Apache Server Global configuration detailed (full) _linux

Source: Internet
Author: User
Tags numeric value reverse dns

Apache Server Global Configuration Server Identity Configuration Chapter

Server Identity Related directives:
ServerName
ServerAdmin
Serversignature
Servertokens
Usecanonicalname
Usecanonicalphysicalport

The serveradmin and Servertokens directives control what information about the server will appear in the server-generated document, such as error messages. The Servertokens directive sets the value of the server HTTP response header field.
ServerName, Usecanonicalname, usecanonicalphysicalport directives are used to determine how to build a custom URL, for example, a client makes a request to a directory, but does not contain the last slash "/" of the directory name. Apache redirects the client to the full name that contains "/" so that the client can correctly parse the relative references in the document.

ServerName Directives
Syntax: ServerName [scheme://] FQDN [:p ORT]
This instruction is used to set up the server to identify its own host name and port number. Primarily used to create a redirected URL.

For example, your Web server's host name is example.bob.com, but your Web server also has a DNS alias www.bob.com in the DNS server. And you want the Web server to be a little more significant, you can use the servername directive in http.conf to implement:
ServerName www.bob.com:80

When servername is not specified, the server attempts to reverse query the IP address to infer the host name. If you do not specify a port number in ServerName, the server listens on all ports. To enhance reliability and predictability, you should use the servername display to specify a host name and port number.
If you are using a domain-based virtual host, the ServerName in <VirtualHost> will be to match this virtual host, and the host name must be written in the "host:" Request header.

serveradmin directives
Syntax: ServerAdmin email-address| Url
This instruction is used to set the administrator email address contained in the error message returned by the server to the client. It is easy for the user to get in touch with the administrator after receiving the error message.

ServerAdmin bob@126.com

Serversignature directives
Syntax: Serversignature. | Off | Email
Default: Serversignature off
This instruction is used to configure the footer of the server-side generated document (Error message, mod_proxy List of FTP directories, mod_info output). Use this directive to enable this footer is mainly in the chain of a proxy server, the user is basically unable to identify which server in the chain really generated the error message returned.

http.conf the directive defaults to off, so there is no error line, and using on will simply add a row about the server version and the ServerName that is providing the service;
For example, when I use Serversignature, the following message appears when I do not have a Web page open:

apache/2.2.11 (Unix) php/5.2.8 Server at 192.168.120.240 Port 80

For later versions of 2.0.44, the detailed server version number will be controlled by the Servertokens command.

Servertokens directives
Syntax: Servertokens Major | Minor | Min[imal] | Prod[uctonly] | OS | Full
Default: Servertokens full
This instruction is used to control whether the "server:" Answer header that the server responds to the client contains information about the server operating system type and the module description that is compiled.

Note: You must first enable the Serversignature directive when using the Servertokens directive.

Servertokens Prod[uctonly]: Server will send (for example): Apache
Apache Server at 192.168.120.240 Port 80
Servertokens Major: The server will send (for example): APACHE/2
APACHE/2 Server at 192.168.120.240 Port 80
Servertokens Minor: The server will send (for example): apache/2.2
apache/2.2 Server at 192.168.120.240 Port 80
Servertokens Min[imal]: Server will send (for example): apache/2.2.11
apache/2.2.11 Server at 192.168.120.240 Port 80
Servertokens OS: Server will send (for example): apache/2.2.11 (Unix)
apache/2.2.11 (Unix) Server at 192.168.120.240 Port 80
Servertokens full: The server will send (for example): apache/2.2.11 (Unix) php/5.2.8
apache/2.2.11 (Unix) php/5.2.8 Server at 192.168.120.240 Port 80

usecanonicalname directives
Syntax: Usecanonicalname on | Off | Dns
Default: Usecanonicalname off
This instruction constructs Apache's self referencing url (a URL that refers back to the same server).

Usecanonicalname.: The domain name set for servername is used for all self referencing URLs, server_name, server_port in CGI. For example: If your Web server has its own domain name, and there is a corresponding NS record in DNS, and httpd.conf will servername set the domain name, then you enter Http://192.168.120.240/bbs in the browser, It will automatically turn this IP address into its corresponding domain name, such as http://www.bob.com/bbs/. At this point, if the other client's computer does not correctly parse the Web server's domain name, there will be a problem accessing the Web server. Because the Web server automatically converts IP addresses into domain names.

Usecanonicalname off: If the client provides a host name and port, Apache will use the information provided by the client to build the self referencing URL. These values are the same as the values used to implement a domain-based virtual host, and are available to the same client. The CGI variables server_name and server_port are also built by the values provided by the client.

Usecanonicalname DNS: This setting is used to support a large number of ip-based virtual hosts for browsers that do not provide "Host:" headers. When this option is used, Apache resolves the IP address of the server to which the client is connected in reverse DNS to build the self reference URL.

