pre>
<p>
va réécrire un cookie possédant un chemin d'arrière-plan <code>/</code>
<code>0</code> pour indiquer que la taille de tampon par défaut du
système doit être utilisée.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
- ProxyReceiveBufferSize 2048
- </pre>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"> ProxyReceiveBufferSize 2048</pre>
</div>
</div>
<code>https</code>, les requêtes sont redirigées par le mandataire
distant en utilisant la méthode HTTP CONNECT.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
-ProxyRemote http://goodguys.example.com/ http://mirrorguys.example.com:8000
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">ProxyRemote http://goodguys.example.com/ http://mirrorguys.example.com:8000
ProxyRemote * http://cleverproxy.localdomain
-ProxyRemote ftp http://ftpproxy.mydomain:8080
- </pre>
+ProxyRemote ftp http://ftpproxy.mydomain:8080</pre>
</div>
<p>Dans la dernière ligne de l'exemple, le mandataire va faire
est créé. Ceci peut s'avérer utile pour la mise en oeuvre d'un
mandataire inverse via une directive <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> au lieu de <code class="directive"><a href="#proxypass">ProxyPass</a></code>.</p>
- <div class="example"><pre class="prettyprint lang-config">
-<Proxy balancer://hotcluster>
+ <div class="example"><pre class="prettyprint lang-config"><Proxy balancer://hotcluster>
BalancerMember http://www2.example.com:8080 loadfactor=1
BalancerMember http://www3.example.com:8080 loadfactor=2
ProxySet lbmethod=bytraffic
-</Proxy>
- </pre>
+</Proxy></pre>
</div>
- <pre class="prettyprint lang-config">
-<Proxy http://backend>
+ <pre class="prettyprint lang-config"><Proxy http://backend>
ProxySet keepalive=On
-</Proxy>
- </pre>
+</Proxy></pre>
- <pre class="prettyprint lang-config">
- ProxySet balancer://foo lbmethod=bytraffic timeout=15
- </pre>
+ <pre class="prettyprint lang-config"> ProxySet balancer://foo lbmethod=bytraffic timeout=15</pre>
- <pre class="prettyprint lang-config">
- ProxySet ajp://backend:7001 timeout=15
- </pre>
+ <pre class="prettyprint lang-config"> ProxySet ajp://backend:7001 timeout=15</pre>
<div class="warning"><h3>Avertissement</h3>
(e.g. Apache Tomcat) using the AJP13 protocol. The usage is similar to
an HTTP reverse proxy, but uses the <code>ajp://</code> prefix:</p>
- <div class="example"><h3>Simple Reverse Proxy</h3><pre class="prettyprint lang-config">
- ProxyPass /app ajp://backend.example.com:8009/app
- </pre>
+ <div class="example"><h3>Simple Reverse Proxy</h3><pre class="prettyprint lang-config"> ProxyPass /app ajp://backend.example.com:8009/app</pre>
</div>
<p>Balancers may also be used:</p>
- <div class="example"><h3>Balancer Reverse Proxy</h3><pre class="prettyprint lang-config">
-<Proxy balancer://cluster>
+ <div class="example"><h3>Balancer Reverse Proxy</h3><pre class="prettyprint lang-config"><Proxy balancer://cluster>
BalancerMember ajp://app1.example.com:8009 loadfactor=1
BalancerMember ajp://app2.example.com:8009 loadfactor=2
ProxySet lbmethod=bytraffic
</Proxy>
-ProxyPass /app balancer://cluster/app
- </pre>
+ProxyPass /app balancer://cluster/app</pre>
</div>
<p>Note that usually no
backend. In this case, a redirect header can be rewritten relative to the
original host URL (not the backend <code>ajp://</code> URL), for
example:</p>
- <div class="example"><h3>Rewriting Proxied Path</h3><pre class="prettyprint lang-config">
-ProxyPass /apps/foo ajp://backend.example.com:8009/foo
-ProxyPassReverse /apps/foo http://www.example.com/foo
- </pre>
+ <div class="example"><h3>Rewriting Proxied Path</h3><pre class="prettyprint lang-config">ProxyPass /apps/foo ajp://backend.example.com:8009/foo
+ProxyPassReverse /apps/foo http://www.example.com/foo</pre>
</div>
<p>However, it is usually better to deploy the application on the backend
server at the same path as the proxy rather than to take this approach.
<h2><a name="rpacetstruct" id="rpacetstruct">Request Packet Structure</a></h2>
<p>For messages from the server to the container of type
<em>Forward Request</em>:</p>
- <div class="example"><pre>
-AJP13_FORWARD_REQUEST :=
+ <div class="example"><pre>AJP13_FORWARD_REQUEST :=
prefix_code (byte) 0x02 = JK_AJP13_FORWARD_REQUEST
method (byte)
protocol (string)
num_headers (integer)
request_headers *(req_header_name req_header_value)
attributes *(attribut_name attribute_value)
- request_terminator (byte) OxFF
- </pre></div>
+ request_terminator (byte) OxFF</pre></div>
<p>The <code>request_headers</code> have the following structure:
- </p><div class="example"><pre>
-req_header_name :=
+ </p><div class="example"><pre>req_header_name :=
sc_req_header_name | (string) [see below for how this is parsed]
sc_req_header_name := 0xA0xx (integer)
-req_header_value := (string)
-</pre></div>
+req_header_value := (string)</pre></div>
<p>The <code>attributes</code> are optional and have the following
structure:</p>
- <div class="example"><pre>
-attribute_name := sc_a_name | (sc_a_req_attribute string)
+ <div class="example"><pre>attribute_name := sc_a_name | (sc_a_req_attribute string)
-attribute_value := (string)
-
- </pre></div>
+attribute_value := (string)</pre></div>
<p>Not that the all-important header is <code>content-length</code>,
because it determines whether or not the container looks for another
packet immediately.</p>
<div class="section">
<h2><a name="resppacketstruct" id="resppacketstruct">Response Packet Structure</a></h2>
<p>for messages which the container can send back to the server.</p>
- <div class="example"><pre>
-AJP13_SEND_BODY_CHUNK :=
+ <div class="example"><pre>AJP13_SEND_BODY_CHUNK :=
prefix_code 3
chunk_length (integer)
chunk *(byte)
AJP13_GET_BODY_CHUNK :=
prefix_code 6
- requested_length (integer)
- </pre></div>
+ requested_length (integer)</pre></div>
<h3>Details:</h3>
<h3>Send Body Chunk</h3>
<p>The chunk is basically binary data, and is sent directly back to the
<h2><a name="rpacetstruct" id="rpacetstruct">リクエストパケット構造</a></h2>
<p>サーバからコンテナへ送られるメッセージが
<em>Forward Request</em> 型の場合 :</p>
- <div class="example"><pre>
-AJP13_FORWARD_REQUEST :=
+ <div class="example"><pre>AJP13_FORWARD_REQUEST :=
prefix_code (byte) 0x02 = JK_AJP13_FORWARD_REQUEST
method (byte)
protocol (string)
num_headers (integer)
request_headers *(req_header_name req_header_value)
attributes *(attribut_name attribute_value)
- request_terminator (byte) OxFF
- </pre></div>
+ request_terminator (byte) OxFF</pre></div>
<p><code>request_headers</code> は次のような構造になっています :
- </p><div class="example"><pre>
-req_header_name :=
+ </p><div class="example"><pre>req_header_name :=
sc_req_header_name | (string) [see below for how this is parsed]
sc_req_header_name := 0xA0xx (integer)
-req_header_value := (string)
-</pre></div>
+req_header_value := (string)</pre></div>
<p><code>属性</code> はオプションで、次のような構造をしています :</p>
- <div class="example"><pre>
-attribute_name := sc_a_name | (sc_a_req_attribute string)
+ <div class="example"><pre>attribute_name := sc_a_name | (sc_a_req_attribute string)
-attribute_value := (string)
-
- </pre></div>
+attribute_value := (string)</pre></div>
<p>もっとも重要なヘッダは <code>content-length</code> だということに
注意してください。コンテナは次のパケットを探すかどうかを、
それを見て決めるからです。</p>
<div class="section">
<h2><a name="resppacketstruct" id="resppacketstruct">レスポンスパケット構造</a></h2>
<p>コンテナがサーバに送り返すことのできるメッセージ:</p>
- <div class="example"><pre>
-AJP13_SEND_BODY_CHUNK :=
+ <div class="example"><pre>AJP13_SEND_BODY_CHUNK :=
prefix_code 3
chunk_length (integer)
chunk *(byte)
AJP13_GET_BODY_CHUNK :=
prefix_code 6
- requested_length (integer)
- </pre></div>
+ requested_length (integer)</pre></div>
<h3>詳細 :</h3>
<h3>Send Body Chunk</h3>
<p>チャンクは基本的にはバイナリデータで、ブラウザに直接送られます。</p>
load balancing between two back-end servers:
</p>
- <pre class="prettyprint lang-config">
-<Proxy balancer://mycluster>
+ <pre class="prettyprint lang-config"><Proxy balancer://mycluster>
BalancerMember http://192.168.1.50:80
BalancerMember http://192.168.1.51:80
</Proxy>
ProxyPass /test balancer://mycluster
-ProxyPassReverse /test balancer://mycluster
- </pre>
+ProxyPassReverse /test balancer://mycluster</pre>
<p>Another example of how to provide load balancing with stickyness
not set a suitable session cookie:
</p>
- <pre class="prettyprint lang-config">
-Header add Set-Cookie "ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED
+ <pre class="prettyprint lang-config">Header add Set-Cookie "ROUTEID=.%{BALANCER_WORKER_ROUTE}e; path=/" env=BALANCER_ROUTE_CHANGED
<Proxy balancer://mycluster>
BalancerMember http://192.168.1.50:80 route=1
BalancerMember http://192.168.1.51:80 route=2
ProxySet stickysession=ROUTEID
</Proxy>
ProxyPass /test balancer://mycluster
-ProxyPassReverse /test balancer://mycluster
- </pre>
+ProxyPassReverse /test balancer://mycluster</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<p>To enable load balancer management for browsers from the example.com
domain add this code to your <code>httpd.conf</code>
configuration file</p>
-<pre class="prettyprint lang-config">
-<Location /balancer-manager>
+<pre class="prettyprint lang-config"><Location /balancer-manager>
SetHandler balancer-manager
Require host example.com
-</Location>
-</pre>
+</Location></pre>
<p>You can now access load balancer manager by using a Web browser
<p>Finally you can support cookies and URL encoding at the same time, by
configuring the name of the cookie and the name of the URL parameter
separated by a vertical bar (<code>|</code>) as in the following example:</p>
- <pre class="prettyprint lang-config">
-ProxyPass /test balancer://mycluster stickysession=JSESSIONID|jsessionid scolonpathdelim=On
+ <pre class="prettyprint lang-config">ProxyPass /test balancer://mycluster stickysession=JSESSIONID|jsessionid scolonpathdelim=On
<Proxy balancer://mycluster>
BalancerMember http://192.168.1.50:80 route=node1
BalancerMember http://192.168.1.51:80 route=node2
-</Proxy>
- </pre>
+</Proxy></pre>
<p>If the cookie and the request parameter both provide routing information
for the same request, the information from the request parameter is used.</p>
<p>Remember, in order to make the following examples work, you have to
enable <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> and <code class="module"><a href="../mod/mod_proxy_fcgi.html">mod_proxy_fcgi</a></code>.</p>
- <div class="example"><h3>Single application instance</h3><pre class="prettyprint lang-config">
- ProxyPass /myapp/ fcgi://localhost:4000/
- </pre>
+ <div class="example"><h3>Single application instance</h3><pre class="prettyprint lang-config"> ProxyPass /myapp/ fcgi://localhost:4000/</pre>
</div>
<p>This application should be able to handle multiple concurrent
reuse on the <code class="directive">ProxyPass</code> directive, as shown in
the following example:</p>
- <div class="example"><h3>Single application instance, no connection reuse</h3><pre class="prettyprint lang-config">
- ProxyPass /myapp/ fcgi://localhost:4000/ disablereuse=on
- </pre>
+ <div class="example"><h3>Single application instance, no connection reuse</h3><pre class="prettyprint lang-config"> ProxyPass /myapp/ fcgi://localhost:4000/ disablereuse=on</pre>
</div>
<p>The balanced gateway needs <code class="module"><a href="../mod/mod_proxy_balancer.html">mod_proxy_balancer</a></code> and
modules listed above. <code class="module"><a href="../mod/mod_lbmethod_byrequests.html">mod_lbmethod_byrequests</a></code> is the
default, and will be used for this example configuration.</p>
- <div class="example"><h3>Balanced gateway to multiple application instances</h3><pre class="prettyprint lang-config">
-ProxyPass /myapp/ balancer://myappcluster/
+ <div class="example"><h3>Balanced gateway to multiple application instances</h3><pre class="prettyprint lang-config">ProxyPass /myapp/ balancer://myappcluster/
<Proxy balancer://myappcluster/>
BalancerMember fcgi://localhost:4000
BalancerMember fcgi://localhost:4001
-</Proxy>
- </pre>
+</Proxy></pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<p>Remember, in order to make the following examples work, you have to
enable <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> and <code class="module"><a href="../mod/mod_proxy_scgi.html">mod_proxy_scgi</a></code>.</p>
- <div class="example"><h3>Simple gateway</h3><pre class="prettyprint lang-config">
- ProxyPass /scgi-bin/ scgi://localhost:4000/
- </pre>
+ <div class="example"><h3>Simple gateway</h3><pre class="prettyprint lang-config"> ProxyPass /scgi-bin/ scgi://localhost:4000/</pre>
</div>
<p>The balanced gateway needs <code class="module"><a href="../mod/mod_proxy_balancer.html">mod_proxy_balancer</a></code> and
modules listed above. <code class="module"><a href="../mod/mod_lbmethod_byrequests.html">mod_lbmethod_byrequests</a></code> is the
default, and will be used for this example configuration.</p>
- <div class="example"><h3>Balanced gateway</h3><pre class="prettyprint lang-config">
-ProxyPass /scgi-bin/ balancer://somecluster/
+ <div class="example"><h3>Balanced gateway</h3><pre class="prettyprint lang-config">ProxyPass /scgi-bin/ balancer://somecluster/
<Proxy balancer://somecluster>
BalancerMember scgi://localhost:4000
BalancerMember scgi://localhost:4001
-</Proxy>
- </pre>
+</Proxy></pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<code class="module"><a href="../mod/mod_cgi.html">mod_cgi</a></code> in this regard, except that you can turn off the
feature.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- ProxySCGIInternalRedirect Off
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> ProxySCGIInternalRedirect Off</pre>
</div>
</div>
the argument is applied as header name.</dd>
</dl>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- # Use the default header (X-Sendfile)
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> # Use the default header (X-Sendfile)
ProxySCGISendfile On
# Use a different header
- ProxySCGISendfile X-Send-Static
- </pre>
+ ProxySCGISendfile X-Send-Static</pre>
</div>
</div>
socket connections to a backend websockets server. The connection
is automagically upgraded to a websocket connection:</p>
- <pre class="prettyprint lang-config">
-Upgrade: WebSocket
-Connection: Upgrade
- </pre>
+ <pre class="prettyprint lang-config">Upgrade: WebSocket
+Connection: Upgrade</pre>
- <div class="example"><h3>Proxying requests to websockets server</h3><pre class="prettyprint lang-config">
-ProxyPass /ws2/ ws://echo.websocket.org/
-ProxyPass /wss2/ wss://echo.websocket.org/
- </pre>
+ <div class="example"><h3>Proxying requests to websockets server</h3><pre class="prettyprint lang-config">ProxyPass /ws2/ ws://echo.websocket.org/
+ProxyPass /wss2/ wss://echo.websocket.org/</pre>
</div>
</div>
The connection speed to be simulated is specified, in KiB/s, using the environment
variable <code>rate-limit</code>.</p>
-<div class="example"><h3>Example Configuration</h3><pre class="prettyprint lang-config">
-<Location /downloads>
+<div class="example"><h3>Example Configuration</h3><pre class="prettyprint lang-config"><Location /downloads>
SetOutputFilter RATE_LIMIT
SetEnv rate-limit 400
-</Location>
-</pre>
+</Location></pre>
</div>
</div>
<dd>Pass the request body through the DEFLATE filter to compress the
body. This request requires a Content-Encoding request header containing
"gzip" for the filter to return compressed data.
- <pre class="prettyprint lang-config">
-<Location /compress>
+ <pre class="prettyprint lang-config"><Location /compress>
SetHandler reflector
SetOutputFilter DEFLATE
-</Location>
- </pre>
+</Location></pre>
</dd>
<dt>Image downsampling service</dt>
<dd>Pass the request body through an image downsampling filter, and reflect
the results to the caller.
- <pre class="prettyprint lang-config">
-<Location /downsample>
+ <pre class="prettyprint lang-config"><Location /downsample>
SetHandler reflector
SetOutputFilter DOWNSAMPLE
-</Location>
- </pre>
+</Location></pre>
</dd>
</dl>
other directives are used, <code class="module"><a href="../mod/mod_remoteip.html">mod_remoteip</a></code> will trust all
hosts presenting a <code class="directive">RemoteIPHeader</code> IP value.</p>
- <div class="example"><h3>Internal (Load Balancer) Example</h3><pre class="prettyprint lang-config">
- RemoteIPHeader X-Client-IP
- </pre>
+ <div class="example"><h3>Internal (Load Balancer) Example</h3><pre class="prettyprint lang-config"> RemoteIPHeader X-Client-IP</pre>
</div>
- <div class="example"><h3>Proxy Example</h3><pre class="prettyprint lang-config">
- RemoteIPHeader X-Forwarded-For
- </pre>
+ <div class="example"><h3>Proxy Example</h3><pre class="prettyprint lang-config"> RemoteIPHeader X-Forwarded-For</pre>
</div>
</div>
presented in this header, including private intranet addresses, are
trusted when passed from these proxies.</p>
- <div class="example"><h3>Internal (Load Balancer) Example</h3><pre class="prettyprint lang-config">
-RemoteIPHeader X-Client-IP
+ <div class="example"><h3>Internal (Load Balancer) Example</h3><pre class="prettyprint lang-config">RemoteIPHeader X-Client-IP
RemoteIPInternalProxy 10.0.2.0/24
-RemoteIPInternalProxy gateway.localdomain
- </pre>
+RemoteIPInternalProxy gateway.localdomain</pre>
</div>
</div>
each whitespace or newline separated entry is processed identically to
the <code class="directive">RemoteIPInternalProxy</code> directive.</p>
- <div class="example"><h3>Internal (Load Balancer) Example</h3><pre class="prettyprint lang-config">
-RemoteIPHeader X-Client-IP
-RemoteIPInternalProxyList conf/trusted-proxies.lst
- </pre>
+ <div class="example"><h3>Internal (Load Balancer) Example</h3><pre class="prettyprint lang-config">RemoteIPHeader X-Client-IP
+RemoteIPInternalProxyList conf/trusted-proxies.lst</pre>
</div>
- <div class="example"><h3>conf/trusted-proxies.lst contents</h3><pre>
-# Our internally trusted proxies;
+ <div class="example"><h3>conf/trusted-proxies.lst contents</h3><pre># Our internally trusted proxies;
10.0.2.0/24 #Everyone in the testing group
-gateway.localdomain #The front end balancer
-</pre></div>
+gateway.localdomain #The front end balancer</pre></div>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
this header, while any intermediate
<code class="directive">RemoteIPInternalProxy</code> addresses are discarded.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-RemoteIPHeader X-Forwarded-For
-RemoteIPProxiesHeader X-Forwarded-By
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">RemoteIPHeader X-Forwarded-For
+RemoteIPProxiesHeader X-Forwarded-By</pre>
</div>
</div>
2000::/3 block) are not trusted as the useragent IP, and are left in the
<code class="directive">RemoteIPHeader</code> header's value.</p>
- <div class="example"><h3>Trusted (Load Balancer) Example</h3><pre class="prettyprint lang-config">
-RemoteIPHeader X-Forwarded-For
+ <div class="example"><h3>Trusted (Load Balancer) Example</h3><pre class="prettyprint lang-config">RemoteIPHeader X-Forwarded-For
RemoteIPTrustedProxy 10.0.2.16/28
-RemoteIPTrustedProxy proxy.example.com
- </pre>
+RemoteIPTrustedProxy proxy.example.com</pre>
</div>
</div>
each whitespace or newline separated entry is processed identically to
the <code class="directive">RemoteIPTrustedProxy</code> directive.</p>
- <div class="example"><h3>Trusted (Load Balancer) Example</h3><pre class="prettyprint lang-config">
-RemoteIPHeader X-Forwarded-For
-RemoteIPTrustedProxyList conf/trusted-proxies.lst
- </pre>
+ <div class="example"><h3>Trusted (Load Balancer) Example</h3><pre class="prettyprint lang-config">RemoteIPHeader X-Forwarded-For
+RemoteIPTrustedProxyList conf/trusted-proxies.lst</pre>
</div>
<div class="example"><h3>conf/trusted-proxies.lst contents</h3><p><code>
<code class="directive">RemoteIPHeader</code> comme hôte de confiance.</p>
<div class="example"><h3>Exemple à usage interne (répartiteur de
- charge)</h3><pre class="prettyprint lang-config">
- RemoteIPHeader X-Client-IP
- </pre>
+ charge)</h3><pre class="prettyprint lang-config"> RemoteIPHeader X-Client-IP</pre>
</div>
- <div class="example"><h3>Exemple dans le cas d'un mandataire</h3><pre class="prettyprint lang-config">
- RemoteIPHeader X-Forwarded-For
- </pre>
+ <div class="example"><h3>Exemple dans le cas d'un mandataire</h3><pre class="prettyprint lang-config"> RemoteIPHeader X-Forwarded-For</pre>
</div>
</div>
sont indiquées par ces mandataires.</p>
<div class="example"><h3>Exemple à usage interne (répartiteur de
- charge)</h3><pre class="prettyprint lang-config">
-RemoteIPHeader X-Client-IP
+ charge)</h3><pre class="prettyprint lang-config">RemoteIPHeader X-Client-IP
RemoteIPInternalProxy 10.0.2.0/24
-RemoteIPInternalProxy gateway.localdomain
- </pre>
+RemoteIPInternalProxy gateway.localdomain</pre>
</div>
</div>
<code class="directive">RemoteIPInternalProxy</code>.</p>
<div class="example"><h3>Exemple à usage interne (répartiteur de
- charge)</h3><pre class="prettyprint lang-config">
-RemoteIPHeader X-Client-IP
-RemoteIPInternalProxyList conf/trusted-proxies.lst
- </pre>
+ charge)</h3><pre class="prettyprint lang-config">RemoteIPHeader X-Client-IP
+RemoteIPInternalProxyList conf/trusted-proxies.lst</pre>
</div>
- <div class="example"><h3>contenu de conf/mandataires-de-confiance.lst</h3><pre>
- # Nos mandataires internes de confiance
+ <div class="example"><h3>contenu de conf/mandataires-de-confiance.lst</h3><pre> # Nos mandataires internes de confiance
10.0.2.0/24 # Tout le monde dans le groupe de test
- passerelle.domaine-local # Le frontal répartiteur de charge
- </pre></div>
+ passerelle.domaine-local # Le frontal répartiteur de charge</pre></div>
</div>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
cet en-tête, alors que toute adresse intermédiaire
<code class="directive">RemoteIPInternalProxy</code> est omise.</p>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
-RemoteIPHeader X-Forwarded-For
-RemoteIPProxiesHeader X-Forwarded-By
- </pre>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">RemoteIPHeader X-Forwarded-For
+RemoteIPProxiesHeader X-Forwarded-By</pre>
</div>
</div>
<code class="directive">RemoteIPHeader</code>.</p>
<div class="example"><h3>Exemple d'adresse de confiance (répartiteur de
- charge</h3><pre class="prettyprint lang-config">
-RemoteIPHeader X-Forwarded-For
+ charge</h3><pre class="prettyprint lang-config">RemoteIPHeader X-Forwarded-For
RemoteIPTrustedProxy 10.0.2.16/28
-RemoteIPTrustedProxy proxy.example.com
- </pre>
+RemoteIPTrustedProxy proxy.example.com</pre>
</div>
</div>
<code class="directive">RemoteIPTrustedProxy</code>.</p>
<div class="example"><h3>Exemple d'adresse de confiance (répartiteur de
- charge</h3><pre class="prettyprint lang-config">
-RemoteIPHeader X-Forwarded-For
-RemoteIPTrustedProxyList conf/trusted-proxies.lst
- </pre>
+ charge</h3><pre class="prettyprint lang-config">RemoteIPHeader X-Forwarded-For
+RemoteIPTrustedProxyList conf/trusted-proxies.lst</pre>
</div>
<div class="example"><h3>conf/mandataires-de-confiance.lst contents</h3><p><code>
Allow 10 seconds to receive the request including the headers and
30 seconds for receiving the request body:
- <pre class="prettyprint lang-config">
- RequestReadTimeout header=10 body=30
- </pre>
+ <pre class="prettyprint lang-config"> RequestReadTimeout header=10 body=30</pre>
</li>
the limit given indirectly by
<code class="directive"><a href="../mod/core.html#limitrequestbody">LimitRequestBody</a></code>):
- <pre class="prettyprint lang-config">
- RequestReadTimeout body=10,MinRate=1000
- </pre>
+ <pre class="prettyprint lang-config"> RequestReadTimeout body=10,MinRate=1000</pre>
</li>
500 bytes received. But do not allow more than 30 seconds for the
request including the headers:
- <pre class="prettyprint lang-config">
- RequestReadTimeout header=10-30,MinRate=500
- </pre>
+ <pre class="prettyprint lang-config"> RequestReadTimeout header=10-30,MinRate=500</pre>
</li>
If a common configuration is used for http and https virtual hosts, the
timeouts should not be set too low:
- <pre class="prettyprint lang-config">
- RequestReadTimeout header=20-40,MinRate=500 body=20,MinRate=500
- </pre>
+ <pre class="prettyprint lang-config"> RequestReadTimeout header=20-40,MinRate=500 body=20,MinRate=500</pre>
</li>
level higher than <code>trace2</code> only for debugging!
