From 4095b908d893b2fca0700bb430faf6bb378aa877 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Andr=C3=A9=20Malo?= Date: Fri, 17 Jan 2003 01:58:23 +0000 Subject: [PATCH] add and update transformation of mod_authz_owner docs. MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Sorry, forgot to mention: Reviewed by: Joshua Slive, Astrid Ke�ler git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@98301 13f79535-47bb-0310-9956-ffa450edef68 --- docs/manual/mod/directives.html.en | 1 + docs/manual/mod/index.html.en | 1 + docs/manual/mod/mod_authz_owner.html.en | 176 +++++++ docs/manual/mod/quickreference.html.en | 640 ++++++++++++------------ docs/manual/sitemap.html.en | 1 + 5 files changed, 500 insertions(+), 319 deletions(-) create mode 100644 docs/manual/mod/mod_authz_owner.html.en diff --git a/docs/manual/mod/directives.html.en b/docs/manual/mod/directives.html.en index 91c2d9c58f..f4c0f8806f 100644 --- a/docs/manual/mod/directives.html.en +++ b/docs/manual/mod/directives.html.en @@ -101,6 +101,7 @@
  • AuthzDBMType
  • AuthzDefaultAuthoritative
  • AuthzGroupFileAuthoritative
    • +
  • AuthzOwnerAuthoritative
  • AuthzUserAuthoritative
  • BrowserMatch
  • BrowserMatchNoCase
    • diff --git a/docs/manual/mod/index.html.en b/docs/manual/mod/index.html.en index dc94089ba6..2a57b516ea 100644 --- a/docs/manual/mod/index.html.en +++ b/docs/manual/mod/index.html.en @@ -80,6 +80,7 @@ for HTTP Basic authentication.
    mod_authz_groupfile
    Group authorization using plaintext files
    mod_authz_host
    Group authorizations based on host (name or IP address)
    +
    mod_authz_owner
    Authorization based on file ownership
    mod_authz_user
    User Authorization
    mod_autoindex
    Generates directory indexes, automatically, similar to the Unix ls command or the diff --git a/docs/manual/mod/mod_authz_owner.html.en b/docs/manual/mod/mod_authz_owner.html.en new file mode 100644 index 0000000000..946ea46128 --- /dev/null +++ b/docs/manual/mod/mod_authz_owner.html.en @@ -0,0 +1,176 @@ + + + +mod_authz_owner - Apache HTTP Server + + + + + +
    +

    Modules | Directives | FAQ | Glossary | Sitemap

    +

    Apache HTTP Server Version 2.1

    +
    +
    <-
    + +
    +

    Apache Module mod_authz_owner

    + + + + +
    Description:Authorization based on file ownership
    Status:Extension
    Module Identifier:authz_owner_module
    Source File:mod_authz_owner.c
    Compatibility:Available in Apache 2.1 and later
    +

    Summary

    + +

    This module authorizes access to files by comparing the userid used + for HTTP authentication (the web userid) with the file-system owner or + group of the requested file. The supplied username and password + must be already properly verified by an authentication module, + such as mod_auth_basic or + mod_auth_digest. mod_authz_owner + recognizes two arguments for the Require directive, file-owner and + file-group, as follows:

    + +
    +
    file-owner
    +
    The supplied web-username must match the system's name for the + owner of the file being requested. That is, if the operating system + says the requested file is owned by jones, then the + username used to access it through the web must be jones + as well.
    + +
    file-group
    +
    The name of the system group that owns the file must be present + in a group database, which is provided, for example, by mod_authz_groupfile or mod_authz_dbm, + and the web-username must be a member of that group. For example, if + the operating system says the requested file is owned by (system) + group accounts, the group accounts must + appear in the group database and the web-username used in the request + must be a member of that group.
    +
    + +

    Note

    +

    If mod_authz_owner is used in order to authorize + a resource that is not actually present in the filesystem + (i.e. a virtual resource), it will deny the access.

    + +

    Particularly it will never authorize content negotiated + "MultiViews" resources.

    +
    +
    +

    Directives

    + +

    Topics

    +

    See also

    +
    +
    top
    +
    +

    Configuration Examples

    + +

    Require file-owner

    +

    Consider a multi-user system running the Apache Web server, with + each user having his or her own files in ~/public_html/private. Assuming that there is a single + AuthDBMUserFile database + that lists all of their web-usernames, and that these usernames match + the system's usernames that actually own the files on the server, then + the following stanza would allow only the user himself access to his + own files. User jones would not be allowed to access + files in /home/smith/public_html/private unless they + were owned by jones instead of smith.

    + +

    + <Directory /home/*/public_html/private>
    + + AuthType Basic
    + AuthName MyPrivateFiles
    + AuthBasicProvider dbm
    + AuthDBMUserFile /usr/local/apache2/etc/.htdbm-all
    + Satisfy All
    + Require file-owner
    +     + </Directory> +

    + + +

    Require file-group

    +

    Consider a system similar to the one described above, but with + some users that share their project files in + ~/public_html/project-foo. The files are owned by the + system group foo and there is a single AuthDBMGroupFile database that + contains all of the web-usernames and their group membership, + i.e. they must be at least member of a group named + foo. So if jones and smith + are both member of the group foo, then both will be + authorized to access the project-foo directories of + each other.

    + +

    + <Directory /home/*/public_html/project-foo>
    + + AuthType Basic
    + AuthName "Project Foo Files"
    + AuthBasicProvider dbm
    +
    + # combined user/group database
    + AuthDBMUserFile /usr/local/apache2/etc/.htdbm-all
    + AuthDBMGroupFile /usr/local/apache2/etc/.htdbm-all
    +
    + Satisfy All
    + Require file-group
    +     + </Directory> +

    + +
    +
    top
    +

    AuthzOwnerAuthoritative Directive

    + + + + + + + + +
    Description:Sets whether authorization will be passed on to lower level +modules
    Syntax:AuthzOwnerAuthoritative On|Off
    Default:AuthzOwnerAuthoritative On
    Context:directory, .htaccess
    Override:AuthConfig
    Status:Extension
    Module:mod_authz_owner
    +

    Setting the AuthzOwnerAuthoritative + directive explicitly to Off allows for + user authorization to be passed on to lower level modules (as defined + in the modules.c files) if:

    + +
      +
    • in the case of file-owner the file-system owner does not + match the supplied web-username or could not be determined, or
      • + +
    • in the case of file-group the file-system group does not + contain the supplied web-username or could not be determined.
      • +
    + +

    Note that setting the value to Off also allows the + combination of file-owner and file-group, so + access will be allowed if either one or the other (or both) match.

    + +

    By default, control is not passed on and an authorization failure + will result in an "Authentication Required" reply. Not + setting it to Off thus keeps the system secure and forces + an NCSA compliant behaviour.

