2.1 List of definition files and definition items used by the web server
This topic provides a summary of the definition files and definition items used to configure the operating environment of the web server.
Definition files used by the web server
|
Definition file |
Overview |
Details |
|---|---|---|
|
File for configuring the operating environment of the web server |
Defines the operating environment of the web server by the multiple directives. The system administrator manages these directives. |
|
|
File for defining the relationship between file extensions and content types |
Defines the relationship between file extensions and content types (MIME types). This file is managed by the system administrator. |
|
|
File for defining access control |
Defines access control. By creating the access control file (.htaccess) in a specific directory, you can specify an access permission for the directory. |
Definition items (directives) used by the web server
|
Definition item (directive) |
Overview |
Details |
|---|---|---|
|
Definition of the directives that are applied only for a specific directory |
Specifies directives that are applied only for a specific directory. |
|
|
Definition of the directives that are applied only for directories that meet conditions specified by using regular expressions |
Specifies directives that are applied only for directories that meet conditions specified by using regular expressions. |
|
|
Definition of the directives that are applied only for a specific file |
Specifies directives that are applied only for a specific file. |
|
|
Definition of the directives that are applied only for files that meet conditions specified by using regular expressions |
Specifies directives that are applied only for files that meet conditions specified by using regular expressions. |
|
|
Definition of the directives that are applied only if the specified module is embedded. |
If the specified module is embedded, the directive specified within the block are applied. If ! is added before the module name, when the specified module is not embedded, the directive specified within the block are applied. No restriction exists on the directive that can be specified within the block. |
|
|
Definition of the directives that are applied only for specific HTTP protocol methods |
Specifies directives for access control that are applied only for specific HTTP protocol methods. |
|
|
Definition of the directives that are applied only for a specific URL |
Specifies directives that are applied only for a request sent to a specific URL. |
|
|
Definition of the directives that are applied only for the requests sent to the URLs that meet conditions specified by using regular expressions |
Specifies directives that are applied only for the requests sent to the URLs that meet conditions specified by using regular expressions. |
|
|
Definition of the allocation destination used in a load balancer configuration |
Specifies directives that define the BalancerMember directive, if you are using a reverse proxy in a load balancer configuration by using mod_proxy_balancer. |
|
|
Definition of the directives that are applied only for a specific host or IP address |
Specifies directives that are applied only for requests sent to the host specified in host_name or in IP_address[:port_number]. |
|
|
Definition of the name of the file that defines the access control directives (access control file) |
Specifies the name of the file that defines the access control directives (access control file). |
|
|
Execution of a CGI script on the content specified by a specific MIME type or handler |
Specifies the CGI script name of the script to be executed when the content specified in the MIME type or the handler is requested from the web browser. |
|
|
Specification of the character string associated with the file extension to be displayed instead of the icon when the directory index is displayed |
To be specified when you want to display character strings associated with the file specified by the extension when the directory index is displayed. |
|
|
Specification of the character string associated with the MIME encoding to be displayed instead of the icon when the directory index is displayed |
To be specified when you want to display character strings associated with the MIME encoding (for example, x-compress) when the directory index is displayed in an environment where icons cannot be displayed. |
|
|
Specification of the character string associated with the MIME type to be displayed instead of the icon when the directory index is displayed |
To be specified when you want to display character strings associated with the MIME type (for example, text/html) when the directory index is displayed in an environment where icons cannot be displayed. |
|
|
Specification of a character set for a file extension |
Specifies a character set for a file extension. |
|
|
Specification of the default character set for a file extension |
Specifies the default character set for a file extension, when Content-Type is text/plain or text html. |
|
|
Specification the description of a file to be displayed when the directory index is displayed and formatted |
To be specified when you want to display a descriptive character string for one of the following items specified by the file name when the directory index is displayed and formatted: a file extension, a file name using wildcards, or a full file name without path information |
