Apache HTTP Server Version 2.2
This document refers to a legacy release (2.2) of Apache httpd. The active release (2.4) is documented here. If you have not already upgraded, please follow this link for more information.
You may follow this link to go to the current version of this document.
The directive quick reference shows the usage, default, status, and context of each Apache configuration directive. For more information about each of these, see the Directive Dictionary.
The first column gives the directive name and usage. The second column shows the default value of the directive, if a default exists. If the default is too large to display, it will be truncated and followed by "+".
The third and fourth columns list the contexts where the directive is allowed and the status of the directive according to the legend tables below.
A | B | C | D | E | F | G | H | I | K | L | M | N | O | P | R | S | T | U | V | W | X |
|
|
AcceptFilter protocol accept_filter | s | C | |
Configures optimizations for a Protocol's Listener Sockets | |||
AcceptMutex Default|method | Default | s | M |
Method that Apache uses to serialize multiple children accepting requests on network sockets | |||
AcceptPathInfo On|Off|Default | Default | svdh | C |
Resources accept trailing pathname information | |||
AccessFileName filename [filename] ... | .htaccess | sv | C |
Name of the distributed configuration file | |||
Action action-type cgi-script [virtual] | svdh | B | |
Activates a CGI script for a particular handler or content-type | |||
AddAlt string file [file] ... | svdh | B | |
Alternate text to display for a file, instead of an icon selected by filename | |||
AddAltByEncoding string MIME-encoding [MIME-encoding] ... | svdh | B | |
Alternate text to display for a file instead of an icon selected by MIME-encoding | |||
AddAltByType string MIME-type [MIME-type] ... | svdh | B | |
Alternate text to display for a file, instead of an icon selected by MIME content-type | |||
AddCharset charset extension [extension] ... | svdh | B | |
Maps the given filename extensions to the specified content charset | |||
AddDefaultCharset On|Off|charset | Off | svdh | C |
Default charset parameter to be added when a response
content-type is text/plain or text/html | |||
AddDescription string file [file] ... | svdh | B | |
Description to display for a file | |||
AddEncoding MIME-enc extension [extension] ... | svdh | B | |
Maps the given filename extensions to the specified encoding type | |||
AddHandler handler-name extension [extension] ... | svdh | B | |
Maps the filename extensions to the specified handler | |||
AddIcon icon name [name] ... | svdh | B | |
Icon to display for a file selected by name | |||
AddIconByEncoding icon MIME-encoding [MIME-encoding] ... | svdh | B | |
Icon to display next to files selected by MIME content-encoding | |||
AddIconByType icon MIME-type [MIME-type] ... | svdh | B | |
Icon to display next to files selected by MIME content-type | |||
AddInputFilter filter[;filter...] extension [extension] ... | svdh | B | |
Maps filename extensions to the filters that will process client requests | |||
AddLanguage MIME-lang extension [extension] ... | svdh | B | |
Maps the given filename extension to the specified content language | |||
AddModuleInfo module-name string | sv | E | |
Adds additional information to the module information displayed by the server-info handler | |||
AddOutputFilter filter[;filter...] extension [extension] ... | svdh | B | |
Maps filename extensions to the filters that will process responses from the server | |||
AddOutputFilterByType filter[;filter...] MIME-type [MIME-type] ... | svdh | C | |
assigns an output filter to a particular MIME-type | |||
AddType MIME-type extension [extension] ... | svdh | B | |
Maps the given filename extensions onto the specified content type | |||
Alias URL-path file-path|directory-path | sv | B | |
Maps URLs to filesystem locations | |||
AliasMatch regex file-path|directory-path | sv | B | |
Maps URLs to filesystem locations using regular expressions | |||
Allow from all|host|env=[!]env-variable [host|env=[!]env-variable] ... | dh | B | |
Controls which hosts can access an area of the server | |||
AllowCONNECT port [port] ... | 443 563 | sv | E |
Ports that are allowed to CONNECT through the
proxy | |||
AllowEncodedSlashes On|Off|NoDecode | Off | sv | C |
Determines whether encoded path separators in URLs are allowed to be passed through | |||
AllowOverride All|None|directive-type [directive-type] ... | All | d | C |
Types of directives that are allowed in
.htaccess files | |||
Anonymous user [user] ... | dh | E | |
Specifies userIDs that are allowed access without password verification | |||
Anonymous_LogEmail On|Off | On | dh | E |
Sets whether the password entered will be logged in the error log | |||
Anonymous_MustGiveEmail On|Off | On | dh | E |
Specifies whether blank passwords are allowed | |||
Anonymous_NoUserID On|Off | Off | dh | E |
Sets whether the userID field may be empty | |||
Anonymous_VerifyEmail On|Off | Off | dh | E |
Sets whether to check the password field for a correctly formatted email address | |||
AuthBasicAuthoritative On|Off | On | dh | B |
Sets whether authorization and authentication are passed to lower level modules | |||
AuthBasicProvider provider-name [provider-name] ... | file | dh | B |
Sets the authentication provider(s) for this location | |||
AuthDBDUserPWQuery query | d | E | |
SQL query to look up a password for a user | |||
AuthDBDUserRealmQuery query | d | E | |
SQL query to look up a password hash for a user and realm. | |||
AuthDBMGroupFile file-path | dh | E | |
Sets the name of the database file containing the list of user groups for authorization | |||
AuthDBMType default|SDBM|GDBM|NDBM|DB | default | dh | E |
Sets the type of database file that is used to store passwords | |||
AuthDBMUserFile file-path | dh | E | |
Sets the name of a database file containing the list of users and passwords for authentication | |||
AuthDefaultAuthoritative On|Off | On | dh | B |
Sets whether authentication is passed to lower level modules | |||
AuthDigestAlgorithm MD5|MD5-sess | MD5 | dh | E |
