diff options
author | Rich Bowen <rbowen@apache.org> | 2002-08-15 15:47:10 +0000 |
---|---|---|
committer | Rich Bowen <rbowen@apache.org> | 2002-08-15 15:47:10 +0000 |
commit | cec5fbaf5b42195c726ba16e61cc3a91a0881177 (patch) | |
tree | b424f17fb1dcf75137b2bf9ae883823def9271d8 /docs | |
parent | 98199c706d924870b944e3672a310a29bb241dee (diff) | |
download | httpd-cec5fbaf5b42195c726ba16e61cc3a91a0881177.tar.gz |
XML-ized versions. Are we supposed to remove the .html files now?
git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@96381 13f79535-47bb-0310-9956-ffa450edef68
Diffstat (limited to 'docs')
-rw-r--r-- | docs/manual/howto/htaccess.html.en | 302 | ||||
-rwxr-xr-x | docs/manual/howto/htaccess.xml | 358 | ||||
-rw-r--r-- | docs/manual/howto/public_html.html.en | 108 | ||||
-rw-r--r-- | docs/manual/howto/public_html.xml | 136 |
4 files changed, 904 insertions, 0 deletions
diff --git a/docs/manual/howto/htaccess.html.en b/docs/manual/howto/htaccess.html.en new file mode 100644 index 0000000000..33e51c11d5 --- /dev/null +++ b/docs/manual/howto/htaccess.html.en @@ -0,0 +1,302 @@ +<html><head><META http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --><title>Apache Tutorial: .htaccess files - Apache HTTP Server</title><link href="../style/manual.css" type="text/css" rel="stylesheet"></head><body><blockquote><div align="center"><img src="../images/sub.gif" alt="[APACHE DOCUMENTATION]"><h3>Apache HTTP Server Version 2.0</h3></div><h1 align="center">Apache Tutorial: .htaccess files</h1> +<p><code>.htaccess</code> files provide a way to make configuration +changes on a per-directory basis.</p> +<ul><li><a href="#related">.htaccess files</a></li><li><a href="#what">What they are/How to use them</a></li><li><a href="#when">When (not) to use .htaccess files</a></li><li><a href="#how">How directives are applied</a></li><li><a href="#auth">Authentication example</a></li><li><a href="#ssi">Server side includes example</a></li><li><a href="#cgi">CGI example</a></li><li><a href="#troubleshoot">Troubleshooting</a></li></ul><hr><h2><a name="related">.htaccess files</a></h2> + <table border="1"><tr><td valign="top"><strong>Related Modules</strong><br><br><code><a href="../mod/core.html">core</a></code><br><code><a href="../mod/mod_auth.html">mod_auth</a></code><br><code><a href="../mod/mod_cgi.html">mod_cgi</a></code><br><code><a href="../mod/mod_includes.html">mod_includes</a></code><br><code><a href="../mod/mod_mime.html">mod_mime</a></code><br></td><td valign="top"><strong>Related Directives</strong><br><br><a href="../mod/core.html#accessfilename" class="directive"><code class="directive">AccessFileName</code></a><br><a href="../mod/core.html#allowoverride" class="directive"><code class="directive">AllowOverride</code></a><br><a href="../mod/core.html#options" class="directive"><code class="directive">Options</code></a><br><a href="../mod/mod_mime.html#addhandler" class="directive"><code class="directive">AddHandler</code></a><br><a href="../mod/core.html#sethandler" class="directive"><code class="directive">SetHandler</code></a><br><a href="../mod/core.html#authtype" class="directive"><code class="directive">AuthType</code></a><br><a href="../mod/core.html#authname" class="directive"><code class="directive">AuthName</code></a><br><a href="../mod/mod_auth.html#authuserfile" class="directive"><code class="directive">AuthUserFile</code></a><br><a href="../mod/mod_auth.html#authgroupfile" class="directive"><code class="directive">AuthGroupFile</code></a><br><a href="../mod/core.html#require" class="directive"><code class="directive">Require</code></a><br></td></tr></table> +<h2><a name="what">What they are/How to use them</a></h2> + + + <p><code>.htaccess</code> files (or "distributed configuration files") + provide a way to make configuration changes on a per-directory basis. A + file, containing one or more configuration directives, is placed in a + particular document directory, and the directives apply to that + directory, and all subdirectories thereof.