httpd.conf詳解，由於php始終報fileinfo擴展沒法加載的錯

  1 #
  2 # This is the main Apache HTTP server configuration file.  It contains the
  3 # configuration directives(官方指示) that give the server its instructions(指示).
  4 # See <URL:http://httpd.apache.org/docs/2.4/> for detailed information.
  5 # In particular, see 
  6 # <URL:http://httpd.apache.org/docs/2.4/mod/directives.html>
  7 # for a discussion of each configuration directive.
  8 #
  9 # Do NOT simply read the instructions in here without understanding
 10 # what they do.  They're here only as hints or reminders.  If you are unsure
 11 # consult the online docs. You have been warned.  
 12 #
 13 # Configuration and logfile names: If the filenames you specify for many
 14 # of the server's control files begin with "/" (or "drive:/" for Win32), the
 15 # server will use that explicit path.  If the filenames do *not* begin
 16 # with "/", the value of ServerRoot is prepended -- so "logs/access_log"
 17 # with ServerRoot set to "/usr/local/apache2" will be interpreted(理解) by the
 18 # server as "/usr/local/apache2/logs/access_log", whereas（然而） "/logs/access_log" 
 19 # will be interpreted as '/logs/access_log'.
 20 
 21 #
 22 # ServerRoot: The top of the directory tree under which the server's
 23 # configuration, error, and log files are kept.
 24 #
 25 # Do not add a slash at the end of the directory path.  If you point
 26 # ServerRoot at a non-local disk, be sure to specify a local disk on the
 27 # Mutex(互斥) directive, if file-based mutexes are used.  If you wish to share the
 28 # same ServerRoot for multiple httpd daemons（守護進程）, you will need to change at
 29 # least PidFile.
 30 #
 31 ServerRoot "/usr/local/apache"
 32 
 33 #
 34 # Mutex: Allows you to set the mutex mechanism and mutex file directory
 35 # for individual mutexes, or change the global defaults
 36 #
 37 # Uncomment and change the directory if mutexes are file-based and the default
 38 # mutex file directory is not on a local disk or is not appropriate for some
 39 # other reason.
 40 #
 41 # Mutex default:logs
 42 
 43 #
 44 # Listen: Allows you to bind Apache to specific IP addresses and/or
 45 # ports, instead of the default. See also the <VirtualHost>
 46 # directive.
 47 #
 48 # Change this to Listen on specific IP addresses as shown below to 
 49 # prevent Apache from glomming onto all bound IP addresses.
 50 #
 51 #Listen 12.34.56.78:80
 52 Listen 39.106.30.67:80
 53 Listen 80
 54 
 55 #
 56 # Dynamic Shared Object (DSO) Support
 57 #
 58 # To be able to use the functionality of a module which was built as a DSO you
 59 # have to place corresponding `LoadModule' lines at this location so the
 60 # directives contained in it are actually available _before_ they are used.
 61 # Statically compiled modules (those listed by `httpd -l') do not need
 62 # to be loaded here.
 63 #
 64 # Example:
 65 # LoadModule foo_module modules/mod_foo.so
 66 #
 67 LoadModule authn_file_module modules/mod_authn_file.so
 68 LoadModule authn_dbm_module modules/mod_authn_dbm.so
 69 LoadModule authn_anon_module modules/mod_authn_anon.so
 70 LoadModule authn_dbd_module modules/mod_authn_dbd.so
 71 LoadModule authn_socache_module modules/mod_authn_socache.so
 72 LoadModule authn_core_module modules/mod_authn_core.so
 73 LoadModule authz_host_module modules/mod_authz_host.so
 74 LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
 75 LoadModule authz_user_module modules/mod_authz_user.so
 76 LoadModule authz_dbm_module modules/mod_authz_dbm.so
 77 LoadModule authz_owner_module modules/mod_authz_owner.so
 78 LoadModule authz_dbd_module modules/mod_authz_dbd.so
 79 LoadModule authz_core_module modules/mod_authz_core.so
 80 LoadModule authnz_fcgi_module modules/mod_authnz_fcgi.so
 81 LoadModule access_compat_module modules/mod_access_compat.so
 82 LoadModule auth_basic_module modules/mod_auth_basic.so
 83 LoadModule auth_form_module modules/mod_auth_form.so
 84 LoadModule auth_digest_module modules/mod_auth_digest.so
 85 #LoadModule allowmethods_module modules/mod_allowmethods.so
 86 #LoadModule isapi_module modules/mod_isapi.so
 87 #LoadModule file_cache_module modules/mod_file_cache.so
 88 LoadModule cache_module modules/mod_cache.so
 89 #LoadModule cache_disk_module modules/mod_cache_disk.so
 90 LoadModule cache_socache_module modules/mod_cache_socache.so
 91 LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
 92 LoadModule socache_dbm_module modules/mod_socache_dbm.so
 93 LoadModule socache_memcache_module modules/mod_socache_memcache.so
 94 #LoadModule watchdog_module modules/mod_watchdog.so
 95 #LoadModule macro_module modules/mod_macro.so
 96 #LoadModule dbd_module modules/mod_dbd.so
 97 #LoadModule bucketeer_module modules/mod_bucketeer.so
 98 #LoadModule dumpio_module modules/mod_dumpio.so
 99 LoadModule echo_module modules/mod_echo.so
100 #LoadModule example_hooks_module modules/mod_example_hooks.so
101 LoadModule case_filter_module modules/mod_case_filter.so
102 LoadModule case_filter_in_module modules/mod_case_filter_in.so
103 #LoadModule example_ipc_module modules/mod_example_ipc.so
104 LoadModule buffer_module modules/mod_buffer.so
105 LoadModule data_module modules/mod_data.so
106 LoadModule ratelimit_module modules/mod_ratelimit.so
107 LoadModule reqtimeout_module modules/mod_reqtimeout.so
108 LoadModule ext_filter_module modules/mod_ext_filter.so
109 LoadModule request_module modules/mod_request.so
110 LoadModule include_module modules/mod_include.so
111 LoadModule filter_module modules/mod_filter.so
112 LoadModule reflector_module modules/mod_reflector.so
113 LoadModule substitute_module modules/mod_substitute.so
114 LoadModule sed_module modules/mod_sed.so
