dgaudet 97/07/02 23:01:22
Modified: htdocs/manual Tag: APACHE_1_2_X vhosts-in-depth.html
htdocs/manual/misc Tag: APACHE_1_2_X descriptors.html
security_tips.html
htdocs/manual/mod Tag: APACHE_1_2_X mod_auth_msql.html
mod_rewrite.html mod_userdir.html
Log:
merge in marc's weblinting changes
Revision Changes Path
No revision
No revision
1.9.2.1 +8 -4 apache/htdocs/manual/vhosts-in-depth.html
Index: vhosts-in-depth.html
===================================================================
RCS file: /export/home/cvs/apache/htdocs/manual/vhosts-in-depth.html,v
retrieving revision 1.9
retrieving revision 1.9.2.1
diff -C3 -r1.9 -r1.9.2.1
*** vhosts-in-depth.html 1997/06/04 11:07:52 1.9
--- vhosts-in-depth.html 1997/07/03 06:01:17 1.9.2.1
***************
*** 357,379 ****
<li>Place all main_server definitions before any VirtualHost definitions.
(This is to aid the readability of the configuration -- the post-config
merging process makes it non-obvious that definitions mixed in around
! virtualhosts might affect all virtualhosts.)</p>
<li>Arrange your VirtualHosts such
that all name-based virtual hosts come first, followed by IP-based
! virtual hosts, followed by any <SAMP>_default_</SAMP> virtual host</p>
<li>Avoid <code>ServerPaths</code> which are prefixes of other
<code>ServerPaths</code>. If you cannot avoid this then you have to
ensure that the longer (more specific) prefix vhost appears earlier in
the configuration file than the shorter (less specific) prefix
(<EM>i.e.</EM>, "ServerPath /abc" should appear after
! "ServerPath /abcdef"). </p>
<li>Do not use <i>port-based</i> vhosts in the same server as
name-based vhosts. A loose definition for port-based is a vhost which
is determined by the port on the server (<em>i.e.</em> one server with
! ports 8000, 8080, and 80 all of which have different configurations).</p>
</ul>
--- 357,383 ----
<li>Place all main_server definitions before any VirtualHost definitions.
(This is to aid the readability of the configuration -- the post-config
merging process makes it non-obvious that definitions mixed in around
! virtualhosts might affect all virtualhosts.)
! <p>
<li>Arrange your VirtualHosts such
that all name-based virtual hosts come first, followed by IP-based
! virtual hosts, followed by any <SAMP>_default_</SAMP> virtual host
! <p>
<li>Avoid <code>ServerPaths</code> which are prefixes of other
<code>ServerPaths</code>. If you cannot avoid this then you have to
ensure that the longer (more specific) prefix vhost appears earlier in
the configuration file than the shorter (less specific) prefix
(<EM>i.e.</EM>, "ServerPath /abc" should appear after
! "ServerPath /abcdef").
! <p>
<li>Do not use <i>port-based</i> vhosts in the same server as
name-based vhosts. A loose definition for port-based is a vhost which
is determined by the port on the server (<em>i.e.</em> one server with
! ports 8000, 8080, and 80 all of which have different configurations).
! <p>
</ul>
No revision
No revision
1.1.2.2 +7 -7 apache/htdocs/manual/misc/descriptors.html
Index: descriptors.html
===================================================================
RCS file: /export/home/cvs/apache/htdocs/manual/misc/descriptors.html,v
retrieving revision 1.1.2.1
retrieving revision 1.1.2.2
diff -C3 -r1.1.2.1 -r1.1.2.2
*** descriptors.html 1997/06/27 03:02:05 1.1.2.1
--- descriptors.html 1997/07/03 06:01:19 1.1.2.2
***************
*** 47,53 ****
<p>To summarize:
<center><pre>
! #open files <= soft limit <= hard limit <= kernel limit
</pre></center>
<p>You control the hard and soft limits using the <code>limit</code> (csh)
--- 47,53 ----
<p>To summarize:
<center><pre>
! #open files <= soft limit <= hard limit <= kernel limit
</pre></center>
<p>You control the hard and soft limits using the <code>limit</code> (csh)
***************
*** 73,85 ****
will run into trouble if more than approximately 240 Listen
directives are used. This may be cured by rebuilding your kernel
with a higher FD_SETSIZE.