</p> + +<blockquote><table><tr><td bgcolor="#e0e5f5"> + <p>Note: If you want to call your <code>.htaccess</code> file something + else, you can change the name of the file using the <code><a href="../mod/core.html#accessfilename">AccessFileName</a></code> + directive. For example, if you would rather call the file + <code>.config</code> then you can put the following in your server + configuration file:</p> + + <blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><code> + AccessFileName .config + </code></td></tr></table></blockquote> +</td></tr></table></blockquote> + + <p>What you can put in these files is determined by the <a href="../mod/core.html#allowoverride" class="directive"><code class="directive">AllowOverride</code></a> + directive. This directive specifies, in categories, what directives + will be honored if they are found in a <code>.htaccess</code> file. If + a directive is permitted in a <code>.htaccess</code> file, the + documentation for that directive will contain an Override section, + specifying what value must be in <a href="../mod/core.html#allowoverride" class="directive"><code class="directive">AllowOverride</code></a> in order + for that directive to be permitted.</p> + + <p>For example, if you look at the documentation for the <a href="../mod/core.html#adddefaultcharset" class="directive"><code class="directive">AddDefaultCharset</code></a> + directive, you will find that it is permitted in <code>.htaccess</code> + files. (See the Context line in the directive summary.) The <a href="../mod/directive-dict.html#Context">Override</a> line reads + "<code>FileInfo</code>". Thus, you must have at least + "<code>AllowOverride FileInfo</code>" in order for this directive to be + honored in <code>.htaccess</code> files.</p> + +<blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><p align="center"><strong>Example:</strong></p><code> + + <table> + <tr> + <td><a href="../mod/directive-dict.html#Context">Context:</a></td> + + <td>server config, virtual host, directory, .htaccess</td> + </tr> + + <tr> + <td><a href="../mod/directive-dict.html#Override">Override:</a></td> + + <td>FileInfo</td> + </tr> + </table> +</code></td></tr></table></blockquote> + + + <p>If you are unsure whether a particular directive is permitted in a + <code>.htaccess</code> file, look at the documentation for that + directive, and check the Context line for ".htaccess."</p> + <h2><a name="when">When (not) to use .htaccess files</a></h2> + + + <p>In general, you should never use <code>.htaccess</code> files unless + you don't have access to the main server configuration file. There is, + for example, a prevailing misconception that user authentication should + always be done in <code>.htaccess</code> files. This is simply not the + case. You can put user authentication configurations in the main server + configuration, and this is, in fact, the preferred way to do + things.</p> + + <p><code>.htaccess</code> files should be used in a case where the + content providers need to make configuration changes to the server on a + per-directory basis, but do not have root access on the server system. + In the event that the server administrator is not willing to make + frequent configuration changes, it might be desirable to permit + individual users to make these changes in <code>.htaccess</code> files + for themselves. This is particularly true, for example, in cases where + ISPs are hosting multiple user sites on a single machine, and want + their users to be able to alter their configuration.</p> + + <p>However, in general, use of <code>.htaccess</code> files should be + avoided when possible. Any configuration that you would consider + putting in a <code>.htaccess</code> file, can just as effectively be + made in a <a href="../mod/core.html#directory" class="directive"><code class="directive"><Directory></code></a> section in your main server + configuration file.</p> + + <p>There are two main reasons to avoid the use of + <code>.htaccess</code> files.</p> + + <p>The first of these is performance. When <a href="../mod/core.html#allowoverride" class="directive"><code class="directive">AllowOverride</code></a> + is set to allow the use of <code>.htaccess</code> files, Apache will + look in every directory for <code>.htaccess</code> files. Thus, + permitting <code>.htaccess</code> files causes a performance hit, + whether or not you actually even use them! Also, the + <code>.htaccess</code> file is loaded every time a document is + requested.</p> + + <p>Further note that Apache must look for <code>.htaccess</code> files + in all higher-level directories, in order to have a full complement of + directives that it must apply. (See section on <a href="#how">how + directives are applied</a>.) Thus, if a file is requested out of a + directory <code>/www/htdocs/example</code>, Apache must look for the + following files:</p> + + <blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><code> + /.htaccess<br> + /www/.htaccess<br> + /www/htdocs/.htaccess<br> + /www/htdocs/example/.htaccess + </code></td></tr></table></blockquote> + + <p>And so, for each file access out of that directory, there are 4 + additional file-system accesses, even if none of those files are + present. (Note that this would only be the case if .htaccess files were + enabled for /, which is not usually the case.)