Directive Quick Reference

 A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X 
s server config
v virtual host
d directory
h .htaccess
p proxy section
C Core
M MPM
B Base
E Extension
X Experimental
T External
AcceptFilter protocol accept_filter s C
Configures optimizations for a Protocol's Listener Sockets
AcceptPathInfo On|Off|Default Default svdh C
Resources accept trailing pathname information
AccessFileName filename [filename] ... .htaccess sv C
Name of the distributed configuration file
Action action-type cgi-script [virtual] svdh B
Activates a CGI script for a particular handler or content-type
AddAlt string file [file] ... svdh B
Alternate text to display for a file, instead of an icon selected by filename
AddAltByEncoding string MIME-encoding [MIME-encoding] ... svdh B
Alternate text to display for a file instead of an icon selected by MIME-encoding
AddAltByType string MIME-type [MIME-type] ... svdh B
Alternate text to display for a file, instead of an icon selected by MIME content-type
AddCharset charset extension [extension] ... svdh B
Maps the given filename extensions to the specified content charset
AddDefaultCharset On|Off|charset Off svdh C
Default charset parameter to be added when a response content-type is text/plain or text/html
AddDescription string file [file] ... svdh B
Description to display for a file
AddEncoding encoding extension [extension] ... svdh B
Maps the given filename extensions to the specified encoding type
AddHandler handler-name extension [extension] ... svdh B
Maps the filename extensions to the specified handler
AddIcon icon name [name] ... svdh B
Icon to display for a file selected by name
AddIconByEncoding icon MIME-encoding [MIME-encoding] ... svdh B
Icon to display next to files selected by MIME content-encoding
AddIconByType icon MIME-type [MIME-type] ... svdh B
Icon to display next to files selected by MIME content-type
AddInputFilter filter[;filter...] extension [extension] ... svdh B
Maps filename extensions to the filters that will process client requests
AddLanguage language-tag extension [extension] ... svdh B
Maps the given filename extension to the specified content language
AddModuleInfo module-name string sv E
Adds additional information to the module information displayed by the server-info handler
AddOutputFilter filter[;filter...] extension [extension] ... svdh B
Maps filename extensions to the filters that will process responses from the server
AddOutputFilterByType filter[;filter...] media-type [media-type] ... svdh B
assigns an output filter to a particular media-type
AddType media-type extension [extension] ... svdh B
Maps the given filename extensions onto the specified content type
Alias [URL-path] file-path|directory-path svd B
Maps URLs to filesystem locations
AliasMatch regex file-path|directory-path sv B
Maps URLs to filesystem locations using regular expressions
Allow from all|host|env=[!]env-variable [host|env=[!]env-variable] ... dh E
Controls which hosts can access an area of the server
AllowCONNECT port[-port] [port[-port]] ... 443 563 sv E
Ports that are allowed to CONNECT through the proxy
AllowEncodedSlashes On|Off|NoDecode Off sv C
Determines whether encoded path separators in URLs are allowed to be passed through
AllowMethods reset|HTTP-method [HTTP-method]... reset d X
Restrict access to the listed HTTP methods
AllowOverride All|None|directive-type [directive-type] ... None (2.3.9 and lat + d C
Types of directives that are allowed in .htaccess files
AllowOverrideList None|directive [directive-type] ... None d C
Individual directives that are allowed in .htaccess files
Anonymous user [user] ... dh E
Specifies userIDs that are allowed access without password verification
Anonymous_LogEmail On|Off On dh E
Sets whether the password entered will be logged in the error log
Anonymous_MustGiveEmail On|Off On dh E
Specifies whether blank passwords are allowed
Anonymous_NoUserID On|Off Off dh E
Sets whether the userID field may be empty
Anonymous_VerifyEmail On|Off Off dh E
Sets whether to check the password field for a correctly formatted email address
AsyncRequestWorkerFactor factor s M
Limit concurrent connections per process
AuthBasicAuthoritative On|Off On dh B
Sets whether authorization and authentication are passed to lower level modules
AuthBasicFake off|username [password] dh B
Fake basic authentication using the given expressions for username and password
AuthBasicProvider provider-name [provider-name] ... file dh B
Sets the authentication provider(s) for this location
AuthBasicUseDigestAlgorithm MD5|Off Off dh B
Check passwords against the authentication providers as if Digest Authentication was in force instead of Basic Authentication.
AuthDBDUserPWQuery query d E
SQL query to look up a password for a user
AuthDBDUserRealmQuery query d E
SQL query to look up a password hash for a user and realm.
AuthDBMGroupFile file-path dh E
Sets the name of the database file containing the list of user groups for authorization
AuthDBMType default|SDBM|GDBM|NDBM|DB default dh E
Sets the type of database file that is used to store passwords
AuthDBMUserFile file-path dh E
Sets the name of a database file containing the list of users and passwords for authentication
AuthDigestAlgorithm MD5|MD5-sess MD5 dh E
Selects the algorithm used to calculate the challenge and response hashes in digest authentication
AuthDigestDomain URI [URI] ... dh E
URIs that are in the same protection space for digest authentication
AuthDigestNonceLifetime seconds 300 dh E
How long the server nonce is valid
AuthDigestProvider provider-name [provider-name] ... file dh E
Sets the authentication provider(s) for this location
AuthDigestQop none|auth|auth-int [auth|auth-int] auth dh E
Determines the quality-of-protection to use in digest authentication
AuthDigestShmemSize size 1000 s E
The amount of shared memory to allocate for keeping track of clients
AuthFormAuthoritative On|Off On dh B
Sets whether authorization and authentication are passed to lower level modules
AuthFormBody fieldname httpd_body d B
The name of a form field carrying the body of the request to attempt on successful login
AuthFormDisableNoStore On|Off Off d B
Disable the CacheControl no-store header on the login page
AuthFormFakeBasicAuth On|Off Off d B
Fake a Basic Authentication header
AuthFormLocation fieldname httpd_location d B
The name of a form field carrying a URL to redirect to on successful login
AuthFormLoginRequiredLocation url d B
The URL of the page to be redirected to should login be required
AuthFormLoginSuccessLocation url d B
The URL of the page to be redirected to should login be successful
AuthFormLogoutLocation uri d B
The URL to redirect to after a user has logged out
AuthFormMethod fieldname httpd_method d B
The name of a form field carrying the method of the request to attempt on successful login
AuthFormMimetype fieldname httpd_mimetype d B
The name of a form field carrying the mimetype of the body of the request to attempt on successful login
AuthFormPassword fieldname httpd_password d B
The name of a form field carrying the login password
AuthFormProvider provider-name [provider-name] ... file dh B
Sets the authentication provider(s) for this location
AuthFormSitePassphrase secret d B
Bypass authentication checks for high traffic sites
AuthFormSize size 8192 d B
The largest size of the form in bytes that will be parsed for the login details
AuthFormUsername fieldname httpd_username d B
The name of a form field carrying the login username
AuthGroupFile file-path dh B
Sets the name of a text file containing the list of user groups for authorization
AuthLDAPAuthorizePrefix prefix AUTHORIZE_ dh E
Specifies the prefix for environment variables set during authorization
AuthLDAPBindAuthoritative off|on on dh E
Determines if other authentication providers are used when a user can be mapped to a DN but the server cannot successfully bind with the user's credentials.
AuthLDAPBindDN distinguished-name dh E
Optional DN to use in binding to the LDAP server
AuthLDAPBindPassword password dh E
Password used in conjunction with the bind DN
AuthLDAPCharsetConfig file-path s E
Language to charset conversion configuration file
AuthLDAPCompareAsUser on|off off dh E
Use the authenticated user's credentials to perform authorization comparisons
AuthLDAPCompareDNOnServer on|off on dh E
Use the LDAP server to compare the DNs
AuthLDAPDereferenceAliases never|searching|finding|always always dh E
When will the module de-reference aliases
AuthLDAPGroupAttribute attribute member uniqueMember + dh E
LDAP attributes used to identify the user members of groups.
