Miscellaneous general setting for cern_httpd (original) (raw)

W3C httpd manual

General W3C httpd Configuration Directives

ServerRoot

Server's "home" directory is specified via ServerRootdirective. If server root is specified, but no AddIcon directive has been used in configuration file to set up icons, the default icon directory is under server root icons. The default icons that should be present are:

On Proxy Server

On proxy server the icon URLs must be full URLs, because otherwise clients would translate them relative to remote host. This means that in the above example all theAddIcon* directives have to read:

AddIcon  http://your.server/httpd-internal-icons/...

and you have to pass also the full icon URL:

Pass  http://your.server/httpd-internal-icons/*  /server_root/icons/*

Since future smart browsers might notice that the icon server is the same one as the proxy server it may be best in this case to alsoPass the partial URL as above:

Pass  /httpd-internal-icons/*  /server_root/icons/*

HostName

On some hosts the hostname lookup fails producing only the name without the domain part. Full hostname is necessary whenhttpd is generating references to itself (redirection responses to clients). If necessary, provide full server hostname with HostName directive:

    HostName  _full.server.host.name_

You may want to use this also when the real host name is different from what you want the clients to see (you have a DNS alias for the host).

Default Port Setting

For standalone server (the one running continuously, listening to a certain port, and forking a child to handle the request) the port to listen to can be defined via Port configuration directive instead of the -p port command line option. Normally:

    Port 80

-p port command line line option still overrides this default.

WARNING: The Portdirective should never be used when the server is being spawned by inetd, it isonly for the standalone use.

ServerType

httpd can run as a standalone server which is forking a new child to serve each request, or as a server that is spawned byinetd. The server type is specified by theServerType directive:

    ServerType  StandAlone

or:

    ServerType  Inetd

If this directive is missing, but the Port directive or-p command line option is used, the default isStandAlone. Otherwise default is Inetd.

PidFile

httpd re-reads its configuration file when it receives aHUP signal SIGHUP, the signal number 1. To make it easy to find out the parent httpd process id, it writes it to a file. The signal can be sent using

kill -HUP <process-id>

By default, if ServerRoot is specified, this is the file httpd-pid under server root; if not, it defaults to /tmp/httpd-pid.

The PidFile directive can be used to set the process id file name; it can be either an absolute path, or a relative one. Relative path is relative to ServerRoot, or if not defined, relative to /tmp.

Example

    ServerRoot  /Web/serverroot
    PidFile     logs/httpd-pid

would cause the process id to be written to/Web/serverroot/logs/httpd-pid.

NOTE: TheSIGHUP signal will also be sent to the server if the parent of the process group in which the server belongs terminates. All members of the orphaned process group will as required by POSIX.1 receive a SIGHUP and a SIGCONT signal. The default behavior on a SIGHUP is to terminate the process, but in the case of daemons it is often meant to reload the config file (they don't have a controlling terminal).

Default User Id

UserId directive sets the default user to run as instead of nobody. This directive is only meaningful when running server as root. 

    UserId whoever

Default Group Id

GroupId directive sets the default group to run under instead of nogroup. This directive is only meaningful when running server as root. 

    GroupId whichever

Parent User Id

[In 3.0pre6 and newer]On certain systems setuid() call slows httpddown considerably. If multiple user ids are not required with thehttpd setup then the parent process should set its user id immediately after binding to port (which may be privileged and was the original reason for running as root).ParentUserId causes httpd to set its user id immediately after binding to port.

    ParentUserId whoever

Parent Group Id

[In 3.0pre6 and newer] ParentGroupId directive sets the process parent group id immediately after binding to port.

    ParentGroupId whichever

Enabling and DisablingHTTP Methods

You can enable/disable methods that you do/don't want your server to accept:

    Enable  _METHOD_
    Disable _METHOD_

By default GET, HEAD andPOST are enabled, and the rest are disabled.

Examples

    Enable POST
    Disable DELETE

DNSLookup

httpd performs a reverse DNS lookup to find out the remote DNS hostname for the client host. This information is used in access control and logging. If DNS lookups become a bottleneck this feature can be disabled by specifying:

    DNSLookup  Off

WARNING: Understand, that if this feature if off you will not be able to use domain name templates in access control, only IP number templates.

