httpd-cvs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From rpl...@apache.org
Subject svn commit: r686855 - in /httpd/httpd/trunk/docs/manual: ./ misc/ mod/
Date Mon, 18 Aug 2008 19:23:01 GMT
Author: rpluem
Date: Mon Aug 18 12:22:54 2008
New Revision: 686855

URL: http://svn.apache.org/viewvc?rev=686855&view=rev
Log:
* Update transformation

Modified:
    httpd/httpd/trunk/docs/manual/content-negotiation.html.ja.utf8
    httpd/httpd/trunk/docs/manual/misc/security_tips.html.en
    httpd/httpd/trunk/docs/manual/misc/security_tips.html.ko.euc-kr
    httpd/httpd/trunk/docs/manual/mod/mod_log_config.html.ja.utf8
    httpd/httpd/trunk/docs/manual/mod/mod_proxy.html.en
    httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml.ja
    httpd/httpd/trunk/docs/manual/mod/mod_proxy_balancer.html.en
    httpd/httpd/trunk/docs/manual/mod/mod_proxy_balancer.xml.ja

Modified: httpd/httpd/trunk/docs/manual/content-negotiation.html.ja.utf8
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/content-negotiation.html.ja.utf8?rev=686855&r1=686854&r2=686855&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/content-negotiation.html.ja.utf8 [utf-8] (original)
+++ httpd/httpd/trunk/docs/manual/content-negotiation.html.ja.utf8 [utf-8] Mon Aug 18 12:22:54
2008
@@ -24,8 +24,6 @@
 <a href="./ko/content-negotiation.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a>
|
 <a href="./tr/content-negotiation.html" hreflang="tr" rel="alternate" title="Türkçe">&nbsp;tr&nbsp;</a></p>
 </div>
-<div class="outofdate">この日本語訳はすでに古くなっている可能性があります。
-          更新された内容を見るには英語版をご覧下さい。</div>
 
 
     <p>Apache は HTTP/1.1 の規格に記述されているコンテントネゴシエーションを

Modified: httpd/httpd/trunk/docs/manual/misc/security_tips.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/misc/security_tips.html.en?rev=686855&r1=686854&r2=686855&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/misc/security_tips.html.en (original)
+++ httpd/httpd/trunk/docs/manual/misc/security_tips.html.en Mon Aug 18 12:22:54 2008
@@ -19,10 +19,11 @@
 <a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP
Server</a> &gt; <a href="http://httpd.apache.org/docs/">Documentation</a>
&gt; <a href="../">Version 2.3</a> &gt; <a href="./">Miscellaneous
Documentation</a></div><div id="page-content"><div id="preamble"><h1>Security
Tips</h1>
 <div class="toplang">
 <p><span>Available Languages: </span><a href="../en/misc/security_tips.html"
title="English">&nbsp;en&nbsp;</a> |
-<a href="../ko/misc/security_tips.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a></p>
+<a href="../ko/misc/security_tips.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a>
|
+<a href="../tr/misc/security_tips.html" hreflang="tr" rel="alternate" title="Türkçe">&nbsp;tr&nbsp;</a></p>
 </div>
 
-    <p>Some hints and tips on security issues in setting up a web server. 
+    <p>Some hints and tips on security issues in setting up a web server.
     Some of the suggestions will be general, others specific to Apache.</p>
   </div>
 <div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif"
/> <a href="#uptodate">Keep up to Date</a></li>
@@ -97,7 +98,7 @@
       <li>The values of various timeout-related directives provided by
       other modules should be checked.</li>
 
-      <li>The directives 
+      <li>The directives
       <code class="directive"><a href="../mod/core.html#limitrequestbody">LimitRequestBody</a></code>,
       <code class="directive"><a href="../mod/core.html#limitrequestfields">LimitRequestFields</a></code>,
       <code class="directive"><a href="../mod/core.html#limitrequestfieldsize">LimitRequestFieldSize</a></code>,
@@ -119,36 +120,36 @@
 
       <li>The use of a threaded <a href="../mpm.html">mpm</a> may
       allow you to handle more simultaneous connections, thereby
-      mitigating DoS attacks.  Further, the experimental 
+      mitigating DoS attacks.  Further, the experimental
       <code class="module"><a href="../mod/event.html">event</a></code>
mpm
       uses asynchronous processing to avoid devoting a thread to each
       connection. At the current point of time this
       is work in progress and not fully implemented.  Especially the
-      <code class="module"><a href="../mod/event.html">event</a></code>
mpm is currently incompatible with 
+      <code class="module"><a href="../mod/event.html">event</a></code>
mpm is currently incompatible with
       <code class="module"><a href="../mod/mod_ssl.html">mod_ssl</a></code>
and other input filters.</li>
 
