Apache Module mod_authnz_ldap Description: Allows an LDAP directory to be used to store the database for HTTP Basic authentication. Status: Extension ModuleIdentifier: authnz_ldap_module SourceFile: mod_authnz_ldap.c Compatibility: Available in version 2.1 and later Summary This module allows authentication front-ends such as mod_auth_basic to authenticate users through an ldap directory. mod_authnz_ldap supports the following features: Known to support the OpenLDAP SDK (both 1.x and 2.x),

Apache Module mod_session_dbd Description: DBD/SQL based session support Status: Extension ModuleIdentifier: session_dbd_module SourceFile: mod_session_dbd.c Compatibility: Available in Apache 2.3 and later Summary Warning The session modules make use of HTTP cookies, and as such can fall victim to Cross Site Scripting attacks, or expose potentially private information to clients. Please ensure that the relevant risks have been taken into account before enabling the session functionality on

Apache httpd Tutorial: Introduction to Server Side Includes Server-side includes provide a means to add dynamic content to existing HTML documents. Introduction Related Modules Related Directives mod_include mod_cgi mod_expires Options XBitHack AddType SetOutputFilter BrowserMatchNoCase This article deals with Server Side Includes, usually called simply SSI. In this article, I'll talk about configuring your server to permit SSI, and introduce some basic SSI techniques for adding dynami

Apache Module mod_proxy_ajp Description: AJP support module for mod_proxy Status: Extension ModuleIdentifier: proxy_ajp_module SourceFile: mod_proxy_ajp.c Compatibility: Available in version 2.1 and later Summary This module requires the service of mod_proxy. It provides support for the Apache JServ Protocol version 1.3 (hereafter AJP13). Thus, in order to get the ability of handling AJP13 protocol, mod_proxy and mod_proxy_ajp have to be present in the server. Warning Do not enable proxyin

Apache Module mod_auth_digest Description: User authentication using MD5 Digest Authentication Status: Extension ModuleIdentifier: auth_digest_module SourceFile: mod_auth_digest.c Summary This module implements HTTP Digest Authentication (RFC2617), and provides an alternative to mod_auth_basic where the password is not transmitted as cleartext. However, this does not lead to a significant security advantage over basic authentication. On the other hand, the password storage on the server is m

When not to use mod_rewrite This document supplements the mod_rewrite reference documentation. It describes perhaps one of the most important concepts about mod_rewrite - namely, when to avoid using it. mod_rewrite should be considered a last resort, when other alternatives are found wanting. Using it when there are simpler alternatives leads to configurations which are confusing, fragile, and hard to maintain. Understanding what other alternatives are available is a very important step toward

Apache Module mod_proxy_http2 Description: HTTP/2 support module for mod_proxy Status: Extension ModuleIdentifier: proxy_http2_module SourceFile: mod_proxy_http2.c Summary mod_proxy_http2 supports HTTP/2 only, it does not provide any downgrades to HTTP/1.1. This means that the backend needs to support HTTP/2 because HTTP/1.1 will not be used instead. This module requires the service of mod_proxy, so in order to get the ability of handling HTTP/2 proxy requests, mod_proxy and mod_proxy_http2

Apache Module mod_authz_owner Description: Authorization based on file ownership Status: Extension ModuleIdentifier: authz_owner_module SourceFile: mod_authz_owner.c Compatibility: Available in Apache 2.1 and later Summary This module authorizes access to files by comparing the userid used for HTTP authentication (the web userid) with the file-system owner or group of the requested file. The supplied username and password must be already properly verified by an authentication module, such as

Configuration Files This document describes the files used to configure Apache HTTP Server. Main Configuration Files Related Modules Related Directives mod_mime <IfDefine> Include TypesConfig Apache HTTP Server is configured by placing directives in plain text configuration files. The main configuration file is usually called httpd.conf. The location of this file is set at compile-time, but may be overridden with the -f command line flag. In addition, other configuration files may

Apache Module mod_unixd Description: Basic (required) security for Unix-family platforms. Status: Base ModuleIdentifier: unixd_module SourceFile: mod_unixd.c ChrootDir Directive Description: Directory for apache to run chroot(8) after startup. Syntax: ChrootDir /path/to/directory Default: none Context: server config Status: Base Module: mod_unixd Compatibility: Available in Apache 2.2.10 and later This directive tells the server to chroot(8) to the specified directory after startup, but bef