|
|
Specification of the association between the compression format and the extension necessary for the web browser to display the compressed data on the web server |
Specifies the association between the compression format and the extension necessary for the web browser to display the compressed data on the web server. |
|
|
Definition of the association between a handler and the file extensions to be processed by the handler |
Defines the association between a handler and the file extensions to be processed by the handler. |
|
|
Display of the icon associated with the extension when the directory index is displayed and formatted. |
To be specified when you want to display the directory index icon associated with the extension |
|
|
Display of the icon associated with a MIME encoding when the directory index is displayed and formatted. |
To be specified when you want to display an icon associated with a MIME encoding when the directory index is displayed and formatted. |
|
|
Display of the icon associated with a MIME type when the directory index is displayed and formatted. |
To be specified when you want to display an icon associated with a MIME type when the directory index is displayed and formatted. |
|
|
Specification of the language to be used in documents |
Specifies the language to be used in documents. |
|
|
Association between the extension and the MIME type of the content that is not defined in the file specified in the TypesConfig directive. |
To be specified when you want to associate the extension and the MIME type of the content that is not defined in the file specified in the TypesConfig directive. |
|
|
Specification of another name to replace a URL to a file system path |
Specifies another name to replace the specific URL requested from a web browser. |
|
|
Specification of a regular expression to replace the URL to a file system path |
Specifies the new path to replace the URL requested from a web browser. |
|
|
Specification of the clients who are permitted to access the web server |
To be specified when you want to restrict the clients who can access the web server. You can specify the domain name, IP address, subnet, and netmask of the hosts that are permitted access for the host |
|
|
Specification of whether to overwrite the access information definitions in the file specified in the AccessFileName directive |
Specifies specifies the file specified in the AccessFileName directive has permission to overwrite the access information definition. |
|
|
Specification of the control method when user authentication is performed |
Specifies the control method when user authentication is performed. |
|
|
Specification of the name of the file that stores the list of groups to be authenticated when user authentication is performed by groups |
Specifies the name of file that stores the list of groups to be authenticated when user authentication is performed by groups |
|
|
Specification of the realm name when user authentication is performed |
Specifies the realm name (which is displayed in the user authentication window for the web browser) when user authentication is performed. |
|
|
Specification of the authentication control type when user authentication is performed. |
Specifies the authentication control type when user authentication is performed. |
|
|
Specification of the name of the file that stores the list of user names and passwords to be authenticated when user authentication is performed by user names |
If you want to authenticate users by their user names, specify the name of the file that stores the list of user names and passwords to be authenticated. |
|
|
Specification of the URL of the forwarding destination when using the reverse proxy in a load balancer configuration |
Specifies the URL of the forwarding destination if you want to use the reverse proxy in a load balancer configuration by using mod_proxy_balancer. |
|
|
Setting of the environment variables for each web browser |
Sets the environment variables for each web browser. |
|
|
Setting of the environment variables for each web browser |
Sets the environment variables for each web browser. |
|
|
Specification of whether to enable the cache on the client side by using a request for content negotiation |
Specifies whether to enable the cache on the client side by using a request for content negotiation. |
|
|
Specification of the directory for dumping cores |
Specifies the directory for dumping cores. |
|
|
Specification of the output format of the access log |
Specifies for the log to be output to a file in the specified format. |
|
|
Specification of the icon to be displayed when no specific icon is set in the directory index |
Specifies the icon to be displayed in the directory index. |
|
|
Specification of the default language to be used in the document |
Specifies the default language to be used in the document. |
|
|
Specification of the clients who are prohibited to access the web server |
Specifies this directive when you want to restrict the clients who can access the web server. You can specify the domain name, IP address, subnet, and netmask of the hosts that are permitted access for the host |
|
|
Specification of the content file that is to be sent to the client by default |
