Apache Module mod_asis Description: Sends files that contain their own HTTP headers Status: Base ModuleIdentifier: asis_module SourceFile: mod_asis.c Summary This module provides the handler send-as-is which causes Apache HTTP Server to send the document without adding most of the usual HTTP headers. This can be used to send any kind of data from the server, including redirects and other special HTTP responses, without requiring a cgi-script or an nph script. For historical reasons, this mod

Apache Module mod_authn_anon Description: Allows "anonymous" user access to authenticated areas Status: Extension ModuleIdentifier: authn_anon_module SourceFile: mod_authn_anon.c Compatibility: Available in Apache 2.1 and later Summary This module provides authentication front-ends such as mod_auth_basic to authenticate users similar to anonymous-ftp sites, i.e. have a 'magic' user id 'anonymous' and the email address as a password. These email addresses can be logged. Combined with other (d

Apache mod_rewrite Technical Details This document discusses some of the technical details of mod_rewrite and URL matching. API Phases The Apache HTTP Server handles requests in several phases. At each of these phases, one or more modules may be called upon to handle that portion of the request lifecycle. Phases include things like URL-to-filename translation, authentication, authorization, content, and logging. (This is not an exhaustive list.) mod_rewrite acts in two of these phases (or

Per-user web directories On systems with multiple users, each user can be permitted to have a web site in their home directory using the UserDir directive. Visitors to a URL http://example.com/~username/ will get content out of the home directory of the user "username", out of the subdirectory specified by the UserDir directive. Note that, by default, access to these directories is not enabled. You can enable access when using UserDir by uncommenting the line: #Include conf/extra/httpd-userdir

suEXEC Support The suEXEC feature provides users of the Apache HTTP Server the ability to run CGI and SSI programs under user IDs different from the user ID of the calling web server. Normally, when a CGI or SSI program executes, it runs as the same user who is running the web server. Used properly, this feature can reduce considerably the security risks involved with allowing users to develop and run private CGI or SSI programs. However, if suEXEC is improperly configured, it can cause any nu

Shared Object Cache in Apache HTTP Server The Shared Object Cache provides a means to share simple data across all a server's workers, regardless of thread and process models. It is used where the advantages of sharing data across processes outweigh the performance overhead of inter-process communication. Shared Object Cache Providers The shared object cache as such is an abstraction. Four different modules implement it. To use the cache, one or more of these modules must be present, and co

Apache Module mod_socache_memcache Description: Memcache based shared object cache provider. Status: Extension ModuleIdentifier: socache_memcache_module SourceFile: mod_socache_memcache.c Summary mod_socache_memcache is a shared object cache provider which provides for creation and access to a cache backed by the memcached high-performance, distributed memory object caching system. This shared object cache provider's "create" method requires a comma separated list of memcached host/port spe

Apache Module mod_dbd Description: Manages SQL database connections Status: Extension ModuleIdentifier: dbd_module SourceFile: mod_dbd.c Compatibility: Version 2.1 and later Summary mod_dbd manages SQL database connections using APR. It provides database connections on request to modules requiring SQL database functions, and takes care of managing databases with optimal efficiency and scalability for both threaded and non-threaded MPMs. For details, see the APR website and this overview of t

Apache Module mod_ratelimit Description: Bandwidth Rate Limiting for Clients Status: Extension ModuleIdentifier: ratelimit_module SourceFile: mod_ratelimit.c Compatibility: rate-initial-burst available in httpd 2.4.24 and later. Summary Provides a filter named RATE_LIMIT to limit client bandwidth. The throttling is applied to each HTTP response while it is transferred to the client, and not aggregated at IP/client level. The connection speed to be simulated is specified, in KiB/s, using the

Apache Module mod_auth_form Description: Form authentication Status: Base ModuleIdentifier: auth_form_module SourceFile: mod_auth_form.c Compatibility: Available in Apache 2.3 and later Summary Warning Form authentication depends on the mod_session modules, and these modules make use of HTTP cookies, and as such can fall victim to Cross Site Scripting attacks, or expose potentially private information to clients. Please ensure that the relevant risks have been taken into account before enab