115 LoadModule charset_lite_module modules/mod_charset_lite.so
116 LoadModule deflate_module modules/mod_deflate.so
117 LoadModule xml2enc_module modules/mod_xml2enc.so
118 LoadModule proxy_html_module modules/mod_proxy_html.so
119 LoadModule mime_module modules/mod_mime.so
120 LoadModule log_config_module modules/mod_log_config.so
121 #LoadModule log_debug_module modules/mod_log_debug.so
122 #LoadModule log_forensic_module modules/mod_log_forensic.so
123 #LoadModule logio_module modules/mod_logio.so
124 LoadModule env_module modules/mod_env.so
125 #LoadModule mime_magic_module modules/mod_mime_magic.so
126 #LoadModule cern_meta_module modules/mod_cern_meta.so
127 LoadModule expires_module modules/mod_expires.so
128 LoadModule headers_module modules/mod_headers.so
129 #LoadModule ident_module modules/mod_ident.so
130 #LoadModule usertrack_module modules/mod_usertrack.so
131 #LoadModule unique_id_module modules/mod_unique_id.so
132 LoadModule setenvif_module modules/mod_setenvif.so
133 LoadModule version_module modules/mod_version.so
134 #LoadModule remoteip_module modules/mod_remoteip.so
135 LoadModule proxy_module modules/mod_proxy.so
136 LoadModule proxy_connect_module modules/mod_proxy_connect.so
137 LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
138 LoadModule proxy_http_module modules/mod_proxy_http.so
139 LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
140 LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
141 #LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so
142 #LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
143 #LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
144 #LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
145 #LoadModule proxy_express_module modules/mod_proxy_express.so
146 #LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so
147 LoadModule session_module modules/mod_session.so
148 LoadModule session_cookie_module modules/mod_session_cookie.so
149 #LoadModule session_dbd_module modules/mod_session_dbd.so
150 #LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
151 #LoadModule slotmem_plain_module modules/mod_slotmem_plain.so
152 LoadModule ssl_module modules/mod_ssl.so
153 #LoadModule optional_hook_export_module modules/mod_optional_hook_export.so
154 #LoadModule optional_hook_import_module modules/mod_optional_hook_import.so
155 #LoadModule optional_fn_import_module modules/mod_optional_fn_import.so
156 #LoadModule optional_fn_export_module modules/mod_optional_fn_export.so
157 #LoadModule dialup_module modules/mod_dialup.so
158 LoadModule http2_module modules/mod_http2.so
159 LoadModule proxy_http2_module modules/mod_proxy_http2.so
160 #LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
161 #LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
162 #LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
163 #LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so
164 LoadModule unixd_module modules/mod_unixd.so
165 #LoadModule heartbeat_module modules/mod_heartbeat.so
166 #LoadModule heartmonitor_module modules/mod_heartmonitor.so
167 LoadModule dav_module modules/mod_dav.so
168 LoadModule status_module modules/mod_status.so
169 LoadModule autoindex_module modules/mod_autoindex.so
170 #LoadModule asis_module modules/mod_asis.so
171 LoadModule info_module modules/mod_info.so
172 LoadModule suexec_module modules/mod_suexec.so
173 <IfModule !mpm_prefork_module>
174     #LoadModule cgid_module modules/mod_cgid.so
175 </IfModule>
176 <IfModule mpm_prefork_module>
177     #LoadModule cgi_module modules/mod_cgi.so
178 </IfModule>
179 LoadModule dav_fs_module modules/mod_dav_fs.so
180 LoadModule dav_lock_module modules/mod_dav_lock.so
181 LoadModule vhost_alias_module modules/mod_vhost_alias.so
182 #LoadModule negotiation_module modules/mod_negotiation.so
183 LoadModule dir_module modules/mod_dir.so
184 #LoadModule imagemap_module modules/mod_imagemap.so
185 LoadModule actions_module modules/mod_actions.so
186 LoadModule speling_module modules/mod_speling.so
187 LoadModule userdir_module modules/mod_userdir.so
188 LoadModule alias_module modules/mod_alias.so
189 LoadModule rewrite_module modules/mod_rewrite.so
190 #LoadModule php5_module        modules/libphp5.so
191 LoadModule php7_module        modules/libphp7.so
192 PHPIniDir   /usr/local/php7/etc
193 
194 <IfModule unixd_module>
195 #
196 # If you wish httpd to run as a different user or group, you must run
197 # httpd as root initially and it will switch.  
198 #
199 # User/Group: The name (or #number) of the user/group to run httpd as.
200 # It is usually good practice to create a dedicated user and group for
201 # running httpd, as with most system services.
202 #
203 User apache
204 Group apache
205 
206 </IfModule>
207 
208 # 'Main' server configuration
209 #
210 # The directives in this section set up the values used by the 'main'
211 # server, which responds to any requests that aren't handled by a
212 # <VirtualHost> definition.  These values also provide defaults for
213 # any <VirtualHost> containers you may define later in the file.
214 #
215 # All of these directives may appear inside <VirtualHost> containers,
216 # in which case these default settings will be overridden for the
217 # virtual host being defined.
218 #
219 
220 #
221 # ServerAdmin: Your address, where problems with the server should be
222 # e-mailed.  This address appears on some server-generated pages, such
223 # as error documents.  e.g. admin@your-domain.com
224 #
225 #ServerAdmin admin@localhost
226 ServerAdmin 284053253@qq.com
227 
228 #
229 # ServerName gives the name and port that the server uses to identify itself.
230 # This can often be determined automatically, but we recommend you specify
