core.xml revision 4cf1c07a88ef51e11570c775507cd7d2c3e35a97
530eba85dbd41b8a0fa5255d3648d1440199a661slive<!DOCTYPE modulesynopsis SYSTEM "/style/modulesynopsis.dtd">
e942c741056732f50da2074b36fe59805d370650slive<?xml-stylesheet type="text/xsl" href="/style/manual.en.xsl"?>
5f5d1b4cc970b7f06ff8ef6526128e9a27303d88nd<!-- $LastChangedRevision$ -->
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding Licensed to the Apache Software Foundation (ASF) under one or more
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding contributor license agreements. See the NOTICE file distributed with
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding this work for additional information regarding copyright ownership.
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding The ASF licenses this file to You under the Apache License, Version 2.0
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding (the "License"); you may not use this file except in compliance with
db479b48bd4d75423ed4a45e15b75089d1a8ad72fielding the License. You may obtain a copy of the License at
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd Unless required by applicable law or agreed to in writing, software
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd distributed under the License is distributed on an "AS IS" BASIS,
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd See the License for the specific language governing permissions and
d5d794fc2f4cc9ca6d6da17cfa2cdcd8d244bacdnd limitations under the License.
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<description>Core Apache HTTP Server features that are always
80c4526970a11f37c0f8e3b82afdf03902dac3f3sliveavailable</description>
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna<directivesynopsis>
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna<description>Configures optimizations for a Protocol's Listener Sockets</description>
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna<syntax>AcceptFilter <var>protocol</var> <var>accept_filter</var></syntax>
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna<contextlist><context>server config</context></contextlist>
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen<compatibility>Available in Apache 2.1.5 and later</compatibility>
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna <p>This directive enables operating system specific optimizations for a
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna listening socket by the Protocol type. The basic premise is for the
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna kernel to not send a socket to the server process until either data
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna is received or an entire HTTP Request is buffered. Only
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna <a href="http://www.freebsd.org/cgi/man.cgi?query=accept_filter&sektion=9">
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna FreeBSD's Accept Filters</a> and Linux's more primitive
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe <code>TCP_DEFER_ACCEPT</code> are currently supported.</p>
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe AcceptFilter http httpready <br/>
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe AcceptFilter https dataready
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna <p>The <code>httpready</code> accept filter buffers entire HTTP requests at
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna the kernel level. Once an entire request is recieved, the kernel then
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna sends it to the server. See the
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna <a href="http://www.freebsd.org/cgi/man.cgi?query=accf_http&sektion=9">
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna accf_http(9)</a> man page for more details. Since HTTPS requests are
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna encrypted only the <a href="http://www.freebsd.org/cgi/man.cgi?query=accf_data&sektion=9">
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna AcceptFilter http data <br/>
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna AcceptFilter https data
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna <p>Linux's <code>TCP_DEFER_ACCEPT</code> does not support buffering http
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna requests. Any value besides <code>none</code> will enable
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna <code>TCP_DEFER_ACCEPT</code> on that listener. For more details
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna see the Linux
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna <a href="http://homepages.cwi.nl/~aeb/linux/man2html/man7/tcp.7.html">
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna <p>Using <code>none</code> for an argument will disable any accept filters
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna for that protocol. This is useful for protocols that require a server
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna</directivesynopsis>
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe<directivesynopsis>
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe<description>Resources accept trailing pathname information</description>
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe<context>virtual host</context><context>directory</context>
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe<compatibility>Available in Apache 2.0.30 and later</compatibility>
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe <p>This directive controls whether requests that contain trailing
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe pathname information that follows an actual filename (or
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe non-existent file in an existing directory) will be accepted or
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe rejected. The trailing pathname information can be made
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe available to scripts in the <code>PATH_INFO</code> environment
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe variable.</p>
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe <p>For example, assume the location <code>/test/</code> points to
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna a directory that contains only the single file
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess <p>The three possible arguments for the
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <directive>AcceptPathInfo</directive> directive are:</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <dt><code>Off</code></dt><dd>A request will only be accepted if it
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive maps to a literal path that exists. Therefore a request with
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive trailing pathname information after the true filename such as
18b4b0fd6056093002ddef488636bf5ebe415ef0erikabele <code>/test/here.html/more</code> in the above example will return
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen a 404 NOT FOUND error.</dd>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <dt><code>On</code></dt><dd>A request will be accepted if a
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive leading path component maps to a file that exists. The above
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive example <code>/test/here.html/more</code> will be accepted if
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <code>/test/here.html</code> maps to a valid file.</dd>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <dt><code>Default</code></dt><dd>The treatment of requests with
fb77c505254b6e9c925e23e734463e87574f8f40kess trailing pathname information is determined by the <a
fb77c505254b6e9c925e23e734463e87574f8f40kess href="/handler.html">handler</a> responsible for the request.
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive The core handler for normal files defaults to rejecting
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <code>PATH_INFO</code> requests. Handlers that serve scripts, such as <a
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive href="mod_isapi.html">isapi-handler</a>, generally accept
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>The primary purpose of the <code>AcceptPathInfo</code>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive directive is to allow you to override the handler's choice of
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive accepting or rejecting <code>PATH_INFO</code>. This override is required,
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive for example, when you use a <a href="/filter.html">filter</a>, such
fb77c505254b6e9c925e23e734463e87574f8f40kess as <a href="mod_include.html">INCLUDES</a>, to generate content
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive based on <code>PATH_INFO</code>. The core handler would usually reject
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive the request, so you can use the following configuration to enable
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive such a script:</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive Options +Includes<br />
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive SetOutputFilter INCLUDES<br />
fb77c505254b6e9c925e23e734463e87574f8f40kess AcceptPathInfo On<br />
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive </Files>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive</directivesynopsis>
fb77c505254b6e9c925e23e734463e87574f8f40kess<directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<description>Name of the distributed configuration file</description>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<syntax>AccessFileName <var>filename</var> [<var>filename</var>] ...</syntax>
fb77c505254b6e9c925e23e734463e87574f8f40kess<contextlist><context>server config</context><context>virtual host</context>
fb77c505254b6e9c925e23e734463e87574f8f40kess</contextlist>
fb77c505254b6e9c925e23e734463e87574f8f40kess <p>While processing a request the server looks for
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive the first existing configuration file from this list of names in
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd every directory of the path to the document, if distributed
130d299c4b2b15be45532a176604c71fdc7bea5bnd configuration files are <a href="#allowoverride">enabled for that
130d299c4b2b15be45532a176604c71fdc7bea5bnd AccessFileName .acl
ef8e89e090461194ecadd31e8796a2c51e0531a2kess </example>
130d299c4b2b15be45532a176604c71fdc7bea5bnd <p>before returning the document
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <code>/usr/local/web/index.html</code>, the server will read
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <code>/usr/local/.acl</code> and <code>/usr/local/web/.acl</code>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive for directives, unless they have been disabled with</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <Directory /><br />
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd AllowOverride None<br />
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive </Directory>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<seealso><directive module="core">AllowOverride</directive></seealso>
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess<seealso><a href="/configuring.html">Configuration Files</a></seealso>
003f0c9fda6664daf5092a0e42f65ede20098153slive<seealso><a href="/howto/htaccess.html">.htaccess Files</a></seealso>
003f0c9fda6664daf5092a0e42f65ede20098153slive</directivesynopsis>
6b64034fa2a644ba291c484c0c01c7df5b8d982ckess<directivesynopsis>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd<description>Default charset parameter to be added when a response
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cndcontent-type is <code>text/plain</code> or <code>text/html</code></description>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd<syntax>AddDefaultCharset On|Off|<var>charset</var></syntax>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<context>virtual host</context><context>directory</context>
130d299c4b2b15be45532a176604c71fdc7bea5bnd <p>This directive specifies a default value for the media type
130d299c4b2b15be45532a176604c71fdc7bea5bnd charset parameter (the name of a character encoding) to be added
130d299c4b2b15be45532a176604c71fdc7bea5bnd to a response if and only if the response's content-type is either
130d299c4b2b15be45532a176604c71fdc7bea5bnd <code>text/plain</code> or <code>text/html</code>. This should override
130d299c4b2b15be45532a176604c71fdc7bea5bnd any charset specified in the body of the response via a <code>META</code>
130d299c4b2b15be45532a176604c71fdc7bea5bnd element, though the exact behavior is often dependent on the user's client
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd configuration. A setting of <code>AddDefaultCharset Off</code>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive disables this functionality. <code>AddDefaultCharset On</code> enables
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive a default charset of <code>iso-8859-1</code>. Any other value is assumed
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive to be the <var>charset</var> to be used, which should be one of the
1a3f62ca37273a15a06bb94a61d3c6fcf4bf38c9rbowen <a href="http://www.iana.org/assignments/character-sets">IANA registered
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive charset values</a> for use in MIME media types.
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive For example:</p>
843a03fe0b138a4c1f64cb90a014e9417ac30691fielding AddDefaultCharset utf-8
684f2a9a422185adda0692a1203c5ad6687fc5c5nd </example>
530eba85dbd41b8a0fa5255d3648d1440199a661slive <p><directive>AddDefaultCharset</directive> should only be used when all
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive of the text resources to which it applies are known to be in that
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive character encoding and it is too inconvenient to label their charset
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive individually. One such example is to add the charset parameter
003f0c9fda6664daf5092a0e42f65ede20098153slive to resources containing generated content, such as legacy CGI
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive scripts, that might be vulnerable to cross-site scripting attacks
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive due to user-provided data being included in the output. Note, however,
843a03fe0b138a4c1f64cb90a014e9417ac30691fielding that a better solution is to just fix (or delete) those scripts, since
843a03fe0b138a4c1f64cb90a014e9417ac30691fielding setting a default charset does not protect users that have enabled
843a03fe0b138a4c1f64cb90a014e9417ac30691fielding the "auto-detect character encoding" feature on their browser.</p>
a8ce9095d102e43fecb81093a132b90b9a227f78kess<seealso><directive module="mod_mime">AddCharset</directive></seealso>
684f2a9a422185adda0692a1203c5ad6687fc5c5nd</directivesynopsis>
843a03fe0b138a4c1f64cb90a014e9417ac30691fielding<directivesynopsis>
843a03fe0b138a4c1f64cb90a014e9417ac30691fielding<description>assigns an output filter to a particular MIME-type</description>
843a03fe0b138a4c1f64cb90a014e9417ac30691fielding<syntax>AddOutputFilterByType <var>filter</var>[;<var>filter</var>...]
b24c77ceb4cea5ffa92536e19f0aa83608960dc4fielding<var>MIME-type</var> [<var>MIME-type</var>] ...</syntax>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<context>virtual host</context><context>directory</context>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd<compatibility>Available in Apache 2.0.33 and later; deprecated in Apache 2.1 and later</compatibility>
843a03fe0b138a4c1f64cb90a014e9417ac30691fielding href="/filter.html">filter</a> for a request depending on the
843a03fe0b138a4c1f64cb90a014e9417ac30691fielding response <glossary>MIME-type</glossary>. Because of certain
843a03fe0b138a4c1f64cb90a014e9417ac30691fielding problems discussed below, this directive is deprecated. The same
843a03fe0b138a4c1f64cb90a014e9417ac30691fielding functionality is available using <module>mod_filter</module>.</p>
843a03fe0b138a4c1f64cb90a014e9417ac30691fielding <p>The following example uses the <code>DEFLATE</code> filter, which
843a03fe0b138a4c1f64cb90a014e9417ac30691fielding is provided by <module>mod_deflate</module>. It will compress all
843a03fe0b138a4c1f64cb90a014e9417ac30691fielding output (either static or dynamic) which is labeled as
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <code>text/html</code> or <code>text/plain</code> before it is sent
843a03fe0b138a4c1f64cb90a014e9417ac30691fielding to the client.</p>
77ead9e0262e4f08ec336d1a65b2edef7705c839nd </example>
77ead9e0262e4f08ec336d1a65b2edef7705c839nd <p>If you want the content to be processed by more than one filter, their
77ead9e0262e4f08ec336d1a65b2edef7705c839nd names have to be separated by semicolons. It's also possible to use one
77ead9e0262e4f08ec336d1a65b2edef7705c839nd <directive>AddOutputFilterByType</directive> directive for each of
77ead9e0262e4f08ec336d1a65b2edef7705c839nd these filters.</p>
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen <p>The configuration below causes all script output labeled as
77ead9e0262e4f08ec336d1a65b2edef7705c839nd <code>INCLUDES</code> filter and then by the <code>DEFLATE</code>
77ead9e0262e4f08ec336d1a65b2edef7705c839nd filter.</p>
77ead9e0262e4f08ec336d1a65b2edef7705c839nd <Location /cgi-bin/><br />
77ead9e0262e4f08ec336d1a65b2edef7705c839nd Options Includes<br />
77ead9e0262e4f08ec336d1a65b2edef7705c839nd </Location>
77ead9e0262e4f08ec336d1a65b2edef7705c839nd </example>
77ead9e0262e4f08ec336d1a65b2edef7705c839nd <p>Enabling filters with <directive>AddOutputFilterByType</directive>
77ead9e0262e4f08ec336d1a65b2edef7705c839nd may fail partially or completely in some cases. For example, no
77ead9e0262e4f08ec336d1a65b2edef7705c839nd filters are applied if the <glossary>MIME-type</glossary> could not be determined and falls
77ead9e0262e4f08ec336d1a65b2edef7705c839nd back to the <directive module="core">DefaultType</directive> setting,
77ead9e0262e4f08ec336d1a65b2edef7705c839nd even if the <directive module="core">DefaultType</directive> is the
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>However, if you want to make sure, that the filters will be
003f0c9fda6664daf5092a0e42f65ede20098153slive applied, assign the content type to a resource explicitly, for
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess example with <directive module="mod_mime">AddType</directive> or
fb77c505254b6e9c925e23e734463e87574f8f40kess <directive module="core">ForceType</directive>. Setting the
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd content type within a (non-nph) CGI script is also safe.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>The by-type output filters are never applied on proxy requests.</p>
fb77c505254b6e9c925e23e734463e87574f8f40kess<seealso><directive module="mod_mime">AddOutputFilter</directive></seealso>
fb77c505254b6e9c925e23e734463e87574f8f40kess<seealso><directive module="core">SetOutputFilter</directive></seealso>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive</directivesynopsis>
10673857794a4b3d9568ca2d983722a87ed352f1rbowen<directivesynopsis>
b12b918ae6baf9c5762ed61b7393d0e2198378c0nd<description>Determines whether encoded path separators in URLs are allowed to
b12b918ae6baf9c5762ed61b7393d0e2198378c0ndbe passed through</description>
10673857794a4b3d9568ca2d983722a87ed352f1rbowen<contextlist><context>server config</context><context>virtual host</context>
10673857794a4b3d9568ca2d983722a87ed352f1rbowen</contextlist>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<compatibility>Available in Apache 2.0.46 and later</compatibility>
fb77c505254b6e9c925e23e734463e87574f8f40kess <p>The <directive>AllowEncodedSlashes</directive> directive allows URLs
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive which contain encoded path separators (<code>%2F</code> for <code>/</code>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive and additionally <code>%5C</code> for <code>\</code> on according systems)
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive to be used. Normally such URLs are refused with a 404 (Not found) error.</p>
fb77c505254b6e9c925e23e734463e87574f8f40kess <p>Turning <directive>AllowEncodedSlashes</directive> <code>On</code> is
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive mostly useful when used in conjunction with <code>PATH_INFO</code>.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>Allowing encoded slashes does <em>not</em> imply <em>decoding</em>.
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive Occurrences of <code>%2F</code> or <code>%5C</code> (<em>only</em> on
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive according systems) will be left as such in the otherwise decoded URL
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive string.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<seealso><directive module="core">AcceptPathInfo</directive></seealso>
1f53e295ebd19aed1767d12da7abfab9936c148cjerenkrantz</directivesynopsis>
9ed9eaf871c58d281af02e76125ceadb5060afa5nd<directivesynopsis>
9cd3b05d7b70f07a742bbaf548fa4fa2bdbe5ce6noodl<description>Types of directives that are allowed in
9cd3b05d7b70f07a742bbaf548fa4fa2bdbe5ce6noodl<syntax>AllowOverride All|None|<var>directive-type</var>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<contextlist><context>directory</context></contextlist>
b24c77ceb4cea5ffa92536e19f0aa83608960dc4fielding <p>When the server finds an <code>.htaccess</code> file (as
b24c77ceb4cea5ffa92536e19f0aa83608960dc4fielding specified by <directive module="core">AccessFileName</directive>)
b24c77ceb4cea5ffa92536e19f0aa83608960dc4fielding it needs to know which directives declared in that file can override
b24c77ceb4cea5ffa92536e19f0aa83608960dc4fielding earlier configuration directives.</p>
b24c77ceb4cea5ffa92536e19f0aa83608960dc4fielding <note><title>Only available in <Directory> sections</title>
b24c77ceb4cea5ffa92536e19f0aa83608960dc4fielding <directive>AllowOverride</directive> is valid only in
b24c77ceb4cea5ffa92536e19f0aa83608960dc4fielding <directive type="section" module="core">Directory</directive>
5528d1a30ae8560e2d7a96d734ffe31500dc6113rpluem sections specified without regular expressions, not in <directive
5528d1a30ae8560e2d7a96d734ffe31500dc6113rpluem type="section" module="core">Location</directive>, <directive
5528d1a30ae8560e2d7a96d734ffe31500dc6113rpluem module="core" type="section">DirectoryMatch</directive> or
5528d1a30ae8560e2d7a96d734ffe31500dc6113rpluem <directive type="section" module="core">Files</directive> sections.
5528d1a30ae8560e2d7a96d734ffe31500dc6113rpluem <p>When this directive is set to <code>None</code>, then
5528d1a30ae8560e2d7a96d734ffe31500dc6113rpluem <a href="#accessfilename">.htaccess</a> files are completely ignored.
