apache http server version 2 - documentation & help · apache > http server > documentation >...

||FAQ||

ApacheHTTPServerVersion2.4Apache>HTTPServer>Documentation

http://wiki.apache.org/httpd/FAQhttp://httpd.apache.org/docs-project/http://www.apache.org/http://httpd.apache.org/http://httpd.apache.org/docs/

ApacheHTTPServerVersion2.4

. .

Google

2.01.32.0

(contentnegotiation)(DSO)

URL

SSL/TLSCGISuexecURL(rewriting)

How-To/

,,CGI:.htaccessServerSideIncludes(SSI) (public_html)

MicrosoftWindowsNovellNetWareEBCDIC

Copyright2017TheApacheSoftwareFoundation.LicensedundertheApacheLicense,Version2.0.

||FAQ||

(FAQ)

http://www.apache.org/licenses/LICENSE-2.0http://wiki.apache.org/httpd/FAQ

Modules|Directives|FAQ|Glossary|Sitemap

ApacheHTTPServerVersion2.4Apache>HTTPServer>Documentation>Version2.4

http://wiki.apache.org/httpd/FAQhttp://www.apache.org/http://httpd.apache.org/http://httpd.apache.org/docs/

Upgradingto2.4from2.2

Inordertoassistfolksupgrading,wemaintainadocumentdescribinginformationcriticaltoexistingApacheHTTPServerusers.Theseareintendedtobebriefnotes,andyoushouldbeabletofindmoreinformationineithertheNewFeaturesdocument,orinthesrc/CHANGESfile.ApplicationandmoduledeveloperscanfindasummaryofAPIchangesintheAPIupdatesoverview.

Thisdocumentdescribeschangesinserverbehaviorthatmightrequireyoutochangeyourconfigurationorhowyouusetheserverinordertocontinueusing2.4asyouarecurrentlyusing2.2.Totakeadvantageofnewfeaturesin2.4,seetheNewFeaturesdocument.

Thisdocumentdescribesonlythechangesfrom2.2to2.4.Ifyouareupgradingfromversion2.0,youshouldalsoconsultthe2.0to2.2upgradingdocument.

SeealsoOverviewofnewfeaturesinApacheHTTPServer2.4

http://httpd.apache.org/docs/2.2/upgrading.htmlhttps://www.apache.org/foundation/contributing.html

Compile-TimeConfigurationChanges

Thecompilationprocessisverysimilartotheoneusedinversion2.2.Youroldconfigurecommandline(asfoundinbuild/config.niceintheinstalledserverdirectory)canbeusedinmostcases.Therearesomechangesinthedefaultsettings.Somedetailsofchanges:

Thesemoduleshavebeenremoved:mod_authn_default,mod_authz_default,mod_mem_cache.Ifyouwereusingmod_mem_cachein2.2,lookatmod_cache_diskin2.4.Allloadbalancingimplementationshavebeenmovedtoindividual,self-containedmod_proxysubmodules,e.g.mod_lbmethod_bybusyness.Youmightneedtobuildandloadanyofthesethatyourconfigurationuses.PlatformsupporthasbeenremovedforBeOS,TPF,andevenolderplatformssuchasA/UX,Next,andTandem.Thesewerebelievedtobebrokenanyway.configure:dynamicmodules(DSO)arebuiltbydefaultconfigure:Bydefault,onlyabasicsetofmodulesisloaded.TheotherLoadModuledirectivesarecommentedoutintheconfigurationfile.configure:the"most"modulesetgetsbuiltbydefaultconfigure:the"reallyall"modulesetaddsdevelopermodulestothe"all"set

Run-TimeConfigurationChanges

Therehavebeensignificantchangesinauthorizationconfiguration,andotherminorconfigurationchanges,thatcouldrequirechangestoyour2.2configurationfilesbeforeusingthemfor2.4.

AuthorizationAnyconfigurationfilethatusesauthorizationwilllikelyneedchanges.

YoushouldreviewtheAuthentication,AuthorizationandAccessControlHowto,especiallythesectionBeyondjustauthorizationwhichexplainsthenewmechanismsforcontrollingtheorderinwhichtheauthorizationdirectivesareapplied.

Directivesthatcontrolhowauthorizationmodulesrespondwhentheydon'tmatchtheauthenticateduserhavebeenremoved:ThisincludesAuthzLDAPAuthoritative,AuthzDBDAuthoritative,AuthzDBMAuthoritative,AuthzGroupFileAuthoritative,AuthzUserAuthoritative,andAuthzOwnerAuthoritative.ThesedirectiveshavebeenreplacedbythemoreexpressiveRequireAny,RequireNone,andRequireAll.

Ifyouusemod_authz_dbm,youmustportyourconfigurationtouseRequiredbm-group...inplaceofRequiregroup....

AccesscontrolIn2.2,accesscontrolbasedonclienthostname,IPaddress,andothercharacteristicsofclientrequestswasdoneusingthedirectivesOrder,Allow,Deny,andSatisfy.

In2.4,suchaccesscontrolisdoneinthesamewayasotherauthorizationchecks,usingthenewmodulemod_authz_host.

Theoldaccesscontrolidiomsshouldbereplacedbythenewauthenticationmechanisms,althoughforcompatibilitywitholdconfigurations,thenewmodulemod_access_compatisprovided.

Mixingoldandnewdirectives

MixingolddirectiveslikeOrder,AlloworDenywithnewoneslikeRequireistechnicallypossiblebutdiscouraged.mod_access_compatwascreatedtosupportconfigurationscontainingonlyolddirectivestofacilitatethe2.4upgrade.Pleasechecktheexamplesbelowtogetabetterideaaboutissuesthatmightarise.

Herearesomeexamplesofoldandnewwaystodothesameaccesscontrol.

Inthisexample,thereisnoauthenticationandallrequestsaredenied.

2.2configuration:Orderdeny,allowDenyfromall

2.4configuration:Requirealldenied

Inthisexample,thereisnoauthenticationandallrequestsareallowed.

2.2configuration:Orderallow,denyAllowfromall

2.4configuration:Requireallgranted

Inthefollowingexample,thereisnoauthenticationandallhostsintheexample.orgdomainareallowedaccess;allotherhostsaredeniedaccess.

2.2configuration:OrderDeny,AllowDenyfromallAllowfromexample.org

2.4configuration:Requirehostexample.org

Inthefollowingexample,mixingoldandnewdirectivesleadstounexpectedresults.

Mixingoldandnewdirectives:NOTWORKINGASEXPECTEDDocumentRoot"/var/www/html"

AllowOverrideNoneOrderdeny,allowDenyfromall

SetHandlerserver-statusRequirelocal

access.log-GET/server-status403127.0.0.1error.log-AH01797:clientdeniedbyserverconfiguration:/var/www/html/server-status

Whyhttpddeniesaccesstoservers-statusevenifthe

configurationseemstoallowit?Becausemod_access_compatdirectivestakeprecedenceoverthemod_authz_hostoneinthisconfigurationmergescenario.

Thisexampleconverselyworksasexpected:

Mixingoldandnewdirectives:WORKINGASEXPECTEDDocumentRoot"/var/www/html"

AllowOverrideNoneRequirealldenied

SetHandlerserver-statusOrderdeny,allowDenyfromallAllowFrom127.0.0.1

access.log-GET/server-status200127.0.0.1

Soevenifmixingconfigurationisstillpossible,pleasetrytoavoiditwhenupgrading:eitherkeepolddirectivesandthenmigratetothenewonesonalaterstageorjustmigrateeverythinginbulk.

Inmanyconfigurationswithauthentication,wherethevalueoftheSatisfywasthedefaultofALL,snippetsthatsimplydisabledhost-basedaccesscontrolareomitted:

2.2configuration:OrderDeny,AllowDenyfromallAuthBasicProviderFileAuthUserFile/example.com/conf/users.passwdAuthNamesecureRequirevalid-user

2.4configuration:#NoreplacementneededAuthBasicProviderFileAuthUserFile/example.com/conf/users.passwdAuthNamesecureRequirevalid-user

Inconfigurationswherebothauthenticationandaccesscontrolweremeaningfullycombined,theaccesscontroldirectivesshouldbemigrated.Thisexampleallowsrequestsmeetingbothcriteria:

2.2configuration:Orderallow,denyDenyfromall#SatisfyALListhedefaultSatisfyALLAllowfrom127.0.0.1AuthBasicProviderFileAuthUserFile/example.com/conf/users.passwdAuthNamesecureRequirevalid-user

2.4configuration:AuthBasicProviderFileAuthUserFile/example.com/conf/users.passwdAuthNamesecure

Requirevalid-userRequireip127.0.0.1

Inconfigurationswherebothauthenticationandaccesscontrolweremeaningfullycombined,theaccesscontroldirectivesshouldbemigrated.Thisexampleallowsrequestsmeetingeithercriteria:

2.2configuration:Orderallow,denyDenyfromallSatisfyany

Allowfrom127.0.0.1AuthBasicProviderFileAuthUserFile/example.com/conf/users.passwdAuthNamesecureRequirevalid-user

2.4configuration:AuthBasicProviderFileAuthUserFile/example.com/conf/users.passwdAuthNamesecure#ImplicitlyRequirevalid-userRequireip127.0.0.1

OtherconfigurationchangesSomeothersmalladjustmentsmaybenecessaryforparticularconfigurationsasdiscussedbelow.

MaxRequestsPerChildhasbeenrenamedtoMaxConnectionsPerChild,describesmoreaccuratelywhatitdoes.Theoldnameisstillsupported.MaxClientshasbeenrenamedtoMaxRequestWorkers,whichdescribesmoreaccuratelywhatitdoes.ForasyncMPMs,likeevent,themaximumnumberofclientsisnotequivalentthanthenumberofworkerthreads.Theoldnameisstillsupported.TheDefaultTypedirectivenolongerhasanyeffect,otherthantoemitawarningifit'susedwithanyvalueotherthannone.Youneedtouseotherconfigurationsettingstoreplaceitin2.4.AllowOverridenowdefaultstoNone.EnableSendfilenowdefaultstoOff.FileETagnowdefaultsto"MTimeSize"(withoutINode).mod_dav_fs:TheformatoftheDavLockDBfilehaschangedforsystemswithinodes.TheoldDavLockDBfilemustbe

deletedonupgrade.KeepAliveonlyacceptsvaluesofOnorOff.Previously,anyvalueotherthan"Off"or"0"wastreatedas"On".DirectivesAcceptMutex,LockFile,RewriteLock,SSLMutex,SSLStaplingMutex,andWatchdogMutexPathhavebeenreplacedwithasingleMutexdirective.Youwillneedtoevaluateanyuseoftheseremoveddirectivesinyour2.2configurationtodetermineiftheycanjustbedeletedorwillneedtobereplacedusingMutex.mod_cache:CacheIgnoreURLSessionIdentifiersnowdoesanexactmatchagainstthequerystringinsteadofapartialmatch.Ifyourconfigurationwasusingpartialstrings,e.g.usingsessionidtomatch/someapplication/image.gif;jsessionid=123456789thenyouwillneedtochangetothefullstringjsessionid.mod_cache:ThesecondparametertoCacheEnableonlymatchesforwardproxycontentifitbeginswiththecorrectprotocol.In2.2andearlier,aparameterof'/'matchedallcontent.mod_ldap:LDAPTrustedClientCertisnowconsistentlyaper-directorysettingonly.Ifyouusethisdirective,reviewyourconfigurationtomakesureitispresentinallthenecessarydirectorycontexts.mod_filter:FilterProvidersyntaxhaschangedandnowusesabooleanexpressiontodetermineifafilterisapplied.mod_include:

The#ifexprelementnowusesthenewexpressionparser.TheoldsyntaxcanberestoredwiththenewdirectiveSSILegacyExprParser.AnSSI*configdirectiveindirectoryscopenolongercausesallotherper-directorySSI*directivestoberesettotheirdefaultvalues.

mod_charset_lite:TheDebugLeveloptionhasbeenremovedinfavourofper-moduleLogLevelconfiguration.mod_ext_filter:TheDebugLeveloptionhasbeenremovedinfavourofper-moduleLogLevelconfiguration.mod_proxy_scgi:ThedefaultsettingforPATH_INFOhaschangedfromhttpd2.2,andsomewebapplicationswillnolongeroperateproperlywiththenewPATH_INFOsetting.Theprevioussettingcanberestoredbyconfiguringtheproxy-scgi-pathinfovariable.mod_ssl:CRLbasedrevocationcheckingnowneedstobeexplicitlyconfiguredthroughSSLCARevocationCheck.mod_substitute:Themaximumlinelengthisnowlimitedto1MB.mod_reqtimeout:Ifthemoduleisloaded,itwillnowsetsomedefaulttimeouts.mod_dumpio:DumpIOLogLevelisnolongersupported.DataisalwaysloggedatLogLeveltrace7.OnUnixplatforms,pipedloggingcommandsconfiguredusingeitherErrorLogorCustomLogwereinvokedusing/bin/sh-cin2.2andearlier.In2.4andlater,pipedloggingcommandsareexecuteddirectly.Torestoretheoldbehaviour,seethepipedloggingdocumentation.

