Http://blog.csdn.net/btbtd/article/details/288027#2
Classification
# 01. General Settings
# 02. Virtual Host
# 03.<directory> + Alias
# 04..htaccess
# 05.Log
# 06.URL Rewrite
# 07. Other
####### #01. General Settings
# Listen
# Listening Port, example: Listen 80
# ServerRoot
# Apache Directory, example: ServerRoot "C:/Program files/apache group/apache2" (WINDOWS)
# ServerAdmin
# Error Reporting Mailbox, example: ServerAdmin [email protected]
# DocumentRoot
# site root directory, example: DocumentRoot "i:/gi-2288"
# DirectoryIndex
# Configure Directory index files,
# example: DirectoryIndex index.php index.php3 index.html index.htm
# ServerName
# Server domain/IP address, example: ServerName gi.2288.org
# DefaultLanguage
# set a specific default language for all directives scoped files
# syntax: DefaultLanguage Mime-lang, example: DefaultLanguage ZH-CN
# Adddefaultcharset
# The default character set that is added to the response without a specified character set, default value: Adddefaultcharset Off
# example: Adddefaultcharset utf-8, Syntax: syntax: Adddefaultcharset on| off| Character Set
# AddHandler
# Establish a mapping between a file extension and a specific processor, e.g. AddHandler cgi-script. cgi. pl
# syntax: AddHandler handler-name Extension
# Accessfilename
# define configuration file, example: Accessfilename. htaccess
# when the document is returned to the client, if the Publish Profile feature for this directory is set.
# The server will look for the first existing configuration file from the list of names in each path of this document.
# Timeout
# timeout Time, example: Timeout 300
# Typesconfig
# Specify the location of the Mime.types file, default: Typesconfig conf/mime.types
# DefaultType
# DefaultType MIME type,
# Sometimes this happens: the server is asked to provide a document, and the type of the document cannot be determined by its MIME type mapping.