    + +
    +
    + + \ No newline at end of file diff --git a/docs/manual/mod/quickreference.html.en b/docs/manual/mod/quickreference.html.en index c8282edb6f..bb281c64da 100644 --- a/docs/manual/mod/quickreference.html.en +++ b/docs/manual/mod/quickreference.html.en @@ -179,504 +179,506 @@ store passwords modules AuthzGroupFileAuthoritative On|Off On dhBSets whether authorization will be passed on to lower level modules -AuthzUserAuthoritative On|Off On dhBSets whether authorization will be passed on to lower level +AuthzOwnerAuthoritative On|Off On dhESets whether authorization will be passed on to lower level modules -BrowserMatch regex [!]env-variable[=value] -[[!]env-variable[=value]] ...svdhBSets environment variables conditional on HTTP User-Agent +AuthzUserAuthoritative On|Off On dhBSets whether authorization will be passed on to lower level +modules +BrowserMatch regex [!]env-variable[=value] +[[!]env-variable[=value]] ...svdhBSets environment variables conditional on HTTP User-Agent -BrowserMatchNoCase regex [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhBSets environment variables conditional on User-Agent without +BrowserMatchNoCase regex [!]env-variable[=value] + [[!]env-variable[=value]] ...svdhBSets environment variables conditional on User-Agent without respect to case -BS2000Account accountsMDefine the non-privileged account on BS2000 +BS2000Account accountsMDefine the non-privileged account on BS2000 machines -CacheDefaultExpire seconds 3600 (one hour) svXThe default duration to cache a document when no expiry date is specified. -CacheDirLength length 2 svXThe number of characters in subdirectory names -CacheDirLevels levels 3 svXThe number of levels of subdirectories in the +CacheDefaultExpire seconds 3600 (one hour) svXThe default duration to cache a document when no expiry date is specified. +CacheDirLength length 2 svXThe number of characters in subdirectory names +CacheDirLevels levels 3 svXThe number of levels of subdirectories in the cache. -CacheDisable url-stringsvXDisable caching of specified URLs -CacheEnable cache_type url-stringsvXEnable caching of specified URLs using a specified storage +CacheDisable url-stringsvXDisable caching of specified URLs +CacheEnable cache_type url-stringsvXEnable caching of specified URLs using a specified storage manager -CacheExpiryCheck On|Off On svXIndicates if the cache observes Expires dates when seeking +CacheExpiryCheck On|Off On svXIndicates if the cache observes Expires dates when seeking files -CacheFile file-path [file-path] ...sXCache a list of file handles at startup time -CacheForceCompletion Percentage 60 svXPercentage of document served, after which the server +CacheFile file-path [file-path] ...sXCache a list of file handles at startup time +CacheForceCompletion Percentage 60 svXPercentage of document served, after which the server will complete caching the file even if the request is cancelled. -CacheGcClean hours url-string ? svXThe time to retain unchanged cached files that match a +CacheGcClean hours url-string ? svXThe time to retain unchanged cached files that match a URL -CacheGcDaily time ? svXThe recurring time each day for garbage collection to be run. +CacheGcDaily time ? svXThe recurring time each day for garbage collection to be run. (24 hour clock) -CacheGcInterval hourssvXThe interval between garbage collection attempts. -CacheGcMemUsage KBytes ? svXThe maximum kilobytes of memory used for garbage +CacheGcInterval hourssvXThe interval between garbage collection attempts. +CacheGcMemUsage KBytes ? svXThe maximum kilobytes of memory used for garbage collection -CacheGcUnused hours url-string ? svXThe time to retain unreferenced cached files that match a +CacheGcUnused hours url-string ? svXThe time to retain unreferenced cached files that match a URL. -CacheIgnoreCacheControl On|Off Off svXIgnore the fact that the client requested the content not be +CacheIgnoreCacheControl On|Off Off svXIgnore the fact that the client requested the content not be cached. -CacheIgnoreNoLastMod On|Off Off svXIgnore the fact that a response has no Last Modified +CacheIgnoreNoLastMod On|Off Off svXIgnore the fact that a response has no Last Modified header. -CacheLastModifiedFactor float 0.1 svXThe factor used to compute an expiry date based on the +CacheLastModifiedFactor float 0.1 svXThe factor used to compute an expiry date based on the LastModified date. -CacheMaxExpire seconds 86400 (one day) svXThe maximum time in seconds to cache a document -CacheMaxFileSize bytes 1000000 svXThe maximum size (in bytes) of a document to be placed in the +CacheMaxExpire seconds 86400 (one day) svXThe maximum time in seconds to cache a document +CacheMaxFileSize bytes 1000000 svXThe maximum size (in bytes) of a document to be placed in the cache -CacheMinFileSize bytes 1 svXThe minimum size (in bytes) of a document to be placed in the +CacheMinFileSize bytes 1 svXThe minimum size (in bytes) of a document to be placed in the cache -CacheNegotiatedDocs On|Off Off svBAllows content-negotiated documents to be +CacheNegotiatedDocs On|Off Off svBAllows content-negotiated documents to be cached by proxy servers -CacheRoot directorysvXThe directory root under which cache files are +CacheRoot directorysvXThe directory root under which cache files are stored -CacheSize KBytes 1000000 svXThe maximum amount of disk space that will be used by the +CacheSize KBytes 1000000 svXThe maximum amount of disk space that will be used by the cache in KBytes -CacheTimeMargin ? ? svXThe minimum time margin to cache a document -CGIMapExtension cgi-path .extensiondhCTechnique for locating the interpreter for CGI +CacheTimeMargin ? ? svXThe minimum time margin to cache a document +CGIMapExtension cgi-path .extensiondhCTechnique for locating the interpreter for CGI scripts -CharsetDefault charsetsvdhXCharset to translate into -CharsetOptions option [option] ... DebugLevel=0 NoImpl +svdhXConfigures charset translation behavior -CharsetSourceEnc charsetsvdhXSource charset of files -CheckSpelling on|off Off svdhEEnables the spelling +CharsetDefault charsetsvdhXCharset to translate into +CharsetOptions option [option] ... DebugLevel=0 NoImpl +svdhXConfigures charset translation behavior +CharsetSourceEnc charsetsvdhXSource charset of files +CheckSpelling on|off Off svdhEEnables the spelling module -ChildPerUserID user-id group-id -num-childrensMSpecify user ID and group ID for a number of child +ChildPerUserID user-id group-id +num-childrensMSpecify user ID and group ID for a number of child processes -ContentDigest On|Off Off svdhCEnables the generation of Content-MD5 HTTP Response +ContentDigest On|Off Off svdhCEnables the generation of Content-MD5 HTTP Response headers -CookieDomain domainsvdhEThe domain to which the tracking cookie applies -CookieExpires expiry-periodsvdhEExpiry time for the tracking cookie -CookieLog filenamesvBSets filename for the logging of cookies -CookieName token Apache svdhEName of the tracking cookie -CookieStyle - Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape svdhEFormat of the cookie header