Selects the algorithm used to calculate the challenge and response hashes in digest authentication | |||
AuthDigestDomain URI [URI] ... | dh | E | |
URIs that are in the same protection space for digest authentication | |||
AuthDigestNcCheck On|Off | Off | s | E |
Enables or disables checking of the nonce-count sent by the server | |||
AuthDigestNonceFormat format | dh | E | |
Determines how the nonce is generated | |||
AuthDigestNonceLifetime seconds | 300 | dh | E |
How long the server nonce is valid | |||
AuthDigestProvider provider-name [provider-name] ... | file | dh | E |
Sets the authentication provider(s) for this location | |||
AuthDigestQop none|auth|auth-int [auth|auth-int] | auth | dh | E |
Determines the quality-of-protection to use in digest authentication | |||
AuthDigestShmemSize size | 1000 | s | E |
The amount of shared memory to allocate for keeping track of clients | |||
AuthGroupFile file-path | dh | B | |
Sets the name of a text file containing the list of user groups for authorization | |||
AuthLDAPBindAuthoritativeoff|on | on | dh | E |
Determines if other authentication providers are used when a user can be mapped to a DN but the server cannot successfully bind with the user's credentials. | |||
AuthLDAPBindDN distinguished-name | dh | E | |
Optional DN to use in binding to the LDAP server | |||
AuthLDAPBindPassword password | dh | E | |
Password used in conjuction with the bind DN | |||
AuthLDAPCharsetConfig file-path | s | E | |
Language to charset conversion configuration file | |||
AuthLDAPCompareDNOnServer on|off | on | dh | E |
Use the LDAP server to compare the DNs | |||
AuthLDAPDereferenceAliases never|searching|finding|always | Always | dh | E |
When will the module de-reference aliases | |||
AuthLDAPGroupAttribute attribute | member uniquemember + | dh | E |
LDAP attributes used to check for group membership | |||
AuthLDAPGroupAttributeIsDN on|off | on | dh | E |
Use the DN of the client username when checking for group membership | |||
AuthLDAPRemoteUserAttribute uid | dh | E | |
Use the value of the attribute returned during the user query to set the REMOTE_USER environment variable | |||
AuthLDAPRemoteUserIsDN on|off | off | dh | E |
Use the DN of the client username to set the REMOTE_USER environment variable | |||
AuthLDAPUrl url [NONE|SSL|TLS|STARTTLS] | dh | E | |
URL specifying the LDAP search parameters | |||
AuthName auth-domain | dh | C | |
Authorization realm for use in HTTP authentication | |||
<AuthnProviderAlias baseProvider Alias> ... </AuthnProviderAlias> | s | E | |
Enclose a group of directives that represent an extension of a base authentication provider and referenced by the specified alias | |||
AuthType Basic|Digest | dh | C | |
Type of user authentication | |||
AuthUserFile file-path | dh | B | |
Sets the name of a text file containing the list of users and passwords for authentication | |||
AuthzDBMAuthoritative On|Off | On | dh | E |
Sets whether authorization will be passed on to lower level modules | |||
AuthzDBMType default|SDBM|GDBM|NDBM|DB | default | dh | E |
Sets the type of database file that is used to store list of user groups | |||
AuthzDefaultAuthoritative On|Off | On | dh | B |
Sets whether authorization is passed to lower level modules | |||
AuthzGroupFileAuthoritative On|Off | On | dh | B |
Sets whether authorization will be passed on to lower level modules | |||
AuthzLDAPAuthoritative on|off | on | dh | E |
Prevent other authentication modules from authenticating the user if this one fails | |||
AuthzOwnerAuthoritative On|Off | On | dh | E |
Sets whether authorization will be passed on to lower level modules | |||
AuthzUserAuthoritative On|Off | On | dh | B |
Sets whether authorization will be passed on to lower level modules | |||
BalancerMember [balancerurl] url [key=value [key=value ...]] | d | E | |
Add a member to a load balancing group | |||
BrowserMatch regex [!]env-variable[=value] [[!]env-variable[=value]] ... | svdh | B | |
Sets environment variables conditional on HTTP User-Agent | |||
BrowserMatchNoCase regex [!]env-variable[=value] [[!]env-variable[=value]] ... | svdh | B | |
Sets environment variables conditional on User-Agent without respect to case | |||
BufferedLogs On|Off | Off | s | B |
Buffer log entries in memory before writing to disk | |||
CacheDefaultExpire seconds | 3600 (one hour) | sv | E |
The default duration to cache a document when no expiry date is specified. | |||
CacheDirLength length | 2 | sv | E |
The number of characters in subdirectory names | |||
CacheDirLevels levels | 3 | sv | E |
The number of levels of subdirectories in the cache. | |||
CacheDisable url-string | sv | E | |
Disable caching of specified URLs | |||
CacheEnable cache_type url-string | sv | E | |
Enable caching of specified URLs using a specified storage manager | |||
CacheFile file-path [file-path] ... | s | X | |
Cache a list of file handles at startup time | |||
CacheIgnoreCacheControl On|Off | Off | sv | E |
Ignore request to not serve cached content to client | |||
CacheIgnoreHeaders header-string [header-string] ... | None | sv | E |
Do not store the given HTTP header(s) in the cache. | |||
CacheIgnoreNoLastMod On|Off | Off | sv | E |
Ignore the fact that a response has no Last Modified header. | |||
CacheIgnoreQueryString On|Off | Off | sv | E |
Ignore query string when caching | |||
CacheIgnoreURLSessionIdentifiers identifier [identifier] ... | None | sv | E |
Ignore defined session identifiers encoded in the URL when caching | |||
CacheLastModifiedFactor float | 0.1 | sv | E |
The factor used to compute an expiry date based on the LastModified date. | |||
CacheLock on|off | off | sv | E |
Enable the thundering herd lock. | |||
CacheLockMaxAge integer | 5 | sv | E |
Set the maximum possible age of a cache lock. | |||
CacheLockPath directory | /tmp/mod_cache-lock + | sv | E |
Set the lock path directory. | |||
CacheMaxExpire seconds | 86400 (one day) | sv | E |
The maximum time in seconds to cache a document | |||
CacheMaxFileSize bytes | 1000000 | sv | E |
The maximum size (in bytes) of a document to be placed in the cache | |||
CacheMinFileSize bytes | 1 | sv | E |
