Apache – Main Server Configuration

Apache – Main Server Configuration


The User directive sets the user name of the server process and determines what files the server is allowed to access. Any files inaccessible to this user are also inaccessible to clients connecting to the Apache HTTP Server.

Default : apache. We have set it to nobody


Specifies the group name of the Apache HTTP Server processes.

Default : apache. We have set it to nobody.


Set the ServerAdmin directive to the email address of the Web server administrator. This email address will show up in error messages on server-generated Web pages, so users can report a problem by sending email to the server administrator.

Default : [email protected]


Use ServerName to set a hostname and port number (matching the Listen directive) for the server. The ServerName does not need to match the machine’s actual hostname. For example, the Web server may be www.example.com but the server’s hostname is actually foo.example.com. The value specified in ServerName must be a valid Domain Name Service (DNS) name that can be resolved by the system.

The following is a sample ServerName directive:

ServerName www.example.com:80

When specifying a ServerName, be sure the IP address and server name pair are included in the /etc/hosts file.
We have set it as www.support.eukhost.com:80


When set to on, this directive configures the Apache HTTP Server to references itself using the value specified in the ServerName and Port directives. When UseCanonicalName is set to off, the server will instead use the value used by the requesting client when referring to itself.

Default : off.


The DocumentRoot is the directory which contains most of the HTML files which is served in response to requests. The default DocumentRoot for both the non-secure and secure Web servers is the /var/www/html directory. For example, the server might receive a request for the following document:

The server looks for the following file in the default directory:



and tags create what is referred to as a container and are used to enclose a group of configuration directives meant to apply only to a particular directory and its subdirectories. Any directive which is applicable to a directory may be used within tags.

By default, very restrictive parameters are applied to the root directory (/), using the Options and AllowOverride directives. Under this configuration, any directory on the system which needs more permissive settings has to be explicitly given those settings.

In the default configuration, another Directory container is configured for the DocumentRoot which assigns less rigid parameters to the directory tree so that the Apache HTTP Server can access the files residing there.
The Directory container can be also be used to configure additional cgi-bin directories for server-side applications outside of the directory specified in the ScriptAlias directive .


The Options directive controls which server features are available in a particular directory. For example, under the restrictive parameters specified for the root directory, Options is set to only FollowSymLinks. No features are enabled, except that the server is allowed to follow symbolic links in the root directory.

By default, in the DocumentRoot directory, Options is set to include Indexes and FollowSymLinks. Indexes permits the server to generate a directory listing for a directory if no DirectoryIndex (for example, index.html) is specified. FollowSymLinks allows the server to follow symbolic links in that directory.


The AllowOverride directive sets whether or not any Options can be overridden by the declarations in an .htaccess file. By default, both the root directory and the DocumentRoot are set to allow no .htaccess overrides.


The Order directive controls the order in which allow and deny directives are evaluated. The server is configured to evaluate the Allow directives before the Deny directives for the DocumentRoot directory.


Allow specifies which requester can access a given directory. The requester can be all, a domain name, an IP address, a partial IP address, a network/netmask pair, and so on. The DocumentRoot directory is configured to Allow requests from all, meaning everyone has access.


Deny works just like Allow, except it specifies who is denied access. The DocumentRoot is not configured to Deny requests from anyone by default.


UserDir is the name of the subdirectory within each user’s home directory where they should place personal HTML files which are served by the Web server. This directive is set to disable by default.

The name for the subdirectory is set to public_html in the default configuration. For example, the server might receive the following request:


The server would look for the file:


In the above example, /home/username/ is the user’s home directory (note that the default path to users’ home directories may vary).

Make sure that the permissions on the users’ home directories are set correctly. Users’ home directories must be set to 0711. The read (r) and execute (x) bits must be set on the users’ public_html directories (0755 will also work). Files that will be served in users’ public_html directories must be set to at least 0644.


The DirectoryIndex is the default page served by the server when a user requests an index of a directory by specifying a forward slash (/) at the end of the directory name.

When a user requests the page http://example/this_directory/, they get either the DirectoryIndex page if it exists or a server-generated directory list. The default for DirectoryIndex is index.html and the index.html.var type map. The server tries to find any one of these files, and returns the first one it finds.

If it does not find any of these files and Options Indexes is set for that directory, the server generates and returns a listing, in HTML format, of the subdirectories and files within the directory, unless the directory listing feature is turned off.


AccessFileName names the file which the server should use for access control information in each directory. The default is .htaccess.

Immediately after the AccessFileName directive, a set of Files tags apply access control to any file beginning with a .ht. These directives deny Web access to any .htaccess files (or other files which begin with .ht) for security reasons.


HostnameLookups can be set to on, off or double. If HostnameLookups set to on, the server automatically resolves the IP address for each connection. Resolving the IP address means that the server makes one or more connections to a DNS server, adding processing overhead. If HostnameLookups is set to double, the server performs a double-reverse DNS look up adding even more processing overhead.