5528d1a30ae8560e2d7a96d734ffe31500dc6113rpluem In this case, the server will not even attempt to read
5528d1a30ae8560e2d7a96d734ffe31500dc6113rpluem <p>When this directive is set to <code>All</code>, then any
5528d1a30ae8560e2d7a96d734ffe31500dc6113rpluem directive which has the .htaccess <a
5528d1a30ae8560e2d7a96d734ffe31500dc6113rpluem href="directive-dict.html#Context">Context</a> is allowed in
5528d1a30ae8560e2d7a96d734ffe31500dc6113rpluem <p>The <var>directive-type</var> can be one of the following
5528d1a30ae8560e2d7a96d734ffe31500dc6113rpluem groupings of directives.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive Allow use of the authorization directives (<directive
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <directive module="mod_authn_dbm">AuthDBMUserFile</directive>,
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <directive module="mod_authz_groupfile">AuthGroupFile</directive>,
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <directive module="mod_authn_core">AuthName</directive>,
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <directive module="mod_authn_core">AuthType</directive>, <directive
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive module="mod_authn_file">AuthUserFile</directive>, <directive
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive module="mod_authz_core">Require</directive>, <em>etc.</em>).</dd>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive Allow use of the directives controlling document types (<directive
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive module="mod_negotiation">LanguagePriority</directive>,
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <directive module="core">SetHandler</directive>, <directive
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive directives, <em>etc.</em>), document meta data (<directive
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive module="mod_headers">RequestHeader</directive>, <directive
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive module="mod_setenvif">SetEnvIf</directive>, <directive
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive module="mod_setenvif">SetEnvIfNoCase</directive>, <directive
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive module="mod_setenvif">BrowserMatch</directive>, <directive
103a93c625bcde1a6a7a5155b64dcda36f612180pquerna module="mod_usertrack">CookieExpires</directive>, <directive
103a93c625bcde1a6a7a5155b64dcda36f612180pquerna module="mod_usertrack">CookieDomain</directive>, <directive
f23fb63b05f89f47d7a3099491f2c68dcce432e9kess module="mod_usertrack">CookieStyle</directive>, <directive
f23fb63b05f89f47d7a3099491f2c68dcce432e9kess module="mod_usertrack">CookieTracking</directive>, <directive
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive module="mod_rewrite">RewriteEngine</directive>, <directive
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive module="mod_rewrite">RewriteOptions</directive>, <directive
da637bcae7b6e150470e701af29da5604a34a17erbowen Allow use of the directives controlling directory indexing
da637bcae7b6e150470e701af29da5604a34a17erbowen (<directive
da637bcae7b6e150470e701af29da5604a34a17erbowen <directive module="mod_autoindex">AddIcon</directive>, <directive
da637bcae7b6e150470e701af29da5604a34a17erbowen module="mod_autoindex">AddIconByEncoding</directive>,
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <directive module="mod_autoindex">AddIconByType</directive>,
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <directive module="mod_autoindex">DefaultIcon</directive>, <directive
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive module="mod_dir">DirectoryIndex</directive>, <directive
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive module="mod_autoindex">FancyIndexing</directive>, <directive
54bcd0e21a5c79158afd3b78bf707a493a5fb33crbowen module="mod_autoindex">HeaderName</directive>, <directive
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive module="mod_autoindex">IndexIgnore</directive>, <directive
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive module="mod_autoindex">IndexOptions</directive>, <directive
4c7bdb15764021d39e486adb7bc2166d3f683773bnicholes Allow use of the directives controlling host access (<directive
4c7bdb15764021d39e486adb7bc2166d3f683773bnicholes module="mod_authz_host">Allow</directive>, <directive
4c7bdb15764021d39e486adb7bc2166d3f683773bnicholes module="mod_authz_host">Deny</directive> and <directive
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess Allow use of the directives controlling specific directory
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess features (<directive module="core">Options</directive> and
4c7bdb15764021d39e486adb7bc2166d3f683773bnicholes <directive module="mod_include">XBitHack</directive>).
4c7bdb15764021d39e486adb7bc2166d3f683773bnicholes An equal sign may be given followed by a comma (but no spaces)
4c7bdb15764021d39e486adb7bc2166d3f683773bnicholes separated lists of options that may be set using the <directive
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive AllowOverride AuthConfig Indexes
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>In the example above all directives that are neither in the group
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <code>AuthConfig</code> nor <code>Indexes</code> cause an internal
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive server error.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<seealso><directive module="core">AccessFileName</directive></seealso>
5bb5fba250bf526bc51d13b25378d54acb93c1cbnoodl<seealso><a href="/configuring.html">Configuration Files</a></seealso>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<seealso><a href="/howto/htaccess.html">.htaccess Files</a></seealso>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive</directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<description>Technique for locating the interpreter for CGI
80c4526970a11f37c0f8e3b82afdf03902dac3f3slivescripts</description>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<syntax>CGIMapExtension <var>cgi-path</var> <var>.extension</var></syntax>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<contextlist><context>directory</context><context>.htaccess</context>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive</contextlist>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>This directive is used to control how Apache finds the
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive interpreter used to run CGI scripts. For example, setting
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive cause all CGI script files with a <code>.foo</code> extension to
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive be passed to the FOO interpreter.</p>
fb77c505254b6e9c925e23e734463e87574f8f40kess</directivesynopsis>
fb77c505254b6e9c925e23e734463e87574f8f40kess<directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<description>Enables the generation of <code>Content-MD5</code> HTTP Response
80c4526970a11f37c0f8e3b82afdf03902dac3f3sliveheaders</description>
b24c77ceb4cea5ffa92536e19f0aa83608960dc4fielding<contextlist><context>server config</context><context>virtual host</context>
b24c77ceb4cea5ffa92536e19f0aa83608960dc4fielding<context>directory</context><context>.htaccess</context>
b24c77ceb4cea5ffa92536e19f0aa83608960dc4fielding</contextlist>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>This directive enables the generation of
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <code>Content-MD5</code> headers as defined in RFC1864
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive respectively RFC2068.</p>
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen <p>MD5 is an algorithm for computing a "message digest"
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive (sometimes called "fingerprint") of arbitrary-length data, with
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive a high degree of confidence that any alterations in the data
b24c77ceb4cea5ffa92536e19f0aa83608960dc4fielding will be reflected in alterations in the message digest.</p>
b24c77ceb4cea5ffa92536e19f0aa83608960dc4fielding <p>The <code>Content-MD5</code> header provides an end-to-end
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive message integrity check (MIC) of the entity-body. A proxy or
e4881891552e185a7408318dfc7f62ebabe73cf6niq client may check this header for detecting accidental
e4881891552e185a7408318dfc7f62ebabe73cf6niq modification of the entity-body in transit. Example header:</p>
b24c77ceb4cea5ffa92536e19f0aa83608960dc4fielding Content-MD5: AuLb7Dp1rqtRtxz2m9kRpA==
b24c77ceb4cea5ffa92536e19f0aa83608960dc4fielding <p>Note that this can cause performance problems on your server
b24c77ceb4cea5ffa92536e19f0aa83608960dc4fielding since the message digest is computed on every request (the
b24c77ceb4cea5ffa92536e19f0aa83608960dc4fielding values are not cached).</p>
b24c77ceb4cea5ffa92536e19f0aa83608960dc4fielding <p><code>Content-MD5</code> is only sent for documents served
b24c77ceb4cea5ffa92536e19f0aa83608960dc4fielding by the <module>core</module>, and not by any module. For example,
b24c77ceb4cea5ffa92536e19f0aa83608960dc4fielding SSI documents, output from CGI scripts, and byte range responses
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive do not have this header.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive</directivesynopsis>
6e483e0b8aa3fa574288a7452221392a03e2b9a3noodl<directivesynopsis>
20b0f809c3823eda58808be053ffc305dfa9c785sf<description>MIME content-type that will be sent if the
6e483e0b8aa3fa574288a7452221392a03e2b9a3noodlserver cannot determine a type in any other way</description>
ccf2a600dd72cc3c3c44f5d4126d9bb60fa83894takashi<contextlist><context>server config</context><context>virtual host</context>
ccf2a600dd72cc3c3c44f5d4126d9bb60fa83894takashi<context>directory</context><context>.htaccess</context>
6e483e0b8aa3fa574288a7452221392a03e2b9a3noodl</contextlist>
6e483e0b8aa3fa574288a7452221392a03e2b9a3noodl <p>There will be times when the server is asked to provide a
6e483e0b8aa3fa574288a7452221392a03e2b9a3noodl document whose type cannot be determined by its <glossary
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>The server must inform the client of the content-type of the
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive document, so in the event of an unknown type it uses the
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>would be appropriate for a directory which contained many GIF
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive images with filenames missing the <code>.gif</code> extension.</p>
003f0c9fda6664daf5092a0e42f65ede20098153slive provides the default mime-type. All other mime-type definitions,
fb77c505254b6e9c925e23e734463e87574f8f40kess including filename extensions, that might identify the media type
fb77c505254b6e9c925e23e734463e87574f8f40kess will override this default.</p>
fb77c505254b6e9c925e23e734463e87574f8f40kess</directivesynopsis>
003f0c9fda6664daf5092a0e42f65ede20098153slive<directivesynopsis>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd<description>Define the existence of a variable</description>
130d299c4b2b15be45532a176604c71fdc7bea5bnd<contextlist><context>server config</context></contextlist>
130d299c4b2b15be45532a176604c71fdc7bea5bnd <p>Equivalent to passing the <code>-D</code> argument to <a
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <p>This directive can be used to toggle the use of <directive module="core"
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd type="section">IfDefine</directive> sections without needing to alter
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen</directivesynopsis>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd<description>Enclose a group of directives that apply only to the
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cndnamed file-system directory and sub-directories</description>
030108b1816bcda3d925df65357feabdce83bc94slive... </Directory></syntax>
030108b1816bcda3d925df65357feabdce83bc94slive<contextlist><context>server config</context><context>virtual host</context>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive</contextlist>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <code></Directory></code> are used to enclose a group of
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd directives that will apply only to the named directory and
fb77c505254b6e9c925e23e734463e87574f8f40kess sub-directories of that directory. Any directive that is allowed
fb77c505254b6e9c925e23e734463e87574f8f40kess in a directory context may be used. <var>Directory-path</var> is
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive either the full path to a directory, or a wild-card string using
6b64034fa2a644ba291c484c0c01c7df5b8d982ckess Unix shell-style matching. In a wild-card string, <code>?</code> matches
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess any single character, and <code>*</code> matches any sequences of
6b64034fa2a644ba291c484c0c01c7df5b8d982ckess characters. You may also use <code>[]</code> character ranges. None
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive of the wildcards match a `/' character, so <code><Directory
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive /*/public_html></code> will not match
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <code>/home/user/public_html</code>, but <code><Directory
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive /home/*/public_html></code> will match. Example:</p>
130d299c4b2b15be45532a176604c71fdc7bea5bnd Options Indexes FollowSymLinks<br />
130d299c4b2b15be45532a176604c71fdc7bea5bnd </Directory>
130d299c4b2b15be45532a176604c71fdc7bea5bnd </example>
130d299c4b2b15be45532a176604c71fdc7bea5bnd <p>Be careful with the <var>directory-path</var> arguments:
130d299c4b2b15be45532a176604c71fdc7bea5bnd They have to literally match the filesystem path which Apache uses
130d299c4b2b15be45532a176604c71fdc7bea5bnd to access the files. Directives applied to a particular
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <code><Directory></code> will not apply to files accessed from
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd that same directory via a different path, such as via different symbolic
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive expressions</glossary> can also be used, with the addition of the
6b64034fa2a644ba291c484c0c01c7df5b8d982ckess <Directory ~ "^/www/.*/[0-9]{3}">
6b64034fa2a644ba291c484c0c01c7df5b8d982ckess <p>would match directories in <code>/www/</code> that consisted of
6b64034fa2a644ba291c484c0c01c7df5b8d982ckess three numbers.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive match the directory (or one of its parents) containing a document,
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive then the directives are applied in the order of shortest match
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive first, interspersed with the directives from the <a
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive href="#accessfilename">.htaccess</a> files. For example,
130d299c4b2b15be45532a176604c71fdc7bea5bnd <Directory /><br />
130d299c4b2b15be45532a176604c71fdc7bea5bnd AllowOverride None<br />
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive </Directory><br />
6b64034fa2a644ba291c484c0c01c7df5b8d982ckess <Directory /home/><br />
6b64034fa2a644ba291c484c0c01c7df5b8d982ckess AllowOverride FileInfo<br />
6b64034fa2a644ba291c484c0c01c7df5b8d982ckess </Directory>
fb77c505254b6e9c925e23e734463e87574f8f40kess <p>for access to the document <code>/home/web/dir/doc.html</code>
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen the steps are:</p>
130d299c4b2b15be45532a176604c71fdc7bea5bnd <li>Apply directive <code>AllowOverride FileInfo</code> (for
130d299c4b2b15be45532a176604c71fdc7bea5bnd <code>/home/.htaccess</code>, <code>/home/web/.htaccess</code> and
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>Regular expressions are not considered until after all of the
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive normal sections have been applied. Then all of the regular
fb77c505254b6e9c925e23e734463e87574f8f40kess expressions are tested in the order they appeared in the
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive configuration file. For example, with</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <Directory ~ abc$><br />
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive # ... directives here ...<br />
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess </Directory>
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess </example>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>the regular expression section won't be considered until after
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive all normal <directive type="section">Directory</directive>s and
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <code>.htaccess</code> files have been applied. Then the regular
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive expression will match on <code>/home/abc/public_html/abc</code> and
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive the corresponding <directive type="section">Directory</directive> will
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess be applied.</p>
7b5535ed88e0f561b3bfb3330137bd804846afd4slive <code><Directory /></code> is <code>Allow from All</code>.
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive This means that Apache will serve any file mapped from an URL. It is
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive recommended that you change this with a block such
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <Directory /><br />
fa1c7ce09927decc1eecd1e9a35cc5331078a052covener Order Deny,Allow<br />
fa1c7ce09927decc1eecd1e9a35cc5331078a052covener Deny from All<br />
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd </Directory>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd </example>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive href="/misc/security_tips.html">Security Tips</a> page for more
fa1c7ce09927decc1eecd1e9a35cc5331078a052covener <p>The directory sections occur in the <code>httpd.conf</code> file.
fa1c7ce09927decc1eecd1e9a35cc5331078a052covener <directive type="section">Directory</directive> directives
fa1c7ce09927decc1eecd1e9a35cc5331078a052covener cannot nest, and cannot appear in a <directive module="core"
fa1c7ce09927decc1eecd1e9a35cc5331078a052covener type="section">Limit</directive> or <directive module="core"
fa1c7ce09927decc1eecd1e9a35cc5331078a052covener<seealso><a href="/sections.html">How <Directory>,
fa1c7ce09927decc1eecd1e9a35cc5331078a052covener <Location> and <Files> sections work</a> for an
fa1c7ce09927decc1eecd1e9a35cc5331078a052covener explanation of how these different sections are combined when a
fa1c7ce09927decc1eecd1e9a35cc5331078a052covener request is received</seealso>
fa1c7ce09927decc1eecd1e9a35cc5331078a052covener</directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<description>Enclose directives that apply to
80c4526970a11f37c0f8e3b82afdf03902dac3f3slivefile-system directories matching a regular expression and their
313bb560bc5c323cfd40c9cad7335b4b8e060aedkesssubdirectories</description>
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess... </DirectoryMatch></syntax>
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess<contextlist><context>server config</context><context>virtual host</context>
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess</contextlist>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p><directive type="section">DirectoryMatch</directive> and
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <code></DirectoryMatch></code> are used to enclose a group
003f0c9fda6664daf5092a0e42f65ede20098153slive of directives which will apply only to the named directory and
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive sub-directories of that directory, the same as <directive
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd module="core" type="section">Directory</directive>. However, it
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <DirectoryMatch "^/www/(.+/)?[0-9]{3}">
a1ef40892ffa2b44fc249423c5b6c42a74a84c68nd </example>
fb77c505254b6e9c925e23e734463e87574f8f40kess <p>would match directories in <code>/www/</code> that consisted of three
fb77c505254b6e9c925e23e734463e87574f8f40kess numbers.</p>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd<seealso><directive type="section" module="core">Directory</directive> for
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnda description of how regular expressions are mixed in with normal
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd<directive type="section">Directory</directive>s</seealso>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cndhref="/sections.html">How <Directory>, <Location> and
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<Files> sections work</a> for an explanation of how these different
80c4526970a11f37c0f8e3b82afdf03902dac3f3slivesections are combined when a request is received</seealso>
c68acc9d712af079afa2bd1a5a4aeef9a3ea573ckess</directivesynopsis>
c68acc9d712af079afa2bd1a5a4aeef9a3ea573ckess<directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<description>Directory that forms the main document tree visible
80c4526970a11f37c0f8e3b82afdf03902dac3f3slivefrom the web</description>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<syntax>DocumentRoot <var>directory-path</var></syntax>
1b01d1ee11c612226cb3141eed4581dc179266c1rbowen<default>DocumentRoot /usr/local/apache/htdocs</default>
1b01d1ee11c612226cb3141eed4581dc179266c1rbowen<contextlist><context>server config</context><context>virtual host</context>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive</contextlist>
af18698b10b429b270551ca3a5d51a75e1c9db22brianp <p>This directive sets the directory from which <program>httpd</program>
003f0c9fda6664daf5092a0e42f65ede20098153slive will serve files. Unless matched by a directive like <directive
fb77c505254b6e9c925e23e734463e87574f8f40kess module="mod_alias">Alias</directive>, the server appends the
fb77c505254b6e9c925e23e734463e87574f8f40kess path from the requested URL to the document root to make the
af18698b10b429b270551ca3a5d51a75e1c9db22brianp path to the document. Example:</p>
a1ef40892ffa2b44fc249423c5b6c42a74a84c68nd <p>then an access to
003f0c9fda6664daf5092a0e42f65ede20098153slive <code>http://www.my.host.com/index.html</code> refers to
003f0c9fda6664daf5092a0e42f65ede20098153slive <code>/usr/web/index.html</code>. If the <var>directory-path</var> is
fb77c505254b6e9c925e23e734463e87574f8f40kess not absolute then it is assumed to be relative to the <directive
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <p>The <directive>DocumentRoot</directive> should be specified without
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd a trailing slash.</p>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd<seealso><a href="/urlmapping.html#documentroot">Mapping URLs to Filesystem
af18698b10b429b270551ca3a5d51a75e1c9db22brianp</directivesynopsis>
a1ef40892ffa2b44fc249423c5b6c42a74a84c68nd<directivesynopsis>
13cbe1d8f52c8097cb581e7eb259693b64d41d10poirier<description>Use memory-mapping to read files during delivery</description>
af18698b10b429b270551ca3a5d51a75e1c9db22brianp<contextlist><context>server config</context><context>virtual host</context>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd</contextlist>
fb77c505254b6e9c925e23e734463e87574f8f40kess <p>This directive controls whether the <program>httpd</program> may use
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd memory-mapping if it needs to read the contents of a file during
41ef8b3051855b802104193ee0a587515af60a37wrowe delivery. By default, when the handling of a request requires
41ef8b3051855b802104193ee0a587515af60a37wrowe access to the data within a file -- for example, when delivering a
41ef8b3051855b802104193ee0a587515af60a37wrowe server-parsed file using <module>mod_include</module> -- Apache
41ef8b3051855b802104193ee0a587515af60a37wrowe memory-maps the file if the OS supports it.</p>
41ef8b3051855b802104193ee0a587515af60a37wrowe <p>This memory-mapping sometimes yields a performance improvement.
