httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From joon yang <joon_y...@yahoo.com>
Subject Re: [users@httpd] https config
Date Fri, 06 Aug 2004 18:32:56 GMT
Normal port for https is 443 not 4443.

JoOn
--- Nina Pham <nina@gibbons.com> wrote:

> I uncomment the include /conf.d/ssl.conf, then
> restart apache.  It 
> complained about no NameVirtualHost for
> myserver:4443. I put in the 
> NameVirtualHost and restart apache, it gave me a
> warning 
> NameVirtualHost  myserver:4443 has no
> VirtualHost(however, it's arlready 
> there in ssl.conf). But it still start apache. Using
> browser, I still 
> can access www.gibbons.com:80, but went i tried to 
> https://www.gibbons.com, this time it doesn't
> display the FedoraCore 
> apache test page (my system is FC2), but instead,
> gave me error message 
> "The connection was refused when attempting to
> contact 
> www.gibbons.com:4443. I attached ssl.conf, hand
> httpd.conf files.
> 
> 
> joon yang wrote:
> 
> >You need to add LoadModule in the httpd.conf and
> >uncomment the following.
> ><IfModule mod_ssl.c>
> >Include conf.d/ssl.conf
> ></IfModule>
> >
> >This tells apache to load ssl.conf if mod_ssl.so
> have
> >been loaded.
> >
> >Also, in you ssl.conf, you've got port 4443 rather
> >than 443.
> >
> >JoOn
> >
> >
> >--- Nina Pham <nina@gibbons.com> wrote:
> >
> >  
> >
> >>Hi, I have a standard web server, now I want to
> run
> >>it with mod_ssl at 
> >>port 4443 ( port 443 has already been used).
> >>Attachment is the 
> >>httpd.conf, and ssl.conf. When I type
> >>http://www.gibbons.com, it display 
> >>our company webpage, and i expect the same for 
> >>https://www.gibbons.com:4443. However, when I
> tried
> >>to https, it just 
> >>displayed the test page of apache. What did I do
> >>wrong here?
> >>    
> >>
> >>>#
> >>>      
> >>>
> >># This is the Apache server configuration file
> >>providing SSL support.
> >># It contains the configuration directives to
> >>instruct the server how to
> >># serve pages over an https connection. For
> >>detailing information about these 
> >># directives see
> >>
> >>    
> >>
>
><URL:http://httpd.apache.org/docs-2.0/mod/mod_ssl.html>
> >  
> >
> >># 
> >># Do NOT simply read the instructions in here
> >>without understanding
> >># what they do.  They're here only as hints or
> >>reminders.  If you are unsure
> >># consult the online docs. You have been warned.  
> >>#
> >>
> >>LoadModule ssl_module modules/mod_ssl.so
> >>
> >>#   Until documentation is completed, please check
> >>http://www.modssl.org/
> >>#   for additional config examples and module
> >>docmentation.  Directives
> >>#   and features of mod_ssl are largely unchanged
> >>from the mod_ssl project
> >>#   for Apache 1.3.
> >>
> >>#
> >># When we also provide SSL we have to listen to
> the 
> >># standard HTTP port (see above) and to the HTTPS
> >>port
> >>#
> >>Listen 4443
> >>
> >>##
> >>##  SSL Global Context
> >>##
> >>##  All SSL configuration in this context applies
> >>both to
> >>##  the main server and all SSL-enabled virtual
> >>hosts.
> >>##
> >>
> >>#
> >>#   Some MIME-types for downloading Certificates
> and
> >>CRLs
> >>#
> >>AddType application/x-x509-ca-cert .crt
> >>AddType application/x-pkcs7-crl    .crl
> >>
> >>#   Pass Phrase Dialog:
> >>#   Configure the pass phrase gathering process.
> >>#   The filtering dialog program (`builtin' is a
> >>internal
> >>#   terminal dialog) has to provide the pass
> phrase
> >>on stdout.
> >>SSLPassPhraseDialog  builtin
> >>
> >>#   Inter-Process Session Cache:
> >>#   Configure the SSL Session Cache: First the
> >>mechanism 
> >>#   to use and second the expiring timeout (in
> >>seconds).
> >>#SSLSessionCache        none
> >>#SSLSessionCache       
> >>dbm:/var/cache/mod_ssl/scache(512000)
> >>#SSLSessionCache       
> >>dc:UNIX/var/cache/mod_ssl/distcache
> >>SSLSessionCache        
> >>shmcb:/var/cache/mod_ssl/scache(512000)
> >>SSLSessionCacheTimeout  300
> >>
> >>#   Semaphore:
> >>#   Configure the path to the mutual exclusion
> >>semaphore the
> >>#   SSL engine uses internally for inter-process
> >>synchronization. 
> >>SSLMutex default
> >>
> >>#   Pseudo Random Number Generator (PRNG):
> >>#   Configure one or more sources to seed the PRNG
> >>of the 
> >>#   SSL library. The seed data should be of good
> >>random quality.
> >>#   WARNING! On some platforms /dev/random blocks
> if
> >>not enough entropy
> >>#   is available. This means you then cannot use
> the
> >>/dev/random device
> >>#   because it would lead to very long connection
> >>times (as long as
> >>#   it requires to make more entropy available).
> But
> >>usually those
> >>#   platforms additionally provide a /dev/urandom
> >>device which doesn't
> >>#   block. So, if available, use this one instead.
> >>Read the mod_ssl User
> >>#   Manual for more details.
> >>SSLRandomSeed startup file:/dev/urandom  256
> >>SSLRandomSeed connect builtin
> >>#SSLRandomSeed startup file:/dev/random  512
> >>#SSLRandomSeed connect file:/dev/random  512
> >>#SSLRandomSeed connect file:/dev/urandom 512
> >>
> >>#
> >># Use "SSLCryptoDevice" to enable any supported
> >>hardware
> >># accelerators. Use "openssl engine -v" to list
> >>supported
> >># engine names.  NOTE: If you enable an
> accelerator
> >>and the
> >># server does not start, consult the error logs
> and
> >>ensure
> >># your accelerator is functioning properly. 
> >>#
> >>SSLCryptoDevice builtin
> >>#SSLCryptoDevice ubsec
> >>
> >>##
> >>## SSL Virtual Host Context
> >>##
> >>
> >><VirtualHost _default_:4443>
> >>
> >># General setup for the virtual host, inherited
> from
> >>global configuration
> >>DocumentRoot "/var/www/html"
> >>ServerName gibbons.com:4443
> >>
> >># Use separate log files for the SSL virtual host;
> >>note that LogLevel
> >># is not inherited from httpd.conf.
> >>ErrorLog logs/ssl_error_log
> >>TransferLog logs/ssl_access_log
> >>LogLevel warn
> >>
> >>#   SSL Engine Switch:
> >>#   Enable/Disable SSL for this virtual host.
> >>SSLEngine on
> >>
> >>#   SSL Cipher Suite:
> >>#   List the ciphers that the client is permitted
> to
> >>negotiate.
> >>#   See the mod_ssl documentation for a complete
> >>list.
> >>SSLCipherSuite
> >>
> >>    
> >>
>
>ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
> >  
> >
> >>#   Server Certificate:
> >>#   Point SSLCertificateFile at a PEM encoded
> >>certificate.  If
> >>#   the certificate is encrypted, then you will be
> >>prompted for a
> >>#   pass phrase.  Note that a kill -HUP will
> prompt
> >>again. A test
> >>#   certificate can be generated with `make
> >>certificate' under
> >>#   built time. Keep in mind that if you've both a
> >>RSA and a DSA
> >>#   certificate you can configure both in parallel
> >>(to also allow
> >>#   the use of DSA ciphers, etc.)
> >>SSLCertificateFile
> >>/etc/httpd/conf/ssl.crt/server.crt
> >>#SSLCertificateFile
> >>/etc/httpd/conf/ssl.crt/server-dsa.crt
> >>
> >>#   Server Private Key:
> >>#   If the key is not combined with the
> certificate,
> >>use this
> >>#   directive to point at the key file.  Keep in
> >>mind that if
> >>#   you've both a RSA and a DSA private key you
> can
> >>configure
> >>#   both in parallel (to also allow the use of DSA
> >>ciphers, etc.)
> >>SSLCertificateKeyFile
> >>/etc/httpd/conf/ssl.key/server.key
> >>#SSLCertificateKeyFile
> >>/etc/httpd/conf/ssl.key/server-dsa.key
> >>
> >>#   Server Certificate Chain:
> >>#   Point SSLCertificateChainFile at a file
> >>containing the
> >>#   concatenation of PEM encoded CA certificates
> >>which form the
> >>#   certificate chain for the server certificate.
> >>Alternatively
> >>#   the referenced file can be the same as
> >>SSLCertificateFile
> >>#   when the CA certificates are directly appended
> >>to the server
> >>#   certificate for convinience.
> >>#SSLCertificateChainFile
> >>/etc/httpd/conf/ssl.crt/ca.crt
> >>
> >>#   Certificate Authority (CA):
> >>#   Set the CA certificate verification path where
> >>to find CA
> >>#   certificates for client authentication or
> >>alternatively one
> >>#   huge file containing all of them (file must be
> >>PEM encoded)
> >>#   Note: Inside SSLCACertificatePath you need
> hash
> >>symlinks
> >>#         to point to the certificate files. Use
> the
> >>provided
> >>#         Makefile to update the hash symlinks
> after
> >>changes.
> >>#SSLCACertificatePath /etc/httpd/conf/ssl.crt
> >>#SSLCACertificateFile
> >>/usr/share/ssl/certs/ca-bundle.crt
> >>
> >>#   Certificate Revocation Lists (CRL):
> >>#   Set the CA revocation path where to find CA
> CRLs
> >>for client
> >>#   authentication or alternatively one huge file
> >>containing all
> >>#   of them (file must be PEM encoded)
> >>#   Note: Inside SSLCARevocationPath you need hash
> >>symlinks
> >>#         to point to the certificate files. Use
> the
> >>provided
> >>#         Makefile to update the hash symlinks
> after
> >>changes.
> >>#SSLCARevocationPath /etc/httpd/conf/ssl.crl
> >>#SSLCARevocationFile
> >>/etc/httpd/conf/ssl.crl/ca-bundle.crl
> >>
> >>#   Client Authentication (Type):
> >>#   Client certificate verification type and
> depth. 
> >>Types are
> >>#   none, optional, require and optional_no_ca. 
> >>Depth is a
> >>#   number which specifies how deeply to verify
> the
> >>certificate
> >>#   issuer chain before deciding the certificate
> is
> >>not valid.
> >>#SSLVerifyClient require
> >>#SSLVerifyDepth  10
> >>
> >>#   Access Control:
> >>#   With SSLRequire you can do per-directory
> access
> >>control based
> >>#   on arbitrary complex boolean expressions
> >>containing server
> >>#   variable checks and other lookup directives. 
> >>The syntax is a
> >>#   mixture between C and Perl.  See the mod_ssl
> >>documentation
> >>#   for more details.
> >>#<Location />
> >>#SSLRequire (    %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
> >>#            and %{SSL_CLIENT_S_DN_O} eq "Snake
> Oil,
> >>Ltd." \
> >>#            and %{SSL_CLIENT_S_DN_OU} in
> {"Staff",
> >>"CA", "Dev"} \
> >>#            and %{TIME_WDAY} >= 1 and
> %{TIME_WDAY}
> >><= 5 \
> >>#            and %{TIME_HOUR} >= 8 and
> %{TIME_HOUR}
> >><= 20       ) \
> >>#           or %{REMOTE_ADDR} =~
> >>m/^192\.76\.162\.[0-9]+$/
> >>#</Location>
> >>
> >>#   SSL Engine Options:
> >>#   Set various options for the SSL engine.
> >>#   o FakeBasicAuth:
> >>#     Translate the client X.509 into a Basic
> >>Authorisation.  This means that
> >>#     the standard Auth/DBMAuth methods can be
> used
> >>for access control.  The
> >>#     user name is the `one line' version of the
> >>client's X.509 certificate.
> >>#     Note that no password is obtained from the
> >>user. Every entry in the user
> >>#     file needs this password: `xxj31ZMTZzkVA'.
> >>#   o ExportCertData:
> >>#     This exports two additional environment
> >>variables: SSL_CLIENT_CERT and
> >>#     SSL_SERVER_CERT. These contain the
> PEM-encoded
> >>certificates of the
> >>#     server (always existing) and the client
> (only
> >>existing when client
> >>#     authentication is used). This can be used to
> >>import the certificates
> >>#     into CGI scripts.
> >>#   o StdEnvVars:
> >>#     This exports the standard SSL/TLS related
> >>`SSL_*' environment variables.
> >>#     Per default this exportation is switched off
> >>for performance reasons,
> >>#     because the extraction step is an expensive
> >>operation and is usually
> >>#     useless for serving static content. So one
> >>usually enables the
> >>#     exportation for CGI and SSI requests only.
> >>#   o StrictRequire:
> >>#     This denies access when "SSLRequireSSL" or
> >>"SSLRequire" applied even
> >>#     under a "Satisfy any" situation, i.e. when
> it
> >>applies access is denied
> >>#     and no other module can change it.
> >>#   o OptRenegotiate:
> >>#     This enables optimized SSL connection
> >>renegotiation handling when SSL
> >>#     directives are used in per-directory
> context. 
