httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From joon yang <joon_y...@yahoo.com>
Subject Re: [users@httpd] https config
Date Fri, 06 Aug 2004 22:34:24 GMT
Sounds like you don't have an index.html available in
that directory.  The directory index or directory
listing is a feature that you can turn on/off from
httpd.conf.

Normally people turn this off.

JoOn
--- Nina Pham <nina@gibbons.com> wrote:

> I checked the ssl_error_log, it said "Direcotry
> index forbidden by rule: 
> /var/www/html/"
> What does that mean?
> 
> joon yang wrote:
> 
> >Normal port for https is 443 not 4443.
> >
> >JoOn
> >--- Nina Pham <nina@gibbons.com> wrote:
> >
> >  
> >
> >>I uncomment the include /conf.d/ssl.conf, then
> >>restart apache.  It 
> >>complained about no NameVirtualHost for
> >>myserver:4443. I put in the 
> >>NameVirtualHost and restart apache, it gave me a
> >>warning 
> >>NameVirtualHost  myserver:4443 has no
> >>VirtualHost(however, it's arlready 
> >>there in ssl.conf). But it still start apache.
> Using
> >>browser, I still 
> >>can access www.gibbons.com:80, but went i tried to
> 
> >>https://www.gibbons.com, this time it doesn't
> >>display the FedoraCore 
> >>apache test page (my system is FC2), but instead,
> >>gave me error message 
> >>"The connection was refused when attempting to
> >>contact 
> >>www.gibbons.com:4443. I attached ssl.conf, hand
> >>httpd.conf files.
> >>
> >>
> >>joon yang wrote:
> >>
> >>    
> >>
> >>>You need to add LoadModule in the httpd.conf and
> >>>uncomment the following.
> >>><IfModule mod_ssl.c>
> >>>Include conf.d/ssl.conf
> >>></IfModule>
> >>>
> >>>This tells apache to load ssl.conf if mod_ssl.so
> >>>      
> >>>
> >>have
> >>    
> >>
> >>>been loaded.
> >>>
> >>>Also, in you ssl.conf, you've got port 4443
> rather
> >>>than 443.
> >>>
> >>>JoOn
> >>>
> >>>
> >>>--- Nina Pham <nina@gibbons.com> wrote:
> >>>
> >>> 
> >>>
> >>>      
> >>>
> >>>>Hi, I have a standard web server, now I want to
> >>>>        
> >>>>
> >>run
> >>    
> >>
> >>>>it with mod_ssl at 
> >>>>port 4443 ( port 443 has already been used).
> >>>>Attachment is the 
> >>>>httpd.conf, and ssl.conf. When I type
> >>>>http://www.gibbons.com, it display 
> >>>>our company webpage, and i expect the same for 
> >>>>https://www.gibbons.com:4443. However, when I
> >>>>        
> >>>>
> >>tried
> >>    
> >>
> >>>>to https, it just 
> >>>>displayed the test page of apache. What did I do
> >>>>wrong here?
> >>>>   
> >>>>
> >>>>        
> >>>>
> >>>>>#
> >>>>>     
> >>>>>
> >>>>>          
> >>>>>
> >>>># This is the Apache server configuration file
> >>>>providing SSL support.
> >>>># It contains the configuration directives to
> >>>>instruct the server how to
> >>>># serve pages over an https connection. For
> >>>>detailing information about these 
> >>>># directives see
> >>>>
> >>>>   
> >>>>
> >>>>        
> >>>>
>
>><URL:http://httpd.apache.org/docs-2.0/mod/mod_ssl.html>
> >>    
> >>
> >>> 
> >>>
> >>>      
> >>>
> >>>># 
> >>>># Do NOT simply read the instructions in here
> >>>>without understanding
> >>>># what they do.  They're here only as hints or
> >>>>reminders.  If you are unsure
> >>>># consult the online docs. You have been warned.
>  
> >>>>#
> >>>>
> >>>>LoadModule ssl_module modules/mod_ssl.so
> >>>>
> >>>>#   Until documentation is completed, please
> check
> >>>>http://www.modssl.org/
> >>>>#   for additional config examples and module
> >>>>docmentation.  Directives
> >>>>#   and features of mod_ssl are largely
> unchanged
> >>>>        
> >>>>
> >>>>from the mod_ssl project
> >>>      
> >>>
> >>>>#   for Apache 1.3.
> >>>>
> >>>>#
> >>>># When we also provide SSL we have to listen to
> >>>>        
> >>>>
> >>the 
> >>    
> >>
> >>>># standard HTTP port (see above) and to the
> HTTPS
> >>>>port
> >>>>#
> >>>>Listen 4443
> >>>>
> >>>>##
> >>>>##  SSL Global Context
> >>>>##
> >>>>##  All SSL configuration in this context
> applies
> >>>>both to
> >>>>##  the main server and all SSL-enabled virtual
> >>>>hosts.
> >>>>##
> >>>>
> >>>>#
> >>>>#   Some MIME-types for downloading Certificates
> >>>>        
> >>>>
> >>and
> >>    
> >>
> >>>>CRLs
> >>>>#
> >>>>AddType application/x-x509-ca-cert .crt
> >>>>AddType application/x-pkcs7-crl    .crl
> >>>>
> >>>>#   Pass Phrase Dialog:
> >>>>#   Configure the pass phrase gathering process.
> >>>>#   The filtering dialog program (`builtin' is a
> >>>>internal
> >>>>#   terminal dialog) has to provide the pass
> >>>>        
> >>>>
> >>phrase
> >>    
> >>
> >>>>on stdout.
> >>>>SSLPassPhraseDialog  builtin
> >>>>
> >>>>#   Inter-Process Session Cache:
> >>>>#   Configure the SSL Session Cache: First the
> >>>>mechanism 
> >>>>#   to use and second the expiring timeout (in
> >>>>seconds).
> >>>>#SSLSessionCache        none
> >>>>#SSLSessionCache       
> >>>>dbm:/var/cache/mod_ssl/scache(512000)
> >>>>#SSLSessionCache       
> >>>>dc:UNIX/var/cache/mod_ssl/distcache
> >>>>SSLSessionCache        
> >>>>shmcb:/var/cache/mod_ssl/scache(512000)
> >>>>SSLSessionCacheTimeout  300
> >>>>
> >>>>#   Semaphore:
> >>>>#   Configure the path to the mutual exclusion
> >>>>semaphore the
> >>>>#   SSL engine uses internally for inter-process
> >>>>synchronization. 
> >>>>SSLMutex default
> >>>>
> >>>>#   Pseudo Random Number Generator (PRNG):
> >>>>#   Configure one or more sources to seed the
> PRNG
> >>>>of the 
> >>>>#   SSL library. The seed data should be of good
> >>>>random quality.
> >>>>#   WARNING! On some platforms /dev/random
> blocks
> >>>>        
> >>>>
> >>if
> >>    
> >>
> >>>>not enough entropy
> >>>>#   is available. This means you then cannot use
> >>>>        
> >>>>
> >>the
> >>    
> >>
> >>>>/dev/random device
> >>>>#   because it would lead to very long
> connection
> >>>>times (as long as
> >>>>#   it requires to make more entropy available).
> >>>>        
> >>>>
> >>But
> >>    
> >>
> >>>>usually those
> >>>>#   platforms additionally provide a
> /dev/urandom
> >>>>device which doesn't
> >>>>#   block. So, if available, use this one
> instead.
> >>>>Read the mod_ssl User
> >>>>#   Manual for more details.
> >>>>SSLRandomSeed startup file:/dev/urandom  256
> >>>>SSLRandomSeed connect builtin
> >>>>#SSLRandomSeed startup file:/dev/random  512
> >>>>#SSLRandomSeed connect file:/dev/random  512
> >>>>#SSLRandomSeed connect file:/dev/urandom 512
> >>>>
> >>>>#
> >>>># Use "SSLCryptoDevice" to enable any supported
> >>>>hardware
> >>>># accelerators. Use "openssl engine -v" to list
> >>>>supported
> >>>># engine names.  NOTE: If you enable an
> >>>>        
> >>>>
> >>accelerator
> >>    
> >>
> >>>>and the
> >>>># server does not start, consult the error logs
> >>>>        
> >>>>
> >>and
> >>    
> >>
> >>>>ensure
> >>>># your accelerator is functioning properly. 
> >>>>#
> >>>>SSLCryptoDevice builtin
> >>>>#SSLCryptoDevice ubsec
> >>>>
> >>>>##
> >>>>## SSL Virtual Host Context
> >>>>##
> >>>>
> >>>><VirtualHost _default_:4443>
> >>>>
> >>>># General setup for the virtual host, inherited
> >>>>        
> >>>>
> >>from
> >>    
> >>
> >>>>global configuration
> >>>>DocumentRoot "/var/www/html"
> >>>>ServerName gibbons.com:4443
> >>>>
> >>>># Use separate log files for the SSL virtual
> host;
> >>>>note that LogLevel
> >>>># is not inherited from httpd.conf.
> >>>>ErrorLog logs/ssl_error_log
> >>>>TransferLog logs/ssl_access_log
> >>>>LogLevel warn
> >>>>
> >>>>#   SSL Engine Switch:
> >>>>#   Enable/Disable SSL for this virtual host.
> >>>>SSLEngine on
> >>>>
> >>>>#   SSL Cipher Suite:
> >>>>#   List the ciphers that the client is
> permitted
> >>>>        
> >>>>
> >>to
> >>    
> >>
> >>>>negotiate.
> >>>>#   See the mod_ssl documentation for a complete
> >>>>list.
> >>>>SSLCipherSuite
> >>>>
> >>>>   
> >>>>
> >>>>        
> >>>>
>
>>ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
> >>    
> >>
> >>> 
> >>>
> >>>      
> >>>
> >>>>#   Server Certificate:
> >>>>#   Point SSLCertificateFile at a PEM encoded
> >>>>certificate.  If
> >>>>#   the certificate is encrypted, then you will
> be
> >>>>prompted for a
> >>>>#   pass phrase.  Note that a kill -HUP will
> >>>>        
> >>>>
> >>prompt
> >>    
> >>
> >>>>again. A test
> >>>>#   certificate can be generated with `make
> >>>>certificate' under
> >>>>#   built time. Keep in mind that if you've both
> a
> >>>>RSA and a DSA
> >>>>#   certificate you can configure both in
> parallel
> >>>>(to also allow
> >>>>#   the use of DSA ciphers, etc.)
> >>>>SSLCertificateFile
> >>>>/etc/httpd/conf/ssl.crt/server.crt
> >>>>#SSLCertificateFile
> >>>>/etc/httpd/conf/ssl.crt/server-dsa.crt
> >>>>
> >>>>#   Server Private Key:
> >>>>#   If the key is not combined with the
> >>>>        
> >>>>
> >>certificate,
> >>    
> >>
> >>>>use this
> >>>>#   directive to point at the key file.  Keep in
> >>>>mind that if
> >>>>#   you've both a RSA and a DSA private key you
> >>>>        
> >>>>
> >>can
> >>    
> >>
> >>>>configure
> >>>>#   both in parallel (to also allow the use of
> DSA
> >>>>ciphers, etc.)
> >>>>SSLCertificateKeyFile
> >>>>/etc/httpd/conf/ssl.key/server.key
> >>>>#SSLCertificateKeyFile
> >>>>/etc/httpd/conf/ssl.key/server-dsa.key
> >>>>
> >>>>#   Server Certificate Chain:
> >>>>#   Point SSLCertificateChainFile at a file
> >>>>containing the
> >>>>#   concatenation of PEM encoded CA certificates
> >>>>which form the
> >>>>#   certificate chain for the server
> certificate.
> >>>>Alternatively
> >>>>#   the referenced file can be the same as
> >>>>SSLCertificateFile
> >>>>#   when the CA certificates are directly
> appended
> >>>>to the server
> >>>>#   certificate for convinience.
> >>>>#SSLCertificateChainFile
> >>>>/etc/httpd/conf/ssl.crt/ca.crt
> >>>>
> >>>>#   Certificate Authority (CA):
> >>>>#   Set the CA certificate verification path
> where
> >>>>to find CA
> >>>>#   certificates for client authentication or
> >>>>alternatively one
> >>>>#   huge file containing all of them (file must
> be
> >>>>PEM encoded)
> >>>>#   Note: Inside SSLCACertificatePath you need
> >>>>        
> >>>>
> >>hash
> >>    
> >>
> >>>>symlinks
> >>>>#         to point to the certificate files. Use
> >>>>        
> >>>>
> >>the
> >>    
> >>
> >>>>provided
> >>>>#         Makefile to update the hash symlinks
> >>>>        
> >>>>
> >>after
> >>    
> >>
> >>>>changes.
> >>>>#SSLCACertificatePath /etc/httpd/conf/ssl.crt
> >>>>#SSLCACertificateFile
> >>>>/usr/share/ssl/certs/ca-bundle.crt
> >>>>
> >>>>#   Certificate Revocation Lists (CRL):
> >>>>#   Set the CA revocation path where to find CA
> >>>>        
> >>>>
> >>CRLs
> >>    
> >>
> >>>>for client
> >>>>#   authentication or alternatively one huge
> file
> >>>>containing all
> >>>>#   of them (file must be PEM encoded)
> >>>>#   Note: Inside SSLCARevocationPath you need
> hash
> >>>>symlinks
> >>>>#         to point to the certificate files. Use
> >>>>        
> >>>>
> >>the
> >>    
> >>
> >>>>provided
> >>>>#         Makefile to update the hash symlinks
> >>>>        
> >>>>
> >>after
> >>    
> >>
> >>>>changes.
> >>>>#SSLCARevocationPath /etc/httpd/conf/ssl.crl
> >>>>#SSLCARevocationFile
> >>>>/etc/httpd/conf/ssl.crl/ca-bundle.crl
> >>>>
> >>>>#   Client Authentication (Type):
> >>>>#   Client certificate verification type and
> >>>>        
> >>>>
> >>depth. 
> >>    
> >>
> >>>>Types are
> >>>>#   none, optional, require and optional_no_ca. 
> >>>>Depth is a
> >>>>#   number which specifies how deeply to verify
> >>>>        
> >>>>
> >>the
> >>    
> >>
> >>>>certificate
> >>>>#   issuer chain before deciding the certificate
> >>>>        
> >>>>
> >>is
> >>    
> >>
> >>>>not valid.
> >>>>#SSLVerifyClient require
> >>>>#SSLVerifyDepth  10
> >>>>
> >>>>#   Access Control:
> >>>>#   With SSLRequire you can do per-directory
> >>>>        
> >>>>
> >>access
> >>    
> >>
> >>>>control based
> >>>>#   on arbitrary complex boolean expressions
> >>>>containing server
> >>>>#   variable checks and other lookup directives.
> 
> >>>>The syntax is a
> >>>>#   mixture between C and Perl.  See the mod_ssl
> >>>>documentation
> >>>>#   for more details.
> >>>>#<Location />
> >>>>#SSLRequire (    %{SSL_CIPHER} !~ m/^(EXP|NULL)/
> \
> >>>>#            and %{SSL_CLIENT_S_DN_O} eq "Snake
> >>>>        
> >>>>
> >>Oil,
> >>    
> >>
> >>>>Ltd." \
> >>>>#            and %{SSL_CLIENT_S_DN_OU} in
> >>>>        
> >>>>
> >>{"Staff",
> >>    
> >>
> >>>>"CA", "Dev"} \
> >>>>#            and %{TIME_WDAY} >= 1 and
> >>>>        
> >>>>
> >>%{TIME_WDAY}
> >>    
> >>
> >>>><= 5 \
> >>>>#            and %{TIME_HOUR} >= 8 and
> >>>>        
> >>>>
> >>%{TIME_HOUR}
> >>    
> >>
> >>>><= 20       ) \
> >>>>#           or %{REMOTE_ADDR} =~
> >>>>m/^192\.76\.162\.[0-9]+$/
> >>>>#</Location>
> >>>>
> >>>>#   SSL Engine Options:
> >>>>#   Set various options for the SSL engine.
> >>>>#   o FakeBasicAuth:
> >>>>#     Translate the client X.509 into a Basic
> >>>>Authorisation.  This means that
> >>>>#     the standard Auth/DBMAuth methods can be
> >>>>        
> >>>>
> >>used
> >>    
> >>
> >>>>for access control.  The
> >>>>#     user name is the `one line' version of the
> >>>>client's X.509 certificate.
> >>>>#     Note that no password is obtained from the
> >>>>user. Every entry in the user
> >>>>#     file needs this password: `xxj31ZMTZzkVA'.
> >>>>#   o ExportCertData:
> >>>>#     This exports two additional environment
> >>>>variables: SSL_CLIENT_CERT and
> >>>>#     SSL_SERVER_CERT. These contain the
> >>>>        
> >>>>
> >>PEM-encoded
> >>    
> >>
> >>>>certificates of the
> >>>>#     server (always existing) and the client
> >>>>        
> >>>>
> >>(only
> >>    
> >>
> >>>>existing when client
> >>>>#     authentication is used). This can be used
> to
> >>>>import the certificates
> >>>>#     into CGI scripts.
> >>>>#   o StdEnvVars:
> >>>>#     This exports the standard SSL/TLS related
> >>>>`SSL_*' environment variables.
