Apache Study notes (Experience)

Http://blog.csdn.net/btbtd/article/details/288027#2

Classification
# 01. General Settings
# 02. Virtual Host
# 03.<directory> + Alias
# 04..htaccess
# 05.Log
# 06.URL Rewrite
# 07. Other

####### #01. General Settings

# Listen
# Listening Port, example: Listen 80

# ServerRoot
# Apache Directory, example: ServerRoot "C:/Program files/apache group/apache2" (WINDOWS)

# ServerAdmin
# Error Reporting Mailbox, example: ServerAdmin [email protected]

# DocumentRoot
# site root directory, example: DocumentRoot "i:/gi-2288"

# DirectoryIndex
# Configure Directory index files,
# example: DirectoryIndex index.php index.php3 index.html index.htm

# ServerName
# Server domain/IP address, example: ServerName gi.2288.org

# DefaultLanguage
# set a specific default language for all directives scoped files
# syntax: DefaultLanguage Mime-lang, example: DefaultLanguage ZH-CN

# Adddefaultcharset
# The default character set that is added to the response without a specified character set, default value: Adddefaultcharset Off
# example: Adddefaultcharset utf-8, Syntax: syntax: Adddefaultcharset on| off| Character Set

# AddHandler
# Establish a mapping between a file extension and a specific processor, e.g. AddHandler cgi-script. cgi. pl
# syntax: AddHandler handler-name Extension

# Accessfilename
# define configuration file, example: Accessfilename. htaccess
# when the document is returned to the client, if the Publish Profile feature for this directory is set.
# The server will look for the first existing configuration file from the list of names in each path of this document.

# Timeout
# timeout Time, example: Timeout 300

# Typesconfig
# Specify the location of the Mime.types file, default: Typesconfig conf/mime.types

# DefaultType
# DefaultType MIME type,
# Sometimes this happens: the server is asked to provide a document, and the type of the document cannot be determined by its MIME type mapping.
# The server must notify the client of its document's content type.
# So when an unknown type appears, DefaultType will be used.
# example: DefaultType image/gif

# hostnamelookups
# Enable DNS lookups on client IPs, syntax: Hostnamelookups on|off|double

# errorlog
# Locate the server where the error log is located, for example: Errorlog "G:/apache/dummy-gi.2288.org.80-error_log"

# LogLevel
# Control error log level, default value: LogLevel warn
# Emerg Emergency-System not available.
# Alert must take immediate action.
# Crit Fatal condition.
# error condition.
# warn warning case.
# Notice general important situation.
# Info General information.
# Debug Error level Information

# Customlog
# Set the log file name and format, default: Customlog logs/access.log Common

# Servertokens
# Configure server HTTP response header, default: Servertokens full

# Servertokens Prod[uctonly], the server will send (for example): Server:apache

# Servertokens Major, the server will send (for example): SERVER:APACHE/2

# Servertokens Minor, the server will send (for example): server:apache/2.0

# Servertokens Min[imal], the server will send (for example): server:apache/2.0.41

# Servertokens OS, Server will send (for example): server:apache/2.0.41 (Unix)

# Servertokens Full (or not specified),

# The server will send (for example): server:apache/2.0.41 (Unix) php/4.2.2 mymod/1.2

# maxspareservers
# Set the maximum number of idle processes in Apache
# Syntax: maxspareservers number
# Default: Maxspareservers 100
# Example: Maxspareservers 1000

# maxkeepaliverequests
# Set the maximum number of requests per connection
# Syntax: maxkeepaliverequests number
# Default value: Maxkeepaliverequests 100

# serversignature
# Configure server to generate page footer, default value: Serversignature Off
# syntax: Serversignature on| Off| EMail

Application
# Listen 80
# serverroot "C:/Program files/apache group/apache2"
# ServerAdmin [email protected]
# documentroot "i:/gi-2288"
# directoryindex index.php index.php3 index.html index.htm
# ServerName Gi.2288.org
# DefaultLanguage ZH-CN
# Adddefaultcharset Utf-8
# Adddefaultcharset OFF
# AddHandler Cgi-script. cgi. pl
# Accessfilename. htaccess
# Timeout 300
# Typesconfig Conf/mime.types
# errorlog "G:/apache/dummy-gi.2288.org.80-error_log"
# LogLevel warn
# Customlog Logs/access.log Common
# Servertokens Prod[uctonly]
# serversignature OFF

####### #02. <virtualhost *:80> Virtual Host

# Listen 80
# Set the Listening port

# Namevirtualhost 192.168.1.2:80
# NAME/port type virtual host

# <virtualhost *:88>
# </VirtualHost>
# Virtual Host Segment

# ServerAdmin [email protected]
# Contact the mailbox for the management meeting
# documentroot "i:/gi-2288"
# site Root directory
# ServerName Gi.2288.org
# Domain Name
# errorlog "G:/apache/dummy-gi.2288.org.80-error_log"
# error Log # log records are good things, note view logging
#------------above is a virtual host content

# Full application:
# Listen 80
# Namevirtualhost 192.168.1.2:80
# <virtualhost *:88>
# ServerAdmin [email protected]
# documentroot "i:/gi-2288"
# ServerName Gi.2288.org
# </VirtualHost>

####### #03. <Directory> + Alias

# syntax: <directory directory path > ... </Directory>
# encapsulates a set of instructions that only work on a file system directory with a name and its subdirectories.

