Received: (from majordom@localhost) by hyperreal.org (8.8.5/8.8.5) id KAA05510; Sun, 27 Jul 1997 10:19:05 -0700 (PDT) Received: (from dgaudet@localhost) by hyperreal.org (8.8.5/8.8.5) id KAA05498 for apache-cvs; Sun, 27 Jul 1997 10:19:03 -0700 (PDT) Date: Sun, 27 Jul 1997 10:19:03 -0700 (PDT) From: Dean Gaudet Message-Id: <199707271719.KAA05498@hyperreal.org> To: apache-cvs@hyperreal.org Subject: cvs commit: apache/htdocs/manual/misc FAQ.html Sender: apache-cvs-owner@apache.org Precedence: bulk Reply-To: new-httpd@apache.org dgaudet 97/07/27 10:19:03 Modified: htdocs/manual/misc Tag: APACHE_1_2_X FAQ.html Log: merge up to 1.3 base Revision Changes Path No revision No revision 1.63.2.12 +243 -3 apache/htdocs/manual/misc/FAQ.html Index: FAQ.html =================================================================== RCS file: /export/home/cvs/apache/htdocs/manual/misc/FAQ.html,v retrieving revision 1.63.2.11 retrieving revision 1.63.2.12 diff -u -r1.63.2.11 -r1.63.2.12 --- FAQ.html 1997/07/15 02:07:57 1.63.2.11 +++ FAQ.html 1997/07/27 17:19:01 1.63.2.12 @@ -15,7 +15,7 @@

Apache Server Frequently Asked Questions

- $Revision: 1.63.2.11 $ ($Date: 1997/07/15 02:07:57 $) + $Revision: 1.63.2.12 $ ($Date: 1997/07/27 17:19:01 $)

The latest version of this FAQ is always available from the main @@ -77,6 +77,8 @@ + +

Background

@@ -310,7 +339,7 @@ How thoroughly tested is Apache?

- Apache is run on over 400,000 Internet servers (as of April 1997). It has + Apache is run on over 500,000 Internet servers (as of July 1997). It has been tested thoroughly by both developers and users. The Apache Group maintains rigorous standards before releasing new versions of their server, and our server runs without a hitch on over one third of all @@ -572,6 +601,39 @@

+ In some situations it can be not conform to your local policy to actually + allow all files named "*.cgi" to be executable. + Perhaps all you want is to enable a particular file in a normal directory to + be executable. This can be alternatively accomplished + via + mod_rewrite + and the following steps: +

Locally add to the corresponding .htaccess file a ruleset + similar to this one: +
+
+
+ RewriteEngine on + RewriteBase /~foo/bar/ + RewriteRule ^quux\.cgi$ - [T=application/x-httpd-cgi] +
+
+
+
Make sure that the directory location is covered by an + Options + declaration that includes the ExecCGI and + FollowSymLinks option. +
+
+

@@ -1561,7 +1623,7 @@ mod_auth_dbm modules.

- For an explaination on how to implement these restrictions, see + For an explanation on how to implement these restrictions, see Apache Week's @@ -1576,6 +1638,36 @@

+ Why is the environment variable + REMOTE_USER not set? + +

+ This variable is set and thus available in SSI or CGI scripts if and + only if the requested document was protected by access + authentication. For an explanation on how to implement these restrictions, + see + Apache Week's + articles on + Using User Authentication + or + DBM User Authentication. +

+ Hint: When using a CGI script to receive the data of a HTML FORM + notice that protecting the document containing the FORM is not + sufficient to provide REMOTE_USER to the CGI script. You have + to protect the CGI script, too. Or alternatively only the CGI script (then + authentication happens only after filling out the form). +

How do I set up Apache to allow access to certain documents only if a site is either a local site or @@ -1751,6 +1843,154 @@ documentation warn you about this. If you have to use different hosts, check out the mod_auth_msql code for some compile time flags which might - or might not - suit you. +
+
+