> >>>>#     Per default this exportation is switched
> off
> >>>>for performance reasons,
> >>>>#     because the extraction step is an
> expensive
> >>>>operation and is usually
> >>>>#     useless for serving static content. So one
> >>>>usually enables the
> >>>>#     exportation for CGI and SSI requests only.
> >>>>#   o StrictRequire:
> >>>>#     This denies access when "SSLRequireSSL" or
> >>>>"SSLRequire" applied even
> >>>>#     under a "Satisfy any" situation, i.e. when
> >>>>        
> >>>>
> >>it
> >>    
> >>
> >>>>applies access is denied
> >>>>#     and no other module can change it.
> >>>>#   o OptRenegotiate:
> >>>>#     This enables optimized SSL connection
> >>>>renegotiation handling when SSL
> >>>>#     directives are used in per-directory
> >>>>        
> >>>>
> >>context. 
> >>    
> >>
> >>>>#SSLOptions +FakeBasicAuth +ExportCertData
> >>>>+CompatEnvVars +StrictRequire
> >>>><Files ~ "\.(cgi|shtml|phtml|php3?)$">
> >>>>   SSLOptions +StdEnvVars
> >>>></Files>
> >>>><Directory "/var/www/cgi-bin">
> >>>>   SSLOptions +StdEnvVars
> >>>></Directory>
> >>>>
> >>>>#   SSL Protocol Adjustments:
> >>>>#   The safe and default but still SSL/TLS
> >>>>        
> >>>>
> >>standard
> >>    
> >>
> >>>>compliant shutdown
> >>>>#   approach is that mod_ssl sends the close
> >>>>        
> >>>>
> >>notify
> >>    
> >>
> >>>>alert but doesn't wait for
> >>>>#   the close notify alert from client. When you
> >>>>need a different shutdown
> >>>>#   approach you can use one of the following
> >>>>variables:
> >>>>#   o ssl-unclean-shutdown:
> >>>>#     This forces an unclean shutdown when the
> >>>>connection is closed, i.e. no
> >>>>#     SSL close notify alert is send or allowed
> to
> >>>>received.  This violates
> >>>>#     the SSL/TLS standard but is needed for
> some
> >>>>brain-dead browsers. Use
> >>>>#     this when you receive I/O errors because
> of
> >>>>the standard approach where
> >>>>#     mod_ssl sends the close notify alert.
> >>>>#   o ssl-accurate-shutdown:
> >>>>#     This forces an accurate shutdown when the
> >>>>connection is closed, i.e. a
> >>>>#     SSL close notify alert is send and mod_ssl
> >>>>waits for the close notify
> >>>>#     alert of the client. This is 100% SSL/TLS
> >>>>standard compliant, but in
> >>>>#     practice often causes hanging connections
> >>>>        
> >>>>
> >>with
> >>    
> >>
> >>>>brain-dead browsers. Use
> >>>>#     this only for browsers where you know that
> >>>>their SSL implementation
> >>>>#     works correctly. 
> >>>>#   Notice: Most problems of broken clients are
> >>>>        
> >>>>
> >>also
> >>    
> >>
> >>>>related to the HTTP
> >>>>#   keep-alive facility, so you usually
> >>>>        
> >>>>
> >>additionally
> >>    
> >>
> >>>>want to disable
> >>>>#   keep-alive for those clients, too. Use
> >>>>        
> >>>>
> >>variable
> >>    
> >>
> >>>>"nokeepalive" for this.
> >>>>#   Similarly, one has to force some clients to
> >>>>        
> >>>>
> >>use
> >>    
> >>
> >>>>HTTP/1.0 to workaround
> >>>>#   their broken HTTP/1.1 implementation. Use
> >>>>variables "downgrade-1.0" and
> >>>>#   "force-response-1.0" for this.
> >>>>SetEnvIf User-Agent ".*MSIE.*" \
> >>>>        nokeepalive ssl-unclean-shutdown \
> >>>>        downgrade-1.0 force-response-1.0
> >>>>
> >>>>#   Per-Server Logging:
> >>>>#   The home of a custom SSL log file. Use this
> >>>>        
> >>>>
> >>when
> >>    
> >>
> >>>>you want a
> >>>>#   compact non-error SSL logfile on a virtual
> >>>>        
> >>>>
> >>host
> >>    
> >>
> >>>>basis.
> >>>>CustomLog logs/ssl_request_log \
> >>>>         "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x
> >>>>\"%r\" %b"
> >>>>
> >>>></VirtualHost>                                  
> >>>>
> >>>>   
> >>>>
> >>>>        
> >>>>
> >>>>>#
> >>>>>     
> >>>>>
> >>>>>          
> >>>>>
> >>>># Based upon the NCSA server configuration files
> >>>>originally by Rob McCool.
> >>>>#
> >>>># This is the main Apache server configuration
> >>>>        
> >>>>
> >>file.
> >>    
> >>
> >>>>It contains the
> >>>># configuration directives that give the server
> >>>>        
> >>>>
> >>its
> >>    
> >>
> >>>>instructions.
> >>>># See URL:http://httpd.apache.org/docs-2.0/ for
> >>>>detailed information about
> >>>># the directives.
> >>>>#
> >>>># Do NOT simply read the instructions in here
> >>>>without understanding
> >>>># what they do.  They're here only as hints or
> >>>>reminders.  If you are unsure
> >>>># consult the online docs. You have been warned.
>  
> >>>>#
> >>>># The configuration directives are grouped into
> >>>>three basic sections:
> >>>>#  1. Directives that control the operation of
> the
> >>>>Apache server process as a
> >>>>#     whole (the 'global environment').
> >>>>#  2. Directives that define the parameters of
> the
> >>>>'main' or 'default' server,
> >>>>#     which responds to requests that aren't
> >>>>        
> >>>>
> >>handled
> >>    
> >>
> >>>>by a virtual host.
> >>>>#     These directives also provide default
> values
> >>>>for the settings
> >>>>#     of all virtual hosts.
> >>>>#  3. Settings for virtual hosts, which allow
> Web
> >>>>requests to be sent to
> >>>>#     different IP addresses or hostnames and
> have
> >>>>them handled by the
> >>>>#     same Apache server process.
> >>>>#
> >>>># Configuration and logfile names: If the
> >>>>        
> >>>>
> >>filenames
> >>    
> >>
> >>>>you specify for many
> >>>># of the server's control files begin with "/"
> (or
> >>>>"drive:/" for Win32), the
> >>>># server will use that explicit path.  If the
> >>>>filenames do *not* begin
> >>>># with "/", the value of ServerRoot is prepended
> >>>>        
> >>>>
> >>--
> >>    
> >>
> >>>>so "logs/foo.log"
> >>>># with ServerRoot set to "/etc/httpd" will be
> >>>>interpreted by the
> >>>># server as "/etc/httpd/logs/foo.log".
> >>>>#
> >>>>
> >>>>### Section 1: Global Environment
> >>>>#
> >>>># The directives in this section affect the
> >>>>        
> >>>>
> >>overall
> >>    
> >>
> >>>>operation of Apache,
> >>>># such as the number of concurrent requests it
> can
> >>>>handle or where it
> >>>># can find its configuration files.
> >>>>#
> >>>>
> >>>>#
> >>>># Don't give away too much information about all
> >>>>        
> >>>>
> >>the
> >>    
> >>
> >>>>subcomponents
> >>>># we are running.  Comment out this line if you
> >>>>don't mind remote sites
> >>>># finding out what major optional modules you
> are
> >>>>running
> >>>>ServerTokens OS
> >>>>
> >>>>#
> >>>># ServerRoot: The top of the directory tree
> under
> >>>>which the server's
> >>>># configuration, error, and log files are kept.
> >>>>#
> >>>># NOTE!  If you intend to place this on an NFS
> (or
> >>>>otherwise network)
> >>>># mounted filesystem then please read the
> LockFile
> >>>>documentation
> >>>># (available at
> >>>>
> >>>>   
> >>>>
> >>>>        
> >>>>
>
>><URL:http://httpd.apache.org/docs-2.0/mod/core.html#lockfile>);
> >>    
> >>
> >>> 
> >>>
> >>>      
> >>>
> >>>># you will save yourself a lot of trouble.
> >>>>#
> >>>># Do NOT add a slash at the end of the directory
> >>>>path.
> >>>>#
> >>>>ServerRoot "/etc/httpd"
> >>>>
> >>>>#
> >>>># ScoreBoardFile: File used to store internal
> >>>>        
> >>>>
> >>server
> >>    
> >>
> >>>>process information.
> >>>># If unspecified (the default), the scoreboard
> >>>>        
> >>>>
> >>will
> >>    
> >>
> >>>>be stored in an
> >>>># anonymous shared memory segment, and will be
> >>>>unavailable to third-party
> >>>># applications.
> >>>># If specified, ensure that no two invocations
> of
> >>>>Apache share the same
> >>>># scoreboard file. The scoreboard file MUST BE
> >>>>STORED ON A LOCAL DISK.
> >>>>#
> >>>>#ScoreBoardFile run/httpd.scoreboard
> >>>>
> >>>>#
> >>>># PidFile: The file in which the server should
> >>>>record its process
> >>>># identification number when it starts.
> >>>>#
> >>>>PidFile "/var/run/httpd.pid"
> >>>>
> >>>>#
> >>>># Timeout: The number of seconds before receives
> >>>>        
> >>>>
> >>and
> >>    
> >>
> >>>>sends time out.
> >>>>#
> >>>>TimeOut 300
> >>>>
> >>>>#
> >>>># KeepAlive: Whether or not to allow persistent
> >>>>connections (more than
> >>>># one request per connection). Set to "Off" to
> >>>>deactivate.
> >>>>#
> >>>>KeepAlive true
> >>>>
> >>>>#
> >>>># MaxKeepAliveRequests: The maximum number of
> >>>>requests to allow
> >>>># during a persistent connection. Set to 0 to
> >>>>        
> >>>>
> >>allow
> >>    
> >>
> >>>>an unlimited amount.
> >>>># We recommend you leave this number high, for
> >>>>maximum performance.
> >>>>#
> >>>>MaxKeepAliveRequests 100
> >>>>
> >>>>#
> >>>># KeepAliveTimeout: Number of seconds to wait
> for
> >>>>the next request from the
> >>>># same client on the same connection.
> >>>>#
> >>>>KeepAliveTimeout 15
> >>>>
> >>>>##
> >>>>## Server-Pool Size Regulation (MPM specific)
> >>>>## 
> >>>>
> >>>># prefork MPM
> >>>># StartServers: number of server processes to
> >>>>        
> >>>>
> >>start
> >>    
> >>
> >>>># MinSpareServers: minimum number of server
> >>>>processes which are kept spare
> >>>># MaxSpareServers: maximum number of server
> >>>>processes which are kept spare
> >>>># MaxClients: maximum number of server processes
> >>>>allowed to start
> >>>># MaxRequestsPerChild: maximum number of
> requests
> >>>>        
> >>>>
> >>a
> >>    
> >>
> >>>>server process serves
> >>>><IfModule prefork.c>
> >>>>StartServers 8
> >>>>MinSpareServers 5
> >>>>MaxSpareServers 20
> >>>>MaxClients 150
> >>>>MaxRequestsPerChild 100
> >>>></IfModule>
> >>>>
> >>>># worker MPM
> >>>># StartServers: initial number of server
> processes
> >>>>to start
> >>>># MaxClients: maximum number of simultaneous
> >>>>        
> >>>>
> >>client
> >>    
> >>
> >>>>connections
> >>>># MinSpareThreads: minimum number of worker
> >>>>        
> >>>>
> >>threads
> >>    
> >>
> >>>>which are kept spare
> >>>># MaxSpareThreads: maximum number of worker
> >>>>        
> >>>>
> >>threads
> >>    
> >>
> >>>>which are kept spare
> >>>># ThreadsPerChild: constant number of worker
> >>>>        
> >>>>
> >>threads
> >>    
> >>
> >>>>in each server process
> >>>># MaxRequestsPerChild: maximum number of
> requests
> >>>>        
> >>>>
> >>a
> >>    
> >>
> >>>>server process serves
> >>>><IfModule worker.c>
> >>>>StartServers         2
> >>>>MaxClients         150
> >>>>MinSpareThreads     25
> >>>>MaxSpareThreads     75
> >>>>ThreadsPerChild     25 
> >>>>MaxRequestsPerChild  0
> >>>></IfModule>
> >>>>
> >>>>#
> >>>># Listen: Allows you to bind Apache to specific
> IP
> >>>>addresses and/or
> >>>># ports, in addition to the default. See also
> the
> >>>><VirtualHost>
> >>>># directive.
> >>>>#
> >>>># Change this to Listen on specific IP addresses
> >>>>        
> >>>>
> >>as
> >>    
> >>
> >>>>shown below to 
> >>>># prevent Apache from glomming onto all bound IP
> >>>>addresses (0.0.0.0)
> >>>>#
> >>>>#Listen 12.34.56.78:80
> >>>>Listen *:80
> >>>>
> >>>>
> >>>>#
> >>>># Dynamic Shared Object (DSO) Support
> >>>>#
> >>>># To be able to use the functionality of a
> module
> >>>>which was built as a DSO you
> >>>># have to place corresponding `LoadModule' lines
> >>>>        
> >>>>
> >>at
> >>    
> >>
> >>>>this location so the
> >>>># directives contained in it are actually
> >>>>        
> >>>>
> >>available
> >>    
> >>
> >>>>_before_ they are used.
> >>>># Statically compiled modules (those listed by
> >>>>`httpd -l') do not need
> >>>># to be loaded here.
> >>>>#
> >>>># Example:
> >>>># LoadModule foo_module modules/mod_foo.so
> >>>>#
> >>>>LoadModule access_module modules/mod_access.so
> >>>>LoadModule auth_module modules/mod_auth.so
> >>>>LoadModule auth_anon_module
> >>>>        
> >>>>
> >>modules/mod_auth_anon.so
> >>    
> >>
> >>>>LoadModule auth_dbm_module
> modules/mod_auth_dbm.so
> >>>>LoadModule auth_digest_module
> >>>>modules/mod_auth_digest.so
> >>>>LoadModule ldap_module modules/mod_ldap.so
> >>>>LoadModule auth_ldap_module
> >>>>        
> >>>>
> >>modules/mod_auth_ldap.so
> >>    
> >>
> >>>>LoadModule include_module modules/mod_include.so
> >>>>LoadModule log_config_module
> >>>>modules/mod_log_config.so
> >>>>LoadModule env_module modules/mod_env.so
> >>>>LoadModule mime_magic_module
> >>>>modules/mod_mime_magic.so
> >>>>LoadModule cern_meta_module
> >>>>        
> >>>>
> >>modules/mod_cern_meta.so
> >>    
> >>
> >>>>LoadModule expires_module modules/mod_expires.so
> >>>>LoadModule deflate_module modules/mod_deflate.so
> >>>>LoadModule headers_module modules/mod_headers.so
> >>>>LoadModule usertrack_module
> >>>>        
> >>>>
> >>modules/mod_usertrack.so
> >>    
> >>
> >>>>LoadModule unique_id_module
> >>>>        
> >>>>
> >>modules/mod_unique_id.so
> >>    
> >>
> >>>>LoadModule setenvif_module
> modules/mod_setenvif.so
> >>>>LoadModule mime_module modules/mod_mime.so
> >>>>LoadModule dav_module modules/mod_dav.so
> >>>>#Nina added these in for svn server
> >>>>#
> >>>>LoadModule dav_svn_module modules/mod_dav_svn.so
> >>>>LoadModule authz_svn_module
> >>>>        
> >>>>
> >>modules/mod_authz_svn.so
> >>    
> >>
> >>>>#
> >>>>LoadModule status_module modules/mod_status.so
> >>>>LoadModule autoindex_module
> >>>>        
> >>>>
> >>modules/mod_autoindex.so
> >>    
> >>
> >>>>LoadModule asis_module modules/mod_asis.so
> >>>>LoadModule info_module modules/mod_info.so
> >>>>LoadModule dav_fs_module modules/mod_dav_fs.so
> >>>>LoadModule vhost_alias_module
> >>>>modules/mod_vhost_alias.so
> >>>>LoadModule negotiation_module
> >>>>modules/mod_negotiation.so
> >>>>LoadModule dir_module modules/mod_dir.so
> >>>>LoadModule imap_module modules/mod_imap.so
> >>>>LoadModule actions_module modules/mod_actions.so
> >>>>LoadModule speling_module modules/mod_speling.so
> >>>>LoadModule userdir_module modules/mod_userdir.so
> >>>>LoadModule alias_module modules/mod_alias.so
> >>>>LoadModule rewrite_module modules/mod_rewrite.so
> >>>>LoadModule proxy_module modules/mod_proxy.so
> >>>>LoadModule proxy_ftp_module
> >>>>        
> >>>>
> >>modules/mod_proxy_ftp.so
> >>    
> >>
> >>>>LoadModule proxy_http_module
> >>>>modules/mod_proxy_http.so
> >>>>LoadModule proxy_connect_module
> >>>>modules/mod_proxy_connect.so
> >>>>LoadModule cache_module modules/mod_cache.so
> >>>>LoadModule suexec_module modules/mod_suexec.so
> >>>>LoadModule disk_cache_module
> >>>>modules/mod_disk_cache.so
> >>>>LoadModule file_cache_module
> >>>>modules/mod_file_cache.so
> >>>>LoadModule mem_cache_module
> >>>>        
> >>>>
> >>modules/mod_mem_cache.so
> >>    
> >>
> >>>>LoadModule cgi_module modules/mod_cgi.so
> >>>>
> >>>>#
> >>>># Load config files from the config directory
> >>>>"/etc/httpd/conf.d".
