Apache Http Server Configuration using httpd.conf
Hi, I am Malathi Boggavarapu working at Volvo Group and i live in Gothenburg, Sweden. I have been working on Java since several years and had vast experience and knowledge across various technologies.
In this post, we discuss about various options that are available in Apache Http server configuration file httpd.conf.
ServerTokens
ServerTokens Prod - Server sends (ex, ): Server: Apache
ServerTokens Major - Server sends (ex, ): Server: Apache/2
ServerTokens Minor - Server sends (ex, ): Server: Apache/2.0
ServerTokens Min - Server sends (ex, ): Server: Apache/2.0.41
ServerTokens OS - Server sends (ex, ): Server: Apache/2.0.41 (Unix)
ServerTokens Full (or not specified) - Server sends (ex, ): Server: Apache/2.0.41 (Unix) PHP/4.2.2 MyMod/1.3
ServerRoot - Root directory of Apache http server
PidFile - [Run time directory]/httpd.pid - The file in which the Server should record its Process identification number when it starts.
Timeout - 60 - The number of seconds before receives and sends time out.
KeepAlive on/off - A webpage references many other web resources that were stored in the server.
Ex: A Web page usually refer to many CSS, JS files and images. When the browser requests a web page from server and is downloaded, the browser makes continuous requests to the web server inorder to download CSS, JS files, images and so on. So if it is a http request, it wouldn't cause any problem. But if the request is https based, there would be lot of overhead in Client and Server headers and the connection should be authenticated every time the Client/ Browser makes a new request to the server. So inorder to reduce the drastic CPU usage, setting KeepAlive option to ON will keep the connection between Client and Server Alive until the entire web page is downloaded.
MaxKeepAliveRequests - The maximum number of requests to allow during a persistent connection. Set to 0 to allow an unlimited amount. For maximum performance, it is recommented to leave it to a high value
KeepAliveTimeout 5 - The number of seconds to wait for the next request from the same client on the same connection.
IfModule prefork.c
This is the normal module that is used on Linux where Apache creates preforks - multiple child processes to serve the clients.
StartServers - Number of Server processes to start
MinSpareServers - Min number of Server processes which are kept spare
MaxSpareServers - Max number of Server processes which are kept spare
ServerLimit - Max number of MaxClients for the lifetime of the server
MaxClients - Max number of Server processes allowed to start
MaxRequestsPerChild - Max number of requests a server process serves.
<IfModule prefork.c>
StartServers 50
MinSpareServers 50
MaxSpareServers 200
ServerLimit 4096
MaxClients 4096
MaxRequestsPerChild 40000
</IfModule>
IfModule worker.c - This is rather similar block within a IfModule which is used to get multi threading model to get concurrency in Apache. It is most commonly used in Windows.
<IfModule worker.c>
StartServers 4
MaxClients 300
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>
IfModule event.c
event.c is the Multi-processing module implementing a hybrid multi-threaded and multi process web server. You can read more information about event.c module at https://httpd.apache.org/docs/2.4/mod/worker.html
Example below.
<IfModule event.c>
StartServers 2
ServerLimit 16
ThreadsPerChild 64
ThreadLimit 64
MinSpareThreads 16
MaxSpareThreads 80
MaxRequestWorkers 1024
AsyncRequestWorkerFactor 3
</IfModule>
Listen 80 - Allows you to bind apache to specific IP addresses or ports. A port number can range between 1 and 65000.
ProxyPreserveHost off/on - It preserves the header Host sent by the client
ProxyRequests off/on - A foward proxy can be activated using this directive. A forward proxy is an intermidate server between client and the original server. The client sends the request to the proxy naming the origin server as target. The proxy then requests the content from origin server and sends back to the client. The client needs to be configured specially to use forward proxy to access other sites from the origin server.
ProxyErrorOverride on/off - This directive is used to override error pages for proxied content. Useful for rever-proxy setups where you want to configure same error pages to be seen by the client for different error codes that were coming along.
ProxyAddHeaders on/off - This directive determines whether the proxy related information should be passed to backend server through X-Forwaded-For, X-Forwaded-Host and X-Forwaded-Server http headers.
RemoteIPHeader header-field: This will trigger the module mod_remoteip to trat the value of specified header-field header as useragent IP address
RemoteIPInternalProxy 10.0.0.1 - Declares Client intranet IP addresses trusted to present the RemoteIPHeader value.
ErrorLogFormat "[%t] [%l] [pid %P] %F: %E: [client %a] %M"
Allows to specify what supplementary information is logged in the error log in addition to the actual log message
%t - The current time
%l - Log level of the message
%P - Process ID of the current process
%F - Soruce file name and line number of the log call
%E - APR/OS error status code and strïng
%a - ClientIP address and port of the request
%M - The actual log message
ErrorLog file-path - Sets the name if the file to which the server will log errors. If the file path is not absolute, it is relative to the ServerRoot
LogLevel - Controls the verbosity of the error log.
Ex: LogLevel error
LoadModule is used to load modules into the Apache server.
Example:
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_basic_module modules/mod_auth_digest.so
LoadModule auth_basic_module modules/mod_authn_anon.so
LoadModule auth_basic_module modules/mod_authz_host.so
-- More details will come soon
Hope it is helpful
In this post, we discuss about various options that are available in Apache Http server configuration file httpd.conf.