231 # it explicitly to prevent problems during startup.
232 #
233 # If your host doesn't have a registered DNS name, enter its IP address here.
234 #
235 ServerName 0.0.0.0:80
236 
237 #
238 # Deny access to the entirety of your server's filesystem. You must
239 # explicitly permit access to web content directories in other 
240 # <Directory> blocks below.
241 #
242 <Directory />
243     AllowOverride none
244     #Require all denied
245 </Directory>
246 
247 #
248 # Note that from this point forward you must specifically allow
249 # particular features to be enabled - so if something's not working as
250 # you might expect, make sure that you have specifically enabled it
251 # below.
252 #
253 
254 #
255 # DocumentRoot: The directory out of which you will serve your
256 # documents. By default, all requests are taken from this directory, but
257 # symbolic links and aliases may be used to point to other locations.
258 #
259 DocumentRoot "/data/www/default"
260 <Directory "/data/www/default">
261     #
262     # Possible values for the Options directive are "None", "All",
263     # or any combination of:
264     #   Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
265     #
266     # Note that "MultiViews" must be named *explicitly* --- "Options All"
267     # doesn't give it to you.
268     #
269     # The Options directive is both complicated and important.  Please see
270     # http://httpd.apache.org/docs/2.4/mod/core.html#options
271     # for more information.
272     #
273     Options Indexes FollowSymLinks
274 
275     #
276     # AllowOverride controls what directives may be placed in .htaccess files.
277     # It can be "All", "None", or any combination of the keywords:
278     #   AllowOverride FileInfo AuthConfig Limit
279     #
280     AllowOverride None
281 
282     #
283     # Controls who can get stuff from this server.
284     #
285     #Require all granted
286 </Directory>
287 
288 #
289 # DirectoryIndex: sets the file that Apache will serve if a directory
290 # is requested.
291 #
292 <IfModule dir_module>
293     DirectoryIndex index.html index.php
294 </IfModule>
295 
296 #
297 # The following lines prevent .htaccess and .htpasswd files from being 
298 # viewed by Web clients. 
299 #
300 <Files ".ht*">
301     #Require all denied
302 </Files>
303 
304 #
305 # ErrorLog: The location of the error log file.
306 # If you do not specify an ErrorLog directive within a <VirtualHost>
307 # container, error messages relating to that virtual host will be
308 # logged here.  If you *do* define an error logfile for a <VirtualHost>
309 # container, that host's errors will be logged there and not here.
310 #
311 ErrorLog "logs/error_log"
312 
313 #
314 # LogLevel: Control the number of messages logged to the error_log.
315 # Possible values include: debug, info, notice, warn, error, crit,
316 # alert, emerg.
317 #
318 LogLevel warn
319 
320 <IfModule log_config_module>
321     #
322     # The following directives define some format nicknames for use with
323     # a CustomLog directive (see below).
324     #
325     LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
326     LogFormat "%h %l %u %t \"%r\" %>s %b" common
327 
328     <IfModule logio_module>
329       # You need to enable mod_logio.c to use %I and %O
330       LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
331     </IfModule>
332 
333     #
334     # The location and format of the access logfile (Common Logfile Format).
335     # If you do not define any access logfiles within a <VirtualHost>
336     # container, they will be logged here.  Contrariwise(反之), if you *do*
337     # define per-<VirtualHost> access logfiles, transactions will be
338     # logged therein and *not* in this file.
339     #
340     CustomLog "logs/access_log" common
341 
342     #
343     # If you prefer a logfile with access, agent, and referer information
344     # (Combined Logfile Format) you can use the following directive.
345     #
346     #CustomLog "logs/access_log" combined
347 </IfModule>
348 
349 <IfModule alias_module>
350     #
351     # Redirect: Allows you to tell clients about documents that used to 
352     # exist in your server's namespace, but do not anymore. The client 
353     # will make a new request for the document at its new location.
354     # Example:
355     # Redirect permanent /foo http://www.example.com/bar
356 
357     #
358     # Alias: Maps web paths into filesystem paths and is used to
359     # access content that does not live under the DocumentRoot.
360     # Example:
361     # Alias /webpath /full/filesystem/path
362     #
363     # If you include a trailing / on /webpath then the server will
364     # require it to be present in the URL.  You will also likely
365     # need to provide a <Directory> section to allow access to
366     # the filesystem path.
367 
368     #
369     # ScriptAlias: This controls which directories contain server scripts. 
370     # ScriptAliases are essentially the same as Aliases, except that
371     # documents in the target directory are treated as applications and
372     # run by the server when requested rather than as documents sent to the
373     # client.  The same rules about trailing "/" apply to ScriptAlias
374     # directives as to Alias.
375     #
376     ScriptAlias /cgi-bin/ "/usr/local/apache/cgi-bin/"
377 
378 </IfModule>
379 
380 <IfModule cgid_module>
381     #
382     # ScriptSock: On threaded servers, designate（指派） the path to the UNIX
383     # socket used to communicate with the CGI daemon of mod_cgid.
384     #
385     #Scriptsock cgisock
386 </IfModule>
387 
388 #
389 # "/usr/local/apache/cgi-bin" should be changed to whatever your ScriptAliased