Usecanonicalphysicalport directives
Syntax: Usecanonicalphysicalport. | Off
Default: Usecanonicalphysicalport off
This instruction is used to configure how the server determines its own port.

Usecanonicalphysicalport.: Apache is likely to use the actual physical port number in order to conform to the Usecanonicalname directive when constructing the specification port of the server.
Usecanonicalphysicalport Off:apache does not use the actual physical port number, but relies on all the information already configured to construct a legitimate port number.

Attention:
The order in which you decide to use physical port numbers is as follows:
Usecanonicalname.
ServerName The specified port number
Physical port number
Default port number

Usecanonicalname Off | DNS
The port number provided by the "Host:" Request header
Physical port number
ServerName The specified port number
Default port number
In the case of usecanonicalphysicalport off, the physical port number will be removed from the order above.

Apache Server Global configuration File location configuration Chapter

File location Related directives:
Coredumpdirectory
DocumentRoot
ErrorLog
Lockfile
Pidfile
Scoreboardfile
ServerRoot

These commands control the positioning of the various files required for Apache to work properly. If the path name does not begin with a slash "/", then the file is considered relative to the ServerRoot path.

coredumpdirectory directives
Syntax: Coredumpdirectory directory-path
This command is used to control the kernel dump directory used by Apache, which is located under "ServerRoot" by default. Because this directory is usually not writable for users running the server, kernel dumps are not generally written to the content. If you need a kernel dump during debugging, you can use this instruction to specify a different directory.

DocumentRoot Directives
Syntax: DocumentRoot directory-path
This instruction is used to set the directory where the HTTPD provides services. Without instructions such as Alias, the server appends the URL in the request to the DocumentRoot to form the path to the document.
For example:
DocumentRoot "/usr/local/httpd/htdocs"
When you visit http://192.168.120.240/bbs/index.html, you are actually accessing/usr/loca/httpd/htdocs/bbs/index.html.
If Directory-path is not an absolute path, it is assumed to be a path relative to the ServerRoot.
For example:
ServerRoot "/usr/local/httpd/"
DocumentRoot "Htdocs"
When you visit http://192.168.120.240/bbs/index.html, you will actually be positioned to/usr/loca/httpd/htdocs/bbs/index.html.

errorlog directives
Syntax: ErrorLog File-path | Syslog[:facility]
Default: ErrorLog "Logs/error_log"
This instruction is used to set the file that logs the error log when the server encounters an error. If File-path is not an absolute path with/beginning, it will be considered a relative path relative to the ServerRoot.

lockfile directives
Syntax: lockfile filename
This command sets the location of the lock file used by Apache when the value of the Acceptmutex instruction is fcntl or flock. Generally keep the default values. The main reason for changing the default value is that the logs directory is located on an NFS file system because the lock file must be on a local disk. The PID of the master server process is automatically added to the file name.
Note: Do not place the lock file in a directory where anyone has write permissions, because someone can prevent the server from starting by creating a file with the same name as the lock file that the server attempted to create.

pidfile directives
Syntax: pidfile filename
Default: Pidfile "Logs/httpd.pid"
This instruction is used to set the file that the server records the parent process (monitoring process) PID.
If the specified is not an absolute path, it is considered a relative path relative to the ServerRoot.

scoreboardfile directives
Syntax: Scoreboardfile file-path
This instruction is used to set up files that store child process coordination data. Apache uses the scoreboard (scoreboard) to communicate between the parent process and the child process. Some system organizations require a file to help communicate. If this file is not specified, Apache first attempts to establish a complete scorecard in anonymous shared memory. If it fails, it will continue to attempt to create the file on disk using a file-based shared memory. If you use this instruction to specify the location of this file, Apache will always create this file on disk.
Placing Scoreboardfile in RAM disk can be a great help for access speed. But be aware of the placement and permissions.

ServerRoot directives
Syntax: ServerRoot directory-path
This command is used to set the directory where the Apache server resides. Typically contains subdirectories such as conf/, logs/, and so on. The relative paths of other profiles are generally based on this directory.
For example:
ServerRoot "/usr/local/httpd/"

Resource throttling configuration for Apache Server global configuration

Resource constraints related directives:
Limitrequestbody
Limitrequestfields
Limitrequestfieldsize
Limitrequestline
Rlimitcpu
Rlimitmem
Rlimitnproc
Threadstacksize

The limitrequest* series directive is used to limit the amount of resources that Apache uses in the process of reading client requests. By limiting these values, some denial of service (DOS) attacks can be mitigated.
The rlimit* series directive is used to limit the number of resources used by processes that are derived from the Apache subprocess. Typically, these instructions are used to control the resources used by CGI scripts and SSI exec commands.
The threadstacksize directive is used on some platforms to control the stack size.

