<-
Apache > HTTP Server > Documentation > Version 2.4 > Modules

Directive Quick Reference

Available Languages:  de  |  en  |  es  |  fr  |  ja  |  ko  |  tr  |  zh-cn 

The directive quick reference shows the usage, default, status, and context of each Apache configuration directive. For more information about each of these, see the Directive Dictionary.

The first column gives the directive name and usage. The second column shows the default value of the directive, if a default exists. If the default is too large to display, it will be truncated and followed by "+".

The third and fourth columns list the contexts where the directive is allowed and the status of the directive according to the legend tables below.

 A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X 
sserver config
vvirtual host
ddirectory
h.htaccess
pproxy section
CCore
MMPM
BBase
EExtension
XExperimental
TExternal
AcceptFilter protocol accept_filtersC
Configures optimizations for a Protocol's Listener Sockets
AcceptPathInfo On|Off|Default Default svdhC
Resources accept trailing pathname information
AccessFileName filename [filename] ... .htaccess svC
Name of the distributed configuration file
Action action-type cgi-script [virtual]svdhB
Activates a CGI script for a particular handler or content-type
AddAlt string file [file] ...svdhB
Alternate text to display for a file, instead of an icon selected by filename
AddAltByEncoding string MIME-encoding [MIME-encoding] ...svdhB
Alternate text to display for a file instead of an icon selected by MIME-encoding
AddAltByType string MIME-type [MIME-type] ...svdhB
Alternate text to display for a file, instead of an icon selected by MIME content-type
AddCharset charset extension [extension] ...svdhB
Maps the given filename extensions to the specified content charset
AddDefaultCharset On|Off|charset Off svdhC
Default charset parameter to be added when a response content-type is text/plain or text/html
AddDescription string file [file] ...svdhB
Description to display for a file
AddEncoding encoding extension [extension] ...svdhB
Maps the given filename extensions to the specified encoding type
AddHandler handler-name extension [extension] ...svdhB
Maps the filename extensions to the specified handler
AddIcon icon name [name] ...svdhB
Icon to display for a file selected by name
AddIconByEncoding icon MIME-encoding [MIME-encoding] ...svdhB
Icon to display next to files selected by MIME content-encoding
AddIconByType icon MIME-type [MIME-type] ...svdhB
Icon to display next to files selected by MIME content-type
AddInputFilter filter[;filter...] extension [extension] ...svdhB
Maps filename extensions to the filters that will process client requests
AddLanguage language-tag extension [extension] ...svdhB
Maps the given filename extension to the specified content language
AddModuleInfo module-name stringsvE
Adds additional information to the module information displayed by the server-info handler
AddOutputFilter filter[;filter...] extension [extension] ...svdhB
Maps filename extensions to the filters that will process responses from the server
AddOutputFilterByType filter[;filter...] media-type [media-type] ...svdhB
assigns an output filter to a particular media-type
AddType media-type extension [extension] ...svdhB
Maps the given filename extensions onto the specified content type
Alias [URL-path] file-path|directory-pathsvdB
Maps URLs to filesystem locations
AliasMatch regex file-path|directory-pathsvB
Maps URLs to filesystem locations using regular expressions
Allow from all|host|env=[!]env-variable [host|env=[!]env-variable] ...dhE
Controls which hosts can access an area of the server
AllowCONNECT port[-port] [port[-port]] ... 443 563 svE
Ports that are allowed to CONNECT through the proxy
AllowEncodedSlashes On|Off|NoDecode Off svC
Determines whether encoded path separators in URLs are allowed to be passed through
AllowMethods reset|HTTP-method [HTTP-method]... reset dX
Restrict access to the listed HTTP methods
AllowOverride All|None|directive-type [directive-type] ... None (2.3.9 and lat +dC
Types of directives that are allowed in .htaccess files
AllowOverrideList None|directive [directive-type] ... None dC
Individual directives that are allowed in .htaccess files
Anonymous user [user] ...dhE
Specifies userIDs that are allowed access without password verification
Anonymous_LogEmail On|Off On dhE
Sets whether the password entered will be logged in the error log
Anonymous_MustGiveEmail On|Off On dhE
Specifies whether blank passwords are allowed
Anonymous_NoUserID On|Off Off dhE
Sets whether the userID field may be empty
Anonymous_VerifyEmail On|Off Off dhE
Sets whether to check the password field for a correctly formatted email address
AsyncRequestWorkerFactor factorsM
Limit concurrent connections per process
AuthBasicAuthoritative On|Off On dhB
Sets whether authorization and authentication are passed to lower level modules
AuthBasicFake off|username [password]dhB
Fake basic authentication using the given expressions for username and password
AuthBasicProvider provider-name [provider-name] ... file dhB
Sets the authentication provider(s) for this location
AuthBasicUseDigestAlgorithm MD5|Off Off dhB
Check passwords against the authentication providers as if Digest Authentication was in force instead of Basic Authentication.
AuthDBDUserPWQuery querydE
SQL query to look up a password for a user
AuthDBDUserRealmQuery querydE
SQL query to look up a password hash for a user and realm.
AuthDBMGroupFile file-pathdhE
Sets the name of the database file containing the list of user groups for authorization
AuthDBMType default|SDBM|GDBM|NDBM|DB default dhE
Sets the type of database file that is used to store passwords
AuthDBMUserFile file-pathdhE
Sets the name of a database file containing the list of users and passwords for authentication
AuthDigestAlgorithm MD5|MD5-sess MD5 dhE
Selects the algorithm used to calculate the challenge and response hashes in digest authentication
AuthDigestDomain URI [URI] ...dhE
URIs that are in the same protection space for digest authentication
AuthDigestNonceLifetime seconds 300 dhE
How long the server nonce is valid
AuthDigestProvider provider-name [provider-name] ... file dhE
Sets the authentication provider(s) for this location
AuthDigestQop none|auth|auth-int [auth|auth-int] auth dhE
Determines the quality-of-protection to use in digest authentication
AuthDigestShmemSize size 1000 sE
The amount of shared memory to allocate for keeping track of clients
AuthFormAuthoritative On|Off On dhB
Sets whether authorization and authentication are passed to lower level modules
AuthFormBody fieldnamedB
The name of a form field carrying the body of the request to attempt on successful login
AuthFormDisableNoStore On|Off Off dB
Disable the CacheControl no-store header on the login page
AuthFormFakeBasicAuth On|Off Off dB
Fake a Basic Authentication header
AuthFormLocation fieldnamedB
The name of a form field carrying a URL to redirect to on successful login
AuthFormLoginRequiredLocation urldB
The URL of the page to be redirected to should login be required
AuthFormLoginSuccessLocation urldB
The URL of the page to be redirected to should login be successful
AuthFormLogoutLocation uridB
The URL to redirect to after a user has logged out
AuthFormMethod fieldnamedB
The name of a form field carrying the method of the request to attempt on successful login
AuthFormMimetype fieldnamedB
The name of a form field carrying the mimetype of the body of the request to attempt on successful login
AuthFormPassword fieldnamedB
The name of a form field carrying the login password
AuthFormProvider provider-name [provider-name] ... file dhB
Sets the authentication provider(s) for this location
AuthFormSitePassphrase secretdB
Bypass authentication checks for high traffic sites
AuthFormSize sizedB
The largest size of the form in bytes that will be parsed for the login details
AuthFormUsername fieldnamedB
The name of a form field carrying the login username
AuthGroupFile file-pathdhB
Sets the name of a text file containing the list of user groups for authorization
AuthLDAPAuthorizePrefix prefix AUTHORIZE_ dhE
Specifies the prefix for environment variables set during authorization
AuthLDAPBindAuthoritative off|on on dhE
Determines if other authentication providers are used when a user can be mapped to a DN but the server cannot successfully bind with the user's credentials.
AuthLDAPBindDN distinguished-namedhE
Optional DN to use in binding to the LDAP server
AuthLDAPBindPassword passworddhE
Password used in conjunction with the bind DN
AuthLDAPCharsetConfig file-pathsE
Language to charset conversion configuration file
AuthLDAPCompareAsUser on|off off dhE
Use the authenticated user's credentials to perform authorization comparisons
AuthLDAPCompareDNOnServer on|off on dhE
Use the LDAP server to compare the DNs
AuthLDAPDereferenceAliases never|searching|finding|always always dhE
When will the module de-reference aliases
AuthLDAPGroupAttribute attribute member uniquemember +dhE
LDAP attributes used to identify the user members of groups.
