httpd配置详解

配置文件说明

###################文件说明###################
#This is the main Apache HTTP server configuration file.  Itcontains the
# configuration directives that give the server itsinstructions.
# See for detailed information.
# In particular, see
#
#for a discussion of each configuration directive.
#
# Do NOTsimply read the instructions in here without understanding
# whatthey do.  They're here only as hints or reminders.  If youare unsure
# consult the online docs. You have been warned. 
###################
配置说明##########################
#Configuration and logfile names: If the filenames you specify formany
# of the server's control files begin with "/" (or"drive:/" for Win32), the
# server will use thatexplicit path.  If the filenames do *not* begin
# with "/",the value of ServerRoot is prepended -- so "logs/foo_log"
#with ServerRoot set to "/usr/local/apache" will beinterpreted by the
# server as"/usr/local/apache/logs/foo_log".
#
如果包含的配置文件以根目录/开始,则使用指出的明确路径,要是非根目录开始,则路径为:查找路径=ServerRoot目录+所写目录
##################
软件主目录################
#ServerRoot: The top of the directory tree under which the server's
#configuration, error, and log files are kept.
#
# Do not add aslash at the end of the directory path.  If you point
#ServerRoot at a non-local disk, be sure to point the LockFiledirective
# at a local disk.  If you wish to share the sameServerRoot for multiple
# httpd daemons, you will need to changeat least LockFile andPidFile.
#
#ServerRoot
:服务配置文件,/日志,错误日志等的根目录,即软件所在目录。
#
注意不要再目录后加/,如果目录非本地磁盘,要先在本地磁盘使用LockFile指令来指明。如果要为多个httpd程序共享根目录,需要至少改变LockFilePidFile。即,要保证apache的进程文件的独占性。
ServerRoot"/usr/local/apache"
#################
监听端口和IP############################
#
#Listen: Allows you to bind Apache to specific IP addresses and/or
#ports, instead of the default. See also the
# directive.
#
#Change this to Listen on specific IP addresses as shown below to
#prevent Apache from glomming onto all bound IP addresses.
#
#Listen12.34.56.78:80
#apache
程序运行的监听IP地址和端口,即http访问地址+端口,默认80
Listen80
#####################
要加载的DSO模块##########################
#
#Dynamic Shared Object (DSO) Support
#
# To be able to use thefunctionality of a module which was built as a DSO you
# have toplace corresponding `LoadModule' lines at this location so the
#directives contained in it are actually available _before_ they areused.
# Statically compiled modules (those listed by `httpd -l')do not need
# to be loadedhere.
#
需要动态加载的DSO模块写在这里以使程序启动时加载。格式如例子所述,静态编译的模块不需要写在这里,由httpd-l来加载静态模块
#Example:
# LoadModule foo_module modules/mod_foo.so
#



#
NetWarewinnt模式下
#
#If you wish httpd to run as a different user or group, you must run
#httpd as root initially and it will switch. 
#
#User/Group: The name (or #number) of the user/group to run httpdas.
# It is usually good practice to create a dedicated user andgroup for
# running httpd, as with most systemservices.
####################
软件运行用户设定###################
#
如果要更换不同的用户或组来运行apache,你必须先以root运行,然后他将会切换到所设置用户。跟大多数的系统服务一样,为apache单独建立一个用户和组来运行它是一个很好的做法。(注意,此项是设置在非NetWare和非win系统下才需配置,否则无需配置)
Userdaemon
Group daemon



######################Apache
主配置部分###############
###############
概要说明##########
#'Main' server configuration
#
# The directives in this sectionset up the values used by the 'main'
# server, which responds toany requests that aren't handled by a
#
# any
#
# Allof these directives may appear inside
# in which case thesedefault settings will be overridden for the
# virtual host beingdefined.
#
#
主站点的配置选项,该选项的配置为主机配置的默认值,如果定义了虚拟主机,里面的命令会覆盖此处的值,否则使用该处配置的值。
#
#ServerAdmin: Your address, where problems with the server should be
#e-mailed.  This address appears on some server-generated pages,such
# as error documents.  [email protected]
##############
服务器联系人#############
ServerAdmin
[email protected]

