| AcceptFilter protocol accept_filter |
|
s |
C |
| Configures optimizations for a Protocol's Listener Sockets |
| AcceptPathInfo On|Off|Default |
Default |
svdh |
C |
| Resources accept trailing pathname information |
| AccessFileName filename [filename] ... |
.htaccess |
sv |
C |
| Name of the distributed configuration file |
| Action action-type cgi-script [virtual] |
|
svdh |
B |
| Activates a CGI script for a particular handler or content-type |
| AddAlt string file [file] ... |
|
svdh |
B |
| Alternate text to display for a file, instead of an icon selected by filename |
| AddAltByEncoding string MIME-encoding [MIME-encoding] ... |
|
svdh |
B |
| Alternate text to display for a file instead of an icon selected by MIME-encoding |
| AddAltByType string MIME-type [MIME-type] ... |
|
svdh |
B |
| Alternate text to display for a file, instead of an icon selected by MIME content-type |
| AddCharset charset extension [extension] ... |
|
svdh |
B |
| Maps the given filename extensions to the specified content charset |
| AddDefaultCharset On|Off|charset |
Off |
svdh |
C |
Default charset parameter to be added when a response content-type is text/plain or text/html |
| AddDescription string file [file] ... |
|
svdh |
B |
| Description to display for a file |
| AddEncoding encoding extension [extension] ... |
|
svdh |
B |
| Maps the given filename extensions to the specified encoding type |
| AddHandler handler-name extension [extension] ... |
|
svdh |
B |
| Maps the filename extensions to the specified handler |
| AddIcon icon name [name] ... |
|
svdh |
B |
| Icon to display for a file selected by name |
| AddIconByEncoding icon MIME-encoding [MIME-encoding] ... |
|
svdh |
B |
| Icon to display next to files selected by MIME content-encoding |
| AddIconByType icon MIME-type [MIME-type] ... |
|
svdh |
B |
| Icon to display next to files selected by MIME content-type |
| AddInputFilter filter[;filter...] extension [extension] ... |
|
svdh |
B |
| Maps filename extensions to the filters that will process client requests |
| AddLanguage language-tag extension [extension] ... |
|
svdh |
B |
| Maps the given filename extension to the specified content language |
| AddModuleInfo module-name string |
|
sv |
E |
| Adds additional information to the module information displayed by the server-info handler |
| AddOutputFilter filter[;filter...] extension [extension] ... |
|
svdh |
B |
| Maps filename extensions to the filters that will process responses from the server |
| AddOutputFilterByType filter[;filter...] media-type [media-type] ... |
|
svdh |
B |
| assigns an output filter to a particular media-type |
| AddType media-type extension [extension] ... |
|
svdh |
B |
| Maps the given filename extensions onto the specified content type |
| Alias [URL-path] file-path|directory-path |
|
svd |
B |
| Maps URLs to filesystem locations |
| AliasMatch regex file-path|directory-path |
|
sv |
B |
| Maps URLs to filesystem locations using regular expressions |
| Allow from all|host|env=[!]env-variable [host|env=[!]env-variable] ... |
|
dh |
E |
| Controls which hosts can access an area of the server |
| AllowCONNECT port[-port] [port[-port]] ... |
443 563 |
sv |
E |
Ports that are allowed to CONNECT through the proxy |
| AllowEncodedSlashes On|Off|NoDecode |
Off |
sv |
C |
| Determines whether encoded path separators in URLs are allowed to be passed through |
| AllowMethods reset|HTTP-method [HTTP-method]... |
reset |
d |
X |
| Restrict access to the listed HTTP methods |
| AllowOverride All|None|directive-type [directive-type] ... |
None (2.3.9 and lat + |
d |
C |
Types of directives that are allowed in .htaccess files |
| AllowOverrideList None|directive [directive-type] ... |
None |
d |
C |
Individual directives that are allowed in .htaccess files |
| Anonymous user [user] ... |
|
dh |
E |
| Specifies userIDs that are allowed access without password verification |
| Anonymous_LogEmail On|Off |
On |
dh |
E |
| Sets whether the password entered will be logged in the error log |
| Anonymous_MustGiveEmail On|Off |
On |
dh |
E |
| Specifies whether blank passwords are allowed |
| Anonymous_NoUserID On|Off |
Off |
dh |
E |
| Sets whether the userID field may be empty |
| Anonymous_VerifyEmail On|Off |
Off |
dh |
E |
| Sets whether to check the password field for a correctly formatted email address |
| AsyncRequestWorkerFactor factor |
|
s |
M |
| Limit concurrent connections per process |
| AuthBasicAuthoritative On|Off |
On |
dh |
B |
| Sets whether authorization and authentication are passed to lower level modules |
| AuthBasicFake off|username [password] |
|
dh |
B |
| Fake basic authentication using the given expressions for username and password |
| AuthBasicProvider provider-name [provider-name] ... |
file |
dh |
B |
| Sets the authentication provider(s) for this location |
| AuthBasicUseDigestAlgorithm MD5|Off |
Off |
dh |
B |
| Check passwords against the authentication providers as if Digest Authentication was in force instead of Basic Authentication. |
| AuthDBDUserPWQuery query |
|
d |
E |
| SQL query to look up a password for a user |
| AuthDBDUserRealmQuery query |
|
d |
E |
| SQL query to look up a password hash for a user and realm. |
| AuthDBMGroupFile file-path |
|
dh |
E |
| Sets the name of the database file containing the list of user groups for authorization |
| AuthDBMType default|SDBM|GDBM|NDBM|DB |
default |
dh |
E |
| Sets the type of database file that is used to store passwords |
| AuthDBMUserFile file-path |
|
dh |
E |
| Sets the name of a database file containing the list of users and passwords for authentication |
| AuthDigestAlgorithm MD5|MD5-sess |
MD5 |
dh |
E |
| Selects the algorithm used to calculate the challenge and response hashes in digest authentication |
| AuthDigestDomain URI [URI] ... |
|
dh |
E |
| URIs that are in the same protection space for digest authentication |
| AuthDigestNonceLifetime seconds |
300 |
dh |
E |
| How long the server nonce is valid |
| AuthDigestProvider provider-name [provider-name] ... |
file |
dh |
E |
| Sets the authentication provider(s) for this location |
| AuthDigestQop none|auth|auth-int [auth|auth-int] |
auth |
dh |
E |
| Determines the quality-of-protection to use in digest authentication |
| AuthDigestShmemSize size |
1000 |
s |
E |
| The amount of shared memory to allocate for keeping track of clients |
| AuthFormAuthoritative On|Off |
On |
dh |
B |
| Sets whether authorization and authentication are passed to lower level modules |
| AuthFormBody fieldname |
httpd_body |
d |
B |
| The name of a form field carrying the body of the request to attempt on successful login |
| AuthFormDisableNoStore On|Off |
Off |
d |
B |
| Disable the CacheControl no-store header on the login page |
| AuthFormFakeBasicAuth On|Off |
Off |
d |
B |
| Fake a Basic Authentication header |
| AuthFormLocation fieldname |
httpd_location |
d |
B |
| The name of a form field carrying a URL to redirect to on successful login |
| AuthFormLoginRequiredLocation url |
|
d |
B |
| The URL of the page to be redirected to should login be required |
| AuthFormLoginSuccessLocation url |
|
d |
B |
| The URL of the page to be redirected to should login be successful |
| AuthFormLogoutLocation uri |
|
d |
B |
| The URL to redirect to after a user has logged out |
| AuthFormMethod fieldname |
httpd_method |
d |
B |
| The name of a form field carrying the method of the request to attempt on successful login |
| AuthFormMimetype fieldname |
httpd_mimetype |
d |
B |
| The name of a form field carrying the mimetype of the body of the request to attempt on successful login |
| AuthFormPassword fieldname |
httpd_password |
d |
B |
| The name of a form field carrying the login password |
| AuthFormProvider provider-name [provider-name] ... |
file |
dh |
B |
| Sets the authentication provider(s) for this location |
| AuthFormSitePassphrase secret |
|
d |
B |
| Bypass authentication checks for high traffic sites |
| AuthFormSize size |
8192 |
d |
B |
| The largest size of the form in bytes that will be parsed for the login details |
| AuthFormUsername fieldname |
httpd_username |
d |
B |
| The name of a form field carrying the login username |
| AuthGroupFile file-path |
|
dh |
B |
| Sets the name of a text file containing the list of user groups for authorization |
| AuthLDAPAuthorizePrefix prefix |
AUTHORIZE_ |
dh |
E |
| Specifies the prefix for environment variables set during authorization |
| AuthLDAPBindAuthoritative off|on |
on |
dh |
E |
| Determines if other authentication providers are used when a user can be mapped to a DN but the server cannot successfully bind with the user's credentials. |
| AuthLDAPBindDN distinguished-name |
|
dh |
E |
| Optional DN to use in binding to the LDAP server |
| AuthLDAPBindPassword password |
|
dh |
E |
| Password used in conjunction with the bind DN |
| AuthLDAPCharsetConfig file-path |
|
s |
E |
| Language to charset conversion configuration file |
| AuthLDAPCompareAsUser on|off |
off |
dh |
E |
| Use the authenticated user's credentials to perform authorization comparisons |