+ + Where can I find mod_rewrite rulesets which already solve + particular URL-related problems? + +
+ There is a collection of + Practical Solutions for URL-Manipulation + where you can + find all typical solutions the author of + mod_rewrite + currently knows of. If you have more + interesting rulesets which solve particular problems not currently covered in + this document, send it to + Ralf S. Engelschall + for inclusion. The + other webmasters will thank you for avoiding the reinvention of the wheel. +
+
+
+
+ Where can I find any published information about URL-manipulations and + mod_rewrite? + +
+ There is an article from + Ralf S. Engelschall + about URL-manipulations based on + mod_rewrite + in the "iX Multiuser Multitasking Magazin" issue #12/96. The + german (original) version + can be read online at + http://www.heise.de/ix/artikel/9612149/, + the english (translated) version can be found at + http://www.heise.de/ix/artikel/E/9612149/. +
+
+
+
+ Why is mod_rewrite so difficult to learn and seems so + complicated? + +
+ Hmmm... there are a lot of reasons. First, mod_rewrite itself is a powerful + module which can help you in really all aspects of URL rewriting, so + it can be no trivial module per definition. To accomplish its hard job it + uses software leverage and makes use of a powerful regular expression + library by Henry Spencer which is an integral part of Apache since its + version 1.2. And regular expressions itself can be difficult to newbies, + while providing the most flexible power to the advanced hacker. +
+
+ On the other hand mod_rewrite has to work inside the Apache API environment + and needs to do some tricks to fit there. For instance the Apache API as of + 1.x really was not designed for URL rewriting at the .htaccess + level of processing. Or the problem of multiple rewrites in sequence, which + is also not handled by the API per design. To provide this features + mod_rewrite has to do some special (but API compliant!) handling which leads + to difficult processing inside the Apache kernel. While the user usually + doesn't see anything of this processing, it can be difficult to find + problems when some of your RewriteRules seem not to work. +
+
+
+
+ What can I do if my RewriteRules don't work as expected? + + +
+ Use "RewriteLog somefile" and + "RewriteLogLevel 9" and have a precise look at the + steps the rewriting engine performs. This is really the only one and best + way to debug your rewriting configuration. +
+
+
+
+ Why are some of my URLs don't get prefixed with DocumentRoot + when using mod_rewrite? + +
+ If the rule starts with /somedir/... make sure that really no + /somedir exists on the filesystem if you don't want to lead the + URL to match this directory, i.e. there must be no root directory named + somedir on the filesystem. Because if there is such a + directory, the URL will not get prefixed with DocumentRoot. This behaviour + looks ugly, but is really important for some other aspects of URL + rewriting. +
+
+
+
+ How can I make all my URLs case-insensitive with mod_rewrite? + + +
+ You can't! The reason is: First, case translations for arbitrary length URLs + cannot be done via regex patterns and corresponding substitutions. One need + a per-character pattern like sed/Perl tr|..|..| feature. Second, just + making URLs always upper or lower case will not resolve the complete problem + of case-INSENSITIVE URLs, because actually the URLs had to be rewritten to + the correct case-variant residing on the filesystem because in later + processing Apache needs to access the file. And Unix filesystem is always + case-SENSITIVE. +
+
+ But there is a module named mod_speling.c (yes, it is named + this way!) out there on the net. Try this one. +
+
+
+
+ Why are RewriteRules in my VirtualHost parts ignored? + + +
+ Because you have to enable the engine for every virtual host explicitly due + to security concerns. Just add a "RewriteEngine on" to your + virtual host configuration parts. +
+
+
+
+ How can I use strings with whitespaces in RewriteRule's ENV + flag? + +
+ There is only one ugly solution: You have to surround the complete flag + argument by quotation marks ("[E=...]"). Notice: The argument + to quote here is not the argument to the E-flag, it is the argument of the + Apache config file parser, i.e. the third argument of the RewriteRule here. + So you have to write "[E=any text with whitespaces]".