> >>>>#
> >>>>Include conf.d/*.conf
> >>>>
> >>>>#
> >>>># ExtendedStatus controls whether Apache will
> >>>>generate "full" status
> >>>># information (ExtendedStatus On) or just basic
> >>>>information (ExtendedStatus
> >>>># Off) when the "server-status" handler is
> called.
> >>>>The default is Off.
> >>>>#
> >>>>#ExtendedStatus On
> >>>>
> >>>>### Section 2: 'Main' server configuration
> >>>>#
> >>>># The directives in this section set up the
> values
> >>>>used by the 'main'
> >>>># server, which responds to any requests that
> >>>>        
> >>>>
> >>aren't
> >>    
> >>
> >>>>handled by a
> >>>># <VirtualHost> definition.  These values also
> >>>>provide defaults for
> >>>># any <VirtualHost> containers you may define
> >>>>        
> >>>>
> >>later
> >>    
> >>
> >>>>in the file.
> >>>>#
> >>>># All of these directives may appear inside
> >>>><VirtualHost> containers,
> >>>># in which case these default settings will be
> >>>>overridden for the
> >>>># virtual host being defined.
> >>>>#
> >>>>
> >>>>#
> >>>># If you wish httpd to run as a different user
> or
> >>>>group, you must run
> >>>># httpd as root initially and it will switch.  
> >>>>#
> >>>># User/Group: The name (or #number) of the
> >>>>user/group to run httpd as.
> >>>>#  . On SCO (ODT 3) use "User nouser" and "Group
> >>>>nogroup".
> >>>>#  . On HPUX you may not be able to use shared
> >>>>memory as nobody, and the
> >>>>#    suggested workaround is to create a user
> www
> >>>>and use that user.
> >>>>#  NOTE that some kernels refuse to
> setgid(Group)
> >>>>        
> >>>>
> >>or
> >>    
> >>
> >>>>semctl(IPC_SET)
> >>>>#  when the value of (unsigned)Group is above
> >>>>        
> >>>>
> >>60000;
> >>    
> >>
> >>>>#  don't use Group #-1 on these systems!
> >>>>#
> >>>>User apache
> >>>>Group apache
> >>>>
> >>>>#
> >>>># ServerAdmin: Your address, where problems with
> >>>>        
> >>>>
> >>the
> >>    
> >>
> >>>>server should be
> >>>># e-mailed.  This address appears on some
> >>>>server-generated pages, such
> >>>># as error documents.  e.g.
> admin@your-domain.com
> >>>>#
> >>>>ServerAdmin root@gibbons.com
> >>>>
> >>>>#
> >>>># ServerName gives the name and port that the
> >>>>        
> >>>>
> >>server
> >>    
> >>
> >>>>uses to identify itself.
> >>>># This can often be determined automatically,
> but
> >>>>        
> >>>>
> >>we
> >>    
> >>
> >>>>recommend you specify
> >>>># it explicitly to prevent problems during
> >>>>        
> >>>>
> >>startup.
> >>    
> >>
> >>>>#
> >>>># If this is not set to valid DNS name for your
> >>>>host, server-generated
> >>>># redirections will not work.  See also the
> >>>>UseCanonicalName directive.
> >>>>#
> >>>># If your host doesn't have a registered DNS
> name,
> >>>>enter its IP address here.
> >>>># You will have to access it by its address
> >>>>        
> >>>>
> >>anyway,
> >>    
> >>
> >>>>and this will make 
> >>>># redirections work in a sensible way.
> >>>>#
> >>>>ServerName gibbons.com:80
> >>>>
> >>>>#
> >>>># UseCanonicalName: Determines how Apache
> >>>>        
> >>>>
> >>constructs
> >>    
> >>
> >>>>self-referencing 
> >>>># URLs and the SERVER_NAME and SERVER_PORT
> >>>>variables.
> >>>># When set "Off", Apache will use the Hostname
> and
> >>>>Port supplied
> >>>># by the client.  When set "On", Apache will use
> >>>>        
> >>>>
> >>the
> >>    
> >>
> >>>>value of the
> >>>># ServerName directive.
> >>>>#
> >>>>UseCanonicalName on
> >>>>
> >>>>#
> >>>># DocumentRoot: The directory out of which you
> >>>>        
> >>>>
> >>will
> >>    
> >>
> >>>>serve your
> >>>># documents. By default, all requests are taken
> >>>>        
> >>>>
> >>from
> >>    
> >>
> >>>>this directory, but
> >>>># symbolic links and aliases may be used to
> point
> >>>>        
> >>>>
> >>to
> >>    
> >>
> >>>>other locations.
> >>>>#
> >>>>DocumentRoot "/var/www/html"
> >>>>
> >>>># 
> >>>># Disable autoindex for the root directory, and
> >>>>present a
> >>>># default Welcome page if no other index page is
> >>>>present.
> >>>>#
> >>>><LocationMatch "^/$">
> >>>>   Options -Indexes
> >>>>   ErrorDocument 403 /error/noindex.html
> >>>></LocationMatch>
> >>>>
> >>>>#
> >>>># UserDir: The name of the directory that is
> >>>>appended onto a user's home
> >>>># directory if a ~user request is received.
> >>>>#
> >>>># The path to the end user account 'public_html'
> >>>>directory must be
> >>>># accessible to the webserver userid.  This
> >>>>        
> >>>>
> >>usually
> >>    
> >>
> >>>>means that ~userid
> >>>># must have permissions of 711,
> >>>>        
> >>>>
> >>~userid/public_html
> >>    
> >>
> >>>>must have permissions
> >>>># of 755, and documents contained therein must
> be
> >>>>world-readable.
> >>>># Otherwise, the client will only receive a "403
> >>>>Forbidden" message.
> >>>>#
> >>>># See also:
> >>>>        
> >>>>
>
>>>http://httpd.apache.org/docs/misc/FAQ.html#forbidden
> >>>      
> >>>
> >>>>#
> >>>><IfModule mod_userdir.c>
> >>>>   #
> >>>>   # UserDir is disabled by default since it can
> >>>>confirm the presence
> >>>>   # of a username on the system (depending on
> >>>>        
> >>>>
> >>home
> >>    
> >>
> >>>>directory
> >>>>   # permissions).
> >>>>   #
> >>>>   UserDir "disable"
> >>>>
> >>>>   #
> >>>>   # To enable requests to /~user/ to serve the
> >>>>user's public_html
> >>>>   # directory, use this directive instead of
> >>>>"UserDir disable":
> >>>>   # 
> >>>>   #UserDir public_html
> >>>>
> >>>></IfModule>
> >>>>
> >>>>#
> >>>># DirectoryIndex: sets the file that Apache will
> >>>>serve if a directory
> >>>># is requested.
> >>>>#
> >>>># The index.html.var file (a type-map) is used
> to
> >>>>deliver content-
> >>>># negotiated documents.  The MultiViews Option
> can
> >>>>be used for the 
> >>>># same purpose, but it is much slower.
> >>>>#
> >>>>DirectoryIndex 
> >>>>
> >>>>#
> >>>># AccessFileName: The name of the file to look
> for
> >>>>in each directory
> >>>># for access control information.  See also the
> >>>>AllowOverride directive.
> >>>>#
> >>>>AccessFileName .htaccess
> >>>>
> >>>>#
> >>>># The following lines prevent .htaccess and
> >>>>.htpasswd files from being 
> >>>># viewed by Web clients. 
> >>>>#
> >>>><Files ~ "^\.ht">
> >>>>   Order allow,deny
> >>>>   Deny from all
> >>>></Files>
> >>>>
> >>>>#
> >>>># TypesConfig describes where the mime.types
> file
> >>>>(or equivalent) is
> >>>># to be found.
> >>>>#
> >>>>TypesConfig "/etc/mime.types"
> >>>>
> >>>>#
> >>>># DefaultType is the default MIME type the
> server
> >>>>will use for a document
> >>>># if it cannot otherwise determine one, such as
> >>>>        
> >>>>
> >>from
> >>    
> >>
> >>>>filename extensions.
> >>>># If your server contains mostly text or HTML
> >>>>documents, "text/plain" is
> >>>># a good value.  If most of your content is
> >>>>        
> >>>>
> >>binary,
> >>    
> >>
> >>>>such as applications
> >>>># or images, you may want to use
> >>>>"application/octet-stream" instead to
> >>>># keep browsers from trying to display binary
> >>>>        
> >>>>
> >>files
> >>    
> >>
> >>>>as though they are
> >>>># text.
> >>>>#
> >>>>DefaultType text/plain
> >>>>
> >>>>#
> >>>># The mod_mime_magic module allows the server to
> >>>>        
> >>>>
> >>use
> >>    
> >>
> >>>>various hints from the
> >>>># contents of the file itself to determine its
> >>>>        
> >>>>
> >>type.
> >>    
> >>
> >>>>The MIMEMagicFile
> >>>># directive tells the module where the hint
> >>>>definitions are located.
> >>>>#
> >>>><IfModule mod_mime_magic.c>
> >>>>#   MIMEMagicFile /usr/share/magic.mime
> >>>>   MIMEMagicFile conf/magic
> >>>></IfModule>
> >>>>
> >>>>#
> >>>># HostnameLookups: Log the names of clients or
> >>>>        
> >>>>
> >>just
> >>    
> >>
> >>>>their IP addresses
> >>>># e.g., www.apache.org (on) or 204.62.129.132
> >>>>        
> >>>>
> >>(off).
> >>    
> >>
> >>>># The default is off because it'd be overall
> >>>>        
> >>>>
> >>better
> >>    
> >>
> >>>>for the net if people
> >>>># had to knowingly turn this feature on, since
> >>>>enabling it means that
> >>>># each client request will result in AT LEAST
> one
> >>>>lookup request to the
> >>>># nameserver.
> >>>>#
> >>>>HostNameLookups Off
> >>>>
> >>>>#
> >>>># EnableMMAP: Control whether memory-mapping is
> >>>>        
> >>>>
> >>used
> >>    
> >>
> >>>>to deliver
> >>>># files (assuming that the underlying OS
> supports
> >>>>it).
> >>>># The default is on; turn this off if you serve
> >>>>        
> >>>>
> >>from
> >>    
> >>
> >>>>NFS-mounted 
> >>>># filesystems.  On some systems, turning it off
> >>>>(regardless of
> >>>># filesystem) can improve performance; for
> >>>>        
> >>>>
> >>details,
> >>    
> >>
> >>>>please see
> >>>>#
> >>>>
> >>>>   
> >>>>
> >>>>        
> >>>>
>
>>http://httpd.apache.org/docs-2.0/mod/core.html#enablemmap
> >>    
> >>
> >>> 
> >>>
> >>>      
> >>>
> >>>>#
> >>>>#EnableMMAP off
> >>>>
> >>>>#
> >>>># EnableSendfile: Control whether the sendfile
> >>>>kernel support is 
> >>>># used to deliver files (assuming that the OS
> >>>>supports it). 
> >>>># The default is on; turn this off if you serve
> >>>>        
> >>>>
> >>from
> >>    
> >>
> >>>>NFS-mounted 
> >>>># filesystems.  Please see
> >>>>#
> >>>>
> >>>>   
> >>>>
> >>>>        
> >>>>
>
>>http://httpd.apache.org/docs-2.0/mod/core.html#enablesendfile
> >>    
> >>
> >>> 
> >>>
> >>>      
> >>>
> >>>>#
> >>>>#EnableSendfile off
> >>>>
> >>>>#
> >>>># ErrorLog: The location of the error log file.
> >>>># If you do not specify an ErrorLog directive
> >>>>        
> >>>>
> >>within
> >>    
> >>
> >>>>a <VirtualHost>
> >>>># container, error messages relating to that
> >>>>        
> >>>>
> >>virtual
> >>    
> >>
> >>>>host will be
> >>>># logged here.  If you *do* define an error
> >>>>        
> >>>>
> >>logfile
> >>    
> >>
> >>>>for a <VirtualHost>
> >>>># container, that host's errors will be logged
> >>>>        
> >>>>
> >>there
> >>    
> >>
> >>>>and not here.
> >>>>#
> >>>>ErrorLog "/var/log/httpd/error_log"
> >>>>
> >>>>#
> >>>># LogLevel: Control the number of messages
> logged
> >>>>        
> >>>>
> >>to
> >>    
> >>
> >>>>the error_log.
> >>>># Possible values include: debug, info, notice,
> >>>>warn, error, crit,
> >>>># alert, emerg.
> >>>>#
> >>>>LogLevel warn
> >>>>
> >>>>#
> >>>># The following directives define some format
> >>>>nicknames for use with
> >>>># a CustomLog directive (see below).
> >>>>#
> >>>>LogFormat "%h %l %u %t \"%r\" %>s %b
> >>>>        
> >>>>
> >>\"%{Referer}i\"
> >>    
> >>
> >>>>\"%{User-Agent}i\"" combined
> >>>>LogFormat "%h %l %u %t \"%r\" %>s %b" common
> >>>>LogFormat "%{Referer}i -> %U" referer
> >>>>LogFormat "%{User-agent}i" agent
> >>>>
> >>>>
> >>>>#
> >>>># The location and format of the access logfile
> >>>>(Common Logfile Format).
> >>>># If you do not define any access logfiles
> within
> >>>>        
> >>>>
> >>a
> >>    
> >>
> >>>><VirtualHost>
> >>>># container, they will be logged here. 
> >>>>Contrariwise, if you *do*
> >>>># define per-<VirtualHost> access logfiles,
> >>>>transactions will be
> >>>># logged therein and *not* in this file.
> >>>>#
> >>>># CustomLog logs/access_log common
> >>>>CustomLog logs/access_log combined
> >>>>
> >>>>#
> >>>># If you would like to have agent and referer
> >>>>logfiles, uncomment the
> >>>># following directives.
> >>>>#
> >>>>#CustomLog logs/referer_log referer
> >>>>#CustomLog logs/agent_log agent
> >>>>
> >>>>#
> >>>># If you prefer a single logfile with access,
> >>>>        
> >>>>
> >>agent,
> >>    
> >>
> >>>>and referer information
> >>>># (Combined Logfile Format) you can use the
> >>>>following directive.
> >>>>#
> >>>>#CustomLog logs/access_log combined
> >>>>
> >>>>#
> >>>># Optionally add a line containing the server
> >>>>version and virtual host
> >>>># name to server-generated pages (error
> documents,
> >>>>FTP directory listings,
> >>>># mod_status and mod_info output etc., but not
> CGI
> >>>>generated documents).
> >>>># Set to "EMail" to also include a mailto: link
> to
> >>>>the ServerAdmin.
> >>>># Set to one of:  On | Off | EMail
> >>>>#
> >>>>ServerSignature on
> >>>>
> >>>>#
> >>>># Aliases: Add here as many aliases as you need
> >>>>(with no limit). The format is 
> >>>># Alias fakename realname
> >>>>#
> >>>># Note that if you include a trailing / on
> >>>>        
> >>>>
> >>fakename
> >>    
> >>
> >>>>then the server will
> >>>># require it to be present in the URL.  So
> >>>>        
> >>>>
> >>"/icons"
> >>    
> >>
> >>>>isn't aliased in this
> >>>># example, only "/icons/".  If the fakename is
> >>>>slash-terminated, then the 
> >>>># realname must also be slash terminated, and if
> >>>>        
> >>>>
> >>the
> >>    
> >>
> >>>>fakename omits the 
> >>>># trailing slash, the realname must also omit
> it.
> >>>>#
> >>>># We include the /icons/ alias for FancyIndexed
> >>>>directory listings.  If you
> >>>># do not use FancyIndexing, you may comment this
> >>>>out.
> >>>>#
> >>>>Alias /icons/ "/var/www/icons/"
> >>>>
> >>>>#
> >>>># This should be changed to the
> >>>>        
> >>>>
> >>ServerRoot/manual/. 
> >>    
> >>
> >>>>The alias provides
> >>>># the manual, even if you choose to move your
> >>>>DocumentRoot.  You may comment
> >>>># this out if you do not care for the
> >>>>        
> >>>>
> >>documentation.
> >>    
> >>
> >>>>#
> >>>>Alias /manual "/var/www/manual"
> >>>>
> >>>><IfModule mod_dav_fs.c>
> >>>>   # Location of the WebDAV lock database.
> >>>>   DAVLockDB /var/lib/dav/lockdb
> >>>></IfModule>
> >>>>
> >>>>#
> >>>># ScriptAlias: This controls which directories
> >>>>contain server scripts.
> >>>># ScriptAliases are essentially the same as
> >>>>        
> >>>>
> >>Aliases,
> >>    
> >>
> >>>>except that
> >>>># documents in the realname directory are
> treated
> >>>>        
> >>>>
> >>as
> >>    
> >>
> >>>>applications and
> >>>># run by the server when requested rather than
> as
> >>>>documents sent to the client.
> >>>># The same rules about trailing "/" apply to
> >>>>ScriptAlias directives as to
> >>>># Alias.
> >>>>#
> >>>>ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
> >>>>
> >>>><IfModule mod_cgid.c>
> >>>>#
> >>>># Additional to mod_cgid.c settings, mod_cgid
> has
> >>>>Scriptsock <path>
> >>>># for setting UNIX socket for communicating with
> >>>>cgid.
