General W3C httpd Configuration Directives

ServerRoot
HostName
Port
ServerType
PidFile
UserId
GroupId
ParentUserId
ParentGroupId
Enable
Disable
DNSLookup
IdentityCheck
Welcome
AlwaysWelcome
UserDir
MetaDir
MetaSuffix
MaxContentLengthBuffer

ServerRoot

Server's "home" directory is specified via ServerRoot directive. If server root is specified, but no AddIcon directive has been used in configuration file to set up icons, the default icon directory is under server root icons. The default icons that should be present are:

blank.xbm blank icon for aligning the header with listing
directory.xbm for directories
back.xbm for parent directory
unknown.xbm for unknown types
binary.xbm for binary files
text.xbm for text files
image.xbm for image files
movie.xbm for movies
sound.xbm for audio files
tar.xbm for tar files
compressed.xbm for compressed files

If these defaults don't please you you can define all from the scratch. As an example of AddIcon directive, the defaults would be specified as follows:

    Pass  /httpd-internal-icons/*  /server_root/icons/*

    AddBlankIcon   /httpd-internal-icons/blank.xbm
    AddDirIcon     /httpd-internal-icons/directory.xbm  DIR
    AddParentIcon  /httpd-internal-icons/back.xbm       UP
    AddUnknownIcon /httpd-internal-icons/unknown.xbm
    AddIcon        /httpd-internal-icons/binary.xbm     BIN  binary
    AddIcon        /httpd-internal-icons/text.xbm       TXT  text/*
    AddIcon        /httpd-internal-icons/image.xbm      IMG  image/*
    AddIcon        /httpd-internal-icons/movie.xbm      MOV  video/*
    AddIcon        /httpd-internal-icons/sound.xbm      AU   audio/*
    AddIcon        /httpd-internal-icons/tar.xbm        TAR  multipart/*tar
    AddIcon        /httpd-internal-icons/compressed.xbm CMP  x-compress x-gzip

On Proxy Server

On proxy server the icon URLs must be full URLs, because otherwise clients would translate them relative to remote host. This means that in the above example all the AddIcon* directives have to read:

    AddIcon  http://your.server/httpd-internal-icons/...

and you have to pass also the full icon URL:

    Pass  http://your.server/httpd-internal-icons/*  /server_root/icons/*

Since future smart browsers might notice that the icon server is the same one as the proxy server it may be best in this case to also Pass the partial URL as above:

    Pass  /httpd-internal-icons/*  /server_root/icons/*

HostName

On some hosts the hostname lookup fails producing only the name without the domain part. Full hostname is necessary when httpd is generating references to itself (redirection responses to clients). If necessary, provide full server hostname with HostName directive:

        HostName  full.server.host.name

You may want to use this also when the real host name is different from what you want the clients to see (you have a DNS alias for the host).

Default Port Setting

For standalone server (the one running continuously, listening to a certain port, and forking a child to handle the request) the port to listen to can be defined via Port configuration directive instead of the

-p

port command line option. Normally:

        Port 80

-p port command line line option still overrides this default.

WARNING: The Port directive should never be used when the server is being spawned by inetd, it is only for the standalone use.

ServerType

httpd can run as a standalone server which is forking a new child to serve each request, or as a server that is spawned by inetd. The server type is specified by the ServerType directive:

        ServerType  StandAlone

or:

        ServerType  Inetd

If this directive is missing, but the Port directive or -p command line option is used, the default is StandAlone. Otherwise default is Inetd.

PidFile

httpd re-reads its configuration file when it receives a HUP signal SIGHUP, the signal number 1. To make it easy to find out the parent httpd process id, it writes it to a file. The signal can be sent using

	kill -HUP <process-id>

By default, if ServerRoot is specified, this is the file httpd-pid under server root; if not, it defaults to /tmp/httpd-pid.

The PidFile directive can be used to set the process id file name; it can be either an absolute path, or a relative one. Relative path is relative to ServerRoot, or if not defined, relative to /tmp.

Example

        ServerRoot  /Web/serverroot
        PidFile     logs/httpd-pid

would cause the process id to be written to /Web/serverroot/logs/httpd-pid.

NOTE: The SIGHUP signal will also be sent to the server if the parent of the process group in which the server belongs terminates. All members of the orphaned process group will as required by POSIX.1 receive a SIGHUP and a SIGCONT signal. The default behavior on a SIGHUP is to terminate the process, but in the case of daemons it is often meant to reload the config file (they don't have a controlling terminal).

Default User Id

UserId directive sets the default user to run as instead of nobody. This directive is only meaningful when running server as root.

        UserId whoever

Default Group Id

GroupId directive sets the default group to run under instead of nogroup. This directive is only meaningful when running server as root.

        GroupId whichever

Parent User Id

[In 3.0pre6 and newer] On certain systems setuid() call slows httpd down considerably. If multiple user ids are not required with the httpd setup then the parent process should set its user id immediately after binding to port (which may be privileged and was the original reason for running as root). ParentUserId causes httpd to set its user id immediately after binding to port.