MiscChanges

mod_autoindex:willnowextracttitlesanddisplaydescriptionsfor.xhtmlfiles,whichwerepreviouslyignored.mod_ssl:Thedefaultformatofthe*_DNvariableshaschanged.TheoldformatcanstillbeusedwiththenewLegacyDNStringFormatargumenttoSSLOptions.TheSSLv2protocolisnolongersupported.SSLProxyCheckPeerCNandSSLProxyCheckPeerExpirenowdefaulttoOn,causingproxyrequeststoHTTPShostswithbadoroutdatedcertificatestofailwitha502statuscode(Badgateway)htpasswdnowusesMD5hashbydefaultonallplatforms.TheNameVirtualHostdirectivenolongerhasanyeffect,otherthantoemitawarning.Anyaddress/portcombinationappearinginmultiplevirtualhostsisimplicitlytreatedasaname-basedvirtualhost.mod_deflatewillnowskipcompressionifitknowsthatthesizeoverheadaddedbythecompressionislargerthanthedatatobecompressed.Multi-languageerrordocumentsfrom2.2.xmaynotworkunlesstheyareadjustedtothenewsyntaxofmod_include's#ifexpr=elementorthedirectiveSSILegacyExprParserisenabledforthedirectorycontainingtheerrordocuments.Thefunctionalityprovidedbymod_authn_aliasinpreviousversions(i.e.,theAuthnProviderAliasdirective)hasbeenmovedintomod_authn_core.TheRewriteLogandRewriteLogLeveldirectiveshavebeenremoved.Thisfunctionalityisnowprovidedbyconfiguringtheappropriatelevelofloggingforthemod_rewritemoduleusingtheLogLeveldirective.Seealsothemod_rewriteloggingsection.

ThirdPartyModules

Allmodulesmustberecompiledfor2.4beforebeingloaded.

Manythird-partymodulesdesignedforversion2.2willotherwiseworkunchangedwiththeApacheHTTPServerversion2.4.Somewillrequirechanges;seetheAPIupdateoverview.


Commonproblemswhenupgrading

Startuperrors:Invalidcommand'User',perhapsmisspelledordefinedbyamodulenotincludedintheserverconfiguration-loadmodulemod_unixdInvalidcommand'Require',perhapsmisspelledordefinedbyamodulenotincludedintheserverconfiguration,orInvalidcommand'Order',perhapsmisspelledordefinedbyamodulenotincludedintheserverconfiguration-loadmodulemod_access_compat,orupdateconfigurationto2.4authorizationdirectives.IgnoringdeprecateduseofDefaultTypeinlineNNof/path/to/httpd.conf-removeDefaultTypeandreplacewithotherconfigurationsettings.Invalidcommand'AddOutputFilterByType',perhapsmisspelledordefinedbyamodulenotincludedintheserverconfiguration-AddOutputFilterByTypehasmovedfromthecoretomod_filter,whichmustbeloaded.

Errorsservingrequests:configurationerror:couldn'tcheckuser:/path-loadmodulemod_authn_core..htaccessfilesaren'tbeingprocessed-CheckforanappropriateAllowOverridedirective;thedefaultchangedtoNonein2.4.

http://www.apache.org/licenses/LICENSE-2.0


http://wiki.apache.org/httpd/FAQ

||FAQ||



Apache2.0

. .

1.32.0 .

1.32.0

https://www.apache.org/foundation/contributing.html

POSIX .(scalability).

autoconf libtool..

. mod_echo.

Apache2.0BeOS,OS/2, .POSIX API(MPM)ApachePortableRuntime(APR).

APIAPI2.0.1.3 .2.0 ,(hook). , .

IPv6ApachePortableRuntineIPv6 IPv6., Listen,NameVirtualHost,VirtualHost.(, "Listen[2001:db8::1]:8080").

.INCLUDESCGI ServerSideInclude. mod_ext_filterCGI .

SSI ..

. Port BindAddress Listen . ServerName

WindowsNTWindowsNTApache2.0 utf-8. ,Windows2000WindowsXPWindowsNT . Windows95, 98,ME, .

UpdatedApache2.0 Perl (PerlCompatibleRegularExpressionLibrary)(PCRE). Perl5.

http://www.pcre.org/

mod_sslApache2.0.OpenSSL SSL/TLS.

mod_davApache2.0. HTTPDistributedAuthoringandVersioning(DAV).

mod_deflateApache2.0.

mod_auth_ldapApache2.0.41.HTTP BasicAuthenticationLDAP . mod_ldap (connectionpool),.

mod_auth_digest.

mod_charset_liteApache2.0. .

mod_file_cacheApache2.0.Apache1.3 mod_mmap_static .

mod_headersApache2.0. mod_proxy,.

mod_proxy HTTP/1.1.( )..proxy_connect,proxy_ftp,proxy_http .

mod_negotiation


||FAQ||

ForceLanguagePriorityNOTACCEPTABLEMULTIPLECHOICES.MultiViews ,map.

mod_autoindex HTML, , .

mod_includeSSI ,SSI.mod_include( Perl) mod_include $0...$9.

mod_auth_dbm AuthDBMTypeDBM.


TheApacheLicense,Version2.0

ApacheLicenseVersion2.0,January2004

http://www.apache.org/licenses/

TERMSANDCONDITIONSFORUSE,REPRODUCTION,ANDDISTRIBUTION

1. Definitions

"License"shallmeanthetermsandconditionsforuse,reproduction,anddistributionasdefinedbySections1through9ofthisdocument.

"Licensor"shallmeanthecopyrightownerorentityauthorizedbythecopyrightownerthatisgrantingtheLicense.

"LegalEntity"shallmeantheunionoftheactingentityandallotherentitiesthatcontrol,arecontrolledby,orareundercommoncontrolwiththatentity.Forthepurposesofthisdefinition,"control"means(i)thepower,directorindirect,tocausethedirectionormanagementofsuchentity,whetherbycontractorotherwise,or(ii)ownershipoffiftypercent(50%)ormoreoftheoutstandingshares,or(iii)beneficialownershipofsuchentity.

"You"(or"Your")shallmeananindividualorLegalEntityexercisingpermissionsgrantedbythisLicense.

"Source"formshallmeanthepreferredformformakingmodifications,includingbutnotlimitedtosoftwaresourcecode,documentationsource,andconfigurationfiles.

"Object"formshallmeananyformresultingfrommechanicaltransformationortranslationofaSourceform,includingbutnot

http://www.apache.org/licenses/

limitedtocompiledobjectcode,generateddocumentation,andconversionstoothermediatypes.

"Work"shallmeantheworkofauthorship,whetherinSourceorObjectform,madeavailableundertheLicense,asindicatedbyacopyrightnoticethatisincludedinorattachedtothework(anexampleisprovidedintheAppendixbelow).

"DerivativeWorks"shallmeananywork,whetherinSourceorObjectform,thatisbasedon(orderivedfrom)theWorkandforwhichtheeditorialrevisions,annotations,elaborations,orothermodificationsrepresent,asawhole,anoriginalworkofauthorship.ForthepurposesofthisLicense,DerivativeWorksshallnotincludeworksthatremainseparablefrom,ormerelylink(orbindbyname)totheinterfacesof,theWorkandDerivativeWorksthereof.

"Contribution"shallmeananyworkofauthorship,includingtheoriginalversionoftheWorkandanymodificationsoradditionstothatWorkorDerivativeWorksthereof,thatisintentionallysubmittedtoLicensorforinclusionintheWorkbythecopyrightownerorbyanindividualorLegalEntityauthorizedtosubmitonbehalfofthecopyrightowner.Forthepurposesofthisdefinition,"submitted"meansanyformofelectronic,verbal,orwrittencommunicationsenttotheLicensororitsrepresentatives,includingbutnotlimitedtocommunicationonelectronicmailinglists,sourcecodecontrolsystems,andissuetrackingsystemsthataremanagedby,oronbehalfof,theLicensorforthepurposeofdiscussingandimprovingtheWork,butexcludingcommunicationthatisconspicuouslymarkedorotherwisedesignatedinwritingbythecopyrightowneras"NotaContribution."

"Contributor"shallmeanLicensorandanyindividualorLegalEntityonbehalfofwhomaContributionhasbeenreceivedby

LicensorandsubsequentlyincorporatedwithintheWork.

2. GrantofCopyrightLicense.SubjecttothetermsandconditionsofthisLicense,eachContributorherebygrantstoYouaperpetual,worldwide,non-exclusive,no-charge,royalty-free,irrevocablecopyrightlicensetoreproduce,prepareDerivativeWorksof,publiclydisplay,publiclyperform,sublicense,anddistributetheWorkandsuchDerivativeWorksinSourceorObjectform.

3. GrantofPatentLicense.SubjecttothetermsandconditionsofthisLicense,eachContributorherebygrantstoYouaperpetual,worldwide,non-exclusive,no-charge,royalty-free,irrevocable(exceptasstatedinthissection)patentlicensetomake,havemade,use,offertosell,sell,import,andotherwisetransfertheWork,wheresuchlicenseappliesonlytothosepatentclaimslicensablebysuchContributorthatarenecessarilyinfringedbytheirContribution(s)aloneorbycombinationoftheirContribution(s)withtheWorktowhichsuchContribution(s)wassubmitted.IfYouinstitutepatentlitigationagainstanyentity(includingacross-claimorcounterclaiminalawsuit)allegingthattheWorkoraContributionincorporatedwithintheWorkconstitutesdirectorcontributorypatentinfringement,thenanypatentlicensesgrantedtoYouunderthisLicenseforthatWorkshallterminateasofthedatesuchlitigationisfiled.

