97a9a944b5887e91042b019776c41d5dd74557aferikabele<?xml version='1.0' encoding='UTF-8' ?>

97a9a944b5887e91042b019776c41d5dd74557aferikabele<!DOCTYPE manualpage SYSTEM "/style/manualpage.dtd">

97a9a944b5887e91042b019776c41d5dd74557aferikabele<?xml-stylesheet type="text/xsl" href="/style/manual.en.xsl"?>

a945f35eff8b6a88009ce73de6d4c862ce58de3cslive

fe64b2ba25510d8c9dba5560a2d537763566cf40nd

3f08db06526d6901aa08c110b5bc7dde6bc39905nd<manualpage metafile="upgrading.xml.meta">

fe64b2ba25510d8c9dba5560a2d537763566cf40nd

fe64b2ba25510d8c9dba5560a2d537763566cf40nd<title>Upgrading to 2.4 from 2.2</title>

3b3b7fc78d1f5bfc2769903375050048ff41ff26nd

ad74a0524a06bfe11b7de9e3b4ce7233ab3bd3f7nd<summary>

f086b4b402fa9a2fefc7dda85de2a3cc1cd0a654rjung <p>In order to assist folks upgrading, we maintain a document

3b3b7fc78d1f5bfc2769903375050048ff41ff26nd describing information critical to existing Apache HTTP Server users. These

fe64b2ba25510d8c9dba5560a2d537763566cf40nd are intended to be brief notes, and you should be able to find

fe64b2ba25510d8c9dba5560a2d537763566cf40nd more information in either the <a

fe64b2ba25510d8c9dba5560a2d537763566cf40nd href="new_features_2_4.html">New Features</a> document, or in

fe64b2ba25510d8c9dba5560a2d537763566cf40nd the <code>src/CHANGES</code> file. Application and module developers

fe64b2ba25510d8c9dba5560a2d537763566cf40nd can find a summary of API changes in the <a href="developer/new_api_2_4.html"

fe64b2ba25510d8c9dba5560a2d537763566cf40nd >API updates</a> overview.</p>

06ba4a61654b3763ad65f52283832ebf058fdf1cslive

06ba4a61654b3763ad65f52283832ebf058fdf1cslive <p>This document describes changes in server behavior that might

06ba4a61654b3763ad65f52283832ebf058fdf1cslive require you to change your configuration or how you use the server

06ba4a61654b3763ad65f52283832ebf058fdf1cslive in order to continue using 2.4 as you are currently using 2.2.

06ba4a61654b3763ad65f52283832ebf058fdf1cslive To take advantage of new features in 2.4, see the New Features

06ba4a61654b3763ad65f52283832ebf058fdf1cslive document.</p>

06ba4a61654b3763ad65f52283832ebf058fdf1cslive

06ba4a61654b3763ad65f52283832ebf058fdf1cslive <p>This document describes only the changes from 2.2 to 2.4. If you

06ba4a61654b3763ad65f52283832ebf058fdf1cslive are upgrading from version 2.0, you should also consult the <a

26556019355f6e007335c2d5d57013ac24ebf651nd href="http://httpd.apache.org/docs/2.2/upgrading.html">2.0 to 2.2

fe64b2ba25510d8c9dba5560a2d537763566cf40nd upgrading document.</a></p>

fe64b2ba25510d8c9dba5560a2d537763566cf40nd

fe64b2ba25510d8c9dba5560a2d537763566cf40nd</summary>

fe64b2ba25510d8c9dba5560a2d537763566cf40nd<seealso><a href="new_features_2_4.html">Overview of new features in

