Apache HTTP Server Version 2.0
Apache HTTP Server Version 2.0
| Description: | A collection of directives that are implemented by more than one multi-processing module (MPM) |
|---|---|
| Status: | MPM |
| Description: | Directory where Apache attempts to switch before dumping core |
|---|---|
| Syntax: | CoreDumpDirectory directory |
| Default: | See usage for the default setting |
| Context: | server config |
| Status: | MPM |
| Module: | worker, perchild, prefork, mpm_winnt |
This controls the directory to which Apache attempts to
switch before dumping core. The default is in the
ServerRoot directory, however
since this should not be writable by the user the server runs
as, core dumps won't normally get written. If you want a core
dump for debugging, you can use this directive to place it in a
different location.
| Description: | Group under which the server will answer requests |
|---|---|
| Syntax: | Group unix-group |
| Default: | Group #-1 |
| Context: | server config, virtual host |
| Status: | MPM |
| Module: | worker, perchild, prefork |
The Group directive sets the group under
which the server will answer requests. In order to use this
directive, the stand-alone server must be run initially as root.
Unix-group is one of:
It is recommended that you set up a new group specifically for
running the server. Some admins use user nobody,
but this is not always possible or desirable.
Note: if you start the server as a non-root user, it will fail to change to the specified group, and will instead continue to run as the group of the original user.
Special note: Use of this directive in <VirtualHost> is
no longer supported. To implement the suEXEC wrapper with Apache 2.0, use the
SuexecUserGroup
directive. SECURITY: See User for a discussion of the
security considerations.
| Description: | IP addresses and ports that the server listens to |
|---|---|
| Syntax: | Listen [IP-address:]portnumber |
| Context: | server config |
| Status: | MPM |
| Module: | worker, perchild, prefork, mpm_winnt |
The Listen directive instructs Apache to
listen to only specific IP addresses or ports; by default it
responds to requests on all IP interfaces. The Listen directive is
now a required directive. If it is not in the config file, the
server will fail to start. This is a change from previous versions
of Apache.
The Listen directive tells the server to accept incoming requests on the specified port or address-and-port combination. If only a port number is specified, the server listens to the given port on all interfaces. If an IP address is given as well as a port, the server will listen on the given port and interface.
Multiple Listen directives may be used to specify a number of addresses and ports to listen to. The server will respond to requests from any of the listed addresses and ports.
For example, to make the server accept connections on both port 80 and port 8000, use:
Listen 80
Listen 8000
To make the server accept connections on two specified interfaces and port numbers, use
Listen 192.170.2.1:80
Listen 192.170.2.5:8000
IPv6 addresses must be surrounded in square brackets, as in the following example:
Listen [fe80::a00:20ff:fea7:ccea]:80
| Description: | Maximum length of the queue of pending connections |
|---|---|
| Syntax: | ListenBacklog backlog |
| Default: | ListenBacklog 511 |
| Context: | server config |
| Status: | MPM |
| Module: | worker, perchild, prefork, mpm_winnt |
The maximum length of the queue of pending connections.
Generally no tuning is needed or desired, however on some
systems it is desirable to increase this when under a TCP SYN
flood attack. See the backlog parameter to the
listen(2) system call.
This will often be limited to a smaller number by the operating system. This varies from OS to OS. Also note that many OSes do not use exactly what is specified as the backlog, but use a number based on (but normally larger than) what is set.
| Description: | Location of the accept serialization lock file |
|---|---|
| Syntax: | LockFile filename |
| Default: | LockFile logs/accept.lock |
| Context: | server config |
| Status: | MPM |
| Module: | worker, perchild, prefork |
The LockFile directive sets the path to
the lockfile used when Apache is compiled with either
USE_FCNTL_SERIALIZED_ACCEPT or USE_FLOCK_SERIALIZED_ACCEPT. This
directive should normally be left at its default value. The main
reason for changing it is if the logs directory is
NFS mounted, since the lockfile must be stored on a local
disk. The PID of the main server process is
automatically appended to the filename.
SECURITY: It is best to avoid putting this
file in a world writable directory such as
/var/tmp because someone could create a denial of
service attack and prevent the server from starting by creating
a lockfile with the same name as the one the server will try to
create.
| Description: | Maximum number of child processes that will be created to serve requests |
|---|---|
| Syntax: | MaxClients number |
| Context: | server config |
| Status: | MPM |
| Module: | worker, prefork |
The MaxClients directive sets the limit
on the number of simultaneous requests that will be served. Any
connection attempts over the MaxClients
limit will normally be queued, up to a number based on the
ListenBacklog
directive. Once a child process is freed at the end of a different
request, the connection will then be serviced.
For non-threaded servers (i.e., prefork),
MaxClients translates into the maximum
number of child processes that will be launched to serve requests.
The default value is 256; to increase it, you must also raise
ServerLimit.
For threaded servers (i.e., worker),
MaxClients restricts the total
number of threads that will be available to serve clients.
The default value is 16 multiplied by the value of
ThreadsPerChild.
