# 参考https://www.cnblogs.com/wcwnina/p/8046853.html
#http://www.docin.com/p-203394178.html
ServerRoot "/etc/httpd" ####"ServerRoot" 主要用于指定Apache的安装路径,此选项参数值在安装Apache时系统会自动把Apache的路径写入。Linux安装时该选项值为编译时选择的路径,注意不要在目录路径的末尾添加斜线
#允许您将apache绑定到特定的ip地址和/或端口,而不是默认端口。另请参见<virtualhost>指令。
#Listen 12.34.56.78:80 ####将此更改为侦听特定IP地址,如下所示防止apache对所有绑定的ip地址进行攻击
Listen 80 ####【Listen主要侦听web服务端口状态,默认为:80,即侦听所有的地址的80端口,注意这里也可以写成IP地址的侦听形式,不写即默认的地址:0.0.0.0】
#动态加载模块
# Example: 模块名 模块路径
# LoadModule foo_module modules/mod_foo.so ####【主要用于添加Apache一些动态模块,比如php支持模块。重定向模块,认证模块支持
#
Include conf.modules.d/*.conf
User apache
Group apache ####选项主要用指定Apache服务的运行用户和用户组,
# 主服务器配置
#
ServerAdmin root@localhost ####此选项主要用指定Apache服务管理员通知邮箱地址,选择默认值即可,如果有真实的邮箱地址也可以设置此值。有问题就会发往这个邮箱地址
####server name提供服务器用于标识自身的名称和端口。这通常可以自动确定,但我们建议您指定它明确地防止在启动过程中出现问题
#
# 如果没有dns,输入固定ip地址就可以
#
#ServerName www.example.com:80 #####此选项主要用指定Apache默认的服务器名以及端口,默认参数值设置为:ServerName localhost:80即可
#
##拒绝访问服务器的整个文件系统。你必须显式允许访问其他目录块。
<Directory /> ####此选项主要是针对用户对根目录下所有的访问权限控制,默认Apache对根目录访问都是拒绝访问
AllowOverride none ####当AlloOverride设置成None时,相应的配置目录下的.htaccess文件是不被读取的,即无法生效。当AlloOverride设置成All时所以具有.htaccess的作用于的指令都会生效,意味着原apache指令会被.htaccess文件中的指令重写
Require all denied
</Directory>
# 设置服务目录,默认情况下,所有请求都来自此目录,但是符号链接和别名可用于指向其他位置
DocumentRoot "/var/www/html" ####【此区域的配置文件,主要是针对Apache默认网站根目录的设置以及相关的权限访问设置,默认对网站的根目录具有访问权限(默认值即可)】
#放宽对/var/www目录的访问
<Directory "/var/www">
AllowOverride None
# Allow open access:
Require all granted
</Directory>
#对/var/www/html目录的一个权限的设置,
#options中Indexes表示当网页不存在的时候允许索引显示目录中的文件
FollowSymLinks是否允许访问符号链接文件。有的选项有ExecCGI表是否使用CGI,如Options Includes ExecCGI FollowSymLinks表示允许服务器执行CGI及SSI,禁止列出目录。
SymLinksOwnerMatch表示当符号链接的文件和目标文 件为同一用户拥有时才允许访问。
#AllowOverride None表示不允许这个目录下的访问控制文件来改变这里的配置,这也意味着不用查看这个目录下的访问控制文件,修改为:AllowOverride All 表示允许.htaccess。
#Order对页面的访问控制顺序后面的一项是默认#选项,如allow,deny则默认是deny,Allowfromall表示允许所有的用户,通过和上一项结合可以控制对网站的访问控制
# Further relax access to the default document root:
<Directory "/var/www/html">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
#
Options Indexes FollowSymLinks
#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit
#
AllowOverride None
#
# Controls who can get stuff from this server.
#
Require all granted
</Directory>
#
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
# ###【此区域文件主要设置Apache默认支持的首页,默认只支持:index.html首页,如要支持其他类型的首页,需要在此区域添加,如index.php】
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<Files ".ht*"> ###此选项主要是针对.ht文件访问控制,默认为具有访问权限,此区域文件默认即可。
Require all denied
</Files>
ErrorLog "logs/error_log" ###此区域文件主要是针对Apache默认的访问出错日志路径
LogLevel warn ###此区域文件主要是针对Apache默认的日志级别,包括debug, info, notice, warn, error, crit, alert, emerg.