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess But in some environments, it is better to disable the memory-mapping
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess to prevent operational problems:</p>
41ef8b3051855b802104193ee0a587515af60a37wrowe <li>On some multiprocessor systems, memory-mapping can reduce the
41ef8b3051855b802104193ee0a587515af60a37wrowe <li>With an NFS-mounted <directive module="core">DocumentRoot</directive>,
41ef8b3051855b802104193ee0a587515af60a37wrowe the <program>httpd</program> may crash due to a segmentation fault if a file
41ef8b3051855b802104193ee0a587515af60a37wrowe is deleted or truncated while the <program>httpd</program> has it
41ef8b3051855b802104193ee0a587515af60a37wrowe memory-mapped.</li>
9c233808c898095865fcc0a2dc1cf594d0d8faf3sf <p>For server configurations that are vulnerable to these problems,
41ef8b3051855b802104193ee0a587515af60a37wrowe you should disable memory-mapping of delivered files by specifying:</p>
41ef8b3051855b802104193ee0a587515af60a37wrowe EnableMMAP Off
9c233808c898095865fcc0a2dc1cf594d0d8faf3sf </example>
41ef8b3051855b802104193ee0a587515af60a37wrowe <p>For NFS mounted files, this feature may be disabled explicitly for
41ef8b3051855b802104193ee0a587515af60a37wrowe the offending files by specifying:</p>
41ef8b3051855b802104193ee0a587515af60a37wrowe <Directory "/path-to-nfs-files">
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen EnableMMAP Off
41ef8b3051855b802104193ee0a587515af60a37wrowe </Directory>
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess</directivesynopsis>
41ef8b3051855b802104193ee0a587515af60a37wrowe<directivesynopsis>
41ef8b3051855b802104193ee0a587515af60a37wrowe<description>Use the kernel sendfile support to deliver files to the client</description>
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess<contextlist><context>server config</context><context>virtual host</context>
78f4d313fd5edf76dc5cfb8725e082a08cd29740jwoolley<context>directory</context><context>.htaccess</context>
78f4d313fd5edf76dc5cfb8725e082a08cd29740jwoolley</contextlist>
9d00e5d0f270651f1f1cc1abea03bf53e5656fcecolm<compatibility>Available in version 2.0.44 and later</compatibility>
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess <p>This directive controls whether <program>httpd</program> may use the
9fb925624300c864fe3969a264e52aa83f3c2dd0slive sendfile support from the kernel to transmit file contents to the client.
41ef8b3051855b802104193ee0a587515af60a37wrowe By default, when the handling of a request requires no access
41ef8b3051855b802104193ee0a587515af60a37wrowe to the data within a file -- for example, when delivering a
9c233808c898095865fcc0a2dc1cf594d0d8faf3sf static file -- Apache uses sendfile to deliver the file contents
9c233808c898095865fcc0a2dc1cf594d0d8faf3sf without ever reading the file if the OS supports it.</p>
41ef8b3051855b802104193ee0a587515af60a37wrowe <p>This sendfile mechanism avoids separate read and send operations,
9c233808c898095865fcc0a2dc1cf594d0d8faf3sf and buffer allocations. But on some platforms or within some
41ef8b3051855b802104193ee0a587515af60a37wrowe filesystems, it is better to disable this feature to avoid
41ef8b3051855b802104193ee0a587515af60a37wrowe operational problems:</p>
41ef8b3051855b802104193ee0a587515af60a37wrowe <li>Some platforms may have broken sendfile support that the build
41ef8b3051855b802104193ee0a587515af60a37wrowe system did not detect, especially if the binaries were built on
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess another box and moved to such a machine with broken sendfile
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess support.</li>
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess <li>On Linux the use of sendfile triggers TCP-checksum
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess offloading bugs on certain networking cards when using IPv6.</li>
41ef8b3051855b802104193ee0a587515af60a37wrowe <li>On Linux on Itanium, sendfile may be unable to handle files
41ef8b3051855b802104193ee0a587515af60a37wrowe over 2GB in size.</li>
832853bb93c1831daf24e4727c5ca0e1b1786e83lars module="core">DocumentRoot</directive> (e.g., NFS or SMB),
832853bb93c1831daf24e4727c5ca0e1b1786e83lars the kernel may be unable to serve the network file through
832853bb93c1831daf24e4727c5ca0e1b1786e83lars its own cache.</li>
af18698b10b429b270551ca3a5d51a75e1c9db22brianp <p>For server configurations that are vulnerable to these problems,
af18698b10b429b270551ca3a5d51a75e1c9db22brianp you should disable this feature by specifying:</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive EnableSendfile Off
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <p>For NFS or SMB mounted files, this feature may be disabled explicitly
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive for the offending files by specifying:</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <Directory "/path-to-nfs-files">
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive EnableSendfile Off
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive </Directory>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive</directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<description>What the server will return to the client
80c4526970a11f37c0f8e3b82afdf03902dac3f3slivein case of an error</description>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd<syntax>ErrorDocument <var>error-code</var> <var>document</var></syntax>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<contextlist><context>server config</context><context>virtual host</context>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<context>directory</context><context>.htaccess</context>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd</contextlist>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<compatibility>Quoting syntax for text messages is different in Apache
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive2.0</compatibility>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>In the event of a problem or error, Apache can be configured
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen to do one of four things,</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <li>redirect to a local <var>URL-path</var> to handle the
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>The first option is the default, while options 2-4 are
f7fe99050600166042c04b8e595fb75499eed7f0geoff configured using the <directive>ErrorDocument</directive>
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen directive, which is followed by the HTTP response code and a URL
f7fe99050600166042c04b8e595fb75499eed7f0geoff or a message. Apache will sometimes offer additional information
f7fe99050600166042c04b8e595fb75499eed7f0geoff <p>URLs can begin with a slash (/) for local web-paths (relative
f7fe99050600166042c04b8e595fb75499eed7f0geoff to the <directive module="core">DocumentRoot</directive>), or be a
f7fe99050600166042c04b8e595fb75499eed7f0geoff full URL which the client can resolve. Alternatively, a message
f7fe99050600166042c04b8e595fb75499eed7f0geoff can be provided to be displayed by the browser. Examples:</p>
f7fe99050600166042c04b8e595fb75499eed7f0geoff ErrorDocument 500 http://foo.example.com/cgi-bin/tester<br />
f7fe99050600166042c04b8e595fb75499eed7f0geoff ErrorDocument 403 "Sorry can't allow you access today"
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen <p>Additionally, the special value <code>default</code> can be used
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive to specify Apache's simple hardcoded message. While not required
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive under normal circumstances, <code>default</code> will restore
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive Apache's simple hardcoded message for configurations that would
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive otherwise inherit an existing <directive>ErrorDocument</directive>.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive ErrorDocument 404 default<br />
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive </Directory>
fb77c505254b6e9c925e23e734463e87574f8f40kess <p>Note that when you specify an <directive>ErrorDocument</directive>
fb77c505254b6e9c925e23e734463e87574f8f40kess that points to a remote URL (ie. anything with a method such as
4f854c24127e28f7ad72ce9a39d4448aaf910fc1slive <code>http</code> in front of it), Apache will send a redirect to the
4f854c24127e28f7ad72ce9a39d4448aaf910fc1slive client to tell it where to find the document, even if the
4f854c24127e28f7ad72ce9a39d4448aaf910fc1slive document ends up being on the same server. This has several
9b5e2c5e769dc678a1aca06df75c32022b2f1492trawick implications, the most important being that the client will not
fb77c505254b6e9c925e23e734463e87574f8f40kess receive the original error status code, but instead will
fb77c505254b6e9c925e23e734463e87574f8f40kess receive a redirect status code. This in turn can confuse web
4f854c24127e28f7ad72ce9a39d4448aaf910fc1slive robots and other clients which try to determine if a URL is
69fba5b8aa0b0dc408f649cfdaab064ce120b05bslive valid using the status code. In addition, if you use a remote
69fba5b8aa0b0dc408f649cfdaab064ce120b05bslive URL in an <code>ErrorDocument 401</code>, the client will not
69fba5b8aa0b0dc408f649cfdaab064ce120b05bslive know to prompt the user for a password since it will not
69fba5b8aa0b0dc408f649cfdaab064ce120b05bslive receive the 401 status code. Therefore, <strong>if you use an
69fba5b8aa0b0dc408f649cfdaab064ce120b05bslive <code>ErrorDocument 401</code> directive then it must refer to a local
b5d3d68a9f683722eac7a3ca507c3e571908dfc0rbowen <p>Microsoft Internet Explorer (MSIE) will by default ignore
b5d3d68a9f683722eac7a3ca507c3e571908dfc0rbowen server-generated error messages when they are "too small" and substitute
b5d3d68a9f683722eac7a3ca507c3e571908dfc0rbowen its own "friendly" error messages. The size threshold varies depending on
b5d3d68a9f683722eac7a3ca507c3e571908dfc0rbowen the type of error, but in general, if you make your error document
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen greater than 512 bytes, then MSIE will show the server-generated
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive error rather than masking it. More information is available in
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive Microsoft Knowledge Base article <a
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive href="http://support.microsoft.com/default.aspx?scid=kb;en-us;Q294807"
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>Although most error messages can be overriden, there are certain
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive circumstances where the internal messages are used regardless of the
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive setting of <directive module="core">ErrorDocument</directive>. In
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess particular, if a malformed request is detected, normal request processing
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd will be immediately halted and the internal error message returned.
4a13940dc2990df0a798718d3a3f9cf1566c2217bjh This is necessary to guard against security problems caused by
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive bad requests.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>Prior to version 2.0, messages were indicated by prefixing
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive them with a single unmatched double quote character.</p>
fb109b84906e3ee61680aa289953c2f9e859354erbowen</directivesynopsis>
fb109b84906e3ee61680aa289953c2f9e859354erbowen<directivesynopsis>
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess<description>Location where the server will log errors</description>
fb109b84906e3ee61680aa289953c2f9e859354erbowen<syntax> ErrorLog <var>file-path</var>|syslog[:<var>facility</var>]</syntax>
960188481b7025ac8ef7221b67af83dd27e46cd0rjung<default>ErrorLog logs/error_log (Unix) ErrorLog logs/error.log (Windows and OS/2)</default>
960188481b7025ac8ef7221b67af83dd27e46cd0rjung<contextlist><context>server config</context><context>virtual host</context>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive</contextlist>
fb109b84906e3ee61680aa289953c2f9e859354erbowen <p>The <directive>ErrorLog</directive> directive sets the name of
fb109b84906e3ee61680aa289953c2f9e859354erbowen the file to which the server will log any errors it encounters. If
960188481b7025ac8ef7221b67af83dd27e46cd0rjung the <var>file-path</var> is not absolute then it is assumed to be
960188481b7025ac8ef7221b67af83dd27e46cd0rjung relative to the <directive module="core">ServerRoot</directive>.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive begins with a pipe (|) then it is assumed to be a command to spawn
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive to handle the error log.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>Using <code>syslog</code> instead of a filename enables logging
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive via syslogd(8) if the system supports it. The default is to use
9b5e2c5e769dc678a1aca06df75c32022b2f1492trawick syslog facility <code>local7</code>, but you can override this by
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive using the <code>syslog:<var>facility</var></code> syntax where
2bac697634d965d9d9a921a99a68b2c454c8a95dbnicholes <var>facility</var> can be one of the names usually documented in
2bac697634d965d9d9a921a99a68b2c454c8a95dbnicholes syslog(1).</p>
2bac697634d965d9d9a921a99a68b2c454c8a95dbnicholes ErrorLog syslog:user
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen href="/misc/security_tips.html#serverroot">security tips</a>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive document for details on why your security could be compromised
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive if the directory where log files are stored is writable by
e302f38fd646764ce1a1e1c578d794aef514a9e5sf anyone other than the user that starts the server.</p>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf <p>When entering a file path on non-Unix platforms, care should be taken
e302f38fd646764ce1a1e1c578d794aef514a9e5sf to make sure that only forward slashed are used even though the platform
e302f38fd646764ce1a1e1c578d794aef514a9e5sf may allow the use of back slashes. In general it is a good idea to always
e302f38fd646764ce1a1e1c578d794aef514a9e5sf use forward slashes throughout the configuration files.</p>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf<seealso><directive module="core">LogLevel</directive></seealso>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf<seealso><a href="/logs.html">Apache Log Files</a></seealso>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf</directivesynopsis>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf<directivesynopsis>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf<description>File attributes used to create the ETag
e302f38fd646764ce1a1e1c578d794aef514a9e5sfHTTP response header</description>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf<contextlist><context>server config</context><context>virtual host</context>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf</contextlist>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf The <directive>FileETag</directive> directive configures the file
e302f38fd646764ce1a1e1c578d794aef514a9e5sf attributes that are used to create the <code>ETag</code> (entity
e302f38fd646764ce1a1e1c578d794aef514a9e5sf tag) response header field when the document is based on a file.
e302f38fd646764ce1a1e1c578d794aef514a9e5sf (The <code>ETag</code> value is used in cache management to save
e302f38fd646764ce1a1e1c578d794aef514a9e5sf network bandwidth.) In Apache 1.3.22 and earlier, the
e302f38fd646764ce1a1e1c578d794aef514a9e5sf from the file's inode, size, and last-modified time (mtime). The
e302f38fd646764ce1a1e1c578d794aef514a9e5sf <directive>FileETag</directive> directive allows you to choose
e302f38fd646764ce1a1e1c578d794aef514a9e5sf which of these -- if any -- should be used. The recognized keywords are:
e302f38fd646764ce1a1e1c578d794aef514a9e5sf <dd>The file's i-node number will be included in the calculation</dd>
b5c4b00201fdc3ed11c6cc05cf3f9a7912ac0cfbsf <dd>The date and time the file was last modified will be included</dd>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf <dd>The number of bytes in the file will be included</dd>
b5c4b00201fdc3ed11c6cc05cf3f9a7912ac0cfbsf <dd>All available fields will be used. This is equivalent to:
b5c4b00201fdc3ed11c6cc05cf3f9a7912ac0cfbsf <dd>If a document is file-based, no <code>ETag</code> field will be
b5c4b00201fdc3ed11c6cc05cf3f9a7912ac0cfbsf included in the response</dd>
b5c4b00201fdc3ed11c6cc05cf3f9a7912ac0cfbsf <p>The <code>INode</code>, <code>MTime</code>, and <code>Size</code>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf keywords may be prefixed with either <code>+</code> or <code>-</code>,
e302f38fd646764ce1a1e1c578d794aef514a9e5sf which allow changes to be made to the default setting inherited
e302f38fd646764ce1a1e1c578d794aef514a9e5sf from a broader scope. Any keyword appearing without such a prefix
e302f38fd646764ce1a1e1c578d794aef514a9e5sf immediately and completely cancels the inherited setting.</p>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf <p>If a directory's configuration includes
e302f38fd646764ce1a1e1c578d794aef514a9e5sf <code>FileETag INode MTime Size</code>, and a
e302f38fd646764ce1a1e1c578d794aef514a9e5sf subdirectory's includes <code>FileETag -INode</code>,
e302f38fd646764ce1a1e1c578d794aef514a9e5sf the setting for that subdirectory (which will be inherited by
e302f38fd646764ce1a1e1c578d794aef514a9e5sf any sub-subdirectories that don't override it) will be equivalent to
e302f38fd646764ce1a1e1c578d794aef514a9e5sf</directivesynopsis>
4497075b5e08b0c8ee89425a1758258ae80550fcsf<description>Contains directives that apply to matched
4497075b5e08b0c8ee89425a1758258ae80550fcsffilenames</description>
4497075b5e08b0c8ee89425a1758258ae80550fcsf<syntax><Files <var>filename</var>> ... </Files></syntax>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf<contextlist><context>server config</context><context>virtual host</context>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf</contextlist>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf <p>The <directive type="section">Files</directive> directive
e302f38fd646764ce1a1e1c578d794aef514a9e5sf limits the scope of the enclosed directives by filename. It is comparable
e302f38fd646764ce1a1e1c578d794aef514a9e5sf to the <directive module="core" type="section">Directory</directive>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf and <directive module="core" type="section">Location</directive>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf directives. It should be matched with a <code></Files></code>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf directive. The directives given within this section will be applied to
e302f38fd646764ce1a1e1c578d794aef514a9e5sf any object with a basename (last component of filename) matching the
e302f38fd646764ce1a1e1c578d794aef514a9e5sf specified filename. <directive type="section">Files</directive>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf sections are processed in the order they appear in the
e302f38fd646764ce1a1e1c578d794aef514a9e5sf <code>.htaccess</code> files are read, but before <directive
e302f38fd646764ce1a1e1c578d794aef514a9e5sf type="section" module="core">Location</directive> sections. Note
e302f38fd646764ce1a1e1c578d794aef514a9e5sf that <directive type="section">Files</directive> can be nested
e302f38fd646764ce1a1e1c578d794aef514a9e5sf module="core">Directory</directive> sections to restrict the
e302f38fd646764ce1a1e1c578d794aef514a9e5sf portion of the filesystem they apply to.</p>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf <p>The <var>filename</var> argument should include a filename, or
e302f38fd646764ce1a1e1c578d794aef514a9e5sf a wild-card string, where <code>?</code> matches any single character,
e302f38fd646764ce1a1e1c578d794aef514a9e5sf can also be used, with the addition of the
4497075b5e08b0c8ee89425a1758258ae80550fcsf <Files ~ "\.(gif|jpe?g|png)$">
e302f38fd646764ce1a1e1c578d794aef514a9e5sf </example>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf <p>would match most common Internet graphics formats. <directive
e302f38fd646764ce1a1e1c578d794aef514a9e5sf module="core" type="section">FilesMatch</directive> is preferred,
e302f38fd646764ce1a1e1c578d794aef514a9e5sf however.</p>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf module="core">Directory</directive> and <directive type="section"
e302f38fd646764ce1a1e1c578d794aef514a9e5sf type="section">Files</directive> sections can be used inside
e302f38fd646764ce1a1e1c578d794aef514a9e5sf <code>.htaccess</code> files. This allows users to control access to
e302f38fd646764ce1a1e1c578d794aef514a9e5sf their own files, at a file-by-file level.</p>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf<seealso><a href="/sections.html">How <Directory>, <Location>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf and <Files> sections work</a> for an explanation of how these
9228509ac5da8374df4a5d50b7da139e7b31f8a3sf different sections are combined when a request is received</seealso>
9228509ac5da8374df4a5d50b7da139e7b31f8a3sf</directivesynopsis>
9228509ac5da8374df4a5d50b7da139e7b31f8a3sf<description>Contains directives that apply to regular-expression matched
9228509ac5da8374df4a5d50b7da139e7b31f8a3sffilenames</description>
9228509ac5da8374df4a5d50b7da139e7b31f8a3sf<syntax><FilesMatch <var>regex</var>> ... </FilesMatch></syntax>
9228509ac5da8374df4a5d50b7da139e7b31f8a3sf<contextlist><context>server config</context><context>virtual host</context>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf</contextlist>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf <p>The <directive type="section">FilesMatch</directive> directive
e302f38fd646764ce1a1e1c578d794aef514a9e5sf limits the scope of the enclosed directives by filename, just as the
e302f38fd646764ce1a1e1c578d794aef514a9e5sf <directive module="core" type="section">Files</directive> directive
e302f38fd646764ce1a1e1c578d794aef514a9e5sf does. However, it accepts a <glossary ref="regex">regular
ce4dc40a4e87991087488f70d96d3447d7557294sf <FilesMatch "\.(gif|jpe?g|png)$">
ce4dc40a4e87991087488f70d96d3447d7557294sf </example>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf <p>would match most common Internet graphics formats.</p>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf<seealso><a href="/sections.html">How <Directory>, <Location>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf and <Files> sections work</a> for an explanation of how these
e302f38fd646764ce1a1e1c578d794aef514a9e5sf different sections are combined when a request is received</seealso>
b5c4b00201fdc3ed11c6cc05cf3f9a7912ac0cfbsf</directivesynopsis>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf<directivesynopsis>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf<description>Forces all matching files to be served with the specified
b5c4b00201fdc3ed11c6cc05cf3f9a7912ac0cfbsfMIME content-type</description>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf<contextlist><context>directory</context><context>.htaccess</context>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf</contextlist>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf<compatibility>Moved to the core in Apache 2.0</compatibility>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf <directive type="section" module="core">Directory</directive>, or
e302f38fd646764ce1a1e1c578d794aef514a9e5sf <directive type="section" module="core">Location</directive> or
e302f38fd646764ce1a1e1c578d794aef514a9e5sf <directive type="section" module="core">Files</directive>
e302f38fd646764ce1a1e1c578d794aef514a9e5sf section, this directive forces all matching files to be served
a8ee031b2224ce5473826c9d4f603681589245fawrowe with the content type identification given by
a8ee031b2224ce5473826c9d4f603681589245fawrowe <var>MIME-type</var>. For example, if you had a directory full of
a8ee031b2224ce5473826c9d4f603681589245fawrowe GIF files, but did not want to label them all with <code>.gif</code>,
a8ee031b2224ce5473826c9d4f603681589245fawrowe you might want to use:</p>
a8ee031b2224ce5473826c9d4f603681589245fawrowe <p>Note that unlike <directive module="core">DefaultType</directive>,
a8ee031b2224ce5473826c9d4f603681589245fawrowe this directive overrides all mime-type associations, including
a8ee031b2224ce5473826c9d4f603681589245fawrowe filename extensions, that might identify the media type.</p>
a8ee031b2224ce5473826c9d4f603681589245fawrowe <p>You can override any <directive>ForceType</directive> setting
a8ee031b2224ce5473826c9d4f603681589245fawrowe <Location /images><br />
a8ee031b2224ce5473826c9d4f603681589245fawrowe </Location><br />
a8ee031b2224ce5473826c9d4f603681589245fawrowe # but normal mime-type associations here:<br />
02c86afa991026c4146423dc84bc126e57d28df6wrowe ForceType None<br />
34b157732214cedcd129cd9fe7c4290757505d60minfrin </Location>
a8ee031b2224ce5473826c9d4f603681589245fawrowe</directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<directivesynopsis>
003f0c9fda6664daf5092a0e42f65ede20098153slive<description>Enables DNS lookups on client IP addresses</description>
18b4b0fd6056093002ddef488636bf5ebe415ef0erikabele<contextlist><context>server config</context><context>virtual host</context>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>This directive enables DNS lookups so that host names can be
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive logged (and passed to CGIs/SSIs in <code>REMOTE_HOST</code>).