##################服务器网站域名指定###############
#ServerName gives the name and port that the server uses to identifyitself.
# This can often be determined automatically, but werecommend you specify
# it explicitly to prevent problems duringstartup.
#
# If your host doesn't have a registered DNS name,enter its IP addresshere.
#
服务器域名指定。这里一般可以自动识别,也可以给出域名和端口以明确指定(虚拟主机多用此选项),如果没有注册DNS,可以使用IP地址。
#ServerName
www.example.com:80

################网站根目录#############
#DocumentRoot: The directory out of which you will serve your
#documents. By default, all requests are taken from this directory,but
# symbolic links and aliases may be used to point to otherlocations.
#
站点根目录。一般网站请求直接来此处寻找网页,但是动态链接或别名可能被使用从而指向其他地点。
DocumentRoot"/usr/local/apache/htdocs"

##################网站目录全局设置##############
#Each directory to which Apache has access can be configured withrespect
# to which services and features are allowed and/ordisabled in that
# directory (and its subdirectories).
#apache
能访问的每一个目录都可以配置哪些特性能开启禁用,特性设置对子目录有效。默认给出的是一个非常严格的特性设置。
#First, we configure the "default" to be a very restrictiveset of
# features. 
#
#Options
指令控制了在特定目录中将使用哪些服务器特性。其值如下:NoneAll Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGIMultiViews
#option
可以为None,在这种情况下,将不启用任何额外特性。或设置为以下选项中的一个或多个:
#All
:除MultiViews之外的所有特性。这是默认设置。
#ExecCGI
:允许使用mod_cgi执行CGI脚本。
#FollowSymLinks
:服务器允许在此目录中使用符号连接。注意:即使服务器会使用符号连接,但它不会改变用于匹配
#Includes
:允许使用mod_include提供的服务器端包含。
#IncludesNOEXEC
:允许服务器端包含,但禁用"#execcmd""#execcgi"。但仍可以从ScriptAlias目录使用"#includevirtual"虚拟CGI脚本。
#Indexes
:如果一个映射到目录的URL被请求,而此目录中又没有DirectoryIndex(例如:index.html),那么服务器会返回由mod_autoindex生成的一个格式化后的目录列表。
#MultiViews
:允许使用mod_negotiation提供内容协商的"多重视图"(MultiViews)
#SymLinksIfOwnerMatch
:服务器仅在符号连接与其目的目录或文件的拥有者具有相同的uid时才使用它。
#
一般来说,如果一个目录被多次设置了Options,则最特殊的一个会被完全接受(其它的被忽略),而各个可选项的设定彼此并不融合。然而,如果所有作用于Options指令的可选项前都加有"+""-"符号,此可选项将被合并。所有前面加有"+"号的可选项将强制覆盖当前的可选项设置,而所有前面有"-"号的可选项将强制从当前可选项设置中去除。

#AllowOverride指令控制允许存在于.htaccess文件中的指令类型,其值如下:OptionsFileInfo AuthConfig Limit AllNone
#
当服务器发现一个.htaccess文件(AccessFileName指定)时,它需要知道在这个文件中声明的哪些指令能覆盖在此之前指定的配置指令。AllowOverride仅在不包含正则表达式的
#
选项:
#AuthConfig
:允许使用与认证授权相关的指令(AuthDBMGroupFile,AuthDBMUserFile, AuthGroupFile, AuthName, AuthType, AuthUserFile,Require,)
#FileInfo
:允许使用控制文档类型的指令(DefaultType,ErrorDocument, ForceType, LanguagePriority, SetHandler,SetInputFilter, SetOutputFilter, mod_mime中的Add*Remove*指令等等)、控制文档元数据的指令(Header,RequestHeader, SetEnvIf, SetEnvIfNoCase, BrowserMatch, CookieExpires,CookieDomain, CookieStyle, CookieTracking,CookieName)mod_rewrite中的指令(RewriteEngine,RewriteOptions, RewriteBase, RewriteCond,RewriteRule)mod_actions中的Action指令。
#Indexes
:允许使用控制目录索引的指令(AddDescription,AddIcon, AddIconByEncoding, AddIconByType, DefaultIcon,DirectoryIndex, FancyIndexing, HeaderName, IndexIgnore, IndexOptions,ReadmeName, )
#Limit:
允许使用控制主机访问的指令(Allow,Deny, Order)
#Options[=Option,...]
允许使用控制指定目录功能的指令(OptionsXBitHack)。可以在等号后面附加一个逗号分隔的(无空格的)Options选项列表,用来控制允许Options指令使用哪些选项。