</div>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- LogLevel alert rewrite:trace3
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> LogLevel alert rewrite:trace3</pre>
</div>
<div class="note"><h3>RewriteLog</h3>
since the resource was not relative to the document root. This
misconfiguration would normally cause the server to look for an "opt"
directory under the document root.</p>
-<pre class="prettyprint lang-config">
-DocumentRoot /var/www/example.com
+<pre class="prettyprint lang-config">DocumentRoot /var/www/example.com
Alias /myapp /opt/myapp-1.2.3
<Directory /opt/myapp-1.2.3>
RewriteEngine On
RewriteBase /myapp/
RewriteRule ^index\.html$ welcome.html
-</Directory>
-</pre>
+</Directory></pre>
</div>
to block unwanted hotlinking.
</p>
- <pre class="prettyprint lang-config">
- RewriteCond expr "! %{HTTP_REFERER} -strmatch '*://%{HTTP_HOST}/*'"<br />
- RewriteRule ^/images - [F]
- </pre>
+ <pre class="prettyprint lang-config"> RewriteCond expr "! %{HTTP_REFERER} -strmatch '*://%{HTTP_HOST}/*'"<br />
+ RewriteRule ^/images - [F]</pre>
</li>
Use this to combine rule conditions with a local OR
instead of the implicit AND. Typical example:
-<pre class="prettyprint lang-config">
-RewriteCond %{REMOTE_HOST} ^host1 [OR]
+<pre class="prettyprint lang-config">RewriteCond %{REMOTE_HOST} ^host1 [OR]
RewriteCond %{REMOTE_HOST} ^host2 [OR]
RewriteCond %{REMOTE_HOST} ^host3
-RewriteRule ...some special stuff for any of these hosts...
-</pre>
+RewriteRule ...some special stuff for any of these hosts...</pre>
Without this flag you would have to write the condition/rule
``<code>User-Agent:</code>'' header of the request, you can
use the following: </p>
-<pre class="prettyprint lang-config">
-RewriteCond %{HTTP_USER_AGENT} (iPhone|Blackberry|Android)
+<pre class="prettyprint lang-config">RewriteCond %{HTTP_USER_AGENT} (iPhone|Blackberry|Android)
RewriteRule ^/$ /homepage.mobile.html [L]
-RewriteRule ^/$ /homepage.std.html [L]
-</pre>
+RewriteRule ^/$ /homepage.std.html [L]</pre>
<p>Explanation: If you use a browser which identifies itself
<p>For example, you might define a
<code class="directive">RewriteMap</code> as:</p>
- <pre class="prettyprint lang-config">
- RewriteMap examplemap txt:/path/to/file/map.txt
- </pre>
+ <pre class="prettyprint lang-config"> RewriteMap examplemap txt:/path/to/file/map.txt</pre>
<p>You would then be able to use this map in a
<code class="directive">RewriteRule</code> as follows:</p>
- <pre class="prettyprint lang-config">
- RewriteRule ^/ex/(.*) ${examplemap:$1}
- </pre>
+ <pre class="prettyprint lang-config"> RewriteRule ^/ex/(.*) ${examplemap:$1}</pre>
<p>The following combinations for <em>MapType</em> and
supérieur à <code>trace2</code> qu'à des fins de débogage !
</div>
- <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config">
- LogLevel alert rewrite:trace3
- </pre>
+ <div class="example"><h3>Exemple</h3><pre class="prettyprint lang-config"> LogLevel alert rewrite:trace3</pre>
</div>
<div class="note"><h3>RewriteLog</h3>
de configuration aurait conduit le serveur à rechercher un répertoire
"opt" à la racine des documents.</p>
-<pre class="prettyprint lang-config">
-DocumentRoot /var/www/example.com
+<pre class="prettyprint lang-config">DocumentRoot /var/www/example.com
Alias /myapp /opt/myapp-1.2.3
<Directory /opt/myapp-1.2.3>
RewriteEngine On
RewriteBase /myapp/
RewriteRule ^index\.html$ welcome.html
-</Directory>
-</pre>
+</Directory></pre>
</div>
non désiré.
</p>
- <pre class="prettyprint lang-config">
- RewriteCond expr "! %{HTTP_REFERER} -strmatch '*://%{HTTP_HOST}/*'"<br />
- RewriteRule ^/images - [F]
- </pre>
+ <pre class="prettyprint lang-config"> RewriteCond expr "! %{HTTP_REFERER} -strmatch '*://%{HTTP_HOST}/*'"<br />
+ RewriteRule ^/images - [F]</pre>
</li>
Permet de chaîner les conditions de règles avec un OU au
lieu du AND implicite. Exemple typique :
-<pre class="prettyprint lang-config">
-RewriteCond %{REMOTE_HOST} ^host1 [OR]
+<pre class="prettyprint lang-config">RewriteCond %{REMOTE_HOST} ^host1 [OR]
RewriteCond %{REMOTE_HOST} ^host2 [OR]
RewriteCond %{REMOTE_HOST} ^host3
-RewriteRule ...règles concernant tous ces hôtes...
-</pre>
+RewriteRule ...règles concernant tous ces hôtes...</pre>
Sans ce drapeau, les paires
l'en-tête ``<code>User-Agent:</code>'' de la requête, vous
pouvez utiliser ce qui suit : </p>
-<pre class="prettyprint lang-config">
-RewriteCond %{HTTP_USER_AGENT} (iPhone|Blackberry|Android)
+<pre class="prettyprint lang-config">RewriteCond %{HTTP_USER_AGENT} (iPhone|Blackberry|Android)
RewriteRule ^/$ /homepage.mobile.html [L]
-RewriteRule ^/$ /homepage.std.html [L]
-</pre>
+RewriteRule ^/$ /homepage.std.html [L]</pre>
<p>Explications : si vous utilisez un navigateur
<p>Par exemple, vous pouvez définir une directive
<code class="directive">RewriteMap</code> comme suit </p>
- <pre class="prettyprint lang-config">
- RewriteMap map-exemple txt:/chemin/vers/fichier/map.txt
- </pre>
+ <pre class="prettyprint lang-config"> RewriteMap map-exemple txt:/chemin/vers/fichier/map.txt</pre>
<p>Vous pourrez ensuite utiliser cette table dans une
directive <code class="directive">RewriteRule</code> comme suit :</p>
- <pre class="prettyprint lang-config">
- RewriteRule ^/ex/(.*) ${map-exemple:$1}
- </pre>
+ <pre class="prettyprint lang-config"> RewriteRule ^/ex/(.*) ${map-exemple:$1}</pre>
<p>Les combinaisons suivantes pour <em>type de correspondance</em>
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="sampleconf" id="sampleconf">Sample Configuration</a></h2>
- <div class="example"><h3>Adding an output filter </h3><pre class="prettyprint lang-config">
-# In the following example, the sed filter will change the string
+ <div class="example"><h3>Adding an output filter </h3><pre class="prettyprint lang-config"># In the following example, the sed filter will change the string
# "monday" to "MON" and the string "sunday" to SUN in html documents
# before sending to the client.
<Directory "/var/www/docs/sed">
AddOutputFilter Sed html
OutputSed "s/monday/MON/g"
OutputSed "s/sunday/SUN/g"
-</Directory>
- </pre>
+</Directory></pre>
</div>
- <div class="example"><h3>Adding an input filter </h3><pre class="prettyprint lang-config">
-# In the following example, the sed filter will change the string
+ <div class="example"><h3>Adding an input filter </h3><pre class="prettyprint lang-config"># In the following example, the sed filter will change the string
# "monday" to "MON" and the string "sunday" to SUN in the POST data
# sent to PHP.
<Directory "/var/www/docs/sed">
AddInputFilter Sed php
InputSed "s/monday/MON/g"
InputSed "s/sunday/SUN/g"
-</Directory>
- </pre>
+</Directory></pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<h2><a name="sampleconf" id="sampleconf">Exemple de configuration</a></h2>
- <div class="example"><h3>Ajout d'un filtre en sortie</h3><pre class="prettyprint lang-config">
-# Dans l'exemple suivant, le filtre sed va remplacer la chaîne
+ <div class="example"><h3>Ajout d'un filtre en sortie</h3><pre class="prettyprint lang-config"># Dans l'exemple suivant, le filtre sed va remplacer la chaîne
# "monday" par "MON" et la chaîne "sunday" par "SUN" dans les
# documents html avant de les envoyer au client.
<Directory "/var/www/docs/sed">
AddOutputFilter Sed html
OutputSed "s/monday/MON/g"
OutputSed "s/sunday/SUN/g"
-</Directory>
- </pre>
+</Directory></pre>
</div>
- <div class="example"><h3>Ajout d'un filtre en entrée</h3><pre class="prettyprint lang-config">
- # Dans l'exemple suivant, le filtre sed va remplacer la chaîne
+ <div class="example"><h3>Ajout d'un filtre en entrée</h3><pre class="prettyprint lang-config"> # Dans l'exemple suivant, le filtre sed va remplacer la chaîne
# "monday" par "MON" et la chaîne "sunday" par "SUN" dans les
# données POST envoyées à PHP.
<Directory "/var/www/docs/sed">
AddInputFilter Sed php
InputSed "s/monday/MON/g"
InputSed "s/sunday/SUN/g"
-</Directory>
- </pre>
+</Directory></pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
where the session will be stored. In this example, the session will be
stored on the browser, in a cookie called <code>session</code>.</p>
- <div class="example"><h3>Browser based session</h3><pre class="prettyprint lang-config">
-Session On
-SessionCookieName session path=/
- </pre>
+ <div class="example"><h3>Browser based session</h3><pre class="prettyprint lang-config">Session On
+SessionCookieName session path=/</pre>
</div>
<p>The session is not useful unless it can be written to or read from. The
the use of a predetermined HTTP response header called
<code>X-Replace-Session</code>.</p>
- <div class="example"><h3>Writing to a session</h3><pre class="prettyprint lang-config">
-Session On
+ <div class="example"><h3>Writing to a session</h3><pre class="prettyprint lang-config">Session On
SessionCookieName session path=/
-SessionHeader X-Replace-Session
- </pre>
+SessionHeader X-Replace-Session</pre>
</div>
<p>The header should contain name value pairs expressed in the same format
as a query string in a URL, as in the example below. Setting a key to the
empty string has the effect of removing that key from the session.</p>
- <div class="example"><h3>CGI to write to a session</h3><pre class="prettyprint lang-sh">
-#!/bin/bash
+ <div class="example"><h3>CGI to write to a session</h3><pre class="prettyprint lang-sh">#!/bin/bash
echo "Content-Type: text/plain"
echo "X-Replace-Session: key1=foo&key2=&key3=bar"
echo
-env
- </pre>
+env</pre>
</div>
<p>If configured, the session can be read back from the HTTP_SESSION
has to be explicitly turned on with the
<code class="directive"><a href="#sessionenv">SessionEnv</a></code> directive.</p>
- <div class="example"><h3>Read from a session</h3><pre class="prettyprint lang-config">
-Session On
+ <div class="example"><h3>Read from a session</h3><pre class="prettyprint lang-config">Session On
SessionEnv On
SessionCookieName session path=/
-SessionHeader X-Replace-Session
- </pre>
+SessionHeader X-Replace-Session</pre>
</div>
<p>Once read, the CGI variable <code>HTTP_SESSION</code> should contain
placed on the browser using the <code class="module"><a href="../mod/mod_session_crypto.html">mod_session_crypto</a></code>
module.</p>
- <div class="example"><h3>Browser based encrypted session</h3><pre class="prettyprint lang-config">
-Session On
+ <div class="example"><h3>Browser based encrypted session</h3><pre class="prettyprint lang-config">Session On
SessionCryptoPassphrase secret
-SessionCookieName session path=/
- </pre>
+SessionCookieName session path=/</pre>
</div>
<p>The session will be automatically decrypted on load, and encrypted on
<p>Standard cookie parameters can be specified after the name of the cookie,
as in the example below.</p>
- <div class="example"><h3>Setting cookie parameters</h3><pre class="prettyprint lang-config">
-Session On
+ <div class="example"><h3>Setting cookie parameters</h3><pre class="prettyprint lang-config">Session On
SessionCryptoPassphrase secret
-SessionCookieName session path=/private;domain=example.com;httponly;secure;
- </pre>
+SessionCookieName session path=/private;domain=example.com;httponly;secure;</pre>
</div>
<p>In cases where the Apache server forms the frontend for backend origin servers,
<code class="module"><a href="../mod/mod_auth_form.html">mod_auth_form</a></code> saves the user's login name and password within
the session.</p>
- <div class="example"><h3>Form based authentication</h3><pre class="prettyprint lang-config">
-Session On
+ <div class="example"><h3>Form based authentication</h3><pre class="prettyprint lang-config">Session On
SessionCryptoPassphrase secret
SessionCookieName session path=/
AuthFormProvider file
AuthUserFile conf/passwd
AuthType form
AuthName realm
-#...
- </pre>
+#...</pre>
</div>
<p>See the <code class="module"><a href="../mod/mod_auth_form.html">mod_auth_form</a></code> module for documentation and complete
<p>To create a simple session and store it in a cookie called
<var>session</var>, configure the session as follows:</p>
- <div class="example"><h3>Browser based session</h3><pre class="prettyprint lang-config">
-Session On
-SessionCookieName session path=/
- </pre>
+ <div class="example"><h3>Browser based session</h3><pre class="prettyprint lang-config">Session On
+SessionCookieName session path=/</pre>
</div>
<p>For more examples on how the session can be configured to be read
Apache. Ensure that your attributes are defined correctly as per the cookie specification.
</p>
- <div class="example"><h3>Cookie with attributes</h3><pre class="prettyprint lang-config">
-Session On
-SessionCookieName session path=/private;domain=example.com;httponly;secure;version=1;
- </pre>
+ <div class="example"><h3>Cookie with attributes</h3><pre class="prettyprint lang-config">Session On
+SessionCookieName session path=/private;domain=example.com;httponly;secure;version=1;</pre>
</div>
Apache. Ensure that your attributes are defined correctly as per the cookie specification.
</p>
- <div class="example"><h3>Cookie2 with attributes</h3><pre class="prettyprint lang-config">
-Session On
-SessionCookieName2 session path=/private;domain=example.com;httponly;secure;version=1;
- </pre>
+ <div class="example"><h3>Cookie2 with attributes</h3><pre class="prettyprint lang-config">Session On
+SessionCookieName2 session path=/private;domain=example.com;httponly;secure;version=1;</pre>
</div>
<p>To create a simple encrypted session and store it in a cookie called
<var>session</var>, configure the session as follows:</p>
- <div class="example"><h3>Browser based encrypted session</h3><pre class="prettyprint lang-config">
-Session On
+ <div class="example"><h3>Browser based encrypted session</h3><pre class="prettyprint lang-config">Session On
SessionCookieName session path=/
-SessionCryptoPassphrase secret
- </pre>
+SessionCryptoPassphrase secret</pre>
</div>
<p>The session will be encrypted with the given key. Different servers can
<p>The <var>NSS</var> crypto driver requires some parameters for configuration,
which are specified as parameters with optional values after the driver name.</p>
- <div class="example"><h3>NSS without a certificate database</h3><pre class="prettyprint lang-config">
- SessionCryptoDriver nss
- </pre>
+ <div class="example"><h3>NSS without a certificate database</h3><pre class="prettyprint lang-config"> SessionCryptoDriver nss</pre>
</div>
- <div class="example"><h3>NSS with certificate database</h3><pre class="prettyprint lang-config">
- SessionCryptoDriver nss dir=certs
- </pre>
+ <div class="example"><h3>NSS with certificate database</h3><pre class="prettyprint lang-config"> SessionCryptoDriver nss dir=certs</pre>
</div>
- <div class="example"><h3>NSS with certificate database and parameters</h3><pre class="prettyprint lang-config">
- SessionCryptoDriver nss dir=certs key3=key3.db cert7=cert7.db secmod=secmod
- </pre>
+ <div class="example"><h3>NSS with certificate database and parameters</h3><pre class="prettyprint lang-config"> SessionCryptoDriver nss dir=certs key3=key3.db cert7=cert7.db secmod=secmod</pre>
</div>
- <div class="example"><h3>NSS with paths containing spaces</h3><pre class="prettyprint lang-config">
- SessionCryptoDriver nss "dir=My Certs" key3=key3.db cert7=cert7.db secmod=secmod
- </pre>
+ <div class="example"><h3>NSS with paths containing spaces</h3><pre class="prettyprint lang-config"> SessionCryptoDriver nss "dir=My Certs" key3=key3.db cert7=cert7.db secmod=secmod</pre>
</div>
<p>The <var>NSS</var> crypto driver might have already been
existing configuration will have taken affect. To avoid this
warning, use the noinit parameter as follows.</p>
- <div class="example"><h3>NSS with certificate database</h3><pre class="prettyprint lang-config">
- SessionCryptoDriver nss noinit
- </pre>
+ <div class="example"><h3>NSS with certificate database</h3><pre class="prettyprint lang-config"> SessionCryptoDriver nss noinit</pre>
</div>
<p>To prevent confusion, ensure that all modules requiring NSS are configured with
<p>The <var>openssl</var> crypto driver supports an optional parameter to specify
the engine to be used for encryption.</p>
- <div class="example"><h3>OpenSSL with engine support</h3><pre class="prettyprint lang-config">
- SessionCryptoDriver openssl engine=name
- </pre>
+ <div class="example"><h3>OpenSSL with engine support</h3><pre class="prettyprint lang-config"> SessionCryptoDriver openssl engine=name</pre>
</div>
<p>If the value begins with exec: the resulting command will be executed and the
first line returned to standard output by the program will be used as the key.</p>
-<div class="example"><pre>
-#key used as-is
+<div class="example"><pre>#key used as-is
SessionCryptoPassphrase secret
#Run /path/to/program to get key
SessionCryptoPassphrase exec:/path/to/program
#Run /path/to/otherProgram and provide arguments
-SessionCryptoPassphrase "exec:/path/to/otherProgram argument1"
-</pre></div>
+SessionCryptoPassphrase "exec:/path/to/otherProgram argument1"</pre></div>
</div>
to update an existing session, to insert a new session, and to delete an expired or empty
session. These queries are configured as per the example below.</p>
- <div class="example"><h3>Sample DBD configuration</h3><pre class="prettyprint lang-config">
-DBDriver pgsql
+ <div class="example"><h3>Sample DBD configuration</h3><pre class="prettyprint lang-config">DBDriver pgsql
DBDParams "dbname=apachesession user=apache password=xxxxx host=localhost"
DBDPrepareSQL "delete from session where key = %s" deletesession
DBDPrepareSQL "update session set value = %s, expiry = %lld, key = %s where key = %s" updatesession
DBDPrepareSQL "insert into session (value, expiry, key) values (%s, %lld, %s)" insertsession
DBDPrepareSQL "select value from session where key = %s and (expiry = 0 or expiry > %lld)" selectsession
-DBDPrepareSQL "delete from session where expiry != 0 and expiry < %lld" cleansession
- </pre>
+DBDPrepareSQL "delete from session where expiry != 0 and expiry < %lld" cleansession</pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
table called <var>apachesession</var>, and save the session ID in a cookie
called <var>session</var>, configure the session as follows:</p>
- <div class="example"><h3>SQL based anonymous session</h3><pre class="prettyprint lang-config">
-Session On
-SessionDBDCookieName session path=/
- </pre>
+ <div class="example"><h3>SQL based anonymous session</h3><pre class="prettyprint lang-config">Session On
+SessionDBDCookieName session path=/</pre>
</div>
<p>For more examples on how the session can be configured to be read
table called <var>apachesession</var>, and with the session keyed to the
userid, configure the session as follows:</p>
- <div class="example"><h3>SQL based per user session</h3><pre class="prettyprint lang-config">
-Session On
-SessionDBDPerUser On
- </pre>
+ <div class="example"><h3>SQL based per user session</h3><pre class="prettyprint lang-config">Session On
+SessionDBDPerUser On</pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
Apache. Ensure that your attributes are defined correctly as per the cookie specification.
</p>
- <div class="example"><h3>Cookie with attributes</h3><pre class="prettyprint lang-config">
-Session On
-SessionDBDCookieName session path=/private;domain=example.com;httponly;secure;version=1;
- </pre>
+ <div class="example"><h3>Cookie with attributes</h3><pre class="prettyprint lang-config">Session On
+SessionDBDCookieName session path=/private;domain=example.com;httponly;secure;version=1;</pre>
</div>
Apache. Ensure that your attributes are defined correctly as per the cookie specification.
</p>
- <div class="example"><h3>Cookie2 with attributes</h3><pre class="prettyprint lang-config">
-Session On
-SessionDBDCookieName2 session path=/private;domain=example.com;httponly;secure;version=1;
- </pre>
+ <div class="example"><h3>Cookie2 with attributes</h3><pre class="prettyprint lang-config">Session On
+SessionDBDCookieName2 session path=/private;domain=example.com;httponly;secure;version=1;</pre>
</div>
such as this example, which sets <code>netscape</code> if the
browser is mozilla but not MSIE.</p>
-<pre class="prettyprint lang-config">
-BrowserMatch ^Mozilla netscape
-BrowserMatch MSIE !netscape
-</pre>
+<pre class="prettyprint lang-config">BrowserMatch ^Mozilla netscape
+BrowserMatch MSIE !netscape</pre>
<p>When the server looks up a path via an internal
sets environment variables conditional on the
<code>User-Agent</code> HTTP request header. The following two
lines have the same effect:</p>
-<pre class="prettyprint lang-config">
-BrowserMatchNoCase Robot is_a_robot
-SetEnvIfNoCase User-Agent Robot is_a_robot
-</pre>
+<pre class="prettyprint lang-config">BrowserMatchNoCase Robot is_a_robot
+SetEnvIfNoCase User-Agent Robot is_a_robot</pre>
<p>Some additional examples:</p>
-<pre class="prettyprint lang-config">
-BrowserMatch ^Mozilla forms jpeg=yes browser=netscape
+<pre class="prettyprint lang-config">BrowserMatch ^Mozilla forms jpeg=yes browser=netscape
BrowserMatch "^Mozilla/[2-3]" tables agif frames javascript
-BrowserMatch MSIE !javascript
-</pre>
+BrowserMatch MSIE !javascript</pre>
</div>
semantically identical to the <code class="directive"><a href="#browsermatch">BrowserMatch</a></code> directive.
However, it provides for case-insensitive matching. For
example:</p>
-<pre class="prettyprint lang-config">
-BrowserMatchNoCase mac platform=macintosh
-BrowserMatchNoCase win platform=windows
-</pre>
+<pre class="prettyprint lang-config">BrowserMatchNoCase mac platform=macintosh
+BrowserMatchNoCase win platform=windows</pre>
<p>The <code class="directive">BrowserMatch</code> and
<code class="directive">BrowserMatchNoCase</code> directives are special cases of
the <code class="directive"><a href="#setenvif">SetEnvIf</a></code> and <code class="directive"><a href="#setenvifnocase">SetEnvIfNoCase</a></code>
directives. The following two lines have the same effect:</p>
-<pre class="prettyprint lang-config">
-BrowserMatchNoCase Robot is_a_robot
-SetEnvIfNoCase User-Agent Robot is_a_robot
-</pre>
+<pre class="prettyprint lang-config">BrowserMatchNoCase Robot is_a_robot
+SetEnvIfNoCase User-Agent Robot is_a_robot</pre>
</div>
<var>value</var> and replace them by parenthesized subexpressions
of <var>regex</var>.</p>
-<pre class="prettyprint lang-config">
-SetEnvIf Request_URI "\.gif$" object_is_image=gif
+<pre class="prettyprint lang-config">SetEnvIf Request_URI "\.gif$" object_is_image=gif
SetEnvIf Request_URI "\.jpg$" object_is_image=jpg
SetEnvIf Request_URI "\.xbm$" object_is_image=xbm
SetEnvIf object_is_image xbm XBIT_PROCESSING=1
-SetEnvIf ^TS ^[a-z] HAVE_TS
-</pre>
+SetEnvIf ^TS ^[a-z] HAVE_TS</pre>
<p>The first three will set the environment variable
<code>ap_expr</code>. These expressions will be evaluated at runtime,
and applied <em>env-variable</em> in the same fashion as <code class="directive">SetEnvIf</code>.</p>
-<pre class="prettyprint lang-config">
- SetEnvIfExpr "tolower(req('X-Sendfile')) == 'd:\images\very_big.iso')" iso_delivered
-</pre>
+<pre class="prettyprint lang-config"> SetEnvIfExpr "tolower(req('X-Sendfile')) == 'd:\images\very_big.iso')" iso_delivered</pre>
<p>This would set the environment variable <code>iso_delivered</code>
<p>A more useful example would be to set the variable rfc1918 if the
remote IP address is a private address according to RFC 1918:</p>
-<pre class="prettyprint lang-config">
- SetEnvIfExpr "-R '10.0.0.0/8' || -R '172.16.0.0/12' || -R '192.168.0.0/16'" rfc1918
-</pre>
+<pre class="prettyprint lang-config"> SetEnvIfExpr "-R '10.0.0.0/8' || -R '172.16.0.0/12' || -R '192.168.0.0/16'" rfc1918</pre>
<h3>See also</h3>
the <code class="directive"><a href="#setenvif">SetEnvIf</a></code> directive,
and differs only in that the regular expression matching is
performed in a case-insensitive manner. For example:</p>
-<pre class="prettyprint lang-config">
- SetEnvIfNoCase Host Example\.Org site=example
-</pre>
+<pre class="prettyprint lang-config"> SetEnvIfNoCase Host Example\.Org site=example</pre>
<p>This will cause the <code>site</code> environment variable
exemple qui définit netscape si le navigateur est Mozilla et non
MSIE.</p>
-<pre class="prettyprint lang-config">
-BrowserMatch ^Mozilla netscape
-BrowserMatch MSIE !netscape
-</pre>
+<pre class="prettyprint lang-config">BrowserMatch ^Mozilla netscape
+BrowserMatch MSIE !netscape</pre>
<p>Lorsque le serveur cherche un chemin via une <a class="glossarylink" href="../glossary.html#subrequest" title="voir glossaire">sous-requête</a> interne (par exemple la
d'environnement en fonction du contenu de l'en-tête de requête HTTP
<code>User-Agent</code>. Les deux lignes suivantes produisent le même
effet :</p>
-<pre class="prettyprint lang-config">
-BrowserMatchNoCase Robot is_a_robot
-SetEnvIfNoCase User-Agent Robot is_a_robot
-</pre>
+<pre class="prettyprint lang-config">BrowserMatchNoCase Robot is_a_robot
+SetEnvIfNoCase User-Agent Robot is_a_robot</pre>
<p>Quelques exemples supplémentaires :</p>
-<pre class="prettyprint lang-config">
-BrowserMatch ^Mozilla forms jpeg=yes browser=netscape
+<pre class="prettyprint lang-config">BrowserMatch ^Mozilla forms jpeg=yes browser=netscape
BrowserMatch "^Mozilla/[2-3]" tables agif frames javascript
-BrowserMatch MSIE !javascript
-</pre>
+BrowserMatch MSIE !javascript</pre>
</div>
<p>La directive <code class="directive">BrowserMatchNoCase</code> est
identique sur le plan sémantique à la directive <code class="directive"><a href="#browsermatch">BrowserMatch</a></code>. Elle permet
cependant une comparaison insensible à la casse. Par exemple :</p>
-<pre class="prettyprint lang-config">
-BrowserMatchNoCase mac platform=macintosh
-BrowserMatchNoCase win platform=windows
-</pre>
+<pre class="prettyprint lang-config">BrowserMatchNoCase mac platform=macintosh
+BrowserMatchNoCase win platform=windows</pre>
<p>Les directives <code class="directive">BrowserMatch</code> et
des directives <code class="directive"><a href="#setenvif">SetEnvIf</a></code>
et <code class="directive"><a href="#setenvifnocase">SetEnvIfNoCase</a></code>.