> >>>>#
> >>>>#Scriptsock            logs/cgisock
> >>>></IfModule>
> >>>>
> >>>>#Nina added
> >>>>
> >>>>   
> >>>>
> >>>>        
> >>>>
>
>>######################################################################
> >>    
> >>
> >>> 
> >>>
> >>>      
> >>>
> >>>>#<IfModule mod_ssl.c>
> >>>>#Include conf.d/ssl.conf
> >>>>#</IfModule>
> >>>>
> >>>>   
> >>>>
> >>>>        
> >>>>
>
>>######################################################################
> >>    
> >>
> >>> 
> >>>
> >>>      
> >>>
> >>>>#
> >>>># Redirect allows you to tell clients about
> >>>>documents which used to exist in
> >>>># your server's namespace, but do not anymore.
> >>>>        
> >>>>
> >>This
> >>    
> >>
> >>>>allows you to tell the
> >>>># clients where to look for the relocated
> >>>>        
> >>>>
> >>document.
> >>    
> >>
> >>>># Example:
> >>>># Redirect permanent /foo
> >>>>        
> >>>>
> >>http://www.example.com/bar
> >>    
> >>
> >>>>#
> >>>># Directives controlling the display of
> >>>>server-generated directory listings.
> >>>>#
> >>>>
> >>>>#
> >>>># FancyIndexing is whether you want fancy
> >>>>        
> >>>>
> >>directory
> >>    
> >>
> >>>>indexing or standard.
> >>>># VersionSort is whether files containing
> version
> >>>>numbers should be 
> >>>># compared in the natural way, so that
> >>>>`apache-1.3.9.tar' is placed before
> >>>># `apache-1.3.12.tar'.
> >>>>#
> >>>>IndexOptions FancyIndexing VersionSort
> NameWidth=*
> >>>>
> >>>>#
> >>>># AddIcon* directives tell the server which icon
> >>>>        
> >>>>
> >>to
> >>    
> >>
> >>>>show for different
> >>>># files or filename extensions.  These are only
> >>>>displayed for
> >>>># FancyIndexed directories.
> >>>>#
> >>>>AddIconByEncoding (CMP,/icons/compressed.gif)
> >>>>x-compress x-gzip
> >>>>
> >>>>AddIconByType (TXT,/icons/text.gif) text/*
> >>>>AddIconByType (IMG,/icons/image2.gif) image/*
> >>>>AddIconByType (SND,/icons/sound2.gif) audio/*
> >>>>AddIconByType (VID,/icons/movie.gif) video/*
> >>>>
> >>>>AddIcon /icons/binary.gif .bin .exe
> >>>>AddIcon /icons/binhex.gif .hqx
> >>>>AddIcon /icons/tar.gif .tar
> >>>>AddIcon /icons/world2.gif .wrl .wrl.gz .vrml
> .vrm
> >>>>.iv
> >>>>AddIcon /icons/compressed.gif .Z .z .tgz .gz
> .zip
> >>>>AddIcon /icons/a.gif .ps .ai .eps
> >>>>AddIcon /icons/layout.gif .html .shtml .htm .pdf
> >>>>AddIcon /icons/text.gif .txt
> >>>>AddIcon /icons/c.gif .c
> >>>>AddIcon /icons/p.gif .pl .py
> >>>>AddIcon /icons/f.gif .for
> >>>>AddIcon /icons/dvi.gif .dvi
> >>>>AddIcon /icons/uuencoded.gif .uu
> >>>>AddIcon /icons/script.gif .conf .sh .shar .csh
> >>>>        
> >>>>
> >>.ksh
> >>    
> >>
> >>>>.tcl
> >>>>AddIcon /icons/tex.gif .tex
> >>>>AddIcon /icons/bomb.gif core
> >>>>
> >>>>AddIcon /icons/back.gif ..
> >>>>AddIcon /icons/hand.right.gif README
> >>>>AddIcon /icons/folder.gif ^^DIRECTORY^^
> >>>>AddIcon /icons/blank.gif ^^BLANKICON^^
> >>>>
> >>>>#
> >>>># DefaultIcon is which icon to show for files
> >>>>        
> >>>>
> >>which
> >>    
> >>
> >>>>do not have an icon
> >>>># explicitly set.
> >>>>#
> >>>>DefaultIcon /icons/unknown.gif
> >>>>
> >>>>#
> >>>># AddDescription allows you to place a short
> >>>>description after a file in
> >>>># server-generated indexes.  These are only
> >>>>displayed for FancyIndexed
> >>>># directories.
> >>>># Format: AddDescription "description" filename
> >>>>#
> >>>>#AddDescription "GZIP compressed document" .gz
> >>>>#AddDescription "tar archive" .tar
> >>>>#AddDescription "GZIP compressed tar archive"
> .tgz
> >>>>
> >>>>#
> >>>># ReadmeName is the name of the README file the
> >>>>server will look for by
> >>>># default, and append to directory listings.
> >>>>#
> >>>># HeaderName is the name of a file which should
> be
> >>>>prepended to
> >>>># directory indexes. 
> >>>>ReadmeName README.html
> >>>>HeaderName HEADER.html
> >>>>
> >>>>#
> >>>># IndexIgnore is a set of filenames which
> >>>>        
> >>>>
> >>directory
> >>    
> >>
> >>>>indexing should ignore
> >>>># and not include in the listing.  Shell-style
> >>>>wildcarding is permitted.
> >>>>#
> >>>>IndexIgnore .??* *~ *# HEADER* README* RCS CVS
> *,v
> >>>>*,t
> >>>>
> >>>>#
> >>>># AddEncoding allows you to have certain
> browsers
> >>>>(Mosaic/X 2.1+) uncompress
> >>>># information on the fly. Note: Not all browsers
> >>>>support this.
> >>>># Despite the name similarity, the following
> Add*
> >>>>directives have nothing
> >>>># to do with the FancyIndexing customization
> >>>>directives above.
> >>>>#
> >>>>AddEncoding x-compress Z
> >>>>AddEncoding x-gzip gz tgz
> >>>>
> >>>>#
> >>>># DefaultLanguage and AddLanguage allows you to
> >>>>specify the language of 
> >>>># a document. You can then use content
> negotiation
> >>>>to give a browser a 
> >>>># file in a language the user can understand.
> >>>>#
> >>>># Specify a default language. This means that
> all
> >>>>data
> >>>># going out without a specific language tag (see
> >>>>below) will 
> >>>># be marked with this one. You probably do NOT
> >>>>        
> >>>>
> >>want
> >>    
> >>
> >>>>to set
> >>>># this unless you are sure it is correct for all
> >>>>cases.
> >>>>#
> >>>># * It is generally better to not mark a page as
> 
> >>>># * being a certain language than marking it
> with
> >>>>the wrong
> >>>># * language!
> >>>>#
> >>>># DefaultLanguage nl
> >>>>#
> >>>># Note 1: The suffix does not have to be the
> same
> >>>>        
> >>>>
> >>as
> >>    
> >>
> >>>>the language
> >>>># keyword --- those with documents in Polish
> >>>>        
> >>>>
> >>(whose
> >>    
> >>
> >>>>net-standard
> >>>># language code is pl) may wish to use
> >>>>        
> >>>>
> >>"AddLanguage
> >>    
> >>
> >>>>pl .po" to
> >>>># avoid the ambiguity with the common suffix for
> >>>>perl scripts.
> >>>>#
> >>>># Note 2: The example entries below illustrate
> >>>>        
> >>>>
> >>that
> >>    
> >>
> >>>>in some cases 
> >>>># the two character 'Language' abbreviation is
> not
> >>>>identical to 
> >>>># the two character 'Country' code for its
> >>>>        
> >>>>
> >>country,
> >>    
> >>
> >>>># E.g. 'Danmark/dk' versus 'Danish/da'.
> >>>>#
> >>>># Note 3: In the case of 'ltz' we violate the
> RFC
> >>>>        
> >>>>
> >>by
> >>    
> >>
> >>>>using a three char
> >>>># specifier. There is 'work in progress' to fix
> >>>>        
> >>>>
> >>this
> >>    
> >>
> >>>>and get
> >>>># the reference data for rfc1766 cleaned up.
> >>>>#
> >>>># Danish (da) - Dutch (nl) - English (en) -
> >>>>        
> >>>>
> >>Estonian
> >>    
> >>
> >>>>(et)
> >>>># French (fr) - German (de) - Greek-Modern (el)
> >>>># Italian (it) - Norwegian (no) - Norwegian
> >>>>        
> >>>>
> >>Nynorsk
> >>    
> >>
> >>>>(nn) - Korean (kr) 
> >>>># Portugese (pt) - Luxembourgeois* (ltz)
> >>>># Spanish (es) - Swedish (sv) - Catalan (ca) -
> >>>>Czech(cz)
> >>>># Polish (pl) - Brazilian Portuguese (pt-br) -
> >>>>Japanese (ja)
> >>>># Russian (ru) - Croatian (hr)
> >>>>#
> >>>>AddLanguage da .dk
> >>>>AddLanguage nl .nl
> >>>>AddLanguage en .en
> >>>>AddLanguage et .et
> >>>>AddLanguage fr .fr
> >>>>AddLanguage de .de
> >>>>AddLanguage he .he
> >>>>AddLanguage el .el
> >>>>AddLanguage it .it
> >>>>AddLanguage ja .ja
> >>>>AddLanguage pl .po
> >>>>AddLanguage kr .kr
> >>>>AddLanguage pt .pt
> >>>>AddLanguage nn .nn
> >>>>AddLanguage no .no
> >>>>AddLanguage pt-br .pt-br
> >>>>AddLanguage ltz .ltz
> >>>>AddLanguage ca .ca
> >>>>AddLanguage es .es
> >>>>AddLanguage sv .se
> >>>>AddLanguage cz .cz
> >>>>AddLanguage ru .ru
> >>>>AddLanguage tw .tw
> >>>>AddLanguage zh-tw .tw
> >>>>AddLanguage hr .hr
> >>>>
> >>>>#
> >>>># LanguagePriority allows you to give precedence
> >>>>        
> >>>>
> >>to
> >>    
> >>
> >>>>some languages
> >>>># in case of a tie during content negotiation.
> >>>>#
> >>>># Just list the languages in decreasing order of
> >>>>preference. We have
> >>>># more or less alphabetized them here. You
> >>>>        
> >>>>
> >>probably
> >>    
> >>
> >>>>want to change this.
> >>>>#
> >>>>LanguagePriority en da nl et fr de el it ja kr
> no
> >>>>        
> >>>>
> >>pl
> >>    
> >>
> >>>>pt pt-br ltz ca es sv tw
> >>>>
> >>>>#
> >>>># ForceLanguagePriority allows you to serve a
> >>>>        
> >>>>
> >>result
> >>    
> >>
> >>>>page rather than
> >>>># MULTIPLE CHOICES (Prefer) [in case of a tie]
> or
> >>>>NOT ACCEPTABLE (Fallback)
> >>>># [in case no accepted languages matched the
> >>>>available variants]
> >>>>#
> >>>>ForceLanguagePriority Prefer Fallback
> >>>>
> >>>>#
> >>>># Specify a default charset for all pages sent
> >>>>        
> >>>>
> >>out.
> >>    
> >>
> >>>>This is
> >>>># always a good idea and opens the door for
> future
> >>>>internationalisation
> >>>># of your web site, should you ever want it.
> >>>>Specifying it as
> >>>># a default does little harm; as the standard
> >>>>dictates that a page
> >>>># is in iso-8859-1 (latin1) unless specified
> >>>>otherwise i.e. you
> >>>># are merely stating the obvious. There are also
> >>>>some security
> >>>># reasons in browsers, related to javascript and
> >>>>        
> >>>>
> >>URL
> >>    
> >>
> >>>>parsing
> >>>># which encourage you to always set a default
> char
> >>>>set.
> >>>>#
> >>>>AddDefaultCharset ISO-8859-1
> >>>>
> >>>>#
> >>>># Commonly used filename extensions to character
> >>>>sets. You probably
> >>>># want to avoid clashes with the language
> >>>>extensions, unless you
> >>>># are good at carefully testing your setup after
> >>>>each change.
> >>>># See
> >>>>
> >>>>   
> >>>>
> >>>>        
> >>>>
>
>>ftp://ftp.isi.edu/in-notes/iana/assignments/character-sets
> >>    
> >>
> >>> 
> >>>
> >>>      
> >>>
> >>>>for
> >>>># the official list of charset names and their
> >>>>respective RFCs
> >>>>#
> >>>>AddCharset ISO-8859-1  .iso8859-1  .latin1
> >>>>AddCharset ISO-8859-2  .iso8859-2  .latin2 .cen
> >>>>AddCharset ISO-8859-3  .iso8859-3  .latin3
> >>>>AddCharset ISO-8859-4  .iso8859-4  .latin4
> >>>>AddCharset ISO-8859-5  .iso8859-5  .latin5 .cyr
> >>>>.iso-ru
> >>>>AddCharset ISO-8859-6  .iso8859-6  .latin6 .arb
> >>>>AddCharset ISO-8859-7  .iso8859-7  .latin7 .grk
> >>>>AddCharset ISO-8859-8  .iso8859-8  .latin8 .heb
> >>>>AddCharset ISO-8859-9  .iso8859-9  .latin9 .trk
> >>>>AddCharset ISO-2022-JP .iso2022-jp .jis
> >>>>AddCharset ISO-2022-KR .iso2022-kr .kis
> >>>>AddCharset ISO-2022-CN .iso2022-cn .cis
> >>>>AddCharset Big5        .Big5       .big5
> >>>># For russian, more than one charset is used
> >>>>(depends on client, mostly):
> >>>>AddCharset WINDOWS-1251 .cp-1251   .win-1251
> >>>>AddCharset CP866       .cp866
> >>>>AddCharset KOI8-r      .koi8-r .koi8-ru
> >>>>AddCharset KOI8-ru     .koi8-uk .ua
> >>>>AddCharset ISO-10646-UCS-2 .ucs2
> >>>>AddCharset ISO-10646-UCS-4 .ucs4
> >>>>AddCharset UTF-8       .utf8
> >>>>
> >>>># The set below does not map to a specific (iso)
> >>>>standard
> >>>># but works on a fairly wide range of browsers.
> >>>>        
> >>>>
> >>Note
> >>    
> >>
> >>>>that
> >>>># capitalization actually matters (it should
> not,
> >>>>but it
> >>>># does for some browsers).
> >>>>#
> >>>># See
> >>>>
> >>>>   
> >>>>
> >>>>        
> >>>>
>
>>ftp://ftp.isi.edu/in-notes/iana/assignments/character-sets
> >>    
> >>
> >>> 
> >>>
> >>>      
> >>>
> >>>># for a list of sorts. But browsers support few.
> >>>>#
> >>>>AddCharset GB2312      .gb2312 .gb
> >>>>AddCharset utf-7       .utf7
> >>>>AddCharset utf-8       .utf8
> >>>>AddCharset big5        .big5 .b5
> >>>>AddCharset EUC-TW      .euc-tw
> >>>>AddCharset EUC-JP      .euc-jp
> >>>>AddCharset EUC-KR      .euc-kr
> >>>>AddCharset shift_jis   .sjis
> >>>>
> >>>>#
> >>>># AddType allows you to add to or override the
> >>>>        
> >>>>
> >>MIME
> >>    
> >>
> >>>>configuration
> >>>># file mime.types for specific file types.
> >>>>#
> >>>>AddType application/x-tar .tgz
> >>>>#Nina added this line
> >>>>AddType text/html .shtml
> >>>>
> >>>>#
> >>>># AddHandler allows you to map certain file
> >>>>extensions to "handlers":
> >>>># actions unrelated to filetype. These can be
> >>>>        
> >>>>
> >>either
> >>    
> >>
> >>>>built into the server
> >>>># or added with the Action directive (see below)
> >>>>#
> >>>># To use CGI scripts outside of ScriptAliased
> >>>>directories:
> >>>># (You will also need to add "ExecCGI" to the
> >>>>"Options" directive.)
> >>>>#
> >>>>#AddHandler cgi-script .cgi
> >>>>
> >>>>#
> >>>># For files that include their own HTTP headers:
> >>>>#
> >>>>#AddHandler send-as-is asis
> >>>>
> >>>>#
> >>>># For server-parsed imagemap files:
> >>>>#
> >>>>AddHandler imap-file map
> >>>>
> >>>>#
> >>>># For type maps (negotiated resources):
> >>>># (This is enabled by default to allow the
> Apache
> >>>>"It Worked" page
> >>>>#  to be distributed in multiple languages.)
> >>>>#
> >>>>AddHandler type-map var
> >>>>
> >>>># Filters allow you to process content before it
> >>>>        
> >>>>
> >>is
> >>    
> >>
> >>>>sent to the client.
> >>>>#
> >>>># To parse .shtml files for server-side includes
> >>>>(SSI):
> >>>># (You will also need to add "Includes" to the
> >>>>"Options" directive.)
> >>>>#
> >>>>AddOutputFilter INCLUDES .shtml
> >>>>
> >>>>#
> >>>># Action lets you define media types that will
> >>>>execute a script whenever
> >>>># a matching file is called. This eliminates the
> >>>>need for repeated URL
> >>>># pathnames for oft-used CGI file processors.
