[root@lamp conf]# vi httpd.conf.bak
1 #
2 # This is the main Apache HTTP server configuration file. It contains the
3 # configuration directives that give the server its instructions.
4 # See <URL:http://httpd.apache.org/docs/2.4/> for detailed information.
5 # In particular, see
6 # <URL:http://httpd.apache.org/docs/2.4/mod/directives.html>
7 # for a discussion of each configuration directive.
8 #
9 # Do NOT simply read the instructions in here without understanding
10 # what they do. They're here only as hints or reminders. If you are unsure
11 # consult the online docs. You have been warned.
12 #
13 # Configuration and logfile names: If the filenames you specify for many
14 # of the server's control files begin with "/" (or "drive:/" for Win32), the
15 # server will use that explicit path. If the filenames do *not* begin
16 # with "/", the value of ServerRoot is prepended -- so "logs/access_log"
17 # with ServerRoot set to "/usr/local/apache2" will be interpreted by the
18 # server as "/usr/local/apache2/logs/access_log", whereas "/logs/access_log"
19 # will be interpreted as '/logs/access_log'.
20
21 #
24 #
25 # Do not add a slash at the end of the directory path. If you point
26 # ServerRoot at a non-local disk, be sure to specify a local disk on the
27 # Mutex directive, if file-based mutexes are used. If you wish to share the
28 # same ServerRoot for multiple httpd daemons, you will need to change at
29 # least PidFile.
30 #
<===(31行)主要用于指定Apache的安装路径,此参数选项在安装Apache的时候会自动写入(如果是Windows版本则为Windows安装的路径),
编译安装则为编译时选择的路径,注意末尾不能带 / 。
31 ServerRoot "/usr/local/apache"
32
33 #
<===(34-41行)互斥:允许你为多个不同的互斥对象设置互斥机制和互斥文件目录,或者修改全局默认值。
如果互斥对象是基于文件的以及默认的互斥文件目录不在本地磁盘或因为其它原因而不适用,那么取消注释并改变目录。
34 # Mutex: Allows you to set the mutex mechanism and mutex file directory
35 # for individual mutexes, or change the global defaults
36 #
38 # mutex file directory is not on a local disk or is not appropriate for some
39 # other reason.
40 #
41 # Mutex default:logs
<===(44-53行)Listen主要侦听web服务端口状态,默认为:80,即侦听所有的地址的80端口,注意这里也可以写成IP地址的侦听形式,不写即默认的地址:0.0.0.0
44 # Listen: Allows you to bind Apache to specific IP addresses and/or
45 # ports, instead of the default. See also the <VirtualHost>
46 # directive.
47 #
48 # Change this to Listen on specific IP addresses as shown below to
49 # prevent Apache from glomming onto all bound IP addresses.
50 #
51 #Listen 12.34.56.78:80
52 Listen 80
53
<===(54-166行)主要用于添加Apache一些动态模块,比如php支持模块。重定向模块,认证模块支持,注意如果需要添加某些模块支持,只需把相关模块前面注释符号取消掉。
如图所示,要对Apache添加某个功能模块,把前面的注释符号去掉就行
54 #
55 # Dynamic Shared Object (DSO) Support #<===动态模块 Dynamic Shared Object (DSO) 支持
56 #
58 # have to place corresponding `LoadModule' lines at this location so the
59 # directives contained in it are actually available _before_ they are used.
60 # Statically compiled modules (those listed by `httpd -l') do not need
61 # to be loaded here.