       <li>There are a number of third-party modules available through
       <a href="http://modules.apache.org/">http://modules.apache.org/</a>
       that can restrict certain client behaviors and thereby mitigate
       DoS problems.</li>
-     
+
     </ul>
 
   </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif"
/></a></div>
 <div class="section">
 <h2><a name="serverroot" id="serverroot">Permissions on ServerRoot Directories</a></h2>
-  
-    
-    
-    <p>In typical operation, Apache is started by the root user, and it 
-    switches to the user defined by the <code class="directive"><a href="../mod/mpm_common.html#user">User</a></code>
directive to serve hits. As is the 
-    case with any command that root executes, you must take care that it is 
-    protected from modification by non-root users. Not only must the files 
-    themselves be writeable only by root, but so must the directories, and 
-    parents of all directories. For example, if you choose to place 
-    ServerRoot in  /usr/local/apache then it is suggested that you create 
-    that directory as root, with commands like these:</p>
+
     
+
+    <p>In typical operation, Apache is started by the root user, and it
+    switches to the user defined by the <code class="directive"><a href="../mod/mpm_common.html#user">User</a></code>
directive to serve hits. As is the
+    case with any command that root executes, you must take care that it is
+    protected from modification by non-root users. Not only must the files
+    themselves be writeable only by root, but so must the directories, and
+    parents of all directories. For example, if you choose to place
+    ServerRoot in  <code>/usr/local/apache</code> then it is suggested that
+    you create that directory as root, with commands like these:</p>
+
     <div class="example"><p><code>
       mkdir /usr/local/apache <br />
       cd /usr/local/apache <br />
@@ -157,193 +158,195 @@
       chgrp 0 . bin conf logs <br />
       chmod 755 . bin conf logs
     </code></p></div>
-    
-    <p>It is assumed that /, /usr, and /usr/local are only modifiable by 
-    root. When you install the <code class="program"><a href="../programs/httpd.html">httpd</a></code>
executable, you
-    should ensure that it is similarly protected:</p>
-    
+
+    <p>It is assumed that <code>/</code>, <code>/usr</code>,
and
+    <code>/usr/local</code> are only modifiable by root. When you install the
+    <code class="program"><a href="../programs/httpd.html">httpd</a></code>
executable, you should ensure that it is
+    similarly protected:</p>
+
     <div class="example"><p><code>
       cp httpd /usr/local/apache/bin <br />
       chown 0 /usr/local/apache/bin/httpd <br />
       chgrp 0 /usr/local/apache/bin/httpd <br />
       chmod 511 /usr/local/apache/bin/httpd
     </code></p></div>
-    
-    <p>You can create an htdocs subdirectory which is modifiable by other 
-    users -- since root never executes any files out of there, and shouldn't 
+
+    <p>You can create an htdocs subdirectory which is modifiable by other
+    users -- since root never executes any files out of there, and shouldn't
     be creating files in there.</p>
-    
-    <p>If you allow non-root users to modify any files that root either 
-    executes or writes on then you open your system to root compromises. 
+
+    <p>If you allow non-root users to modify any files that root either
+    executes or writes on then you open your system to root compromises.
     For example, someone could replace the <code class="program"><a href="../programs/httpd.html">httpd</a></code>
binary so
     that the next time you start it, it will execute some arbitrary code. If
     the logs directory is writeable (by a non-root user), someone could replace
-    a log file with a symlink to some other system file, and then root 
-    might overwrite that file with arbitrary data. If the log files 
-    themselves are writeable (by a non-root user), then someone may be 
+    a log file with a symlink to some other system file, and then root
+    might overwrite that file with arbitrary data. If the log files
+    themselves are writeable (by a non-root user), then someone may be
     able to overwrite the log itself with bogus data.</p>
-    
+
   </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif"
/></a></div>
 <div class="section">
 <h2><a name="ssi" id="ssi">Server Side Includes</a></h2>
-  
-    
+
     
