Shulou(Shulou.com)06/03 Report--

Main configuration file for Apache: / etc/httpd/conf/httpd.conf

Default site home directory: / var/www/html/

The configuration information of the Apache server is all stored in the main configuration file / etc/httpd/conf/httpd.conf, which contains a lot of content, with a total of 1009 lines counted with the wc command, most of which are comment lines that start with #.

[root@justin ~] # wc-l / etc/httpd/conf/httpd.conf

/ etc/httpd/conf/httpd.conf

[root@justin ~] #

The configuration file consists of three parts:

[root@justin] # grep'\'/ etc/httpd/conf/httpd.conf-n

33:### Section 1: Global Environment

245 Section 2: 'Main' server configuration

973:### Section 3: Virtual Hosts

[root@justin ~] #

1) Global Environment--- global environment configuration, which determines the global parameters of Apache server

2) Main server configuration--- master service configuration, which is equivalent to the default Web site in Apache. If there is only one site in our server, we just need to configure it here.

3) Virtual Hosts--- virtual host. Virtual host cannot coexist with Main Server master server. When virtual host is enabled, Main Server cannot be used.

1) Global Environment

ServerTokens OS

Whether the name of the server operating system is displayed when the error page appears. ServerTokens Prod does not show it.

ServerRoot "/ etc/httpd"

It is used to specify the running directory of Apache. After the service is started, the directory is automatically changed to the current directory. All relative paths used later are under this directory.

PidFile run/httpd.pid

Record the pid number of the httpd daemon, which is how the system identifies a process. There can be multiple httpd processes in the system, but the corresponding process of this PID is another parent process.

Timeout 60

Time when the server is disconnected from the client

KeepAlive Off

Whether to connect continuously (because each connection requires a three-way handshake. If the number of visits is small, it is recommended to turn this on. If the number of visitors to the website is relatively large, it is better to close this item. Change it to: KeepAlive On means programmatic online is allowed.

MaxKeepAliveRequests 100

Represents the maximum number of requests for a connection

KeepAliveTimeout 15

Time before disconnection

StartServers 8

MinSpareServers 5

MaxSpareServers 20

ServerLimit 256

MaxClients 256

MaxRequestsPerChild 4000

The default module of the system, which starts a process for each access (that is, when multiple connections share a process, only one can be serviced at a time).

When StartServer starts the service, it starts 8 processes, with a minimum of 5 processes and a maximum of 20 processes.

MaxClient restricts clients to enter the waiting queue if the maximum number of connection requests exceeds at one time.

MaxRequestsPerChild the maximum number of requests allowed for services per process lifetime. 0 means never ending.

StartServers 4

MaxClients 300

MinSpareThreads 25

MaxSpareThreads 75

ThreadsPerChild 25

MaxRequestsPerChild 0

Configure thread access for Apache, that is, start one thread for each pair of WEB service access, which has less memory footprint.

The upper limit of the number of processes that the ServerLimit server allows to configure.

ThreadLimit limit on the number of threads that may be configured per child process

StartServers starts two httpd processes

MaxClients can initiate up to 250 visits at a time, and more than that have to enter the queue to wait. Its size is determined by the product of ServerLimit and ThreadsPerChild.

ThreadsPerChild the number of resident execution threads during the lifetime of each child process, which will not be increased after the child thread is established.

MaxRequestsPerChild the maximum number of threads started by each process. If the limit is reached, the process will end. If set to 0, the child thread will never end.

Listen 80

Listening port. If there are multiple network cards, all network cards will be monitored by default.

150 LoadModule auth_basic_module modules/mod_auth_basic.so

.

LoadModule version_module modules/mod_version.so

The module mod_access loaded at startup has been renamed to mod_authz_host

Include conf.d/*.conf

Loaded configuration fil

User apache

Group apache

The identity that is converted after starting the service, usually as root when starting the service, and then changing the identity, thus increasing system security

2) Main server configuration

ServerAdmin root@localhost

Administrator's mailbox

# ServerName www.example.com:80

By default, the server does not need to specify its own name, but if there is a problem with the resolution (such as incorrect reverse parsing), or there is no DNS name, you can also specify the IP address here. When this is incorrect, the server cannot start normally. When you start Apache, you are prompted to start httpd:httpd: apr_sockaddr_info_get () failed forjustin httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1forServerName. The solution is to start this item to change www.example.com:80 to your own domain name or directly to localhost.