> >>#SSLOptions +FakeBasicAuth +ExportCertData
> >>+CompatEnvVars +StrictRequire
> >><Files ~ "\.(cgi|shtml|phtml|php3?)$">
> >>    SSLOptions +StdEnvVars
> >></Files>
> >><Directory "/var/www/cgi-bin">
> >>    SSLOptions +StdEnvVars
> >></Directory>
> >>
> >>#   SSL Protocol Adjustments:
> >>#   The safe and default but still SSL/TLS
> standard
> >>compliant shutdown
> >>#   approach is that mod_ssl sends the close
> notify
> >>alert but doesn't wait for
> >>#   the close notify alert from client. When you
> >>need a different shutdown
> >>#   approach you can use one of the following
> >>variables:
> >>#   o ssl-unclean-shutdown:
> >>#     This forces an unclean shutdown when the
> >>connection is closed, i.e. no
> >>#     SSL close notify alert is send or allowed to
> >>received.  This violates
> >>#     the SSL/TLS standard but is needed for some
> >>brain-dead browsers. Use
> >>#     this when you receive I/O errors because of
> >>the standard approach where
> >>#     mod_ssl sends the close notify alert.
> >>#   o ssl-accurate-shutdown:
> >>#     This forces an accurate shutdown when the
> >>connection is closed, i.e. a
> >>#     SSL close notify alert is send and mod_ssl
> >>waits for the close notify
> >>#     alert of the client. This is 100% SSL/TLS
> >>standard compliant, but in
> >>#     practice often causes hanging connections
> with
> >>brain-dead browsers. Use
> >>#     this only for browsers where you know that
> >>their SSL implementation
> >>#     works correctly. 
> >>#   Notice: Most problems of broken clients are
> also
> >>related to the HTTP
> >>#   keep-alive facility, so you usually
> additionally
> >>want to disable
> >>#   keep-alive for those clients, too. Use
> variable
> >>"nokeepalive" for this.
> >>#   Similarly, one has to force some clients to
> use
> >>HTTP/1.0 to workaround
> >>#   their broken HTTP/1.1 implementation. Use
> >>variables "downgrade-1.0" and
> >>#   "force-response-1.0" for this.
> >>SetEnvIf User-Agent ".*MSIE.*" \
> >>         nokeepalive ssl-unclean-shutdown \
> >>         downgrade-1.0 force-response-1.0
> >>
> >>#   Per-Server Logging:
> >>#   The home of a custom SSL log file. Use this
> when
> >>you want a
> >>#   compact non-error SSL logfile on a virtual
> host
> >>basis.
> >>CustomLog logs/ssl_request_log \
> >>          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x
> >>\"%r\" %b"
> >>
> >></VirtualHost>                                  
> >>
> >>    
> >>
> >>>#
> >>>      
> >>>
> >># Based upon the NCSA server configuration files
> >>originally by Rob McCool.
> >>#
> >># This is the main Apache server configuration
> file.
> >> It contains the
> >># configuration directives that give the server
> its
> >>instructions.
> >># See URL:http://httpd.apache.org/docs-2.0/ for
> >>detailed information about
> >># the directives.
> >>#
> >># Do NOT simply read the instructions in here
> >>without understanding
> >># what they do.  They're here only as hints or
> >>reminders.  If you are unsure
> >># consult the online docs. You have been warned.  
> >>#
> >># The configuration directives are grouped into
> >>three basic sections:
> >>#  1. Directives that control the operation of the
> >>Apache server process as a
> >>#     whole (the 'global environment').
> >>#  2. Directives that define the parameters of the
> >>'main' or 'default' server,
> >>#     which responds to requests that aren't
> handled
> >>by a virtual host.
> >>#     These directives also provide default values
> >>for the settings
> >>#     of all virtual hosts.
> >>#  3. Settings for virtual hosts, which allow Web
> >>requests to be sent to
> >>#     different IP addresses or hostnames and have
> >>them handled by the
> >>#     same Apache server process.
> >>#
> >># Configuration and logfile names: If the
> filenames
> >>you specify for many
> >># of the server's control files begin with "/" (or
> >>"drive:/" for Win32), the
> >># server will use that explicit path.  If the
> >>filenames do *not* begin
> >># with "/", the value of ServerRoot is prepended
> --
> >>so "logs/foo.log"
> >># with ServerRoot set to "/etc/httpd" will be
> >>interpreted by the
> >># server as "/etc/httpd/logs/foo.log".
> >>#
> >>
> >>### Section 1: Global Environment
> >>#
> >># The directives in this section affect the
> overall
> >>operation of Apache,
> >># such as the number of concurrent requests it can
> >>handle or where it
> >># can find its configuration files.
> >>#
> >>
> >>#
> >># Don't give away too much information about all
> the
> >>subcomponents
> >># we are running.  Comment out this line if you
> >>don't mind remote sites
> >># finding out what major optional modules you are
> >>running
> >>ServerTokens OS
> >>
> >>#
> >># ServerRoot: The top of the directory tree under
> >>which the server's
> >># configuration, error, and log files are kept.
> >>#
> >># NOTE!  If you intend to place this on an NFS (or
> >>otherwise network)
> >># mounted filesystem then please read the LockFile
> >>documentation
> >># (available at
> >>
> >>    
> >>
>
><URL:http://httpd.apache.org/docs-2.0/mod/core.html#lockfile>);
> >  
> >
> >># you will save yourself a lot of trouble.
> >>#
> >># Do NOT add a slash at the end of the directory
> >>path.
> >>#
> >>ServerRoot "/etc/httpd"
> >>
> >>#
> >># ScoreBoardFile: File used to store internal
> server
> >>process information.
> >># If unspecified (the default), the scoreboard
> will
> >>be stored in an
> >># anonymous shared memory segment, and will be
> >>unavailable to third-party
> >># applications.
> >># If specified, ensure that no two invocations of
> >>Apache share the same
> >># scoreboard file. The scoreboard file MUST BE
> >>STORED ON A LOCAL DISK.
> >>#
> >>#ScoreBoardFile run/httpd.scoreboard
> >>
> >>#
> >># PidFile: The file in which the server should
> >>record its process
> >># identification number when it starts.
> >>#
> >>PidFile "/var/run/httpd.pid"
> >>
> >>#
> >># Timeout: The number of seconds before receives
> and
> >>sends time out.
> >>#
> >>TimeOut 300
> >>
> >>#
> >># KeepAlive: Whether or not to allow persistent
> >>connections (more than
> >># one request per connection). Set to "Off" to
> >>deactivate.
> >>#
> >>KeepAlive true
> >>
> >>#
> >># MaxKeepAliveRequests: The maximum number of
> >>requests to allow
> >># during a persistent connection. Set to 0 to
> allow
> >>an unlimited amount.
> >># We recommend you leave this number high, for
> >>maximum performance.
> >>#
> >>MaxKeepAliveRequests 100
> >>
> >>#
> >># KeepAliveTimeout: Number of seconds to wait for
> >>the next request from the
> >># same client on the same connection.
> >>#
> >>KeepAliveTimeout 15
> >>
> >>##
> >>## Server-Pool Size Regulation (MPM specific)
> >>## 
> >>
> >># prefork MPM
> >># StartServers: number of server processes to
> start
> >># MinSpareServers: minimum number of server
> >>processes which are kept spare
> >># MaxSpareServers: maximum number of server
> >>processes which are kept spare
> >># MaxClients: maximum number of server processes
> >>allowed to start
> >># MaxRequestsPerChild: maximum number of requests
> a
> >>server process serves
> >><IfModule prefork.c>
> >>StartServers 8
> >>MinSpareServers 5
> >>MaxSpareServers 20
> >>MaxClients 150
> >>MaxRequestsPerChild 100
> >></IfModule>
> >>
> >># worker MPM
> >># StartServers: initial number of server processes
> >>to start
> >># MaxClients: maximum number of simultaneous
> client
> >>connections
> >># MinSpareThreads: minimum number of worker
> threads
> >>which are kept spare
> >># MaxSpareThreads: maximum number of worker
> threads
> >>which are kept spare
> >># ThreadsPerChild: constant number of worker
> threads
> >>in each server process
> >># MaxRequestsPerChild: maximum number of requests
> a
> >>server process serves
> >><IfModule worker.c>
> >>StartServers         2
> >>MaxClients         150
> >>MinSpareThreads     25
> >>MaxSpareThreads     75
> >>ThreadsPerChild     25 
> >>MaxRequestsPerChild  0
> >></IfModule>
> >>
> >>#
> >># Listen: Allows you to bind Apache to specific IP
> >>addresses and/or
> >># ports, in addition to the default. See also the
> >><VirtualHost>
> >># directive.
> >>#
> >># Change this to Listen on specific IP addresses
> as
> >>shown below to 
> >># prevent Apache from glomming onto all bound IP
> >>addresses (0.0.0.0)
> >>#
> >>#Listen 12.34.56.78:80
> >>Listen *:80
> >>
> >>
> >>#
> >># Dynamic Shared Object (DSO) Support
> >>#
> >># To be able to use the functionality of a module
> >>which was built as a DSO you
> >># have to place corresponding `LoadModule' lines
> at
> >>this location so the
> >># directives contained in it are actually
> available
> >>_before_ they are used.
> >># Statically compiled modules (those listed by
> >>`httpd -l') do not need
> >># to be loaded here.
> >>#
> >># Example:
> >># LoadModule foo_module modules/mod_foo.so
> >>#
> >>LoadModule access_module modules/mod_access.so
> >>LoadModule auth_module modules/mod_auth.so
> >>LoadModule auth_anon_module
> modules/mod_auth_anon.so
> >>LoadModule auth_dbm_module modules/mod_auth_dbm.so
> >>LoadModule auth_digest_module
> >>modules/mod_auth_digest.so
> >>LoadModule ldap_module modules/mod_ldap.so
> >>LoadModule auth_ldap_module
> modules/mod_auth_ldap.so
> >>LoadModule include_module modules/mod_include.so
> >>LoadModule log_config_module
> >>modules/mod_log_config.so
> >>LoadModule env_module modules/mod_env.so
> >>LoadModule mime_magic_module
> >>modules/mod_mime_magic.so
> >>LoadModule cern_meta_module
> modules/mod_cern_meta.so
> >>LoadModule expires_module modules/mod_expires.so
> >>LoadModule deflate_module modules/mod_deflate.so
> >>LoadModule headers_module modules/mod_headers.so
> >>LoadModule usertrack_module
> modules/mod_usertrack.so
> >>LoadModule unique_id_module
> modules/mod_unique_id.so
> >>LoadModule setenvif_module modules/mod_setenvif.so
> >>LoadModule mime_module modules/mod_mime.so
> >>LoadModule dav_module modules/mod_dav.so
> >>#Nina added these in for svn server
> >>#
> >>LoadModule dav_svn_module modules/mod_dav_svn.so
> >>LoadModule authz_svn_module
> modules/mod_authz_svn.so
> >>#
> >>LoadModule status_module modules/mod_status.so
> >>LoadModule autoindex_module
> modules/mod_autoindex.so
> >>LoadModule asis_module modules/mod_asis.so
> >>LoadModule info_module modules/mod_info.so
> >>LoadModule dav_fs_module modules/mod_dav_fs.so
> >>LoadModule vhost_alias_module
> >>modules/mod_vhost_alias.so
> >>LoadModule negotiation_module
> >>modules/mod_negotiation.so
> >>LoadModule dir_module modules/mod_dir.so
> >>LoadModule imap_module modules/mod_imap.so
> >>LoadModule actions_module modules/mod_actions.so
> >>LoadModule speling_module modules/mod_speling.so
> >>LoadModule userdir_module modules/mod_userdir.so
> >>LoadModule alias_module modules/mod_alias.so
> >>LoadModule rewrite_module modules/mod_rewrite.so
> >>LoadModule proxy_module modules/mod_proxy.so
> >>LoadModule proxy_ftp_module
> modules/mod_proxy_ftp.so
> >>LoadModule proxy_http_module
> >>modules/mod_proxy_http.so
> >>LoadModule proxy_connect_module
> >>modules/mod_proxy_connect.so
> >>LoadModule cache_module modules/mod_cache.so
> >>LoadModule suexec_module modules/mod_suexec.so
> >>LoadModule disk_cache_module
> >>modules/mod_disk_cache.so
> >>LoadModule file_cache_module
> >>modules/mod_file_cache.so
> >>LoadModule mem_cache_module
> modules/mod_mem_cache.so
> >>LoadModule cgi_module modules/mod_cgi.so
> >>
> >>#
> >># Load config files from the config directory
> >>"/etc/httpd/conf.d".
> >>#
> >>Include conf.d/*.conf
> >>
> >>#
> >># ExtendedStatus controls whether Apache will
> >>generate "full" status
> >># information (ExtendedStatus On) or just basic
> >>information (ExtendedStatus
> >># Off) when the "server-status" handler is called.
> >>The default is Off.
> >>#
> >>#ExtendedStatus On
> >>
> >>### Section 2: 'Main' server configuration
> >>#
> >># The directives in this section set up the values
> >>used by the 'main'
> >># server, which responds to any requests that
> aren't
> >>handled by a
> >># <VirtualHost> definition.  These values also
> >>provide defaults for
> >># any <VirtualHost> containers you may define
> later
> >>in the file.
> >>#
> >># All of these directives may appear inside
> >><VirtualHost> containers,
> >># in which case these default settings will be
> >>overridden for the
> >># virtual host being defined.
> >>#
> >>
> >>#
> >># If you wish httpd to run as a different user or
> >>group, you must run
> >># httpd as root initially and it will switch.  
> >>#
> >># User/Group: The name (or #number) of the
> >>user/group to run httpd as.
> >>#  . On SCO (ODT 3) use "User nouser" and "Group
> >>nogroup".
> >>#  . On HPUX you may not be able to use shared
> >>memory as nobody, and the
> >>#    suggested workaround is to create a user www
> >>and use that user.