Ainsi, les deux lignes suivantes produisent le même effet :</p>
-<pre class="prettyprint lang-config">
-BrowserMatchNoCase Robot is_a_robot
-SetEnvIfNoCase User-Agent Robot is_a_robot
-</pre>
+<pre class="prettyprint lang-config">BrowserMatchNoCase Robot is_a_robot
+SetEnvIfNoCase User-Agent Robot is_a_robot</pre>
</div>
sous-expressions entre parenthèses correspondantes de
<var>regex</var>.</p>
-<pre class="prettyprint lang-config">
-SetEnvIf Request_URI "\.gif$" object_is_image=gif
+<pre class="prettyprint lang-config">SetEnvIf Request_URI "\.gif$" object_is_image=gif
SetEnvIf Request_URI "\.jpg$" object_is_image=jpg
SetEnvIf Request_URI "\.xbm$" object_is_image=xbm
SetEnvIf object_is_image xbm XBIT_PROCESSING=1
-SetEnvIf ^TS ^[a-z] HAVE_TS
-</pre>
+SetEnvIf ^TS ^[a-z] HAVE_TS</pre>
<p>Les trois premières lignes définissent la variable
d'environnement <em>env-variable</em> de la même manière que la
directive <code class="directive">SetEnvIf</code>.</p>
-<pre class="prettyprint lang-config">
- SetEnvIfExpr "tolower(req('X-Sendfile')) == 'd:\images\very_big.iso')" iso_delivered
-</pre>
+<pre class="prettyprint lang-config"> SetEnvIfExpr "tolower(req('X-Sendfile')) == 'd:\images\very_big.iso')" iso_delivered</pre>
<p>Dans cet exemple, la variable d'environnement
l'adresse IP distante est une adresse privée au sens de la RFC 1918
:</p>
-<pre class="prettyprint lang-config">
- SetEnvIfExpr "-R '10.0.0.0/8' || -R '172.16.0.0/12' || -R '192.168.0.0/16'" rfc1918
-</pre>
+<pre class="prettyprint lang-config"> SetEnvIfExpr "-R '10.0.0.0/8' || -R '172.16.0.0/12' || -R '192.168.0.0/16'" rfc1918</pre>
<h3>Voir aussi</h3>
d'un point de vue sémantique à la directive <code class="directive"><a href="#setenvif">SetEnvIf</a></code>, et ne s'en distingue que
par le fait que la comparaison des expressions rationnelles est
effectuée sans tenir compte de la casse. Par exemple :</p>
-<pre class="prettyprint lang-config">
- SetEnvIfNoCase Host Example\.Org site=apache
-</pre>
+<pre class="prettyprint lang-config"> SetEnvIfNoCase Host Example\.Org site=apache</pre>
<p>Cette ligne va définir la variable d'environnement
<code>module</code> in the file, and is listed as the <a href="module-dict.html#ModuleIdentifier">Module Identifier</a>
in the module documentation. Example:</p>
- <pre class="prettyprint lang-config">
- LoadModule status_module modules/mod_status.so
- </pre>
+ <pre class="prettyprint lang-config"> LoadModule status_module modules/mod_status.so</pre>
<p>loads the named module from the modules subdirectory of the
<code>module</code> dans le fichier, et est référencé comme <a href="module-dict.html#ModuleIdentifier">Identificateur de
module</a> dans la documentation des modules. Exemple :</p>
- <pre class="prettyprint lang-config">
- LoadModule status_module modules/mod_status.so
- </pre>
+ <pre class="prettyprint lang-config"> LoadModule status_module modules/mod_status.so</pre>
<p>charge le module spécifié depuis le sous-répertoire des modules
For backward compatibility there is additionally a special
``<code>%{</code><em>name</em><code>}c</code>'' cryptography format function
provided. Information about this function is provided in the <a href="../ssl/ssl_compat.html">Compatibility</a> chapter.</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-CustomLog logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">CustomLog logs/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"</pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
encrypted with SSL. This is similar to the
<code class="directive">SSLRequireSSL</code> directive.</p>
- <pre class="prettyprint lang-config">
- Require ssl
- </pre>
+ <pre class="prettyprint lang-config"> Require ssl</pre>
<p>The following example grants access if the user is authenticated
either with a client certificate or by username and password.</p>
- <pre class="prettyprint lang-config">
- Require ssl-verify-client<br />
- Require valid-user
- </pre>
+ <pre class="prettyprint lang-config"> Require ssl-verify-client<br />
+ Require valid-user</pre>
concatenation of the various PEM-encoded Certificate files, in order of
preference. This can be used alternatively and/or additionally to
<code class="directive"><a href="#sslcacertificatepath">SSLCACertificatePath</a></code>.</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLCACertificateFile /usr/local/apache2/conf/ssl.crt/ca-bundle-client.crt
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLCACertificateFile /usr/local/apache2/conf/ssl.crt/ca-bundle-client.crt</pre>
</div>
</div>
there: you also have to create symbolic links named
<em>hash-value</em><code>.N</code>. And you should always make sure this directory
contains the appropriate symbolic links.</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLCACertificatePath /usr/local/apache2/conf/ssl.crt/
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLCACertificatePath /usr/local/apache2/conf/ssl.crt/</pre>
</div>
</div>
specify an <em>all-in-one</em> file containing a concatenation of
PEM-encoded CA certificates.</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLCADNRequestFile /usr/local/apache2/conf/ca-names.crt
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLCADNRequestFile /usr/local/apache2/conf/ca-names.crt</pre>
</div>
</div>
Certificate files there: you also have to create symbolic links named
<em>hash-value</em><code>.N</code>. And you should always make sure
this directory contains the appropriate symbolic links.</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLCADNRequestPath /usr/local/apache2/conf/ca-names.crt/
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLCADNRequestPath /usr/local/apache2/conf/ca-names.crt/</pre>
</div>
</div>
<code>"unable to get certificate CRL"</code> error.
</p>
</div>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLCARevocationCheck chain
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLCARevocationCheck chain</pre>
</div>
</div>
for Client Authentication. Such a file is simply the concatenation of
the various PEM-encoded CRL files, in order of preference. This can be
used alternatively and/or additionally to <code class="directive"><a href="#sslcarevocationpath">SSLCARevocationPath</a></code>.</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLCARevocationFile /usr/local/apache2/conf/ssl.crl/ca-bundle-client.crl
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLCARevocationFile /usr/local/apache2/conf/ssl.crl/ca-bundle-client.crl</pre>
</div>
</div>
Additionally you have to create symbolic links named
<em>hash-value</em><code>.rN</code>. And you should always make sure this directory
contains the appropriate symbolic links.</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLCARevocationPath /usr/local/apache2/conf/ssl.crl/
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLCARevocationPath /usr/local/apache2/conf/ssl.crl/</pre>
</div>
</div>
using a coupled RSA+DSA certificate pair, this will work only if actually both
certificates use the <em>same</em> certificate chain. Else the browsers will be
confused in this situation.</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLCertificateChainFile /usr/local/apache2/conf/ssl.crt/ca.crt
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLCertificateChainFile /usr/local/apache2/conf/ssl.crt/ca.crt</pre>
</div>
</div>
</p>
</div>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.crt
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLCertificateFile /usr/local/apache2/conf/ssl.crt/server.crt</pre>
</div>
</div>
directive, there must be a matching <code class="directive">SSLCertificateFile</code>
directive.</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLCertificateKeyFile /usr/local/apache2/conf/ssl.key/server.key
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLCertificateKeyFile /usr/local/apache2/conf/ssl.key/server.key</pre>
</div>
</div>
Finally, remove all ciphers which do not authenticate, i.e. for SSL the
Anonymous Diffie-Hellman ciphers, as well as all ciphers which use
<code>MD5</code> as hash algorithm, because it has been proven insufficient.</p>
-<div class="example"><pre>
-$ openssl ciphers -v 'RC4-SHA:AES128-SHA:HIGH:MEDIUM:!aNULL:!MD5'
+<div class="example"><pre>$ openssl ciphers -v 'RC4-SHA:AES128-SHA:HIGH:MEDIUM:!aNULL:!MD5'
RC4-SHA SSLv3 Kx=RSA Au=RSA Enc=RC4(128) Mac=SHA1
AES128-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA1
DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1
... ... ... ... ...
SEED-SHA SSLv3 Kx=RSA Au=RSA Enc=SEED(128) Mac=SHA1
PSK-RC4-SHA SSLv3 Kx=PSK Au=PSK Enc=RC4(128) Mac=SHA1
-KRB5-RC4-SHA SSLv3 Kx=KRB5 Au=KRB5 Enc=RC4(128) Mac=SHA1
-</pre></div>
+KRB5-RC4-SHA SSLv3 Kx=KRB5 Au=KRB5 Enc=RC4(128) Mac=SHA1</pre></div>
<p>The complete list of particular RSA & DH ciphers for SSL is given in <a href="#table2">Table 2</a>.</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLCipherSuite RSA:!EXP:!NULL:+HIGH:+MEDIUM:-LOW
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLCipherSuite RSA:!EXP:!NULL:+HIGH:+MEDIUM:-LOW</pre>
</div>
<table class="bordered">
<p>To discover which engine names are supported, run the command
"<code>openssl engine</code>".</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-# For a Broadcom accelerator:
-SSLCryptoDevice ubsec
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config"># For a Broadcom accelerator:
+SSLCryptoDevice ubsec</pre>
</div>
</div>
is should be used inside a <code class="directive"><a href="../mod/core.html#virtualhost"><VirtualHost></a></code> section to enable SSL/TLS for a
that virtual host. By default the SSL/TLS Protocol Engine is
disabled for both the main server and all configured virtual hosts.</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-<VirtualHost _default_:443>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config"><VirtualHost _default_:443>
SSLEngine on
#...
-</VirtualHost>
-</pre>
+</VirtualHost></pre>
</div>
<p>In Apache 2.1 and later, <code class="directive">SSLEngine</code> can be set to
<code>optional</code>. This enables support for
<p>When choosing a cipher during an SSLv3 or TLSv1 handshake, normally
the client's preference is used. If this directive is enabled, the
server's preference will be used instead.</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLHonorCipherOrder on
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLHonorCipherOrder on</pre>
</div>
</div>
in <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2009-3555">CVE-2009-3555</a>.</p>
</div>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLInsecureRenegotiation on
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLInsecureRenegotiation on</pre>
</div>
<p>The <code>SSL_SECURE_RENEG</code> environment variable can be used
<code class="directive"><a href="#sslocspoverrideresponder">SSLOCSPOverrideResponder</a></code>
directives.</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLVerifyClient on
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLVerifyClient on
SSLOCSPEnable on
SSLOCSPDefaultResponder http://responder.example.com:8888/responder
-SSLOCSPOverrideResponder on
-</pre>
+SSLOCSPOverrideResponder on</pre>
</div>
</div>
though it should be noted that the syntax / allowable values for the parameters
may sometimes differ.</p>
-<div class="example"><h3>Examples</h3><pre class="prettyprint lang-config">
-SSLOpenSSLConfCmd Options -SessionTicket,ServerPreference
+<div class="example"><h3>Examples</h3><pre class="prettyprint lang-config">SSLOpenSSLConfCmd Options -SessionTicket,ServerPreference
SSLOpenSSLConfCmd ECDHParameters brainpoolP256r1
SSLOpenSSLConfCmd ServerInfoFile /usr/local/apache2/conf/server-info.pem
SSLOpenSSLConfCmd Protocol "-ALL, TLSv1.2"
-SSLOpenSSLConfCmd SignatureAlgorithms RSA+SHA384:ECDSA+SHA256
-</pre>
+SSLOpenSSLConfCmd SignatureAlgorithms RSA+SHA384:ECDSA+SHA256</pre>
</div>
</div>
</p>
</li>
</ul>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLOptions +FakeBasicAuth -StrictRequire
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLOptions +FakeBasicAuth -StrictRequire
<Files ~ "\.(cgi|shtml)$">
SSLOptions +StdEnvVars -ExportCertData
-<Files>
-</pre>
+<Files></pre>
</div>
</div>
The reuse-algorithm above is used here, too. In other words: The external
program is called only once per unique Pass Phrase.</p></li>
</ul>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLPassPhraseDialog exec:/usr/local/apache/sbin/pp-filter
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLPassPhraseDialog exec:/usr/local/apache/sbin/pp-filter</pre>
</div>
</div>
- when using OpenSSL 1.0.1 and later -
``<code>+SSLv3 +TLSv1 +TLSv1.1 +TLSv1.2</code>, respectively.</p></li>
</ul>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLProtocol TLSv1
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLProtocol TLSv1</pre>
</div>
</div>
concatenation of the various PEM-encoded Certificate files, in order of
preference. This can be used alternatively and/or additionally to
<code class="directive"><a href="#sslproxycacertificatepath">SSLProxyCACertificatePath</a></code>.</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLProxyCACertificateFile /usr/local/apache2/conf/ssl.crt/ca-bundle-remote-server.crt
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLProxyCACertificateFile /usr/local/apache2/conf/ssl.crt/ca-bundle-remote-server.crt</pre>
</div>
</div>
there: you also have to create symbolic links named
<em>hash-value</em><code>.N</code>. And you should always make sure this directory
contains the appropriate symbolic links.</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLProxyCACertificatePath /usr/local/apache2/conf/ssl.crt/
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLProxyCACertificatePath /usr/local/apache2/conf/ssl.crt/</pre>
</div>
</div>
<code>"unable to get certificate CRL"</code> error.
</p>
</div>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLProxyCARevocationCheck chain
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLProxyCARevocationCheck chain</pre>
</div>
</div>
for Remote Server Authentication. Such a file is simply the concatenation of
the various PEM-encoded CRL files, in order of preference. This can be
used alternatively and/or additionally to <code class="directive"><a href="#sslproxycarevocationpath">SSLProxyCARevocationPath</a></code>.</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLProxyCARevocationFile /usr/local/apache2/conf/ssl.crl/ca-bundle-remote-server.crl
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLProxyCARevocationFile /usr/local/apache2/conf/ssl.crl/ca-bundle-remote-server.crl</pre>
</div>
</div>
Additionally you have to create symbolic links named
<em>hash-value</em><code>.rN</code>. And you should always make sure this directory
contains the appropriate symbolic links.</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLProxyCARevocationPath /usr/local/apache2/conf/ssl.crl/
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLProxyCARevocationPath /usr/local/apache2/conf/ssl.crl/</pre>
</div>
</div>
setting is only taken into account when
<code>SSLProxyCheckPeerName off</code> is specified at the same time.
</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLProxyCheckPeerCN on
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLProxyCheckPeerCN on</pre>
</div>
</div>
is expired or not. If the check fails a 502 status code (Bad Gateway) is
sent.
</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLProxyCheckPeerExpire on
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLProxyCheckPeerExpire on</pre>
</div>
</div>
SSLProxyEngine is not required to enable a forward proxy server to
proxy SSL/TLS requests.</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-<VirtualHost _default_:443>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config"><VirtualHost _default_:443>
SSLProxyEngine on
#...
-</VirtualHost>
-</pre>
+</VirtualHost></pre>
</div>
</div>
trusted as if they were also in <code class="directive"><a href="#sslproxycacertificatefile">
SSLProxyCACertificateFile</a></code>.</p>
</div>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLProxyMachineCertificateChainFile /usr/local/apache2/conf/ssl.crt/proxyCA.pem
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLProxyMachineCertificateChainFile /usr/local/apache2/conf/ssl.crt/proxyCA.pem</pre>
</div>
</div>
<div class="warning">
<p>Currently there is no support for encrypted private keys</p>
</div>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLProxyMachineCertificateFile /usr/local/apache2/conf/ssl.crt/proxy.pem
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLProxyMachineCertificateFile /usr/local/apache2/conf/ssl.crt/proxy.pem</pre>
</div>
</div>
<div class="warning">
<p>Currently there is no support for encrypted private keys</p>
</div>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLProxyMachineCertificatePath /usr/local/apache2/conf/proxy.crt/
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLProxyMachineCertificatePath /usr/local/apache2/conf/proxy.crt/</pre>
</div>
</div>
<strong>optional</strong> doesn't work with all servers and level
<strong>optional_no_ca</strong> is actually against the idea of
authentication (but can be used to establish SSL test pages, etc.)</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLProxyVerify require
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLProxyVerify require</pre>
</div>
</div>
the remote server certificate can be self-signed or has to be signed by a CA
which is directly known to the server (i.e. the CA's certificate is under
<code class="directive"><a href="#sslproxycacertificatepath">SSLProxyCACertificatePath</a></code>), etc.</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLProxyVerifyDepth 10
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLProxyVerifyDepth 10</pre>
</div>
</div>
/crypto/</a>) to seed the PRNG. Use this if no random device exists
on your platform.</p></li>
</ul>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLRandomSeed startup builtin
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLRandomSeed startup builtin
SSLRandomSeed startup file:/dev/random
SSLRandomSeed startup file:/dev/urandom 1024
SSLRandomSeed startup exec:/usr/local/bin/truerand 16
SSLRandomSeed connect builtin
SSLRandomSeed connect file:/dev/random
-SSLRandomSeed connect file:/dev/urandom 1024
-</pre>
+SSLRandomSeed connect file:/dev/urandom 1024</pre>
</div>
</div>
memory must be considered when changing this configuration setting.
</p></div>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLRenegBufferSize 262144
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLRenegBufferSize 262144</pre>
</div>
</div>
The <em>expression</em> must match the following syntax (given as a BNF
grammar notation):</p>
<blockquote>
-<pre>
-expr ::= "<strong>true</strong>" | "<strong>false</strong>"
+<pre>expr ::= "<strong>true</strong>" | "<strong>false</strong>"
| "<strong>!</strong>" expr
| expr "<strong>&&</strong>" expr
| expr "<strong>||</strong>" expr
digit ::= [0-9]+
cstring ::= "..."
variable ::= "<strong>%{</strong>" varname "<strong>}</strong>"
-function ::= funcname "<strong>(</strong>" funcargs "<strong>)</strong>"
-</pre>
+function ::= funcname "<strong>(</strong>" funcargs "<strong>)</strong>"</pre>
</blockquote>
<p>For <code>varname</code> any of the variables described in <a href="#envvars">Environment Variables</a> can be used. For
<code>funcname</code> the available functions are listed in
both parsed and executed each time the .htaccess file is encountered during
request processing.</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)-/ \
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)-/ \
and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
and %{TIME_WDAY} -ge 1 and %{TIME_WDAY} -le 5 \
and %{TIME_HOUR} -ge 8 and %{TIME_HOUR} -le 20 ) \
- or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
-</pre>
+ or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/</pre>
</div>
<p>The <code>PeerExtList(<em>object-ID</em>)</code> function expects
(If multiple extensions with the same OID are present, at least one
extension must match).</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLRequire "foobar" in PeerExtList("1.2.3.4.5.6")
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLRequire "foobar" in PeerExtList("1.2.3.4.5.6")</pre>
</div>
<div class="note"><h3>Notes on the PeerExtList function</h3>
host or directories for defending against configuration errors that expose
stuff that should be protected. When this directive is present all requests
are denied which are not using SSL.</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLRequireSSL
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLRequireSSL</pre>
</div>
</div>
</ul>
-<div class="example"><h3>Examples</h3><pre class="prettyprint lang-config">
-SSLSessionCache dbm:/usr/local/apache/logs/ssl_gcache_data
-SSLSessionCache shmcb:/usr/local/apache/logs/ssl_gcache_data(512000)
-</pre>
+<div class="example"><h3>Examples</h3><pre class="prettyprint lang-config">SSLSessionCache dbm:/usr/local/apache/logs/ssl_gcache_data
+SSLSessionCache shmcb:/usr/local/apache/logs/ssl_gcache_data(512000)</pre>
</div>
<p>The <code>ssl-cache</code> mutex is used to serialize access to
global/inter-process SSL Session Cache and the OpenSSL internal memory cache.
It can be set as low as 15 for testing, but should be set to higher
values like 300 in real life.</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLSessionCacheTimeout 600
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLSessionCacheTimeout 600</pre>
</div>
</div>
version of OpenSSL.
</p></div>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLStrictSNIVHostCheck on
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLStrictSNIVHostCheck on</pre>
</div>
</div>
instead controls the value of the username embedded within the basic
authentication header (see <a href="#ssloptions">SSLOptions</a>).</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLUserName SSL_CLIENT_S_DN_CN
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLUserName SSL_CLIENT_S_DN_CN</pre>
</div>
</div>
<strong>optional</strong> doesn't work with all browsers and level
<strong>optional_no_ca</strong> is actually against the idea of
authentication (but can be used to establish SSL test pages, etc.)</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLVerifyClient require
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLVerifyClient require</pre>
</div>
</div>
certificate can be self-signed or has to be signed by a CA which is directly
known to the server (i.e. the CA's certificate is under
<code class="directive"><a href="#sslcacertificatepath">SSLCACertificatePath</a></code>), etc.</p>
-<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-SSLVerifyDepth 10
-</pre>
+<div class="example"><h3>Example</h3><pre class="prettyprint lang-config">SSLVerifyDepth 10</pre>
</div>
</div>
<p>To enable status reports only for browsers from the example.com
domain add this code to your <code>httpd.conf</code>
configuration file</p>
-<pre class="prettyprint lang-config">
-<Location /server-status>
+<pre class="prettyprint lang-config"><Location /server-status>
SetHandler server-status
Require host example.com
-</Location>
-</pre>
+</Location></pre>
<p>You can now access server statistics by using a Web browser
<p>Pour n'activer les rapports d'état que pour les navigateurs
appartenant au domaine example.com, ajoutez ces lignes à votre
fichier de configuration <code>httpd.conf</code> :</p>
-<pre class="prettyprint lang-config">
-<Location /etat-serveur>
+<pre class="prettyprint lang-config"><Location /etat-serveur>
SetHandler server-status
Require host example.com
-</Location>
-</pre>
+</Location></pre>
<p>Il est alors possible d'obtenir les statistiques du serveur en
or regex of a subsequent one.</dd>
</dl>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-<Location />
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"><Location />
AddOutputFilterByType SUBSTITUTE text/html
Substitute s/foo/bar/ni
-</Location>
- </pre>
+</Location></pre>
</div>
<p>If either the pattern or the substitution contain a slash
character then an alternative delimiter should be used:</p>
- <div class="example"><h3>Example of using an alternate delimiter</h3><pre class="prettyprint lang-config">
-<Location />
+ <div class="example"><h3>Example of using an alternate delimiter</h3><pre class="prettyprint lang-config"><Location />
AddOutputFilterByType SUBSTITUTE text/html
Substitute "s|<BR */?>|<br />|i"
-</Location>
- </pre>
+</Location></pre>
</div>
<p>Backreferences can be used in the comparison and in the substitution,
when regular expressions are used, as illustrated in the following example: </p>
- <div class="example"><h3>Example of using backreferences and captures</h3><pre class="prettyprint lang-config">
-<Location />
+ <div class="example"><h3>Example of using backreferences and captures</h3><pre class="prettyprint lang-config"><Location />
AddOutputFilterByType SUBSTITUTE text/html
# "foo=k,bar=k" -> "foo/bar=k"
Substitute "s|foo=(\w+),bar=\1|foo/bar=$1"
-</Location>
- </pre>
+</Location></pre>
</div>
<p>A common use scenario for <code>mod_substitute</code> is the
<p>In this case, <code>mod_substutite</code> can be used to rewrite
those URLs into something that will work from the front end:</p>
- <div class="example"><h3>Rewriting URLs embedded in proxied content</h3><pre class="prettyprint lang-config">
-ProxyPass /blog/ http://internal.blog.example.com
+ <div class="example"><h3>Rewriting URLs embedded in proxied content</h3><pre class="prettyprint lang-config">ProxyPass /blog/ http://internal.blog.example.com
ProxyPassReverse /blog/ http://internal.blog.example.com/
-Substitute "s|http://internal.blog.example.com/|http://www.example.com/blog/|i"
- </pre>
+Substitute "s|http://internal.blog.example.com/|http://www.example.com/blog/|i"</pre>
</div>
<p><code class="directive"><a href="../mod/mod_proxy.html#proxypassreverse">ProxyPassReverse</a></code>
to specify a user and group for CGI programs to run as. Non-CGI
requests are still processed with the user specified in the <code class="directive"><a href="../mod/mod_unixd.html#user">User</a></code> directive.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- SuexecUserGroup nobody nogroup
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> SuexecUserGroup nobody nogroup</pre>
</div>
<p>In Apache httpd 2.3.9 and later, startup will fail if this
<dd>Refers to a group by its number.</dd>
</dl>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- Group www-group
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> Group www-group</pre>
</div>
<p>It is recommended that you set up a new group specifically for
<p>To allow a few users to have <code>UserDir</code> directories, but
not anyone else, use the following:</p>
- <pre class="prettyprint lang-config">
-UserDir disabled
-UserDir enabled user1 user2 user3
- </pre>
+ <pre class="prettyprint lang-config">UserDir disabled
+UserDir enabled user1 user2 user3</pre>
<p>To allow most users to have <code>UserDir</code> directories, but
deny this to a few, use the following:</p>
- <pre class="prettyprint lang-config">
- UserDir disabled user4 user5 user6
- </pre>
+ <pre class="prettyprint lang-config"> UserDir disabled user4 user5 user6</pre>
<p>It is also possible to specify alternative user directories.
