Linux-apache httd.conf文件详解
阅读原文时间:2023年07月11日阅读:1

Linux-apache httd.conf文件详解

# This is the main Apache server configuration file. It contains the

configuration directives that give the server its instructions.

See for detailed information.

In particular, see

for a discussion of each configuration directive.

Do NOT simply read the instructions in here without understanding

what they do. They're here only as hints or reminders. If you are unsure

consult the online docs. You have been warned.

The configuration directives are grouped into three basic sections:

1. Directives that control the operation of the Apache server process as a

whole (the 'global environment').

2. Directives that define the parameters of the 'main' or 'default' server,

which responds to requests that aren't handled by a virtual host.

These directives also provide default values for the settings

of all virtual hosts.

3. Settings for virtual hosts, which allow Web requests to be sent to

different IP addresses or hostnames and have them handled by the

same Apache server process.

Configuration and logfile names: If the filenames you specify for many

of the server's control files begin with "/" (or "drive:/" for Win32), the

server will use that explicit path. If the filenames do *not* begin

with "/", the value of ServerRoot is prepended -- so "logs/foo.log"

with ServerRoot set to "/etc/httpd" will be interpreted by the

server as "/etc/httpd/logs/foo.log".

#

Section 1: Global Environment

The directives in this section affect the overall operation of Apache,

such as the number of concurrent requests it can handle or where it

can find its configuration files.

#

Don't give away too much information about all the subcomponents

we are running. Comment out this line if you don't mind remote sites

finding out what major optional modules you are runnin

ServerTokens OS
//在出现错误页的时候是否显示服务器操作系统的名称,ServerTokens Prod为不显示

ServerRoot: The top of the directory tree under which the server's

configuration, error, and log files are kept.

NOTE! If you intend to place this on an NFS (or otherwise network)

mounted filesystem then please read the LockFile documentation

(available at );

you will save yourself a lot of trouble.

Do NOT add a slash at the end of the directory path.

ServerRoot "/etc/httpd"
//用于指定Apache的运行目录,服务启动之后自动将目录改变为当前目录,在后面使用到的所有相对路径都是想对这个目录下

PidFile: The file in which the server should record its process

identification number when it starts. Note the PIDFILE variable in

/etc/sysconfig/httpd must be set appropriately if this location is

changed.

PidFile run/httpd.pid
//记录httpd守护进程的pid号码,这是系统识别一个进程的方法,系统中httpd进程可以有多个,但这个PID对应的进程是其他的父进程

Timeout: The number of seconds before receives and sends time out.

Timeout 60
//第二次连接前服务器与客户端断开的时间

KeepAlive: Whether or not to allow persistent connections (more than

one request per connection). Set to "Off" to deactivate.

KeepAlive Off
//是否持续连接(因为每次连接都得三次握手,如果是访问量不大,建议打开此项,如果网站访问量比较大关闭此项比较好),修改为:KeepAlive On 表示允许程序性联机

MaxKeepAliveRequests: The maximum number of requests to allow

during a persistent connection. Set to 0 to allow an unlimited amount.

We recommend you leave this number high, for maximum performance.

MaxKeepAliveRequests 100
//限制一个连接的最大请求数,0表示不限制

KeepAliveTimeout: Number of seconds to wait for the next request from the

same client on the same connection.

KeepAliveTimeout 15
//

Server-Pool Size Regulation (MPM specific)