117c1f888a14e73cdd821dc6c23eb0411144a41cnd Apache HTTP Server 2.4</a></seealso>

117c1f888a14e73cdd821dc6c23eb0411144a41cnd

fe64b2ba25510d8c9dba5560a2d537763566cf40nd <section id="compile-time">

fe64b2ba25510d8c9dba5560a2d537763566cf40nd <title>Compile-Time Configuration Changes</title>

fe64b2ba25510d8c9dba5560a2d537763566cf40nd

fe64b2ba25510d8c9dba5560a2d537763566cf40nd <p>The compilation process is very similar to the one used in

fe64b2ba25510d8c9dba5560a2d537763566cf40nd version 2.2. Your old <code>configure</code> command line (as

fe64b2ba25510d8c9dba5560a2d537763566cf40nd found in <code>build/config.nice</code> in the installed server

fe64b2ba25510d8c9dba5560a2d537763566cf40nd directory) can be used in most cases. There are some changes in

fe64b2ba25510d8c9dba5560a2d537763566cf40nd the default settings. Some details of changes:</p>

fe64b2ba25510d8c9dba5560a2d537763566cf40nd

fe64b2ba25510d8c9dba5560a2d537763566cf40nd <ul>

fe64b2ba25510d8c9dba5560a2d537763566cf40nd <li>These modules have been removed: mod_authn_default,

fe64b2ba25510d8c9dba5560a2d537763566cf40nd mod_authz_default, mod_mem_cache. If you were using

fe64b2ba25510d8c9dba5560a2d537763566cf40nd mod_mem_cache in 2.2, look at <module>mod_cache_disk</module> in

fe64b2ba25510d8c9dba5560a2d537763566cf40nd 2.4.</li>

fe64b2ba25510d8c9dba5560a2d537763566cf40nd

fe64b2ba25510d8c9dba5560a2d537763566cf40nd <li>All load balancing implementations have been moved to

fe64b2ba25510d8c9dba5560a2d537763566cf40nd individual, self-contained mod_proxy submodules, e.g.

fe64b2ba25510d8c9dba5560a2d537763566cf40nd <module>mod_lbmethod_bybusyness</module>. You might need

fe64b2ba25510d8c9dba5560a2d537763566cf40nd to build and load any of these that your configuration

06ba4a61654b3763ad65f52283832ebf058fdf1cslive uses.</li>

06ba4a61654b3763ad65f52283832ebf058fdf1cslive

06ba4a61654b3763ad65f52283832ebf058fdf1cslive <li>Platform support has been removed for BeOS, TPF, and

06ba4a61654b3763ad65f52283832ebf058fdf1cslive even older platforms such as A/UX, Next, and Tandem. These were

d43535d2b691837e9c1e2f01e42b76aa0a1ab98frbowen believed to be broken anyway.</li>

d43535d2b691837e9c1e2f01e42b76aa0a1ab98frbowen

97a9a944b5887e91042b019776c41d5dd74557aferikabele <li>configure: dynamic modules (DSO) are built by default</li>

d43535d2b691837e9c1e2f01e42b76aa0a1ab98frbowen

d43535d2b691837e9c1e2f01e42b76aa0a1ab98frbowen <li>configure: By default, only a basic set of modules is loaded. The

d43535d2b691837e9c1e2f01e42b76aa0a1ab98frbowen other <directive>LoadModule</directive> directives are commented

d43535d2b691837e9c1e2f01e42b76aa0a1ab98frbowen out.</li>

97a9a944b5887e91042b019776c41d5dd74557aferikabele

fe64b2ba25510d8c9dba5560a2d537763566cf40nd <li>configure: the "most" module set gets built by default</li>

fe64b2ba25510d8c9dba5560a2d537763566cf40nd

fe64b2ba25510d8c9dba5560a2d537763566cf40nd <li>configure: the "reallyall" module set adds developer modules

fe64b2ba25510d8c9dba5560a2d537763566cf40nd to the "all" set</li>

fe64b2ba25510d8c9dba5560a2d537763566cf40nd </ul>

fe64b2ba25510d8c9dba5560a2d537763566cf40nd

fe64b2ba25510d8c9dba5560a2d537763566cf40nd </section>

fe64b2ba25510d8c9dba5560a2d537763566cf40nd

fe64b2ba25510d8c9dba5560a2d537763566cf40nd <section id="run-time">

fe64b2ba25510d8c9dba5560a2d537763566cf40nd <title>Run-Time Configuration Changes</title>

fe64b2ba25510d8c9dba5560a2d537763566cf40nd <p>There have been significant changes in authorization configuration,

fe64b2ba25510d8c9dba5560a2d537763566cf40nd and other minor configuration changes, that could require changes to your 2.2

fe64b2ba25510d8c9dba5560a2d537763566cf40nd configuration files before using them for 2.4.</p>