AuthLDAPGroupAttributeIsDN on|off on dhE
Use the DN of the client username when checking for group membership
AuthLDAPInitialBindAsUser off|on off dhE
Determines if the server does the initial DN lookup using the basic authentication users' own username, instead of anonymously or with hard-coded credentials for the server
AuthLDAPInitialBindPattern regex substitution (.*) $1 (remote use +dhE
Specifies the transformation of the basic authentication username to be used when binding to the LDAP server to perform a DN lookup
AuthLDAPMaxSubGroupDepth Number 10 dhE
Specifies the maximum sub-group nesting depth that will be evaluated before the user search is discontinued.
AuthLDAPRemoteUserAttribute uiddhE
Use the value of the attribute returned during the user query to set the REMOTE_USER environment variable
AuthLDAPRemoteUserIsDN on|off off dhE
Use the DN of the client username to set the REMOTE_USER environment variable
AuthLDAPSearchAsUser on|off off dhE
Use the authenticated user's credentials to perform authorization searches
AuthLDAPSubGroupAttribute attributedhE
Specifies the attribute labels, one value per directive line, used to distinguish the members of the current group that are groups.
AuthLDAPSubGroupClass LdapObjectClass groupOfNames groupO +dhE
Specifies which LDAP objectClass values identify directory objects that are groups during sub-group processing.
AuthLDAPUrl url [NONE|SSL|TLS|STARTTLS]dhE
URL specifying the LDAP search parameters
AuthMerging Off | And | Or Off dhB
Controls the manner in which each configuration section's authorization logic is combined with that of preceding configuration sections.
AuthName auth-domaindhB
Authorization realm for use in HTTP authentication
AuthnCacheContext directory|server|custom-stringdB
Specify a context string for use in the cache key
AuthnCacheEnablesB
Enable Authn caching configured anywhere
AuthnCacheProvideFor authn-provider [...]dhB
Specify which authn provider(s) to cache for
AuthnCacheSOCache provider-name[:provider-args]sB
Select socache backend provider to use
AuthnCacheTimeout timeout (seconds)dhB
Set a timeout for cache entries
<AuthnProviderAlias baseProvider Alias> ... </AuthnProviderAlias>sB
Enclose a group of directives that represent an extension of a base authentication provider and referenced by the specified alias
AuthnzFcgiCheckAuthnProvider provider-name|None option ...dE
Enables a FastCGI application to handle the check_authn authentication hook.
AuthnzFcgiDefineProvider type provider-name backend-addresssE
Defines a FastCGI application as a provider for authentication and/or authorization
AuthType None|Basic|Digest|FormdhB
Type of user authentication
AuthUserFile file-pathdhB
Sets the name of a text file containing the list of users and passwords for authentication
AuthzDBDLoginToReferer On|Off Off dE
Determines whether to redirect the Client to the Referring page on successful login or logout if a Referer request header is present
AuthzDBDQuery querydE
Specify the SQL Query for the required operation
AuthzDBDRedirectQuery querydE
Specify a query to look up a login page for the user
AuthzDBMType default|SDBM|GDBM|NDBM|DB default dhE
Sets the type of database file that is used to store list of user groups
<AuthzProviderAlias baseProvider Alias Require-Parameters> ... </AuthzProviderAlias> sB
Enclose a group of directives that represent an extension of a base authorization provider and referenced by the specified alias
AuthzSendForbiddenOnFailure On|Off Off dhB
Send '403 FORBIDDEN' instead of '401 UNAUTHORIZED' if authentication succeeds but authorization fails
BalancerGrowth # 5 svE
Number of additional Balancers that can be added Post-configuration
BalancerInherit On|Off On svE
Inherit ProxyPassed Balancers/Workers from the main server
BalancerMember [balancerurl] url [key=value [key=value ...]]dE
Add a member to a load balancing group
BalancerPersist On|Off Off svE
Attempt to persist changes made by the Balancer Manager across restarts.
BrotliAlterETag AddSuffix|NoChange|Remove AddSuffix svE
How the outgoing ETag header should be modified during compression
BrotliCompressionMaxInputBlock valuesvE
Maximum input block size
BrotliCompressionQuality value 5 svE
Compression quality
BrotliCompressionWindow value 18 svE
Brotli sliding compression window size
BrotliFilterNote [type] notenamesvE
Places the compression ratio in a note for logging
BrowserMatch regex [!]env-variable[=value] [[!]env-variable[=value]] ...svdhB
Sets environment variables conditional on HTTP User-Agent
BrowserMatchNoCase regex [!]env-variable[=value] [[!]env-variable[=value]] ...svdhB
Sets environment variables conditional on User-Agent without respect to case
BufferedLogs On|Off Off sB
Buffer log entries in memory before writing to disk
BufferSize integer 131072 svdhE
Maximum size in bytes to buffer by the buffer filter
CacheDefaultExpire seconds 3600 (one hour) svdhE
The default duration to cache a document when no expiry date is specified.
CacheDetailHeader on|off off svdhE
Add an X-Cache-Detail header to the response.
CacheDirLength length 2 svE
The number of characters in subdirectory names
CacheDirLevels levels 2 svE
The number of levels of subdirectories in the cache.
CacheDisable url-string | onsvdhE
Disable caching of specified URLs
CacheEnable cache_type [url-string]svdE
Enable caching of specified URLs using a specified storage manager
CacheFile file-path [file-path] ...sX
Cache a list of file handles at startup time
CacheHeader on|off off svdhE
Add an X-Cache header to the response.
CacheIgnoreCacheControl On|Off Off svE
Ignore request to not serve cached content to client
CacheIgnoreHeaders header-string [header-string] ... None svE
Do not store the given HTTP header(s) in the cache.
CacheIgnoreNoLastMod On|Off Off svdhE
Ignore the fact that a response has no Last Modified header.
CacheIgnoreQueryString On|Off Off svE
Ignore query string when caching
CacheIgnoreURLSessionIdentifiers identifier [identifier] ... None svE
Ignore defined session identifiers encoded in the URL when caching
CacheKeyBaseURL URL http://example.com svE
Override the base URL of reverse proxied cache keys.
CacheLastModifiedFactor float 0.1 svdhE
The factor used to compute an expiry date based on the LastModified date.
CacheLock on|off off svE
Enable the thundering herd lock.
CacheLockMaxAge integer 5 svE
Set the maximum possible age of a cache lock.
CacheLockPath directory /tmp/mod_cache-lock +svE
Set the lock path directory.
CacheMaxExpire seconds 86400 (one day) svdhE
The maximum time in seconds to cache a document
CacheMaxFileSize bytes 1000000 svdhE
The maximum size (in bytes) of a document to be placed in the cache
CacheMinExpire seconds 0 svdhE
The minimum time in seconds to cache a document
CacheMinFileSize bytes 1 svdhE
The minimum size (in bytes) of a document to be placed in the cache
CacheNegotiatedDocs On|Off Off svB
Allows content-negotiated documents to be cached by proxy servers
CacheQuickHandler on|off on svE
Run the cache from the quick handler.
CacheReadSize bytes 0 svdhE
The minimum size (in bytes) of the document to read and be cached before sending the data downstream
CacheReadTime milliseconds 0 svdhE
The minimum time (in milliseconds) that should elapse while reading before data is sent downstream
CacheRoot directorysvE
The directory root under which cache files are stored
CacheSocache type[:args]svE
The shared object cache implementation to use
CacheSocacheMaxSize bytes 102400 svdhE
The maximum size (in bytes) of an entry to be placed in the cache
CacheSocacheMaxTime seconds 86400 svdhE
The maximum time (in seconds) for a document to be placed in the cache
CacheSocacheMinTime seconds 600 svdhE
The minimum time (in seconds) for a document to be placed in the cache
CacheSocacheReadSize bytes 0 svdhE
The minimum size (in bytes) of the document to read and be cached before sending the data downstream
CacheSocacheReadTime milliseconds 0 svdhE
The minimum time (in milliseconds) that should elapse while reading before data is sent downstream
CacheStaleOnError on|off on svdhE
Serve stale content in place of 5xx responses.
CacheStoreExpired On|Off Off svdhE
Attempt to cache responses that the server reports as expired
CacheStoreNoStore On|Off Off svdhE
Attempt to cache requests or responses that have been marked as no-store.
