Apache Configuration file Management

Source: Internet
Author: User
Tags ftp site

1. Apache Configuration system

As a whole, Apache's configuration system consists of three parts:

(1) configuration files: such as httpd.conf. htaccess

(2) Configuration directive: Any line in the configuration file httpd.conf. htaccess is a configuration directive

(3) The configuration information is saved and read: Configuration information is configured to be stored in Apache in accordance with a certain data structure, in the operation of Apache, any need to configure information to read and execute.

2. Apache configuration file

(1) httpd.conf: Is the master configuration file of Apache, usually located in the Conf directory under the $ServerRoot directory; httpd.conf files are only re -read after the httpd is restarted. So modifying httpd.conf must restart Apache to be effective.

(2). htaccess:http.conf files are typically used for Apache control of global configuration information, HTTPD.CONF provides control over one or more directories, but when the directory is increased to many, The httpd.conf will swell up and will be unbearable; therefore, you can use the. htaccess file to command control of the specified directory. The. htaccess file is located in the directory you want to control, and it is possible to set authorization, directory Index (?) for this directory and all subdirectories.  Filter and other control commands. Note: You can use Accessfilename to rename. htaccess, Accessfilename. direaccess, but generally do not modify.

(3) access.conf srm.conf: These two files exist in the previous version of apache1.3, and have been deleted after apache2.0.

Note: httpd.conf access.conf srm.conf is a configuration command that reads and executes when Apache starts or restarts, but the. htaccess reads the configuration commands inside the Apache when it is required to run.

3. Apache Configuration Directives related concepts

(1) Instruction overview

Apache configuration directives can be divided into two categories: simple instructions and configuration segment directives

A simple instruction is a single line is an instruction: Serverlimit 200 indicates that the maximum number of Apache boot processes is 200

Configuration segment Directive:<...> ......</...>

[HTML]View Plaincopy
    1. <Directory "/usr/local/test">
    2. Options Indexs
    3. ......
    4. ......
    5. </Directory>

This is a configuration section command, where the configuration commands are only valid for/usr/local/test.

(2) Instruction parameters

    • url:http://www.example.com/path/to/file.html http--> protocol www.example.com is hostname, path/to/file.html request File Network path
    • Url-path:url part of the host name in the/path/to/file.html Note: This is the path that represents the request resource in the network space, and the physical path to the corresponding resource of the Web server.
    • File-path: Refers to the file in the Web server file system decision path/usr/local/apach/htdocs/path/to/file.html, if not with/start, then serverroot as the root directory
    • Directory-path: The decision path of wood in the file system
    • FileName: filename file.html
    • Extension: Refers to the last one in filename. Later sections such as: File.html.en, html en are extension (suffix)
    • Mime-type: Description file type such as: text/html img/jpeg, etc.

(3) Instruction context:

Each configuration directive in a configuration file has a different scope and can be divided into master configuration, virtual host configuration, local configuration, and conditional configuration depending on the scope of the action.

    • Main configuration: Non-configuration segment directive in httpd.conf (access.conf srm.conf)
    • Virtual host directive:<virtualhost> ......</virtualhost> the configuration instruction set inside the virtual host directive
    • Local directives: Local directives can be divided into two categories, one is the configuration section directive, one is through the. htaccess configuration instructions, which are valid for a directory
    • Conditional directive: It will take effect under certain conditions, such as:<ifdefine> ....</ifdefine>, etc.

Note: The common configuration Segment directive is to set instructions for the specified file system and network space; The file system is the physical path that the Web server natively exists/usr/local/test, and the network space is the last part of the client Request page http:// Www.taobao.com/huodong/youhuai/test.html in/huodong/youhuai/test.html is just a path that may be converted to the secondary path in HTTP request processing or the rewrite operation goes to URL, so it does not necessarily map to the file system corresponding to the document.

(4) File System container

<Directory> <Files> corresponds to a specific file directory on a Web server

[HTML]View Plaincopy
    1. <directory/var/web/dir>
    2. Options +indexes
    3. </Directory>


Directory/var/web/dir and its subdirectories allow directory indexing.

[HTML]View Plaincopy
    1. <directory /var/ Web/dir>  
    2.     <files private.html>  
    3.           order allow,deny  
    4.           Allow from IP1~IP2  
    5.           deny from all   
    6.     </files >  
    7. </ Directory>  

Set access permissions for the private.html file in directory/var/web/dir and subdirectories.

(5) network Space Wing device

<Location> set up a specific network space

[HTML]View Plaincopy
    1. <location/private>
    2. Order Allow,deny
    3. </location>

Set access permissions for URLs that start with private in a network space

For example: Http://www.example.com/private http://www.example.com/private1123 http://www.example.com/private/test/ File.html These network spaces to set access rights

Note: Use the file system container when setting up the file system that exists, if you set the file directory that does not exist, use the Network space container (must have the Dynamic Web page generated by the database)

The above directives all have corresponding applicable scopes (specific directories), the statements (directives) that use the scope of these settings directives are called contexts (the configuration segment is one of the contexts)

Context, we said there are 5 kinds: Directory Files Limit (Allow, deny) location VirtualHost. htaccess, between which they can be nested:

VirtualHost inside can put driectory files location limit;D irectory inside can have files limit files can put limit. htaccess can put files Limit Locaton can't put anything in it.