390 # CGI directory exists, if you have that configured.
391 #
392 <Directory "/usr/local/apache/cgi-bin">
393     AllowOverride None
394     Options None
395     Require all granted
396 </Directory>
397 
398 <IfModule headers_module>
399     #
400     # Avoid passing HTTP_PROXY environment to CGI's on this or any proxied
401     # backend servers which have lingering（拖延） "httpoxy" defects.
402     # 'Proxy' request header is undefined by the IETF, not listed by IANA
403     #
404     RequestHeader unset Proxy early
405 </IfModule>
406 
407 <IfModule mime_module>
408     #
409     # TypesConfig points to the file containing the list of mappings from
410     # filename extension to MIME-type.
411     #
412     TypesConfig conf/mime.types
413 
414     #
415     # AddType allows you to add to or override the MIME configuration
416     # file specified in TypesConfig for specific file types.
417     #
418     #AddType application/x-gzip .tgz
419     #
420     # AddEncoding allows you to have certain browsers uncompress
421     # information on the fly. Note: Not all browsers support this.
422     #
423     #AddEncoding x-compress .Z
424     #AddEncoding x-gzip .gz .tgz
425     #
426     # If the AddEncoding directives above are commented-out, then you
427     # probably should define those extensions to indicate media types:
428     #
429     AddType application/x-compress .Z
430     AddType application/x-httpd-php .php .phtml
431     AddType appication/x-httpd-php-source .phps
432     AddType application/x-gzip .gz .tgz
433 
434     #
435     # AddHandler allows you to map certain file extensions to "handlers":
436     # actions unrelated to filetype. These can be either built into the server
437     # or added with the Action directive (see below)
438     #
439     # To use CGI scripts outside of ScriptAliased directories:
440     # (You will also need to add "ExecCGI" to the "Options" directive.)
441     #
442     #AddHandler cgi-script .cgi
443 
444     # For type maps (negotiated resources):
445     #AddHandler type-map var
446 
447     #
448     # Filters allow you to process content before it is sent to the client.
449     #
450     # To parse .shtml files for server-side includes (SSI):
451     # (You will also need to add "Includes" to the "Options" directive.)
452     #
453     #AddType text/html .shtml
454     #AddOutputFilter INCLUDES .shtml
455 </IfModule>
456 
457 #
458 # The mod_mime_magic module allows the server to use various hints from the
459 # contents of the file itself to determine its type.  The MIMEMagicFile
460 # directive tells the module where the hint definitions are located.
461 #
462 #MIMEMagicFile conf/magic
463 
464 #
465 # Customizable error responses come in three flavors:
466 # 1) plain text 2) local redirects 3) external redirects
467 #
468 # Some examples:
469 #ErrorDocument 500 "The server made a boo boo."
470 #ErrorDocument 404 /missing.html
471 #ErrorDocument 404 "/cgi-bin/missing_handler.pl"
472 #ErrorDocument 402 http://www.example.com/subscription_info.html
473 #
474 
475 #
476 # MaxRanges: Maximum number of Ranges in a request before
477 # returning the entire resource, or one of the special
478 # values 'default', 'none' or 'unlimited'.
479 # Default setting is to accept 200 Ranges.
480 #MaxRanges unlimited
481 
482 #
483 # EnableMMAP and EnableSendfile: On systems that support it, 
484 # memory-mapping or the sendfile syscall may be used to deliver
485 # files.  This usually improves server performance, but must
486 # be turned off when serving from networked-mounted 
487 # filesystems or if support for these functions is otherwise
488 # broken on your system.
489 # Defaults: EnableMMAP On, EnableSendfile Off
490 #
491 #EnableMMAP off
492 #EnableSendfile on
493 
494 # Supplemental configuration
495 #
496 # The configuration files in the conf/extra/ directory can be 
497 # included to add extra features or to modify the default configuration of 
498 # the server, or you may simply copy their contents here and change as 
499 # necessary.
500 
501 # Server-pool management (MPM specific)
502 #Include conf/extra/httpd-mpm.conf
503 
504 # Multi-language error messages
505 #Include conf/extra/httpd-multilang-errordoc.conf
506 
507 # Fancy directory listings
508 #Include conf/extra/httpd-autoindex.conf
509 
510 # Language settings
511 #Include conf/extra/httpd-languages.conf
512 
513 # User home directories
514 #Include conf/extra/httpd-userdir.conf
515 
516 # Real-time info on requests and configuration
517 Include conf/extra/httpd-info.conf
518 
519 # Virtual hosts
520 Include conf/extra/httpd-vhosts.conf
521 
522 # Local access to the Apache HTTP Server Manual
523 #Include conf/extra/httpd-manual.conf
524 
525 # Distributed authoring and versioning (WebDAV)
526 #Include conf/extra/httpd-dav.conf
527 
528 # Various default settings
529 #Include conf/extra/httpd-default.conf
530 
531 # Configure mod_proxy_html to understand HTML4/XHTML1
532 <IfModule proxy_html_module>
533 Include conf/extra/proxy-html.conf
534 </IfModule>
535 
536 # Secure (SSL/TLS) connections
537 Include conf/extra/httpd-ssl.conf
538 #
539 # Note: The following must must be present to support
540 #       starting without SSL on platforms with no /dev/random equivalent
541 #       but a statically compiled-in mod_ssl.
542 #
543 <IfModule ssl_module>
544 SSLRandomSeed startup builtin
545 SSLRandomSeed connect builtin
546 </IfModule>
547 
548 ServerTokens ProductOnly
549 ProtocolsHonorOrder On
550 Protocols h2 http/1.1
551 
552 RewriteEngine on
553 RewriteCond %{SERVER_PORT} !^443$
554 RewriteRule ^/?(.*)$ https://%{SERVER_NAME}/$1 [L,R]