CacheStorePrivate On|Off Off svdhE
Attempt to cache responses that the server has marked as private
CGIDScriptTimeout time[s|ms]svdhB
The length of time to wait for more output from the CGI program
CGIMapExtension cgi-path .extensiondhC
Technique for locating the interpreter for CGI scripts
CGIPassAuth On|Off Off dhC
Enables passing HTTP authorization headers to scripts as CGI variables
CGIVar variable ruledhC
Controls how some CGI variables are set
CharsetDefault charsetsvdhE
Charset to translate into
CharsetOptions option [option] ... ImplicitAdd svdhE
Configures charset translation behavior
CharsetSourceEnc charsetsvdhE
Source charset of files
CheckCaseOnly on|off Off svdhE
Limits the action of the speling module to case corrections
CheckSpelling on|off Off svdhE
Enables the spelling module
ChrootDir /path/to/directorysB
Directory for apache to run chroot(8) after startup.
ContentDigest On|Off Off svdhC
Enables the generation of Content-MD5 HTTP Response headers
CookieDomain domainsvdhE
The domain to which the tracking cookie applies
CookieExpires expiry-periodsvdhE
Expiry time for the tracking cookie
CookieName token Apache svdhE
Name of the tracking cookie
CookieStyle Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape svdhE
Format of the cookie header field
CookieTracking on|off off svdhE
Enables tracking cookie
CoreDumpDirectory directorysM
Directory where Apache HTTP Server attempts to switch before dumping core
CustomLog file|pipe format|nickname [env=[!]environment-variable| expr=expression]svB
Sets filename and format of log file
Dav On|Off|provider-name Off dE
Enable WebDAV HTTP methods
DavDepthInfinity on|off off svdE
Allow PROPFIND, Depth: Infinity requests
DavGenericLockDB file-pathsvdE
Location of the DAV lock database
DavLockDB file-pathsvE
Location of the DAV lock database
DavMinTimeout seconds 0 svdE
Minimum amount of time the server holds a lock on a DAV resource
DBDExptime time-in-seconds 300 svE
Keepalive time for idle connections
DBDInitSQL "SQL statement"svE
Execute an SQL statement after connecting to a database
DBDKeep number 2 svE
Maximum sustained number of connections
DBDMax number 10 svE
Maximum number of connections
DBDMin number 1 svE
Minimum number of connections
DBDParams param1=value1[,param2=value2]svE
Parameters for database connection
DBDPersist On|OffsvE
Whether to use persistent connections
DBDPrepareSQL "SQL statement" labelsvE
Define an SQL prepared statement
DBDriver namesvE
Specify an SQL driver
DefaultIcon url-pathsvdhB
Icon to display for files when no specific icon is configured
DefaultLanguage language-tagsvdhB
Defines a default language-tag to be sent in the Content-Language header field for all resources in the current context that have not been assigned a language-tag by some other means.
DefaultRuntimeDir directory-path DEFAULT_REL_RUNTIME +sC
Base directory for the server run-time files
DefaultType media-type|none none svdhC
This directive has no effect other than to emit warnings if the value is not none. In prior versions, DefaultType would specify a default media type to assign to response content for which no other media type configuration could be found.
Define parameter-name [parameter-value]svdC
Define a variable
DeflateBufferSize value 8096 svE
Fragment size to be compressed at one time by zlib
DeflateCompressionLevel valuesvE
How much compression do we apply to the output
DeflateFilterNote [type] notenamesvE
Places the compression ratio in a note for logging
DeflateInflateLimitRequestBodyvaluesvdhE
Maximum size of inflated request bodies
DeflateInflateRatioBurst valuesvdhE
Maximum number of times the inflation ratio for request bodies can be crossed
DeflateInflateRatioLimit valuesvdhE
Maximum inflation ratio for request bodies
DeflateMemLevel value 9 svE
How much memory should be used by zlib for compression
DeflateWindowSize value 15 svE
Zlib compression window size
Deny from all|host|env=[!]env-variable [host|env=[!]env-variable] ...dhE
Controls which hosts are denied access to the server
<Directory directory-path> ... </Directory>svC
Enclose a group of directives that apply only to the named file-system directory, sub-directories, and their contents.
DirectoryCheckHandler On|Off Off svdhB
Toggle how this module responds when another handler is configured
DirectoryIndex disabled | local-url [local-url] ... index.html svdhB
List of resources to look for when the client requests a directory
DirectoryIndexRedirect on | off | permanent | temp | seeother | 3xx-code off svdhB
Configures an external redirect for directory indexes.
<DirectoryMatch regex> ... </DirectoryMatch>svC
Enclose directives that apply to the contents of file-system directories matching a regular expression.
DirectorySlash On|Off On svdhB
Toggle trailing slash redirects on or off
DocumentRoot directory-path "/usr/local/apache/ +svC
Directory that forms the main document tree visible from the web
DTracePrivileges On|Off Off sX
Determines whether the privileges required by dtrace are enabled.
DumpIOInput On|Off Off sE
Dump all input data to the error log
DumpIOOutput On|Off Off sE
Dump all output data to the error log
<Else> ... </Else>svdhC
Contains directives that apply only if the condition of a previous <If> or <ElseIf> section is not satisfied by a request at runtime
<ElseIf expression> ... </ElseIf>svdhC
Contains directives that apply only if a condition is satisfied by a request at runtime while the condition of a previous <If> or <ElseIf> section is not satisfied
EnableExceptionHook On|Off Off sM
Enables a hook that runs exception handlers after a crash
EnableMMAP On|Off On svdhC
Use memory-mapping to read files during delivery
EnableSendfile On|Off Off svdhC
Use the kernel sendfile support to deliver files to the client
Error messagesvdhC
Abort configuration parsing with a custom error message
ErrorDocument error-code documentsvdhC
What the server will return to the client in case of an error
ErrorLog file-path|syslog[:[facility][:tag]] logs/error_log (Uni +svC
Location where the server will log errors
ErrorLogFormat [connection|request] formatsvC
Format specification for error log entries
ExamplesvdhX
Demonstration directive to illustrate the Apache module API
ExpiresActive On|Off Off svdhE
Enables generation of Expires headers
ExpiresByType MIME-type <code>secondssvdhE
Value of the Expires header configured by MIME type
ExpiresDefault <code>secondssvdhE
Default algorithm for calculating expiration time
ExtendedStatus On|Off Off[*] sC
Keep track of extended status information for each request
ExtFilterDefine filtername parameterssE
Define an external filter
ExtFilterOptions option [option] ... NoLogStderr dE
Configure mod_ext_filter options
FallbackResource disabled | local-urlsvdhB
Define a default URL for requests that don't map to a file
FileETag component ... MTime Size svdhC
File attributes used to create the ETag HTTP response header for static files
<Files filename> ... </Files>svdhC
Contains directives that apply to matched filenames
<FilesMatch regex> ... </FilesMatch>svdhC
Contains directives that apply to regular-expression matched filenames
FilterChain [+=-@!]filter-name ...svdhB
Configure the filter chain
FilterDeclare filter-name [type]svdhB
Declare a smart filter
FilterProtocol filter-name [provider-name] proto-flagssvdhB
Deal with correct HTTP protocol handling
FilterProvider filter-name provider-name expressionsvdhB
Register a content filter
FilterTrace filter-name levelsvdB
Get debug/diagnostic information from mod_filter
ForceLanguagePriority None|Prefer|Fallback [Prefer|Fallback] Prefer svdhB
Action to take if a single acceptable document is not found
ForceType media-type|NonedhC
Forces all matching files to be served with the specified media type in the HTTP Content-Type header field
ForensicLog filename|pipesvE
Sets filename of the forensic log
GlobalLogfile|pipe format|nickname [env=[!]environment-variable| expr=expression]sB
Sets filename and format of log file
GprofDir /tmp/gprof/|/tmp/gprof/%svC
Directory to write gmon.out profiling data to.
GracefulShutdownTimeout seconds 0 sM
Specify a timeout after which a gracefully shutdown server will exit.
Group unix-group #-1 sB
Group under which the server will answer requests
H2CopyFiles on|off off svdhE
Determine file handling in responses
H2Direct on|off on for h2c, off for +svE
H2 Direct Protocol Switch
H2EarlyHints on|off off svE
Determine sending of 103 status codes
H2MaxSessionStreams n 100 svE
Maximum number of active streams per HTTP/2 session.
H2MaxWorkerIdleSeconds n 600 sE
Maximum number of seconds h2 workers remain idle until shut down.
H2MaxWorkers nsE
Maximum number of worker threads to use per child process.
H2MinWorkers nsE
Minimal number of worker threads to use per child process.
