Security Tips Some hints and tips on security issues in setting up a web server. Some of the suggestions will be general, others specific to Apache. Keep up to Date The Apache HTTP Server has a good record for security and a developer community highly concerned about security issues. But it is inevitable that some problems -- small or large -- will be discovered in software after it is released. For this reason, it is crucial to keep aware of updates to the software. If you have obtained y

Apache Module mod_proxy Description: Multi-protocol proxy/gateway server Status: Extension ModuleIdentifier: proxy_module SourceFile: mod_proxy.c Summary Warning Do not enable proxying with ProxyRequests until you have secured your server. Open proxy servers are dangerous both to your network and to the Internet at large. mod_proxy and related modules implement a proxy/gateway for Apache HTTP Server, supporting a number of popular protocols as well as several different load balancing algor

Apache Module mod_proxy_balancer Description: mod_proxy extension for load balancing Status: Extension ModuleIdentifier: proxy_balancer_module SourceFile: mod_proxy_balancer.c Compatibility: Available in version 2.1 and later Summary This module requires the service of mod_proxy and it provides load balancing for all the supported protocols. The most important ones are: HTTP, using mod_proxy_http FTP, using mod_proxy_ftp AJP13, using mod_proxy_ajp WebSocket, using mod_proxy_wstunnel

Apache Module mod_example_hooks Description: Illustrates the Apache module API Status: Experimental ModuleIdentifier: example_hooks_module SourceFile: mod_example_hooks.c Summary The files in the modules/examples directory under the Apache distribution directory tree are provided as an example to those that wish to write modules that use the Apache API. The main file is mod_example_hooks.c, which illustrates all the different callback mechanisms and call syntaxes. By no means does an add-on

Apache Module mod_authz_owner Description: Authorization based on file ownership Status: Extension ModuleIdentifier: authz_owner_module SourceFile: mod_authz_owner.c Compatibility: Available in Apache 2.1 and later Summary This module authorizes access to files by comparing the userid used for HTTP authentication (the web userid) with the file-system owner or group of the requested file. The supplied username and password must be already properly verified by an authentication module, such as

Apache Module mod_imagemap Description: Server-side imagemap processing Status: Base ModuleIdentifier: imagemap_module SourceFile: mod_imagemap.c Summary This module processes .map files, thereby replacing the functionality of the imagemap CGI program. Any directory or document type configured to use the handler imap-file (using either AddHandler or SetHandler) will be processed by this module. The following directive will activate files ending with .map as imagemap files: AddHandler imap-fi

When not to use mod_rewrite This document supplements the mod_rewrite reference documentation. It describes perhaps one of the most important concepts about mod_rewrite - namely, when to avoid using it. mod_rewrite should be considered a last resort, when other alternatives are found wanting. Using it when there are simpler alternatives leads to configurations which are confusing, fragile, and hard to maintain. Understanding what other alternatives are available is a very important step toward

Apache Module mod_proxy_http2 Description: HTTP/2 support module for mod_proxy Status: Extension ModuleIdentifier: proxy_http2_module SourceFile: mod_proxy_http2.c Summary mod_proxy_http2 supports HTTP/2 only, it does not provide any downgrades to HTTP/1.1. This means that the backend needs to support HTTP/2 because HTTP/1.1 will not be used instead. This module requires the service of mod_proxy, so in order to get the ability of handling HTTP/2 proxy requests, mod_proxy and mod_proxy_http2

apachectl - Apache HTTP Server Control Interface apachectl is a front end to the Apache HyperText Transfer Protocol (HTTP) server. It is designed to help the administrator control the functioning of the Apache httpd daemon. The apachectl script can operate in two modes. First, it can act as a simple front-end to the httpd command that simply sets any necessary environment variables and then invokes httpd, passing through any command line arguments. Second, apachectl can act as a SysV init scri

Getting Started If you're completely new to the Apache HTTP Server, or even to running a website at all, you might not know where to start, or what questions to ask. This document walks you through the basics. Clients, Servers, and URLs Addresses on the Web are expressed with URLs - Uniform Resource Locators - which specify a protocol (e.g. http), a servername (e.g. www.apache.org), a URL-path (e.g. /docs/current/getting-started.html), and possibly a query string (e.g. ?arg=value) used to