View Code

這是apache http 服務器的主配置文件。包含發送給服務器的指令。查看細節：http://httpd.apache.org/docs/2.4/，特別是http://httpd.apache.org/docs/2.4/mod/directives.html，能夠對每一個指令進行討論。不要只簡單的讀讀這個配置文件，他們的介紹都是很粗略的，若是你未曾詳細瞭解線上文檔，可能會到處遇到警告。

Configuration and logfile names:若是你用/或者win32下的盤符:/指定了控制文件路徑的話，則使用它，若是沒有，則會前綴ServerRoot，好比日誌文件access/access_log，而ServerRoot被設置爲/usr/local/apache2，就會被連綴成/usr/local/apache2/logs/access_log去操做那個文件。ServerRoot是error，log等文件保存的根目錄。

不要在全部目錄結尾添加反斜槓。若是你的ServerRoot不是本地磁盤，若是使用基於文件的互斥的話，應該在互斥指令上指定本地盤。ServerRoot用於指定守護進程httpd的運行目錄，httpd在啓動以後將自動將進程的當前目錄改變爲這個目錄，所以若是設置文件中指定的文件或目錄是相對路徑，那麼真實路徑就位於這個ServerRoot定義的路徑之下。必定要在本地磁盤中指定一個LockFile指令。若是你但願讓多個httpd守護進程共享服務器根目錄，你至少須要更改LockFile和PidFile。

**ServerRoot "/usr/local/apache"

**ScoreBoardFile /var/run/httpd.scoreboard　　

httpd使用ScoreBoardFile來維護進程的內部數據，所以一般不須要改變這個參數，除非管理員想在一臺計算機上運行幾個Apache服務器，這時每一個Apache服務器都須要獨立的設置文件htt pd.conf，並使用不一樣的ScoreBoardFile。

互斥：容許你爲多個不一樣的互斥對象設置互斥機制【mutex mechanism】和互斥文件目錄，或者修改全局默認值。若是互斥對象是基於文件的以及默認的互斥文件目錄不在本地磁盤或由於其它緣由而不適用，那麼取消註釋並改變目錄。【下面這個命令是改變互斥對象的目錄】。

**Mutex default: logs (詳解mutex)

A mutex is the basic synchronization method used within Traffic Server to protect data from simultaneous access by multiple threads. A mutex acts as a lock that protects data in one program thread from being accessed by another thread.