4. Redistribution.YoumayreproduceanddistributecopiesoftheWorkorDerivativeWorksthereofinanymedium,withorwithoutmodifications,andinSourceorObjectform,providedthatYoumeetthefollowingconditions:

a. YoumustgiveanyotherrecipientsoftheWorkorDerivativeWorksacopyofthisLicense;and

b. YoumustcauseanymodifiedfilestocarryprominentnoticesstatingthatYouchangedthefiles;and

c. Youmustretain,intheSourceformofanyDerivativeWorksthatYoudistribute,allcopyright,patent,trademark,andattributionnoticesfromtheSourceformoftheWork,excludingthosenoticesthatdonotpertaintoanypartoftheDerivativeWorks;and

d. IftheWorkincludesa"NOTICE"textfileaspartofitsdistribution,thenanyDerivativeWorksthatYoudistributemustincludeareadablecopyoftheattributionnoticescontainedwithinsuchNOTICEfile,excludingthosenoticesthatdonotpertaintoanypartoftheDerivativeWorks,inatleastoneofthefollowingplaces:withinaNOTICEtextfiledistributedaspartoftheDerivativeWorks;withintheSourceformordocumentation,ifprovidedalongwiththeDerivativeWorks;or,withinadisplaygeneratedbytheDerivativeWorks,ifandwhereversuchthird-partynoticesnormallyappear.ThecontentsoftheNOTICEfileareforinformationalpurposesonlyanddonotmodifytheLicense.YoumayaddYourownattributionnoticeswithinDerivativeWorksthatYoudistribute,alongsideorasanaddendumtotheNOTICEtextfromtheWork,providedthatsuchadditionalattributionnoticescannotbeconstruedasmodifyingtheLicense.

YoumayaddYourowncopyrightstatementtoYourmodificationsandmayprovideadditionalordifferentlicensetermsandconditionsforuse,reproduction,ordistributionofYourmodifications,orforanysuchDerivativeWorksasawhole,providedYouruse,reproduction,anddistributionoftheWorkotherwisecomplieswiththeconditionsstatedinthisLicense.

5. SubmissionofContributions.UnlessYouexplicitlystateotherwise,anyContributionintentionallysubmittedforinclusionintheWorkbyYoutotheLicensorshallbeunderthetermsandconditionsofthisLicense,withoutanyadditionaltermsorconditions.Notwithstandingtheabove,nothinghereinshall

supersedeormodifythetermsofanyseparatelicenseagreementyoumayhaveexecutedwithLicensorregardingsuchContributions.

6. Trademarks.ThisLicensedoesnotgrantpermissiontousethetradenames,trademarks,servicemarks,orproductnamesoftheLicensor,exceptasrequiredforreasonableandcustomaryuseindescribingtheoriginoftheWorkandreproducingthecontentoftheNOTICEfile.

7. DisclaimerofWarranty.Unlessrequiredbyapplicablelaworagreedtoinwriting,LicensorprovidestheWork(andeachContributorprovidesitsContributions)onan"ASIS"BASIS,WITHOUTWARRANTIESORCONDITIONSOFANYKIND,eitherexpressorimplied,including,withoutlimitation,anywarrantiesorconditionsofTITLE,NON-INFRINGEMENT,MERCHANTABILITY,orFITNESSFORAPARTICULARPURPOSE.YouaresolelyresponsiblefordeterminingtheappropriatenessofusingorredistributingtheWorkandassumeanyrisksassociatedwithYourexerciseofpermissionsunderthisLicense.

8. LimitationofLiability.Innoeventandundernolegaltheory,whetherintort(includingnegligence),contract,orotherwise,unlessrequiredbyapplicablelaw(suchasdeliberateandgrosslynegligentacts)oragreedtoinwriting,shallanyContributorbeliabletoYoufordamages,includinganydirect,indirect,special,incidental,orconsequentialdamagesofanycharacterarisingasaresultofthisLicenseoroutoftheuseorinabilitytousetheWork(includingbutnotlimitedtodamagesforlossofgoodwill,workstoppage,computerfailureormalfunction,oranyandallothercommercialdamagesorlosses),evenifsuchContributorhasbeenadvisedofthepossibilityofsuchdamages.

9. AcceptingWarrantyorAdditionalLiability.WhileredistributingtheWorkorDerivativeWorksthereof,Youmaychoosetooffer,andchargeafeefor,acceptanceofsupport,warranty,indemnity,


orotherliabilityobligationsand/orrightsconsistentwiththisLicense.However,inacceptingsuchobligations,YoumayactonlyonYourownbehalfandonYoursoleresponsibility,notonbehalfofanyotherContributor,andonlyifYouagreetoindemnify,defend,andholdeachContributorharmlessforanyliabilityincurredby,orclaimsassertedagainst,suchContributorbyreasonofyouracceptinganysuchwarrantyoradditionalliability.

ENDOFTERMSANDCONDITIONS

APPENDIX:HowtoapplytheApacheLicensetoyourwork.

ToapplytheApacheLicensetoyourwork,attachthefollowingboilerplatenotice,withthefieldsenclosedbybrackets"[]"replacedwithyourownidentifyinginformation.(Don'tincludethebrackets!)Thetextshouldbeenclosedintheappropriatecommentsyntaxforthefileformat.Wealsorecommendthatafileorclassnameanddescriptionofpurposebeincludedonthesame"printedpage"asthecopyrightnoticeforeasieridentificationwithinthird-partyarchives.

Copyright[yyyy][nameofcopyrightowner]

LicensedundertheApacheLicense,Version2.0(the"License");youmaynotusethisfileexceptincompliancewiththeLicense.YoumayobtainacopyoftheLicenseat


Unlessrequiredbyapplicablelaworagreedtoinwriting,softwaredistributedundertheLicenseisdistributedonan"ASIS"BASIS,WITHOUTWARRANTIESORCONDITIONSOFANYKIND,eitherexpressorimplied.SeetheLicenseforthespecificlanguagegoverningpermissionsandlimitationsundertheLicense.



http://wiki.apache.org/httpd/FAQ

||FAQ||



. .

. .

2.01.3. 1.3.2.0 libtool autoconf

(, 2.0.502.0.51), .


$lynxhttp://httpd.apache.org/download.cgi$gzip-dhttpd-2_1_NN.tar.gz$tarxvfhttpd-2_1_NN.tar$./configure--prefix=PREFIX$make$makeinstall$viPREFIX/conf/httpd.conf$PREFIX/bin/apachectlstart

NN, PREFIX. PREFIX /usr/local/apache2.

.

:

50MB. 10MB. .

ANSI-CANSI-C. FreeSoftwareFoundation(FSF)GNUCcompiler(GCC).(2.7.2.)GCC ANSI. PATH make.

HTTP. . NetworkTimeProtocol(NTP) ntpdate xntpd. NTP comp.protocols.time.ntpNTP.

Perl5[](Perl) apxsdbmmanage Perl5.( 5.003.)` configure' 2.0. .Perl(Perl4Perl5) ./configure --with-perl().

http://www.gnu.org/http://www.gnu.org/software/gcc/gcc.htmlnews:comp.protocols.time.ntphttp://www.ntp.orghttp://www.perl.org/

.. (), ., . INSTALL.bindist.

.. , PGP .

http://httpd.apache.org/download.cgihttp://httpd.apache.org/download.cgi#verifyhttp://httpd.apache.org/dev/verification.html

tar:

$gzip-dhttpd-2_1_NN.tar.gz$tarxvfhttpd-2_1_NN.tar

.

.configure.( CVSlibtool, buildconf ..)

./configure../configure.

.

. Base.module . module mod_.--enable-module=shared object,DSO). , --disable-module Base. configure .

configure, ,.configure . configuremanpage

DSOmod_rewritemod_speling /sw/pkg/apache:

$CC="pgcc"CFLAGS="-O2"\./configure--prefix=/sw/pkg/apache\--enable-rewrite=shared\--enable-speling=shared

configure Makefile

configure configuremanpage.

:

$make

.III/2.2 3..

( --prefix) PREFIX:

$makeinstall

.

PREFIX/conf/ .

$viPREFIX/conf/httpd.conf

docs/manual/http://httpd.apache.org/docs/2.4/ .

http://httpd.apache.org/docs/2.4/

:

$PREFIX/bin/apachectlstart

URL http://localhost/ .PREFIX/htdocs/ DocumentRoot.

$PREFIX/bin/apachectlstop


||FAQ||

,1.32.02.02.2 ).API .

(, 2.0.552.0.57). makeinstall ,,., . configure,.( 2.0.41.

, . configure.config.nice, ,:

$./config.nice$make$makeinstall$PREFIX/bin/apachectlstop$PREFIX/bin/apachectlstart

.,prefix( Listen) .


||FAQ||



. .

WindowsNT,2000,XP, Windows95ME. .

httpd . httpd

httpdapachectl


Listen80( 1024) ,httpdroot, ..

apachectl httpd . httpd. apachectl, apachectl., apachectl HTTPD .

httpd httpd.conf., -f.

/usr/local/apache2/bin/apachectl-f/usr/local/apache2/conf/httpd.conf

, . DocumentRoot ()

, " UnabletobindtoPort...". :

root . .

FAQ.

, ( rc.local apachectl .root..

apachectlSysVinit .restart,stop httpd. apachectlinit. .


||FAQ||

httpd apachectl, .


||FAQ||



. .

.NT,2000,XPME .

httpdapachectl


httpd.kill. httpdpid (signal).,. , TERM,HUP,USR1.

:

kill-TERM`cat/usr/local/apache2/logs/httpd.pid`

httpd -k.restart,gracefulhttpd. apachectl .

httpd, :

tail-f/usr/local/apache2/logs/error_log

ServerRoot PidFile.

:TERMapachectl-kstop

TERM stop .. ,.

:USR1apachectl-kgraceful

USR1 graceful ) . . .

(gracefulrestart) USR1( WINCH). apachectlgraceful.

MPM ,. StartServers, StartServersStartServers., ,StartServers .

mod_status USR10 .( ) . scoreboard.

status G

USR1 . 1015.

.,( "".) .. -t( httpd) . . rootroot( httpd). .

:HUPapachectl-krestart

HUP restart TERM . . .

mod_status HUP0.

..


||FAQ||

:

Apache1.2b9 (racecondition) .(, .)"".

ScoreBoardFilescoreboard"bind:Addressalreadyinuse"( USR1)"longlostchildcamehome!" ., scoreboardslot. .scoreboard . ScoreBoardFile

HTTP(KeepAlive) .1.2KeepAlive 20


||FAQ||



. .

.

mod_mime

IncludeTypesConfig

. httpd.conf ., -f. Include .. .

mime. TypesConfig ,.

. "\"..

, ."#" . ,(indent).

apachectlconfigtest -t .

mod_so

LoadModule

. . base. . . .

-l.

. ,,,,. ., .

. . .

, .. Directory,Location,Files .


||FAQ||

.htaccess

AccessFileNameAllowOverride

(). AccessFileName . .htaccess. .htaccess ..

.htaccess .AllowOverride .htaccess .

.htaccess .htaccess.


||FAQ||



. .

,,,,URL. .htaccess.

coremod_proxy

..., ...

httpd., httpd-DClosedForNow:

Redirect/http://otherserver.example.com/

. LoadModule..

mod_mime_magic MimeMagicFiles.

MimeMagicFileconf/magic

"!".,.

(webspace)..., /usr/local/apache2, "c:/ProgramFiles/ApacheGroup/Apache2".(,,.). /dir//usr/local/apache2/htdocs/dir/..

.. .htaccess.,(index) /var/web/dir1(index).

Options+Indexes

., private.html.