AuthLDAPGroupAttributeIsDN on|off on dh E
Use the DN of the client username when checking for group membership
AuthLDAPInitialBindAsUser off|on off dh E
Determines if the server does the initial DN lookup using the basic authentication users' own username, instead of anonymously or with hard-coded credentials for the server
AuthLDAPInitialBindPattern regex substitution (.*) $1 (remote use + dh E
Specifies the transformation of the basic authentication username to be used when binding to the LDAP server to perform a DN lookup
AuthLDAPMaxSubGroupDepth Number 10 dh E
Specifies the maximum sub-group nesting depth that will be evaluated before the user search is discontinued.
AuthLDAPRemoteUserAttribute uid dh E
Use the value of the attribute returned during the user query to set the REMOTE_USER environment variable
AuthLDAPRemoteUserIsDN on|off off dh E
Use the DN of the client username to set the REMOTE_USER environment variable
AuthLDAPSearchAsUser on|off off dh E
Use the authenticated user's credentials to perform authorization searches
AuthLDAPSubGroupAttribute attribute member uniqueMember + dh E
Specifies the attribute labels, one value per directive line, used to distinguish the members of the current group that are groups.
AuthLDAPSubGroupClass LdapObjectClass groupOfNames groupO + dh E
Specifies which LDAP objectClass values identify directory objects that are groups during sub-group processing.
AuthLDAPURL url [NONE|SSL|TLS|STARTTLS] dh E
URL specifying the LDAP search parameters
AuthMerging Off | And | Or Off dh B
Controls the manner in which each configuration section's authorization logic is combined with that of preceding configuration sections.
AuthName auth-domain dh B
Authorization realm for use in HTTP authentication
AuthnCacheContext directory|server|custom-string directory d B
Specify a context string for use in the cache key
AuthnCacheEnable s B
Enable Authn caching configured anywhere
AuthnCacheProvideFor authn-provider [...] dh B
Specify which authn provider(s) to cache for
AuthnCacheSOCache provider-name[:provider-args] s B
Select socache backend provider to use
AuthnCacheTimeout timeout (seconds) 300 (5 minutes) dh B
Set a timeout for cache entries
<AuthnProviderAlias baseProvider Alias> ... </AuthnProviderAlias> s B
Enclose a group of directives that represent an extension of a base authentication provider and referenced by the specified alias
AuthnzFcgiCheckAuthnProvider provider-name|None option ... d E
Enables a FastCGI application to handle the check_authn authentication hook.
AuthnzFcgiDefineProvider type provider-name backend-address s E
Defines a FastCGI application as a provider for authentication and/or authorization
AuthType None|Basic|Digest|Form dh B
Type of user authentication
AuthUserFile file-path dh B
Sets the name of a text file containing the list of users and passwords for authentication
AuthzDBDLoginToReferer On|Off Off d E
Determines whether to redirect the Client to the Referring page on successful login or logout if a Referer request header is present
AuthzDBDQuery query d E
Specify the SQL Query for the required operation
AuthzDBDRedirectQuery query d E
Specify a query to look up a login page for the user
AuthzDBMType default|SDBM|GDBM|NDBM|DB default dh E
Sets the type of database file that is used to store list of user groups
<AuthzProviderAlias baseProvider Alias Require-Parameters> ... </AuthzProviderAlias> s B
Enclose a group of directives that represent an extension of a base authorization provider and referenced by the specified alias
AuthzSendForbiddenOnFailure On|Off Off dh B
Send '403 FORBIDDEN' instead of '401 UNAUTHORIZED' if authentication succeeds but authorization fails
BalancerGrowth # 5 sv E
Number of additional Balancers that can be added Post-configuration
BalancerInherit On|Off On sv E
Inherit ProxyPassed Balancers/Workers from the main server
BalancerMember [balancerurl] url [key=value [key=value ...]] d E
Add a member to a load balancing group
BalancerPersist On|Off Off sv E
Attempt to persist changes made by the Balancer Manager across restarts.
BrotliAlterETag AddSuffix|NoChange|Remove AddSuffix sv E
How the outgoing ETag header should be modified during compression
BrotliCompressionMaxInputBlock value sv E
Maximum input block size
BrotliCompressionQuality value 5 sv E
Compression quality
BrotliCompressionWindow value 18 sv E
Brotli sliding compression window size
BrotliFilterNote [type] notename sv E
Places the compression ratio in a note for logging
BrowserMatch regex [!]env-variable[=value] [[!]env-variable[=value]] ... svdh B
Sets environment variables conditional on HTTP User-Agent
BrowserMatchNoCase regex [!]env-variable[=value] [[!]env-variable[=value]] ... svdh B
Sets environment variables conditional on User-Agent without respect to case
BufferedLogs On|Off Off s B
Buffer log entries in memory before writing to disk
BufferSize integer 131072 svdh E
Maximum size in bytes to buffer by the buffer filter
CacheDefaultExpire seconds 3600 (one hour) svdh E
The default duration to cache a document when no expiry date is specified.
CacheDetailHeader on|off off svdh E
Add an X-Cache-Detail header to the response.
CacheDirLength length 2 sv E
The number of characters in subdirectory names
CacheDirLevels levels 2 sv E
The number of levels of subdirectories in the cache.
CacheDisable url-string | on svdh E
Disable caching of specified URLs
CacheEnable cache_type [url-string] svd E
Enable caching of specified URLs using a specified storage manager
CacheFile file-path [file-path] ... s X
Cache a list of file handles at startup time
CacheHeader on|off off svdh E
Add an X-Cache header to the response.
CacheIgnoreCacheControl On|Off Off sv E
Ignore request to not serve cached content to client
CacheIgnoreHeaders header-string [header-string] ... None sv E
Do not store the given HTTP header(s) in the cache.
CacheIgnoreNoLastMod On|Off Off svdh E
Ignore the fact that a response has no Last Modified header.
CacheIgnoreQueryString On|Off Off sv E
Ignore query string when caching
CacheIgnoreURLSessionIdentifiers identifier [identifier] ... None sv E
Ignore defined session identifiers encoded in the URL when caching
CacheKeyBaseURL URL sv E
Override the base URL of reverse proxied cache keys.
CacheLastModifiedFactor float 0.1 svdh E
The factor used to compute an expiry date based on the LastModified date.
CacheLock on|off off sv E
Enable the thundering herd lock.
CacheLockMaxAge integer 5 sv E
Set the maximum possible age of a cache lock.
CacheLockPath directory /tmp/mod_cache-lock + sv E
Set the lock path directory.
CacheMaxExpire seconds 86400 (one day) svdh E
The maximum time in seconds to cache a document
CacheMaxFileSize bytes 1000000 svdh E
The maximum size (in bytes) of a document to be placed in the cache
CacheMinExpire seconds 0 svdh E
The minimum time in seconds to cache a document
CacheMinFileSize bytes 1 svdh E
The minimum size (in bytes) of a document to be placed in the cache
CacheNegotiatedDocs On|Off Off sv B
Allows content-negotiated documents to be cached by proxy servers
CacheQuickHandler on|off on sv E
Run the cache from the quick handler.
CacheReadSize bytes 0 svdh E
The minimum size (in bytes) of the document to read and be cached before sending the data downstream
CacheReadTime milliseconds 0 svdh E
The minimum time (in milliseconds) that should elapse while reading before data is sent downstream
CacheRoot directory sv E
The directory root under which cache files are stored
CacheSocache type[:args] sv E
The shared object cache implementation to use
CacheSocacheMaxSize bytes 102400 svdh E
The maximum size (in bytes) of an entry to be placed in the cache
CacheSocacheMaxTime seconds 86400 svdh E
The maximum time (in seconds) for a document to be placed in the cache
CacheSocacheMinTime seconds 600 svdh E
The minimum time (in seconds) for a document to be placed in the cache
CacheSocacheReadSize bytes 0 svdh E
The minimum size (in bytes) of the document to read and be cached before sending the data downstream
CacheSocacheReadTime milliseconds 0 svdh E
The minimum time (in milliseconds) that should elapse while reading before data is sent downstream
CacheStaleOnError on|off on svdh E
Serve stale content in place of 5xx responses.