285 UseCanonicalName Off

If the client provides a hostname and port, Apache will use this information provided by the client to build a self-referenced URL. These values are the same as those used to implement domain name-based virtual hosts and are available to the same clients. The CGI variables SERVER_NAME and SERVER_PORT are also built from the values provided by the client

DocumentRoot "/ var/www/html"

The directory where web page files are stored

Options FollowSymLinks

AllowOverride None

Setting of a permission for the root directory

Options Indexes FollowSymLinks

AllowOverride None

Order allow,deny

Allow from all

To set a permission in the / var/www/html directory, the Indexes in options indicates whether the index is allowed to display the files in the directory when the web page does not exist, and whether the FollowSymLinks allows access to symbolic link files. Some options include whether the ExecCGI table uses CGI. For example, Options Includes ExecCGI FollowSymLinks allows the server to execute CGI and SSI, and forbids the listing of directories. SymLinksOwnerMatch means that access is allowed only if the symbolic link file and the target file are owned by the same user. AllowOverrideNone says that the access control files in this directory are not allowed to change the configuration here, which also means that you do not have to view the access control files in this directory. Change it to: AllowOverride All means that .htaccess is allowed. The next item in Order's access control order to the page is the default option. For example, allow,deny is deny,Allowfromall by default, which allows all users to control access control to the website by combining with the previous item.

UserDir disabled

Whether to allow users to access their home directory is not allowed by default.

#

# AllowOverride FileInfo AuthConfig Limit

# Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec

#

# Order allow,deny

# Allow from all

#

#

# Order deny,allow

# Deny from all

#

#

If you are allowed to access the web page file in the user's home directory, uncomment the above and modify it

DirectoryIndex index.html index.html.var

Specify the default name of the home page you want to visit, and the default home page file name is index.html

AccessFileName .htaccess

Define the access control file name for each directory, which defaults to .htaccess

Order allow,deny

Deny from all

Satisfy All

Controls that users on web are not allowed to view the .htpasswd and .htaccess files

TypesConfig / etc/mime.types

Used to set the file name that holds data of different MIME types

DefaultType text/plain

Default type of web page

# MIMEMagicFile / usr/share/magic.mime

MIMEMagicFile conf/magic

Specify the module that determines the true MIME type of the file

HostnameLookups Off

When this feature is turned on, the hostname is recorded when logging, which requires the server to resolve the domain name in reverse, increasing the load on the server. It is usually not recommended to enable it.

# EnableMMAP off

Whether to allow memory mapping: if httpd needs to read the contents of a file during transfer, whether it can use memory mapping. If on indicates that memory mapping will be used if the operating system supports it. On some multi-core processor systems, this may degrade performance, and if this feature is enabled on a DocumentRoot with NFS mounted, it may cause httpd to crash due to segmentation

# EnableSendfile off

This directive controls whether httpd can use the sendfile support of the operating system kernel to send files to the client. By default, when processing a request does not require access to the data inside the file (such as sending a static file content), if the operating system supports it, Apache will use sendfile to send the file contents directly to the client without reading the file

484 ErrorLog logs/error_log

Where the error log is stored

LogLevel warn

Level of Apache Lo

LogFormat "% h% l% u% t\"% r\ "% > s% b\"% {Referer} I\ "\"% {User-Agent} I\ "" combined

LogFormat "h% l% u% t\"% r\ "% > s% b" common

LogFormat "% {Referer} I->% U" referer

LogFormat "{User-agent} I" agent

The format of the log is defined and represented by different codes

# CustomLog logs/access_log common

CustomLog logs/access_log combined

Indicates the location of the log record, where a relative path is used, so ServerRoot needs to point out that the log location is stored in / etc/httpd/logs

ServerSignature On

Defines whether some information about the version of apache is prompted when the web page requested by the customer does not exist or is incorrect.