#Order指令:控制是否允许从服务器上获取东西,即控制默认的访问状态与AllowDeny指令生效的顺序
#Allow
指令:控制哪些主机能够访问服务器
#Deny
指令:控制哪些主机被禁止访问服务器

   Options FollowSymLinks
    AllowOverride None
   Order deny,allow
    Deny from all

#
#Note that from this point forward you must specifically allow
#particular features to be enabled - so if something's not workingas
# you might expect, make sure that you have specificallyenabled it
# below.
#

################网站主根目录设置############
#This should be changed to whatever you set DocumentRootto.
#
此处用于更改你将要设置的站点根目录

   #
    # Possible values for the Options directiveare "None", "All",
    # or anycombination of:
    #   Indexes IncludesFollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
   #
    # Note that "MultiViews" must benamed *explicitly* --- "Options All"
   # doesn't give it to you.
    #
   # The Options directive is both complicated and important. Please see
    #http://httpd.apache.org/docs/2.2/mod/core.html#options

   # for more information.
    #
   Options Indexes FollowSymLinks

    #
   # AllowOverride controls what directives may be placed in .htaccessfiles.
    # It can be "All", "None",or any combination of the keywords:
    #  Options FileInfo AuthConfig Limit
    #
   AllowOverride None

    #
   # Controls who can get stuff from this server.
   #
    Order allow,deny
    Allowfrom all

####################网站主页索引##############
#DirectoryIndex: sets the file that Apache will serve if a directory
#is requested.
#
在目录被请求是查找的主文件。即设置网站主页格式。

   DirectoryIndex index.html

###################ht文件等是否被查看设定##############
#The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
如下配置保护正则表达式中所描述的文件不被web所查看
#Satisfy
指令:同时使用AllowRequire时的访问策略。参数可以设置为AllAny。这个指令仅在某个特定区域的访问控制同时被用户名/密码和客户端主机地址进行限定的时候起作用。默认行为(All)采取客户端首先通过地址访问限制并且输入有效的用户名和密码的方式。使用可选项Any将使客户端在通过主机限制或是输入一个有效的用户名和密码两种方式之一得到访问权限。这样,就可以通过密码来限制一个区域的访问,但允许某些特定地址的客户端访问时不需要输入密码。

   Order allow,deny
    Deny from all
   Satisfy All

#################错误日志存储地点##############
#ErrorLog: The location of the error log file.
# If you do notspecify an ErrorLog directive within a
# container, errormessages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a
# container, thathost's errors will be logged there and nothere.
#
错误日志。如果虚拟主机未配置错误日志参数,则都写着次数,如果虚拟主机配置了此参数,则使用虚拟主机参数所定义的文件。
ErrorLog"logs/error_log"

##################日志存储级别(即日志内容和格式)####################
#LogLevel: Control the number of messages logged to the error_log.
#Possible values include: debug, info, notice, warn, error, crit,
#alert, emerg.
#
控制记录到日志的消息的级别。可选值有debug,info, notice, warn, error, crit, alert, emerg.
LogLevel warn