CacheStoreExpired On|Off Off svdh E
Attempt to cache responses that the server reports as expired
CacheStoreNoStore On|Off Off svdh E
Attempt to cache requests or responses that have been marked as no-store.
CacheStorePrivate On|Off Off svdh E
Attempt to cache responses that the server has marked as private
CGIDScriptTimeout time[s|ms] svdh B
The length of time to wait for more output from the CGI program
CGIMapExtension cgi-path .extension dh C
Technique for locating the interpreter for CGI scripts
CGIPassAuth On|Off Off dh C
Enables passing HTTP authorization headers to scripts as CGI variables
CGIVar variable rule dh C
Controls how some CGI variables are set
CharsetDefault charset svdh E
Charset to translate into
CharsetOptions option [option] ... ImplicitAdd svdh E
Configures charset translation behavior
CharsetSourceEnc charset svdh E
Source charset of files
CheckCaseOnly on|off Off svdh E
Limits the action of the speling module to case corrections
CheckSpelling on|off Off svdh E
Enables the spelling module
ChrootDir /path/to/directory s B
Directory for apache to run chroot(8) after startup.
ContentDigest On|Off Off svdh C
Enables the generation of Content-MD5 HTTP Response headers
CookieDomain domain svdh E
The domain to which the tracking cookie applies
CookieExpires expiry-period svdh E
Expiry time for the tracking cookie
CookieHTTPOnly on|off off svdh E
Adds the 'HTTPOnly' attribute to the cookie
CookieName token Apache svdh E
Name of the tracking cookie
CookieSameSite None|Lax|Strict svdh E
Adds the 'SameSite' attribute to the cookie
CookieSecure on|off off svdh E
Adds the 'Secure' attribute to the cookie
CookieStyle Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape svdh E
Format of the cookie header field
CookieTracking on|off off svdh E
Enables tracking cookie
CoreDumpDirectory directory s M
Directory where Apache HTTP Server attempts to switch before dumping core
CustomLog file|pipe format|nickname [env=[!]environment-variable| expr=expression] sv B
Sets filename and format of log file
Dav On|Off|provider-name Off d E
Enable WebDAV HTTP methods
DavDepthInfinity on|off off svd E
Allow PROPFIND, Depth: Infinity requests
DavGenericLockDB file-path svd E
Location of the DAV lock database
DavLockDB file-path sv E
Location of the DAV lock database
DavMinTimeout seconds 0 svd E
Minimum amount of time the server holds a lock on a DAV resource
DBDExptime time-in-seconds 300 sv E
Keepalive time for idle connections
DBDInitSQL "SQL statement" sv E
Execute an SQL statement after connecting to a database
DBDKeep number 2 sv E
Maximum sustained number of connections
DBDMax number 10 sv E
Maximum number of connections
DBDMin number 1 sv E
Minimum number of connections
DBDParams param1=value1[,param2=value2] sv E
Parameters for database connection
DBDPersist On|Off sv E
Whether to use persistent connections
DBDPrepareSQL "SQL statement" label sv E
Define an SQL prepared statement
DBDriver name sv E
Specify an SQL driver
DefaultIcon url-path svdh B
Icon to display for files when no specific icon is configured
DefaultLanguage language-tag svdh B
Defines a default language-tag to be sent in the Content-Language header field for all resources in the current context that have not been assigned a language-tag by some other means.
DefaultRuntimeDir directory-path DEFAULT_REL_RUNTIME + s C
Base directory for the server run-time files
DefaultType media-type|none none svdh C
This directive has no effect other than to emit warnings if the value is not none. In prior versions, DefaultType would specify a default media type to assign to response content for which no other media type configuration could be found.
Define parameter-name [parameter-value] svd C
Define a variable
DeflateBufferSize value 8096 sv E
Fragment size to be compressed at one time by zlib
DeflateCompressionLevel value sv E
How much compression do we apply to the output
DeflateFilterNote [type] notename sv E
Places the compression ratio in a note for logging
DeflateInflateLimitRequestBody value svdh E
Maximum size of inflated request bodies
DeflateInflateRatioBurst value 3 svdh E
Maximum number of times the inflation ratio for request bodies can be crossed
DeflateInflateRatioLimit value 200 svdh E
Maximum inflation ratio for request bodies
DeflateMemLevel value 9 sv E
How much memory should be used by zlib for compression
DeflateWindowSize value 15 sv E
Zlib compression window size
Deny from all|host|env=[!]env-variable [host|env=[!]env-variable] ... dh E
Controls which hosts are denied access to the server
<Directory directory-path> ... </Directory> sv C
Enclose a group of directives that apply only to the named file-system directory, sub-directories, and their contents.
DirectoryCheckHandler On|Off Off svdh B
Toggle how this module responds when another handler is configured
DirectoryIndex disabled | local-url [local-url] ... index.html svdh B
List of resources to look for when the client requests a directory
DirectoryIndexRedirect on | off | permanent | temp | seeother | 3xx-code off svdh B
Configures an external redirect for directory indexes.
<DirectoryMatch regex> ... </DirectoryMatch> sv C
Enclose directives that apply to the contents of file-system directories matching a regular expression.
DirectorySlash On|Off On svdh B
Toggle trailing slash redirects on or off
DocumentRoot directory-path "/usr/local/apache/ + sv C
Directory that forms the main document tree visible from the web
DTracePrivileges On|Off Off s X
Determines whether the privileges required by dtrace are enabled.
DumpIOInput On|Off Off s E
Dump all input data to the error log
DumpIOOutput On|Off Off s E
Dump all output data to the error log
<Else> ... </Else> svdh C
Contains directives that apply only if the condition of a previous <If> or <ElseIf> section is not satisfied by a request at runtime
<ElseIf expression> ... </ElseIf> svdh C
Contains directives that apply only if a condition is satisfied by a request at runtime while the condition of a previous <If> or <ElseIf> section is not satisfied
EnableExceptionHook On|Off Off s M
Enables a hook that runs exception handlers after a crash
EnableMMAP On|Off On svdh C
Use memory-mapping to read files during delivery
EnableSendfile On|Off Off svdh C
Use the kernel sendfile support to deliver files to the client
Error message svdh C
Abort configuration parsing with a custom error message
ErrorDocument error-code document svdh C
What the server will return to the client in case of an error
ErrorLog file-path|syslog[:[facility][:tag]] logs/error_log (Uni + sv C
Location where the server will log errors
ErrorLogFormat [connection|request] format sv C
Format specification for error log entries
Example svdh X
Demonstration directive to illustrate the Apache module API
ExpiresActive On|Off Off svdh E
Enables generation of Expires headers
ExpiresByType MIME-type <code>seconds svdh E
Value of the Expires header configured by MIME type
ExpiresDefault <code>seconds svdh E
Default algorithm for calculating expiration time
ExtendedStatus On|Off Off[*] s C
Keep track of extended status information for each request
ExtFilterDefine filtername parameters s E
Define an external filter
ExtFilterOptions option [option] ... NoLogStderr d E
Configure mod_ext_filter options
FallbackResource disabled | local-url svdh B
Define a default URL for requests that don't map to a file
FileETag component ... MTime Size svdh C
File attributes used to create the ETag HTTP response header for static files
<Files filename> ... </Files> svdh C
Contains directives that apply to matched filenames
<FilesMatch regex> ... </FilesMatch> svdh C
Contains directives that apply to regular-expression matched filenames
FilterChain [[email protected]!]filter-name ... svdh B
Configure the filter chain
FilterDeclare filter-name [type] svdh B
Declare a smart filter
FilterProtocol filter-name [provider-name] proto-flags svdh B
Deal with correct HTTP protocol handling
FilterProvider filter-name provider-name expression svdh B
Register a content filter
FilterTrace filter-name level svd B
Get debug/diagnostic information from mod_filter
ForceLanguagePriority None|Prefer|Fallback [Prefer|Fallback] Prefer svdh B
Action to take if a single acceptable document is not found
ForceType media-type|None dh C
Forces all matching files to be served with the specified media type in the HTTP Content-Type header field
ForensicLog filename|pipe sv E
Sets filename of the forensic log
GlobalLogfile|pipe format|nickname [env=[!]environment-variable| expr=expression] s B
Sets filename and format of log file
GprofDir /tmp/gprof/|/tmp/gprof/% sv C
Directory to write gmon.out profiling data to.
