apache主配置文件httpd.conf详解

时间:2021-05-26 04:41:52
[root@lamp conf]# vi httpd.conf.bak

1 #
2 # This is the main Apache HTTP server configuration file. It contains the
3 # configuration directives that give the server its instructions.
4 # See <URL:http://httpd.apache.org/docs/2.4/> for detailed information.
5 # In particular, see
6 # <URL:http://httpd.apache.org/docs/2.4/mod/directives.html>
7 # for a discussion of each configuration directive.
8 #
9 # Do NOT simply read the instructions in here without understanding
10 # what they do. They're here only as hints or reminders. If you are unsure
11 # consult the online docs. You have been warned.
12 #
13 # Configuration and logfile names: If the filenames you specify for many
14 # of the server's control files begin with "/" (or "drive:/" for Win32), the
15 # server will use that explicit path. If the filenames do *not* begin
16 # with "/", the value of ServerRoot is prepended -- so "logs/access_log"
17 # with ServerRoot set to "/usr/local/apache2" will be interpreted by the
18 # server as "/usr/local/apache2/logs/access_log", whereas "/logs/access_log"
19 # will be interpreted as '/logs/access_log'.
20 
21 #
24 #
25 # Do not add a slash at the end of the directory path. If you point
26 # ServerRoot at a non-local disk, be sure to specify a local disk on the
27 # Mutex directive, if file-based mutexes are used. If you wish to share the
28 # same ServerRoot for multiple httpd daemons, you will need to change at
29 # least PidFile.
30 #

<===(31行)主要用于指定Apache的安装路径,此参数选项在安装Apache的时候会自动写入(如果是Windows版本则为Windows安装的路径),
编译安装则为编译时选择的路径,注意末尾不能带 / 。 31 ServerRoot "/usr/local/apache" 32 33 # <===(34-41行)互斥:允许你为多个不同的互斥对象设置互斥机制和互斥文件目录,或者修改全局默认值。
如果互斥对象是基于文件的以及默认的互斥文件目录不在本地磁盘或因为其它原因而不适用,那么取消注释并改变目录。 34 # Mutex: Allows you to set the mutex mechanism and mutex file directory 35 # for individual mutexes, or change the global defaults 36 # 38 # mutex file directory is not on a local disk or is not appropriate for some 39 # other reason. 40 # 41 # Mutex default:logs <===(44-53行)Listen主要侦听web服务端口状态,默认为:80,即侦听所有的地址的80端口,注意这里也可以写成IP地址的侦听形式,不写即默认的地址:0.0.0.0 44 # Listen: Allows you to bind Apache to specific IP addresses and/or 45 # ports, instead of the default. See also the <VirtualHost> 46 # directive. 47 # 48 # Change this to Listen on specific IP addresses as shown below to 49 # prevent Apache from glomming onto all bound IP addresses. 50 # 51 #Listen 12.34.56.78:80 52 Listen 80 53 <===(54-166行)主要用于添加Apache一些动态模块,比如php支持模块。重定向模块,认证模块支持,注意如果需要添加某些模块支持,只需把相关模块前面注释符号取消掉。
如图所示,要对Apache添加某个功能模块,把前面的注释符号去掉就行 54 # 55 # Dynamic Shared Object (DSO) Support #<===动态模块 Dynamic Shared Object (DSO) 支持 56 # 58 # have to place corresponding `LoadModule' lines at this location so the 59 # directives contained in it are actually available _before_ they are used. 60 # Statically compiled modules (those listed by `httpd -l') do not need 61 # to be loaded here. 62 # 63 # Example: 64 # LoadModule foo_module modules/mod_foo.so 65 # 66 LoadModule authn_file_module modules/mod_authn_file.so 67 #LoadModule authn_dbm_module modules/mod_authn_dbm.so 68 #LoadModule authn_anon_module modules/mod_authn_anon.so 69 #LoadModule authn_dbd_module modules/mod_authn_dbd.so 70 #LoadModule authn_socache_module modules/mod_authn_socache.so 71 LoadModule authn_core_module modules/mod_authn_core.so 72 LoadModule authz_host_module modules/mod_authz_host.so 73 LoadModule authz_groupfile_module modules/mod_authz_groupfile.so 74 LoadModule authz_user_module modules/mod_authz_user.so 75 #LoadModule authz_dbm_module modules/mod_authz_dbm.so 76 #LoadModule authz_owner_module modules/mod_authz_owner.so 77 #LoadModule authz_dbd_module modules/mod_authz_dbd.so 78 LoadModule authz_core_module modules/mod_authz_core.so 79 LoadModule access_compat_module modules/mod_access_compat.so 80 LoadModule auth_basic_module modules/mod_auth_basic.so 81 #LoadModule auth_form_module modules/mod_auth_form.so 82 #LoadModule auth_digest_module modules/mod_auth_digest.so 83 #LoadModule allowmethods_module modules/mod_allowmethods.so 84 #LoadModule file_cache_module modules/mod_file_cache.so 85 #LoadModule cache_module modules/mod_cache.so 86 #LoadModule cache_disk_module modules/mod_cache_disk.so 87 #LoadModule cache_socache_module modules/mod_cache_socache.so 88 #LoadModule socache_shmcb_module modules/mod_socache_shmcb.so 89 #LoadModule socache_dbm_module modules/mod_socache_dbm.so 90 #LoadModule socache_memcache_module modules/mod_socache_memcache.so 91 #LoadModule watchdog_module modules/mod_watchdog.so 92 #LoadModule macro_module modules/mod_macro.so 93 #LoadModule dbd_module modules/mod_dbd.so 94 #LoadModule dumpio_module modules/mod_dumpio.so 95 #LoadModule echo_module modules/mod_echo.so 96 #LoadModule buffer_module modules/mod_buffer.so 97 #LoadModule data_module modules/mod_data.so 98 #LoadModule ratelimit_module modules/mod_ratelimit.so 99 LoadModule reqtimeout_module modules/mod_reqtimeout.so 100 #LoadModule ext_filter_module modules/mod_ext_filter.so 101 #LoadModule request_module modules/mod_request.so 102 #LoadModule include_module modules/mod_include.so 103 LoadModule filter_module modules/mod_filter.so 104 #LoadModule reflector_module modules/mod_reflector.so 105 #LoadModule substitute_module modules/mod_substitute.so 106 #LoadModule sed_module modules/mod_sed.so 107 #LoadModule charset_lite_module modules/mod_charset_lite.so 108 #LoadModule deflate_module modules/mod_deflate.so 109 LoadModule mime_module modules/mod_mime.so 110 LoadModule log_config_module modules/mod_log_config.so 111 #LoadModule log_debug_module modules/mod_log_debug.so 112 #LoadModule log_forensic_module modules/mod_log_forensic.so 113 #LoadModule logio_module modules/mod_logio.so 114 LoadModule env_module modules/mod_env.so 115 #LoadModule mime_magic_module modules/mod_mime_magic.so 116 #LoadModule expires_module modules/mod_expires.so 117 LoadModule headers_module modules/mod_headers.so 118 #LoadModule usertrack_module modules/mod_usertrack.so 119 #LoadModule unique_id_module modules/mod_unique_id.so 120 LoadModule setenvif_module modules/mod_setenvif.so 121 LoadModule version_module modules/mod_version.so 122 #LoadModule remoteip_module modules/mod_remoteip.so 123 #LoadModule proxy_module modules/mod_proxy.so 124 #LoadModule proxy_connect_module modules/mod_proxy_connect.so 125 #LoadModule proxy_ftp_module modules/mod_proxy_ftp.so 126 #LoadModule proxy_http_module modules/mod_proxy_http.so 127 #LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so 128 #LoadModule proxy_scgi_module modules/mod_proxy_scgi.so 129 #LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so 130 #LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so 131 #LoadModule proxy_ajp_module modules/mod_proxy_ajp.so 132 #LoadModule proxy_balancer_module modules/mod_proxy_balancer.so 133 #LoadModule proxy_express_module modules/mod_proxy_express.so 134 #LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so 135 #LoadModule session_module modules/mod_session.so 136 #LoadModule session_cookie_module modules/mod_session_cookie.so 137 #LoadModule session_dbd_module modules/mod_session_dbd.so 138 #LoadModule slotmem_shm_module modules/mod_slotmem_shm.so 139 #LoadModule slotmem_plain_module modules/mod_slotmem_plain.so 140 #LoadModule ssl_module modules/mod_ssl.so 141 #LoadModule dialup_module modules/mod_dialup.so 142 #LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so 143 #LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so 144 #LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so 145 #LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so 146 LoadModule unixd_module modules/mod_unixd.so 147 #LoadModule heartbeat_module modules/mod_heartbeat.so 148 #LoadModule heartmonitor_module modules/mod_heartmonitor.so 149 #LoadModule dav_module modules/mod_dav.so 150 LoadModule status_module modules/mod_status.so 151 LoadModule autoindex_module modules/mod_autoindex.so 152 #LoadModule asis_module modules/mod_asis.so 153 #LoadModule info_module modules/mod_info.so 154 #LoadModule cgi_module modules/mod_cgi.so 155 #LoadModule dav_fs_module modules/mod_dav_fs.so 156 #LoadModule dav_lock_module modules/mod_dav_lock.so 157 #LoadModule vhost_alias_module modules/mod_vhost_alias.so 158 #LoadModule negotiation_module modules/mod_negotiation.so 159 LoadModule dir_module modules/mod_dir.so 160 #LoadModule actions_module modules/mod_actions.so 161 #LoadModule speling_module modules/mod_speling.so 162 #LoadModule userdir_module modules/mod_userdir.so 163 LoadModule alias_module modules/mod_alias.so 164 #LoadModule rewrite_module modules/mod_rewrite.so 165 166 <IfModule unixd_module> 167 # <===(168-177行)此选项主要用指定Apache服务的运行用户和用户组,默认为:daemon,可以更改为apache 168 # If you wish httpd to run as a different user or group, you must run 169 # httpd as root initially and it will switch. 