它的做用就是樞紐服務器的基礎異步方法，用於保護多線程的相同請求的數據的保護。就像一個鎖，對於一個程序線程來講，確保不能被另外一個線程訪問。

Listen：容許將ip和／或端口號綁定到apache，替代默認設置。參看<VirtualHost>指令。如Listen 12.34.56.78:80或者Listen:80來讓特定ip或端口開放，能夠阻止apache上綁定的全部ip被訪問到。這是個必須指定的指令，不然沒法啓動。

When httpd starts, it binds to some port and address on the local machine and waits for incoming requests. By default, it listens to all addresses on the machine. However, it may need to be told to listen on specific ports, or only on selected addresses, or a combination of both. This is often combined with the Virtual Host feature, which determines how httpd responds to different IP addresses, hostnames and ports.

The Listen directive tells the server to accept incoming requests only on the specified port(s) or address-and-port combinations. If only a port number is specified in the Listendirective, the server listens to the given port on all interfaces. If an IP address is given as well as a port, the server will listen on the given port and interface. Multiple Listen directives may be used to specify a number of addresses and ports to listen on. The server will respond to requests from any of the listed addresses and ports.

httpd啓動時，綁定了端口和地址在本機上，等候進入的請求。默認狀況下，它堅挺全部這臺及其上的地址，而後能夠按須要指定端口或者地址，或者兩者複合。一般結合虛擬主機特性，由它來決定響應不一樣的地址和端口請求。

動態共享對象支持（Dymanic shared object DSO）。爲了能使用打包成DSO的module的功能，你能夠在使用前添加相應的"LoadModule"在這個位置，靜態編譯的modules（能夠經過httpd -l列出來）不須要在這裏加載。

User/Group: 若是你但願httpd以不一樣用戶和組運行，必須以root進行初始化，而且將切換。使用名字或數字來運行httpd，跟多數系統服務同樣建立一個獨立的用戶或組來運行httpd是個良好的實踐。

<IfModule unixd_module>

User apache
Group apache

</IfModule>

主服務配置。這個區塊設置的值由主服務使用，它將對全部<VirtualHost>不作響應的請求進行響應。這些值爲<VirtualHost>容器提供了默認值。全部這些指令能夠出如今<VirtualHost>容器中，若是在<VirtualHost>中做了定義，將對這裏的值覆蓋。

ServerAdmin：你的地址，服務器的問題如何聯繫的郵箱。這個郵箱常常會出如今服務器管理頁面，好比錯誤文檔。

ServerName：給出服務器名字和端口，用於識別自身。這一般都是自動的，可是提醒你仍是明確指定以免啓動中的問題。ServerName 0.0.0.0:80

<Directory />
AllowOverride none
#Require all denied
</Directory>

對所有服務器文件系統項進行否認訪問，在其餘的<Directory>塊中必須明確容許訪問到web內容目錄。

注意在這個點往前，必須特別容許特定的屬性爲enabled，若是有些工做不合乎指望，確保已經指定爲enabled。

DocumentRoot：對外提供服務的目錄。默認狀況下，全部的請求來自這個目錄，但軟鏈接和別名可能指向其餘地方。DocumentRoot "/data/www/default"

<Directory "/data/www/default">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
Options指令的可能值爲None，All，或者任何聯合項，Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.

注意MultiViews不在Options All指定之中，比較特殊。
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.

Options指令複雜而重要。查看http://httpd.apache.org/docs/2.4/mod/core.html#options獲取更多信息。

#
Options Indexes FollowSymLinks

#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# AllowOverride FileInfo AuthConfig Limit

Apache httpd.conf配置文件AllowOverride參數詳解--http://www.upupw.net/server/n73.html

AllowOverride從字面上解釋是容許覆蓋的意思，即Apache容許另外一配置文件覆蓋現有配置文件。

咱們一般利用Apache的rewrite模塊對URL進行重寫，rewrite規則會寫在 .htaccess 文件裏。但要使 apache 可以正常的讀取.htaccess 文件的內容，就必須對.htaccess 所在目錄進行配置。

從安全性考慮，根目錄的AllowOverride屬性通常都配置成不容許任何Override，即：

< Directory /> 
AllowOverride None 
< /Directory>

在 AllowOverride 設置爲 None 時， .htaccess 文件將被徹底忽略。當此指令設置爲 All 時，全部具備 「.htaccess」 做用域的指令都容許出如今 .htaccess 文件中。

而對於 URL rewrite 來講，至少須要把目錄設置爲：

< Directory /myblogroot/> 
AllowOverride FileInfo 
< /Directory>

如下是AllowOverride的詳細參數：

AuthConfig

容許使用與認證受權相關的指令(AuthDBMGroupFile, AuthDBMUserFile, AuthGroupFile, AuthName, AuthType, AuthUserFile, Require, 等)。