Specifies the file name of the content to be sent to the client by default when no specific content is specified in the request from the web browser. |
|
|
Specification of the document root directory for storing the content |
Specifies the absolute path of the document root directory for storing the content. |
|
|
Customization of the message to be displayed in the web browser when an error occurs |
To be specified when you want to customize the message to be displayed in the web browser when an error occurs. |
|
|
Specification of the output destination of error logs |
Specifies the name of the file to which the error log is to be output. The content of the output logs can be selected by using the LogLevel directive. |
|
|
Specification of whether to add a response header related to the expiration date functionality |
Specifies whether to add the Expires header or the Cache-Control header to the response. |
|
|
Specification of the expiration date for MIME-type documents |
Specifies the expiration date for documents of the specified MIME type when the Expires header or the Cache-Control header is added to the response. |
|
|
Specification of the default expiration date |
Specifies the default expiration date when the Expires header or the Cache-Control header is added to the response. |
|
|
Specification of whether to display the extended status information of each request when the status information is displayed |
Specifies whether to display the extended status information in the status display format used by the server-status handler. |
|
|
Specification of the attribute value of the file used for creating the ETag response header field |
Specifies the file attribute value to be used for creating the ETag response header field. |
|
|
Specification of the MIME type used for all content under a specific directory |
Specifies the MIME type to be defined for the <Directory> block or the access control file, and to be used for all content under a specific directory. |
|
|
Specification of the group name to be used when the server process is running |
Specifies the group name to be used when the server process is running. |
|
|
Customization of the response header for responses to a 200-series status code |
To be specified when you want to customize the response header for responses to a 200-series status code. When the backend web server is used as a reverse proxy, the response header is customized regardless of the value of the status code returned by the backend web server. |
|
|
Specification of the file containing the comments to be appended to the header when the directory index is displayed |
Specifies the name (without path information) of the file containing the comments to be appended to the header when the directory index is displayed. |
|
|
Specification of whether to perform reverse DNS lookup to look up host names |
Specifies whether to perform reverse DNS lookup to convert the IP address of the client that is output to the REMOTE_HOST environment variable and CGI log file, to a host name. |
|
|
Changing of the client address that is output to the error log, to the value of the X-Forwarded-For header |
To be specified on the backend server when you want the message text "[client client_address:port_number]" that is output to the error log, to be changed to "[X-Forwarded-For X-Forwarded-For header_value]". |
|
|
Specification of whether information about the requests that were forcibly stopped during scheduled downtime, is to be output to the error log file |
Specifies whether information about the requests that were forcibly stopped after the forced-stop wait time elapsed during scheduled downtime, is to be output to the error log file. |
|
|
Specification of the wait time before the requests being executed are forcibly stopped during scheduled downtime |
Specifies the forced-stop wait time (in seconds), before the requests being executed are stopped, during scheduled downtime. |
|
|
Specification of the character set for the menu display |
Specifies the character set for the menu display. |
|
|
Specification of whether to maintain the number of running server processes as specified in the StartServers directive |
Specifies whether to maintain the number of running server processes as specified in the StartServers directive. |
|
|
Specification of whether to display the detailed information for errors output to the log during the SSL handshake processing |
Specifies whether to display the detailed information for info-level and error-level errors that are output to the log during the SSL handshake processing between the client and the server. If you want to enable SSL, we recommend that you set this directive to On. |
|
|
Specification of whether to display the time to the millisecond when information is output to the log |
Specifies whether to display, to the millisecond, the timestamps of the error log and the request log, the access time of the access log, the time taken for the request processing (%T), and the time when the request processing was started (%t). |
|
|
Specification of the character string that was specified in the PRF identifier when the PRF daemon started |
Specifies the character string that was specified in the PRF identifier when the PRF daemon started. |
|
|
Conversion of the Set-Cookie header that was received from the backend server when a reverse proxy is used |