If you use a command like:</p>
- <pre class="prettyprint lang-config">
- UserDir public_html /usr/web http://www.example.com/
- </pre>
+ <pre class="prettyprint lang-config"> UserDir public_html /usr/web http://www.example.com/</pre>
<p>With a request for
<p><code class="module"><a href="../mod/mod_usertrack.html">mod_usertrack</a></code> sets a cookie which can be logged
via <code class="module"><a href="../mod/mod_log_config.html">mod_log_config</a></code> configurable logging formats:</p>
- <pre class="prettyprint lang-config">
-LogFormat "%{Apache}n %r %t" usertrack
-CustomLog logs/clickstream.log usertrack
- </pre>
+ <pre class="prettyprint lang-config">LogFormat "%{Apache}n %r %t" usertrack
+CustomLog logs/clickstream.log usertrack</pre>
</div>
level domain (for example <code>.example.co.uk</code>).
</div>
- <pre class="prettyprint lang-config">
- CookieDomain .example.com
- </pre>
+ <pre class="prettyprint lang-config"> CookieDomain .example.com</pre>
</div>
<p>If this directive is not used, cookies last only for the
current browser session.</p>
- <pre class="prettyprint lang-config">
- CookieExpires "3 weeks"
- </pre>
+ <pre class="prettyprint lang-config"> CookieExpires "3 weeks"</pre>
</div>
unpredictable if you use a name containing unusual characters.
Valid characters include A-Z, a-z, 0-9, "_", and "-".</p>
- <pre class="prettyprint lang-config">
- CookieName clicktrack
- </pre>
+ <pre class="prettyprint lang-config"> CookieName clicktrack</pre>
</div>
three of these formats, with <code>Cookie2</code> being the
preferred format.</p>
- <pre class="prettyprint lang-config">
- CookieStyle Cookie2
- </pre>
+ <pre class="prettyprint lang-config"> CookieStyle Cookie2</pre>
</div>
<code class="module"><a href="../mod/mod_usertrack.html">mod_usertrack</a></code> will <strong>not</strong>
activate cookies. </p>
- <pre class="prettyprint lang-config">
- CookieTracking on
- </pre>
+ <pre class="prettyprint lang-config"> CookieTracking on</pre>
allows a flexible version checking including numeric comparisons and
regular expressions.</p>
- <div class="example"><h3>Examples</h3><pre class="prettyprint lang-config">
-<IfVersion 2.4.2>
+ <div class="example"><h3>Examples</h3><pre class="prettyprint lang-config"><IfVersion 2.4.2>
# current httpd version is exactly 2.4.2
</IfVersion>
<IfVersion >= 2.5>
# use really new features :-)
-</IfVersion>
- </pre>
+</IfVersion></pre>
</div>
<p>See below for further possibilities.</p>
<td>httpd version is less or equal</td></tr>
</table>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-<IfVersion >= 2.3>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"><IfVersion >= 2.3>
# this happens only in versions greater or
# equal 2.3.0.
-</IfVersion>
- </pre>
+</IfVersion></pre>
</div>
<p>Besides the numerical comparison it is possible to match a
<code><var>regex</var></code></td></tr>
</table>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-<IfVersion = /^2.4.[01234]$/>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"><IfVersion = /^2.4.[01234]$/>
# e.g. workaround for buggy versions
-</IfVersion>
- </pre>
+</IfVersion></pre>
</div>
<p>In order to reverse the meaning, all operators can be preceded by an
exclamation mark (<code>!</code>):</p>
- <pre class="prettyprint lang-config">
-<IfVersion !~ ^2.4.[01234]$>
+ <pre class="prettyprint lang-config"><IfVersion !~ ^2.4.[01234]$>
# not for those versions
-</IfVersion>
- </pre>
+</IfVersion></pre>
<p>If the <var>operator</var> is omitted, it is assumed to be
/cgi-bin/script.pl</code> to <code>
/usr/local/apache2/cgi-bin/script.pl</code> in all cases:</p>
- <pre class="prettyprint lang-config">
-ScriptAlias /cgi-bin/ /usr/local/apache2/cgi-bin/
-VirtualScriptAlias /never/found/%0/cgi-bin/
- </pre>
+ <pre class="prettyprint lang-config">ScriptAlias /cgi-bin/ /usr/local/apache2/cgi-bin/
+VirtualScriptAlias /never/found/%0/cgi-bin/</pre>
</div>
</div>
<p>For simple name-based virtual hosts you might use the
following directives in your server configuration file:</p>
- <pre class="prettyprint lang-config">
-UseCanonicalName Off
-VirtualDocumentRoot /usr/local/apache/vhosts/%0
- </pre>
+ <pre class="prettyprint lang-config">UseCanonicalName Off
+VirtualDocumentRoot /usr/local/apache/vhosts/%0</pre>
<p>A request for
<code>vhosts</code> directory. To do this you might use the
following in your configuration file:</p>
- <pre class="prettyprint lang-config">
-UseCanonicalName Off
-VirtualDocumentRoot /usr/local/apache/vhosts/%3+/%2.1/%2.2/%2.3/%2
- </pre>
+ <pre class="prettyprint lang-config">UseCanonicalName Off
+VirtualDocumentRoot /usr/local/apache/vhosts/%3+/%2.1/%2.2/%2.3/%2</pre>
<p>A request for
<p>A more even spread of files can be achieved by hashing from the
end of the name, for example: </p>
-<pre class="prettyprint lang-config">
- VirtualDocumentRoot /usr/local/apache/vhosts/%3+/%2.-1/%2.-2/%2.-3/%2
-</pre>
+<pre class="prettyprint lang-config"> VirtualDocumentRoot /usr/local/apache/vhosts/%3+/%2.-1/%2.-2/%2.-3/%2</pre>
<p>The example request would come from
<p>Alternatively you might use: </p>
-<pre class="prettyprint lang-config">
- VirtualDocumentRoot /usr/local/apache/vhosts/%3+/%2.1/%2.2/%2.3/%2.4+
-</pre>
+<pre class="prettyprint lang-config"> VirtualDocumentRoot /usr/local/apache/vhosts/%3+/%2.1/%2.2/%2.3/%2.4+</pre>
<p>The example request would come from
to the hostname. As such, one can make a configuration that will direct all first, second
or third level subdomains to the same directory:
</p>
-<pre class="prettyprint lang-config">
- VirtualDocumentRoot "/usr/local/apache/vhosts/%-2.0.%-1.0"
-</pre>
+<pre class="prettyprint lang-config"> VirtualDocumentRoot "/usr/local/apache/vhosts/%-2.0.%-1.0"</pre>
<p>
In the example above, both <code>www.example.com</code> as well as <code>www.sub.example.com</code>
<p>For IP-based virtual hosting you might use the following in
your configuration file:</p>
- <pre class="prettyprint lang-config">
-UseCanonicalName DNS
+ <pre class="prettyprint lang-config">UseCanonicalName DNS
VirtualDocumentRootIP /usr/local/apache/vhosts/%1/%2/%3/%4/docs
-VirtualScriptAliasIP /usr/local/apache/vhosts/%1/%2/%3/%4/cgi-bin
- </pre>
+VirtualScriptAliasIP /usr/local/apache/vhosts/%1/%2/%3/%4/cgi-bin</pre>
<p>A request for
a <code>%</code> directive, you can work around the problem in
the following way:</p>
-<pre class="prettyprint lang-config">
- VirtualDocumentRoot /usr/local/apache/vhosts/%2.0.%3.0
-</pre>
+<pre class="prettyprint lang-config"> VirtualDocumentRoot /usr/local/apache/vhosts/%2.0.%3.0</pre>
<p>A request for
<p>For example, to make the server accept connections on both
port 80 and port 8000, use:</p>
- <pre class="prettyprint lang-config">
-Listen 80
-Listen 8000
- </pre>
+ <pre class="prettyprint lang-config">Listen 80
+Listen 8000</pre>
<p>To make the server accept connections on two specified
interfaces and port numbers, use </p>
- <pre class="prettyprint lang-config">
-Listen 192.170.2.1:80
-Listen 192.170.2.5:8000
- </pre>
+ <pre class="prettyprint lang-config">Listen 192.170.2.1:80
+Listen 192.170.2.5:8000</pre>
<p>IPv6 addresses must be surrounded in square brackets, as in the
following example:</p>
- <pre class="prettyprint lang-config">
- Listen [2001:db8::a00:20ff:fea7:ccea]:80
- </pre>
+ <pre class="prettyprint lang-config"> Listen [2001:db8::a00:20ff:fea7:ccea]:80</pre>
<p>The optional <var>protocol</var> argument is not required for most
<p>You only need to set the protocol if you are running on non-standard
ports. For example, running an <code>https</code> site on port 8443:</p>
- <pre class="prettyprint lang-config">
- Listen 192.170.2.1:8443 https
- </pre>
+ <pre class="prettyprint lang-config"> Listen 192.170.2.1:8443 https</pre>
<div class="note"><h3>Error condition</h3>
filename is not absolute then it is assumed to be relative to the
<code class="directive"><a href="../mod/core.html#defaultruntimedir">DefaultRuntimeDir</a></code>.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- PidFile /var/run/apache.pid
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> PidFile /var/run/apache.pid</pre>
</div>
<p>It is often useful to be able to send the server a signal,
will be relative to the value of
<code class="directive"><a href="../mod/core.html#defaultruntimedir">DefaultRuntimeDir</a></code>.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
- ScoreBoardFile /var/run/apache_runtime_status
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config"> ScoreBoardFile /var/run/apache_runtime_status</pre>
</div>
<p>File-based shared memory is useful for third-party applications
<p>A typical configuration of the process-thread controls in
the <code class="module"><a href="../mod/worker.html">worker</a></code> MPM could look as follows:</p>
- <pre class="prettyprint lang-config">
-ServerLimit 16
+ <pre class="prettyprint lang-config">ServerLimit 16
StartServers 2
MaxRequestWorkers 150
MinSpareThreads 25
MaxSpareThreads 75
-ThreadsPerChild 25
- </pre>
+ThreadsPerChild 25</pre>
<p>While the parent process is usually started as <code>root</code>
</div>
-<pre>
-Date: Wed, 05 Nov 1997 16:59:34 -0800
+<pre>Date: Wed, 05 Nov 1997 16:59:34 -0800
From: Rick Jones <<a href="mailto:raj@cup.hp.com">raj@cup.hp.com</a>>
Reply-To: <a href="mailto:raj@cup.hp.com">raj@cup.hp.com</a>
Organization: Network Performance
-Subject: HP-UX tuning tips
-</pre>
+Subject: HP-UX tuning tips</pre>
<p>Here are some tuning tips for HP-UX to add to the tuning page.</p>
ÃÖ±Ù¿¡ º¯°æµÈ ³»¿ëÀº ¿µ¾î ¹®¼¸¦ Âü°íÇϼ¼¿ä.</div>
-<pre>
-Date: Wed, 05 Nov 1997 16:59:34 -0800
+<pre>Date: Wed, 05 Nov 1997 16:59:34 -0800
From: Rick Jones <<a href="mailto:raj@cup.hp.com">raj@cup.hp.com</a>>
Reply-To: <a href="mailto:raj@cup.hp.com">raj@cup.hp.com</a>
Organization: Network Performance
-Subject: HP-UX tuning tips
-</pre>
+Subject: HP-UX tuning tips</pre>
<p>ÀÌ ±ÛÀº ¼º´ÉÇâ»ó ÆäÀÌÁö¿¡ Ãß°¡ÇÒ HP-UX ¼º´ÉÇâ»ó ÆÁÀÌ´Ù.</p>
ÀÖ´Ù. Windows NT¿¡¼ <code>release</code>¿Í <code>debug</code>
ÄÄÆÄÀÏÇÏ´Â ¸í·É¾î´Â °¢°¢ ´ÙÀ½°ú °°´Ù:</p>
- <div class="example"><pre>
-nmake /f Makefile.win _apacher
+ <div class="example"><pre>nmake /f Makefile.win _apacher
-nmake /f Makefile.win _apached
- </pre></div>
+nmake /f Makefile.win _apached</pre></div>
<p>µÎ ¸í·É¾î ¸ðµÎ ¾ÆÆÄÄ¡¸¦ ÄÄÆÄÀÏÇÑ´Ù. ÈÄÀÚ´Â °á°úÆÄÀÏ¿¡
µð¹ö±ë Á¤º¸¸¦ Æ÷ÇÔÇÏ¿© ¹ö±×¸¦ ã°í ¹®Á¦¸¦ ÃßÀûÇϱ⠽±°Ô
<p>ÄÄÆÄÀÏÇÏ°í ¸ðµç ÆÄÀÏÀ» ¿øÇÏ´Â Æú´õ <em>dir</em>¿¡ ÀÚµ¿À¸·Î
¼³Ä¡ÇÏ·Á¸é ´ÙÀ½ <code>nmake</code> ¸í·É¾îÁß Çϳª¸¦ »ç¿ëÇÑ´Ù:</p>
- <div class="example"><pre>
-nmake /f Makefile.win installr INSTDIR=<em>dir</em>
+ <div class="example"><pre>nmake /f Makefile.win installr INSTDIR=<em>dir</em>
nmake /f Makefile.win installd INSTDIR=<em>dir</em>
</pre></div>
how it is accessed. If you wish to assure that only lowercase
is used in URLs, you can use something like:</p>
- <pre class="prettyprint lang-config">
-RewriteEngine On
+ <pre class="prettyprint lang-config">RewriteEngine On
RewriteMap lowercase int:tolower
RewriteCond %{REQUEST_URI} [A-Z]
-RewriteRule (.*) ${lowercase:$1} [R,L]
- </pre>
+RewriteRule (.*) ${lowercase:$1} [R,L]</pre>
</li>
<li><p>When running, Apache needs write access only to the logs
module, use the following (in addition to the status-activating
directives in <code>access.conf</code>):</p>
- <pre class="prettyprint lang-config">
- LoadModule status_module modules/mod_status.so
- </pre>
+ <pre class="prettyprint lang-config"> LoadModule status_module modules/mod_status.so</pre>
<p>Information on <a href="../mod/mod_so.html#creating">creating
(Arcane and error prone procedures may work around the restriction
on mapped drive letters, but this is not recommended.)</p>
- <div class="example"><h3>Example DocumentRoot with UNC path</h3><pre class="prettyprint lang-config">
- DocumentRoot //dochost/www/html/
- </pre>
+ <div class="example"><h3>Example DocumentRoot with UNC path</h3><pre class="prettyprint lang-config"> DocumentRoot //dochost/www/html/</pre>
</div>
- <div class="example"><h3>Example DocumentRoot with IP address in UNC path</h3><pre class="prettyprint lang-config">
- DocumentRoot //192.168.1.50/docs/
- </pre>
+ <div class="example"><h3>Example DocumentRoot with IP address in UNC path</h3><pre class="prettyprint lang-config"> DocumentRoot //192.168.1.50/docs/</pre>
</div>
- <div class="example"><h3>Example Alias and corresponding Directory with UNC path</h3><pre class="prettyprint lang-config">
-Alias /images/ //imagehost/www/images/
+ <div class="example"><h3>Example Alias and corresponding Directory with UNC path</h3><pre class="prettyprint lang-config">Alias /images/ //imagehost/www/images/
<Directory //imagehost/www/images/>
#...
-<Directory>
- </pre>
+<Directory></pre>
</div>
<p>When running Apache httpd as a service, you must create a
<p>The script contains the following section.</p>
-<pre class="prettyprint lang-perl">
-my $wherelog = "/usr/local/apache2/logs/"; # Logs will be like "/usr/local/apache2/logs/19960312"
+<pre class="prettyprint lang-perl">my $wherelog = "/usr/local/apache2/logs/"; # Logs will be like "/usr/local/apache2/logs/19960312"
my $server = "localhost"; # Name of server, could be "www.foo.com"
my $port = "80"; # Port on server
-my $request = "/server-status/?auto"; # Request to send
-</pre>
+my $request = "/server-status/?auto"; # Request to send</pre>
<p>You'll need to ensure that these variables have the correct values,
<p>Create a log file with virtual host information in it:</p>
- <pre class="prettyprint lang-config">
-LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combined_plus_vhost
-CustomLog logs/access_log combined_plus_vhost
- </pre>
+ <pre class="prettyprint lang-config">LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combined_plus_vhost
+CustomLog logs/access_log combined_plus_vhost</pre>
<p>Log files will be created, in the directory where you run the
-<pre class="prettyprint lang-config">
-RewriteCond %{HTTP_REFERER} !^$
+<pre class="prettyprint lang-config">RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !www.example.com [NC]
-RewriteRule \.(gif|jpg|png)$ - [F,NC]
-</pre>
+RewriteRule \.(gif|jpg|png)$ - [F,NC]</pre>
<p>In this second example, instead of failing the request, we display
an alternate image instead.</p>
-<pre class="prettyprint lang-config">
-RewriteCond %{HTTP_REFERER} !^$
+<pre class="prettyprint lang-config">RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !www.example.com [NC]
-RewriteRule \.(gif|jpg|png)$ /images/go-away.png [R,NC]
-</pre>
+RewriteRule \.(gif|jpg|png)$ /images/go-away.png [R,NC]</pre>
<p>In the third example, we redirect the request to an image on some
other site.</p>
-<pre class="prettyprint lang-config">
-RewriteCond %{HTTP_REFERER} !^$
+<pre class="prettyprint lang-config">RewriteCond %{HTTP_REFERER} !^$
RewriteCond %{HTTP_REFERER} !www.example.com [NC]
-RewriteRule \.(gif|jpg|png)$ http://other.example.com/image.gif [R,NC]
-</pre>
+RewriteRule \.(gif|jpg|png)$ http://other.example.com/image.gif [R,NC]</pre>
<p>Of these techniques, the last two tend to be the most effective
than redirecting that request elsewhere, this can be
accomplished without the use of mod_rewrite:</p>
- <pre class="prettyprint lang-config">
-SetEnvIf Referer example\.com localreferer
+ <pre class="prettyprint lang-config">SetEnvIf Referer example\.com localreferer
<FilesMatch \.(jpg|png|gif)$>
Require env localreferer
-</FilesMatch>
- </pre>
+</FilesMatch></pre>
</dd>
</dl>
range, if you are trying to block that user agent only from the
particular source.</p>
-<pre class="prettyprint lang-config">
-RewriteCond %{HTTP_USER_AGENT} ^NameOfBadRobot
+<pre class="prettyprint lang-config">RewriteCond %{HTTP_USER_AGENT} ^NameOfBadRobot
RewriteCond %{REMOTE_ADDR} =123\.45\.67\.[8-9]
-RewriteRule ^/secret/files/ - [F]
-</pre>
+RewriteRule ^/secret/files/ - [F]</pre>
</dd>
Rather than using mod_rewrite for this, you can accomplish the
same end using alternate means, as illustrated here:
</p>
- <pre class="prettyprint lang-config">
-SetEnvIfNoCase User-Agent ^NameOfBadRobot goaway
+ <pre class="prettyprint lang-config">SetEnvIfNoCase User-Agent ^NameOfBadRobot goaway
<Location /secret/files>
<RequireAll>
Require all granted
Require not env goaway
</RequireAll>
-</Location>
- </pre>
+</Location></pre>
<p>
As noted above, this technique is trivial to circumvent, by simply
<dt>Solution:</dt>
<dd>
-<pre class="prettyprint lang-config">
-RewriteEngine on
+<pre class="prettyprint lang-config">RewriteEngine on
RewriteMap hosts-deny txt:/path/to/hosts.deny
RewriteCond ${hosts-deny:%{REMOTE_ADDR}|NOT-FOUND} !=NOT-FOUND [OR]
RewriteCond ${hosts-deny:%{REMOTE_HOST}|NOT-FOUND} !=NOT-FOUND
-RewriteRule ^ - [F]
-</pre>
+RewriteRule ^ - [F]</pre>
<div class="example"><p><code>
<p>The following ruleset uses a map file to associate each Referer
with a redirection target.</p>
-<pre class="prettyprint lang-config">
-RewriteMap deflector txt:/path/to/deflector.map
+<pre class="prettyprint lang-config">RewriteMap deflector txt:/path/to/deflector.map
RewriteCond %{HTTP_REFERER} !=""
RewriteCond ${deflector:%{HTTP_REFERER}} =-
RewriteCond %{HTTP_REFERER} !=""
RewriteCond ${deflector:%{HTTP_REFERER}|NOT-FOUND} !=NOT-FOUND
-RewriteRule ^ ${deflector:%{HTTP_REFERER}} [R,L]
-</pre>
+RewriteRule ^ ${deflector:%{HTTP_REFERER}} [R,L]</pre>
<p>The map file lists redirection targets for each referer, or, if
we just wish to redirect back to where they came from, a "-" is
placed in the map:</p>
-<pre class="prettyprint lang-config">
-##<br />
+<pre class="prettyprint lang-config">##<br />
## deflector.map<br />
##<br />
<br />
http://badguys.example.com/bad/index.html -<br />
http://badguys.example.com/bad/index2.html -<br />
-http://badguys.example.com/bad/index3.html http://somewhere.example.com/
-</pre>
+http://badguys.example.com/bad/index3.html http://somewhere.example.com/</pre>
</dd>
files assuming that server0 is a default server which will be used if
a user has no entry in the map:</p>
-<pre class="prettyprint lang-config">
-RewriteEngine on
+<pre class="prettyprint lang-config">RewriteEngine on
RewriteMap users-to-hosts txt:/path/to/map.users-to-hosts
-RewriteRule ^/u/([^/]+)/?(.*) http://${users-to-hosts:$1|server0}/u/$1/$2
-</pre>
+RewriteRule ^/u/([^/]+)/?(.*) http://${users-to-hosts:$1|server0}/u/$1/$2</pre>
</dd>
</dl>
<dd>
This is done via the following ruleset:
-<pre class="prettyprint lang-config">
-# This example is valid in per-directory context only
+<pre class="prettyprint lang-config"># This example is valid in per-directory context only
RewriteCond %{REQUEST_URI} !-U
-RewriteRule ^(.+)\.html$ /regenerate_page.cgi [PT,L]
-</pre>
+RewriteRule ^(.+)\.html$ /regenerate_page.cgi [PT,L]</pre>
<p>The <code>-U</code> operator determines whether the test string
<p>We'll use <code class="directive"><a href="../mod/mod_rewrite.html#rewritemap">RewriteMap</a></code> and a list of servers
to accomplish this.</p>
-<pre class="prettyprint lang-config">
-RewriteEngine on
+<pre class="prettyprint lang-config">RewriteEngine on
RewriteMap lb rnd:/path/to/serverlist.txt
-RewriteRule ^/(.*) http://${lb:servers}/$1 [P,L]
-</pre>
+RewriteRule ^/(.*) http://${lb:servers}/$1 [P,L]</pre>
<p><code>serverlist.txt</code> will contain a list of the servers:</p>
URL causes the 'page' to be refreshed every time it is
updated on the filesystem.</p>
-<pre class="prettyprint lang-config">
-RewriteRule ^(/[uge]/[^/]+/?.*):refresh /internal/cgi/apache/nph-refresh?f=$1
-</pre>
+<pre class="prettyprint lang-config">RewriteRule ^(/[uge]/[^/]+/?.*):refresh /internal/cgi/apache/nph-refresh?f=$1</pre>
<p>Now when we reference the URL</p>
one would usually say "left as an exercise to the reader"
;-) I will provide this, too.</p>
-<pre class="prettyprint lang-perl">
-#!/sw/bin/perl
+<pre class="prettyprint lang-perl">#!/sw/bin/perl
##
## nph-refresh -- NPH/CGI script for auto refreshing pages
## Copyright (c) 1997 Ralf S. Engelschall, All Rights Reserved.
exit(0);
-##EOF##
-</pre>
+##EOF##</pre>
</dd>
</dl>
<p>We use the following ruleset to expand the tilde URLs
into the above layout.</p>
-<pre class="prettyprint lang-config">
-RewriteEngine on
-RewriteRule ^/~(<strong>([a-z])</strong>[a-z0-9]+)(.*) /home/<strong>$2</strong>/$1/public_html$3
-</pre>
+<pre class="prettyprint lang-config">RewriteEngine on
+RewriteRule ^/~(<strong>([a-z])</strong>[a-z0-9]+)(.*) /home/<strong>$2</strong>/$1/public_html$3</pre>
</dd>
</dl>
<code>>STRING</code> and <code>=STRING</code> we can
do time-dependent redirects:</p>
-<pre class="prettyprint lang-config">
-RewriteEngine on
+<pre class="prettyprint lang-config">RewriteEngine on
RewriteCond %{TIME_HOUR}%{TIME_MIN} >0700
RewriteCond %{TIME_HOUR}%{TIME_MIN} <1900
RewriteRule ^foo\.html$ foo.day.html [L]
-RewriteRule ^foo\.html$ foo.night.html
-</pre>
+RewriteRule ^foo\.html$ foo.night.html</pre>
<p>This provides the content of <code>foo.day.html</code>
<dd>
<p>Use the [E] flag to set an environment variable.</p>
-<pre class="prettyprint lang-config">
-RewriteEngine on
-RewriteRule ^/horse/(.*) /pony/$1 [E=<strong>rewritten:1</strong>]
-</pre>
+<pre class="prettyprint lang-config">RewriteEngine on
+RewriteRule ^/horse/(.*) /pony/$1 [E=<strong>rewritten:1</strong>]</pre>
<p>Later in your ruleset you might check for this environment
variable using a RewriteCond:</p>
-<pre class="prettyprint lang-config">
-RewriteCond %{ENV:rewritten} =1
-</pre>
+<pre class="prettyprint lang-config">RewriteCond %{ENV:rewritten} =1</pre>
<p>Note that environment variables do not survive an external
<p>To redirect <code>http</code> URLs to <code>https</code>, do the
following:</p>
-<pre class="prettyprint lang-config">
-<VirtualHost *:80>
+<pre class="prettyprint lang-config"><VirtualHost *:80>
ServerName www.example.com
Redirect / https://www.example.com/
</VirtualHost >
<VirtualHost *:443>
ServerName www.example.com
# ... SSL configuration goes here
-</VirtualHost >
-</pre>
+</VirtualHost ></pre>
<p>The use of <code>RewriteRule</code> to perform this task may be
<p><code>RewriteRule</code> provides the <a href="flags.html#flag_p">[P]</a> flag to pass rewritten URIs through
<code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code>.</p>
-<pre class="prettyprint lang-config">
-RewriteRule ^/?images(.*) http://imageserver.local/images$1 [P]
-</pre>
+<pre class="prettyprint lang-config">RewriteRule ^/?images(.*) http://imageserver.local/images$1 [P]</pre>
<p>However, in many cases, when there is no actual pattern matching
needed, as in the example shown above, the <code class="directive"><a href="../mod/mod_proxy.html#proxypass">ProxyPass</a></code> directive is a better choice.