> >>#  NOTE that some kernels refuse to setgid(Group)
> or
> >>semctl(IPC_SET)
> >>#  when the value of (unsigned)Group is above
> 60000;
> >>
> >>#  don't use Group #-1 on these systems!
> >>#
> >>User apache
> >>Group apache
> >>
> >>#
> >># ServerAdmin: Your address, where problems with
> the
> >>server should be
> >># e-mailed.  This address appears on some
> >>server-generated pages, such
> >># as error documents.  e.g. admin@your-domain.com
> >>#
> >>ServerAdmin root@gibbons.com
> >>
> >>#
> >># ServerName gives the name and port that the
> server
> >>uses to identify itself.
> >># This can often be determined automatically, but
> we
> >>recommend you specify
> >># it explicitly to prevent problems during
> startup.
> >>#
> >># If this is not set to valid DNS name for your
> >>host, server-generated
> >># redirections will not work.  See also the
> >>UseCanonicalName directive.
> >>#
> >># If your host doesn't have a registered DNS name,
> >>enter its IP address here.
> >># You will have to access it by its address
> anyway,
> >>and this will make 
> >># redirections work in a sensible way.
> >>#
> >>ServerName gibbons.com:80
> >>
> >>#
> >># UseCanonicalName: Determines how Apache
> constructs
> >>self-referencing 
> >># URLs and the SERVER_NAME and SERVER_PORT
> >>variables.
> >># When set "Off", Apache will use the Hostname and
> >>Port supplied
> >># by the client.  When set "On", Apache will use
> the
> >>value of the
> >># ServerName directive.
> >>#
> >>UseCanonicalName on
> >>
> >>#
> >># DocumentRoot: The directory out of which you
> will
> >>serve your
> >># documents. By default, all requests are taken
> from
> >>this directory, but
> >># symbolic links and aliases may be used to point
> to
> >>other locations.
> >>#
> >>DocumentRoot "/var/www/html"
> >>
> >># 
> >># Disable autoindex for the root directory, and
> >>present a
> >># default Welcome page if no other index page is
> >>present.
> >>#
> >><LocationMatch "^/$">
> >>    Options -Indexes
> >>    ErrorDocument 403 /error/noindex.html
> >></LocationMatch>
> >>
> >>#
> >># UserDir: The name of the directory that is
> >>appended onto a user's home
> >># directory if a ~user request is received.
> >>#
> >># The path to the end user account 'public_html'
> >>directory must be
> >># accessible to the webserver userid.  This
> usually
> >>means that ~userid
> >># must have permissions of 711,
> ~userid/public_html
> >>must have permissions
> >># of 755, and documents contained therein must be
> >>world-readable.
> >># Otherwise, the client will only receive a "403
> >>Forbidden" message.
> >>#
> >># See also:
>
>>http://httpd.apache.org/docs/misc/FAQ.html#forbidden
> >>#
> >><IfModule mod_userdir.c>
> >>    #
> >>    # UserDir is disabled by default since it can
> >>confirm the presence
> >>    # of a username on the system (depending on
> home
> >>directory
> >>    # permissions).
> >>    #
> >>    UserDir "disable"
> >>
> >>    #
> >>    # To enable requests to /~user/ to serve the
> >>user's public_html
> >>    # directory, use this directive instead of
> >>"UserDir disable":
> >>    # 
> >>    #UserDir public_html
> >>
> >></IfModule>
> >>
> >>#
> >># DirectoryIndex: sets the file that Apache will
> >>serve if a directory
> >># is requested.
> >>#
> >># The index.html.var file (a type-map) is used to
> >>deliver content-
> >># negotiated documents.  The MultiViews Option can
> >>be used for the 
> >># same purpose, but it is much slower.
> >>#
> >>DirectoryIndex 
> >>
> >>#
> >># AccessFileName: The name of the file to look for
> >>in each directory
> >># for access control information.  See also the
> >>AllowOverride directive.
> >>#
> >>AccessFileName .htaccess
> >>
> >>#
> >># The following lines prevent .htaccess and
> >>.htpasswd files from being 
> >># viewed by Web clients. 
> >>#
> >><Files ~ "^\.ht">
> >>    Order allow,deny
> >>    Deny from all
> >></Files>
> >>
> >>#
> >># TypesConfig describes where the mime.types file
> >>(or equivalent) is
> >># to be found.
> >>#
> >>TypesConfig "/etc/mime.types"
> >>
> >>#
> >># DefaultType is the default MIME type the server
> >>will use for a document
> >># if it cannot otherwise determine one, such as
> from
> >>filename extensions.
> >># If your server contains mostly text or HTML
> >>documents, "text/plain" is
> >># a good value.  If most of your content is
> binary,
> >>such as applications
> >># or images, you may want to use
> >>"application/octet-stream" instead to
> >># keep browsers from trying to display binary
> files
> >>as though they are
> >># text.
> >>#
> >>DefaultType text/plain
> >>
> >>#
> >># The mod_mime_magic module allows the server to
> use
> >>various hints from the
> >># contents of the file itself to determine its
> type.
> >> The MIMEMagicFile
> >># directive tells the module where the hint
> >>definitions are located.
> >>#
> >><IfModule mod_mime_magic.c>
> >>#   MIMEMagicFile /usr/share/magic.mime
> >>    MIMEMagicFile conf/magic
> >></IfModule>
> >>
> >>#
> >># HostnameLookups: Log the names of clients or
> just
> >>their IP addresses
> >># e.g., www.apache.org (on) or 204.62.129.132
> (off).
> >># The default is off because it'd be overall
> better
> >>for the net if people
> >># had to knowingly turn this feature on, since
> >>enabling it means that
> >># each client request will result in AT LEAST one
> >>lookup request to the
> >># nameserver.
> >>#
> >>HostNameLookups Off
> >>
> >>#
> >># EnableMMAP: Control whether memory-mapping is
> used
> >>to deliver
> >># files (assuming that the underlying OS supports
> >>it).
> >># The default is on; turn this off if you serve
> from
> >>NFS-mounted 
> >># filesystems.  On some systems, turning it off
> >>(regardless of
> >># filesystem) can improve performance; for
> details,
> >>please see
> >>#
> >>
> >>    
> >>
>
>http://httpd.apache.org/docs-2.0/mod/core.html#enablemmap
> >  
> >
> >>#
> >>#EnableMMAP off
> >>
> >>#
> >># EnableSendfile: Control whether the sendfile
> >>kernel support is 
> >># used to deliver files (assuming that the OS
> >>supports it). 
> >># The default is on; turn this off if you serve
> from
> >>NFS-mounted 
> >># filesystems.  Please see
> >>#
> >>
> >>    
> >>
>
>http://httpd.apache.org/docs-2.0/mod/core.html#enablesendfile
> >  
> >
> >>#
> >>#EnableSendfile off
> >>
> >>#
> >># ErrorLog: The location of the error log file.
> >># If you do not specify an ErrorLog directive
> within
> >>a <VirtualHost>
> >># container, error messages relating to that
> virtual
> >>host will be
> >># logged here.  If you *do* define an error
> logfile
> >>for a <VirtualHost>
> >># container, that host's errors will be logged
> there
> >>and not here.
> >>#
> >>ErrorLog "/var/log/httpd/error_log"
> >>
> >>#
> >># LogLevel: Control the number of messages logged
> to
> >>the error_log.
> >># Possible values include: debug, info, notice,
> >>warn, error, crit,
> >># alert, emerg.
> >>#
> >>LogLevel warn
> >>
> >>#
> >># The following directives define some format
> >>nicknames for use with
> >># a CustomLog directive (see below).
> >>#
> >>LogFormat "%h %l %u %t \"%r\" %>s %b
> \"%{Referer}i\"
> >>\"%{User-Agent}i\"" combined
> >>LogFormat "%h %l %u %t \"%r\" %>s %b" common
> >>LogFormat "%{Referer}i -> %U" referer
> >>LogFormat "%{User-agent}i" agent
> >>
> >>
> >>#
> >># The location and format of the access logfile
> >>(Common Logfile Format).
> >># If you do not define any access logfiles within
> a
> >><VirtualHost>
> >># container, they will be logged here. 
> >>Contrariwise, if you *do*
> >># define per-<VirtualHost> access logfiles,
> >>transactions will be
> >># logged therein and *not* in this file.
> >>#
> >># CustomLog logs/access_log common
> >>CustomLog logs/access_log combined
> >>
> >>#
> >># If you would like to have agent and referer
> >>logfiles, uncomment the
> >># following directives.
> >>#
> >>#CustomLog logs/referer_log referer
> >>#CustomLog logs/agent_log agent
> >>
> >>#
> >># If you prefer a single logfile with access,
> agent,
> >>and referer information
> >># (Combined Logfile Format) you can use the
> >>following directive.
> >>#
> >>#CustomLog logs/access_log combined
> >>
> >>#
> >># Optionally add a line containing the server
> >>version and virtual host
> >># name to server-generated pages (error documents,
> >>FTP directory listings,
> >># mod_status and mod_info output etc., but not CGI
> >>generated documents).
> >># Set to "EMail" to also include a mailto: link to
> >>the ServerAdmin.
> >># Set to one of:  On | Off | EMail
> >>#
> >>ServerSignature on
> >>
> >>#
> >># Aliases: Add here as many aliases as you need
> >>(with no limit). The format is 
> >># Alias fakename realname
> >>#
> >># Note that if you include a trailing / on
> fakename
> >>then the server will
> >># require it to be present in the URL.  So
> "/icons"
> >>isn't aliased in this
> >># example, only "/icons/".  If the fakename is
> >>slash-terminated, then the 
> >># realname must also be slash terminated, and if
> the
> >>fakename omits the 
> >># trailing slash, the realname must also omit it.
> >>#
> >># We include the /icons/ alias for FancyIndexed
> >>directory listings.  If you
> >># do not use FancyIndexing, you may comment this
> >>out.
> >>#
> >>Alias /icons/ "/var/www/icons/"
> >>
> >>#
> >># This should be changed to the
> ServerRoot/manual/. 
> >>The alias provides
> >># the manual, even if you choose to move your
> >>DocumentRoot.  You may comment
> >># this out if you do not care for the
> documentation.
> >>#
> >>Alias /manual "/var/www/manual"
> >>
> >><IfModule mod_dav_fs.c>
> >>    # Location of the WebDAV lock database.
> >>    DAVLockDB /var/lib/dav/lockdb
> >></IfModule>
> >>
> >>#
> >># ScriptAlias: This controls which directories
> >>contain server scripts.
> >># ScriptAliases are essentially the same as
> Aliases,
> >>except that
> >># documents in the realname directory are treated
> as
> >>applications and
> >># run by the server when requested rather than as
> >>documents sent to the client.
> >># The same rules about trailing "/" apply to
> >>ScriptAlias directives as to
> >># Alias.
> >>#
> >>ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
> >>
> >><IfModule mod_cgid.c>
> >>#
> >># Additional to mod_cgid.c settings, mod_cgid has
> >>Scriptsock <path>
> >># for setting UNIX socket for communicating with
> >>cgid.
> >>#
> >>#Scriptsock            logs/cgisock
> >></IfModule>
> >>
> >>#Nina added
> >>
> >>    
> >>
>
>######################################################################
> >  
> >
> >>#<IfModule mod_ssl.c>
> >>#Include conf.d/ssl.conf
> >>#</IfModule>
> >>
> >>    
> >>
>
>######################################################################
> >  
> >
> >>#
> >># Redirect allows you to tell clients about
> >>documents which used to exist in
> >># your server's namespace, but do not anymore.
> This
> >>allows you to tell the
> >># clients where to look for the relocated
> document.
> >># Example:
> >># Redirect permanent /foo
> http://www.example.com/bar
> >>
> >>#
> >># Directives controlling the display of
> >>server-generated directory listings.
> >>#
> >>
> >>#
> >># FancyIndexing is whether you want fancy
> directory
> >>indexing or standard.
> >># VersionSort is whether files containing version
> >>numbers should be 
> >># compared in the natural way, so that
> >>`apache-1.3.9.tar' is placed before
> >># `apache-1.3.12.tar'.
> >>#
> >>IndexOptions FancyIndexing VersionSort NameWidth=*
> >>
> >>#
> >># AddIcon* directives tell the server which icon
> to
> >>show for different
> >># files or filename extensions.  These are only
> >>displayed for
> >># FancyIndexed directories.
> >>#
> >>AddIconByEncoding (CMP,/icons/compressed.gif)
> >>x-compress x-gzip
> >>
> >>AddIconByType (TXT,/icons/text.gif) text/*
> >>AddIconByType (IMG,/icons/image2.gif) image/*
> >>AddIconByType (SND,/icons/sound2.gif) audio/*
> >>AddIconByType (VID,/icons/movie.gif) video/*
> >>
> >>AddIcon /icons/binary.gif .bin .exe
> >>AddIcon /icons/binhex.gif .hqx
> >>AddIcon /icons/tar.gif .tar
> >>AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm
> >>.iv
> >>AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
> >>AddIcon /icons/a.gif .ps .ai .eps
> >>AddIcon /icons/layout.gif .html .shtml .htm .pdf
> >>AddIcon /icons/text.gif .txt
> >>AddIcon /icons/c.gif .c
> >>AddIcon /icons/p.gif .pl .py
> >>AddIcon /icons/f.gif .for
> >>AddIcon /icons/dvi.gif .dvi
> >>AddIcon /icons/uuencoded.gif .uu
> >>AddIcon /icons/script.gif .conf .sh .shar .csh
> .ksh
> >>.tcl
> >>AddIcon /icons/tex.gif .tex
> >>AddIcon /icons/bomb.gif core
> >>
> >>AddIcon /icons/back.gif ..