ServerTokens
ServerTokens Prod - Server sends (ex, ): Server: Apache
ServerTokens Major - Server sends (ex, ): Server: Apache/2
ServerTokens Minor - Server sends (ex, ): Server: Apache/2.0
ServerTokens Min - Server sends (ex, ): Server: Apache/2.0.41
ServerTokens OS - Server sends (ex, ): Server: Apache/2.0.41 (Unix)
ServerTokens Full (or not specified) - Server sends (ex, ): Server: Apache/2.0.41 (Unix) PHP/4.2.2 MyMod/1.3
ServerRoot - Root directory of Apache http server
PidFile - [Run time directory]/httpd.pid - The file in which the Server should record its Process identification number when it starts.
Timeout - 60 - The number of seconds before receives and sends time out.
KeepAlive on/off - A webpage references many other web resources that were stored in the server.
Ex: A Web page usually refer to many CSS, JS files and images. When the browser requests a web page from server and is downloaded, the browser makes continuous requests to the web server inorder to download CSS, JS files, images and so on. So if it is a http request, it wouldn't cause any problem. But if the request is https based, there would be lot of overhead in Client and Server headers and the connection should be authenticated every time the Client/ Browser makes a new request to the server. So inorder to reduce the drastic CPU usage, setting KeepAlive option to ON will keep the connection between Client and Server Alive until the entire web page is downloaded.
MaxKeepAliveRequests - The maximum number of requests to allow during a persistent connection. Set to 0 to allow an unlimited amount. For maximum performance, it is recommented to leave it to a high value
KeepAliveTimeout 5 - The number of seconds to wait for the next request from the same client on the same connection.
IfModule prefork.c
This is the normal module that is used on Linux where Apache creates preforks - multiple child processes to serve the clients.
StartServers - Number of Server processes to start
MinSpareServers - Min number of Server processes which are kept spare
MaxSpareServers - Max number of Server processes which are kept spare
ServerLimit - Max number of MaxClients for the lifetime of the server
MaxClients - Max number of Server processes allowed to start
MaxRequestsPerChild - Max number of requests a server process serves.
<IfModule prefork.c>
StartServers 50
MinSpareServers 50
MaxSpareServers 200
ServerLimit 4096
MaxClients 4096
MaxRequestsPerChild 40000
</IfModule>
IfModule worker.c - This is rather similar block within a IfModule which is used to get multi threading model to get concurrency in Apache. It is most commonly used in Windows.
<IfModule worker.c>
StartServers 4
MaxClients 300
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
MaxRequestsPerChild 0
</IfModule>
IfModule event.c
event.c is the Multi-processing module implementing a hybrid multi-threaded and multi process web server. You can read more information about event.c module at https://httpd.apache.org/docs/2.4/mod/worker.html
Example below.
<IfModule event.c>
StartServers 2
ServerLimit 16
ThreadsPerChild 64
ThreadLimit 64
MinSpareThreads 16
MaxSpareThreads 80
MaxRequestWorkers 1024
AsyncRequestWorkerFactor 3
</IfModule>
Listen 80 - Allows you to bind apache to specific IP addresses or ports. A port number can range between 1 and 65000.
ProxyPreserveHost off/on - It preserves the header Host sent by the client
ProxyRequests off/on - A foward proxy can be activated using this directive. A forward proxy is an intermidate server between client and the original server. The client sends the request to the proxy naming the origin server as target. The proxy then requests the content from origin server and sends back to the client. The client needs to be configured specially to use forward proxy to access other sites from the origin server.
ProxyErrorOverride on/off - This directive is used to override error pages for proxied content. Useful for rever-proxy setups where you want to configure same error pages to be seen by the client for different error codes that were coming along.
ProxyAddHeaders on/off - This directive determines whether the proxy related information should be passed to backend server through X-Forwaded-For, X-Forwaded-Host and X-Forwaded-Server http headers.
RemoteIPHeader header-field: This will trigger the module mod_remoteip to trat the value of specified header-field header as useragent IP address
RemoteIPInternalProxy 10.0.0.1 - Declares Client intranet IP addresses trusted to present the RemoteIPHeader value.
ErrorLogFormat "[%t] [%l] [pid %P] %F: %E: [client %a] %M"
Allows to specify what supplementary information is logged in the error log in addition to the actual log message
%t - The current time
%l - Log level of the message
%P - Process ID of the current process
%F - Soruce file name and line number of the log call
%E - APR/OS error status code and strïng
%a - ClientIP address and port of the request
%M - The actual log message
ErrorLog file-path - Sets the name if the file to which the server will log errors. If the file path is not absolute, it is relative to the ServerRoot
LogLevel - Controls the verbosity of the error log.
Ex: LogLevel error
LoadModule is used to load modules into the Apache server.
Example:
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_basic_module modules/mod_auth_digest.so
LoadModule auth_basic_module modules/mod_authn_file.so
LoadModule auth_basic_module modules/mod_authn_alias.so
LoadModule auth_basic_module modules/mod_auth_dbm.so
LoadModule auth_basic_module modules/mod_authn_default.so
LoadModule auth_basic_module modules/mod_authz_user.so
Include conf.d/*.conf cause Apache to also pickup configuration from .conf files within conf.d directory. Not makes it easier to drop extra configuration into Apache. For example when some other packages installed it simply drops its configuration lines into .conf file into conf.d directory.
Hope it is helpful
Comments
Post a Comment