When a reverse proxy is being used, the reverse proxy converts the Set-Cookie header that was received from the backend server. After the web browser receives the Set-Cookie header, the header must be converted to enable cookies to be sent, for requests to the backend server via the reverse proxy. |
|
|
Specification of the output destination of the request log |
Specifies the name of the file to which the request log is to be output. |
|
|
Specification of the trace type to be output to the request log |
Specifies the trace type to be output to the request log that is set in the HWSRequestLog directive. |
|
|
Setting of an environment variable by using the IPv6_address of the client or server |
Defines an environment variable by using the IPv6_address of the client or the server. |
|
|
Suppression of the output of the module trace |
Specifies the module file name and function type that suppress the output of module trace. |
|
|
Specification of the name of the file that stores the shared memory ID for collecting the trace |
Specifies the name of the file that stores the shared memory ID for collecting the trace. |
|
|
Specification of the name of the file where the trace collected to the shared memory is output when the server process ends abnormally |
Specifies the name of the file where the trace collected to the shared memory is output when the server process ends abnormally. |
|
|
Specification of whether to check the client by using the identd daemon of the client host |
Specifies whether to check the client by using the identd daemon of the client host. |
|
|
Specification of the default value for the base line of the image map file |
Specifies the default value for the base line of the image map file. |
|
|
Specification of the default value for the default line of the image map file |
Specifies the default value for the default line of the image map file. |
|
|
Specification of the menu display |
Specifies the menu display when map is specified for the value of the image map file or when the mouse is pointing to the coordinate (0,0) in the image map file. This item also defines the menu display when the image map file is requested without any coordinate specification. |
|
|
Specification of the file that is to be used as a configuration file |
Enables the file specified in file_name to be used as a configuration file. |
|
|
Specification of the file names that are not to be displayed in the web browser when the directory index is displayed |
Specifies the file names that are not to be displayed in the web browser when the directory index is displayed. This item can also be specified by using regular expressions. |
|
|
Setting of the option of the function that formats and displays the directory index |
Sets the option of the function that formats and displays the directory index |
|
|
Specification of the default order in which files are displayed in the directory index |
Specifies the default order in which files are displayed in the directory index. |
|
|
Specification of whether to enable KeepAlive connections |
Specifies whether to enable KeepAlive connections. |
|
|
Specification of the request wait time when using a KeepAlive connection |
Specifies the request wait time (in seconds) when using a KeepAlive connection. |
|
|
Specification of the order of priority when the client does not specify the priority of the language to be used |
Specifies the languages to be used, in order of priority starting from those of high priority. |
|
|
Specification of the upper limit on the size of the object body that the server can receive |
Specifies the upper limit on the size of the body (data) when the server receives a request sent from the web browser via HTTP communication. |
|
|
Specification of the upper limit on the number of the HTTP headers that the server can receive |
Specifies the upper limit on the number of the HTTP headers when the server receives a request sent from the web browser via HTTP communication. |
|
|
Specification of the upper limit on the size of a single HTTP header that the server can receive |
Specifies the upper limit on the size of a single HTTP header when the server receives a request sent from the web browser via HTTP communication. |
|
|
Specification of the upper limit on the length of the request line that the server can receive |
Specifies the upper limit on the length of the request line (method, URI including the inquiry string, and HTTP version) when the server receives a request sent from the web browser via HTTP communication. |
|
|
Specification of the IP address and port number that accept the request |
Specifies the IP address and the port number that accept the request. |
|
|
Specification of the upper limit on the number of connection requests from the client that can be kept in the queue |
Specifies the upper limit on the number of connection requests from the client that can be kept in the queue. |
|
|
Specification of the object file or library that contains a code referenced by a module embedded by DSO |
Specifies the object file or library that contains a code referenced by a module embedded by DSO. |
|
|
Specification of the module that is dynamically embedded into the web server |
Specifies the module to be dynamically embedded into the web server. |
|
|
Definition of a label name for the log format |
Defines a label name for the log format. The label name defined by this item can be specified in the CustomLog directive. |
|
|
