dgaudet 97/07/02 23:01:22
Modified: htdocs/manual Tag: APACHE_1_2_X vhosts-in-depth.html htdocs/manual/misc Tag: APACHE_1_2_X descriptors.html security_tips.html htdocs/manual/mod Tag: APACHE_1_2_X mod_auth_msql.html mod_rewrite.html mod_userdir.html Log: merge in marc's weblinting changes Revision Changes Path No revision No revision 1.9.2.1 +8 -4 apache/htdocs/manual/vhosts-in-depth.html Index: vhosts-in-depth.html =================================================================== RCS file: /export/home/cvs/apache/htdocs/manual/vhosts-in-depth.html,v retrieving revision 1.9 retrieving revision 1.9.2.1 diff -C3 -r1.9 -r1.9.2.1 *** vhosts-in-depth.html 1997/06/04 11:07:52 1.9 --- vhosts-in-depth.html 1997/07/03 06:01:17 1.9.2.1 *************** *** 357,379 **** <li>Place all main_server definitions before any VirtualHost definitions. (This is to aid the readability of the configuration -- the post-config merging process makes it non-obvious that definitions mixed in around ! virtualhosts might affect all virtualhosts.)</p> <li>Arrange your VirtualHosts such that all name-based virtual hosts come first, followed by IP-based ! virtual hosts, followed by any <SAMP>_default_</SAMP> virtual host</p> <li>Avoid <code>ServerPaths</code> which are prefixes of other <code>ServerPaths</code>. If you cannot avoid this then you have to ensure that the longer (more specific) prefix vhost appears earlier in the configuration file than the shorter (less specific) prefix (<EM>i.e.</EM>, "ServerPath /abc" should appear after ! "ServerPath /abcdef"). </p> <li>Do not use <i>port-based</i> vhosts in the same server as name-based vhosts. A loose definition for port-based is a vhost which is determined by the port on the server (<em>i.e.</em> one server with ! ports 8000, 8080, and 80 all of which have different configurations).</p> </ul> --- 357,383 ---- <li>Place all main_server definitions before any VirtualHost definitions. (This is to aid the readability of the configuration -- the post-config merging process makes it non-obvious that definitions mixed in around ! virtualhosts might affect all virtualhosts.) ! <p> <li>Arrange your VirtualHosts such that all name-based virtual hosts come first, followed by IP-based ! virtual hosts, followed by any <SAMP>_default_</SAMP> virtual host ! <p> <li>Avoid <code>ServerPaths</code> which are prefixes of other <code>ServerPaths</code>. If you cannot avoid this then you have to ensure that the longer (more specific) prefix vhost appears earlier in the configuration file than the shorter (less specific) prefix (<EM>i.e.</EM>, "ServerPath /abc" should appear after ! "ServerPath /abcdef"). ! <p> <li>Do not use <i>port-based</i> vhosts in the same server as name-based vhosts. A loose definition for port-based is a vhost which is determined by the port on the server (<em>i.e.</em> one server with ! ports 8000, 8080, and 80 all of which have different configurations). ! <p> </ul> No revision No revision 1.1.2.2 +7 -7 apache/htdocs/manual/misc/descriptors.html Index: descriptors.html =================================================================== RCS file: /export/home/cvs/apache/htdocs/manual/misc/descriptors.html,v retrieving revision 1.1.2.1 retrieving revision 1.1.2.2 diff -C3 -r1.1.2.1 -r1.1.2.2 *** descriptors.html 1997/06/27 03:02:05 1.1.2.1 --- descriptors.html 1997/07/03 06:01:19 1.1.2.2 *************** *** 47,53 **** <p>To summarize: <center><pre> ! #open files <= soft limit <= hard limit <= kernel limit </pre></center> <p>You control the hard and soft limits using the <code>limit</code> (csh) --- 47,53 ---- <p>To summarize: <center><pre> ! #open files <= soft limit <= hard limit <= kernel limit </pre></center> <p>You control the hard and soft limits using the <code>limit</code> (csh) *************** *** 73,85 **** will run into trouble if more than approximately 240 Listen directives are used. This may be cured by rebuilding your kernel with a higher FD_SETSIZE. ! </p> <dt> <b>FreeBSD 2.2, BSDI 2.1+</b> <dd> Similar to the BSDI 2.0 case, you should define <code>FD_SETSIZE</code> and rebuild. But the extra Listen limitation doesn't exist. ! </p> <dt> <b>Linux</b> <dd> By default Linux has a kernel maximum of 256 open descriptors --- 73,85 ---- will run into trouble if more than approximately 240 Listen directives are used. This may be cured by rebuilding your kernel with a higher FD_SETSIZE. ! <p> <dt> <b>FreeBSD 