To increase MaxClients to a value
that requires more than 16 processes, you must also
raise ServerLimit.
| Description: | Maximum amount of memory that the main allocator is allowed to hold without calling free() |
|---|---|
| Syntax: | MaxMemFree number |
| Context: | server config |
| Status: | MPM |
| Module: | worker, prefork, mpm_netware |
The MaxMemFree directive sets the
maximum number of free Kbytes that the main allocator is allowed
to hold without calling free(). When not set, or when set to
zero, the threshold will be set to unlimited.
| Description: | Limit on the number of requests that an individual child server will handle during its life |
|---|---|
| Syntax: | MaxRequestsPerChild number |
| Default: | MaxRequestsPerChild 10000 |
| Context: | server config |
| Status: | MPM |
| Module: | worker, perchild, prefork, mpm_winnt |
The MaxRequestsPerChild directive sets
the limit on the number of requests that an individual child
server process will handle. After
MaxRequestsPerChild requests, the child
process will die. If MaxRequestsPerChild is
0, then the process will never expire.
Setting MaxRequestsPerChild to a
non-zero limit has two beneficial effects:
NOTE: For KeepAlive requests, only the first request is counted towards this limit. In effect, it changes the behavior to limit the number of connections per child.
| Description: | Maximum number of idle threads |
|---|---|
| Syntax: | MaxSpareThreads number |
| Context: | server config |
| Status: | MPM |
| Module: | mpm_netware, perchild, worker |
Maximum number of idle threads. Different MPMs deal with this directive differently.
For perchild the default is
MaxSpareThreads 10. This MPM monitors the number of
idle threads on a per-child basis. If there are too many idle
threads in that child, the server will begin to kill threads
within that child.
For worker the default is
MaxSpareThreads 500. This MPM deals with idle threads
on a server-wide basis. If there are too many idle threads in the
server then child processes are killed until the number of idle
threads is less than this number.
For mpm_netware the default is
MaxSpareThreads 100. Since this MPM runs a
single-process, the spare thread count is also server-wide.
| Description: | Maximum number of threads per child process |
|---|---|
| Syntax: | MaxThreadsPerChild number |
| Default: | MaxThreadsPerChild 64 |
| Context: | server config |
| Status: | MPM |
| Module: | worker, perchild |
Maximum number of threads per child. For MPMs with a
variable number of threads per child, this directive sets the
maximum number of threads that will be created in each child
process. To increase this value beyond its default, it is
necessary to change the value of the compile-time define
HARD_THREAD_LIMIT and recompile the server.
| Description: | Minimum number of idle threads available to handle request spikes |
|---|---|
| Syntax: | MinSpareServers number |
| Context: | server config |
| Status: | MPM |
| Module: | mpm_netware, perchild, worker |
Minimum number of idle threads to handle request spikes. Different MPMs deal with this directive differently.
perchild uses a default of
MinSpareThreads 5 and monitors the number of idle
threads on a per-child basis. If there aren't enough idle threads
in that child, the server will begin to create new threads within
that child.
worker uses a default of MinSpareThreads
250 and deals with idle threads on a server-wide basis. If
there aren't enough idle threads in the server then child
processes are created until the number of idle threads is greater
than number.
mpm_netware uses a default of
MinSpareThreads 10 and, since it is a single-process
MPM, tracks this on a server-wide bases.
| Description: | Total number of children alive at the same time |
|---|---|
| Syntax: | NumServers number |
| Default: | NumServers 2 |
| Context: | server config |
| Status: | MPM |
| Module: | perchild |
Number of children alive at the same time. MPMs that use this directive do not dynamically create new child processes so this number should be large enough to handle the requests for the entire site.
| Description: | File where the server records the process ID of the daemon |
|---|---|
| Syntax: | PidFile filename |
| Default: | PidFile logs/httpd.pid |
| Context: | server config |
| Status: | MPM |
| Module: | worker, perchild, prefork, mpm_winnt |
The PidFile directive sets the file to
which the server records the process id of the daemon. If the
filename does not begin with a slash (/) then it is assumed to be
relative to the ServerRoot.
PidFile /var/run/apache.pid
It is often useful to be able to send the server a signal,
so that it closes and then reopens its ErrorLog and TransferLog, and
re-reads its configuration files. This is done by sending a
SIGHUP (kill -1) signal to the process id listed in the
PidFile.
The PidFile is subject to the same warnings about log file placement and security.
| Description: | Location of the file used to store coordination data for the child processes |
|---|---|
| Syntax: | ScoreBoardFile file-path |
| Default: | ScoreBoardFile logs/apache_status |
| Context: | server config |
| Status: | MPM |
| Module: | worker, perchild, prefork |
Apache uses a scoreboard to communicate between its parent and child processes. Some architectures require a file to facilitate this communication. If the file is left unspecified, Apache first attempts to create the scoreboard entirely in memory (using anonymous shared memory) and, failing that, will attempt to create the file on disk (using file-based shared memory). Specifying this directive causes Apache to always create the file on the disk.
ScoreBoardFile /var/run/apache_status
File-based shared memory is useful for third-party applications that require direct access to the scoreboard.