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive The value <code>Double</code> refers to doing double-reverse
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive DNS lookup. That is, after a reverse lookup is performed, a forward
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive lookup is then performed on that result. At least one of the IP
fb77c505254b6e9c925e23e734463e87574f8f40kess addresses in the forward lookup must match the original
a5f060e0c74a44cb8896ae794c08f94f7c9a46a7covener address. (In "tcpwrappers" terminology this is called
fb77c505254b6e9c925e23e734463e87574f8f40kess <p>Regardless of the setting, when <module>mod_authz_host</module> is
fb77c505254b6e9c925e23e734463e87574f8f40kess used for controlling access by hostname, a double reverse lookup
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive will be performed. This is necessary for security. Note that the
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd result of this double-reverse isn't generally available unless you
530eba85dbd41b8a0fa5255d3648d1440199a661slive set <code>HostnameLookups Double</code>. For example, if only
530eba85dbd41b8a0fa5255d3648d1440199a661slive <code>HostnameLookups On</code> and a request is made to an object
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive that is protected by hostname restrictions, regardless of whether
530eba85dbd41b8a0fa5255d3648d1440199a661slive the double-reverse fails or not, CGIs will still be passed the
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive single-reverse result in <code>REMOTE_HOST</code>.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>The default is <code>Off</code> in order to save the network
530eba85dbd41b8a0fa5255d3648d1440199a661slive traffic for those sites that don't truly need the reverse
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd lookups done. It is also better for the end users because they
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd don't have to suffer the extra latency that a lookup entails.
530eba85dbd41b8a0fa5255d3648d1440199a661slive Heavily loaded sites should leave this directive
fb77c505254b6e9c925e23e734463e87574f8f40kess <code>Off</code>, since DNS lookups can take considerable
fb77c505254b6e9c925e23e734463e87574f8f40kess amounts of time. The utility <program>logresolve</program>, compiled by
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive default to the <code>bin</code> subdirectory of your installation
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd directory, can be used to look up host names from logged IP addresses
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd offline.</p>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd</directivesynopsis>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd<description>Encloses directives that will be processed only
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cndif a test is true at startup</description>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive </IfDefine></syntax>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<contextlist><context>server config</context><context>virtual host</context>
0db981f8fdfb62c5149efa079f0369b73d472d04rpluem</contextlist>
0db981f8fdfb62c5149efa079f0369b73d472d04rpluem <p>The <code><IfDefine <var>test</var>>...</IfDefine>
0db981f8fdfb62c5149efa079f0369b73d472d04rpluem </code> section is used to mark directives that are conditional. The
0db981f8fdfb62c5149efa079f0369b73d472d04rpluem directives within an <directive type="section">IfDefine</directive>
0db981f8fdfb62c5149efa079f0369b73d472d04rpluem section are only processed if the <var>test</var> is true. If <var>
a5f060e0c74a44cb8896ae794c08f94f7c9a46a7covener test</var> is false, everything between the start and end markers is
a5f060e0c74a44cb8896ae794c08f94f7c9a46a7covener ignored.</p>
a5f060e0c74a44cb8896ae794c08f94f7c9a46a7covener <p>The <var>test</var> in the <directive type="section"
a5f060e0c74a44cb8896ae794c08f94f7c9a46a7covener >IfDefine</directive> section directive can be one of two forms:</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>In the former case, the directives between the start and end
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd markers are only processed if the parameter named
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <var>parameter-name</var> is defined. The second format reverses
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive the test, and only processes the directives if
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <var>parameter-name</var> is <strong>not</strong> defined.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>The <var>parameter-name</var> argument is a define as given on the
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <program>httpd</program> command line via <code>-D<var>parameter</var>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive </code> at the time the server was started or by the <directive
6b64034fa2a644ba291c484c0c01c7df5b8d982ckess <p><directive type="section">IfDefine</directive> sections are
6b64034fa2a644ba291c484c0c01c7df5b8d982ckess nest-able, which can be used to implement simple
6b64034fa2a644ba291c484c0c01c7df5b8d982ckess multiple-parameter tests. Example:</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive httpd -DReverseProxy ...<br />
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <IfDefine ReverseProxy><br />
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive LoadModule rewrite_module modules/mod_rewrite.so<br />
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive </IfDefine>
fb77c505254b6e9c925e23e734463e87574f8f40kess</directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<description>Encloses directives that are processed conditional on the
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cndpresence or absence of a specific module</description>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd<syntax><IfModule [!]<var>module-file</var>|<var>module-identifier</var>> ...
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd </IfModule></syntax>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd<contextlist><context>server config</context><context>virtual host</context>
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess</contextlist>
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess<compatibility>Module identifiers are available in version 2.1 and
80c4526970a11f37c0f8e3b82afdf03902dac3f3slivelater.</compatibility>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>The <code><IfModule <var>test</var>>...</IfModule></code>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive section is used to mark directives that are conditional on the presence of
fb77c505254b6e9c925e23e734463e87574f8f40kess a specific module. The directives within an <directive type="section"
fb77c505254b6e9c925e23e734463e87574f8f40kess >IfModule</directive> section are only processed if the <var>test</var>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive is true. If <var>test</var> is false, everything between the start and
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive end markers is ignored.</p>
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess <p>The <var>test</var> in the <directive type="section"
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess >IfModule</directive> section directive can be one of two forms:</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>In the former case, the directives between the start and end
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive markers are only processed if the module named <var>module</var>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive is included in Apache -- either compiled in or
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive >LoadModule</directive>. The second format reverses the test,
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive and only processes the directives if <var>module</var> is
6b64034fa2a644ba291c484c0c01c7df5b8d982ckess <p>The <var>module</var> argument can be either the module identifier or
030108b1816bcda3d925df65357feabdce83bc94slive the file name of the module, at the time it was compiled. For example,
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <code>mod_rewrite.c</code> is the file name. If a module consists of
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd several source files, use the name of the file containing the string
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p><directive type="section">IfModule</directive> sections are
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive nest-able, which can be used to implement simple multiple-module
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess <note>This section should only be used if you need to have one
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess configuration file that works whether or not a specific module
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess is available. In normal operation, directives need not be
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive placed in <directive type="section">IfModule</directive>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive sections.</note>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive</directivesynopsis>
b24c77ceb4cea5ffa92536e19f0aa83608960dc4fielding<directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<description>Includes other configuration files from within
80c4526970a11f37c0f8e3b82afdf03902dac3f3slivethe server configuration files</description>
003f0c9fda6664daf5092a0e42f65ede20098153slive<syntax>Include <var>file-path</var>|<var>directory-path</var></syntax>
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen<contextlist><context>server config</context><context>virtual host</context>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive</contextlist>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<compatibility>Wildcard matching available in 2.0.41 and later</compatibility>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>This directive allows inclusion of other configuration files
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive from within the server configuration files.</p>
b24c77ceb4cea5ffa92536e19f0aa83608960dc4fielding <p>Shell-style (<code>fnmatch()</code>) wildcard characters can be used to
fb77c505254b6e9c925e23e734463e87574f8f40kess include several files at once, in alphabetical order. In
fb77c505254b6e9c925e23e734463e87574f8f40kess addition, if <directive>Include</directive> points to a directory,
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd rather than a file, Apache will read all files in that directory
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd and any subdirectory. But including entire directories is not
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd recommended, because it is easy to accidentally leave temporary
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd files in a directory that can cause <program>httpd</program> to
b24c77ceb4cea5ffa92536e19f0aa83608960dc4fielding <p>The file path specified may be an absolute path, or may be relative
b24c77ceb4cea5ffa92536e19f0aa83608960dc4fielding to the <directive module="core">ServerRoot</directive> directory.</p>
7654193c1faf603feec999850322ad79e6c551bcnd </example>
7654193c1faf603feec999850322ad79e6c551bcnd </example>
c97e8972ab1f4dd167e3dc4db87daf91114009fbnd <p>Running <code>apachectl configtest</code> will give you a list
7654193c1faf603feec999850322ad79e6c551bcnd of the files that are being processed during the configuration
7654193c1faf603feec999850322ad79e6c551bcnd check:</p>
439acee10571861c670c438038a62f90a08bf137covener root@host# apachectl configtest<br />
439acee10571861c670c438038a62f90a08bf137covener Processing config file: /usr/local/apache2/conf/ssl.conf<br />
439acee10571861c670c438038a62f90a08bf137covener Processing config file: /usr/local/apache2/conf/vhosts/vhost1.conf<br />
439acee10571861c670c438038a62f90a08bf137covener Processing config file: /usr/local/apache2/conf/vhosts/vhost2.conf<br />
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive</directivesynopsis>
fb77c505254b6e9c925e23e734463e87574f8f40kess<directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<description>Enables HTTP persistent connections</description>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<contextlist><context>server config</context><context>virtual host</context>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive</contextlist>
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess <p>The Keep-Alive extension to HTTP/1.0 and the persistent
9b5e2c5e769dc678a1aca06df75c32022b2f1492trawick connection feature of HTTP/1.1 provide long-lived HTTP sessions
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive which allow multiple requests to be sent over the same TCP
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive connection. In some cases this has been shown to result in an
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive almost 50% speedup in latency times for HTML documents with
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive many images. To enable Keep-Alive connections, set
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>For HTTP/1.0 clients, Keep-Alive connections will only be
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive used if they are specifically requested by a client. In
fb77c505254b6e9c925e23e734463e87574f8f40kess addition, a Keep-Alive connection with an HTTP/1.0 client can
fb77c505254b6e9c925e23e734463e87574f8f40kess only be used when the length of the content is known in
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive advance. This implies that dynamic content such as CGI output,
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive SSI pages, and server-generated directory listings will
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive generally not use Keep-Alive connections to HTTP/1.0 clients.
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive For HTTP/1.1 clients, persistent connections are the default
fb77c505254b6e9c925e23e734463e87574f8f40kess unless otherwise specified. If the client requests it, chunked
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive encoding will be used in order to send content of unknown
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive length over persistent connections.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>When a client uses a Keep-Alive connection it will be counted
fb77c505254b6e9c925e23e734463e87574f8f40kess as a single "request" for the MaxRequestsPerChild directive, regardless
a1ef40892ffa2b44fc249423c5b6c42a74a84c68nd of how many requests are sent using the connection.</p>
a1ef40892ffa2b44fc249423c5b6c42a74a84c68nd<seealso><directive module="core">MaxKeepAliveRequests</directive></seealso>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive</directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<directivesynopsis>
750d12c59545dbbac70390988de94f7e901b08f2niq<description>Amount of time the server will wait for subsequent
750d12c59545dbbac70390988de94f7e901b08f2niqrequests on a persistent connection</description>
750d12c59545dbbac70390988de94f7e901b08f2niq<contextlist><context>server config</context><context>virtual host</context>
750d12c59545dbbac70390988de94f7e901b08f2niq</contextlist>
750d12c59545dbbac70390988de94f7e901b08f2niq <p>The number of seconds Apache will wait for a subsequent
750d12c59545dbbac70390988de94f7e901b08f2niq request before closing the connection. Once a request has been
750d12c59545dbbac70390988de94f7e901b08f2niq received, the timeout value specified by the
750d12c59545dbbac70390988de94f7e901b08f2niq <directive module="core">Timeout</directive> directive applies.</p>
750d12c59545dbbac70390988de94f7e901b08f2niq <p>Setting <directive>KeepAliveTimeout</directive> to a high value
750d12c59545dbbac70390988de94f7e901b08f2niq may cause performance problems in heavily loaded servers. The
750d12c59545dbbac70390988de94f7e901b08f2niq higher the timeout, the more server processes will be kept
750d12c59545dbbac70390988de94f7e901b08f2niq occupied waiting on connections with idle clients.</p>
750d12c59545dbbac70390988de94f7e901b08f2niq</directivesynopsis>
13fa73dcc1b52bc8b86ac7008ce81e8c94c1c7f2rbowen<description>Restrict enclosed access controls to only certain HTTP
13fa73dcc1b52bc8b86ac7008ce81e8c94c1c7f2rbowenmethods</description>
1a0ca5f6b566a5eb77d63f466fcf78fb388a4182igalic<syntax><Limit <var>method</var> [<var>method</var>] ... > ...
1a0ca5f6b566a5eb77d63f466fcf78fb388a4182igalic </Limit></syntax>
1a0ca5f6b566a5eb77d63f466fcf78fb388a4182igalic<contextlist><context>server config</context><context>virtual host</context>
1a0ca5f6b566a5eb77d63f466fcf78fb388a4182igalic<context>directory</context><context>.htaccess</context>
1a0ca5f6b566a5eb77d63f466fcf78fb388a4182igalic</contextlist>
750d12c59545dbbac70390988de94f7e901b08f2niq <p>Access controls are normally effective for
750d12c59545dbbac70390988de94f7e901b08f2niq <strong>all</strong> access methods, and this is the usual
750d12c59545dbbac70390988de94f7e901b08f2niq desired behavior. <strong>In the general case, access control
750d12c59545dbbac70390988de94f7e901b08f2niq directives should not be placed within a
750d12c59545dbbac70390988de94f7e901b08f2niq <directive type="section">Limit</directive> section.</strong></p>
750d12c59545dbbac70390988de94f7e901b08f2niq <p>The purpose of the <directive type="section">Limit</directive>
750d12c59545dbbac70390988de94f7e901b08f2niq directive is to restrict the effect of the access controls to the
750d12c59545dbbac70390988de94f7e901b08f2niq nominated HTTP methods. For all other methods, the access
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive restrictions that are enclosed in the <directive
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive type="section">Limit</directive> bracket <strong>will have no
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive effect</strong>. The following example applies the access control
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive only to the methods <code>POST</code>, <code>PUT</code>, and
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <code>DELETE</code>, leaving all other methods unprotected:</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <Limit POST PUT DELETE><br />
003f0c9fda6664daf5092a0e42f65ede20098153slive Require valid-user<br />
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive </Limit>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd </example>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <p>The method names listed can be one or more of: <code>GET</code>,
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <code>POST</code>, <code>PUT</code>, <code>DELETE</code>,
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <code>PATCH</code>, <code>PROPFIND</code>, <code>PROPPATCH</code>,
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <code>MKCOL</code>, <code>COPY</code>, <code>MOVE</code>,
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <code>LOCK</code>, and <code>UNLOCK</code>. <strong>The method name is
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd case-sensitive.</strong> If <code>GET</code> is used it will also
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive restrict <code>HEAD</code> requests. The <code>TRACE</code> method
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive cannot be limited.</p>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd module="core">LimitExcept</directive> section should always be
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive module="core">Limit</directive> section when restricting access,
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive module="core">LimitExcept</directive> section provides protection
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd against arbitrary methods.</note>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive</directivesynopsis>
6e483e0b8aa3fa574288a7452221392a03e2b9a3noodl<description>Restrict access controls to all HTTP methods
80c4526970a11f37c0f8e3b82afdf03902dac3f3sliveexcept the named ones</description>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<syntax><LimitExcept <var>method</var> [<var>method</var>] ... > ...