62 #
63 # Example:
64 # LoadModule foo_module modules/mod_foo.so
65 #
66 LoadModule authn_file_module modules/mod_authn_file.so
67 #LoadModule authn_dbm_module modules/mod_authn_dbm.so
68 #LoadModule authn_anon_module modules/mod_authn_anon.so
69 #LoadModule authn_dbd_module modules/mod_authn_dbd.so
70 #LoadModule authn_socache_module modules/mod_authn_socache.so
71 LoadModule authn_core_module modules/mod_authn_core.so
72 LoadModule authz_host_module modules/mod_authz_host.so
73 LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
74 LoadModule authz_user_module modules/mod_authz_user.so
75 #LoadModule authz_dbm_module modules/mod_authz_dbm.so
76 #LoadModule authz_owner_module modules/mod_authz_owner.so
77 #LoadModule authz_dbd_module modules/mod_authz_dbd.so
78 LoadModule authz_core_module modules/mod_authz_core.so
79 LoadModule access_compat_module modules/mod_access_compat.so
80 LoadModule auth_basic_module modules/mod_auth_basic.so
81 #LoadModule auth_form_module modules/mod_auth_form.so
82 #LoadModule auth_digest_module modules/mod_auth_digest.so
83 #LoadModule allowmethods_module modules/mod_allowmethods.so
84 #LoadModule file_cache_module modules/mod_file_cache.so
85 #LoadModule cache_module modules/mod_cache.so
86 #LoadModule cache_disk_module modules/mod_cache_disk.so
87 #LoadModule cache_socache_module modules/mod_cache_socache.so
88 #LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
89 #LoadModule socache_dbm_module modules/mod_socache_dbm.so
90 #LoadModule socache_memcache_module modules/mod_socache_memcache.so
91 #LoadModule watchdog_module modules/mod_watchdog.so
92 #LoadModule macro_module modules/mod_macro.so
93 #LoadModule dbd_module modules/mod_dbd.so
94 #LoadModule dumpio_module modules/mod_dumpio.so
95 #LoadModule echo_module modules/mod_echo.so
96 #LoadModule buffer_module modules/mod_buffer.so
97 #LoadModule data_module modules/mod_data.so
98 #LoadModule ratelimit_module modules/mod_ratelimit.so
99 LoadModule reqtimeout_module modules/mod_reqtimeout.so
100 #LoadModule ext_filter_module modules/mod_ext_filter.so
101 #LoadModule request_module modules/mod_request.so
102 #LoadModule include_module modules/mod_include.so
103 LoadModule filter_module modules/mod_filter.so
104 #LoadModule reflector_module modules/mod_reflector.so
105 #LoadModule substitute_module modules/mod_substitute.so
106 #LoadModule sed_module modules/mod_sed.so
107 #LoadModule charset_lite_module modules/mod_charset_lite.so
108 #LoadModule deflate_module modules/mod_deflate.so
109 LoadModule mime_module modules/mod_mime.so
110 LoadModule log_config_module modules/mod_log_config.so
111 #LoadModule log_debug_module modules/mod_log_debug.so
112 #LoadModule log_forensic_module modules/mod_log_forensic.so
113 #LoadModule logio_module modules/mod_logio.so
114 LoadModule env_module modules/mod_env.so
115 #LoadModule mime_magic_module modules/mod_mime_magic.so
116 #LoadModule expires_module modules/mod_expires.so
117 LoadModule headers_module modules/mod_headers.so
118 #LoadModule usertrack_module modules/mod_usertrack.so
119 #LoadModule unique_id_module modules/mod_unique_id.so
120 LoadModule setenvif_module modules/mod_setenvif.so
121 LoadModule version_module modules/mod_version.so
122 #LoadModule remoteip_module modules/mod_remoteip.so
123 #LoadModule proxy_module modules/mod_proxy.so
124 #LoadModule proxy_connect_module modules/mod_proxy_connect.so
125 #LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
126 #LoadModule proxy_http_module modules/mod_proxy_http.so
127 #LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
128 #LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
129 #LoadModule proxy_fdpass_module modules/mod_proxy_fdpass.so
130 #LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
131 #LoadModule proxy_ajp_module modules/mod_proxy_ajp.so
132 #LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
133 #LoadModule proxy_express_module modules/mod_proxy_express.so
134 #LoadModule proxy_hcheck_module modules/mod_proxy_hcheck.so
135 #LoadModule session_module modules/mod_session.so
136 #LoadModule session_cookie_module modules/mod_session_cookie.so
137 #LoadModule session_dbd_module modules/mod_session_dbd.so
138 #LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
139 #LoadModule slotmem_plain_module modules/mod_slotmem_plain.so
140 #LoadModule ssl_module modules/mod_ssl.so
141 #LoadModule dialup_module modules/mod_dialup.so
142 #LoadModule lbmethod_byrequests_module modules/mod_lbmethod_byrequests.so
143 #LoadModule lbmethod_bytraffic_module modules/mod_lbmethod_bytraffic.so
144 #LoadModule lbmethod_bybusyness_module modules/mod_lbmethod_bybusyness.so
145 #LoadModule lbmethod_heartbeat_module modules/mod_lbmethod_heartbeat.so
146 LoadModule unixd_module modules/mod_unixd.so
147 #LoadModule heartbeat_module modules/mod_heartbeat.so
148 #LoadModule heartmonitor_module modules/mod_heartmonitor.so
149 #LoadModule dav_module modules/mod_dav.so
150 LoadModule status_module modules/mod_status.so
151 LoadModule autoindex_module modules/mod_autoindex.so
152 #LoadModule asis_module modules/mod_asis.so
153 #LoadModule info_module modules/mod_info.so
154 #LoadModule cgi_module modules/mod_cgi.so
155 #LoadModule dav_fs_module modules/mod_dav_fs.so
156 #LoadModule dav_lock_module modules/mod_dav_lock.so
157 #LoadModule vhost_alias_module modules/mod_vhost_alias.so
158 #LoadModule negotiation_module modules/mod_negotiation.so
159 LoadModule dir_module modules/mod_dir.so
160 #LoadModule actions_module modules/mod_actions.so
161 #LoadModule speling_module modules/mod_speling.so
162 #LoadModule userdir_module modules/mod_userdir.so
163 LoadModule alias_module modules/mod_alias.so
164 #LoadModule rewrite_module modules/mod_rewrite.so
165
166 <IfModule unixd_module>
167 #
<===(168-177行)此选项主要用指定Apache服务的运行用户和用户组,默认为:daemon,可以更改为apache
168 # If you wish httpd to run as a different user or group, you must run
169 # httpd as root initially and it will switch.