GracefulShutdownTimeout seconds 0 s M
Specify a timeout after which a gracefully shutdown server will exit.
Group unix-group #-1 s B
Group under which the server will answer requests
H2CopyFiles on|off off svdh E
Determine file handling in responses
H2Direct on|off on for h2c, off for + sv E
H2 Direct Protocol Switch
H2EarlyHints on|off off sv E
Determine sending of 103 status codes
H2MaxSessionStreams n 100 sv E
Maximum number of active streams per HTTP/2 session.
H2MaxWorkerIdleSeconds n 600 s E
Maximum number of seconds h2 workers remain idle until shut down.
H2MaxWorkers n s E
Maximum number of worker threads to use per child process.
H2MinWorkers n s E
Minimal number of worker threads to use per child process.
H2ModernTLSOnly on|off on sv E
Require HTTP/2 connections to be "modern TLS" only
H2Padding numbits 0 sv E
Determine the range of padding bytes added to payload frames
H2Push on|off on svdh E
H2 Server Push Switch
H2PushDiarySize n 256 sv E
H2 Server Push Diary Size
H2PushPriority mime-type [after|before|interleaved] [weight] * After 16 sv E
H2 Server Push Priority
H2PushResource [add] path [critical] svdh E
Declares resources for early pushing to the client
H2SerializeHeaders on|off off sv E
Serialize Request/Response Processing Switch
H2StreamMaxMemSize bytes 65536 sv E
Maximum amount of output data buffered per stream.
H2TLSCoolDownSecs seconds 1 sv E
Configure the number of seconds of idle time on TLS before shrinking writes
H2TLSWarmUpSize amount 1048576 sv E
Configure the number of bytes on TLS connection before doing max writes
H2Upgrade on|off on for h2c, off for + svdh E
H2 Upgrade Protocol Switch
H2WindowSize bytes 65535 sv E
Size of Stream Window for upstream data.
Header [condition] add|append|echo|edit|edit*|merge|set|setifempty|unset|note header [[expr=]value [replacement] [early|env=[!]varname|expr=expression]] svdh E
Configure HTTP response headers
HeaderName filename svdh B
Name of the file that will be inserted at the top of the index listing
HeartbeatAddress addr:port s X
Multicast address for heartbeat packets
HeartbeatListen addr:port s X
multicast address to listen for incoming heartbeat requests
HeartbeatMaxServers number-of-servers 10 s X
Specifies the maximum number of servers that will be sending heartbeat requests to this server
HeartbeatStorage file-path logs/hb.dat s X
Path to store heartbeat data
HeartbeatStorage file-path logs/hb.dat s X
Path to read heartbeat data
HostnameLookups On|Off|Double Off svd C
Enables DNS lookups on client IP addresses
HttpProtocolOptions [Strict|Unsafe] [RegisteredMethods|LenientMethods] [Allow0.9|Require1.0] Strict LenientMetho + sv C
Modify restrictions on HTTP Request Messages
IdentityCheck On|Off Off svd E
Enables logging of the RFC 1413 identity of the remote user
IdentityCheckTimeout seconds 30 svd E
Determines the timeout duration for ident requests
<If expression> ... </If> svdh C
Contains directives that apply only if a condition is satisfied by a request at runtime
<IfDefine [!]parameter-name> ... </IfDefine> svdh C
Encloses directives that will be processed only if a test is true at startup
<IfDirective [!]directive-name> ... </IfDirective> svdh C
Encloses directives that are processed conditional on the presence or absence of a specific directive
<IfFile [!]filename> ... </IfFile> svdh C
Encloses directives that will be processed only if file exists at startup
<IfModule [!]module-file|module-identifier> ... </IfModule> svdh C
Encloses directives that are processed conditional on the presence or absence of a specific module
<IfSection [!]section-name> ... </IfSection> svdh C
Encloses directives that are processed conditional on the presence or absence of a specific section directive
<IfVersion [[!]operator] version> ... </IfVersion> svdh E
contains version dependent configuration
ImapBase map|referer|URL http://servername/ svdh B
Default base for imagemap files
ImapDefault error|nocontent|map|referer|URL nocontent svdh B
Default action when an imagemap is called with coordinates that are not explicitly mapped
ImapMenu none|formatted|semiformatted|unformatted formatted svdh B
Action if no coordinates are given when calling an imagemap
Include file-path|directory-path|wildcard svd C
Includes other configuration files from within the server configuration files
IncludeOptional file-path|directory-path|wildcard svd C
Includes other configuration files from within the server configuration files
IndexHeadInsert "markup ..." svdh B
Inserts text in the HEAD section of an index page.
IndexIgnore file [file] ... "." svdh B
Adds to the list of files to hide when listing a directory
IndexIgnoreReset ON|OFF svdh B
Empties the list of files to hide when listing a directory
IndexOptions [+|-]option [[+|-]option] ... svdh B
Various configuration settings for directory indexing
IndexOrderDefault Ascending|Descending Name|Date|Size|Description Ascending Name svdh B
Sets the default ordering of the directory index
IndexStyleSheet url-path svdh B
Adds a CSS stylesheet to the directory index
InputSed sed-command dh X
Sed command to filter request data (typically POST data)
ISAPIAppendLogToErrors on|off off svdh B
Record HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the error log
ISAPIAppendLogToQuery on|off on svdh B
Record HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the query field
ISAPICacheFile file-path [file-path] ... sv B
ISAPI .dll files to be loaded at startup
ISAPIFakeAsync on|off off svdh B
Fake asynchronous support for ISAPI callbacks
ISAPILogNotSupported on|off off svdh B
Log unsupported feature requests from ISAPI extensions
ISAPIReadAheadBuffer size 49152 svdh B
Size of the Read Ahead Buffer sent to ISAPI extensions
KeepAlive On|Off On sv C
Enables HTTP persistent connections
KeepAliveTimeout num[ms] 5 sv C
Amount of time the server will wait for subsequent requests on a persistent connection
KeptBodySize maximum size in bytes 0 d B
Keep the request body instead of discarding it up to the specified maximum size, for potential use by filters such as mod_include.
LanguagePriority MIME-lang [MIME-lang] ... svdh B
The precedence of language variants for cases where the client does not express a preference
LDAPCacheEntries number 1024 s E
Maximum number of entries in the primary LDAP cache
LDAPCacheTTL seconds 600 s E
Time that cached items remain valid
LDAPConnectionPoolTTL n -1 sv E
Discard backend connections that have been sitting in the connection pool too long
LDAPConnectionTimeout seconds s E
Specifies the socket connection timeout in seconds
LDAPLibraryDebug 7 s E
Enable debugging in the LDAP SDK
LDAPOpCacheEntries number 1024 s E
Number of entries used to cache LDAP compare operations
LDAPOpCacheTTL seconds 600 s E
Time that entries in the operation cache remain valid
LDAPReferralHopLimit number dh E
The maximum number of referral hops to chase before terminating an LDAP query.
