<-
Apache > HTTP Server > Documentation > Version 2.2 > Modules

Please note

This document refers to a legacy release (2.2) of Apache httpd. The active release (2.4) is documented here. If you have not already upgraded, please follow this link for more information.

You may follow this link to go to the current version of this document.

Apache Module mod_info

Available Languages:  en  |  ja  |  ko 

Description:Provides a comprehensive overview of the server configuration
Status:Extension
Module Identifier:info_module
Source File:mod_info.c

Summary

To configure mod_info, add the following to your httpd.conf file.

<Location /server-info>
SetHandler server-info
</Location>

You may wish to use mod_authz_host inside the <Location> directive to limit access to your server configuration information:

<Location /server-info>
SetHandler server-info
Order deny,allow
Deny from all
Allow from yourcompany.com
</Location>

Once configured, the server information is obtained by accessing http://your.host.example.com/server-info

Topics

Directives

top

Security Issues

Once mod_info is loaded into the server, its handler capability is available in all configuration files, including per-directory files (e.g., .htaccess). This may have security-related ramifications for your site.

In particular, this module can leak sensitive information from the configuration directives of other Apache modules such as system paths, usernames/passwords, database names, etc. Therefore, this module should only be used in a controlled environment and always with caution.

You will probably want to use mod_authz_host to limit access to your server configuration information.

Access control

<Location /server-info>
SetHandler server-info
Order allow,deny
# Allow access from server itself
Allow from 127.0.0.1
# Additionally, allow access from local workstation
Allow from 192.168.1.17
</Location>

top

Selecting the information shown

By default, the server information includes a list of all enabled modules, and for each module, a description of the directives understood by that module, the hooks implemented by that module, and the relevant directives from the current configuration.

Other views of the configuration information are available by appending a query to the server-info request. For example, http://your.host.example.com/server-info?config will show all configuration directives.

?<module-name>
Only information relevant to the named module
?config
Just the configuration directives, not sorted by module
?hooks
Only the list of Hooks each module is attached to
?list
Only a simple list of enabled modules
?server
Only the basic server information
top

Known Limitations

mod_info provides its information by reading the parsed configuration, rather than reading the original configuration file. There are a few limitations as a result of the way the parsed configuration tree is created:

top

AddModuleInfo Directive

Description:Adds additional information to the module information displayed by the server-info handler
Syntax:AddModuleInfo module-name string
Context:server config, virtual host
Status:Extension
Module:mod_info
Compatibility:Apache 1.3 and above

This allows the content of string to be shown as HTML interpreted, Additional Information for the module module-name. Example:

AddModuleInfo mod_deflate.c 'See <a \
href="http://www.apache.org/docs/2.2/mod/mod_deflate.html">\
http://www.apache.org/docs/2.2/mod/mod_deflate.html</a>'

Available Languages:  en  |  ja  |  ko 

top

Comments

Notice:
This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our mailing lists.