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive </LimitExcept></syntax>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<contextlist><context>server config</context><context>virtual host</context>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<context>directory</context><context>.htaccess</context>
130d299c4b2b15be45532a176604c71fdc7bea5bnd</contextlist>
a00429a6b3b4dbb113b6dc67cfc0507f610276e9takashi a group of access control directives which will then apply to any
a00429a6b3b4dbb113b6dc67cfc0507f610276e9takashi HTTP access method <strong>not</strong> listed in the arguments;
955d7fc3e7adb6463b7243e15c04e858718e799etakashi i.e., it is the opposite of a <directive type="section"
955d7fc3e7adb6463b7243e15c04e858718e799etakashi module="core">Limit</directive> section and can be used to control
955d7fc3e7adb6463b7243e15c04e858718e799etakashi both standard and nonstandard/unrecognized methods. See the
955d7fc3e7adb6463b7243e15c04e858718e799etakashi type="section">Limit</directive> for more details.</p>
955d7fc3e7adb6463b7243e15c04e858718e799etakashi <LimitExcept POST GET><br />
955d7fc3e7adb6463b7243e15c04e858718e799etakashi Require valid-user<br />
955d7fc3e7adb6463b7243e15c04e858718e799etakashi </LimitExcept>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd</directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<description>Determine maximum number of internal redirects and nested
80c4526970a11f37c0f8e3b82afdf03902dac3f3slivesubrequests</description>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<syntax>LimitInternalRecursion <var>number</var> [<var>number</var>]</syntax>
55d36f9b61520c2374ab463e77e8a62daa416398nd<contextlist><context>server config</context><context>virtual host</context>
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess</contextlist>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<compatibility>Available in Apache 2.0.47 and later</compatibility>
003f0c9fda6664daf5092a0e42f65ede20098153slive <p>An internal redirect happens, for example, when using the <directive
55d36f9b61520c2374ab463e77e8a62daa416398nd module="mod_actions">Action</directive> directive, which internally
55d36f9b61520c2374ab463e77e8a62daa416398nd redirects the original request to a CGI script. A subrequest is Apache's
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive mechanism to find out what would happen for some URI if it were requested.
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive For example, <module>mod_dir</module> uses subrequests to look for the
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd files listed in the <directive module="mod_dir">DirectoryIndex</directive>
fb77c505254b6e9c925e23e734463e87574f8f40kess directive.</p>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <p><directive>LimitInternalRecursion</directive> prevents the server
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd from crashing when entering an infinite loop of internal redirects or
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd subrequests. Such loops are usually caused by misconfigurations.</p>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <p>The directive stores two different limits, which are evaluated on
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd per-request basis. The first <var>number</var> is the maximum number of
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive internal redirects, that may follow each other. The second <var>number</var>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive determines, how deep subrequests may be nested. If you specify only one
55d36f9b61520c2374ab463e77e8a62daa416398nd <var>number</var>, it will be assigned to both limits.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive LimitInternalRecursion 5
55d36f9b61520c2374ab463e77e8a62daa416398nd</directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<directivesynopsis>
55d36f9b61520c2374ab463e77e8a62daa416398nd<description>Restricts the total size of the HTTP request body sent
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cndfrom the client</description>
55d36f9b61520c2374ab463e77e8a62daa416398nd<contextlist><context>server config</context><context>virtual host</context>
55d36f9b61520c2374ab463e77e8a62daa416398nd</contextlist>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>This directive specifies the number of <var>bytes</var> from 0
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive (meaning unlimited) to 2147483647 (2GB) that are allowed in a
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive request body.</p>
bea526116133aa3d7dabd1924bfc580b37fbf22aslive <p>The <directive>LimitRequestBody</directive> directive allows
bea526116133aa3d7dabd1924bfc580b37fbf22aslive the user to set a limit on the allowed size of an HTTP request
fb77c505254b6e9c925e23e734463e87574f8f40kess message body within the context in which the directive is given
bea526116133aa3d7dabd1924bfc580b37fbf22aslive (server, per-directory, per-file or per-location). If the client
bea526116133aa3d7dabd1924bfc580b37fbf22aslive request exceeds that limit, the server will return an error
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive response instead of servicing the request. The size of a normal
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive request message body will vary greatly depending on the nature of
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive the resource and the methods allowed on that resource. CGI scripts
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive typically use the message body for retrieving form information.
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive Implementations of the <code>PUT</code> method will require
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive a value at least as large as any representation that the server
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive wishes to accept for that resource.</p>
003f0c9fda6664daf5092a0e42f65ede20098153slive <p>This directive gives the server administrator greater
003f0c9fda6664daf5092a0e42f65ede20098153slive control over abnormal client request behavior, which may be
003f0c9fda6664daf5092a0e42f65ede20098153slive useful for avoiding some forms of denial-of-service
cf8a8738330694e60bad421fcc8361d80b0e9124minfrin attacks.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>If, for example, you are permitting file upload to a particular
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive location, and wish to limit the size of the uploaded file to 100K,
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive you might use the following directive:</p>
5b258a8d58679c6587757189339bb3c2d0488f93poirier LimitRequestBody 102400
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen</directivesynopsis>
cf8a8738330694e60bad421fcc8361d80b0e9124minfrin<directivesynopsis>
cf8a8738330694e60bad421fcc8361d80b0e9124minfrin<description>Limits the number of HTTP request header fields that
cf8a8738330694e60bad421fcc8361d80b0e9124minfrinwill be accepted from the client</description>
cf8a8738330694e60bad421fcc8361d80b0e9124minfrin<syntax>LimitRequestFields <var>number</var></syntax>
3621f3acee323a877639a96d84891095eb07933aminfrin<contextlist><context>server config</context></contextlist>
3621f3acee323a877639a96d84891095eb07933aminfrin <p><var>Number</var> is an integer from 0 (meaning unlimited) to
3621f3acee323a877639a96d84891095eb07933aminfrin 32767. The default value is defined by the compile-time
3621f3acee323a877639a96d84891095eb07933aminfrin constant <code>DEFAULT_LIMIT_REQUEST_FIELDS</code> (100 as
3621f3acee323a877639a96d84891095eb07933aminfrin distributed).</p>
3621f3acee323a877639a96d84891095eb07933aminfrin <p>The <directive>LimitRequestFields</directive> directive allows
3621f3acee323a877639a96d84891095eb07933aminfrin the server administrator to modify the limit on the number of
3621f3acee323a877639a96d84891095eb07933aminfrin request header fields allowed in an HTTP request. A server needs
3621f3acee323a877639a96d84891095eb07933aminfrin this value to be larger than the number of fields that a normal
3621f3acee323a877639a96d84891095eb07933aminfrin client request might include. The number of request header fields
3621f3acee323a877639a96d84891095eb07933aminfrin used by a client rarely exceeds 20, but this may vary among
3621f3acee323a877639a96d84891095eb07933aminfrin different client implementations, often depending upon the extent
3621f3acee323a877639a96d84891095eb07933aminfrin to which a user has configured their browser to support detailed
3621f3acee323a877639a96d84891095eb07933aminfrin content negotiation. Optional HTTP extensions are often expressed
cf8a8738330694e60bad421fcc8361d80b0e9124minfrin using request header fields.</p>
3621f3acee323a877639a96d84891095eb07933aminfrin <p>This directive gives the server administrator greater
03aa31ad82759363ba1a55589e517b16308ef635minfrin control over abnormal client request behavior, which may be
c68acc9d712af079afa2bd1a5a4aeef9a3ea573ckess useful for avoiding some forms of denial-of-service attacks.
c68acc9d712af079afa2bd1a5a4aeef9a3ea573ckess The value should be increased if normal clients see an error
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive response from the server that indicates too many fields were
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive sent in the request.</p>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd LimitRequestFields 50
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd </example>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd</directivesynopsis>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd<directivesynopsis>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd<description>Limits the size of the HTTP request header allowed from the
cf8a8738330694e60bad421fcc8361d80b0e9124minfrinclient</description>
cf8a8738330694e60bad421fcc8361d80b0e9124minfrin<syntax>LimitRequestFieldSize <var>bytes</var></syntax>
3621f3acee323a877639a96d84891095eb07933aminfrin<contextlist><context>server config</context></contextlist>
cf8a8738330694e60bad421fcc8361d80b0e9124minfrin <p>This directive specifies the number of <var>bytes</var>
3621f3acee323a877639a96d84891095eb07933aminfrin that will be allowed in an HTTP request header.</p>
cf8a8738330694e60bad421fcc8361d80b0e9124minfrin <p>The <directive>LimitRequestFieldSize</directive> directive
cf8a8738330694e60bad421fcc8361d80b0e9124minfrin allows the server administrator to reduce or increase the limit
3621f3acee323a877639a96d84891095eb07933aminfrin on the allowed size of an HTTP request header field. A server
3621f3acee323a877639a96d84891095eb07933aminfrin needs this value to be large enough to hold any one header field
03aa31ad82759363ba1a55589e517b16308ef635minfrin from a normal client request. The size of a normal request header
3621f3acee323a877639a96d84891095eb07933aminfrin field will vary greatly among different client implementations,
3621f3acee323a877639a96d84891095eb07933aminfrin often depending upon the extent to which a user has configured
3621f3acee323a877639a96d84891095eb07933aminfrin their browser to support detailed content negotiation. SPNEGO
3621f3acee323a877639a96d84891095eb07933aminfrin authentication headers can be up to 12392 bytes.</p>
3621f3acee323a877639a96d84891095eb07933aminfrin <p>This directive gives the server administrator greater
03aa31ad82759363ba1a55589e517b16308ef635minfrin control over abnormal client request behavior, which may be
3621f3acee323a877639a96d84891095eb07933aminfrin useful for avoiding some forms of denial-of-service attacks.</p>
03aa31ad82759363ba1a55589e517b16308ef635minfrin LimitRequestFieldSize 4094
03aa31ad82759363ba1a55589e517b16308ef635minfrin <note>Under normal conditions, the value should not be changed from
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive the default.</note>
fb77c505254b6e9c925e23e734463e87574f8f40kess</directivesynopsis>
18b4b0fd6056093002ddef488636bf5ebe415ef0erikabele<directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<description>Limit the size of the HTTP request line that will be accepted
80c4526970a11f37c0f8e3b82afdf03902dac3f3slivefrom the client</description>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<contextlist><context>server config</context></contextlist>
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess <p>This directive sets the number of <var>bytes</var> that will be
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess allowed on the HTTP request-line.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>The <directive>LimitRequestLine</directive> directive allows
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive the server administrator to reduce or increase the limit on the allowed size
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive of a client's HTTP request-line. Since the request-line consists of the
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive HTTP method, URI, and protocol version, the
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <directive>LimitRequestLine</directive> directive places a
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive restriction on the length of a request-URI allowed for a request
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive on the server. A server needs this value to be large enough to
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive hold any of its resource names, including any information that
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive might be passed in the query part of a <code>GET</code> request.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>This directive gives the server administrator greater
891df99fdfa41fc8a486568f4d31ddf4a571258adreid control over abnormal client request behavior, which may be
891df99fdfa41fc8a486568f4d31ddf4a571258adreid useful for avoiding some forms of denial-of-service attacks.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive LimitRequestLine 4094
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <note>Under normal conditions, the value should not be changed from
98f5034c8cbf2ef025b317b3e01acae82e143b11trawick the default.</note>
98f5034c8cbf2ef025b317b3e01acae82e143b11trawick</directivesynopsis>
9f38f3ec3e8087985d108a24ae796962fef83644takashi<directivesynopsis>
98f5034c8cbf2ef025b317b3e01acae82e143b11trawick<description>Limits the size of an XML-based request body</description>
98f5034c8cbf2ef025b317b3e01acae82e143b11trawick<syntax>LimitXMLRequestBody <var>bytes</var></syntax>
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen<contextlist><context>server config</context><context>virtual host</context>
98f5034c8cbf2ef025b317b3e01acae82e143b11trawick<context>directory</context><context>.htaccess</context></contextlist>
9f38f3ec3e8087985d108a24ae796962fef83644takashi <p>Limit (in bytes) on maximum size of an XML-based request
98f5034c8cbf2ef025b317b3e01acae82e143b11trawick body. A value of <code>0</code> will disable any checking.</p>
98f5034c8cbf2ef025b317b3e01acae82e143b11trawick LimitXMLRequestBody 0
85349f40d98fb3fc7a18ef25dc40eaaae6eead1ctakashi</directivesynopsis>
98f5034c8cbf2ef025b317b3e01acae82e143b11trawick<description>Applies the enclosed directives only to matching
98f5034c8cbf2ef025b317b3e01acae82e143b11trawickURLs</description>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<syntax><Location
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <var>URL-path</var>|<var>URL</var>> ... </Location></syntax>
003f0c9fda6664daf5092a0e42f65ede20098153slive<contextlist><context>server config</context><context>virtual host</context>
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess</contextlist>
7245e9b991db85d9d9a587fe5f4051f642ebdc3cchrisd <p>The <directive type="section">Location</directive> directive
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive limits the scope of the enclosed directives by URL. It is similar to the
7245e9b991db85d9d9a587fe5f4051f642ebdc3cchrisd <directive type="section" module="core">Directory</directive>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive directive, and starts a subsection which is terminated with a
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive type="section">Location</directive> sections are processed in the
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive order they appear in the configuration file, after the <directive
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive type="section" module="core">Directory</directive> sections and
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <code>.htaccess</code> files are read, and after the <directive
130d299c4b2b15be45532a176604c71fdc7bea5bnd type="section" module="core">Files</directive> sections.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p><directive type="section">Location</directive> sections operate
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive completely outside the filesystem. This has several consequences.
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive Most importantly, <directive type="section">Location</directive>
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess directives should not be used to control access to filesystem
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess locations. Since several different URLs may map to the same
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess filesystem location, such access controls may by circumvented.</p>
130d299c4b2b15be45532a176604c71fdc7bea5bnd <p>Use <directive type="section">Location</directive> to apply
130d299c4b2b15be45532a176604c71fdc7bea5bnd directives to content that lives outside the filesystem. For
130d299c4b2b15be45532a176604c71fdc7bea5bnd content that lives in the filesystem, use <directive
130d299c4b2b15be45532a176604c71fdc7bea5bnd type="section" module="core">Directory</directive> and <directive
130d299c4b2b15be45532a176604c71fdc7bea5bnd type="section" module="core">Files</directive>. An exception is
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd apply a configuration to the entire server.</p>
6c5c651b0b97607b8c8b4965c1385c67699f217fnd <p>For all origin (non-proxy) requests, the URL to be matched is a
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd URL-path of the form <code>/path/</code>. No scheme, hostname,
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd port, or query string may be included. For proxy requests, the
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd URL to be matched is of the form
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <code>scheme://servername/path</code>, and you must include the
6c5c651b0b97607b8c8b4965c1385c67699f217fnd prefix.</p>
750d12c59545dbbac70390988de94f7e901b08f2niq <p>The URL may use wildcards. In a wild-card string, <code>?</code> matches
4bb78e7cdd53f50240cff4ad7a97c7ed36483797slive any single character, and <code>*</code> matches any sequences of
4bb78e7cdd53f50240cff4ad7a97c7ed36483797slive characters. Neither wildcard character matches a / in the URL-path.</p>
7245e9b991db85d9d9a587fe5f4051f642ebdc3cchrisd <p><glossary ref="regex">Regular expressions</glossary>
7245e9b991db85d9d9a587fe5f4051f642ebdc3cchrisd can also be used, with the addition of the
7245e9b991db85d9d9a587fe5f4051f642ebdc3cchrisd <Location ~ "/(extra|special)/data">
7245e9b991db85d9d9a587fe5f4051f642ebdc3cchrisd <p>would match URLs that contained the substring <code>/extra/data</code>
7245e9b991db85d9d9a587fe5f4051f642ebdc3cchrisd or <code>/special/data</code>. The directive <directive
7245e9b991db85d9d9a587fe5f4051f642ebdc3cchrisd type="section" module="core">LocationMatch</directive> behaves
7245e9b991db85d9d9a587fe5f4051f642ebdc3cchrisd identical to the regex version of <directive
7245e9b991db85d9d9a587fe5f4051f642ebdc3cchrisd <p>The <directive type="section">Location</directive>
7245e9b991db85d9d9a587fe5f4051f642ebdc3cchrisd functionality is especially useful when combined with the
7245e9b991db85d9d9a587fe5f4051f642ebdc3cchrisd directive. For example, to enable status requests, but allow them
7245e9b991db85d9d9a587fe5f4051f642ebdc3cchrisd only from browsers at <code>foo.com</code>, you might use:</p>
7245e9b991db85d9d9a587fe5f4051f642ebdc3cchrisd <Location /status><br />
7245e9b991db85d9d9a587fe5f4051f642ebdc3cchrisd SetHandler server-status<br />
7245e9b991db85d9d9a587fe5f4051f642ebdc3cchrisd Order Deny,Allow<br />
7245e9b991db85d9d9a587fe5f4051f642ebdc3cchrisd Deny from all<br />
7245e9b991db85d9d9a587fe5f4051f642ebdc3cchrisd </Location>
7245e9b991db85d9d9a587fe5f4051f642ebdc3cchrisd <p>The slash character has special meaning depending on where in a
7245e9b991db85d9d9a587fe5f4051f642ebdc3cchrisd URL it appears. People may be used to its behavior in the filesystem
7245e9b991db85d9d9a587fe5f4051f642ebdc3cchrisd where multiple adjacent slashes are frequently collapsed to a single
7245e9b991db85d9d9a587fe5f4051f642ebdc3cchrisd slash (<em>i.e.</em>, <code>/home///foo</code> is the same as
7245e9b991db85d9d9a587fe5f4051f642ebdc3cchrisd <code>/home/foo</code>). In URL-space this is not necessarily true.