field -CookieTracking on|off off svdhEEnables tracking cookie -CoreDumpDirectory directorysMDirectory where Apache attempts to +CookieDomain domainsvdhEThe domain to which the tracking cookie applies +CookieExpires expiry-periodsvdhEExpiry time for the tracking cookie +CookieLog filenamesvBSets filename for the logging of cookies +CookieName token Apache svdhEName of the tracking cookie +CookieStyle + Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape svdhEFormat of the cookie header field +CookieTracking on|off off svdhEEnables tracking cookie +CoreDumpDirectory directorysMDirectory where Apache attempts to switch before dumping core -CustomLog file|pipe +CustomLog file|pipe format|nickname -[env=[!]environment-variable]svBSets filename and format of log file -Dav On|Off|provider-name Off dEEnable WebDAV HTTP methods -DavDepthInfinity on|off off svdEAllow PROPFIND, Depth: Infinity requests -DavLockDB file-pathsvELocation of the DAV lock database -DavMinTimeout seconds 0 svdEMinimum amount of time the server holds a lock on +[env=[!]environment-variable]svBSets filename and format of log file +Dav On|Off|provider-name Off dEEnable WebDAV HTTP methods +DavDepthInfinity on|off off svdEAllow PROPFIND, Depth: Infinity requests +DavLockDB file-pathsvELocation of the DAV lock database +DavMinTimeout seconds 0 svdEMinimum amount of time the server holds a lock on a DAV resource -DefaultIcon url-pathsvdhBIcon to display for files when no specific icon is +DefaultIcon url-pathsvdhBIcon to display for files when no specific icon is configured -DefaultLanguage MIME-langsvdhBSets all files in the given scope to the specified +DefaultLanguage MIME-langsvdhBSets all files in the given scope to the specified language -DefaultType MIME-type text/plain svdhCMIME content-type that will be sent if the +DefaultType MIME-type text/plain svdhCMIME content-type that will be sent if the server cannot determine a type in any other way -DeflateBufferSize value 8096 svEFragment size to be compressed at one time by zlib -DeflateFilterNote [type] notenamesvEPlaces the compression ratio in a note for logging -DeflateMemLevel value 9 svEHow much memory should be used by zlib for compression -DeflateWindowSize value 15 svEZlib compression window size - Deny from all|host|env=env-variable -[host|env=env-variable] ...dhBControls which hosts are denied access to the +DeflateBufferSize value 8096 svEFragment size to be compressed at one time by zlib +DeflateFilterNote [type] notenamesvEPlaces the compression ratio in a note for logging +DeflateMemLevel value 9 svEHow much memory should be used by zlib for compression +DeflateWindowSize value 15 svEZlib compression window size + Deny from all|host|env=env-variable +[host|env=env-variable] ...dhBControls which hosts are denied access to the server -<Directory directory-path> -... </Directory>svCEnclose a group of directives that apply only to the +<Directory directory-path> +... </Directory>svCEnclose a group of directives that apply only to the named file-system directory and sub-directories -DirectoryIndex - local-url [local-url] ... index.html svdhBList of resources to look for when the client requests +DirectoryIndex + local-url [local-url] ... index.html svdhBList of resources to look for when the client requests a directory -<DirectoryMatch regex> -... </DirectoryMatch>svCEnclose directives that apply to +<DirectoryMatch regex> +... </DirectoryMatch>svCEnclose directives that apply to file-system directories matching a regular expression and their subdirectories -DocumentRoot directory-path /usr/local/apache/h +svCDirectory that forms the main document tree visible +DocumentRoot directory-path /usr/local/apache/h +svCDirectory that forms the main document tree visible from the web -EnableMMAP On|Off On svdhCUse memory-mapping to read files during delivery -EnableSendfile On|Off On svdhCUse the kernel sendfile support to deliver files to the client -ErrorDocument error-code documentsvdhCWhat the server will return to the client +EnableMMAP On|Off On svdhCUse memory-mapping to read files during delivery +EnableSendfile On|Off On svdhCUse the kernel sendfile support to deliver files to the client +ErrorDocument error-code documentsvdhCWhat the server will return to the client in case of an error - ErrorLog file-path|syslog[:facility] logs/error_log (Uni +svCLocation where the server will log errors -ExamplesvdhXDemonstration directive to illustrate the Apache module + ErrorLog file-path|syslog[:facility] logs/error_log (Uni +svCLocation where the server will log errors +ExamplesvdhXDemonstration directive to illustrate the Apache module API -ExpiresActive On|OffsvdhEEnables generation of Expires +ExpiresActive On|OffsvdhEEnables generation of Expires headers -ExpiresByType MIME-type -<code>secondssvdhEValue of the Expires header configured +ExpiresByType MIME-type +<code>secondssvdhEValue of the Expires header configured by MIME type -ExpiresDefault <code>secondssvdhEDefault algorithm for calculating expiration time -ExtendedStatus On|Off Off sBKeep track of extended status information for each +ExpiresDefault <code>secondssvdhEDefault algorithm for calculating expiration time +ExtendedStatus On|Off Off sBKeep track of extended status information for each request -ExtFilterDefine filtername parameterssEDefine an external filter -ExtFilterOptions option [option] ... DebugLevel=0 NoLogS +dEConfigure mod_ext_filter options -FileETag component ... INode MTime Size svdhCFile attributes used to create the ETag +ExtFilterDefine filtername parameterssEDefine an external filter +ExtFilterOptions option [option] ... DebugLevel=0 NoLogS +dEConfigure mod_ext_filter options +FileETag component ... INode MTime Size svdhCFile attributes used to create the ETag HTTP response header -<Files filename> ... </Files>svdhCContains directives that apply to matched +<Files filename> ... </Files>svdhCContains directives that apply to matched filenames -<FilesMatch regex> ... </FilesMatch>svdhCContains directives that apply to regular-expression matched +<FilesMatch regex> ... </FilesMatch>svdhCContains directives that apply to regular-expression matched filenames -ForceLanguagePriority None|Prefer|Fallback [Prefer|Fallback] Prefer svdhBAction to take if a single acceptable document is not +ForceLanguagePriority None|Prefer|Fallback [Prefer|Fallback] Prefer svdhBAction to take if a single acceptable document is not found -ForceType MIME-type|nonedhCForces all matching files to be served with the specified +ForceType MIME-type|nonedhCForces all matching files to be served with the specified MIME content-type -Group unix-group #-1 sMGroup under which the server will answer +Group unix-group #-1 sMGroup under which the server will answer requests -Header set|append|add|unset|echo header -[value [env=[!]variable]]svdhEConfigure HTTP response headers -HeaderName filenamesvdhBName of the file that will be inserted at the top +Header set|append|add|unset|echo header +[value [env=[!]variable]]svdhEConfigure HTTP response headers +HeaderName filenamesvdhBName of the file that