# The server must notify the client of its document's content type.
# So when an unknown type appears, DefaultType will be used.
# example: DefaultType image/gif
# hostnamelookups
# Enable DNS lookups on client IPs, syntax: Hostnamelookups on|off|double
# errorlog
# Locate the server where the error log is located, for example: Errorlog "G:/apache/dummy-gi.2288.org.80-error_log"
# LogLevel
# Control error log level, default value: LogLevel warn
# Emerg Emergency-System not available.
# Alert must take immediate action.
# Crit Fatal condition.
# error condition.
# warn warning case.
# Notice general important situation.
# Info General information.
# Debug Error level Information
# Customlog
# Set the log file name and format, default: Customlog logs/access.log Common
# Servertokens
# Configure server HTTP response header, default: Servertokens full
# Servertokens Prod[uctonly], the server will send (for example): Server:apache
# Servertokens Major, the server will send (for example): SERVER:APACHE/2
# Servertokens Minor, the server will send (for example): server:apache/2.0
# Servertokens Min[imal], the server will send (for example): server:apache/2.0.41
# Servertokens OS, Server will send (for example): server:apache/2.0.41 (Unix)
# Servertokens Full (or not specified),
# The server will send (for example): server:apache/2.0.41 (Unix) php/4.2.2 mymod/1.2
# maxspareservers
# Set the maximum number of idle processes in Apache
# Syntax: maxspareservers number
# Default: Maxspareservers 100
# Example: Maxspareservers 1000
# maxkeepaliverequests
# Set the maximum number of requests per connection
# Syntax: maxkeepaliverequests number
# Default value: Maxkeepaliverequests 100
# serversignature
# Configure server to generate page footer, default value: Serversignature Off
# syntax: Serversignature on| Off| EMail
Application
# Listen 80
# serverroot "C:/Program files/apache group/apache2"
# ServerAdmin [email protected]
# documentroot "i:/gi-2288"
# directoryindex index.php index.php3 index.html index.htm
# ServerName Gi.2288.org
# DefaultLanguage ZH-CN
# Adddefaultcharset Utf-8
# Adddefaultcharset OFF
# AddHandler Cgi-script. cgi. pl
# Accessfilename. htaccess
# Timeout 300
# Typesconfig Conf/mime.types
# errorlog "G:/apache/dummy-gi.2288.org.80-error_log"
# LogLevel warn
# Customlog Logs/access.log Common
# Servertokens Prod[uctonly]
# serversignature OFF
####### #02. <virtualhost *:80> Virtual Host
# Listen 80
# Set the Listening port
# Namevirtualhost 192.168.1.2:80
# NAME/port type virtual host
# <virtualhost *:88>
# </VirtualHost>
# Virtual Host Segment
# ServerAdmin [email protected]
# Contact the mailbox for the management meeting
# documentroot "i:/gi-2288"
# site Root directory
# ServerName Gi.2288.org
# Domain Name
# errorlog "G:/apache/dummy-gi.2288.org.80-error_log"
# error Log # log records are good things, note view logging
#------------above is a virtual host content
# Full application:
# Listen 80
# Namevirtualhost 192.168.1.2:80
# <virtualhost *:88>
# ServerAdmin [email protected]
# documentroot "i:/gi-2288"
# ServerName Gi.2288.org
# </VirtualHost>
####### #03. <Directory> + Alias
# syntax: <directory directory path > ... </Directory>
# encapsulates a set of instructions that only work on a file system directory with a name and its subdirectories.
# Directory browsing is not allowed, for example:
# alias/document "j:/document/"
# <directory "j:/document/" >
# Options FollowSymLinks
# allowoverride None
# Order Allow,deny
# Allow from all
# </Directory>
# Allow directory browsing, for example:
# alias/document "j:/document/"
# <directory "j:/document/" >
# Options Indexes
# allowoverride None
# Order Allow,deny
# Allow from all
# </Directory>
# Allow & Deny
# Allow and deny directives can permit or deny access from a specific host name or host address,
# at the same time, the Order command tells Apache to process the order of the two instructions to change the filter.
# Allow
# Allow access to all addresses, example: Enable from all
# Allow only specific IP addresses to access the directory, for example: Enable from 205.252.46.165
# Allow only specific domain addresses to access directories, for example: Enable from www.google.com
# Allow only specific IP segment access, example: Enable from 10.10.10.0/255.255.0.0
# Deny
# Deny all addresses access directory, example: Deny from all
# Deny access to a specific domain directory, example: Deny from www.google.com
# Deny access to specific IP directories, example: Deny from 218.15.84.152
# Deny access to an IP segment directory, example: Deny from 10.10.10.0/255.255.0.0
# Allow & Deny mixed use
# Deny access to all addresses, but accept Google's visit, for example:
# <directory "j:/document/" >
# Options FollowSymLinks
# Order Deny, allow
# Deny from all
# Allow from www.google.com
# </Directory>
# Accept access to all addresses, but deny Google access, for example:
# <directory "j:/document/" >
# Options FollowSymLinks
# Order Deny, allow
# Deny from www.google.com
# Allow from all
# </Directory>
# Options
# syntax: options [+|-] optional [[+|-] optional] ...
# Configure which features are used in a particular directory,
The options Directive controls which server features will be used in a particular directory.
# The option can be set to none, in which case no extra features will be enabled.
# or set to one or more of the following options:
# all, except for multiviews all features. This is the default setting.
# execcgi, allows execution of CGI scripts.
# followsymlinks, the server uses symbolic connections in this directory.
Note: Even if the server uses symbolic connections, it does not change the pathname used to match the <Directory> configuration segment.
Note: If this configuration is in the <Location> configuration segment, this setting is ignored.
# includes, allow server-side inclusion.
# includesnoexec, allow server-side containment, but disable #exec command and #exec CGI.
# but you can still use the # include virtual CGI script from the Scriptaliase directory.
# Indexes, if a URL mapped to a directory is requested,
# and there's no directoryindex in this directory (for example: index.html.zh-cn.gb2312),
# then the server returns a list of formatted directories.
# MultiViews, allows content to negotiate the multi-attention graph.
# SymLinksIfOwnerMatch, the server uses a symbolic connection only if it has the same user ID as its destination directory or file owner.
Note: If this configuration appears in the <Location> configuration segment, this option is ignored.
# allowoverride
# syntax: allowoverride all| none| instruction Type [instruction type] ...
# Description: Allow instruction types that exist in the. htaccess file
# when the server discovers a. htaccess file (specified by Accessfilename),
# It needs to know which directives are declared in this file to overwrite the access information specified earlier.
# allowoverride is only valid in the <Directory> section. is not valid in the <Location> or <Files> section.
# If this directive is set to none, then the. htaccess file will be completely ignored.
# In this case, the server will not even try to read the. htaccess file from the file system.
# all directives with the. htaccess context are allowed to appear in the. htaccess file when this directive is set to all.
####### #4. . htaccess
# Hint: allowing the use of. htaccess files will result in degraded server performance.
In addition, every time you request a page, you need to read the. htaccess file.
# Open. htaccess support this must be set allowoverride all, for example:
# alias/v "J:/pwd/"
# <directory "j:/pwd/" >
# Options Indexes
# allowoverride All
# Order Allow,deny
# Allow from all
# </Directory>
# If you have sensitive information on a Web site or simply want to be accessible to a small group,
# Here are a few ways to make sure that users can only access resources that are allowed to be accessed.
# typically in a <Directory> section or a profile (. htaccess files) for a single directory.
# If you want to use a. htaccess file, you must set up the server to allow the use of authentication instructions in these files.