-    <p>Server Side Includes (SSI) present a server administrator with 
+
+    <p>Server Side Includes (SSI) present a server administrator with
     several potential security risks.</p>
-    
-    <p>The first risk is the increased load on the server. All 
-    SSI-enabled files have to be parsed by Apache, whether or not 
-    there are any SSI directives included within the files. While this 
-    load increase is minor, in a shared server environment it can become 
+
+    <p>The first risk is the increased load on the server. All
+    SSI-enabled files have to be parsed by Apache, whether or not
+    there are any SSI directives included within the files. While this
+    load increase is minor, in a shared server environment it can become
     significant.</p>
-    
-    <p>SSI files also pose the same risks that are associated with CGI 
-    scripts in general. Using the "exec cmd" element, SSI-enabled files 
-    can execute any CGI script or program under the permissions of the 
-    user and group Apache runs as, as configured in httpd.conf.</p>
-    
-    <p>There are ways to enhance the security of SSI files while still 
+
+    <p>SSI files also pose the same risks that are associated with CGI
+    scripts in general. Using the <code>exec cmd</code> element, SSI-enabled
+    files can execute any CGI script or program under the permissions of the
+    user and group Apache runs as, as configured in
+    <code>httpd.conf</code>.</p>
+
+    <p>There are ways to enhance the security of SSI files while still
     taking advantage of the benefits they provide.</p>
-    
-    <p>To isolate the damage a wayward SSI file can cause, a server 
-    administrator can enable <a href="../suexec.html">suexec</a> as 
+
+    <p>To isolate the damage a wayward SSI file can cause, a server
+    administrator can enable <a href="../suexec.html">suexec</a> as
     described in the <a href="#cgi">CGI in General</a> section.</p>
-    
-    <p>Enabling SSI for files with .html or .htm extensions can be 
-    dangerous. This is especially true in a shared, or high traffic, 
-    server environment. SSI-enabled files should have a separate extension,
-    such as the conventional .shtml. This helps keep server load at a 
-    minimum and allows for easier management of risk.</p>
-    
-    <p>Another solution is to disable the ability to run scripts and 
+
+    <p>Enabling SSI for files with <code>.html</code> or <code>.htm</code>
+    extensions can be dangerous. This is especially true in a shared, or high
+    traffic, server environment. SSI-enabled files should have a separate
+    extension, such as the conventional <code>.shtml</code>. This helps keep
+    server load at a minimum and allows for easier management of risk.</p>
+
+    <p>Another solution is to disable the ability to run scripts and
     programs from SSI pages. To do this replace <code>Includes</code>
-    with <code>IncludesNOEXEC</code> in the <code class="directive"><a
href="../mod/core.html#options">Options</a></code> directive.  Note that users
may 
-    still use &lt;--#include virtual="..." --&gt; to execute CGI scripts if 
-    these scripts are in directories designated by a <code class="directive"><a
href="../mod/mod_alias.html#scriptalias">ScriptAlias</a></code> directive.</p>
-    
+    with <code>IncludesNOEXEC</code> in the <code class="directive"><a
href="../mod/core.html#options">Options</a></code> directive.  Note that users
may
+    still use <code>&lt;--#include virtual="..." --&gt;</code> to execute
CGI
+    scripts if these scripts are in directories designated by a <code class="directive"><a
href="../mod/mod_alias.html#scriptalias">ScriptAlias</a></code> directive.</p>
+
   </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif"
/></a></div>
 <div class="section">
 <h2><a name="cgi" id="cgi">CGI in General</a></h2>
-  
-    
+
     
-    <p>First of all, you always have to remember that you must trust the 
-    writers of the CGI scripts/programs or your ability to spot potential 
-    security holes in CGI, whether they were deliberate or accidental. CGI 
-    scripts can run essentially arbitrary commands on your system with the 
-    permissions of the web server user and can therefore be extremely 
+
+    <p>First of all, you always have to remember that you must trust the
+    writers of the CGI scripts/programs or your ability to spot potential
+    security holes in CGI, whether they were deliberate or accidental. CGI
+    scripts can run essentially arbitrary commands on your system with the
+    permissions of the web server user and can therefore be extremely
     dangerous if they are not carefully checked.</p>
-    
-    <p>All the CGI scripts will run as the same user, so they have potential 
-    to conflict (accidentally or deliberately) with other scripts e.g. User 
-    A hates User B, so he writes a script to trash User B's CGI database. One 
+
+    <p>All the CGI scripts will run as the same user, so they have potential
+    to conflict (accidentally or deliberately) with other scripts e.g. User
+    A hates User B, so he writes a script to trash User B's CGI database. One
     program which can be used to allow scripts to run as different users is
-    <a href="../suexec.html">suEXEC</a> which is included with Apache as of 
-    1.2 and is called from special hooks in the Apache server code. Another 
-    popular way of doing this is with 
+    <a href="../suexec.html">suEXEC</a> which is included with Apache as of
+    1.2 and is called from special hooks in the Apache server code. Another
+    popular way of doing this is with
     <a href="http://cgiwrap.unixtools.org/">CGIWrap</a>.</p>
-    
+
   </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif"
/></a></div>
 <div class="section">
 <h2><a name="nsaliasedcgi" id="nsaliasedcgi">Non Script Aliased CGI</a></h2>
-  
-    
+
     
-    <p>Allowing users to execute CGI scripts in any directory should only be 
+
+    <p>Allowing users to execute CGI scripts in any directory should only be
     considered if:</p>
-    
+
     <ul>
-      <li>You trust your users not to write scripts which will deliberately 
+      <li>You trust your users not to write scripts which will deliberately
           or accidentally expose your system to an attack.</li>
-      <li>You consider security at your site to be so feeble in other areas, 
+      <li>You consider security at your site to be so feeble in other areas,
           as to make one more potential hole irrelevant.</li>
       <li>You have no users, and nobody ever visits your server.</li>
     </ul>
-    
+
   </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif"
/></a></div>
 <div class="section">
 <h2><a name="saliasedcgi" id="saliasedcgi">Script Aliased CGI</a></h2>
-  
-    
+
     