will be inserted at the top of the index listing -HostnameLookups On|Off|Double Off svdCEnables DNS lookups on client IP addresses -IdentityCheck On|Off Off svdCEnables logging of the RFC1413 identity of the remote +HostnameLookups On|Off|Double Off svdCEnables DNS lookups on client IP addresses +IdentityCheck On|Off Off svdCEnables logging of the RFC1413 identity of the remote user -<IfDefine [!]parameter-name> ... - </IfDefine>svdhCEncloses directives that will be processed only +<IfDefine [!]parameter-name> ... + </IfDefine>svdhCEncloses directives that will be processed only if a test is true at startup -<IfModule [!]module-name> ... - </IfModule>svdhCEncloses directives that are processed conditional on the +<IfModule [!]module-name> ... + </IfModule>svdhCEncloses directives that are processed conditional on the presence or absence of a specific module -ImapBase map|referer|URL http://servername/ svdhBDefault base for imagemap files -ImapDefault error|nocontent|map|referer|URL nocontent svdhBDefault action when an imagemap is called with coordinates +ImapBase map|referer|URL http://servername/ svdhBDefault base for imagemap files +ImapDefault error|nocontent|map|referer|URL nocontent svdhBDefault action when an imagemap is called with coordinates that are not explicitly mapped -ImapMenu none|formatted|semiformatted|unformattedsvdhBAction if no coordinates are given when calling +ImapMenu none|formatted|semiformatted|unformattedsvdhBAction if no coordinates are given when calling an imagemap -Include file-path|directory-pathsvdCIncludes other configuration files from within +Include file-path|directory-pathsvdCIncludes other configuration files from within the server configuration files -IndexIgnore file [file] ...svdhBAdds to the list of files to hide when listing +IndexIgnore file [file] ...svdhBAdds to the list of files to hide when listing a directory -IndexOptions [+|-]option [[+|-]option] -...svdhBVarious configuration settings for directory +IndexOptions [+|-]option [[+|-]option] +...svdhBVarious configuration settings for directory indexing -IndexOrderDefault Ascending|Descending -Name|Date|Size|Description Ascending Name svdhBSets the default ordering of the directory index -ISAPIAppendLogToErrors on|off off svdhBRecord HSE_APPEND_LOG_PARAMETER requests from +IndexOrderDefault Ascending|Descending +Name|Date|Size|Description Ascending Name svdhBSets the default ordering of the directory index +ISAPIAppendLogToErrors on|off off svdhBRecord HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the error log -ISAPIAppendLogToQuery on|off on svdhBRecord HSE_APPEND_LOG_PARAMETER requests from +ISAPIAppendLogToQuery on|off on svdhBRecord HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the query field -ISAPICacheFile file-path [file-path] -...svBISAPI .dll files to be loaded at startup -ISAPIFakeAsync on|off off svdhBFake asynchronous support for ISAPI callbacks -ISAPILogNotSupported on|off off svdhBLog unsupported feature requests from ISAPI +ISAPICacheFile file-path [file-path] +...svBISAPI .dll files to be loaded at startup +ISAPIFakeAsync on|off off svdhBFake asynchronous support for ISAPI callbacks +ISAPILogNotSupported on|off off svdhBLog unsupported feature requests from ISAPI extensions -ISAPIReadAheadBuffer size 49152 svdhBSize of the Read Ahead Buffer sent to ISAPI +ISAPIReadAheadBuffer size 49152 svdhBSize of the Read Ahead Buffer sent to ISAPI extensions -KeepAlive On|Off On svCEnables HTTP persistent connections -KeepAliveTimeout seconds 15 svCAmount of time the server will wait for subsequent +KeepAlive On|Off On svCEnables HTTP persistent connections +KeepAliveTimeout seconds 15 svCAmount of time the server will wait for subsequent requests on a persistent connection -LanguagePriority MIME-lang [MIME-lang] -...svdhBThe precendence of language variants for cases where +LanguagePriority MIME-lang [MIME-lang] +...svdhBThe precendence of language variants for cases where the client does not express a preference -LDAPCacheEntries number 1024 sXMaximum number of entires in the primary LDAP cache -LDAPCacheTTL seconds 600 sXTime that cached items remain valid -LDAPCertDBPath directory-pathsXDirectory containing certificates for SSL support -LDAPOpCacheEntries number 1024 sXNumber of entries used to cache LDAP compare +LDAPCacheEntries number 1024 sXMaximum number of entires in the primary LDAP cache +LDAPCacheTTL seconds 600 sXTime that cached items remain valid +LDAPCertDBPath directory-pathsXDirectory containing certificates for SSL support +LDAPOpCacheEntries number 1024 sXNumber of entries used to cache LDAP compare operations -LDAPOpCacheTTL seconds 600 sXTime that entries in the operation cache remain +LDAPOpCacheTTL seconds 600 sXTime that entries in the operation cache remain valid -LDAPSharedCacheSize bytes 102400 sXSize in bytes of the shared-memory cache -<Limit method [method] ... > ... - </Limit>svdhCRestrict enclosed access controls to only certain HTTP +LDAPSharedCacheSize bytes 102400 sXSize in bytes of the shared-memory cache +<Limit method [method] ... > ... + </Limit>svdhCRestrict enclosed access controls to only certain HTTP methods -<LimitExcept method [method] ... > ... - </LimitExcept>svdhCRestrict access controls to all HTTP methods +<LimitExcept method [method] ... > ... + </LimitExcept>svdhCRestrict access controls to all HTTP methods except the named ones -LimitRequestBody bytes 0 svdhCRestricts the total size of the HTTP request body sent +LimitRequestBody bytes 0 svdhCRestricts the total size of the HTTP request body sent from the client -LimitRequestFields number 100 sCLimits the number of HTTP request header fields that +LimitRequestFields number 100 sCLimits the number of HTTP request header fields that will be accepted from the client -LimitRequestFieldsize bytessCLimits the size of the HTTP request header allowed from the +LimitRequestFieldsize bytessCLimits the size of the HTTP request header allowed from the client -LimitRequestLine bytes 8190 sCLimit the size of the HTTP request line that will be accepted +LimitRequestLine bytes 8190 sCLimit the size of the HTTP request line that will be accepted from the client -LimitXMLRequestBody bytes 1000000 svdhCLimits the size of an XML-based request body -Listen [IP-address:]portnumbersMIP addresses and ports that the server +LimitXMLRequestBody bytes 1000000 svdhCLimits the size of an XML-based request body +Listen [IP-address:]portnumbersMIP addresses and ports that the server listens to -ListenBacklog backlogsMMaximum length of the queue of pending connections -LoadFile filename [filename] ...sELink in the named object file or library -LoadModule module filenamesELinks in the object file or library, and adds to the list +ListenBacklog backlogsMMaximum length of the queue of pending connections +LoadFile filename [filename] ...sELink in the named object file or library +LoadModule module filenamesELinks in the object file or library, and adds to the list of active modules -<Location - URL-path|URL> ... </Location>svCApplies the enclosed directives only to matching +<Location + URL-path|URL> ... </Location>svCApplies the enclosed directives only to matching URLs -<LocationMatch - regex> ... </LocationMatch>svCApplies the enclosed directives only to regular-expression +<LocationMatch + regex> ... </LocationMatch>svCApplies the enclosed directives only to regular-expression matching URLs -LockFile filename logs/accept.lock sMLocation of the accept serialization lock file -LogFormat format|nickname -[nickname] "%h %l %u %t \"%r\" +svBDescribes a format for use in a log file -LogLevel level warn svCControls the verbosity of the ErrorLog -MaxClients numbersMMaximum number of child processes that will be created +LockFile filename logs/accept.lock sMLocation of the accept serialization lock file +LogFormat format|nickname +[nickname] "%h %l %u %t \"%r\" +svBDescribes a format for use in a log file +LogLevel level warn svCControls the verbosity of the ErrorLog +MaxClients numbersMMaximum number of child processes that will be created to serve requests -MaxKeepAliveRequests number 100 svCNumber of requests allowed on a persistent +MaxKeepAliveRequests number 100 svCNumber of requests allowed on a persistent connection -MaxMemFree KBytes 0 sMMaximum amount of memory that the main allocator is allowed +MaxMemFree KBytes 0 sMMaximum amount of memory that the main allocator is allowed to hold without calling free() -MaxRequestsPerChild number 10000 sMLimit on the number of requests that an individual child server +MaxRequestsPerChild number 10000 sMLimit on the number of requests that an individual child server will handle during its life -MaxRequestsPerThread number 0 sMLimit on the number of requests that an individual thread +MaxRequestsPerThread number 0 sMLimit on the number of requests that an individual thread will handle during its life -MaxSpareServers number
     10 sMMaximum number of idle child server processes -MaxSpareThreads numbersMMaximum number of idle threads -MaxThreads number 2048 sMSet the maximum number of worker threads -MaxThreadsPerChild number 64 sMMaximum number of threads per child process -MCacheMaxObjectCount value 1009 sXThe maximum number of objects allowed to be placed in the +MaxSpareServers number
     10 sMMaximum number of idle child server processes +MaxSpareThreads numbersMMaximum number of idle threads +MaxThreads number 2048 sMSet the maximum number of worker threads +MaxThreadsPerChild number 64 sMMaximum number of threads per child process +MCacheMaxObjectCount value 1009 sXThe maximum number of objects allowed to be placed in the cache -MCacheMaxObjectSize bytes 10000 sXThe maximum size (in bytes) of a document allowed in the +MCacheMaxObjectSize bytes 10000 sXThe maximum size (in bytes) of a document allowed in the cache -MCacheMaxStreamingBuffer size_in_bytes the smaller of 1000 +sXMaximum amount of a streamed response to buffer in memory +MCacheMaxStreamingBuffer size_in_bytes the smaller of 1000 +sXMaximum amount of a streamed response to buffer in memory before declaring the response uncacheable -MCacheMinObjectSize bytes 0 sXThe minimum size (in bytes) of a document to be allowed in the +MCacheMinObjectSize bytes 0 sXThe minimum size (in bytes) of a document to be allowed in the cache -MCacheRemovalAlgorithm LRU|GDSF GDSF sXThe algorithm used to select documents for removal from the +MCacheRemovalAlgorithm LRU|GDSF GDSF sXThe algorithm used to select documents for removal from the cache -MCacheSize KBytes 100 sXThe maximum amount of memory used by the cache in +MCacheSize KBytes 100 sXThe maximum amount of memory used by the cache in KBytes -MetaDir directory .web svdhEName of the directory to find CERN-style meta information +MetaDir directory .web svdhEName of the directory to find CERN-style meta information files -MetaFiles on|off off svdhEActivates CERN meta-file processing -MetaSuffix suffix .meta svdhEFile name suffix for the file containg CERN-style +MetaFiles on|off off svdhEActivates CERN meta-file processing +MetaSuffix suffix .meta svdhEFile name suffix for the file containg CERN-style meta information -MimeMagicFile file-pathsvEEnable MIME-type determination based on file contents +MimeMagicFile file-pathsvEEnable MIME-type determination based on file contents using the specified magic file -MinSpareServers number 5 sMMinimum number of idle child server processes -MinSpareThreads numbersMMinimum number of idle threads available to handle request +MinSpareServers number 5 sMMinimum number of idle child server processes +MinSpareThreads numbersMMinimum number of idle threads available to handle request spikes -MMapFile file-path [file-path] ...sXMap a list of files into memory at startup time -ModMimeUsePathInfo On|Off Off dBTells mod_mime to treat path_info +MMapFile file-path [file-path] ...sXMap a list of files into memory at startup time +ModMimeUsePathInfo On|Off Off dBTells mod_mime to treat path_info components as part of the filename -MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers -[Handlers|Filters] NegotiatedOnly svdhBThe types of files that will be included when searching for +MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers +[Handlers|Filters] NegotiatedOnly svdhBThe types of files that will be included when searching for a matching file with MultiViews -NameVirtualHost addr[:port]sCDesignates an IP address for name-virtual +NameVirtualHost addr[:port]sCDesignates an IP address for name-virtual hosting -NoProxy host [host] ...svEHosts, domains, or networks that will be connected +NoProxy host [host] ...svEHosts, domains, or networks that will be connected to directly -NumServers number 2 sMTotal number of children alive at the same time -Options - [+|-]option [[+|-]option] ... All svdhCConfigures what features are available in a particular +NumServers number 2 sMTotal number of children alive at the same time +Options + [+|-]option [[+|-]option] ... All svdhCConfigures what features are available in a particular directory - Order ordering Deny,Allow dhBControls the default access state and the order in which + Order ordering Deny,Allow dhBControls the default access state and the order in which Allow and Deny are evaluated. -PassEnv env-variable [env-variable] -...svdhBPasses environment variables from the shell -PidFile filename logs/httpd.pid sMFile where the server records the process ID +PassEnv env-variable [env-variable] +...svdhBPasses environment variables from the shell +PidFile filename logs/httpd.pid sMFile where the server records the process ID of the daemon -ProtocolEcho On|OffsvXTurn the echo server on or off -<Proxy wildcard-url> ...</Proxy>svEContainer for directives applied to proxied +ProtocolEcho On|OffsvXTurn the echo server on or off +<Proxy wildcard-url> ...</Proxy>svEContainer for directives applied to proxied resources -ProxyBlock *|word|host|domain -[word|host|domain] ...svEWords, hosts, or domains that are banned from being +ProxyBlock *|word|host|domain +[word|host|domain] ...svEWords, hosts, or domains that are banned from being proxied -ProxyDomain DomainsvEDefault domain name for proxied requests -ProxyErrorOverride On|Off Off svEOverride error pages for proxied content -ProxyIOBufferSize bytessvEIO buffer size for outgoing HTTP and FTP +ProxyDomain DomainsvEDefault domain name for proxied requests +ProxyErrorOverride On|Off Off svEOverride error pages for proxied content +ProxyIOBufferSize bytessvEIO buffer size for outgoing HTTP and FTP connections -<Proxy regex> ...