> >>>># Format: Action media/type /cgi-script/location
> >>>># Format: Action handler-name
> /cgi-script/location
> >>>>#
> >>>>
> >>>>#
> >>>># Customizable error responses come in three
> >>>>flavors:
> >>>># 1) plain text 2) local redirects 3) external
> >>>>redirects
> >>>>#
> >>>># Some examples:
> >>>>#ErrorDocument 500 "The server made a boo boo."
> >>>>#ErrorDocument 404 /missing.html
> >>>>#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
> >>>>#ErrorDocument 402
> >>>>http://www.example.com/subscription_info.html
> >>>>#
> >>>>
> >>>>
> >>>>Alias /error/ "/var/www/error/"
> >>>>
> >>>>#
> >>>># The following directives modify normal HTTP
> >>>>response behavior to
> >>>># handle known problems with browser
> >>>>implementations.
> >>>>#
> >>>>BrowserMatch "Mozilla/2" nokeepalive
> >>>>BrowserMatch "MSIE 4\.0b2;" nokeepalive
> >>>>downgrade-1.0 force-response-1.0
> >>>>BrowserMatch "RealPlayer 4\.0"
> force-response-1.0
> >>>>BrowserMatch "Java/1\.0" force-response-1.0
> >>>>BrowserMatch "JDK/1\.0" force-response-1.0
> >>>>
> >>>>#
> >>>># The following directive disables redirects on
> >>>>non-GET requests for
> >>>># a directory that does not include the trailing
> >>>>slash.  This fixes a 
> >>>># problem with Microsoft WebFolders which does
> not
> >>>>appropriately handle 
> >>>># redirects for folders with DAV methods.
> >>>>#
> >>>>BrowserMatch "Microsoft Data Access Internet
> >>>>Publishing Provider" redirect-carefully
> >>>>BrowserMatch "^WebDrive" redirect-carefully
> >>>>BrowserMatch "^WebDAVFS/1.[012]"
> >>>>        
> >>>>
> >>redirect-carefully
> >>    
> >>
> >>>>BrowserMatch "^gnome-vfs" redirect-carefully
> >>>>
> >>>>#
> >>>># Allow server status reports, with the URL of
> >>>>http://servername/server-status
> >>>># Change the ".your-domain.com" to match your
> >>>>        
> >>>>
> >>domain
> >>    
> >>
> >>>>to enable.
> >>>>#
> >>>>#<Location /server-status>
> >>>>#    SetHandler server-status
> >>>>#    Order deny,allow
> >>>>#    Deny from all
> >>>>#    Allow from .your-domain.com
> >>>>#</Location>
> >>>>
> >>>>#
> >>>># Allow remote server configuration reports,
> with
> >>>>the URL of
> >>>>#  http://servername/server-info (requires that
> >>>>mod_info.c be loaded).
> >>>># Change the ".your-domain.com" to match your
> >>>>        
> >>>>
> >>domain
> >>    
> >>
> >>>>to enable.
> >>>>#
> >>>>#<Location /server-info>
> >>>>#    SetHandler server-info
> >>>>#    Order deny,allow
> >>>>#    Deny from all
> >>>>#    Allow from .your-domain.com
> >>>>#</Location>
> >>>>
> >>>># Nina added this in for svn server
> >>>># Repository location
> >>>><Location /svn1>
> >>>>	DAV svn
> >>>>	SVNParentPath /svn1
> >>>>	
> >>>>	# access control policy
> >>>>	AuthzSVNAccessFile /etc/svn-access-file
> >>>>	# how to authenticate a user
> >>>>	AuthType Basic
> >>>>	AuthName "Subversion repository"
> >>>>	AuthUserFile /etc/svn-auth-file
> >>>>	
> >>>>	# only authenticated users may access the
> >>>>repository
> >>>>	Require valid-user
> >>>></Location>
> >>>>
> >>>># Proxy Server directives. Uncomment the
> following
> >>>>lines to
> >>>># enable the proxy server:
> >>>>#
> >>>>#<IfModule mod_proxy.c>
> >>>>#ProxyRequests On
> >>>>#
> >>>>#<Proxy *>
> >>>>#    Order deny,allow
> >>>>#    Deny from all
> >>>>#    Allow from .your-domain.com
> >>>>#</Proxy>
> >>>>
> >>>>#
> >>>># Enable/disable the handling of HTTP/1.1 "Via:"
> >>>>headers.
> >>>># ("Full" adds the server version; "Block"
> removes
> >>>>all outgoing Via: headers)
> >>>># Set to one of: Off | On | Full | Block
> >>>>#
> >>>>#ProxyVia On
> >>>>
> >>>>#
> >>>># To enable the cache as well, edit and
> uncomment
> >>>>the following lines:
> >>>># (no cacheing without CacheRoot)
> >>>>#
> >>>>#CacheRoot "/etc/httpd/proxy"
> >>>>#CacheSize 5
> >>>>#CacheGcInterval 4
> >>>>#CacheMaxExpire 24
> >>>>#CacheLastModifiedFactor 0.1
> >>>>#CacheDefaultExpire 1
> >>>>#NoCache a-domain.com another-domain.edu
> >>>>joes.garage-sale.com
> >>>>
> >>>>#</IfModule>
> >>>># End of proxy directives.
> >>>>
> >>>>### Section 3: Virtual Hosts
> >>>>#
> >>>># VirtualHost: If you want to maintain multiple
> >>>>domains/hostnames on your
> >>>># machine you can setup VirtualHost containers
> for
> >>>>them. Most configurations
> >>>># use only name-based virtual hosts so the
> server
> >>>>doesn't need to worry about
> >>>># IP addresses. This is indicated by the
> asterisks
> >>>>in the directives below.
> >>>>#
> >>>># Please see the documentation at 
> >>>># <URL:http://httpd.apache.org/docs-2.0/vhosts/>
> >>>># for further details before you try to setup
> >>>>virtual hosts.
> >>>>#
> >>>># You may use the command line option '-S' to
> >>>>        
> >>>>
> >>verify
> >>    
> >>
> >>>>your virtual host
> >>>># configuration.
> >>>>
> >>>>#
> >>>># Use name-based virtual hosting.
> >>>>#
> >>>>
> >>>>
> >>>># Where do we put the lock and pif files?
> >>>>LockFile "/var/lock/httpd.lock"
> >>>>CoreDumpDirectory "/etc/httpd"
> >>>>
> >>>># Defaults for virtual hosts
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>>
> >>>># Logs
> >>>>
> >>>>
> >>>>
> >>>>     
> >>>>       
> >>>>       
> >>>>       
> >>>>       
> >>>>       
> >>>>       
> >>>>       
> >>>>       
> >>>>       
> >>>>       
> >>>>       
> >>>>       
> >>>>       
> >>>>       
> >>>>       
> >>>>       
> >>>>       
> >>>>       
> >>>>       
> >>>>       
> >>>>       
> >>>>       
> >>>>       
> >>>>         
> >>>>           
> >>>>           
> >>>>           
> >>>>         
> >>>>       
> >>>>         
> >>>>       
> >>>>      
> >>>>#
> >>>># Virtual hosts
> >>>>#
> >>>>
> >>>># Virtual host Default Virtual Host
> >>>><VirtualHost *>
> >>>>	
> >>>>	
> >>>>	
> >>>>	
> >>>>	
> >>>>
> >>>>	
> >>>>	
> >>>>	DirectoryIndex index.php index.html index.htm
> >>>>index.shtml 
> >>>>	
> >>>>	
> >>>>
> >>>>	
> >>>>	
> >>>>	
> >>>>	LogLevel debug
> >>>>	HostNameLookups off
> >>>>	
> >>>>	
> >>>>	
> >>>>
> >>>></VirtualHost>
> >>>>
> >>>>
> >>>>     
> >>>>#
> >>>># Each directory to which Apache has access can
> be
> >>>>configured with respect
> >>>># to which services and features are allowed
> >>>>        
> >>>>
> >>and/or
> >>    
> >>
> >>>>disabled in that
> >>>># directory (and its subdirectories). 
> >>>>#
> >>>># Note that from this point forward you must
> >>>>specifically allow
> >>>># particular features to be enabled - so if
> >>>>something's not working as
> >>>># you might expect, make sure that you have
> >>>>specifically enabled it
> >>>># below.
> >>>>#
> >>>>
> >>>><Directory "/">
> >>>>       Options FollowSymLinks
> >>>>       
> >>>>       AllowOverride None
> >>>>       
> >>>>       
> >>>>       
> >>>></Directory>
> >>>>
> >>>><Directory "/var/www/html">
> >>>>       Options Indexes Includes FollowSymLinks 
> >>>>       
> >>>>       AllowOverride None
> >>>>       Allow from all
> >>>>
> >>>>       
> >>>>       Order allow,deny
> >>>></Directory>
> >>>>
> >>>><Directory "/var/www/icons">
> >>>>       Options Indexes MultiViews
> >>>>       
> >>>>       AllowOverride None
> >>>>       Allow from all
> >>>>
> >>>>       
> >>>>       Order allow,deny
> >>>></Directory>
> >>>>
> >>>><Directory "/var/www/cgi-bin">
> >>>>       Options ExecCGI
> >>>>       
> >>>>       AllowOverride None
> >>>>       Allow from all
> >>>>
> >>>>       
> >>>>       Order allow,deny
> >>>></Directory>
> >>>>
> >>>>
> >>>>     
> >>>>   
> >>>> 
> >>>>
> >>>>   
> >>>>
> >>>>        
> >>>>
>
>>---------------------------------------------------------------------
> >>    
> >>
> >>> 
> >>>
> >>>      
> >>>
> >>>>The official User-To-User support forum of the
> >>>>Apache HTTP Server Project.
> >>>>See <URL:http://httpd.apache.org/userslist.html>
> >>>>        
> >>>>
> >>for
> >>    
> >>
> >>>>more info.
> >>>>To unsubscribe, e-mail:
> >>>>users-unsubscribe@httpd.apache.org
> >>>>  "   from the digest:
> >>>>users-digest-unsubscribe@httpd.apache.org
> >>>>For additional commands, e-mail:
> >>>>   
> >>>>
> >>>>        
> >>>>
> >>>users-help@httpd.apache.org
> >>>
> >>>
> >>>
> >>>		
> >>>__________________________________
> >>>Do you Yahoo!?
> >>>Yahoo! Mail Address AutoComplete - You start. We
> >>>      
> >>>
> >>finish.
> >>    
> >>
> >>>http://promotions.yahoo.com/new_mail 
> >>>
> >>>      
> >>>
>
>>---------------------------------------------------------------------
> >>    
> >>
> >>>The official User-To-User support forum of the
> >>>      
> >>>
> >>Apache HTTP Server Project.
> >>    
> >>
> >>>See <URL:http://httpd.apache.org/userslist.html>
> >>>      
> >>>
> >>for more info.
> >>    
> >>
> >>>To unsubscribe, e-mail:
> >>>      
> >>>
> >>users-unsubscribe@httpd.apache.org
> >>    
> >>
> >>>  "   from the digest:
> >>>      
> >>>
> >>users-digest-unsubscribe@httpd.apache.org
> >>    
> >>
> >>>For additional commands, e-mail:
> >>>      
> >>>
> >>users-help@httpd.apache.org
> >>    
> >>
> >>> 
> >>>
> >>>#
> >>>      
> >>>
> >># This is the Apache server configuration file
> >>providing SSL support.
> >># It contains the configuration directives to
> >>instruct the server how to
> >># serve pages over an https connection. For
> >>detailing information about these 
> >># directives see
> >>
> >>    
> >>
>
><URL:http://httpd.apache.org/docs-2.0/mod/mod_ssl.html>
> >  
> >
> >># 
> >># Do NOT simply read the instructions in here
> >>without understanding
> >># what they do.  They're here only as hints or
> >>reminders.  If you are unsure
> >># consult the online docs. You have been warned.  
> >>#
> >>
> >>LoadModule ssl_module modules/mod_ssl.so
> >>
> >>#   Until documentation is completed, please check
> >>http://www.modssl.org/
> >>#   for additional config examples and module
> >>docmentation.  Directives
> >>#   and features of mod_ssl are largely unchanged
> >>from the mod_ssl project
> >>#   for Apache 1.3.
> >>
> >>#
> >># When we also provide SSL we have to listen to
> the 
> >># standard HTTP port (see above) and to the HTTPS
> >>port
> >>#
> >>#Nina commented this line out
> >>#Listen 4443
> >>
> >>##
> >>##  SSL Global Context
> >>##
> >>##  All SSL configuration in this context applies
> >>both to
> >>##  the main server and all SSL-enabled virtual
> >>hosts.
> >>##
> >>
> >>#
> >>#   Some MIME-types for downloading Certificates
> and
> >>CRLs
> >>#
> >>AddType application/x-x509-ca-cert .crt
> >>AddType application/x-pkcs7-crl    .crl
> >>
> >>#   Pass Phrase Dialog:
> >>#   Configure the pass phrase gathering process.
> >>#   The filtering dialog program (`builtin' is a
> >>internal
> >>#   terminal dialog) has to provide the pass
> phrase
> >>on stdout.
> >>SSLPassPhraseDialog  builtin
> >>
> >>#   Inter-Process Session Cache:
> >>#   Configure the SSL Session Cache: First the
> >>mechanism 
> >>#   to use and second the expiring timeout (in
> >>seconds).
> >>#SSLSessionCache        none
> >>#SSLSessionCache       
> >>dbm:/var/cache/mod_ssl/scache(512000)
> >>#SSLSessionCache       
> >>dc:UNIX/var/cache/mod_ssl/distcache
> >>SSLSessionCache        
> >>shmcb:/var/cache/mod_ssl/scache(512000)
> >>SSLSessionCacheTimeout  300
> >>
> >>#   Semaphore:
> >>#   Configure the path to the mutual exclusion
> >>semaphore the
> >>#   SSL engine uses internally for inter-process
> >>synchronization. 
> >>SSLMutex default
> >>
> >>#   Pseudo Random Number Generator (PRNG):
> >>#   Configure one or more sources to seed the PRNG
> >>of the 
> >>#   SSL library. The seed data should be of good
> >>random quality.
> >>#   WARNING! On some platforms /dev/random blocks
> if
> >>not enough entropy
> >>#   is available. This means you then cannot use
> the
> >>/dev/random device
> >>#   because it would lead to very long connection
> >>times (as long as
> >>#   it requires to make more entropy available).
> But
> >>usually those
> >>#   platforms additionally provide a /dev/urandom
> >>device which doesn't
> >>#   block. So, if available, use this one instead.
> >>Read the mod_ssl User
> >>#   Manual for more details.
> >>SSLRandomSeed startup file:/dev/urandom  256
> >>SSLRandomSeed connect builtin
> >>#SSLRandomSeed startup file:/dev/random  512
> >>#SSLRandomSeed connect file:/dev/random  512
> >>#SSLRandomSeed connect file:/dev/urandom 512
> >>
> >>#
> >># Use "SSLCryptoDevice" to enable any supported
> >>hardware
> >># accelerators. Use "openssl engine -v" to list
> >>supported
> >># engine names.  NOTE: If you enable an
> accelerator
> >>and the
> >># server does not start, consult the error logs
> and
> >>ensure
> >># your accelerator is functioning properly. 
> >>#
> >>SSLCryptoDevice builtin
> >>#SSLCryptoDevice ubsec
> >>
> >>##
> >>## SSL Virtual Host Context
> >>##
> >>
> >>NameVirtualHost 66.80.7.162:4443
> >>
> >>#<VirtualHost _default_:4443>
> >><VirtualHost 66.80.7.162:4443>
> >>
> >># General setup for the virtual host, inherited
> from
> >>global configuration
> >>DocumentRoot "/var/www/html"
> >>ServerName gibbons.com
> >>
> >># Use separate log files for the SSL virtual host;
> >>note that LogLevel
> >># is not inherited from httpd.conf.
> >>ErrorLog logs/ssl_error_log
> >>TransferLog logs/ssl_access_log
> >>LogLevel warn
> >>
> >>#   SSL Engine Switch:
> >>#   Enable/Disable SSL for this virtual host.
> >>SSLEngine on
> >>
> >>#   SSL Cipher Suite:
> >>#   List the ciphers that the client is permitted
> to
> >>negotiate.
> >>#   See the mod_ssl documentation for a complete
> >>list.
> >>SSLCipherSuite
> >>
> >>    
> >>
>
>ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
> >  
> >
> >>#   Server Certificate:
> >>#   Point SSLCertificateFile at a PEM encoded
> >>certificate.  If
> >>#   the certificate is encrypted, then you will be
> >>prompted for a
> >>#   pass phrase.  Note that a kill -HUP will
> prompt
> >>again. A test
> >>#   certificate can be generated with `make
> >>certificate' under
> >>#   built time. Keep in mind that if you've both a
> >>RSA and a DSA
> >>#   certificate you can configure both in parallel
> >>(to also allow
> >>#   the use of DSA ciphers, etc.)
> >>SSLCertificateFile
> >>/etc/httpd/conf/ssl.crt/server.crt
> >>#SSLCertificateFile
> >>/etc/httpd/conf/ssl.crt/server-dsa.crt
> >>
> >>#   Server Private Key:
> >>#   If the key is not combined with the
> certificate,
> >>use this
> >>#   directive to point at the key file.  Keep in
> >>mind that if
> >>#   you've both a RSA and a DSA private key you
> can
> >>configure
> >>#   both in parallel (to also allow the use of DSA
> >>ciphers, etc.)