170 # 171 # User/Group: The name (or #number) of the user/group to run httpd as. 172 # It is usually good practice to create a dedicated user and group for 173 # running httpd, as with most system services. 174 # 175 User daemon 176 Group daemon 177 178 </IfModule> 179 180 # 'Main' server configuration <===下面是服务器主要的配置文件 181 # 182 # The directives in this section set up the values used by the 'main' 183 # server, which responds to any requests that aren't handled by a 184 # <VirtualHost> definition. These values also provide defaults for 185 # any <VirtualHost> containers you may define later in the file. 186 # 187 # All of these directives may appear inside <VirtualHost> containers, 188 # in which case these default settings will be overridden for the 189 # virtual host being defined. 190 # 191 192 # 193 # ServerAdmin: Your address, where problems with the server should be 194 # e-mailed. This address appears on some server-generated pages, such 195 # as error documents. e.g. admin@your-domain.com 196 # 197 ServerAdmin you@example.com <===配置管理员邮箱地址 198 <===(199-211行)配置Apache默认的服务器名以及端口,默认参数值设置为:ServerName localhost:80即可 199 # 200 # ServerName gives the name and port that the server uses to identify itself. 201 # This can often be determined automatically, but we recommend you specify 202 # it explicitly to prevent problems during startup. 203 # 204 # If your host doesn't have a registered DNS name, enter its IP address here. 205 # 206 #ServerName www.example.com:80 <===如果提示域名解析问题,就把这里改为本机IP地址:端口 207 208 # 209 # Deny access to the entirety of your server's filesystem. You must 210 # explicitly permit access to web content directories in other 211 # <Directory> blocks below. 212 # <===(213-228行)此选项主要是针对用户对根目录下所有的访问权限控制,默认Apache对根目录访问都是拒绝访问。 213 <Directory /> 214 AllowOverride none 215 Require all denied 216 </Directory> 217 218 # 219 # Note that from this point forward you must specifically allow 222 # below. 223 # 224 225 # 226 # DocumentRoot: The directory out of which you will serve your 227 # documents. By default, all requests are taken from this directory, but 228 # symbolic links and aliases may be used to point to other locations. 229 # <===(230-261行)Apache的默认网站根目录设置及访问控制,主要是针对Apache默认网站根目录的设置以及相关的权限访问设置,默认对网站的根目录具有访问权限。 230 DocumentRoot "/usr/local/apache/htdocs" 231 <Directory "/usr/local/apache/htdocs"> 232 # 236 # 237 # Note that "MultiViews" must be named *explicitly* --- "Options All" 238 # doesn't give it to you. 239 # 240 # The Options directive is both complicated and important. Please see 241 # http://httpd.apache.org/docs/2.4/mod/core.html#options 242 # for more information. 243 # 244 Options Indexes FollowSymLinks <===这里属于安全方面的设置(删除Indexes字符,或者在前面加 -),防止显示根目录 245 246 # 248 # It can be "All", "None", or any combination of the keywords: 249 # AllowOverride FileInfo AuthConfig Limit 250 # 251 AllowOverride None 252 253 # 254 # Controls who can get stuff from this server. 255 # 256 Require all granted 257 </Directory> 258 259 # 260 # DirectoryIndex: sets the file that Apache will serve if a directory 261 # is requested. <===(262-269行)Apache的默认首页设置,默认只支持:index.html首页,如要支持其他类型的首页,需要在此区域添加,如index.php 262 # 263 <IfModule dir_module> 264 DirectoryIndex index.html 265 </IfModule> 266 267 # 268 # The following lines prevent .htaccess and .htpasswd files from being 269 # viewed by Web clients. 270 # <===(271-273行)Apache关于.ht文件访问配置,默认为具有访问权限,此区域文件默认即可。 271 <Files ".ht*"> 272 Require all denied 273 </Files> 274 <===(275-317行)此区域文件主要是针对Apache默认的日志级别,默认的访问日志路径,默认的错误日志路径等相关设置,此选项内容默认即可。 