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive The <directive type="section" module="core">LocationMatch</directive>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive directive and the regex version of <directive type="section"
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive >Location</directive> require you to explicitly specify multiple
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive slashes if that is your intention.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>For example, <code><LocationMatch ^/abc></code> would match
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess the request URL <code>/abc</code> but not the request URL <code>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive >Location</directive> directive behaves similarly when used for
7245e9b991db85d9d9a587fe5f4051f642ebdc3cchrisd proxy requests. But when (non-regex) <directive type="section"
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive >Location</directive> is used for non-proxy requests it will
7245e9b991db85d9d9a587fe5f4051f642ebdc3cchrisd implicitly match multiple slashes with a single slash. For example,
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive if you specify <code><Location /abc/def></code> and the
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive request is to <code>/abc//def</code> then it will match.</p>
d3f27ec18dfa6283e852aa98253212edafaa0e2brbowen<seealso><a href="/sections.html">How <Directory>, <Location>
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess and <Files> sections work</a> for an explanation of how these
d3f27ec18dfa6283e852aa98253212edafaa0e2brbowen different sections are combined when a request is received</seealso>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive</directivesynopsis>
d3f27ec18dfa6283e852aa98253212edafaa0e2brbowen<description>Applies the enclosed directives only to regular-expression
d3f27ec18dfa6283e852aa98253212edafaa0e2brbowenmatching URLs</description>
d3f27ec18dfa6283e852aa98253212edafaa0e2brbowen<syntax><LocationMatch
130d299c4b2b15be45532a176604c71fdc7bea5bnd<contextlist><context>server config</context><context>virtual host</context>
130d299c4b2b15be45532a176604c71fdc7bea5bnd</contextlist>
7ef9b6763ad87846cf83c3f71467f43e349d080aerikabele <p>The <directive type="section">LocationMatch</directive> directive
d3f27ec18dfa6283e852aa98253212edafaa0e2brbowen limits the scope of the enclosed directives by URL, in an identical manner
d3f27ec18dfa6283e852aa98253212edafaa0e2brbowen to <directive module="core" type="section">Location</directive>. However,
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive it takes a <glossary ref="regex">regular expression</glossary>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive as an argument instead of a simple string. For example:</p>
03e0a375c2435102fb2b51e34cccff52acbfddcdnd <LocationMatch "/(extra|special)/data">
03e0a375c2435102fb2b51e34cccff52acbfddcdnd </example>
03e0a375c2435102fb2b51e34cccff52acbfddcdnd <p>would match URLs that contained the substring <code>/extra/data</code>
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen<seealso><a href="/sections.html">How <Directory>, <Location>
03e0a375c2435102fb2b51e34cccff52acbfddcdnd and <Files> sections work</a> for an explanation of how these
03e0a375c2435102fb2b51e34cccff52acbfddcdnd different sections are combined when a request is received</seealso>
03e0a375c2435102fb2b51e34cccff52acbfddcdnd</directivesynopsis>
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen<directivesynopsis>
03e0a375c2435102fb2b51e34cccff52acbfddcdnd<description>Controls the verbosity of the ErrorLog</description>
03e0a375c2435102fb2b51e34cccff52acbfddcdnd<contextlist><context>server config</context><context>virtual host</context>
03e0a375c2435102fb2b51e34cccff52acbfddcdnd</contextlist>
03e0a375c2435102fb2b51e34cccff52acbfddcdnd <p><directive>LogLevel</directive> adjusts the verbosity of the
03e0a375c2435102fb2b51e34cccff52acbfddcdnd messages recorded in the error logs (see <directive
03e0a375c2435102fb2b51e34cccff52acbfddcdnd module="core">ErrorLog</directive> directive). The following
03e0a375c2435102fb2b51e34cccff52acbfddcdnd significance:</p>
03e0a375c2435102fb2b51e34cccff52acbfddcdnd <columnspec><column width=".2"/><column width=".3"/><column width=".5"/>
03e0a375c2435102fb2b51e34cccff52acbfddcdnd </columnspec>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <td>"getpwuid: couldn't determine user name from uid"</td>
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess <td>"socket: Failed to get a socket, exiting child"</td>
d3f27ec18dfa6283e852aa98253212edafaa0e2brbowen <td>"child process 1234 did not exit, sending another
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive SIGHUP"</td>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <td>"httpd: caught SIGBUS, attempting to dump core in
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <td>"Server seems busy, (you may need to increase
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>When a particular level is specified, messages from all
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive other levels of higher significance will be reported as well.
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <em>E.g.</em>, when <code>LogLevel info</code> is specified,
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive then messages with log levels of <code>notice</code> and
d3f27ec18dfa6283e852aa98253212edafaa0e2brbowen recommended.</p>
2f505ba07f89ba6a175d6ceae67fb273c4eb0993covener LogLevel notice
611f7fd8a0a5ee4a29eeed79dfd8bf6faaa3c613covener <p>When logging to a regular file messages of the level
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <code>notice</code> cannot be suppressed and thus are always
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive logged. However, this doesn't apply when logging is done
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive</directivesynopsis>
ae134ecc8faf4e6a8eb68e1c3724506771442a46rbowen<directivesynopsis>
e0ef044feba0082771091af42798cada5bb1f4fcrbowen<description>Number of requests allowed on a persistent
80c4526970a11f37c0f8e3b82afdf03902dac3f3sliveconnection</description>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<syntax>MaxKeepAliveRequests <var>number</var></syntax>
72580dbc2a55511f13f377063725b9f143b20826stoddard<contextlist><context>server config</context><context>virtual host</context>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive</contextlist>
72580dbc2a55511f13f377063725b9f143b20826stoddard <p>The <directive>MaxKeepAliveRequests</directive> directive
72580dbc2a55511f13f377063725b9f143b20826stoddard limits the number of requests allowed per connection when
72580dbc2a55511f13f377063725b9f143b20826stoddard <directive module="core" >KeepAlive</directive> is on. If it is
72580dbc2a55511f13f377063725b9f143b20826stoddard set to <code>0</code>, unlimited requests will be allowed. We
72580dbc2a55511f13f377063725b9f143b20826stoddard recommend that this setting be kept to a high value for maximum
56d7eed7205462540aec7202cd82d9f5516fc537kess server performance.</p>
d3f27ec18dfa6283e852aa98253212edafaa0e2brbowen MaxKeepAliveRequests 500
d3f27ec18dfa6283e852aa98253212edafaa0e2brbowen</directivesynopsis>
ef8e89e090461194ecadd31e8796a2c51e0531a2kess<directivesynopsis>
d3f27ec18dfa6283e852aa98253212edafaa0e2brbowen<description>Designates an IP address for name-virtual
d3f27ec18dfa6283e852aa98253212edafaa0e2brbowenhosting</description>
d3f27ec18dfa6283e852aa98253212edafaa0e2brbowen<syntax>NameVirtualHost <var>addr</var>[:<var>port</var>]</syntax>
d3f27ec18dfa6283e852aa98253212edafaa0e2brbowen<contextlist><context>server config</context></contextlist>
611f7fd8a0a5ee4a29eeed79dfd8bf6faaa3c613covener <p>The <directive>NameVirtualHost</directive> directive is a
611f7fd8a0a5ee4a29eeed79dfd8bf6faaa3c613covener required directive if you want to configure <a
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>Although <var>addr</var> can be hostname it is recommended
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive NameVirtualHost 111.22.33.44
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <p>With the <directive>NameVirtualHost</directive> directive you
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive specify the IP address on which the server will receive requests
e0ef044feba0082771091af42798cada5bb1f4fcrbowen for the name-based virtual hosts. This will usually be the address
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive to which your name-based virtual host names resolve. In cases
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive where a firewall or other proxy receives the requests and forwards
72580dbc2a55511f13f377063725b9f143b20826stoddard them on a different IP address to the server, you must specify the
72580dbc2a55511f13f377063725b9f143b20826stoddard IP address of the physical interface on the machine which will be
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive servicing the requests. If you have multiple name-based hosts on
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive multiple addresses, repeat the directive for each address.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>Note, that the "main server" and any <code>_default_</code> servers
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive will <strong>never</strong> be served for a request to a
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <directive>NameVirtualHost</directive> IP address (unless for some
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive reason you specify <directive>NameVirtualHost</directive> but then
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive don't define any <directive>VirtualHost</directive>s for that
fb77c505254b6e9c925e23e734463e87574f8f40kess address).</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>Optionally you can specify a port number on which the
d3f27ec18dfa6283e852aa98253212edafaa0e2brbowen NameVirtualHost 111.22.33.44:8080
d3f27ec18dfa6283e852aa98253212edafaa0e2brbowen <p>IPv6 addresses must be enclosed in square brackets, as shown
d3f27ec18dfa6283e852aa98253212edafaa0e2brbowen in the following example:</p>
611f7fd8a0a5ee4a29eeed79dfd8bf6faaa3c613covener NameVirtualHost [2001:db8::a00:20ff:fea7:ccea]:8080
611f7fd8a0a5ee4a29eeed79dfd8bf6faaa3c613covener <p>To receive requests on all interfaces, you can use an argument of
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive NameVirtualHost *
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <note><title>Argument to <directive type="section">VirtualHost</directive>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive directive</title>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive exactly match the argument to the <directive
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive NameVirtualHost 1.2.3.4<br />
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <VirtualHost 1.2.3.4><br />
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive # ...<br />
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive </VirtualHost><br />
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive</directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<description>Configures what features are available in a particular
80c4526970a11f37c0f8e3b82afdf03902dac3f3slivedirectory</description>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<syntax>Options
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive [+|-]<var>option</var> [[+|-]<var>option</var>] ...</syntax>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<contextlist><context>server config</context><context>virtual host</context>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<context>directory</context><context>.htaccess</context>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive</contextlist>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>The <directive>Options</directive> directive controls which
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive server features are available in a particular directory.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p><var>option</var> can be set to <code>None</code>, in which
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive case none of the extra features are enabled, or one or more of
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive the following:</p>
234c8b28171d7e12b3c1f85b60fabd7c908a9c37slive <dd>All options except for <code>MultiViews</code>. This is the default
234c8b28171d7e12b3c1f85b60fabd7c908a9c37slive setting.</dd>
234c8b28171d7e12b3c1f85b60fabd7c908a9c37slive Execution of CGI scripts using <module>mod_cgi</module>
234c8b28171d7e12b3c1f85b60fabd7c908a9c37slive is permitted.</dd>
234c8b28171d7e12b3c1f85b60fabd7c908a9c37slive The server will follow symbolic links in this directory.
234c8b28171d7e12b3c1f85b60fabd7c908a9c37slive <p>Even though the server follows the symlink it does <em>not</em>
234c8b28171d7e12b3c1f85b60fabd7c908a9c37slive change the pathname used to match against <directive type="section"
dc223428958ad9ff05011545bcdda000887b93e5slive <p>Note also, that this option <strong>gets ignored</strong> if set
beb923bec9bff2b49ce5027df2fe944e2b74e28brederpj inside a <directive type="section" module="core">Location</directive>
beb923bec9bff2b49ce5027df2fe944e2b74e28brederpj section.</p>
dc223428958ad9ff05011545bcdda000887b93e5slive <p>Omitting this option should not be considered a security restriction,
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive since symlink testing is subject to race conditions that make it
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive circumventable.</p>
030108b1816bcda3d925df65357feabdce83bc94slive Server-side includes provided by <module>mod_include</module>
37742b630743e470b94618ecb3560fbd82e50b59rbowen are permitted.</dd>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive Server-side includes are permitted, but the <code>#exec
fb77c505254b6e9c925e23e734463e87574f8f40kess cmd</code> and <code>#exec cgi</code> are disabled. It is still
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess possible to <code>#include virtual</code> CGI scripts from
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess <directive module="mod_alias">ScriptAlias</directive>ed
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess directories.</dd>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive If a URL which maps to a directory is requested, and there
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive is no <directive module="mod_dir">DirectoryIndex</directive>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive (<em>e.g.</em>, <code>index.html</code>) in that directory, then
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <module>mod_autoindex</module> will return a formatted listing
e8811b6d38f756b325446ded5d96857d13856511takashi of the directory.</dd>
130d299c4b2b15be45532a176604c71fdc7bea5bnd <a href="/content-negotiation.html">Content negotiated</a>
130d299c4b2b15be45532a176604c71fdc7bea5bnd "MultiViews" are allowed using
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <dd>The server will only follow symbolic links for which the
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd target file or directory is owned by the same user id as the
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <p>This option should not be considered a security restriction,
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd since symlink testing is subject to race conditions that make it
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <p>Normally, if multiple <directive>Options</directive> could
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd apply to a directory, then the most specific one is used and
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd others are ignored; the options are not merged. (See <a
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd href="/sections.html#mergin">how sections are merged</a>.)
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <directive>Options</directive> directive are preceded by a
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd merged. Any options preceded by a <code>+</code> are added to the
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd options currently in force, and any options preceded by a
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive force. </p>
37742b630743e470b94618ecb3560fbd82e50b59rbowen <p>Mixing <directive>Options</directive> with a <code>+</code> or
37742b630743e470b94618ecb3560fbd82e50b59rbowen <code>-</code> with those without is not valid syntax, and is likely
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive to cause unexpected results.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>For example, without any <code>+</code> and <code>-</code> symbols:</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive Options Indexes FollowSymLinks<br />
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive </Directory><br />
6b64034fa2a644ba291c484c0c01c7df5b8d982ckess Options Includes<br />
030108b1816bcda3d925df65357feabdce83bc94slive </Directory>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <code>/web/docs/spec</code> directory. However if the second
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <directive>Options</directive> directive uses the <code>+</code> and
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess Options Indexes FollowSymLinks<br />
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive </Directory><br />
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive Options +Includes -Indexes<br />
7fbd7281d06cec1918aa370214df77c572f871a9sf </Directory>
7fbd7281d06cec1918aa370214df77c572f871a9sf </example>
7fbd7281d06cec1918aa370214df77c572f871a9sf <code>Includes</code> are set for the <code>/web/docs/spec</code>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive directory.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <code>-Includes</code> disables server-side includes completely
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive regardless of the previous setting.</p>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <p>The default in the absence of any other settings is
d3f27ec18dfa6283e852aa98253212edafaa0e2brbowen</directivesynopsis>
1597043cec6ad37fa4154bf09b0fccdabed1a239slive<directivesynopsis>
530eba85dbd41b8a0fa5255d3648d1440199a661slive<description>Limits the CPU consumption of processes launched
80c4526970a11f37c0f8e3b82afdf03902dac3f3sliveby Apache children</description>
530eba85dbd41b8a0fa5255d3648d1440199a661slive<syntax>RLimitCPU <var>seconds</var>|max [<var>seconds</var>|max]</syntax>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<default>Unset; uses operating system defaults</default>
530eba85dbd41b8a0fa5255d3648d1440199a661slive<contextlist><context>server config</context><context>virtual host</context>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<context>directory</context><context>.htaccess</context></contextlist>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>Takes 1 or 2 parameters. The first parameter sets the soft
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive resource limit for all processes and the second parameter sets
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive the maximum resource limit. Either parameter can be a number,
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive or <code>max</code> to indicate to the server that the limit should
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive be set to the maximum allowed by the operating system
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive configuration. Raising the maximum resource limit requires that
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive the server is running as <code>root</code>, or in the initial startup
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>This applies to processes forked off from Apache children
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive servicing requests, not the Apache children themselves. This
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive includes CGI scripts and SSI exec commands, but not any
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive processes forked off from the Apache parent such as piped
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>CPU resource limits are expressed in seconds per
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive process.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<seealso><directive module="core">RLimitMEM</directive></seealso>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<seealso><directive module="core">RLimitNPROC</directive></seealso>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive</directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<description>Limits the memory consumption of processes launched
80c4526970a11f37c0f8e3b82afdf03902dac3f3sliveby Apache children</description>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<syntax>RLimitMEM <var>bytes</var>|max [<var>bytes</var>|max]</syntax>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<default>Unset; uses operating system defaults</default>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<contextlist><context>server config</context><context>virtual host</context>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<context>directory</context><context>.htaccess</context></contextlist>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>Takes 1 or 2 parameters. The first parameter sets the soft
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive resource limit for all processes and the second parameter sets
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive the maximum resource limit. Either parameter can be a number,
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive or <code>max</code> to indicate to the server that the limit should
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive be set to the maximum allowed by the operating system
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive configuration. Raising the maximum resource limit requires that
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive the server is running as <code>root</code>, or in the initial startup
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>This applies to processes forked off from Apache children
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive servicing requests, not the Apache children themselves. This
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive includes CGI scripts and SSI exec commands, but not any
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive processes forked off from the Apache parent such as piped
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>Memory resource limits are expressed in bytes per
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive process.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<seealso><directive module="core">RLimitCPU</directive></seealso>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<seealso><directive module="core">RLimitNPROC</directive></seealso>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive</directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<description>Limits the number of processes that can be launched by