| AuthLDAPCompareDNOnServer on|off |
on |
dh |
E |
| Use the LDAP server to compare the DNs |
| AuthLDAPDereferenceAliases never|searching|finding|always |
always |
dh |
E |
| When will the module de-reference aliases |
| AuthLDAPGroupAttribute attribute |
member uniqueMember + |
dh |
E |
| LDAP attributes used to identify the user members of groups. |
| AuthLDAPGroupAttributeIsDN on|off |
on |
dh |
E |
| Use the DN of the client username when checking for group membership |
| AuthLDAPInitialBindAsUser off|on |
off |
dh |
E |
| Determines if the server does the initial DN lookup using the basic authentication users' own username, instead of anonymously or with hard-coded credentials for the server |
| AuthLDAPInitialBindPattern regex substitution |
(.*) $1 (remote use + |
dh |
E |
| Specifies the transformation of the basic authentication username to be used when binding to the LDAP server to perform a DN lookup |
| AuthLDAPMaxSubGroupDepth Number |
10 |
dh |
E |
| Specifies the maximum sub-group nesting depth that will be evaluated before the user search is discontinued. |
| AuthLDAPRemoteUserAttribute uid |
|
dh |
E |
| Use the value of the attribute returned during the user query to set the REMOTE_USER environment variable |
| AuthLDAPRemoteUserIsDN on|off |
off |
dh |
E |
| Use the DN of the client username to set the REMOTE_USER environment variable |
| AuthLDAPSearchAsUser on|off |
off |
dh |
E |
| Use the authenticated user's credentials to perform authorization searches |
| AuthLDAPSubGroupAttribute attribute |
member uniqueMember + |
dh |
E |
| Specifies the attribute labels, one value per directive line, used to distinguish the members of the current group that are groups. |
| AuthLDAPSubGroupClass LdapObjectClass |
groupOfNames groupO + |
dh |
E |
| Specifies which LDAP objectClass values identify directory objects that are groups during sub-group processing. |
| AuthLDAPURL url [NONE|SSL|TLS|STARTTLS] |
|
dh |
E |
| URL specifying the LDAP search parameters |
| AuthMerging Off | And | Or |
Off |
dh |
B |
| Controls the manner in which each configuration section's authorization logic is combined with that of preceding configuration sections. |
| AuthName auth-domain |
|
dh |
B |
| Authorization realm for use in HTTP authentication |
| AuthnCacheContext directory|server|custom-string |
directory |
d |
B |
| Specify a context string for use in the cache key |
| AuthnCacheEnable |
|
s |
B |
| Enable Authn caching configured anywhere |
| AuthnCacheProvideFor authn-provider [...] |
|
dh |
B |
| Specify which authn provider(s) to cache for |
| AuthnCacheSOCache provider-name[:provider-args] |
|
s |
B |
| Select socache backend provider to use |
| AuthnCacheTimeout timeout (seconds) |
300 (5 minutes) |
dh |
B |
| Set a timeout for cache entries |
| <AuthnProviderAlias baseProvider Alias> ... </AuthnProviderAlias> |
|
s |
B |
| Enclose a group of directives that represent an extension of a base authentication provider and referenced by the specified alias |
AuthnzFcgiCheckAuthnProvider provider-name|None option ... |
|
d |
E |
| Enables a FastCGI application to handle the check_authn authentication hook. |
| AuthnzFcgiDefineProvider type provider-name backend-address |
|
s |
E |
| Defines a FastCGI application as a provider for authentication and/or authorization |
| AuthType None|Basic|Digest|Form |
|
dh |
B |
| Type of user authentication |
| AuthUserFile file-path |
|
dh |
B |
| Sets the name of a text file containing the list of users and passwords for authentication |
| AuthzDBDLoginToReferer On|Off |
Off |
d |
E |
Determines whether to redirect the Client to the Referring page on successful login or logout if a Referer request header is present |
| AuthzDBDQuery query |
|
d |
E |
| Specify the SQL Query for the required operation |
| AuthzDBDRedirectQuery query |
|
d |
E |
| Specify a query to look up a login page for the user |
| AuthzDBMType default|SDBM|GDBM|NDBM|DB |
default |
dh |
E |
| Sets the type of database file that is used to store list of user groups |
| <AuthzProviderAlias baseProvider Alias Require-Parameters> ... </AuthzProviderAlias> |
|
s |
B |
| Enclose a group of directives that represent an extension of a base authorization provider and referenced by the specified alias |
| AuthzSendForbiddenOnFailure On|Off |
Off |
dh |
B |
| Send '403 FORBIDDEN' instead of '401 UNAUTHORIZED' if authentication succeeds but authorization fails |
| BalancerGrowth # |
5 |
sv |
E |
| Number of additional Balancers that can be added Post-configuration |
| BalancerInherit On|Off |
On |
sv |
E |
| Inherit ProxyPassed Balancers/Workers from the main server |
| BalancerMember [balancerurl] url [key=value [key=value ...]] |
|
d |
E |
| Add a member to a load balancing group |
| BalancerPersist On|Off |
Off |
sv |
E |
| Attempt to persist changes made by the Balancer Manager across restarts. |
| BrotliAlterETag AddSuffix|NoChange|Remove |
AddSuffix |
sv |
E |
| How the outgoing ETag header should be modified during compression |
| BrotliCompressionMaxInputBlock value |
|
sv |
E |
| Maximum input block size |
| BrotliCompressionQuality value |
5 |
sv |
E |
| Compression quality |
| BrotliCompressionWindow value |
18 |
sv |
E |
| Brotli sliding compression window size |
| BrotliFilterNote [type] notename |
|
sv |
E |
| Places the compression ratio in a note for logging |
| BrowserMatch regex [!]env-variable[=value] [[!]env-variable[=value]] ... |
|
svdh |
B |
| Sets environment variables conditional on HTTP User-Agent |
| BrowserMatchNoCase regex [!]env-variable[=value] [[!]env-variable[=value]] ... |
|
svdh |
B |
| Sets environment variables conditional on User-Agent without respect to case |
| BufferedLogs On|Off |
Off |
s |
B |
| Buffer log entries in memory before writing to disk |
| BufferSize integer |
131072 |
svdh |
E |
| Maximum size in bytes to buffer by the buffer filter |
| CacheDefaultExpire seconds |
3600 (one hour) |
svdh |
E |
| The default duration to cache a document when no expiry date is specified. |
| CacheDetailHeader on|off |
off |
svdh |
E |
| Add an X-Cache-Detail header to the response. |
| CacheDirLength length |
2 |
sv |
E |
| The number of characters in subdirectory names |
| CacheDirLevels levels |
2 |
sv |
E |
| The number of levels of subdirectories in the cache. |
| CacheDisable url-string | on |
|
svdh |
E |
| Disable caching of specified URLs |
| CacheEnable cache_type [url-string] |
|
svd |
E |
| Enable caching of specified URLs using a specified storage manager |
| CacheFile file-path [file-path] ... |
|
s |
X |
| Cache a list of file handles at startup time |
| CacheHeader on|off |
off |
svdh |
E |
| Add an X-Cache header to the response. |
| CacheIgnoreCacheControl On|Off |
Off |
sv |
E |
| Ignore request to not serve cached content to client |
| CacheIgnoreHeaders header-string [header-string] ... |
None |
sv |
E |
| Do not store the given HTTP header(s) in the cache. |
| CacheIgnoreNoLastMod On|Off |
Off |
svdh |
E |
| Ignore the fact that a response has no Last Modified header. |
| CacheIgnoreQueryString On|Off |
Off |
sv |
E |
| Ignore query string when caching |
| CacheIgnoreURLSessionIdentifiers identifier [identifier] ... |
None |
sv |
E |
| Ignore defined session identifiers encoded in the URL when caching |
| CacheKeyBaseURL URL |
|
sv |
E |
| Override the base URL of reverse proxied cache keys. |
| CacheLastModifiedFactor float |
0.1 |
svdh |
E |
| The factor used to compute an expiry date based on the LastModified date. |
| CacheLock on|off |
off |
sv |
E |
| Enable the thundering herd lock. |
| CacheLockMaxAge integer |
5 |
sv |
E |
| Set the maximum possible age of a cache lock. |
| CacheLockPath directory |
/tmp/mod_cache-lock + |
sv |
E |
| Set the lock path directory. |
| CacheMaxExpire seconds |
86400 (one day) |
svdh |
E |
| The maximum time in seconds to cache a document |
| CacheMaxFileSize bytes |
1000000 |
svdh |
E |
| The maximum size (in bytes) of a document to be placed in the cache |
| CacheMinExpire seconds |
0 |
svdh |
E |
| The minimum time in seconds to cache a document |
| CacheMinFileSize bytes |
1 |
svdh |
E |
| The minimum size (in bytes) of a document to be placed in the cache |
| CacheNegotiatedDocs On|Off |
Off |
sv |
B |
| Allows content-negotiated documents to be cached by proxy servers |
| CacheQuickHandler on|off |
on |
sv |
E |
| Run the cache from the quick handler. |
| CacheReadSize bytes |
0 |
svdh |
E |
| The minimum size (in bytes) of the document to read and be cached before sending the data downstream |
| CacheReadTime milliseconds |
0 |
svdh |
E |
| The minimum time (in milliseconds) that should elapse while reading before data is sent downstream |
| CacheRoot directory |
|
sv |
E |
| The directory root under which cache files are stored |
| CacheSocache type[:args] |
|
sv |
E |
| The shared object cache implementation to use |
| CacheSocacheMaxSize bytes |
102400 |
svdh |
E |
| The maximum size (in bytes) of an entry to be placed in the cache |