To conserve resources on the server, HostnameLookups set to off by default.
If hostnames are required in server log files, consider running one of the many log analyzer tools that perform the DNS lookups more efficiently and in bulk when rotating the Web server log files


ErrorLog specifies the file where server errors are logged. By default, this directive is set to /var/log/httpd/error_log.


LogLevel sets how verbose the error messages in the error logs are. LogLevel can be set (from least verbose to most verbose) to emerge, alert, crit, error, warn, notice, info or debug. The default LogLevel is warn.
We have set it to warn .


The LogFormat directive configures the format of the various Web server log files. The actual LogFormat used depends on the settings given in the CustomLog directive The following are the format options if the CustomLog directive is set to combined:

%h (remote host’s IP address or hostname)

Lists the remote IP address of the requesting client. If HostnameLookups is set to on, the client hostname is recorded unless it is not available from DNS.

%l (rfc931)

Not used. A hyphen [-] appears in the log file for this field.

%u (authenticated user)

If authentication was required, lists the user name of the user is recorded. Usually, this is not used, so a hyphen [-] appears in the log file for this field.

%t (date)

Lists the date and time of the request.

%r (request string)

Lists the request string exactly as it came from the browser or client.

%s (status)

Lists the HTTP status code which was returned to the client host.

%b (bytes)

Lists the size of the document.

%\”%{Referer}i\” (referrer)

Lists the URL of the webpage which referred the client host to Web server.

%\”%{User-Agent}i\” (user-agent)

Lists the type of Web browser making the request.


CustomLog identifies the log file and the log file format. By default, the log is recorded to the /var/log/httpd/access_log file.
The default CustomLog format is combined. The following illustrates the combined log file format:

remotehost rfc931 user date “request” status bytes referrer user-agent


The Alias setting allows directories outside the DocumentRoot directory to be accessible. Any URL ending in the alias automatically resolves to the alias’ path. By default, one alias for an icons directory is already set up. An icons directory can be accessed by the Web server, but the directory is not in the DocumentRoot.


The ScriptAlias directive defines where CGI scripts are located. Generally, it is not good practice to leave CGI scripts within the DocumentRoot, where they can potentially be viewed as text documents. For this reason, a special directory outside of the DocumentRoot directory containing server-side executables and scripts is designated by the ScriptAlias directive. This directory is known as a cgi-bin and set to /var/www/cgi-bin/ by default.

It is possible to establish directories for storing executables outside of the cgi-bin directory.


When a web page is moved, Redirect can be used to map the file location to a new URL. The format is as follows:
Redirect /
/ http:////

In this example, replace
with the old path information for and and with the current domain and path information for .

In this example, any requests for at the old location is automatically redirected to the new location.

For more advanced redirection techniques, use the mod_rewrite module included with the Apache HTTP Server.


IndexOptions controls the appearance of server generated directing listings, by adding icons, file descriptions, and so on. If Options Indexes is set, the Web server generates a directory listing when the Web server receives an HTTP request for a directory without an index.

First, the Web server looks in the requested directory for a file matching the names listed in the DirectoryIndex directive (usually, index.html). If an index.html file is not found, Apache HTTP Server creates an HTML directory listing of the requested directory. The appearance of this directory listing is controlled, in part, by the IndexOptions directive.
The default configuration turns on FancyIndexing.

This means that a user can re-sort a directory listing by clicking on column headers. Another click on the same header will switch from ascending to descending order. FancyIndexing also shows different icons for different files, based upon file extensions.

The AddDescription option, when used in conjunction with FancyIndexing, presents a short description for the file in server generated directory listings.

IndexOptions has a number of other parameters which can be set to control the appearance of server generated directories. Parameters include IconHeight and IconWidth, to make the server include HTML HEIGHT and WIDTH tags for the icons in server generated webpages; IconsAreLinks, for making the icons act as part of the HTML link anchor along with the filename and others

Default FancyIndexing : on


This directive names icons which are displayed by files with MIME encoding in server generated directory listings. For example, by default, the Web server shows the compressed.gif icon next to MIME encoded x-compress and x-gzip files in server generated directory listings.


This directive names icons which are displayed next to files with MIME types in server generated directory listings. For example, the server shows the icon text.gif next to files with a mime-type of text, in server generated directory listings.


AddIcon specifies which icon to show in server generated directory listings for files with certain extensions. For example, the Web server is set to show the icon binary.gif for files with .bin or .exe extensions.


DefaultIcon specifies the icon displayed in server generated directory listings for files which have no other icon specified. The unknown.gif image file is the default.


When using FancyIndexing as an IndexOptions parameter, the AddDescription directive can be used to display user-specified descriptions for certain files or file types in a server generated directory listings. The AddDescription directive supports listing specific files, wildcard expressions, or file extensions.