80c4526970a11f37c0f8e3b82afdf03902dac3f3sliveprocesses launched by Apache children</description>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<syntax>RLimitNPROC <var>number</var>|max [<var>number</var>|max]</syntax>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<default>Unset; uses operating system defaults</default>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<contextlist><context>server config</context><context>virtual host</context>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<context>directory</context><context>.htaccess</context></contextlist>
7fbd7281d06cec1918aa370214df77c572f871a9sf <p>Takes 1 or 2 parameters. The first parameter sets the soft
7fbd7281d06cec1918aa370214df77c572f871a9sf resource limit for all processes and the second parameter sets
7fbd7281d06cec1918aa370214df77c572f871a9sf the maximum resource limit. Either parameter can be a number,
7fbd7281d06cec1918aa370214df77c572f871a9sf or <code>max</code> to indicate to the server that the limit
7fbd7281d06cec1918aa370214df77c572f871a9sf should be set to the maximum allowed by the operating system
7fbd7281d06cec1918aa370214df77c572f871a9sf configuration. Raising the maximum resource limit requires that
7fbd7281d06cec1918aa370214df77c572f871a9sf the server is running as <code>root</code>, or in the initial startup
7fbd7281d06cec1918aa370214df77c572f871a9sf phase.</p>
7fbd7281d06cec1918aa370214df77c572f871a9sf <p>This applies to processes forked off from Apache children
7fbd7281d06cec1918aa370214df77c572f871a9sf servicing requests, not the Apache children themselves. This
7fbd7281d06cec1918aa370214df77c572f871a9sf includes CGI scripts and SSI exec commands, but not any
7fbd7281d06cec1918aa370214df77c572f871a9sf processes forked off from the Apache parent such as piped
7fbd7281d06cec1918aa370214df77c572f871a9sf <p>Process limits control the number of processes per user.</p>
7fbd7281d06cec1918aa370214df77c572f871a9sf under user ids other than the web server user id, this directive
7fbd7281d06cec1918aa370214df77c572f871a9sf will limit the number of processes that the server itself can
7fbd7281d06cec1918aa370214df77c572f871a9sf create. Evidence of this situation will be indicated by
7fbd7281d06cec1918aa370214df77c572f871a9sf <strong><code>cannot fork</code></strong> messages in the
7fbd7281d06cec1918aa370214df77c572f871a9sf<seealso><directive module="core">RLimitMEM</directive></seealso>
7fbd7281d06cec1918aa370214df77c572f871a9sf<seealso><directive module="core">RLimitCPU</directive></seealso>
7fbd7281d06cec1918aa370214df77c572f871a9sf</directivesynopsis>
7fbd7281d06cec1918aa370214df77c572f871a9sf<directivesynopsis>
7fbd7281d06cec1918aa370214df77c572f871a9sf<description>Technique for locating the interpreter for CGI
7fbd7281d06cec1918aa370214df77c572f871a9sfscripts</description>
7fbd7281d06cec1918aa370214df77c572f871a9sf<syntax>ScriptInterpreterSource Registry|Registry-Strict|Script</syntax>
7fbd7281d06cec1918aa370214df77c572f871a9sf<contextlist><context>server config</context><context>virtual host</context>
7fbd7281d06cec1918aa370214df77c572f871a9sf<context>directory</context><context>.htaccess</context></contextlist>
7fbd7281d06cec1918aa370214df77c572f871a9sf<compatibility>Win32 only;
7fbd7281d06cec1918aa370214df77c572f871a9sfoption <code>Registry-Strict</code> is available in Apache 2.0 and
7fbd7281d06cec1918aa370214df77c572f871a9sflater</compatibility>
7fbd7281d06cec1918aa370214df77c572f871a9sf <p>This directive is used to control how Apache finds the
7fbd7281d06cec1918aa370214df77c572f871a9sf interpreter used to run CGI scripts. The default setting is
7fbd7281d06cec1918aa370214df77c572f871a9sf <code>Script</code>. This causes Apache to use the interpreter pointed to
7fbd7281d06cec1918aa370214df77c572f871a9sf by the shebang line (first line, starting with <code>#!</code>) in the
7fbd7281d06cec1918aa370214df77c572f871a9sf script. On Win32 systems this line usually looks like:</p>
7fbd7281d06cec1918aa370214df77c572f871a9sf </example>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>or, if <code>perl</code> is in the <code>PATH</code>, simply:</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>Setting <code>ScriptInterpreterSource Registry</code> will
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive cause the Windows Registry tree <code>HKEY_CLASSES_ROOT</code> to be
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive searched using the script file extension (e.g., <code>.pl</code>) as a
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive search key. The command defined by the registry subkey
d3f27ec18dfa6283e852aa98253212edafaa0e2brbowen <code>Shell\ExecCGI\Command</code> or, if it does not exist, by the subkey
d3f27ec18dfa6283e852aa98253212edafaa0e2brbowen <code>Shell\Open\Command</code> is used to open the script file. If the
d3f27ec18dfa6283e852aa98253212edafaa0e2brbowen registry keys cannot be found, Apache falls back to the behavior of the
8b052d682204371decc64f942aede5ef1da98955erikabele <p>Be careful when using <code>ScriptInterpreterSource
8b052d682204371decc64f942aede5ef1da98955erikabele module="mod_alias">ScriptAlias</directive>'ed directories, because
8b052d682204371decc64f942aede5ef1da98955erikabele Apache will try to execute <strong>every</strong> file within this
8b052d682204371decc64f942aede5ef1da98955erikabele directory. The <code>Registry</code> setting may cause undesired
8b052d682204371decc64f942aede5ef1da98955erikabele program calls on files which are typically not executed. For
8b052d682204371decc64f942aede5ef1da98955erikabele example, the default open command on <code>.htm</code> files on
7fbd7281d06cec1918aa370214df77c572f871a9sf most Windows systems will execute Microsoft Internet Explorer, so
7fbd7281d06cec1918aa370214df77c572f871a9sf any HTTP request for an <code>.htm</code> file existing within the
7fbd7281d06cec1918aa370214df77c572f871a9sf script directory would start the browser in the background on the
7fbd7281d06cec1918aa370214df77c572f871a9sf server. This is a good way to crash your system within a minute or
7fbd7281d06cec1918aa370214df77c572f871a9sf <p>The option <code>Registry-Strict</code> which is new in Apache
7fbd7281d06cec1918aa370214df77c572f871a9sf 2.0 does the same thing as <code>Registry</code> but uses only the
7fbd7281d06cec1918aa370214df77c572f871a9sf configured manually in the windows registry and hence prevents
7fbd7281d06cec1918aa370214df77c572f871a9sf accidental program calls on your system.</p>
7fbd7281d06cec1918aa370214df77c572f871a9sf</directivesynopsis>
7fbd7281d06cec1918aa370214df77c572f871a9sf<directivesynopsis>
7fbd7281d06cec1918aa370214df77c572f871a9sf<description>Email address that the server includes in error
7fbd7281d06cec1918aa370214df77c572f871a9sfmessages sent to the client</description>
7fbd7281d06cec1918aa370214df77c572f871a9sf<syntax>ServerAdmin <var>email-address</var>|<var>URL</var></syntax>
7fbd7281d06cec1918aa370214df77c572f871a9sf<contextlist><context>server config</context><context>virtual host</context>
7fbd7281d06cec1918aa370214df77c572f871a9sf</contextlist>
7fbd7281d06cec1918aa370214df77c572f871a9sf <p>The <directive>ServerAdmin</directive> sets the contact address
7fbd7281d06cec1918aa370214df77c572f871a9sf that the server includes in any error messages it returns to the
7fbd7281d06cec1918aa370214df77c572f871a9sf client. If the <code>httpd</code> doesn't recognize the supplied argument
7fbd7281d06cec1918aa370214df77c572f871a9sf as an URL, it
7fbd7281d06cec1918aa370214df77c572f871a9sf assumes, that it's an <var>email-address</var> and prepends it with
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <code>mailto:</code> in hyperlink targets. However, it's recommended to
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive actually use an email address, since there are a lot of CGI scripts that
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive make that assumption. If you want to use an URL, it should point to another
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive server under your control. Otherwise users may not be able to contact you in
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive case of errors.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>It may be worth setting up a dedicated address for this, e.g.</p>
18b4b0fd6056093002ddef488636bf5ebe415ef0erikabele ServerAdmin www-admin@foo.example.com
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>as users do not always mention that they are talking about the
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive server!</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive</directivesynopsis>
fb77c505254b6e9c925e23e734463e87574f8f40kess<directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<description>Alternate names for a host used when matching requests
d3f27ec18dfa6283e852aa98253212edafaa0e2brbowento name-virtual hosts</description>
d3f27ec18dfa6283e852aa98253212edafaa0e2brbowen<syntax>ServerAlias <var>hostname</var> [<var>hostname</var>] ...</syntax>
d3f27ec18dfa6283e852aa98253212edafaa0e2brbowen<contextlist><context>virtual host</context></contextlist>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <p>The <directive>ServerAlias</directive> directive sets the
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive alternate names for a host, for use with <a
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive href="/vhosts/name-based.html">name-based virtual hosts</a>. The
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <directive>ServerAlias</directive> may include wildcards, if appropriate.</p>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick <VirtualHost *><br />
2b6c7b8eb5fbc43564898aedac730df7e91da475trawick # ...<br />
a0fed3e26656887c8458aa1081d516d08ced3c84trawick </VirtualHost>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<seealso><a href="/vhosts/">Apache Virtual Host documentation</a></seealso>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick</directivesynopsis>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<directivesynopsis>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<description>Hostname and port that the server uses to identify
a0fed3e26656887c8458aa1081d516d08ced3c84trawickitself</description>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<syntax>ServerName [<var>scheme</var>://]<var>fully-qualified-domain-name</var>[:<var>port</var>]</syntax>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<contextlist><context>server config</context><context>virtual host</context>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick</contextlist>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<compatibility>In version 2.0, this
a0fed3e26656887c8458aa1081d516d08ced3c84trawick directive supersedes the functionality of the <directive>Port</directive>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick directive from version 1.3.</compatibility>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick <p>The <directive>ServerName</directive> directive sets the
a0fed3e26656887c8458aa1081d516d08ced3c84trawick request scheme, hostname and
a0fed3e26656887c8458aa1081d516d08ced3c84trawick port that the server uses to identify itself. This is used when
a0fed3e26656887c8458aa1081d516d08ced3c84trawick creating redirection URLs. For example, if the name of the
a0fed3e26656887c8458aa1081d516d08ced3c84trawick machine hosting the web server is <code>simple.example.com</code>,
a0fed3e26656887c8458aa1081d516d08ced3c84trawick but the machine also has the DNS alias <code>www.example.com</code>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick and you wish the web server to be so identified, the following
a0fed3e26656887c8458aa1081d516d08ced3c84trawick directive should be used:</p>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick <p>If no <directive>ServerName</directive> is specified, then the
a0fed3e26656887c8458aa1081d516d08ced3c84trawick server attempts to deduce the hostname by performing a reverse
a0fed3e26656887c8458aa1081d516d08ced3c84trawick lookup on the IP address. If no port is specified in the
a0fed3e26656887c8458aa1081d516d08ced3c84trawick <directive>ServerName</directive>, then the server will use the
a0fed3e26656887c8458aa1081d516d08ced3c84trawick port from the incoming request. For optimal reliability and
a0fed3e26656887c8458aa1081d516d08ced3c84trawick predictability, you should specify an explicit hostname and port
a0fed3e26656887c8458aa1081d516d08ced3c84trawick using the <directive>ServerName</directive> directive.</p>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick href="/vhosts/name-based.html">name-based virtual hosts</a>,
a0fed3e26656887c8458aa1081d516d08ced3c84trawick <directive type="section" module="core">VirtualHost</directive>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick section specifies what hostname must appear in the request's
a0fed3e26656887c8458aa1081d516d08ced3c84trawick <code>Host:</code> header to match this virtual host.</p>
bf0e7f6393e91c0a7c15cb0d889a4238c973dc2etrawick <p>Sometimes, the server runs behind a device that processes SSL,
bf0e7f6393e91c0a7c15cb0d889a4238c973dc2etrawick such as a reverse proxy, load balancer or SSL offload
bf0e7f6393e91c0a7c15cb0d889a4238c973dc2etrawick appliance. When this is the case, specify the
bf0e7f6393e91c0a7c15cb0d889a4238c973dc2etrawick <code>https://</code> scheme and the port number to which the
bf0e7f6393e91c0a7c15cb0d889a4238c973dc2etrawick clients connect in the <directive>ServerName</directive> directive
bf0e7f6393e91c0a7c15cb0d889a4238c973dc2etrawick to make sure that the server generates the correct
a0fed3e26656887c8458aa1081d516d08ced3c84trawick self-referential URLs.
a0fed3e26656887c8458aa1081d516d08ced3c84trawick <p>See the description of the
a0fed3e26656887c8458aa1081d516d08ced3c84trawick <directive module="core">UseCanonicalName</directive> and
a0fed3e26656887c8458aa1081d516d08ced3c84trawick <directive module="core">UseCanonicalPhysicalPort</directive>directives for
a0fed3e26656887c8458aa1081d516d08ced3c84trawick settings which determine whether self-referential URLs (e.g., by the
bf0e7f6393e91c0a7c15cb0d889a4238c973dc2etrawick specified port, or to the port number given in the client's request.
bf0e7f6393e91c0a7c15cb0d889a4238c973dc2etrawick<seealso><a href="/dns-caveats.html">Issues Regarding DNS and
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<seealso><directive module="core">UseCanonicalName</directive></seealso>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<seealso><directive module="core">UseCanonicalPhysicalPort</directive></seealso>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<seealso><directive module="core">NameVirtualHost</directive></seealso>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<seealso><directive module="core">ServerAlias</directive></seealso>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick</directivesynopsis>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<directivesynopsis>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<description>Legacy URL pathname for a name-based virtual host that
a0fed3e26656887c8458aa1081d516d08ced3c84trawickis accessed by an incompatible browser</description>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<contextlist><context>virtual host</context></contextlist>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick <p>The <directive>ServerPath</directive> directive sets the legacy
a0fed3e26656887c8458aa1081d516d08ced3c84trawick URL pathname for a host, for use with <a
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<seealso><a href="/vhosts/">Apache Virtual Host documentation</a></seealso>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick</directivesynopsis>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<directivesynopsis>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<description>Base directory for the server installation</description>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<syntax>ServerRoot <var>directory-path</var></syntax>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<contextlist><context>server config</context></contextlist>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick <p>The <directive>ServerRoot</directive> directive sets the
a0fed3e26656887c8458aa1081d516d08ced3c84trawick directory in which the server lives. Typically it will contain the
a0fed3e26656887c8458aa1081d516d08ced3c84trawick subdirectories <code>conf/</code> and <code>logs/</code>. Relative
a0fed3e26656887c8458aa1081d516d08ced3c84trawick paths in other configuration directives (such as <directive
a0fed3e26656887c8458aa1081d516d08ced3c84trawick module="mod_so">LoadModule</directive>, for example) are taken as
a0fed3e26656887c8458aa1081d516d08ced3c84trawick relative to this directory.</p>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<seealso><a href="/invoking.html">the <code>-d</code>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<seealso><a href="/misc/security_tips.html#serverroot">the
a0fed3e26656887c8458aa1081d516d08ced3c84trawick security tips</a> for information on how to properly set
a0fed3e26656887c8458aa1081d516d08ced3c84trawick permissions on the <directive>ServerRoot</directive></seealso>
215694531f7d868b906df96e22a80e6a1d2326a6lgentis</directivesynopsis>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<directivesynopsis>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<description>Configures the footer on server-generated documents</description>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<contextlist><context>server config</context><context>virtual host</context>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<context>directory</context><context>.htaccess</context>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick</contextlist>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick <p>The <directive>ServerSignature</directive> directive allows the
a0fed3e26656887c8458aa1081d516d08ced3c84trawick configuration of a trailing footer line under server-generated
a0fed3e26656887c8458aa1081d516d08ced3c84trawick documents (error messages, <module>mod_proxy</module> ftp directory
a0fed3e26656887c8458aa1081d516d08ced3c84trawick listings, <module>mod_info</module> output, ...). The reason why you
a0fed3e26656887c8458aa1081d516d08ced3c84trawick would want to enable such a footer line is that in a chain of proxies,
a0fed3e26656887c8458aa1081d516d08ced3c84trawick the user often has no possibility to tell which of the chained servers
a0fed3e26656887c8458aa1081d516d08ced3c84trawick actually produced a returned error message.</p>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick setting, which is the default, suppresses the footer line (and is
a0fed3e26656887c8458aa1081d516d08ced3c84trawick therefore compatible with the behavior of Apache-1.2 and
a0fed3e26656887c8458aa1081d516d08ced3c84trawick below). The <code>On</code> setting simply adds a line with the
a0fed3e26656887c8458aa1081d516d08ced3c84trawick server version number and <directive
a0fed3e26656887c8458aa1081d516d08ced3c84trawick module="core">ServerName</directive> of the serving virtual host,
2b6c7b8eb5fbc43564898aedac730df7e91da475trawick and the <code>EMail</code> setting additionally creates a
2b6c7b8eb5fbc43564898aedac730df7e91da475trawick "mailto:" reference to the <directive
2b6c7b8eb5fbc43564898aedac730df7e91da475trawick module="core">ServerAdmin</directive> of the referenced
2b6c7b8eb5fbc43564898aedac730df7e91da475trawick document.</p>
2b6c7b8eb5fbc43564898aedac730df7e91da475trawick <p>After version 2.0.44, the details of the server version number
2b6c7b8eb5fbc43564898aedac730df7e91da475trawick presented are controlled by the <directive
2b6c7b8eb5fbc43564898aedac730df7e91da475trawick module="core">ServerTokens</directive> directive.</p>
2b6c7b8eb5fbc43564898aedac730df7e91da475trawick<seealso><directive module="core">ServerTokens</directive></seealso>
2b6c7b8eb5fbc43564898aedac730df7e91da475trawick</directivesynopsis>
2b6c7b8eb5fbc43564898aedac730df7e91da475trawick<directivesynopsis>
2b6c7b8eb5fbc43564898aedac730df7e91da475trawick<description>Configures the <code>Server</code> HTTP response
2b6c7b8eb5fbc43564898aedac730df7e91da475trawickheader</description>
2b6c7b8eb5fbc43564898aedac730df7e91da475trawick<syntax>ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full</syntax>
2b6c7b8eb5fbc43564898aedac730df7e91da475trawick<contextlist><context>server config</context></contextlist>
2b6c7b8eb5fbc43564898aedac730df7e91da475trawick <p>This directive controls whether <code>Server</code> response
2b6c7b8eb5fbc43564898aedac730df7e91da475trawick header field which is sent back to clients includes a
2b6c7b8eb5fbc43564898aedac730df7e91da475trawick description of the generic OS-type of the server as well as
2b6c7b8eb5fbc43564898aedac730df7e91da475trawick information about compiled-in modules.</p>
2b6c7b8eb5fbc43564898aedac730df7e91da475trawick <dd>Server sends (<em>e.g.</em>): <code>Server: Apache/2.0.41
2b6c7b8eb5fbc43564898aedac730df7e91da475trawick <dt><code>ServerTokens Full</code> (or not specified)</dt>
2b6c7b8eb5fbc43564898aedac730df7e91da475trawick <dd>Server sends (<em>e.g.</em>): <code>Server: Apache/2.0.41
a0fed3e26656887c8458aa1081d516d08ced3c84trawick <p>This setting applies to the entire server, and cannot be
a0fed3e26656887c8458aa1081d516d08ced3c84trawick enabled or disabled on a virtualhost-by-virtualhost basis.</p>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick <p>After version 2.0.44, this directive also controls the
a0fed3e26656887c8458aa1081d516d08ced3c84trawick information presented by the <directive
a0fed3e26656887c8458aa1081d516d08ced3c84trawick module="core">ServerSignature</directive> directive.</p>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<seealso><directive module="core">ServerSignature</directive></seealso>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick</directivesynopsis>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<directivesynopsis>
a0fed3e26656887c8458aa1081d516d08ced3c84trawick<description>Forces all matching files to be processed by a
80c4526970a11f37c0f8e3b82afdf03902dac3f3slivehandler</description>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<syntax>SetHandler <var>handler-name</var>|None</syntax>
003f0c9fda6664daf5092a0e42f65ede20098153slive<contextlist><context>server config</context><context>virtual host</context>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<context>directory</context><context>.htaccess</context>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd</contextlist>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<compatibility>Moved into the core in Apache 2.0</compatibility>
4025ef5b9785f4cc9e6456a1c0177383a8503361covener <p>When placed into an <code>.htaccess</code> file or a
4025ef5b9785f4cc9e6456a1c0177383a8503361covener <directive type="section" module="core">Directory</directive> or
4025ef5b9785f4cc9e6456a1c0177383a8503361covener <directive type="section" module="core">Location</directive>
5f4e50966b2b9b58436a1651cbe588d1b595657ewrowe section, this directive forces all matching files to be parsed
4025ef5b9785f4cc9e6456a1c0177383a8503361covener through the <a href="/handler.html">handler</a> given by
4025ef5b9785f4cc9e6456a1c0177383a8503361covener <var>handler-name</var>. For example, if you had a directory you
4025ef5b9785f4cc9e6456a1c0177383a8503361covener wanted to be parsed entirely as imagemap rule files, regardless
4025ef5b9785f4cc9e6456a1c0177383a8503361covener of extension, you might put the following into an
4025ef5b9785f4cc9e6456a1c0177383a8503361covener SetHandler imap-file
4025ef5b9785f4cc9e6456a1c0177383a8503361covener <p>Another example: if you wanted to have the server display a
4025ef5b9785f4cc9e6456a1c0177383a8503361covener status report whenever a URL of
4025ef5b9785f4cc9e6456a1c0177383a8503361covener <code>http://servername/status</code> was called, you might put