| CacheSocacheMaxTime seconds |
86400 |
svdh |
E |
| The maximum time (in seconds) for a document to be placed in the cache |
| CacheSocacheMinTime seconds |
600 |
svdh |
E |
| The minimum time (in seconds) for a document to be placed in the cache |
| CacheSocacheReadSize bytes |
0 |
svdh |
E |
| The minimum size (in bytes) of the document to read and be cached before sending the data downstream |
| CacheSocacheReadTime milliseconds |
0 |
svdh |
E |
| The minimum time (in milliseconds) that should elapse while reading before data is sent downstream |
| CacheStaleOnError on|off |
on |
svdh |
E |
| Serve stale content in place of 5xx responses. |
| CacheStoreExpired On|Off |
Off |
svdh |
E |
| Attempt to cache responses that the server reports as expired |
| CacheStoreNoStore On|Off |
Off |
svdh |
E |
| Attempt to cache requests or responses that have been marked as no-store. |
| CacheStorePrivate On|Off |
Off |
svdh |
E |
| Attempt to cache responses that the server has marked as private |
| CGIDScriptTimeout time[s|ms] |
|
svdh |
B |
| The length of time to wait for more output from the CGI program |
| CGIMapExtension cgi-path .extension |
|
dh |
C |
| Technique for locating the interpreter for CGI scripts |
| CGIPassAuth On|Off |
Off |
dh |
C |
| Enables passing HTTP authorization headers to scripts as CGI variables |
| CGIVar variable rule |
|
dh |
C |
| Controls how some CGI variables are set |
| CharsetDefault charset |
|
svdh |
E |
| Charset to translate into |
| CharsetOptions option [option] ... |
ImplicitAdd |
svdh |
E |
| Configures charset translation behavior |
| CharsetSourceEnc charset |
|
svdh |
E |
| Source charset of files |
| CheckCaseOnly on|off |
Off |
svdh |
E |
| Limits the action of the speling module to case corrections |
| CheckSpelling on|off |
Off |
svdh |
E |
| Enables the spelling module |
| ChrootDir /path/to/directory |
|
s |
B |
| Directory for apache to run chroot(8) after startup. |
| ContentDigest On|Off |
Off |
svdh |
C |
Enables the generation of Content-MD5 HTTP Response headers |
| CookieDomain domain |
|
svdh |
E |
| The domain to which the tracking cookie applies |
| CookieExpires expiry-period |
|
svdh |
E |
| Expiry time for the tracking cookie |
| CookieHTTPOnly on|off |
off |
svdh |
E |
| Adds the 'HTTPOnly' attribute to the cookie |
| CookieName token |
Apache |
svdh |
E |
| Name of the tracking cookie |
| CookieSameSite None|Lax|Strict |
|
svdh |
E |
| Adds the 'SameSite' attribute to the cookie |
| CookieSecure on|off |
off |
svdh |
E |
| Adds the 'Secure' attribute to the cookie |
| CookieStyle Netscape|Cookie|Cookie2|RFC2109|RFC2965 |
Netscape |
svdh |
E |
| Format of the cookie header field |
| CookieTracking on|off |
off |
svdh |
E |
| Enables tracking cookie |
| CoreDumpDirectory directory |
|
s |
M |
| Directory where Apache HTTP Server attempts to switch before dumping core |
| CustomLog file|pipe format|nickname [env=[!]environment-variable| expr=expression] |
|
sv |
B |
| Sets filename and format of log file |
| Dav On|Off|provider-name |
Off |
d |
E |
| Enable WebDAV HTTP methods |
| DavDepthInfinity on|off |
off |
svd |
E |
| Allow PROPFIND, Depth: Infinity requests |
| DavGenericLockDB file-path |
|
svd |
E |
| Location of the DAV lock database |
| DavLockDB file-path |
|
sv |
E |
| Location of the DAV lock database |
| DavMinTimeout seconds |
0 |
svd |
E |
| Minimum amount of time the server holds a lock on a DAV resource |
| DBDExptime time-in-seconds |
300 |
sv |
E |
| Keepalive time for idle connections |
| DBDInitSQL "SQL statement" |
|
sv |
E |
| Execute an SQL statement after connecting to a database |
| DBDKeep number |
2 |
sv |
E |
| Maximum sustained number of connections |
| DBDMax number |
10 |
sv |
E |
| Maximum number of connections |
| DBDMin number |
1 |
sv |
E |
| Minimum number of connections |
| DBDParams param1=value1[,param2=value2] |
|
sv |
E |
| Parameters for database connection |
| DBDPersist On|Off |
|
sv |
E |
| Whether to use persistent connections |
| DBDPrepareSQL "SQL statement" label |
|
sv |
E |
| Define an SQL prepared statement |
| DBDriver name |
|
sv |
E |
| Specify an SQL driver |
| DefaultIcon url-path |
|
svdh |
B |
| Icon to display for files when no specific icon is configured |
| DefaultLanguage language-tag |
|
svdh |
B |
| Defines a default language-tag to be sent in the Content-Language header field for all resources in the current context that have not been assigned a language-tag by some other means. |
| DefaultRuntimeDir directory-path |
DEFAULT_REL_RUNTIME + |
s |
C |
| Base directory for the server run-time files |
| DefaultType media-type|none |
none |
svdh |
C |
This directive has no effect other than to emit warnings if the value is not none. In prior versions, DefaultType would specify a default media type to assign to response content for which no other media type configuration could be found. |
| Define parameter-name [parameter-value] |
|
svd |
C |
| Define a variable |
| DeflateBufferSize value |
8096 |
sv |
E |
| Fragment size to be compressed at one time by zlib |
| DeflateCompressionLevel value |
|
sv |
E |
| How much compression do we apply to the output |
| DeflateFilterNote [type] notename |
|
sv |
E |
| Places the compression ratio in a note for logging |
| DeflateInflateLimitRequestBody value |
|
svdh |
E |
| Maximum size of inflated request bodies |
| DeflateInflateRatioBurst value |
3 |
svdh |
E |
| Maximum number of times the inflation ratio for request bodies can be crossed |
| DeflateInflateRatioLimit value |
200 |
svdh |
E |
| Maximum inflation ratio for request bodies |
| DeflateMemLevel value |
9 |
sv |
E |
| How much memory should be used by zlib for compression |
| DeflateWindowSize value |
15 |
sv |
E |
| Zlib compression window size |
| Deny from all|host|env=[!]env-variable [host|env=[!]env-variable] ... |
|
dh |
E |
| Controls which hosts are denied access to the server |
| <Directory directory-path> ... </Directory> |
|
sv |
C |
| Enclose a group of directives that apply only to the named file-system directory, sub-directories, and their contents. |
| DirectoryCheckHandler On|Off |
Off |
svdh |
B |
| Toggle how this module responds when another handler is configured |
| DirectoryIndex disabled | local-url [local-url] ... |
index.html |
svdh |
B |
| List of resources to look for when the client requests a directory |
| DirectoryIndexRedirect on | off | permanent | temp | seeother | 3xx-code |
off |
svdh |
B |
| Configures an external redirect for directory indexes. |
| <DirectoryMatch regex> ... </DirectoryMatch> |
|
sv |
C |
| Enclose directives that apply to the contents of file-system directories matching a regular expression. |
| DirectorySlash On|Off |
On |
svdh |
B |
| Toggle trailing slash redirects on or off |
| DocumentRoot directory-path |
"/usr/local/apache/ + |
sv |
C |
| Directory that forms the main document tree visible from the web |
| DTracePrivileges On|Off |
Off |
s |
X |
| Determines whether the privileges required by dtrace are enabled. |
| DumpIOInput On|Off |
Off |
s |
E |
| Dump all input data to the error log |
| DumpIOOutput On|Off |
Off |
s |
E |
| Dump all output data to the error log |
| <Else> ... </Else> |
|
svdh |
C |
Contains directives that apply only if the condition of a previous <If> or <ElseIf> section is not satisfied by a request at runtime |
| <ElseIf expression> ... </ElseIf> |
|
svdh |
C |
Contains directives that apply only if a condition is satisfied by a request at runtime while the condition of a previous <If> or <ElseIf> section is not satisfied |
| EnableExceptionHook On|Off |
Off |
s |
M |
| Enables a hook that runs exception handlers after a crash |
| EnableMMAP On|Off |
On |
svdh |
C |
| Use memory-mapping to read files during delivery |
| EnableSendfile On|Off |
Off |
svdh |
C |
| Use the kernel sendfile support to deliver files to the client |
| Error message |
|
svdh |
C |
| Abort configuration parsing with a custom error message |
| ErrorDocument error-code document |
|
svdh |
C |
| What the server will return to the client in case of an error |
| ErrorLog file-path|syslog[:[facility][:tag]] |
logs/error_log (Uni + |
sv |
C |
| Location where the server will log errors |
| ErrorLogFormat [connection|request] format |
|
sv |
C |
| Format specification for error log entries |
| Example |
|
svdh |
X |
| Demonstration directive to illustrate the Apache module API |
| ExpiresActive On|Off |
Off |
svdh |
E |
Enables generation of Expires headers |
| ExpiresByType MIME-type <code>seconds |
|
svdh |
E |
Value of the Expires header configured by MIME type |
| ExpiresDefault <code>seconds |
|
svdh |
E |
| Default algorithm for calculating expiration time |
| ExtendedStatus On|Off |
Off[*] |
s |
C |
| Keep track of extended status information for each request |
| ExtFilterDefine filtername parameters |
|
s |
E |
| Define an external filter |
| ExtFilterOptions option [option] ... |
NoLogStderr |
d |
E |
Configure mod_ext_filter options |
| FallbackResource disabled | local-url |
|
svdh |
B |