# that is, use the allowoverride directive to specify which directives are valid in a configuration file for a single directory.
# to protect a directory on a server with a password, you first need to create a password file.
# This file can be placed in a location that cannot be accessed by the network to avoid being downloaded,
# For example: space outside of G:/apache cannot be accessed by the network,
# then consider placing the password file in the g:/apached directory.
# Apache provides a tool called htpasswd in the bin subdirectory of its installation directory.
# to create a password file, you can use this:
# (Switch to Apache installation directory First, example: C:/Program files/apache group/apache2/bin)
# on the command line input: Htpasswd-c g:/apache/passwords E
# (This creates a user E, set the user and password exactly as you want)
# then you will be asked to enter the password and then enter it again to verify the password.
# so there's more than one passwords file in g:/apache/(no suffix name)
# The words under Windows will encrypt the password with MD5.
# then create a. htaccess file in the directory where you want to set permissions,
# The contents of the. htaccess file are:
# authtype Basic
# authname "Restricted Files"
# AuthUserFile G:/apache/passwords
# Require User E
# Demo Page: http://gi.2288.org:88/v
# User: E-Password: testhtpasswd
Note: The directory must allow allowoverride all so that the. htaccess file can take effect.
####### #5. Log
# Apache log files can provide very much information, it is necessary to understand these logs
# C:/Program Files/apache group/apache2/logs (log file storage in Windows)
# Access.log (access log to see what the client is accessing) & Error.log (Error log)
# Custom Log format
# Mod_log_config
# Status: Base
# Description: Log requests for Server-initiated
# Default: Customlog logs/access.log Common
# Recommended settings:
# customlog Logs/access_log "%h%l%u%t"%r "%s%b"%{referer}i ""%{user-agent}i ""
# Logformat
# Default value: Logformat "%h%l%u%t/"%r/"%>s%b"
# syntax: Logformat format|nickname [Nickname]
# Description: Define the record format in the log file
# example: Logformat "%v%h%l%u%t/"%r/"%>s%b" Vhost_common
# Customlog
# Status: Base
# syntax: Customlog file|pipe format|nickname [env=[!] Environment-variable]
# Description: Set the log file name and format
# example: Customlog logs/access_log "%h%l%u%t/"%r/"%>s%b"
# errorlog
# syntax: errorlog file path |syslog[:facility]
# Default value: Errorlog logs/error_log (Unix) errorlog Logs/error.log (Windows and OS/2)
# Description: Locate the server where the error log is stored
# example: Errorlog "G:/apache/dummy-gi.2288.org.88-error_log"
# Cookielog
# syntax: cookielog filename
# Description: Set the log file name for cookies
# module: mod_log_config
# Rewritelog
# syntax: Rewritelog file-path
# Description: Set the file name of the rewrite engine log
# module: mod_rewrite
# example: Rewritelog "/usr/local/var/apache/logs/rewrite.log" (Unix/linux)
# Rewritelog "G:/apache/rewrite.log" (Windows)
# Some of the common format strings are as follows:
# can be used in log format (CLF): "%h%l%u%t/"%r/"%>s%b"
# Common log format with virtual host: "%v%h%l%u%t/"%r/"%>s%b"
# NCSA Extended/Combined log format: "%h%l%u%t/"%r/"%>s%b/"%{referer}i/"/"%{user-agent}i/""
# Referer Log format: "%{referer}i,%u"
# Agent (Browser) log format: "%{user-agent}i"
####### #6. URL Rewrite
Note: Depending on your server configuration, it may be necessary to make slight changes to the example,
# For example, to add the [PT] flag when new Mod_alias and Mod_userdir are enabled,
# or rewrite. htaccess instead of a rule set in a single server.
# A particular set of rules should be understood first and then used to avoid problems.
# rewrite syntax
# Rewriteengine on
# rewriterule ^/$/www/[R]
# General Override Method
# rewrite page: http://gi.2288.org:88/modules/news/index.php
# rewriterule/modules/news/index.htm$/modules/news/index.php
# Complete page: http://gi.2288.org:88/modules/news/index.htm
# rewrite page: http://gi.2288.org:88/modules/news/index.php?storytopic=2
# rewriterule/modules/news/topic_ (. *)/.htm$/modules/news/index.php?storytopic=$1
# Complete page: http://gi.2288.org:88/modules/news/topic_2.htm
# rewrite page: http://gi.2288.org:88/index.php?storytopic=2start=10
# rewriterule/topic (. *)-(. *)/.htm$/index.php?storytopic=$1&start=$2
# Complete page: http://gi.2288.org:88/topic2-2.htm
# Note: Each additional rewrite ID must be incremented by
# For example page: http://gi.2288.org:88/ct=2x=10y=20
# This can be overridden:
# REWRITERULE/CT (. *)-(. *)-(. *)/.htm$/ct=$1x=$2y=$3
# Effect: http://gi.2288.org:88/ct2-10-20.htm
# Move the host directory to a different Web server
Description
# Often, many network administrators will have this requirement when building a new Web server:
# REDIRECT all host directories on one site server to another site server
Solution
# very simple, with mod_rewrite. Redirect all URLs on the old site server
#/~user/anypath to Http://newserver/~user/anypath.