2.2, BSDI 2.1+</b> <dd> Similar to the BSDI 2.0 case, you should define <code>FD_SETSIZE</code> and rebuild. But the extra Listen limitation doesn't exist. ! <p> <dt> <b>Linux</b> <dd> By default Linux has a kernel maximum of 256 open descriptors *************** *** 95,101 **** 256. As of this writing the patches available for increasing the number of descriptors do not take this into account. On a dedicated webserver you probably won't run into trouble. ! </p> <dt> <b>Solaris through 2.5.1</b> <dd> Solaris has a kernel hard limit of 1024 (may be lower in earlier --- 95,101 ---- 256. As of this writing the patches available for increasing the number of descriptors do not take this into account. On a dedicated webserver you probably won't run into trouble. ! <p> <dt> <b>Solaris through 2.5.1</b> <dd> Solaris has a kernel hard limit of 1024 (may be lower in earlier *************** *** 107,124 **** build Apache with <code>-DHIGH_SLACK_LINE=256</code> added to <code>EXTRA_CFLAGS</code>. You will be limited to approximately 240 error logs if you do this. ! </p> <dt> <b>AIX version ??</b> <dd> AIX appears to have a hard limit of 128 descriptors. End of story. ! </p> <dt> <b>Others</b> <dd> If you have details on another operating system, please submit it through our <a href="http://www.apache.org/bug_report.html">Bug Report Page</a>. ! </p> </dl> --- 107,124 ---- build Apache with <code>-DHIGH_SLACK_LINE=256</code> added to <code>EXTRA_CFLAGS</code>. You will be limited to approximately 240 error logs if you do this. ! <p> <dt> <b>AIX version ??</b> <dd> AIX appears to have a hard limit of 128 descriptors. End of story. ! <p> <dt> <b>Others</b> <dd> If you have details on another operating system, please submit it through our <a href="http://www.apache.org/bug_report.html">Bug Report Page</a>. ! <p> </dl> 1.8.2.1 +6 -0 apache/htdocs/manual/misc/security_tips.html Index: security_tips.html =================================================================== RCS file: /export/home/cvs/apache/htdocs/manual/misc/security_tips.html,v retrieving revision 1.8 retrieving revision 1.8.2.1 diff -C3 -r1.8 -r1.8.2.1 *** security_tips.html 1997/06/04 11:42:58 1.8 --- security_tips.html 1997/07/03 06:01:19 1.8.2.1 *************** *** 170,176 **** --- 170,182 ---- >UserDir</A> directive; setting it to something like <SAMP>"./"</SAMP> would have the same effect, for root, as the first example above. + If you are using Apache 1.3 or above, we strongly recommend that you + include the following line in your server configuration files: </P> + <DL> + <DD><SAMP>UserDir disabled root</SAMP> + </DD> + </DL> <HR> <P>Please send any other useful security tips to The Apache Group No revision No revision 1.6.2.1 +6 -6 apache/htdocs/manual/mod/mod_auth_msql.html Index: mod_auth_msql.html =================================================================== RCS file: /export/home/cvs/apache/htdocs/manual/mod/mod_auth_msql.html,v retrieving revision 1.6 retrieving revision 1.6.2.1 diff -C3 -r1.6 -r1.6.2.1 *** mod_auth_msql.html 1997/06/04 16:14:17 1.6 --- mod_auth_msql.html 1997/07/03 06:01:20 1.6.2.1 *************** *** 155,167 **** <pre> % msqladmin create www <br> % msql www <br> ! -> create table user_records ( <br> ! -> User_id char(32) primary key, <br> ! -> Cpasswd char(32), <br> ! -> Xgroup char(32) <br> ! -> ) \g <br> query OK <br> ! -> \q <br> % <br> </pre><br> --- 155,167 ---- <pre> % msqladmin create www <br> % msql www <br> ! -> create table user_records ( <br> ! -> User_id char(32) primary key, <br> ! -> Cpasswd char(32), <br> ! -> Xgroup char(32) <br> ! -> ) \g <br> query OK <br> ! -> \q <br> % <br> </pre><br> 1.9.2.2 +18 -23 apache/htdocs/manual/mod/mod_rewrite.html Index: mod_rewrite.html =================================================================== RCS file: /export/home/cvs/apache/htdocs/manual/mod/mod_rewrite.html,v retrieving revision 1.9.2.1 retrieving revision 1.9.2.2 diff -C3 -r1.9.2.1 -r1.9.2.2 *** mod_rewrite.html 1997/06/27 03:02:13 1.9.2.1 --- mod_rewrite.html 1997/07/03 06:01:21 1.9.2.2 *************** *** 44,50 **** It operates on the full URLs (including the PATH_INFO part) both in per-server context (httpd.conf) and per-dir context (.htaccess) and even can generate QUERY_STRING parts on result. The rewritten result can lead to internal sub-processing, external request redirection or to internal proxy throughput. - </b> <p> The