Apache Reference Manual (10)
更新时间:2016年11月25日 15:17 点击:2448
Satisfy directive
Syntax: Satisfy 'any' or 'all'
Default: Satisfy all
Context: directory, .htaccess
Status: core
Compatibility: Satisfy is only available in Apache 1.2 and later
Access policy if both allow and require used. The parameter can be either 'all' or 'any'. This directive is only useful if access to a particular area is being restricted by both username/password and client host address. In this case the default behavior ("all") is to require that the client passes the address access restriction and enters a valid username and password. With the "any" option the client will be granted access if they either pass the host restriction or enter a valid username and password. This can be used to password restrict an area, but to let clients from particular addresses in without prompting for a password.
See also require and mod_access.
--------------------------------------------------------------------------------
ScoreBoardFile directive
Syntax: ScoreBoardFile filename
Default: ScoreBoardFile logs/apache_status
Context: server config
Status: core
The ScoreBoardFile directive is required on some architectures to place a file that the server will use to communicate between its children and the parent. The easiest way to find out if your architecture requires a scoreboard file is to run Apache and see if it creates the file named by the directive. If your architecture requires it then you must ensure that this file is not used at the same time by more than one invocation of Apache.
If you have to use a ScoreBoardFile then you may see improved speed by placing it on a RAM disk. But be careful that you heed the same warnings about log file placement and security.
Apache 1.2 and above:
Linux 1.x users might be able to add -DHAVE_SHMGET -DUSE_SHMGET_SCOREBOARD to the EXTRA_CFLAGS in your Configuration. This might work with some 1.x installations, but won't work with all of them. (Prior to 1.3b4, HAVE_SHMGET would have sufficed.)
#ExtendedStatus On <br>
Apache服务器可以通过特殊的HTTP请求,来报告自身的运行状态,打开这个 <br>
ExtendedStatus 参数可以让服务器报告更全面的运行状态信息。
<br>
主服务器设置 <br>
Apache服务器需要各种设置,以定义自己使用各种参数以提供Web服务。对于使用虚拟主机的情况,除了在虚拟主机的定义项中覆盖的设置之外(有的设置必须重新定义),这里的设置也是虚拟主机的缺省设置。
<br>
Port 80 <br>
Port定义了Standalone模式下httpd守护进程使用的端口,标准端口是80。这个选项只对于以独立方式启动的服务器才有效,对于以inetd方式启动的服务器则在inetd.conf中定义使用哪个端口。
<br>
在Unix下使用80端口需要root权限,一些管理员为了安全的原因,认为 httpd 服务器不可能没有安全漏洞,因而更愿意使用普通用户的权限来启动服务器,这样就不能使用80端口及其他小于1024的端口,而必须使用大于 1024的端口来启动httpd,一般情况下8000或8080也是常用的端口。而Apache httpd服务器本身可以在以root权限打开80端口后再改变为普通用户身份进行运行,这样就减少了危险性,因而就不需要考虑这个安全问题。但是如果普通用户也想安装配置自己的WWW服务器,那么就不得不使用大于1024的端口。
<br>
User nobody <br>
Group nogroup <br>
User和Group配置是Apache的安全保证,Apache在打开端口之后,就将其本身设置为这两个选项设置的用户和组权限进行运行,这样就降低了服务器的危险性。这个选项也只用于 Standalone模式,inetd模式在inetd.conf中指定运行Apache的用户。由于服务器必须执行改变身份的setuid()操作,因此初始进程应该具备root权限,如果是使用非root用户来启动Aapche,这个配置就不会发挥作用。
<br>
缺省设置为nobody和nogroup,这个用户和组在系统中不拥有文件,保证了服务器本身和由它启动的CGI 进程没有权限更改文件系统。在某些情况下,例如为了运行CGI与Unix交互,也需要让服务器来访问服务器上的文件,如果仍然使用nobody和nogroup,那么系统中将会出现属于nobody的文件,这对于系统安全是不利的,因为其他程序也会以nobody和nogroup的权限执行某些操作,就有可能访问这些nobody拥有的文件,造成安全问题。一般情况下要为Web服务设定一个特定的用户和组,同时在这里更改用户和组设置。
<FilesMatch>
Syntax: <FilesMatch regex> ... </FilesMatch>
Context: server config, virtual host, .htaccess
Status: core
Compatibility: only available in Apache 1.3 and above.