# Rewriteengine on
# Rewriterule ^/~ (. +) http://newserver/~$1 [r,l]
# dependent on browser content
Description
# At least for important top-level pages, it is sometimes necessary to provide the best content that depends on the browser,
# to provide a maximized version of the latest Netscape, with a minimized version of Lynx,
# While other browsers provide a general version of the feature.
Solution
# In this context, content negotiation is powerless because the browser does not provide the type of its form,
# so you can only find a way to "user-agent" the HTTP header.
# The following rule set can do this:
# if the HTTP header "User-agent" starts with "MOZILLA/3",
# The page foo.html is rewritten as Foo. Ns.html, and then the rewrite operation terminates;
# if it is "Lynx" or "Mozilla" with a version number of 1 and 2, rewrite it as foo.20.html;
# and all the other browsers receive the page is foo.32.html:
# Rewritecond%{http_user_agent} ^mozilla/3.*
# Rewriterule ^foo/.html$ foo. NS [L]
# Rewritecond%{http_user_agent} ^lynx/.* [OR]
# Rewritecond%{http_user_agent} ^mozilla/[12].*
# rewriterule ^foo/$ foo.20 [L]
# rewriterule ^foo/$ foo.32 [L]
# Stop Robots
Description
# How do I stop a completely anonymous robot to get a page for a specific network region?
# A/robots.txt file can contain several lines of "Robot exclusion Protocol (Robot exclusion Protocol)",
# but not enough to prevent such robot.
Solution
# You can use a ruleset to deny/~quux/foo/arc/to a network region
# (for a very deep directory area, a list may cause a large load on the server) access.
# You must also ensure that only specific robot are blocked, that is, it is not enough to prevent robot from accessing the host
# This will also prevent users from accessing the host. To do this, you need to match the user-agent information of the HTTP header.
# Rewritecond%{http_user_agent} ^nameofbadrobot.*
# Rewritecond%{remote_addr} ^123/.45/.67/. [8-9]$
# rewriterule ^/~quux/foo/arc/.+-[F]
# Prevent hotlinking Pictures
Description
# Suppose, http://gi.2288.org:88/myalbum/has some pages with inline images,
# These pictures are good, so someone uses hyperlinks to their own pages.
# as this in vain increases the flow of our servers, we do not want this to happen.
Solution
# Although, we can't protect these images 100% from being written to someone else's page,
# But at least you can limit the browsers that emit HTTP Referer headers.
# Rewritecond%{http_referer}!^$
# Rewritecond%{http_referer}!^http://gi.2288.org:88/myalbum/.*$ [NC]
# rewriterule. */.gif$-[F]
# Rewritecond%{http_referer}!^$
# Rewritecond%{http_referer}!. */foo-with-gif/.html$
# rewriterule ^inlined-in-foo/.gif$-[F]
####### #7. Other
# Prohibit hotlinking
# setenvifnocase Referer "^http://gi.2288.org:88/" local_ref=1
# <filesmatch ". (gif|jpg|png|jpeg|zip|rar|exe|swf|txt) ">
# Order Allow,deny
# Allow from Env=local_ref
# </FilesMatch>
# load PHP 5
# LoadModule Php5_module C:/php/php5apache2.dll
# #AddModule MOD_PHP4.C
# AddType application/x-httpd-php. php
# scriptalias/php/"c:/php/"
# AddType application/x-httpd-php. php
# Action application/x-httpd-php "/php/php-cgi.exe"
# run Apache for Windows as a service
# You can install Apache as a Windows NT service like this: Apache-i-n "Service name"
# To install a service that uses a specific configuration, specify the configuration file at installation time:
# apache-i-N "Service name"-F "/my server/conf/my.conf"
# to remove an Apache service, use: Apache-u-n "Service name"
Note: If you do not specify a service name, "Apache" will be used by default.
# Once the service is installed, you can access the configuration file for the service with the-n option and other options.
# Example: Testing a service's profile: Apache-n "service name"-T
# Start a console that uses a service profile Apache:apache-n "service name"
# Apache to control service mode
# Start, restart, and shutdown/stop Apache services:
# apache-n "Service name"-K start
# apache-n "Service Name"-K restart
# apache-n "Service name"-K shutdown
# apache-n "Service Name"-K stop
# or Use NT Native command net to start and stop the Apache service, like this:
# NET START "service Name"
# NET STOP "service Name"
Apache Study notes (Experience)