LDAPReferrals On|Off|default On dh E
Enable referral chasing during queries to the LDAP server.
LDAPRetries number-of-retries 3 s E
Configures the number of LDAP server retries.
LDAPRetryDelay seconds 0 s E
Configures the delay between LDAP server retries.
LDAPSharedCacheFile directory-path/filename s E
Sets the shared memory cache file
LDAPSharedCacheSize bytes 500000 s E
Size in bytes of the shared-memory cache
LDAPTimeout seconds 60 s E
Specifies the timeout for LDAP search and bind operations, in seconds
LDAPTrustedClientCert type directory-path/filename/nickname [password] dh E
Sets the file containing or nickname referring to a per connection client certificate. Not all LDAP toolkits support per connection client certificates.
LDAPTrustedGlobalCert type directory-path/filename [password] s E
Sets the file or database containing global trusted Certificate Authority or global client certificates
LDAPTrustedMode type sv E
Specifies the SSL/TLS mode to be used when connecting to an LDAP server.
LDAPVerifyServerCert On|Off On s E
Force server certificate verification
<Limit method [method] ... > ... </Limit> dh C
Restrict enclosed access controls to only certain HTTP methods
<LimitExcept method [method] ... > ... </LimitExcept> dh C
Restrict access controls to all HTTP methods except the named ones
LimitInternalRecursion number [number] 10 sv C
Determine maximum number of internal redirects and nested subrequests
LimitRequestBody bytes 0 svdh C
Restricts the total size of the HTTP request body sent from the client
LimitRequestFields number 100 sv C
Limits the number of HTTP request header fields that will be accepted from the client
LimitRequestFieldSize bytes 8190 sv C
Limits the size of the HTTP request header allowed from the client
LimitRequestLine bytes 8190 sv C
Limit the size of the HTTP request line that will be accepted from the client
LimitXMLRequestBody bytes 1000000 svdh C
Limits the size of an XML-based request body
Listen [IP-address:]portnumber [protocol] s M
IP addresses and ports that the server listens to
ListenBackLog backlog 511 s M
Maximum length of the queue of pending connections
ListenCoresBucketsRatio ratio 0 (disabled) s M
Ratio between the number of CPU cores (online) and the number of listeners' buckets
LoadFile filename [filename] ... sv E
Link in the named object file or library
LoadModule module filename sv E
Links in the object file or library, and adds to the list of active modules
<Location URL-path|URL> ... </Location> sv C
Applies the enclosed directives only to matching URLs
<LocationMatch regex> ... </LocationMatch> sv C
Applies the enclosed directives only to regular-expression matching URLs
LogFormat format|nickname [nickname] "%h %l %u %t \"%r\" + sv B
Describes a format for use in a log file
LogIOTrackTTFB ON|OFF OFF svdh E
Enable tracking of time to first byte (TTFB)
LogLevel [module:]level [module:level] ... warn svd C
Controls the verbosity of the ErrorLog
LogMessage message [hook=hook] [expr=expression] d X
Log user-defined message to error log
LuaAuthzProvider provider_name /path/to/lua/script.lua function_name s E
Plug an authorization provider function into mod_authz_core
LuaCodeCache stat|forever|never stat svdh E
Configure the compiled code cache.
LuaHookAccessChecker /path/to/lua/script.lua hook_function_name [early|late] svdh E
Provide a hook for the access_checker phase of request processing
LuaHookAuthChecker /path/to/lua/script.lua hook_function_name [early|late] svdh E
Provide a hook for the auth_checker phase of request processing
LuaHookCheckUserID /path/to/lua/script.lua hook_function_name [early|late] svdh E
Provide a hook for the check_user_id phase of request processing
LuaHookFixups /path/to/lua/script.lua hook_function_name svdh E
Provide a hook for the fixups phase of a request processing
LuaHookInsertFilter /path/to/lua/script.lua hook_function_name svdh E
Provide a hook for the insert_filter phase of request processing
LuaHookLog /path/to/lua/script.lua log_function_name svdh E
Provide a hook for the access log phase of a request processing
LuaHookMapToStorage /path/to/lua/script.lua hook_function_name svdh E
Provide a hook for the map_to_storage phase of request processing
LuaHookTranslateName /path/to/lua/script.lua hook_function_name [early|late] sv E
Provide a hook for the translate name phase of request processing
LuaHookTypeChecker /path/to/lua/script.lua hook_function_name svdh E
Provide a hook for the type_checker phase of request processing
LuaInherit none|parent-first|parent-last parent-first svdh E
Controls how parent configuration sections are merged into children
LuaInputFilter filter_name /path/to/lua/script.lua function_name s E
Provide a Lua function for content input filtering
LuaMapHandler uri-pattern /path/to/lua/script.lua [function-name] svdh E
Map a path to a lua handler
LuaOutputFilter filter_name /path/to/lua/script.lua function_name s E
Provide a Lua function for content output filtering
LuaPackageCPath /path/to/include/?.soa svdh E
Add a directory to lua's package.cpath
LuaPackagePath /path/to/include/?.lua svdh E
Add a directory to lua's package.path
LuaQuickHandler /path/to/script.lua hook_function_name sv E
Provide a hook for the quick handler of request processing
LuaRoot /path/to/a/directory svdh E
Specify the base path for resolving relative paths for mod_lua directives
LuaScope once|request|conn|thread|server [min] [max] once svdh E
One of once, request, conn, thread -- default is once
<Macro name [par1 .. parN]> ... </Macro> svd B
Define a configuration file macro
MaxConnectionsPerChild number 0 s M
Limit on the number of connections that an individual child server will handle during its life
MaxKeepAliveRequests number 100 sv C
Number of requests allowed on a persistent connection
MaxMemFree KBytes 2048 s M
Maximum amount of memory that the main allocator is allowed to hold without calling free()
MaxRangeOverlaps default | unlimited | none | number-of-ranges 20 svd C
Number of overlapping ranges (eg: 100-200,150-300) allowed before returning the complete resource
MaxRangeReversals default | unlimited | none | number-of-ranges 20 svd C
Number of range reversals (eg: 100-200,50-70) allowed before returning the complete resource
MaxRanges default | unlimited | none | number-of-ranges 200 svd C
Number of ranges allowed before returning the complete resource
MaxRequestWorkers number s M
Maximum number of connections that will be processed simultaneously
MaxSpareServers number 10 s M
Maximum number of idle child server processes
MaxSpareThreads number s M
Maximum number of idle threads
MaxThreads number 2048 s M
Set the maximum number of worker threads
MDActivationDelay duration s X
-
MDBaseServer on|off off s X
Control if base server may be managed or only virtual hosts.
MDCAChallenges name [ name ... ] tls-alpn-01 http-01 + s X
Type of ACME challenge used to prove domain ownership.
MDCertificateAgreement accepted s X
You confirm that you accepted the Terms of Service of the Certificate Authority.
MDCertificateAuthority url https://acme-v02.ap + s X
The URL of the ACME Certificate Authority service.
MDCertificateCheck name url s X
-
MDCertificateFile path-to-pem-file s X
Specify a static certificate file for the MD.
MDCertificateKeyFile path-to-file s X
Specify a static private key for for the static cerrtificate.
MDCertificateMonitor name url crt.sh https://crt. + s X
The URL of a certificate log monitor.
MDCertificateProtocol protocol ACME s X
The protocol to use with the Certificate Authority.
MDCertificateStatus on|off on s X
Exposes public certificate information in JSON.
MDChallengeDns01 path-to-command s X
-
MDContactEmail address s X
-
MDDriveMode always|auto|manual auto s X
former name of MDRenewMode.
MDHttpProxy url s X
Define a proxy for outgoing connections.
MDMember hostname s X
Additional hostname for the managed domain.