The example here could be rendered as:</p>
-<pre class="prettyprint lang-config">
-ProxyPass /images/ http://imageserver.local/images/
-</pre>
+<pre class="prettyprint lang-config">ProxyPass /images/ http://imageserver.local/images/</pre>
<p>Note that whether you use <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> or <code class="directive"><a href="../mod/mod_proxy.html#proxypass">ProxyPass</a></code>, you'll still need to use the
<code class="directive"><a href="../mod/mod_proxy.html#proxypassreverse">ProxyPassReverse</a></code> directive to
catch redirects issued from the back-end server:</p>
-<pre class="prettyprint lang-config">
-ProxyPassReverse /images/ http://imageserver.local/images/
-</pre>
+<pre class="prettyprint lang-config">ProxyPassReverse /images/ http://imageserver.local/images/</pre>
<p>You may need to use <code>RewriteRule</code> instead when there are
hostname, such as <code>www.example.com</code> instead of
<code>example.com</code>. This can be done using the <code class="directive"><a href="../mod/core.html#if"><If></a></code> directive, as shown here:</p>
-<pre class="prettyprint lang-config">
-<If "req('Host') != 'www.example.com'">
+<pre class="prettyprint lang-config"><If "req('Host') != 'www.example.com'">
Redirect / http://www.example.com/
-</If>
-</pre>
+</If></pre>
<p>This technique can be used to take actions based on any request
<p>Consider this example:</p>
-<pre class="prettyprint lang-config">
-RewriteEngine On
-RewriteRule ^/index\.html - [CO=frontdoor:yes:.example.com:1440:/]
-</pre>
+<pre class="prettyprint lang-config">RewriteEngine On
+RewriteRule ^/index\.html - [CO=frontdoor:yes:.example.com:1440:/]</pre>
<p>In the example give, the rule doesn't rewrite the request.
environment variable is used to exclude those requests from the access
log.</p>
-<pre class="prettyprint lang-config">
-RewriteRule \.(png|gif|jpg)$ - [E=image:1]
-CustomLog logs/access_log combined env=!image
-</pre>
+<pre class="prettyprint lang-config">RewriteRule \.(png|gif|jpg)$ - [E=image:1]
+CustomLog logs/access_log combined env=!image</pre>
<p>Note that this same effect can be obtained using <code class="directive"><a href="../mod/mod_setenvif.html#setenvif">SetEnvIf</a></code>. This technique is offered as
<code>.php</code> files to be <em>displayed</em> by <code>mod_php</code>
if they are requested with the <code>.phps</code> extension:</p>
-<pre class="prettyprint lang-config">
-RewriteRule ^(/source/.+\.php)s$ $1 [H=application/x-httpd-php-source]
-</pre>
+<pre class="prettyprint lang-config">RewriteRule ^(/source/.+\.php)s$ $1 [H=application/x-httpd-php-source]</pre>
<p>The regular expression above - <code>^(/source/.+\.php)s$</code> - will
argument to <code>index.php</code>, however, the <code class="directive"><a href="../mod/mod_rewrite.html#rewritecond">RewriteCond</a></code> ensures that if the request
is already for <code>index.php</code>, the <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> will be skipped.</p>
-<pre class="prettyprint lang-config">
-RewriteBase /
+<pre class="prettyprint lang-config">RewriteBase /
RewriteCond %{REQUEST_URI} !=/index.php
-RewriteRule ^(.*) /index.php?req=$1 [L,PT]
-</pre>
+RewriteRule ^(.*) /index.php?req=$1 [L,PT]</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<p>In 2.5.0 and later, this module returns an error after 10,000 iterations to
protect against unintended looping. An alternative maximum number of
iterations can be specified by adding to the N flag. </p>
-<pre class="prettyprint lang-config">
-# Be willing to replace 1 character in each pass of the loop
+<pre class="prettyprint lang-config"># Be willing to replace 1 character in each pass of the loop
RewriteRule (.+)[><;]$ $1 [N=32000]
# ... or, give up if after 10 loops
-RewriteRule (.+)[><;]$ $1 [N=10]
-</pre>
+RewriteRule (.+)[><;]$ $1 [N=10]</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<code class="directive"><a href="../mod/mod_alias.html#alias">Alias</a></code> is evaluated.
</p>
-<pre class="prettyprint lang-config">
-Alias /icons /usr/local/apache/icons
-RewriteRule /pics/(.+)\.jpg$ /icons/$1.gif [PT]
-</pre>
+<pre class="prettyprint lang-config">Alias /icons /usr/local/apache/icons
+RewriteRule /pics/(.+)\.jpg$ /icons/$1.gif [PT]</pre>
<p>
RewriteRule</a></code> if the requested URI doesn't correspond with an
actual file.</p>
-<pre class="prettyprint lang-config">
-# Is the request for a non-existent file?
+<pre class="prettyprint lang-config"># Is the request for a non-existent file?
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# If so, skip these two RewriteRules
RewriteRule .? - [S=2]
RewriteRule (.*\.gif) images.php?$1
-RewriteRule (.*\.html) docs.php?$1
-</pre>
+RewriteRule (.*\.html) docs.php?$1</pre>
<p>This technique is useful because a <code class="directive"><a href="../mod/mod_rewrite.html#rewritecond">RewriteCond</a></code> only applies to the
use this to make pseudo if-then-else constructs: The last rule of
the then-clause becomes <code>skip=N</code>, where N is the
number of rules in the else-clause:</p>
-<pre class="prettyprint lang-config">
-# Does the file exist?
+<pre class="prettyprint lang-config"># Does the file exist?
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# Create an if-then-else construct by skipping 3 lines if we meant to go to the "else" stanza.
RewriteRule .? - [S=1]
# ELSE...
RewriteRule (.*) 404.php?file=$1
-# END
-</pre>
+# END</pre>
<p>It is probably easier to accomplish this kind of configuration using
<p>For example, you might use the following technique to serve Perl
source code as plain text, if requested in a particular way:</p>
-<pre class="prettyprint lang-config">
-# Serve .pl files as plain text
-RewriteRule \.pl$ - [T=text/plain]
-</pre>
+<pre class="prettyprint lang-config"># Serve .pl files as plain text
+RewriteRule \.pl$ - [T=text/plain]</pre>
<p>Or, perhaps, if you have a camera that produces jpeg images without
file extensions, you could force those images to be served with the
correct MIME type by virtue of their file names:</p>
-<pre class="prettyprint lang-config">
-# Files with 'IMG' in the name are jpg images.
-RewriteRule IMG - [T=image/jpg]
-</pre>
+<pre class="prettyprint lang-config"># Files with 'IMG' in the name are jpg images.
+RewriteRule IMG - [T=image/jpg]</pre>
<p>Please note that this is a trivial example, and could be better done
<p>Voici un exemple :</p>
-<pre class="prettyprint lang-config">
-RewriteEngine On
-RewriteRule ^/index\.html - [CO=frontdoor:yes:.example.org:1440:/]
-</pre>
+<pre class="prettyprint lang-config">RewriteEngine On
+RewriteRule ^/index\.html - [CO=frontdoor:yes:.example.org:1440:/]</pre>
<p>Dans l'exemple ci-dessus, la règle ne réécrit
<em>affichés</em> par <code>mod_php</code> dans le cas où ils font
l'objet d'une requête avec l'extension <code>.phps</code> :</p>
-<pre class="prettyprint lang-config">
-RewriteRule ^(/source/.+\.php)s$ $1 [H=application/x-httpd-php-source]
-</pre>
+<pre class="prettyprint lang-config">RewriteRule ^(/source/.+\.php)s$ $1 [H=application/x-httpd-php-source]</pre>
directive <code class="directive"><a href="../mod/mod_rewrite.html#rewritecond">RewriteCond</a></code> permet de s'assurer que si
la requête concerne déjà <code>index.php</code>, la directive <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> sera sautée.</p>
-<pre class="prettyprint lang-config">
-RewriteBase /
+<pre class="prettyprint lang-config">RewriteBase /
RewriteCond %{REQUEST_URI} !=/index.php
-RewriteRule ^(.*) /index.php?req=$1 [L,PT]
-</pre>
+RewriteRule ^(.*) /index.php?req=$1 [L,PT]</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<p>A partir de la version 2.5.0, ce module renvoie une erreur après
10000 itérations afin d'éviter les boucles infinies. Ce nombre maximum
d'itération peut être modifié via le drapeau N.</p>
-<pre class="prettyprint lang-config">
-# On veut remplacer 1 caractère à chaque itération de la boucle
+<pre class="prettyprint lang-config"># On veut remplacer 1 caractère à chaque itération de la boucle
RewriteRule (.+)[><;]$ $1 [N=32000]
# ... ou s'arrêter après 10 itérations
-RewriteRule (.+)[><;]$ $1 [N=10]
-</pre>
+RewriteRule (.+)[><;]$ $1 [N=10]</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
vous devez utiliser le drapeau [PT] pour être sûr que l'<code class="directive"><a href="../mod/mod_alias.html#alias">Alias</a></code> sera bien évalué.
</p>
-<pre class="prettyprint lang-config">
-Alias /icons /usr/local/apache/icons
-RewriteRule /pics/(.+)\.jpg$ /icons/$1.gif [PT]
-</pre>
+<pre class="prettyprint lang-config">Alias /icons /usr/local/apache/icons
+RewriteRule /pics/(.+)\.jpg$ /icons/$1.gif [PT]</pre>
<p>
<code>goto</code> dans votre jeu de règles de réécriture. Dans
l'exemple suivant, nous ne voulons exécuter la règle <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> que si l'URI demandé ne
correspond pas à un fichier existant.</p>
-<pre class="prettyprint lang-config">
-# La requête concerne-t-elle un fichier qui n'existe pas ?
+<pre class="prettyprint lang-config"># La requête concerne-t-elle un fichier qui n'existe pas ?
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# Si c'est la cas, on saute les deux règles de réécriture suivantes
RewriteRule .? - [S=2]
RewriteRule (.*\.gif) images.php?$1
-RewriteRule (.*\.html) docs.php?$1
-</pre>
+RewriteRule (.*\.html) docs.php?$1</pre>
d'élaborer des pseudo-constructions if-then-else : la dernière règle du
bloc then contiendra <code>skip=N</code>, où N est le nombre de règles
contenues dans le bloc else :</p>
-<pre class="prettyprint lang-config">
-# Est-ce que le fichier existe ?
+<pre class="prettyprint lang-config"># Est-ce que le fichier existe ?
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
# Create an if-then-else construct by skipping 3 lines if we meant to go to the "else" stanza.
RewriteRule .? - [S=1]
# ELSE...
RewriteRule (.*) 404.php?file=$1
-# END
-</pre>
+# END</pre>
<p>Il est probablement plus aisé de définir ce genre de configuration
du code source Perl en tant que plein texte, s'il est requis d'une
certaine manière :</p>
-<pre class="prettyprint lang-config">
-# Sert les fichier .pl en tant que plein texte
-RewriteRule \.pl$ - [T=text/plain]
-</pre>
+<pre class="prettyprint lang-config"># Sert les fichier .pl en tant que plein texte
+RewriteRule \.pl$ - [T=text/plain]</pre>
<p>Ou encore, si vous possédez une caméra qui produit des fichiers
images jpeg sans extension, vous pouvez forcer le renvoi de ces images
avec le type MIME correct en se basant sur le nom du fichier :</p>
-<pre class="prettyprint lang-config">
-# Les fichiers dont le nom contient 'IMG' sont des images jpg.
-RewriteRule IMG - [T=image/jpg]
-</pre>
+<pre class="prettyprint lang-config"># Les fichiers dont le nom contient 'IMG' sont des images jpg.
+RewriteRule IMG - [T=image/jpg]</pre>
<p>Notez cependant qu'il s'agit d'un exemple trivial, et que le problème
<dl>
<dt>A full filesystem path to a resource</dt>
<dd>
-<pre class="prettyprint lang-config">
-RewriteRule ^/games /usr/local/games/web
-</pre>
+<pre class="prettyprint lang-config">RewriteRule ^/games /usr/local/games/web</pre>
<p>This maps a request to an arbitrary location on your filesystem, much
like the <code class="directive"><a href="../mod/mod_alias.html#alias">Alias</a></code> directive.</p>
<dt>A web-path to a resource</dt>
<dd>
-<pre class="prettyprint lang-config">
-RewriteRule ^/foo$ /bar
-</pre>
+<pre class="prettyprint lang-config">RewriteRule ^/foo$ /bar</pre>
<p>If <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> is set
to <code>/usr/local/apache2/htdocs</code>, then this directive would
<dt>An absolute URL</dt>
<dd>
-<pre class="prettyprint lang-config">
-RewriteRule ^/product/view$ http://site2.example.com/seeproduct.html [R]
-</pre>
+<pre class="prettyprint lang-config">RewriteRule ^/product/view$ http://site2.example.com/seeproduct.html [R]</pre>
<p>This tells the client to make a new request for the specified URL.</p>
</dd>
<p>The <var>Substitution</var> can also
contain <em>back-references</em> to parts of the incoming URL-path
matched by the <var>Pattern</var>. Consider the following:</p>
-<pre class="prettyprint lang-config">
-RewriteRule ^/product/(.*)/view$ /var/web/productdb/$1
-</pre>
+<pre class="prettyprint lang-config">RewriteRule ^/product/(.*)/view$ /var/web/productdb/$1</pre>
<p>The variable <code>$1</code> will be replaced with whatever text
was matched by the expression inside the parenthesis in
matching behavior of a rule can be made case-insensitive by the
application of the <code>[NC]</code> flag:
</p>
-<pre class="prettyprint lang-config">
-RewriteRule ^puppy.html smalldog.html [NC]
-</pre>
+<pre class="prettyprint lang-config">RewriteRule ^puppy.html smalldog.html [NC]</pre>
<p>For more details on the available flags, their meanings, and
<p>For example, to send all requests from a particular IP range to a
different server, you could use:</p>
-<pre class="prettyprint lang-config">
-RewriteCond %{REMOTE_ADDR} ^10\.2\.
-RewriteRule (.*) http://intranet.example.com$1
-</pre>
+<pre class="prettyprint lang-config">RewriteCond %{REMOTE_ADDR} ^10\.2\.
+RewriteRule (.*) http://intranet.example.com$1</pre>
<p>When more than
applied. For example, to deny requests that contain the word "hack" in
their query string, unless they also contain a cookie containing
the word "go", you could use:</p>
-<pre class="prettyprint lang-config">
-RewriteCond %{QUERY_STRING} hack
+<pre class="prettyprint lang-config">RewriteCond %{QUERY_STRING} hack
RewriteCond %{HTTP_COOKIE} !go
-RewriteRule . - [F]
-</pre>
+RewriteRule . - [F]</pre>
<p>Notice that the exclamation mark specifies a negative match, so the rule is only applied if the cookie does not contain "go".</p>
variables <code>%1</code>, <code>%2</code>, etc. For example, this
will direct the request to a different directory depending on the
hostname used to access the site:</p>
-<pre class="prettyprint lang-config">
-RewriteCond %{HTTP_HOST} (.*)
-RewriteRule ^/(.*) /sites/%1/$1
-</pre>
+<pre class="prettyprint lang-config">RewriteCond %{HTTP_HOST} (.*)
+RewriteRule ^/(.*) /sites/%1/$1</pre>
<p>If the request was for <code>http://example.com/foo/bar</code>,
then <code>%1</code> would contain <code>example.com</code>
<dl>
<dt>Un chemin complet du système de fichiers vers une ressource</dt>
<dd>
-<pre class="prettyprint lang-config">
-RewriteRule ^/jeux /usr/local/jeux/web
-</pre>
+<pre class="prettyprint lang-config">RewriteRule ^/jeux /usr/local/jeux/web</pre>
<p>Ceci peut faire correspondre une requête à toute localisation voulue de
votre système de fichiers, un peu comme la directive <code class="directive"><a href="../mod/mod_alias.html#alias">Alias</a></code>.</p>
<dt>Un chemin web vers une ressource</dt>
<dd>
-<pre class="prettyprint lang-config">
-RewriteRule ^/foo$ /bar
-</pre>
+<pre class="prettyprint lang-config">RewriteRule ^/foo$ /bar</pre>
<p>Si la directive <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> a
pour valeur <code>/usr/local/apache2/htdocs</code>, cette règle va faire
<dt>Une URL absolue</dt>
<dd>
-<pre class="prettyprint lang-config">
-RewriteRule ^/produits/vues$ http://site2.example.com/voirproduits.html [R]
-</pre>
+<pre class="prettyprint lang-config">RewriteRule ^/produits/vues$ http://site2.example.com/voirproduits.html [R]</pre>
<p>Ceci informe le client qu'il doit effectuer une nouvelle requête vers
l'URL spécifiée.</p>
<p>La chaîne de <var>Substitution</var> peut aussi contenir des
<em>références arrières</em> vers des parties du chemin d'URL entrant
correspondant au <var>Modèle</var>. Considérons ce qui suit :</p>
-<pre class="prettyprint lang-config">
-RewriteRule ^/produits/(.*)/view$ /var/web/produitsdb/$1
-</pre>
+<pre class="prettyprint lang-config">RewriteRule ^/produits/(.*)/view$ /var/web/produitsdb/$1</pre>
<p>La variable <code>$1</code> sera remplacée par tout texte
correspondant à l'expression située entre les parenthèses dans le
conditions de correspondance d'une règle peuvent être rendues
insensibles à la casse par la présence du drapeau <code>[NC]</code> :
</p>
-<pre class="prettyprint lang-config">
-RewriteRule ^puppy.html petitchien.html [NC]
-</pre>
+<pre class="prettyprint lang-config">RewriteRule ^puppy.html petitchien.html [NC]</pre>
<p>Pour une liste des drapeaux disponibles, leurs significations, et des
<p>Par exemple, pour renvoyer toutes les requêtes en provenance d'une
certaine tranche d'adresses IP vers un autre serveur, vous pouvez
utiliser :</p>
-<pre class="prettyprint lang-config">
-RewriteCond %{REMOTE_ADDR} ^10\.2\.
-RewriteRule (.*) http://intranet.example.com$1
-</pre>
+<pre class="prettyprint lang-config">RewriteCond %{REMOTE_ADDR} ^10\.2\.
+RewriteRule (.*) http://intranet.example.com$1</pre>
<p>Si vous spécifiez plus d'une directive <code class="directive"><a href="../mod/mod_rewrite.html#rewritecond">RewriteCond</a></code>, ces directives
pour interdire les requêtes qui contiennent le mot "hack" dans la chaîne
de requête, sauf si elles contiennent aussi un cookie contenant le mot
"go", vous pouvez utiliser :</p>
-<pre class="prettyprint lang-config">
-RewriteCond %{QUERY_STRING} hack
+<pre class="prettyprint lang-config">RewriteCond %{QUERY_STRING} hack
RewriteCond %{HTTP_COOKIE} !go
-RewriteRule . - [F]
-</pre>
+RewriteRule . - [F]</pre>
<p>Notez que le point d'exclamation indique une correspondance négative
; ainsi, la règle n'est appliquée que si le cookie ne contient pas "go"</p>
les variables <code>%1</code>, <code>%2</code>, etc... Par
exemple, ce qui suit va diriger la requête vers un répertoire différent
en fonction du nom d'hôte utilisé pour accéder au site :</p>
-<pre class="prettyprint lang-config">
-RewriteCond %{HTTP_HOST} (.*)
-RewriteRule ^/(.*) /sites/%1/$1
-</pre>
+<pre class="prettyprint lang-config">RewriteCond %{HTTP_HOST} (.*)
+RewriteRule ^/(.*) /sites/%1/$1</pre>
<p>Si la requête concernait <code>http://example.com/foo/bar</code>,
alors <code>%1</code> contiendrait <code>example.com</code> et
<p>To simply map a URL to another server, we use the [P] flag, as
follows:</p>
-<pre class="prettyprint lang-config">
-RewriteEngine on
+<pre class="prettyprint lang-config">RewriteEngine on
RewriteBase /products/
RewriteRule ^widget/(.*)$ http://product.example.com/widget/$1 [P]
-ProxyPassReverse /products/widget/ http://product.example.com/widget/
-</pre>
+ProxyPassReverse /products/widget/ http://product.example.com/widget/</pre>
<p>In the second example, we proxy the request only if we can't find
from one server to another, and you're not sure if all the content
has been migrated yet.</p>
-<pre class="prettyprint lang-config">
-RewriteCond %{REQUEST_FILENAME} !-f
+<pre class="prettyprint lang-config">RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^/(.*) http://old.example.com/$1 [P]
-ProxyPassReverse / http://old.example.com/
-</pre>
+ProxyPassReverse / http://old.example.com/</pre>
</dd>
<p>We rewrite the old URL to the new one internally via the
following rule:</p>
-<pre class="prettyprint lang-config">
-RewriteEngine on
-RewriteRule ^<strong>/foo</strong>\.html$ <strong>/bar</strong>.html [PT]
-</pre>
+<pre class="prettyprint lang-config">RewriteEngine on
+RewriteRule ^<strong>/foo</strong>\.html$ <strong>/bar</strong>.html [PT]</pre>
</dd>
</dl>
<p>We force a HTTP redirect to the new URL which leads to a
change of the browsers and thus the users view:</p>
-<pre class="prettyprint lang-config">
-RewriteEngine on
-RewriteRule ^<strong>/foo</strong>\.html$ <strong>bar</strong>.html [<strong>R</strong>]
-</pre>
+<pre class="prettyprint lang-config">RewriteEngine on
+RewriteRule ^<strong>/foo</strong>\.html$ <strong>bar</strong>.html [<strong>R</strong>]</pre>
</dd>
<pre class="prettyprint lang-config">#With mod_rewrite
RewriteEngine on
-RewriteRule ^/docs/(.+) http://new.example.com/docs/$1 [R,L]
-</pre>
+RewriteRule ^/docs/(.+) http://new.example.com/docs/$1 [R,L]</pre>
<pre class="prettyprint lang-config">#With RedirectMatch
-RedirectMatch ^/docs/(.*) http://new.example.com/docs/$1
-</pre>
+RedirectMatch ^/docs/(.*) http://new.example.com/docs/$1</pre>
<pre class="prettyprint lang-config">#With Redirect
-Redirect /docs/ http://new.example.com/docs/
-</pre>
+Redirect /docs/ http://new.example.com/docs/</pre>
</dd>
</dl>
internally leads to the invocation of
<code>/~quux/foo.cgi</code>.</p>
-<pre class="prettyprint lang-config">
-RewriteEngine on
+<pre class="prettyprint lang-config">RewriteEngine on
RewriteBase /~quux/
-RewriteRule ^foo\.html$ foo.cgi [H=<strong>cgi-script</strong>]
-</pre>
+RewriteRule ^foo\.html$ foo.cgi [H=<strong>cgi-script</strong>]</pre>
</dd>
</dl>
existence of the new extension. If it exists, we take
that name, else we rewrite the URL to its original state.</p>
-<pre class="prettyprint lang-config">
-# backward compatibility ruleset for
+<pre class="prettyprint lang-config"># backward compatibility ruleset for
# rewriting document.html to document.php
# when and only when document.php exists
<Directory /var/www/htdocs>
RewriteCond $1.php -f
RewriteCond $1.html !-f
RewriteRule ^(.*).html$ $1.php
-</Directory>
-</pre>
+</Directory></pre>
</dd>
directive placed in a virtual host for the non-canonical
hostname(s).</p>
-<pre class="prettyprint lang-config">
-<VirtualHost *:80>
+<pre class="prettyprint lang-config"><VirtualHost *:80>
ServerName undesired.example.com
ServerAlias example.com notthis.example.com
<VirtualHost *:80>
ServerName www.example.com
-</VirtualHost>
-</pre>
+</VirtualHost></pre>
<p>You can alternatively accomplish this using the
<code class="directive"><a href="../mod/core.html#if"><If></a></code>
directive:</p>
-<pre class="prettyprint lang-config">
-<If "%{HTTP_HOST} != 'www.example.com'">
+<pre class="prettyprint lang-config"><If "%{HTTP_HOST} != 'www.example.com'">
Redirect / http://www.example.com/
-</If>
-</pre>
+</If></pre>
<p>Or, for example, to redirect a portion of your site to HTTPS, you
might do the following:</p>
-<pre class="prettyprint lang-config">
-<If "%{SERVER_PROTOCOL} != 'HTTPS'">
+<pre class="prettyprint lang-config"><If "%{SERVER_PROTOCOL} != 'HTTPS'">
Redirect /admin/ https://www.example.com/admin/
-</If>
-</pre>
+</If></pre>
<p>If, for whatever reason, you still want to use <code>mod_rewrite</code>
you might use one of the recipes below.</p>
<p>For sites running on a port other than 80:</p>
-<pre class="prettyprint lang-config">
-RewriteCond %{HTTP_HOST} !^www\.example\.com [NC]
+<pre class="prettyprint lang-config">RewriteCond %{HTTP_HOST} !^www\.example\.com [NC]
RewriteCond %{HTTP_HOST} !^$
RewriteCond %{SERVER_PORT} !^80$
-RewriteRule ^/?(.*) http://www.example.com:%{SERVER_PORT}/$1 [L,R,NE]
-</pre>
+RewriteRule ^/?(.*) http://www.example.com:%{SERVER_PORT}/$1 [L,R,NE]</pre>
<p>And for a site running on port 80</p>
-<pre class="prettyprint lang-config">
-RewriteCond %{HTTP_HOST} !^www\.example\.com [NC]
+<pre class="prettyprint lang-config">RewriteCond %{HTTP_HOST} !^www\.example\.com [NC]
RewriteCond %{HTTP_HOST} !^$
-RewriteRule ^/?(.*) http://www.example.com/$1 [L,R,NE]
-</pre>
+RewriteRule ^/?(.*) http://www.example.com/$1 [L,R,NE]</pre>
<p>
<strong>example.com</strong>, you could use the following
recipe:</p>
-<pre class="prettyprint lang-config">
-RewriteCond %{HTTP_HOST} !^www\. [NC]
+<pre class="prettyprint lang-config">RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteCond %{HTTP_HOST} !^$
-RewriteRule ^/?(.*) http://www.%{HTTP_HOST}/$1 [L,R,NE]
-</pre>
+RewriteRule ^/?(.*) http://www.%{HTTP_HOST}/$1 [L,R,NE]</pre>
<p>These rulesets will work either in your main server configuration
resource, and, if not finding it in either place, will attempt to
just serve it out of the location requested.</p>
-<pre class="prettyprint lang-config">
-RewriteEngine on
+<pre class="prettyprint lang-config">RewriteEngine on
# first try to find it in dir1/...
# ...and if found stop and be happy:
# else go on for other Alias or ScriptAlias directives,
# etc.
-RewriteRule ^ - [PT]
-</pre>
+RewriteRule ^ - [PT]</pre>
</dd>
</dl>
<p>We'll use a <code class="directive"><a href="../mod/mod_rewrite.html#rewritemap">RewriteMap</a></code>
directive to build a list of servers that we wish to use.</p>
-<pre class="prettyprint lang-config">
-HostnameLookups on
+<pre class="prettyprint lang-config">HostnameLookups on
RewriteEngine on
RewriteMap multiplex txt:/path/to/map.mirrors
RewriteCond %{REMOTE_HOST} ([a-z]+)$ [NC]
-RewriteRule ^/(.*)$ ${multiplex:<strong>%1</strong>|http://www.example.com/}$1 [R,L]
-</pre>
+RewriteRule ^/(.*)$ ${multiplex:<strong>%1</strong>|http://www.example.com/}$1 [R,L]</pre>
<div class="example"><p><code>
All other browsers receive page <code>foo.32.html</code>.
