httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From James Sutherland <ja...@cam.ac.uk>
Subject Re: cvs commit: httpd-2.0/docs/conf highperformance-std.conf
Date Thu, 25 Jan 2001 21:29:17 GMT
On Thu, 25 Jan 2001, Greg Ames wrote:

> Greg Stein wrote:
> > 
> > On Thu, Jan 25, 2001 at 06:29:38PM -0000, gregames@apache.org wrote:
> > >...
> > >   # Disable symlink protection and htaccess files, they chew far too much.
> > >   <Directory />
> > >       AllowOverride none
> > >       Options FollowSymLinks
> > 
> > Hmm. The comment and Options don't seem to match, or did I just brain-fart?
> > 
> 
> AllowOverride none means that the server doesn't look at htaccess
> files.  That's pretty straight forward.
> 
> As far as symlinks, I think it's a negative logic kind of thing that
> causes the confusion.  Here's my take: by default, when you don't
> specify FollowSymLinks, you get "symlink protection", which chews
> excessive CPU.  So you have to explicity enable FollowSymLinks to make
> these cycles go away.
> 
> This bit is unchanged from 1.3...I trust dean.  Seems like I benchmarked
> those statements a long time ago with good results - don't remember for
> sure.

DISABLING FollowSymLinks will chew CPU/disk - you have to check "OK, I've
got the file to serve - now, wait... is it a symlink or not???" So the
config above is correct, but the comment is a bit opaque...

Similarly, "AllowOverride None" allows httpd to avoid checking for
.htaccess files, saving more cycles, as you expect.

I think the comment needs rewriting there... How about this?

<Directory / >
	# The server can be made to avoid following symbolic links,
	# to make security simpler. However, this takes extra CPU time,
	# so we disable that check here:
	Options FollowSymLinks

	# Don't check for .htaccess files in each directory - they slow
	# things down
	AllowOverride None
</Directory>


James.


Mime
View raw message