! </p>
<dt> <b>FreeBSD 2.2, BSDI 2.1+</b>
<dd> Similar to the BSDI 2.0 case, you should define
<code>FD_SETSIZE</code> and rebuild. But the extra
Listen limitation doesn't exist.
! </p>
<dt> <b>Linux</b>
<dd> By default Linux has a kernel maximum of 256 open descriptors
--- 73,85 ----
will run into trouble if more than approximately 240 Listen
directives are used. This may be cured by rebuilding your kernel
with a higher FD_SETSIZE.
! <p>
<dt> <b>FreeBSD 2.2, BSDI 2.1+</b>
<dd> Similar to the BSDI 2.0 case, you should define
<code>FD_SETSIZE</code> and rebuild. But the extra
Listen limitation doesn't exist.
! <p>
<dt> <b>Linux</b>
<dd> By default Linux has a kernel maximum of 256 open descriptors
***************
*** 95,101 ****
256. As of this writing the patches available for increasing
the number of descriptors do not take this into account. On a
dedicated webserver you probably won't run into trouble.
! </p>
<dt> <b>Solaris through 2.5.1</b>
<dd> Solaris has a kernel hard limit of 1024 (may be lower in earlier
--- 95,101 ----
256. As of this writing the patches available for increasing
the number of descriptors do not take this into account. On a
dedicated webserver you probably won't run into trouble.
! <p>
<dt> <b>Solaris through 2.5.1</b>
<dd> Solaris has a kernel hard limit of 1024 (may be lower in earlier
***************
*** 107,124 ****
build Apache with <code>-DHIGH_SLACK_LINE=256</code> added to
<code>EXTRA_CFLAGS</code>. You will be limited to approximately
240 error logs if you do this.
! </p>
<dt> <b>AIX version ??</b>
<dd> AIX appears to have a hard limit of 128 descriptors. End of
story.
! </p>
<dt> <b>Others</b>
<dd> If you have details on another operating system, please submit
it through our <a href="http://www.apache.org/bug_report.html";>Bug
Report Page</a>.
! </p>
</dl>
--- 107,124 ----
build Apache with <code>-DHIGH_SLACK_LINE=256</code> added to
<code>EXTRA_CFLAGS</code>. You will be limited to approximately
240 error logs if you do this.
! <p>
<dt> <b>AIX version ??</b>
<dd> AIX appears to have a hard limit of 128 descriptors. End of
story.
! <p>
<dt> <b>Others</b>
<dd> If you have details on another operating system, please submit
it through our <a href="http://www.apache.org/bug_report.html";>Bug
Report Page</a>.
! <p>
</dl>
1.8.2.1 +6 -0 apache/htdocs/manual/misc/security_tips.html
Index: security_tips.html
===================================================================
RCS file: /export/home/cvs/apache/htdocs/manual/misc/security_tips.html,v
retrieving revision 1.8
retrieving revision 1.8.2.1
diff -C3 -r1.8 -r1.8.2.1
*** security_tips.html 1997/06/04 11:42:58 1.8
--- security_tips.html 1997/07/03 06:01:19 1.8.2.1
***************
*** 170,176 ****
--- 170,182 ----
>UserDir</A>
directive; setting it to something like <SAMP>"./"</SAMP>
would have the same effect, for root, as the first example above.