-    <p>Limiting CGI to special directories gives the admin control over what 
-    goes into those directories. This is inevitably more secure than non 
-    script aliased CGI, but only if users with write access to the 
-    directories are trusted or the admin is willing to test each 
+
+    <p>Limiting CGI to special directories gives the admin control over what
+    goes into those directories. This is inevitably more secure than non
+    script aliased CGI, but only if users with write access to the
+    directories are trusted or the admin is willing to test each
     new CGI script/program for potential security holes.</p>
-    
-    <p>Most sites choose this option over the non script aliased CGI 
+
+    <p>Most sites choose this option over the non script aliased CGI
     approach.</p>
-    
+
   </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif"
/></a></div>
 <div class="section">
 <h2><a name="dynamic" id="dynamic">Other sources of dynamic content</a></h2>
 
   
 
-  <p>
-  Embedded scripting options which run as part of the server itself,
-  such as mod_php, mod_perl, mod_tcl, and mod_python, run under the
-  identity of the server itself (see the <code class="directive"><a href="../mod/mpm_common.html#user">User</a></code>
directive), and therefore
-  scripts executed by these engines potentially can access anything the
-  server user can. Some scripting engines may provide restrictions, but
+  <p>Embedded scripting options which run as part of the server itself,
+  such as <code>mod_php</code>, <code>mod_perl</code>, <code>mod_tcl</code>,
+  and <code>mod_python</code>, run under the identity of the server itself
+  (see the <code class="directive"><a href="../mod/mpm_common.html#user">User</a></code>
directive), and
+  therefore scripts executed by these engines potentially can access anything
+  the server user can. Some scripting engines may provide restrictions, but
   it is better to be safe and assume not.</p>
 
   </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif"
/></a></div>
 <div class="section">
 <h2><a name="systemsettings" id="systemsettings">Protecting System Settings</a></h2>
-  
-    
+
     
-    <p>To run a really tight ship, you'll want to stop users from setting 
-    up <code>.htaccess</code> files which can override security features 
+
+    <p>To run a really tight ship, you'll want to stop users from setting
+    up <code>.htaccess</code> files which can override security features
     you've configured. Here's one way to do it.</p>
-    
+
     <p>In the server configuration file, put</p>
-    
+
     <div class="example"><p><code>
       &lt;Directory /&gt; <br />
         AllowOverride None <br />
       &lt;/Directory&gt;
     </code></p></div>
-    
-    <p>This prevents the use of <code>.htaccess</code> files in all 
+
+    <p>This prevents the use of <code>.htaccess</code> files in all
     directories apart from those specifically enabled.</p>
-    
+
   </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif"
/></a></div>
 <div class="section">
 <h2><a name="protectserverfiles" id="protectserverfiles">Protect Server Files
by Default</a></h2>
-  
-    
+
     
-    <p>One aspect of Apache which is occasionally misunderstood is the 
-    feature of default access. That is, unless you take steps to change it, 
-    if the server can find its way to a file through normal URL mapping 
+
+    <p>One aspect of Apache which is occasionally misunderstood is the
+    feature of default access. That is, unless you take steps to change it,
+    if the server can find its way to a file through normal URL mapping
     rules, it can serve it to clients.</p>
-    
+
     <p>For instance, consider the following example:</p>
-    
+
     <div class="example"><p><code>
       # cd /; ln -s / public_html <br />
       Accessing <code>http://localhost/~root/</code>
     </code></p></div>
-    
-    <p>This would allow clients to walk through the entire filesystem. To 
-    work around this, add the following block to your server's 
+
+    <p>This would allow clients to walk through the entire filesystem. To
+    work around this, add the following block to your server's
     configuration:</p>
-    
+
     <div class="example"><p><code>
       &lt;Directory /&gt; <br />
       Order Deny,Allow <br />
       Deny from all <br />
       &lt;/Directory&gt;
     </code></p></div>
-    
-    <p>This will forbid default access to filesystem locations. Add 
-    appropriate <code class="directive"><a href="../mod/core.html#directory">Directory</a></code>
blocks to 
+
+    <p>This will forbid default access to filesystem locations. Add
+    appropriate <code class="directive"><a href="../mod/core.html#directory">Directory</a></code>
blocks to
     allow access only in those areas you wish. For example,</p>
-    
+
     <div class="example"><p><code>
       &lt;Directory /usr/users/*/public_html&gt; <br />
         Order Deny,Allow <br />
@@ -354,73 +357,74 @@
         Allow from all <br />
       &lt;/Directory&gt;
     </code></p></div>
-    
-    <p>Pay particular attention to the interactions of <code class="directive"><a
href="../mod/core.html#location">Location</a></code> and <code class="directive"><a
href="../mod/core.html#directory">Directory</a></code> directives; for instance,
even 
+
+    <p>Pay particular attention to the interactions of <code class="directive"><a
href="../mod/core.html#location">Location</a></code> and <code class="directive"><a
href="../mod/core.html#directory">Directory</a></code> directives; for instance,
even
     if <code>&lt;Directory /&gt;</code> denies access, a <code>
     &lt;Location /&gt;</code> directive might overturn it.</p>
-    
-    <p>Also be wary of playing games with the <code class="directive"><a href="../mod/mod_userdir.html#userdir">UserDir</a></code>
directive; setting it to 
-    something like "./" would have the same effect, for root, as the first 
-    example above. If you are using Apache 1.3 or above, we strongly 
-    recommend that you include the following line in your server 
+
+    <p>Also be wary of playing games with the <code class="directive"><a href="../mod/mod_userdir.html#userdir">UserDir</a></code>
directive; setting it to
+    something like <code>./</code> would have the same effect, for root, as
+    the first example above. If you are using Apache 1.3 or above, we strongly
+    recommend that you include the following line in your server
     configuration files:</p>
-    
+
     <div class="example"><p><code>
       UserDir disabled root
     </code></p></div>
-    
+
   </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif"
/></a></div>
 <div class="section">
 <h2><a name="watchyourlogs" id="watchyourlogs">Watching Your Logs</a></h2>
-  
-    
+
     