> >>SSLCertificateKeyFile
> >>/etc/httpd/conf/ssl.key/server.key
> >>#SSLCertificateKeyFile
> >>/etc/httpd/conf/ssl.key/server-dsa.key
> >>
> >>#   Server Certificate Chain:
> >>#   Point SSLCertificateChainFile at a file
> >>containing the
> >>#   concatenation of PEM encoded CA certificates
> >>which form the
> >>#   certificate chain for the server certificate.
> >>Alternatively
> >>#   the referenced file can be the same as
> >>SSLCertificateFile
> >>#   when the CA certificates are directly appended
> >>to the server
> >>#   certificate for convinience.
> >>#SSLCertificateChainFile
> >>/etc/httpd/conf/ssl.crt/ca.crt
> >>
> >>#   Certificate Authority (CA):
> >>#   Set the CA certificate verification path where
> >>to find CA
> >>#   certificates for client authentication or
> >>alternatively one
> >>#   huge file containing all of them (file must be
> >>PEM encoded)
> >>#   Note: Inside SSLCACertificatePath you need
> hash
> >>symlinks
> >>#         to point to the certificate files. Use
> the
> >>provided
> >>#         Makefile to update the hash symlinks
> after
> >>changes.
> >>#SSLCACertificatePath /etc/httpd/conf/ssl.crt
> >>#SSLCACertificateFile
> >>/usr/share/ssl/certs/ca-bundle.crt
> >>
> >>#   Certificate Revocation Lists (CRL):
> >>#   Set the CA revocation path where to find CA
> CRLs
> >>for client
> >>#   authentication or alternatively one huge file
> >>containing all
> >>#   of them (file must be PEM encoded)
> >>#   Note: Inside SSLCARevocationPath you need hash
> >>symlinks
> >>#         to point to the certificate files. Use
> the
> >>provided
> >>#         Makefile to update the hash symlinks
> after
> >>changes.
> >>#SSLCARevocationPath /etc/httpd/conf/ssl.crl
> >>#SSLCARevocationFile
> >>/etc/httpd/conf/ssl.crl/ca-bundle.crl
> >>
> >>#   Client Authentication (Type):
> >>#   Client certificate verification type and
> depth. 
> >>Types are
> >>#   none, optional, require and optional_no_ca. 
> >>Depth is a
> >>#   number which specifies how deeply to verify
> the
> >>certificate
> >>#   issuer chain before deciding the certificate
> is
> >>not valid.
> >>#SSLVerifyClient require
> >>#SSLVerifyDepth  10
> >>
> >>#   Access Control:
> >>#   With SSLRequire you can do per-directory
> access
> >>control based
> >>#   on arbitrary complex boolean expressions
> >>containing server
> >>#   variable checks and other lookup directives. 
> >>The syntax is a
> >>#   mixture between C and Perl.  See the mod_ssl
> >>documentation
> >>#   for more details.
> >>#<Location />
> >>#SSLRequire (    %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
> >>#            and %{SSL_CLIENT_S_DN_O} eq "Snake
> Oil,
> >>Ltd." \
> >>#            and %{SSL_CLIENT_S_DN_OU} in
> {"Staff",
> >>"CA", "Dev"} \
> >>#            and %{TIME_WDAY} >= 1 and
> %{TIME_WDAY}
> >><= 5 \
> >>#            and %{TIME_HOUR} >= 8 and
> %{TIME_HOUR}
> >><= 20       ) \
> >>#           or %{REMOTE_ADDR} =~
> >>m/^192\.76\.162\.[0-9]+$/
> >>#</Location>
> >>
> >>#   SSL Engine Options:
> >>#   Set various options for the SSL engine.
> >>#   o FakeBasicAuth:
> >>#     Translate the client X.509 into a Basic
> >>Authorisation.  This means that
> >>#     the standard Auth/DBMAuth methods can be
> used
> >>for access control.  The
> >>#     user name is the `one line' version of the
> >>client's X.509 certificate.
> >>#     Note that no password is obtained from the
> >>user. Every entry in the user
> >>#     file needs this password: `xxj31ZMTZzkVA'.
> >>#   o ExportCertData:
> >>#     This exports two additional environment
> >>variables: SSL_CLIENT_CERT and
> >>#     SSL_SERVER_CERT. These contain the
> PEM-encoded
> >>certificates of the
> >>#     server (always existing) and the client
> (only
> >>existing when client
> >>#     authentication is used). This can be used to
> >>import the certificates
> >>#     into CGI scripts.
> >>#   o StdEnvVars:
> >>#     This exports the standard SSL/TLS related
> >>`SSL_*' environment variables.
> >>#     Per default this exportation is switched off
> >>for performance reasons,
> >>#     because the extraction step is an expensive
> >>operation and is usually
> >>#     useless for serving static content. So one
> >>usually enables the
> >>#     exportation for CGI and SSI requests only.
> >>#   o StrictRequire:
> >>#     This denies access when "SSLRequireSSL" or
> >>"SSLRequire" applied even
> >>#     under a "Satisfy any" situation, i.e. when
> it
> >>applies access is denied
> >>#     and no other module can change it.
> >>#   o OptRenegotiate:
> >>#     This enables optimized SSL connection
> >>renegotiation handling when SSL
> >>#     directives are used in per-directory
> context. 
> >>#SSLOptions +FakeBasicAuth +ExportCertData
> >>+CompatEnvVars +StrictRequire
> >><Files ~ "\.(cgi|shtml|phtml|php3?)$">
> >>    SSLOptions +StdEnvVars
> >></Files>
> >><Directory "/var/www/cgi-bin">
> >>    SSLOptions +StdEnvVars
> >></Directory>
> >>
> >>#   SSL Protocol Adjustments:
> >>#   The safe and default but still SSL/TLS
> standard
> >>compliant shutdown
> >>#   approach is that mod_ssl sends the close
> notify
> >>alert but doesn't wait for
> >>#   the close notify alert from client. When you
> >>need a different shutdown
> >>#   approach you can use one of the following
> >>variables:
> >>#   o ssl-unclean-shutdown:
> >>#     This forces an unclean shutdown when the
> >>connection is closed, i.e. no
> >>#     SSL close notify alert is send or allowed to
> >>received.  This violates
> >>#     the SSL/TLS standard but is needed for some
> >>brain-dead browsers. Use
> >>#     this when you receive I/O errors because of
> >>the standard approach where
> >>#     mod_ssl sends the close notify alert.
> >>#   o ssl-accurate-shutdown:
> >>#     This forces an accurate shutdown when the
> >>connection is closed, i.e. a
> >>#     SSL close notify alert is send and mod_ssl
> >>waits for the close notify
> >>#     alert of the client. This is 100% SSL/TLS
> >>standard compliant, but in
> >>#     practice often causes hanging connections
> with
> >>brain-dead browsers. Use
> >>#     this only for browsers where you know that
> >>their SSL implementation
> >>#     works correctly. 
> >>#   Notice: Most problems of broken clients are
> also
> >>related to the HTTP
> >>#   keep-alive facility, so you usually
> additionally
> >>want to disable
> >>#   keep-alive for those clients, too. Use
> variable
> >>"nokeepalive" for this.
> >>#   Similarly, one has to force some clients to
> use
> >>HTTP/1.0 to workaround
> >>#   their broken HTTP/1.1 implementation. Use
> >>variables "downgrade-1.0" and
> >>#   "force-response-1.0" for this.
> >>SetEnvIf User-Agent ".*MSIE.*" \
> >>         nokeepalive ssl-unclean-shutdown \
> >>         downgrade-1.0 force-response-1.0
> >>
> >>#   Per-Server Logging:
> >>#   The home of a custom SSL log file. Use this
> when
> >>you want a
> >>#   compact non-error SSL logfile on a virtual
> host
> >>basis.
> >>CustomLog logs/ssl_request_log \
> >>          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x
> >>\"%r\" %b"
> >>
> >></VirtualHost>                                  
> >>
> >>    
> >>
> >>>#
> >>>      
> >>>
> >># Based upon the NCSA server configuration files
> >>originally by Rob McCool.
> >>#
> >># This is the main Apache server configuration
> file.
> >> It contains the
> >># configuration directives that give the server
> its
> >>instructions.
> >># See URL:http://httpd.apache.org/docs-2.0/ for
> >>detailed information about
> >># the directives.
> >>#
> >># Do NOT simply read the instructions in here
> >>without understanding
> >># what they do.  They're here only as hints or
> >>reminders.  If you are unsure
> >># consult the online docs. You have been warned.  
> >>#
> >># The configuration directives are grouped into
> >>three basic sections:
> >>#  1. Directives that control the operation of the
> >>Apache server process as a
> >>#     whole (the 'global environment').
> >>#  2. Directives that define the parameters of the
> >>'main' or 'default' server,
> >>#     which responds to requests that aren't
> handled
> >>by a virtual host.
> >>#     These directives also provide default values
> >>for the settings
> >>#     of all virtual hosts.
> >>#  3. Settings for virtual hosts, which allow Web
> >>requests to be sent to
> >>#     different IP addresses or hostnames and have
> >>them handled by the
> >>#     same Apache server process.
> >>#
> >># Configuration and logfile names: If the
> filenames
> >>you specify for many
> >># of the server's control files begin with "/" (or
> >>"drive:/" for Win32), the
> >># server will use that explicit path.  If the
> >>filenames do *not* begin
> >># with "/", the value of ServerRoot is prepended
> --
> >>so "logs/foo.log"
> >># with ServerRoot set to "/etc/httpd" will be
> >>interpreted by the
> >># server as "/etc/httpd/logs/foo.log".
> >>#
> >>
> >>### Section 1: Global Environment
> >>#
> >># The directives in this section affect the
> overall
> >>operation of Apache,
> >># such as the number of concurrent requests it can
> >>handle or where it
> >># can find its configuration files.
> >>#
> >>
> >>#
> >># Don't give away too much information about all
> the
> >>subcomponents
> >># we are running.  Comment out this line if you
> >>don't mind remote sites
> >># finding out what major optional modules you are
> >>running
> >>ServerTokens OS
> >>
> >>#
> >># ServerRoot: The top of the directory tree under
> >>which the server's
> >># configuration, error, and log files are kept.
> >>#
> >># NOTE!  If you intend to place this on an NFS (or
> >>otherwise network)
> >># mounted filesystem then please read the LockFile
> >>documentation
> >># (available at
> >>
> >>    
> >>
>
><URL:http://httpd.apache.org/docs-2.0/mod/core.html#lockfile>);
> >  
> >
> >># you will save yourself a lot of trouble.
> >>#
> >># Do NOT add a slash at the end of the directory
> >>path.
> >>#
> >>ServerRoot "/etc/httpd"
> >>
> >>#
> >># ScoreBoardFile: File used to store internal
> server
> >>process information.
> >># If unspecified (the default), the scoreboard
> will
> >>be stored in an
> >># anonymous shared memory segment, and will be
> >>unavailable to third-party
> >># applications.
> >># If specified, ensure that no two invocations of
> >>Apache share the same
> >># scoreboard file. The scoreboard file MUST BE
> >>STORED ON A LOCAL DISK.
> >>#
> >>#ScoreBoardFile run/httpd.scoreboard
> >>
> >>#
> >># PidFile: The file in which the server should
> >>record its process
> >># identification number when it starts.
> >>#
> >>PidFile "/var/run/httpd.pid"
> >>
> >>#
> >># Timeout: The number of seconds before receives
> and
> >>sends time out.
> >>#
> >>TimeOut 300
> >>
> >>#
> >># KeepAlive: Whether or not to allow persistent
> >>connections (more than
> >># one request per connection). Set to "Off" to
> >>deactivate.
> >>#
> >>KeepAlive true
> >>
> >>#
> >># MaxKeepAliveRequests: The maximum number of
> >>requests to allow
> >># during a persistent connection. Set to 0 to
> allow
> >>an unlimited amount.
> >># We recommend you leave this number high, for
> >>maximum performance.
> >>#
> >>MaxKeepAliveRequests 100
> >>
> >>#
> >># KeepAliveTimeout: Number of seconds to wait for
> >>the next request from the
> >># same client on the same connection.
> >>#
> >>KeepAliveTimeout 15
> >>
> >>##
> >>## Server-Pool Size Regulation (MPM specific)
> >>## 
> >>
> >># prefork MPM
> >># StartServers: number of server processes to
> start
> >># MinSpareServers: minimum number of server
> >>processes which are kept spare
> >># MaxSpareServers: maximum number of server
> >>processes which are kept spare
> >># MaxClients: maximum number of server processes
> >>allowed to start
> >># MaxRequestsPerChild: maximum number of requests
> a
> >>server process serves
> >><IfModule prefork.c>
> >>StartServers 8
> >>MinSpareServers 5
> >>MaxSpareServers 20
> >>MaxClients 150
> >>MaxRequestsPerChild 100
> >></IfModule>
> >>
> >># worker MPM
> >># StartServers: initial number of server processes
> >>to start
> >># MaxClients: maximum number of simultaneous
> client
> >>connections
> >># MinSpareThreads: minimum number of worker
> threads
> >>which are kept spare
> >># MaxSpareThreads: maximum number of worker
> threads
> >>which are kept spare
> >># ThreadsPerChild: constant number of worker
> threads
> >>in each server process
> >># MaxRequestsPerChild: maximum number of requests
> a
> >>server process serves
> >><IfModule worker.c>
> >>StartServers         2
> >>MaxClients         150
> >>MinSpareThreads     25
> >>MaxSpareThreads     75
> >>ThreadsPerChild     25 
> >>MaxRequestsPerChild  0
> >></IfModule>
> >>
> >>#
> >># Listen: Allows you to bind Apache to specific IP
> >>addresses and/or
> >># ports, in addition to the default. See also the
> >><VirtualHost>
> >># directive.
> >>#
> >># Change this to Listen on specific IP addresses
> as
> >>shown below to 
> >># prevent Apache from glomming onto all bound IP
> >>addresses (0.0.0.0)
> >>#
> >>#Listen 12.34.56.78:80
> >>Listen *:80
> >>
> >>
> >>#
> >># Dynamic Shared Object (DSO) Support
> >>#
> >># To be able to use the functionality of a module
> >>which was built as a DSO you
> >># have to place corresponding `LoadModule' lines
> at
> >>this location so the
> >># directives contained in it are actually
> available
> >>_before_ they are used.
> >># Statically compiled modules (those listed by
> >>`httpd -l') do not need
> >># to be loaded here.
> >>#
> >># Example:
> >># LoadModule foo_module modules/mod_foo.so
> >>#
> >>LoadModule access_module modules/mod_access.so
> >>LoadModule auth_module modules/mod_auth.so
> >>LoadModule auth_anon_module
> modules/mod_auth_anon.so
> >>LoadModule auth_dbm_module modules/mod_auth_dbm.so
> >>LoadModule auth_digest_module
> >>modules/mod_auth_digest.so
> >>LoadModule ldap_module modules/mod_ldap.so
> >>LoadModule auth_ldap_module
> modules/mod_auth_ldap.so
> >>LoadModule include_module modules/mod_include.so
> >>LoadModule log_config_module
> >>modules/mod_log_config.so
> >>LoadModule env_module modules/mod_env.so
> >>LoadModule mime_magic_module
> >>modules/mod_mime_magic.so
> >>LoadModule cern_meta_module
> modules/mod_cern_meta.so
> >>LoadModule expires_module modules/mod_expires.so
> >>LoadModule deflate_module modules/mod_deflate.so
> >>LoadModule headers_module modules/mod_headers.so
> >>LoadModule usertrack_module
> modules/mod_usertrack.so
> >>LoadModule unique_id_module
> modules/mod_unique_id.so
> >>LoadModule setenvif_module modules/mod_setenvif.so
> >>LoadModule mime_module modules/mod_mime.so
> >>LoadModule dav_module modules/mod_dav.so
> >>#Nina added these in for svn server
> >>#
> >>LoadModule dav_svn_module modules/mod_dav_svn.so
> >>LoadModule authz_svn_module
> modules/mod_authz_svn.so
> >>#
> >>LoadModule status_module modules/mod_status.so
> >>LoadModule autoindex_module
> modules/mod_autoindex.so
> >>LoadModule asis_module modules/mod_asis.so
> >>LoadModule info_module modules/mod_info.so
> >>LoadModule dav_fs_module modules/mod_dav_fs.so
> >>LoadModule vhost_alias_module
> >>modules/mod_vhost_alias.so
> >>LoadModule negotiation_module
> >>modules/mod_negotiation.so
> >>LoadModule dir_module modules/mod_dir.so
> >>LoadModule imap_module modules/mod_imap.so
> >>LoadModule actions_module modules/mod_actions.so
> >>LoadModule speling_module modules/mod_speling.so
> >>LoadModule userdir_module modules/mod_userdir.so
> >>LoadModule alias_module modules/mod_alias.so
> >>LoadModule rewrite_module modules/mod_rewrite.so
> >>LoadModule proxy_module modules/mod_proxy.so
> >>LoadModule proxy_ftp_module
> modules/mod_proxy_ftp.so
> >>LoadModule proxy_http_module
> >>modules/mod_proxy_http.so
> >>LoadModule proxy_connect_module
> >>modules/mod_proxy_connect.so
> >>LoadModule cache_module modules/mod_cache.so
> >>LoadModule suexec_module modules/mod_suexec.so
> >>LoadModule disk_cache_module
> >>modules/mod_disk_cache.so
> >>LoadModule file_cache_module
> >>modules/mod_file_cache.so
> >>LoadModule mem_cache_module
> modules/mod_mem_cache.so
> >>LoadModule cgi_module modules/mod_cgi.so
> >>
> >>#
> >># Load config files from the config directory
> >>"/etc/httpd/conf.d".