# Directory browsing is not allowed, for example:
# alias/document "j:/document/"
# <directory "j:/document/" >
# Options FollowSymLinks
# allowoverride None
# Order Allow,deny
# Allow from all
# </Directory>

# Allow directory browsing, for example:
# alias/document "j:/document/"
# <directory "j:/document/" >
# Options Indexes
# allowoverride None
# Order Allow,deny
# Allow from all
# </Directory>

# Allow & Deny

# Allow and deny directives can permit or deny access from a specific host name or host address,
# at the same time, the Order command tells Apache to process the order of the two instructions to change the filter.

# Allow
# Allow access to all addresses, example: Enable from all

# Allow only specific IP addresses to access the directory, for example: Enable from 205.252.46.165

# Allow only specific domain addresses to access directories, for example: Enable from www.google.com

# Allow only specific IP segment access, example: Enable from 10.10.10.0/255.255.0.0

# Deny
# Deny all addresses access directory, example: Deny from all

# Deny access to a specific domain directory, example: Deny from www.google.com

# Deny access to specific IP directories, example: Deny from 218.15.84.152

# Deny access to an IP segment directory, example: Deny from 10.10.10.0/255.255.0.0

# Allow & Deny mixed use

# Deny access to all addresses, but accept Google's visit, for example:
# <directory "j:/document/" >
# Options FollowSymLinks
# Order Deny, allow
# Deny from all
# Allow from www.google.com
# </Directory>

# Accept access to all addresses, but deny Google access, for example:
# <directory "j:/document/" >
# Options FollowSymLinks
# Order Deny, allow
# Deny from www.google.com
# Allow from all
# </Directory>

# Options

# syntax: options [+|-] optional [[+|-] optional] ...

# Configure which features are used in a particular directory,
The options Directive controls which server features will be used in a particular directory.
# The option can be set to none, in which case no extra features will be enabled.
# or set to one or more of the following options:

# all, except for multiviews all features. This is the default setting.

# execcgi, allows execution of CGI scripts.

# followsymlinks, the server uses symbolic connections in this directory.
Note: Even if the server uses symbolic connections, it does not change the pathname used to match the <Directory> configuration segment.
Note: If this configuration is in the <Location> configuration segment, this setting is ignored.

# includes, allow server-side inclusion.

# includesnoexec, allow server-side containment, but disable #exec command and #exec CGI.
# but you can still use the # include virtual CGI script from the Scriptaliase directory.

# Indexes, if a URL mapped to a directory is requested,
# and there's no directoryindex in this directory (for example: index.html.zh-cn.gb2312),
# then the server returns a list of formatted directories.

# MultiViews, allows content to negotiate the multi-attention graph.

# SymLinksIfOwnerMatch, the server uses a symbolic connection only if it has the same user ID as its destination directory or file owner.
Note: If this configuration appears in the <Location> configuration segment, this option is ignored.

# allowoverride

# syntax: allowoverride all| none| instruction Type [instruction type] ...
# Description: Allow instruction types that exist in the. htaccess file

# when the server discovers a. htaccess file (specified by Accessfilename),
# It needs to know which directives are declared in this file to overwrite the access information specified earlier.

# allowoverride is only valid in the <Directory> section. is not valid in the <Location> or <Files> section.

# If this directive is set to none, then the. htaccess file will be completely ignored.
# In this case, the server will not even try to read the. htaccess file from the file system.
# all directives with the. htaccess context are allowed to appear in the. htaccess file when this directive is set to all.

####### #4. . htaccess

# Hint: allowing the use of. htaccess files will result in degraded server performance.
In addition, every time you request a page, you need to read the. htaccess file.

# Open. htaccess support this must be set allowoverride all, for example:

# alias/v "J:/pwd/"
# <directory "j:/pwd/" >
# Options Indexes
# allowoverride All
# Order Allow,deny
# Allow from all
# </Directory>

# If you have sensitive information on a Web site or simply want to be accessible to a small group,
# Here are a few ways to make sure that users can only access resources that are allowed to be accessed.

# typically in a <Directory> section or a profile (. htaccess files) for a single directory.
# If you want to use a. htaccess file, you must set up the server to allow the use of authentication instructions in these files.
# that is, use the allowoverride directive to specify which directives are valid in a configuration file for a single directory.