This is done with the following ruleset:</p>
-<pre class="prettyprint lang-config">
-RewriteCond %{HTTP_USER_AGENT} ^<strong>Mozilla/3</strong>.*
+<pre class="prettyprint lang-config">RewriteCond %{HTTP_USER_AGENT} ^<strong>Mozilla/3</strong>.*
RewriteRule ^foo\.html$ foo.<strong>NS</strong>.html [<strong>L</strong>]
RewriteCond %{HTTP_USER_AGENT} ^Lynx/ [OR]
RewriteCond %{HTTP_USER_AGENT} ^Mozilla/[12]
RewriteRule ^foo\.html$ foo.<strong>20</strong>.html [<strong>L</strong>]
-RewriteRule ^foo\.html$ foo.<strong>32</strong>.html [<strong>L</strong>]
-</pre>
+RewriteRule ^foo\.html$ foo.<strong>32</strong>.html [<strong>L</strong>]</pre>
</dd>
</dl>
This should really be accomplished with Redirect or RedirectMatch
directives:
- <pre class="prettyprint lang-config"> RedirectMatch ^/(puppies|canines)/(.*) /dogs/$2 </pre>
+ <pre class="prettyprint lang-config"> RedirectMatch ^/(puppies|canines)/(.*) /dogs/$2</pre>
</dd>
</dl>
<code>/about/</code>:
</p>
-<pre class="prettyprint lang-config">
-RewriteEngine on
-RewriteRule ^/$ /about/ [<strong>R</strong>]
-</pre>
+<pre class="prettyprint lang-config">RewriteEngine on
+RewriteRule ^/$ /about/ [<strong>R</strong>]</pre>
<p>Note that this can also be handled using the <code class="directive"><a href="../mod/mod_alias.html#redirectmatch">RedirectMatch</a></code> directive:</p>
<dd>
<p>As of version 2.2.16, you should use the <code class="directive"><a href="../mod/mod_dir.html#fallbackresource">FallbackResource</a></code> directive for this:</p>
-<pre class="prettyprint lang-config">
-<Directory /var/www/my_blog>
+<pre class="prettyprint lang-config"><Directory /var/www/my_blog>
FallbackResource index.php
-</Directory>
-</pre>
+</Directory></pre>
<p>However, in earlier versions of Apache, or if your needs are more
complicated than this, you can use a variation of the following rewrite
set to accomplish the same thing:</p>
-<pre class="prettyprint lang-config">
-<Directory /var/www/my_blog>
+<pre class="prettyprint lang-config"><Directory /var/www/my_blog>
RewriteBase /my_blog
RewriteCond /var/www/my_blog/%{REQUEST_FILENAME} !-f
RewriteCond /var/www/my_blog/%{REQUEST_FILENAME} !-d
RewriteRule ^ index.php [PT]
-</Directory>
-</pre>
+</Directory></pre>
<p>If, on the other hand, you wish to pass the requested URI as a query
</p>
<p> <strong>Redirect a URI to an all-lowercase version of itself</strong></p>
- <pre class="prettyprint lang-config">
-
-RewriteMap lc int:tolower
-RewriteRule (.*?[A-Z]+.*) ${lc:$1} [R]
- </pre>
+ <pre class="prettyprint lang-config">RewriteMap lc int:tolower
+RewriteRule (.*?[A-Z]+.*) ${lc:$1} [R]</pre>
<div class="note">
product IDs for easier-to-remember URLs, using the following
recipe:</p>
<p><strong>Product to ID configuration</strong></p>
- <pre class="prettyprint lang-config">
-RewriteMap product2id txt:/etc/apache2/productmap.txt
-RewriteRule ^/product/(.*) /prods.php?id=${product2id:$1|NOTFOUND} [PT]
- </pre>
+ <pre class="prettyprint lang-config">RewriteMap product2id txt:/etc/apache2/productmap.txt
+RewriteRule ^/product/(.*) /prods.php?id=${product2id:$1|NOTFOUND} [PT]</pre>
<p>We assume here that the <code>prods.php</code> script knows what
dynamic www5|www6
</code></p></div>
<p><strong>Configuration directives</strong></p>
- <pre class="prettyprint lang-config">
-RewriteMap servers rnd:/path/to/file/map.txt
+ <pre class="prettyprint lang-config">RewriteMap servers rnd:/path/to/file/map.txt
RewriteRule ^/(.*\.(png|gif|jpg)) http://${servers:static}/$1 [NC,P,L]
-RewriteRule ^/(.*) http://${servers:dynamic}/$1 [P,L]
- </pre>
+RewriteRule ^/(.*) http://${servers:dynamic}/$1 [P,L]</pre>
<p>So, when an image is requested and the first of these rules is
<p>You may optionally specify a particular dbm type:</p>
- <pre class="prettyprint lang-config">
-RewriteMap examplemap dbm=sdbm:/etc/apache/mapfile.dbm
- </pre>
+ <pre class="prettyprint lang-config">RewriteMap examplemap dbm=sdbm:/etc/apache/mapfile.dbm</pre>
<p>The type can be sdbm, gdbm, ndbm or db.
<p>You can then reference the resulting file in your
<code>RewriteMap</code> directive:</p>
-<pre class="prettyprint lang-config">
-RewriteMap mapname dbm:/etc/apache/mapfile.map
-</pre>
+<pre class="prettyprint lang-config">RewriteMap mapname dbm:/etc/apache/mapfile.map</pre>
<div class="note">
underscores in a request URI.</p>
<p><strong>Rewrite configuration</strong></p>
- <pre class="prettyprint lang-config">
-
-RewriteMap d2u prg:/www/bin/dash2under.pl<br />
-RewriteRule - ${d2u:%{REQUEST_URI}}
- </pre>
+ <pre class="prettyprint lang-config">RewriteMap d2u prg:/www/bin/dash2under.pl<br />
+RewriteRule - ${d2u:%{REQUEST_URI}}</pre>
<p><strong>dash2under.pl</strong></p>
- <pre class="prettyprint lang-perl">
- #!/usr/bin/perl
+ <pre class="prettyprint lang-perl"> #!/usr/bin/perl
$| = 1; # Turn off I/O buffering
while (<STDIN>) {
s/-/_/g; # Replace dashes with underscores
print $_;
- }
- </pre>
+ }</pre>
<div class="note"><h3>Caution!</h3>
<p>If a query returns more than one row, a random row from
the result set is used.</p>
- <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">
-RewriteMap myquery "fastdbd:SELECT destination FROM rewrite WHERE source = %s"
- </pre>
+ <div class="example"><h3>Example</h3><pre class="prettyprint lang-config">RewriteMap myquery "fastdbd:SELECT destination FROM rewrite WHERE source = %s"</pre>
</div>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<dd>
-<pre class="prettyprint lang-config">
-RewriteEngine on
+<pre class="prettyprint lang-config">RewriteEngine on
RewriteMap lowercase int:tolower
RewriteCond ${lowercase:%{<strong>HTTP_HOST</strong>}} ^www\.<strong>([^.]+)</strong>\.example\.com$
-RewriteRule ^(.*) /home/<strong>%1</strong>/www$1
-</pre>
+RewriteRule ^(.*) /home/<strong>%1</strong>/www$1</pre>
</dd>
<dt>Discussion</dt>
any <code>ScriptAlias</code> directives, we must have
<code>mod_rewrite</code> explicitly enact those mappings.</p>
-<pre class="prettyprint lang-config">
-# get the server name from the Host: header
+<pre class="prettyprint lang-config"># get the server name from the Host: header
UseCanonicalName Off
# splittable logs
## and now deal with CGIs - we have to force a handler
RewriteCond %{REQUEST_URI} ^/cgi-bin/
-RewriteRule ^/(.*)$ /www/hosts/${lowercase:%{SERVER_NAME}}/cgi-bin/$1 [H=cgi-script]
-</pre>
+RewriteRule ^/(.*)$ /www/hosts/${lowercase:%{SERVER_NAME}}/cgi-bin/$1 [H=cgi-script]</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<p>The <code>httpd.conf</code> should contain the following:</p>
-<pre class="prettyprint lang-config">
-RewriteEngine on
+<pre class="prettyprint lang-config">RewriteEngine on
RewriteMap lowercase int:tolower
RewriteCond %{REQUEST_URI} ^/cgi-bin/
RewriteCond ${lowercase:%{SERVER_NAME}} ^(.+)$
RewriteCond ${vhost:%1} ^(/.*)$
-RewriteRule ^/(.*)$ %1/cgi-bin/$1 [H=cgi-script]
-</pre>
+RewriteRule ^/(.*)$ %1/cgi-bin/$1 [H=cgi-script]</pre>
</div></div>
to another site only if the server is started using
<code>httpd -DClosedForNow</code>:</p>
-<pre class="prettyprint lang-config">
-<IfDefine ClosedForNow>
+<pre class="prettyprint lang-config"><IfDefine ClosedForNow>
Redirect / http://otherserver.example.com/
-</IfDefine>
-</pre>
+</IfDefine></pre>
<p>The <code class="directive"><a href="./mod/core.html#ifmodule"><IfModule></a></code>
<p>In the following example, the <code class="directive"><a href="./mod/mod_mime_magic.html#mimemagicfile">MimeMagicFile</a></code> directive will be
applied only if <code class="module"><a href="./mod/mod_mime_magic.html">mod_mime_magic</a></code> is available.</p>
-<pre class="prettyprint lang-config">
-<IfModule mod_mime_magic.c>
+<pre class="prettyprint lang-config"><IfModule mod_mime_magic.c>
MimeMagicFile conf/magic
-</IfModule>
-</pre>
+</IfModule></pre>
<p>The <code class="directive"><a href="./mod/mod_version.html#ifversion"><IfVersion></a></code>
module is designed for the use in test suites and large networks which have to
deal with different httpd versions and different configurations.</p>
-<pre class="prettyprint lang-config">
-<IfVersion >= 2.4>
+<pre class="prettyprint lang-config"><IfVersion >= 2.4>
# this happens only in versions greater or
# equal 2.4.0.
-</IfVersion>
-</pre>
+</IfVersion></pre>
<p><code class="directive"><a href="./mod/core.html#ifdefine"><IfDefine></a></code>,
following configuration, directory indexes will be enabled for the
<code>/var/web/dir1</code> directory and all subdirectories.</p>
-<pre class="prettyprint lang-config">
-<Directory /var/web/dir1>
+<pre class="prettyprint lang-config"><Directory /var/web/dir1>
Options +Indexes
-</Directory>
-</pre>
+</Directory></pre>
<p>Directives enclosed in a <code class="directive"><a href="./mod/core.html#files"><Files></a></code> section apply to any file with
deny access to any file named <code>private.html</code> regardless
of where it is found.</p>
-<pre class="prettyprint lang-config">
-<Files private.html>
+<pre class="prettyprint lang-config"><Files private.html>
Require all denied
-</Files>
-</pre>
+</Files></pre>
<p>To address files found in a particular part of the filesystem, the
of <code>private.html</code> found under the <code>/var/web/dir1/</code>
directory.</p>
-<pre class="prettyprint lang-config">
-<Directory /var/web/dir1>
+<pre class="prettyprint lang-config"><Directory /var/web/dir1>
<Files private.html>
Require all denied
</Files>
-</Directory>
-</pre>
+</Directory></pre>
<code>http://yoursite.example.com/private/dir/file.html</code> as well
as any other requests starting with the <code>/private</code> string.</p>
-<pre class="prettyprint lang-config">
-<LocationMatch ^/private>
+<pre class="prettyprint lang-config"><LocationMatch ^/private>
Require all denied
-</LocationMatch>
-</pre>
+</LocationMatch></pre>
<p>The <code class="directive"><a href="./mod/core.html#location"><Location></a></code>
No file called <code>server-status</code> needs to exist in the
filesystem.</p>
-<pre class="prettyprint lang-config">
-<Location /server-status>
+<pre class="prettyprint lang-config"><Location /server-status>
SetHandler server-status
-</Location>
-</pre>
+</Location></pre>
<p>In order to have two overlapping URLs one has to consider the order in which
certain sections or directives are evaluated. For
<code class="directive"><a href="./mod/core.html#location"><Location></a></code> this would be:</p>
-<pre class="prettyprint lang-config">
-<Location /foo>
+<pre class="prettyprint lang-config"><Location /foo>
</Location>
<Location /foo/bar>
-</Location>
-</pre>
+</Location></pre>
<p><code class="directive"><a href="./mod/mod_alias.html#alias"><Alias></a></code>es on the other hand,
are mapped vice-versa:</p>
-<pre class="prettyprint lang-config">
-Alias /foo/bar /srv/www/uncommon/bar
-Alias /foo /srv/www/common/foo
-</pre>
+<pre class="prettyprint lang-config">Alias /foo/bar /srv/www/uncommon/bar
+Alias /foo /srv/www/common/foo</pre>
<p>The same is true for the <code class="directive"><a href="./mod/mod_proxy.html#proxypass">ProxyPass</a></code>
directives:</p>
-<pre class="prettyprint lang-config">
-ProxyPass /special-area http://special.example.com smax=5 max=10
-ProxyPass / balancer://mycluster/ stickysession=JSESSIONID|jsessionid nofailover=On
-</pre>
+<pre class="prettyprint lang-config">ProxyPass /special-area http://special.example.com smax=5 max=10
+ProxyPass / balancer://mycluster/ stickysession=JSESSIONID|jsessionid nofailover=On</pre>
<p>A non-regex wildcard section that changes the configuration of
all user directories could look as follows:</p>
-<pre class="prettyprint lang-config">
-<Directory /home/*/public_html>
+<pre class="prettyprint lang-config"><Directory /home/*/public_html>
Options Indexes
-</Directory>
-</pre>
+</Directory></pre>
<p>Using regex sections, we can deny access to many types of image files
at once:</p>
-<pre class="prettyprint lang-config">
-<FilesMatch \.(?i:gif|jpe?g|png)$>
+<pre class="prettyprint lang-config"><FilesMatch \.(?i:gif|jpe?g|png)$>
Require all denied
-</FilesMatch>
-</pre>
+</FilesMatch></pre>
<p>Regular expressions containing <strong>named groups and
and URLs to be referenced from within <a href="expr.html">expressions</a>
and modules like <code class="module"><a href="./mod/mod_rewrite.html">mod_rewrite</a></code>.</p>
-<pre class="prettyprint lang-config">
-<DirectoryMatch ^/var/www/combined/(?<SITENAME>[^/]+)>
+<pre class="prettyprint lang-config"><DirectoryMatch ^/var/www/combined/(?<SITENAME>[^/]+)>
require ldap-group cn=%{env:SITENAME},ou=combined,o=Example
-</DirectoryMatch>
-</pre>
+</DirectoryMatch></pre>
expressed by a boolean expression. For example, the following configuration
denies access if the HTTP Referer header does not start with
"http://www.example.com/".</p>
-<pre class="prettyprint lang-config">
-<If "!(%{HTTP_REFERER} -strmatch 'http://www.example.com/*')">
+<pre class="prettyprint lang-config"><If "!(%{HTTP_REFERER} -strmatch 'http://www.example.com/*')">
Require all denied
-</If>
-</pre>
+</If></pre>
location, allowing your restrictions to be circumvented.
For example, consider the following configuration:</p>
-<pre class="prettyprint lang-config">
-<Location /dir/>
+<pre class="prettyprint lang-config"><Location /dir/>
Require all denied
-</Location>
-</pre>
+</Location></pre>
<p>This works fine if the request is for
will prevent the proxy server from being used to access the
<code>www.example.com</code> website.</p>
-<pre class="prettyprint lang-config">
-<Proxy http://www.example.com/*>
+<pre class="prettyprint lang-config"><Proxy http://www.example.com/*>
Require all granted
-</Proxy>
-</pre>
+</Proxy></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
this example will be applied in the order A > B > C > D >
E.</p>
-<pre class="prettyprint lang-config">
-<Location />
+<pre class="prettyprint lang-config"><Location />
E
</Location>
<Directory /a/b>
A
-</Directory>
-
-</pre>
+</Directory></pre>
<p>For a more concrete example, consider the following. Regardless of
evaluated last and will allow unrestricted access to the server. In
other words, order of merging is important, so be careful!</p>
-<pre class="prettyprint lang-config">
-<Location />
+<pre class="prettyprint lang-config"><Location />
Require all granted
</Location>
Require all granted
Require not host badguy.example.com
</RequireAll>
-</Directory>
-</pre>
+</Directory></pre>
un autre site si le serveur est démarré en utilisant la ligne de commande :
<code>httpd -DClosedForNow</code>:</p>
-<pre class="prettyprint lang-config">
-<IfDefine ClosedForNow>
+<pre class="prettyprint lang-config"><IfDefine ClosedForNow>
Redirect / http://otherserver.example.com/
-</IfDefine>
-</pre>
+</IfDefine></pre>
<p>Le conteneur <code class="directive"><a href="./mod/core.html#ifmodule"><IfModule></a></code>
<p>Dans l'exemple suivant, la directive <code class="directive"><a href="./mod/mod_mime_magic.html#mimemagicfile">MimeMagicFile</a></code> ne s'appliquera que si le
module <code class="module"><a href="./mod/mod_mime_magic.html">mod_mime_magic</a></code> est disponible.</p>
-<pre class="prettyprint lang-config">
-<IfModule mod_mime_magic.c>
+<pre class="prettyprint lang-config"><IfModule mod_mime_magic.c>
MimeMagicFile conf/magic
-</IfModule>
-</pre>
+</IfModule></pre>
<p>Le conteneur
et les grands réseaux qui doivent prendre en compte différentes versions
et configurations de httpd.</p>
-<pre class="prettyprint lang-config">
-<IfVersion >= 2.4>
+<pre class="prettyprint lang-config"><IfVersion >= 2.4>
# les directives situées ici ne s'appliquent que si la version <br />
# est supérieure ou égale à 2.4.0.
-</IfVersion>
-</pre>
+</IfVersion></pre>
<p><code class="directive"><a href="./mod/core.html#ifdefine"><IfDefine></a></code>,
configuration suivante, l'indexation sera activée pour le répertoire
<code>/var/web/dir1</code> et tous ses sous-répertoires.</p>
-<pre class="prettyprint lang-config">
-<Directory /var/web/dir1>
+<pre class="prettyprint lang-config"><Directory /var/web/dir1>
Options +Indexes
-</Directory>
-</pre>
+</Directory></pre>
<p>Les directives contenues dans une section <code class="directive"><a href="./mod/core.html#files"><Files></a></code> s'appliquent à tout fichier
l'accès à tout fichier nommé <code>private.html</code> quel que soit
l'endroit où il se trouve.</p>
-<pre class="prettyprint lang-config">
-<Files private.html>
+<pre class="prettyprint lang-config"><Files private.html>
Require all denied
-</Files>
-</pre>
+</Files></pre>
<p>Pour faire référence à des fichiers qui se trouvent en des points
<code>private.html</code> qui se trouve dans l'arborescence
<code>/var/web/dir1/</code>.</p>
-<pre class="prettyprint lang-config">
-<Directory /var/web/dir1>
+<pre class="prettyprint lang-config"><Directory /var/web/dir1>
<Files private.html>
Require all denied
</Files>
-</Directory>
-</pre>
+</Directory></pre>
<code>http://yoursite.example.com/private/dir/file.html</code> ainsi qu'à
toute requête commençant par la chaîne de caractères <code>/private</code>.</p>
-<pre class="prettyprint lang-config">
-<LocationMatch ^/private>
+<pre class="prettyprint lang-config"><LocationMatch ^/private>
Require all denied
-</LocationMatch>
-</pre>
+</LocationMatch></pre>
<p>Le conteneur <code class="directive"><a href="./mod/core.html#location"><Location></a></code>
Il n'est pas nécessaire de trouver un fichier nommé <code>server-status</code>
dans le système de fichiers.</p>
-<pre class="prettyprint lang-config">
-<Location /server-status>
+<pre class="prettyprint lang-config"><Location /server-status>
SetHandler server-status
-</Location>
-</pre>
+</Location></pre>
dans lequel certaines sections ou directives sont évaluées. Pour
<code class="directive"><a href="./mod/core.html#location"><Location></a></code>, on doit
avoir :</p>
-<pre class="prettyprint lang-config">
-<Location /foo>
+<pre class="prettyprint lang-config"><Location /foo>
</Location>
<Location /foo/bar>
-</Location>
-</pre>
+</Location></pre>
<p>Les directives <code class="directive"><a href="./mod/mod_alias.html#alias"><Alias></a></code>, quant à elles, sont évaluées vice-versa :</p>
-<pre class="prettyprint lang-config">
-Alias /foo/bar /srv/www/uncommon/bar
-Alias /foo /srv/www/common/foo
-</pre>
+<pre class="prettyprint lang-config">Alias /foo/bar /srv/www/uncommon/bar
+Alias /foo /srv/www/common/foo</pre>
<p>Ceci est aussi vrai pour les directives <code class="directive"><a href="./mod/mod_proxy.html#proxypass">ProxyPass</a></code> :</p>
-<pre class="prettyprint lang-config">
-ProxyPass /special-area http://special.example.com smax=5 max=10
-ProxyPass / balancer://mycluster/ stickysession=JSESSIONID|jsessionid nofailover=On
-</pre>
+<pre class="prettyprint lang-config">ProxyPass /special-area http://special.example.com smax=5 max=10
+ProxyPass / balancer://mycluster/ stickysession=JSESSIONID|jsessionid nofailover=On</pre>
mais sans utiliser
les expressions rationnelles pourrait ressembler à ceci :</p>
-<pre class="prettyprint lang-config">
-<Directory /home/*/public_html>
+<pre class="prettyprint lang-config"><Directory /home/*/public_html>
Options Indexes
-</Directory>
-</pre>
+</Directory></pre>
<p>Avec les conteneurs utilisant les expressions rationnelles,
on peut interdire l'accès à de nombreux types de fichiers d'images
simultanément :</p>
-<pre class="prettyprint lang-config">
-+<FilesMatch \.(?i:gif|jpe?g|png)$>
+<pre class="prettyprint lang-config">+<FilesMatch \.(?i:gif|jpe?g|png)$>
Require all denied
-</FilesMatch>
-</pre>
+</FilesMatch></pre>
<p>Les expressions rationnelles contenant des <strong>groupes nommés et
chemins de fichiers et d'URLs depuis une <a href="expr.html">expression</a> et au sein de modules comme
<code class="module"><a href="./mod/mod_rewrite.html">mod_rewrite</a></code>.</p>
-<pre class="prettyprint lang-config">
-<DirectoryMatch ^/var/www/combined/(?<SITENAME>[^/]+)>
+<pre class="prettyprint lang-config"><DirectoryMatch ^/var/www/combined/(?<SITENAME>[^/]+)>
require ldap-group cn=%{env:SITENAME},ou=combined,o=Example
-</DirectoryMatch>
-</pre>
+</DirectoryMatch></pre>
être définie sous la forme d'une expression booléenne. Dans l'exemple
suivant, l'accès est interdit si l'en-tête HTTP Referer ne commence pas
par "http://www.example.com/".</p>
-<pre class="prettyprint lang-config">
-<If "!(%{HTTP_REFERER} -strmatch 'http://www.example.com/*')">
+<pre class="prettyprint lang-config"><If "!(%{HTTP_REFERER} -strmatch 'http://www.example.com/*')">
Require all denied
-</If>
-</pre>
+</If></pre>
du système de fichier, ce qui peut permettre de contourner vos restrictions.