limitrequestbody directives

Syntax: limitrequestbody bytes
Default value: Limitrequestbody 0
This instruction is used to set the maximum number of bytes sent by the client for HTTP requests. Limitrequestbody directives can work on the entire server, specific directories, specific files, specific locations. If the client's request exceeds the value set by the Limitrequestbody, the server responds to an error message to the client and does not process the request.
Bytes is 0 (not limited) to 2147483647 (2GB).
For example: you allow clients to upload files to a location, and you want to limit the size of the uploaded file to 500K,
Limitrequestbody 512000

Limitrequestfields directives

Syntax: Limitrequestfields number
Default: Limitrequestfields 100
This instruction is used to set the number of HTTP request header domains that the client requests to the server. A typical client request header domain is rarely greater than 20, but the number of clients varies significantly. This often depends on the user configuring their browser extensions to support more detailed content negotiation. An optional HTTP extension is often implemented using the request header domain.
Number is an integer that is 0 (unrestricted) to 32767. The default value is the compile-time constant Default_limit_request_fields (publication value is 100).

limitrequestfieldsize directives

Syntax: limitrequestfieldsize bytes
Default: Limitrequestfieldsize 8190
This instruction is used to set the maximum number of bytes sent by the client for the HTTP request headers. In general, the server requires that this value be large enough to accommodate the size of the header field of any request from a normal customer. The size of the header field is generally closely related to the content protocol supported by the browser.
In general, do not change this value, you can use the default.

limitrequestline directives

Syntax: limitrequestline bytes
Default: Limitrequestline 8190
This instruction is used to set the maximum number of bytes sent by the client for the HTTP request line. The request line includes the HTTP method, URL, protocol version, and so on. So the limitrequestline directive can limit the length of the URL, and the server will need the value to be large enough to load all of its resource names, including all the information that might be passed in the GET request.
In general, do not change this value, you can use the default.

RLIMITCPU directives

Syntax: rlimitcpu seconds | Max [Seconds|max]
Default: Not defined, using operating system defaults
This instruction is used to set the maximum number of seconds that a process derived by the Apache subprocess consumes the CPU.
You can set one or two parameters here. The first parameter sets the soft resource limit for all processes and the second parameter sets the maximum resource limit. All two parameters can be set to a numeric value or "Max" (indicating the maximum allowed for the operating system). To increase this resource limit maximum, you need to run the server as root or set in the initialization startup statement.
This instruction only works on processes that are derived from the Apache subprocess, not the Apache subprocess itself. This range includes CGI scripts and SSI execution commands, excluding all processes derived from the Apache parent process. Like a pipe log.
CPU resource limits represent the number of seconds per process.

Rlimitmem directives

Syntax: Rlimitmem bytes | Max [Bytes|max]
Default: Not defined, using operating system defaults
This instruction is used to set the maximum number of bytes in memory that the Apache subprocess derives from the process.
You can set one or two parameters here. The first parameter sets the soft resource limit for all processes and the second parameter sets the maximum resource limit. All two parameters can be set to a numeric value or "Max" (indicating the maximum allowed for the operating system). To increase this resource limit maximum, you need to run the server as root or set in the initialization startup statement.
This instruction only works on processes that are derived from the Apache subprocess, not the Apache subprocess itself. This range includes CGI scripts and SSI execution commands, excluding all processes derived from the Apache parent process. Like a pipe log.
The memory resource limit represents the number of bytes consumed per process.

Rlimitnproc directives

Syntax: Rlimitnproc number | Max [Number|max]
Default: Not defined, using operating system defaults
This instruction is used to set the number of processes that are derived from the Apache child process.
You can set one or two parameters here. The first parameter sets the soft resource limit for all processes and the second parameter sets the maximum resource limit. All two parameters can be set to a numeric value or "Max" (indicating the maximum allowed for the operating system). To increase this resource limit maximum, you need to run the server as root or set in the initialization startup statement.
This instruction only works on processes that are derived from the Apache subprocess, not the Apache subprocess itself. This range includes CGI scripts and SSI execution commands, excluding all processes derived from the Apache parent process. Like a pipe log.
Process constraints control the number of processes per user.

threadstacksize directives

Syntax: Threadstacksize size
Default: 65536 on NetWare, equal operating system defaults on other platforms
This instruction is used to set the maximum stack size (bytes) that can be used by threads that handle client connections, including the calling module to assist in processing.
In most cases, the default stack size for the operating system is reasonable. However, in some cases, you need to adjust this value:
On a platform with a smaller default stack size (such as HP-UX), Apache may crash when using a Third-party module that requires a larger stack size. Such a problem can be resolved by setting the threadstacksize to a larger value. This adjustment should be required only if the Third-party module provider specifically requires it, or if you determine by diagnostics that the stack space is too small to cause a crash.
On some platforms, if the default stack space is greater than the space required for the server to run, lowering the threadstacksize value to less than the operating system defaults can increase the maximum number of threads allowed to be generated in each process. This type of adjustment should only be used in a test environment, and all server processes will be adequately tested because of the large stack space required to handle some rare requests. A small server configuration change may make the current threadstacksize settings unsuitable.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.