Specification of the level of the errors to be output to the error log |
Specifies the level of the errors to be output to the error log Errors of levels higher than the specified level will be output to the log. |
|
|
Specification of the number of times that request processing is to be performed by the server process |
Specifies the number of times that request processing is to be performed by the server process. The server process performs request processing no more than number of the times specified by this item, and then ends the processing. |
|
|
Specification of the upper limit on the number of continuous KeepAlive connections |
Specifies the upper limit on the number of continuous KeepAlive connections |
|
|
Specification of the upper limit on the number of clients that can be connected at the same time |
Specifies the upper limit on the number of clients that can be connected at the same time. |
|
|
Specification of the upper limit on the number of server processes that can be running in the request waiting status |
Specifies the upper limit on the number of server processes that can be running in the request waiting status. |
|
|
Specification of the lower limit on the number of server processes that must be running in the request waiting status |
Specifies the lower limit on the number of server processes that must be running in the request waiting status. When the number of server processes falls below this value, a new process is generated. |
|
|
Specification of the type of extension that is the target of content negotiation |
Specifies the type of extension that is the target of content negotiation. |
|
|
Restrictions on the functions that users can use |
To be specified when you want to restrict the functions that the users can use. |
|
|
Specification of the order in which the specifications of the Allow directive and the Deny directive are evaluated |
Specifies the order in which the specifications of the Allow directive and the Deny directive are evaluated. |
|
|
Specification of the environment variable to be passed to the CGI script |
Specifies an environment variable to be passed to the CGI script. |
|
|
Specification of the file for storing the control process ID |
Specifies the file for storing the control process ID. |
|
|
Specification of whether to overwrite the response from the backend server if the response is an error status code |
Overrides the response header and response body when the backend server returns a 400-series or 500-series status code. As a result, the reverse proxy generates and returns a response to the client, instead of returning the response from the backend server. |
|
|
Specification of the request and address to be transferred to the backend server |
Specifies the request from the web browser and the address from which the request was sent, when a reverse proxy is used. |
|
|
Change of the URL in the Location header received from the backend server |
Changes the URL indicated by the Location header in the redirect response from the backend server, when a reverse proxy is used. |
|
|
Specification of whether the value of the Host header received from the client is to be transferred to the backend server |
Specifies whether the value of the Host header received from the client is to be transferred to the backend server, when a reverse proxy is used. |
|
|
Specification of the wait time for transmission to or from the backend server |
Specifies the wait time (in seconds) for transmission to or from the backend server. |
|
|
Control of the use of the Via header |
To be specified when you want to control the use of the Via header on the proxy. |
|
|
Specification of the domain where the cookie used by the flow control functionality is enabled |
Specifies the domain where the cookie used by the flow control functionality is enabled. This value is used in HWS creation mode but not in user creation mode. |
|
|
Specification of the amount of time for which the cookie used by the flow control functionality is enabled |
Specifies the amount of time (in seconds) for which the cookie used by the flow control functionality is enabled. The value specified in this directive is used in HWS creation mode, but not in user creation mode. |
|
|
Specification of the name of the cookie used by the flow control functionality |
Specifies the name of the cookie used by the flow control functionality. |
|
|
Specification of whether to send a cookie only when SSL access occurs |
Specifies whether to send a cookie to the client only when SSL access occurs. This value is used in HWS creation mode but not in user creation mode. |
|
|
Specification of the number of server processes when only the requests that send cookies are being processed |
Specifies the number of server processes when only the requests that send cookies are being processed, if the number of server processes in the request waiting status decreases. |
|
|
Redirection of requests rejected by the flow control functionality |
To be specified when requests from the client are to be redirected to the specified path when request processing is rejected by the flow control functionality. |
|
|
Specification of the number of server processes when all received requests are being rejected |
Specifies the number of server processes when the number of server processes in the request waiting status decreases and all received requests are being rejected. |
|
|