//apche的两种工作模式 prefork模式和worker模式

prefork MPM

StartServers: number of server processes to start

MinSpareServers: minimum number of server processes which are kept spare

MaxSpareServers: maximum number of server processes which are kept spare

ServerLimit: maximum value for MaxClients for the lifetime of the server

MaxClients: maximum number of server processes allowed to start

MaxRequestsPerChild: maximum number of requests a server process serves

StartServers 8 MinSpareServers 5 MaxSpareServers 20 ServerLimit 256 MaxClients 256 MaxRequestsPerChild 4000
系统默认的模块,表示为每个访问启动一个进程(即当有多个连接公用一个进程的时候,在同一时刻只能有一个获得服务)。
StartServer 开始服务时启动8个进程,最小空闲5个进程,最多空闲20个进程。
ServerLimit 设置了MaxClients最大允许配置的数值
MaxClient 限制同一时刻客户端的最大连接请求数量超过的要进入等候队列。
MaxRequestsPerChild 每个进程生存期内允许服务的最大请求数量,0表示永不结束

worker MPM

StartServers: initial number of server processes to start

MaxClients: maximum number of simultaneous client connections

MinSpareThreads: minimum number of worker threads which are kept spare

MaxSpareThreads: maximum number of worker threads which are kept spare

ThreadsPerChild: constant number of worker threads in each server process

MaxRequestsPerChild: maximum number of requests a server process serves

StartServers 4 MaxClients 300 MinSpareThreads 25 MaxSpareThreads 75 ThreadsPerChild 25 MaxRequestsPerChild 0
为Apache配置线程访问,即每对WEB服务访问启动一个线程,这样对内存占用率比较小。
ServerLimit服务器允许配置进程数的上限。
ThreadLimit每个子进程可能配置的线程上限
StartServers启动两个httpd进程,
MaxClients同时最多能发起250个访问,超过的要进入队列等待,其大小有ServerLimit和ThreadsPerChild的乘积决定
ThreadsPerChild每个子进程生存期间常驻执行线程数,子线程建立之后将不再增加
MaxRequestsPerChild每个进程启动的最大线程数,如达到限制数时进程将结束,如置为0则子线程永不结束

0111# Listen: Allows you to bind Apache to specific IP addresses and/or

ports, in addition to the default. See also the

directive.

Change this to Listen on specific IP addresses as shown below to

prevent Apache from glomming onto all bound IP addresses (0.0.0.0)

#Listen 12.34.56.78:80
Listen 80
//监听的端口,如有多块网卡,默认监听所有网卡

Dynamic Shared Object (DSO) Support

To be able to use the functionality of a module which was built as a DSO you

have to place corresponding `LoadModule' lines at this location so the

directives contained in it are actually available _before_ they are used.

Statically compiled modules (those listed by `httpd -l') do not need

to be loaded here.

Example:

LoadModule foo_module modules/mod_foo.so

//启动时加载的模块
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_digest_module modules/mod_auth_digest.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_alias_module modules/mod_authn_alias.so
LoadModule authn_anon_module modules/mod_authn_anon.so
LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule ldap_module modules/mod_ldap.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule expires_module modules/mod_expires.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule headers_module modules/mod_headers.so
LoadModule usertrack_module modules/mod_usertrack.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule mime_module modules/mod_mime.so
LoadModule dav_module modules/mod_dav.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
LoadModule info_module modules/mod_info.so
LoadModule dav_fs_module modules/mod_dav_fs.so
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule actions_module modules/mod_actions.so
LoadModule speling_module modules/mod_speling.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule substitute_module modules/mod_substitute.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule proxy_module modules/mod_proxy.so
LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
LoadModule proxy_http_module modules/mod_proxy_http.so
LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
LoadModule cache_module modules/mod_cache.so
LoadModule suexec_module modules/mod_suexec.so
LoadModule disk_cache_module modules/mod_disk_cache.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule version_module modules/mod_version.so

The following modules are not loaded by default:

#LoadModule asis_module modules/mod_asis.so
#LoadModule authn_dbd_module modules/mod_authn_dbd.so
#LoadModule cern_meta_module modules/mod_cern_meta.so
#LoadModule cgid_module modules/mod_cgid.so
#LoadModule dbd_module modules/mod_dbd.so
#LoadModule dumpio_module modules/mod_dumpio.so
#LoadModule filter_module modules/mod_filter.so
#LoadModule ident_module modules/mod_ident.so
#LoadModule log_forensic_module modules/mod_log_forensic.so
#LoadModule unique_id_module modules/mod_unique_id.so
#

Load config files from the config directory "/etc/httpd/conf.d".