+ If you are using Apache 1.3 or above, we strongly recommend that you
+ include the following line in your server configuration files:
</P>
+ <DL>
+ <DD><SAMP>UserDir disabled root</SAMP>
+ </DD>
+ </DL>
<HR>
<P>Please send any other useful security tips to The Apache Group
No revision
No revision
1.6.2.1 +6 -6 apache/htdocs/manual/mod/mod_auth_msql.html
Index: mod_auth_msql.html
===================================================================
RCS file: /export/home/cvs/apache/htdocs/manual/mod/mod_auth_msql.html,v
retrieving revision 1.6
retrieving revision 1.6.2.1
diff -C3 -r1.6 -r1.6.2.1
*** mod_auth_msql.html 1997/06/04 16:14:17 1.6
--- mod_auth_msql.html 1997/07/03 06:01:20 1.6.2.1
***************
*** 155,167 ****
<pre>
% msqladmin create www <br>
% msql www <br>
! -> create table user_records ( <br>
! -> User_id char(32) primary key, <br>
! -> Cpasswd char(32), <br>
! -> Xgroup char(32) <br>
! -> ) \g <br>
query OK <br>
! -> \q <br>
% <br>
</pre><br>
--- 155,167 ----
<pre>
% msqladmin create www <br>
% msql www <br>
! -> create table user_records ( <br>
! -> User_id char(32) primary key, <br>
! -> Cpasswd char(32), <br>
! -> Xgroup char(32) <br>
! -> ) \g <br>
query OK <br>
! -> \q <br>
% <br>
</pre><br>
1.9.2.2 +18 -23 apache/htdocs/manual/mod/mod_rewrite.html
Index: mod_rewrite.html
===================================================================
RCS file: /export/home/cvs/apache/htdocs/manual/mod/mod_rewrite.html,v
retrieving revision 1.9.2.1
retrieving revision 1.9.2.2
diff -C3 -r1.9.2.1 -r1.9.2.2
*** mod_rewrite.html 1997/06/27 03:02:13 1.9.2.1
--- mod_rewrite.html 1997/07/03 06:01:21 1.9.2.2
***************
*** 44,50 ****
It operates on the full URLs (including the PATH_INFO part) both in
per-server context (httpd.conf) and per-dir context (.htaccess) and even
can generate QUERY_STRING parts on result. The rewritten result can lead
to internal sub-processing, external request redirection or to internal proxy
throughput.
- </b>
<p>
The latest version can be found on<br>
--- 44,49 ----
***************
*** 147,153 ****
config.
<p>
! <table width=70% border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10>
<tr><td>
To disable the logging of rewriting actions it is not recommended
to set <em>Filename</em>
--- 146,152 ----
config.
<p>
! <table width="70%" border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10>
<tr><td>
To disable the logging of rewriting actions it is not recommended
to set <em>Filename</em>
***************
*** 161,167 ****
</table>
<p>
! <table width=70% border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10>
<tr><td>
SECURITY: See the <a
href="../misc/security_tips.html">Apache Security
--- 160,166 ----
</table>
<p>
! <table width="70%" border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10>
<tr><td>
SECURITY: See the <a
href="../misc/security_tips.html">Apache Security
***************
*** 198,204 ****
This disables all rewrite action logs.
<p>
! <table width=70% border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10>
<tr><td>
<b>Notice:</b> Using a high value for <i>Level</i> will slow down your
Apache
server dramatically! Use the rewriting logfile only for debugging or at
least
--- 197,203 ----
This disables all rewrite action logs.
<p>
! <table width="70%" border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10>
<tr><td>
<b>Notice:</b> Using a high value for <i>Level</i> will slow down your
Apache
server dramatically! Use the rewriting logfile only for debugging or at
least
***************
*** 289,295 ****
<li><b>DBM Hashfile Format</b>
<p>
This is a binary NDBM format file containing the
! same contents as the <em>Plain Text Format</b> files. You can create
such a file with any NDBM tool or with the <tt>dbmmanage</tt> program
from the <tt>support</tt> directory of the Apache distribution.