H2ModernTLSOnly on|off on svE
Require HTTP/2 connections to be "modern TLS" only
H2Push on|off on svE
H2 Server Push Switch
H2PushDiarySize n 256 svE
H2 Server Push Diary Size
H2PushPriority mime-type [after|before|interleaved] [weight] * After 16 svE
H2 Server Push Priority
H2PushResource [add] path [critical]svdhE
Declares resources for early pushing to the client
H2SerializeHeaders on|off off svE
Serialize Request/Response Processing Switch
H2StreamMaxMemSize bytes 65536 svE
Maximum amount of output data buffered per stream.
H2TLSCoolDownSecs seconds 1 svE
-
H2TLSWarmUpSize amount 1048576 svE
-
H2Upgrade on|off on for h2c, off for +svE
H2 Upgrade Protocol Switch
H2WindowSize bytes 65535 svE
Size of Stream Window for upstream data.
Header [condition] add|append|echo|edit|edit*|merge|set|setifempty|unset|note header [[expr=]value [replacement] [early|env=[!]varname|expr=expression]] svdhE
Configure HTTP response headers
HeaderName filenamesvdhB
Name of the file that will be inserted at the top of the index listing
HeartbeatAddress addr:portsX
Multicast address for heartbeat packets
HeartbeatListenaddr:portsX
multicast address to listen for incoming heartbeat requests
HeartbeatMaxServers number-of-servers 10 sX
Specifies the maximum number of servers that will be sending heartbeat requests to this server
HeartbeatStorage file-path logs/hb.dat sX
Path to store heartbeat data
HeartbeatStorage file-path logs/hb.dat sX
Path to read heartbeat data
HostnameLookups On|Off|Double Off svdC
Enables DNS lookups on client IP addresses
HttpProtocolOptions [Strict|Unsafe] [RegisteredMethods|LenientMethods] [Allow0.9|Require1.0] Strict LenientMetho +svC
Modify restrictions on HTTP Request Messages
IdentityCheck On|Off Off svdE
Enables logging of the RFC 1413 identity of the remote user
IdentityCheckTimeout seconds 30 svdE
Determines the timeout duration for ident requests
<If expression> ... </If>svdhC
Contains directives that apply only if a condition is satisfied by a request at runtime
<IfDefine [!]parameter-name> ... </IfDefine>svdhC
Encloses directives that will be processed only if a test is true at startup
<IfDirective [!]directive-name> ... </IfDirective>svdhC
Encloses directives that are processed conditional on the presence or absence of a specific directive
<IfFile [!]parameter-name> ... </IfFile>svdhC
Encloses directives that will be processed only if file exists at startup
<IfModule [!]module-file|module-identifier> ... </IfModule>svdhC
Encloses directives that are processed conditional on the presence or absence of a specific module
<IfSection [!]section-name> ... </IfSection>svdhC
Encloses directives that are processed conditional on the presence or absence of a specific section directive
<IfVersion [[!]operator] version> ... </IfVersion>svdhE
contains version dependent configuration
ImapBase map|referer|URL http://servername/ svdhB
Default base for imagemap files
ImapDefault error|nocontent|map|referer|URL nocontent svdhB
Default action when an imagemap is called with coordinates that are not explicitly mapped
ImapMenu none|formatted|semiformatted|unformatted formatted svdhB
Action if no coordinates are given when calling an imagemap
Include file-path|directory-path|wildcardsvdC
Includes other configuration files from within the server configuration files
IncludeOptional file-path|directory-path|wildcardsvdC
Includes other configuration files from within the server configuration files
IndexHeadInsert "markup ..."svdhB
Inserts text in the HEAD section of an index page.
IndexIgnore file [file] ... "." svdhB
Adds to the list of files to hide when listing a directory
IndexIgnoreReset ON|OFFsvdhB
Empties the list of files to hide when listing a directory
IndexOptions [+|-]option [[+|-]option] ...svdhB
Various configuration settings for directory indexing
IndexOrderDefault Ascending|Descending Name|Date|Size|Description Ascending Name svdhB
Sets the default ordering of the directory index
IndexStyleSheet url-pathsvdhB
Adds a CSS stylesheet to the directory index
InputSed sed-commanddhX
Sed command to filter request data (typically POST data)
ISAPIAppendLogToErrors on|off off svdhB
Record HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the error log
ISAPIAppendLogToQuery on|off on svdhB
Record HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the query field
ISAPICacheFile file-path [file-path] ...svB
ISAPI .dll files to be loaded at startup
ISAPIFakeAsync on|off off svdhB
Fake asynchronous support for ISAPI callbacks
ISAPILogNotSupported on|off off svdhB
Log unsupported feature requests from ISAPI extensions
ISAPIReadAheadBuffer size 49152 svdhB
Size of the Read Ahead Buffer sent to ISAPI extensions
KeepAlive On|Off On svC
Enables HTTP persistent connections
KeepAliveTimeout num[ms] 5 svC
Amount of time the server will wait for subsequent requests on a persistent connection
KeptBodySize maximum size in bytes 0 dB
Keep the request body instead of discarding it up to the specified maximum size, for potential use by filters such as mod_include.
LanguagePriority MIME-lang [MIME-lang] ...svdhB
The precedence of language variants for cases where the client does not express a preference
LDAPCacheEntries number 1024 sE
Maximum number of entries in the primary LDAP cache
LDAPCacheTTL seconds 600 sE
Time that cached items remain valid
LDAPConnectionPoolTTL n -1 svE
Discard backend connections that have been sitting in the connection pool too long
LDAPConnectionTimeout secondssE
Specifies the socket connection timeout in seconds
LDAPLibraryDebug 7sE
Enable debugging in the LDAP SDK
LDAPOpCacheEntries number 1024 sE
Number of entries used to cache LDAP compare operations
LDAPOpCacheTTL seconds 600 sE
Time that entries in the operation cache remain valid
LDAPReferralHopLimit numberdhE
The maximum number of referral hops to chase before terminating an LDAP query.
LDAPReferrals On|Off|default On dhE
Enable referral chasing during queries to the LDAP server.
LDAPRetries number-of-retries 3 sE
Configures the number of LDAP server retries.
LDAPRetryDelay seconds 0 sE
Configures the delay between LDAP server retries.
LDAPSharedCacheFile directory-path/filenamesE
Sets the shared memory cache file
LDAPSharedCacheSize bytes 500000 sE
Size in bytes of the shared-memory cache
LDAPTimeout seconds 60 sE
Specifies the timeout for LDAP search and bind operations, in seconds
LDAPTrustedClientCert type directory-path/filename/nickname [password]dhE
Sets the file containing or nickname referring to a per connection client certificate. Not all LDAP toolkits support per connection client certificates.
LDAPTrustedGlobalCert type directory-path/filename [password]sE
Sets the file or database containing global trusted Certificate Authority or global client certificates
LDAPTrustedMode typesvE
Specifies the SSL/TLS mode to be used when connecting to an LDAP server.
LDAPVerifyServerCert On|Off On sE
Force server certificate verification
<Limit method [method] ... > ... </Limit>dhC
Restrict enclosed access controls to only certain HTTP methods
<LimitExcept method [method] ... > ... </LimitExcept>dhC
Restrict access controls to all HTTP methods except the named ones
LimitInternalRecursion number [number] 10 svC
Determine maximum number of internal redirects and nested subrequests
LimitRequestBody bytes 0 svdhC
Restricts the total size of the HTTP request body sent from the client
LimitRequestFields number 100 svC
Limits the number of HTTP request header fields that will be accepted from the client
LimitRequestFieldSize bytes 8190 svC
Limits the size of the HTTP request header allowed from the client
LimitRequestLine bytes 8190 svC
Limit the size of the HTTP request line that will be accepted from the client
LimitXMLRequestBody bytes 1000000 svdhC
Limits the size of an XML-based request body
Listen [IP-address:]portnumber [protocol]sM
IP addresses and ports that the server listens to
ListenBacklog backlogsM
Maximum length of the queue of pending connections
ListenCoresBucketsRatio ratio 0 (disabled) sM
Ratio between the number of CPU cores (online) and the number of listeners' buckets
LoadFile filename [filename] ...svE
Link in the named object file or library
LoadModule module filenamesvE
Links in the object file or library, and adds to the list of active modules
<Location URL-path|URL> ... </Location>svC
Applies the enclosed directives only to matching URLs
<LocationMatch regex> ... </LocationMatch>svC
Applies the enclosed directives only to regular-expression matching URLs
LogFormat format|nickname [nickname] "%h %l %u %t \"%r\" +svB
Describes a format for use in a log file
LogIOTrackTTFB ON|OFF OFF svdhE
Enable tracking of time to first byte (TTFB)
LogLevel [module:]level [module:level] ... warn svdC
Controls the verbosity of the ErrorLog
LogMessage message [hook=hook] [expr=expression] dX
Log user-defined message to error log
LuaAuthzProvider provider_name /path/to/lua/script.lua function_namesX
Plug an authorization provider function into mod_authz_core
LuaCodeCache stat|forever|never stat svdhX
Configure the compiled code cache.