# to protect a directory on a server with a password, you first need to create a password file.
# This file can be placed in a location that cannot be accessed by the network to avoid being downloaded,

# For example: space outside of G:/apache cannot be accessed by the network,
# then consider placing the password file in the g:/apached directory.

# Apache provides a tool called htpasswd in the bin subdirectory of its installation directory.

# to create a password file, you can use this:
# (Switch to Apache installation directory First, example: C:/Program files/apache group/apache2/bin)

# on the command line input: Htpasswd-c g:/apache/passwords E

# (This creates a user E, set the user and password exactly as you want)
# then you will be asked to enter the password and then enter it again to verify the password.

# so there's more than one passwords file in g:/apache/(no suffix name)

# The words under Windows will encrypt the password with MD5.

# then create a. htaccess file in the directory where you want to set permissions,

# The contents of the. htaccess file are:
# authtype Basic
# authname "Restricted Files"
# AuthUserFile G:/apache/passwords
# Require User E

# Demo Page: http://gi.2288.org:88/v
# User: E-Password: testhtpasswd

Note: The directory must allow allowoverride all so that the. htaccess file can take effect.

####### #5. Log

# Apache log files can provide very much information, it is necessary to understand these logs

# C:/Program Files/apache group/apache2/logs (log file storage in Windows)
# Access.log (access log to see what the client is accessing) & Error.log (Error log)

# Custom Log format

# Mod_log_config
# Status: Base
# Description: Log requests for Server-initiated
# Default: Customlog logs/access.log Common

# Recommended settings:
# customlog Logs/access_log "%h%l%u%t"%r "%s%b"%{referer}i ""%{user-agent}i ""

# Logformat
# Default value: Logformat "%h%l%u%t/"%r/"%>s%b"
# syntax: Logformat format|nickname [Nickname]
# Description: Define the record format in the log file
# example: Logformat "%v%h%l%u%t/"%r/"%>s%b" Vhost_common

# Customlog
# Status: Base
# syntax: Customlog file|pipe format|nickname [env=[!] Environment-variable]
# Description: Set the log file name and format
# example: Customlog logs/access_log "%h%l%u%t/"%r/"%>s%b"

# errorlog
# syntax: errorlog file path |syslog[:facility]
# Default value: Errorlog logs/error_log (Unix) errorlog Logs/error.log (Windows and OS/2)
# Description: Locate the server where the error log is stored
# example: Errorlog "G:/apache/dummy-gi.2288.org.88-error_log"

# Cookielog
# syntax: cookielog filename
# Description: Set the log file name for cookies
# module: mod_log_config

# Rewritelog
# syntax: Rewritelog file-path
# Description: Set the file name of the rewrite engine log
# module: mod_rewrite
# example: Rewritelog "/usr/local/var/apache/logs/rewrite.log" (Unix/linux)
# Rewritelog "G:/apache/rewrite.log" (Windows)

# Some of the common format strings are as follows:

# can be used in log format (CLF): "%h%l%u%t/"%r/"%>s%b"

# Common log format with virtual host: "%v%h%l%u%t/"%r/"%>s%b"

# NCSA Extended/Combined log format: "%h%l%u%t/"%r/"%>s%b/"%{referer}i/"/"%{user-agent}i/""

# Referer Log format: "%{referer}i,%u"

# Agent (Browser) log format: "%{user-agent}i"

####### #6. URL Rewrite

Note: Depending on your server configuration, it may be necessary to make slight changes to the example,
# For example, to add the [PT] flag when new Mod_alias and Mod_userdir are enabled,
# or rewrite. htaccess instead of a rule set in a single server.
# A particular set of rules should be understood first and then used to avoid problems.

# rewrite syntax
# Rewriteengine on
# rewriterule ^/$/www/[R]

# General Override Method

# rewrite page: http://gi.2288.org:88/modules/news/index.php
# rewriterule/modules/news/index.htm$/modules/news/index.php
# Complete page: http://gi.2288.org:88/modules/news/index.htm

# rewrite page: http://gi.2288.org:88/modules/news/index.php?storytopic=2
# rewriterule/modules/news/topic_ (. *)/.htm$/modules/news/index.php?storytopic=$1
# Complete page: http://gi.2288.org:88/modules/news/topic_2.htm

# rewrite page: http://gi.2288.org:88/index.php?storytopic=2start=10
# rewriterule/topic (. *)-(. *)/.htm$/index.php?storytopic=$1&start=$2
# Complete page: http://gi.2288.org:88/topic2-2.htm

# Note: Each additional rewrite ID must be incremented by
# For example page: http://gi.2288.org:88/ct=2x=10y=20
# This can be overridden:
# REWRITERULE/CT (. *)-(. *)-(. *)/.htm$/ct=$1x=$2y=$3
# Effect: http://gi.2288.org:88/ct2-10-20.htm

# Move the host directory to a different Web server

Description
# Often, many network administrators will have this requirement when building a new Web server:
# REDIRECT all host directories on one site server to another site server

Solution
# very simple, with mod_rewrite. Redirect all URLs on the old site server
#/~user/anypath to Http://newserver/~user/anypath.