Orderallow,denyDenyfromall

., /var/web/dir1/private.html,/var/web/dir1/subdir2/private.html,/var/web/dir1/subdir3/private.html/var/web/dir1/ private.html.


.,/privateURL-.http://yoursite.example.com/private,http://yoursite.example.com/private123,http://yoursite.example.com/private/dir/file.html /private.

OrderAllow,DenyDenyfromall

.URLmod_status. server-status.

SetHandlerserver-status

,,C fnmatch."*","?","[ seq]" seq."/"..

perl ,,

..

:

OptionsIndexes

:


..() .

.(URL),.:


http://yoursite.example.com/dir/.? http://yoursite.example.com/DIR/. .(... Options.)

.... URL.

URL mod_proxy., cnn.com


?

. ,,,,,,.,:

AllowOverride.FollowSymLinks,SymLinksIfOwnerMatch,Options.htaccess.Options.

..

:

1. () .htaccess(.htaccess)

2. ( )

3.

4.

.(1) ., . . Include Include.

..

mod_proxy, .

.

/(AliasesDocumentRoot URL)..


||FAQ||

.A>B>C>D>E.

E

D

B

C

A

. .,!

Orderdeny,allowAllowfromall

#!

Orderallow,denyAllowfromallDenyfrombadguy.example.com


||FAQ||



. .

core.

ServerNameServerAdminServerSignatureServerTokensUseCanonicalName

ServerAdminServerTokens . ServerTokensHTTP.

ServerNameUseCanonicalNameURL., .

CoreDumpDirectoryDocumentRootErrorLogLockFilePidFileScoreBoardFileServerRoot

.(/).root .


||FAQ||

LimitRequestBodyLimitRequestFieldsLimitRequestFieldsizeLimitRequestLineRLimitCPURLimitMEMRLimitNPROCThreadStackSize

LimitRequest* .ofservice) .

RLimit* .CGI.

ThreadStackSizeNetware.


||FAQ||



. .

.. .

(root)uid . .

, ..

(ErrorLog)

ErrorLogLogLevel

ErrorLog . . .

( error_log,OS/2 syslog .

. ..

[WedOct1114:32:522000][error][client127.0.0.1]clientdeniedbyserverconfiguration:/export/home/live/ap/htdocs/test

. .. IP. .()

. .CGI.CGI stderr .

. , 403. .

.:

tail-ferror_log

(AccessLog)

mod_log_configmod_setenvif

CustomLogLogFormatSetEnvIf

. CustomLog.LogFormat . .

.., . OpenDirectory.

mod_log_referer,mod_log_agent, CustomLog. CustomLog.

.C printf(1). mod_log_config.

Common.

LogFormat"%h%l%u%t\"%r\"%>s%b"commonCustomLoglogs/access_logcommon

common. ,.. ( ") " \n"," \t" .

CustomLog .ServerRoot.

(CommonLogFormat,CLF) .

http://dmoz.org/Computers/Software/Internet/Site_Management/Log_Analysis/

, . CLF:

127.0.0.1-frank[10/Oct/2000:13:55:36-0700]"GET/apache_pb.gifHTTP/1.0"2002326

.

127.0.0.1(%h)()IP . HostnameLookupsIP . . logresolve. IP ., .

-(%l)"". RFC1413 ., . IdentityCheckOn

frank(%u)HTTP userid.CGIREMOTE_USER. 401().

[10/Oct/2000:13:55:36-0700](%t). :

[day/month/year:hour:minute:secondzone]day=2month=3year=4hour=2minute=2second=2zone=(`+'|`-')4

%{format}t . strftime(3).

"GET/apache_pb.gifHTTP/1.0"(\"%r\"). ., /apache_pb.gif., HTTP/1.0., "%m%U%q%H"" %r",,.

200(%>s). (2),(4,(5 ). (RFC2616section10).

2326(%b) . " 0" %B.

Combined(Combined LogFormat)..

LogFormat"%h%l%u%t\"%r\"%>s%b\"%{Referer}i\"\"%{User-agent}i\""combinedCustomLoglog/access_logcombined

Common .%{header}i. header HTTP .:

127.0.0.1-frank[10/Oct/2000:13:55:36-0700]"GET/apache_pb.gifHTTP/1.0"2002326"http://www.example.com/start.html""Mozilla/4.08[en](Win98;I;Nav)"

:

"http://www.example.com/start.html"(\"%{Referer}i\")

"Referer"()HTTP. ./apache_pb.gif .)

"Mozilla/4.08[en](Win98;I;Nav)"(\"%{User-agent}i\")

User-AgentHTTP. .

CustomLog .,.CLF ,referer ReferLog AgentLog .

LogFormat"%h%l%u%t\"%r\"%>s%b"commonCustomLoglogs/access_logcommonCustomLoglogs/referer_log"%{Referer}i->%U"CustomLoglogs/agent_log"%{User-agent}i"

, LogFormat . CustomLog.

. ., . SetEnvIf. env= .:

#loop-backSetEnvIfRemote_Addr"127\.0\.0\.1"dontlog#robots.txtSetEnvIfRequest_URI"^/robots\.txt$"dontlog#CustomLoglogs/access_logcommonenv=!dontlog

,

http://www.w3.org/Protocols/rfc2616/rfc2616.txt

SetEnvIfAccept-Language"en"englishCustomLoglogs/english_logcommonenv=englishCustomLoglogs/non_english_logcommonenv=!english

, .. .

(LogRotation)

.1MB. . . ,

. .. , :

mvaccess_logaccess_log.oldmverror_logerror_log.oldapachectlgracefulsleep600gzipaccess_log.olderror_log.old

.

. .. ,.( "" .)

httpd ,userid.,root. .

. ,.

. .24:

CustomLog"|/usr/local/apache/bin/rotatelogs/var/log/access_log86400"common

cronolog .

,

http://www.cronolog.org/

., . . .

CustomLogErrorLog . ., .,

. . ,.

LogFormat"%v%l%u%t\"%r\"%>s%b"comonvhostCustomLoglogs/access_logcomonvhost

%v . split-logfile.


||FAQ||

mod_cgimod_rewrite

PidFileRewriteLogRewriteLogLevelScriptLogScriptLogBufferScriptLogLength

PID logs/httpd.pidhttpdprocessid. PidFile.process-id . -k. .

ScriptLog CGI.. . mod_cgi.

mod_rewrite RewriteLog. .RewriteLogLevel .


||FAQ||



URL

. .

URL .

mod_aliasmod_proxymod_rewritemod_userdirmod_spelingmod_vhost_alias

AliasAliasMatchCheckSpellingDocumentRootErrorDocumentOptionsProxyPassProxyPassReverseProxyPassReverseCookieDomainProxyPassReverseCookiePathRedirectRedirectMatchRewriteCondRewriteMatchScriptAliasScriptAliasMatchUserDir

DocumentRoot

URL-(URL DocumentRoot. DocumentRoot .

DocumentRoot

DocumentRoot .. DocumentRoot Options FollowSymLinksSymLinksIfOwnerMatch .

, Alias.

Alias/docs/var/web

URLhttp://www.example.com/docs/dir/file.html/var/web/dir/file.html. CGI ScriptAlias.

AliasMatchScriptAliasMatch.,

ScriptAliasMatch^/~([a-zA-Z0-9]+)/cgi-bin/(.+)/home/$1/cgi-bin/$2

http://example.com/~user/cgi-bin/script.cgi /home/user/cgi-bin/script.cgi,CGI.

user ~user/. mod_userdir ,URL .

http://www.example.com/~user/file.html

. UserDir . Userdirpublic_html /home/user//etc/passwd ,URL/home/user/public_html/file.html.

, Userdir /etc/passwd.

( %7e) "~"mod_userdir. ,., AliasMatchhttp://www.example.com/upages/user/file.html/home/user/public_html/file.html:

AliasMatch^/upages/([a-zA-Z0-9]+)/?(.*)/home/$1/public_html/$2

URL(Redirection)

.URL, URL(redirection), Redirect ., DocumentRoot/foo/ /bar/ :

Redirectpermanent/foo/http://www.example.com/bar/

www.example.com /foo/URL- /foo/ /bar/URL. .

, RedirectMatch., :

RedirectMatchpermanent^/$http://www.example.com/startpage.html

:

RedirectMatchtemp.*http://othersite.example.com/startpage.html

(ReverseProxy)

URL. (reverseproxying).

/foo/, internal.example.com/bar/.

ProxyPass/foo/http://internal.example.com/bar/ProxyPassReverse/foo/http://internal.example.com/bar/

ProxyPass, ProxyPassReverseinternal.example.com., ProxyPassReverseCookieDomainProxyPassReverseCookieDomain.

. internal.example.com internal.example.com.mod_proxy_htmlHTMLXHTML.

http://apache.webthing.com/mod_proxy_html/

(RewritingEngine)

mod_rewrite. .,mod_rewrite .(alias),, ,.mod_rewrite


||FAQ||

FileNotFound

URL ... URL . .

"FileNotFound" HTMLURL. mod_speling() ."FileNotFound". mod_speling HTTP.""

mod_speling .URL .mod_spelingURL,""URL .

HTTPstatuscode404 (filenotfound). ErrorDocument , .


||FAQ||

ApacheHTTPServerVersion2.4Apache>HTTPServer>Documentation>Version2.4>MiscellaneousDocumentation


. .

. ,.

.. .,

.

.,CGI,. .

http://httpd.apache.org/lists.html#http-announce

ServerRoot

root, User .root,root. root,,ServerRoot/usr/local/apache root

mkdir/usr/local/apachecd/usr/local/apachemkdirbinconflogschown0.binconflogschgrp0.binconflogschmod755.binconflogs

/,/usr,/usr/localroot. httpd:

cphttpd/usr/local/apache/binchown0/usr/local/apache/bin/httpdchgrp0/usr/local/apache/bin/httpdchmod511/usr/local/apache/bin/httpd

htdocs --root,.

rootroot root.,httpd .logs(root root .

ServerSideIncludes

ServerSideIncludes(SSI) .

. SSISSI, .

,SSICGI .SSI"execcmd"httpd.conf CGI .

SSI .

SSI CGI

.html.htmSSI.

.SSI.shtml ..

SSI . OptionsIncludesNOEXEC. ScriptAlias CGI.

CGI

CGI/ ,CGI.CGI

CGI ().B,BCGI .(hook) suEXEC .CGIWrap.

http://cgiwrap.unixtools.org/

ScriptAliasCGI

CGI:

., .,.

ScriptAliasCGI

CGI .scriptaliasCGI., ,CGI/.

scriptaliasCGI .

mod_php,mod_perl,mod_tcl,mod_python ( User), . ,.

.htaccess .

AllowOverrideNone

.htaccess.

. ,URL, .

,:

#cd/;ln-s/public_htmlhttp://localhost/~root/

. :

OrderDeny,AllowDenyfromall

. .

OrderDeny,AllowAllowfromallOrderDeny,AllowAllowfromall

Location Directory .,

UserDir ."./" root. 1.3 :

UserDirdisabledroot


||FAQ||

. , .

:

grep-c"/jsp/source.jsp?/jsp//jsp/source.jsp??"access_loggrep"clientdenied"error_log|tail-n10

Source.JSPTomcat , 10:

[ThuJul1117:18:392002][error][clientfoo.bar.com]clientdeniedbyserverconfiguration:/usr/local/apache/htdocs/.htpasswd

. .htpasswd:

foo.bar.com--[12/Jul/2002:01:59:13+0200]"GET/.htpasswdHTTP/1.1"

, :


http://online.securityfocus.com/bid/4876/info/http://www.apache.org/licenses/LICENSE-2.0http://wiki.apache.org/httpd/FAQ

||FAQ||



(DSO)

. .