   #
    # The following directives define some formatnicknames for use with
    # a CustomLog directive(see below).
   #
#
下面的指令定义了一些为用户指令而使用的别名的格式。Apache配置中,LogFormat可用变量格式字符串描述
#%%
百分号(Apache2.0.44或更高的版本)
#%a
远端IP地址
#%A
本机IP地址
#%B
HTTP头以外传送的字节数
#%b
CLF格式显示的除HTTP头以外传送的字节数,也就是当没有字节传送时显示'-'而不是0
#%{Foobar}C
在请求中传送给服务端的cookieFoobar的内容。
#%D
服务器处理本请求所用时间,以微为单位。
#%{FOOBAR}e
环境变量FOOBAR的值
#%f
文件名
#%h
远端主机
#%H
请求使用的协议
#%{Foobar}i
发送到服务器的请求头Foobar:的内容。
#%l
远端登录名(identd而来,如果支持的话),除非IdentityCheck设为"On",否则将得到一个"-"
#%m
请求的方法
#%{Foobar}n
来自另一个模块的注解Foobar的内容。
#%{Foobar}o
应答头Foobar:的内容。
#%p
服务器服务于该请求的标准端口。
#%P
为本请求提供服务的子进程的PID
#%{format}P
服务于该请求的PIDTID(线程ID)format的取值范围为:pidtid(2.0.46及以后版本)以及hextid(需要APR1.2.0及以上版本)
#%q
查询字符串(若存在则由一个"?"引导,否则返回空串)
#%r
请求的第一行
#%s
状态。对于内部重定向的请求,这个状态指的是原始请求的状态,---%>s则指的是最后请求的状态。
#%t
时间,用普通日志时间格式(标准英语格式)
#%{format}t
时间,用strftime(3)指定的格式表示的时间。(默认情况下按本地化格式)
#%T
处理完请求所花时间,以秒为单位。
#%u
远程用户名(根据验证信息而来;如果返回status(%s)401,可能是假的)
#%U
请求的URL路径,不包含查询字符串。
#%v
对该请求提供服务的标准ServerName
#%V
根据UseCanonicalName指令设定的服务器名称。
#%X
请求完成时的连接状态:X=连接在应答完成前中断。
#+=
应答传送完后继续保持连接。
#-=
应答传送完后关闭连接。

#(1.3以后的版本中,这个指令是%c,但这样就和过去的SSL语法:%{var}c冲突了)
 
#%I
接收的字节数,包括请求头的数据,并且不能为零。要使用这个指令你必须启用mod_logio模块。
#%O
发送的字节数,包括请求头的数据,并且不能为零。要使用这个指令你必须启用mod_logio模块。
   LogFormat "%h %l %u %t \"%r\" %>s %b\"%{Referer}i\" \"%{User-Agent}i\""combined
    LogFormat "%h %l %u %t \"%r\"%>s %b" common

   
     # You need to enable mod_logio.c to use %I and %O
     #
使用此模块要加载mod_logio模块
     LogFormat "%h %l %u %t \"%r\" %>s %b\"%{Referer}i\" \"%{User-Agent}i\" %I %O"combinedio
   

    #
   # The location and format of the access logfile (Common LogfileFormat).
    # If you do not define any accesslogfiles within a
    # container, they will belogged here.  Contrariwise, if you *do*
    #define per-
    # logged therein and *not* in thisfile.
   #
访问日志文件(普通文件格式)的位置。如果虚拟主机内定义了,则使用虚拟主机的定义,否则使用此处的定义
   CustomLog "logs/access_log" common

    #
   # If you prefer a logfile with access, agent, and refererinformation
    # (Combined Logfile Format) you canuse the following directive.
   #
如果您喜欢访问代理日志文件和referer信息(综合日志文件格式),你可以使用下面的指令。
   #CustomLog "logs/access_log"combined

