Configure the /etc/httpd/conf/httpd.conf file - Linux, Unix, FreeBSD專區 - 頂客論壇 ,免費遊戲,免費交友,免費空間,免費部落格,免費相簿,免費開店 - 頂客社區 dk101.com 最用心的華人社群網站
發新話題

Configure the /etc/httpd/conf/httpd.conf file

Configure the /etc/httpd/conf/httpd.conf file

The httpd.conf file is the main configuration file for the Apache web server. A lot options exist, and it's important to read the documentation that comes with Apache for more information on different settings and parameters. The following configuration example is a minimal working configuration file for Apache, with SSL support. Also, it's important to note that we only comment the parameters that relate to security and optimization, and leave all the others to your own research.

Edit the httpd.conf file, vi /etc/httpd/conf/httpd.conf and add/change:
引用:
      ### Section 1: Global Environment
      #
      ServerType standalone
      ServerRoot "/etc/httpd"
      PidFile /var/run/httpd.pid
      ResourceConfig /dev/null
      AccessConfig /dev/null
      Timeout 300
      KeepAlive On
      MaxKeepAliveRequests 0
      KeepAliveTimeout 15
      MinSpareServers 16
      MaxSpareServers 64
      StartServers 16
      MaxClients 512
      MaxRequestsPerChild 100000

      ### Section 2: 'Main' server configuration
      #
      Port 80

      <IfDefine SSL>
      Listen 80
      Listen 443
      </IfDefine>

      User www
      Group www
      ServerAdmin admin@openna.com
      ServerName www.openna.com
      DocumentRoot "/home/httpd/ona"

      <Directory />
      Options None
      AllowOverride None
      Order deny,allow
      Deny from all
      </Directory>

      <Directory "/home/httpd/ona">
      Options None
      AllowOverride None
      Order allow,deny
      Allow from all
      </Directory>

      <Files .pl>
      Options None
      AllowOverride None
      Order deny,allow
      Deny from all
      </Files>

      <IfModule mod_dir.c>
      DirectoryIndex index.htm index.html index.php index.php3 default.html index.cgi
      </IfModule>

      #<IfModule mod_include.c>
      #Include conf/mmap.conf
      #</IfModule>

      UseCanonicalName On

      <IfModule mod_mime.c>
      TypesConfig /etc/httpd/conf/mime.types
      </IfModule>

      DefaultType text/plain
      HostnameLookups Off

      ErrorLog /var/log/httpd/error_log
      LogLevel warn
      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
      SetEnvIf Request_URI \.gif$ gif-image
      CustomLog /var/log/httpd/access_log combined env=!gif-image
      ServerSignature Off

      <IfModule mod_alias.c>
      ScriptAlias /cgi-bin/  "/home/httpd/cgi-bin/"
      <Directory "/home/httpd/cgi-bin">
      AllowOverride None
      Options None
      Order allow,deny
      Allow from all
      </Directory>
      </IfModuleGT;

      <IfModule mod_mime.c>
      AddEncoding x-compress Z
      AddEncoding x-gzip gz tgz

      AddType application/x-tar .tgz
      </IfModule>

      ErrorDocument 500 "The server made a boo boo.
      ErrorDocument 404 http://192.168.1.1/error.htm
      ErrorDocument 403 "Access Forbidden -- Go away.

      <IfModule mod_setenvif.c>
      BrowserMatch "Mozilla/2" nokeepalive
      BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
      BrowserMatch "RealPlayer 4\.0" force-response-1.0
      BrowserMatch "Java/1\.0" force-response-1.0
      BrowserMatch "JDK/1\.0" force-response-1.0
      </IfModule>

      ### Section 3: Virtual Hosts
      #
      <IfDefine SSL>
      AddType application/x-x509-ca-cert .crt
      AddType application/x-pkcs7-crl    .crl
      </IfDefine>

      <IfModule mod_ssl.c>
      SSLPassPhraseDialog     builtin
      SSLSessionCache         dbm:/var/run/ssl_scache
      SSLSessionCacheTimeout  300

      SSLMutex  file:/var/run/ssl_mutex

      SSLRandomSeed startup builtin
      SSLRandomSeed connect builtin

      SSLLog      /var/log/httpd/ssl_engine_log
      SSLLogLevel warn
      </IfModule>

      <IfDefine SSL>
      <VirtualHost _default_:443>

      DocumentRoot "/home/httpd/ona"
      ServerName www.openna.com
      ServerAdmin admin@openna.com
      ErrorLog /var/log/httpd/error_log

      SSLEngine on
      SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

      SSLCertificateFile      /etc/ssl/certs/server.crt
      SSLCertificateKeyFile   /etc/ssl/private/server.key
      SSLCACertificatePath    /etc/ssl/certs
      SSLCACertificateFile    /etc/ssl/certs/ca.crt
      SSLCARevocationPath     /etc/ssl/crl
      SSLVerifyClient none
      SSLVerifyDepth  10