# Rewriteengine on
# Rewriterule ^/~ (. +) http://newserver/~$1 [r,l]

# dependent on browser content

Description
# At least for important top-level pages, it is sometimes necessary to provide the best content that depends on the browser,
# to provide a maximized version of the latest Netscape, with a minimized version of Lynx,
# While other browsers provide a general version of the feature.

Solution
# In this context, content negotiation is powerless because the browser does not provide the type of its form,
# so you can only find a way to "user-agent" the HTTP header.
# The following rule set can do this:
# if the HTTP header "User-agent" starts with "MOZILLA/3",
# The page foo.html is rewritten as Foo. Ns.html, and then the rewrite operation terminates;
# if it is "Lynx" or "Mozilla" with a version number of 1 and 2, rewrite it as foo.20.html;
# and all the other browsers receive the page is foo.32.html:

# Rewritecond%{http_user_agent} ^mozilla/3.*
# Rewriterule ^foo/.html$ foo. NS [L]

# Rewritecond%{http_user_agent} ^lynx/.* [OR]
# Rewritecond%{http_user_agent} ^mozilla/[12].*
# rewriterule ^foo/$ foo.20 [L]

# rewriterule ^foo/$ foo.32 [L]

# Stop Robots

Description
# How do I stop a completely anonymous robot to get a page for a specific network region?
# A/robots.txt file can contain several lines of "Robot exclusion Protocol (Robot exclusion Protocol)",
# but not enough to prevent such robot.

Solution
# You can use a ruleset to deny/~quux/foo/arc/to a network region
# (for a very deep directory area, a list may cause a large load on the server) access.
# You must also ensure that only specific robot are blocked, that is, it is not enough to prevent robot from accessing the host
# This will also prevent users from accessing the host. To do this, you need to match the user-agent information of the HTTP header.

# Rewritecond%{http_user_agent} ^nameofbadrobot.*
# Rewritecond%{remote_addr} ^123/.45/.67/. [8-9]$
# rewriterule ^/~quux/foo/arc/.+-[F]

# Prevent hotlinking Pictures

Description
# Suppose, http://gi.2288.org:88/myalbum/has some pages with inline images,
# These pictures are good, so someone uses hyperlinks to their own pages.
# as this in vain increases the flow of our servers, we do not want this to happen.

Solution
# Although, we can't protect these images 100% from being written to someone else's page,
# But at least you can limit the browsers that emit HTTP Referer headers.

# Rewritecond%{http_referer}!^$
# Rewritecond%{http_referer}!^http://gi.2288.org:88/myalbum/.*$ [NC]
# rewriterule. */.gif$-[F]

# Rewritecond%{http_referer}!^$
# Rewritecond%{http_referer}!. */foo-with-gif/.html$
# rewriterule ^inlined-in-foo/.gif$-[F]

####### #7. Other

# Prohibit hotlinking
# setenvifnocase Referer "^http://gi.2288.org:88/" local_ref=1
# <filesmatch ". (gif|jpg|png|jpeg|zip|rar|exe|swf|txt) ">
# Order Allow,deny
# Allow from Env=local_ref
# </FilesMatch>

# load PHP 5
# LoadModule Php5_module C:/php/php5apache2.dll
# #AddModule MOD_PHP4.C
# AddType application/x-httpd-php. php
# scriptalias/php/"c:/php/"
# AddType application/x-httpd-php. php
# Action application/x-httpd-php "/php/php-cgi.exe"

# run Apache for Windows as a service

# You can install Apache as a Windows NT service like this: Apache-i-n "Service name"

# To install a service that uses a specific configuration, specify the configuration file at installation time:
# apache-i-N "Service name"-F "/my server/conf/my.conf"

# to remove an Apache service, use: Apache-u-n "Service name"

Note: If you do not specify a service name, "Apache" will be used by default.

# Once the service is installed, you can access the configuration file for the service with the-n option and other options.
# Example: Testing a service's profile: Apache-n "service name"-T

# Start a console that uses a service profile Apache:apache-n "service name"

# Apache to control service mode

# Start, restart, and shutdown/stop Apache services:
# apache-n "Service name"-K start
# apache-n "Service Name"-K restart
# apache-n "Service name"-K shutdown
# apache-n "Service Name"-K stop

# or Use NT Native command net to start and stop the Apache service, like this:
# NET START "service Name"
# NET STOP "service Name"

Apache Study notes (Experience)