//加载配置文件
Include conf.d/*.conf

ExtendedStatus controls whether Apache will generate "full" status

information (ExtendedStatus On) or just basic information (ExtendedStatus

Off) when the "server-status" handler is called. The default is Off.

#ExtendedStatus On

If you wish httpd to run as a different user or group, you must run

httpd as root initially and it will switch.

User/Group: The name (or #number) of the user/group to run httpd as.

. On SCO (ODT 3) use "User nouser" and "Group nogroup".

. On HPUX you may not be able to use shared memory as nobody, and the

suggested workaround is to create a user www and use that user.

NOTE that some ker nels refuse to setgid(Group) or semctl(IPC_SET)

when the value of (unsigned)Group is above 60000;

don't use Group #-1 on these systems!

//apache的用户和用户组
User apache
Group apache

Section 2: 'Main' server configuration

The directives in this section set up the values used by the 'main'

server, which responds to any requests that aren't handled by a

definition. These values also provide defaults for

any containers you may define later in the file.

All of these directives may appear inside containers,

in which case these default settings will be overridden for the

virtual host being defined.

#

ServerAdmin: Your address, where problems with the server should be

e-mailed. This address appears on some server-generated pages, such

as error documents. e.g. admin@your-domain.com

//管理员的邮箱,如果出现问题,会在首页显示
ServerAdmin root@localhost

ServerName gives the name and port that the server uses to identify itself.

This can often be determined automatically, but we recommend you specify

it explicitly to prevent problems during startup.

If this is not set to valid DNS name for your host, server-generated

redirections will not work. See also the UseCanonicalName directive.

If your host doesn't have a registered DNS name, enter its IP address here.

You will have to access it by its address anyway, and this will make

redirections work in a sensible way.

#ServerName www.example.com:80
默认是不需要指定的,服务器通过名字解析过程来获得自己的名字,但如果解析有问题(如反向解析不正确),或者没有DNS名字,也可以在这里指定IP地址,当这项不正确的时候服务器不能正常启动。前面启动Apache时候提示正在启动 httpd:httpd: apr_sockaddr_info_get() failed forjustin httpd: Could not reliably determine the server's fully qualified domain name, using 127.0.0.1forServerName,解决方法就是启动该项把www.example.com:80修改为自己的域名或者直接修改为localhost

UseCanonicalName: Determines how Apache constructs self-referencing

URLs and the SERVER_NAME and SERVER_PORT variables.

When set "Off", Apache will use the Hostname and Port supplied

by the client. When set "On", Apache will use the value of the

ServerName directive.

UseCanonicalName Off
//如果客户端提供了主机名和端口,Apache将会使用客户端提供的这些信息来构建自引用URL。这些值与用于实现基于域名的虚拟主机的值相同,并且对于同样的客户端可用。CGI变量SERVER_NAME和SERVER_PORT也会由客户端提供的值来构建

DocumentRoot: The directory out of which you will serve your

documents. By default, all requests are taken from this directory, but

symbolic links and aliases may be used to point to other locations.

DocumentRoot "/var/www/html"
//apache的默认web站点目录路径,结尾不要添加斜线

Each directory to which Apache has access can be configured with respect

to which services and features are allowed and/or disabled in that

directory (and its subdirectories).

First, we configure the "default" to be a very restrictive set of

features.

#行为对根目录的限制

Options FollowSymLinks #followsymlinks表示允许使用符号链接,默认为禁用
AllowOverride None # 表示禁止用户对目录配置文件(.htaccess进行修改)重载,普通站点不建议开启

Note that from this point forward you must specifically allow

particular features to be enabled - so if something's not working as

you might expect, make sure that you have specifically enabled it

below.

#

This should be changed to whatever you set DocumentRoot to.