The minimum size (in bytes) of a document to be placed in the cache | |||
CacheNegotiatedDocs On|Off | Off | sv | B |
Allows content-negotiated documents to be cached by proxy servers | |||
CacheRoot directory | sv | E | |
The directory root under which cache files are stored | |||
CacheStoreNoStore On|Off | Off | sv | E |
Attempt to cache requests or responses that have been marked as no-store. | |||
CacheStorePrivate On|Off | Off | sv | E |
Attempt to cache responses that the server has marked as private | |||
CGIDScriptTimeout time[s|ms] | svdh | B | |
The length of time to wait for more output from the CGI program | |||
CGIMapExtension cgi-path .extension | dh | C | |
Technique for locating the interpreter for CGI scripts | |||
CharsetDefault charset | svdh | E | |
Charset to translate into | |||
CharsetOptions option [option] ... | DebugLevel=0 NoImpl + | svdh | E |
Configures charset translation behavior | |||
CharsetSourceEnc charset | svdh | E | |
Source charset of files | |||
CheckCaseOnly on|off | Off | svdh | E |
Limits the action of the speling module to case corrections | |||
CheckSpelling on|off | Off | svdh | E |
Enables the spelling module | |||
ChrootDir /path/to/directory | s | M | |
Directory for apache to run chroot(8) after startup. | |||
ContentDigest On|Off | Off | svdh | C |
Enables the generation of Content-MD5 HTTP Response
headers | |||
CookieDomain domain | svdh | E | |
The domain to which the tracking cookie applies | |||
CookieExpires expiry-period | svdh | E | |
Expiry time for the tracking cookie | |||
CookieLog filename | sv | B | |
Sets filename for the logging of cookies | |||
CookieName token | Apache | svdh | E |
Name of the tracking cookie | |||
CookieStyle Netscape|Cookie|Cookie2|RFC2109|RFC2965 | Netscape | svdh | E |
Format of the cookie header field | |||
CookieTracking on|off | off | svdh | E |
Enables tracking cookie | |||
CoreDumpDirectory directory | s | M | |
Directory where Apache attempts to switch before dumping core | |||
CustomLog file|pipe format|nickname [env=[!]environment-variable] | sv | B | |
Sets filename and format of log file | |||
Dav On|Off|provider-name | Off | d | E |
Enable WebDAV HTTP methods | |||
DavDepthInfinity on|off | off | svd | E |
Allow PROPFIND, Depth: Infinity requests | |||
DavGenericLockDB file-path | svd | E | |
Location of the DAV lock database | |||
DavLockDB file-path | sv | E | |
Location of the DAV lock database | |||
DavMinTimeout seconds | 0 | svd | E |
Minimum amount of time the server holds a lock on a DAV resource | |||
DBDExptime time-in-seconds | 300 | sv | E |
Keepalive time for idle connections | |||
DBDKeep number | 2 | sv | E |
Maximum sustained number of connections | |||
DBDMax number | 10 | sv | E |
Maximum number of connections | |||
DBDMin number | 1 | sv | E |
Minimum number of connections | |||
DBDParams param1=value1[,param2=value2] | sv | E | |
Parameters for database connection | |||
DBDPersist On|Off | sv | E | |
Whether to use persistent connections | |||
DBDPrepareSQL "SQL statement" label | sv | E | |
Define an SQL prepared statement | |||
DBDriver name | sv | E | |
Specify an SQL driver | |||
DefaultIcon url-path | svdh | B | |
Icon to display for files when no specific icon is configured | |||
DefaultLanguage MIME-lang | svdh | B | |
Sets all files in the given scope to the specified language | |||
DefaultType MIME-type|none | text/plain | svdh | C |
MIME content-type that will be sent if the server cannot determine a type in any other way | |||
DeflateBufferSize value | 8096 | sv | E |
Fragment size to be compressed at one time by zlib | |||
DeflateCompressionLevel value | sv | E | |
How much compression do we apply to the output | |||
DeflateFilterNote [type] notename | sv | E | |
Places the compression ratio in a note for logging | |||
DeflateInflateLimitRequestBodyvalue | svdh | E | |
Maximum size of inflated request bodies | |||
DeflateInflateRatioBurst value | svdh | E | |
Maximum number of times the inflation ratio for request bodies can be crossed | |||
DeflateInflateRatioLimit value | svdh | E | |
Maximum inflation ratio for request bodies | |||
DeflateMemLevel value | 9 | sv | E |
How much memory should be used by zlib for compression | |||
DeflateWindowSize value | 15 | sv | E |
Zlib compression window size | |||
Deny from all|host|env=[!]env-variable [host|env=[!]env-variable] ... | dh | B | |
Controls which hosts are denied access to the server | |||
<Directory directory-path> ... </Directory> | sv | C | |
Enclose a group of directives that apply only to the named file-system directory, sub-directories, and their contents | |||
DirectoryIndex local-url [local-url] ... | index.html | svdh | B |
List of resources to look for when the client requests a directory | |||
<DirectoryMatch regex> ... </DirectoryMatch> | sv | C | |
Enclose directives that apply to file-system directories matching a regular expression and their subdirectories | |||
DirectorySlash On|Off | On | svdh | B |
Toggle trailing slash redirects on or off | |||
DocumentRoot directory-path | /usr/local/apache/h + | sv | C |
Directory that forms the main document tree visible from the web | |||
DumpIOInput On|Off | Off | s | E |
Dump all input data to the error log | |||
DumpIOLogLevel level | debug | s | E |
Controls the logging level of the DumpIO output | |||
DumpIOOutput On|Off | Off | s | E |
Dump all output data to the error log | |||
EnableExceptionHook On|Off | Off | s | M |
Enables a hook that runs exception handlers after a crash | |||
EnableMMAP On|Off | On | svdh | C |
Use memory-mapping to read files during delivery | |||
EnableSendfile On|Off | On | svdh | C |
Use the kernel sendfile support to deliver files to the client | |||
ErrorDocument error-code document | svdh | C | |
What the server will return to the client in case of an error | |||
ErrorLog file-path|syslog[:facility] | logs/error_log (Uni + | sv | C |
Location where the server will log errors | |||
Example | svdh | X | |
Demonstration directive to illustrate the Apache module API | |||
ExpiresActive On|Off | svdh | E | |
Enables generation of Expires
headers | |||
ExpiresByType MIME-type <code>seconds | svdh | E | |