> >>AddIcon /icons/hand.right.gif README
> >>AddIcon /icons/folder.gif ^^DIRECTORY^^
> >>AddIcon /icons/blank.gif ^^BLANKICON^^
> >>
> >>#
> >># DefaultIcon is which icon to show for files
> which
> >>do not have an icon
> >># explicitly set.
> >>#
> >>DefaultIcon /icons/unknown.gif
> >>
> >>#
> >># AddDescription allows you to place a short
> >>description after a file in
> >># server-generated indexes.  These are only
> >>displayed for FancyIndexed
> >># directories.
> >># Format: AddDescription "description" filename
> >>#
> >>#AddDescription "GZIP compressed document" .gz
> >>#AddDescription "tar archive" .tar
> >>#AddDescription "GZIP compressed tar archive" .tgz
> >>
> >>#
> >># ReadmeName is the name of the README file the
> >>server will look for by
> >># default, and append to directory listings.
> >>#
> >># HeaderName is the name of a file which should be
> >>prepended to
> >># directory indexes. 
> >>ReadmeName README.html
> >>HeaderName HEADER.html
> >>
> >>#
> >># IndexIgnore is a set of filenames which
> directory
> >>indexing should ignore
> >># and not include in the listing.  Shell-style
> >>wildcarding is permitted.
> >>#
> >>IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v
> >>*,t
> >>
> >>#
> >># AddEncoding allows you to have certain browsers
> >>(Mosaic/X 2.1+) uncompress
> >># information on the fly. Note: Not all browsers
> >>support this.
> >># Despite the name similarity, the following Add*
> >>directives have nothing
> >># to do with the FancyIndexing customization
> >>directives above.
> >>#
> >>AddEncoding x-compress Z
> >>AddEncoding x-gzip gz tgz
> >>
> >>#
> >># DefaultLanguage and AddLanguage allows you to
> >>specify the language of 
> >># a document. You can then use content negotiation
> >>to give a browser a 
> >># file in a language the user can understand.
> >>#
> >># Specify a default language. This means that all
> >>data
> >># going out without a specific language tag (see
> >>below) will 
> >># be marked with this one. You probably do NOT
> want
> >>to set
> >># this unless you are sure it is correct for all
> >>cases.
> >>#
> >># * It is generally better to not mark a page as 
> >># * being a certain language than marking it with
> >>the wrong
> >># * language!
> >>#
> >># DefaultLanguage nl
> >>#
> >># Note 1: The suffix does not have to be the same
> as
> >>the language
> >># keyword --- those with documents in Polish
> (whose
> >>net-standard
> >># language code is pl) may wish to use
> "AddLanguage
> >>pl .po" to
> >># avoid the ambiguity with the common suffix for
> >>perl scripts.
> >>#
> >># Note 2: The example entries below illustrate
> that
> >>in some cases 
> >># the two character 'Language' abbreviation is not
> >>identical to 
> >># the two character 'Country' code for its
> country,
> >># E.g. 'Danmark/dk' versus 'Danish/da'.
> >>#
> >># Note 3: In the case of 'ltz' we violate the RFC
> by
> >>using a three char
> >># specifier. There is 'work in progress' to fix
> this
> >>and get
> >># the reference data for rfc1766 cleaned up.
> >>#
> >># Danish (da) - Dutch (nl) - English (en) -
> Estonian
> >>(et)
> >># French (fr) - German (de) - Greek-Modern (el)
> >># Italian (it) - Norwegian (no) - Norwegian
> Nynorsk
> >>(nn) - Korean (kr) 
> >># Portugese (pt) - Luxembourgeois* (ltz)
> >># Spanish (es) - Swedish (sv) - Catalan (ca) -
> >>Czech(cz)
> >># Polish (pl) - Brazilian Portuguese (pt-br) -
> >>Japanese (ja)
> >># Russian (ru) - Croatian (hr)
> >>#
> >>AddLanguage da .dk
> >>AddLanguage nl .nl
> >>AddLanguage en .en
> >>AddLanguage et .et
> >>AddLanguage fr .fr
> >>AddLanguage de .de
> >>AddLanguage he .he
> >>AddLanguage el .el
> >>AddLanguage it .it
> >>AddLanguage ja .ja
> >>AddLanguage pl .po
> >>AddLanguage kr .kr
> >>AddLanguage pt .pt
> >>AddLanguage nn .nn
> >>AddLanguage no .no
> >>AddLanguage pt-br .pt-br
> >>AddLanguage ltz .ltz
> >>AddLanguage ca .ca
> >>AddLanguage es .es
> >>AddLanguage sv .se
> >>AddLanguage cz .cz
> >>AddLanguage ru .ru
> >>AddLanguage tw .tw
> >>AddLanguage zh-tw .tw
> >>AddLanguage hr .hr
> >>
> >>#
> >># LanguagePriority allows you to give precedence
> to
> >>some languages
> >># in case of a tie during content negotiation.
> >>#
> >># Just list the languages in decreasing order of
> >>preference. We have
> >># more or less alphabetized them here. You
> probably
> >>want to change this.
> >>#
> >>LanguagePriority en da nl et fr de el it ja kr no
> pl
> >>pt pt-br ltz ca es sv tw
> >>
> >>#
> >># ForceLanguagePriority allows you to serve a
> result
> >>page rather than
> >># MULTIPLE CHOICES (Prefer) [in case of a tie] or
> >>NOT ACCEPTABLE (Fallback)
> >># [in case no accepted languages matched the
> >>available variants]
> >>#
> >>ForceLanguagePriority Prefer Fallback
> >>
> >>#
> >># Specify a default charset for all pages sent
> out.
> >>This is
> >># always a good idea and opens the door for future
> >>internationalisation
> >># of your web site, should you ever want it.
> >>Specifying it as
> >># a default does little harm; as the standard
> >>dictates that a page
> >># is in iso-8859-1 (latin1) unless specified
> >>otherwise i.e. you
> >># are merely stating the obvious. There are also
> >>some security
> >># reasons in browsers, related to javascript and
> URL
> >>parsing
> >># which encourage you to always set a default char
> >>set.
> >>#
> >>AddDefaultCharset ISO-8859-1
> >>
> >>#
> >># Commonly used filename extensions to character
> >>sets. You probably
> >># want to avoid clashes with the language
> >>extensions, unless you
> >># are good at carefully testing your setup after
> >>each change.
> >># See
> >>
> >>    
> >>
>
>ftp://ftp.isi.edu/in-notes/iana/assignments/character-sets
> >  
> >
> >>for
> >># the official list of charset names and their
> >>respective RFCs
> >>#
> >>AddCharset ISO-8859-1  .iso8859-1  .latin1
> >>AddCharset ISO-8859-2  .iso8859-2  .latin2 .cen
> >>AddCharset ISO-8859-3  .iso8859-3  .latin3
> >>AddCharset ISO-8859-4  .iso8859-4  .latin4
> >>AddCharset ISO-8859-5  .iso8859-5  .latin5 .cyr
> >>.iso-ru
> >>AddCharset ISO-8859-6  .iso8859-6  .latin6 .arb
> >>AddCharset ISO-8859-7  .iso8859-7  .latin7 .grk
> >>AddCharset ISO-8859-8  .iso8859-8  .latin8 .heb
> >>AddCharset ISO-8859-9  .iso8859-9  .latin9 .trk
> >>AddCharset ISO-2022-JP .iso2022-jp .jis
> >>AddCharset ISO-2022-KR .iso2022-kr .kis
> >>AddCharset ISO-2022-CN .iso2022-cn .cis
> >>AddCharset Big5        .Big5       .big5
> >># For russian, more than one charset is used
> >>(depends on client, mostly):
> >>AddCharset WINDOWS-1251 .cp-1251   .win-1251
> >>AddCharset CP866       .cp866
> >>AddCharset KOI8-r      .koi8-r .koi8-ru
> >>AddCharset KOI8-ru     .koi8-uk .ua
> >>AddCharset ISO-10646-UCS-2 .ucs2
> >>AddCharset ISO-10646-UCS-4 .ucs4
> >>AddCharset UTF-8       .utf8
> >>
> >># The set below does not map to a specific (iso)
> >>standard
> >># but works on a fairly wide range of browsers.
> Note
> >>that
> >># capitalization actually matters (it should not,
> >>but it
> >># does for some browsers).
> >>#
> >># See
> >>
> >>    
> >>
>
>ftp://ftp.isi.edu/in-notes/iana/assignments/character-sets
> >  
> >
> >># for a list of sorts. But browsers support few.
> >>#
> >>AddCharset GB2312      .gb2312 .gb
> >>AddCharset utf-7       .utf7
> >>AddCharset utf-8       .utf8
> >>AddCharset big5        .big5 .b5
> >>AddCharset EUC-TW      .euc-tw
> >>AddCharset EUC-JP      .euc-jp
> >>AddCharset EUC-KR      .euc-kr
> >>AddCharset shift_jis   .sjis
> >>
> >>#
> >># AddType allows you to add to or override the
> MIME
> >>configuration
> >># file mime.types for specific file types.
> >>#
> >>AddType application/x-tar .tgz
> >>#Nina added this line
> >>AddType text/html .shtml
> >>
> >>#
> >># AddHandler allows you to map certain file
> >>extensions to "handlers":
> >># actions unrelated to filetype. These can be
> either
> >>built into the server
> >># or added with the Action directive (see below)
> >>#
> >># To use CGI scripts outside of ScriptAliased
> >>directories:
> >># (You will also need to add "ExecCGI" to the
> >>"Options" directive.)
> >>#
> >>#AddHandler cgi-script .cgi
> >>
> >>#
> >># For files that include their own HTTP headers:
> >>#
> >>#AddHandler send-as-is asis
> >>
> >>#
> >># For server-parsed imagemap files:
> >>#
> >>AddHandler imap-file map
> >>
> >>#
> >># For type maps (negotiated resources):
> >># (This is enabled by default to allow the Apache
> >>"It Worked" page
> >>#  to be distributed in multiple languages.)
> >>#
> >>AddHandler type-map var
> >>
> >># Filters allow you to process content before it
> is
> >>sent to the client.
> >>#
> >># To parse .shtml files for server-side includes
> >>(SSI):
> >># (You will also need to add "Includes" to the
> >>"Options" directive.)
> >>#
> >>AddOutputFilter INCLUDES .shtml
> >>
> >>#
> >># Action lets you define media types that will
> >>execute a script whenever
> >># a matching file is called. This eliminates the
> >>need for repeated URL
> >># pathnames for oft-used CGI file processors.
> >># Format: Action media/type /cgi-script/location
> >># Format: Action handler-name /cgi-script/location
> >>#
> >>
> >>#
> >># Customizable error responses come in three
> >>flavors:
> >># 1) plain text 2) local redirects 3) external
> >>redirects
> >>#
> >># Some examples:
> >>#ErrorDocument 500 "The server made a boo boo."
> >>#ErrorDocument 404 /missing.html
> >>#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
> >>#ErrorDocument 402
> >>http://www.example.com/subscription_info.html
> >>#
> >>
> >>
> >>Alias /error/ "/var/www/error/"
> >>
> >>#
> >># The following directives modify normal HTTP
> >>response behavior to
> >># handle known problems with browser
> >>implementations.
> >>#
> >>BrowserMatch "Mozilla/2" nokeepalive
> >>BrowserMatch "MSIE 4\.0b2;" nokeepalive
> >>downgrade-1.0 force-response-1.0
> >>BrowserMatch "RealPlayer 4\.0" force-response-1.0
> >>BrowserMatch "Java/1\.0" force-response-1.0
> >>BrowserMatch "JDK/1\.0" force-response-1.0
> >>
> >>#
> >># The following directive disables redirects on
> >>non-GET requests for
> >># a directory that does not include the trailing
> >>slash.  This fixes a 
> >># problem with Microsoft WebFolders which does not
> >>appropriately handle 
> >># redirects for folders with DAV methods.
> >>#
> >>BrowserMatch "Microsoft Data Access Internet
> >>Publishing Provider" redirect-carefully
> >>BrowserMatch "^WebDrive" redirect-carefully
> >>BrowserMatch "^WebDAVFS/1.[012]"
> redirect-carefully
> >>BrowserMatch "^gnome-vfs" redirect-carefully
> >>
> >>#
> >># Allow server status reports, with the URL of
> >>http://servername/server-status
> >># Change the ".your-domain.com" to match your
> domain
> >>to enable.
> >>#
> >>#<Location /server-status>
> >>#    SetHandler server-status
> >>#    Order deny,allow
> >>#    Deny from all
> >>#    Allow from .your-domain.com
> >>#</Location>
> >>
> >>#
> >># Allow remote server configuration reports, with
> >>the URL of
> >>#  http://servername/server-info (requires that
> >>mod_info.c be loaded).
> >># Change the ".your-domain.com" to match your
> domain
> >>to enable.
> >>#
> >>#<Location /server-info>
> >>#    SetHandler server-info
> >>#    Order deny,allow
> >>#    Deny from all
> >>#    Allow from .your-domain.com
> >>#</Location>
> >>
> >># Nina added this in for svn server
> >># Repository location
> >><Location /svn1>
> >>	DAV svn
> >>	SVNParentPath /svn1
> >>	
> >>	# access control policy
> >>	AuthzSVNAccessFile /etc/svn-access-file
> >>	# how to authenticate a user
> >>	AuthType Basic
> >>	AuthName "Subversion repository"
> >>	AuthUserFile /etc/svn-auth-file
> >>	
> >>	# only authenticated users may access the
> >>repository
> >>	Require valid-user
> >></Location>
> >>
> >># Proxy Server directives. Uncomment the following
> >>lines to
> >># enable the proxy server:
> >>#
> >>#<IfModule mod_proxy.c>
> >>#ProxyRequests On
> >>#
> >>#<Proxy *>
> >>#    Order deny,allow
> >>#    Deny from all
> >>#    Allow from .your-domain.com
> >>#</Proxy>
> >>
> >>#
> >># Enable/disable the handling of HTTP/1.1 "Via:"
> >>headers.