4025ef5b9785f4cc9e6456a1c0177383a8503361covener <Location /status><br />
4025ef5b9785f4cc9e6456a1c0177383a8503361covener SetHandler server-status<br />
4025ef5b9785f4cc9e6456a1c0177383a8503361covener </Location>
4025ef5b9785f4cc9e6456a1c0177383a8503361covener <p>You can override an earlier defined <directive>SetHandler</directive>
4025ef5b9785f4cc9e6456a1c0177383a8503361covener <p><strong>Note:</strong> because SetHandler overrides default handlers,
4025ef5b9785f4cc9e6456a1c0177383a8503361covener normal behaviour such as handling of URLs ending in a slash (/) as
4025ef5b9785f4cc9e6456a1c0177383a8503361covener directories or index files is suppressed.</p>
4025ef5b9785f4cc9e6456a1c0177383a8503361covener<seealso><directive module="mod_mime">AddHandler</directive></seealso>
4025ef5b9785f4cc9e6456a1c0177383a8503361covener</directivesynopsis>
4025ef5b9785f4cc9e6456a1c0177383a8503361covener<directivesynopsis>
4025ef5b9785f4cc9e6456a1c0177383a8503361covener<description>Sets the filters that will process client requests and POST
4025ef5b9785f4cc9e6456a1c0177383a8503361covenerinput</description>
4025ef5b9785f4cc9e6456a1c0177383a8503361covener<syntax>SetInputFilter <var>filter</var>[;<var>filter</var>...]</syntax>
4025ef5b9785f4cc9e6456a1c0177383a8503361covener<contextlist><context>server config</context><context>virtual host</context>
4025ef5b9785f4cc9e6456a1c0177383a8503361covener<context>directory</context><context>.htaccess</context>
4025ef5b9785f4cc9e6456a1c0177383a8503361covener</contextlist>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <p>The <directive>SetInputFilter</directive> directive sets the
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive filter or filters which will process client requests and POST
e6ab342447cf6b4c22bbe66169718d0e9b78819apoirier input when they are received by the server. This is in addition to
e6ab342447cf6b4c22bbe66169718d0e9b78819apoirier any filters defined elsewhere, including the
e6ab342447cf6b4c22bbe66169718d0e9b78819apoirier <directive module="mod_mime">AddInputFilter</directive>
e6ab342447cf6b4c22bbe66169718d0e9b78819apoirier directive.</p>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <p>If more than one filter is specified, they must be separated
fb77c505254b6e9c925e23e734463e87574f8f40kess by semicolons in the order in which they should process the
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd content.</p>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd<seealso><a href="/filter.html">Filters</a> documentation</seealso>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive</directivesynopsis>
fb77c505254b6e9c925e23e734463e87574f8f40kess<directivesynopsis>
27303c8bb552a8a5fc859feb735d686fc59f59a1yoshiki<description>Sets the filters that will process responses from the
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cndserver</description>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd<syntax>SetOutputFilter <var>filter</var>[;<var>filter</var>...]</syntax>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd<contextlist><context>server config</context><context>virtual host</context>
4025ef5b9785f4cc9e6456a1c0177383a8503361covener</contextlist>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <p>The <directive>SetOutputFilter</directive> directive sets the filters
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd which will process responses from the server before they are
3386d67e54f92fdf6a3ffc5f7f8081eed6c44badslive sent to the client. This is in addition to any filters defined
3386d67e54f92fdf6a3ffc5f7f8081eed6c44badslive elsewhere, including the
05201775eaa6b363b8a119c8aea5db246b967591yoshiki <directive module="mod_mime">AddOutputFilter</directive>
d3f27ec18dfa6283e852aa98253212edafaa0e2brbowen directive.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>For example, the following configuration will process all files
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive in the <code>/www/data/</code> directory for server-side
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive includes.</p>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd SetOutputFilter INCLUDES<br />
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive </Directory>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>If more than one filter is specified, they must be separated
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive by semicolons in the order in which they should process the
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive content.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<seealso><a href="/filter.html">Filters</a> documentation</seealso>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive</directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<description>Amount of time the server will wait for
80c4526970a11f37c0f8e3b82afdf03902dac3f3slivecertain events before failing a request</description>
fb77c505254b6e9c925e23e734463e87574f8f40kess<contextlist><context>server config</context><context>virtual host</context></contextlist>
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess <p>The <directive>TimeOut</directive> directive currently defines
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive the amount of time Apache will wait for three things:</p>
13e5182a0c199ecc7a73db97b6448a544e940868slive <li>The total amount of time it takes to receive a GET
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive request.</li>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <li>The amount of time between receipt of TCP packets on a
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive POST or PUT request.</li>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <li>The amount of time between ACKs on transmissions of TCP
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd packets in responses.</li>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <p>We plan on making these separately configurable at some point
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd down the road. The timer used to default to 1200 before 1.2,
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd but has been lowered to 300 which is still far more than
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd necessary in most situations. It is not set any lower by
1c5fe3e61f0f3202ae0f853740d53f3aff4c4afbslive default because there may still be odd places in the code where
1c5fe3e61f0f3202ae0f853740d53f3aff4c4afbslive the timer is not reset when a packet is sent. </p>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd</directivesynopsis>
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess<directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<description>Determines the behaviour on <code>TRACE</code>
13e5182a0c199ecc7a73db97b6448a544e940868sliverequests</description>
13e5182a0c199ecc7a73db97b6448a544e940868slive<syntax>TraceEnable <var>[on|off|extended]</var></syntax>
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess<contextlist><context>server config</context></contextlist>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<compatibility>Available in Apache 1.3.34, 2.0.55 and later</compatibility>
13e5182a0c199ecc7a73db97b6448a544e940868slive <p>This directive overrides the behavior of <code>TRACE</code> for both
13e5182a0c199ecc7a73db97b6448a544e940868slive the core server and <module>mod_proxy</module>. The default
13e5182a0c199ecc7a73db97b6448a544e940868slive <code>TraceEnable on</code> permits <code>TRACE</code> requests per
b00583f8e126bbb00b06dcf06af06c9d07978701kess RFC 2616, which disallows any request body to accompany the request.
13e5182a0c199ecc7a73db97b6448a544e940868slive <code>TraceEnable off</code> causes the core server and
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <module>mod_proxy</module> to return a <code>405</code> (Method not
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess allowed) error to the client.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>Finally, for testing and diagnostic purposes only, request
0d5b778ac63bc803c0dd1a4fdef371fe7a0f4b57kess bodies may be allowed using the non-compliant <code>TraceEnable
13e5182a0c199ecc7a73db97b6448a544e940868slive extended</code> directive. The core (as an origin server) will
13e5182a0c199ecc7a73db97b6448a544e940868slive restrict the request body to 64k (plus 8k for chunk headers if
13e5182a0c199ecc7a73db97b6448a544e940868slive <code>Transfer-Encoding: chunked</code> is used). The core will
13e5182a0c199ecc7a73db97b6448a544e940868slive reflect the full headers and all chunk headers with the response
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive body. As a proxy server, the request body is not restricted to 64k.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive</directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<directivesynopsis>
13e5182a0c199ecc7a73db97b6448a544e940868slive<description>Configures how the server determines its own name and
80c4526970a11f37c0f8e3b82afdf03902dac3f3sliveport</description>
13e5182a0c199ecc7a73db97b6448a544e940868slive<contextlist><context>server config</context><context>virtual host</context>
1c5fe3e61f0f3202ae0f853740d53f3aff4c4afbslive <p>In many situations Apache must construct a <em>self-referential</em>
13e5182a0c199ecc7a73db97b6448a544e940868slive URL -- that is, a URL that refers back to the same server. With
1c5fe3e61f0f3202ae0f853740d53f3aff4c4afbslive <code>UseCanonicalName On</code> Apache will use the hostname and port
1c5fe3e61f0f3202ae0f853740d53f3aff4c4afbslive specified in the <directive module="core">ServerName</directive>
1c5fe3e61f0f3202ae0f853740d53f3aff4c4afbslive directive to construct the canonical name for the server. This name
1c5fe3e61f0f3202ae0f853740d53f3aff4c4afbslive is used in all self-referential URLs, and for the values of
13e5182a0c199ecc7a73db97b6448a544e940868slive <code>SERVER_NAME</code> and <code>SERVER_PORT</code> in CGIs.</p>
13e5182a0c199ecc7a73db97b6448a544e940868slive <p>With <code>UseCanonicalName Off</code> Apache will form
13e5182a0c199ecc7a73db97b6448a544e940868slive self-referential URLs using the hostname and port supplied by
13e5182a0c199ecc7a73db97b6448a544e940868slive the client if any are supplied (otherwise it will use the
13e5182a0c199ecc7a73db97b6448a544e940868slive canonical name, as defined above). These values are the same
13e5182a0c199ecc7a73db97b6448a544e940868slive that are used to implement <a
13e5182a0c199ecc7a73db97b6448a544e940868slive href="/vhosts/name-based.html">name based virtual hosts</a>,
13e5182a0c199ecc7a73db97b6448a544e940868slive and are available with the same clients. The CGI variables
13e5182a0c199ecc7a73db97b6448a544e940868slive <code>SERVER_NAME</code> and <code>SERVER_PORT</code> will be
13e5182a0c199ecc7a73db97b6448a544e940868slive constructed from the client supplied values as well.</p>
13e5182a0c199ecc7a73db97b6448a544e940868slive <p>An example where this may be useful is on an intranet server
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive where you have users connecting to the machine using short
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive names such as <code>www</code>. You'll notice that if the users
3b9c7ec844aa240622a33735d1b9cbac4232e268rbowen type a shortname, and a URL which is a directory, such as
3b9c7ec844aa240622a33735d1b9cbac4232e268rbowen <code>http://www/splat</code>, <em>without the trailing
3b9c7ec844aa240622a33735d1b9cbac4232e268rbowen slash</em> then Apache will redirect them to
3b9c7ec844aa240622a33735d1b9cbac4232e268rbowen <code>http://www.domain.com/splat/</code>. If you have
3b9c7ec844aa240622a33735d1b9cbac4232e268rbowen authentication enabled, this will cause the user to have to
3b9c7ec844aa240622a33735d1b9cbac4232e268rbowen authenticate twice (once for <code>www</code> and once again
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive href="http://httpd.apache.org/docs/misc/FAQ.html#prompted-twice">the
130d299c4b2b15be45532a176604c71fdc7bea5bnd FAQ on this subject for more information</a>). But if
130d299c4b2b15be45532a176604c71fdc7bea5bnd <directive>UseCanonicalName</directive> is set <code>Off</code>, then
130d299c4b2b15be45532a176604c71fdc7bea5bnd Apache will redirect to <code>http://www/splat/</code>.</p>
130d299c4b2b15be45532a176604c71fdc7bea5bnd <p>There is a third option, <code>UseCanonicalName DNS</code>,
130d299c4b2b15be45532a176604c71fdc7bea5bnd which is intended for use with mass IP-based virtual hosting to
130d299c4b2b15be45532a176604c71fdc7bea5bnd support ancient clients that do not provide a
130d299c4b2b15be45532a176604c71fdc7bea5bnd <code>Host:</code> header. With this option Apache does a
130d299c4b2b15be45532a176604c71fdc7bea5bnd reverse DNS lookup on the server IP address that the client
130d299c4b2b15be45532a176604c71fdc7bea5bnd connected to in order to work out self-referential URLs.</p>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <p>If CGIs make assumptions about the values of <code>SERVER_NAME</code>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive they may be broken by this option. The client is essentially free
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive to give whatever value they want as a hostname. But if the CGI is
fb77c505254b6e9c925e23e734463e87574f8f40kess only using <code>SERVER_NAME</code> to construct self-referential URLs
fb77c505254b6e9c925e23e734463e87574f8f40kess then it should be just fine.</p>
130d299c4b2b15be45532a176604c71fdc7bea5bnd<seealso><directive module="core">UseCanonicalPhysicalPort</directive></seealso>
130d299c4b2b15be45532a176604c71fdc7bea5bnd<seealso><directive module="core">ServerName</directive></seealso>
130d299c4b2b15be45532a176604c71fdc7bea5bnd<seealso><directive module="mpm_common">Listen</directive></seealso>
130d299c4b2b15be45532a176604c71fdc7bea5bnd</directivesynopsis>
130d299c4b2b15be45532a176604c71fdc7bea5bnd<directivesynopsis>
130d299c4b2b15be45532a176604c71fdc7bea5bnd<description>Configures how the server determines its own name and
130d299c4b2b15be45532a176604c71fdc7bea5bndport</description>
130d299c4b2b15be45532a176604c71fdc7bea5bnd<contextlist><context>server config</context><context>virtual host</context>
fb77c505254b6e9c925e23e734463e87574f8f40kess <p>In many situations Apache must construct a <em>self-referential</em>
fb77c505254b6e9c925e23e734463e87574f8f40kess URL -- that is, a URL that refers back to the same server. With
fb77c505254b6e9c925e23e734463e87574f8f40kess <code>UseCanonicalPhysicalPort On</code> Apache will, when
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess constructing the canonical port for the server to honor
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess the <directive module="core">UseCanonicalName</directive> directive,
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess provide the actual physical port number being used by this request
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess as a potential port. With <code>UseCanonicalPhysicalPort Off</code>
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess Apache will not ever use the actual physical port number, instead
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive relying on all configured information to construct a valid port number.</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>The ordering of when the physical port is used is as follows:<br /><br />
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>With <code>UseCanonicalPhysicalPort Off</code>, the
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive physical ports are removed from the ordering.</p>
ef8e89e090461194ecadd31e8796a2c51e0531a2kess<seealso><directive module="core">UseCanonicalName</directive></seealso>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<seealso><directive module="core">ServerName</directive></seealso>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<seealso><directive module="mpm_common">Listen</directive></seealso>
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen</directivesynopsis>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<description>Contains directives that apply only to a specific
80c4526970a11f37c0f8e3b82afdf03902dac3f3slivehostname or IP address</description>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<syntax><VirtualHost
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <var>addr</var>[:<var>port</var>] [<var>addr</var>[:<var>port</var>]]
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive ...> ... </VirtualHost></syntax>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive<contextlist><context>server config</context></contextlist>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p><directive type="section">VirtualHost</directive> and
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <code></VirtualHost></code> are used to enclose a group of
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive directives that will apply only to a particular virtual host. Any
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive directive that is allowed in a virtual host context may be
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen used. When the server receives a request for a document on a
ef8e89e090461194ecadd31e8796a2c51e0531a2kess particular virtual host, it uses the configuration directives
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive enclosed in the <directive type="section">VirtualHost</directive>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <li>A fully qualified domain name for the IP address of the
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive virtual host (not recommended);</li>
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd <li>The character <code>*</code>, which is used only in combination with
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <code>NameVirtualHost *</code> to match all IP addresses; or</li>
ef8e89e090461194ecadd31e8796a2c51e0531a2kess <li>The string <code>_default_</code>, which is used only
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive with IP virtual hosting to catch unmatched IP addresses.</li>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <VirtualHost 10.1.2.3><br />
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive ServerAdmin webmaster@host.foo.com<br />
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive </VirtualHost>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>IPv6 addresses must be specified in square brackets because
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess the optional port number could not be determined otherwise. An
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen IPv6 example is shown below:</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <VirtualHost [2001:db8::a00:20ff:fea7:ccea]><br />
18b4b0fd6056093002ddef488636bf5ebe415ef0erikabele ServerAdmin webmaster@host.example.com<br />
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive </VirtualHost>
ef8e89e090461194ecadd31e8796a2c51e0531a2kess <p>Each Virtual Host must correspond to a different IP address,
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive different port number or a different host name for the server,
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive in the former case the server machine must be configured to
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen accept IP packets for multiple addresses. (If the machine does
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen not have multiple network interfaces, then this can be
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive accomplished with the <code>ifconfig alias</code> command -- if
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen your OS supports it).</p>
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <p>The use of <directive type="section">VirtualHost</directive> does
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive <strong>not</strong> affect what addresses Apache listens on. You
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess may need to ensure that Apache is listening on the correct addresses
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess using <directive module="mpm_common">Listen</directive>.</p>
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess <p>When using IP-based virtual hosting, the special name
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess which case this virtual host will match any IP address that is
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess not explicitly listed in another virtual host. In the absence
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive of any <code>_default_</code> virtual host the "main" server config,
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive consisting of all those definitions outside any VirtualHost
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive section, is used when no IP-match occurs. (But note that any IP
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive address that matches a <directive
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive module="core">NameVirtualHost</directive> directive will use neither
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive the "main" server config nor the <code>_default_</code> virtual host.
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive See the <a href="/vhosts/name-based.html">name-based virtual hosting</a>
fb77c505254b6e9c925e23e734463e87574f8f40kess documentation for further details.)</p>
fb77c505254b6e9c925e23e734463e87574f8f40kess <p>You can specify a <code>:port</code> to change the port that is
fb77c505254b6e9c925e23e734463e87574f8f40kess matched. If unspecified then it defaults to the same port as the
18b4b0fd6056093002ddef488636bf5ebe415ef0erikabele most recent <directive module="mpm_common">Listen</directive>
18b4b0fd6056093002ddef488636bf5ebe415ef0erikabele statement of the main server. You may also specify <code>:*</code>
003f0c9fda6664daf5092a0e42f65ede20098153slive to match all ports on that address. (This is recommended when used
ef8e89e090461194ecadd31e8796a2c51e0531a2kess <p>A <directive module="core">ServerName</directive> should be
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive specified inside each <directive
80c4526970a11f37c0f8e3b82afdf03902dac3f3slive type="section">VirtualHost</directive> block. If it is absent, the
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen <directive module="core">ServerName</directive> from the "main"
4cafc94e99922f00654e1779d30c2cccf5278c4fkess server configuration will be inherited.</p>
4cafc94e99922f00654e1779d30c2cccf5278c4fkess <p>See the <a href="/misc/security_tips.html">security tips</a>
4cafc94e99922f00654e1779d30c2cccf5278c4fkess document for details on why your security could be compromised if the
4cafc94e99922f00654e1779d30c2cccf5278c4fkess directory where log files are stored is writable by anyone other
4cafc94e99922f00654e1779d30c2cccf5278c4fkess than the user that starts the server.</p>
27303c8bb552a8a5fc859feb735d686fc59f59a1yoshiki<seealso><a href="/vhosts/">Apache Virtual Host documentation</a></seealso>
4cafc94e99922f00654e1779d30c2cccf5278c4fkess<seealso><a href="/dns-caveats.html">Issues Regarding DNS and
fb77c505254b6e9c925e23e734463e87574f8f40kess<seealso><a href="/sections.html">How <Directory>, <Location>
fb77c505254b6e9c925e23e734463e87574f8f40kess and <Files> sections work</a> for an explanation of how these
4cafc94e99922f00654e1779d30c2cccf5278c4fkess different sections are combined when a request is received</seealso>
4cafc94e99922f00654e1779d30c2cccf5278c4fkess</directivesynopsis>
96a8ac87abbb04c2a925f7fde5eb12bf1d1f4bc3slive</modulesynopsis>