      SSLOptions +ExportCertData +StrictRequire
      SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
      SetEnvIf Request_URI \.gif$ gif-image
      CustomLog /var/log/httpd/ssl_request_log \
      "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" env=!gif-image
      </VirtualHost>
      </IfDefine>
This tells httpd.conf file to set itself up for this particular configuration setup with:

ServerType standalone

    The option ServerType specifies how Apache should run on the system. You can run it from the super-server inetd, or as standalone daemon. It's highly recommended to run Apache in standalone type for better performance and speed.
ServerRoot "/etc/httpd"

    The option ServerRoot specifies the directory in which the configuration files of the Apache server lives. It allows Apache to know where it can find its configuration files when it starts.
PidFile /var/run/httpd.pid

    The option PidFile specifies the location where the server will record the process id of the daemon when it starts. This option is only required when you configure Apache in standalone mode.
ResourceConfig /dev/null

    The option ResourceConfig specifies the location of the old srm.conf file that Apache read after it finished reading the httpd.conf file. When you set the location to /dev/null, Apache allows you to include the content of this file in httpd.conf file, and in this manner, you have just one file that handles all your configuration parameters for simplicity.
AccessConfig /dev/null

    The option AccessConfig specifies the location of the old access.conf file that Apache read after it finished reading the srm.conf file. When you set the location to /dev/null, Apache allows you to include the content of this file in httpd.conf file, and in this manner, you have just one file that handles all your configuration parameters for simplicity.
Timeout 300

    The option Timeout specifies the amount of time Apache will wait for a GET, POST, PUT request and ACKs on transmissions. You can safely leave this option on its default values.
KeepAlive On

    The option KeepAlive, if set to On, specifies enabling persistent connections on this web server. For better performance, it's recommended to set this option to On, and allow more than one request per connection.
MaxKeepAliveRequests 0

    The option MaxKeepAliveRequests specifies the number of requests allowed per connection when the KeepAlive option above is set to On. When the value of this option is set to 0 then unlimited requests are allowed on the server. For server performance, it's recommended to allow unlimited requests.
KeepAliveTimeout 15

    The option KeepAliveTimeout specifies how much time, in seconds, Apache will wait for a subsequent request before closing the connection. The value of 15 seconds is a good average for server performance.
MinSpareServers 16

    The option MinSpareServers specifies the minimum number of idle child server processes for Apache, which is not handling a request. This is an important tuning parameter regarding the performance of the Apache web server. For high load operation, a value of 16 is recommended by various benchmarks on the Internet.
MaxSpareServers 64

    The option MaxSpareServers specifies the maximum number of idle child server processes for Apache, which is not handling a request. This is also an important tuning parameter regarding the performance of the Apache web server. For high load operation, a value of 64 is recommended by various benchmarks on the Internet.
StartServers 16

    The option StartServers specifies the number of child server processes that will be created by Apache on start-up. This is, again, an important tuning parameter regarding the performance of the Apache web server. For high load operation, a value of 16 is recommended by various benchmarks on the Internet.
MaxClients 512

    The option MaxClients specifies the number of simultaneous requests that can be supported by Apache. This too is an important tuning parameter regarding the performance of the Apache web server. For high load operation, a value of 512 is recommended by various benchmarks on the Internet.
MaxRequestsPerChild 100000

    The option MaxRequestsPerChild specifies the number of requests that an individual child server process will handle. This too is an important tuning parameter regarding the performance of the Apache web server.
User www

    The option User specifies the UID that Apache server will run as. It's important to create a new user that has minimal access to the system, and functions just for the purpose of running the web server daemon.
Group www

    The option Group specifies the GID the Apache server will run as. It's important to create a new group that has minimal access to the system and functions just for the purpose of running the web server daemon.
DirectoryIndex index.htm index.html index.php index.php3 default.html index.cgi

    The option DirectoryIndex specifies the files to use by Apache as a pre-written HTML directory index. In other words, if Apache can't find the default index page to display, it'll try the next entry in this parameter, if available. To improve performance of your web server it's recommended to list the most used default index pages of your web site first.
Include conf/mmap.conf

    The option Include specifies the location of other files that you can include from within the server configuration files httpd.conf. In our case, we include the mmap.conf file located under /etc/httpd/conf directory. This file mmap.conf maps files into memory for faster serving. See the section on Optimizing Apache for more information.
HostnameLookups Off

    The option HostnameLookups, if set to Off, specifies the disabling of DNS lookups. It's recommended to set this option to Off in order to save the network traffic time, and to improve the performance of your Apache web server.

TOP

發新話題

本站所有圖文均屬網友發表,僅代表作者的觀點與本站無關,如有侵權請通知版主會盡快刪除。