LuaHookAccessChecker /path/to/lua/script.lua hook_function_name [early|late]svdhX
Provide a hook for the access_checker phase of request processing
LuaHookAuthChecker /path/to/lua/script.lua hook_function_name [early|late]svdhX
Provide a hook for the auth_checker phase of request processing
LuaHookCheckUserID /path/to/lua/script.lua hook_function_name [early|late]svdhX
Provide a hook for the check_user_id phase of request processing
LuaHookFixups /path/to/lua/script.lua hook_function_namesvdhX
Provide a hook for the fixups phase of a request processing
LuaHookInsertFilter /path/to/lua/script.lua hook_function_namesvdhX
Provide a hook for the insert_filter phase of request processing
LuaHookLog /path/to/lua/script.lua log_function_namesvdhX
Provide a hook for the access log phase of a request processing
LuaHookMapToStorage /path/to/lua/script.lua hook_function_namesvdhX
Provide a hook for the map_to_storage phase of request processing
LuaHookTranslateName /path/to/lua/script.lua hook_function_name [early|late]svX
Provide a hook for the translate name phase of request processing
LuaHookTypeChecker /path/to/lua/script.lua hook_function_namesvdhX
Provide a hook for the type_checker phase of request processing
LuaInherit none|parent-first|parent-last parent-first svdhX
Controls how parent configuration sections are merged into children
LuaInputFilter filter_name /path/to/lua/script.lua function_namesX
Provide a Lua function for content input filtering
LuaMapHandler uri-pattern /path/to/lua/script.lua [function-name]svdhX
Map a path to a lua handler
LuaOutputFilter filter_name /path/to/lua/script.lua function_namesX
Provide a Lua function for content output filtering
LuaPackageCPath /path/to/include/?.soasvdhX
Add a directory to lua's package.cpath
LuaPackagePath /path/to/include/?.luasvdhX
Add a directory to lua's package.path
LuaQuickHandler /path/to/script.lua hook_function_namesvX
Provide a hook for the quick handler of request processing
LuaRoot /path/to/a/directorysvdhX
Specify the base path for resolving relative paths for mod_lua directives
LuaScope once|request|conn|thread|server [min] [max] once svdhX
One of once, request, conn, thread -- default is once
<Macro name [par1 .. parN]> ... </Macro>svdB
Define a configuration file macro
MaxConnectionsPerChild number 0 sM
Limit on the number of connections that an individual child server will handle during its life
MaxKeepAliveRequests number 100 svC
Number of requests allowed on a persistent connection
MaxMemFree KBytes 2048 sM
Maximum amount of memory that the main allocator is allowed to hold without calling free()
MaxRangeOverlaps default | unlimited | none | number-of-ranges 20 svdC
Number of overlapping ranges (eg: 100-200,150-300) allowed before returning the complete resource
MaxRangeReversals default | unlimited | none | number-of-ranges 20 svdC
Number of range reversals (eg: 100-200,50-70) allowed before returning the complete resource
MaxRanges default | unlimited | none | number-of-ranges 200 svdC
Number of ranges allowed before returning the complete resource
MaxRequestWorkers numbersM
Maximum number of connections that will be processed simultaneously
MaxSpareServers number 10 sM
Maximum number of idle child server processes
MaxSpareThreads numbersM
Maximum number of idle threads
MaxThreads number 2048 sM
Set the maximum number of worker threads
MDBaseServer on|off off sE
Control if base server may be managed or only virtual hosts.
MDCAChallenges name [ name ... ] tls-sni-01 http-01 sE
Type of ACME challenge used to prove domain ownership.
MDCertificateAgreement url-of-terms-of-servicesE
The URL of the Terms-of-Service document, that the CA server requires you to accept.
MDCertificateAuthority url https://acme-v01.ap +sE
The URL of the ACME Certificate Authority service.
MDCertificateProtocol protocol ACME sE
The protocol to use with the Certificate Authority.
MDDriveMode always|auto|manual auto sE
Control when it is allowed to obtain/renew certificates.
MDHttpProxy urlsE
Define a proxy for outgoing connections.
MDMember hostnamesE
Additional hostname for the managed domain.
MDMembers auto|manual auto sE
Control if the alias domain names are automatically added.
MDMustStaple on|off off sE
Control if new certificates carry the OCSP Must Staple flag.
MDNotifyCmd path [ args ]sE
Run a program when Managed Domain are ready.
MDomain dns-name [ other-dns-name... ] [auto|manual]sE
Define list of domain names that belong to one group.
<MDomainSet dns-name [ other-dns-name... ]>...</MDomainSet>sE
Container for directives applied to the same managed domains.
MDPortMap map1 [ map2 ] 80:80 443:443 sE
Map external to internal ports for domain ownership verification.
MDPrivateKeys type [ params... ] RSA 2048 sE
Set type and size of the private keys generated.
MDRenewWindow duration 33% sE
Control when a certificate will be renewed.
MDRequireHttps off|temporary|permanent off sE
Redirects http: traffic to https: for Managed Domains.
MDStoreDir path md sE
Path on the local file system to store the Managed Domains data.
MemcacheConnTTL num[units] 15s svE
Keepalive time for idle connections
MergeTrailers [on|off] off svC
Determines whether trailers are merged into headers
MetaDir directory .web svdhE
Name of the directory to find CERN-style meta information files
MetaFiles on|off off svdhE
Activates CERN meta-file processing
MetaSuffix suffix .meta svdhE
File name suffix for the file containing CERN-style meta information
MimeMagicFile file-pathsvE
Enable MIME-type determination based on file contents using the specified magic file
MinSpareServers number 5 sM
Minimum number of idle child server processes
MinSpareThreads numbersM
Minimum number of idle threads available to handle request spikes
MMapFile file-path [file-path] ...sX
Map a list of files into memory at startup time
ModemStandard V.21|V.26bis|V.32|V.34|V.92dX
Modem standard to simulate
ModMimeUsePathInfo On|Off Off dB
Tells mod_mime to treat path_info components as part of the filename
MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers [Handlers|Filters] NegotiatedOnly svdhB
The types of files that will be included when searching for a matching file with MultiViews
Mutex mechanism [default|mutex-name] ... [OmitPID] default sC
Configures mutex mechanism and lock file directory for all or specified mutexes
NameVirtualHost addr[:port]sC
DEPRECATED: Designates an IP address for name-virtual hosting
NoProxy host [host] ...svE
Hosts, domains, or networks that will be connected to directly
NWSSLTrustedCerts filename [filename] ...sB
List of additional client certificates
NWSSLUpgradeable [IP-address:]portnumbersB
Allows a connection to be upgraded to an SSL connection upon request
Options [+|-]option [[+|-]option] ... FollowSymlinks svdhC
Configures what features are available in a particular directory
Order ordering Deny,Allow dhE
Controls the default access state and the order in which Allow and Deny are evaluated.
OutputSed sed-commanddhX
Sed command for filtering response content
PassEnv env-variable [env-variable] ...svdhB
Passes environment variables from the shell
PidFile filename logs/httpd.pid sM
File where the server records the process ID of the daemon
PrivilegesMode FAST|SECURE|SELECTIVE FAST svdX
Trade off processing speed and efficiency vs security against malicious privileges-aware code.
Protocol protocolsvC
Protocol for a listening socket
ProtocolEcho On|Off Off svX
Turn the echo server on or off
Protocols protocol ... http/1.1 svC
Protocols available for a server/virtual host
ProtocolsHonorOrder On|Off On svC
Determines if order of Protocols determines precedence during negotiation
<Proxy wildcard-url> ...</Proxy>svE
Container for directives applied to proxied resources
ProxyAddHeaders Off|On On svdE
Add proxy information in X-Forwarded-* headers
ProxyBadHeader IsError|Ignore|StartBody IsError svE
Determines how to handle bad header lines in a response
ProxyBlock *|word|host|domain [word|host|domain] ...svE
Words, hosts, or domains that are banned from being proxied
ProxyDomain DomainsvE
Default domain name for proxied requests
ProxyErrorOverride On|Off Off svdE
Override error pages for proxied content
ProxyExpressDBMFile <pathname>svE
Pathname to DBM file.
