Apache Common Configuration

+ + How to set request Wait time
Inside the httpd.conf set:
TimeOut N
where n is an integer and the unit is seconds.

+ + How to receive the total time of a GET request
The time between the TCP packets that receive a post and put request
Response (ACK) time interval in TCP packet transport

+ + How to make Apache listen on a specific port
Modify the httpd.conf inside the listen options, such as:
Listen 8000
is to make Apache listen on port 8000.
And if you want to specify both a listening port and a listening address, you can use:
Listen 192.170.2.1:80
Listen 192.170.2.5:8000
This allows Apache to simultaneously listen on the 192.170.2.1 80 port and the 192.170.2.5 8000 port.
Of course, you can also set in httpd.conf:
Port 80
This will achieve a similar effect.

+ + How to set the maximum number of idle processes for Apache
Modify the httpd.conf, set in the inside:
Maxspareservers N
where n is an integer. So when the idle process exceeds n, the Apache main process kills the extra idle process while keeping the idle process in N, saving the system resources. If it is necessary to adjust this parameter at a very busy site in Apache, it is not a good idea to tune this parameter to a large majority at any time.
You can also set:
Minspareservers N
To limit the minimum number of idle processes to speed up the response.

++apache How to set the number of child service processes at startup
Inside the httpd.conf set:
Startservers 5
This will allow 5 free child processes to wait for the request to be accepted after you start Apache.
You can also refer to Minspareservers and maxspareservers settings.

+ + How to set the maximum number of requests per connection in Apache
Inside the httpd.conf set:
Maxkeepaliverequests 100
This ensures that in a connection, if the simultaneous request reaches 100, the new request for the connection is not responded to, ensuring that the system resources are not heavily occupied by a connection. However, in the actual configuration, it is required to increase this number to achieve higher system performance.
#用户连续访问了多少个页面后重新建立联结, adjust the height appropriately.

+ + How to set the duration of sessions in Apache
In the apache1.2 version above, you can set the inside httpd.conf:
KeepAlive on
KeepAliveTimeout 15
This will limit the retention time of each session to 15 seconds. The use of session can make many requests can be sent through the same TCP connection, saving network resources and system resources.
#KeepAliveTimeout是允许用户保持连接15秒内有效, if the user clicks on other pages within 15 seconds without having to re-establish the connection, this set of short values is not conducive to reducing efficiency, if the set length may cause the simultaneous number of connections will be high, generally recommended by the default of 15

+ + How to enable Apache to authenticate client domain
You can set it in httpd.conf:
Hostnamelookups on|off|double
If you are using on, then only a reverse search, if used double, then the reverse search after a positive resolution, only two of the results are consistent with each other, and off is not to verify the domain name.
It is recommended to use double for security purposes, and off is recommended for faster access.

+ + How to make Apache monitor only on specific IP
Modify the httpd.conf and use it inside
Bindaddress 192.168.0.1
This allows Apache to only listen to external HTTP requests for 192.168.0.1. If you use:
Bindaddress *
Indicates that Apache listens for HTTP requests on all network interfaces.
Of course, with a firewall can also be achieved.

How to limit the size of the message body of an HTTP request in ++apache
Inside the httpd.conf set:
Limitrequestbody N
n is an integer and the unit is byte.
CGI scripts generally submit the contents of the form as the body of the message to the server for processing, so the size of the message body is now useful when using CGI. For example, use CGI to upload files if there are settings:
Limitrequestbody 102400
Then the upload file more than 100k time will be an error.

+ + How to modify the Apache document root directory
Modify the DocumentRoot option inside the httpd.conf to the specified directory, such as:
Documentroot/www/htdocs
So http://localhost/index.html is the corresponding/www/htdocs/index.html

+ + How to modify the maximum number of connections Apache
Set in httpd.conf:
MaxClients N
n is an integer that represents the maximum number of connections between 1 and 256, if you want to allow Apache to support more connections, then you need to modify the Httpd.h file in the source code, the definition of the Hard_server_limit value and then compile.

+ + How to make each user have a separate cgi-bin directory
There are two alternative ways:
(1) Add the following attributes to the public_html settings in the Apache configuration file:
Scriptaliasmatch ^/~ ([^/]*)/cgi-bin/(. *)/home/$1/cgi-bin/$2
(2) in the Apache configuration file on the public_html settings add the following attributes:
<Directory/home/*/public_html/cgi-bin>
Options execcgi
SetHandler Cgi-script
</Directory>

+ + How to adjust the maximum number of processes for Apache
The maximum number of processes that Apache allows to open for requests is 256,maxclients is 256. If the user is more, the user can only see waiting for
Reply ... then wait until the next available process appears. The maximum number is determined by the Apache program-its NT version can have 1024, but the UNIX version is only 256, and you can see it in Src/include/httpd.h:
#ifndef Hard_server_limit
#ifdef WIN32
#define HARD_SERVER_LIMIT 1024
#else
#define HARD_SERVER_LIMIT 256
#endif
#endif
You can tune it to 1024 and then compile your system.