> >># ("Full" adds the server version; "Block" removes
> >>all outgoing Via: headers)
> >># Set to one of: Off | On | Full | Block
> >>#
> >>#ProxyVia On
> >>
> >>#
> >># To enable the cache as well, edit and uncomment
> >>the following lines:
> >># (no cacheing without CacheRoot)
> >>#
> >>#CacheRoot "/etc/httpd/proxy"
> >>#CacheSize 5
> >>#CacheGcInterval 4
> >>#CacheMaxExpire 24
> >>#CacheLastModifiedFactor 0.1
> >>#CacheDefaultExpire 1
> >>#NoCache a-domain.com another-domain.edu
> >>joes.garage-sale.com
> >>
> >>#</IfModule>
> >># End of proxy directives.
> >>
> >>### Section 3: Virtual Hosts
> >>#
> >># VirtualHost: If you want to maintain multiple
> >>domains/hostnames on your
> >># machine you can setup VirtualHost containers for
> >>them. Most configurations
> >># use only name-based virtual hosts so the server
> >>doesn't need to worry about
> >># IP addresses. This is indicated by the asterisks
> >>in the directives below.
> >>#
> >># Please see the documentation at 
> >># <URL:http://httpd.apache.org/docs-2.0/vhosts/>
> >># for further details before you try to setup
> >>virtual hosts.
> >>#
> >># You may use the command line option '-S' to
> verify
> >>your virtual host
> >># configuration.
> >>
> >>#
> >># Use name-based virtual hosting.
> >>#
> >>
> >>
> >># Where do we put the lock and pif files?
> >>LockFile "/var/lock/httpd.lock"
> >>CoreDumpDirectory "/etc/httpd"
> >>
> >># Defaults for virtual hosts
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >># Logs
> >>
> >>
> >>
> >>      
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>          
> >>            
> >>            
> >>            
> >>          
> >>        
> >>          
> >>        
> >>       
> >>#
> >># Virtual hosts
> >>#
> >>
> >># Virtual host Default Virtual Host
> >><VirtualHost *>
> >> 	
> >> 	
> >> 	
> >> 	
> >>	
> >>
> >> 	
> >> 	
> >>	DirectoryIndex index.php index.html index.htm
> >>index.shtml 
> >>	
> >>	
> >>
> >> 	
> >> 	
> >> 	
> >> 	LogLevel debug
> >> 	HostNameLookups off
> >>	
> >>	
> >>	
> >>
> >></VirtualHost>
> >>
> >>
> >>      
> >>#
> >># Each directory to which Apache has access can be
> >>configured with respect
> >># to which services and features are allowed
> and/or
> >>disabled in that
> >># directory (and its subdirectories). 
> >>#
> >># Note that from this point forward you must
> >>specifically allow
> >># particular features to be enabled - so if
> >>something's not working as
> >># you might expect, make sure that you have
> >>specifically enabled it
> >># below.
> >>#
> >>
> >><Directory "/">
> >>        Options FollowSymLinks
> >>        
> >>        AllowOverride None
> >>        
> >>        
> >>        
> >></Directory>
> >>
> >><Directory "/var/www/html">
> >>        Options Indexes Includes FollowSymLinks 
> >>        
> >>        AllowOverride None
> >>        Allow from all
> >>
> >>        
> >>        Order allow,deny
> >></Directory>
> >>
> >><Directory "/var/www/icons">
> >>        Options Indexes MultiViews
> >>        
> >>        AllowOverride None
> >>        Allow from all
> >>
> >>        
> >>        Order allow,deny
> >></Directory>
> >>
> >><Directory "/var/www/cgi-bin">
> >>        Options ExecCGI
> >>        
> >>        AllowOverride None
> >>        Allow from all
> >>
> >>        
> >>        Order allow,deny
> >></Directory>
> >>
> >>
> >>      
> >>    
> >>  
> >>
> >>    
> >>
>
>---------------------------------------------------------------------
> >  
> >
> >>The official User-To-User support forum of the
> >>Apache HTTP Server Project.
> >>See <URL:http://httpd.apache.org/userslist.html>
> for
> >>more info.
> >>To unsubscribe, e-mail:
> >>users-unsubscribe@httpd.apache.org
> >>   "   from the digest:
> >>users-digest-unsubscribe@httpd.apache.org
> >>For additional commands, e-mail:
> >>    
> >>
> >users-help@httpd.apache.org
> >
> >
> >
> >		
> >__________________________________
> >Do you Yahoo!?
> >Yahoo! Mail Address AutoComplete - You start. We
> finish.
> >http://promotions.yahoo.com/new_mail 
> >
>
>---------------------------------------------------------------------
> >The official User-To-User support forum of the
> Apache HTTP Server Project.
> >See <URL:http://httpd.apache.org/userslist.html>
> for more info.
> >To unsubscribe, e-mail:
> users-unsubscribe@httpd.apache.org
> >   "   from the digest:
> users-digest-unsubscribe@httpd.apache.org
> >For additional commands, e-mail:
> users-help@httpd.apache.org
> >
> >  
> >
> > #
> # This is the Apache server configuration file
> providing SSL support.
> # It contains the configuration directives to
> instruct the server how to
> # serve pages over an https connection. For
> detailing information about these 
> # directives see
>
<URL:http://httpd.apache.org/docs-2.0/mod/mod_ssl.html>
> # 
> # Do NOT simply read the instructions in here
> without understanding
> # what they do.  They're here only as hints or
> reminders.  If you are unsure
> # consult the online docs. You have been warned.  
> #
> 
> LoadModule ssl_module modules/mod_ssl.so
> 
> #   Until documentation is completed, please check
> http://www.modssl.org/
> #   for additional config examples and module
> docmentation.  Directives
> #   and features of mod_ssl are largely unchanged
> from the mod_ssl project
> #   for Apache 1.3.
> 
> #
> # When we also provide SSL we have to listen to the 
> # standard HTTP port (see above) and to the HTTPS
> port
> #
> #Nina commented this line out
> #Listen 4443
> 
> ##
> ##  SSL Global Context
> ##
> ##  All SSL configuration in this context applies
> both to
> ##  the main server and all SSL-enabled virtual
> hosts.
> ##
> 
> #
> #   Some MIME-types for downloading Certificates and
> CRLs
> #
> AddType application/x-x509-ca-cert .crt
> AddType application/x-pkcs7-crl    .crl
> 
> #   Pass Phrase Dialog:
> #   Configure the pass phrase gathering process.
> #   The filtering dialog program (`builtin' is a
> internal
> #   terminal dialog) has to provide the pass phrase
> on stdout.
> SSLPassPhraseDialog  builtin
> 
> #   Inter-Process Session Cache:
> #   Configure the SSL Session Cache: First the
> mechanism 
> #   to use and second the expiring timeout (in
> seconds).
> #SSLSessionCache        none
> #SSLSessionCache       
> dbm:/var/cache/mod_ssl/scache(512000)
> #SSLSessionCache       
> dc:UNIX/var/cache/mod_ssl/distcache
> SSLSessionCache        
> shmcb:/var/cache/mod_ssl/scache(512000)
> SSLSessionCacheTimeout  300
> 
> #   Semaphore:
> #   Configure the path to the mutual exclusion
> semaphore the
> #   SSL engine uses internally for inter-process
> synchronization. 
> SSLMutex default
> 
> #   Pseudo Random Number Generator (PRNG):
> #   Configure one or more sources to seed the PRNG
> of the 
> #   SSL library. The seed data should be of good
> random quality.
> #   WARNING! On some platforms /dev/random blocks if
> not enough entropy
> #   is available. This means you then cannot use the
> /dev/random device
> #   because it would lead to very long connection
> times (as long as
> #   it requires to make more entropy available). But
> usually those
> #   platforms additionally provide a /dev/urandom
> device which doesn't
> #   block. So, if available, use this one instead.
> Read the mod_ssl User
> #   Manual for more details.
> SSLRandomSeed startup file:/dev/urandom  256
> SSLRandomSeed connect builtin
> #SSLRandomSeed startup file:/dev/random  512
> #SSLRandomSeed connect file:/dev/random  512
> #SSLRandomSeed connect file:/dev/urandom 512
> 
> #
> # Use "SSLCryptoDevice" to enable any supported
> hardware
> # accelerators. Use "openssl engine -v" to list
> supported
> # engine names.  NOTE: If you enable an accelerator
> and the
> # server does not start, consult the error logs and
> ensure
> # your accelerator is functioning properly. 
> #
> SSLCryptoDevice builtin
> #SSLCryptoDevice ubsec
> 
> ##
> ## SSL Virtual Host Context
> ##
> 
> NameVirtualHost 66.80.7.162:4443
> 
> #<VirtualHost _default_:4443>
> <VirtualHost 66.80.7.162:4443>
> 
> # General setup for the virtual host, inherited from
> global configuration
> DocumentRoot "/var/www/html"
> ServerName gibbons.com
> 
> # Use separate log files for the SSL virtual host;
> note that LogLevel
> # is not inherited from httpd.conf.
> ErrorLog logs/ssl_error_log
> TransferLog logs/ssl_access_log
> LogLevel warn
> 
> #   SSL Engine Switch:
> #   Enable/Disable SSL for this virtual host.
> SSLEngine on
> 
> #   SSL Cipher Suite:
> #   List the ciphers that the client is permitted to
> negotiate.
> #   See the mod_ssl documentation for a complete
> list.
> SSLCipherSuite
>
ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
> 
> #   Server Certificate:
> #   Point SSLCertificateFile at a PEM encoded
> certificate.  If
> #   the certificate is encrypted, then you will be
> prompted for a
> #   pass phrase.  Note that a kill -HUP will prompt
> again. A test
> #   certificate can be generated with `make
> certificate' under
> #   built time. Keep in mind that if you've both a
> RSA and a DSA
> #   certificate you can configure both in parallel
> (to also allow
> #   the use of DSA ciphers, etc.)
> SSLCertificateFile
> /etc/httpd/conf/ssl.crt/server.crt
> #SSLCertificateFile
> /etc/httpd/conf/ssl.crt/server-dsa.crt
> 
> #   Server Private Key:
> #   If the key is not combined with the certificate,
> use this
> #   directive to point at the key file.  Keep in
> mind that if
> #   you've both a RSA and a DSA private key you can
> configure
> #   both in parallel (to also allow the use of DSA
> ciphers, etc.)
> SSLCertificateKeyFile
> /etc/httpd/conf/ssl.key/server.key
> #SSLCertificateKeyFile
> /etc/httpd/conf/ssl.key/server-dsa.key
> 
> #   Server Certificate Chain:
> #   Point SSLCertificateChainFile at a file
> containing the
> #   concatenation of PEM encoded CA certificates
> which form the
> #   certificate chain for the server certificate.
> Alternatively
> #   the referenced file can be the same as
> SSLCertificateFile
> #   when the CA certificates are directly appended
> to the server
> #   certificate for convinience.
> #SSLCertificateChainFile
> /etc/httpd/conf/ssl.crt/ca.crt
> 
> #   Certificate Authority (CA):
> #   Set the CA certificate verification path where
> to find CA
> #   certificates for client authentication or
> alternatively one
> #   huge file containing all of them (file must be
> PEM encoded)
> #   Note: Inside SSLCACertificatePath you need hash
> symlinks
> #         to point to the certificate files. Use the
> provided
> #         Makefile to update the hash symlinks after
> changes.
> #SSLCACertificatePath /etc/httpd/conf/ssl.crt
> #SSLCACertificateFile
> /usr/share/ssl/certs/ca-bundle.crt
> 
> #   Certificate Revocation Lists (CRL):
> #   Set the CA revocation path where to find CA CRLs
> for client
> #   authentication or alternatively one huge file
> containing all
> #   of them (file must be PEM encoded)
> #   Note: Inside SSLCARevocationPath you need hash
> symlinks
> #         to point to the certificate files. Use the
> provided
> #         Makefile to update the hash symlinks after
> changes.
> #SSLCARevocationPath /etc/httpd/conf/ssl.crl
> #SSLCARevocationFile
> /etc/httpd/conf/ssl.crl/ca-bundle.crl
> 
> #   Client Authentication (Type):
> #   Client certificate verification type and depth. 
> Types are
> #   none, optional, require and optional_no_ca. 
> Depth is a
> #   number which specifies how deeply to verify the
> certificate
> #   issuer chain before deciding the certificate is
> not valid.
> #SSLVerifyClient require
> #SSLVerifyDepth  10
> 
> #   Access Control:
> #   With SSLRequire you can do per-directory access
> control based
> #   on arbitrary complex boolean expressions
> containing server
> #   variable checks and other lookup directives. 
> The syntax is a
> #   mixture between C and Perl.  See the mod_ssl
> documentation
> #   for more details.
> #<Location />
> #SSLRequire (    %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
> #            and %{SSL_CLIENT_S_DN_O} eq "Snake Oil,
> Ltd." \
> #            and %{SSL_CLIENT_S_DN_OU} in {"Staff",
> "CA", "Dev"} \
> #            and %{TIME_WDAY} >= 1 and %{TIME_WDAY}
> <= 5 \
> #            and %{TIME_HOUR} >= 8 and %{TIME_HOUR}
> <= 20       ) \
> #           or %{REMOTE_ADDR} =~
> m/^192\.76\.162\.[0-9]+$/
> #</Location>
> 
> #   SSL Engine Options:
> #   Set various options for the SSL engine.