Possible values for the Options directive are "None", "All",

or any combination of:

Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews

Note that "MultiViews" must be named *explicitly* --- "Options All"

doesn't give it to you.

The Options directive is both complicated and important. Please see

http://httpd.apache.org/docs/2.2/mod/core.html#options

for more information.

Options Indexes FollowSymLinks

AllowOverride controls what directives may be placed in .htaccess files.

It can be "All", "None", or any combination of the keywords:

Options FileInfo AuthConfig Limit

AllowOverride None

Controls who can get stuff from this server.

Order allow,deny  
Allow from all


//对/var/www/html目录的一个权限的设置,options中Indexes表示当网页不存在的时候允许索引显示目录中的文件,FollowSymLinks是否允许访问符号链接文件。有的选项有ExecCGI表是否使用CGI,如Options Includes ExecCGI FollowSymLinks表示允许服务器执行CGI及SSI,禁止列出目录。SymLinksOwnerMatch表示当符号链接的文件和目标文件为同一用户拥有时才允许访问。AllowOverrideNone表示不允许这个目录下的访问控制文件来改变这里的配置,这也意味着不用查看这个目录下的访问控制文件,修改为:AllowOverride All 表示允许.htaccess。Order对页面的访问控制顺序后面的一项是默认选项,如allow,deny则默认是deny,Allowfromall表示允许所有的用户,通过和上一项结合可以控制对网站的访问控制

UserDir: The name of the directory that is appended onto a user's home

directory if a ~user request is received.

The path to the end user account 'public_html' directory must be

accessible to the webserver userid. This usually means that ~userid

must have permissions of 711, ~userid/public_html must have permissions

of 755, and documents contained therein must be world-readable.

Otherwise, the client will only receive a "403 Forbidden" message.

See also: http://httpd.apache.org/docs/misc/FAQ.html#forbidden


#
# UserDir is disabled by default since it can confirm the presence
# of a username on the system (depending on home directory
# permissions).

UserDir disabled
//是否允许用户访问其家目录,默认是不允许

# To enable requests to /~user/ to serve the user's public\_html  
# directory, remove the "UserDir disabled" line above, and uncomment  
# the following line instead:  
#  
#UserDir public\_html

Control access to UserDir directories. The following is an example

for a site where these directories are restricted to read-only.

#

AllowOverride FileInfo AuthConfig Limit

Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec

Order allow,deny

Allow from all

Order deny,allow

Deny from all

#
//如果允许访问用户的家目录中的网页文件,则取消以上注释,并对其中进行修改

DirectoryIndex: sets the file that Apache will serve if a directory

is requested.

The index.html.var file (a type-map) is used to deliver content-

negotiated documents. The MultiViews Option can be used for the

same purpose, but it is much slower.

DirectoryIndex index.html index.html.var
//指定所要访问的主页的默认主页名字,默认首页文件名为index.html

AccessFileName: The name of the file to look for in each directory

for additional configuration directives. See also the AllowOverride

directive.

AccessFileName .htaccess
//定义每个目录下的访问控制文件名,缺省为.htaccess

The following lines prevent .htaccess and .htpasswd files from being

viewed by Web clients.

Order allow,deny Deny from all Satisfy All
//控制不让web上的用户来查看.htpasswd和.htaccess这两个文件

TypesConfig describes where the mime.types file (or equivalent) is

to be found.

TypesConfig /etc/mime.types
//用于设置保存有不同MIME类型数据的文件名

DefaultType is the default MIME type the server will use for a document

if it cannot otherwise determine one, such as from filename extensions.

If your server contains mostly text or HTML documents, "text/plain" is

a good value. If most of your content is binary, such as applications

or images, you may want to use "application/octet-stream" instead to

keep browsers from trying to display binary files as though they are

text.

DefaultType text/plain
#默认的网页的类型

The mod_mime_magic module allows the server to use various hints from the

contents of the file itself to determine its type. The MIMEMagicFile

directive tells the module where the hint definitions are located.