<p>
--- 288,294 ----
<li><b>DBM Hashfile Format</b>
<p>
This is a binary NDBM format file containing the
! same contents as the <em>Plain Text Format</em> files. You can create
such a file with any NDBM tool or with the <tt>dbmmanage</tt> program
from the <tt>support</tt> directory of the Apache distribution.
<p>
***************
*** 346,352 ****
context.
<p>
! <table width=70% border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10>
<tr><td>
For plain text and DBM format files the looked-up keys are cached in-core
until the <tt>mtime</tt> of the mapfile changes or the server does a
--- 345,351 ----
context.
<p>
! <table width="70%" border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10>
<tr><td>
For plain text and DBM format files the looked-up keys are cached in-core
until the <tt>mtime</tt> of the mapfile changes or the server does a
***************
*** 384,390 ****
directive to specify the correct URL-prefix.
<p>
! <table width=70% border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10>
<tr><td>
So, if your webserver's URLs are <b>not</b> directly
related to physical file paths, you have to use <tt>RewriteBase</tt> in
every
--- 383,389 ----
directive to specify the correct URL-prefix.
<p>
! <table width="70%" border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10>
<tr><td>
So, if your webserver's URLs are <b>not</b> directly
related to physical file paths, you have to use <tt>RewriteBase</tt> in
every
***************
*** 424,430 ****
rewritten to the physical file <tt>/abc/def/newstuff.html</tt>.
<p>
! <table width=70% border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10>
<tr><td>
<font size=-1>
<b>For the Apache hackers:</b><br>
--- 423,429 ----
rewritten to the physical file <tt>/abc/def/newstuff.html</tt>.
<p>
! <table width="70%" border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10>
<tr><td>
<font size=-1>
<b>For the Apache hackers:</b><br>
***************
*** 437,446 ****
/xyz/oldstuff.html
Internal Processing:
! /xyz/oldstuff.html -> /abc/def/oldstuff.html (per-server Alias)
! /abc/def/oldstuff.html -> /abc/def/newstuff.html (per-dir
RewriteRule)
! /abc/def/newstuff.html -> /xyz/newstuff.html (per-dir
RewriteBase)
! /xyz/newstuff.html -> /abc/def/newstuff.html (per-server Alias)
Result:
/abc/def/newstuff.html
--- 436,445 ----
/xyz/oldstuff.html
Internal Processing:
! /xyz/oldstuff.html -> /abc/def/oldstuff.html (per-server Alias)
! /abc/def/oldstuff.html -> /abc/def/newstuff.html (per-dir
RewriteRule)
! /abc/def/newstuff.html -> /xyz/newstuff.html (per-dir
RewriteBase)
! /xyz/newstuff.html -> /abc/def/newstuff.html (per-server Alias)
Result:
/abc/def/newstuff.html
***************
*** 471,477 ****
<p>
The <tt>RewriteCond</tt> directive defines a rule condition. Precede a
! <tt>RewriteRule</tt> directive with one or more <t>RewriteCond</tt>
directives.
The following rewriting rule is only used if its pattern matches the current
--- 470,476 ----
<p>
The <tt>RewriteCond</tt> directive defines a rule condition. Precede a
! <tt>RewriteRule</tt> directive with one or more <tt>RewriteCond</tt>
directives.
The following rewriting rule is only used if its pattern matches the current
***************
*** 562,568 ****
<p>
! <table width=70% border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10>
<tr><td>
These variables all correspond to the similar named HTTP MIME-headers, C
variables of the Apache server or <tt>struct tm</tt> fields of the Unix
--- 561,567 ----
<p>
! <table width="70%" border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10>
<tr><td>
These variables all correspond to the similar named HTTP MIME-headers, C
variables of the Apache server or <tt>struct tm</tt> fields of the Unix
***************
*** 770,776 ****
last default rule.
<p>
! <table width=70% border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10>
<tr><td>
<b>Notice!</b> When using the NOT character to negate a pattern you cannot
have grouped wildcard parts in the pattern. This is impossible because when
--- 769,775 ----
last default rule.