FileInfo

容許使用控制文檔類型的指令(DefaultType, ErrorDocument, ForceType, LanguagePriority, SetHandler, SetInputFilter, SetOutputFilter, mod_mime中的 Add* 和 Remove* 指令等等)、控制文檔元數據的指令(Header, RequestHeader, SetEnvIf, SetEnvIfNoCase, BrowserMatch, CookieExpires, CookieDomain, CookieStyle, CookieTracking, CookieName)、mod_rewrite中的指令(RewriteEngine, RewriteOptions, RewriteBase, RewriteCond, RewriteRule)和mod_actions中的Action指令。

Indexes

容許使用控制目錄索引的指令(AddDescription, AddIcon, AddIconByEncoding, AddIconByType, DefaultIcon, DirectoryIndex, FancyIndexing, HeaderName, IndexIgnore, IndexOptions, ReadmeName, 等)。

Limit

容許使用控制主機訪問的指令(Allow, Deny, Order)。

Options[=Option,...]

容許使用控制指定目錄功能的指令(Options和XBitHack)。能夠在等號後面附加一個逗號分隔的(無空格的)Options選項列表，用來控制容許Options指令使用哪些選項。

AllowOverride控制.htaccess文件，能夠是All ,None或者任何的複合關鍵詞。
#
AllowOverride None

#
# Controls who can get stuff from this server.

控制哪些能夠從服務器取到東西。
#
#Require all granted
</Directory>

DirectoryIndex: 設置若是一個目錄被訪問的時候apache提供服務的文件。

<IfModule dir_module>
DirectoryIndex index.html index.php
</IfModule>

下面行提供.htaccess和.htpasswd文件中能夠被web客戶端查看的文件。

<Files ".ht*">
#Require all denied
</Files>

ErrorLog：error log文件的位置，若是你不在<VirtualHost>中指定這個指令值，那麼那個虛擬主機容器中的錯誤消息將記錄在這兒。若是你在虛擬容器中指定了，將記錄在那兒，而非這兒。
ErrorLog "logs/error_log"

LogLevel：控制被記錄到error_log中的信息數量，可能的值包括：debug, info, notice, warn, error, crit, alert, emerg.

LogLevel warn

<IfModule log_config_module>
#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).

下面的指令定義了一些在CustomLog使用的格式化暱稱。
#
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common

%h    客戶端ip地址
%l %u 這兩個通常不用看
%t    時間
%r    訪問方式內容
%>s   狀態碼
%b     理解爲瀏覽器類型

也就是規定了日誌文件中的各個字段的意思。

116.62.209.27 - - [02/Feb/2018:13:04:12 +0800] "GET /phpmyadmin/explicit_not_exist_path HTTP/1.1" 404 232

<IfModule logio_module>
# You need to enable mod_logio.c to use %I and %O

須要使用%I and %O使mod_logio.c可用
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>

#
# The location and format of the access logfile (Common Logfile Format).
# If you do not define any access logfiles within a <VirtualHost>
# container, they will be logged here. Contrariwise, if you *do*
# define per-<VirtualHost> access logfiles, transactions（事物） will be
# logged therein（在那裏） and *not* in this file.

access logfile位置和格式化。若是在虛擬主機容器中定義了access logfiles，將記錄在這兒。反之，則記錄在那兒。
#
CustomLog "logs/access_log" common

#
# If you prefer a logfile with access, agent, and referer information
# (Combined Logfile Format) you can use the following directive.

若是提供了一個access logfile，代理，和參考信息（Combined Logfile Format），可使用如下指令。像這樣\"%{Referer}i\" \"%{User-Agent}i\"
#
#CustomLog "logs/access_log" combined
</IfModule>

<IfModule alias_module>
#
# Redirect: Allows you to tell clients about documents that used to
# exist in your server's namespace, but do not anymore. The client
# will make a new request for the document at its new location.
# Example:

# Redirect permanent /foo http://www.example.com/bar

Redirect:用於定義永久或臨時重定向

#
# Alias: Maps web paths into filesystem paths and is used to
# access content that does not live under the DocumentRoot.
# Example:
# Alias /webpath /full/filesystem/path

Alias:對web路徑映射成文件系統路徑。一般是那些不在DocumentRoot底下的可訪問內容。
#
# If you include a trailing / on /webpath then the server will
# require it to be present in the URL. You will also likely
# need to provide a <Directory> section to allow access to
# the filesystem path.

若是包含包含了／在/webpath中，服務器將在url中顯示出來。將也可能須要提供<Directory>塊來訪問到那個文件路徑。

#
# ScriptAlias: This controls which directories contain server scripts.
# ScriptAliases are essentially the same as Aliases, except that
# documents in the target directory are treated as applications and
# run by the server when requested rather than as documents sent to the
# client. The same rules about trailing "/" apply to ScriptAlias
# directives as to Alias.