If you use a ScoreBoardFile then
you may see improved speed by placing it on a RAM disk. But be
careful that you heed the same warnings about log file placement
and security.
| Description: | TCP buffer size |
|---|---|
| Syntax: | SendBufferSize bytes |
| Context: | server config |
| Status: | MPM |
| Module: | worker, perchild, prefork, mpm_winnt |
The server will set the TCP buffer size to the number of bytes specified. Very useful to increase past standard OS defaults on high speed high latency (i.e., 100ms or so, such as transcontinental fast pipes).
| Description: | Upper limit on configurable number of processes |
|---|---|
| Syntax: | ServerLimit number |
| Default: | ServerLimit 256 (prefork), ServerLimit 16 (worker) |
| Context: | server config |
| Status: | MPM |
| Module: | worker, prefork |
For the prefork MPM, this directive sets the
maximum configured value for MaxClients for the lifetime of the
Apache process. For the worker MPM, this directive in combination
with ThreadLimit sets
the maximum configured value for MaxClients for the lifetime of the
Apache process. Any attempts to change this directive during a
restart will be ignored, but MaxClients can be modified during
a restart.
Special care must be taken when using this directive. If
ServerLimit is set to a value much higher
than necessary, extra, unused shared memory will be allocated. If
both ServerLimit and MaxClients are set to values
higher than the system can handle, Apache may not start or the
system may become unstable.
With the prefork MPM, use this directive only
if you need to set MaxClients higher than 256.
Do not set the value of this directive any higher than what you
might want to set MaxClients to.
With the worker MPM, use this directive only
if your MaxClients and
ThreadsPerChild
settings require more than 16 server processes. Do not set the
value of this directive any higher than the number of server
processes required by what you may want for MaxClients and ThreadsPerChild.
| Description: | Number of child server processes created at startup |
|---|---|
| Syntax: | StartServers number |
| Default: | StartServers 5 |
| Context: | server config |
| Status: | MPM |
| Module: | worker |
The StartServers directive sets the
number of child server processes created on startup. As the number
of processes is dynamically controlled depending on the load,
there is usually little reason to adjust this parameter.
| Description: | Nubmer of threads created on startup |
|---|---|
| Syntax: | StartThreads number |
| Context: | server config |
| Status: | MPM |
| Module: | mpm_netware, perchild |
Number of threads created on startup. As the number of threads is dynamically controlled depending on the load, there is usually little reason to adjust this parameter.
For perchild the default is StartThreads
5 and this directive tracks the number of threads per
process at startup.
For mpm_netware the default is
StartThreads 50 and, since there is only a single
process, this is the total number of threads created at startup to
serve requests.
| Description: | Sets the upper limit on the configurable number of threads per child process |
|---|---|
| Syntax: | ThreadLimit number |
| Context: | server config |
| Status: | MPM |
| Module: | mpm_winnt, worker |
This directive sets the maximum configured value for ThreadsPerChild for the lifetime
of the Apache process. Any attempts to change this directive
during a restart will be ignored, but ThreadsPerChild can be modified
during a restart up to the value of this directive.
Special care must be taken when using this directive. If
ThreadLimit is set to a value much higher
than ThreadsPerChild,
extra unused shared memory will be allocated. If both
ThreadLimit and ThreadsPerChild are set to values
higher than the system can handle, Apache may not start or the
system may become unstable. Do not set the value of this directive
any higher than your greatest predicted setting of ThreadsPerChild for the
current run of Apache.
The default value for ThreadLimit is
64 when used with worker and 1920 when used
with mpm_winnt.
| Description: | Number of threads created by each child process |
|---|---|
| Syntax: | ThreadsPerChild number |
| Context: | server config |
| Status: | MPM |
| Module: | worker, mpm_winnt |
This directive sets the number of threads created by each child process. The child creates these threads at startup and never creates more. If using an MPM like mpmt_winnt, where there is only one child process, this number should be high enough to handle the entire load of the server. If using an MPM like worker, where there are multiple child processes, the total number of threads should be high enough to handle the common load on the server.
The default value for this directive is 25 when used with
worker and 64 when used with
mpm_winnt.
| Description: | The userid under which the server will answer requests |
|---|---|
| Syntax: | User unix-userid |
| Default: | User #-1 |
| Context: | server config, virtual host |
| Status: | MPM |
| Module: | worker, perchild, prefork |
The User directive sets the userid as
which the server will answer requests. In order to use this
directive, the standalone server must be run initially as
root. Unix-userid is one of:
The user should have no privileges that result in it being
able to access files that are not intended to be visible to the
outside world, and similarly, the user should not be able to
execute code that is not meant for httpd requests. It is
recommended that you set up a new user and group specifically for
running the server. Some admins use user nobody, but
this is not always desirable, since the nobody user
can have other uses on the system.
Notes: If you start the server as a non-root user, it will fail to change to the lesser privileged user, and will instead continue to run as that original user. If you do start the server as root, then it is normal for the parent process to remain running as root.
Special note: Use of this directive in <VirtualHost> is no longer supported. To
configure your server for suexec use
SuexecUserGroup.
Don't set User
(or Group) to
root unless you know exactly what you are doing, and what
the dangers are.