<p>
! <table width="70%" border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10>
<tr><td>
<b>Notice!</b> When using the NOT character to negate a pattern you cannot
have grouped wildcard parts in the pattern. This is impossible because when
***************
*** 814,820 ****
pattern to be applied before a substitution occurs.
<p>
! <table width=70% border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10>
<tr><td>
<b>Notice</b>: There is a special feature. When you prefix a substitution
field with <tt>http://</tt><em>thishost</em>[<em>:thisport</em>] then
--- 813,819 ----
pattern to be applied before a substitution occurs.
<p>
! <table width="70%" border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10>
<tr><td>
<b>Notice</b>: There is a special feature. When you prefix a substitution
field with <tt>http://</tt><em>thishost</em>[<em>:thisport</em>] then
***************
*** 962,968 ****
typical example is the use of <tt>mod_alias</tt> and
<tt>mod_rewrite</tt>..
<p>
! <table width=70% border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10>
<tr><td>
<font size=-1>
<b>For the Apache hackers:</b><br>
--- 961,967 ----
typical example is the use of <tt>mod_alias</tt> and
<tt>mod_rewrite</tt>..
<p>
! <table width="70%" border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10>
<tr><td>
<font size=-1>
<b>For the Apache hackers:</b><br>
***************
*** 995,1001 ****
</ul>
<p>
! <table width=70% border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10>
<tr><td>
Remember: Never forget that <em>Pattern</em> gets applied to a complete URL
in per-server configuration files. <b>But in per-directory configuration
--- 994,1000 ----
</ul>
<p>
! <table width="70%" border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10>
<tr><td>
Remember: Never forget that <em>Pattern</em> gets applied to a complete URL
in per-server configuration files. <b>But in per-directory configuration
***************
*** 1012,1018 ****
</table>
<p>
! <table width=70% border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10>
<tr><td>
Notice! To enable the rewriting engine for per-directory configuration
files
you need to set ``<tt>RewriteEngine On</tt>'' in these files <b>and</b>
--- 1011,1017 ----
</table>
<p>
! <table width="70%" border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10>
<tr><td>
Notice! To enable the rewriting engine for per-directory configuration
files
you need to set ``<tt>RewriteEngine On</tt>'' in these files <b>and</b>
***************
*** 1119,1128 ****
</tr>
</table>
-
- </td>
- </tr>
- </table>
<p>
<b>Example:</b>
--- 1118,1123 ----
1.7.2.1 +55 -26 apache/htdocs/manual/mod/mod_userdir.html
Index: mod_userdir.html
===================================================================
RCS file: /export/home/cvs/apache/htdocs/manual/mod/mod_userdir.html,v
retrieving revision 1.7
retrieving revision 1.7.2.1
diff -C3 -r1.7 -r1.7.2.1
*** mod_userdir.html 1997/06/04 16:14:24 1.7
--- mod_userdir.html 1997/07/03 06:01:21 1.7.2.1
***************
*** 33,74 ****
<strong>Status:</strong> Base<br>
<strong>Module:</strong> mod_userdir<br>
<strong>Compatibility:</strong> All forms except the <code>UserDir
! public_html</code> form are only available in Apache 1.1 or above.<p>
The UserDir directive sets the real directory in a user's home directory
to use when a request for a document for a user is received.
