You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by pa...@co-operativebank.co.uk on 2004/03/03 14:40:17 UTC
[users@httpd] Re:RE: [users@httpd] Directive explanations
Before acting on this e-mail or opening any attachment, you are advised to read the disclaimer at the end of this mail.
Hi,
Thanks to everyone for the previous responses, they have been really helpful.
The links have pointed me to lots of useful information.
I have some more questions, that hopefully someone can help with. The
environment is iSeries (AS400), Apache 2.0.
Q1) I read in an IBM Redbook to always specify:
AllowOverride None
to prevent directives being overridden by .htaccess files placed in the
directories.
The above directive is not in the config file generated by the GUI. The only
Directory entries I have are:
<Directory />
Order Deny,Allow
Deny From all
</Directory>
<Directory /www/mqserver1/htdocs>
Order Allow,Deny
Allow From all
</Directory>
Would this AllowOverride possibly be done by default or should it be added in? I
wont be using .htaccess files.
Q2) I have 2 http servers, one listening on port 1426, the other on 1427. I have
the following ProxyPass directive in the first server:
Listen 1426
ProxyPass /mq/ http://server1:1427
where server1 is the hostname of my machine.
when I enter
http://server1:1426/mq/
It correctly redirects the request from the first server to the second server,
http://server1:1427, and the index.html page is shown for this second http
server.
Does this mean any requests on 1416 with /mq/ in the address will redirect to
the second server?
When I enter:
http://server1:1426/mq/page3.html, I get "Bad Request - Proxy Load Failed"
(I have a page3.html in the mq directory on the first server and in the document
root directory on the second server.)
When I enter:
http://server1:1426/mq
I get:
Server: Microsoft-IIS/4.0
Date: Wed, 03 Mar 2004 12:41:11 GMT
Im not sure why!
Q3) I added the following directive:
LogMaint logs/error_log 5 0
which I believe deletes error logs older than 5 days. I stopped and started the
server but there are still error logs older than 5 days! When does it delete the
logs?
Q4) Are there any recommended guidelines/practices for the config files? The web
sites I am building are for use within an Intranet with a low volume of users.
Thanks in advance,
Pat
____________________Reply Separator____________________
Subject: RE: [users@httpd] Directive explanations
Author: "Blane Warrene" <Bl...@acc-corp.net>
Date: 27/02/2004 10:39
I did not want to self-promote on the list via links to my articles -
however, I just wrote an article on logging in Apache that may be
helpful:
Q1
http://www.sitepoint.com/article/configuring-web-logs-apache
Q2
You can administer web logs via a web log analysis tool - there are
several - the key is either finding one that runs on your OS or insuring
the web logs get dropped onto a server/box accessible to the log
analysis tool. There are several open source ones you can use to test
with. Example here is with Webalizer:
http://www.practicalapplications.net/linux/archives/000023.html
Q3
Those are environment variables that pre-address known issues. You can
also use them to prevent items from being logged (like your own IP or
the robots.txt file - which may skew your stats in the logs - see below
and also article on Apache site on env var in httpd.conf
Example - Conditional Logging
(You will need to modify the IP address to a real one for this to work -
i.e. either your machine IP address if using static IP or that of your
proxy server/router if proxying Internet access from your local
network.)
# Prevent entries from my host address
SetEnvIf Remote_Addr "10\.0\.0\.1" dontlog
# Prevent entries for the favicon.ico file
SetEnvIf Request_URI "^/favicon\.ico$" dontlog
# Log what remains
CustomLog logs/web.log combined env=!dontlog
Additionally, you could additionally prevent requests for the robots.txt
file from being logged as well.
# Prevent entries for robots.txt
SetEnvIf Request_URI "^/robots\.txt$" dontlog
NOTE: Remember to change the log type to that which you prefer, i.e. I
use the combined log format instead of common. See your httpd.conf file
for your current log format type. Also restart Apache when done
Article on EnvVar --> http://httpd.apache.org/docs-2.0/env.html
Q4
See the section entitled Protect Server Files by Default here -->
http://httpd.apache.org/docs-2.0/misc/security_tips.html
Hope this is helpful
---
Blane
-----Original Message-----
From: patrick.odowd@co-operativebank.co.uk
[mailto:patrick.odowd@co-operativebank.co.uk]
Sent: Friday, February 27, 2004 9:51 AM
To: users@httpd.apache.org
Subject: [users@httpd] Directive explanations
Before acting on this e-mail or opening any attachment, you are advised
to read the disclaimer at the end of this mail.
Hi,
I am using Apache on the iSeries (AS400), there is a GUI that generates
the httpd.conf file. I am trying to get a better understanding of what
the Apache directives mean and how they work in the generated httpd.conf
file. I have found some directive explanations on the Apache site, I am
wondering if there are any recommended websites/books?
Some of the questions I have are:
Q1. What are these LogFormat directives and what are the various
parameters here e.g. %h, %>s, {Referer} etc.
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""
combined
LogFormat "%{Cookie}n \"%r\" %t" cookie
LogFormat "%{User-agent}i" agent
LogFormat "%{Referer}i -> %U" referer
LogFormat "%h %l %u %t \"%r\" %>s %b" common
Q2. Where can I get the details on what goes into the access_log created
by this CustomLog directive? I can see there is loads of useful info in
the logs. There are error_log files created also.
CustomLog logs/access_log combined
How are these logs normally administered? Are there programs that look
through these logs and sent alerts based on the content etc..?
Q3. What do these directives do?
SetEnvIf "User-Agent" "Mozilla/2" nokeepalive SetEnvIf "User-Agent"
"JDK/1\.0" force-response-1.0 SetEnvIf "User-Agent" "Java/1\.0"
force-response-1.0 SetEnvIf "User-Agent" "RealPlayer 4\.0"
force-response-1.0 SetEnvIf "User-Agent" "MSIE 4\.0b2;" nokeepalive
SetEnvIf "User-Agent" "MSIE 4\.0b2;" force-response-1.0
Q4. I read the following protects the server:
<Directory />
Order Deny,Allow
Deny From all
</Directory>
I read that the Order statement says Allow all access to the Server Root
directory by default. Then the Deny seems to say, override the Allow and
Deny all users access to the Server Root directory? How do Order and
Deny/Allow work?
Do the directories below the Server Root inherit from the Server Root?
There is a further <Directory> tag that sets Allow From all for the
Document Root directory.
Thanks in advance,
Pat
**********************************************************************
This e-mail is intended solely for the addressee and is strictly
confidential. If you are not the addressee, please do not read, print,
re-transmit, store or act in reliance on it or any attachments. Instead
please e-mail it back to the sender and delete the message from your
computer.
E-mail transmission cannot be guaranteed to be secure or error free and
The Co-operative Bank accepts no liability for changes made to this
e-mail (and any attachments) after it was sent or for viruses arising as
a result of this e-mail transmission.
Any unauthorised reproduction, dissemination, copying, disclosure,
modification, distribution and/or publication of this e-mail message is
strictly prohibited.
The Co-operative Bank reserves the right to intercept any e - mails or
other communication for permitted purposes in accordance with the
current legislation which you send to, or receive from, any of the
employees or agents of the Bank via Bank telecommunication systems. By
so corresponding you also give your consent to the Bank monitoring and
recording of any correspondence using these systems.
The Co-operative Bank p.l.c. is registered in England and Wales, number
990937. The registered office is at PO Box 101, 1, Balloon Street,
Manchester, M60 4EP.
**********************************************************************
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server
Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org