Value of the Expires header configured
by MIME type | |||
ExpiresDefault <code>seconds | svdh | E | |
Default algorithm for calculating expiration time | |||
ExtendedStatus On|Off | Off | s | B |
Keep track of extended status information for each request | |||
ExtFilterDefine filtername parameters | s | E | |
Define an external filter | |||
ExtFilterOptions option [option] ... | DebugLevel=0 NoLogS + | d | E |
Configure mod_ext_filter options | |||
FallbackResource disabled | local-url | svdh | B | |
Define a default URL for requests that don't map to a file | |||
FileETag component ... | INode MTime Size | svdh | C |
File attributes used to create the ETag HTTP response header for static files | |||
<Files filename> ... </Files> | svdh | C | |
Contains directives that apply to matched filenames | |||
<FilesMatch regex> ... </FilesMatch> | svdh | C | |
Contains directives that apply to regular-expression matched filenames | |||
FilterChain [+=-@!]filter-name ... | svdh | B | |
Configure the filter chain | |||
FilterDeclare filter-name [type] | svdh | B | |
Declare a smart filter | |||
FilterProtocol filter-name [provider-name] proto-flags | svdh | B | |
Deal with correct HTTP protocol handling | |||
FilterProvider filter-name provider-name [req|resp|env]=dispatch match | svdh | B | |
Register a content filter | |||
FilterTrace filter-name level | svd | B | |
Get debug/diagnostic information from
mod_filter | |||
ForceLanguagePriority None|Prefer|Fallback [Prefer|Fallback] | Prefer | svdh | B |
Action to take if a single acceptable document is not found | |||
ForceType MIME-type|None | dh | C | |
Forces all matching files to be served with the specified MIME content-type | |||
ForensicLog filename|pipe | sv | E | |
Sets filename of the forensic log | |||
GprofDir /tmp/gprof/|/tmp/gprof/% | sv | C | |
Directory to write gmon.out profiling data to. | |||
GracefulShutDownTimeout seconds | s | M | |
Specify a timeout after which a gracefully shutdown server will exit. | |||
Group unix-group | #-1 | s | M |
Group under which the server will answer requests | |||
Header [condition] set|append|merge|add|unset|echo|edit header [value] [replacement] [early|env=[!]variable] | svdh | E | |
Configure HTTP response headers | |||
HeaderName filename | svdh | B | |
Name of the file that will be inserted at the top of the index listing | |||
HostnameLookups On|Off|Double | Off | svd | C |
Enables DNS lookups on client IP addresses | |||
HttpProtocolOptions [Strict|Unsafe] [RegisteredMethods|LenientMethods] [Allow0.9|Require1.0] | Strict LenientMetho + | sv | C |
Modify restrictions on HTTP Request Messages | |||
IdentityCheck On|Off | Off | svd | E |
Enables logging of the RFC 1413 identity of the remote user | |||
IdentityCheckTimeout seconds | 30 | svd | E |
Determines the timeout duration for ident requests | |||
<IfDefine [!]parameter-name> ... </IfDefine> | svdh | C | |
Encloses directives that will be processed only if a test is true at startup | |||
<IfModule [!]module-file|module-identifier> ... </IfModule> | svdh | C | |
Encloses directives that are processed conditional on the presence or absence of a specific module | |||
<IfVersion [[!]operator] version> ... </IfVersion> | svdh | E | |
contains version dependent configuration | |||
ImapBase map|referer|URL | http://servername/ | svdh | B |
Default base for imagemap files | |||
ImapDefault error|nocontent|map|referer|URL | nocontent | svdh | B |
Default action when an imagemap is called with coordinates that are not explicitly mapped | |||
ImapMenu none|formatted|semiformatted|unformatted | svdh | B | |
Action if no coordinates are given when calling an imagemap | |||
Include file-path|directory-path | svd | C | |
Includes other configuration files from within the server configuration files | |||
IndexHeadInsert "markup ..." | svdh | B | |
Inserts text in the HEAD section of an index page. | |||
IndexIgnore file [file] ... | "." | svdh | B |
Adds to the list of files to hide when listing a directory | |||
IndexOptions [+|-]option [[+|-]option] ... | svdh | B | |
Various configuration settings for directory indexing | |||
IndexOrderDefault Ascending|Descending Name|Date|Size|Description | Ascending Name | svdh | B |
Sets the default ordering of the directory index | |||
IndexStyleSheet url-path | svdh | B | |
Adds a CSS stylesheet to the directory index | |||
ISAPIAppendLogToErrors on|off | off | svdh | B |
Record HSE_APPEND_LOG_PARAMETER requests from
ISAPI extensions to the error log | |||
ISAPIAppendLogToQuery on|off | on | svdh | B |
Record HSE_APPEND_LOG_PARAMETER requests from
ISAPI extensions to the query field | |||
ISAPICacheFile file-path [file-path] ... | sv | B | |
ISAPI .dll files to be loaded at startup | |||
ISAPIFakeAsync on|off | off | svdh | B |
Fake asynchronous support for ISAPI callbacks | |||
ISAPILogNotSupported on|off | off | svdh | B |
Log unsupported feature requests from ISAPI extensions | |||
ISAPIReadAheadBuffer size | 49152 | svdh | B |
Size of the Read Ahead Buffer sent to ISAPI extensions | |||
KeepAlive On|Off | On | sv | C |
Enables HTTP persistent connections | |||
KeepAliveTimeout seconds | 5 | sv | C |
Amount of time the server will wait for subsequent requests on a persistent connection | |||
LanguagePriority MIME-lang [MIME-lang] ... | svdh | B | |
The precendence of language variants for cases where the client does not express a preference | |||
LDAPCacheEntries number | 1024 | s | E |
Maximum number of entries in the primary LDAP cache | |||
LDAPCacheTTL seconds | 600 | s | E |
Time that cached items remain valid | |||
LDAPConnectionTimeout seconds | s | E | |
Specifies the socket connection timeout in seconds | |||
LDAPOpCacheEntries number | 1024 | s | E |
Number of entries used to cache LDAP compare operations | |||
LDAPOpCacheTTL seconds | 600 | s | E |
Time that entries in the operation cache remain valid | |||
LDAPSharedCacheFile directory-path/filename | s | E | |
Sets the shared memory cache file | |||
LDAPSharedCacheSize bytes | 500000 | s | E |
Size in bytes of the shared-memory cache | |||
LDAPTrustedClientCert type directory-path/filename/nickname [password] | svdh | E | |