MIMEMagicFile /usr/share/magic.mime

MIMEMagicFile conf/magic  


//指定判断文件真实MIME类型功能的模块

HostnameLookups: Log the names of clients or just their IP addresses

e.g., www.apache.org (on) or 204.62.129.132 (off).

The default is off because it'd be overall better for the net if people

had to knowingly turn this feature on, since enabling it means that

each client request will result in AT LEAST one lookup request to the

nameserver.

HostnameLookups Off
/打开此项功能时,在记录日志的时候同时记录主机名,这需要服务器来反向解析域名,增加了服务器的负载,通常不建议开启

EnableMMAP: Control whether memory-mapping is used to deliver

files (assuming that the underlying OS supports it).

The default is on; turn this off if you serve from NFS-mounted

filesystems. On some systems, turning it off (regardless of

filesystem) can improve performance; for details, please see

http://httpd.apache.org/docs/2.2/mod/core.html#enablemmap

EnableMMAP off
//是否允许内存映射:如果httpd在传送过程中需要读取一个文件的内容,它是否可以使用内存映射。如果为on表示如果操作系统支持的话,将使用内存映射。在一些多核处理器的系统上,这可能会降低性能,如果在挂载了NFS的DocumentRoot上如果开启此项功能,可能造成因为分段而造成httpd崩溃

EnableSendfile: Control whether the sendfile kernel support is

used to deliver files (assuming that the OS supports it).

The default is on; turn this off if you serve from NFS-mounted

filesystems. Please see

http://httpd.apache.org/docs/2.2/mod/core.html#enablesendfile

EnableSendfile off
//个指令控制httpd是否可以使用操作系统内核的sendfile支持来将文件发送到客户端。默认情况下,当处理一个请求并不需要访问文件内部的数据时(比如发送一个静态的文件内容),如果操作系统支持,Apache将使用sendfile将文件内容直接发送到客户端而并不读取文件

ErrorLog: The location of the error log file.

If you do not specify an ErrorLog directive within a

container, error messages relating to that virtual host will be

logged here. If you *do* define an error logfile for a

container, that host's errors will be logged there and not here.

ErrorLog logs/error_log
//错误日志存放的位置

LogLevel: Control the number of messages logged to the error_log.

Possible values include: debug, info, notice, warn, error, crit,

alert, emerg.

LogLevel warn
//Apache日志的级别

The following directives define some format nicknames for use with

a CustomLog directive (see below).

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
//定义了日志的格式,并用不同的代号表示

"combinedio" includes actual counts of actual bytes received (%I) and sent (%O); this

requires the mod_logio module to be loaded.

#LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio

The location and format of the access logfile (Common Logfile Format).

If you do not define any access logfiles within a

container, they will be logged here. Contrariwise, if you *do*

define per- access logfiles, transactions will be

logged therein and *not* in this file.

CustomLog logs/access_log common
//日志记录的位置,这里面使用了相对路径,所以ServerRoot需要指出,日志位置就存放在/etc/httpd/logs

If you would like to have separate agent and referer logfiles, uncomment

the following directives.

#CustomLog logs/referer_log referer
#CustomLog logs/agent_log agent

For a single logfile with access, agent, and referer information

(Combined Logfile Format), use the following directive:

CustomLog logs/access_log combined

Optionally add a line containing the server version and virtual host

name to server-generated pages (internal error documents, FTP directory

listings, mod_status and mod_info output etc., but not CGI generated

documents or custom error documents).

Set to "EMail" to also include a mailto: link to the ServerAdmin.

Set to one of: On | Off | EMail

#

ServerSignature On
//当客户请求的网页不存在,或者错误的时候是否提示apache的版本的一些信息

Aliases: Add here as many aliases as you need (with no limit). The format is

Alias fakename realname

Note that if you include a trailing / on fakename then the server will

require it to be present in the URL. So "/icons" isn't aliased in this

example, only "/icons/". If the fakename is slash-terminated, then the

realname must also be slash terminated, and if the fakename omits the

trailing slash, the realname must also omit it.