Specification of the content to be returned as the response when processing is rejected by the flow control functionality |
Specifies the content to be returned with the status code 503 when processing is rejected by the flow control functionality. |
|
|
Specification of the file containing the comments to be appended as Readme when the directory index is displayed |
Specifies the name (without path information) of the file containing the comments to be appended as Readme when the directory index is displayed. |
|
|
Specification for redirecting requests from clients |
To be specified when the requests sent from clients to the old path are to be redirected to a new path. |
|
|
Specification for redirecting requests from clients that meet conditions specified by using regular expressions |
To be specified when the requests sent from clients to paths that meet conditions specified by using regular expressions are to be redirected to a new path. |
|
|
Customization of the request header |
To be specified when you want to customize the header value received from the client. |
|
|
Specification of the timeout time from the start of the reception of the request, to the end of the reception of the request header, and from the start of the reception of the request body to the end |
Specifies the timeout time (in seconds) from the start of reception of requests to the end of reception of the request header, and from the start of reception of the request body to the end. |
|
|
Definitions for access restriction |
Defines access restriction. This item is to be specified with the following directives: AuthName, AuthType, and AuthUserFile (or AuthGroupFile). |
|
|
Specification of the conditions for access when access to content is restricted both by user authentication, and by host name or IP address |
Specifies the conditions for access when access to content is restricted both by user authentication (for example, by specifying the AuthUserFile or Require directive) and by host name or IP address (for example, by specifying the Allow from or Deny from directive). |
|
|
Execution of a CGI script for a specific method |
Executes the script specified by cgi_script_name when a request is made by using the specified method. |
|
|
Specification of the URL for executing a CGI program and the name of the directory where the CGI program is located |
Specifies the name of the directory containing the CGI program to be executed for requests to execute the CGI program specified by URL, that are received from the web browser. |
|
|
Specification of a regular expression for the URL for executing a CGI program and the name of the directory where the CGI program is located |
Executes the CGI program in the specified new path when the URL of a request to execute the CGI program specified from the web browser meets conditions specified by using regular expressions. |
|
|
Specification of the output destination of the error log for the CGI script |
Specifies the file to which the error log for the CGI script is output. |
|
|
Specification of the maximum value when the log for the request body is obtained |
Specifies the maximum value (in bytes) when the log for the body of a request made by the PUT or POST method is obtained. This specification applies only when the ScriptLog directive is used to specify the file to which the error log is output. |
|
|
Specification of the maximum size of the error log file for the CGI script |
Specifies the maximum size (in bytes) of the error log file for the CGI script. This specification applies only when the ScriptLog directive is used to specify the file to which the error log is output. |
|
|
Specification of the TCP transmission buffer size of the web server |
Specifies the TCP transmission buffer size (in bytes) of the web server. |
|
|
Specification of the email address of the server administrator |
Specifies the email address of the server administrator. Be sure to specify this if you want to specify the email address in the ServerSignature directive. |
|
|
Specification of the alias for the host name to be used by the virtual host based on the server name |
Specifies the alias for the host name to be used by the virtual host based on the server name (ServerName). You can also specify a host name corresponding to an IPv6 address. |
|
|
Specification of the server name and port number of the web server |
Specifies the server name and the port number of the web server. |
|
|
Specification of the path name to connect to each host by using the path name instead of the Host header, for the virtual host based on the server name |
To be specified when you want to connect to each host by using the path name instead of the Host header for the virtual host based on the server name. |
|
|
Specification of the root directory of the server |
Specifies the absolute path of the root directory of the server. |
|
|
Specification of whether to add a signature to the footer of content such as error messages created by the web server |
Specifies whether to add a signature to the footer of content such as error messages created by the web server. |
|
|
Specification of the format of the Server header |
Specifies the format of the Server header of the HTTP response header. |
|
|
Specification of the values of the environment variables to be passed to the CGI script |