Sets the file containing or nickname referring to a per connection client certificate. Not all LDAP toolkits support per connection client certificates. | |||
LDAPTrustedGlobalCert type directory-path/filename [password] | s | E | |
Sets the file or database containing global trusted Certificate Authority or global client certificates | |||
LDAPTrustedMode type | sv | E | |
Specifies the SSL/TLS mode to be used when connecting to an LDAP server. | |||
LDAPVerifyServerCert On|Off | On | s | E |
Force server certificate verification | |||
<Limit method [method] ... > ... </Limit> | svdh | C | |
Restrict enclosed access controls to only certain HTTP methods | |||
<LimitExcept method [method] ... > ... </LimitExcept> | svdh | C | |
Restrict access controls to all HTTP methods except the named ones | |||
LimitInternalRecursion number [number] | 10 | sv | C |
Determine maximum number of internal redirects and nested subrequests | |||
LimitRequestBody bytes | 0 | svdh | C |
Restricts the total size of the HTTP request body sent from the client | |||
LimitRequestFields number | 100 | sv | C |
Limits the number of HTTP request header fields that will be accepted from the client | |||
LimitRequestFieldSize bytes | 8190 | sv | C |
Limits the size of the HTTP request header allowed from the client | |||
LimitRequestLine bytes | 8190 | sv | C |
Limit the size of the HTTP request line that will be accepted from the client | |||
LimitXMLRequestBody bytes | 1000000 | svdh | C |
Limits the size of an XML-based request body | |||
Listen [IP-address:]portnumber [protocol] | s | M | |
IP addresses and ports that the server listens to | |||
ListenBacklog backlog | s | M | |
Maximum length of the queue of pending connections | |||
LoadFile filename [filename] ... | s | E | |
Link in the named object file or library | |||
LoadModule module filename | s | E | |
Links in the object file or library, and adds to the list of active modules | |||
<Location URL-path|URL> ... </Location> | sv | C | |
Applies the enclosed directives only to matching URLs | |||
<LocationMatch regex> ... </LocationMatch> | sv | C | |
Applies the enclosed directives only to regular-expression matching URLs | |||
LockFile filename | logs/accept.lock | s | M |
Location of the accept serialization lock file | |||
LogFormat format|nickname [nickname] | "%h %l %u %t \"%r\" + | sv | B |
Describes a format for use in a log file | |||
LogLevel level | warn | sv | C |
Controls the verbosity of the ErrorLog | |||
MaxClients number | s | M | |
Maximum number of connections that will be processed simultaneously | |||
MaxKeepAliveRequests number | 100 | sv | C |
Number of requests allowed on a persistent connection | |||
MaxMemFree KBytes | 0 | s | M |
Maximum amount of memory that the main allocator is allowed
to hold without calling free() | |||
MaxRanges default | unlimited | none | number-of-ranges | 200 | svd | C |
Number of ranges allowed before returning the complete resource | |||
MaxRequestsPerChild number | 10000 | s | M |
Limit on the number of requests that an individual child server will handle during its life | |||
MaxRequestsPerThread number | 0 | s | M |
Limit on the number of requests that an individual thread will handle during its life | |||
MaxSpareServers number | 10 | s | M |
Maximum number of idle child server processes | |||
MaxSpareThreads number | s | M | |
Maximum number of idle threads | |||
MaxThreads number | 2048 | s | M |
Set the maximum number of worker threads | |||
MCacheMaxObjectCount value | 1009 | s | E |
The maximum number of objects allowed to be placed in the cache | |||
MCacheMaxObjectSize bytes | 10000 | s | E |
The maximum size (in bytes) of a document allowed in the cache | |||
MCacheMaxStreamingBuffer size_in_bytes | the smaller of 1000 + | s | E |
Maximum amount of a streamed response to buffer in memory before declaring the response uncacheable | |||
MCacheMinObjectSize bytes | 1 | s | E |
The minimum size (in bytes) of a document to be allowed in the cache | |||
MCacheRemovalAlgorithm LRU|GDSF | GDSF | s | E |
The algorithm used to select documents for removal from the cache | |||
MCacheSize KBytes | 100 | s | E |
The maximum amount of memory used by the cache in KBytes | |||
MergeTrailers [on|off] | off | sv | C |
Determines whether trailers are merged into headers | |||
MetaDir directory | .web | svdh | E |
Name of the directory to find CERN-style meta information files | |||
MetaFiles on|off | off | svdh | E |
Activates CERN meta-file processing | |||
MetaSuffix suffix | .meta | svdh | E |
File name suffix for the file containg CERN-style meta information | |||
MimeMagicFile file-path | sv | E | |
Enable MIME-type determination based on file contents using the specified magic file | |||
MinSpareServers number | 5 | s | M |
Minimum number of idle child server processes | |||
MinSpareThreads number | s | M | |
Minimum number of idle threads available to handle request spikes | |||
MMapFile file-path [file-path] ... | s | X | |
Map a list of files into memory at startup time | |||
ModMimeUsePathInfo On|Off | Off | d | B |
Tells mod_mime to treat path_info
components as part of the filename | |||
MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers [Handlers|Filters] | NegotiatedOnly | svdh | B |
The types of files that will be included when searching for a matching file with MultiViews | |||
NameVirtualHost addr[:port] | s | C | |
Designates an IP address for name-virtual hosting | |||
NoProxy host [host] ... | sv | E | |
Hosts, domains, or networks that will be connected to directly | |||
NWSSLTrustedCerts filename [filename] ... | s | B | |
List of additional client certificates | |||
NWSSLUpgradeable [IP-address:]portnumber | s | B | |
Allows a connection to be upgraded to an SSL connection upon request | |||
Options [+|-]option [[+|-]option] ... | All | svdh | C |
Configures what features are available in a particular directory | |||
Order ordering | Deny,Allow | dh | B |
Controls the default access state and the order in which
Allow and Deny are
evaluated. | |||
PassEnv env-variable [env-variable] ... | svdh | B | |
