Apache Learning Notes

Apache Study Notes (experience)

Http://blog.csdn.net/btbtd/article/details/288027#2

Classification
# 01. General Settings
# 02. Virtual Host
# 03.<directory> + Alias
# 04..htaccess
# 05.Log
# 06.URL Rewrite
# 07. Other

####### #01. General Settings

# Listen
# Listening port, example: Listen 80

# ServerRoot
# Apache directory , example: serverroot "c:/program files/apache group/apache2" (WINDOWS)

# ServerAdmin
# Error Reporting mailbox, example: ServerAdmin [email protected]

# DocumentRoot
# site Root directory, example: documentroot "i:/gi-2288"

# DirectoryIndex
# Configure directory index files ,
# example: DirectoryIndex index.php index.php3 index.html index.htm

# ServerName
# server DOMAIN/IP address, example: ServerName gi.2288.org

# DefaultLanguage
# set a specific default language for all directives scoped files
# syntax: DefaultLanguage mime-lang, example: defaultlanguage ZH-CN

# Adddefaultcharset
# The default character set that is added to the response without a specified character set, default value: adddefaultcharset Off
# example: Adddefaultcharset utf-8, syntax: syntax: adddefaultcharset on| off| Character Set

# AddHandler
# Establish a mapping between a file extension and a specific processor, e.g. AddHandler cgi-script. Cgi. Pl
# syntax: AddHandler handler-name Extension

# Accessfilename
# define configuration file, example: Accessfilename. htaccess
# when the document is returned to the client, if the Publish Profile feature for this directory is Set.
# The server will look for the first existing configuration file from the list of names in each path of this Document.

# Timeout
# timeout time, example: Timeout 300

# Typesconfig
# Specify the location of the mime.types file, default: typesconfig conf/mime.types

# DefaultType
# DefaultType MIME type,
# Sometimes this happens: the server is asked to provide a document, and the type of the document cannot be determined by its MIME type mapping.
# The server must notify the client of its Document's content Type.
# So when an unknown type appears, defaulttype will be Used.
# example: DefaultType Image/gif

# hostnamelookups
# Enable DNS lookups on client ips, syntax: hostnamelookups on|off|double

# errorlog
# Locate the server where the error log is located, for example: errorlog "g:/apache/dummy-gi.2288.org.80-error_log"

# LogLevel
# Control error Log level, default Value: LogLevel warn
# Emerg Emergency-system not Available.
# alert must take immediate action.
# Crit Fatal Condition.
# error Condition.
# Warn Warning Case.
# Notice General Important Situation.
# Info General Information.
# Debug Error level Information

# Customlog
# Set the log file name and format, default: customlog Logs/access.log Common

# Servertokens
# Configure Server HTTP response header, default: servertokens full

# Servertokens prod[uctonly], the server will send (for example): server:apache

# Servertokens Major, the server will send (for example): SERVER:APACHE/2

# Servertokens Minor, the server will send (for example): server:apache/2.0

# Servertokens min[imal], the server will send (for example): server:apache/2.0.41

# servertokens OS, server will send (for example): server:apache/2.0.41 (Unix)

# Servertokens full (or not specified),

# The server will send (for example): server:apache/2.0.41 (Unix) php/4.2.2 mymod/1.2

# maxspareservers
# Set the maximum number of idle processes in Apache
# syntax: Maxspareservers Number
# default: Maxspareservers 100
# example: Maxspareservers 1000

# maxkeepaliverequests
# Set the maximum number of requests per connection
# syntax: maxkeepaliverequests Number
# Default Value: maxkeepaliverequests 100

# serversignature
# Configure server to generate page footer, default value: serversignature Off
# syntax: Serversignature on| Off| EMail

Application
# Listen 80
# ServerRoot "c:/program Files/apache group/apache2"
# ServerAdmin [email protected]
# DocumentRoot "i:/gi-2288"
# directoryindex index.php index.php3 index.html index.htm
# ServerName Gi.2288.org
# DefaultLanguage ZH-CN
# Adddefaultcharset Utf-8
# Adddefaultcharset OFF
# AddHandler Cgi-script. Cgi. Pl
# Accessfilename. Htaccess
# Timeout 300
# Typesconfig Conf/mime.types
# errorlog "g:/apache/dummy-gi.2288.org.80-error_log"
# LogLevel warn
# Customlog Logs/access.log Common
# Servertokens prod[uctonly]
# serversignature OFF

####### #02. <virtualhost *:80> Virtual host

# Listen 80
# Set the Listening port

# Namevirtualhost 192.168.1.2:80
# Name/port Type Virtual Host

# <virtualhost *:88>
# </VirtualHost>
# Virtual Host Segment

# ServerAdmin [email protected]
# Contact the mailbox for the management meeting
# DocumentRoot "i:/gi-2288"
# site Root directory
# ServerName Gi.2288.org
# Domain Name
# errorlog "g:/apache/dummy-gi.2288.org.80-error_log"
# error Log # log records are good things, Note view logging
#------------above is a virtual host content

# Full Application:
# Listen 80
# Namevirtualhost 192.168.1.2:80
# <virtualhost *:88>
# ServerAdmin [email protected]
# DocumentRoot "i:/gi-2288"
# ServerName Gi.2288.org
# </VirtualHost>

####### #03. <Directory> + Alias

# syntax: <directory directory path > ... </Directory>
# encapsulates a set of instructions that only work on a file system directory with a name and its subdirectories.