-    <p>To keep up-to-date with what is actually going on against your server 
-    you have to check the <a href="../logs.html">Log Files</a>.  Even though

-    the log files only reports what has already happened, they will give you 
-    some understanding of what attacks is thrown against the server and 
+
+    <p>To keep up-to-date with what is actually going on against your server
+    you have to check the <a href="../logs.html">Log Files</a>.  Even though
+    the log files only reports what has already happened, they will give you
+    some understanding of what attacks is thrown against the server and
     allow you to check if the necessary level of security is present.</p>
-    
+
     <p>A couple of examples:</p>
-    
+
     <div class="example"><p><code>
       grep -c "/jsp/source.jsp?/jsp/ /jsp/source.jsp??" access_log <br />
       grep "client denied" error_log | tail -n 10
     </code></p></div>
-    
+
     <p>The first example will list the number of attacks trying to exploit the
-    <a href="http://online.securityfocus.com/bid/4876/info/">Apache Tomcat 
-    Source.JSP Malformed Request Information Disclosure Vulnerability</a>, 
+    <a href="http://online.securityfocus.com/bid/4876/info/">Apache Tomcat
+    Source.JSP Malformed Request Information Disclosure Vulnerability</a>,
     the second example will list the ten last denied clients, for example:</p>
-    
+
     <div class="example"><p><code>
-      [Thu Jul 11 17:18:39 2002] [error] [client foo.example.com] client denied 
+      [Thu Jul 11 17:18:39 2002] [error] [client foo.example.com] client denied
       by server configuration: /usr/local/apache/htdocs/.htpasswd
     </code></p></div>
-    
-    <p>As you can see, the log files only report what already has happened, so 
-    if the client had been able to access the <code>.htpasswd</code> file you

+
+    <p>As you can see, the log files only report what already has happened, so
+    if the client had been able to access the <code>.htpasswd</code> file you
     would have seen something similar to:</p>
-    
+
     <div class="example"><p><code>
       foo.example.com - - [12/Jul/2002:01:59:13 +0200] "GET /.htpasswd HTTP/1.1"
     </code></p></div>
-    
-    <p>in your <a href="../logs.html#accesslog">Access Log</a>. This means

-    you probably commented out the following in your server configuration 
+
+    <p>in your <a href="../logs.html#accesslog">Access Log</a>. This means
+    you probably commented out the following in your server configuration
     file:</p>
-    
+
     <div class="example"><p><code>
       &lt;Files ~ "^\.ht"&gt; <br />
         Order allow,deny <br />
         Deny from all <br />
       &lt;/Files&gt;
     </code></p></div>
-    
+
   </div></div>
 <div class="bottomlang">
 <p><span>Available Languages: </span><a href="../en/misc/security_tips.html"
title="English">&nbsp;en&nbsp;</a> |
-<a href="../ko/misc/security_tips.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a></p>
+<a href="../ko/misc/security_tips.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a>
|
+<a href="../tr/misc/security_tips.html" hreflang="tr" rel="alternate" title="Türkçe">&nbsp;tr&nbsp;</a></p>
 </div><div id="footer">
 <p class="apache">Copyright 2008 The Apache Software Foundation.<br />Licensed
under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version
2.0</a>.</p>
 <p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a>
| <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a>
| <a href="../sitemap.html">Sitemap</a></p></div>

