15.7. Configuration

Following the installation of Apache, additional changes are only necessary if you have special needs or preferences. Apache can be configured either with SuSEconfig or by directly editing the file /etc/apache2/httpd.conf.

15.7.1. Configuration with SuSEconfig

The settings made in /etc/sysconfig/apache2 are applied to the Apache configuration files by SuSEconfig. The offered configuration options should be sufficient for most scenarios. Each variable found in the file is provided with a comment to explain its effect.

15.7.1.1. Custom Configuration Files

Instead of performing changes directly in the configuration file /etc/apache2/httpd.conf, you can designate your own configuration file (such as httpd.conf.local) with the help of the variable APACHE_CONF_INCLUDE_FILES. Consequently, the file will be interpreted by the main configuration file. In this way, changes to the configuration will be retained even if the file /etc/apache2/httpd.conf is overwritten during a new installation.

15.7.1.2. Modules

Modules installed with YaST can be activated by including the name of the module in the list specified under the variable APACHE_MODULES. This variable is defined in the file /etc/sysconfig/apache2.

15.7.1.3. Flags

APACHE_SERVER_FLAGS can be used to specify flags that activate or deactivate certain sections of the configuration file. If a section in the configuration file is enclosed in

<IfDefine someflag> 
. 
.
. 
</IfDefine> 

it will only be activated if the respective flag is set in ACTIVE_SERVER_FLAGS: ACTIVE_SERVER_FLAGS = ... someflag ... . In this way, extensive sections of the configuration file can easily be activated or deactivated for test purposes.

15.7.2. Manual Configuration

You can edit the configuration file /etc/apache2/httpd.conf to enable features that are not available through the settings defined in /etc/sysconfig/apache2. The following sections describe some of the parameters that can be set. They are listed below in the order in which they appear in the file.

15.7.2.1. DocumentRoot

One basic setting is the DocumentRoot — the directory under which Apache expects web pages the server should deliver. For the default virtual host, it is set to /srv/www/htdocs. Normally, this setting does not need to be changed.

15.7.2.2. Timeout

Specifies the waiting period after which the server reports a time-out for a request.

15.7.2.3. MaxClients

The maximum number of clients Apache can handle concurrently. The default setting is 150, but this value may be too small for a heavily frequented web site.

15.7.2.4. LoadModule

The LoadModule directives specify the modules to load. In the case of Apache 2, the loading sequence is determined by the modules themselves (see Section 15.4. “New Features of Apache 2”). These directives also specify the file containing the module.

15.7.2.5. Port

Specifies the port on which Apache listens for queries. Usually, this is port 80, the default port for HTTP. Normally, this setting should not be changed. One reason for letting Apache listen to another port may be the test of a new version of a web site. In this way, the operational version of the web site continues to be accessible via default port 80.

Another reason may be that you merely want to make pages available on the intranet, as they contain information that is not intended for the public. For this purpose, set the port to a value like 8080 and block external access to this port by means of the firewall. In this way, the server can be protected against external access.

15.7.2.6. Directory

This directive can be used to set the access permissions and other permissions for a directory. A directive of this kind also exists for the DocumentRoot. The directory name specified here must be changed whenever the DocumentRoot is changed.

15.7.2.7. DirectoryIndex

Here, determine for which files Apache should search to complete a URL lacking a file specification. The default setting is index.html. For example, if the client requests the URL http://www.xyz.com/foo/bar and the directory foo/bar containing a file called index.html exists under the DocumentRoot, Apache returns this page to the client.

15.7.2.8. AllowOverride

Every directory from which Apache delivers documents may contain a file that can override the global access permissions and other settings for this directory. These settings are applied recursively to the current directory and its subdirectories until they are overridden by another such file in a subdirectory. Accordingly, settings specified in such a file are applied globally if it is located in the DocumentRoot. Such files normally have the name .htaccess, but this can be changed as described in Section 15.7.2.10. “AccessFileName”.

Use AllowOverride to determine if the settings specified in local files may override the global settings. Possible values are None, All, and any combination of Options, FileInfo, AuthConfig, and Limit. The meanings of these values are described in detail in the Apache documentation. The (safe) default setting is None.

15.7.2.9. Order

This option determines the order in which the settings for Allow and Deny access permissions are applied. The default setting is:

Order allow,deny

Accordingly, the access permissions for allowed accesses are applied first, followed by the access permissions for denied accesses. The underlying approach is based on one of the following:

allow all

allow every access and define exceptions

deny all

deny every access and define exceptions

Example for deny all:

Order deny,allow 
Deny from all
Allow from example.com 
Allow from 10.1.0.0/255.255.0.0

15.7.2.10. AccessFileName

Here, set the name for the files that can override the global access permissions and other settings for directories delivered by Apache (see Section 15.7.2.8. “AllowOverride”). The default setting is .htaccess.

15.7.2.11. ErrorLog

Specifies the name of the file in which Apache logs error messages. The default setting is /var/log/httpd/errorlog. Error messages for virtual hosts (see Section 15.10. “Virtual Hosts”) are also logged in this file, unless a special log file was specified in the VirtualHost section of the configuration file.

15.7.2.12. LogLevel

Error messages are classified according to various severity levels. This setting specifies the severity level from which error messages are logged. Setting it to a level causes error messages of this and higher severity levels to be logged. The default setting is warn.

15.7.2.13. Alias

Using an alias, specify a shortcut for a directory that enables direct access to this directory. For example, the alias /manual/ enables access to the directory /srv/www/htdocs/manual even if the DocumentRoot is set to a directory other than /srv/www/htdocs (the alias will make no difference at all if the DocumentRoot is set to that directory). With this alias, http://localhost/manual enables direct access to the respective directory. To define the permissions for the new target directory as specified with an Alias directive, you may want to specify a Directory directive for it (see Section 15.7.2.6. “Directory”)

15.7.2.14. ScriptAlias

This directive is similar to Alias. In addition, it indicates that the files in the target directory should be treated as CGI scripts.

15.7.2.15. Server-Side Includes

Server-side includes can be activated by searching all executable files for SSIs. This can be done with the following instruction:

<IfModule mod_include.c>
XBitHack on </IfModule> 

To search a file for SSIs, use the command chmod +x filename to make the file executable. Alternatively, explicitly specify the file type to search for SSIs. This can be done with the following instruction:

AddType text/html .shtml
AddHandler server-parsed .shtml

It is not advisable to simply state .html, as this will cause Apache to search all pages for SSIs (even those that definitely do not contain any), which greatly impedes the performance. In SUSE LINUX, these two directives are already included in the configuration files, so normally no changes are necessary.

15.7.2.16. UserDir

With the help of the module mod_userdir and the directive UserDir, specify a directory in a user's home directory from which files may be published through Apache. This can be configured in SuSEconfig by setting the variable HTTPD_SEC_PUBLIC_HTML accordingly. To enable the publishing of files, the variable must be set to yes. This results in the following entry in the file /etc/httpd/suse_public_html.conf (which is interpreted by /etc/apache2/httpd.conf).

<IfModule mod_userdir.c>
UserDir public_html 
</IfModule>