06ba4a61654b3763ad65f52283832ebf058fdf1cslive

fe64b2ba25510d8c9dba5560a2d537763566cf40nd <section id="authz">

fe64b2ba25510d8c9dba5560a2d537763566cf40nd <title>Authorization</title>

fe64b2ba25510d8c9dba5560a2d537763566cf40nd

fe64b2ba25510d8c9dba5560a2d537763566cf40nd <p>Any configuration file that uses authorization will likely

fe64b2ba25510d8c9dba5560a2d537763566cf40nd need changes.</p>

84a33ff5010689fc0a2e1187c0090b3a44d13bebhumbedooh

fe64b2ba25510d8c9dba5560a2d537763566cf40nd <p>You should review the <a href="howto/auth.html">Authentication,

fe64b2ba25510d8c9dba5560a2d537763566cf40nd Authorization and Access Control Howto</a>, especially the section

fe64b2ba25510d8c9dba5560a2d537763566cf40nd <a href="howto/auth.html#beyond">Beyond just authorization</a>

fe64b2ba25510d8c9dba5560a2d537763566cf40nd which explains the new mechanisms for controlling the order in

fe64b2ba25510d8c9dba5560a2d537763566cf40nd which the authorization directives are applied.</p>

fe64b2ba25510d8c9dba5560a2d537763566cf40nd

fe64b2ba25510d8c9dba5560a2d537763566cf40nd <section id="access">

fe64b2ba25510d8c9dba5560a2d537763566cf40nd <title>Access control</title>

06ba4a61654b3763ad65f52283832ebf058fdf1cslive

06ba4a61654b3763ad65f52283832ebf058fdf1cslive <p>In 2.2, access control based on client hostname, IP address,

06ba4a61654b3763ad65f52283832ebf058fdf1cslive and other characteristics of client requests was done using the

06ba4a61654b3763ad65f52283832ebf058fdf1cslive directives <directive

06ba4a61654b3763ad65f52283832ebf058fdf1cslive module="mod_access_compat">Order</directive>, <directive

06ba4a61654b3763ad65f52283832ebf058fdf1cslive module="mod_access_compat">Allow</directive>, <directive

06ba4a61654b3763ad65f52283832ebf058fdf1cslive module="mod_access_compat">Deny</directive>, and <directive

98129254d031689860ebe954c86f2ddd91abf23brbowen module="mod_access_compat">Satisfy</directive>.</p>

26556019355f6e007335c2d5d57013ac24ebf651nd

26556019355f6e007335c2d5d57013ac24ebf651nd <p>In 2.4, such access control is done in the same way as other

26556019355f6e007335c2d5d57013ac24ebf651nd authorization checks, using the new module

fe64b2ba25510d8c9dba5560a2d537763566cf40nd <module>mod_authz_host</module>. The old access control idioms

fe64b2ba25510d8c9dba5560a2d537763566cf40nd should be replaced by the new authentication mechanisms,

fe64b2ba25510d8c9dba5560a2d537763566cf40nd although for compatibility with old configurations, the new

3b3b7fc78d1f5bfc2769903375050048ff41ff26nd module <module>mod_access_compat</module> is provided.</p>

ad74a0524a06bfe11b7de9e3b4ce7233ab3bd3f7nd

f086b4b402fa9a2fefc7dda85de2a3cc1cd0a654rjung <p>Here are some examples of old and new ways to do the same