ProxyExpressDBMFile <type>svE
DBM type of file.
ProxyExpressEnable [on|off]svE
Enable the module functionality.
ProxyFCGIBackendType FPM|GENERIC FPM svdhE
Specify the type of backend FastCGI application
ProxyFCGISetEnvIf conditional-expression [!]environment-variable-name [value-expression]svdhE
Allow variables sent to FastCGI servers to be fixed up
ProxyFtpDirCharset character set ISO-8859-1 svdE
Define the character set for proxied FTP listings
ProxyFtpEscapeWildcards [on|off]svdE
Whether wildcards in requested filenames are escaped when sent to the FTP server
ProxyFtpListOnWildcard [on|off]svdE
Whether wildcards in requested filenames trigger a file listing
ProxyHCExpr name {ap_expr expression}svE
Creates a named condition expression to use to determine health of the backend based on its response
ProxyHCTemplate name parameter=setting [...]svE
Creates a named template for setting various health check parameters
ProxyHCTPsize sizesE
Sets the total server-wide size of the threadpool used for the health check workers
ProxyHTMLBufSize bytes 8192 svdB
Sets the buffer size increment for buffering inline scripts and stylesheets.
ProxyHTMLCharsetOut Charset | *svdB
Specify a charset for mod_proxy_html output.
ProxyHTMLDocType HTML|XHTML [Legacy]
OR
ProxyHTMLDocType fpi [SGML|XML]
svdB
Sets an HTML or XHTML document type declaration.
ProxyHTMLEnable On|Off Off svdB
Turns the proxy_html filter on or off.
ProxyHTMLEvents attribute [attribute ...]svdB
Specify attributes to treat as scripting events.
ProxyHTMLExtended On|Off Off svdB
Determines whether to fix links in inline scripts, stylesheets, and scripting events.
ProxyHTMLFixups [lowercase] [dospath] [reset]svdB
Fixes for simple HTML errors.
ProxyHTMLInterp On|Off Off svdB
Enables per-request interpolation of ProxyHTMLURLMap rules.
ProxyHTMLLinks element attribute [attribute2 ...]svdB
Specify HTML elements that have URL attributes to be rewritten.
ProxyHTMLMeta On|Off Off svdB
Turns on or off extra pre-parsing of metadata in HTML <head> sections.
ProxyHTMLStripComments On|Off Off svdB
Determines whether to strip HTML comments.
ProxyHTMLURLMap from-pattern to-pattern [flags] [cond]svdB
Defines a rule to rewrite HTML links
ProxyIOBufferSize bytes 8192 svE
Determine size of internal data throughput buffer
<ProxyMatch regex> ...</ProxyMatch>svE
Container for directives applied to regular-expression-matched proxied resources
ProxyMaxForwards number -1 svE
Maximium number of proxies that a request can be forwarded through
ProxyPass [path] !|url [key=value [key=value ...]] [nocanon] [interpolate] [noquery]svdE
Maps remote servers into the local server URL-space
ProxyPassInherit On|Off On svE
Inherit ProxyPass directives defined from the main server
ProxyPassInterpolateEnv On|Off Off svdE
Enable Environment Variable interpolation in Reverse Proxy configurations
ProxyPassMatch [regex] !|url [key=value [key=value ...]]svdE
Maps remote servers into the local server URL-space using regular expressions
ProxyPassReverse [path] url [interpolate]svdE
Adjusts the URL in HTTP response headers sent from a reverse proxied server
ProxyPassReverseCookieDomain internal-domain public-domain [interpolate]svdE
Adjusts the Domain string in Set-Cookie headers from a reverse- proxied server
ProxyPassReverseCookiePath internal-path public-path [interpolate]svdE
Adjusts the Path string in Set-Cookie headers from a reverse- proxied server
ProxyPreserveHost On|Off Off svdE
Use incoming Host HTTP request header for proxy request
ProxyReceiveBufferSize bytes 0 svE
Network buffer size for proxied HTTP and FTP connections
ProxyRemote match remote-serversvE
Remote proxy used to handle certain requests
ProxyRemoteMatch regex remote-serversvE
Remote proxy used to handle requests matched by regular expressions
ProxyRequests On|Off Off svE
Enables forward (standard) proxy requests
ProxySCGIInternalRedirect On|Off|Headername On svdE
Enable or disable internal redirect responses from the backend
ProxySCGISendfile On|Off|Headername Off svdE
Enable evaluation of X-Sendfile pseudo response header
ProxySet url key=value [key=value ...]svdE
Set various Proxy balancer or member parameters
ProxySourceAddress addresssvE
Set local IP address for outgoing proxy connections
ProxyStatus Off|On|Full Off svE
Show Proxy LoadBalancer status in mod_status
ProxyTimeout secondssvE
Network timeout for proxied requests
ProxyVia On|Off|Full|Block Off svE
Information provided in the Via HTTP response header for proxied requests
QualifyRedirectURL ON|OFF OFF svdC
Controls whether the REDIRECT_URL environment variable is fully qualified
ReadmeName filenamesvdhB
Name of the file that will be inserted at the end of the index listing
ReceiveBufferSize bytes 0 sM
TCP receive buffer size
Redirect [status] [URL-path] URLsvdhB
Sends an external redirect asking the client to fetch a different URL
RedirectMatch [status] regex URLsvdhB
Sends an external redirect based on a regular expression match of the current URL
RedirectPermanent URL-path URLsvdhB
Sends an external permanent redirect asking the client to fetch a different URL
RedirectTemp URL-path URLsvdhB
Sends an external temporary redirect asking the client to fetch a different URL
ReflectorHeader inputheader [outputheader]svdhB
Reflect an input header to the output headers
RegexDefaultOptions [none] [+|-]option [[+|-]option] ... DOLLAR_ENDONLY sC
Allow to configure global/default options for regexes
RegisterHttpMethod method [method [...]]sC
Register non-standard HTTP methods
RemoteIPHeader header-fieldsvB
Declare the header field which should be parsed for useragent IP addresses
RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...svB
Declare client intranet IP addresses trusted to present the RemoteIPHeader value
RemoteIPInternalProxyList filenamesvB
Declare client intranet IP addresses trusted to present the RemoteIPHeader value
RemoteIPProxiesHeader HeaderFieldNamesvB
Declare the header field which will record all intermediate IP addresses
RemoteIPProxyProtocol On|OffsvB
Enable or disable PROXY protocol handling
RemoteIPProxyProtocolExceptions host|range [host|range] [host|range]svB
Disable processing of PROXY header for certain hosts or networks
RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ...svB
Declare client intranet IP addresses trusted to present the RemoteIPHeader value
RemoteIPTrustedProxyList filenamesvB
Declare client intranet IP addresses trusted to present the RemoteIPHeader value
RemoveCharset extension [extension] ...vdhB
Removes any character set associations for a set of file extensions
RemoveEncoding extension [extension] ...vdhB
Removes any content encoding associations for a set of file extensions
RemoveHandler extension [extension] ...vdhB
Removes any handler associations for a set of file extensions
RemoveInputFilter extension [extension] ...vdhB
Removes any input filter associations for a set of file extensions
RemoveLanguage extension [extension] ...vdhB
Removes any language associations for a set of file extensions
RemoveOutputFilter extension [extension] ...vdhB
Removes any output filter associations for a set of file extensions
RemoveType extension [extension] ...vdhB
Removes any content type associations for a set of file extensions
RequestHeader add|append|edit|edit*|merge|set|setifempty|unset header [[expr=]value [replacement] [early|env=[!]varname|expr=expression]] svdhE
Configure HTTP request headers
RequestReadTimeout [header=timeout[-maxtimeout][,MinRate=rate] [body=timeout[-maxtimeout][,MinRate=rate] svE
Set timeout values for receiving request headers and body from client.
Require [not] entity-name [entity-name] ...dhB
Tests whether an authenticated user is authorized by an authorization provider.
<RequireAll> ... </RequireAll>dhB
Enclose a group of authorization directives of which none must fail and at least one must succeed for the enclosing directive to succeed.
<RequireAny> ... </RequireAny>dhB
Enclose a group of authorization directives of which one must succeed for the enclosing directive to succeed.
<RequireNone> ... </RequireNone>dhB
Enclose a group of authorization directives of which none must succeed for the enclosing directive to not fail.