</Proxy>svEContainer for directives applied to regular-expression-matched +<Proxy regex> ...</Proxy>svEContainer for directives applied to regular-expression-matched proxied resources -ProxyMaxForwards number 10 svEMaximium number of proxies that a request can be forwarded +ProxyMaxForwards number 10 svEMaximium number of proxies that a request can be forwarded through -ProxyPass [path] !|urlsvEMaps remote servers into the local server +ProxyPass [path] !|urlsvEMaps remote servers into the local server URL-space -ProxyPassReverse [path] urlsvEAdjusts the URL in HTTP response headers sent from +ProxyPassReverse [path] urlsvEAdjusts the URL in HTTP response headers sent from a reverse proxied server -ProxyPreserveHost on|off Off svEUse incoming Host HTTP request header for +ProxyPreserveHost on|off Off svEUse incoming Host HTTP request header for proxy request -ProxyReceiveBufferSize bytessvENetwork buffer size for outgoing HTTP and FTP +ProxyReceiveBufferSize bytessvENetwork buffer size for outgoing HTTP and FTP connections -ProxyRemote match remote-serversvERemote proxy used to handle certain requests -ProxyRemote regex remote-serversvERemote proxy used to handle requests +ProxyRemote match remote-serversvERemote proxy used to handle certain requests +ProxyRemote regex remote-serversvERemote proxy used to handle requests matched by regular expressions -ProxyRequests on|off Off svEEnables forward (standard) proxy requests -ProxyTimeout seconds 300 svENetwork timeout for proxied requests -ProxyVia on|off|full|block off svEInformation provided in the Via HTTP response +ProxyRequests on|off Off svEEnables forward (standard) proxy requests +ProxyTimeout seconds 300 svENetwork timeout for proxied requests +ProxyVia on|off|full|block off svEInformation provided in the Via HTTP response header for proxied requests -ReadmeName filenamesvdhBName of the file that will be inserted at the end +ReadmeName filenamesvdhBName of the file that will be inserted at the end of the index listing -Redirect [status] URL-path -URLsvdhBSends an external redirect asking the client to fetch +Redirect [status] URL-path +URLsvdhBSends an external redirect asking the client to fetch a different URL -RedirectMatch [status] regex -URLsvdhBSends an external redirect based on a regular expression match +RedirectMatch [status] regex +URLsvdhBSends an external redirect based on a regular expression match of the current URL -RedirectPermanent URL-path URLsvdhBSends an external permanent redirect asking the client to fetch +RedirectPermanent URL-path URLsvdhBSends an external permanent redirect asking the client to fetch a different URL -RedirectTemp URL-path URLsvdhBSends an external temporary redirect asking the client to fetch +RedirectTemp URL-path URLsvdhBSends an external temporary redirect asking the client to fetch a different URL -RemoveCharset extension [extension] -...vdhBRemoves any character set associations for a set of file +RemoveCharset extension [extension] +...vdhBRemoves any character set associations for a set of file extensions -RemoveEncoding extension [extension] -...vdhBRemoves any content encoding associations for a set of file +RemoveEncoding extension [extension] +...vdhBRemoves any content encoding associations for a set of file extensions -RemoveHandler extension [extension] -...vdhBRemoves any handler associations for a set of file +RemoveHandler extension [extension] +...vdhBRemoves any handler associations for a set of file extensions -RemoveInputFilter extension [extension] -...vdhBRemoves any input filter associations for a set of file +RemoveInputFilter extension [extension] +...vdhBRemoves any input filter associations for a set of file extensions -RemoveLanguage extension [extension] -...vdhBRemoves any language associations for a set of file +RemoveLanguage extension [extension] +...vdhBRemoves any language associations for a set of file extensions -RemoveOutputFilter extension [extension] -...vdhBRemoves any output filter associations for a set of file +RemoveOutputFilter extension [extension] +...vdhBRemoves any output filter associations for a set of file extensions -RemoveType extension [extension] -...vdhBRemoves any content type associations for a set of file +RemoveType extension [extension] +...vdhBRemoves any content type associations for a set of file extensions -RequestHeader set|append|add|unset header -[value]svdhEConfigure HTTP request headers -Require entity-name [entity-name] ...dhCSelects which authenticated users can access +RequestHeader set|append|add|unset header +[value]svdhEConfigure HTTP request headers +Require entity-name [entity-name] ...dhCSelects which authenticated users can access a resource -RewriteBase URL-pathdhESets the base URL for per-directory rewrites - RewriteCond - TestString CondPatternsvdhEDefines a condition under which rewriting will take place +RewriteBase URL-pathdhESets the base URL for per-directory rewrites + RewriteCond + TestString CondPatternsvdhEDefines a condition under which rewriting will take place -RewriteEngine on|off off svdhEEnables or disables runtime rewriting engine -RewriteLock file-pathsESets the name of the lock file used for RewriteMap +RewriteEngine on|off off svdhEEnables or disables runtime rewriting engine +RewriteLock file-pathsESets the name of the lock file used for RewriteMap synchronization -RewriteLog file-pathsvESets the name of the file used for logging rewrite engine +RewriteLog file-pathsvESets the name of the file used for logging rewrite engine processing -RewriteLogLevel Level 0 svESets the verbosity of the log file used by the rewrite +RewriteLogLevel Level 0 svESets the verbosity of the log file used by the rewrite engine -RewriteMap MapName MapType:MapSource -svEDefines a mapping function for key-lookup -RewriteOptions OptionssvdhESets some special options for the rewrite engine -RewriteRule - Pattern SubstitutionsvdhEDefines rules for the rewriting engine -RLimitCPU seconds|max [seconds|max]svdhCLimits the CPU consumption of processes launched +RewriteMap MapName MapType:MapSource +svEDefines a mapping function for key-lookup +RewriteOptions OptionssvdhESets some special options for the rewrite engine +RewriteRule + Pattern SubstitutionsvdhEDefines rules for the rewriting engine +RLimitCPU seconds|max [seconds|max]svdhCLimits the CPU consumption of processes launched by Apache children -RLimitMEM bytes|max [bytes|max]svdhCLimits the memory consumption of processes launched +RLimitMEM bytes|max [bytes|max]svdhCLimits the memory consumption of processes launched by Apache children -RLimitNPROC number|max [number|max]svdhCLimits the number of processes that can be launched by +RLimitNPROC number|max [number|max]svdhCLimits