The <FilesMatch> directive provides for access control by filename, just as the <Files> directive does. However, it accepts a regular expression. For example:
<FilesMatch ".(gif|jpe?g|png)$">
would match most common Internet graphics formats.
See also: How Directory, Location and Files sections work for an explanation of how these different sections are combined when a request is received
--------------------------------------------------------------------------------
Group directive
Syntax: Group unix-group
Default: Group #-1
Context: server config, virtual host
Status: core
The Group directive sets the group under which the server will answer requests. In order to use this directive, the stand-alone server must be run initially as root. Unix-group is one of:
A group name
Refers to the given group by name.
# followed by a group number.
Refers to a group by its number.
It is recommended that you set up a new group specifically for running the server. Some admins use user nobody, but this is not always possible or desirable.
Note: if you start the server as a non-root user, it will fail to change to the specified group, and will instead continue to run as the group of the original user.
Special note: Use of this directive in <VirtualHost> requires a properly configured suEXEC wrapper. When used inside a <VirtualHost> in this manner, only the group that CGIs are run as is affected. Non-CGI requests are still processed as the group specified in the main Group directive.
SECURITY: See User for a discussion of the security considerations.
--------------------------------------------------------------------------------
MaxRequestsPerChild directive
Syntax: MaxRequestsPerChild number
Default: MaxRequestsPerChild 0
Context: server config
Status: core
The MaxRequestsPerChild directive sets the limit on the number of requests that an individual child server process will handle. After MaxRequestsPerChild requests, the child process will die. If MaxRequestsPerChild is 0, then the process will never expire.
Setting MaxRequestsPerChild to a non-zero limit has two beneficial effects:
it limits the amount of memory that process can consume by (accidental) memory leakage;
by giving processes a finite lifetime, it helps reduce the number of processes when the server load reduces.
This directive has no effect on Win32.
NOTE: For KeepAlive requests, only the first request is counted towards this limit. In effect, it changes the behavior to limit the number of connections per child.
--------------------------------------------------------------------------------
MaxSpareServers directive
Syntax: MaxSpareServers number
Default: MaxSpareServers 10
Context: server config
Status: core
The MaxSpareServers directive sets the desired maximum number of idle child server processes. An idle process is one which is not handling a request. If there are more than MaxSpareServers idle, then the parent process will kill off the excess processes.
Tuning of this parameter should only be necessary on very busy sites. Setting this parameter to a large number is almost always a bad idea.
This directive has no effect when used with the Apache Web server on a Microsoft Windows platform.
See also MinSpareServers and StartServers.
--------------------------------------------------------------------------------
MinSpareServers directive
Syntax: MinSpareServers number
Default: MinSpareServers 5
Context: server config
Status: core
The MinSpareServers directive sets the desired minimum number of idle child server processes. An idle process is one which is not handling a request. If there are fewer than MinSpareServers idle, then the parent process creates new children at a maximum rate of 1 per second.
php: PHP Version 5.0.0b4
apache: Apache/2.0.49 (Win32)
1,做为cgi来运行
2,做为module来运行
1,做为apache2的cgi运行
ScriptAlias /php/ "c:/php/"
AddType application/x-httpd-php .php
Action application/x-httpd-php "/php/php-cgi.exe"
上面的代码添加到httpd.conf
2,做为apache的模块运行
LoadModule php5_module "c:/php/sapi/php5apache2.dll"
AddType application/x-httpd-php .php
上面的代码添加到httpd.conf
Syntax: Satisfy 'any' or 'all'
Default: Satisfy all
Context: directory, .htaccess
Status: core
Compatibility: Satisfy is only available in Apache 1.2 and later
Access policy if both allow and require used. The parameter can be either 'all' or 'any'. This directive is only useful if access to a particular area is being restricted by both username/password and client host address. In this case the default behavior ("all") is to require that the client passes the address access restriction and enters a valid username and password. With the "any" option the client will be granted access if they either pass the host restriction or enter a valid username and password. This can be used to password restrict an area, but to let clients from particular addresses in without prompting for a password.