</p> + + <p>The second consideration is one of security. You are permitting + users to modify server configuration, which may result in changes over + which you have no control. Carefully consider whether you want to give + your users this privilege. Note also that giving users less + privileges than they need will lead to additional technical support + requests. Make sure you clearly tell your users what level of + privileges you have given them. Specifying exactly what you have set + <code>AllowOverride</code> to, and pointing them to the relevant + documentation, will save yourself a lot of confusion later.</p> + + <p>Note that it is completely equivalent to put a .htaccess file in a + directory <code>/www/htdocs/example</code> containing a directive, and + to put that same directive in a Directory section <code><Directory + /www/htdocs/example></code> in your main server configuration:</p> + + <p><code>.htaccess</code> file in <code>/www/htdocs/example</code>:</p> + + <blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><p align="center"><strong>Contents of .htaccess file in + <code>/www/htdocs/example</code></strong></p><code> + AddType text/example .exm + </code></td></tr></table></blockquote> + + <blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><p align="center"><strong>Section from your <code>httpd.conf</code> + file</strong></p><code> + <Directory /www/htdocs/example><br> + AddType text/example .exm<br> + </Directory> + </code></td></tr></table></blockquote> + + <p>However, putting this configuration in your server configuration + file will result in less of a performance hit, as the configuration is + loaded once when Apache starts, rather than every time a file is + requested.</p> + + <p>The use of <code>.htaccess</code> files can be disabled completely + by setting the <code>AllowOverride</code> directive to "none"</p> + + <blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><code> + AllowOverride None + </code></td></tr></table></blockquote> +<h2><a name="how">How directives are applied</a></h2> + + <p>The configuration directives found in a <code>.htaccess</code> file + are applied to the directory in which the <code>.htaccess</code> file + is found, and to all subdirectories thereof. However, it is important + to also remember that there may have been <code>.htaccess</code> files + in directories higher up. Directives are applied in the order that they + are found. Therefore, a <code>.htaccess</code> file in a particular + directory may override directives found in <code>.htaccess</code> files + found higher up in the directory tree. And those, in turn, may have + overridden directives found yet higher up, or in the main server + configuration file itself.</p> + + <p>Example:</p> + + <p>In the directory <code>/www/htdocs/example1</code> we have a + <code>.htaccess</code> file containing the following:</p> + + <blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><code> + Options +ExecCGI + </code></td></tr></table></blockquote> + + <p>(Note: you must have "<code>AllowOverride Options</code>" in effect + to permit the use of the "<a href="../mod/core.html#options" class="directive"><code class="directive">Options</code></a>" directive in + <code>.htaccess</code> files.)</p> + + <p>In the directory <code>/www/htdocs/example1/example2</code> we have + a <code>.htaccess</code> file containing:</p> + + <blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><code> + Options Includes + </code></td></tr></table></blockquote> + + <p>Because of this second <code>.htaccess</code> file, in the directory + <code>/www/htdocs/example1/example2</code>, CGI execution is not + permitted, as only <code>Options Includes</code> is in effect, which + completely overrides any earlier setting that may have been in + place.</p> +<h2><a name="auth">Authentication example</a></h2> + + <p>If you jumped directly to this part of the document to find out how + to do authentication, it is important to note one thing. There is a + common misconception that you are required to use + <code>.htaccess</code> files in order to implement password + authentication. This is not the case. Putting authentication directives + in a <code><Directory></code> section, in your main server + configuration file, is the preferred way to implement this, and + <code>.htaccess</code> files should be used only if you don't have + access to the main server configuration file. See <a href="#when">above</a> for a discussion of when you should and should + not use <code>.htaccess</code> files.