        ParentUserId whoever

Parent Group Id

[In 3.0pre6 and newer] ParentGroupId directive sets the process parent group id immediately after binding to port.

        ParentGroupId whichever

Enabling and Disabling HTTP Methods

You can enable/disable methods that you do/don't want your server to accept:

        Enable  METHOD
        Disable METHOD

By default GET, HEAD and POST are enabled, and the rest are disabled.

Examples

        Enable POST
        Disable DELETE

DNSLookup

httpd performs a reverse DNS lookup to find out the remote DNS hostname for the client host. This information is used in access control and logging. If DNS lookups become a bottleneck this feature can be disabled by specifying:

        DNSLookup  Off

Understand, that if this feature if off you will not be able to use domain name templates in access control, only IP number templates.

There are logfile analyzers, such as Kevin Hughes' getstats that will perform reverse DNS lookups to find out hostnames for IP numbers. This is more efficient because getstats looks up each hostname only once, whereas httpd would look it up during each request. So, if you are using a logfile analyzer and you don't necessarily need DNS names in access control, there is no need to keep this feature on.

IdentityCheck

If IdentityCheck configuration directive is turned On, httpd will connect to the ident daemon (RFC931) of the remote host and find out the remote login name of the owner of the client socket. This information is written to access log file, and put into the REMOTE_IDENT CGI environment variable.

Default setting is Off:

        IdentityCheck Off

and if you don't need this information you will save the resources by keeping it off. Furthermore, this information does not provide any more security and should not be trusted to be used in access control, but rather just for informational purposes, such as logging.

WARNING

On some systems there is a kernel bug that causes all the connections to the remote node to be broken if the remote ident request is not answered (ident daemon not running, for example). This is reported for at least SunOS 4.1.1, NeXT 2.0a, ISC 3.0 with TCP 1.3, and AIX 3.2.2, and later are ok. Sony News/OS 4.51, HP-UX 8-?? and Ultrix 4.3 still have this bug. A fix for Ultrix is availabe (CSO-8919).

[Thanks to Per-Steinar Iversen from Norway for pointing this out!]

If the operating system on your server host has this bug, do not use IdentityCheck!

Welcome

Welcome directive specifies the default file name to use when only a directory name is specified in the URL. There may be many Welcome directives giving alternative welcome page names. The one that was defined earlier will have precedence.

Default values are Welcome.html, welcome.html and index.html. index.html is there only for compatibility with NCSA server; the word "Welcome" is more descriptive, and has precedence.

All default values will be overridden if Welcome directive is used.

Default values could be defined as:

        Welcome Welcome.html
        Welcome welcome.html
        Welcome index.html

AlwaysWelcome

By default there is no difference between directory names with and without a trailing slash when it comes to welcome pages. The one without a trailing slash will cause an automatic redirection to the one with a trailing slash, which then gets mapped to the welcome page.

If it is desirable to have plain directory names to produce a directory listing, and only the ones with a trailing slash cause the welcome page to be returned, set the AlwaysWelcome directive to off:

        AlwaysWelcome Off

Default value is On.

User-Supported Directories

User-supported directories, URLs of form /~username, are enabled by UserDir directive:

        UserDir dir-name

The dir-name argument is the directory in each user's home directory to be exported, for example WWW:

        UserDir WWW

MetaDir

It is possible to tell httpd to add meta-information to the default HTTP response header. This information can either be additional HTTP headers such as

	Expires: Friday, 30-Sep-94 12:00:00 GMT

or it can be "private" MIME-headers or any other information such as

	FooRatio=Bar
	ThisIsJustSomeInformation

The meta-information is stored in a file as it should appear in the HTTP response except for the terminating <CR><LF> Meta-information is stored in a directory specified by the MetaDir directive, under the same directory as the file being retrieved:

        MetaDir  dir-name

Default value is

        MetaDir    .web

MetaSuffix

Meta-information is stored in a file with the same name as the actual document, but appended with a suffix specified via the MetaSuffix directive:

        MetaSuffix  .suffix

Default value is

        MetaSuffix .meta

meaning that meta-information files are located in the .web subdirectory, and they end in .meta suffix, i.e. the metafile for file:

        /Web/Demo/file.html

would be:

        /Web/Demo/.web/file.html.meta

MaxContentLengthBuffer

httpd normally gives a content-lenght header line for every document it returns. When it's running as a proxy it buffers the document received from the remote server before sending it to the client. This directive can be used to set the size of this buffer - if it is exceeded the document will be returned without a content-lenght header field.

Default setting is 50 kilobytes:

        MaxContentLengthBuffer 50 K

If the value is too high users might get frustrated and interrupt the connection when nothing seems to be coming, although it is just the proxy server buffering the document.

[email protected], July 1995