We include the /icons/ alias for FancyIndexed directory listings. If you

do not use FancyIndexing, you may comment this out.

Alias /icons/ "/var/www/icons/"
//义一些不在DocumentRoot下的文件,而可以将其映射到网页根目录中,这也是访问其他目录的一种方法,但在声明的时候切记目录后面加”/”

Options Indexes MultiViews FollowSymLinks AllowOverride None Order allow,deny Allow from all
//定义对/var/www/icons/的权限,修改为 Options MultiViews FollowSymLinks表示不在浏览器上显示树状目录结构

WebDAV module configuration section.

# Location of the WebDAV lock database. DAVLockDB /var/lib/dav/lockdb
//对mod_dav_fs.c模块儿的管理

ScriptAlias: This controls which directories contain server scripts.

ScriptAliases are essentially the same as Aliases, except that

documents in the realname directory are treated as applications and

run by the server when requested rather than as documents sent to the client.

The same rules about trailing "/" apply to ScriptAlias directives as to

Alias.

#

ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
//对CGI模块儿的的别名,与Alias相似

"/var/www/cgi-bin" should be changed to whatever your ScriptAliased

CGI directory exists, if you have that configured.

//对/var/www/cgi-bin文件夹的管理,方法同上
AllowOverride None Options None Order allow,deny Allow from all

Redirect allows you to tell clients about documents which used to exist in

your server's namespace, but do not anymore. This allows you to tell the

clients where to look for the relocated document.

Example:

Redirect permanent /foo http://www.example.com/bar
//Redirect参数是用来重写URL的,当浏览器访问服务器上的一个已经不存在的资源的时候,服务器返回给浏览器新的URL,告诉浏览器从该URL中获取资源。这主要用于原来存在于服务器上的文档改变位置之后,又需要能够使用老URL能访问到原网页

Directives controlling the display of server-generated directory listings.

#

IndexOptions: Controls the appearance of server-generated directory

listings.

IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable Charset=UTF-8
//当一个HTTP请求的URL为一个目录的时候,服务器返回这个目录中的索引文件,如果目录中不存在索引文件,并且服务器有许可显示目录文件列表的时候,就会显示这个目录中的文件列表,为了使得这个文件列表能具有可理解性,而不仅仅是一个简单的列表,就需要前这些参数。如果使用了IndexOptionsFancyIndexing选项,可以让服务器针对不同的文件引用不同的图标。如果没有就使用DefaultIcon定义缺省图标。同样,使用AddDescription可以为不同类型的文档介入描述

AddIcon* directives tell the server which icon to show for different

files or filename extensions. These are only displayed for

FancyIndexed directories.

#

//添加一些支持文件
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip

AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*

AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif /core

AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^

DefaultIcon is which icon to show for files which do not have an icon

explicitly set.

DefaultIcon /icons/unknown.gif

AddDescription allows you to place a short description after a file in

server-generated indexes. These are only displayed for FancyIndexed

directories.

Format: AddDescription "description" filename

#AddDescription "GZIP compressed document" .gz
#AddDescription "tar archive" .tar
#AddDescription "GZIP compressed tar archive" .tgz

ReadmeName is the name of the README file the server will look for by

default, and append to directory listings.

HeaderName is the name of a file which should be prepended to

directory indexes.

ReadmeName README.html
HeaderName HEADER.html

IndexIgnore is a set of filenames which directory indexing should ignore

and not include in the listing. Shell-style wildcarding is permitted.

IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t

DefaultLanguage and AddLanguage allows you to specify the language of

a document. You can then use content negotiation to give a browser a

file in a language the user can understand.

Specify a default language. This means that all data

going out without a specific language tag (see below) will

be marked with this one. You probably do NOT want to set

this unless you are sure it is correct for all cases.