See also require and mod_access.
--------------------------------------------------------------------------------
ScoreBoardFile directive
Syntax: ScoreBoardFile filename
Default: ScoreBoardFile logs/apache_status
Context: server config
Status: core
The ScoreBoardFile directive is required on some architectures to place a file that the server will use to communicate between its children and the parent. The easiest way to find out if your architecture requires a scoreboard file is to run Apache and see if it creates the file named by the directive. If your architecture requires it then you must ensure that this file is not used at the same time by more than one invocation of Apache.
If you have to use a ScoreBoardFile then you may see improved speed by placing it on a RAM disk. But be careful that you heed the same warnings about log file placement and security.
Apache 1.2 and above:
Linux 1.x users might be able to add -DHAVE_SHMGET -DUSE_SHMGET_SCOREBOARD to the EXTRA_CFLAGS in your Configuration. This might work with some 1.x installations, but won't work with all of them. (Prior to 1.3b4, HAVE_SHMGET would have sufficed.)
#ExtendedStatus On <br>
Apache服务器可以通过特殊的HTTP请求,来报告自身的运行状态,打开这个 <br>
ExtendedStatus 参数可以让服务器报告更全面的运行状态信息。
<br>
主服务器设置 <br>
Apache服务器需要各种设置,以定义自己使用各种参数以提供Web服务。对于使用虚拟主机的情况,除了在虚拟主机的定义项中覆盖的设置之外(有的设置必须重新定义),这里的设置也是虚拟主机的缺省设置。
<br>
Port 80 <br>
Port定义了Standalone模式下httpd守护进程使用的端口,标准端口是80。这个选项只对于以独立方式启动的服务器才有效,对于以inetd方式启动的服务器则在inetd.conf中定义使用哪个端口。
<br>
在Unix下使用80端口需要root权限,一些管理员为了安全的原因,认为 httpd 服务器不可能没有安全漏洞,因而更愿意使用普通用户的权限来启动服务器,这样就不能使用80端口及其他小于1024的端口,而必须使用大于 1024的端口来启动httpd,一般情况下8000或8080也是常用的端口。而Apache httpd服务器本身可以在以root权限打开80端口后再改变为普通用户身份进行运行,这样就减少了危险性,因而就不需要考虑这个安全问题。但是如果普通用户也想安装配置自己的WWW服务器,那么就不得不使用大于1024的端口。
<br>
User nobody <br>
Group nogroup <br>
User和Group配置是Apache的安全保证,Apache在打开端口之后,就将其本身设置为这两个选项设置的用户和组权限进行运行,这样就降低了服务器的危险性。这个选项也只用于 Standalone模式,inetd模式在inetd.conf中指定运行Apache的用户。由于服务器必须执行改变身份的setuid()操作,因此初始进程应该具备root权限,如果是使用非root用户来启动Aapche,这个配置就不会发挥作用。
<br>
缺省设置为nobody和nogroup,这个用户和组在系统中不拥有文件,保证了服务器本身和由它启动的CGI 进程没有权限更改文件系统。在某些情况下,例如为了运行CGI与Unix交互,也需要让服务器来访问服务器上的文件,如果仍然使用nobody和nogroup,那么系统中将会出现属于nobody的文件,这对于系统安全是不利的,因为其他程序也会以nobody和nogroup的权限执行某些操作,就有可能访问这些nobody拥有的文件,造成安全问题。一般情况下要为Web服务设定一个特定的用户和组,同时在这里更改用户和组设置。
<FilesMatch>
Syntax: <FilesMatch regex> ... </FilesMatch>
Context: server config, virtual host, .htaccess
Status: core
Compatibility: only available in Apache 1.3 and above.
The <FilesMatch> directive provides for access control by filename, just as the <Files> directive does. However, it accepts a regular expression. For example:
<FilesMatch ".(gif|jpe?g|png)$">
would match most common Internet graphics formats.