MDMembers auto|manual auto s X
Control if the alias domain names are automatically added.
MDMessageCmd path-to-cmd optional-args s X
Handle events for Manage Domains
MDMustStaple on|off off s X
Control if new certificates carry the OCSP Must Staple flag.
MDNotifyCmd path [ args ] s X
Run a program when a Managed Domain is ready.
MDomain dns-name [ other-dns-name... ] [auto|manual] s X
Define list of domain names that belong to one group.
<MDomainSet dns-name [ other-dns-name... ]>...</MDomainSet> s X
Container for directives applied to the same managed domains.
MDPortMap map1 [ map2 ] http:80 https:443 s X
Map external to internal ports for domain ownership verification.
MDPrivateKeys type [ params... ] RSA 2048 s X
Set type and size of the private keys generated.
MDRenewMode always|auto|manual auto s X
Controls if certificates shall be renewed.
MDRenewWindow duration 33% s X
Control when a certificate will be renewed.
MDRequireHttps off|temporary|permanent off s X
Redirects http: traffic to https: for Managed Domains.
MDServerStatus on|off on s X
Control if Managed Domain information is added to server-status.
MDStapleOthers on|off on s X
Enable stapling for certificates not managed by mod_md.
MDStapling on|off off s X
Enable stapling for all or a particular MDomain.
MDStaplingKeepResponse duration 7d s X
Controls when old responses should be removed.
MDStaplingRenewWindow duration 33% s X
Control when the stapling responses will be renewed.
MDStoreDir path md s X
Path on the local file system to store the Managed Domains data.
MDWarnWindow duration 10% s X
Define the time window when you want to be warned about an expiring certificate.
MemcacheConnTTL num[units] 15s sv E
Keepalive time for idle connections
MergeSlashes ON|OFF ON sv C
Controls whether the server merges consecutive slashes in URLs.
MergeTrailers [on|off] off sv C
Determines whether trailers are merged into headers
MetaDir directory .web svdh E
Name of the directory to find CERN-style meta information files
MetaFiles on|off off svdh E
Activates CERN meta-file processing
MetaSuffix suffix .meta svdh E
File name suffix for the file containing CERN-style meta information
MimeMagicFile file-path sv E
Enable MIME-type determination based on file contents using the specified magic file
MinSpareServers number 5 s M
Minimum number of idle child server processes
MinSpareThreads number s M
Minimum number of idle threads available to handle request spikes
MMapFile file-path [file-path] ... s X
Map a list of files into memory at startup time
ModemStandard V.21|V.26bis|V.32|V.34|V.92 d X
Modem standard to simulate
ModMimeUsePathInfo On|Off Off d B
Tells mod_mime to treat path_info components as part of the filename
MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers [Handlers|Filters] NegotiatedOnly svdh B
The types of files that will be included when searching for a matching file with MultiViews
Mutex mechanism [default|mutex-name] ... [OmitPID] default s C
Configures mutex mechanism and lock file directory for all or specified mutexes
NameVirtualHost addr[:port] s C
DEPRECATED: Designates an IP address for name-virtual hosting
NoProxy host [host] ... sv E
Hosts, domains, or networks that will be connected to directly
NWSSLTrustedCerts filename [filename] ... s B
List of additional client certificates
NWSSLUpgradeable [IP-address:]portnumber s B
Allows a connection to be upgraded to an SSL connection upon request
Options [+|-]option [[+|-]option] ... FollowSymlinks svdh C
Configures what features are available in a particular directory
Order ordering Deny,Allow dh E
Controls the default access state and the order in which Allow and Deny are evaluated.
OutputSed sed-command dh X
Sed command for filtering response content
PassEnv env-variable [env-variable] ... svdh B
Passes environment variables from the shell
PidFile filename logs/httpd.pid s M
File where the server records the process ID of the daemon
PrivilegesMode FAST|SECURE|SELECTIVE FAST svd X
Trade off processing speed and efficiency vs security against malicious privileges-aware code.
Protocol protocol sv C
Protocol for a listening socket
ProtocolEcho On|Off Off sv X
Turn the echo server on or off
Protocols protocol ... http/1.1 sv C
Protocols available for a server/virtual host
ProtocolsHonorOrder On|Off On sv C
Determines if order of Protocols determines precedence during negotiation
<Proxy wildcard-url> ...</Proxy> sv E
Container for directives applied to proxied resources
Proxy100Continue Off|On On svd E
Forward 100-continue expectation to the origin server
ProxyAddHeaders Off|On On svd E
Add proxy information in X-Forwarded-* headers
ProxyBadHeader IsError|Ignore|StartBody IsError sv E
Determines how to handle bad header lines in a response
ProxyBlock *|word|host|domain [word|host|domain] ... sv E
Words, hosts, or domains that are banned from being proxied
ProxyDomain Domain sv E
Default domain name for proxied requests
ProxyErrorOverride On|Off Off svd E
Override error pages for proxied content
ProxyExpressDBMFile pathname sv E
Pathname to DBM file.
ProxyExpressDBMType type default sv E
DBM type of file.
ProxyExpressEnable on|off off sv E
Enable the module functionality.
ProxyFCGIBackendType FPM|GENERIC FPM svdh E
Specify the type of backend FastCGI application
ProxyFCGISetEnvIf conditional-expression [!]environment-variable-name [value-expression] svdh E
Allow variables sent to FastCGI servers to be fixed up
ProxyFtpDirCharset character_set ISO-8859-1 svd E
Define the character set for proxied FTP listings
ProxyFtpEscapeWildcards on|off on svd E
Whether wildcards in requested filenames are escaped when sent to the FTP server
ProxyFtpListOnWildcard on|off on svd E
Whether wildcards in requested filenames trigger a file listing
ProxyHCExpr name {ap_expr expression} sv E
Creates a named condition expression to use to determine health of the backend based on its response
ProxyHCTemplate name parameter=setting [...] sv E
Creates a named template for setting various health check parameters
ProxyHCTPsize size 16 s E
Sets the total server-wide size of the threadpool used for the health check workers
ProxyHTMLBufSize bytes 8192 svd B
Sets the buffer size increment for buffering inline scripts and stylesheets.
ProxyHTMLCharsetOut Charset | * svd B
Specify a charset for mod_proxy_html output.
ProxyHTMLDocType HTML|XHTML [Legacy]
OR
ProxyHTMLDocType fpi [SGML|XML]
svd B
Sets an HTML or XHTML document type declaration.
ProxyHTMLEnable On|Off Off svd B
Turns the proxy_html filter on or off.
ProxyHTMLEvents attribute [attribute ...] svd B
Specify attributes to treat as scripting events.
ProxyHTMLExtended On|Off Off svd B
Determines whether to fix links in inline scripts, stylesheets, and scripting events.
ProxyHTMLFixups [lowercase] [dospath] [reset] svd B
Fixes for simple HTML errors.
ProxyHTMLInterp On|Off Off svd B
Enables per-request interpolation of ProxyHTMLURLMap rules.
ProxyHTMLLinks element attribute [attribute2 ...] svd B
Specify HTML elements that have URL attributes to be rewritten.
ProxyHTMLMeta On|Off Off svd B
Turns on or off extra pre-parsing of metadata in HTML <head> sections.
ProxyHTMLStripComments On|Off Off svd B
Determines whether to strip HTML comments.