> >>#
> >>Include conf.d/*.conf
> >>
> >>#
> >># ExtendedStatus controls whether Apache will
> >>generate "full" status
> >># information (ExtendedStatus On) or just basic
> >>information (ExtendedStatus
> >># Off) when the "server-status" handler is called.
> >>The default is Off.
> >>#
> >>#ExtendedStatus On
> >>
> >>### Section 2: 'Main' server configuration
> >>#
> >># The directives in this section set up the values
> >>used by the 'main'
> >># server, which responds to any requests that
> aren't
> >>handled by a
> >># <VirtualHost> definition.  These values also
> >>provide defaults for
> >># any <VirtualHost> containers you may define
> later
> >>in the file.
> >>#
> >># All of these directives may appear inside
> >><VirtualHost> containers,
> >># in which case these default settings will be
> >>overridden for the
> >># virtual host being defined.
> >>#
> >>
> >>#
> >># If you wish httpd to run as a different user or
> >>group, you must run
> >># httpd as root initially and it will switch.  
> >>#
> >># User/Group: The name (or #number) of the
> >>user/group to run httpd as.
> >>#  . On SCO (ODT 3) use "User nouser" and "Group
> >>nogroup".
> >>#  . On HPUX you may not be able to use shared
> >>memory as nobody, and the
> >>#    suggested workaround is to create a user www
> >>and use that user.
> >>#  NOTE that some kernels refuse to setgid(Group)
> or
> >>semctl(IPC_SET)
> >>#  when the value of (unsigned)Group is above
> 60000;
> >>
> >>#  don't use Group #-1 on these systems!
> >>#
> >>User apache
> >>Group apache
> >>
> >>#
> >># ServerAdmin: Your address, where problems with
> the
> >>server should be
> >># e-mailed.  This address appears on some
> >>server-generated pages, such
> >># as error documents.  e.g. admin@your-domain.com
> >>#
> >>ServerAdmin root@gibbons.com
> >>
> >>#
> >># ServerName gives the name and port that the
> server
> >>uses to identify itself.
> >># This can often be determined automatically, but
> we
> >>recommend you specify
> >># it explicitly to prevent problems during
> startup.
> >>#
> >># If this is not set to valid DNS name for your
> >>host, server-generated
> >># redirections will not work.  See also the
> >>UseCanonicalName directive.
> >>#
> >># If your host doesn't have a registered DNS name,
> >>enter its IP address here.
> >># You will have to access it by its address
> anyway,
> >>and this will make 
> >># redirections work in a sensible way.
> >>#
> >>ServerName gibbons.com:80
> >>
> >>#
> >># UseCanonicalName: Determines how Apache
> constructs
> >>self-referencing 
> >># URLs and the SERVER_NAME and SERVER_PORT
> >>variables.
> >># When set "Off", Apache will use the Hostname and
> >>Port supplied
> >># by the client.  When set "On", Apache will use
> the
> >>value of the
> >># ServerName directive.
> >>#
> >>UseCanonicalName on
> >>
> >>#
> >># DocumentRoot: The directory out of which you
> will
> >>serve your
> >># documents. By default, all requests are taken
> from
> >>this directory, but
> >># symbolic links and aliases may be used to point
> to
> >>other locations.
> >>#
> >>DocumentRoot "/var/www/html"
> >>
> >># 
> >># Disable autoindex for the root directory, and
> >>present a
> >># default Welcome page if no other index page is
> >>present.
> >>#
> >><LocationMatch "^/$">
> >>    Options -Indexes
> >>    ErrorDocument 403 /error/noindex.html
> >></LocationMatch>
> >>
> >>#
> >># UserDir: The name of the directory that is
> >>appended onto a user's home
> >># directory if a ~user request is received.
> >>#
> >># The path to the end user account 'public_html'
> >>directory must be
> >># accessible to the webserver userid.  This
> usually
> >>means that ~userid
> >># must have permissions of 711,
> ~userid/public_html
> >>must have permissions
> >># of 755, and documents contained therein must be
> >>world-readable.
> >># Otherwise, the client will only receive a "403
> >>Forbidden" message.
> >>#
> >># See also:
>
>>http://httpd.apache.org/docs/misc/FAQ.html#forbidden
> >>#
> >><IfModule mod_userdir.c>
> >>    #
> >>    # UserDir is disabled by default since it can
> >>confirm the presence
> >>    # of a username on the system (depending on
> home
> >>directory
> >>    # permissions).
> >>    #
> >>    UserDir "disable"
> >>
> >>    #
> >>    # To enable requests to /~user/ to serve the
> >>user's public_html
> >>    # directory, use this directive instead of
> >>"UserDir disable":
> >>    # 
> >>    #UserDir public_html
> >>
> >></IfModule>
> >>
> >>#
> >># DirectoryIndex: sets the file that Apache will
> >>serve if a directory
> >># is requested.
> >>#
> >># The index.html.var file (a type-map) is used to
> >>deliver content-
> >># negotiated documents.  The MultiViews Option can
> >>be used for the 
> >># same purpose, but it is much slower.
> >>#
> >>DirectoryIndex 
> >>
> >>#
> >># AccessFileName: The name of the file to look for
> >>in each directory
> >># for access control information.  See also the
> >>AllowOverride directive.
> >>#
> >>AccessFileName .htaccess
> >>
> >>#
> >># The following lines prevent .htaccess and
> >>.htpasswd files from being 
> >># viewed by Web clients. 
> >>#
> >><Files ~ "^\.ht">
> >>    Order allow,deny
> >>    Deny from all
> >></Files>
> >>
> >>#
> >># TypesConfig describes where the mime.types file
> >>(or equivalent) is
> >># to be found.
> >>#
> >>TypesConfig "/etc/mime.types"
> >>
> >>#
> >># DefaultType is the default MIME type the server
> >>will use for a document
> >># if it cannot otherwise determine one, such as
> from
> >>filename extensions.
> >># If your server contains mostly text or HTML
> >>documents, "text/plain" is
> >># a good value.  If most of your content is
> binary,
> >>such as applications
> >># or images, you may want to use
> >>"application/octet-stream" instead to
> >># keep browsers from trying to display binary
> files
> >>as though they are
> >># text.
> >>#
> >>DefaultType text/plain
> >>
> >>#
> >># The mod_mime_magic module allows the server to
> use
> >>various hints from the
> >># contents of the file itself to determine its
> type.
> >> The MIMEMagicFile
> >># directive tells the module where the hint
> >>definitions are located.
> >>#
> >><IfModule mod_mime_magic.c>
> >>#   MIMEMagicFile /usr/share/magic.mime
> >>    MIMEMagicFile conf/magic
> >></IfModule>
> >>
> >>#
> >># HostnameLookups: Log the names of clients or
> just
> >>their IP addresses
> >># e.g., www.apache.org (on) or 204.62.129.132
> (off).
> >># The default is off because it'd be overall
> better
> >>for the net if people
> >># had to knowingly turn this feature on, since
> >>enabling it means that
> >># each client request will result in AT LEAST one
> >>lookup request to the
> >># nameserver.
> >>#
> >>HostNameLookups Off
> >>
> >>#
> >># EnableMMAP: Control whether memory-mapping is
> used
> >>to deliver
> >># files (assuming that the underlying OS supports
> >>it).
> >># The default is on; turn this off if you serve
> from
> >>NFS-mounted 
> >># filesystems.  On some systems, turning it off
> >>(regardless of
> >># filesystem) can improve performance; for
> details,
> >>please see
> >>#
> >>
> >>    
> >>
>
>http://httpd.apache.org/docs-2.0/mod/core.html#enablemmap
> >  
> >
> >>#
> >>#EnableMMAP off
> >>
> >>#
> >># EnableSendfile: Control whether the sendfile
> >>kernel support is 
> >># used to deliver files (assuming that the OS
> >>supports it). 
> >># The default is on; turn this off if you serve
> from
> >>NFS-mounted 
> >># filesystems.  Please see
> >>#
> >>
> >>    
> >>
>
>http://httpd.apache.org/docs-2.0/mod/core.html#enablesendfile
> >  
> >
> >>#
> >>#EnableSendfile off
> >>
> >>#
> >># ErrorLog: The location of the error log file.
> >># If you do not specify an ErrorLog directive
> within
> >>a <VirtualHost>
> >># container, error messages relating to that
> virtual
> >>host will be
> >># logged here.  If you *do* define an error
> logfile
> >>for a <VirtualHost>
> >># container, that host's errors will be logged
> there
> >>and not here.
> >>#
> >>ErrorLog "/var/log/httpd/error_log"
> >>
> >>#
> >># LogLevel: Control the number of messages logged
> to
> >>the error_log.
> >># Possible values include: debug, info, notice,
> >>warn, error, crit,
> >># alert, emerg.
> >>#
> >>LogLevel warn
> >>
> >>#
> >># The following directives define some format
> >>nicknames for use with
> >># a CustomLog directive (see below).
> >>#
> >>LogFormat "%h %l %u %t \"%r\" %>s %b
> \"%{Referer}i\"
> >>\"%{User-Agent}i\"" combined
> >>LogFormat "%h %l %u %t \"%r\" %>s %b" common
> >>LogFormat "%{Referer}i -> %U" referer
> >>LogFormat "%{User-agent}i" agent
> >>
> >>
> >>#
> >># The location and format of the access logfile
> >>(Common Logfile Format).
> >># If you do not define any access logfiles within
> a
> >><VirtualHost>
> >># container, they will be logged here. 
> >>Contrariwise, if you *do*
> >># define per-<VirtualHost> access logfiles,
> >>transactions will be
> >># logged therein and *not* in this file.
> >>#
> >># CustomLog logs/access_log common
> >>CustomLog logs/access_log combined
> >>
> >>#
> >># If you would like to have agent and referer
> >>logfiles, uncomment the
> >># following directives.
> >>#
> >>#CustomLog logs/referer_log referer
> >>#CustomLog logs/agent_log agent
> >>
> >>#
> >># If you prefer a single logfile with access,
> agent,
> >>and referer information
> >># (Combined Logfile Format) you can use the
> >>following directive.
> >>#
> >>#CustomLog logs/access_log combined
> >>
> >>#
> >># Optionally add a line containing the server
> >>version and virtual host
> >># name to server-generated pages (error documents,
> >>FTP directory listings,
> >># mod_status and mod_info output etc., but not CGI
> >>generated documents).
> >># Set to "EMail" to also include a mailto: link to
> >>the ServerAdmin.
> >># Set to one of:  On | Off | EMail
> >>#
> >>ServerSignature on
> >>
> >>#
> >># Aliases: Add here as many aliases as you need
> >>(with no limit). The format is 
> >># Alias fakename realname
> >>#
> >># Note that if you include a trailing / on
> fakename
> >>then the server will
> >># require it to be present in the URL.  So
> "/icons"
> >>isn't aliased in this
> >># example, only "/icons/".  If the fakename is
> >>slash-terminated, then the 
> >># realname must also be slash terminated, and if
> the
> >>fakename omits the 
> >># trailing slash, the realname must also omit it.
> >>#
> >># We include the /icons/ alias for FancyIndexed
> >>directory listings.  If you
> >># do not use FancyIndexing, you may comment this
> >>out.
> >>#
> >>Alias /icons/ "/var/www/icons/"
> >>
> >>#
> >># This should be changed to the
> ServerRoot/manual/. 
> >>The alias provides
> >># the manual, even if you choose to move your
> >>DocumentRoot.  You may comment
> >># this out if you do not care for the
> documentation.
> >>#
> >>Alias /manual "/var/www/manual"
> >>
> >><IfModule mod_dav_fs.c>
> >>    # Location of the WebDAV lock database.
> >>    DAVLockDB /var/lib/dav/lockdb
> >></IfModule>
> >>
> >>#
> >># ScriptAlias: This controls which directories
> >>contain server scripts.
> >># ScriptAliases are essentially the same as
> Aliases,
> >>except that
> >># documents in the realname directory are treated
> as
> >>applications and
> >># run by the server when requested rather than as
> >>documents sent to the client.
> >># The same rules about trailing "/" apply to
> >>ScriptAlias directives as to
> >># Alias.
> >>#
> >>ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
> >>
> >><IfModule mod_cgid.c>
> >>#
> >># Additional to mod_cgid.c settings, mod_cgid has
> >>Scriptsock <path>
> >># for setting UNIX socket for communicating with
> >>cgid.
> >>#
> >>#Scriptsock            logs/cgisock
> >></IfModule>
> >>
> >>#Nina added
> >>
> >>    
> >>
>
>######################################################################
> >  
> >
> >><IfModule mod_ssl.c>
> >>Include conf.d/ssl.conf
> >></IfModule>
> >>
> >>    
> >>
>
>######################################################################
> >  
> >
> >>#
> >># Redirect allows you to tell clients about
> >>documents which used to exist in
> >># your server's namespace, but do not anymore.
> This
> >>allows you to tell the
> >># clients where to look for the relocated
> document.
> >># Example:
> >># Redirect permanent /foo
> http://www.example.com/bar
> >>
> >>#
> >># Directives controlling the display of
> >>server-generated directory listings.
> >>#
> >>
> >>#
> >># FancyIndexing is whether you want fancy
> directory
> >>indexing or standard.
> >># VersionSort is whether files containing version
> >>numbers should be 
> >># compared in the natural way, so that
> >>`apache-1.3.9.tar' is placed before
> >># `apache-1.3.12.tar'.
> >>#
> >>IndexOptions FancyIndexing VersionSort NameWidth=*
> >>
> >>#
> >># AddIcon* directives tell the server which icon
> to
> >>show for different
> >># files or filename extensions.  These are only
> >>displayed for
> >># FancyIndexed directories.
> >>#
> >>AddIconByEncoding (CMP,/icons/compressed.gif)
> >>x-compress x-gzip
> >>
> >>AddIconByType (TXT,/icons/text.gif) text/*
> >>AddIconByType (IMG,/icons/image2.gif) image/*
> >>AddIconByType (SND,/icons/sound2.gif) audio/*
> >>AddIconByType (VID,/icons/movie.gif) video/*
> >>
> >>AddIcon /icons/binary.gif .bin .exe
> >>AddIcon /icons/binhex.gif .hqx
> >>AddIcon /icons/tar.gif .tar
> >>AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm
> >>.iv
> >>AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
> >>AddIcon /icons/a.gif .ps .ai .eps
> >>AddIcon /icons/layout.gif .html .shtml .htm .pdf
> >>AddIcon /icons/text.gif .txt
> >>AddIcon /icons/c.gif .c
> >>AddIcon /icons/p.gif .pl .py
> >>AddIcon /icons/f.gif .for
> >>AddIcon /icons/dvi.gif .dvi
> >>AddIcon /icons/uuencoded.gif .uu
> >>AddIcon /icons/script.gif .conf .sh .shar .csh
> .ksh
> >>.tcl
> >>AddIcon /icons/tex.gif .tex
> >>AddIcon /icons/bomb.gif core
> >>
> >>AddIcon /icons/back.gif ..
> >>AddIcon /icons/hand.right.gif README
> >>AddIcon /icons/folder.gif ^^DIRECTORY^^
> >>AddIcon /icons/blank.gif ^^BLANKICON^^
> >>
> >>#
> >># DefaultIcon is which icon to show for files
> which
> >>do not have an icon
> >># explicitly set.
> >>#
> >>DefaultIcon /icons/unknown.gif
> >>
> >>#
> >># AddDescription allows you to place a short
> >>description after a file in
> >># server-generated indexes.  These are only
> >>displayed for FancyIndexed
> >># directories.
> >># Format: AddDescription "description" filename
> >>#
> >>#AddDescription "GZIP compressed document" .gz
> >>#AddDescription "tar archive" .tar
> >>#AddDescription "GZIP compressed tar archive" .tgz
> >>
> >>#
> >># ReadmeName is the name of the README file the
> >>server will look for by
> >># default, and append to directory listings.
> >>#
> >># HeaderName is the name of a file which should be
> >>prepended to
> >># directory indexes. 
> >>ReadmeName README.html
> >>HeaderName HEADER.html
> >>
> >>#
> >># IndexIgnore is a set of filenames which
> directory
> >>indexing should ignore
> >># and not include in the listing.  Shell-style
> >>wildcarding is permitted.
> >>#
> >>IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v
> >>*,t
> >>
> >>#
> >># AddEncoding allows you to have certain browsers
> >>(Mosaic/X 2.1+) uncompress
> >># information on the fly. Note: Not all browsers
> >>support this.
> >># Despite the name similarity, the following Add*
> >>directives have nothing
> >># to do with the FancyIndexing customization
> >>directives above.
> >>#
> >>AddEncoding x-compress Z
> >>AddEncoding x-gzip gz tgz
> >>
> >>#
> >># DefaultLanguage and AddLanguage allows you to
> >>specify the language of 
> >># a document. You can then use content negotiation
> >>to give a browser a 
> >># file in a language the user can understand.