#############################
域名重定向设定#####################

   #
    # Redirect: Allows you to tell clients aboutdocuments that used to
    # exist in yourserver's namespace, but do not anymore. The client
   # will make a new request for the document at its new location.
   # Example:
    # Redirect permanent /foohttp://www.example.com/bar
   #
重定向:允许你告诉曾经存在于您的服务器的网站文档,但不是现在。客户端会收到那个旧文件所在的新位置。
   #
    # Alias: Maps web paths into filesystem pathsand is used to
    # access content that does notlive under the DocumentRoot.
    # Example:
   # Alias /webpath /full/filesystem/path
   #
映射web路径到文件系统路径下,用于访问那些不在网站根目录下的文件
   # If you include a trailing / on /webpath then the server will
   # require it to be present in the URL.  You will also likely
   # need to provide a
    # the filesystem path.
   #
如果你使用站点路径,服务器将请求现存的url路径,你可能需要提供个
   #
    # ScriptAlias:This controls which directories contain server scripts.
   # ScriptAliases are essentially the same as Aliases, except that
   # documents in the target directory are treated as applicationsand
    # run by the server when requested ratherthan as documents sent to the
    # client. The same rules about trailing "/" apply to ScriptAlias
   # directives as to Alias.
   #ScriptAlias
指令:此控制哪个目录包含服务器脚本。
   #ScriptAliases
实质上基本与别名相同,除了在目标目录中的文件当发生请求访问时被视为应用程序并在服务器运行,而不是文件被发送到客户端。对尾随同样的规则“/”适用于在ScriptAlias指令和Alias
   ScriptAlias /cgi-bin/ "/usr/local/apache/cgi-bin/"


############################CGI
守护进程设定####################

   #
    # ScriptSock: On threaded servers, designatethe path to the UNIX
    # socket used tocommunicate with the CGI daemon of mod_cgid.
   #ScriptSock
:在线程服务器上,指定的路径到UNIX接口可以用来与mod_cgidCGI守护进程通信。
   #Scriptsock logs/cgisock

#
#"/usr/local/apache/cgi-bin" should be changed to whateveryour ScriptAliased
# CGI directory exists, if you have thatconfigured.
#
如果配置了ScriptAliased,要把"/usr/local/apache/cgi-bin"改成你的ScriptAliasedCGI所在的目录

   AllowOverride None
    Options None
   Order allow,deny
    Allow from all

#######################MIME类型设定######################
#DefaultType: the default MIME type the server will use for adocument
# if it cannot otherwise determine one, such as fromfilename extensions.
# If your server contains mostly text or HTMLdocuments,
"text/plain" is
#a good value.  If most of your content is binary, such asapplications
# or images, you may want to use"application/octet-stream" instead to
# keep browsersfrom trying to display binary files as though they are
# text.
#
默认类型:如果服务器不能从扩展名决定文档类型,将使用此处定义的默认类型。如果服务器包含了很多文本或html文档"text/plain"是一个很好的值。如果你的内容大部分是二进制文件,例如应用程序或镜像,你可以使用"application/octet-stream"来使浏览器显示为二进制文件类型。
DefaultTypetext/plain


   #
    # TypesConfig points to the file containingthe list of mappings from
    # filename extensionto MIME-type.
   #TypesConfig
列表指明通过文件扩展名所映射的MIME类型
   TypesConfig conf/mime.types

    #
   # AddType allows you to add to or override the MIME configuration
   # file specified in TypesConfig for specific file types.
   #AddType
允许你添加或覆盖在TypesConfig中所指定的文件类型的MIME类型的配置
   #AddType application/x-gzip .tgz
    #
   # AddEncoding allows you to have certain browsers uncompress
   # information on the fly. Note: Not all browsers support this.
   #AddEncoding
允许你使某些浏览器在传输过程中解压信息。注意:不是所有浏览器都支持。
   #AddEncoding x-compress .Z
    #AddEncoding x-gzip.gz .tgz
    #
    # If theAddEncoding directives above are commented-out, then you
   # probably should define those extensions to indicate mediatypes:
   #
如果如上的AddEncoding指令注释掉了,你可能应该定义这些扩展媒体类型说明
   AddType application/x-compress .Z
    AddTypeapplication/x-gzip .gz .tgz

    #
   # AddHandler allows you to map certain file extensions to"handlers":
   # actions unrelated to filetype. These can be either built into theserver
    # or added with the Action directive(see below)
   #AddHandler
允许某些文件扩展名映射到“handlers”:行为无关的文件类型。这些可以是内置到服务器或操作指令增加(见下文)。要使用ScriptAliased目录以外的CGI脚本的(你还需要添加“ExecCGI”到“Options”指令。)
   # To use CGI scripts outside of ScriptAliased directories:
   # (You will also need to add "ExecCGI" to the "Options"directive.)
    #
    #AddHandlercgi-script .cgi