+ + How to block users from an Internet address from accessing the Apache server
You can use Deny and allow to restrict access, such as to prohibit user access to 202.202.202.XX networks:
<Directory/www/htdocs>
Order Deny,allow
Deny from 202.202.202.0/24
</Directory>

+ + How to record Apache browser and reference information in a log
You need to compile the mod_log_config into your Apache server, and then use a configuration similar to the following:
Customlog Logs/access_log "%h%l%u%t"%r "%s%b"%{referer}i "
"%{user-agent}i" "

+ + How to modify the header information returned by Apache
Problem Analysis: When the client connects to the Apache server, Apache typically returns information such as Server version, Non-default module, and so on, such as:
server:apache/1.3.26 (Unix) mod_perl/1.26
Solve:
You can make the following settings in the Apache configuration file to minimize the information about the server that it returns:
Servertokens Prod
Attention:
After this setting, Apache will also return certain server information, such as:
Server:apache
But this does not have much impact on server security, because many scanning software is scanned regardless of the header information returned by your server. If you want to turn the information about the server back into:
Server:it is a none-apache Server
Then you will have to modify the source code.

+ + generates logs but does not include pictures.
Logformat "%h%l%u%t \%r\"%>;s%b \ "%{referer}i\" \ "%{user-agent}i\" "combined
Setenvif Request_uri \.gif$ Gif-image
Setenvif request_uri \. gif$ Gif-image
Setenvif Request_uri \.jpg$ Gif-image
Setenvif request_uri \. jpg$ Gif-image
Setenvif Request_uri \.png$ Gif-image
Setenvif Request_uri \.swf$ Gif-image
Setenvif request_uri \. swf$ Gif-image
Setenvif Request_uri \.css$ Gif-image
Setenvif request_uri \. css$ Gif-image
Setenvif Request_uri \.js$ Gif-image
Setenvif request_uri \. js$ Gif-image
Setenvif Request_uri \.ico$ Gif-image
<virtualhost 12.34.56.78:80>;
ServerAdmin webmaster@abc.net
Documentroot/db/htdocs/www
ServerName www.abc.net
Customlog "|/usr/local/cronolog/sbin/cronolog/db/logs/www.%y-%m-%d.log" combined Env=!gif-image
#用cronolog截取存放在 the Apache log files generated by date under/db/logs/, excluding pictures
</VirtualHost>;

Another method:
<filesmatch "\. (ico|gif|jpg|swf) ">
Setenv Imag 1
</FilesMatch>
Customlog Logs/access_log Combined env=! Imag

+ + first rejects anyone, and then allows access from a specific host.
Order Deny,allow
Deny from all
Allow from dev.example.com

+ + overrides the/xyz/old.html request to the physical file/website/test1/abc/new.html
1). There is a ' alias/xyz/website/test1/abc ' directive in the httpd.conf.
2. To establish a. htaccess document under/website/test1/abc/, as follows
Rewriteengine on
Rewritebase/xyz
Rewriterule ^old\.html$ new.html
3. In order to ensure the activation. htaccess, you need to configure in httpd.conf
<Directory/website/test1/abc>
AllowOverride All
</Directory>
#注: The rewritebase directive explicitly sets the base URL for a directory-level override.

+ + determines what page file to return based on browser type
Rewriteengine on
Rewritecond%{http_user_agent} ^mozilla.*
Rewriterule ^/$/homepage.max.html [L]
#其它类推

++rewrite Other
Rewriteengine on
Rewriteloglevel 3 #较高的值会使Apache速度急剧下降! The rewrite log uses a level value greater than 2 for debugging only!
Rewritelog "/usr/local/var/apache/logs/rewrite.log" #写log
Rewriterule ^/$/film/index.shtml [r,l] # REDIRECT home to another file
Rewriterule ^/$/film/index.shtml [p,l] # REDIRECT home to another file without changing the URL address name

+ + Close the last line of the error document contains information such as the name of the server, the version of Apache, and so on
Serversignature off #默认值为On, can also be changed to serversignature email, this will show the administrator's email address

+ + will correspond to the/www/docs/small_dogs directory with URLs beginning with/puppy and/puppies
Aliasmatch ^/pupp (y|ies)/www/docs/small_dogs

The ++redirect directive redirects a specific URL to another server
Redirect [keyword]/example http://www.otherserver.com/new/location
Key words:
temp-temporary redirection, return 302 status response, the client will be credited to the original request URL
permanent-permanent redirect, return 301 response, the client will remember the new URL
Gone-told the user, this URL has been removed, and will not come back, this keyword does not need to follow the new URL parameters, back to 410 states.
Seeother-told the client that the old URL has been discarded, but the contents of the file have been replaced by the contents of the new file to the 303 status.