Passes environment variables from the shell | |||
PidFile filename | logs/httpd.pid | s | M |
File where the server records the process ID of the daemon | |||
Protocol protocol | sv | C | |
Protocol for a listening socket | |||
ProtocolEcho On|Off | Off | sv | X |
Turn the echo server on or off | |||
<Proxy wildcard-url> ...</Proxy> | sv | E | |
Container for directives applied to proxied resources | |||
ProxyBadHeader IsError|Ignore|StartBody | IsError | sv | E |
Determines how to handle bad header lines in a response | |||
ProxyBlock *|word|host|domain [word|host|domain] ... | sv | E | |
Words, hosts, or domains that are banned from being proxied | |||
ProxyDomain Domain | sv | E | |
Default domain name for proxied requests | |||
ProxyErrorOverride On|Off | Off | sv | E |
Override error pages for proxied content | |||
ProxyFtpDirCharset character set | ISO-8859-1 | svd | E |
Define the character set for proxied FTP listings | |||
ProxyIOBufferSize bytes | 8192 | sv | E |
Determine size of internal data throughput buffer | |||
<ProxyMatch regex> ...</ProxyMatch> | sv | E | |
Container for directives applied to regular-expression-matched proxied resources | |||
ProxyMaxForwards number | -1 | sv | E |
Maximium number of proxies that a request can be forwarded through | |||
ProxyPass [path] !|url [key=value [key=value ...]] [nocanon] [interpolate] | svd | E | |
Maps remote servers into the local server URL-space | |||
ProxyPassInterpolateEnv On|Off | Off | svd | E |
Enable Environment Variable interpolation in Reverse Proxy configurations | |||
ProxyPassMatch [regex] !|url [key=value [key=value ...]] | svd | E | |
Maps remote servers into the local server URL-space using regular expressions | |||
ProxyPassReverse [path] url [interpolate] | svd | E | |
Adjusts the URL in HTTP response headers sent from a reverse proxied server | |||
ProxyPassReverseCookieDomain internal-domain public-domain [interpolate] | svd | E | |
Adjusts the Domain string in Set-Cookie headers from a reverse- proxied server | |||
ProxyPassReverseCookiePath internal-path public-path [interpolate] | svd | E | |
Adjusts the Path string in Set-Cookie headers from a reverse- proxied server | |||
ProxyPreserveHost On|Off | Off | sv | E |
Use incoming Host HTTP request header for proxy request | |||
ProxyReceiveBufferSize bytes | 0 | sv | E |
Network buffer size for proxied HTTP and FTP connections | |||
ProxyRemote match remote-server | sv | E | |
Remote proxy used to handle certain requests | |||
ProxyRemoteMatch regex remote-server | sv | E | |
Remote proxy used to handle requests matched by regular expressions | |||
ProxyRequests On|Off | Off | sv | E |
Enables forward (standard) proxy requests | |||
ProxySCGIInternalRedirect On|Off | On | svd | E |
Enable or disable internal redirect responses from the backend | |||
ProxySCGISendfile On|Off|Headername | Off | svd | E |
Enable evaluation of X-Sendfile pseudo response header | |||
ProxySet url key=value [key=value ...] | d | E | |
Set various Proxy balancer or member parameters | |||
ProxyStatus Off|On|Full | Off | sv | E |
Show Proxy LoadBalancer status in mod_status | |||
ProxyTimeout seconds | sv | E | |
Network timeout for proxied requests | |||
ProxyVia On|Off|Full|Block | Off | sv | E |
Information provided in the Via HTTP response
header for proxied requests | |||
ReadmeName filename | svdh | B | |
Name of the file that will be inserted at the end of the index listing | |||
ReceiveBufferSize bytes | 0 | s | M |
TCP receive buffer size | |||
Redirect [status] URL-path URL | svdh | B | |
Sends an external redirect asking the client to fetch a different URL | |||
RedirectMatch [status] regex URL | svdh | B | |
Sends an external redirect based on a regular expression match of the current URL | |||
RedirectPermanent URL-path URL | svdh | B | |
Sends an external permanent redirect asking the client to fetch a different URL | |||
RedirectTemp URL-path URL | svdh | B | |
Sends an external temporary redirect asking the client to fetch a different URL | |||
RegisterHttpMethod method [method [...]] | s | C | |
Register non-standard HTTP methods | |||
RemoveCharset extension [extension] ... | vdh | B | |
Removes any character set associations for a set of file extensions | |||
RemoveEncoding extension [extension] ... | vdh | B | |
Removes any content encoding associations for a set of file extensions | |||
RemoveHandler extension [extension] ... | vdh | B | |
Removes any handler associations for a set of file extensions | |||
RemoveInputFilter extension [extension] ... | vdh | B | |
Removes any input filter associations for a set of file extensions | |||
RemoveLanguage extension [extension] ... | vdh | B | |
Removes any language associations for a set of file extensions | |||
RemoveOutputFilter extension [extension] ... | vdh | B | |
Removes any output filter associations for a set of file extensions | |||
RemoveType extension [extension] ... | vdh | B | |
Removes any content type associations for a set of file extensions | |||
RequestHeader set|append|merge|add|unset|edit header [value] [replacement] [early|env=[!]variable] | svdh | E | |
Configure HTTP request headers | |||
RequestReadTimeout [header=timeout[[-maxtimeout],MinRate=rate] [body=timeout[[-maxtimeout],MinRate=rate] | sv | E | |
Set timeout values for receiving request headers and body from client. | |||
Require entity-name [entity-name] ... | dh | C | |
Selects which authenticated users can access a resource | |||
RewriteBase URL-path | dh | E | |
Sets the base URL for per-directory rewrites | |||
RewriteCond TestString CondPattern | svdh | E | |
Defines a condition under which rewriting will take place | |||
RewriteEngine on|off | off | svdh | E |
Enables or disables runtime rewriting engine | |||
RewriteLock file-path | s | E | |
Sets the name of the lock file used for RewriteMap
synchronization | |||
RewriteLog file-path|pipe | sv | E | |
Sets the name of the file used for logging rewrite engine processing | |||
RewriteLogLevel Level | 0 | sv | E |
Sets the verbosity of the log file used by the rewrite engine | |||
RewriteMap MapName MapType:MapSource | sv | E | |