There are logfile analyzers, such as Kevin Hughes'getstats that will perform reverse DNS lookups to find out hostnames for IP numbers. This is more efficient becausegetstats looks up each hostname only once, whereashttpd would look it up during each request. So, if you are using a logfile analyzer and you don't necessarily need DNS names in access control, there is no need to keep this feature on.

IdentityCheck

If IdentityCheck configuration directive is turnedOn, httpd will connect to the ident daemon (RFC931) of the remote host and find out the remote login name of the owner of the client socket. This information is written to access log file, and put into the REMOTE_IDENT CGI environment variable.

Default setting is Off:

    IdentityCheck Off

and if you don't need this information you will save the resources by keeping it off. Furthermore, this information does not provide any more security and should not be trusted to be used in access control, but rather just for informational purposes, such as logging.

WARNING

On some systems there is a kernel bug that causes all the connections to the remote node to be broken if the remote ident request is not answered (ident daemon not running, for example). This is reported for at least SunOS 4.1.1, NeXT 2.0a, ISC 3.0 with TCP 1.3, and AIX 3.2.2, and later are ok. Sony News/OS 4.51, HP-UX 8-?? and Ultrix 4.3 still have this bug. A fix for Ultrix is availabe (CSO-8919).

[Thanks to Per-Steinar Iversen from Norway for pointing this out!]

If the operating system on your server host has this bug, do not use IdentityCheck!

Welcome

Welcome directive specifies the default file name to use when only a directory name is specified in the URL. There may be manyWelcome directives giving alternative welcome page names. The one that was defined earlier will have precedence.

Default values are Welcome.html,welcome.html and index.html.index.html is there only for compatibility with NCSA server; the word "Welcome" is more descriptive, and has precedence.

All default values will be overridden if Welcomedirective is used.

Default values could be defined as:

    Welcome Welcome.html
    Welcome welcome.html
    Welcome index.html

AlwaysWelcome

By default there is no difference between directory names with and without a trailing slash when it comes to welcome pages. The one without a trailing slash will cause an automatic redirection to the one with a trailing slash, which then gets mapped to the welcome page.

If it is desirable to have plain directory names to produce a directory listing, and only the ones with a trailing slash cause the welcome page to be returned, set the AlwaysWelcomedirective to off:

    AlwaysWelcome Off

Default value is On.

User-Supported Directories

User-supported directories, URLs of form /~username, are enabled by UserDir directive:

    UserDir _dir-name_

The dir-name argument is the directory in each user's home directory to be exported, for example WWW:

    UserDir WWW

MetaDir

It is possible to tell httpd to add meta-information to the default HTTP response header. This information can either be additional HTTP headers such as

Expires: Friday, 30-Sep-94 12:00:00 GMT

or it can be "private" MIME-headers or any other information such as

FooRatio=Bar
ThisIsJustSomeInformation

The meta-information is stored in a file as it should appear in the HTTP response except for the terminating<CR><LF> Meta-information is stored in a directory specified by the MetaDir directive, under the same directory as the file being retrieved:

    MetaDir  _dir-name_

Default value is

    MetaDir    .web

MetaSuffix

Meta-information is stored in a file with the same name as the actual document, but appended with a suffix specified via theMetaSuffix directive: 

    MetaSuffix  _.suffix_

Default value is

    MetaSuffix .meta

meaning that meta-information files are located in the.web subdirectory, and they end in .metasuffix, i.e. the metafile for file:

    /Web/Demo/file.html

would be:

    /Web/Demo/.web/file.html.meta

MaxContentLengthBuffer

httpd normally gives a content-lenght header line for every document it returns. When it's running as a proxy it buffers the document received from the remote server before sending it to the client. This directive can be used to set the size of this buffer - if it is exceeded the document will be returned without a content-lenght header field.

Default setting is 50 kilobytes:

    MaxContentLengthBuffer 50 K

WARNING: If the value is too high users might get frustrated and interrupt the connection when nothing seems to be coming, although it is just the proxy server buffering the document.

httpd@w3.org, July 1995