Par exemple, imaginez la configuration suivante :</p>
-<pre class="prettyprint lang-config">
-<Location /dir/>
+<pre class="prettyprint lang-config"><Location /dir/>
Require all denied
-</Location>
-</pre>
+</Location></pre>
<p>Elle fonctionne correctement si la requête appelle
va interdire l'utilisation du serveur proxy pour accéder au site
<code>www.example.com</code>.</p>
-<pre class="prettyprint lang-config">
-<Proxy http://www.example.com/*>
+<pre class="prettyprint lang-config"><Proxy http://www.example.com/*>
Require all granted
-</Proxy>
-</pre>
+</Proxy></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
cet exemple seront appliquées dans l'ordre suivant : A > B > C > D >
E.</p>
-<pre class="prettyprint lang-config">
-<Location />
+<pre class="prettyprint lang-config"><Location />
E
</Location>
<Directory /a/b>
A
-</Directory>
-
-</pre>
+</Directory></pre>
<p>Pour un exemple plus concret, considérez ce qui suit. Sans tenir compte
En d'autres termes, l'ordre de la combinaison des sections est important,
soyez donc prudent !</p>
-<pre class="prettyprint lang-config">
-<Location />
+<pre class="prettyprint lang-config"><Location />
Require all granted
</Location>
Require all granted
Require not host badguy.example.com
</RequireAll>
-</Directory>
-</pre>
+</Directory></pre>
fully-qualified hyperlinks (because you have to change the URL
scheme). Using <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> however, you can
manipulate relative hyperlinks, to achieve the same effect.</p>
- <pre class="prettyprint lang-config">
-RewriteEngine on
+ <pre class="prettyprint lang-config">RewriteEngine on
RewriteRule ^/(.*)_SSL$ https://%{SERVER_NAME}/$1 [R,L]
-RewriteRule ^/(.*)_NOSSL$ http://%{SERVER_NAME}/$1 [R,L]
- </pre>
+RewriteRule ^/(.*)_NOSSL$ http://%{SERVER_NAME}/$1 [R,L]</pre>
<p>This rewrite ruleset lets you use hyperlinks of the form
-keyout server.key</strong></code><br />
These can be used as follows in your <code>httpd.conf</code>
file:
- <pre class="prettyprint lang-config">
-SSLCertificateFile /path/to/this/server.crt
-SSLCertificateKeyFile /path/to/this/server.key
- </pre>
+ <pre class="prettyprint lang-config">SSLCertificateFile /path/to/this/server.crt
+SSLCertificateKeyFile /path/to/this/server.key</pre>
</li>
<li>It is important that you are aware that this
<li>You should now have two files: <code>server.key</code> and
<code>server.crt</code>. These can be used as follows in your
<code>httpd.conf</code> file:
- <pre class="prettyprint lang-config">
-SSLCertificateFile /path/to/this/server.crt
-SSLCertificateKeyFile /path/to/this/server.key
- </pre>
+ <pre class="prettyprint lang-config">SSLCertificateFile /path/to/this/server.crt
+SSLCertificateKeyFile /path/to/this/server.key</pre>
The <code>server.csr</code> file is no longer needed.
</li>
you must make sure to put the non-SSL port number on the NameVirtualHost
directive, e.g.</p>
- <pre class="prettyprint lang-config">
- NameVirtualHost 192.168.1.1:80
- </pre>
+ <pre class="prettyprint lang-config"> NameVirtualHost 192.168.1.1:80</pre>
<p>Other workaround solutions include: </p>
keep-alive connections or send the SSL close notify messages to MSIE clients.
This can be done by using the following directive in your SSL-aware
virtual host section:</p>
- <pre class="prettyprint lang-config">
-SetEnvIf User-Agent "MSIE [2-5]" \
+ <pre class="prettyprint lang-config">SetEnvIf User-Agent "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
- downgrade-1.0 force-response-1.0
- </pre>
+ downgrade-1.0 force-response-1.0</pre>
<p>Further, some MSIE versions have problems with particular ciphers.
Unfortunately, it is not possible to implement a MSIE-specific
hyperliens pleinement qualifiés (car vous devez modifier le schéma de l'URL).
Cependant, à l'aide du module <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>, vous pouvez
manipuler des hyperliens relatifs, pour obtenir le même effet.</p>
- <pre class="prettyprint lang-config">
-RewriteEngine on
+ <pre class="prettyprint lang-config">RewriteEngine on
RewriteRule ^/(.*)_SSL$ https://%{SERVER_NAME}/$1 [R,L]
-RewriteRule ^/(.*)_NOSSL$ http://%{SERVER_NAME}/$1 [R,L]
- </pre>
+RewriteRule ^/(.*)_NOSSL$ http://%{SERVER_NAME}/$1 [R,L]</pre>
<p>Ce jeu de règles rewrite vous permet d'utiliser des hyperliens de la
-keyout server.key</strong></code><br />
Ces fichiers seront utilisés comme suit dans votre
<code>httpd.conf</code> :
- <pre class="prettyprint lang-config">
-SSLCertificateFile /path/to/this/server.crt
-SSLCertificateKeyFile /path/to/this/server.key
- </pre>
+ <pre class="prettyprint lang-config">SSLCertificateFile /path/to/this/server.crt
+SSLCertificateKeyFile /path/to/this/server.key</pre>
</li>
<li>Il est important de savoir que le fichier <code>server.key</code> n'a
<li>Vous devez maintenant disposer de deux fichiers :
<code>server.key</code> et <code>server.crt</code>. Ils sont précisés dans
votre fichier <code>httpd.conf</code> comme suit :
- <pre class="prettyprint lang-config">
-SSLCertificateFile /path/to/this/server.crt
-SSLCertificateKeyFile /path/to/this/server.key
- </pre>
+ <pre class="prettyprint lang-config">SSLCertificateFile /path/to/this/server.crt
+SSLCertificateKeyFile /path/to/this/server.key</pre>
Le fichier <code>server.csr</code> n'est plus nécessaire.
</li>
(sur le port 443). Mais dans ce cas, vous devez définir le numéro de port
non-SSL à l'aide de la directive NameVirtualHost dans ce style :</p>
- <pre class="prettyprint lang-config">
- NameVirtualHost 192.168.1.1:80
- </pre>
+ <pre class="prettyprint lang-config"> NameVirtualHost 192.168.1.1:80</pre>
<p>il existe d'autres solutions alternatives comme :</p>
ou l'envoi de messages de notification de fermeture de session SSL aux
clients MSIE. Pour cela, vous pouvez utiliser la directive suivante
dans votre section d'hôte virtuel avec support SSL :</p>
- <pre class="prettyprint lang-config">
-SetEnvIf User-Agent "MSIE [2-5]" \
+ <pre class="prettyprint lang-config">SetEnvIf User-Agent "MSIE [2-5]" \
nokeepalive ssl-unclean-shutdown \
- downgrade-1.0 force-response-1.0
- </pre>
+ downgrade-1.0 force-response-1.0</pre>
<p>En outre, certaines versions de MSIE ont des problèmes avec des
algorithmes de chiffrement particuliers. Hélas, il n'est pas
<p>Your SSL configuration will need to contain, at minimum, the
following directives.</p>
-<pre class="prettyprint lang-config">
-Listen 443
+<pre class="prettyprint lang-config">Listen 443
<VirtualHost *:443>
ServerName www.example.com
SSLEngine on
SSLCertificateFile /path/to/www.example.com.cert
SSLCertificateKeyFile /path/to/www.example.com.key
-</VirtualHost>
-</pre>
+</VirtualHost></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
only?</a></h3>
<p>The following enables only the strongest ciphers:</p>
- <pre class="prettyprint lang-config">
- SSLCipherSuite HIGH:!aNULL:!MD5
- </pre>
+ <pre class="prettyprint lang-config"> SSLCipherSuite HIGH:!aNULL:!MD5</pre>
<p>While with the following configuration you specify a preference
for specific speed-optimized ciphers (which will be selected by
mod_ssl, provided that they are supported by the client):</p>
- <pre class="prettyprint lang-config">
-SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:!aNULL:!MD5
-SSLHonorCipherOrder on
- </pre>
+ <pre class="prettyprint lang-config">SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:!aNULL:!MD5
+SSLHonorCipherOrder on</pre>
blocks, to give a per-directory solution, and can automatically force
a renegotiation of the SSL parameters to meet the new configuration.
This can be done as follows:</p>
- <pre class="prettyprint lang-config">
-# be liberal in general
+ <pre class="prettyprint lang-config"># be liberal in general
SSLCipherSuite ALL:!aNULL:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP:+eNULL
<Location /strong/area>
# but https://hostname/strong/area/ and below
# requires strong ciphers
SSLCipherSuite HIGH:!aNULL:!MD5
-</Location>
- </pre>
+</Location></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
need to do is to create client certificates signed by your own CA
certificate (<code>ca.crt</code>) and then verify the clients against this
certificate.</p>
- <pre class="prettyprint lang-config">
-# require a client certificate which has to be directly
+ <pre class="prettyprint lang-config"># require a client certificate which has to be directly
# signed by our CA certificate in ca.crt
SSLVerifyClient require
SSLVerifyDepth 1
-SSLCACertificateFile conf/ssl.crt/ca.crt
- </pre>
+SSLCACertificateFile conf/ssl.crt/ca.crt</pre>
you can use the per-directory reconfiguration features of
<code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code>:</p>
- <pre class="prettyprint lang-config">
-SSLVerifyClient none
+ <pre class="prettyprint lang-config">SSLVerifyClient none
SSLCACertificateFile conf/ssl.crt/ca.crt
<Location /secure/area>
SSLVerifyClient require
SSLVerifyDepth 1
-</Location>
- </pre>
+</Location></pre>
you should establish a password database containing <em>all</em>
clients allowed, as follows:</p>
- <pre class="prettyprint lang-config">
-SSLVerifyClient none
+ <pre class="prettyprint lang-config">SSLVerifyClient none
SSLCACertificateFile conf/ssl.crt/ca.crt
SSLCACertificatePath conf/ssl.crt
AuthBasicProvider file
AuthUserFile /usr/local/apache2/conf/httpd.passwd
Require valid-user
-</Directory>
- </pre>
+</Directory></pre>
<p>The password used in this example is the DES encrypted string "password".
See the <code class="directive"><a href="../mod/mod_ssl.html#ssloptions">SSLOptions</a></code> docs for more
information.</p>
- <div class="example"><h3>httpd.passwd</h3><pre>
-/C=DE/L=Munich/O=Snake Oil, Ltd./OU=Staff/CN=Foo:xxj31ZMTZzkVA
+ <div class="example"><h3>httpd.passwd</h3><pre>/C=DE/L=Munich/O=Snake Oil, Ltd./OU=Staff/CN=Foo:xxj31ZMTZzkVA
/C=US/L=S.F./O=Snake Oil, Ltd./OU=CA/CN=Bar:xxj31ZMTZzkVA
/C=US/L=L.A./O=Snake Oil, Ltd./OU=Dev/CN=Quux:xxj31ZMTZzkVA</pre></div>
into the DN, you can match them more easily using <code class="directive"><a href="../mod/mod_ssl.html#sslrequire">SSLRequire</a></code>, as follows:</p>
- <pre class="prettyprint lang-config">
-SSLVerifyClient none
+ <pre class="prettyprint lang-config">SSLVerifyClient none
SSLCACertificateFile conf/ssl.crt/ca.crt
SSLCACertificatePath conf/ssl.crt
SSLRequireSSL
SSLRequire %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"}
-</Directory>
- </pre>
+</Directory></pre>
This configuration should remain outside of your HTTPS virtual host, so
that it applies to both HTTPS and HTTP.</p>
- <pre class="prettyprint lang-config">
-SSLCACertificateFile conf/ssl.crt/company-ca.crt
+ <pre class="prettyprint lang-config">SSLCACertificateFile conf/ssl.crt/company-ca.crt
<Directory /usr/local/apache2/htdocs>
# Outside the subarea only Intranet access is granted
AuthBasicProvider file
AuthUserFile conf/protected.passwd
Require valid-user
-</Directory>
- </pre>
+</Directory></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<p>Votre configuration SSL doit comporter au moins les directives
suivantes :</p>
-<pre class="prettyprint lang-config">
-Listen 443
+<pre class="prettyprint lang-config">Listen 443
<VirtualHost *:443>
ServerName www.example.com
SSLEngine on
SSLCertificateFile /path/to/www.example.com.cert
SSLCertificateKeyFile /path/to/www.example.com.key
-</VirtualHost>
-</pre>
+</VirtualHost></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<p>Les directives suivantes ne permettent que les
chiffrements de plus haut niveau :</p>
- <pre class="prettyprint lang-config">
- SSLCipherSuite HIGH:!aNULL:!MD5
- </pre>
+ <pre class="prettyprint lang-config"> SSLCipherSuite HIGH:!aNULL:!MD5</pre>
rapidité (le choix final sera opéré par mod_ssl, dans la mesure ou le
client les supporte) :</p>
- <pre class="prettyprint lang-config">
-SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:!aNULL:!MD5
-SSLHonorCipherOrder on
- </pre>
+ <pre class="prettyprint lang-config">SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:!aNULL:!MD5
+SSLHonorCipherOrder on</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
<code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> peut alors forcer automatiquement une
renégociation des paramètres SSL pour parvenir au but recherché.
Cette configuration peut se présenter comme suit :</p>
- <pre class="prettyprint lang-config">
-# soyons très tolérant a priori
+ <pre class="prettyprint lang-config"># soyons très tolérant a priori
SSLCipherSuite ALL:!aNULL:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP:+eNULL
<Location /strong/area>
# sauf pour https://hostname/strong/area/ et ses sous-répertoires
# qui exigent des chiffrements forts
SSLCipherSuite HIGH:!aNULL:!MD5
-</Location>
- </pre>
+</Location></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<div class="section">
le certificat de votre propre autorité de certification
(<code>ca.crt</code>), et d'authentifier les clients à l'aide de ces
certificats.</p>
- <pre class="prettyprint lang-config">
-# exige un certificat client signé par le certificat de votre CA
+ <pre class="prettyprint lang-config"># exige un certificat client signé par le certificat de votre CA
# contenu dans ca.crt
SSLVerifyClient require
SSLVerifyDepth 1
-SSLCACertificateFile conf/ssl.crt/ca.crt
- </pre>
+SSLCACertificateFile conf/ssl.crt/ca.crt</pre>
URL particulière, vous pouvez utiliser les fonctionnalités de reconfiguration
de <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code> en fonction du répertoire :</p>
- <pre class="prettyprint lang-config">
-SSLVerifyClient none
+ <pre class="prettyprint lang-config">SSLVerifyClient none
SSLCACertificateFile conf/ssl.crt/ca.crt
<Location /secure/area>
SSLVerifyClient require
SSLVerifyDepth 1
-</Location>
- </pre>
+</Location></pre>
de données de mots de passe contenant <em>tous</em> les clients
autorisés, comme suit :</p>
- <pre class="prettyprint lang-config">
-SSLVerifyClient none
+ <pre class="prettyprint lang-config">SSLVerifyClient none
SSLCACertificateFile conf/ssl.crt/ca.crt
SSLCACertificatePath conf/ssl.crt
AuthBasicProvider file
AuthUserFile /usr/local/apache2/conf/httpd.passwd
Require valid-user
-</Directory>
- </pre>
+</Directory></pre>
directive <code class="directive"><a href="../mod/mod_ssl.html#ssloptions">SSLOptions</a></code> pour
plus de détails.</p>
- <div class="example"><h3>httpd.passwd</h3><pre>
-/C=DE/L=Munich/O=Snake Oil, Ltd./OU=Staff/CN=Foo:xxj31ZMTZzkVA
+ <div class="example"><h3>httpd.passwd</h3><pre>/C=DE/L=Munich/O=Snake Oil, Ltd./OU=Staff/CN=Foo:xxj31ZMTZzkVA
/C=US/L=S.F./O=Snake Oil, Ltd./OU=CA/CN=Bar:xxj31ZMTZzkVA
/C=US/L=L.A./O=Snake Oil, Ltd./OU=Dev/CN=Quux:xxj31ZMTZzkVA</pre></div>
utilisant la directive <code class="directive"><a href="../mod/mod_ssl.html#sslrequire">SSLRequire</a></code>, comme suit :</p>
- <pre class="prettyprint lang-config">
-SSLVerifyClient none
+ <pre class="prettyprint lang-config">SSLVerifyClient none
SSLCACertificateFile conf/ssl.crt/ca.crt
SSLCACertificatePath conf/ssl.crt
SSLRequireSSL
SSLRequire %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"}
-</Directory>
- </pre>
+</Directory></pre>
doivent se trouver en dehors de votre hôte virtuel HTTPS, afin qu'elles
s'appliquent à la fois à HTTP et HTTPS.</p>
- <pre class="prettyprint lang-config">
-SSLCACertificateFile conf/ssl.crt/company-ca.crt
+ <pre class="prettyprint lang-config">SSLCACertificateFile conf/ssl.crt/company-ca.crt
<Directory /usr/local/apache2/htdocs>
# En dehors de subarea, seul l'accès depuis l'intranet est
AuthBasicProvider file
AuthUserFile conf/protected.passwd
Require valid-user
-</Directory>
- </pre>
+</Directory></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<p>If for example, your web server is configured to run as:</p>
- <pre class="prettyprint lang-config">
-User www
-Group webgroup
- </pre>
+ <pre class="prettyprint lang-config">User www
+Group webgroup</pre>
<p>and <code class="program"><a href="./programs/suexec.html">suexec</a></code> is installed at
<p>Si, par exemple, votre serveur web est configuré pour
s'exécuter en tant que :</p>
-<pre class="prettyprint lang-config">
-User www
-Group webgroup
- </pre>
+<pre class="prettyprint lang-config">User www
+Group webgroup</pre>
<p>et <code class="program"><a href="./programs/suexec.html">suexec</a></code> se trouve à
access control.</p>
<p>In this example, all requests are denied.</p>
- <div class="example"><h3>2.2 configuration:</h3><pre class="prettyprint lang-config">
-Order deny,allow
-Deny from all
- </pre>
+ <div class="example"><h3>2.2 configuration:</h3><pre class="prettyprint lang-config">Order deny,allow
+Deny from all</pre>
</div>
- <div class="example"><h3>2.4 configuration:</h3><pre class="prettyprint lang-config">
- Require all denied
- </pre>
+ <div class="example"><h3>2.4 configuration:</h3><pre class="prettyprint lang-config"> Require all denied</pre>
</div>
<p>In this example, all requests are allowed.</p>
- <div class="example"><h3>2.2 configuration:</h3><pre class="prettyprint lang-config">
-Order allow,deny
-Allow from all
- </pre>
+ <div class="example"><h3>2.2 configuration:</h3><pre class="prettyprint lang-config">Order allow,deny
+Allow from all</pre>
</div>
- <div class="example"><h3>2.4 configuration:</h3><pre class="prettyprint lang-config">
- Require all granted
- </pre>
+ <div class="example"><h3>2.4 configuration:</h3><pre class="prettyprint lang-config"> Require all granted</pre>
</div>
<p>In the following example, all hosts in the example.org domain
are allowed access; all other hosts are denied access.</p>
- <div class="example"><h3>2.2 configuration:</h3><pre class="prettyprint lang-config">
-Order Deny,Allow
+ <div class="example"><h3>2.2 configuration:</h3><pre class="prettyprint lang-config">Order Deny,Allow
Deny from all
-Allow from example.org
- </pre>
+Allow from example.org</pre>
</div>
- <div class="example"><h3>2.4 configuration:</h3><pre class="prettyprint lang-config">
- Require host example.org
- </pre>
+ <div class="example"><h3>2.4 configuration:</h3><pre class="prettyprint lang-config"> Require host example.org</pre>
</div>
la nouvelle méthode :</p>
<p>Dans cet exemple, toutes les requêtes sont rejetées :</p>
- <div class="example"><h3>version 2.2 :</h3><pre class="prettyprint lang-config">
-Order deny,allow
-Deny from all
- </pre>
+ <div class="example"><h3>version 2.2 :</h3><pre class="prettyprint lang-config">Order deny,allow
+Deny from all</pre>
</div>
- <div class="example"><h3>version 2.4 :</h3><pre class="prettyprint lang-config">
- Require all denied
- </pre>
+ <div class="example"><h3>version 2.4 :</h3><pre class="prettyprint lang-config"> Require all denied</pre>
</div>
<p>Dans cet exemple, toutes les requêtes sont acceptées :</p>
- <div class="example"><h3>version 2.2 :</h3><pre class="prettyprint lang-config">
-Order allow,deny
-Allow from all
- </pre>
+ <div class="example"><h3>version 2.2 :</h3><pre class="prettyprint lang-config">Order allow,deny
+Allow from all</pre>
</div>
- <div class="example"><h3>version 2.4 :</h3><pre class="prettyprint lang-config">
- Require all granted
- </pre>
+ <div class="example"><h3>version 2.4 :</h3><pre class="prettyprint lang-config"> Require all granted</pre>
</div>
<p>Dans l'exemple suivant, tous les hôtes du domaine example.org
ont l'autorisation d'accès, tous les autres sont rejetés :</p>
- <div class="example"><h3>version 2.2 :</h3><pre class="prettyprint lang-config">
-Order Deny,Allow
+ <div class="example"><h3>version 2.2 :</h3><pre class="prettyprint lang-config">Order Deny,Allow
Deny from all
-Allow from example.org
- </pre>
+Allow from example.org</pre>
</div>
- <div class="example"><h3>version 2.4 :</h3><pre class="prettyprint lang-config">
- Require host example.org
- </pre>
+ <div class="example"><h3>version 2.4 :</h3><pre class="prettyprint lang-config"> Require host example.org</pre>
</div>
expression</a> based matching and substitution. For
example,</p>
- <pre class="prettyprint lang-config">
- ScriptAliasMatch ^/~([a-zA-Z0-9]+)/cgi-bin/(.+) /home/$1/cgi-bin/$2
- </pre>
+ <pre class="prettyprint lang-config"> ScriptAliasMatch ^/~([a-zA-Z0-9]+)/cgi-bin/(.+) /home/$1/cgi-bin/$2</pre>
<p>will map a request to
<code>/home/user/public_html/file.html</code>, use the following
<code>AliasMatch</code> directive:</p>
- <pre class="prettyprint lang-config">
- AliasMatch ^/upages/([a-zA-Z0-9]+)(/(.*))?$ /home/$1/public_html/$3
- </pre>
+ <pre class="prettyprint lang-config"> AliasMatch ^/upages/([a-zA-Z0-9]+)(/(.*))?$ /home/$1/public_html/$3</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
to the new directory <code>/bar/</code>, you can instruct clients
to request the content at the new location as follows:</p>
- <pre class="prettyprint lang-config">
- Redirect permanent /foo/ http://www.example.com/bar/
- </pre>
+ <pre class="prettyprint lang-config"> Redirect permanent /foo/ http://www.example.com/bar/</pre>
<p>This will redirect any URL-Path starting in
for the site home page to a different site, but leave all other
requests alone, use the following configuration:</p>
- <pre class="prettyprint lang-config">
- RedirectMatch permanent ^/$ http://www.example.com/startpage.html
- </pre>
+ <pre class="prettyprint lang-config"> RedirectMatch permanent ^/$ http://www.example.com/startpage.html</pre>
<p>Alternatively, to temporarily redirect all pages on one site
to a particular page on another site, use the following:</p>
- <pre class="prettyprint lang-config">
- RedirectMatch temp .* http://othersite.example.com/startpage.html
- </pre>
+ <pre class="prettyprint lang-config"> RedirectMatch temp .* http://othersite.example.com/startpage.html</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
and returns them to the client as if they were from the local
server.</p>
-<pre class="prettyprint lang-config">
-ProxyPass /foo/ http://internal.example.com/bar/<br />
+<pre class="prettyprint lang-config">ProxyPass /foo/ http://internal.example.com/bar/<br />
ProxyPassReverse /foo/ http://internal.example.com/bar/<br />
ProxyPassReverseCookieDomain internal.example.com public.example.com<br />
-ProxyPassReverseCookiePath /foo/ /bar/
-</pre>
+ProxyPassReverseCookiePath /foo/ /bar/</pre>
<p>The <code class="directive"><a href="./mod/mod_proxy.html#proxypass">ProxyPass</a></code> configures
content) in a page as it is being served to the client using
<code class="module"><a href="./mod/mod_substitute.html">mod_substitute</a></code>.</p>
-<pre class="prettyprint lang-config">
-Substitute s/internal\.example\.com/www.example.com/i
-</pre>
+<pre class="prettyprint lang-config">Substitute s/internal\.example\.com/www.example.com/i</pre>
<p>For more sophisticated rewriting of links in HTML and XHTML, the
sur les <a class="glossarylink" href="./glossary.html#regex" title="voir glossaire">expressions rationnelles</a>.