170 #
171 # User/Group: The name (or #number) of the user/group to run httpd as.
172 # It is usually good practice to create a dedicated user and group for
173 # running httpd, as with most system services.
174 #
175 User daemon
176 Group daemon
177
178 </IfModule>
179
180 # 'Main' server configuration <===下面是服务器主要的配置文件
181 #
182 # The directives in this section set up the values used by the 'main'
183 # server, which responds to any requests that aren't handled by a
184 # <VirtualHost> definition. These values also provide defaults for
185 # any <VirtualHost> containers you may define later in the file.
186 #
187 # All of these directives may appear inside <VirtualHost> containers,
188 # in which case these default settings will be overridden for the
189 # virtual host being defined.
190 #
191
192 #
193 # ServerAdmin: Your address, where problems with the server should be
194 # e-mailed. This address appears on some server-generated pages, such
195 # as error documents. e.g. admin@your-domain.com
196 #
197 ServerAdmin you@example.com <===配置管理员邮箱地址
198
<===(199-211行)配置Apache默认的服务器名以及端口,默认参数值设置为:ServerName localhost:80即可
199 #
200 # ServerName gives the name and port that the server uses to identify itself.
201 # This can often be determined automatically, but we recommend you specify
202 # it explicitly to prevent problems during startup.
203 #
204 # If your host doesn't have a registered DNS name, enter its IP address here.
205 #
206 #ServerName www.example.com:80 <===如果提示域名解析问题,就把这里改为本机IP地址:端口
207
208 #
209 # Deny access to the entirety of your server's filesystem. You must
210 # explicitly permit access to web content directories in other
211 # <Directory> blocks below.
212 #
<===(213-228行)此选项主要是针对用户对根目录下所有的访问权限控制,默认Apache对根目录访问都是拒绝访问。
213 <Directory />
214 AllowOverride none
215 Require all denied
216 </Directory>
217
218 #
219 # Note that from this point forward you must specifically allow
222 # below.
223 #
224
225 #
226 # DocumentRoot: The directory out of which you will serve your
227 # documents. By default, all requests are taken from this directory, but
228 # symbolic links and aliases may be used to point to other locations.
229 #
<===(230-261行)Apache的默认网站根目录设置及访问控制,主要是针对Apache默认网站根目录的设置以及相关的权限访问设置,默认对网站的根目录具有访问权限。
230 DocumentRoot "/usr/local/apache/htdocs"
231 <Directory "/usr/local/apache/htdocs">
232 #
236 #
237 # Note that "MultiViews" must be named *explicitly* --- "Options All"
238 # doesn't give it to you.
239 #
240 # The Options directive is both complicated and important. Please see
241 # http://httpd.apache.org/docs/2.4/mod/core.html#options
242 # for more information.
243 #
244 Options Indexes FollowSymLinks <===这里属于安全方面的设置(删除Indexes字符,或者在前面加 -),防止显示根目录
245
246 #
248 # It can be "All", "None", or any combination of the keywords:
249 # AllowOverride FileInfo AuthConfig Limit
250 #
251 AllowOverride None
252
253 #
254 # Controls who can get stuff from this server.
255 #
256 Require all granted
257 </Directory>
258
259 #
260 # DirectoryIndex: sets the file that Apache will serve if a directory
261 # is requested.
<===(262-269行)Apache的默认首页设置,默认只支持:index.html首页,如要支持其他类型的首页,需要在此区域添加,如index.php
262 #
263 <IfModule dir_module>
264 DirectoryIndex index.html
265 </IfModule>
266
267 #
268 # The following lines prevent .htaccess and .htpasswd files from being
269 # viewed by Web clients.