Specifies values for the environment variables to be passed to the CGI script. If you specify this directive more than once, you cannot specify different values for the same environment variable. |
|
|
Definition of an environment variable based on a request from the client |
Sets the specified environment variable when the value of the request from the client meets conditions specified by using regular expressions. |
|
|
Definition of an environment variable based on a request from the client |
Sets the specified environment variable when the value of the request from the client meets conditions specified by using regular expressions. |
|
|
Specification of the name of the handler to which requests are to be associated |
Specifies the name of the handler to which all requests within the scope of the specified <Directory> or the access control file are to be associated. |
|
|
Specification to reject access of the specified encryption type and to send the status code "403 Forbidden" |
Rejects access of the specified encryption type and sends the status code "403 Forbidden" to the client. |
|
|
Specification of the CA certificate file |
Specifies the name of the public key file (in PEM format) of the CA (certificate authority) when SSL is used to authenticate the server and the client. You can concatenate multiple certificate files so that one file contains multiple certificates. |
|
|
Specification of the directory containing the hash link to the certificate of the CA |
Specifies the directory containing the hash link to the certificate (in PEM format) of the CA when SSL is used to authenticate the server and the client. |
|
|
Specification of the path name to the SSL session management cache server "gcache" |
Specifies the path name to the SSL session management cache server "gcache". |
|
|
Specification of the port number or path name for exchanging data between the web server and the SSL session management cache server "gcache" |
Specifies the port number or path name for exchanging data between the web server and the SSL session management cache server "gcache". |
|
|
Specification of the path name on which the SSL session management cache server "gcache" is running |
Specifies the path name on which the SSL session management cache server "gcache" is running. |
|
|
Specification of the web server certificate file for SSL authentication |
Specifies the name of the web server certificate file (in PEM format) for SSL authentication. |
|
|
Specification of the public key file on the web server for SSL authentication |
Specifies the name of the public key file on the web server for SSL authentication. |
|
|
Specification of the file for storing the passwords of password-protected server public keys |
Specifies the path name of the file for storing the passwords of password-protected server public keys. |
|
|
Specification of the operation when the date of the next CRL issuance passes |
Specifies how to handle the next issuance date of the CRL to be used for SSL client authentication. |
|
|
Specification of the directory that contains CRLs in DER format |
Specifies the absolute path of the directory that contains CRLs in DER format. If you store the required CRLs in the specified directory and then start or restart the web server, the CRLs can be used for SSL client authentication. If the directory contains multiple CRLs issued by the same CA (including the CRLs in the directory specified in the SSLCRLPEMPath directive), the CRL that has the most recent issuance date is used. |
|
|
Specification of the directory that contains CRLs in PEM format |
Specifies the absolute path of the directory that contains CRLs in PEM format. If you store the required CRLs in the specified directory and then start or restart the web server, the CRLs can be used for SSL client authentication. If the directory contains multiple CRLs issued by the same CA (including the CRLs in the directory specified in the SSLCRLDERPath directive), the CRL that has the most recent issuance date is used. |
|
|
Prohibition of access by SSL |
To be specified to prohibit access by SSL. If this directive is specified, the status code is "403 Forbidden" is issued and access by https is rejected even if the SSLEnable directive is used to enable SSL. This item is the opposite of the SSLRequireSSL directive. |
|
|
Specification to disable SSL |
Disables SSL. SSL is enabled by default (or by specification of the SSLEnable directive). This item is to be specified, for example, to disable SSL on a specific host on a virtual host. |
|
|
Specification to enable SSL |
Enables SSL. SSL is enabled by default (unless the SSLDisable directive is specified, SSL is enabled). |
|
|
Specification for the certificates from the CA that issued the client certificate, to those from the root CA, to be set for the environment variable SSL_CLIENT_CERT_CHAIN_n |
Specifies for the certificates from the CA that issued the client certificate to those from the root CA, to be set for the environment variable SSL_CLIENT_CERT_CHAIN_n for SSL client authentication. |
|
|
Specification to set a client certificate for the environment variable SSL_CLIENT_CERT |
Specifies for a client certificate to be set for the environment variable SSL_CLIENT_CERT for SSL client authentication. Set the value derived by changing the DER certificate to Base64 encoding, for the environment variable SSL_CLIENT_CERT. |
|
|
Basic authentication using a client certificate |