latest version can be found on<br> --- 44,49 ---- *************** *** 147,153 **** config. <p> ! <table width=70% border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10> <tr><td> To disable the logging of rewriting actions it is not recommended to set <em>Filename</em> --- 146,152 ---- config. <p> ! <table width="70%" border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10> <tr><td> To disable the logging of rewriting actions it is not recommended to set <em>Filename</em> *************** *** 161,167 **** </table> <p> ! <table width=70% border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10> <tr><td> SECURITY: See the <a href="../misc/security_tips.html">Apache Security --- 160,166 ---- </table> <p> ! <table width="70%" border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10> <tr><td> SECURITY: See the <a href="../misc/security_tips.html">Apache Security *************** *** 198,204 **** This disables all rewrite action logs. <p> ! <table width=70% border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10> <tr><td> <b>Notice:</b> Using a high value for <i>Level</i> will slow down your Apache server dramatically! Use the rewriting logfile only for debugging or at least --- 197,203 ---- This disables all rewrite action logs. <p> ! <table width="70%" border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10> <tr><td> <b>Notice:</b> Using a high value for <i>Level</i> will slow down your Apache server dramatically! Use the rewriting logfile only for debugging or at least *************** *** 289,295 **** <li><b>DBM Hashfile Format</b> <p> This is a binary NDBM format file containing the ! same contents as the <em>Plain Text Format</b> files. You can create such a file with any NDBM tool or with the <tt>dbmmanage</tt> program from the <tt>support</tt> directory of the Apache distribution. <p> --- 288,294 ---- <li><b>DBM Hashfile Format</b> <p> This is a binary NDBM format file containing the ! same contents as the <em>Plain Text Format</em> files. You can create such a file with any NDBM tool or with the <tt>dbmmanage</tt> program from the <tt>support</tt> directory of the Apache distribution. <p> *************** *** 346,352 **** context. <p> ! <table width=70% border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10> <tr><td> For plain text and DBM format files the looked-up keys are cached in-core until the <tt>mtime</tt> of the mapfile changes or the server does a --- 345,351 ---- context. <p> ! <table width="70%" border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10> <tr><td> For plain text and DBM format files the looked-up keys are cached in-core until the <tt>mtime</tt> of the mapfile changes or the server does a *************** *** 384,390 **** directive to specify the correct URL-prefix. <p> ! <table width=70% border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10> <tr><td> So, if your webserver's URLs are <b>not</b> directly related to physical file paths, you have to use <tt>RewriteBase</tt> in every --- 383,389 ---- directive to specify the correct URL-prefix. <p> ! <table width="70%" border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10> <tr><td> So, if your webserver's URLs are <b>not</b> directly related to physical file paths, you have to use <tt>RewriteBase</tt> in every *************** *** 424,430 **** rewritten to the physical file <tt>/abc/def/newstuff.html</tt>. <p> ! <table width=70% border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10> <tr><td> <font size=-1> <b>For the Apache hackers:</b><br> --- 423,429 ---- rewritten to the physical file <tt>/abc/def/newstuff.html</tt>. <p> ! <table width="70%" border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10> <tr><td> <font size=-1> <b>For the Apache hackers:</b><br> *************** *** 437,446 **** /xyz/oldstuff.html Internal Processing: ! /xyz/oldstuff.html -> /abc/def/oldstuff.html (per-server Alias) ! /abc/def/oldstuff.html -> /abc/def/newstuff.html (per-dir RewriteRule) ! /abc/def/newstuff.html -> /xyz/newstuff.html (per-dir RewriteBase) ! /xyz/newstuff.html -> /abc/def/newstuff.html (per-server Alias) Result: /abc/def/newstuff.html --- 436,445 ---- /xyz/oldstuff.html Internal Processing: ! /xyz/oldstuff.html -> /abc/def/oldstuff.html (per-server Alias) ! /abc/def/oldstuff.html -> /abc/def/newstuff.html (per-dir RewriteRule) ! /abc/def/newstuff.html -> /xyz/newstuff.html (per-dir