Par exemple,</p>
-<pre class="prettyprint lang-config">
- ScriptAliasMatch ^/~([a-zA-Z0-9]+)/cgi-bin/(.+) /home/$1/cgi-bin/$2
- </pre>
+<pre class="prettyprint lang-config"> ScriptAliasMatch ^/~([a-zA-Z0-9]+)/cgi-bin/(.+) /home/$1/cgi-bin/$2</pre>
<p>fera correspondre une requête du style
<code>/home/user/public_html/file.html</code>, utilisez la directive
<code>AliasMatch</code> suivante :</p>
-<pre class="prettyprint lang-config">
- AliasMatch ^/upages/([a-zA-Z0-9]+)(/(.*))?$ /home/$1/public_html/$3
- </pre>
+<pre class="prettyprint lang-config"> AliasMatch ^/upages/([a-zA-Z0-9]+)(/(.*))?$ /home/$1/public_html/$3</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
nouveau répertoire <code>/bar/</code>, vous pouvez demander aux clients
de le requérir à sa nouvelle localisation comme suit :</p>
-<pre class="prettyprint lang-config">
- Redirect permanent /foo/ http://www.example.com/bar/
- </pre>
+<pre class="prettyprint lang-config"> Redirect permanent /foo/ http://www.example.com/bar/</pre>
<p>Ceci aura pour effet de rediriger tout chemin d'URL commençant par
laisser toutes les autres requêtes inchangées, utilisez la
configuration suivante :</p>
-<pre class="prettyprint lang-config">
- RedirectMatch permanent ^/$ http://www.example.com/startpage.html
- </pre>
+<pre class="prettyprint lang-config"> RedirectMatch permanent ^/$ http://www.example.com/startpage.html</pre>
<p>De même, pour rediriger temporairement toutes les pages d'un site
vers une page particulière d'un autre site, utilisez ce qui suit :</p>
-<pre class="prettyprint lang-config">
- RedirectMatch temp .* http://othersite.example.com/startpage.html
- </pre>
+<pre class="prettyprint lang-config"> RedirectMatch temp .* http://othersite.example.com/startpage.html</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="./images/up.gif" /></a></div>
<div class="section">
<code>/bar/</code> sur <code>internal.example.com</code>
et les renvoie au client comme s'ils appartenaient au serveur local.</p>
-<pre class="prettyprint lang-config">
-ProxyPass /foo/ http://internal.example.com/bar/<br />
+<pre class="prettyprint lang-config">ProxyPass /foo/ http://internal.example.com/bar/<br />
ProxyPassReverse /foo/ http://internal.example.com/bar/<br />
ProxyPassReverseCookieDomain internal.example.com public.example.com<br />
-ProxyPassReverseCookiePath /foo/ /bar/
-</pre>
+ProxyPassReverseCookiePath /foo/ /bar/</pre>
<p>La directive <code class="directive"><a href="./mod/mod_proxy.html#proxypass">ProxyPass</a></code> configure
d'utres contenus) situés dans la page au moment où elle est envoyée au
client en utilisant le module <code class="module"><a href="./mod/mod_substitute.html">mod_substitute</a></code>.</p>
-<pre class="prettyprint lang-config">
-Substitute s/internal\.example\.com/www.example.com/i
-</pre>
+<pre class="prettyprint lang-config">Substitute s/internal\.example\.com/www.example.com/i</pre>
<p>Le module <code class="module"><a href="./mod/mod_proxy_html.html">mod_proxy_html</a></code> rend possible une réécriture plus
<code>hosts</code> entries.</p>
</div>
- <pre class="prettyprint lang-config">
-# Ensure that Apache listens on port 80
+ <pre class="prettyprint lang-config"># Ensure that Apache listens on port 80
Listen 80
<VirtualHost *:80>
DocumentRoot /www/example1
ServerName www.example.org
# Other directives here
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>The asterisks match all addresses, so the main server serves no
will serve the "main" server, <code>server.example.com</code> and on the
other (<code>172.20.30.50</code>), we will serve two or more virtual hosts.</p>
- <pre class="prettyprint lang-config">
-Listen 80
+ <pre class="prettyprint lang-config">Listen 80
# This is the "main" server running on 172.20.30.40
ServerName server.example.com
ServerName www.example.org
# Other directives here ...
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>Any request to an address other than <code>172.20.30.50</code> will be
with the same content, with just one <code>VirtualHost</code>
section.</p>
- <pre class="prettyprint lang-config">
-<VirtualHost 192.168.1.1 172.20.30.40>
+ <pre class="prettyprint lang-config"><VirtualHost 192.168.1.1 172.20.30.40>
DocumentRoot /www/server1
ServerName server.example.com
ServerAlias server
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>Now requests from both networks will be served from the same
takes place after the best matching IP address and port combination
is determined.</p>
- <pre class="prettyprint lang-config">
-Listen 80
+ <pre class="prettyprint lang-config">Listen 80
Listen 8080
<VirtualHost 172.20.30.40:80>
<VirtualHost 172.20.30.40:8080>
ServerName www.example.org
DocumentRoot /www/otherdomain-8080
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<code>www.example.com</code> and <code>www.example.org</code>
respectively.</p>
- <pre class="prettyprint lang-config">
-Listen 80
+ <pre class="prettyprint lang-config">Listen 80
<VirtualHost 172.20.30.40>
DocumentRoot /www/example1
<VirtualHost 172.20.30.50>
DocumentRoot /www/example2
ServerName www.example.org
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>Requests for any address not specified in one of the
respectively. In each case, we want to run hosts on ports 80 and
8080.</p>
- <pre class="prettyprint lang-config">
-Listen 172.20.30.40:80
+ <pre class="prettyprint lang-config">Listen 172.20.30.40:80
Listen 172.20.30.40:8080
Listen 172.20.30.50:80
Listen 172.20.30.50:8080
<VirtualHost 172.20.30.50:8080>
DocumentRoot /www/example2-8080
ServerName www.example.org
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<p>Any address mentioned in the argument to a virtualhost that never
appears in another virtual host is a strictly IP-based virtual host.</p>
- <pre class="prettyprint lang-config">
-Listen 80
+ <pre class="prettyprint lang-config">Listen 80
<VirtualHost 172.20.30.40>
DocumentRoot /www/example1
ServerName www.example.com
<VirtualHost 172.20.30.60>
DocumentRoot /www/example5
ServerName www.example.gov
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
passed through, in case we are proxying multiple hostnames to a
single machine.</p>
- <pre class="prettyprint lang-config">
-<VirtualHost *:*>
+ <pre class="prettyprint lang-config"><VirtualHost *:*>
ProxyPreserveHost On
ProxyPass / http://192.168.111.2/
ProxyPassReverse / http://192.168.111.2/
ServerName hostname.example.com
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
port, <em>i.e.</em>, an address/port combination that is not used for
any other virtual host.</p>
- <pre class="prettyprint lang-config">
-<VirtualHost _default_:*>
+ <pre class="prettyprint lang-config"><VirtualHost _default_:*>
DocumentRoot /www/default
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>Using such a default vhost with a wildcard port effectively prevents
<p>Same as setup 1, but the server listens on several ports and we want
to use a second <code>_default_</code> vhost for port 80.</p>
- <pre class="prettyprint lang-config">
-<VirtualHost _default_:80>
+ <pre class="prettyprint lang-config"><VirtualHost _default_:80>
DocumentRoot /www/default80
# ...
</VirtualHost>
<VirtualHost _default_:*>
DocumentRoot /www/default
# ...
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>The default vhost for port 80 (which <em>must</em> appear before any
<p>We want to have a default vhost for port 80, but no other default
vhosts.</p>
- <pre class="prettyprint lang-config">
-<VirtualHost _default_:80>
+ <pre class="prettyprint lang-config"><VirtualHost _default_:80>
DocumentRoot /www/default
...
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>A request to an unspecified address on port 80 is served from the
(<code>172.20.30.50</code>) to the <code>VirtualHost</code>
directive.</p>
- <pre class="prettyprint lang-config">
-Listen 80
+ <pre class="prettyprint lang-config">Listen 80
ServerName www.example.com
DocumentRoot /www/example1
ServerName www.example.net
ServerAlias *.example.net
# ...
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>The vhost can now be accessed through the new address (as an
containing links with an URL prefix to the name-based virtual
hosts.</p>
- <pre class="prettyprint lang-config">
-<VirtualHost 172.20.30.40>
+ <pre class="prettyprint lang-config"><VirtualHost 172.20.30.40>
# primary vhost
DocumentRoot /www/subdomain
RewriteEngine On
RewriteEngine On
RewriteRule ^(/sub2/.*) /www/subdomain$1
# ...
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>Due to the <code class="directive"><a href="../mod/core.html#serverpath">ServerPath</a></code>
que sur la machine possédant ces entrées.</p>
</div>
- <pre class="prettyprint lang-config">
-# Apache doit écouter sur le port 80
+ <pre class="prettyprint lang-config"># Apache doit écouter sur le port 80
Listen 80
<VirtualHost *:80>
DocumentRoot /www/example1
ServerName www.example.org
# Autres directives ici
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
(<code>172.20.30.50</code>), deux serveurs virtuels (ou plus)
répondront.</p>
- <pre class="prettyprint lang-config">
-Listen 80
+ <pre class="prettyprint lang-config">Listen 80
# Serveur "principal" sur 172.20.30.40
ServerName server.example.com
ServerName www.example.org
# D'autres directives ici ...
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>Toute requête arrivant sur une autre adresse que
aux requêtes internes et externes, au moyen d'une seule section
<code>VirtualHost</code>.</p>
- <pre class="prettyprint lang-config">
-<VirtualHost 192.168.1.1 172.20.30.40>
+ <pre class="prettyprint lang-config"><VirtualHost 192.168.1.1 172.20.30.40>
DocumentRoot /www/server1
ServerName server.example.com
ServerAlias server
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>Ainsi, les requêtes en provenance de chacun des deux réseaux
la sélection de la meilleure correspondance du point de vue adresse
IP/port.</p>
- <pre class="prettyprint lang-config">
-Listen 80
+ <pre class="prettyprint lang-config">Listen 80
Listen 8080
<VirtualHost 172.20.30.40:80>
<VirtualHost 172.20.30.40:8080>
ServerName www.example.org
DocumentRoot /www/otherdomain-8080
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
et <code>172.20.30.50</code>) correspondant respectivement aux noms
<code>www.example.com</code> et <code>www.example.org</code>.</p>
- <pre class="prettyprint lang-config">
-Listen 80
+ <pre class="prettyprint lang-config">Listen 80
<VirtualHost 172.20.30.40>
DocumentRoot /www/example1
<VirtualHost 172.20.30.50>
DocumentRoot /www/example2
ServerName www.example.org
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>Les requêtes provenant d'adresses non spécifiées dans l'une des
Pour chacun d'eux, nous voulons un hébergement sur les ports 80
et 8080.</p>
- <pre class="prettyprint lang-config">
-Listen 172.20.30.40:80
+ <pre class="prettyprint lang-config">Listen 172.20.30.40:80
Listen 172.20.30.40:8080
Listen 172.20.30.50:80
Listen 172.20.30.50:8080
<VirtualHost 172.20.30.50:8080>
DocumentRoot /www/example2-8080
ServerName www.example.org
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
section un serveur virtuel sélectionnable uniquement en fonction de
son adresse IP.</p>
- <pre class="prettyprint lang-config">
-Listen 80
+ <pre class="prettyprint lang-config">Listen 80
<VirtualHost 172.20.30.40>
DocumentRoot /www/example1
ServerName www.example.com
<VirtualHost 172.20.30.60>
DocumentRoot /www/example5
ServerName www.example.gov
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
transfert, au cas où plusieurs noms de domaines cohabitent sur
une même machine.</p>
- <pre class="prettyprint lang-config">
-<VirtualHost *:*>
+ <pre class="prettyprint lang-config"><VirtualHost *:*>
ProxyPreserveHost On
ProxyPass / http://192.168.111.2/
ProxyPassReverse / http://192.168.111.2/
ServerName hostname.example.com
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
d'adresses IP ou de ports non connus, <em>c'est-à-dire</em>, d'un
couple adresse/port non traité par aucun autre serveur virtuel.</p>
- <pre class="prettyprint lang-config">
-<VirtualHost _default_:*>
+ <pre class="prettyprint lang-config"><VirtualHost _default_:*>
DocumentRoot /www/default
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>L'utilisation d'un tel serveur virtuel avec un joker pour le
le serveur écoute sur plusieurs ports et un second serveur virtuel
<code>_default_</code> pour le port 80 est ajouté.</p>
- <pre class="prettyprint lang-config">
-<VirtualHost _default_:80>
+ <pre class="prettyprint lang-config"><VirtualHost _default_:80>
DocumentRoot /www/default80
# ...
</VirtualHost>
<VirtualHost _default_:*>
DocumentRoot /www/default
# ...
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>Le serveur virtuel par défaut défini pour le port 80 (il doit
<p>Nous voulons créer un serveur virtuel par défaut seulement
pour le port 80.</p>
- <pre class="prettyprint lang-config">
-<VirtualHost _default_:80>
+ <pre class="prettyprint lang-config"><VirtualHost _default_:80>
DocumentRoot /www/default
...
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>Une requête vers une adresse non spécifiée sur le port 80
adresse IP (<code>172.20.30.50</code>) dans la directive
<code>VirtualHost</code>.</p>
- <pre class="prettyprint lang-config">
-Listen 80
+ <pre class="prettyprint lang-config">Listen 80
ServerName www.example.com
DocumentRoot /www/example1
ServerName www.example.net
ServerAlias *.example.net
# ...
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>Le serveur virtuel peut maintenant être joint par la nouvelle
des liens dont les URLs auront un préfixe identifiant les serveurs
virtuels par nom.</p>
- <pre class="prettyprint lang-config">
-<VirtualHost 172.20.30.40>
+ <pre class="prettyprint lang-config"><VirtualHost 172.20.30.40>
# serveur virtuel primaire
DocumentRoot /www/subdomain
RewriteEngine On
RewriteEngine On
RewriteRule ^(/sub2/.*) /www/subdomain$1
# ...
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>À cause de la directive
directive, and the <code>%v</code> variable. Add this to the beginning
of your log format string:</p>
-<pre class="prettyprint lang-config">
-LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost
-CustomLog logs/multiple_vhost_log vhost
-</pre>
+<pre class="prettyprint lang-config">LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost
+CustomLog logs/multiple_vhost_log vhost</pre>
<p>This will create a log file in the common log format, but with the
variable <code>%v</code>. Ajoutez cette variable au début de la chaîne
de définition du format de journalisations :</p>
-<pre class="prettyprint lang-config">
-LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost
-CustomLog logs/multiple_vhost_log vhost
-</pre>
+<pre class="prettyprint lang-config">LogFormat "%v %h %l %u %t \"%r\" %>s %b" vhost
+CustomLog logs/multiple_vhost_log vhost</pre>
<p>Cette configuration va provoquer la création d'un fichier de
configuration file to select which IP address (or virtual host)
that daemon services. e.g.</p>
- <pre class="prettyprint lang-config">
- Listen 192.0.2.100:80
- </pre>
+ <pre class="prettyprint lang-config"> Listen 192.0.2.100:80</pre>
<p>It is recommended that you use an IP address instead of a
configuration directives to different values for each virtual
host. e.g.</p>
- <pre class="prettyprint lang-config">
-<VirtualHost 172.20.30.40:80>
+ <pre class="prettyprint lang-config"><VirtualHost 172.20.30.40:80>
ServerAdmin webmaster@www1.example.com
DocumentRoot /www/vhosts/www1
ServerName www1.example.com
ServerName www2.example.org
ErrorLog /www/logs/www2/error_log
CustomLog /www/logs/www2/access_log combined
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>It is recommended that you use an IP address instead of a
de configuration pour définir l'adresse IP (ou serveur virtuel)
que le processus résident doit gérer. Par exemple :</p>
- <pre class="prettyprint lang-config">
- Listen 192.0.2.100:80
- </pre>
+ <pre class="prettyprint lang-config"> Listen 192.0.2.100:80</pre>
<p>Il est recommandé d'utiliser une adresse IP plutôt qu'un nom
<code class="directive"><a href="../mod/mod_log_config.html#customlog">CustomLog</a></code> avec des
valeurs différentes pour chaque serveur virtuel. Par exemple :</p>
- <pre class="prettyprint lang-config">
-<VirtualHost 172.20.30.40:80>
+ <pre class="prettyprint lang-config"><VirtualHost 172.20.30.40:80>
ServerAdmin webmaster@www1.example.com
DocumentRoot /www/vhosts/www1
ServerName www1.example.com
ServerName www2.example.org
ErrorLog /www/logs/www2/error_log
CustomLog /www/logs/www2/access_log combined
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>Il est recommandé d'utiliser une adresse IP plutôt qu'un nom
<code><VirtualHost></code> sections that are
substantially the same, for example:</p>
-<pre class="prettyprint lang-config">
-<VirtualHost 111.22.33.44>
+<pre class="prettyprint lang-config"><VirtualHost 111.22.33.44>
ServerName customer-1.example.com
DocumentRoot /www/hosts/customer-1.example.com/docs
ScriptAlias /cgi-bin/ /www/hosts/customer-1.example.com/cgi-bin
ServerName customer-N.example.com
DocumentRoot /www/hosts/customer-N.example.com/docs
ScriptAlias /cgi-bin/ /www/hosts/customer-N.example.com/cgi-bin
-</VirtualHost>
-</pre>
+</VirtualHost></pre>
<p>We wish to replace these multiple
virtual host arrangement outlined in the <a href="#motivation">Motivation</a> section above
using <code class="module"><a href="../mod/mod_vhost_alias.html">mod_vhost_alias</a></code>.</p>
-<pre class="prettyprint lang-config">
-# get the server name from the Host: header
+<pre class="prettyprint lang-config"># get the server name from the Host: header
UseCanonicalName Off
# this log format can be split per-virtual-host based on the first field
# include the server name in the filenames used to satisfy requests
VirtualDocumentRoot /www/hosts/%0/docs
-VirtualScriptAlias /www/hosts/%0/cgi-bin
-</pre>
+VirtualScriptAlias /www/hosts/%0/cgi-bin</pre>
<p>This configuration can be changed into an IP-based virtual
<code>/home/user/www</code>. It uses a single <code>cgi-bin</code>
directory instead of one per virtual host.</p>
-<pre class="prettyprint lang-config">
-UseCanonicalName Off
+<pre class="prettyprint lang-config">UseCanonicalName Off
LogFormat "%V %h %l %u %t \"%r\" %s %b" vcommon
CustomLog logs/access_log vcommon
VirtualDocumentRoot /home/%2/www
# single cgi-bin directory
-ScriptAlias /cgi-bin/ /www/std-cgi/
-</pre>
+ScriptAlias /cgi-bin/ /www/std-cgi/</pre>
<p>There are examples of more complicated
<code><VirtualHost></code> configuration sections, as shown
below.</p>
-<pre class="prettyprint lang-config">
-UseCanonicalName Off
+<pre class="prettyprint lang-config">UseCanonicalName Off
LogFormat "%V %h %l %u %t \"%r\" %s %b" vcommon
VirtualDocumentRoot /www/homepages/%0/docs
ScriptAlias /cgi-bin/ /www/std-cgi/
-</VirtualHost>
-</pre>
+</VirtualHost></pre>
<div class="note">
negating the need for a DNS lookup. Logging will also have to be adjusted
to fit this system.</p>
-<pre class="prettyprint lang-config">
-# get the server name from the reverse DNS of the IP address
+<pre class="prettyprint lang-config"># get the server name from the reverse DNS of the IP address
UseCanonicalName DNS
# include the IP address in the logs so they may be split
# include the IP address in the filenames
VirtualDocumentRootIP /www/hosts/%0/docs
-VirtualScriptAliasIP /www/hosts/%0/cgi-bin
-</pre>
+VirtualScriptAliasIP /www/hosts/%0/cgi-bin</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<code><VirtualHost></code> très semblables,
dans le style :</p>
-<pre class="prettyprint lang-config">
-<VirtualHost 111.22.33.44>
+<pre class="prettyprint lang-config"><VirtualHost 111.22.33.44>
ServerName customer-1.example.com
DocumentRoot /www/hosts/customer-1.example.com/docs
ScriptAlias /cgi-bin/ /www/hosts/customer-1.example.com/cgi-bin
ServerName customer-N.example.com
DocumentRoot /www/hosts/customer-N.example.com/docs
ScriptAlias /cgi-bin/ /www/hosts/customer-N.example.com/cgi-bin
-</VirtualHost>
-</pre>
+</VirtualHost></pre>
<p>Nous voulons remplacer toutes les configurations
l'hébergement virtuel décrit dans la section <a href="#motivation">À qui ce document est-il destiné ?</a> ci-dessus
en utilisant <code class="module"><a href="../mod/mod_vhost_alias.html">mod_vhost_alias</a></code>.</p>
-<pre class="prettyprint lang-config">
-# extrait le nom du serveur de l'en-tête Host:
+<pre class="prettyprint lang-config"># extrait le nom du serveur de l'en-tête Host:
UseCanonicalName Off
# ce format de journal peut être éclaté en journaux par serveur virtuel
# inclut le nom du serveur dans les noms de fichiers ressources
# nécessaires aux traitements des requêtes
VirtualDocumentRoot /www/hosts/%0/docs
-VirtualScriptAlias /www/hosts/%0/cgi-bin
-</pre>
+VirtualScriptAlias /www/hosts/%0/cgi-bin</pre>
<p>Pour changer cette configuration en solution de serveur virtuel
<code>cgi-bin</code> suffit pour l'ensemble des
serveurs virtuels.</p>
-<pre class="prettyprint lang-config">
-UseCanonicalName Off
+<pre class="prettyprint lang-config">UseCanonicalName Off
LogFormat "%V %h %l %u %t \"%r\" %s %b" vcommon
CustomLog logs/access_log vcommon
VirtualDocumentRoot /home/%2/www
# répertoire cgi-bin unique
-ScriptAlias /cgi-bin/ /www/std-cgi/
-</pre>
+ScriptAlias /cgi-bin/ /www/std-cgi/</pre>
<p>Vous trouverez des exemples plus élaborés d'utilisation de la
<code><VirtualHost></code> conventionnelles, comme indiqué
plus loin.</p>
-<pre class="prettyprint lang-config">
-UseCanonicalName Off
+<pre class="prettyprint lang-config">UseCanonicalName Off
LogFormat "%V %h %l %u %t \"%r\" %s %b" vcommon
VirtualDocumentRoot /www/homepages/%0/docs
ScriptAlias /cgi-bin/ /www/std-cgi/
-</VirtualHost>
-</pre>
+</VirtualHost></pre>
<div class="note">
la-même la nécessité d'une recherche DNS. La journalisation doit
aussi être adaptée pour fonctionner sur un tel système.</p>
-<pre class="prettyprint lang-config">
-# obtention du nom du serveur par recherche DNS inverse
+<pre class="prettyprint lang-config"># obtention du nom du serveur par recherche DNS inverse
# sur l'adresse IP
UseCanonicalName DNS
# insertion de l'adresse IP dans les noms de fichiers
VirtualDocumentRootIP /www/hosts/%0/docs
-VirtualScriptAliasIP /www/hosts/%0/cgi-bin
-</pre>
+VirtualScriptAliasIP /www/hosts/%0/cgi-bin</pre>
</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
<code><VirtualHost></code> bölümü içereceği zaman yapılacaklar ile
ilgilidir.</p>
-<pre>
-<VirtualHost 111.22.33.44>
+<pre><VirtualHost 111.22.33.44>
ServerName musteri-1.example.com
DocumentRoot /siteler/musteri-1/belgeler
ScriptAlias /cgi-bin/ /siteler/musteri-1/cgi-bin
ServerName musteri-N.example.com
DocumentRoot /siteler/musteri-N/belgeler
ScriptAlias /cgi-bin/ /siteler/musteri-N/cgi-bin
-</VirtualHost>
-</pre>
+</VirtualHost></pre>
<p>İsteğimiz çok sayıda <code><VirtualHost></code> bölümünü devingen
olarak çalışan tek bir <code><VirtualHost></code> bölümüyle
<code>other.example.com</code>, which points at the same IP address.
Then you simply add the following to <code>httpd.conf</code>:</p>
- <pre class="prettyprint lang-config">
-<VirtualHost *:80>
+ <pre class="prettyprint lang-config"><VirtualHost *:80>
# This first-listed virtual host is also the default for *:80
ServerName www.example.com
ServerAlias example.com
<VirtualHost *:80>
ServerName other.example.com
DocumentRoot /www/otherdomain
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>You can alternatively specify an explicit IP address in place of the
the listed names are other names which people can use to see that same
web site:</p>
- <pre class="prettyprint lang-config">
- ServerAlias example.com *.example.com
- </pre>
+ <pre class="prettyprint lang-config"> ServerAlias example.com *.example.com</pre>
<p>then requests for all hosts in the <code>example.com</code> domain will
la même adresse IP. Il vous suffit d'ajouter la configuration
suivante à <code>httpd.conf</code> :</p>
- <pre class="prettyprint lang-config">
-<VirtualHost *:80>
+ <pre class="prettyprint lang-config"><VirtualHost *:80>
# Le premier serveur virtuel de la liste est aussi le
# serveur par défaut pour *:80
ServerName www.example.com
<VirtualHost *:80>
ServerName other.example.com
DocumentRoot /www/otherdomain
-</VirtualHost>
- </pre>
+</VirtualHost></pre>
<p>Autrement, vous pouvez spécifiez une adresse IP explicite
indique aux utilisateurs les autres noms permis pour accéder au
même site Web :</p>
- <pre class="prettyprint lang-config">
- ServerAlias example.com *.example.com
- </pre>
+ <pre class="prettyprint lang-config"> ServerAlias example.com *.example.com</pre>
<p>ainsi, toutes les requêtes portant sur un domaine
projects / apache / commitdiff