RewriteBase URL-pathdhE
Sets the base URL for per-directory rewrites
RewriteCond TestString CondPattern [flags]svdhE
Defines a condition under which rewriting will take place
RewriteEngine on|off off svdhE
Enables or disables runtime rewriting engine
RewriteMap MapName MapType:MapSource [MapTypeOptions] svE
Defines a mapping function for key-lookup
RewriteOptions OptionssvdhE
Sets some special options for the rewrite engine
RewriteRule Pattern Substitution [flags]svdhE
Defines rules for the rewriting engine
RLimitCPU seconds|max [seconds|max]svdhC
Limits the CPU consumption of processes launched by Apache httpd children
RLimitMEM bytes|max [bytes|max]svdhC
Limits the memory consumption of processes launched by Apache httpd children
RLimitNPROC number|max [number|max]svdhC
Limits the number of processes that can be launched by processes launched by Apache httpd children
Satisfy Any|All All dhE
Interaction between host-level access control and user authentication
ScoreBoardFile file-path logs/apache_runtime +sM
Location of the file used to store coordination data for the child processes
Script method cgi-scriptsvdB
Activates a CGI script for a particular request method.
ScriptAlias [URL-path] file-path|directory-pathsvdB
Maps a URL to a filesystem location and designates the target as a CGI script
ScriptAliasMatch regex file-path|directory-pathsvB
Maps a URL to a filesystem location using a regular expression and designates the target as a CGI script
ScriptInterpreterSource Registry|Registry-Strict|Script Script svdhC
Technique for locating the interpreter for CGI scripts
ScriptLog file-pathsvB
Location of the CGI script error logfile
ScriptLogBuffer bytes 1024 svB
Maximum amount of PUT or POST requests that will be recorded in the scriptlog
ScriptLogLength bytes 10385760 svB
Size limit of the CGI script logfile
ScriptSock file-path cgisock sB
The filename prefix of the socket to use for communication with the cgi daemon
SecureListen [IP-address:]portnumber Certificate-Name [MUTUAL]sB
Enables SSL encryption for the specified port
SeeRequestTail On|Off Off sC
Determine if mod_status displays the first 63 characters of a request or the last 63, assuming the request itself is greater than 63 chars.
SendBufferSize bytes 0 sM
TCP buffer size
ServerAdmin email-address|URLsvC
Email address that the server includes in error messages sent to the client
ServerAlias hostname [hostname] ...vC
Alternate names for a host used when matching requests to name-virtual hosts
ServerLimit numbersM
Upper limit on configurable number of processes
ServerName [scheme://]domain-name|ip-address[:port]svC
Hostname and port that the server uses to identify itself
ServerPath URL-pathvC
Legacy URL pathname for a name-based virtual host that is accessed by an incompatible browser
ServerRoot directory-path /usr/local/apache sC
Base directory for the server installation
ServerSignature On|Off|EMail Off svdhC
Configures the footer on server-generated documents
ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full sC
Configures the Server HTTP response header
Session On|Off Off svdhE
Enables a session for the current directory or location
SessionCookieName name attributessvdhE
Name and attributes for the RFC2109 cookie storing the session
SessionCookieName2 name attributessvdhE
Name and attributes for the RFC2965 cookie storing the session
SessionCookieRemove On|Off Off svdhE
Control for whether session cookies should be removed from incoming HTTP headers
SessionCryptoCipher namesvdhX
The crypto cipher to be used to encrypt the session
SessionCryptoDriver name [param[=value]]sX
The crypto driver to be used to encrypt the session
SessionCryptoPassphrase secret [ secret ... ] svdhX
The key used to encrypt the session
SessionCryptoPassphraseFile filenamesvdX
File containing keys used to encrypt the session
SessionDBDCookieName name attributessvdhE
Name and attributes for the RFC2109 cookie storing the session ID
SessionDBDCookieName2 name attributessvdhE
Name and attributes for the RFC2965 cookie storing the session ID
SessionDBDCookieRemove On|Off On svdhE
Control for whether session ID cookies should be removed from incoming HTTP headers
SessionDBDDeleteLabel label deletesession svdhE
The SQL query to use to remove sessions from the database
SessionDBDInsertLabel label insertsession svdhE
The SQL query to use to insert sessions into the database
SessionDBDPerUser On|Off Off svdhE
Enable a per user session
SessionDBDSelectLabel label selectsession svdhE
The SQL query to use to select sessions from the database
SessionDBDUpdateLabel label updatesession svdhE
The SQL query to use to update existing sessions in the database
SessionEnv On|Off Off svdhE
Control whether the contents of the session are written to the HTTP_SESSION environment variable
SessionExclude pathsvdhE
Define URL prefixes for which a session is ignored
SessionHeader headersvdhE
Import session updates from a given HTTP response header
SessionInclude pathsvdhE
Define URL prefixes for which a session is valid
SessionMaxAge maxage 0 svdhE
Define a maximum age in seconds for a session
SetEnv env-variable [value]svdhB
Sets environment variables
SetEnvIf attribute regex [!]env-variable[=value] [[!]env-variable[=value]] ...svdhB
Sets environment variables based on attributes of the request
SetEnvIfExpr expr [!]env-variable[=value] [[!]env-variable[=value]] ...svdhB
Sets environment variables based on an ap_expr expression
SetEnvIfNoCase attribute regex [!]env-variable[=value] [[!]env-variable[=value]] ...svdhB
Sets environment variables based on attributes of the request without respect to case
SetHandler handler-name|none|expressionsvdhC
Forces all matching files to be processed by a handler
SetInputFilter filter[;filter...]svdhC
Sets the filters that will process client requests and POST input
SetOutputFilter filter[;filter...]svdhC
Sets the filters that will process responses from the server
SSIEndTag tag "-->" svB
String that ends an include element
SSIErrorMsg message "[an error occurred +svdhB
Error message displayed when there is an SSI error
SSIETag on|off off dhB
Controls whether ETags are generated by the server.
SSILastModified on|off off dhB
Controls whether Last-Modified headers are generated by the server.
SSILegacyExprParser on|off off dhB
Enable compatibility mode for conditional expressions.