See also: How Directory, Location and Files sections work for an explanation of how these different sections are combined when a request is received
--------------------------------------------------------------------------------
Group directive
Syntax: Group unix-group
Default: Group #-1
Context: server config, virtual host
Status: core
The Group directive sets the group under which the server will answer requests. In order to use this directive, the stand-alone server must be run initially as root. Unix-group is one of:
A group name
Refers to the given group by name.
# followed by a group number.
Refers to a group by its number.
It is recommended that you set up a new group specifically for running the server. Some admins use user nobody, but this is not always possible or desirable.
Note: if you start the server as a non-root user, it will fail to change to the specified group, and will instead continue to run as the group of the original user.
Special note: Use of this directive in <VirtualHost> requires a properly configured suEXEC wrapper. When used inside a <VirtualHost> in this manner, only the group that CGIs are run as is affected. Non-CGI requests are still processed as the group specified in the main Group directive.
SECURITY: See User for a discussion of the security considerations.
--------------------------------------------------------------------------------
MaxRequestsPerChild directive
Syntax: MaxRequestsPerChild number
Default: MaxRequestsPerChild 0
Context: server config
Status: core
The MaxRequestsPerChild directive sets the limit on the number of requests that an individual child server process will handle. After MaxRequestsPerChild requests, the child process will die. If MaxRequestsPerChild is 0, then the process will never expire.
Setting MaxRequestsPerChild to a non-zero limit has two beneficial effects:
it limits the amount of memory that process can consume by (accidental) memory leakage;
by giving processes a finite lifetime, it helps reduce the number of processes when the server load reduces.
This directive has no effect on Win32.
NOTE: For KeepAlive requests, only the first request is counted towards this limit. In effect, it changes the behavior to limit the number of connections per child.
--------------------------------------------------------------------------------
MaxSpareServers directive
Syntax: MaxSpareServers number
Default: MaxSpareServers 10
Context: server config
Status: core
The MaxSpareServers directive sets the desired maximum number of idle child server processes. An idle process is one which is not handling a request. If there are more than MaxSpareServers idle, then the parent process will kill off the excess processes.
Tuning of this parameter should only be necessary on very busy sites. Setting this parameter to a large number is almost always a bad idea.
This directive has no effect when used with the Apache Web server on a Microsoft Windows platform.
See also MinSpareServers and StartServers.
--------------------------------------------------------------------------------