| Define a default URL for requests that don't map to a file |
| FileETag component ... |
MTime Size |
svdh |
C |
| File attributes used to create the ETag HTTP response header for static files |
| <Files filename> ... </Files> |
|
svdh |
C |
| Contains directives that apply to matched filenames |
| <FilesMatch regex> ... </FilesMatch> |
|
svdh |
C |
| Contains directives that apply to regular-expression matched filenames |
| FilterChain [+=-@!]filter-name ... |
|
svdh |
B |
| Configure the filter chain |
| FilterDeclare filter-name [type] |
|
svdh |
B |
| Declare a smart filter |
| FilterProtocol filter-name [provider-name] proto-flags |
|
svdh |
B |
| Deal with correct HTTP protocol handling |
| FilterProvider filter-name provider-name expression |
|
svdh |
B |
| Register a content filter |
| FilterTrace filter-name level |
|
svd |
B |
Get debug/diagnostic information from mod_filter |
| ForceLanguagePriority None|Prefer|Fallback [Prefer|Fallback] |
Prefer |
svdh |
B |
| Action to take if a single acceptable document is not found |
| ForceType media-type|None |
|
dh |
C |
| Forces all matching files to be served with the specified media type in the HTTP Content-Type header field |
| ForensicLog filename|pipe |
|
sv |
E |
| Sets filename of the forensic log |
| GlobalLogfile|pipe format|nickname [env=[!]environment-variable| expr=expression] |
|
s |
B |
| Sets filename and format of log file |
| GprofDir /tmp/gprof/|/tmp/gprof/% |
|
sv |
C |
| Directory to write gmon.out profiling data to. |
| GracefulShutdownTimeout seconds |
0 |
s |
M |
| Specify a timeout after which a gracefully shutdown server will exit. |
| Group unix-group |
#-1 |
s |
B |
| Group under which the server will answer requests |
| H2CopyFiles on|off |
off |
svdh |
E |
| Determine file handling in responses |
| H2Direct on|off |
on for h2c, off for + |
sv |
E |
| H2 Direct Protocol Switch |
| H2EarlyHints on|off |
off |
sv |
E |
| Determine sending of 103 status codes |
| H2MaxSessionStreams n |
100 |
sv |
E |
| Maximum number of active streams per HTTP/2 session. |
| H2MaxWorkerIdleSeconds n |
600 |
s |
E |
| Maximum number of seconds h2 workers remain idle until shut down. |
| H2MaxWorkers n |
|
s |
E |
| Maximum number of worker threads to use per child process. |
| H2MinWorkers n |
|
s |
E |
| Minimal number of worker threads to use per child process. |
| H2ModernTLSOnly on|off |
on |
sv |
E |
| Require HTTP/2 connections to be "modern TLS" only |
| H2Padding numbits |
0 |
sv |
E |
| Determine the range of padding bytes added to payload frames |
| H2Push on|off |
on |
svdh |
E |
| H2 Server Push Switch |
| H2PushDiarySize n |
256 |
sv |
E |
| H2 Server Push Diary Size |
| H2PushPriority mime-type [after|before|interleaved] [weight] |
* After 16 |
sv |
E |
| H2 Server Push Priority |
| H2PushResource [add] path [critical] |
|
svdh |
E |
| Declares resources for early pushing to the client |
| H2SerializeHeaders on|off |
off |
sv |
E |
| Serialize Request/Response Processing Switch |
| H2StreamMaxMemSize bytes |
65536 |
sv |
E |
| Maximum amount of output data buffered per stream. |
| H2TLSCoolDownSecs seconds |
1 |
sv |
E |
| Configure the number of seconds of idle time on TLS before shrinking writes |
| H2TLSWarmUpSize amount |
1048576 |
sv |
E |
| Configure the number of bytes on TLS connection before doing max writes |
| H2Upgrade on|off |
on for h2c, off for + |
svdh |
E |
| H2 Upgrade Protocol Switch |
| H2WindowSize bytes |
65535 |
sv |
E |
| Size of Stream Window for upstream data. |
| Header [condition] add|append|echo|edit|edit*|merge|set|setifempty|unset|note header [[expr=]value [replacement] [early|env=[!]varname|expr=expression]] |
|
svdh |
E |
| Configure HTTP response headers |
| HeaderName filename |
|
svdh |
B |
| Name of the file that will be inserted at the top of the index listing |
| HeartbeatAddress addr:port |
|
s |
X |
| Multicast address for heartbeat packets |
| HeartbeatListen addr:port |
|
s |
X |
| multicast address to listen for incoming heartbeat requests |
| HeartbeatMaxServers number-of-servers |
10 |
s |
X |
| Specifies the maximum number of servers that will be sending heartbeat requests to this server |
| HeartbeatStorage file-path |
logs/hb.dat |
s |
X |
| Path to store heartbeat data |
| HeartbeatStorage file-path |
logs/hb.dat |
s |
X |
| Path to read heartbeat data |
| HostnameLookups On|Off|Double |
Off |
svd |
C |
| Enables DNS lookups on client IP addresses |
| HttpProtocolOptions [Strict|Unsafe] [RegisteredMethods|LenientMethods] [Allow0.9|Require1.0] |
Strict LenientMetho + |
sv |
C |
| Modify restrictions on HTTP Request Messages |
| IdentityCheck On|Off |
Off |
svd |
E |
| Enables logging of the RFC 1413 identity of the remote user |
| IdentityCheckTimeout seconds |
30 |
svd |
E |
| Determines the timeout duration for ident requests |
| <If expression> ... </If> |
|
svdh |
C |
| Contains directives that apply only if a condition is satisfied by a request at runtime |
| <IfDefine [!]parameter-name> ... </IfDefine> |
|
svdh |
C |
| Encloses directives that will be processed only if a test is true at startup |
| <IfDirective [!]directive-name> ... </IfDirective> |
|
svdh |
C |
| Encloses directives that are processed conditional on the presence or absence of a specific directive |
| <IfFile [!]filename> ... </IfFile> |
|
svdh |
C |
| Encloses directives that will be processed only if file exists at startup |
| <IfModule [!]module-file|module-identifier> ... </IfModule> |
|
svdh |
C |
| Encloses directives that are processed conditional on the presence or absence of a specific module |
| <IfSection [!]section-name> ... </IfSection> |
|
svdh |
C |
| Encloses directives that are processed conditional on the presence or absence of a specific section directive |
| <IfVersion [[!]operator] version> ... </IfVersion> |
|
svdh |
E |
| contains version dependent configuration |
| ImapBase map|referer|URL |
http://servername/ |
svdh |
B |
Default base for imagemap files |
| ImapDefault error|nocontent|map|referer|URL |
nocontent |
svdh |
B |
| Default action when an imagemap is called with coordinates that are not explicitly mapped |
| ImapMenu none|formatted|semiformatted|unformatted |
formatted |
svdh |
B |
| Action if no coordinates are given when calling an imagemap |
| Include file-path|directory-path|wildcard |
|
svd |
C |
| Includes other configuration files from within the server configuration files |
| IncludeOptional file-path|directory-path|wildcard |
|
svd |
C |
| Includes other configuration files from within the server configuration files |
| IndexHeadInsert "markup ..." |
|
svdh |
B |
| Inserts text in the HEAD section of an index page. |
| IndexIgnore file [file] ... |
"." |
svdh |
B |
| Adds to the list of files to hide when listing a directory |
| IndexIgnoreReset ON|OFF |
|
svdh |
B |
| Empties the list of files to hide when listing a directory |
| IndexOptions [+|-]option [[+|-]option] ... |
|
svdh |
B |
| Various configuration settings for directory indexing |
| IndexOrderDefault Ascending|Descending Name|Date|Size|Description |
Ascending Name |
svdh |
B |
| Sets the default ordering of the directory index |
| IndexStyleSheet url-path |
|
svdh |
B |
| Adds a CSS stylesheet to the directory index |
| InputSed sed-command |
|
dh |
X |
Sed command to filter request data (typically POST data) |
| ISAPIAppendLogToErrors on|off |
off |
svdh |
B |
Record HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the error log |
| ISAPIAppendLogToQuery on|off |
on |
svdh |
B |
Record HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the query field |
| ISAPICacheFile file-path [file-path] ... |
|
sv |
B |
| ISAPI .dll files to be loaded at startup |
| ISAPIFakeAsync on|off |
off |
svdh |
B |
| Fake asynchronous support for ISAPI callbacks |
| ISAPILogNotSupported on|off |
off |
svdh |
B |
| Log unsupported feature requests from ISAPI extensions |
| ISAPIReadAheadBuffer size |
49152 |
svdh |
B |
| Size of the Read Ahead Buffer sent to ISAPI extensions |
| KeepAlive On|Off |
On |
sv |
C |
| Enables HTTP persistent connections |
| KeepAliveTimeout num[ms] |
5 |
sv |
C |
| Amount of time the server will wait for subsequent requests on a persistent connection |
| KeptBodySize maximum size in bytes |
0 |
d |
B |
| Keep the request body instead of discarding it up to the specified maximum size, for potential use by filters such as mod_include. |
| LanguagePriority MIME-lang [MIME-lang] ... |
|
svdh |
B |
| The precedence of language variants for cases where the client does not express a preference |
| LDAPCacheEntries number |
1024 |
s |
E |
| Maximum number of entries in the primary LDAP cache |
| LDAPCacheTTL seconds |
600 |
s |
E |
| Time that cached items remain valid |
| LDAPConnectionPoolTTL n |
-1 |
sv |
E |
| Discard backend connections that have been sitting in the connection pool too long |
| LDAPConnectionTimeout seconds |
|
s |
E |
| Specifies the socket connection timeout in seconds |
| LDAPLibraryDebug 7 |
|
s |
E |
| Enable debugging in the LDAP SDK |
| LDAPOpCacheEntries number |
1024 |