* It is generally better to not mark a page as

* being a certain language than marking it with the wrong

* language!

DefaultLanguage nl

Note 1: The suffix does not have to be the same as the language

keyword --- those with documents in Polish (whose net-standard

language code is pl) may wish to use "AddLanguage pl .po" to

avoid the ambiguity with the common suffix for perl scripts.

Note 2: The example entries below illustrate that in some cases

the two character 'Language' abbreviation is not identical to

the two character 'Country' code for its country,

E.g. 'Danmark/dk' versus 'Danish/da'.

Note 3: In the case of 'ltz' we violate the RFC by using a three char

specifier. There is 'work in progress' to fix this and get

the reference data for rfc1766 cleaned up.

Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl)

English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de)

Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja)

Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn)

Norwegian (no) - Polish (pl) - Portugese (pt)

Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv)

Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW)

AddLanguage ca .ca
AddLanguage cs .cz .cs
AddLanguage da .dk
AddLanguage de .de
AddLanguage el .el
AddLanguage en .en
AddLanguage eo .eo
AddLanguage es .es
AddLanguage et .et
AddLanguage fr .fr
AddLanguage he .he
AddLanguage hr .hr
AddLanguage it .it
AddLanguage ja .ja
AddLanguage ko .ko
AddLanguage ltz .ltz
AddLanguage nl .nl
AddLanguage nn .nn
AddLanguage no .no
AddLanguage pl .po
AddLanguage pt .pt
AddLanguage pt-BR .pt-br
AddLanguage ru .ru
AddLanguage sv .sv
AddLanguage zh-CN .zh-cn
AddLanguage zh-TW .zh-tw

LanguagePriority allows you to give precedence to some languages

in case of a tie during content negotiation.

Just list the languages in decreasing order of preference. We have

more or less alphabetized them here. You probably want to change this.

LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW

ForceLanguagePriority allows you to serve a result page rather than

MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback)

[in case no accepted languages matched the available variants]

ForceLanguagePriority Prefer Fallback

Specify a default charset for all content served; this enables

interpretation of all content as UTF-8 by default. To use the

default browser choice (ISO-8859-1), or to allow the META tags

in HTML content to override this choice, comment out this

directive:

AddDefaultCharset UTF-8

AddType allows you to add to or override the MIME configuration

file mime.types for specific file types.

#AddType application/x-tar .tgz

AddEncoding allows you to have certain browsers uncompress

information on the fly. Note: Not all browsers support this.

Despite the name similarity, the following Add* directives have nothing

to do with the FancyIndexing customization directives above.

#AddEncoding x-compress .Z
#AddEncoding x-gzip .gz .tgz

If the AddEncoding directives above are commented-out, then you

probably should define those extensions to indicate media types:

AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz

MIME-types for downloading Certificates and CRLs

AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl

AddHandler allows you to map certain file extensions to "handlers":

actions unrelated to filetype. These can be either built into the server

or added with the Action directive (see below)

To use CGI scripts outside of ScriptAliased directories:

(You will also need to add "ExecCGI" to the "Options" directive.)

#AddHandler cgi-script .cgi

For files that include their own HTTP headers:

#AddHandler send-as-is asis

For type maps (negotiated resources):

(This is enabled by default to allow the Apache "It Worked" page

to be distributed in multiple languages.)

AddHandler type-map var

Filters allow you to process content before it is sent to the client.

To parse .shtml files for server-side includes (SSI):

(You will also need to add "Includes" to the "Options" directive.)

AddType text/html .shtml
AddOutputFilter INCLUDES .shtml

Action lets you define media types that will execute a script whenever

a matching file is called. This eliminates the need for repeated URL

pathnames for oft-used CGI file processors.

Format: Action media/type /cgi-script/location

Format: Action handler-name /cgi-script/location

#

Customizable error responses come in three flavors:

1) plain text 2) local redirects 3) external redirects

Some examples:

#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
#

Putting this all together, we can internationalize error responses.