270 #
<===(271-273行)Apache关于.ht文件访问配置,默认为具有访问权限,此区域文件默认即可。
271 <Files ".ht*">
272 Require all denied
273 </Files>
274
<===(275-317行)此区域文件主要是针对Apache默认的日志级别,默认的访问日志路径,默认的错误日志路径等相关设置,此选项内容默认即可。
275 #
276 # ErrorLog: The location of the error log file.
277 # If you do not specify an ErrorLog directive within a <VirtualHost>
278 # container, error messages relating to that virtual host will be
279 # logged here. If you *do* define an error logfile for a <VirtualHost>
280 # container, that host's errors will be logged there and not here.
283
284 #
285 # LogLevel: Control the number of messages logged to the error_log.
286 # Possible values include: debug, info, notice, warn, error, crit,
289 LogLevel warn
290
291 <IfModule log_config_module>
292 #
293 # The following directives define some format nicknames for use with
294 # a CustomLog directive (see below).
295 #
297 LogFormat "%h %l %u %t "%r" %>s %b" common
298
299 <IfModule logio_module>
300 # You need to enable mod_logio.c to use %I and %O
302 </IfModule>
303
304 #
305 # The location and format of the access logfile (Common Logfile Format).
306 # If you do not define any access logfiles within a <VirtualHost>
307 # container, they will be logged here. Contrariwise, if you *do*
308 # define per-<VirtualHost> access logfiles, transactions will be
309 # logged therein and *not* in this file.
310 #
311 CustomLog "logs/access_log" common
312
313 #
314 # If you prefer a logfile with access, agent, and referer information
315 # (Combined Logfile Format) you can use the following directive.
316 #
317 #CustomLog "logs/access_log" combined
<===(318-376行)此区域文件主要包含一些URL重定向,别名,脚本别名等相关设置,以及一些特定的处理程序,比如cgi设置说明。
318 </IfModule>
319
320 <IfModule alias_module>
321 #
322 # Redirect: Allows you to tell clients about documents that used to
323 # exist in your server's namespace, but do not anymore. The client
324 # will make a new request for the document at its new location.
325 # Example:
326 # Redirect permanent /foo http://www.example.com/bar
327
328 #
329 # Alias: Maps web paths into filesystem paths and is used to
330 # access content that does not live under the DocumentRoot.
331 # Example:
332 # Alias /webpath /full/filesystem/path
333 #
334 # If you include a trailing / on /webpath then the server will
335 # require it to be present in the URL. You will also likely
336 # need to provide a <Directory> section to allow access to
337 # the filesystem path.
338
339 #
340 # ScriptAlias: This controls which directories contain server scripts.
341 # ScriptAliases are essentially the same as Aliases, except that
342 # documents in the target directory are treated as applications and
343 # run by the server when requested rather than as documents sent to the
344 # client. The same rules about trailing "/" apply to ScriptAlias
347 ScriptAlias /cgi-bin/ "/usr/local/apache/cgi-bin/"
348
349 </IfModule>
350
351 <IfModule cgid_module>
352 #
353 # ScriptSock: On threaded servers, designate the path to the UNIX
354 # socket used to communicate with the CGI daemon of mod_cgid.
355 #
356 #Scriptsock cgisock
357 </IfModule>
358
359 #
361 # CGI directory exists, if you have that configured.
362 #
363 <Directory "/usr/local/apache/cgi-bin">
364 AllowOverride None
365 Options None
366 Require all granted
367 </Directory>
368
369 <IfModule headers_module>
370 #
371 # Avoid passing HTTP_PROXY environment to CGI's on this or any proxied
372 # backend servers which have lingering "httpoxy" defects.
373 # 'Proxy' request header is undefined by the IETF, not listed by IANA
374 #
375 RequestHeader unset Proxy early
376 </IfModule>
<===(377-424行)此区域文件主要包含一些mime文件支持,以及添加一些指令在给定的文件扩展名与特定的内容类型之间建立映射关系,比如添加对php文件扩展名映射关系。
377 #
378 <IfModule mime_module>
379 #
380 # TypesConfig points to the file containing the list of mappings from
381 # filename extension to MIME-type.
382 #
383 TypesConfig conf/mime.types
384
385 #
386 # AddType allows you to add to or override the MIME configuration
387 # file specified in TypesConfig for specific file types.
388 #
389 #AddType application/x-gzip .tgz
392 # information on the fly. Note: Not all browsers support this.