s |
E |
| Number of entries used to cache LDAP compare operations |
| LDAPOpCacheTTL seconds |
600 |
s |
E |
| Time that entries in the operation cache remain valid |
| LDAPReferralHopLimit number |
|
dh |
E |
| The maximum number of referral hops to chase before terminating an LDAP query. |
| LDAPReferrals On|Off|default |
On |
dh |
E |
| Enable referral chasing during queries to the LDAP server. |
| LDAPRetries number-of-retries |
3 |
s |
E |
| Configures the number of LDAP server retries. |
| LDAPRetryDelay seconds |
0 |
s |
E |
| Configures the delay between LDAP server retries. |
| LDAPSharedCacheFile directory-path/filename |
|
s |
E |
| Sets the shared memory cache file |
| LDAPSharedCacheSize bytes |
500000 |
s |
E |
| Size in bytes of the shared-memory cache |
| LDAPTimeout seconds |
60 |
s |
E |
| Specifies the timeout for LDAP search and bind operations, in seconds |
| LDAPTrustedClientCert type directory-path/filename/nickname [password] |
|
dh |
E |
| Sets the file containing or nickname referring to a per connection client certificate. Not all LDAP toolkits support per connection client certificates. |
| LDAPTrustedGlobalCert type directory-path/filename [password] |
|
s |
E |
| Sets the file or database containing global trusted Certificate Authority or global client certificates |
| LDAPTrustedMode type |
|
sv |
E |
| Specifies the SSL/TLS mode to be used when connecting to an LDAP server. |
| LDAPVerifyServerCert On|Off |
On |
s |
E |
| Force server certificate verification |
| <Limit method [method] ... > ... </Limit> |
|
dh |
C |
| Restrict enclosed access controls to only certain HTTP methods |
| <LimitExcept method [method] ... > ... </LimitExcept> |
|
dh |
C |
| Restrict access controls to all HTTP methods except the named ones |
| LimitInternalRecursion number [number] |
10 |
sv |
C |
| Determine maximum number of internal redirects and nested subrequests |
| LimitRequestBody bytes |
0 |
svdh |
C |
| Restricts the total size of the HTTP request body sent from the client |
| LimitRequestFields number |
100 |
sv |
C |
| Limits the number of HTTP request header fields that will be accepted from the client |
| LimitRequestFieldSize bytes |
8190 |
sv |
C |
| Limits the size of the HTTP request header allowed from the client |
| LimitRequestLine bytes |
8190 |
sv |
C |
| Limit the size of the HTTP request line that will be accepted from the client |
| LimitXMLRequestBody bytes |
1000000 |
svdh |
C |
| Limits the size of an XML-based request body |
| Listen [IP-address:]portnumber [protocol] |
|
s |
M |
| IP addresses and ports that the server listens to |
| ListenBackLog backlog |
511 |
s |
M |
| Maximum length of the queue of pending connections |
| ListenCoresBucketsRatio ratio |
0 (disabled) |
s |
M |
| Ratio between the number of CPU cores (online) and the number of listeners' buckets |
| LoadFile filename [filename] ... |
|
sv |
E |
| Link in the named object file or library |
| LoadModule module filename |
|
sv |
E |
| Links in the object file or library, and adds to the list of active modules |
| <Location URL-path|URL> ... </Location> |
|
sv |
C |
| Applies the enclosed directives only to matching URLs |
| <LocationMatch regex> ... </LocationMatch> |
|
sv |
C |
| Applies the enclosed directives only to regular-expression matching URLs |
| LogFormat format|nickname [nickname] |
"%h %l %u %t \"%r\" + |
sv |
B |
| Describes a format for use in a log file |
| LogIOTrackTTFB ON|OFF |
OFF |
svdh |
E |
| Enable tracking of time to first byte (TTFB) |
| LogLevel [module:]level [module:level] ... |
warn |
svd |
C |
| Controls the verbosity of the ErrorLog |
| LogMessage message [hook=hook] [expr=expression] |
|
d |
X |
| Log user-defined message to error log |
| LuaAuthzProvider provider_name /path/to/lua/script.lua function_name |
|
s |
E |
Plug an authorization provider function into mod_authz_core |
| LuaCodeCache stat|forever|never |
stat |
svdh |
E |
| Configure the compiled code cache. |
| LuaHookAccessChecker /path/to/lua/script.lua hook_function_name [early|late] |
|
svdh |
E |
| Provide a hook for the access_checker phase of request processing |
| LuaHookAuthChecker /path/to/lua/script.lua hook_function_name [early|late] |
|
svdh |
E |
| Provide a hook for the auth_checker phase of request processing |
| LuaHookCheckUserID /path/to/lua/script.lua hook_function_name [early|late] |
|
svdh |
E |
| Provide a hook for the check_user_id phase of request processing |
| LuaHookFixups /path/to/lua/script.lua hook_function_name |
|
svdh |
E |
| Provide a hook for the fixups phase of a request processing |
| LuaHookInsertFilter /path/to/lua/script.lua hook_function_name |
|
svdh |
E |
| Provide a hook for the insert_filter phase of request processing |
| LuaHookLog /path/to/lua/script.lua log_function_name |
|
svdh |
E |
| Provide a hook for the access log phase of a request processing |
| LuaHookMapToStorage /path/to/lua/script.lua hook_function_name |
|
svdh |
E |
| Provide a hook for the map_to_storage phase of request processing |
| LuaHookTranslateName /path/to/lua/script.lua hook_function_name [early|late] |
|
sv |
E |
| Provide a hook for the translate name phase of request processing |
| LuaHookTypeChecker /path/to/lua/script.lua hook_function_name |
|
svdh |
E |
| Provide a hook for the type_checker phase of request processing |
| LuaInherit none|parent-first|parent-last |
parent-first |
svdh |
E |
| Controls how parent configuration sections are merged into children |
| LuaInputFilter filter_name /path/to/lua/script.lua function_name |
|
s |
E |
| Provide a Lua function for content input filtering |
| LuaMapHandler uri-pattern /path/to/lua/script.lua [function-name] |
|
svdh |
E |
| Map a path to a lua handler |
| LuaOutputFilter filter_name /path/to/lua/script.lua function_name |
|
s |
E |
| Provide a Lua function for content output filtering |
| LuaPackageCPath /path/to/include/?.soa |
|
svdh |
E |
| Add a directory to lua's package.cpath |
| LuaPackagePath /path/to/include/?.lua |
|
svdh |
E |
| Add a directory to lua's package.path |
| LuaQuickHandler /path/to/script.lua hook_function_name |
|
sv |
E |
| Provide a hook for the quick handler of request processing |
| LuaRoot /path/to/a/directory |
|
svdh |
E |
| Specify the base path for resolving relative paths for mod_lua directives |
| LuaScope once|request|conn|thread|server [min] [max] |
once |
svdh |
E |
| One of once, request, conn, thread -- default is once |
| <Macro name [par1 .. parN]> ... </Macro> |
|
svd |
B |
| Define a configuration file macro |
| MaxConnectionsPerChild number |
0 |
s |
M |
| Limit on the number of connections that an individual child server will handle during its life |
| MaxKeepAliveRequests number |
100 |
sv |
C |
| Number of requests allowed on a persistent connection |
| MaxMemFree KBytes |
2048 |
s |
M |
Maximum amount of memory that the main allocator is allowed to hold without calling free() |
| MaxRangeOverlaps default | unlimited | none | number-of-ranges |
20 |
svd |
C |
Number of overlapping ranges (eg: 100-200,150-300) allowed before returning the complete resource |
| MaxRangeReversals default | unlimited | none | number-of-ranges |
20 |
svd |
C |
Number of range reversals (eg: 100-200,50-70) allowed before returning the complete resource |
| MaxRanges default | unlimited | none | number-of-ranges |
200 |
svd |
C |
| Number of ranges allowed before returning the complete resource |
| MaxRequestWorkers number |
|
s |
M |
| Maximum number of connections that will be processed simultaneously |
| MaxSpareServers number |
10 |
s |
M |
| Maximum number of idle child server processes |
| MaxSpareThreads number |
|
s |
M |
| Maximum number of idle threads |
| MaxThreads number |
2048 |
s |
M |
| Set the maximum number of worker threads |
| MDActivationDelay duration |
|
s |
X |
| - |
| MDBaseServer on|off |
off |
s |
X |
| Control if base server may be managed or only virtual hosts. |
| MDCAChallenges name [ name ... ] |
tls-alpn-01 http-01 + |
s |
X |
| Type of ACME challenge used to prove domain ownership. |
| MDCertificateAgreement accepted |
|
s |
X |
| You confirm that you accepted the Terms of Service of the Certificate Authority. |
| MDCertificateAuthority url |
https://acme-v02.ap + |
s |
X |
| The URL of the ACME Certificate Authority service. |
| MDCertificateCheck name url |
|
s |
X |
| - |
| MDCertificateFile path-to-pem-file |
|
s |
X |
| Specify a static certificate file for the MD. |
| MDCertificateKeyFile path-to-file |
|
s |
X |
| Specify a static private key for for the static cerrtificate. |
| MDCertificateMonitor name url |
crt.sh https://crt. + |
s |
X |
| The URL of a certificate log monitor. |
| MDCertificateProtocol protocol |
ACME |
s |
X |
| The protocol to use with the Certificate Authority. |
| MDCertificateStatus on|off |
on |
s |
X |
| Exposes public certificate information in JSON. |
| MDChallengeDns01 path-to-command |
|
s |
X |
| - |
| MDContactEmail address |
|
s |
X |
| - |
| MDDriveMode always|auto|manual |
auto |
s |
X |
| former name of MDRenewMode. |