We use Alias to redirect any /error/HTTP_.html.var response to

our collection of by-error message multi-language collections. We use

includes to substitute the appropriate text.

You can modify the messages' appearance without changing any of the

default HTTP_.html.var files by adding the line:

Alias /error/include/ "/your/include/path/"

which allows you to create your own set of files by starting with the

/var/www/error/include/ files and

copying them to /your/include/path/, even on a per-VirtualHost basis.

#

Alias /error/ "/var/www/error/"


<Directory "/var/www/error">  
    AllowOverride None  
    Options IncludesNoExec  
    AddOutputFilter Includes html  
    AddHandler type-map var  
    Order allow,deny  
    Allow from all  
    LanguagePriority en es de fr  
    ForceLanguagePriority Prefer Fallback  
</Directory>  

//对/var/www/error网页的权限及操作

ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var

ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var

ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var

ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var

ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var

ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var

ErrorDocument 410 /error/HTTP_GONE.html.var

ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var

ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var

ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var

ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var

ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var

ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var

ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var

ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var

ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var

ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var


The following directives modify normal HTTP response behavior to

handle known problems with browser implementations.

BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0

The following directive disables redirects on non-GET requests for

a directory that does not include the trailing slash. This fixes a

problem with Microsoft WebFolders which does not appropriately handle

redirects for folders with DAV methods.

Same deal with Apple's DAV filesystem and Gnome VFS support for DAV.

//设置特殊的参数,以保证对老版本浏览器的兼容,并支持新浏览器的特性
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
BrowserMatch "MS FrontPage" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
BrowserMatch "^gnome-vfs/1.0" redirect-carefully
BrowserMatch "^XML Spy" redirect-carefully
BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully

Allow server status reports generated by mod_status,

with the URL of http://servername/server-status

Change the ".example.com" to match your domain to enable.

#

SetHandler server-status

Order deny,allow

Deny from all

Allow from .example.com

#

Allow remote server configuration reports, with the URL of

http://servername/server-info (requires that mod_info.c be loaded).

Change the ".example.com" to match your domain to enable.

#

SetHandler server-info

Order deny,allow

Deny from all

Allow from .example.com

#

Proxy Server directives. Uncomment the following lines to

enable the proxy server:

#
#ProxyRequests On

#

Order deny,allow

Deny from all

Allow from .example.com

#

Enable/disable the handling of HTTP/1.1 "Via:" headers.

("Full" adds the server version; "Block" removes all outgoing Via: headers)

Set to one of: Off | On | Full | Block

#ProxyVia On

To enable a cache of proxied content, uncomment the following lines.

See http://httpd.apache.org/docs/2.2/mod/mod_cache.html for more details.

#

CacheEnable disk /

CacheRoot "/var/cache/mod_proxy"

#
#

#

End of proxy directives.

Section 3: Virtual Hosts

VirtualHost: If you want to maintain multiple domains/hostnames on your

machine you can setup VirtualHost containers for them. Most configurations

use only name-based virtual hosts so the server doesn't need to worry about

IP addresses. This is indicated by the asterisks in the directives below.

Please see the documentation at

for further details before you try to setup virtual hosts.

You may use the command line option '-S' to verify your virtual host

configuration.

Use name-based virtual hosting.

#NameVirtualHost *:80

NOTE: NameVirtualHost cannot be used without a port specifier

(e.g. :80) if mod_ssl is being used, due to the nature of the

SSL protocol.

#

//虚拟主机配置

VirtualHost example:

Almost any Apache directive may go into a VirtualHost container.

The first VirtualHost section is used for requests without a known

server name.

#

ServerAdmin webmaster@dummy-host.example.com

DocumentRoot /www/docs/dummy-host.example.com

ServerName dummy-host.example.com

ErrorLog logs/dummy-host.example.com-error_log

CustomLog logs/dummy-host.example.com-access_log common

#