# Directory browsing is not allowed, for example:
# alias/document "j:/document/"
# <directory "j:/document/" >
# Options FollowSymLinks
# allowoverride None
# Order Allow,deny
# Allow from all
# </Directory>

# Allow directory browsing, for Example:
# alias/document "j:/document/"
# <directory "j:/document/" >
# Options Indexes
# allowoverride None
# Order Allow,deny
# Allow from all
# </Directory>

# Allow & Deny

# allow and deny directives can permit or deny access from a specific host name or host address,
# at the same time, the ordercommand tells Apache to process the order of the two instructions to change the Filter.

# Allow
# Allow access to all addresses, example: enable from all

# Allow only specific IP addresses to access the directory, for example: enable from 205.252.46.165

# Allow only specific domain addresses to access directories, for example: enable from www.google.com

# Allow only specific IP segment access, example: enable from 10.10.10.0/255.255.0.0

# Deny
# Deny all addresses access directory, example: deny from all

# Deny access to a specific domain directory, example: deny from www.google.com

# Deny access to specific IP directories, example: deny from 218.15.84.152

# Deny access to an IP segment directory, example: deny from 10.10.10.0/255.255.0.0

# Allow & Deny mixed use

# Deny access to all addresses, but accept Google's visit, for example:
# <directory "j:/document/" >
# Options FollowSymLinks
# Order Deny, Allow
# Deny from all
# Allow from www.google.com
# </Directory>

# Accept access to all addresses, but deny Google access, for Example:
# <directory "j:/document/" >
# Options FollowSymLinks
# Order Deny, Allow
# Deny from www.google.com
# Allow from all
# </Directory>

# Options

# Syntax: Options [+|-] Optional [[+|-] optional] ...

# Configure which features are used in a particular directory,
The options Directive controls which server features will be used in a particular directory.
# The option can be set to none, in which case no extra features will be enabled.
# or set to one or more of the following options:

# all, except for multiviews all Features. This is the default Setting.

# execcgi, allows execution of CGI Scripts.

# followsymlinks, The server uses symbolic connections in this directory.
Note: even if the server uses symbolic connections, it does not change the pathname used to match the <Directory> configuration Segment.
Note: If this configuration is in the <Location> configuration segment, this setting is Ignored.

# includes, Allow Server-side Inclusion.

# includesnoexec, allow server-side containment, but disable #exec command and #exec CGI.
# but you can still use the # include virtual CGI script from the Scriptaliase directory.

# Indexes, If a URL mapped to a directory is requested,
# and There's no directoryindex in this directory (for example: index.html.zh-cn.gb2312),
# then the server returns a list of formatted Directories.

# multiviews, allows content to negotiate the Multi-attention Graph.

# symlinksifownermatch, The server uses a symbolic connection only if it has the same user ID as its destination directory or file Owner.
Note: If this configuration appears in the <Location> configuration segment, this option is Ignored.

# allowoverride

# syntax: AllowOverride all| none| instruction type [instruction type] ...
# description: allow instruction types that exist in The. htaccess file

# when the server discovers A. htaccess file (specified by accessfilename),
# It needs to know which directives are declared in this file to overwrite the access information specified earlier.

# allowoverride is only valid in the <Directory> Section. is not valid in the <Location> or <Files> Section.

# If this directive is set to none, then The. htaccess file will be completely ignored.
# in this case, the server will not even try to read The. htaccess file from the file System.
# All directives with The. htaccess context are allowed to appear in The. htaccess file when this directive is set to All.

####### #4. . htaccess

# hint: allowing the use Of. htaccess files will result in degraded server performance.
In addition, every time you request a page, you need to read The. htaccess file.

# Open. htaccess Support this must be set allowoverride all, for Example:

# alias/v "j:/pwd/"
# <directory "j:/pwd/" >
# Options Indexes
# allowoverride All
# Order Allow,deny
# Allow from all
# </Directory>

# If you have sensitive information on a Web site or simply want to be accessible to a small group,
# Here are a few ways to make sure that users can only access resources that are allowed to be accessed.