. . httpd (DynamicSharedObjects,DSO).DSO,Apache ExtensionTool(apxs.

DSO.

mod_so LoadModule

mod_so.c DSO.DSO . configure--enable-module=sharedDSO.mod_foo.soDSO httpd.conf mod_soLoadModule .

()DSO apxs(APacheeXtenSion). DSO. configure makeinstallC,DSO apxs.,DSO .

Apache2.2DSO:

1. . mod_foo.cDSOmod_foo.so:

$./configure--prefix=/path/to/install--enable-foo=shared$makeinstall

2. . mod_foo.cDSOmod_foo.so:

$./configure--add-module=module_type:/path/to/3rdparty/mod_foo.c--enable-foo=shared$makeinstall

3. :

$./configure--enable-so$makeinstall

4. . apxs mod_foo.cmod_foo.so:

$cd/path/to/3rdparty$apxs-cmod_foo.c$apxs-i-a-nfoomod_foo.la

, httpd.confLoadModule .

(DSO)/(dynamiclinking/loading), .

. ld.so dlopen()/dlsym()(loader) .

DSO (sharedlibraries) DSO, libfoo.so libfoo.so.1.2 .( /usr/lib -lfoo ., LD_LIBRARY_PATH /usr/liblibfoo.so. ((unresolved))(symbol)DSO.

DSO(DSO ) DSO.( .) libc.so .

DSO (sharedobjects) DSO,( foo.so). dlopen()DSO .DSO DSO()DSO() .DSO.

DSOAPI dlsym()DSO,(dispatch) . . ( )..

DSO, .DSODSO.?DSO ""(, . (globalsymbol)(export)

DSO.DSO .

DSO ..

1998DSO (XSDynaLoader) Perl5,NetscapeServer. 1.3.DSO .


||FAQ||

DSO:

configure httpd.conf LoadModule . (SSL, [mod_perl,PHP3] ) . .PHP3,mod_perl,mod_fastcgi.DSO apxs apxs-i apachectlrestart .

DSO:

DSO 20%.(positionindependentcode,PIC) (absoluteaddressing) (relativeaddressing)5%.DSODSO( ld-lfoo)(ELF a.out )DSO. DSO C( /, ( libfoo.a, dlopen().


||FAQ||



(ContentNegotiation)

. .

HTTP/1.1(content negotiation).mediatype,,, ..

mod_negotiation.

., mediatype . . . , . .

Accept-Language:fr

.

,,mediatype,HTML,mediatype GIFJPEG.

Accept-Language:fr;q=1.0,en;q=0.5Accept:text/html;q=1.0,text/*;q=0.8,image/gif;q=0.6,image/jpeg;q=0.6,image/*;q=0.5,*/*;q=0.1

HTTP/1.1'(serverdriven)' .Accept-Language,Accept-Charset,Accept-Encoding. ,RFC2295RFC2296(transparent)'. RFC'(featurenegotiation)' .

(resource)(RFC2396)URI .(representations). mediatype,,(). (negotiable), (variant). (dimension)

. :

typemap( ,*.var), 'MultiViews'.

type-maptypemap type-map (MIMEtypeapplication/x-type-map). . .

AddHandlertype-map.var

Typemap, .HTTP . ..(,) map.. foo.var, foo.

URI:foo

URI:foo.en.htmlContent-type:text/htmlContent-language:en

URI:foo.fr.de.htmlContent-type:text/html;charset=iso-8859-2Content-language:fr,de

typemap,Multiviews ,. ,(JPEG,GIF,ASCII-art) mediatype"qs"(sourcequality) :

URI:foo

URI:foo.jpegContent-type:image/jpeg;qs=0.8

URI:foo.gif

Content-type:image/gif;qs=0.5

URI:foo.txtContent-type:text/plain;qs=0.01

qs0.0001.000.qs0.000 .'qs'1.0 .qs ''., JPEGASCII .ASCIIart ASCIIJPEG. qs .

mod_negotationtypemap.

MultiviewsMultiViews, httpd.conf,,( AllowOverride).htaccess Options . OptionsAllMultiViews..

MultiViews: /some/dir/foo /some/dir/foo MultiViews /some/dir/foo , foo.* typemap.mediatypecontent-encoding.

MultiViews DirectoryIndex,

DirectoryIndexindex

index.html index.html3.index.cgi,.

Charset,Content-Type, Language,Encodingmod_mime , MultiViewsMatch,,MultiViews .

type-map ''. .

:

1. . (qualityfactor)''..

2. (Transparent)RFC2295 .'' .'(remotevariant selectionalgorithm)'.

MediaType

Accept. . ("qs").

Language Accept-Language .. ().

Encoding Accept-Encoding ..Charset Accept-Charset ..

mediatype.

''() .:

1. , Accept*,.Accept* .4.

2. ''. . 3.

1. Accept mediatype.

2. (language) .

3. Accept-Language() LanguagePriority().

4. (text/htmlmediatype) 'level'media.

5. Accept-Charset charsetmedia. ISO-8859-1. text/*type ISO-8859-1

6. ISO-8859-1 charsetmedia ., .

7. . user-agent. . .

8. contentlength.

9. .type-map , ASCII.

3. ''. .HTTP.( .).

4. () .("Noacceptablerepresentation")406 HTML.,HTML Vary.

.. ,.

MediaTypeAccept:mediatype .,*"image/*" "*/*"''mediatype. :

Accept:image/*,*/*

"image/"typetype .type. :

Accept:text/html,text/plain,image/gif,image/jpeg,*/*

type ..

Accept:text/html,text/plain,image/gif,image/jpeg,*/*;q=0.01

type() 1.0.*/*0.01 typetype .

Accept:q "*/*",q0.01,"type/*"("*/*" )0.02. Accept:mediatype .

(language)2.0 .

Accept-language, "NoAcceptableVariant""MultipleChoices"

. Accept-language . ForceLanguagePriority LanguagePriority.

, .,HTTP/1.1 en Accept-Language en-GB. .)AcceptableVariants" LanguagePriority, en-GB en. "en-GB;q=0.9,fr;q=0.8""en""fr" ,"fr".HTTP/1.1 , .

( URL-)2.0.47mod_negotiation prefer-language . , mod_negotiation ..

SetEnvIfCookie"language=(.+)"prefer-language=$1

(transparent)

(RFC2295). {encoding..}content-encoding.RVSA/1.0(RFC2296), Accept-Encoding.RVSA/1.05.

(language) .( mod_mime .)

MIME-type( ,html),encoding( ,gz), ( ,en).

:

foo.en.htmlfoo.html.enfoo.en.html.gz

:

foo.html.en foo

foo.html-

foo.en.html foo foo.htmlfoo.html.en.gz foo

foo.htmlfoo.gzfoo.html.gz

foo.en.html.gz foo foo.htmlfoo.html.gzfoo.gz

foo.gz.html.en foofoo.gzfoo.gz.html

foo.html

foo.html.gz.en foofoo.htmlfoo.html.gz

foo.gz

( ,foo) ., html.

MIME-type( ,foo.html)(encoding )MIME-type ( ,foo.html.en).


||FAQ||

URL. URL. . HTTP/1.0.,HTTP/1.1 .

CacheNegotiatedDocsHTTP/1.0(). ,.HTTP/1.1.

HTTP/1.1 VaryHTTP. ..


||FAQ||



. .

.

.

"500ServerError" () URL.

NCSAhttpd1.3 ..

:

1. NCSA

2. URL

3. URL.

URL,

CGI :

REDIRECT_HTTP_ACCEPT=*/*,image/gif,image/x-xbitmap,image/jpegREDIRECT_HTTP_USER_AGENT=Mozilla/1.1b2(X11;I;HP-UXA.09.059000/712)REDIRECT_PATH=.:/bin:/usr/local/bin:/etcREDIRECT_QUERY_STRING=REDIRECT_REMOTE_ADDR=121.345.78.123REDIRECT_REMOTE_HOST=ooh.ahhh.comREDIRECT_SERVER_NAME=crash.bang.eduREDIRECT_SERVER_PORT=80REDIRECT_SERVER_SOFTWARE=Apache/0.8.15REDIRECT_URL=/cgi-bin/buggy.pl

REDIRECT_.

REDIRECT_URLREDIRECT_QUERY_STRING(cgi-script cgi-include)URL. (; REDIRECT_) . ErrorDocument( http:(scheme)) .

AllowOverride.htaccess ErrorDocument

...

ErrorDocument500/cgi-bin/crash-recoverErrorDocument500"Sorry,ourscriptcrashed.Ohdear"ErrorDocument500http://xxx/ErrorDocument404/Lame_excuses/not_found.htmlErrorDocument401/Subscription/how_to_subscribe.html

,

ErrorDocument

action,

1. .("). . :(") .

2. URL.

3. URL.


||FAQ||

URL /server-include.

CGI. .

. REDIRECT_CGI REDIRECT_. ,HTTP_USER_AGENTREDIRECT_HTTP_USER_AGENT. URL REDIRECT_URL REDIRECT_STATUS.URLURL .

ErrorDocumentCGI ,"Status:" .,PerlErrorDocument:

...print"Content-type:text/html\n";printf"Status:%sConditionIntercepted\n",$ENV{"REDIRECT_STATUS"};...

404NotFound , (; ) .

() Location:,Status:. Location:.


||FAQ||



(Binding)

. .

.

DNS


corempm_common

Listen

,. . IP,, .

Listen . Listen . Listen .

,808000 :

Listen80Listen8000

,

Listen192.0.2.1:80Listen192.0.2.5:8000

IPv6:

Listen[2001:db8::a00:20ff:fea7:ccea]:80

IPv6

IPv6APR IPv6,IPv6IPv6 .

IPv6IPv4 IPv6.IPv4-(mapped)IPv6IPv6IPv4 ,FreeBSDNetBSDOpenBSD . .

Tru64IPv4IPv6 IPv4IPv6 ,IPv4-IPv6enable-v4-mapped.

--enable-v4-mappedFreeBSD,NetBSD,OpenBSD , .

APRIPv4 , :

Listen0.0.0.0:80Listen192.0.2.1:80

IPv4 IPv6(IPv4-configure --disable-v4-mapped. --disable-v4-mappedFreeBSD,NetBSD, OpenBSD.


||FAQ||

Listen. . ,. .. . .


||FAQ||



(MPM)

. .

(Multi-ProcessingModule),.

., ..

Apache2.0 .,, (Multi-ProcessingModules,MPMs).

:

mpm_winntApache1.3 POSIX, .MPM.. (scalability)workerMPM, preforkingMPM. (perchild) .

MPM .MPM .MPM .

MPM

MPMs. MPM ,MPM

MPM./configure with-mpm=NAME. NAMEMPM.

./httpd-l MPM. MPM .


||FAQ||

MPM

MPM.MPM.

BeOS beosNetware mpm_netwareOS/2 mpmt_os2

preforkmpm_winnt


||FAQ||



. .

(environmentvariable) ..,CGI ..

, .SideInclude. .

mod_envmod_rewritemod_setenvifmod_unique_id

BrowserMatchBrowserMatchNoCasePassEnvRewriteRuleSetEnvSetEnvIfSetEnvIfNoCaseUnsetEnv

SetEnv. PassEnv.