(5) Command location: Some instructions can only appear in the corresponding context, we will control the location of the command can be called Command location control, if the discovery instructions appear in the position should not appear, Apache would error.

configuration options for normal files:

    • ACCESS_CONF: Allows the command to appear within the Directiory location range of the top-level commands, typically used to set the specific text of the instruction control
    • Rsrc_conf: Allow directives to appear in the top command area outside of the Directiory location range

Apache executes the instruction process : Apache will read the corresponding configuration file, all the configuration instructions read to a configuration tree, Apache will traverse and process all the instructions, and then step-by-step execution instructions.

4. Directory-Level location options

(1). htaccess File Command control: For any file system/var/web/dir can use a. htaccess file to complete the settings for this file directory and its subdirectories, and this setting can be hot-started, that is: with the modification without restarting httpd The service will work, and the HTTPD service is updated in real time. htaccess file and execute new instructions; but the. htaccess directive corresponds to a disguised modification httpd.conf <Directory/var/web/dir> in the master configuration file File settings, so you must set the instructions in the. htaccess file that can be modified to control its permissions, so that the. htaccess of a particular directory (for example:/var/web/dir) must be set in the httpd.conf file, specifically set in Settings in httpd.conf:

[HTML]View Plaincopy
    1. <directory/var/web/dir>
    2. AllowOverride None/all/indexs Authconfig
    3. Options all/indexes FollowSymLinks
    4. </Directory>

The above allowoverride (Allow fix override permission setting), is the/var/web/dir inside of the. htaccess file can be set with instructions, allowoverride options (parameters) are as follows:

    • None: You cannot use any instruction in the. htaccess file to repair the configuration file in the httpd.conf, which means that the. htaccess file cannot implement the settings modification of the current directory (. htaccess fully invalidated)
    • All instructions in the all:.htaccess file can be repaired with the httpd.conf file, enabling the setting of the current directory
    • Authconfig: Allows the use of instructions related to authentication authorization in. htaccess files to enable replication of specific Web users and passwords
    • Indexes: Allows the use of commands that control the index of the directory in the. htaccess file
    • Limit: Allows control of host access in. htaccess files (allow deny order, etc.)

(2) Options are specified in the specific directory/var/web/dir will use the relevant characteristics of the server, that is, this directory/var/web/dir internal operations, that is, the permission settings for this directory

The options are as follows:

    • All: Out-of-focus graphs (all features other than multiviews)
    • EXECCGI: Allow CGI scripts to be executed using mod_cgi
    • FollowSymLinks: Allow symbolic links to be used
    • Includes: Allows use of the SSI (Server-side include) feature provided by Mod_include to send some instructions to the server
    • IncludesNOEXEC (???)
    • Indexes: If CLIETN request a home page, but in the specified directory/var/web/dir does not have this home page, will be on the client line a file list, similar to: FTP site file list

Note: Options and +-----the meaning is to add and delete features of the current directory

[HTML]View Plaincopy
    1. <directory/var/web/dir>
    2. Options +indexes-followsymlinks
    3. </Directory>

This is the new Indexes feature for/var/web/dir, which removes the FollowSymLinks feature.


For example: password access to the specified Web page with the. htaccess implementation

A) The directory where the page is set in httpd.conf can use the. htaccess to set permissions Authconfig

[HTML]View Plaincopy
    1. <directory/var/www/html/protect>
    2. AllowOverride authconfig
    3. Options Indexes
    4. </Directory>


b) Create a new. htaccess file in the/var/www/html/protect directory and set the Web Access permissions

Cd/var/www/html/protect

VI. htaccess

[HTML]View Plaincopy
    1. <Directory>
[HTML]View Plaincopy
    1. AuthName "Protect webpage by. htaccess
    2. AuthType Basic
    3. authuserfile/var/www/apache.passwd
    4. Require user shuming
    5. </Directory>

AuthName: In the Enter account and Password dialog box, this prompt character is online: Protect webpage by. htaccess

AuthType: Type of authentication, basic refers to the default type of Apache

AuthUserFile: The settings file that protects the account password used by the directory is verified by the account number and password in this file when we enter the account number and password.

Require: Specify the account that can access the page shuming test test1 .....

c) Set up the required password file in the. htaccess and configure the account and password to access this page:

To do this directly with instructions:

Htpasswd-c/var/www/html/apache.passwd shuming

New password:111111

Re-type New password:111111

Then view the file:

CAT/VAR/WWW/HTML/APACHE.PASSWD------> SHUMING:FIQUW/....IS4, password is automatically encrypted when password is set

This example can be used to repeat the understanding, httpd.conf. htaccess direct relationship, and the application of both.


Apache Configuration file Management

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.