! <em>Directory</em> is either <code>disabled</code>, to disable this feature,
! or the name of a directory, following one of the following
! patterns. If not disabled, then a request for
<code>http://www.foo.com/~bob/one/two.html</code> will be translated to:
<pre>
! UserDir public_html -> ~bob/public_html/one/two.html
! UserDir /usr/web -> /usr/web/bob/one/two.html
! UserDir /home/*/www -> /home/bob/www/one/two.html
</pre>
The following directives will send redirects to the client:
<pre>
! UserDir http://www.foo.com/users ->
http//www.foo.com/users/bob/one/two.html
! UserDir http://www.foo.com/*/usr ->
http://www.foo.com/bob/usr/one/two.html
! UserDir http://www.foo.com/~*/ -> http://www.foo.com/~bob/one/two.html
</pre>
-
- <P>
- <STRONG>
- Be careful when using this directive; for instance, <SAMP>"UserDir
- ./"</SAMP> would map <SAMP>"/~root"</SAMP> to
- <SAMP>"/"</SAMP> - which is probably undesirable. See also
- the
- <A
- HREF="core.html#directory"
- ><Directory></A>
- directive and the
- <A
- HREF="../misc/security_tips.html"
- >Security Tips</A>
- page for more information.
- </STRONG>
</P>
<!--#include virtual="footer.html" -->
</BODY>
--- 33,103 ----
<strong>Status:</strong> Base<br>
<strong>Module:</strong> mod_userdir<br>
<strong>Compatibility:</strong> All forms except the <code>UserDir
! public_html</code> form are only available in Apache 1.1 or above. Use
! of the <SAMP>enabled</SAMP> keyword, or <SAMP>disabled</SAMP> with a
! list of usernames, is only available in Apache 1.3 and above.<p>
The UserDir directive sets the real directory in a user's home directory
to use when a request for a document for a user is received.
! <em>Directory/filename</em> is one of the following:
! </P>
! <UL>
! <LI>The name of a directory or a pattern such as those shown below.
! </LI>
! <LI>The keyword <SAMP>disabled</SAMP>. This turns off <EM>all</EM>
! username-to-directory translations except those explicitly named with
! the <SAMP>enabled</SAMP> keyword (see below).
! </LI>
! <LI>The keyword <SAMP>disabled</SAMP> followed by a space-delimited
! list of usernames. Usernames that appear in such a list will
! <EM>never</EM> have directory translation performed, even if they
! appear in an <SAMP>enabled</SAMP> clause.
! </LI>
! <LI>The keyword <SAMP>enabled</SAMP> followed by a space-delimited list
! of usernames. These usernames will have directory translation
! performed even if a global disable is in effect, but not if they also
! appear in a <SAMP>disabled</SAMP> clause.
! </LI>
! </UL>
! <P>
! If neither the <SAMP>enabled</SAMP> nor the <SAMP>disabled</SAMP>
! keywords appear in the <SAMP>Userdir</SAMP> directive, the argument is
! treated as a filename pattern, and is used to turn the name into a
! directory specification. A request for
<code>http://www.foo.com/~bob/one/two.html</code> will be translated to:
<pre>
! UserDir public_html -> ~bob/public_html/one/two.html
! UserDir /usr/web -> /usr/web/bob/one/two.html
! UserDir /home/*/www -> /home/bob/www/one/two.html
</pre>
The following directives will send redirects to the client:
<pre>
! UserDir http://www.foo.com/users ->
http//www.foo.com/users/bob/one/two.html
! UserDir http://www.foo.com/*/usr ->
http://www.foo.com/bob/usr/one/two.html
! UserDir http://www.foo.com/~*/ ->
http://www.foo.com/~bob/one/two.html
</pre>
</P>
+ <BLOCKQUOTE>
+ <STRONG>
+ Be careful when using this directive; for instance,
+ <SAMP>"UserDir ./"</SAMP> would map
+ <SAMP>"/~root"</SAMP> to
+ <SAMP>"/"</SAMP> - which is probably undesirable. If you are
+ running Apache 1.3 or above, it is strongly recommended that your
+ configuration include a
+ "<SAMP>UserDir disabled root</SAMP>" declaration.
+ See also
+ the
+ <A
+ HREF="core.html#directory"
+ ><Directory></A>
+ directive and the
+ <A
+ HREF="../misc/security_tips.html"
+ >Security Tips</A>
+ page for more information.
+ </STRONG>
+ </BLOCKQUOTE>
<!--#include virtual="footer.html" -->
</BODY>