> #   o FakeBasicAuth:
> #     Translate the client X.509 into a Basic
> Authorisation.  This means that
> #     the standard Auth/DBMAuth methods can be used
> for access control.  The
> #     user name is the `one line' version of the
> client's X.509 certificate.
> #     Note that no password is obtained from the
> user. Every entry in the user
> #     file needs this password: `xxj31ZMTZzkVA'.
> #   o ExportCertData:
> #     This exports two additional environment
> variables: SSL_CLIENT_CERT and
> #     SSL_SERVER_CERT. These contain the PEM-encoded
> certificates of the
> #     server (always existing) and the client (only
> existing when client
> #     authentication is used). This can be used to
> import the certificates
> #     into CGI scripts.
> #   o StdEnvVars:
> #     This exports the standard SSL/TLS related
> `SSL_*' environment variables.
> #     Per default this exportation is switched off
> for performance reasons,
> #     because the extraction step is an expensive
> operation and is usually
> #     useless for serving static content. So one
> usually enables the
> #     exportation for CGI and SSI requests only.
> #   o StrictRequire:
> #     This denies access when "SSLRequireSSL" or
> "SSLRequire" applied even
> #     under a "Satisfy any" situation, i.e. when it
> applies access is denied
> #     and no other module can change it.
> #   o OptRenegotiate:
> #     This enables optimized SSL connection
> renegotiation handling when SSL
> #     directives are used in per-directory context. 
> #SSLOptions +FakeBasicAuth +ExportCertData
> +CompatEnvVars +StrictRequire
> <Files ~ "\.(cgi|shtml|phtml|php3?)$">
>     SSLOptions +StdEnvVars
> </Files>
> <Directory "/var/www/cgi-bin">
>     SSLOptions +StdEnvVars
> </Directory>
> 
> #   SSL Protocol Adjustments:
> #   The safe and default but still SSL/TLS standard
> compliant shutdown
> #   approach is that mod_ssl sends the close notify
> alert but doesn't wait for
> #   the close notify alert from client. When you
> need a different shutdown
> #   approach you can use one of the following
> variables:
> #   o ssl-unclean-shutdown:
> #     This forces an unclean shutdown when the
> connection is closed, i.e. no
> #     SSL close notify alert is send or allowed to
> received.  This violates
> #     the SSL/TLS standard but is needed for some
> brain-dead browsers. Use
> #     this when you receive I/O errors because of
> the standard approach where
> #     mod_ssl sends the close notify alert.
> #   o ssl-accurate-shutdown:
> #     This forces an accurate shutdown when the
> connection is closed, i.e. a
> #     SSL close notify alert is send and mod_ssl
> waits for the close notify
> #     alert of the client. This is 100% SSL/TLS
> standard compliant, but in
> #     practice often causes hanging connections with
> brain-dead browsers. Use
> #     this only for browsers where you know that
> their SSL implementation
> #     works correctly. 
> #   Notice: Most problems of broken clients are also
> related to the HTTP
> #   keep-alive facility, so you usually additionally
> want to disable
> #   keep-alive for those clients, too. Use variable
> "nokeepalive" for this.
> #   Similarly, one has to force some clients to use
> HTTP/1.0 to workaround
> #   their broken HTTP/1.1 implementation. Use
> variables "downgrade-1.0" and
> #   "force-response-1.0" for this.
> SetEnvIf User-Agent ".*MSIE.*" \
>          nokeepalive ssl-unclean-shutdown \
>          downgrade-1.0 force-response-1.0
> 
> #   Per-Server Logging:
> #   The home of a custom SSL log file. Use this when
> you want a
> #   compact non-error SSL logfile on a virtual host
> basis.
> CustomLog logs/ssl_request_log \
>           "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x
> \"%r\" %b"
> 
> </VirtualHost>                                  
> 
> > #
> # Based upon the NCSA server configuration files
> originally by Rob McCool.
> #
> # This is the main Apache server configuration file.
>  It contains the
> # configuration directives that give the server its
> instructions.
> # See URL:http://httpd.apache.org/docs-2.0/ for
> detailed information about
> # the directives.
> #
> # Do NOT simply read the instructions in here
> without understanding
> # what they do.  They're here only as hints or
> reminders.  If you are unsure
> # consult the online docs. You have been warned.  
> #
> # The configuration directives are grouped into
> three basic sections:
> #  1. Directives that control the operation of the
> Apache server process as a
> #     whole (the 'global environment').
> #  2. Directives that define the parameters of the
> 'main' or 'default' server,
> #     which responds to requests that aren't handled
> by a virtual host.
> #     These directives also provide default values
> for the settings
> #     of all virtual hosts.
> #  3. Settings for virtual hosts, which allow Web
> requests to be sent to
> #     different IP addresses or hostnames and have
> them handled by the
> #     same Apache server process.
> #
> # Configuration and logfile names: If the filenames
> you specify for many
> # of the server's control files begin with "/" (or
> "drive:/" for Win32), the
> # server will use that explicit path.  If the
> filenames do *not* begin
> # with "/", the value of ServerRoot is prepended --
> so "logs/foo.log"
> # with ServerRoot set to "/etc/httpd" will be
> interpreted by the
> # server as "/etc/httpd/logs/foo.log".
> #
> 
> ### Section 1: Global Environment
> #
> # The directives in this section affect the overall
> operation of Apache,
> # such as the number of concurrent requests it can
> handle or where it
> # can find its configuration files.
> #
> 
> #
> # Don't give away too much information about all the
> subcomponents
> # we are running.  Comment out this line if you
> don't mind remote sites
> # finding out what major optional modules you are
> running
> ServerTokens OS
> 
> #
> # ServerRoot: The top of the directory tree under
> which the server's
> # configuration, error, and log files are kept.
> #
> # NOTE!  If you intend to place this on an NFS (or
> otherwise network)
> # mounted filesystem then please read the LockFile
> documentation
> # (available at
>
<URL:http://httpd.apache.org/docs-2.0/mod/core.html#lockfile>);
> # you will save yourself a lot of trouble.
> #
> # Do NOT add a slash at the end of the directory
> path.
> #
> ServerRoot "/etc/httpd"
> 
> #
> # ScoreBoardFile: File used to store internal server
> process information.
> # If unspecified (the default), the scoreboard will
> be stored in an
> # anonymous shared memory segment, and will be
> unavailable to third-party
> # applications.
> # If specified, ensure that no two invocations of
> Apache share the same
> # scoreboard file. The scoreboard file MUST BE
> STORED ON A LOCAL DISK.
> #
> #ScoreBoardFile run/httpd.scoreboard
> 
> #
> # PidFile: The file in which the server should
> record its process
> # identification number when it starts.
> #
> PidFile "/var/run/httpd.pid"
> 
> #
> # Timeout: The number of seconds before receives and
> sends time out.
> #
> TimeOut 300
> 
> #
> # KeepAlive: Whether or not to allow persistent
> connections (more than
> # one request per connection). Set to "Off" to
> deactivate.
> #
> KeepAlive true
> 
> #
> # MaxKeepAliveRequests: The maximum number of
> requests to allow
> # during a persistent connection. Set to 0 to allow
> an unlimited amount.
> # We recommend you leave this number high, for
> maximum performance.
> #
> MaxKeepAliveRequests 100
> 
> #
> # KeepAliveTimeout: Number of seconds to wait for
> the next request from the
> # same client on the same connection.
> #
> KeepAliveTimeout 15
> 
> ##
> ## Server-Pool Size Regulation (MPM specific)
> ## 
> 
> # prefork MPM
> # StartServers: number of server processes to start
> # MinSpareServers: minimum number of server
> processes which are kept spare
> # MaxSpareServers: maximum number of server
> processes which are kept spare
> # MaxClients: maximum number of server processes
> allowed to start
> # MaxRequestsPerChild: maximum number of requests a
> server process serves
> <IfModule prefork.c>
> StartServers 8
> MinSpareServers 5
> MaxSpareServers 20
> MaxClients 150
> MaxRequestsPerChild 100
> </IfModule>
> 
> # worker MPM
> # StartServers: initial number of server processes
> to start
> # MaxClients: maximum number of simultaneous client
> connections
> # MinSpareThreads: minimum number of worker threads
> which are kept spare
> # MaxSpareThreads: maximum number of worker threads
> which are kept spare
> # ThreadsPerChild: constant number of worker threads
> in each server process
> # MaxRequestsPerChild: maximum number of requests a
> server process serves
> <IfModule worker.c>
> StartServers         2
> MaxClients         150
> MinSpareThreads     25
> MaxSpareThreads     75
> ThreadsPerChild     25 
> MaxRequestsPerChild  0
> </IfModule>
> 
> #
> # Listen: Allows you to bind Apache to specific IP
> addresses and/or
> # ports, in addition to the default. See also the
> <VirtualHost>
> # directive.
> #
> # Change this to Listen on specific IP addresses as
> shown below to 
> # prevent Apache from glomming onto all bound IP
> addresses (0.0.0.0)
> #
> #Listen 12.34.56.78:80
> Listen *:80
> 
> 
> #
> # Dynamic Shared Object (DSO) Support
> #
> # To be able to use the functionality of a module
> which was built as a DSO you
> # have to place corresponding `LoadModule' lines at
> this location so the
> # directives contained in it are actually available
> _before_ they are used.
> # Statically compiled modules (those listed by
> `httpd -l') do not need
> # to be loaded here.
> #
> # Example:
> # LoadModule foo_module modules/mod_foo.so
> #
> LoadModule access_module modules/mod_access.so
> LoadModule auth_module modules/mod_auth.so
> LoadModule auth_anon_module modules/mod_auth_anon.so
> LoadModule auth_dbm_module modules/mod_auth_dbm.so
> LoadModule auth_digest_module
> modules/mod_auth_digest.so
> LoadModule ldap_module modules/mod_ldap.so
> LoadModule auth_ldap_module modules/mod_auth_ldap.so
> LoadModule include_module modules/mod_include.so
> LoadModule log_config_module
> modules/mod_log_config.so
> LoadModule env_module modules/mod_env.so
> LoadModule mime_magic_module
> modules/mod_mime_magic.so
> LoadModule cern_meta_module modules/mod_cern_meta.so
> LoadModule expires_module modules/mod_expires.so
> LoadModule deflate_module modules/mod_deflate.so
> LoadModule headers_module modules/mod_headers.so
> LoadModule usertrack_module modules/mod_usertrack.so
> LoadModule unique_id_module modules/mod_unique_id.so
> LoadModule setenvif_module modules/mod_setenvif.so
> LoadModule mime_module modules/mod_mime.so
> LoadModule dav_module modules/mod_dav.so
> #Nina added these in for svn server
> #
> LoadModule dav_svn_module modules/mod_dav_svn.so
> LoadModule authz_svn_module modules/mod_authz_svn.so
> #
> LoadModule status_module modules/mod_status.so
> LoadModule autoindex_module modules/mod_autoindex.so
> LoadModule asis_module modules/mod_asis.so
> LoadModule info_module modules/mod_info.so
> LoadModule dav_fs_module modules/mod_dav_fs.so
> LoadModule vhost_alias_module
> modules/mod_vhost_alias.so
> LoadModule negotiation_module
> modules/mod_negotiation.so
> LoadModule dir_module modules/mod_dir.so
> LoadModule imap_module modules/mod_imap.so
> LoadModule actions_module modules/mod_actions.so
> LoadModule speling_module modules/mod_speling.so
> LoadModule userdir_module modules/mod_userdir.so
> LoadModule alias_module modules/mod_alias.so
> LoadModule rewrite_module modules/mod_rewrite.so
> LoadModule proxy_module modules/mod_proxy.so
> LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
> LoadModule proxy_http_module
> modules/mod_proxy_http.so
> LoadModule proxy_connect_module
> modules/mod_proxy_connect.so
> LoadModule cache_module modules/mod_cache.so
> LoadModule suexec_module modules/mod_suexec.so
> LoadModule disk_cache_module
> modules/mod_disk_cache.so
> LoadModule file_cache_module
> modules/mod_file_cache.so
> LoadModule mem_cache_module modules/mod_mem_cache.so
> LoadModule cgi_module modules/mod_cgi.so
> 
> #
> # Load config files from the config directory
> "/etc/httpd/conf.d".
> #
> Include conf.d/*.conf
> 
> #
> # ExtendedStatus controls whether Apache will
> generate "full" status
> # information (ExtendedStatus On) or just basic
> information (ExtendedStatus
> # Off) when the "server-status" handler is called.
> The default is Off.
> #
> #ExtendedStatus On
> 
> ### Section 2: 'Main' server configuration
> #
> # The directives in this section set up the values
> used by the 'main'
> # server, which responds to any requests that aren't
> handled by a
> # <VirtualHost> definition.  These values also
> provide defaults for
> # any <VirtualHost> containers you may define later
> in the file.
> #
> # All of these directives may appear inside
> <VirtualHost> containers,
> # in which case these default settings will be
> overridden for the
> # virtual host being defined.
> #
> 
> #
> # If you wish httpd to run as a different user or
> group, you must run
> # httpd as root initially and it will switch.  
> #
> # User/Group: The name (or #number) of the
> user/group to run httpd as.
> #  . On SCO (ODT 3) use "User nouser" and "Group
> nogroup".
> #  . On HPUX you may not be able to use shared
> memory as nobody, and the
> #    suggested workaround is to create a user www
> and use that user.
> #  NOTE that some kernels refuse to setgid(Group) or
> semctl(IPC_SET)
> #  when the value of (unsigned)Group is above 60000;
> 
> #  don't use Group #-1 on these systems!