RewriteBase) ! /xyz/newstuff.html -> /abc/def/newstuff.html (per-server Alias) Result: /abc/def/newstuff.html *************** *** 471,477 **** <p> The <tt>RewriteCond</tt> directive defines a rule condition. Precede a ! <tt>RewriteRule</tt> directive with one or more <t>RewriteCond</tt> directives. The following rewriting rule is only used if its pattern matches the current --- 470,476 ---- <p> The <tt>RewriteCond</tt> directive defines a rule condition. Precede a ! <tt>RewriteRule</tt> directive with one or more <tt>RewriteCond</tt> directives. The following rewriting rule is only used if its pattern matches the current *************** *** 562,568 **** <p> ! <table width=70% border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10> <tr><td> These variables all correspond to the similar named HTTP MIME-headers, C variables of the Apache server or <tt>struct tm</tt> fields of the Unix --- 561,567 ---- <p> ! <table width="70%" border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10> <tr><td> These variables all correspond to the similar named HTTP MIME-headers, C variables of the Apache server or <tt>struct tm</tt> fields of the Unix *************** *** 770,776 **** last default rule. <p> ! <table width=70% border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10> <tr><td> <b>Notice!</b> When using the NOT character to negate a pattern you cannot have grouped wildcard parts in the pattern. This is impossible because when --- 769,775 ---- last default rule. <p> ! <table width="70%" border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10> <tr><td> <b>Notice!</b> When using the NOT character to negate a pattern you cannot have grouped wildcard parts in the pattern. This is impossible because when *************** *** 814,820 **** pattern to be applied before a substitution occurs. <p> ! <table width=70% border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10> <tr><td> <b>Notice</b>: There is a special feature. When you prefix a substitution field with <tt>http://</tt><em>thishost</em>[<em>:thisport</em>] then --- 813,819 ---- pattern to be applied before a substitution occurs. <p> ! <table width="70%" border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10> <tr><td> <b>Notice</b>: There is a special feature. When you prefix a substitution field with <tt>http://</tt><em>thishost</em>[<em>:thisport</em>] then *************** *** 962,968 **** typical example is the use of <tt>mod_alias</tt> and <tt>mod_rewrite</tt>.. <p> ! <table width=70% border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10> <tr><td> <font size=-1> <b>For the Apache hackers:</b><br> --- 961,967 ---- typical example is the use of <tt>mod_alias</tt> and <tt>mod_rewrite</tt>.. <p> ! <table width="70%" border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10> <tr><td> <font size=-1> <b>For the Apache hackers:</b><br> *************** *** 995,1001 **** </ul> <p> ! <table width=70% border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10> <tr><td> Remember: Never forget that <em>Pattern</em> gets applied to a complete URL in per-server configuration files. <b>But in per-directory configuration --- 994,1000 ---- </ul> <p> ! <table width="70%" border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10> <tr><td> Remember: Never forget that <em>Pattern</em> gets applied to a complete URL in per-server configuration files. <b>But in per-directory configuration *************** *** 1012,1018 **** </table> <p> ! <table width=70% border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10> <tr><td> Notice! To enable the rewriting engine for per-directory configuration files you need to set ``<tt>RewriteEngine On</tt>'' in these files <b>and</b> --- 1011,1017 ---- </table> <p> ! <table width="70%" border=2 bgcolor="#c0c0e0" cellspacing=0 cellpadding=10> <tr><td> Notice! To enable the rewriting engine for per-directory configuration files you need to set ``<tt>RewriteEngine On</tt>'' in these files <b>and</b> *************** *** 1119,1128 **** </tr> </table> - - </td> - </tr> - </table> <p> <b>Example:</b> --- 1118,1123 ---- 1.7.2.1 +55 -26 apache/htdocs/manual/mod/mod_userdir.html Index: mod_userdir.html =================================================================== RCS file: /export/home/cvs/apache/htdocs/manual/mod/mod_userdir.html,v retrieving revision 1.7 retrieving revision 1.7.2.1 diff -C3 -r1.7 -r1.7.2.1 *** mod_userdir.html 1997/06/04 16:14:24 1.7 --- mod_userdir.html 1997/07/03 06:01:21 1.7.2.1 *************** *** 33,74 **** <strong>Status:</strong> Base<br> <strong>Module:</strong> mod_userdir<br> <strong>Compatibility:</strong> All forms except the <code>UserDir ! public_html</code> form are only available in Apache 1.1 or above.