</p> + + <p>Having said that, if you still think you need to use a + <code>.htaccess</code> file, you may find that a configuration such as + what follows may work for you.</p> + + <p>You must have "<code>AllowOverride AuthConfig</code>" in effect for + these directives to be honored.</p> + + <p><code>.htaccess</code> file contents:</p> + + <blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><code> + AuthType Basic<br> + AuthName "Password Required"<br> + AuthUserFile /www/passwords/password.file<br> + AuthGroupFile /www/passwords/group.file<br> + Require Group admins + </code></td></tr></table></blockquote> + + <p>Note that <code>AllowOverride AuthConfig</code> must be in effect + for these directives to have any effect.</p> + + <p>Please see the <a href="auth.html">authentication tutorial</a> for a + more complete discussion of authentication and authorization.</p> +<h2><a name="ssi">Server side includes example</a></h2> + + <p>Another common use of <code>.htaccess</code> files is to enable + Server Side Includes for a particular directory. This may be done with + the following configuration directives, placed in a + <code>.htaccess</code> file in the desired directory:</p> + + <blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><code> + Options +Includes<br> + AddType text/html shtml<br> + AddHandler server-parsed shtml + </code></td></tr></table></blockquote> + + <p>Note that <code>AllowOverride Options</code> and <code>AllowOverride + FileInfo</code> must both be in effect for these directives to have any + effect.</p> + + <p>Please see the <a href="ssi.html">SSI tutorial</a> for a more + complete discussion of server-side includes.</p> +<h2><a name="cgi">CGI example</a></h2> + + <p>Finally, you may wish to use a <code>.htaccess</code> file to permit + the execution of CGI programs in a particular directory. This may be + implemented with the following configuration:</p> + + <blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><code> + Options +ExecCGI<br> + AddHandler cgi-script cgi pl + </code></td></tr></table></blockquote> + + <p>Alternately, if you wish to have all files in the given directory be + considered to be CGI programs, this may be done with the following + configuration:</p> + + <blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><code> + Options +ExecCGI<br> + SetHandler cgi-script + </code></td></tr></table></blockquote> + + <p>Note that <code>AllowOverride Options</code> must be in effect for + these directives to have any effect.</p> + + <p>Please see the <a href="cgi.html">CGI tutorial</a> for a more + complete discussion of CGI programming and configuration.</p> + +<h2><a name="troubleshoot">Troubleshooting</a></h2> + + <p>When you put configuration directives in a <code>.htaccess</code> + file, and you don't get the desired effect, there are a number of + things that may be going wrong.</p> + + <p>Most commonly, the problem is that <a href="../mod/core.html#allowoverride" class="directive"><code class="directive">AllowOverride</code></a> is not + set such that your configuration directives are being honored. Make + sure that you don't have a <code>AllowOverride None</code> in effect + for the file scope in question. A good test for this is to put garbage + in your <code>.htaccess</code> file and reload. If a server error is + not generated, then you almost certainly have <code>AllowOverride + None</code> in effect.</p> + + <p>If, on the other hand, you are getting server errors when trying to + access documents, check your Apache error log. It will likely tell you + that the directive used in your .htaccess file is not permitted. + Alternately, it may tell you that you had a syntax error, which you + will then need to fix.</p> + + <hr></blockquote><h3 align="center">Apache HTTP Server Version 2.0</h3><a href="./"><img src="../images/index.gif" alt="Index"></a><a href="../"><img src="../images/home.gif" alt="Home"></a></body></html>