the number of processes that can be launched by processes launched by Apache children -Satisfy Any|All All dhCInteraction between host-level access control and +Satisfy Any|All All dhCInteraction between host-level access control and user authentication -ScoreBoardFile file-path logs/apache_status sMLocation of the file used to store coordination data for +ScoreBoardFile file-path logs/apache_status sMLocation of the file used to store coordination data for the child processes -Script method cgi-scriptsvdBActivates a CGI script for a particular request +Script method cgi-scriptsvdBActivates a CGI script for a particular request method. -ScriptAlias URL-path -file-path|directory-pathsvBMaps a URL to a filesystem location and designates the +ScriptAlias URL-path +file-path|directory-pathsvBMaps a URL to a filesystem location and designates the target as a CGI script -ScriptAliasMatch regex -file-path|directory-pathsvBMaps a URL to a filesystem location using a regular expression +ScriptAliasMatch regex +file-path|directory-pathsvBMaps a URL to a filesystem location using a regular expression and designates the target as a CGI script -ScriptInterpreterSource Registry|Registry-Strict|Script Script svdhCTechnique for locating the interpreter for CGI +ScriptInterpreterSource Registry|Registry-Strict|Script Script svdhCTechnique for locating the interpreter for CGI scripts -ScriptLog file-pathsvBLocation of the CGI script error logfile -ScriptLogBuffer bytes 1024 svBMaximum amount of PUT or POST requests that will be recorded +ScriptLog file-pathsvBLocation of the CGI script error logfile +ScriptLogBuffer bytes 1024 svBMaximum amount of PUT or POST requests that will be recorded in the scriptlog -ScriptLogLength bytes 10385760 svBSize limit of the CGI script logfile -ScriptSock file-path logs/cgisock svBThe name of the socket to use for communication with +ScriptLogLength bytes 10385760 svBSize limit of the CGI script logfile +ScriptSock file-path logs/cgisock svBThe name of the socket to use for communication with the cgi daemon -SendBufferSize bytes 0 sMTCP buffer size -ServerAdmin email-addresssvCEmail address that the server includes in error +SendBufferSize bytes 0 sMTCP buffer size +ServerAdmin email-addresssvCEmail address that the server includes in error messages sent to the client -ServerAlias hostname [hostname] ...vCAlternate names for a host used when matching requests +ServerAlias hostname [hostname] ...vCAlternate names for a host used when matching requests to name-virtual hosts -ServerLimit numbersMUpper limit on configurable number of processes -ServerName fully-qualified-domain-name[:port]svCHostname and port that the server uses to identify +ServerLimit numbersMUpper limit on configurable number of processes +ServerName fully-qualified-domain-name[:port]svCHostname and port that the server uses to identify itself -ServerPath URL-pathvCLegacy URL pathname for a name-based virtual host that +ServerPath URL-pathvCLegacy URL pathname for a name-based virtual host that is accessed by an incompatible browser -ServerRoot directory-path /usr/local/apache sCBase directory for the server installation -ServerSignature On|Off|EMail Off svdhCConfigures the footer on server-generated documents -ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sCConfigures the Server HTTP response +ServerRoot directory-path /usr/local/apache sCBase directory for the server installation +ServerSignature On|Off|EMail Off svdhCConfigures the footer on server-generated documents +ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sCConfigures the Server HTTP response header -SetEnv env-variable valuesvdhBSets environment variables -SetEnvIf attribute +SetEnv env-variable valuesvdhBSets environment variables +SetEnvIf attribute regex [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request + [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request -SetEnvIfNoCase attribute regex +SetEnvIfNoCase attribute regex [!]env-variable[=value] - [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request + [[!]env-variable[=value]] ...svdhBSets environment variables based on attributes of the request without respect to case -SetHandler handler-name|NonesvdhCForces all matching files to be processed by a +SetHandler handler-name|NonesvdhCForces all matching files to be processed by a handler -SetInputFilter filter[;filter...]svdhCSets the filters that will process client requests and POST +SetInputFilter filter[;filter...]svdhCSets the filters that will process client requests and POST input -SetOutputFilter filter[;filter...]svdhCSets the filters that will process responses from the +SetOutputFilter filter[;filter...]svdhCSets the filters that will process responses from the server -SSIEndTag tag "-->" svBString that ends an include element -SSIErrorMsg message "[an error occurred +svdhBError message displayed when there is an SSI +SSIEndTag tag "-->" svBString that ends an include element +SSIErrorMsg message "[an error occurred +svdhBError message displayed when there is an SSI error -SSIStartTag tag "<!--" svBString that starts an include element -SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +svdhBConfigures the format in which date strings are +SSIStartTag tag "<!--" svBString that starts an include element +SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +svdhBConfigures the format in which date strings are displayed -SSIUndefinedEcho string "(none)" svBString displayed when an unset variable is echoed -SSLCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates +SSIUndefinedEcho string "(none)" svBString displayed when an unset variable is echoed +SSLCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates for Client Auth -SSLCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for +SSLCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for Client Auth -SSLCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for +SSLCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for Client Auth -SSLCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for +SSLCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for Client Auth -SSLCertificateChainFile file-pathsvEFile of PEM-encoded Server CA Certificates -SSLCertificateFile file-pathsvEServer PEM-encoded X.509 Certificate file -SSLCertificateKeyFile file-pathsvEServer PEM-encoded Private Key file -SSLCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +svdhECipher Suite available for negotiation in SSL +SSLCertificateChainFile file-pathsvEFile of PEM-encoded Server CA Certificates +SSLCertificateFile file-pathsvEServer PEM-encoded X.509 Certificate file +SSLCertificateKeyFile file-pathsvEServer PEM-encoded Private Key file +SSLCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +svdhECipher Suite available for negotiation in SSL handshake -SSLEngine on|off off svESSL Engine Operation Switch -SSLMutex type none sESemaphore for internal mutual exclusion of +SSLEngine on|off off svESSL Engine Operation Switch +SSLMutex type none sESemaphore for internal mutual exclusion of operations -SSLOptions [+|-]option ...svdhEConfigure various SSL engine run-time options -SSLPassPhraseDialog type builtin sEType of pass phrase dialog for encrypted private +SSLOptions [+|-]option ...svdhEConfigure various SSL engine run-time options +SSLPassPhraseDialog type builtin sEType of pass phrase dialog for encrypted private keys -SSLProtocol [+|-]protocol ... all svEConfigure usable SSL protocol flavors -SSLProxyCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates +SSLProtocol [+|-]protocol ... all svEConfigure usable SSL protocol flavors +SSLProxyCACertificateFile file-pathsvEFile of concatenated PEM-encoded CA Certificates for Remote Server Auth -SSLProxyCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for +SSLProxyCACertificatePath directory-pathsvEDirectory of PEM-encoded CA Certificates for Remote Server Auth -SSLProxyCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for +SSLProxyCARevocationFile file-pathsvEFile of concatenated PEM-encoded CA CRLs for Remote Server Auth -SSLProxyCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for +SSLProxyCARevocationPath directory-pathsvEDirectory of PEM-encoded CA CRLs for Remote Server Auth -SSLProxyCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +svdhECipher Suite available for negotiation in SSL +SSLProxyCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +svdhECipher Suite available for negotiation in SSL proxy handshake -SSLProxyEngine on|off off svESSL Proxy Engine Operation Switch -SSLProxyMachineCertificateFile filenamesEFile of concatenated PEM-encoded CA certificates for proxy server client certificates -SSLProxyMachineCertificatePath directorysEDirectory of PEM-encoded CA certificates for proxy server client certificates -SSLProxyProtocol [+|-]protocol ... all svEConfigure usable SSL protocol flavors for proxy usage -SSLProxyVerify level none svdhEType of remote server Certificate verification -SSLVerifyDepth numbersvdhEMaximum depth of CA Certificates in Remote Server +SSLProxyEngine on|off off svESSL Proxy Engine Operation Switch +SSLProxyMachineCertificateFile filenamesEFile of concatenated PEM-encoded CA certificates for proxy server client certificates +SSLProxyMachineCertificatePath directorysEDirectory of PEM-encoded CA certificates for proxy server client certificates +SSLProxyProtocol [+|-]protocol ... all svEConfigure usable SSL protocol flavors for proxy usage +SSLProxyVerify level none svdhEType of remote server Certificate verification +SSLVerifyDepth numbersvdhEMaximum depth of CA Certificates in Remote Server Certificate verification -SSLRandomSeed context source -[bytes]sEPseudo Random Number Generator (PRNG) seeding +SSLRandomSeed context source +[bytes]sEPseudo Random Number Generator (PRNG) seeding source -SSLRequire expressiondhEAllow access only when an arbitrarily complex +SSLRequire expressiondhEAllow access only when an arbitrarily complex boolean expression is true -SSLRequireSSLdhEDeny access when SSL is not used for the +SSLRequireSSLdhEDeny access when SSL is not used for the HTTP request -SSLSessionCache type none sEType of the global/inter-process SSL Session +SSLSessionCache type none sEType of the global/inter-process SSL Session Cache -SSLSessionCacheTimeout seconds 300 svENumber of seconds before an SSL session expires +SSLSessionCacheTimeout seconds 300 svENumber of seconds before an SSL session expires in the Session Cache -SSLVerifyClient level none svdhEType of Client Certificate verification -SSLVerifyDepth number 1 svdhEMaximum depth of CA Certificates in Client +SSLVerifyClient level none svdhEType of Client Certificate verification +SSLVerifyDepth number 1 svdhEMaximum depth of CA Certificates in Client Certificate verification -StartServers numbersMNumber of child server processes created at startup -StartThreads numbersMNumber of threads created on startup -SuexecUserGroup User GroupsvEUser and group permissions for CGI programs -ThreadLimit numbersMSets the upper limit on the configurable number of threads +StartServers numbersMNumber of child server processes created at startup +StartThreads numbersMNumber of threads created on startup +SuexecUserGroup User GroupsvEUser and group permissions for CGI programs +ThreadLimit numbersMSets the upper limit on the configurable number of threads per child process -ThreadsPerChild numbersMNumber of threads created by each child process -ThreadStackSize number 65536 sMDetermine the stack size for each thread -TimeOut second 300 sCAmount of time the server will wait for +ThreadsPerChild numbersMNumber of threads created by each child process +ThreadStackSize number 65536 sMDetermine the stack size for each thread +TimeOut second 300 sCAmount of time the server will wait for certain events before failing a request -TransferLog file|pipesvBSpecifly location of a log file -TypesConfig file-path conf/mime.types sBThe location of the mime.types file -UnsetEnv env-variable [env-variable] -...svdhBRemoves variables from the environment -UseCanonicalName On|Off|DNS On svdCConfigures how the server determines its own name and +TransferLog file|pipesvBSpecifly location of a log file +TypesConfig file-path conf/mime.types sBThe location of the mime.types file +UnsetEnv env-variable [env-variable] +...svdhBRemoves variables from the environment +UseCanonicalName On|Off|DNS On svdCConfigures how the server determines its own name and port -User unix-userid #-1 sMThe userid under which the server will answer +User unix-userid #-1 sMThe userid under which the server will answer requests -UserDir directory-filename public_html svBLocation of the user-specific directories -VirtualDocumentRoot interpolated-directory|none none svEDynamically configure the location of the document root +UserDir directory-filename public_html svBLocation of the user-specific directories +VirtualDocumentRoot interpolated-directory|none none svEDynamically configure the location of the document root for a given virtual host -VirtualDocumentRootIP interpolated-directory|none none svEDynamically configure the location of the document root +VirtualDocumentRootIP interpolated-directory|none none svEDynamically configure the location of the document root for a given virtual host -<VirtualHost +<VirtualHost addr[:port] [addr[:port]] - ...> ... </VirtualHost>sCContains directives that apply only to a specific + ...> ... </VirtualHost>sCContains directives that apply only to a specific hostname or IP address -VirtualScriptAlias interpolated-directory|none none svEDynamically configure the location of the CGI directory for +VirtualScriptAlias interpolated-directory|none none svEDynamically configure the location of the CGI directory for a given virtual host -VirtualScriptAliasIP interpolated-directory|none none svEDynamically configure the location of the cgi directory for +VirtualScriptAliasIP interpolated-directory|none none svEDynamically configure the location of the cgi directory for a given virtual host -XBitHack on|off|full off svdhBParse SSI directives in files with the execute bit +XBitHack on|off|full off svdhBParse SSI directives in files with the execute bit set