393 #
394 #AddEncoding x-compress .Z
395 #AddEncoding x-gzip .gz .tgz
396 #
397 # If the AddEncoding directives above are commented-out, then you
398 # probably should define those extensions to indicate media types:
399 #
400 AddType application/x-compress .Z
401 AddType application/x-gzip .gz .tgz
402
403 #
404 # AddHandler allows you to map certain file extensions to "handlers":
406 # or added with the Action directive (see below)
407 #
408 # To use CGI scripts outside of ScriptAliased directories:
409 # (You will also need to add "ExecCGI" to the "Options" directive.)
410 #
411 #AddHandler cgi-script .cgi
412
413 # For type maps (negotiated resources):
414 #AddHandler type-map var
415
416 #
417 # Filters allow you to process content before it is sent to the client.
418 #
419 # To parse .shtml files for server-side includes (SSI):
420 # (You will also need to add "Includes" to the "Options" directive.)
421 #
422 #AddType text/html .shtml
423 #AddOutputFilter INCLUDES .shtml
424 </IfModule>
425
426 #
<===(427-461行)此区域可定制的访问错误响应提示,支持三种方式:1明文 ,2本地重定向 ,3外部重定向;另外还包括内存映射或“发送文件系统调用”可被用于分发文件等配置。
427 # The mod_mime_magic module allows the server to use various hints from the
428 # contents of the file itself to determine its type. The MIMEMagicFile
429 # directive tells the module where the hint definitions are located.
430 #
431 #MIMEMagicFile conf/magic
432
433 #
434 # Customizable error responses come in three flavors:
435 # 1) plain text 2) local redirects 3) external redirects
436 #
437 # Some examples:
438 #ErrorDocument 500 "The server made a boo boo."
439 #ErrorDocument 404 /missing.html
440 #ErrorDocument 404 "/cgi-bin/missing_handler.pl"
441 #ErrorDocument 402 http://www.example.com/subscription_info.html
442 #
443
444 #
445 # MaxRanges: Maximum number of Ranges in a request before
446 # returning the entire resource, or one of the special
447 # values 'default', 'none' or 'unlimited'.
448 # Default setting is to accept 200 Ranges.
449 #MaxRanges unlimited
450
451 #
452 # EnableMMAP and EnableSendfile: On systems that support it,
453 # memory-mapping or the sendfile syscall may be used to deliver
454 # files. This usually improves server performance, but must
455 # be turned off when serving from networked-mounted
456 # filesystems or if support for these functions is otherwise
457 # broken on your system.
458 # Defaults: EnableMMAP On, EnableSendfile Off
459 #
460 #EnableMMAP off
461 #EnableSendfile on
462
<===(463-503)行此区域主要包括:服务器池管理,多语言错误消息,动态目录列表形式配置,语言设置,用户家庭目录,请求和配置上的实时信息,
虚拟主机,Apache Http Server手册,分布式创作和版本控制,多种类默认设置,mod_proxy_html,使其支持HTML4/XHTML1等等补充配置的补充。
463 # Supplemental configuration
464 #
465 # The configuration files in the conf/extra/ directory can be
466 # included to add extra features or to modify the default configuration of
467 # the server, or you may simply copy their contents here and change as
468 # necessary.
469
470 # Server-pool management (MPM specific)
471 #Include conf/extra/httpd-mpm.conf
472
473 # Multi-language error messages
474 #Include conf/extra/httpd-multilang-errordoc.conf
475
476 # Fancy directory listings
477 #Include conf/extra/httpd-autoindex.conf
478
479 # Language settings
480 #Include conf/extra/httpd-languages.conf
481
482 # User home directories
483 #Include conf/extra/httpd-userdir.conf
484
485 # Real-time info on requests and configuration
486 #Include conf/extra/httpd-info.conf
487
488 # Virtual hosts
489 #Include conf/extra/httpd-vhosts.conf
490
491 # Local access to the Apache HTTP Server Manual
492 #Include conf/extra/httpd-manual.conf
493
494 # Distributed authoring and versioning (WebDAV)
495 #Include conf/extra/httpd-dav.conf
496
497 # Various default settings
498 #Include conf/extra/httpd-default.conf
499
500 # Configure mod_proxy_html to understand HTML4/XHTML1
501 <IfModule proxy_html_module>
502 Include conf/extra/proxy-html.conf
503 </IfModule>
504
<===(505-515行)此区域主要是关于服务器安全连接设置,用于使用https连接服务器等设置的地方。
505 # Secure (SSL/TLS) connections
506 #Include conf/extra/httpd-ssl.conf
507 #
508 # Note: The following must must be present to support
509 # starting without SSL on platforms with no /dev/random equivalent
510 # but a statically compiled-in mod_ssl.
511 #
512 <IfModule ssl_module>
513 SSLRandomSeed startup builtin
514 SSLRandomSeed connect builtin
515 </IfModule>