> #
> User apache
> Group apache
> 
> #
> # ServerAdmin: Your address, where problems with the
> server should be
> # e-mailed.  This address appears on some
> server-generated pages, such
> # as error documents.  e.g. admin@your-domain.com
> #
> ServerAdmin root@gibbons.com
> 
> #
> # ServerName gives the name and port that the server
> uses to identify itself.
> # This can often be determined automatically, but we
> recommend you specify
> # it explicitly to prevent problems during startup.
> #
> # If this is not set to valid DNS name for your
> host, server-generated
> # redirections will not work.  See also the
> UseCanonicalName directive.
> #
> # If your host doesn't have a registered DNS name,
> enter its IP address here.
> # You will have to access it by its address anyway,
> and this will make 
> # redirections work in a sensible way.
> #
> ServerName gibbons.com:80
> 
> #
> # UseCanonicalName: Determines how Apache constructs
> self-referencing 
> # URLs and the SERVER_NAME and SERVER_PORT
> variables.
> # When set "Off", Apache will use the Hostname and
> Port supplied
> # by the client.  When set "On", Apache will use the
> value of the
> # ServerName directive.
> #
> UseCanonicalName on
> 
> #
> # DocumentRoot: The directory out of which you will
> serve your
> # documents. By default, all requests are taken from
> this directory, but
> # symbolic links and aliases may be used to point to
> other locations.
> #
> DocumentRoot "/var/www/html"
> 
> # 
> # Disable autoindex for the root directory, and
> present a
> # default Welcome page if no other index page is
> present.
> #
> <LocationMatch "^/$">
>     Options -Indexes
>     ErrorDocument 403 /error/noindex.html
> </LocationMatch>
> 
> #
> # UserDir: The name of the directory that is
> appended onto a user's home
> # directory if a ~user request is received.
> #
> # The path to the end user account 'public_html'
> directory must be
> # accessible to the webserver userid.  This usually
> means that ~userid
> # must have permissions of 711, ~userid/public_html
> must have permissions
> # of 755, and documents contained therein must be
> world-readable.
> # Otherwise, the client will only receive a "403
> Forbidden" message.
> #
> # See also:
> http://httpd.apache.org/docs/misc/FAQ.html#forbidden
> #
> <IfModule mod_userdir.c>
>     #
>     # UserDir is disabled by default since it can
> confirm the presence
>     # of a username on the system (depending on home
> directory
>     # permissions).
>     #
>     UserDir "disable"
> 
>     #
>     # To enable requests to /~user/ to serve the
> user's public_html
>     # directory, use this directive instead of
> "UserDir disable":
>     # 
>     #UserDir public_html
> 
> </IfModule>
> 
> #
> # DirectoryIndex: sets the file that Apache will
> serve if a directory
> # is requested.
> #
> # The index.html.var file (a type-map) is used to
> deliver content-
> # negotiated documents.  The MultiViews Option can
> be used for the 
> # same purpose, but it is much slower.
> #
> DirectoryIndex 
> 
> #
> # AccessFileName: The name of the file to look for
> in each directory
> # for access control information.  See also the
> AllowOverride directive.
> #
> AccessFileName .htaccess
> 
> #
> # The following lines prevent .htaccess and
> .htpasswd files from being 
> # viewed by Web clients. 
> #
> <Files ~ "^\.ht">
>     Order allow,deny
>     Deny from all
> </Files>
> 
> #
> # TypesConfig describes where the mime.types file
> (or equivalent) is
> # to be found.
> #
> TypesConfig "/etc/mime.types"
> 
> #
> # DefaultType is the default MIME type the server
> will use for a document
> # if it cannot otherwise determine one, such as from
> filename extensions.
> # If your server contains mostly text or HTML
> documents, "text/plain" is
> # a good value.  If most of your content is binary,
> such as applications
> # or images, you may want to use
> "application/octet-stream" instead to
> # keep browsers from trying to display binary files
> as though they are
> # text.
> #
> DefaultType text/plain
> 
> #
> # The mod_mime_magic module allows the server to use
> various hints from the
> # contents of the file itself to determine its type.
>  The MIMEMagicFile
> # directive tells the module where the hint
> definitions are located.
> #
> <IfModule mod_mime_magic.c>
> #   MIMEMagicFile /usr/share/magic.mime
>     MIMEMagicFile conf/magic
> </IfModule>
> 
> #
> # HostnameLookups: Log the names of clients or just
> their IP addresses
> # e.g., www.apache.org (on) or 204.62.129.132 (off).
> # The default is off because it'd be overall better
> for the net if people
> # had to knowingly turn this feature on, since
> enabling it means that
> # each client request will result in AT LEAST one
> lookup request to the
> # nameserver.
> #
> HostNameLookups Off
> 
> #
> # EnableMMAP: Control whether memory-mapping is used
> to deliver
> # files (assuming that the underlying OS supports
> it).
> # The default is on; turn this off if you serve from
> NFS-mounted 
> # filesystems.  On some systems, turning it off
> (regardless of
> # filesystem) can improve performance; for details,
> please see
> #
>
http://httpd.apache.org/docs-2.0/mod/core.html#enablemmap
> #
> #EnableMMAP off
> 
> #
> # EnableSendfile: Control whether the sendfile
> kernel support is 
> # used to deliver files (assuming that the OS
> supports it). 
> # The default is on; turn this off if you serve from
> NFS-mounted 
> # filesystems.  Please see
> #
>
http://httpd.apache.org/docs-2.0/mod/core.html#enablesendfile
> #
> #EnableSendfile off
> 
> #
> # ErrorLog: The location of the error log file.
> # If you do not specify an ErrorLog directive within
> a <VirtualHost>
> # container, error messages relating to that virtual
> host will be
> # logged here.  If you *do* define an error logfile
> for a <VirtualHost>
> # container, that host's errors will be logged there
> and not here.
> #
> ErrorLog "/var/log/httpd/error_log"
> 
> #
> # LogLevel: Control the number of messages logged to
> the error_log.
> # Possible values include: debug, info, notice,
> warn, error, crit,
> # alert, emerg.
> #
> LogLevel warn
> 
> #
> # The following directives define some format
> nicknames for use with
> # a CustomLog directive (see below).
> #
> LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\"
> \"%{User-Agent}i\"" combined
> LogFormat "%h %l %u %t \"%r\" %>s %b" common
> LogFormat "%{Referer}i -> %U" referer
> LogFormat "%{User-agent}i" agent
> 
> 
> #
> # The location and format of the access logfile
> (Common Logfile Format).
> # If you do not define any access logfiles within a
> <VirtualHost>
> # container, they will be logged here. 
> Contrariwise, if you *do*
> # define per-<VirtualHost> access logfiles,
> transactions will be
> # logged therein and *not* in this file.
> #
> # CustomLog logs/access_log common
> CustomLog logs/access_log combined
> 
> #
> # If you would like to have agent and referer
> logfiles, uncomment the
> # following directives.
> #
> #CustomLog logs/referer_log referer
> #CustomLog logs/agent_log agent
> 
> #
> # If you prefer a single logfile with access, agent,
> and referer information
> # (Combined Logfile Format) you can use the
> following directive.
> #
> #CustomLog logs/access_log combined
> 
> #
> # Optionally add a line containing the server
> version and virtual host
> # name to server-generated pages (error documents,
> FTP directory listings,
> # mod_status and mod_info output etc., but not CGI
> generated documents).
> # Set to "EMail" to also include a mailto: link to
> the ServerAdmin.
> # Set to one of:  On | Off | EMail
> #
> ServerSignature on
> 
> #
> # Aliases: Add here as many aliases as you need
> (with no limit). The format is 
> # Alias fakename realname
> #
> # Note that if you include a trailing / on fakename
> then the server will
> # require it to be present in the URL.  So "/icons"
> isn't aliased in this
> # example, only "/icons/".  If the fakename is
> slash-terminated, then the 
> # realname must also be slash terminated, and if the
> fakename omits the 
> # trailing slash, the realname must also omit it.
> #
> # We include the /icons/ alias for FancyIndexed
> directory listings.  If you
> # do not use FancyIndexing, you may comment this
> out.
> #
> Alias /icons/ "/var/www/icons/"
> 
> #
> # This should be changed to the ServerRoot/manual/. 
> The alias provides
> # the manual, even if you choose to move your
> DocumentRoot.  You may comment
> # this out if you do not care for the documentation.
> #
> Alias /manual "/var/www/manual"
> 
> <IfModule mod_dav_fs.c>
>     # Location of the WebDAV lock database.
>     DAVLockDB /var/lib/dav/lockdb
> </IfModule>
> 
> #
> # ScriptAlias: This controls which directories
> contain server scripts.
> # ScriptAliases are essentially the same as Aliases,
> except that
> # documents in the realname directory are treated as
> applications and
> # run by the server when requested rather than as
> documents sent to the client.
> # The same rules about trailing "/" apply to
> ScriptAlias directives as to
> # Alias.
> #
> ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
> 
> <IfModule mod_cgid.c>
> #
> # Additional to mod_cgid.c settings, mod_cgid has
> Scriptsock <path>
> # for setting UNIX socket for communicating with
> cgid.
> #
> #Scriptsock            logs/cgisock
> </IfModule>
> 
> #Nina added
>
######################################################################
> <IfModule mod_ssl.c>
> Include conf.d/ssl.conf
> </IfModule>
>
######################################################################
> 
> #
> # Redirect allows you to tell clients about
> documents which used to exist in
> # your server's namespace, but do not anymore. This
> allows you to tell the
> # clients where to look for the relocated document.
> # Example:
> # Redirect permanent /foo http://www.example.com/bar
> 
> #
> # Directives controlling the display of
> server-generated directory listings.
> #
> 
> #
> # FancyIndexing is whether you want fancy directory
> indexing or standard.
> # VersionSort is whether files containing version
> numbers should be 
> # compared in the natural way, so that
> `apache-1.3.9.tar' is placed before
> # `apache-1.3.12.tar'.
> #
> IndexOptions FancyIndexing VersionSort NameWidth=*
> 
> #
> # AddIcon* directives tell the server which icon to
> show for different
> # files or filename extensions.  These are only
> displayed for
> # FancyIndexed directories.
> #
> AddIconByEncoding (CMP,/icons/compressed.gif)
> x-compress x-gzip
> 
> AddIconByType (TXT,/icons/text.gif) text/*
> AddIconByType (IMG,/icons/image2.gif) image/*
> AddIconByType (SND,/icons/sound2.gif) audio/*
> AddIconByType (VID,/icons/movie.gif) video/*
> 
> AddIcon /icons/binary.gif .bin .exe
> AddIcon /icons/binhex.gif .hqx
> AddIcon /icons/tar.gif .tar
> AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm
> .iv
> AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
> AddIcon /icons/a.gif .ps .ai .eps
> AddIcon /icons/layout.gif .html .shtml .htm .pdf
> AddIcon /icons/text.gif .txt
> AddIcon /icons/c.gif .c
> AddIcon /icons/p.gif .pl .py
> AddIcon /icons/f.gif .for
> AddIcon /icons/dvi.gif .dvi
> AddIcon /icons/uuencoded.gif .uu
> AddIcon /icons/script.gif .conf .sh .shar .csh .ksh
> .tcl
> AddIcon /icons/tex.gif .tex
> AddIcon /icons/bomb.gif core
> 
> AddIcon /icons/back.gif ..
> AddIcon /icons/hand.right.gif README
> AddIcon /icons/folder.gif ^^DIRECTORY^^
> AddIcon /icons/blank.gif ^^BLANKICON^^
> 
> #
> # DefaultIcon is which icon to show for files which
> do not have an icon
> # explicitly set.
> #
> DefaultIcon /icons/unknown.gif
> 
> #
> # AddDescription allows you to place a short
> description after a file in
> # server-generated indexes.  These are only
> displayed for FancyIndexed
> # directories.
> # Format: AddDescription "description" filename
> #
> #AddDescription "GZIP compressed document" .gz
> #AddDescription "tar archive" .tar
> #AddDescription "GZIP compressed tar archive" .tgz
> 
> #
> # ReadmeName is the name of the README file the
> server will look for by
> # default, and append to directory listings.
> #
> # HeaderName is the name of a file which should be
> prepended to
> # directory indexes. 
> ReadmeName README.html
> HeaderName HEADER.html
> 
> #
> # IndexIgnore is a set of filenames which directory
> indexing should ignore
> # and not include in the listing.  Shell-style
> wildcarding is permitted.
> #
> IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v
> *,t
> 
> #
> # AddEncoding allows you to have certain browsers
> (Mosaic/X 2.1+) uncompress
> # information on the fly. Note: Not all browsers
> support this.
> # Despite the name similarity, the following Add*
> directives have nothing
> # to do with the FancyIndexing customization
> directives above.
> #
> AddEncoding x-compress Z
> AddEncoding x-gzip gz tgz
> 
> #
> # DefaultLanguage and AddLanguage allows you to
> specify the language of 
> # a document. You can then use content negotiation
> to give a browser a 
> # file in a language the user can understand.
> #
> # Specify a default language. This means that all
> data
> # going out without a specific language tag (see
> below) will 
> # be marked with this one. You probably do NOT want
> to set
> # this unless you are sure it is correct for all
> cases.
> #
> # * It is generally better to not mark a page as 
> # * being a certain language than marking it with
> the wrong
> # * language!
> #
> # DefaultLanguage nl
> #
> # Note 1: The suffix does not have to be the same as
> the language
> # keyword --- those with documents in Polish (whose
> net-standard
> # language code is pl) may wish to use "AddLanguage
> pl .po" to
> # avoid the ambiguity with the common suffix for
> perl scripts.