Modified: httpd/httpd/trunk/docs/manual/misc/security_tips.html.ko.euc-kr
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/misc/security_tips.html.ko.euc-kr?rev=686855&r1=686854&r2=686855&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/misc/security_tips.html.ko.euc-kr [euc-kr] (original)
+++ httpd/httpd/trunk/docs/manual/misc/security_tips.html.ko.euc-kr [euc-kr] Mon Aug 18 12:22:54
2008
@@ -19,7 +19,8 @@
 <a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP
Server</a> &gt; <a href="http://httpd.apache.org/docs/">Documentation</a>
&gt; <a href="../">Version 2.3</a> &gt; <a href="./">Miscellaneous
Documentation</a></div><div id="page-content"><div id="preamble"><h1>보안
팁</h1>
 <div class="toplang">
 <p><span>가능한 언어: </span><a href="../en/misc/security_tips.html"
hreflang="en" rel="alternate" title="English">&nbsp;en&nbsp;</a> |
-<a href="../ko/misc/security_tips.html" title="Korean">&nbsp;ko&nbsp;</a></p>
+<a href="../ko/misc/security_tips.html" title="Korean">&nbsp;ko&nbsp;</a>
|
+<a href="../tr/misc/security_tips.html" hreflang="tr" rel="alternate" title="T&#252;rk&#231;e">&nbsp;tr&nbsp;</a></p>
 </div>
 <div class="outofdate">이 문서는 최신판 번역이 아닙니다.
             최근에 변경된 내용은 영어 문서를 참고하세요.</div>
@@ -336,7 +337,8 @@
   </div></div>
 <div class="bottomlang">
 <p><span>가능한 언어: </span><a href="../en/misc/security_tips.html"
hreflang="en" rel="alternate" title="English">&nbsp;en&nbsp;</a> |
-<a href="../ko/misc/security_tips.html" title="Korean">&nbsp;ko&nbsp;</a></p>
+<a href="../ko/misc/security_tips.html" title="Korean">&nbsp;ko&nbsp;</a>
|
+<a href="../tr/misc/security_tips.html" hreflang="tr" rel="alternate" title="T&#252;rk&#231;e">&nbsp;tr&nbsp;</a></p>
 </div><div id="footer">
 <p class="apache">Copyright 2008 The Apache Software Foundation.<br />Licensed
under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version
2.0</a>.</p>
 <p class="menu"><a href="../mod/">모듈</a> | <a href="../mod/directives.html">지시어들</a>
| <a href="../faq/">FAQ</a> | <a href="../glossary.html">용어</a>
| <a href="../sitemap.html">사이트맵</a></p></div>