+ + redirect multiple URLs to the same location
Redirectmatch ^/[ff]ish (ing)? Http://fis.example.com

+ + Accept case-insensitive URLs
CheckSpelling on #mod_speling模块支持

+ + Change all string1 in the request URL to string2
Rewritecond%{request_uri} "String1″
Rewriterule "(. *) string1 (. *)" "$1string2$2″[n,pt]
#[n] Tag lets Apache repeatedly execute rewrite rules until rewritecond conditions expire.

+ + Manually install a module (take rewrite as an example)
/usr/local/apache/bin/apxs-c mod_rewrite.c # #apxs应指定绝对路径
/usr/local/apache/bin/apxs-i-a-n mod_rewrite mod_rewrite.la

#编辑httpd. conf file
LoadModule Rewrite_module modules/mod_rewrite.so

+ + Example of a virtual host
Namevirtualhost *:80
<virtualhost *:80>
ServerAdmin webmaster@zhangjianfeng.com
ServerName blog.zhangjianfeng.com
Serveralias web1.zhangjianfeng.com
DocumentRoot "/web/web1/"
Errorlog/logs/apache/web1_error_log
Customlog/logs/apache/web1_log combined
Rewriteengine on
#RewriteLogLevel 1
#RewriteLog "/logs/apache/rewrite.log"
#RewriteRule \. (Exe|rar) $ http://downloads.zhangjianfeng.com/data/$1 [R]
</VirtualHost>

++servertokens Directive
servertokens major| minor| min[imal]| prod[uctonly]| os| The full
Servertokens prod[uctonly] server sends (for example): Server:apache
Servertokens Major the server will send (for example): SERVER:APACHE/2
Se Rvertokens Minor Server will send (for example): server:apache/2.0
Servertokens min[imal] server will send (for example): server:apache/2.0.41
The Servertokens os     server sends (for example): server:apache/2.0.41 (Unix)
Servertokens full (or unspecified) server is sent (for example ): server:apache/2.0.41 (Unix) php/4.2.2 mymod/1.2

+ + Other
<files ~ "^\.ht" >
Order Allow,deny
Deny from all
</Files>
User Apache
Group Apache
ServerAdmin root@zhangjianfeng.com
ServerName WEBSRV1
Usecanonicalname off
Hostnamelookups off
Logformat "%h%l%u%t \%r\"%>s%b \ "%{referer}i\" \ "%{user-agent}i\" "combined
Customlog Logs/access_log combined
ErrorLog Logs/error_log
Serversignature on| Off| EMail
Servertokens major| minor| min[imal]| prod[uctonly]| os| Full

+ + View Current Connection Agreement situation
Netstat-an | Grep-i "80″| awk ' {print $} ' | Sort | uniq-c | Sort-n

+ + A simple password Authentication implementation
#添加下面内容到httpd. conf
Alias/test2 "/var/www/html/test"
   <directory "/var/ Www/html/test
    allowoverride authconfig  
    order Deny, Allow
    Allow from all      
   </Directory>
#建立验证文件和第一个验证用户
#htpasswd-C/etc/userfile user  
#vi/var/www/html/test/usergroup
 & nbsp;  usergroup:user user1 user2 #相关用户使用htpasswd创建
#vi/var/www/html/test/.htaccess
   AuthName "blog.zhangjianfeng.com user_auth test"
   authtype Basic
   authuserfile/etc/ UserFile
    #以下两行只有在以组的形式管理, only need
     #AuthGroupFile/var/www/html/test/ UserGroup
     #require Group usergroup
   require user user

+ + manual Get data (for testing, etc.)
Telnet blog.zhangjianfeng.com 80
Escape character is ' ^] '.
get/index.php http/1.1
accept:text/plain,text/html,*/*;q=0.3
Accept-encoding:deflate
host:http://www.test.com:8004/
If-none-match: "418112890:855172144000″
user-agent:w3crobot/5.1 libwww/5.1
Connection:keep-alive

+ + take HTTP head
Curl–head http://blog.zhangjianfeng.com/

+ + Configure Mod_deflat compression output for Apache
LoadModule Deflate_module modules/mod_deflate.so
LoadModule Headers_module modules/mod_headers.so
<ifmodule mod_deflate.c>
Deflatecompressionlevel 9
Setoutputfilter DEFLATE
#DeflateFilterNote Input instream
#DeflateFilterNote Output OutStream
#DeflateFilterNote Ratio Ratio
Logformat ' "%r"%{outstream}n/%{instream}n (%{ratio}n%%) ' deflate
Customlog Logs/deflate_log.log Deflate
</ifmodule>
#need more? Http://httpd.apache.org/docs/2.0/mod/mod_deflate.html

++mod_proxy application, transfer www.zhangjianfeng.com/news request to another host
LoadModule Proxy_module modules/mod_proxy.so
Proxypass/news http://news.zhangjianfeng.com/#news. zhangjianfeng.com for another host