| MDHttpProxy url |
|
s |
X |
| Define a proxy for outgoing connections. |
| MDMember hostname |
|
s |
X |
| Additional hostname for the managed domain. |
| MDMembers auto|manual |
auto |
s |
X |
| Control if the alias domain names are automatically added. |
| MDMessageCmd path-to-cmd optional-args |
|
s |
X |
| Handle events for Manage Domains |
| MDMustStaple on|off |
off |
s |
X |
| Control if new certificates carry the OCSP Must Staple flag. |
| MDNotifyCmd path [ args ] |
|
s |
X |
| Run a program when a Managed Domain is ready. |
| MDomain dns-name [ other-dns-name... ] [auto|manual] |
|
s |
X |
| Define list of domain names that belong to one group. |
| <MDomainSet dns-name [ other-dns-name... ]>...</MDomainSet> |
|
s |
X |
| Container for directives applied to the same managed domains. |
| MDPortMap map1 [ map2 ] |
http:80 https:443 |
s |
X |
| Map external to internal ports for domain ownership verification. |
| MDPrivateKeys type [ params... ] |
RSA 2048 |
s |
X |
| Set type and size of the private keys generated. |
| MDRenewMode always|auto|manual |
auto |
s |
X |
| Controls if certificates shall be renewed. |
| MDRenewWindow duration |
33% |
s |
X |
| Control when a certificate will be renewed. |
| MDRequireHttps off|temporary|permanent |
off |
s |
X |
| Redirects http: traffic to https: for Managed Domains. |
| MDServerStatus on|off |
on |
s |
X |
| Control if Managed Domain information is added to server-status. |
| MDStapleOthers on|off |
on |
s |
X |
| Enable stapling for certificates not managed by mod_md. |
| MDStapling on|off |
off |
s |
X |
| Enable stapling for all or a particular MDomain. |
| MDStaplingKeepResponse duration |
7d |
s |
X |
| Controls when old responses should be removed. |
| MDStaplingRenewWindow duration |
33% |
s |
X |
| Control when the stapling responses will be renewed. |
| MDStoreDir path |
md |
s |
X |
| Path on the local file system to store the Managed Domains data. |
| MDWarnWindow duration |
10% |
s |
X |
| Define the time window when you want to be warned about an expiring certificate. |
| MemcacheConnTTL num[units] |
15s |
sv |
E |
| Keepalive time for idle connections |
| MergeSlashes ON|OFF |
ON |
sv |
C |
| Controls whether the server merges consecutive slashes in URLs. |
| MergeTrailers [on|off] |
off |
sv |
C |
| Determines whether trailers are merged into headers |
| MetaDir directory |
.web |
svdh |
E |
| Name of the directory to find CERN-style meta information files |
| MetaFiles on|off |
off |
svdh |
E |
| Activates CERN meta-file processing |
| MetaSuffix suffix |
.meta |
svdh |
E |
| File name suffix for the file containing CERN-style meta information |
| MimeMagicFile file-path |
|
sv |
E |
| Enable MIME-type determination based on file contents using the specified magic file |
| MinSpareServers number |
5 |
s |
M |
| Minimum number of idle child server processes |
| MinSpareThreads number |
|
s |
M |
| Minimum number of idle threads available to handle request spikes |
| MMapFile file-path [file-path] ... |
|
s |
X |
| Map a list of files into memory at startup time |
| ModemStandard V.21|V.26bis|V.32|V.34|V.92 |
|
d |
X |
| Modem standard to simulate |
| ModMimeUsePathInfo On|Off |
Off |
d |
B |
Tells mod_mime to treat path_info components as part of the filename |
| MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers [Handlers|Filters] |
NegotiatedOnly |
svdh |
B |
| The types of files that will be included when searching for a matching file with MultiViews |
| Mutex mechanism [default|mutex-name] ... [OmitPID] |
default |
s |
C |
| Configures mutex mechanism and lock file directory for all or specified mutexes |
| NameVirtualHost addr[:port] |
|
s |
C |
| DEPRECATED: Designates an IP address for name-virtual hosting |
| NoProxy host [host] ... |
|
sv |
E |
| Hosts, domains, or networks that will be connected to directly |
| NWSSLTrustedCerts filename [filename] ... |
|
s |
B |
| List of additional client certificates |
| NWSSLUpgradeable [IP-address:]portnumber |
|
s |
B |
| Allows a connection to be upgraded to an SSL connection upon request |
| Options [+|-]option [[+|-]option] ... |
FollowSymlinks |
svdh |
C |
| Configures what features are available in a particular directory |
| Order ordering |
Deny,Allow |
dh |
E |
Controls the default access state and the order in which Allow and Deny are evaluated. |
| OutputSed sed-command |
|
dh |
X |
| Sed command for filtering response content |
| PassEnv env-variable [env-variable] ... |
|
svdh |
B |
| Passes environment variables from the shell |
| PidFile filename |
logs/httpd.pid |
s |
M |
| File where the server records the process ID of the daemon |
| PrivilegesMode FAST|SECURE|SELECTIVE |
FAST |
svd |
X |
| Trade off processing speed and efficiency vs security against malicious privileges-aware code. |
| Protocol protocol |
|
sv |
C |
| Protocol for a listening socket |
| ProtocolEcho On|Off |
Off |
sv |
X |
| Turn the echo server on or off |
| Protocols protocol ... |
http/1.1 |
sv |
C |
| Protocols available for a server/virtual host |
| ProtocolsHonorOrder On|Off |
On |
sv |
C |
| Determines if order of Protocols determines precedence during negotiation |
| <Proxy wildcard-url> ...</Proxy> |
|
sv |
E |
| Container for directives applied to proxied resources |
| Proxy100Continue Off|On |
On |
svd |
E |
| Forward 100-continue expectation to the origin server |
| ProxyAddHeaders Off|On |
On |
svd |
E |
| Add proxy information in X-Forwarded-* headers |
| ProxyBadHeader IsError|Ignore|StartBody |
IsError |
sv |
E |
| Determines how to handle bad header lines in a response |
| ProxyBlock *|word|host|domain [word|host|domain] ... |
|
sv |
E |
| Words, hosts, or domains that are banned from being proxied |
| ProxyDomain Domain |
|
sv |
E |
| Default domain name for proxied requests |
| ProxyErrorOverride On|Off |
Off |
svd |
E |
| Override error pages for proxied content |
| ProxyExpressDBMFile pathname |
|
sv |
E |
| Pathname to DBM file. |
| ProxyExpressDBMType type |
default |
sv |
E |
| DBM type of file. |
| ProxyExpressEnable on|off |
off |
sv |
E |
| Enable the module functionality. |
| ProxyFCGIBackendType FPM|GENERIC |
FPM |
svdh |
E |
| Specify the type of backend FastCGI application |
| ProxyFCGISetEnvIf conditional-expression [!]environment-variable-name [value-expression] |
|
svdh |
E |
| Allow variables sent to FastCGI servers to be fixed up |
| ProxyFtpDirCharset character_set |
ISO-8859-1 |
svd |
E |
| Define the character set for proxied FTP listings |
| ProxyFtpEscapeWildcards on|off |
on |
svd |
E |
| Whether wildcards in requested filenames are escaped when sent to the FTP server |
| ProxyFtpListOnWildcard on|off |
on |
svd |
E |
| Whether wildcards in requested filenames trigger a file listing |
| ProxyHCExpr name {ap_expr expression} |
|
sv |
E |
| Creates a named condition expression to use to determine health of the backend based on its response |
| ProxyHCTemplate name parameter=setting [...] |
|
sv |
E |
| Creates a named template for setting various health check parameters |
| ProxyHCTPsize size |
16 |
s |
E |
| Sets the total server-wide size of the threadpool used for the health check workers |
| ProxyHTMLBufSize bytes |
8192 |
svd |
B |
| Sets the buffer size increment for buffering inline scripts and stylesheets. |
| ProxyHTMLCharsetOut Charset | * |
|
svd |
B |
| Specify a charset for mod_proxy_html output. |
ProxyHTMLDocType HTML|XHTML [Legacy]
OR
ProxyHTMLDocType fpi [SGML|XML] |
|
svd |
B |
| Sets an HTML or XHTML document type declaration. |
| ProxyHTMLEnable On|Off |
Off |
svd |
B |
| Turns the proxy_html filter on or off. |
| ProxyHTMLEvents attribute [attribute ...] |
|
svd |
B |
| Specify attributes to treat as scripting events. |
| ProxyHTMLExtended On|Off |
Off |
svd |
B |
| Determines whether to fix links in inline scripts, stylesheets, and scripting events. |
| ProxyHTMLFixups [lowercase] [dospath] [reset] |
|
svd |
B |
| Fixes for simple HTML errors. |
| ProxyHTMLInterp On|Off |
Off |
svd |
B |
Enables per-request interpolation of ProxyHTMLURLMap rules. |
| ProxyHTMLLinks element attribute [attribute2 ...] |
|
svd |
B |
| Specify HTML elements that have URL attributes to be rewritten. |
| ProxyHTMLMeta On|Off |
Off |
svd |
B |
Turns on or off extra pre-parsing of metadata in HTML <head> sections. |
| ProxyHTMLStripComments On|Off |
Off |
svd |
B |
| Determines whether to strip HTML comments. |
| ProxyHTMLURLMap from-pattern to-pattern [flags] [cond] |
|
svd |
B |
| Defines a rule to rewrite HTML links |
| ProxyIOBufferSize bytes |
8192 |
sv |
E |
| Determine size of internal data throughput buffer |
| <ProxyMatch regex> ...</ProxyMatch> |
|
sv |
E |
| Container for directives applied to regular-expression-matched proxied resources |
| ProxyMaxForwards number |
-1 |
sv |
E |
| Maximium number of proxies that a request can be forwarded through |
| ProxyPass [path] !|url [key=value [key=value ...]] [nocanon] [interpolate] [noquery] |
|
svd |
E |
| Maps remote servers into the local server URL-space |