    #For type maps (negotiated resources):为类型映射(谈判源)
   #AddHandler type-map var

    #
   # Filters allow you to process content before it is sent to theclient.
   #
过滤器允许内容被发送到客户端前被处理。为在解析.shtml文件服务器端包含(ssl)文件。(你也需要添加IncludeOptions指令中)  
   # To parse .shtml files for server-side includes (SSI):
   # (You will also need to add "Includes" to the "Options"directive.)
    #
    #AddTypetext/html .shtml
    #AddOutputFilter INCLUDES.shtml

#
#The mod_mime_magic module allows the server to use various hints fromthe
# contents of the file itself to determine its type.  TheMIMEMagicFile
# directive tells the module where the hintdefinitions arelocated.
#mod_mime_magic
模块允许服务器使用从文件本身的内容中各个暗示来决定其类型。MIMEMagicFile指令告诉模块在哪里找到暗示定义的位置。
#MIMEMagicFileconf/magic

#########################访问错误重定向######################
#Customizable error responses come in three flavors:
# 1) plaintext 2) local redirects 3) externalredirects
#
定制的错误响应有三种:1)纯文本2)本地重定向3)外部重定向,下面是例子
#Some examples:
#ErrorDocument 500 "The server made a booboo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404"/cgi-bin/missing_handler.pl"
#ErrorDocument 402http://www.example.com/subscription_info.html
#

########################MMAP设定####################
#EnableMMAP and EnableSendfile: On systems that support it,
#memory-mapping or the sendfile syscall is used to deliver
#files.  This usually improves server performance, but must
#be turned off when serving from networked-mounted
# filesystemsor if support for these functions is otherwise
# broken on yoursystem.
#EnableMMAP
EnableSendfile:在支持它的系统上,内存映射或发送文件系统调用是用来提供文件系统。这通常提供了服务器性能,再在关闭时必须从挂载的文件系统或者所支持该功能的函数中保存,否则可能损坏您的系统。
#EnableMMAPoff
#EnableSendfileoff
############################
其他导入的配置文件################
#Supplemental configuration
#
# The configuration files in theconf/extra/ directory can be
# included to add extra features orto modify the default configuration of
# the server, or you maysimply copy their contents here and change as
#necessary.
#
参考配置
#
conf/extra目录下的配置文件可以添加特性或者修改服务器上的默认配置,或者你可以简单的拷贝内容然后根据需要更改。

#Server-pool management (MPM specific)服务器池管理(MPM
#Includeconf/extra/httpd-mpm.conf

#Multi-language error messages多语言错误信息
#Includeconf/extra/httpd-multilang-errordoc.conf

# Fancydirectory listings目录列表
#Includeconf/extra/httpd-autoindex.conf

#Language settings语言设定
#Includeconf/extra/httpd-languages.conf

# Userhome directories用户目录设定
#Includeconf/extra/httpd-userdir.conf

#Real-time info on requests and configuration实时信息的要求和配置
#Includeconf/extra/httpd-info.conf

#Virtual hosts虚拟主机配置
#Includeconf/extra/httpd-vhosts.conf

# Localaccess to the Apache HTTP Server Manual本地访问ApacheHTTP服务器手册
#Includeconf/extra/httpd-manual.conf

#Distributed authoring and versioning (WebDAV)WebDAV配置
#Includeconf/extra/httpd-dav.conf

#Various default settings各种默认设置
#Includeconf/extra/httpd-default.conf
#############################SSL
设定###############################
#Secure (SSL/TLS) connections
加密连接设置
#Includeconf/extra/httpd-ssl.conf
#
# Note: The following must must bepresent to support
#       startingwithout SSL on platforms with no /dev/random equivalent
#      but a statically compiled-in mod_ssl.
#
注意:要支持如下功能必须存在在没有ssl的平台上(和no/dev/random等价),而是静态编译了mod_ssl
#
伪随机数生成器(PRNG)播种源

SSLRandomSeedstartup builtin
使用内建方式启动
SSLRandomSeedconnect builtin
使用内建方式连接


你可能感兴趣的:(开源)