# typically in a <Directory> section or a profile (. htaccess files) for a single directory.
# If you want to use A. htaccess file, you must set up the server to allow the use of authentication instructions in these Files.
# that is, use the allowoverride directive to specify which directives are valid in a configuration file for a single directory.

# to protect a directory on a server with a password, you first need to create a password file.
# This file can be placed in a location that cannot be accessed by the network to avoid being downloaded,

# for Example: space outside of G:/apache cannot be accessed by the network,
# then consider placing the password file in the g:/apached directory.

# Apache provides a tool called htpasswd in the bin subdirectory of its installation directory.

# to create a password file, you can use This:
# (switch to Apache installation directory first, example: C:/Program files/apache Group/apache2/bin)

# on the command line input: htpasswd-c g:/apache/passwords E

# (this creates a user E, set the user and password exactly as you want)
# then you will be asked to enter the password and then enter it again to verify the Password.

# so There's more than one passwords file in G:/apache/(no suffix Name)

# The words under Windows will encrypt the password with MD5.

# then create A. htaccess file in the directory where you want to set permissions,

# The contents of the. htaccess file are:
# authtype Basic
# AuthName "Restricted Files"
# AuthUserFile G:/apache/passwords
# Require User E

# demo Page: http://gi.2288.org:88/v
# user: E-password: testhtpasswd

Note: the directory must allow allowoverride all so that the. htaccess file can take Effect.

####### #5. Log

# Apache log files can provide very much information, it is necessary to understand these logs

# c:/program Files/apache group/apache2/logs (log file storage in Windows)
# access.log (access Log to see what the client is Accessing) & Error.log (error Log)

# Custom Log format

# Mod_log_config
# status: Base
# Description: log requests for server-initiated
# default: Customlog Logs/access.log Common

# recommended Settings:
# customlog Logs/access_log "%h%l%u%t"%r "%s%b"%{referer}i ""%{user-agent}i ""

# Logformat
# default Value: Logformat "%h%l%u%t/"%r/"%>s%b"
# syntax: Logformat format|nickname [nickname]
# description: define the record format in the log file
# example: Logformat "%v%h%l%u%t/"%r/"%>s%b" Vhost_common

# Customlog
# status: Base
# syntax: Customlog file|pipe format|nickname [env=[!] environment-variable]
# description: Set the log file name and format
# example: Customlog Logs/access_log "%h%l%u%t/"%r/"%>s%b"

# errorlog
# syntax: errorlog file path |syslog[:facility]
# default value: errorlog logs/error_log (Unix) errorlog logs/error.log (Windows and Os/2)
# description: Locate the server where the error log is stored
# example: Errorlog "g:/apache/dummy-gi.2288.org.88-error_log"

# Cookielog
# syntax: Cookielog filename
# description: Set the log file name for cookies
# module: Mod_log_config

# Rewritelog
# syntax: Rewritelog File-path
# description: Set the file name of the rewrite engine log
# module: Mod_rewrite
# example: Rewritelog "/usr/local/var/apache/logs/rewrite.log" (unix/linux)
# Rewritelog "g:/apache/rewrite.log" (Windows)

# Some of the common format strings are as Follows:

# can be used in log format (CLF): "%h%l%u%t/"%r/"%>s%b"

# Common log format with virtual Host: "%v%h%l%u%t/"%r/"%>s%b"

# NCSA extended/combined Log format: "%h%l%u%t/"%r/"%>s%b/"%{referer}i/"/"%{user-agent}i/""

# Referer Log format: "%{referer}i,%u"

# Agent (Browser) Log format: "%{user-agent}i"

####### #6. URL Rewrite

Note: depending on your server configuration, it may be necessary to make slight changes to the example,
# for example, to add the [PT] flag when new Mod_alias and Mod_userdir are enabled,
# or Rewrite. htaccess instead of a rule set in a single server.
# A particular set of rules should be understood first and then used to avoid problems.

# rewrite syntax
# Rewriteengine on
# Rewriterule ^/$/www/[R]

# General Override Method

# rewrite Page: http://gi.2288.org:88/modules/news/index.php
# rewriterule/modules/news/index.htm$/modules/news/index.php
# Complete Page: http://gi.2288.org:88/modules/news/index.htm

# rewrite Page: http://gi.2288.org:88/modules/news/index.php?storytopic=2
# rewriterule/modules/news/topic_ (. *)/.htm$/modules/news/index.php?storytopic=$1
# Complete Page: http://gi.2288.org:88/modules/news/topic_2.htm

# rewrite Page: http://gi.2288.org:88/index.php?storytopic=2start=10
# rewriterule/topic (. *)-(. *)/.htm$/index.php?storytopic=$1&start=$2
# Complete Page: http://gi.2288.org:88/topic2-2.htm

# Note: Each additional rewrite ID must be incremented by
# For example Page: http://gi.2288.org:88/ct=2x=10y=20
# This can be overridden:
# rewriterule/ct (. *)-(. *)-(. *)/.htm$/ct=$1x=$2y=$3
# effect: Http://gi.2288.org:88/ct2-10-20.htm

# Move the host directory to a different Web server

Description
# often, Many network administrators will have this requirement when building a new web Server:
# REDIRECT all host directories on one site server to another site server

Solution
# very simple, with Mod_rewrite. Redirect all URLs on the old site server
#/~user/anypath to Http://newserver/~user/anypath.