Defines a mapping function for key-lookup | |||
RewriteOptions Options | svdh | E | |
Sets some special options for the rewrite engine | |||
RewriteRule Pattern Substitution [flags] | svdh | E | |
Defines rules for the rewriting engine | |||
RLimitCPU seconds|max [seconds|max] | svdh | C | |
Limits the CPU consumption of processes launched by Apache children | |||
RLimitMEM bytes|max [bytes|max] | svdh | C | |
Limits the memory consumption of processes launched by Apache children | |||
RLimitNPROC number|max [number|max] | svdh | C | |
Limits the number of processes that can be launched by processes launched by Apache children | |||
Satisfy Any|All | All | dh | C |
Interaction between host-level access control and user authentication | |||
ScoreBoardFile file-path | logs/apache_runtime + | s | M |
Location of the file used to store coordination data for the child processes | |||
Script method cgi-script | svd | B | |
Activates a CGI script for a particular request method. | |||
ScriptAlias URL-path file-path|directory-path | sv | B | |
Maps a URL to a filesystem location and designates the target as a CGI script | |||
ScriptAliasMatch regex file-path|directory-path | sv | B | |
Maps a URL to a filesystem location using a regular expression and designates the target as a CGI script | |||
ScriptInterpreterSource Registry|Registry-Strict|Script | Script | svdh | C |
Technique for locating the interpreter for CGI scripts | |||
ScriptLog file-path | sv | B | |
Location of the CGI script error logfile | |||
ScriptLogBuffer bytes | 1024 | sv | B |
Maximum amount of PUT or POST requests that will be recorded in the scriptlog | |||
ScriptLogLength bytes | 10385760 | sv | B |
Size limit of the CGI script logfile | |||
ScriptSock file-path | logs/cgisock | s | B |
The filename prefix of the socket to use for communication with the cgi daemon | |||
SecureListen [IP-address:]portnumber Certificate-Name [MUTUAL] | s | B | |
Enables SSL encryption for the specified port | |||
SeeRequestTail On|Off | Off | s | B |
Determine if mod_status displays the first 63 characters of a request or the last 63, assuming the request itself is greater than 63 chars. | |||
SendBufferSize bytes | 0 | s | M |
TCP buffer size | |||
ServerAdmin email-address|URL | sv | C | |
Email address that the server includes in error messages sent to the client | |||
ServerAlias hostname [hostname] ... | v | C | |
Alternate names for a host used when matching requests to name-virtual hosts | |||
ServerLimit number | s | M | |
Upper limit on configurable number of processes | |||
ServerName [scheme://]fully-qualified-domain-name[:port] | sv | C | |
Hostname and port that the server uses to identify itself | |||
ServerPath URL-path | v | C | |
Legacy URL pathname for a name-based virtual host that is accessed by an incompatible browser | |||
ServerRoot directory-path | /usr/local/apache | s | C |
Base directory for the server installation | |||
ServerSignature On|Off|EMail | Off | svdh | C |
Configures the footer on server-generated documents | |||
ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full | Full | s | C |
Configures the Server HTTP response
header | |||
SetEnv env-variable [value] | svdh | B | |
Sets environment variables | |||
SetEnvIf attribute regex [!]env-variable[=value] [[!]env-variable[=value]] ... | svdh | B | |
Sets environment variables based on attributes of the request | |||
SetEnvIfNoCase attribute regex [!]env-variable[=value] [[!]env-variable[=value]] ... | svdh | B | |
Sets environment variables based on attributes of the request without respect to case | |||
SetHandler handler-name|None | svdh | C | |
Forces all matching files to be processed by a handler | |||
SetInputFilter filter[;filter...] | svdh | C | |
Sets the filters that will process client requests and POST input | |||
SetOutputFilter filter[;filter...] | svdh | C | |
Sets the filters that will process responses from the server | |||
SSIEnableAccess on|off | off | dh | B |
Enable the -A flag during conditional flow control processing. | |||
SSIEndTag tag | "-->" | sv | B |
String that ends an include element | |||
SSIErrorMsg message | "[an error occurred + | svdh | B |
Error message displayed when there is an SSI error | |||
SSIETag on|off | off | dh | B |
Controls whether ETags are generated by the server. | |||
SSILastModified on|off | off | dh | B |
Controls whether Last-Modified headers are generated by the
server. | |||
SSIStartTag tag | "<!--#" | sv | B |
String that starts an include element | |||
SSITimeFormat formatstring | "%A, %d-%b-%Y %H:%M + | svdh | B |
Configures the format in which date strings are displayed | |||
SSIUndefinedEcho string | "(none)" | svdh | B |
String displayed when an unset variable is echoed | |||
SSLCACertificateFile file-path | sv | E | |
File of concatenated PEM-encoded CA Certificates for Client Auth | |||
SSLCACertificatePath directory-path | sv | E | |
Directory of PEM-encoded CA Certificates for Client Auth | |||
SSLCADNRequestFile file-path | sv | E | |
File of concatenated PEM-encoded CA Certificates for defining acceptable CA names | |||
SSLCADNRequestPath directory-path | sv | E | |
Directory of PEM-encoded CA Certificates for defining acceptable CA names | |||
SSLCARevocationFile file-path | sv | E | |
File of concatenated PEM-encoded CA CRLs for Client Auth | |||
SSLCARevocationPath directory-path | sv | E | |
Directory of PEM-encoded CA CRLs for Client Auth | |||
SSLCertificateChainFile file-path | sv | E | |
File of PEM-encoded Server CA Certificates | |||
SSLCertificateFile file-path | sv | E | |
Server PEM-encoded X.509 Certificate file | |||
SSLCertificateKeyFile file-path | sv | E | |
Server PEM-encoded Private Key file | |||
SSLCipherSuite cipher-spec | ALL:!ADH:RC4+RSA:+H + | svdh | E |
Cipher Suite available for negotiation in SSL handshake | |||
SSLCompression on|off | off | sv | E |
Enable compression on the SSL level | |||
SSLCryptoDevice engine | builtin | s | E |
Enable use of a cryptographic hardware accelerator | |||
SSLEngine on|off|optional | off | sv | E |
SSL Engine Operation Switch | |||
SSLFIPS on|off | off | s | E |
SSL FIPS mode Switch | |||