Along with SSL client authentication, this item enables Basic authentication by using only the client certificate, even if the user ID and the password are not entered in the web browser. The file specified in the AuthUserFile directive must contain the Subject and the password for the X509 client certificate. |
|
|
Specification of the SSL protocol version to be used |
Specifies the SSL protocol version to be used. |
|
|
Specification to reject access of all encryption types other than the specified type and to send the status code "403 Forbidden" |
Rejects access of all encryption types other than the specified type, and sends the status code "403 Forbidden" to the client. |
|
|
Specification of the encryption types that can be used for SSL communication |
Specifies the encryption types that can be used for SSL communication. If one of the encryption types specified in this directive matches one of the encryption types that can be used by the client, SSL communication can be established and HTTP requests can be received. If none of these encryption types match, SSL communication cannot be established and HTTP requests cannot be received. |
|
|
Prohibition of non-SSL access |
To be specified to prohibit non-SSL access. If this directive is specified, the status code "403 Forbidden" is issued and http access is rejected, even when SSL is disabled by the SSLDisable directive. This item prevents the inadvertent disabling of SSL and inadvertent disclosure of content that might occur if other directives are incorrectly specified. |
|
|
Specification of the maximum session cache size |
Specifies the maximum memory size (in bytes) for data, such as session ID information, that is to be cached in the memory in the SSL session management cache server "gcache". If 0 is specified, the gcache server does not start, and no session caching is performed. |
|
|
Specification of the maximum cache size for sessions to be cached in the server process |
Specifies the maximum memory size (in bytes) for data, such as session ID information, that is to be cached in the memory in the server process. |
|
|
Specification of the amount of time for which SSL sessions are enabled |
Specifies the amount of time (in seconds) for which data, such as session ID information, that is retained on the web server or on the SSL session management cache server "gcache" is enabled. |
|
|
Settings related to the certificates for client authentication |
Specifies the settings related to the certificates for client authentication. |
|
|
Specification of the level to which certificate chains are to be tracked |
Specifies the level to which certificate chains are to be tracked. |
|
|
Specification of the number of server processes created when the web server is started |
Specifies the number of server processes created when the web server is started |
|
|
Specification of the wait time for web server transmission |
Specifies the wait time (in seconds) for web server transmission. |
|
|
Specification of whether to reject requests made by the TRACE method |
Specifies whether to reject requests made by the TRACE method. |
|
|
Output of the access log in the format specified in the LogFormat directive without specifying the label name |
Specifies the file that contains the log or the program that outputs the log. The log format can be specified in the LogFormat directive without the label name specification. If the log format is specified in the LogFormat directive, IPv6 addresses and host names corresponding to IPv6 addresses can be output. If the log format is not specified in the LogFormat directive, the log is output in the standard log format. |
|
|
Specification of the configuration file that defines the relationships between file extensions and content types |
Specifies the configuration file that defines the relationships between file extensions and the content types (MIME types). |
|
|
Specification to delete the environment variable specified in the SetEnv directive or the PassEnv directive, from the environment variables to be passed to the CGI script |
To be specified when the environment variable specified in the SetEnv directive or in the PassEnv directive are to be deleted from the environment variables to be passed to the CGI script. |
|
|
Specification of how to generate the formal name of the server |
Specifies how to generate the formal name of the server. The formal name of the server is set to the URL that references the local server and the environment variables SERVER_NAME and SERVER_PORT. IPv6 addresses are supported for all of the following: On, Off, and dns. |
|
|
Specification of the user name when the server process is running |
Specifies the user name when the server process is running. |
|
|
Specification of the location on the server to be disclosed when the web browser issues a request to /~user_name/ |
Specifies the directory name of the location on the server to be disclosed when the web browser issues a request to /~user_name/. |
Definition items (utilities) used by the web server
|
Definition item (utility) |
Overview |
Details |
|---|---|---|
|
Splitting the log by time |
You can split the access log or the error log by time and output them to multiple files. |
|
|
Splitting the log by file size |
You can split the access log or the error log by log file size and output them to multiple files by using the "wraparound" method. |