Modified: httpd/httpd/trunk/docs/manual/mod/mod_log_config.html.ja.utf8
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_log_config.html.ja.utf8?rev=686855&r1=686854&r2=686855&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_log_config.html.ja.utf8 [utf-8] (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_log_config.html.ja.utf8 [utf-8] Mon Aug 18 12:22:54
2008
@@ -27,8 +27,6 @@
 <a href="../ko/mod/mod_log_config.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a>
|
 <a href="../tr/mod/mod_log_config.html" hreflang="tr" rel="alternate" title="Türkçe">&nbsp;tr&nbsp;</a></p>
 </div>
-<div class="outofdate">この日本語訳はすでに古くなっている可能性があります。
-          更新された内容を見るには英語版をご覧下さい。</div>
 <table class="module"><tr><th><a href="module-dict.html#Description">説明:</a></th><td>サーバへのリクエストのロギング</td></tr>
 <tr><th><a href="module-dict.html#Status">ステータス:</a></th><td>Base</td></tr>
 <tr><th><a href="module-dict.html#ModuleIdentifier">モジュール識別子:</a></th><td>log_config_module</td></tr>
@@ -130,43 +128,50 @@
         <td>応答の <code><var>Foobar</var>:</code> ヘッダの内容</td></tr>
 <tr><td><code>%p</code></td>
         <td>リクエストを扱っているサーバの正式なポート</td></tr>
-<tr class="odd"><td><code>%P</code></td>
+<tr class="odd"><td><code>%{<var>format</var>}p</code></td>
+        <td>サーバがリクエストを処理しているポートの公式
+        <span class="transnote">(<em>訳注:</em> canonical)</span>
のポート番号か、
+        サーバの実際のポート番号か、クライアント側の実際のポート番号かです。
+        format に使える文字列は <code>canonical</code>, <code>local</code>,
+        <code>remote</code> になります。
+        </td></tr>
+<tr><td><code>%P</code></td>
         <td>リクエストを扱った子プロセスのプロセス ID</td></tr>
-<tr><td><code>%{<var>format</var>}P</code></td>
+<tr class="odd"><td><code>%{<var>format</var>}P</code></td>
         <td>リクエストを扱ったワーカーのプロセス ID かスレッド
ID。
         <var>format</var> として有効な値は <code>pid</code>,
<code>tid</code>,
         <code>hextid</code> です。<code>hextid</code> を使うには
         APR 1.2.0 以降が必要です。
         </td></tr>
-<tr class="odd"><td><code>%q</code></td>
+<tr><td><code>%q</code></td>
         <td>問い合せ文字列 (存在する場合は前に <code>?</code>
が追加される。
         そうでない場合は空文字列)</td></tr>
-<tr><td><code>%r</code></td>
+<tr class="odd"><td><code>%r</code></td>
         <td>リクエストの最初の行</td></tr>
-<tr class="odd"><td><code>%s</code></td>
+<tr><td><code>%s</code></td>
         <td>ステータス。内部でリダイレクトされたリクエストは、元々の
          リクエストのステータス --- 最後のステータスは <code>%&gt;s</code>
     </td></tr>
-<tr><td><code>%t</code></td>
+<tr class="odd"><td><code>%t</code></td>
         <td>リクエストを受付けた時刻。
         CLF の時刻の書式 (標準の英語の書式)</td></tr>
-<tr class="odd"><td><code>%{<var>format</var>}t</code></td>
+<tr><td><code>%{<var>format</var>}t</code></td>
         <td><var>format</var> で与えられた書式による時刻。format
は
          <code>strftime (3)</code> の
          書式である必要がある。(地域化されている可能性がある)</td></tr>
-<tr><td><code>%T</code></td>
+<tr class="odd"><td><code>%T</code></td>
         <td>リクエストを扱うのにかかった時間、秒単位</td></tr>
-<tr class="odd"><td><code>%u</code></td>
+<tr><td><code>%u</code></td>
         <td>リモートユーザ (認証によるもの。ステータス (<code>%s</code>)
が
         401 のときは意味がないものである可能性がある)
     </td></tr>
-<tr><td><code>%U</code></td>
+<tr class="odd"><td><code>%U</code></td>
         <td>リクエストされた URL パス。クエリ文字列は含まない</td></tr>
-<tr class="odd"><td><code>%v</code></td>
+<tr><td><code>%v</code></td>
         <td>リクエストを扱っているサーバの正式な <code class="directive"><a
href="../mod/core.html#servername">ServerName</a></code></td></tr>
-<tr><td><code>%V</code></td>
+<tr class="odd"><td><code>%V</code></td>
         <td><code class="directive"><a href="../mod/core.html#usecanonicalname">UseCanonicalName</a></code>
の設定によるサーバ名</td></tr>
-<tr class="odd"><td><code>%X</code></td>
+<tr><td><code>%X</code></td>
         <td>応答が完了したときの接続ステータス:
 
         <table>
@@ -184,11 +189,11 @@
         いましたが、これは歴史的に ssl が使用している
         <code>%{<var>var</var>}c</code>
         構文と衝突していました。)</p></td></tr>
-<tr><td><code>%I</code></td>
+<tr class="odd"><td><code>%I</code></td>
         <td>リクエストとヘッダを含む、受け取ったバイト数。
         0 にはならない。
         これを使用するためには <code class="module"><a href="../mod/mod_logio.html">mod_logio</a></code>
が必要</td></tr>
-<tr class="odd"><td><code>%O</code></td>
+<tr><td><code>%O</code></td>
         <td>ヘッダを含む、送信したバイト数。0 にはならない。
         これを使用するためには <code class="module"><a href="../mod/mod_logio.html">mod_logio</a></code>
が必要</td></tr>
 </table>

Modified: httpd/httpd/trunk/docs/manual/mod/mod_proxy.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_proxy.html.en?rev=686855&r1=686854&r2=686855&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_proxy.html.en (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_proxy.html.en Mon Aug 18 12:22:54 2008
@@ -942,7 +942,7 @@
         clears the in-error flag.
     </td></tr>
     <tr><td>timeout</td>
-        <td><code class="directive">ProxyTimeout</code></td>
+        <td><code class="directive"><a href="#proxytimeout">ProxyTimeout</a></code></td>
         <td>Connection timeout in seconds.
         The number of seconds Apache waits for data sent by / to the backend.
     </td></tr>
@@ -970,8 +970,9 @@
         <td>byrequests</td>
         <td>Balancer load-balance method. Select the load-balancing scheduler
         method to use. Either <code>byrequests</code>, to perform weighted
-        request counting or <code>bytraffic</code>, to perform weighted
-        traffic byte count balancing. Default is <code>byrequests</code>.
+        request counting, <code>bytraffic</code>, to perform weighted
+        traffic byte count balancing, or <code>bybusyness</code>, to perform

