suEXEC Support The suEXEC feature provides users of the Apache HTTP Server the ability to run CGI and SSI programs under user IDs different from the user ID of the calling web server. Normally, when a CGI or SSI program executes, it runs as the same user who is running the web server. Used properly, this feature can reduce considerably the security risks involved with allowing users to develop and run private CGI or SSI programs. However, if suEXEC is improperly configured, it can cause any nu

Apache mod_rewrite Technical Details This document discusses some of the technical details of mod_rewrite and URL matching. API Phases The Apache HTTP Server handles requests in several phases. At each of these phases, one or more modules may be called upon to handle that portion of the request lifecycle. Phases include things like URL-to-filename translation, authentication, authorization, content, and logging. (This is not an exhaustive list.) mod_rewrite acts in two of these phases (or

Apache Module mod_cgid Description: Execution of CGI scripts using an external CGI daemon Status: Base ModuleIdentifier: cgid_module SourceFile: mod_cgid.c Compatibility: Unix threaded MPMs only Summary Except for the optimizations and the additional ScriptSock directive noted below, mod_cgid behaves similarly to mod_cgi. See the mod_cgi summary for additional details about Apache and CGI. On certain unix operating systems, forking a process from a multi-threaded server is a very expensive o

Apache Module mod_suexec Description: Allows CGI scripts to run as a specified user and Group Status: Extension ModuleIdentifier: suexec_module SourceFile: mod_suexec.c Summary This module, in combination with the suexec support program allows CGI scripts to run as a specified user and Group. SuexecUserGroup Directive Description: User and group for CGI programs to run as Syntax: SuexecUserGroup User Group Context: server config, virtual host Status: Extension Module: mod_suexec The Suex

Access Control Access control refers to any means of controlling access to any resource. This is separate from authentication and authorization. Related Modules and Directives Access control can be done by several different modules. The most important of these are mod_authz_core and mod_authz_host. Also discussed in this document is access control using mod_rewrite. Access control by host If you wish to restrict access to portions of your site based on the host address of your visitors,

Apache Module mod_cern_meta Description: CERN httpd metafile semantics Status: Extension ModuleIdentifier: cern_meta_module SourceFile: mod_cern_meta.c Summary Emulate the CERN HTTPD Meta file semantics. Meta files are HTTP headers that can be output in addition to the normal range of headers for each file accessed. They appear rather like the Apache .asis files, and are able to provide a crude way of influencing the Expires: header, as well as providing other curiosities. There are many way

Apache Module mod_buffer Description: Support for request buffering Status: Extension ModuleIdentifier: buffer_module SourceFile: mod_buffer.c Compatibility: Available in Apache 2.3 and later Summary This module provides the ability to buffer the input and output filter stacks. Under certain circumstances, content generators might create content in small chunks. In order to promote memory reuse, in memory chunks are always 8k in size, regardless of the size of the chunk itself. When many sma

Apache Module mod_dav_fs Description: Filesystem provider for mod_dav Status: Extension ModuleIdentifier: dav_fs_module SourceFile: mod_dav_fs.c Summary This module requires the service of mod_dav. It acts as a support module for mod_dav and provides access to resources located in the server's file system. The formal name of this provider is filesystem. mod_dav backend providers will be invoked by using the Dav directive: Example Dav filesystem Since filesystem is the default provider for

Apache Module mod_ext_filter Description: Pass the response body through an external program before delivery to the client Status: Extension ModuleIdentifier: ext_filter_module SourceFile: mod_ext_filter.c Summary mod_ext_filter presents a simple and familiar programming model for filters. With this module, a program which reads from stdin and writes to stdout (i.e., a Unix-style filter command) can be a filter for Apache. This filtering mechanism is much slower than using a filter which is

Apache Module mod_isapi Description: ISAPI Extensions within Apache for Windows Status: Base ModuleIdentifier: isapi_module SourceFile: mod_isapi.c Compatibility: Win32 only Summary This module implements the Internet Server extension API. It allows Internet Server extensions (e.g. ISAPI .dll modules) to be served by Apache for Windows, subject to the noted restrictions. ISAPI extension modules (.dll files) are written by third parties. The Apache Group does not author these modules, so we p