275 # 276 # ErrorLog: The location of the error log file. 277 # If you do not specify an ErrorLog directive within a <VirtualHost> 278 # container, error messages relating to that virtual host will be 279 # logged here. If you *do* define an error logfile for a <VirtualHost> 280 # container, that host's errors will be logged there and not here. 283 284 # 285 # LogLevel: Control the number of messages logged to the error_log. 286 # Possible values include: debug, info, notice, warn, error, crit, 289 LogLevel warn 290 291 <IfModule log_config_module> 292 # 293 # The following directives define some format nicknames for use with 294 # a CustomLog directive (see below). 295 # 297 LogFormat "%h %l %u %t \"%r\" %>s %b" common 298 299 <IfModule logio_module> 300 # You need to enable mod_logio.c to use %I and %O 302 </IfModule> 303 304 # 305 # The location and format of the access logfile (Common Logfile Format). 306 # If you do not define any access logfiles within a <VirtualHost> 307 # container, they will be logged here. Contrariwise, if you *do* 308 # define per-<VirtualHost> access logfiles, transactions will be 309 # logged therein and *not* in this file. 310 # 311 CustomLog "logs/access_log" common 312 313 # 314 # If you prefer a logfile with access, agent, and referer information 315 # (Combined Logfile Format) you can use the following directive. 316 # 317 #CustomLog "logs/access_log" combined <===(318-376行)此区域文件主要包含一些URL重定向,别名,脚本别名等相关设置,以及一些特定的处理程序,比如cgi设置说明。 318 </IfModule> 319 320 <IfModule alias_module> 321 # 322 # Redirect: Allows you to tell clients about documents that used to 323 # exist in your server's namespace, but do not anymore. The client 324 # will make a new request for the document at its new location. 325 # Example: 326 # Redirect permanent /foo http://www.example.com/bar 327 328 # 329 # Alias: Maps web paths into filesystem paths and is used to 330 # access content that does not live under the DocumentRoot. 331 # Example: 332 # Alias /webpath /full/filesystem/path 333 # 334 # If you include a trailing / on /webpath then the server will 335 # require it to be present in the URL. You will also likely 336 # need to provide a <Directory> section to allow access to 337 # the filesystem path. 338 339 # 340 # ScriptAlias: This controls which directories contain server scripts. 341 # ScriptAliases are essentially the same as Aliases, except that 342 # documents in the target directory are treated as applications and 343 # run by the server when requested rather than as documents sent to the 344 # client. The same rules about trailing "/" apply to ScriptAlias 347 ScriptAlias /cgi-bin/ "/usr/local/apache/cgi-bin/" 348 349 </IfModule> 350 351 <IfModule cgid_module> 352 # 353 # ScriptSock: On threaded servers, designate the path to the UNIX 354 # socket used to communicate with the CGI daemon of mod_cgid. 355 # 356 #Scriptsock cgisock 357 </IfModule> 358 359 # 361 # CGI directory exists, if you have that configured. 362 # 363 <Directory "/usr/local/apache/cgi-bin"> 364 AllowOverride None 365 Options None 366 Require all granted 367 </Directory> 368 369 <IfModule headers_module> 370 # 371 # Avoid passing HTTP_PROXY environment to CGI's on this or any proxied 372 # backend servers which have lingering "httpoxy" defects. 373 # 'Proxy' request header is undefined by the IETF, not listed by IANA 374 # 375 RequestHeader unset Proxy early 376 </IfModule> <===(377-424行)此区域文件主要包含一些mime文件支持,以及添加一些指令在给定的文件扩展名与特定的内容类型之间建立映射关系,比如添加对php文件扩展名映射关系。 377 # 378 <IfModule mime_module> 379 # 380 # TypesConfig points to the file containing the list of mappings from 381 # filename extension to MIME-type. 382 # 383 TypesConfig conf/mime.types 384 385 # 386 # AddType allows you to add to or override the MIME configuration 387 # file specified in TypesConfig for specific file types. 