| ProxyPassInherit On|Off |
On |
sv |
E |
| Inherit ProxyPass directives defined from the main server |
| ProxyPassInterpolateEnv On|Off |
Off |
svd |
E |
| Enable Environment Variable interpolation in Reverse Proxy configurations |
| ProxyPassMatch [regex] !|url [key=value [key=value ...]] |
|
svd |
E |
| Maps remote servers into the local server URL-space using regular expressions |
| ProxyPassReverse [path] url [interpolate] |
|
svd |
E |
| Adjusts the URL in HTTP response headers sent from a reverse proxied server |
| ProxyPassReverseCookieDomain internal-domain public-domain [interpolate] |
|
svd |
E |
| Adjusts the Domain string in Set-Cookie headers from a reverse- proxied server |
| ProxyPassReverseCookiePath internal-path public-path [interpolate] |
|
svd |
E |
| Adjusts the Path string in Set-Cookie headers from a reverse- proxied server |
| ProxyPreserveHost On|Off |
Off |
svd |
E |
| Use incoming Host HTTP request header for proxy request |
| ProxyReceiveBufferSize bytes |
0 |
sv |
E |
| Network buffer size for proxied HTTP and FTP connections |
| ProxyRemote match remote-server |
|
sv |
E |
| Remote proxy used to handle certain requests |
| ProxyRemoteMatch regex remote-server |
|
sv |
E |
| Remote proxy used to handle requests matched by regular expressions |
| ProxyRequests On|Off |
Off |
sv |
E |
| Enables forward (standard) proxy requests |
| ProxySCGIInternalRedirect On|Off|Headername |
On |
svd |
E |
| Enable or disable internal redirect responses from the backend |
| ProxySCGISendfile On|Off|Headername |
Off |
svd |
E |
| Enable evaluation of X-Sendfile pseudo response header |
| ProxySet url key=value [key=value ...] |
|
svd |
E |
| Set various Proxy balancer or member parameters |
| ProxySourceAddress address |
|
sv |
E |
| Set local IP address for outgoing proxy connections |
| ProxyStatus Off|On|Full |
Off |
sv |
E |
| Show Proxy LoadBalancer status in mod_status |
| ProxyTimeout seconds |
|
sv |
E |
| Network timeout for proxied requests |
| ProxyVia On|Off|Full|Block |
Off |
sv |
E |
Information provided in the Via HTTP response header for proxied requests |
| QualifyRedirectURL On|Off |
Off |
svd |
C |
| Controls whether the REDIRECT_URL environment variable is fully qualified |
| ReadmeName filename |
|
svdh |
B |
| Name of the file that will be inserted at the end of the index listing |
| ReceiveBufferSize bytes |
0 |
s |
M |
| TCP receive buffer size |
| Redirect [status] [URL-path] URL |
|
svdh |
B |
| Sends an external redirect asking the client to fetch a different URL |
| RedirectMatch [status] regex URL |
|
svdh |
B |
| Sends an external redirect based on a regular expression match of the current URL |
| RedirectPermanent URL-path URL |
|
svdh |
B |
| Sends an external permanent redirect asking the client to fetch a different URL |
| RedirectTemp URL-path URL |
|
svdh |
B |
| Sends an external temporary redirect asking the client to fetch a different URL |
| RedisConnPoolTTL num[units] |
15s |
sv |
E |
| TTL used for the connection pool with the Redis server(s) |
| RedisTimeout num[units] |
5s |
sv |
E |
| R/W timeout used for the connection with the Redis server(s) |
| ReflectorHeader inputheader [outputheader] |
|
svdh |
B |
| Reflect an input header to the output headers |
| RegexDefaultOptions [none] [+|-]option [[+|-]option] ... |
DOTALL DOLLAR_ENDON + |
s |
C |
| Allow to configure global/default options for regexes |
| RegisterHttpMethod method [method [...]] |
|
s |
C |
| Register non-standard HTTP methods |
| RemoteIPHeader header-field |
|
sv |
B |
| Declare the header field which should be parsed for useragent IP addresses |
| RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ... |
|
sv |
B |
| Declare client intranet IP addresses trusted to present the RemoteIPHeader value |
| RemoteIPInternalProxyList filename |
|
sv |
B |
| Declare client intranet IP addresses trusted to present the RemoteIPHeader value |
| RemoteIPProxiesHeader HeaderFieldName |
|
sv |
B |
| Declare the header field which will record all intermediate IP addresses |
| RemoteIPProxyProtocol On|Off |
|
sv |
B |
| Enable or disable PROXY protocol handling |
| RemoteIPProxyProtocolExceptions host|range [host|range] [host|range] |
|
sv |
B |
| Disable processing of PROXY header for certain hosts or networks |
| RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ... |
|
sv |
B |
| Declare client intranet IP addresses trusted to present the RemoteIPHeader value |
| RemoteIPTrustedProxyList filename |
|
sv |
B |
| Declare client intranet IP addresses trusted to present the RemoteIPHeader value |
| RemoveCharset extension [extension] ... |
|
vdh |
B |
| Removes any character set associations for a set of file extensions |
| RemoveEncoding extension [extension] ... |
|
vdh |
B |
| Removes any content encoding associations for a set of file extensions |
| RemoveHandler extension [extension] ... |
|
vdh |
B |
| Removes any handler associations for a set of file extensions |
| RemoveInputFilter extension [extension] ... |
|
vdh |
B |
| Removes any input filter associations for a set of file extensions |
| RemoveLanguage extension [extension] ... |
|
vdh |
B |
| Removes any language associations for a set of file extensions |
| RemoveOutputFilter extension [extension] ... |
|
vdh |
B |
| Removes any output filter associations for a set of file extensions |
| RemoveType extension [extension] ... |
|
vdh |
B |
| Removes any content type associations for a set of file extensions |
| RequestHeader add|append|edit|edit*|merge|set|setifempty|unset header [[expr=]value [replacement] [early|env=[!]varname|expr=expression]] |
|
svdh |
E |
| Configure HTTP request headers |
| RequestReadTimeout [handshake=timeout[-maxtimeout][,MinRate=rate] [header=timeout[-maxtimeout][,MinRate=rate] [body=timeout[-maxtimeout][,MinRate=rate] |
handshake=0 header= + |
sv |
E |
| Set timeout values for completing the TLS handshake, receiving the request headers and/or body from client. |
| Require [not] entity-name [entity-name] ... |
|
dh |
B |
| Tests whether an authenticated user is authorized by an authorization provider. |
| <RequireAll> ... </RequireAll> |
|
dh |
B |
| Enclose a group of authorization directives of which none must fail and at least one must succeed for the enclosing directive to succeed. |
| <RequireAny> ... </RequireAny> |
|
dh |
B |
| Enclose a group of authorization directives of which one must succeed for the enclosing directive to succeed. |
| <RequireNone> ... </RequireNone> |
|
dh |
B |
| Enclose a group of authorization directives of which none must succeed for the enclosing directive to not fail. |
| RewriteBase URL-path |
|
dh |
E |
| Sets the base URL for per-directory rewrites |
| RewriteCond TestString CondPattern [flags] |
|
svdh |
E |
| Defines a condition under which rewriting will take place |
| RewriteEngine on|off |
off |
svdh |
E |
| Enables or disables runtime rewriting engine |
| RewriteMap MapName MapType:MapSource [MapTypeOptions] |
|
sv |
E |
| Defines a mapping function for key-lookup |
| RewriteOptions Options |
|
svdh |
E |
| Sets some special options for the rewrite engine |
| RewriteRule Pattern Substitution [flags] |
|
svdh |
E |
| Defines rules for the rewriting engine |
| RLimitCPU seconds|max [seconds|max] |
|
svdh |
C |
| Limits the CPU consumption of processes launched by Apache httpd children |
| RLimitMEM bytes|max [bytes|max] |
|
svdh |
C |
| Limits the memory consumption of processes launched by Apache httpd children |
| RLimitNPROC number|max [number|max] |
|
svdh |
C |
| Limits the number of processes that can be launched by processes launched by Apache httpd children |
| Satisfy Any|All |
All |
dh |
E |
| Interaction between host-level access control and user authentication |
| ScoreBoardFile file-path |
logs/apache_runtime + |
s |
M |
| Location of the file used to store coordination data for the child processes |
| Script method cgi-script |
|
svd |
B |
| Activates a CGI script for a particular request method. |
| ScriptAlias [URL-path] file-path|directory-path |
|
svd |
B |
| Maps a URL to a filesystem location and designates the target as a CGI script |
| ScriptAliasMatch regex file-path|directory-path |
|
sv |
B |
| Maps a URL to a filesystem location using a regular expression and designates the target as a CGI script |
| ScriptInterpreterSource Registry|Registry-Strict|Script |
Script |
svdh |
C |
| Technique for locating the interpreter for CGI scripts |
| ScriptLog file-path |
|
sv |
B |
| Location of the CGI script error logfile |
| ScriptLogBuffer bytes |
1024 |
sv |
B |
| Maximum amount of PUT or POST requests that will be recorded in the scriptlog |
| ScriptLogLength bytes |
10385760 |
sv |
B |
| Size limit of the CGI script logfile |
| ScriptSock file-path |
cgisock |
s |
B |
| The filename prefix of the socket to use for communication with the cgi daemon |
| SecureListen [IP-address:]portnumber Certificate-Name [MUTUAL] |
|
s |
B |
| Enables SSL encryption for the specified port |
| SeeRequestTail On|Off |
Off |
s |
C |