Alias / icons/ "/ var/www/icons/"

Define files that are not under DocumentRoot and map them to the root of the web page. This is also a way to access other directories, but remember to add "/" after the directory when you declare it.

Options Indexes MultiViews FollowSymLinks

AllowOverride None

Order allow,deny

Allow from all

Define the permissions for / var/www/icons/. Change it to Options MultiViews FollowSymLinks to indicate that the tree directory structure is not displayed on the browser.

# Location of the WebDAV lock database.

DAVLockDB / var/lib/dav/lockdb

Management of mod_dav_fs.c modules

ScriptAlias / cgi-bin/ "/ var/www/cgi-bin/"

An alias for the CGI module, similar to Alias.

AllowOverride None

Options None

Order allow,deny

Allow from all

Manage / var/www/cgi-bin folder in the same way as above

# Redirect old-URI new-URL

The Redirect parameter is used to override the URL. When the browser accesses a resource that no longer exists on the server, the server returns the new URL to the browser, telling the browser to get the resource from that URL. This is mainly used to change the location of the document that originally exists on the server and to be able to access the original web page using the old URL.

IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable Charset=UTF-8

AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip

...

IndexIgnore. * * ~ * # HEADER* README* RCS CVS *, v *, t

When the URL of a HTTP request is a directory, the server returns the index files in this directory, and if the index file does not exist in the directory and the server has permission to display a list of directory files, it will display a list of files in this directory. These parameters are needed to make the file list understandable, not just a simple list. If you use the IndexOptionsFancyIndexing option, you can have the server reference different icons for different files. If not, use DefaultIcon to define the default icon. Similarly, you can use AddDescription to describe different types of documents

AddLanguage ca .ca

.

AddLanguage zh-TW. Zh-tw

Add Langua

LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW

Languages supported by Apache

AddDefaultCharset UTF-8

Languages supported by default

# AddType application/x-tar .tgz

For supported applications, if you want to support parsing of php, add such a line

# AddEncoding x-compress .Z

# AddEncoding x-gzip .gz .tgz

Support for files ending in .Z and .gz.tgz

AddType application/x-compress .Z

AddType application/x-gzip .gz .tgz

Add applications to the above two files

# AddHandler cgi-script .cgi

Modified to: AddHandler cgi-script .cgi .pl allows CGI scripts with a .pl extension to run

AddType text/html .shtml

AddOutputFilter INCLUDES .shtml

Add the dynamic processing type to server-parsed by the server to pre-analyze the tags in the web page and change the tags to the correct HTML identity

# ErrorDocument 404 / missing.html

When the server has a 404 error, return to the missing.html page

Alias / error/ "/ var/www/error/"

Assignment alias

AllowOverride None

Options IncludesNoExec

AddOutputFilter Includes html

AddHandler type-map var

Order allow,deny

Allow from all

LanguagePriority en es de fr

ForceLanguagePriority Prefer Fallback

Permissions and operations on / var/www/error web pages

BrowserMatch "Mozilla/2" nokeepalive

BrowserMatch "MSIE 4\ .0b2;" nokeepalive downgrade-1.0 force-response-1.0

BrowserMatch "RealPlayer 4\ .0" force-response-1.0

BrowserMatch "Java/1\ .0" force-response-1.0

BrowserMatch "JDK/1\ .0" force-response-1.0

.

Set special parameters to ensure compatibility with older browsers and support the features of new browsers

3) Virtual Hosts

# NameVirtualHost *: 80

If the virtual host is enabled, the previous comments must be removed, and the contents of the second part can appear in each virtual host section.

# VirtualHost example:

#

# ServerAdmin webmaster@www.linuxidc.com

# DocumentRoot / www/docs/www.linuxidc.com

# ServerName www.linuxidc.com

# ErrorLog logs/www.linuxidc.com-error_log

# CustomLog logs/www.linuxidc.com-access_log common

#

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.