> #
> # Note 2: The example entries below illustrate that
> in some cases 
> # the two character 'Language' abbreviation is not
> identical to 
> # the two character 'Country' code for its country,
> # E.g. 'Danmark/dk' versus 'Danish/da'.
> #
> # Note 3: In the case of 'ltz' we violate the RFC by
> using a three char
> # specifier. There is 'work in progress' to fix this
> and get
> # the reference data for rfc1766 cleaned up.
> #
> # Danish (da) - Dutch (nl) - English (en) - Estonian
> (et)
> # French (fr) - German (de) - Greek-Modern (el)
> # Italian (it) - Norwegian (no) - Norwegian Nynorsk
> (nn) - Korean (kr) 
> # Portugese (pt) - Luxembourgeois* (ltz)
> # Spanish (es) - Swedish (sv) - Catalan (ca) -
> Czech(cz)
> # Polish (pl) - Brazilian Portuguese (pt-br) -
> Japanese (ja)
> # Russian (ru) - Croatian (hr)
> #
> AddLanguage da .dk
> AddLanguage nl .nl
> AddLanguage en .en
> AddLanguage et .et
> AddLanguage fr .fr
> AddLanguage de .de
> AddLanguage he .he
> AddLanguage el .el
> AddLanguage it .it
> AddLanguage ja .ja
> AddLanguage pl .po
> AddLanguage kr .kr
> AddLanguage pt .pt
> AddLanguage nn .nn
> AddLanguage no .no
> AddLanguage pt-br .pt-br
> AddLanguage ltz .ltz
> AddLanguage ca .ca
> AddLanguage es .es
> AddLanguage sv .se
> AddLanguage cz .cz
> AddLanguage ru .ru
> AddLanguage tw .tw
> AddLanguage zh-tw .tw
> AddLanguage hr .hr
> 
> #
> # LanguagePriority allows you to give precedence to
> some languages
> # in case of a tie during content negotiation.
> #
> # Just list the languages in decreasing order of
> preference. We have
> # more or less alphabetized them here. You probably
> want to change this.
> #
> LanguagePriority en da nl et fr de el it ja kr no pl
> pt pt-br ltz ca es sv tw
> 
> #
> # ForceLanguagePriority allows you to serve a result
> page rather than
> # MULTIPLE CHOICES (Prefer) [in case of a tie] or
> NOT ACCEPTABLE (Fallback)
> # [in case no accepted languages matched the
> available variants]
> #
> ForceLanguagePriority Prefer Fallback
> 
> #
> # Specify a default charset for all pages sent out.
> This is
> # always a good idea and opens the door for future
> internationalisation
> # of your web site, should you ever want it.
> Specifying it as
> # a default does little harm; as the standard
> dictates that a page
> # is in iso-8859-1 (latin1) unless specified
> otherwise i.e. you
> # are merely stating the obvious. There are also
> some security
> # reasons in browsers, related to javascript and URL
> parsing
> # which encourage you to always set a default char
> set.
> #
> AddDefaultCharset ISO-8859-1
> 
> #
> # Commonly used filename extensions to character
> sets. You probably
> # want to avoid clashes with the language
> extensions, unless you
> # are good at carefully testing your setup after
> each change.
> # See
>
ftp://ftp.isi.edu/in-notes/iana/assignments/character-sets
> for
> # the official list of charset names and their
> respective RFCs
> #
> AddCharset ISO-8859-1  .iso8859-1  .latin1
> AddCharset ISO-8859-2  .iso8859-2  .latin2 .cen
> AddCharset ISO-8859-3  .iso8859-3  .latin3
> AddCharset ISO-8859-4  .iso8859-4  .latin4
> AddCharset ISO-8859-5  .iso8859-5  .latin5 .cyr
> .iso-ru
> AddCharset ISO-8859-6  .iso8859-6  .latin6 .arb
> AddCharset ISO-8859-7  .iso8859-7  .latin7 .grk
> AddCharset ISO-8859-8  .iso8859-8  .latin8 .heb
> AddCharset ISO-8859-9  .iso8859-9  .latin9 .trk
> AddCharset ISO-2022-JP .iso2022-jp .jis
> AddCharset ISO-2022-KR .iso2022-kr .kis
> AddCharset ISO-2022-CN .iso2022-cn .cis
> AddCharset Big5        .Big5       .big5
> # For russian, more than one charset is used
> (depends on client, mostly):
> AddCharset WINDOWS-1251 .cp-1251   .win-1251
> AddCharset CP866       .cp866
> AddCharset KOI8-r      .koi8-r .koi8-ru
> AddCharset KOI8-ru     .koi8-uk .ua
> AddCharset ISO-10646-UCS-2 .ucs2
> AddCharset ISO-10646-UCS-4 .ucs4
> AddCharset UTF-8       .utf8
> 
> # The set below does not map to a specific (iso)
> standard
> # but works on a fairly wide range of browsers. Note
> that
> # capitalization actually matters (it should not,
> but it
> # does for some browsers).
> #
> # See
>
ftp://ftp.isi.edu/in-notes/iana/assignments/character-sets
> # for a list of sorts. But browsers support few.
> #
> AddCharset GB2312      .gb2312 .gb
> AddCharset utf-7       .utf7
> AddCharset utf-8       .utf8
> AddCharset big5        .big5 .b5
> AddCharset EUC-TW      .euc-tw
> AddCharset EUC-JP      .euc-jp
> AddCharset EUC-KR      .euc-kr
> AddCharset shift_jis   .sjis
> 
> #
> # AddType allows you to add to or override the MIME
> configuration
> # file mime.types for specific file types.
> #
> AddType application/x-tar .tgz
> #Nina added this line
> AddType text/html .shtml
> 
> #
> # AddHandler allows you to map certain file
> extensions to "handlers":
> # actions unrelated to filetype. These can be either
> built into the server
> # or added with the Action directive (see below)
> #
> # To use CGI scripts outside of ScriptAliased
> directories:
> # (You will also need to add "ExecCGI" to the
> "Options" directive.)
> #
> #AddHandler cgi-script .cgi
> 
> #
> # For files that include their own HTTP headers:
> #
> #AddHandler send-as-is asis
> 
> #
> # For server-parsed imagemap files:
> #
> AddHandler imap-file map
> 
> #
> # For type maps (negotiated resources):
> # (This is enabled by default to allow the Apache
> "It Worked" page
> #  to be distributed in multiple languages.)
> #
> AddHandler type-map var
> 
> # Filters allow you to process content before it is
> sent to the client.
> #
> # To parse .shtml files for server-side includes
> (SSI):
> # (You will also need to add "Includes" to the
> "Options" directive.)
> #
> AddOutputFilter INCLUDES .shtml
> 
> #
> # Action lets you define media types that will
> execute a script whenever
> # a matching file is called. This eliminates the
> need for repeated URL
> # pathnames for oft-used CGI file processors.
> # Format: Action media/type /cgi-script/location
> # Format: Action handler-name /cgi-script/location
> #
> 
> #
> # Customizable error responses come in three
> flavors:
> # 1) plain text 2) local redirects 3) external
> redirects
> #
> # Some examples:
> #ErrorDocument 500 "The server made a boo boo."
> #ErrorDocument 404 /missing.html
> #ErrorDocument 404 "/cgi-bin/missing_handler.pl"
> #ErrorDocument 402
> http://www.example.com/subscription_info.html
> #
> 
> 
> Alias /error/ "/var/www/error/"
> 
> #
> # The following directives modify normal HTTP
> response behavior to
> # handle known problems with browser
> implementations.
> #
> BrowserMatch "Mozilla/2" nokeepalive
> BrowserMatch "MSIE 4\.0b2;" nokeepalive
> downgrade-1.0 force-response-1.0
> BrowserMatch "RealPlayer 4\.0" force-response-1.0
> BrowserMatch "Java/1\.0" force-response-1.0
> BrowserMatch "JDK/1\.0" force-response-1.0
> 
> #
> # The following directive disables redirects on
> non-GET requests for
> # a directory that does not include the trailing
> slash.  This fixes a 
> # problem with Microsoft WebFolders which does not
> appropriately handle 
> # redirects for folders with DAV methods.
> #
> BrowserMatch "Microsoft Data Access Internet
> Publishing Provider" redirect-carefully
> BrowserMatch "^WebDrive" redirect-carefully
> BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully
> BrowserMatch "^gnome-vfs" redirect-carefully
> 
> #
> # Allow server status reports, with the URL of
> http://servername/server-status
> # Change the ".your-domain.com" to match your domain
> to enable.
> #
> #<Location /server-status>
> #    SetHandler server-status
> #    Order deny,allow
> #    Deny from all
> #    Allow from .your-domain.com
> #</Location>
> 
> #
> # Allow remote server configuration reports, with
> the URL of
> #  http://servername/server-info (requires that
> mod_info.c be loaded).
> # Change the ".your-domain.com" to match your domain
> to enable.
> #
> #<Location /server-info>
> #    SetHandler server-info
> #    Order deny,allow
> #    Deny from all
> #    Allow from .your-domain.com
> #</Location>
> 
> # Nina added this in for svn server
> # Repository location
> <Location /svn1>
> 	DAV svn
> 	SVNParentPath /svn1
> 	
> 	# access control policy
> 	AuthzSVNAccessFile /etc/svn-access-file
> 	# how to authenticate a user
> 	AuthType Basic
> 	AuthName "Subversion repository"
> 	AuthUserFile /etc/svn-auth-file
> 	
> 	# only authenticated users may access the
> repository
> 	Require valid-user
> </Location>
> 
> # Proxy Server directives. Uncomment the following
> lines to
> # enable the proxy server:
> #
> #<IfModule mod_proxy.c>
> #ProxyRequests On
> #
> #<Proxy *>
> #    Order deny,allow
> #    Deny from all
> #    Allow from .your-domain.com
> #</Proxy>
> 
> #
> # Enable/disable the handling of HTTP/1.1 "Via:"
> headers.
> # ("Full" adds the server version; "Block" removes
> all outgoing Via: headers)
> # Set to one of: Off | On | Full | Block
> #
> #ProxyVia On
> 
> #
> # To enable the cache as well, edit and uncomment
> the following lines:
> # (no cacheing without CacheRoot)
> #
> #CacheRoot "/etc/httpd/proxy"
> #CacheSize 5
> #CacheGcInterval 4
> #CacheMaxExpire 24
> #CacheLastModifiedFactor 0.1
> #CacheDefaultExpire 1
> #NoCache a-domain.com another-domain.edu
> joes.garage-sale.com
> 
> #</IfModule>
> # End of proxy directives.
> 
> ### Section 3: Virtual Hosts
> #
> # VirtualHost: If you want to maintain multiple
> domains/hostnames on your
> # machine you can setup VirtualHost containers for
> them. Most configurations
> # use only name-based virtual hosts so the server
> doesn't need to worry about
> # IP addresses. This is indicated by the asterisks
> in the directives below.
> #
> # Please see the documentation at 
> # <URL:http://httpd.apache.org/docs-2.0/vhosts/>
> # for further details before you try to setup
> virtual hosts.
> #
> # You may use the command line option '-S' to verify
> your virtual host
> # configuration.
> 
> #
> # Use name-based virtual hosting.
> #
> 
> 
> # Where do we put the lock and pif files?
> LockFile "/var/lock/httpd.lock"
> CoreDumpDirectory "/etc/httpd"
> 
> # Defaults for virtual hosts
> 
> 
> 
> 
> 
> 
> 
> # Logs
> 
> 
> 
>       
>         
>         
>         
>         
>         
>         
>         
>         
>         
>         
>         
>         
>         
>         
>         
>         
>         
>         
>         
>         
>         
>         
>         
>           
>             
>             
>             
>           
>         
>           
>         
>        
> #
> # Virtual hosts
> #
> 
> # Virtual host Default Virtual Host
> <VirtualHost *>
>  	
>  	
>  	
>  	
> 	
> 
>  	
>  	
> 	DirectoryIndex index.php index.html index.htm
> index.shtml 
> 	
> 	
> 
>  	
>  	
>  	
>  	LogLevel debug
>  	HostNameLookups off
> 	
> 	
> 	
> 
> </VirtualHost>
> 
> 
>       
> #
> # Each directory to which Apache has access can be
> configured with respect
> # to which services and features are allowed and/or
> disabled in that
> # directory (and its subdirectories). 
> #
> # Note that from this point forward you must
> specifically allow
> # particular features to be enabled - so if
> something's not working as
> # you might expect, make sure that you have
> specifically enabled it
> # below.
> #
> 
> <Directory "/">
>         Options FollowSymLinks
>         
>         AllowOverride None
>         
>         
>         
> </Directory>
> 
> <Directory "/var/www/html">
>         Options Indexes Includes FollowSymLinks 
>         
>         AllowOverride None
>         Allow from all
> 
>         
>         Order allow,deny
> </Directory>
> 
> <Directory "/var/www/icons">
>         Options Indexes MultiViews
>         
>         AllowOverride None
>         Allow from all
> 
>         
>         Order allow,deny
> </Directory>
> 
> <Directory "/var/www/cgi-bin">
>         Options ExecCGI
>         
>         AllowOverride None
>         Allow from all
> 
>         
>         Order allow,deny
> </Directory>
> 
> 
>       
>     
>   
> 
> >
---------------------------------------------------------------------
> The official User-To-User support forum of the
> Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for
> more info.
> To unsubscribe, e-mail:
> users-unsubscribe@httpd.apache.org
>    "   from the digest:
> users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail:
users-help@httpd.apache.org



		
__________________________________
Do you Yahoo!?
Yahoo! Mail is new and improved - Check it out!
http://promotions.yahoo.com/new_mail

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message