> >>#
> >># Specify a default language. This means that all
> >>data
> >># going out without a specific language tag (see
> >>below) will 
> >># be marked with this one. You probably do NOT
> want
> >>to set
> >># this unless you are sure it is correct for all
> >>cases.
> >>#
> >># * It is generally better to not mark a page as 
> >># * being a certain language than marking it with
> >>the wrong
> >># * language!
> >>#
> >># DefaultLanguage nl
> >>#
> >># Note 1: The suffix does not have to be the same
> as
> >>the language
> >># keyword --- those with documents in Polish
> (whose
> >>net-standard
> >># language code is pl) may wish to use
> "AddLanguage
> >>pl .po" to
> >># avoid the ambiguity with the common suffix for
> >>perl scripts.
> >>#
> >># Note 2: The example entries below illustrate
> that
> >>in some cases 
> >># the two character 'Language' abbreviation is not
> >>identical to 
> >># the two character 'Country' code for its
> country,
> >># E.g. 'Danmark/dk' versus 'Danish/da'.
> >>#
> >># Note 3: In the case of 'ltz' we violate the RFC
> by
> >>using a three char
> >># specifier. There is 'work in progress' to fix
> this
> >>and get
> >># the reference data for rfc1766 cleaned up.
> >>#
> >># Danish (da) - Dutch (nl) - English (en) -
> Estonian
> >>(et)
> >># French (fr) - German (de) - Greek-Modern (el)
> >># Italian (it) - Norwegian (no) - Norwegian
> Nynorsk
> >>(nn) - Korean (kr) 
> >># Portugese (pt) - Luxembourgeois* (ltz)
> >># Spanish (es) - Swedish (sv) - Catalan (ca) -
> >>Czech(cz)
> >># Polish (pl) - Brazilian Portuguese (pt-br) -
> >>Japanese (ja)
> >># Russian (ru) - Croatian (hr)
> >>#
> >>AddLanguage da .dk
> >>AddLanguage nl .nl
> >>AddLanguage en .en
> >>AddLanguage et .et
> >>AddLanguage fr .fr
> >>AddLanguage de .de
> >>AddLanguage he .he
> >>AddLanguage el .el
> >>AddLanguage it .it
> >>AddLanguage ja .ja
> >>AddLanguage pl .po
> >>AddLanguage kr .kr
> >>AddLanguage pt .pt
> >>AddLanguage nn .nn
> >>AddLanguage no .no
> >>AddLanguage pt-br .pt-br
> >>AddLanguage ltz .ltz
> >>AddLanguage ca .ca
> >>AddLanguage es .es
> >>AddLanguage sv .se
> >>AddLanguage cz .cz
> >>AddLanguage ru .ru
> >>AddLanguage tw .tw
> >>AddLanguage zh-tw .tw
> >>AddLanguage hr .hr
> >>
> >>#
> >># LanguagePriority allows you to give precedence
> to
> >>some languages
> >># in case of a tie during content negotiation.
> >>#
> >># Just list the languages in decreasing order of
> >>preference. We have
> >># more or less alphabetized them here. You
> probably
> >>want to change this.
> >>#
> >>LanguagePriority en da nl et fr de el it ja kr no
> pl
> >>pt pt-br ltz ca es sv tw
> >>
> >>#
> >># ForceLanguagePriority allows you to serve a
> result
> >>page rather than
> >># MULTIPLE CHOICES (Prefer) [in case of a tie] or
> >>NOT ACCEPTABLE (Fallback)
> >># [in case no accepted languages matched the
> >>available variants]
> >>#
> >>ForceLanguagePriority Prefer Fallback
> >>
> >>#
> >># Specify a default charset for all pages sent
> out.
> >>This is
> >># always a good idea and opens the door for future
> >>internationalisation
> >># of your web site, should you ever want it.
> >>Specifying it as
> >># a default does little harm; as the standard
> >>dictates that a page
> >># is in iso-8859-1 (latin1) unless specified
> >>otherwise i.e. you
> >># are merely stating the obvious. There are also
> >>some security
> >># reasons in browsers, related to javascript and
> URL
> >>parsing
> >># which encourage you to always set a default char
> >>set.
> >>#
> >>AddDefaultCharset ISO-8859-1
> >>
> >>#
> >># Commonly used filename extensions to character
> >>sets. You probably
> >># want to avoid clashes with the language
> >>extensions, unless you
> >># are good at carefully testing your setup after
> >>each change.
> >># See
> >>
> >>    
> >>
>
>ftp://ftp.isi.edu/in-notes/iana/assignments/character-sets
> >  
> >
> >>for
> >># the official list of charset names and their
> >>respective RFCs
> >>#
> >>AddCharset ISO-8859-1  .iso8859-1  .latin1
> >>AddCharset ISO-8859-2  .iso8859-2  .latin2 .cen
> >>AddCharset ISO-8859-3  .iso8859-3  .latin3
> >>AddCharset ISO-8859-4  .iso8859-4  .latin4
> >>AddCharset ISO-8859-5  .iso8859-5  .latin5 .cyr
> >>.iso-ru
> >>AddCharset ISO-8859-6  .iso8859-6  .latin6 .arb
> >>AddCharset ISO-8859-7  .iso8859-7  .latin7 .grk
> >>AddCharset ISO-8859-8  .iso8859-8  .latin8 .heb
> >>AddCharset ISO-8859-9  .iso8859-9  .latin9 .trk
> >>AddCharset ISO-2022-JP .iso2022-jp .jis
> >>AddCharset ISO-2022-KR .iso2022-kr .kis
> >>AddCharset ISO-2022-CN .iso2022-cn .cis
> >>AddCharset Big5        .Big5       .big5
> >># For russian, more than one charset is used
> >>(depends on client, mostly):
> >>AddCharset WINDOWS-1251 .cp-1251   .win-1251
> >>AddCharset CP866       .cp866
> >>AddCharset KOI8-r      .koi8-r .koi8-ru
> >>AddCharset KOI8-ru     .koi8-uk .ua
> >>AddCharset ISO-10646-UCS-2 .ucs2
> >>AddCharset ISO-10646-UCS-4 .ucs4
> >>AddCharset UTF-8       .utf8
> >>
> >># The set below does not map to a specific (iso)
> >>standard
> >># but works on a fairly wide range of browsers.
> Note
> >>that
> >># capitalization actually matters (it should not,
> >>but it
> >># does for some browsers).
> >>#
> >># See
> >>
> >>    
> >>
>
>ftp://ftp.isi.edu/in-notes/iana/assignments/character-sets
> >  
> >
> >># for a list of sorts. But browsers support few.
> >>#
> >>AddCharset GB2312      .gb2312 .gb
> >>AddCharset utf-7       .utf7
> >>AddCharset utf-8       .utf8
> >>AddCharset big5        .big5 .b5
> >>AddCharset EUC-TW      .euc-tw
> >>AddCharset EUC-JP      .euc-jp
> >>AddCharset EUC-KR      .euc-kr
> >>AddCharset shift_jis   .sjis
> >>
> >>#
> >># AddType allows you to add to or override the
> MIME
> >>configuration
> >># file mime.types for specific file types.
> >>#
> >>AddType application/x-tar .tgz
> >>#Nina added this line
> >>AddType text/html .shtml
> >>
> >>#
> >># AddHandler allows you to map certain file
> >>extensions to "handlers":
> >># actions unrelated to filetype. These can be
> either
> >>built into the server
> >># or added with the Action directive (see below)
> >>#
> >># To use CGI scripts outside of ScriptAliased
> >>directories:
> >># (You will also need to add "ExecCGI" to the
> >>"Options" directive.)
> >>#
> >>#AddHandler cgi-script .cgi
> >>
> >>#
> >># For files that include their own HTTP headers:
> >>#
> >>#AddHandler send-as-is asis
> >>
> >>#
> >># For server-parsed imagemap files:
> >>#
> >>AddHandler imap-file map
> >>
> >>#
> >># For type maps (negotiated resources):
> >># (This is enabled by default to allow the Apache
> >>"It Worked" page
> >>#  to be distributed in multiple languages.)
> >>#
> >>AddHandler type-map var
> >>
> >># Filters allow you to process content before it
> is
> >>sent to the client.
> >>#
> >># To parse .shtml files for server-side includes
> >>(SSI):
> >># (You will also need to add "Includes" to the
> >>"Options" directive.)
> >>#
> >>AddOutputFilter INCLUDES .shtml
> >>
> >>#
> >># Action lets you define media types that will
> >>execute a script whenever
> >># a matching file is called. This eliminates the
> >>need for repeated URL
> >># pathnames for oft-used CGI file processors.
> >># Format: Action media/type /cgi-script/location
> >># Format: Action handler-name /cgi-script/location
> >>#
> >>
> >>#
> >># Customizable error responses come in three
> >>flavors:
> >># 1) plain text 2) local redirects 3) external
> >>redirects
> >>#
> >># Some examples:
> >>#ErrorDocument 500 "The server made a boo boo."
> >>#ErrorDocument 404 /missing.html
> >>#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
> >>#ErrorDocument 402
> >>http://www.example.com/subscription_info.html
> >>#
> >>
> >>
> >>Alias /error/ "/var/www/error/"
> >>
> >>#
> >># The following directives modify normal HTTP
> >>response behavior to
> >># handle known problems with browser
> >>implementations.
> >>#
> >>BrowserMatch "Mozilla/2" nokeepalive
> >>BrowserMatch "MSIE 4\.0b2;" nokeepalive
> >>downgrade-1.0 force-response-1.0
> >>BrowserMatch "RealPlayer 4\.0" force-response-1.0
> >>BrowserMatch "Java/1\.0" force-response-1.0
> >>BrowserMatch "JDK/1\.0" force-response-1.0
> >>
> >>#
> >># The following directive disables redirects on
> >>non-GET requests for
> >># a directory that does not include the trailing
> >>slash.  This fixes a 
> >># problem with Microsoft WebFolders which does not
> >>appropriately handle 
> >># redirects for folders with DAV methods.
> >>#
> >>BrowserMatch "Microsoft Data Access Internet
> >>Publishing Provider" redirect-carefully
> >>BrowserMatch "^WebDrive" redirect-carefully
> >>BrowserMatch "^WebDAVFS/1.[012]"
> redirect-carefully
> >>BrowserMatch "^gnome-vfs" redirect-carefully
> >>
> >>#
> >># Allow server status reports, with the URL of
> >>http://servername/server-status
> >># Change the ".your-domain.com" to match your
> domain
> >>to enable.
> >>#
> >>#<Location /server-status>
> >>#    SetHandler server-status
> >>#    Order deny,allow
> >>#    Deny from all
> >>#    Allow from .your-domain.com
> >>#</Location>
> >>
> >>#
> >># Allow remote server configuration reports, with
> >>the URL of
> >>#  http://servername/server-info (requires that
> >>mod_info.c be loaded).
> >># Change the ".your-domain.com" to match your
> domain
> >>to enable.
> >>#
> >>#<Location /server-info>
> >>#    SetHandler server-info
> >>#    Order deny,allow
> >>#    Deny from all
> >>#    Allow from .your-domain.com
> >>#</Location>
> >>
> >># Nina added this in for svn server
> >># Repository location
> >><Location /svn1>
> >>	DAV svn
> >>	SVNParentPath /svn1
> >>	
> >>	# access control policy
> >>	AuthzSVNAccessFile /etc/svn-access-file
> >>	# how to authenticate a user
> >>	AuthType Basic
> >>	AuthName "Subversion repository"
> >>	AuthUserFile /etc/svn-auth-file
> >>	
> >>	# only authenticated users may access the
> >>repository
> >>	Require valid-user
> >></Location>
> >>
> >># Proxy Server directives. Uncomment the following
> >>lines to
> >># enable the proxy server:
> >>#
> >>#<IfModule mod_proxy.c>
> >>#ProxyRequests On
> >>#
> >>#<Proxy *>
> >>#    Order deny,allow
> >>#    Deny from all
> >>#    Allow from .your-domain.com
> >>#</Proxy>
> >>
> >>#
> >># Enable/disable the handling of HTTP/1.1 "Via:"
> >>headers.
> >># ("Full" adds the server version; "Block" removes
> >>all outgoing Via: headers)
> >># Set to one of: Off | On | Full | Block
> >>#
> >>#ProxyVia On
> >>
> >>#
> >># To enable the cache as well, edit and uncomment
> >>the following lines:
> >># (no cacheing without CacheRoot)
> >>#
> >>#CacheRoot "/etc/httpd/proxy"
> >>#CacheSize 5
> >>#CacheGcInterval 4
> >>#CacheMaxExpire 24
> >>#CacheLastModifiedFactor 0.1
> >>#CacheDefaultExpire 1
> >>#NoCache a-domain.com another-domain.edu
> >>joes.garage-sale.com
> >>
> >>#</IfModule>
> >># End of proxy directives.
> >>
> >>### Section 3: Virtual Hosts
> >>#
> >># VirtualHost: If you want to maintain multiple
> >>domains/hostnames on your
> >># machine you can setup VirtualHost containers for
> >>them. Most configurations
> >># use only name-based virtual hosts so the server
> >>doesn't need to worry about
> >># IP addresses. This is indicated by the asterisks
> >>in the directives below.
> >>#
> >># Please see the documentation at 
> >># <URL:http://httpd.apache.org/docs-2.0/vhosts/>
> >># for further details before you try to setup
> >>virtual hosts.
> >>#
> >># You may use the command line option '-S' to
> verify
> >>your virtual host
> >># configuration.
> >>
> >>#
> >># Use name-based virtual hosting.
> >>#
> >>
> >>
> >># Where do we put the lock and pif files?
> >>LockFile "/var/lock/httpd.lock"
> >>CoreDumpDirectory "/etc/httpd"
> >>
> >># Defaults for virtual hosts
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >># Logs
> >>
> >>
> >>
> >>      
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>        
> >>          
> >>            
> >>            
> >>            
> >>          
> >>        
> >>          
> >>        
> >>       
> >>#
> >># Virtual hosts
> >>#
> >>
> >># Virtual host Default Virtual Host
> >><VirtualHost *>
> >> 	
> >> 	
> >> 	
> >> 	
> >>	
> >>
> >> 	
> >> 	
> >>	DirectoryIndex index.php index.html index.htm
> >>index.shtml 
> >>	
> >>	
> >>
> >> 	
> >> 	
> >> 	
> >> 	LogLevel debug
> >> 	HostNameLookups off
> >>	
> >>	
> >>	
> >>
> >></VirtualHost>
> >>
> >>
> >>      
> >>#
> >># Each directory to which Apache has access can be
> >>configured with respect
> >># to which services and features are allowed
> and/or
> >>disabled in that
> >># directory (and its subdirectories). 
> >>#
> >># Note that from this point forward you must
> >>specifically allow
> >># particular features to be enabled - so if
> >>something's not working as
> >># you might expect, make sure that you have
> >>specifically enabled it
> >># below.
> >>#
> >>
> >><Directory "/">
> >>        Options FollowSymLinks
> >>        
> >>        AllowOverride None
> >>        
> >>        
> >>        
> >></Directory>
> >>
> >><Directory "/var/www/html">
> >>        Options Indexes Includes FollowSymLinks 
> >>        
> >>        AllowOverride None
> >>        Allow from all
> >>
> >>        
> >>        Order allow,deny
> >></Directory>
> >>
> >><Directory "/var/www/icons">
> >>        Options Indexes MultiViews
> >>        
> >>        AllowOverride None
> >>        Allow from all
> >>
> >>        
> >>        Order allow,deny
> >></Directory>
> >>
> >><Directory "/var/www/cgi-bin">
> >>        Options ExecCGI
> >>        
> >>        AllowOverride None
> >>        Allow from all
> >>
> >>        
> >>        Order allow,deny
> >></Directory>
> >>
> >>
> >>      
> >>    
> >>  
> >>
> >>    
> >>
>
>---------------------------------------------------------------------
> >  
> >
> >>The official User-To-User support forum of the
> >>Apache HTTP Server Project.
> >>See <URL:http://httpd.apache.org/userslist.html>
> for
> >>more info.
> >>To unsubscribe, e-mail:
> >>users-unsubscribe@httpd.apache.org
> >>   "   from the digest:
> >>users-digest-unsubscribe@httpd.apache.org
> >>For additional commands, e-mail:
> >>    
> >>
> >users-help@httpd.apache.org
> >
> >
> >
> >		
> >__________________________________
> >Do you Yahoo!?
> >Yahoo! Mail is new and improved - Check it out!
> >http://promotions.yahoo.com/new_mail
> >
>
>---------------------------------------------------------------------
> >The official User-To-User support forum of the
> Apache HTTP Server Project.
> >See <URL:http://httpd.apache.org/userslist.html>
> for more info.
> >To unsubscribe, e-mail:
> users-unsubscribe@httpd.apache.org
> >   "   from the digest:
> users-digest-unsubscribe@httpd.apache.org
> >For additional commands, e-mail:
> users-help@httpd.apache.org
> >
> >  
> >
> 
> 
>
---------------------------------------------------------------------
> The official User-To-User support forum of the
> Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for
> more info.
> To unsubscribe, e-mail:
> users-unsubscribe@httpd.apache.org
>    "   from the digest:
> users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail:
> users-help@httpd.apache.org
> 
> 



		
__________________________________
Do you Yahoo!?
Take Yahoo! Mail with you! Get it on your mobile phone.
http://mobile.yahoo.com/maildemo 

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message