SSIStartTag tag "<!--#" svB
String that starts an include element
SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M +svdhB
Configures the format in which date strings are displayed
SSIUndefinedEcho string "(none)" svdhB
String displayed when an unset variable is echoed
SSLCACertificateFile file-pathsvE
File of concatenated PEM-encoded CA Certificates for Client Auth
SSLCACertificatePath directory-pathsvE
Directory of PEM-encoded CA Certificates for Client Auth
SSLCADNRequestFile file-pathsvE
File of concatenated PEM-encoded CA Certificates for defining acceptable CA names
SSLCADNRequestPath directory-pathsvE
Directory of PEM-encoded CA Certificates for defining acceptable CA names
SSLCARevocationCheck chain|leaf|none flags none svE
Enable CRL-based revocation checking
SSLCARevocationFile file-pathsvE
File of concatenated PEM-encoded CA CRLs for Client Auth
SSLCARevocationPath directory-pathsvE
Directory of PEM-encoded CA CRLs for Client Auth
SSLCertificateChainFile file-pathsvE
File of PEM-encoded Server CA Certificates
SSLCertificateFile file-pathsvE
Server PEM-encoded X.509 certificate data file
SSLCertificateKeyFile file-pathsvE
Server PEM-encoded private key file
SSLCipherSuite cipher-spec DEFAULT (depends on +svdhE
Cipher Suite available for negotiation in SSL handshake
SSLCompression on|off off svE
Enable compression on the SSL level
SSLCryptoDevice engine builtin sE
Enable use of a cryptographic hardware accelerator
SSLEngine on|off|optional off svE
SSL Engine Operation Switch
SSLFIPS on|off off sE
SSL FIPS mode Switch
SSLHonorCipherOrder on|off off svE
Option to prefer the server's cipher preference order
SSLInsecureRenegotiation on|off off svE
Option to enable support for insecure renegotiation
SSLOCSDefaultResponder urisvE
Set the default responder URI for OCSP validation
SSLOCSPEnable on|leaf|off off svE
Enable OCSP validation of the client certificate chain
SSLOCSPNoverify On/Off Off svE
skip the OCSP responder certificates verification
SSLOCSPOverrideResponder on|off off svE
Force use of the default responder URI for OCSP validation
SSLOCSPProxyURL urlsvE
Proxy URL to use for OCSP requests
SSLOCSPResponderCertificateFile filesvE
Set of trusted PEM encoded OCSP responder certificates
SSLOCSPResponderTimeout seconds 10 svE
Timeout for OCSP queries
SSLOCSPResponseMaxAge seconds -1 svE
Maximum allowable age for OCSP responses
SSLOCSPResponseTimeSkew seconds 300 svE
Maximum allowable time skew for OCSP response validation
SSLOCSPUseRequestNonce on|off on svE
Use a nonce within OCSP queries
SSLOpenSSLConfCmd command-name command-valuesvE
Configure OpenSSL parameters through its SSL_CONF API
SSLOptions [+|-]option ...svdhE
Configure various SSL engine run-time options
SSLPassPhraseDialog type builtin sE
Type of pass phrase dialog for encrypted private keys
SSLProtocol [+|-]protocol ... all -SSLv3 (up to 2 +svE
Configure usable SSL/TLS protocol versions
SSLProxyCACertificateFile file-pathsvpE
File of concatenated PEM-encoded CA Certificates for Remote Server Auth
SSLProxyCACertificatePath directory-pathsvpE
Directory of PEM-encoded CA Certificates for Remote Server Auth
SSLProxyCARevocationCheck chain|leaf|none none svpE
Enable CRL-based revocation checking for Remote Server Auth
SSLProxyCARevocationFile file-pathsvpE
File of concatenated PEM-encoded CA CRLs for Remote Server Auth
SSLProxyCARevocationPath directory-pathsvpE
Directory of PEM-encoded CA CRLs for Remote Server Auth
SSLProxyCheckPeerCN on|off on svpE
Whether to check the remote server certificate's CN field
SSLProxyCheckPeerExpire on|off on svpE
Whether to check if remote server certificate is expired
SSLProxyCheckPeerName on|off on svpE
Configure host name checking for remote server certificates
SSLProxyCipherSuite cipher-spec ALL:!ADH:RC4+RSA:+H +svpE
Cipher Suite available for negotiation in SSL proxy handshake
SSLProxyEngine on|off off svpE
SSL Proxy Engine Operation Switch
SSLProxyMachineCertificateChainFile filenamesvpE
File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate
SSLProxyMachineCertificateFile filenamesvpE
File of concatenated PEM-encoded client certificates and keys to be used by the proxy
SSLProxyMachineCertificatePath directorysvpE
Directory of PEM-encoded client certificates and keys to be used by the proxy
SSLProxyProtocol [+|-]protocol ... all -SSLv3 (up to 2 +svpE
Configure usable SSL protocol flavors for proxy usage
SSLProxyVerify level none svpE
Type of remote server Certificate verification
SSLProxyVerifyDepth number 1 svpE
Maximum depth of CA Certificates in Remote Server Certificate verification
SSLRandomSeed context source [bytes]sE
Pseudo Random Number Generator (PRNG) seeding source
SSLRenegBufferSize bytes 131072 dhE
Set the size for the SSL renegotiation buffer
SSLRequire expressiondhE
Allow access only when an arbitrarily complex boolean expression is true
SSLRequireSSLdhE
Deny access when SSL is not used for the HTTP request
SSLSessionCache type none sE
Type of the global/inter-process SSL Session Cache
SSLSessionCacheTimeout seconds 300 svE
Number of seconds before an SSL session expires in the Session Cache
SSLSessionTicketKeyFile file-pathsvE
Persistent encryption/decryption key for TLS session tickets
SSLSessionTickets on|off on svE
Enable or disable use of TLS session tickets
SSLSRPUnknownUserSeed secret-stringsvE
SRP unknown user seed
SSLSRPVerifierFile file-pathsvE
Path to SRP verifier file
SSLStaplingCache typesE
Configures the OCSP stapling cache
SSLStaplingErrorCacheTimeout seconds 600 svE
Number of seconds before expiring invalid responses in the OCSP stapling cache
SSLStaplingFakeTryLater on|off on svE
Synthesize "tryLater" responses for failed OCSP stapling queries
SSLStaplingForceURL urisvE
Override the OCSP responder URI specified in the certificate's AIA extension
SSLStaplingResponderTimeout seconds 10 svE
Timeout for OCSP stapling queries
SSLStaplingResponseMaxAge seconds -1 svE
Maximum allowable age for OCSP stapling responses
SSLStaplingResponseTimeSkew seconds 300 svE
Maximum allowable time skew for OCSP stapling response validation
SSLStaplingReturnResponderErrors on|off on svE
Pass stapling related OCSP errors on to client
SSLStaplingStandardCacheTimeout seconds 3600 svE
Number of seconds before expiring responses in the OCSP stapling cache
SSLStrictSNIVHostCheck on|off off svE
Whether to allow non-SNI clients to access a name-based virtual host.
SSLUserName varnamesdhE
Variable name to determine user name
SSLUseStapling on|off off svE
Enable stapling of OCSP responses in the TLS handshake
SSLVerifyClient level none svdhE
Type of Client Certificate verification
SSLVerifyDepth number 1 svdhE
Maximum depth of CA Certificates in Client Certificate verification
StartServers numbersM
Number of child server processes created at startup
StartThreads numbersM
Number of threads created on startup
Substitute s/pattern/substitution/[infq]dhE
Pattern to filter the response content
SubstituteInheritBefore on|off off dhE
Change the merge order of inherited patterns
SubstituteMaxLineLength bytes(b|B|k|K|m|M|g|G) 1m dhE
Set the maximum line size
Suexec On|OffsB
Enable or disable the suEXEC feature
SuexecUserGroup User GroupsvE
User and group for CGI programs to run as
ThreadLimit numbersM
Sets the upper limit on the configurable number of threads per child process
ThreadsPerChild numbersM
Number of threads created by each child process
ThreadStackSize sizesM
The size in bytes of the stack used by threads handling client connections
TimeOut seconds 60 svC
Amount of time the server will wait for certain events before failing a request
TraceEnable [on|off|extended] on svC
Determines the behavior on TRACE requests
TransferLog file|pipesvB
Specify location of a log file
TypesConfig file-path conf/mime.types sB
The location of the mime.types file
UnDefine parameter-namesC
Undefine the existence of a variable
UndefMacro namesvdB
Undefine a macro
UnsetEnv env-variable [env-variable] ...svdhB
Removes variables from the environment
Use name [value1 ... valueN] svdB
Use a macro
UseCanonicalName On|Off|DNS Off svdC
Configures how the server determines its own name and port
UseCanonicalPhysicalPort On|Off Off svdC
Configures how the server determines its own port
User unix-userid #-1 sB
The userid under which the server will answer requests
UserDir directory-filename [directory-filename] ... svB
Location of the user-specific directories
VHostCGIMode On|Off|Secure On vX
Determines whether the virtualhost can run subprocesses, and the privileges available to subprocesses.
VHostPrivs [+-]?privilege-name [[+-]?privilege-name] ...vX
Assign arbitrary privileges to subprocesses created by a virtual host.
VHostGroup unix-groupidvX
Sets the Group ID under which a virtual host runs.
VHostPrivs [+-]?privilege-name [[+-]?privilege-name] ...vX
Assign arbitrary privileges to a virtual host.
VHostSecure On|Off On vX
Determines whether the server runs with enhanced security for the virtualhost.
VHostUser unix-useridvX
Sets the User ID under which a virtual host runs.
VirtualDocumentRoot interpolated-directory|none none svE
Dynamically configure the location of the document root for a given virtual host
VirtualDocumentRootIP interpolated-directory|none none svE
Dynamically configure the location of the document root for a given virtual host
<VirtualHost addr[:port] [addr[:port]] ...> ... </VirtualHost>sC
Contains directives that apply only to a specific hostname or IP address
VirtualScriptAlias interpolated-directory|none none svE
Dynamically configure the location of the CGI directory for a given virtual host
VirtualScriptAliasIP interpolated-directory|none none svE
Dynamically configure the location of the CGI directory for a given virtual host
WatchdogInterval number-of-seconds 1 sB
Watchdog interval in seconds
XBitHack on|off|full off svdhB
Parse SSI directives in files with the execute bit set
xml2EncAlias charset alias [alias ...]sB
Recognise Aliases for encoding values
xml2EncDefault namesvdhB
Sets a default encoding to assume when absolutely no information can be automatically detected
xml2StartParse element [element ...]svdhB
Advise the parser to skip leading junk.

Available Languages:  de  |  en  |  es  |  fr  |  ja  |  ko  |  tr  |  zh-cn 

top

Comments

Notice:
This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed again by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Freenode, or sent to our mailing lists.