| Determine if mod_status displays the first 63 characters of a request or the last 63, assuming the request itself is greater than 63 chars. |
| SendBufferSize bytes |
0 |
s |
M |
| TCP buffer size |
| ServerAdmin email-address|URL |
|
sv |
C |
| Email address that the server includes in error messages sent to the client |
| ServerAlias hostname [hostname] ... |
|
v |
C |
| Alternate names for a host used when matching requests to name-virtual hosts |
| ServerLimit number |
|
s |
M |
| Upper limit on configurable number of processes |
| ServerName [scheme://]domain-name|ip-address[:port] |
|
sv |
C |
| Hostname and port that the server uses to identify itself |
| ServerPath URL-path |
|
v |
C |
| Legacy URL pathname for a name-based virtual host that is accessed by an incompatible browser |
| ServerRoot directory-path |
/usr/local/apache |
s |
C |
| Base directory for the server installation |
| ServerSignature On|Off|EMail |
Off |
svdh |
C |
| Configures the footer on server-generated documents |
| ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full |
Full |
s |
C |
Configures the Server HTTP response header |
| Session On|Off |
Off |
svdh |
E |
| Enables a session for the current directory or location |
| SessionCookieName name attributes |
|
svdh |
E |
| Name and attributes for the RFC2109 cookie storing the session |
| SessionCookieName2 name attributes |
|
svdh |
E |
| Name and attributes for the RFC2965 cookie storing the session |
| SessionCookieRemove On|Off |
Off |
svdh |
E |
| Control for whether session cookies should be removed from incoming HTTP headers |
| SessionCryptoCipher name |
aes256 |
svdh |
X |
| The crypto cipher to be used to encrypt the session |
| SessionCryptoDriver name [param[=value]] |
|
s |
X |
| The crypto driver to be used to encrypt the session |
| SessionCryptoPassphrase secret [ secret ... ] |
|
svdh |
X |
| The key used to encrypt the session |
| SessionCryptoPassphraseFile filename |
|
svd |
X |
| File containing keys used to encrypt the session |
| SessionDBDCookieName name attributes |
|
svdh |
E |
| Name and attributes for the RFC2109 cookie storing the session ID |
| SessionDBDCookieName2 name attributes |
|
svdh |
E |
| Name and attributes for the RFC2965 cookie storing the session ID |
| SessionDBDCookieRemove On|Off |
On |
svdh |
E |
| Control for whether session ID cookies should be removed from incoming HTTP headers |
| SessionDBDDeleteLabel label |
deletesession |
svdh |
E |
| The SQL query to use to remove sessions from the database |
| SessionDBDInsertLabel label |
insertsession |
svdh |
E |
| The SQL query to use to insert sessions into the database |
| SessionDBDPerUser On|Off |
Off |
svdh |
E |
| Enable a per user session |
| SessionDBDSelectLabel label |
selectsession |
svdh |
E |
| The SQL query to use to select sessions from the database |
| SessionDBDUpdateLabel label |
updatesession |
svdh |
E |
| The SQL query to use to update existing sessions in the database |
| SessionEnv On|Off |
Off |
svdh |
E |
| Control whether the contents of the session are written to the HTTP_SESSION environment variable |
| SessionExclude path |
|
svdh |
E |
| Define URL prefixes for which a session is ignored |
| SessionExpiryUpdateInterval interval |
0 (always update) |
svdh |
E |
| Define the number of seconds a session's expiry may change without the session being updated |
| SessionHeader header |
|
svdh |
E |
| Import session updates from a given HTTP response header |
| SessionInclude path |
|
svdh |
E |
| Define URL prefixes for which a session is valid |
| SessionMaxAge maxage |
0 |
svdh |
E |
| Define a maximum age in seconds for a session |
| SetEnv env-variable [value] |
|
svdh |
B |
| Sets environment variables |
| SetEnvIf attribute regex [!]env-variable[=value] [[!]env-variable[=value]] ... |
|
svdh |
B |
| Sets environment variables based on attributes of the request |
| SetEnvIfExpr expr [!]env-variable[=value] [[!]env-variable[=value]] ... |
|
svdh |
B |
| Sets environment variables based on an ap_expr expression |
| SetEnvIfNoCase attribute regex [!]env-variable[=value] [[!]env-variable[=value]] ... |
|
svdh |
B |
| Sets environment variables based on attributes of the request without respect to case |
| SetHandler handler-name|none|expression |
|
svdh |
C |
| Forces all matching files to be processed by a handler |
| SetInputFilter filter[;filter...] |
|
svdh |
C |
| Sets the filters that will process client requests and POST input |
| SetOutputFilter filter[;filter...] |
|
svdh |
C |
| Sets the filters that will process responses from the server |
| SSIEndTag tag |
"-->" |
sv |
B |
| String that ends an include element |
| SSIErrorMsg message |
"[an error occurred + |
svdh |
B |
| Error message displayed when there is an SSI error |
| SSIETag on|off |
off |
dh |
B |
| Controls whether ETags are generated by the server. |
| SSILastModified on|off |
off |
dh |
B |
Controls whether Last-Modified headers are generated by the server. |
| SSILegacyExprParser on|off |
off |
dh |
B |
| Enable compatibility mode for conditional expressions. |
| SSIStartTag tag |
"<!--#" |
sv |
B |
| String that starts an include element |
| SSITimeFormat formatstring |
"%A, %d-%b-%Y %H:%M + |
svdh |
B |
| Configures the format in which date strings are displayed |
| SSIUndefinedEcho string |
"(none)" |
svdh |
B |
| String displayed when an unset variable is echoed |
| SSLCACertificateFile file-path |
|
sv |
E |
| File of concatenated PEM-encoded CA Certificates for Client Auth |
| SSLCACertificatePath directory-path |
|
sv |
E |
| Directory of PEM-encoded CA Certificates for Client Auth |
| SSLCADNRequestFile file-path |
|
sv |
E |
| File of concatenated PEM-encoded CA Certificates for defining acceptable CA names |
| SSLCADNRequestPath directory-path |
|
sv |
E |
| Directory of PEM-encoded CA Certificates for defining acceptable CA names |
| SSLCARevocationCheck chain|leaf|none [flags ...] |
none |
sv |
E |
| Enable CRL-based revocation checking |
| SSLCARevocationFile file-path |
|
sv |
E |
| File of concatenated PEM-encoded CA CRLs for Client Auth |
| SSLCARevocationPath directory-path |
|
sv |
E |
| Directory of PEM-encoded CA CRLs for Client Auth |
| SSLCertificateChainFile file-path |
|
sv |
E |
| File of PEM-encoded Server CA Certificates |
| SSLCertificateFile file-path|certid |
|
sv |
E |
| Server PEM-encoded X.509 certificate data file or token identifier |
| SSLCertificateKeyFile file-path|keyid |
|
sv |
E |
| Server PEM-encoded private key file |
| SSLCipherSuite [protocol] cipher-spec |
DEFAULT (depends on + |
svdh |
E |
| Cipher Suite available for negotiation in SSL handshake |
| SSLCompression on|off |
off |
sv |
E |
| Enable compression on the SSL level |
| SSLCryptoDevice engine |
builtin |
s |
E |
| Enable use of a cryptographic hardware accelerator |
| SSLEngine on|off|optional |
off |
sv |
E |
| SSL Engine Operation Switch |
| SSLFIPS on|off |
off |
s |
E |
| SSL FIPS mode Switch |
| SSLHonorCipherOrder on|off |
off |
sv |
E |
| Option to prefer the server's cipher preference order |
| SSLInsecureRenegotiation on|off |
off |
sv |
E |
| Option to enable support for insecure renegotiation |
| SSLOCSPDefaultResponder uri |
|
sv |
E |
| Set the default responder URI for OCSP validation |
| SSLOCSPEnable on|leaf|off |
off |
sv |
E |
| Enable OCSP validation of the client certificate chain |
| SSLOCSPNoverify On/Off |
Off |
sv |
E |
| skip the OCSP responder certificates verification |
| SSLOCSPOverrideResponder on|off |
off |
sv |
E |
| Force use of the default responder URI for OCSP validation |
| SSLOCSPProxyURL url |
|
sv |
E |
| Proxy URL to use for OCSP requests |
| SSLOCSPResponderCertificateFile file |
|
sv |
E |
| Set of trusted PEM encoded OCSP responder certificates |
| SSLOCSPResponderTimeout seconds |
10 |
sv |
E |
| Timeout for OCSP queries |
| SSLOCSPResponseMaxAge seconds |
-1 |
sv |
E |
| Maximum allowable age for OCSP responses |
| SSLOCSPResponseTimeSkew seconds |
300 |
sv |
E |
| Maximum allowable time skew for OCSP response validation |
| SSLOCSPUseRequestNonce on|off |
on |
sv |
E |
| Use a nonce within OCSP queries |
| SSLOpenSSLConfCmd command-name command-value |
|
sv |
E |
| Configure OpenSSL parameters through its SSL_CONF API |
| SSLOptions [+|-]option ... |
|
svdh |
E |
| Configure various SSL engine run-time options |
| SSLPassPhraseDialog type |
builtin |
s |
E |
| Type of pass phrase dialog for encrypted private keys |
| SSLProtocol [+|-]protocol ... |
all -SSLv3 (up to 2 + |
sv |
E |
| Configure usable SSL/TLS protocol versions |
| SSLProxyCACertificateFile file-path |
|
svp |
E |
| File of concatenated PEM-encoded CA Certificates for Remote Server Auth |
| SSLProxyCACertificatePath directory-path |
|
svp |
E |
| Directory of PEM-encoded CA Certificates for Remote Server Auth |
| SSLProxyCARevocationCheck chain|leaf|none |
none |
svp |
E |
| Enable CRL-based revocation checking for Remote Server Auth |
| SSLProxyCARevocationFile file-path |
|
svp |
E |
| File of concatenated PEM-encoded CA CRLs for Remote Server Auth |
|