3b3b7fc78d1f5bfc2769903375050048ff41ff26nd access control.</p>

5effc8b39fae5cd169d17f342bfc265705840014rbowen

d29d9ab4614ff992b0e8de6e2b88d52b6f1f153erbowen <p>In this example, all requests are denied.</p>

d29d9ab4614ff992b0e8de6e2b88d52b6f1f153erbowen <example>

d29d9ab4614ff992b0e8de6e2b88d52b6f1f153erbowen <title>2.2 configuration:</title>

d29d9ab4614ff992b0e8de6e2b88d52b6f1f153erbowen Order deny,allow<br />

d29d9ab4614ff992b0e8de6e2b88d52b6f1f153erbowen Deny from all

fe64b2ba25510d8c9dba5560a2d537763566cf40nd </example>

<example>

<title>2.4 configuration:</title>

Require all denied

</example>

<p>In this example, all requests are allowed.</p>

<example>

<title>2.2 configuration:</title>

Order allow,deny<br />

Allow from all

</example>

<example>

<title>2.4 configuration:</title>

Require all granted

</example>

<p>In the following example, all hosts in the example.org domain

are allowed access; all other hosts are denied access.</p>

<example>

<title>2.2 configuration:</title>

Order Deny,Allow<br />

Deny from all<br />

Allow from example.org

</example>

<example>

<title>2.4 configuration:</title>

Require host example.org

</example>

</section>

</section>

<section id="config">

<title>Other configuration changes</title>

<p>Some other small adjustments may be necessary for particular

configurations as discussed below.</p>

<ul>

<li><directive>MaxRequestsPerChild</directive> has been renamed to

<directive module="mpm_common">MaxConnectionsPerChild</directive>,

describes more accurately what it does. The old name is still

supported.</li>

<li><directive>MaxClients</directive> has been renamed to

<directive module="mpm_common">MaxRequestWorkers</directive>,

which describes more accurately what it does. For async MPMs, like

<module>event</module>, the maximum number of clients is not

equivalent than the number of worker threads. The old name is still

supported.</li>

<li>The <directive module="core">DefaultType</directive>

directive no longer has any effect, other than to emit a

warning if it's used with any value other than

<code>none</code>. You need to use other configuration

settings to replace it in 2.4.

</li>

<li><directive module="core">EnableSendfile</directive> now

defaults to Off.</li>

<li><directive module="core">FileETag</directive> now

defaults to "MTime Size" (without INode).</li>

<li><module>mod_log_config</module>: <a

href="modules/mod_log_config.html#formats">${cookie}C</a>

matches whole cookie names. Previously any substring would

match.</li>

<li><module>mod_dav_fs</module>: The format of the <directive

module="mod_dav_fs">DavLockDB</directive> file has changed for

systems with inodes. The old <directive

module="mod_dav_fs">DavLockDB</directive> file must be deleted on

upgrade.

</li>

<li><directive module="core">KeepAlive</directive> only

accepts values of <code>On</code> or <code>Off</code>.

Previously, any value other than "Off" or "0" was treated as

"On".</li>

<li>Directives AcceptMutex, LockFile, RewriteLock, SSLMutex,

SSLStaplingMutex, and WatchdogMutexPath have been replaced

with a single <directive module="core">Mutex</directive>

directive. You will need to evaluate any use of these removed

directives in your 2.2 configuration to determine if they can

just be deleted or will need to be replaced using <directive

module="core">Mutex</directive>.</li>

<li><module>mod_cache</module>: <directive

module="mod_cache">CacheIgnoreURLSessionIdentifiers</directive>

now does an exact match against the query string instead of a

partial match. If your configuration was using partial

strings, e.g. using <code>sessionid</code> to match

<code>/someapplication/image.gif;jsessionid=123456789</code>,

then you will need to change to the full string

<code>jsessionid</code>.