<p> The UserDir directive sets the real directory in a user's home directory to use when a request for a document for a user is received. ! <em>Directory</em> is either <code>disabled</code>, to disable this feature, ! or the name of a directory, following one of the following ! patterns. If not disabled, then a request for <code>http://www.foo.com/~bob/one/two.html</code> will be translated to: <pre> ! UserDir public_html -> ~bob/public_html/one/two.html ! UserDir /usr/web -> /usr/web/bob/one/two.html ! UserDir /home/*/www -> /home/bob/www/one/two.html </pre> The following directives will send redirects to the client: <pre> ! UserDir http://www.foo.com/users -> http//www.foo.com/users/bob/one/two.html ! UserDir http://www.foo.com/*/usr -> http://www.foo.com/bob/usr/one/two.html ! UserDir http://www.foo.com/~*/ -> http://www.foo.com/~bob/one/two.html </pre> - - <P> - <STRONG> - Be careful when using this directive; for instance, <SAMP>"UserDir - ./"</SAMP> would map <SAMP>"/~root"</SAMP> to - <SAMP>"/"</SAMP> - which is probably undesirable. See also - the - <A - HREF="core.html#directory" - ><Directory></A> - directive and the - <A - HREF="../misc/security_tips.html" - >Security Tips</A> - page for more information. - </STRONG> </P> <!--#include virtual="footer.html" --> </BODY> --- 33,103 ---- <strong>Status:</strong> Base<br> <strong>Module:</strong> mod_userdir<br> <strong>Compatibility:</strong> All forms except the <code>UserDir ! public_html</code> form are only available in Apache 1.1 or above. Use ! of the <SAMP>enabled</SAMP> keyword, or <SAMP>disabled</SAMP> with a ! list of usernames, is only available in Apache 1.3 and above.<p> The UserDir directive sets the real directory in a user's home directory to use when a request for a document for a user is received. ! <em>Directory/filename</em> is one of the following: ! </P> ! <UL> ! <LI>The name of a directory or a pattern such as those shown below. ! </LI> ! <LI>The keyword <SAMP>disabled</SAMP>. This turns off <EM>all</EM> ! username-to-directory translations except those explicitly named with ! the <SAMP>enabled</SAMP> keyword (see below). ! </LI> ! <LI>The keyword <SAMP>disabled</SAMP> followed by a space-delimited ! list of usernames. Usernames that appear in such a list will ! <EM>never</EM> have directory translation performed, even if they ! appear in an <SAMP>enabled</SAMP> clause. ! </LI> ! <LI>The keyword <SAMP>enabled</SAMP> followed by a space-delimited list ! of usernames. These usernames will have directory translation ! performed even if a global disable is in effect, but not if they also ! appear in a <SAMP>disabled</SAMP> clause. ! </LI> ! </UL> ! <P> ! If neither the <SAMP>enabled</SAMP> nor the <SAMP>disabled</SAMP> ! keywords appear in the <SAMP>Userdir</SAMP> directive, the argument is ! treated as a filename pattern, and is used to turn the name into a ! directory specification. A request for <code>http://www.foo.com/~bob/one/two.html</code> will be translated to: <pre> ! UserDir public_html -> ~bob/public_html/one/two.html ! UserDir /usr/web -> /usr/web/bob/one/two.html ! UserDir /home/*/www -> /home/bob/www/one/two.html </pre> The following directives will send redirects to the client: <pre> ! UserDir http://www.foo.com/users -> http//www.foo.com/users/bob/one/two.html ! UserDir http://www.foo.com/*/usr -> http://www.foo.com/bob/usr/one/two.html ! UserDir http://www.foo.com/~*/ -> http://www.foo.com/~bob/one/two.html </pre> </P> + <BLOCKQUOTE> + <STRONG> + Be careful when using this directive; for instance, + <SAMP>"UserDir ./"</SAMP> would map + <SAMP>"/~root"</SAMP> to + <SAMP>"/"</SAMP> - which is probably undesirable. If you are + running Apache 1.3 or above, it is strongly recommended that your + configuration include a + "<SAMP>UserDir disabled root</SAMP>" declaration. + See also + the + <A + HREF="core.html#directory" + ><Directory></A> + directive and the + <A + HREF="../misc/security_tips.html" + >Security Tips</A> + page for more information. + </STRONG> + </BLOCKQUOTE> <!--#include virtual="footer.html" --> </BODY>