388 # 389 #AddType application/x-gzip .tgz 392 # information on the fly. Note: Not all browsers support this. 393 # 394 #AddEncoding x-compress .Z 395 #AddEncoding x-gzip .gz .tgz 396 # 397 # If the AddEncoding directives above are commented-out, then you 398 # probably should define those extensions to indicate media types: 399 # 400 AddType application/x-compress .Z 401 AddType application/x-gzip .gz .tgz 402 403 # 404 # AddHandler allows you to map certain file extensions to "handlers": 406 # or added with the Action directive (see below) 407 # 408 # To use CGI scripts outside of ScriptAliased directories: 409 # (You will also need to add "ExecCGI" to the "Options" directive.) 410 # 411 #AddHandler cgi-script .cgi 412 413 # For type maps (negotiated resources): 414 #AddHandler type-map var 415 416 # 417 # Filters allow you to process content before it is sent to the client. 418 # 419 # To parse .shtml files for server-side includes (SSI): 420 # (You will also need to add "Includes" to the "Options" directive.) 421 # 422 #AddType text/html .shtml 423 #AddOutputFilter INCLUDES .shtml 424 </IfModule> 425 426 # <===(427-461行)此区域可定制的访问错误响应提示,支持三种方式:1明文 ,2本地重定向 ,3外部重定向;另外还包括内存映射或“发送文件系统调用”可被用于分发文件等配置。 427 # The mod_mime_magic module allows the server to use various hints from the 428 # contents of the file itself to determine its type. The MIMEMagicFile 429 # directive tells the module where the hint definitions are located. 430 # 431 #MIMEMagicFile conf/magic 432 433 # 434 # Customizable error responses come in three flavors: 435 # 1) plain text 2) local redirects 3) external redirects 436 # 437 # Some examples: 438 #ErrorDocument 500 "The server made a boo boo." 439 #ErrorDocument 404 /missing.html 440 #ErrorDocument 404 "/cgi-bin/missing_handler.pl" 441 #ErrorDocument 402 http://www.example.com/subscription_info.html 442 # 443 444 # 445 # MaxRanges: Maximum number of Ranges in a request before 446 # returning the entire resource, or one of the special 447 # values 'default', 'none' or 'unlimited'. 448 # Default setting is to accept 200 Ranges. 449 #MaxRanges unlimited 450 451 # 452 # EnableMMAP and EnableSendfile: On systems that support it, 453 # memory-mapping or the sendfile syscall may be used to deliver 454 # files. This usually improves server performance, but must 455 # be turned off when serving from networked-mounted 456 # filesystems or if support for these functions is otherwise 457 # broken on your system. 458 # Defaults: EnableMMAP On, EnableSendfile Off 459 # 460 #EnableMMAP off 461 #EnableSendfile on 462 <===(463-503)行此区域主要包括:服务器池管理,多语言错误消息,动态目录列表形式配置,语言设置,用户家庭目录,请求和配置上的实时信息,
虚拟主机,Apache Http Server手册,分布式创作和版本控制,多种类默认设置,mod_proxy_html,使其支持HTML4/XHTML1等等补充配置的补充。 463 # Supplemental configuration 464 # 465 # The configuration files in the conf/extra/ directory can be 466 # included to add extra features or to modify the default configuration of 467 # the server, or you may simply copy their contents here and change as 468 # necessary. 469 470 # Server-pool management (MPM specific) 471 #Include conf/extra/httpd-mpm.conf 472 473 # Multi-language error messages 474 #Include conf/extra/httpd-multilang-errordoc.conf 475 476 # Fancy directory listings 477 #Include conf/extra/httpd-autoindex.conf 478 479 # Language settings 480 #Include conf/extra/httpd-languages.conf 481 482 # User home directories 483 #Include conf/extra/httpd-userdir.conf 484 485 # Real-time info on requests and configuration 486 #Include conf/extra/httpd-info.conf 487 488 # Virtual hosts 489 #Include conf/extra/httpd-vhosts.conf 490 491 # Local access to the Apache HTTP Server Manual 492 #Include conf/extra/httpd-manual.conf 493 494 # Distributed authoring and versioning (WebDAV) 495 #Include conf/extra/httpd-dav.conf 496 497 # Various default settings 498 #Include conf/extra/httpd-default.conf 499 500 # Configure mod_proxy_html to understand HTML4/XHTML1 501 <IfModule proxy_html_module> 502 Include conf/extra/proxy-html.conf 503 </IfModule> 504 <===(505-515行)此区域主要是关于服务器安全连接设置,用于使用https连接服务器等设置的地方。 505 # Secure (SSL/TLS) connections 506 #Include conf/extra/httpd-ssl.conf 507 # 508 # Note: The following must must be present to support 509 # starting without SSL on platforms with no /dev/random equivalent 510 # but a statically compiled-in mod_ssl. 511 # 512 <IfModule ssl_module> 513 SSLRandomSeed startup builtin 514 SSLRandomSeed connect builtin 515 </IfModule>