</li>

<li><module>mod_ldap</module>: <directive

module="mod_ldap">LDAPTrustedClientCert</directive> is now

consistently a per-directory setting only. If you use this

directive, review your configuration to make sure it is

present in all the necessary directory contexts.</li>

<li><module>mod_filter</module>: <directive

module="mod_filter">FilterProvider</directive> syntax has changed and

now uses a boolean expression to determine if a filter is applied.

</li>

<li><module>mod_include</module>:

<ul>

<li>The <code>#if expr</code> element now uses the new <a

href="expr.html">expression parser</a>. The old syntax can be

restored with the new directive <directive module="mod_include"

>SSILegacyExprParser</directive>.

</li>

<li>An SSI* config directive in directory scope no longer causes

all other per-directory SSI* directives to be reset to their

default values.</li>

</ul>

</li>

<li><module>mod_charset_lite</module>: The <code>DebugLevel</code>

option has been removed in favour of per-module <directive

module="core">LogLevel</directive> configuration.

</li>

<li><module>mod_ext-filter</module>: The <code>DebugLevel</code>

option has been removed in favour of per-module <directive

module="core">LogLevel</directive> configuration.

</li>

<li><module>mod_ssl</module>: CRL based revocation checking

now needs to be explicitly configured through <directive

module="mod_ssl">SSLCARevocationCheck</directive>.

</li>

<li><module>mod_substitute</module>: The maximum line length is now

limited to 1MB.

</li>

<li><module>mod_reqtimeout</module>: If the module is loaded, it

will now set some default timeouts.</li>

</ul>

</section>

</section>

<section id="misc">

<title>Misc Changes</title>

<ul>

<li><module>mod_autoindex</module>: will now extract titles and

display descriptions for .xhtml files, which were previously

ignored.</li>

<li><module>mod_ssl</module>: The default format of the <code>*_DN</code>

variables has changed. The old format can still be used with the new

<code>LegacyDNStringFormat</code> argument to <directive

module="mod_ssl">SSLOptions</directive>. The SSLv2 protocol is

no longer supported.</li>

<li><program>htpasswd</program> now uses MD5 hash by default on

all platforms.</li>

<li>The <directive module="core">NameVirtualHost</directive>

directive no longer has any effect, other than to emit a

warning. Any address/port combination appearing in multiple

virtual hosts is implicitly treated as a name-based virtual host.

</li>

<li><module>mod_deflate</module> will now skip compression if it knows

that the size overhead added by the compression is larger than the data

to be compressed.

</li>

<li>Multi-language error documents from 2.2.x may not work unless

they are adjusted to the new syntax of <module>mod_include</module>'s

<code>#if expr=</code> element or the directive

<directive module="mod_include">SSILegacyExprParser</directive> is

enabled for the directory containing the error documents.

</li>

</ul>

</section>

<section id="third-party">

<title>Third Party Modules</title>

<p>All modules must be recompiled for 2.4 before being loaded.</p>

<p>Many third-party modules designed for version 2.2 will

otherwise work unchanged with the Apache HTTP Server version 2.4.

Some will require changes; see the <a href="developer/new_api_2_4.html">API

update</a> overview.</p>

</section>

<section id="commonproblems">

<title>Common problems when upgrading</title>

<ul><li>Startup errors:

<ul>

<li><code>Invalid command 'User', perhaps misspelled or defined by a module not included in the server configuration</code> - load module <module>mod_unixd</module></li>

<li><code>Invalid command 'Require', perhaps misspelled or defined by a module not included in the server configuration</code>, or

<code>Invalid command 'Order', perhaps misspelled or defined by a module not included in the server configuration</code>

- load module <module>mod_access_compat</module>, or update configuration to 2.4 authorization directives.</li>

<li><code>Ignoring deprecated use of DefaultType in line NN of /path/to/httpd.conf</code> - remove <directive module="core">DefaultType</directive>

and replace with other configuration settings.</li>

</ul></li>

<li>Errors serving requests:

<ul>

<li><code>configuration error: couldn't check user: /path</code> -

load module <module>mod_authn_core</module>.</li>

</ul>

</li>

</ul>

</section>

</manualpage>