ProxyHTMLURLMap from-pattern to-pattern [flags] [cond] svd B
Defines a rule to rewrite HTML links
ProxyIOBufferSize bytes 8192 sv E
Determine size of internal data throughput buffer
<ProxyMatch regex> ...</ProxyMatch> sv E
Container for directives applied to regular-expression-matched proxied resources
ProxyMaxForwards number -1 sv E
Maximium number of proxies that a request can be forwarded through
ProxyPass [path] !|url [key=value [key=value ...]] [nocanon] [interpolate] [noquery] svd E
Maps remote servers into the local server URL-space
ProxyPassInherit On|Off On sv E
Inherit ProxyPass directives defined from the main server
ProxyPassInterpolateEnv On|Off Off svd E
Enable Environment Variable interpolation in Reverse Proxy configurations
ProxyPassMatch [regex] !|url [key=value [key=value ...]] svd E
Maps remote servers into the local server URL-space using regular expressions
ProxyPassReverse [path] url [interpolate] svd E
Adjusts the URL in HTTP response headers sent from a reverse proxied server
ProxyPassReverseCookieDomain internal-domain public-domain [interpolate] svd E
Adjusts the Domain string in Set-Cookie headers from a reverse- proxied server
ProxyPassReverseCookiePath internal-path public-path [interpolate] svd E
Adjusts the Path string in Set-Cookie headers from a reverse- proxied server
ProxyPreserveHost On|Off Off svd E
Use incoming Host HTTP request header for proxy request
ProxyReceiveBufferSize bytes 0 sv E
Network buffer size for proxied HTTP and FTP connections
ProxyRemote match remote-server sv E
Remote proxy used to handle certain requests
ProxyRemoteMatch regex remote-server sv E
Remote proxy used to handle requests matched by regular expressions
ProxyRequests On|Off Off sv E
Enables forward (standard) proxy requests
ProxySCGIInternalRedirect On|Off|Headername On svd E
Enable or disable internal redirect responses from the backend
ProxySCGISendfile On|Off|Headername Off svd E
Enable evaluation of X-Sendfile pseudo response header
ProxySet url key=value [key=value ...] svd E
Set various Proxy balancer or member parameters
ProxySourceAddress address sv E
Set local IP address for outgoing proxy connections
ProxyStatus Off|On|Full Off sv E
Show Proxy LoadBalancer status in mod_status
ProxyTimeout seconds sv E
Network timeout for proxied requests
ProxyVia On|Off|Full|Block Off sv E
Information provided in the Via HTTP response header for proxied requests
QualifyRedirectURL On|Off Off svd C
Controls whether the REDIRECT_URL environment variable is fully qualified
ReadmeName filename svdh B
Name of the file that will be inserted at the end of the index listing
ReceiveBufferSize bytes 0 s M
TCP receive buffer size
Redirect [status] [URL-path] URL svdh B
Sends an external redirect asking the client to fetch a different URL
RedirectMatch [status] regex URL svdh B
Sends an external redirect based on a regular expression match of the current URL
RedirectPermanent URL-path URL svdh B
Sends an external permanent redirect asking the client to fetch a different URL
RedirectTemp URL-path URL svdh B
Sends an external temporary redirect asking the client to fetch a different URL
RedisConnPoolTTL num[units] 15s sv E
TTL used for the connection pool with the Redis server(s)
RedisTimeout num[units] 5s sv E
R/W timeout used for the connection with the Redis server(s)
ReflectorHeader inputheader [outputheader] svdh B
Reflect an input header to the output headers
RegexDefaultOptions [none] [+|-]option [[+|-]option] ... DOTALL DOLLAR_ENDON + s C
Allow to configure global/default options for regexes
RegisterHttpMethod method [method [...]] s C
Register non-standard HTTP methods
RemoteIPHeader header-field sv B
Declare the header field which should be parsed for useragent IP addresses
RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ... sv B
Declare client intranet IP addresses trusted to present the RemoteIPHeader value
RemoteIPInternalProxyList filename sv B
Declare client intranet IP addresses trusted to present the RemoteIPHeader value
RemoteIPProxiesHeader HeaderFieldName sv B
Declare the header field which will record all intermediate IP addresses
RemoteIPProxyProtocol On|Off sv B
Enable or disable PROXY protocol handling
RemoteIPProxyProtocolExceptions host|range [host|range] [host|range] sv B
Disable processing of PROXY header for certain hosts or networks
RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ... sv B
Declare client intranet IP addresses trusted to present the RemoteIPHeader value
RemoteIPTrustedProxyList filename sv B
Declare client intranet IP addresses trusted to present the RemoteIPHeader value
RemoveCharset extension [extension] ... vdh B
Removes any character set associations for a set of file extensions
RemoveEncoding extension [extension] ... vdh B
Removes any content encoding associations for a set of file extensions
RemoveHandler extension [extension] ... vdh B
Removes any handler associations for a set of file extensions
RemoveInputFilter extension [extension] ... vdh B
Removes any input filter associations for a set of file extensions
RemoveLanguage extension [extension] ... vdh B
Removes any language associations for a set of file extensions
RemoveOutputFilter extension [extension] ... vdh B
Removes any output filter associations for a set of file extensions
RemoveType extension [extension] ... vdh B
Removes any content type associations for a set of file extensions
RequestHeader add|append|edit|edit*|merge|set|setifempty|unset header [[expr=]value [replacement] [early|env=[!]varname|expr=expression]] svdh E
Configure HTTP request headers
RequestReadTimeout [handshake=timeout[-maxtimeout][,MinRate=rate] [header=timeout[-maxtimeout][,MinRate=rate] [body=timeout[-maxtimeout][,MinRate=rate] handshake=0 header= + sv E
Set timeout values for completing the TLS handshake, receiving the request headers and/or body from client.
Require [not] entity-name [entity-name] ... dh B
Tests whether an authenticated user is authorized by an authorization provider.
<RequireAll> ... </RequireAll> dh B
Enclose a group of authorization directives of which none must fail and at least one must succeed for the enclosing directive to succeed.
<RequireAny> ... </RequireAny> dh B
Enclose a group of authorization directives of which one must succeed for the enclosing directive to succeed.
<RequireNone> ... </RequireNone> dh B
Enclose a group of authorization directives of which none must succeed for the enclosing directive to not fail.
RewriteBase URL-path dh E
Sets the base URL for per-directory rewrites
RewriteCond TestString CondPattern [flags] svdh E
Defines a condition under which rewriting will take place
RewriteEngine on|off off svdh E
Enables or disables runtime rewriting engine
RewriteMap MapName MapType:MapSource [MapTypeOptions] sv E
Defines a mapping function for key-lookup
RewriteOptions Options svdh E
Sets some special options for the rewrite engine
RewriteRule Pattern Substitution [flags] svdh E
Defines rules for the rewriting engine
RLimitCPU seconds|max [seconds|max] svdh C
Limits the CPU consumption of processes launched by Apache httpd children
RLimitMEM bytes|max [bytes|max] svdh C
Limits the memory consumption of processes launched by Apache httpd children
RLimitNPROC number|max [number|max] svdh C
Limits the number of processes that can be launched by processes launched by Apache httpd children
Satisfy Any|All All dh E
Interaction between host-level access control and user authentication
ScoreBoardFile file-path logs/apache_runtime + s M
Location of the file used to store coordination data for the child processes
Script method cgi-script svd B
Activates a CGI script for a particular request method.
ScriptAlias [URL-path] file-path|directory-path svd B
Maps a URL to a filesystem location and designates the target as a CGI script
ScriptAliasMatch regex file-path|directory-path sv B
Maps a URL to a filesystem location using a regular expression and designates the target as a CGI script
ScriptInterpreterSource Registry|Registry-Strict|Script Script svdh C
Technique for locating the interpreter for CGI scripts
ScriptLog file-path sv B
Location of the CGI script error logfile
ScriptLogBuffer bytes 1024 sv B
Maximum amount of PUT or POST requests that will be recorded in the scriptlog
ScriptLogLength bytes 10385760 sv B
Size limit of the CGI script logfile
ScriptSock file-path cgisock s B
The filename prefix of the socket to use for communication with the cgi daemon
SecureListen [IP-address:]portnumber Certificate-Name [MUTUAL] s B
Enables SSL encryption for the specified port
SeeRequestTail On|Off Off s C
Determine if mod_status displays the first 63 characters of a request or the last 63, assuming the request itself is greater than 63 chars.