,mod_setenvif .,(User-Agent)Referer( )mod_rewrite RewriteRule[E=...].

mod_unique_id ""()UNIQUE_ID.

CGICGISSI .

CGI .suexecCGI ,CGI .suexec.c.,, .,.CGISSI .

http://cgi-spec.golux.com/

mod_authz_hostmod_cgimod_ext_filtermod_headersmod_includemod_log_configmod_rewrite

AllowCustomLogDenyExtFilterDefineHeaderLogFormatRewriteCondRewriteRule

CGICGI .CGI . CGI .

SSImod_include INCLUDES (SSI) echo, CGI . SSI.

allowfromenv= denyfromenv=. SetEnvIf ,(User-Agent) .

LogFormat%e ., CustomLog . SetEnvIf., gif,.

Header HTTP. .

mod_ext_filter ExtFilterDefinedisableenv=enableenv= .

URL(Rewriting)RewriteCondTestString %{ENV:...} mod_rewrite .mod_rewrite ENV:. mod_rewrite .

.. SetEnv PassEnv.

downgrade-1.0HTTP/1.0 .

force-gzipDEFLATE accept-encoding

force-no-vary Vary. ., force-response-1.0.

force-response-1.0HTTP/1.0HTTP/1.0 .AOL.HTTP/1.0HTTP/1.1 ,.

gzip-only-text/html"1" text/htmlcontent-type mod_deflateDEFLATE .(gzip"identity" ) mod_negotiation.

no-gzip mod_deflateDEFLATE,mod_negotiation .

nokeepaliveKeepAlive.

prefer-language mod_negotiation .( en,ja,x-klingon, mod_negotiation ..

redirect-carefully. WebFolders DAV

suppress-error-charset2.0.40

(. ISO-8859-1

., .

,

httpd.conf.

##HTTP.#Netscape2.x#keepalive..#HTTP/1.1301302#()keepalive#MicrosoftInternetExplorer4.0b2.#BrowserMatch"Mozilla/2"nokeepaliveBrowserMatch"MSIE4\.0b2;"nokeepalivedowngrade-1.0force-response-1.0

##HTTP/1.1#HTTP/1.0HTTP/1.1.#BrowserMatch"RealPlayer4\.0"force-response-1.0BrowserMatch"Java/1\.0"force-response-1.0BrowserMatch"JDK/1\.0"force-response-1.0

..

SetEnvIfRequest_URI\.gifimage-requestSetEnvIfRequest_URI\.jpgimage-requestSetEnvIfRequest_URI\.pngimage-requestCustomLoglogs/access_logcommonenv=!image-request

"" .. /web/images

SetEnvIfReferer"^http://www.example.com/"local_referal#RefererSetEnvIfReferer"^$"local_referal


||FAQ||

OrderDeny,AllowDenyfromallAllowfromenv=local_referal

ApacheToday" KeepingYourImagesfromAdorningOtherSites".

http://apachetoday.com/news_story.php3?ltsn=2000-06-14-002-01-PShttp://www.apache.org/licenses/LICENSE-2.0http://wiki.apache.org/httpd/FAQ

||FAQ||



. .

.

mod_actionsmod_asismod_cgimod_imagemapmod_infomod_mimemod_negotiationmod_status

ActionAddHandlerRemoveHandlerSetHandler

"(handler)".. ,"(handled)".

Apache1.1. . .(

)

, Action .:

default-handler: default_handler(). (core)send-as-is:HTTP .( mod_asis)cgi-script:CGI. (mod_cgi)imap-file:imagemap .( mod_imagemap)server-info: .( mod_info)server-status:. (mod_status)type-map: typemap. (mod_negotiation

CGI html footer.plCGI.

Actionadd-footer/cgi-bin/footer.plAddHandleradd-footer.html

CGI (PATH_TRANSLATED) .

HTTPHTTP send-as-is./web/htdocs/asis/ send-as-is.

SetHandlersend-as-is


||FAQ||

ApacheAPI. request_rec

char*handler

, invoke_handler r->handler.contenttype . , .type.


||FAQ||



. .

.


||FAQ||

mod_deflatemod_ext_filtermod_include

AddInputFilterAddOutputFilterRemoveInputFilterRemoveOutputFilterExtFilterDefineExtFilterOptionsSetInputFilterSetOutputFilter

(filter) . (outputfilter).,

(byte-range) .,. SetInputFilter,SetOutputFilter,AddInputFilter,AddOutputFilter,RemoveInputFilter,RemoveOutputFilter.

.

INCLUDESmod_includeServer-SideIncludes

DEFLATEmod_deflate

, mod_ext_filter .


||FAQ||



suEXEC

. .

suEXEC CGISSIID ID.CGISSI .

CGISSI suEXEC .suEXEC .

.

setuid setgid. .suEXEC .

, . setuid/setgid.

,suEXEC . suEXEC. .. .

,suEXEC ..suEXEC suEXEC .suEXEC . suEXEC.

??.!

suEXEC

suEXEC .suEXEC .

suEXECsetuid "wrapper".wrapper useridCGISSI HTTP.suEXEC wrapper ID.

wrapper. .:

1. wrapper ?

wrapper .

2. wrapper?

wrapper. .wrapper suEXEC .

3. wrapper?

wrapper? ().

4. CGISSI ?

CGISSI'/' '..'?.CGI/SSIsuEXECroot( --with-suexec-docroot=DIR) .

5. ?

?

6. ?

?

7. superuser ?

suEXEC rootCGI/SSI .

8. useridID ?

ID.CGI/SSI userid ."".

9. superuser ?

suEXEC rootCGI/SSI .

10. groupidID ?

ID.CGI/SSI groupid ."".

11. wrapper ?

setuidsetgid .,.

12. CGI/SSI ?

.

13. ?

suEXECroot?UserDir suEXECuserdir( ) ?

14. ?

. .

15. CGI/SSI?

.

16. CGI/SSI ?

CGI/SSI.

17. CGI/SSIsetuidsetgid ?

UID/GID.

18. //?

?

19. ?

suEXEC()PATH, () .

20. CGI/SSI ?

suEXECCGI/SSI.

suEXECwrapper. CGI/SSI, .

suEXEC "" .

suEXEC

.

suEXEC

--enable-suexecsuEXEC .APACIsuEXECenable-suexec --with-suexec-xxxxx

--with-suexec-bin=PATHsuexec .with-suexec-bin=/usr/sbin/suexec

--with-suexec-caller=UID . .

--with-suexec-userdir=DIRsuEXEC .,"".( ,"*")""UserDir.UserDirpasswd suEXEC ."public_html".UserDir ,. ,"~userdir" cgi!

--with-suexec-docroot=DIRDocumentRoot.suEXEC (UserDirs). --datadir"/htdocs".-datadir=/home/apache" suEXECwrapperdocumentroot"/home/apache/htdocs".

--with-suexec-uidmin=UIDsuEXECUID. 500100.100.

--with-suexec-gidmin=GIDsuEXECGID. 100.

--with-suexec-logfile=FILEsuEXEC() .

"suexec_log" (--logfiledir).

--with-suexec-safepath=PATHCGIPATH."/usr/local/bin:/usr/bin:/bin".

suEXECwrapper--enable-suexecsuEXEC make suexec(). makeinstall .. "/usr/local/apache2/sbin/suexec". root .wrapperIDsetuserid .

suEXECwrapper --with-suexec-caller ,suEXEC. suEXEC.

,:

UserwwwGroupwebgroup

suexec"/usr/local/apache2/sbin/suexec" ,:

chgrpwebgroup/usr/local/apache2/bin/suexecchmod4750/usr/local/apache2/bin/suexec

suEXECwrapper .

suEXEC

--sbindir suexec("/usr/local/apache2/sbin/suexec"). suEXECwrapper(error log):

[notice]suEXECmechanismenabled(wrapper:/path/to/suexec)

wrapper,.

suEXEC ,.USR1.

suEXEC suexec .

suEXEC

CGI SuexecUserGroup mod_userdirsuEXECwrapper.

:suEXECwrapper VirtualHostSuexecUserGroup .ID User Group. userid.

:mod_userdirsuEXEC wrapper, IDCGI. IDCGI. --with-suexec-userdir.

suEXEC

suEXECwrapper --with-suexec-logfile .wrapper error_log.


||FAQ||

:

! . .

wrapper. suEXEC"".

suEXEC

suEXEC documentrootuserdir documentroot. suEXECdocumentroot. (.)

suEXECPATH

. . .

suEXEC

, .

http://httpd.apache.org/docs/2.4/suexec.htmlhttp://www.apache.org/licenses/LICENSE-2.0http://wiki.apache.org/httpd/FAQ

||FAQ||

ApacheHTTPServerVersion2.4Apache>HTTPServer>Documentation>Version2.4>MiscellaneousDocumentation


. .

2.0 ..

1.32.0(scalability) . .2.0. .

. "". . MaxClients .: top , .

:CPU,, ,"" .

. :

. TCP.

sendfile(2) ,. Solaris8.)CPU .

mod_dirmpm_commonmod_status

AllowOverrideDirectoryIndexHostnameLookupsEnableMMAPEnableSendfileKeepAliveTimeoutMaxSpareServersMinSpareServersOptionsStartServers

HostnameLookupsDNS1.3 HostnameLookups On.DNS.1.3 Off. logresolve.

Allowfromdomain Denyfromdomain(,IP )-DNS( ).IP .

.DNS. .html .cgiDNS

HostnameLookupsoff

HostnameLookupson

CGIDNS, CGI gethostbyname

.

FollowSymLinksSymLinksIfOwnerMatchURL OptionsFollowSymLinks OptionsSymLinksIfOwnerMatch .,:

DocumentRoot/www/htdocs

OptionsSymLinksIfOwnerMatch

/index.htmlURI. /www,/www/htdocs,/www/htdocs/index.html lstat(2). lstats . :


OptionsFollowSymLinks

Options-FollowSymLinks+SymLinksIfOwnerMatch

DocumentRoot .DocumentRootAlias RewriteRule ., FollowSymLinks, SymLinksIfOwnerMatch.

AllowOverrideURLoverrides( .htaccess).htaccess.,


AllowOverrideall

/index.htmlURI. /.htaccess,/www/.htaccess,/www/htdocs/.htaccess. OptionsFollowSymLinks .AllowOverrideNone.

..:

DirectoryIndexindex

:

DirectoryIndexindex.cgiindex.plindex.shtmlindex.html

.

, MultiViews, type-map .

OptionsMultiViews type-map. type-map .

(memory-mapping),server-side-include 2.0mmap(2).

.

mmapCPU read(2). ,

Solaris2.0 mmap .

NFS NFS buserror .

EnableMMAPoff.(:.)

Sendfile sendfile(2) sendfile--,.

sendfilereadsend .sendfile :

sendfile .sendfile .

NFS .

sendfile EnableSendfileoff(: .)

1.3 MinSpareServers,MaxSpareServers,StartServers ."" . StartServers , MinSpareServers. StartServers 510095. ,10.

.. .1.3,1, ,1,, 32

. MinSpareServers .

MinSpareServers,MaxSpareServers,StartServers. 4 ErrorLog. . mod_status.

MaxRequestsPerChild .0. 30, .SunOSSolaris, 10000.

(keep-alive) KeepAliveTimeout 15. . 60.

http://www.research.digital.com/wrl/techreports/abstracts/95.4.html

MPM2.x (MPMs). MPM.beos,mpm_netware,mpmt_os2,mpm_winntMPM.MPM .(scalability)MPM:

workerMPM .workerpreforkMPM .preforkMPM .preforkworker ,.preforkworker :(thread-safe), .