ReadmeName names the file which, if it exists in the directory, is appended to the end of server generated directory listings. The Web server first tries to include the file as an HTML document and then try to include it as plain text. By default, ReadmeName is set to README.html.


HeaderName names the file which, if it exists in the directory, is prepended to the start of server generated directory listings. Like ReadmeName, the server tries to include it as an HTML document if possible or in plain text if not.


IndexIgnore lists file extensions, partial file names, wildcard expressions or full filenames. The Web server will not include any files which match any of those parameters in server generated directory listings.


AddEncoding names filename extensions which should specify a particular encoding type. AddEncoding can also be used to instruct some browsers to uncompress certain files as they are downloaded.


AddLanguage associates file name extensions with specific languages. This directive is useful for Apache HTTP Servers which serve content in multiple languages based on the client Web browser’s language settings.


LanguagePriority sets precedence for different languages in case the client Web browser has no language preference set.


Use the AddType directive to define MIME type and file extension pairs. For example, using PHP4, use the AddType directive to make the Web server recognize with PHP file extensions (.php4, .php3 .phtml .php) as PHP MIME types. The following directive tells the Apache HTTP Server to recognize the .shtml file extension:

AddType text/html .shtml

AddHandler server-parsed .shtml


AddHandler maps file extensions to specific handlers. For example, the cgi-script handler can be matched with the extension .cgi to automatically treat a file ending with .cgi as a CGI script. The following is a sample AddHandler directive for the .cgi extension.
AddHandler cgi-script .cgi

This directive enables CGIs outside of the cgi-bin to function in any directory on the server which has the ExecCGI option within the directories container.
In addition to CGI scripts, the AddHandler directive is used to process server-parsed HTML and image-map files.


Action specifies a MIME content type and CGI script pair, so that whenever a file of that media type is requested, a particular CGI script is executed.


The ErrorDocument directive associates an HTTP response code with a message or a URL to be sent back to the client. By default, the Web server outputs a simple and usually cryptic error message when an error occurs. The ErrorDocument directive forces the Web server to instead output a customized message or redirects the client to a local or external URL.


The and tags create a container in which access control based on URL can be specified.
For instance, to allow people connecting from within the server’s domain to see status reports, use the following directives:

SetHandler server-status

Order deny, allow Deny from all

Allow from

Replace with the second-level domain name for the Web server.

To provide server configuration reports (including installed modules and configuration directives) to requests from inside the domain, use the following directives:

SetHandler server-info

Order deny,allow

Deny from all

Allow from

Again, replace with the second-level domain name for the Web server.


To configure the Apache HTTP Server to function as a proxy server, remove the hash marks from the beginning of the line to load the mod_proxy module and set the ProxyRequests directive to On.


and tags create a container which encloses a group of configuration directives meant to apply only to the proxy server. Many directives which are applicable to a directory may be used within tags.


The ProxyVia command controls whether or not an HTTP Via: header line is sent along with requests or replies which go through the Apache proxy server. The Via: header shows the hostname if ProxyVia is set to On, shows the hostname and the Apache HTTP Server version for Full, passes along any Via: lines unchanged for Off, and Via: lines are removed for Block.

Cache Directives

A number of commented cache directives are supplied by the default Apache HTTP Server configuration file. In most cases, uncommenting these lines by removing the hash mark [#] from the beginning of the line is sufficient. The following, however, is a list of some of the more important cache-related directives.

CacheRoot Specifies the name of the directory containing cached files. The default CacheRoot is the /var/httpd/proxy/ directory.

CacheSize Specifies how much space the cache can use in kilobytes. The default CacheSize is 5 KB.

CacheGcInterval Specifies the number of hours which must pass before files in the cache are deleted. The default for CacheGcInterval is 4 hours.

CacheMaxExpire Specifies how long HTML documents are retained (without a reload from the originating Web server) in the cache. The default is 24 hours.

CacheLastModifiedFactor Specifies the creation of an expiry (expiration) date for a document which did not come from its originating server with its own expiry set. The default CacheLastModifiedFactor is set to 0.1, meaning that the expiry date for such documents equals one-tenth of the amount of time since the document was last modified.

CacheDefaultExpire Specifies the expiry time in hours for a document that was received using a protocol that does not support expiry times. The default is set to 1 hour.

NoCache Specifies a list of hosts whose content is not cached.


The NameVirtualHost directive associates an IP address and port number, if necessary, for any name-based virtual hosts. Name-based virtual hosting allows one Apache HTTP Server to serve different domains without using multiple IP addresses.
To enable name-based virtual hosting, uncomment the NameVirtualHost configuration directive and add the correct IP address. Then add more VirtualHost containers for each virtual host.

Related Articles on Apache :

Apache Main Server Configuration

Features of Apache HTTP Server 2.0

Apache Global Environment Configuration

Apache Virtual Hosts Configuration

Securing Apache / http server

Apache Installation