SendBufferSize bytes 0 s M
TCP buffer size
ServerAdmin email-address|URL sv C
Email address that the server includes in error messages sent to the client
ServerAlias hostname [hostname] ... v C
Alternate names for a host used when matching requests to name-virtual hosts
ServerLimit number s M
Upper limit on configurable number of processes
ServerName [scheme://]domain-name|ip-address[:port] sv C
Hostname and port that the server uses to identify itself
ServerPath URL-path v C
Legacy URL pathname for a name-based virtual host that is accessed by an incompatible browser
ServerRoot directory-path /usr/local/apache s C
Base directory for the server installation
ServerSignature On|Off|EMail Off svdh C
Configures the footer on server-generated documents
ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full s C
Configures the Server HTTP response header
Session On|Off Off svdh E
Enables a session for the current directory or location
SessionCookieName name attributes svdh E
Name and attributes for the RFC2109 cookie storing the session
SessionCookieName2 name attributes svdh E
Name and attributes for the RFC2965 cookie storing the session
SessionCookieRemove On|Off Off svdh E
Control for whether session cookies should be removed from incoming HTTP headers
SessionCryptoCipher name aes256 svdh X
The crypto cipher to be used to encrypt the session
SessionCryptoDriver name [param[=value]] s X
The crypto driver to be used to encrypt the session
SessionCryptoPassphrase secret [ secret ... ] svdh X
The key used to encrypt the session
SessionCryptoPassphraseFile filename svd X
File containing keys used to encrypt the session
SessionDBDCookieName name attributes svdh E
Name and attributes for the RFC2109 cookie storing the session ID
SessionDBDCookieName2 name attributes svdh E
Name and attributes for the RFC2965 cookie storing the session ID
SessionDBDCookieRemove On|Off On svdh E
Control for whether session ID cookies should be removed from incoming HTTP headers
SessionDBDDeleteLabel label deletesession svdh E
The SQL query to use to remove sessions from the database
SessionDBDInsertLabel label insertsession svdh E
The SQL query to use to insert sessions into the database
SessionDBDPerUser On|Off Off svdh E
Enable a per user session
SessionDBDSelectLabel label selectsession svdh E
The SQL query to use to select sessions from the database
SessionDBDUpdateLabel label updatesession svdh E
The SQL query to use to update existing sessions in the database
SessionEnv On|Off Off svdh E
Control whether the contents of the session are written to the HTTP_SESSION environment variable
SessionExclude path svdh E
Define URL prefixes for which a session is ignored
SessionExpiryUpdateInterval interval 0 (always update) svdh E
Define the number of seconds a session's expiry may change without the session being updated
SessionHeader header svdh E
Import session updates from a given HTTP response header
SessionInclude path svdh E
Define URL prefixes for which a session is valid
SessionMaxAge maxage 0 svdh E
Define a maximum age in seconds for a session
SetEnv env-variable [value] svdh B
Sets environment variables
SetEnvIf attribute regex [!]env-variable[=value] [[!]env-variable[=value]] ... svdh B
Sets environment variables based on attributes of the request
SetEnvIfExpr expr [!]env-variable[=value] [[!]env-variable[=value]] ... svdh B
Sets environment variables based on an ap_expr expression
SetEnvIfNoCase attribute regex [!]env-variable[=value] [[!]env-variable[=value]] ... svdh B
Sets environment variables based on attributes of the request without respect to case
SetHandler handler-name|none|expression svdh C
Forces all matching files to be processed by a handler
SetInputFilter filter[;filter...] svdh C
Sets the filters that will process client requests and POST input
SetOutputFilter filter[;filter...] svdh C
Sets the filters that will process responses from the server
SSIEndTag tag "-->" sv B
String that ends an include element
SSIErrorMsg message "[an error occurred + svdh B
Error message displayed when there is an SSI error
SSIETag on|off off dh B
Controls whether ETags are generated by the server.
SSILastModified on|off off dh B
Controls whether Last-Modified headers are generated by the server.
SSILegacyExprParser on|off off dh B
Enable compatibility mode for conditional expressions.
SSIStartTag tag "<!--#" sv B
String that starts an include element
SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M + svdh B
Configures the format in which date strings are displayed
SSIUndefinedEcho string "(none)" svdh B
String displayed when an unset variable is echoed
SSLCACertificateFile file-path sv E
File of concatenated PEM-encoded CA Certificates for Client Auth
SSLCACertificatePath directory-path sv E
Directory of PEM-encoded CA Certificates for Client Auth
SSLCADNRequestFile file-path sv E
File of concatenated PEM-encoded CA Certificates for defining acceptable CA names
SSLCADNRequestPath directory-path sv E
Directory of PEM-encoded CA Certificates for defining acceptable CA names
SSLCARevocationCheck chain|leaf|none [flags ...] none sv E
Enable CRL-based revocation checking
SSLCARevocationFile file-path sv E
File of concatenated PEM-encoded CA CRLs for Client Auth
SSLCARevocationPath directory-path sv E
Directory of PEM-encoded CA CRLs for Client Auth
SSLCertificateChainFile file-path sv E
File of PEM-encoded Server CA Certificates
SSLCertificateFile file-path|certid sv E
Server PEM-encoded X.509 certificate data file or token identifier
SSLCertificateKeyFile file-path|keyid sv E
Server PEM-encoded private key file
SSLCipherSuite [protocol] cipher-spec DEFAULT (depends on + svdh E
Cipher Suite available for negotiation in SSL handshake
SSLCompression on|off off sv E
Enable compression on the SSL level
SSLCryptoDevice engine builtin s E
Enable use of a cryptographic hardware accelerator
SSLEngine on|off|optional off sv E
SSL Engine Operation Switch
SSLFIPS on|off off s E
SSL FIPS mode Switch
SSLHonorCipherOrder on|off off sv E
Option to prefer the server's cipher preference order
SSLInsecureRenegotiation on|off off sv E
Option to enable support for insecure renegotiation
SSLOCSPDefaultResponder uri sv E
Set the default responder URI for OCSP validation
SSLOCSPEnable on|leaf|off off sv E
Enable OCSP validation of the client certificate chain
SSLOCSPNoverify On/Off Off sv E
skip the OCSP responder certificates verification
SSLOCSPOverrideResponder on|off off sv E
Force use of the default responder URI for OCSP validation
SSLOCSPProxyURL url sv E
Proxy URL to use for OCSP requests
SSLOCSPResponderCertificateFile file sv E
Set of trusted PEM encoded OCSP responder certificates
SSLOCSPResponderTimeout seconds 10 sv E
Timeout for OCSP queries
SSLOCSPResponseMaxAge seconds -1 sv E
Maximum allowable age for OCSP responses
SSLOCSPResponseTimeSkew seconds 300 sv E
Maximum allowable time skew for OCSP response validation
SSLOCSPUseRequestNonce on|off on sv E
Use a nonce within OCSP queries
SSLOpenSSLConfCmd command-name command-value sv E
Configure OpenSSL parameters through its SSL_CONF API
SSLOptions [+|-]option ... svdh E
Configure various SSL engine run-time options
SSLPassPhraseDialog type builtin s E
Type of pass phrase dialog for encrypted private keys
SSLProtocol [+|-]protocol ... all -SSLv3 (up to 2 + sv E
Configure usable SSL/TLS protocol versions
SSLProxyCACertificateFile file-path svp E
File of concatenated PEM-encoded CA Certificates for Remote Server Auth
SSLProxyCACertificatePath directory-path svp E
Directory of PEM-encoded CA Certificates for Remote Server Auth
SSLProxyCARevocationCheck chain|leaf|none none svp E
Enable CRL-based revocation checking for Remote Server Auth
SSLProxyCARevocationFile file-path svp E
File of concatenated PEM-encoded CA CRLs for Remote Server Auth