MPMMPMMPM .

. LoadModule .

..mod_dir,mod_log_config.mod_log_config. .

Atomicmod_cache workerMPMAPRatomicAPI.API atomic.

APR/CPU .,CPUatomiccompare-and-swap(CAS) .APR CPUmutex

CPU, atomicsatomic:

./buildconf

./configure--with-mpm=worker--enable-nonportable-atomics=yes

--enable-nonportable-atomics :

SPARCSolarisAPRSolaris/SPARCmutexatomic .enable-nonportable-atomics APRcompare-and-swapSPARC v8plus.atomic(CPU ),UltraSPARC.Linuxonx86APRmutexatomic . --enable-nonportable-atomics APRcompare-and-swap486 .atomic,(386) .

mod_statusExtendedStatusOn mod_status ExtendedStatusOngettimeofday(2)( times(2))(1.3)time(2). .ExtendedStatusoff.

accept-

:

2.0 .,.

API. . select(2). select(2) ., .(. .):

for(;;){for(;;){

fd_setaccept_fds;

FD_ZERO(&accept_fds);for(i=first_socket;i

.(

for(;;){accept_mutex_on();for(;;){

fd_setaccept_fds;

FD_ZERO(&accept_fds);for(i=first_socket;i

. ().uid CGI( , suexeccgiwrapperCGI) API(IRIX ).

AcceptMutexpthread(1.3)POSIXmutex POSIX ,(2.5)Solaris .. .

AcceptMutexposixsem(2.0)POSIX. mutex(segfault).

(serialization) APR.

., .,.

Listen ..

accept-, ? ,. (non-blocking) "(spinning)".TCP . ,. ,. .

""..(2.0.30, 128MbPentiumpro)3% .100ms.LAN .SINGLE_LISTEN_UNSERIALIZED_ACCEPT.

Close(lingering)draft-ietf-http-connection-00.txt8 ,(TCP, )..

.TCP, .1.2 . TCP/IP .( , SunOS4-- ).

. SO_LINGER.TCP/IP. ( , 2.0.31).

( http_main.c) lingering_close.:

voidlingering_close(ints){

charjunk_buffer[2048];

/*shutdownthesendingside*/shutdown(s,1);

signal(SIGALRM,lingering_death);alarm(30);

for(;;){select(sforreading,2secondtimeout);if(error)break;if(sisreadyforreading){

if(read(s,junk_buffer,sizeof(junk_buffer))

CPU, .HTTP/1.1 (persistent), . ,.HTTP/1.1 ) lingering_close(

).

Scoreboardscoreboard .scoreboard .. ().src/main/conf.h USE_MMAP_SCOREBOARDUSE_SHMGET_SCOREBOARD. ( HAVE_MMAPHAVE_SHMGET) .src/main/http_main.c (hook).( .)

:1.2 ..

DYNAMIC_MODULE_LIMIT( -DDYNAMIC_MODULE_LIMIT=0. .

http://www.w3.org/Protocols/HTTP/Performance/Pipeline.html

:

Solaris8workerMPM2.0.38 (trace). :

truss-l-phttpd_child_pid.

-ltruss LWP(lightweightprocess,--Solaris)ID.

strace,ktrace,par. .

10KB. ().

/67:accept(3,0x00200BEC,0x00200C0C,1)(sleeping...)/67:accept(3,0x00200BEC,0x00200C0C,1)=9

(listener)LWP#67 .

accept(2). workerMPMaccept.

/65:lwp_park(0x00000000,0)=0/67:lwp_unpark(65,1)=0

(accept) worker.workerLWP#65.

/65:getsockname(9,0x00200BA4,0x00200BC4,1)=0

(local).() .

/65:brk(0x002170E8)=0/65:brk(0x002190E8)=0

brk(2)(heap). apr_bucket_alloc) malloc(3).

/65:fcntl(9,F_GETFL,0x00000000)=2/65:fstat64(9,0xFAF7B818)=0/65:getsockopt(9,65535,8192,0xFAF7B918,0xFAF7B910,2190656)=0/65:fstat64(9,0xFAF7B818)=0/65:getsockopt(9,65535,8192,0xFAF7B918,0xFAF7B914,2190656)=0/65:setsockopt(9,65535,8192,0xFAF7B918,4,2190656)=0/65:fcntl(9,F_SETFL,0x00000082)=0

worker(9) (non-blocking).setsockopt(2)getsockopt(2)Solarislibcfcntl(2).

/65:read(9,"GET/10k.htm"..,8000)=97

worker.

/65:stat("/var/httpd/apache/httpd-8999/htdocs/10k.html",0xFAF7B978)=0/65:open("/var/httpd/apache/httpd-8999/htdocs/10k.html",O_RDONLY)=10

OptionsFollowSymLinksAllowOverrideNone. lstat(2) .htaccess.1),2), stat(2).

/65:sendfilev(0,9,0x00200F90,2,0xFAF7B53C)=10269

sendfilev(2) HTTP.Sendfile . sendfile(2)write(2)writev(2).

/65:write(4,"127.0.0.1-"..,78)=78


||FAQ||

write(2)(accesslog) . time(2)1.32.0 gettimeofday(3).gettimeofdaySolaris .

/65:shutdown(9,1,1)=0/65:poll(0xFAF7B980,1,2000)=1/65:read(9,0xFAF7BC20,512)=0/65:close(9)=0

worker(lingeringclose).

/65:close(10)=0/65:lwp_park(0x00000000,0)(sleeping...)

worker, (listener)

/67:accept(3,0x001FEB74,0x001FEB94,1)(sleeping...)

(worker workerMPM) worker. ,worker accept(2)( ).


||FAQ||

ApacheHTTPServerVersion2.4Apache>HTTPServer>Documentation>Version2.4>


. .

.

IPServerPath


IP

IPIP .IP HTTP..

DNS IP,. IP. .IP:

.HTTP/1.1,HTTP/1.0 . .SSLSSL .IP (bandwidth).

core DocumentRoot

NameVirtualHostServerAliasServerNameServerPath

IP().NameVirtualHost. IPNameVirtualHost *. (,SSL)*:80. NameVirtualHostIPIP . .

. > NameVirtualHost (,IP> ServerName DocumentRoot.

ServerName DocumentRoot ServerNameDocumentRoot.

www.domain.tld IPwww.otherdomain.tld . httpd.conf:

NameVirtualHost*:80

ServerNamewww.domain.tldServerAliasdomain.tld*.domain.tldDocumentRoot/www/domain

ServerNamewww.otherdomain.tldDocumentRoot/www/otherdomain

NameVirtualHost *IP.,IP ,IP.

. ServerAlias. ServerAlias :

ServerAliasdomain.tld*.domain.tld

domain.tld www.domain.tld. * ?. ServerName ServerAlias. IPDNS.

., .) .

NameVirtualHostIP .IP ServerName.. ,IP

.IP NameVirtualHost,DocumentRoot. .


||FAQ||

. () .

?

. . Host.

ServerPath:

:

NameVirtualHost111.22.33.44

ServerNamewww.domain.tldServerPath/domainDocumentRoot/web/domain

?" /domain" URI www.domain.tld. , Host: http://www.domain.tld/,http://www.domain.tld/domain/ .

http://www.domain.tld/domain/ .(, "file.html""../icons/image.gif")("http://www.domain.tld/domain/misc/file.html""/domain/misc/file.html") /domain/.


||FAQ||



IP

. .


IP IPIP (."ipaliases""ifconfig").

. .

:

21 . User,Group,Listen,ServerRoot.,IP (filedescriptor)."" Listen. ,( )

:

. .

. Listen IP().

Listenwww.smallco.com:80

IP. (DNS)


||FAQ||

.ServerAdmin,ServerName,DocumentRoot,ErrorLog,TransferLog,CustomLog.,

[email protected]/groups/smallco/wwwServerNamewww.smallco.comErrorLog/groups/smallco/logs/error_logTransferLog/groups/smallco/logs/access_log

[email protected]/groups/baygroup/wwwServerNamewww.baygroup.orgErrorLog/groups/baygroup/logs/error_logTransferLog/groups/baygroup/logs/access_log

IP. (DNS)

VirtualHost VirtualHost .

suEXECVirtualHost User Group.

: .


||FAQ||



. .

1.3 .

httpd.conf :


ServerNamewww.customer-1.comDocumentRoot/www/hosts/www.customer-1.com/docsScriptAlias/cgi-bin//www/hosts/www.customer-1.com/cgi-bin

ServerNamewww.customer-2.comDocumentRoot/www/hosts/www.customer-2.com/docsScriptAlias/cgi-bin//www/hosts/www.customer-2.com/cgi-bin

#

ServerNamewww.customer-N.comDocumentRoot/www/hosts/www.customer-N.com/docsScriptAlias/cgi-bin//www/hosts/www.customer-N.com/cgi-bin

. :

1. .

2. DNS.,

.. fifo,).

IPHTTP Host:. . mod_vhost_alias,1.3.6 mod_rewrite. ..

`'.. ServerName,CGI SERVER_NAME.UseCanonicalName. UseCanonicalNameOffHost:. UseCanonicalNameDNS IPDNS. ,IP ServerName.

`'( DocumentRoot, CGI DOCUMENT_ROOT).core URI,( mod_vhost_alias mod_rewrite). DOCUMENT_ROOT CGISSI .

mod_vhost_alias .

#Host:UseCanonicalNameOff

#LogFormat"%V%h%l%u%t\"%r\"%s%b"vcommonCustomLoglogs/access_logvcommon

#VirtualDocumentRoot/www/hosts/%0/docsVirtualScriptAlias/www/hosts/%0/cgi-bin

UseCanonicalNameOffUseCanonicalNameDNSIP .IP .

ISP. www.user.isp.com /home/user/. cgi-bin .

#.

#VirtualDocumentRoot/www/hosts/%2/docs

#cgi-binScriptAlias/cgi-bin//www/std-cgi/

mod_vhost_alias VirtualDocumentRoot.

., IP, IP. .

UseCanonicalNameOff

LogFormat"%V%h%l%u%t\"%r\"%s%b"vcommon

OptionsFollowSymLinksAllowOverrideAll

OptionsFollowSymLinksAllowOverrideNone

ServerNamewww.commercial.isp.com

CustomLoglogs/access_log.commercialvcommon

VirtualDocumentRoot/www/commercial/%0/docsVirtualScriptAlias/www/commercial/%0/cgi-bin

ServerNamewww.homepages.isp.com

CustomLoglogs/access_log.homepagesvcommon

VirtualDocumentRoot/www/homepages/%0/docsScriptAlias/cgi-bin//www/std-cgi/

IP

IP. DNS. IP .,DNS.

#IPDNSUseCanonicalNameDNS

#IPLogFormat"%A%h%l%u%t\"%r\"%s%b"vcommonCustomLoglogs/access_logvcommon

#IPVirtualDocumentRootIP/www/hosts/%0/docsVirtualScriptAliasIP/www/hosts/%0/cgi-bin

1.3.6 mod_vhost_alias.mod_vhost_alias mod_rewriteHost:-,.

.1.3.6 %V,1.3.0 %v. 1.3.4..htaccess UseCanonicalName. %{Host}i Host:. , %V :port.

mod_rewrite

httpd.conf. , mod_rewrite..