ScriptAlias：這個控制含有服務器腳本的目錄。ScriptAliases本質上跟Aliases相同，除了目標文件夾中的文檔在被請求的時候被看成應用和由服務器運行，而不是做爲文檔發送到客戶端。跟alias指令具備相同規則，帶有／的狀況。
#
ScriptAlias /cgi-bin/ "/usr/local/apache/cgi-bin/"

</IfModule>

<IfModule cgid_module>
#
# ScriptSock: On threaded servers, designate the path to the UNIX
# socket used to communicate with the CGI daemon of mod_cgid.

ScriptSock:在線程服務器中，給unix socket指定的路徑，用以同mod_cgid的cgi守護進程通信。
#
#Scriptsock cgisock
</IfModule>

若是你配置了ScriptAlias，"/usr/local/apache/cgi-bin"應該被改變成那個存在的ScriptAliased cgi目錄。

<Directory "/usr/local/apache/cgi-bin">
AllowOverride None 不容許重寫
Options None 選項爲none
Require all granted 受權全部訪問者
</Directory>

<IfModule headers_module>
#
# Avoid passing HTTP_PROXY environment to CGI's on this or any proxied
# backend servers which have lingering "httpoxy" defects.
# 'Proxy' request header is undefined by the IETF, not listed by IANA

容許經過配置文件控制任意的HTTP請求和應答頭信息。這個模塊提供了一些指令用於控制和修改HTTP請求頭和應答頭。這些頭能夠被合併、替換、刪除。避免在這個或任何有潛在「httpoxy」漏洞的代理後端服務器上將http_proxy環境傳遞給CGI的環境。「proxy」請求標頭不是由IETF（The Internet Engineering Task Force，國際互聯網工程任務組）定義，也不是由IANA（The Internet Assigned Numbers Authority，互聯網數字分配機構）登記。《HTTPOXY漏洞說明》

【HTTP協議系列5】http proxy原理--http://blog.csdn.net/zongzhiyuan/article/details/53700294

#
RequestHeader unset Proxy early
</IfModule>

Supplemental configuration
追加配置

目錄conf/extra/中的配置文件包含了額外的特性或者是改變服務器默認配置，或者根據須要能夠簡單的將那些內容複製到這裏並改變值。

MPM模式，一共有三種穩定的MPM（Multi-Processing Module，多進程處理模塊）模式，（winnt模式，perfork模式，worker模式）。

升級apache--http://blog.csdn.net/laoyiin/article/details/50977354

apache的三種MPM模式比較--http://blog.jobbole.com/91920/

#Include conf/extra/httpd-mpm.conf'

複合語言錯誤消息

#Include conf/extra/httpd-multilang-errordoc.conf

動態目錄列表形式配置;

#Include conf/extra/httpd-autoindex.conf

語言設置

#Include conf/extra/httpd-languages.conf

用戶主目錄

#Include conf/extra/httpd-userdir.conf

配置和請求的真實時間信息

Include conf/extra/httpd-info.conf

虛擬主機

Include conf/extra/httpd-vhosts.conf

本地訪問Apache HTTP服務器手冊

#Include conf/extra/httpd-manual.conf

分佈式創做和版本控制（WebDAV）

#Include conf/extra/httpd-dav.conf

多種默認設置

#Include conf/extra/httpd-default.conf

識別HTML4/XHTML1的配置mod_proxy_html

<IfModule proxy_html_module>
Include conf/extra/proxy-html.conf
</IfModule>

安全鏈接（SSL/TLS）

Include conf/extra/httpd-ssl.conf

/dev/random和/dev/urandom是Linux系統中提供的隨機僞設備，這兩個設備的任務，是提供永不爲空的隨機字節數據流。不少解密程序與安全應用程序（如SSH Keys,SSL Keys等）須要它們提供的隨機數據流。注意：如下配置必須必須存在用以支持沒有／dev／random的平臺開啓ssl，等效是有一個靜態的內編譯的mod_ssl

<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>

ServerTokens ProductOnly
ProtocolsHonorOrder On  是否遵照在Protocols中設置的順序。
Protocols h2 http/1.1  http:// 鏈接 (h2c） https:// 鏈接 (h2)

默認地，服務器HTTP響應頭會包含apache和php版本號。像下面的，這是有危害的，由於這會讓黑客經過知道詳細的版本號而發起已知該版本的漏洞攻擊。Server: Apache/2.2.17 (Unix) PHP/5.3.5

爲了阻止這個，須要在httpd.conf設置ServerTokens爲Prod，這會在響應頭中顯示「Server:Apache」而不包含任何的版本信息。

ServerTokens Prod下面是ServerTokens的一些可能的賦值：ServerTokens Prod 顯示「Server: Apache」ServerTokens Major 顯示 「Server: Apache/2″ServerTokens Minor 顯示「Server: Apache/2.2″ServerTokens Min 顯示「Server: Apache/2.2.17″ServerTokens OS 顯示 「Server: Apache/2.2.17 (Unix)」ServerTokens Full 顯示 「Server: Apache/2.2.17 (Unix) PHP/5.3.5″ (若是你這指定任何的值，這個是默認的返回信息)