+        pending request balancing. Default is <code>byrequests</code>.
     </td></tr>
     <tr><td>maxattempts</td>
         <td>1</td>
@@ -1423,7 +1424,7 @@
 <table class="directive">
 <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Network
timeout for proxied requests</td></tr>
 <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>ProxyTimeout
<var>seconds</var></code></td></tr>
-<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>ProxyTimeout
300</code></td></tr>
+<tr><th><a href="directive-dict.html#Default">Default:</a></th><td><code>Value
of <code class="directive"><a href="../mod/core.html#timeout">Timeout</a></code></code></td></tr>
 <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server
config, virtual host</td></tr>
 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Extension</td></tr>
 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_proxy</td></tr>

Modified: httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml.ja
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml.ja?rev=686855&r1=686854&r2=686855&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml.ja [utf-8] (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_proxy.xml.ja [utf-8] Mon Aug 18 12:22:54 2008
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8" ?>
 <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
 <?xml-stylesheet type="text/xsl" href="../style/manual.ja.xsl"?>
-<!-- English Revision: 344971:686547 (outdated) -->
+<!-- English Revision: 344971:686805 (outdated) -->
 
 <!--
  Licensed to the Apache Software Foundation (ASF) under one or more

Modified: httpd/httpd/trunk/docs/manual/mod/mod_proxy_balancer.html.en
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_proxy_balancer.html.en?rev=686855&r1=686854&r2=686855&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_proxy_balancer.html.en (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_proxy_balancer.html.en Mon Aug 18 12:22:54 2008
@@ -54,6 +54,7 @@
 <li><img alt="" src="../images/down.gif" /> <a href="#example">Example
of a balancer configuration</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#requests">Request
Counting Algorithm</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#traffic">Weighted
Traffic Counting Algorithm</a></li>
+<li><img alt="" src="../images/down.gif" /> <a href="#busyness">Pending
Request Counting Algorithm</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#environment">Exported
Environment Variables</a></li>
 <li><img alt="" src="../images/down.gif" /> <a href="#enable">Enabling
Balancer Manager Support</a></li>
 </ul><h3>See also</h3>
@@ -64,11 +65,11 @@
 <div class="section">
 <h2><a name="scheduler" id="scheduler">Load balancer scheduler algorithm</a></h2>
     
-    <p>At present, there are 2 load balancer scheduler algorithms available
-    for use: Request Counting and Weighted Traffic Counting. These are controlled
-    via the <code>lbmethod</code> value of the Balancer definition. See
-    the <code class="directive"><a href="../mod/mod_proxy.html#proxypass">ProxyPass</a></code>
directive for
-    more information.</p>
+    <p>At present, there are 3 load balancer scheduler algorithms available
+    for use: Request Counting, Weighted Traffic Counting and Pending Request 
+    Counting. These are controlled via the <code>lbmethod</code> value of
+    the Balancer definition. See the <code class="directive"><a href="../mod/mod_proxy.html#proxypass">ProxyPass</a></code>

+    directive for more information.</p>
 
 </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif"
/></a></div>
 <div class="section">
@@ -293,6 +294,25 @@
 
 </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif"
/></a></div>
 <div class="section">
+<h2><a name="busyness" id="busyness">Pending Request Counting Algorithm</a></h2>
+
+    
+
+    <p>Enabled via <code>lbmethod=bybusyness</code>, this scheduler keeps
+    track of how many requests each worker is assigned at present. A new
+    request is automatically assigned to the worker with the lowest
+    number of active requests. This is useful in the case of workers
+    that queue incoming requests independently of Apache, to ensure that
+    queue length stays even and a request is always given to the worker
+    most likely to service it fastest.</p>
+
+    <p>In the case of multiple least-busy workers, the statistics (and
+    weightings) used by the Request Counting method are used to break the
+    tie. Over time, the distribution of work will come to resemble that
+    characteristic of <code>byrequests</code>.</p>
+
+</div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif"
/></a></div>
+<div class="section">
 <h2><a name="environment" id="environment">Exported Environment Variables</a></h2>
     
     <p>At present there are 6 environment variables exported:</p>

Modified: httpd/httpd/trunk/docs/manual/mod/mod_proxy_balancer.xml.ja
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/docs/manual/mod/mod_proxy_balancer.xml.ja?rev=686855&r1=686854&r2=686855&view=diff
==============================================================================
--- httpd/httpd/trunk/docs/manual/mod/mod_proxy_balancer.xml.ja [utf-8] (original)
+++ httpd/httpd/trunk/docs/manual/mod/mod_proxy_balancer.xml.ja [utf-8] Mon Aug 18 12:22:54
2008
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8" ?>
 <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
 <?xml-stylesheet type="text/xsl" href="../style/manual.ja.xsl"?>
-<!-- English Revision: 395228:669473 (outdated) -->
+<!-- English Revision: 395228:686805 (outdated) -->
 
 <!--
  Licensed to the Apache Software Foundation (ASF) under one or more



Mime
View raw message