. mod_rewrite( mod_alias).URI mod_rewrite. , ScriptAlias .

#Host:UseCanonicalNameOff

#splittablelogsLogFormat"%{Host}i%h%l%u%t\"%r\"%s%b"vcommonCustomLoglogs/access_logvcommon

#ScriptAliasCGI#ExecCGIOptionsFollowSymLinksExecCGI

#

RewriteEngineOn

#Host:RewriteMaplowercaseint:tolower

##:#Alias/icons/-aliasRewriteCond%{REQUEST_URI}!^/icons/#CGIRewriteCond%{REQUEST_URI}!^/cgi-bin/#RewriteRule^/(.*)$/www/hosts/${lowercase:%{SERVER_NAME}}/docs/$1

##CGI-MIMEtypeRewriteCond%{REQUEST_URI}^/cgi-bin/RewriteRule^/(.*)$/www/hosts/${lowercase:%{SERVER_NAME}}/cgi-bin/$1[T=application/x-httpd-cgi]

#!

mod_rewrite

.

RewriteEngineon

RewriteMaplowercaseint:tolower

#CGIRewriteCond%{REQUEST_URI}!^/cgi-bin/

#RewriteRuleRewriteCond${lowercase:%{SERVER_NAME}}^www\.[a-z-]+\.isp\.com$

#URI#[C]RewriteRule^(.+)${lowercase:%{SERVER_NAME}}$1[C]

#RewriteRule^www\.([a-z-]+)\.isp\.com/(.*)/home/$1/$2

#CGIScriptAlias/cgi-bin//www/std-cgi/


||FAQ||

mod_rewrite ..

vhost.map:

www.customer-1.com/www/customers/1www.customer-2.com/www/customers/2#...www.customer-N.com/www/customers/N

http.conf:

RewriteEngineon

RewriteMaplowercaseint:tolower

#RewriteMapvhosttxt:/www/conf/vhost.map

#aliasRewriteCond%{REQUEST_URI}!^/icons/RewriteCond%{REQUEST_URI}!^/cgi-bin/RewriteCond${lowercase:%{SERVER_NAME}}^(.+)$#RewriteCond${vhost:%1}^(/.*)$RewriteRule^/(.*)$%1/docs/$1

RewriteCond%{REQUEST_URI}^/cgi-bin/RewriteCond${lowercase:%{SERVER_NAME}}^(.+)$RewriteCond${vhost:%1}^(/.*)$RewriteRule^/(.*)$%1/cgi-bin/$1


||FAQ||



. .

. IP .

IP .

IP,DNS(CNAMES) .www.example.comwww.example.org.

Note

DNS. . hostshosts .

#80Listen80

#IPNameVirtualHost*:80

DocumentRoot/www/example1ServerNamewww.example.com

#

DocumentRoot/www/example2ServerNamewww.example.org

#

, . www.example.com, . ServerNameVirtualHost.

*IP . VirtualHost

NameVirtualHost :


#...

ISPIP IP * ,IP .

. IP

IP .

IP .

IP. (172.20.30.40)"" server.domain.com, (172.20.30.50) .

Listen80

#172.20.30.40""ServerNameserver.domain.comDocumentRoot/www/mainserver

#NameVirtualHost172.20.30.50


#...


#...

172.20.30.50 .,172.20.30.50 www.example.com.

() IP.

IP( 192.168.1.1172.20.30.40).() (). server.example.com(172.20.30.40), ( 192.168.1.1

VirtualHost .

NameVirtualHost192.168.1.1NameVirtualHost172.20.30.40

DocumentRoot/www/server1ServerNameserver.example.comServerAliasserver

VirtualHost.

:

server.example.com server

IP * .

.

IP ."NameVirtualHost".NameVirtualHostname:portListen.

Listen80Listen8080

NameVirtualHost172.20.30.40:80NameVirtualHost172.20.30.40:8080

ServerNamewww.example.comDocumentRoot/www/domain-80

ServerNamewww.example.comDocumentRoot/www/domain-8080

ServerNamewww.example.orgDocumentRoot/www/otherdomain-80

ServerNamewww.example.orgDocumentRoot/www/otherdomain-8080

IP

www.example.comwww.example.orgIP(172.20.30.40 172.20.30.50).

Listen80



(, localhost.

ip

www.example.comwww.example.orgIP(172.20.30.40 172.20.30.50).IP808080.

Listen172.20.30.40:80Listen172.20.30.40:8080Listen172.20.30.50:80Listen172.20.30.50:8080

DocumentRoot/www/example1-80ServerNamewww.example.com

DocumentRoot/www/example1-8080ServerNamewww.example.com

DocumentRoot/www/example2-80ServerNamewww.example.org

DocumentRoot/www/example2-8080ServerNamewww.example.org

IP

,IP .

Listen80




DocumentRoot/www/example3ServerNamewww.example3.net

#IP-

DocumentRoot/www/example4ServerNamewww.example4.edu

DocumentRoot/www/example5ServerNamewww.example5.gov

_default_

_default_IP .

DocumentRoot/www/default

default() .

default /. ( /).

AliasMatchRewriteRule().

_default_,80 _default_

DocumentRoot/www/default80#...

DocumentRoot/www/default#...

80default( ). .

_default_

80default.

DocumentRoot/www/default...

80 ,

IP

() www.example.org IP. IP .

VirtualHostIP (172.20.30.50).

Listen80ServerNamewww.example.comDocumentRoot/www/example1


DocumentRoot/www/example2ServerNamewww.example.org#...

DocumentRoot/www/example3ServerNamewww.example.netServerAlias*.example.net#...

(IP)( )

ServerPath

. HTTP/1.0 (). ,.


#primaryvhostDocumentRoot/www/subdomainRewriteEngineOnRewriteRule^/.*/www/subdomain/index.html#...

DocumentRoot/www/subdomain/sub1

ServerNamewww.sub1.domain.tldServerPath/sub1/RewriteEngineOnRewriteRule^(/sub1/.*)/www/subdomain$1#...

DocumentRoot/www/subdomain/sub2ServerNamewww.sub2.domain.tldServerPath/sub2/RewriteEngineOnRewriteRule^(/sub2/.*)/www/subdomain$1#...

ServerPath URLhttp://www.sub1.domain.tld/sub1/ subl-. Host:, URLhttp://www.sub1.domain.tld/ subl-. Host:

: Host:http://www.sub2.domain.tld/sub1/ subl-.


||FAQ||

RewriteRule Host: ( URL.


||FAQ||



. .

1.3 .NameVirtualHost 1.3.

, .

. .

Listen,ServerName,ServerPath,ServerAlias . ().

Listen80. ServerPath ServerAlias .ServerName IP.

Listen. .URI.

.

VirtualHost. . * .(DNS A (addressset).

IP NameVirtualHost IP. IP *.

IP NameVirtualHostNameVirtualHost(CNAME)

IP: NameVirtualHost,NameVirtualHost VirtualHost.

NameVirtualHost VirtualHost( VirtualHost.):


#A

#A

...

#B...


#C...

#D...

111.22.33.55>#C...

#B...

#D...

NameVirtualHost111.22.33.44NameVirtualHost111.22.33.55

(.)

VirtualHost, VirtualHostListen.

VirtualHost ServerAlias ServerAlias). Listen.

IP. NameVirtualHostIP. .IP .

IP .IP

.:

1. ServerAdmin,ResourceConfig,AccessConfig,Timeout,KeepAliveTimeout,KeepAlive,

MaxKeepAliveRequests,SendBufferSize.(, .)

2. " (lookupdefaults)".(per-directoryconfiguration).

3. (per-serverconfig) .

"""" ...

ServerName .IP .

ServerName VirtualHost.

_default_ ServerName

:

IPIP .

IP ,_default_ .

IP NameVirtualHost*..

(IP), IP.

IPIP. ,.

..

(IP ),Host: .

Host:, ServerName ServerAlias. Host: ,

Host:HTTP/1.0 ServerPath. ,

,() IP.

IPTCP/IP ,KeepAlive/ ., .

URIURIURI ,URI// URI. URI .

IP .IP. . NameVirtualHost.IP ServerAliasServerPath.,IP, _default_, NameVirtualHost. . . Host: ..( Host: ,) ServerPathServerPath .IP, .. ._default_IP . _default_( Listen). ( ,_default_:*) .NameVirtualHost*.IP ( _default_)., ( _default_ )/.( ,NameVirtualHost)()Host: _default_

.DNS VirtualHostDNS.DNS . . ServerName .DNS.


||FAQ||

DNS :

VirtualHost .(. .) NameVirtualHostVirtualHost.ServerPath ServerPath.()() .(/abc""ServerPath/abc/def" .


||FAQ||



(filedescriptor)

. .

,(filehandle) ). ,10-20. .hard-limit.

, :

1. setrlimit() .

2. (Solaris2.3) setrlimit(RLIMIT_NOFILE)

3. hardlimit.

4. (Solaris2)stdio256

:

. .( .)()12,

#!/bin/shulimit-S-n100exechttpd


||FAQ||

..

. LogFormat %v.:

LogFormat"%v%h%l%u%t\"%r\"%>s%b"vhostCustomLoglogs/multiple_vhost_logvhost

common( ServerName).( .)

() split-logfile.support.

:

split-logfile</logs/multiple_vhost_log

.hostname.log.


||FAQ||



DNS

. .

. DNS.() ((theftofservice) .

[email protected]/www/abc

.IP.IP ,DNS www.abc.dom DNS (1.2 .)

www.abc.dom192.0.2.1. :


ServerNameDNS..(1.2 .), ,ip. URLURL.

.


(DenialofService)

(). 1.2. DNS.,abc.domDNS , www.abc.dom).

.:


[email protected]/www/def

www.abc.dom192.0.2.1, www.def.dom192.0.2.2. , def.domDNS. def.domabc.dom . www.def.dom192.0.2.1. DNSwww.def.dom .

( http://www.abc.dom/whatever URL)192.0.2.1 def.dom. . .

""

1.1 IP().ServerNameC gethostname( "hostname"). DNS..

DNS /etc/hosts..) DNS /etc/hosts /etc/resolv.conf /etc/nsswitch.conf.

DNS HOSTRESORDER"local". mod_env CGI.manpageFAQ .

VirtualHostIP ListenIP ServerName


||FAQ||

:

DNS.1.2 DNS .IP

IPDNS. . DNS.(FTPTCPwrapper"-"DNS .)

IPDNS . .

HTTP/1.1 HostIP DNS.19973 .



ApacheHTTPServerVersion2.4Apache>HTTPServer>Documentation>Version2.4>SSL/TLS


SSL/TLSStrongEncryption:AnIntroduction

AsanintroductionthischapterisaimedatreaderswhoarefamiliarwiththeWeb,HTTP,andApache,butarenotsecurityexperts.ItisnotintendedtobeadefinitiveguidetotheSSLprotocol,nordoesitdiscussspecifictechniquesformanagingcertificatesinanorganization,ortheimportantlegalissuesofpatentsandimportandexportrestrictions.Rather,itisintendedtoprovideacommonbackgroundtomod_sslusersbypullingtogethervariousconcepts,definitions,andexamplesasastartingpointforfurtherexploration.

CryptographicTechniques

UnderstandingSSLrequiresanunderstandingofcryptographicalgorithms,messagedigestfunctions(aka.one-wayorhashfunctions),anddigitalsignatures.Thesetechniquesarethesubjectofentirebo

apache http server version 2 - documentation & help · apache > http server > documentation >...

Documents