###定义了日志的格式,并用不同的代号表示
<IfModule log_config_module>
#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
#
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
# You need to enable mod_logio.c to use %I and %O
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
#
# The location and format of the access logfile (Common Logfile Format).
# If you do not define any access logfiles within a <VirtualHost>
# container, they will be logged here. Contrariwise, if you *do*
# define per-<VirtualHost> access logfiles, transactions will be
# logged therein and *not* in this file.
#
#CustomLog "logs/access_log" common
#
# If you prefer a logfile with access, agent, and referer information
# (Combined Logfile Format) you can use the following directive.
#
CustomLog "logs/access_log" combined ###说明日志记录的位置,这里面使用了相对路径,所以ServerRoot需要指出,日志位置就存放在/etc/httpd/logs
</IfModule>
<IfModule alias_module> ###此区域文件主要包含一些URL重定向,别名,脚本别名等相关设置,以及一些特定的处理程序,比如cgi设置说明。
#
# Redirect: Allows you to tell clients about documents that used to
# exist in your server's namespace, but do not anymore. The client
# will make a new request for the document at its new location.
# Example:
# Redirect permanent /foo http://www.example.com/bar
#
# Alias: Maps web paths into filesystem paths and is used to
# access content that does not live under the DocumentRoot.
# Example:
# Alias /webpath /full/filesystem/path
#
# If you include a trailing / on /webpath then the server will
# require it to be present in the URL. You will also likely
# need to provide a <Directory> section to allow access to
# the filesystem path.
#
# ScriptAlias: This controls which directories contain server scripts.
# ScriptAliases are essentially the same as Aliases, except that
# documents in the target directory are treated as applications and
# run by the server when requested rather than as documents sent to the
# client. The same rules about trailing "/" apply to ScriptAlias
# directives as to Alias.
#
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/" ###定义一些不在DocumentRoot下的文件,而可以将其映射到网页根目录中,这也是访问其他目录的一种方法,但在声明的时候切记目录后面加”/” 对CGI模块儿的的别名,与Alias相似。
</IfModule>
#
# "/var/www/cgi-bin" should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
#
<Directory "/var/www/cgi-bin"> ###定义对/var/www/cgi-bin/的权限
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule mime_module> ###此区域文件主要包含一些mime文件支持,以及添加一些指令在给定的文件扩展名与特定的内容类型之间建立映射关系,比如添加对php文件扩展名映射关系