SSLHonorCipherOrder flag | sv | E | |
Option to prefer the server's cipher preference order | |||
SSLInsecureRenegotiation flag | off | sv | E |
Option to enable support for insecure renegotiation | |||
SSLMutex type | none | s | E |
Semaphore for internal mutual exclusion of operations | |||
SSLOptions [+|-]option ... | svdh | E | |
Configure various SSL engine run-time options | |||
SSLPassPhraseDialog type | builtin | s | E |
Type of pass phrase dialog for encrypted private keys | |||
SSLProtocol [+|-]protocol ... | all | sv | E |
Configure usable SSL protocol flavors | |||
SSLProxyCACertificateFile file-path | sv | E | |
File of concatenated PEM-encoded CA Certificates for Remote Server Auth | |||
SSLProxyCACertificatePath directory-path | sv | E | |
Directory of PEM-encoded CA Certificates for Remote Server Auth | |||
SSLProxyCARevocationFile file-path | sv | E | |
File of concatenated PEM-encoded CA CRLs for Remote Server Auth | |||
SSLProxyCARevocationPath directory-path | sv | E | |
Directory of PEM-encoded CA CRLs for Remote Server Auth | |||
SSLProxyCheckPeerCN on|off | off | sv | E |
Whether to check the remote server certificates CN field | |||
SSLProxyCheckPeerExpire on|off | off | sv | E |
Whether to check if remote server certificate is expired | |||
SSLProxyCipherSuite cipher-spec | ALL:!ADH:RC4+RSA:+H + | svdh | E |
Cipher Suite available for negotiation in SSL proxy handshake | |||
SSLProxyEngine on|off | off | sv | E |
SSL Proxy Engine Operation Switch | |||
SSLProxyMachineCertificateChainFile filename | s | E | |
File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate | |||
SSLProxyMachineCertificateFile filename | s | E | |
File of concatenated PEM-encoded client certificates and keys to be used by the proxy | |||
SSLProxyMachineCertificatePath directory | s | E | |
Directory of PEM-encoded client certificates and keys to be used by the proxy | |||
SSLProxyProtocol [+|-]protocol ... | all | sv | E |
Configure usable SSL protocol flavors for proxy usage | |||
SSLProxyVerify level | none | sv | E |
Type of remote server Certificate verification | |||
SSLProxyVerifyDepth number | 1 | sv | E |
Maximum depth of CA Certificates in Remote Server Certificate verification | |||
SSLRandomSeed context source [bytes] | s | E | |
Pseudo Random Number Generator (PRNG) seeding source | |||
SSLRenegBufferSize bytes | 131072 | dh | E |
Set the size for the SSL renegotiation buffer | |||
SSLRequire expression | dh | E | |
Allow access only when an arbitrarily complex boolean expression is true | |||
SSLRequireSSL | dh | E | |
Deny access when SSL is not used for the HTTP request | |||
SSLSessionCache type | none | s | E |
Type of the global/inter-process SSL Session Cache | |||
SSLSessionCacheTimeout seconds | 300 | sv | E |
Number of seconds before an SSL session expires in the Session Cache | |||
SSLSessionTicketKeyFile file-path | sv | E | |
Persistent encryption/decryption key for TLS session tickets | |||
SSLSessionTickets on|off | on | sv | E |
Enable or disable use of TLS session tickets | |||
SSLStrictSNIVHostCheck on|off | off | sv | E |
Whether to allow non SNI clients to access a name based virtual host. | |||
SSLUserName varname | sdh | E | |
Variable name to determine user name | |||
SSLVerifyClient level | none | svdh | E |
Type of Client Certificate verification | |||
SSLVerifyDepth number | 1 | svdh | E |
Maximum depth of CA Certificates in Client Certificate verification | |||
StartServers number | s | M | |
Number of child server processes created at startup | |||
StartThreads number | s | M | |
Number of threads created on startup | |||
Substitute s/pattern/substitution/[infq] | dh | E | |
Pattern to filter the response content | |||
SubstituteInheritBefore on|off | off | dh | E |
Change the merge order of inherited patterns | |||
Suexec On|Off | s | C | |
Enable or disable the suEXEC feature | |||
SuexecUserGroup User Group | sv | E | |
User and group for CGI programs to run as | |||
ThreadLimit number | s | M | |
Sets the upper limit on the configurable number of threads per child process | |||
ThreadsPerChild number | s | M | |
Number of threads created by each child process | |||
ThreadStackSize size | s | M | |
The size in bytes of the stack used by threads handling client connections | |||
TimeOut seconds | 300 | sv | C |
Amount of time the server will wait for certain events before failing a request | |||
TraceEnable [on|off|extended] | on | sv | C |
Determines the behaviour on TRACE
requests | |||
TransferLog file|pipe | sv | B | |
Specify location of a log file | |||
TypesConfig file-path | conf/mime.types | s | B |
The location of the mime.types file | |||
UnsetEnv env-variable [env-variable] ... | svdh | B | |
Removes variables from the environment | |||
UseCanonicalName On|Off|DNS | Off | svd | C |
Configures how the server determines its own name and port | |||
UseCanonicalPhysicalPort On|Off | Off | svd | C |
Configures how the server determines its own name and port | |||
User unix-userid | #-1 | s | M |
The userid under which the server will answer requests | |||
UserDir directory-filename [directory-filename] ... | sv | B | |
Location of the user-specific directories | |||
VirtualDocumentRoot interpolated-directory|none | none | sv | E |
Dynamically configure the location of the document root for a given virtual host | |||
VirtualDocumentRootIP interpolated-directory|none | none | sv | E |
Dynamically configure the location of the document root for a given virtual host | |||
<VirtualHost addr[:port] [addr[:port]] ...> ... </VirtualHost> | s | C | |
Contains directives that apply only to a specific hostname or IP address | |||
VirtualScriptAlias interpolated-directory|none | none | sv | E |
Dynamically configure the location of the CGI directory for a given virtual host | |||
VirtualScriptAliasIP interpolated-directory|none | none | sv | E |
Dynamically configure the location of the cgi directory for a given virtual host | |||
Win32DisableAcceptEx | s | M | |
Use accept() rather than AcceptEx() to accept network connections | |||
XBitHack on|off|full | off | svdh | B |
Parse SSI directives in files with the execute bit set |