# Rewriteengine on
# rewriterule ^/~ (. +) http://newserver/~$1 [r,l]

# dependent on browser content

Description
# At least for important top-level pages, it is sometimes necessary to provide the best content that depends on the browser,
# to provide a maximized version of the latest netscape, with a minimized version of lynx,
# While other browsers provide a general version of the Feature.

Solution
# in this context, content negotiation is powerless because the browser does not provide the type of its form,
# so you can only find a way to "user-agent" the HTTP header.
# The following rule set can do this:
# if the HTTP header "user-agent" starts with "mozilla/3",
# The page foo.html is rewritten as Foo. ns.html, and then the rewrite operation terminates;
# if it is "Lynx" or "Mozilla" with a version number of 1 and 2, rewrite it as foo.20.html;
# and all the other browsers receive the page is Foo.32.html:

# rewritecond%{http_user_agent} ^mozilla/3.*
# Rewriterule ^foo/.html$ foo. NS [L]

# rewritecond%{http_user_agent} ^lynx/.* [OR]
# rewritecond%{http_user_agent} ^mozilla/[12].*
# rewriterule ^foo/$ foo.20 [L]

# rewriterule ^foo/$ foo.32 [L]

# Stop Robots

Description
# How do I stop a completely anonymous robot to get a page for a specific network region?
# A/robots.txt file can contain several lines of "Robot exclusion Protocol (Robot exclusion protocol)",
# but not enough to prevent such robot.

Solution
# You can use a ruleset to deny/~quux/foo/arc/to a network region
# (for A very deep directory area, a list may cause a large load on the Server) access.
# You must also ensure that only specific robot are blocked, that is, it is not enough to prevent robot from accessing the host
# This will also prevent users from accessing the Host. To do this, you need to match the user-agent information of the HTTP Header.

# rewritecond%{http_user_agent} ^nameofbadrobot.*
# rewritecond%{remote_addr} ^123/.45/.67/. [8-9]$
# Rewriterule ^/~quux/foo/arc/.+-[F]

# Prevent hotlinking Pictures

Description
# suppose, Http://gi.2288.org:88/myalbum/has some pages with inline images,
# These pictures are good, so someone uses hyperlinks to their own pages.
# as this in vain increases the flow of our servers, we do not want this to Happen.

Solution
# although, We can't protect these images 100% from being written to someone else's page,
# But at least you can limit the browsers that emit HTTP Referer headers.

# rewritecond%{http_referer}!^$
# rewritecond%{http_referer}!^http://gi.2288.org:88/myalbum/.*$ [NC]
# Rewriterule. */.gif$-[F]

# rewritecond%{http_referer}!^$
# rewritecond%{http_referer}!. */foo-with-gif/.html$
# Rewriterule ^inlined-in-foo/.gif$-[F]

####### #7. Other

# Prohibit hotlinking
# setenvifnocase Referer "^http://gi.2288.org:88/" local_ref=1
# <filesmatch ". (gif|jpg|png|jpeg|zip|rar|exe|swf|txt) ">
# Order Allow,deny
# Allow from Env=local_ref
# </FilesMatch>

# Load PHP 5
# LoadModule Php5_module C:/php/php5apache2.dll
# #AddModule MOD_PHP4.C
# AddType Application/x-httpd-php. php
# scriptalias/php/"c:/php/"
# AddType Application/x-httpd-php. php
# Action application/x-httpd-php "/php/php-cgi.exe"

# run Apache for Windows as a service

# You can install Apache as a Windows NT service like This: apache-i-n "service name"

# To install a service that uses a specific configuration, specify the configuration file at installation time:
# apache-i-n "service name"-f "/my server/conf/my.conf"

# to remove an Apache service, use: apache-u-n "service name"

Note: If you do not specify a service name, "Apache" will be used by Default.

# Once the service is installed, you can access the configuration file for the service with THE-N option and other Options.
# example: Testing a Service's profile: apache-n "service name"-t

# Start a console that uses a service profile Apache:apache-n "service name"

# Apache to control service mode

# start, restart, and Shutdown/stop Apache Services:
# apache-n "service name"-k Start
# apache-n "service name"-k Restart
# apache-n "service name"-k shutdown
# apache-n "service name"-k Stop

# or Use NT Native command net to start and stop the Apache service, like This:
# NET START "service name"
# NET STOP "service name"

Apache Learning Notes