#
# TypesConfig points to the file containing the list of mappings from
# filename extension to MIME-type.
#
TypesConfig /etc/mime.types
#
# AddType allows you to add to or override the MIME configuration
# file specified in TypesConfig for specific file types.
#
#AddType application/x-gzip .tgz
#
# AddEncoding allows you to have certain browsers uncompress
# information on the fly. Note: Not all browsers support this.
#
#AddEncoding x-compress .Z
#AddEncoding x-gzip .gz .tgz ### 支持对以.Z和.gz.tgz结尾的文件
#
# If the AddEncoding directives above are commented-out, then you
# probably should define those extensions to indicate media types:
#
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz ###添加对上述两种文件的应用
#
# AddHandler allows you to map certain file extensions to "handlers":
# actions unrelated to filetype. These can be either built into the server
# or added with the Action directive (see below)
#
# To use CGI scripts outside of ScriptAliased directories:
# (You will also need to add "ExecCGI" to the "Options" directive.)
#
#AddHandler cgi-script .cgi
#AddHandler cgi-script .cgi .pl ###表示允许扩展名为.pl的CGI脚本运行
# For type maps (negotiated resources):
#AddHandler type-map var
#
# Filters allow you to process content before it is sent to the client.
#
# To parse .shtml files for server-side includes (SSI):
# (You will also need to add "Includes" to the "Options" directive.)
#
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
</IfModule>
AddDefaultCharset UTF-8 ###默认支持的语言
<IfModule mime_magic_module> ###此区域可定制的访问错误响应提示,支持三种方式:1明文 ,2本地重定向 ,3外部重定向;另外还包括内存映射或“发送文件系统调用”可被用于分发文件等配置。
#
# The mod_mime_magic module allows the server to use various hints from the
# contents of the file itself to determine its type. The MIMEMagicFile
# directive tells the module where the hint definitions are located.
#
MIMEMagicFile conf/magic ###指定判断文件真实MIME类型功能的模块
</IfModule>
#
# Customizable error responses come in three flavors:
# 1) plain text 2) local redirects 3) external redirects
#
# Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html ###当服务器出现404错误的时候,返回missing.html页面
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
#
###可以使用内存映射或sendfile系统调用来传递文件。这通常会提高服务器性能,但在从网络安装的文件系统提供服务时,或者如果系统上对这些功能的支持被破坏,则必须将其关闭
###默认推荐 EnableMMAP On, EnableSendfile Off
#EnableMMAP off ###如果httpd在传送过程中需要读取一个文件的内容,它是否可以使用内存映射(如果操作系统支持的)。on表示将使用内存映射。off关闭内存映射
EnableSendfile on ###这个指令控制httpd是否可以使用操作系统内核的sendfile支持来将文件发送到客户端。默认情况下,当处理一个请求并不需要访问文件内部的数据时(比如发送一个静态的文件内容),
如果操作系统支持,Apache将使用sendfile将文件内容直接发送到客户端而并不读取文件
# Supplemental configuration ###【此区域主要包括:服务器池管理,多语言错误消息,动态目录列表形式配置,语言设置,用户家庭目录,请求和配置上的实时信息,虚拟主机,Apache Http Server手册,分布式创作和版本控制,
多种类默认设置,mod_proxy_html,使其支持HTML4/XHTML1等等补充配置的补充】
#
# Load config files in the "/etc/httpd/conf.d" directory, if any.
IncludeOptional conf.d/*.conf
#
# SPECvirt_sc2013 httpd.conf settings for infraserver
#
#Timeout 20 ###服务器与客户端断开的时间
#KeepAlive Off ###是否持续连接(因为每次连接都得三次握手,如果是访问量不大,建议打开此项,如果网站访问量比较大关闭此项比较好),修改为:KeepAlive On 表示允许程序性联机
#MaxKeepAliveRequests 0 ###表示一个连接的最大请求数
#KeepAliveTimeout 60 ###断开连接前的时间
Listen 81
#ServerName besim:80
/**********/
#统默认的模块,表示为每个访问启动一个进程(即当有多个连接公用一个进程的时候,在同一时刻只能有一个获得服务)。
#ThreadLimit每个子进程可能配置的线程上限
<IfModule prefork.c>
StartServers 8 ####StartServer开始服务时启动8个进程,
MinSpareServers 5 ####最小空闲5个进程
MaxSpareServers 20 ####最多空闲20个进程。
ServerLimit 10240 ####服务器允许配置进程数的上限
MaxClients 10240
MaxRequestsPerChild 4000 ####MaxClient限制同一时刻客户端的最大连接请求数量超过的要进入等候队列。服务器允许启动的最大进程数
</IfModule>
<IfModule worker.c>
StartServers 2 ####StartServers启动两个httpd进程,
MaxClients 150 ####MaxClients同时最多能发起250个访问,超过的要进入队列等待,
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25 ####ThreadsPerChild每个子进程生存期间常驻执行线程数,子线程建立之后将不再增加
MaxRequestsPerChild 0 ####MaxRequestsPerChild每个进程生存期内允许服务的最大请求数量,0表示永不结束
</IfModule>