MinSpareServers directive
Syntax: MinSpareServers number
Default: MinSpareServers 5
Context: server config
Status: core
The MinSpareServers directive sets the desired minimum number of idle child server processes. An idle process is one which is not handling a request. If there are fewer than MinSpareServers idle, then the parent process creates new children at a maximum rate of 1 per second.
php: PHP Version 5.0.0b4
apache: Apache/2.0.49 (Win32)
1,做为cgi来运行
2,做为module来运行
1,做为apache2的cgi运行
ScriptAlias /php/ "c:/php/"
AddType application/x-httpd-php .php
Action application/x-httpd-php "/php/php-cgi.exe"
上面的代码添加到httpd.conf
2,做为apache的模块运行
LoadModule php5_module "c:/php/sapi/php5apache2.dll"
AddType application/x-httpd-php .php
上面的代码添加到httpd.conf
相关文章
- 这篇文章主要给大家介绍的是关于Lua语言新手入门的简单教程,文中通过示例代码一步步介绍的非常详细,对各位新手们的入门提供了一个很方便的教程,需要的朋友可以参考借鉴,下面随着小编来一起学习学习吧。...2020-06-30
- 最近在工作中遇到了一个问题,通过查找相关资料才得知原因是因为返回结果的问题,下面这篇文章主要给大家介绍了关于lua读取redis数据的null判断的相关资料,文中通过示例代码介绍的非常详细,需要的朋友可以参考下...2020-06-30
Django def clean()函数对表单中的数据进行验证操作
这篇文章主要介绍了Django def clean()函数对表单中的数据进行验证操作,具有很好的参考价值,希望对大家有所帮助。一起跟随小编过来看看吧...2020-07-09- 这篇文章主要介绍了C#中out与ref的区别实例解析,对C#初学者有不错的学习借鉴价值,需要的朋友可以参考下...2020-06-25
- 这篇文章主要介绍了记一次EFCore类型转换错误及解决方案,帮助大家更好的理解和学习使用asp.net core,感兴趣的朋友可以了解下...2021-09-22
Apache启动报错No space left on device: AH00023该怎么解决
Apache启动报错No space left on device: AH00023错误可能是进程导致了,虽然小编不知道什么原因但网上提供的解决办法确实是可以解决我们的问题,下面来看看。对于这类错误是因为linux系统的ipc信号量造成的,apache启动时...2015-10-21- 这篇文章主要介绍了Vue3中的三种函数,分别对reactive函数toRef函数以及ref函数原理及使用作了简单介绍,有需要的朋友可以借鉴参考下...2021-09-24
- 有过C#基础知识的都应该清楚Ref和Out的使用方法,所以下面这篇文章主要给大家介绍了关于c#基础系列之ref和out的相关资料,文中通过示例代码介绍的非常详细,需要的朋友可以参考借鉴,下面随着小编来一起学习学习吧...2020-06-25
- 本文我们将分享apache配置黑名单和白名单,apache层的账户权限控制,以及apache黑名单白名单过滤功能,apache rewrite规则实现白名单。 apache配置黑名单和白名单的两...2016-09-14
- 这篇文章主要介绍了Lua判断变量是否为数字、字符串是否可以转换为数字等,本文讲解了Lua 判断是字符还是数字的方法、Lua判断数字的方法、判断可否转换为数字的方法、判断并且准备一个初值的方法,需要的朋友可以参考下...2020-06-30
- 今天在用百度工具检测时发,发现有个提示如下 原来可以开启gzip啊,因为我的是apache所以和iis不同,经过网站搜索开启方法如下 一,找到你的httpd.conf文件,打开找到如下 ...2016-01-28
解决PHPstudy Apache无法启动的问题【亲测有效】
这篇文章主要介绍了PHPstudy Apache无法启动的问题及解决方法【亲测有效】,本文给大家总结了三种方法供大家参考,需要的朋友可以参考下...2020-10-30apache http server遇到了一个问题,需要关闭
重装系统后,重新安装了xamp,最近启动的时候经常报apache http server遇到了一个问题,需要关闭,显示如图: 解决方法:查看szModName报错的模块,然后把PHP安装目录下对应的模块...2016-01-28Windows Server 2016 上配置 APACHE+SSL+PHP+perl的教程详解
Windows Server 2016 上配置 APACHE+SSL+PHP+perl怎么配置?小编推荐了一篇介绍Windows Server 2016 上配置 APACHE+SSL+PHP+perl的教程,有需要的同学快来看看吧! ...2017-07-06nginx+apache+mysql+php+memcached+squid搭建集群web环境
当前,LAMP开发模式是WEB开发的首选,如何搭建一个高效、可靠、稳定的WEB服务器一直是个热门主题,本文就是这个主题的一次尝试。...2016-01-27- 众所周知,react推出了hooks之后,很多项目就开始往hooks上靠拢,所以也就出现了class和hooks交叉使用的项目。这个时候使用ref需要注意一些东西...2021-06-20
- 今天小编就为大家分享一篇关于Lua流程控制语句if else的使用示例,小编觉得内容挺不错的,现在分享给大家,具有很好的参考价值,需要的朋友一起跟随小编来看看吧...2020-06-30
- 这篇文章主要介绍了隐藏Nginx或Apache以及PHP的版本号的方法,主要用来防止针对性的漏洞攻击,需要的朋友可以参考下...2016-01-05
- 默认情况下,apache安装完以后,是不允许被cache的。如果外接了cache或squid服务器要求进行web加速的话,就需要在htttpd.conf里进行设置,当然前提是在安装apache的时候要激活mod_c...2016-01-28
Lua的table库函数insert、remove、concat、sort详细介绍
这篇文章主要介绍了Lua的table库函数insert、remove、concat、sort详细介绍,本文分别给出了这几个函数的使用实例,需要的朋友可以参考下...2020-06-30