\ No newline at end of file diff --git a/docs/manual/howto/htaccess.xml b/docs/manual/howto/htaccess.xml new file mode 100755 index 0000000000..b6e804ef4c --- /dev/null +++ b/docs/manual/howto/htaccess.xml @@ -0,0 +1,358 @@ +<?xml version='1.0' encoding='UTF-8' ?> +<!DOCTYPE manualpage SYSTEM "../style/manualpage.dtd"> +<?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?> +<manualpage> +<relativepath href=".."/> + +<title>Apache Tutorial: .htaccess files</title> + +<summary> +<p><code>.htaccess</code> files provide a way to make configuration +changes on a per-directory basis.</p> +</summary> + +<section id="related"><title>.htaccess files</title> + <related> + <modulelist> + <module>core</module> + <module>mod_auth</module> + <module>mod_cgi</module> + <module>mod_includes</module> + <module>mod_mime</module> + </modulelist> + + <directivelist> + <directive module="core">AccessFileName</directive> + <directive module="core">AllowOverride</directive> + <directive module="core">Options</directive> + <directive module="mod_mime">AddHandler</directive> + <directive module="core">SetHandler</directive> + <directive module="core">AuthType</directive> + <directive module="core">AuthName</directive> + <directive module="mod_auth">AuthUserFile</directive> + <directive module="mod_auth">AuthGroupFile</directive> + <directive module="core">Require</directive> + </directivelist> + + </related> +</section> + +<section id="what"> +<title>What they are/How to use them</title> + + <p><code>.htaccess</code> files (or "distributed configuration files") + provide a way to make configuration changes on a per-directory basis. A + file, containing one or more configuration directives, is placed in a + particular document directory, and the directives apply to that + directory, and all subdirectories thereof.</p> + +<note> + <p>Note: If you want to call your <code>.htaccess</code> file something + else, you can change the name of the file using the <code><a + href="../mod/core.html#accessfilename">AccessFileName</a></code> + directive. For example, if you would rather call the file + <code>.config</code> then you can put the following in your server + configuration file:</p> + + <example> + AccessFileName .config + </example> +</note> + + <p>What you can put in these files is determined by the <directive + module="core">AllowOverride</directive> + directive. This directive specifies, in categories, what directives + will be honored if they are found in a <code>.htaccess</code> file. If + a directive is permitted in a <code>.htaccess</code> file, the + documentation for that directive will contain an Override section, + specifying what value must be in <directive + module="core">AllowOverride</directive> in order + for that directive to be permitted.</p> + + <p>For example, if you look at the documentation for the <directive + module="core">AddDefaultCharset</directive> + directive, you will find that it is permitted in <code>.htaccess</code> + files. (See the Context line in the directive summary.) The <a + href="../mod/directive-dict.html#Context">Override</a> line reads + "<code>FileInfo</code>". Thus, you must have at least + "<code>AllowOverride FileInfo</code>" in order for this directive to be + honored in <code>.htaccess</code> files.</p> + +<example><title>Example:</title> + + <table> + <tr> + <td><a + href="../mod/directive-dict.html#Context">Context:</a></td> + + <td>server config, virtual host, directory, .htaccess</td> + </tr> + + <tr> + <td><a + href="../mod/directive-dict.html#Override">Override:</a></td> + + <td>FileInfo</td> + </tr> + </table> +</example> + + + <p>If you are unsure whether a particular directive is permitted in a + <code>.htaccess</code> file, look at the documentation for that + directive, and check the Context line for ".htaccess."</p> + </section> + + <section id="when"> + <title>When (not) to use .htaccess files</title> + + <p>In general, you should never use <code>.htaccess</code> files unless + you don't have access to the main server configuration file. There is, + for example, a prevailing misconception that user authentication should + always be done in <code>.htaccess</code> files. This is simply not the + case. You can put user authentication configurations in the main server + configuration, and this is, in fact, the preferred way to do + things.</p> + + <p><code>.htaccess</code> files should be used in a case where the + content providers need to make configuration changes to the server on a + per-directory basis, but do not have root access on the server system. + In the event that the server administrator is not willing to make + frequent configuration changes, it might be desirable to permit + individual users to make these changes in <code>.htaccess</code> files + for themselves. This is particularly true, for example, in cases where + ISPs are hosting multiple user sites on a single machine, and want + their users to be able to alter their configuration.</p> + + <p>However, in general, use of <code>.htaccess</code> files should be + avoided when possible. Any configuration that you would consider + putting in a <code>.htaccess</code> file, can just as effectively be + made in a <directive module="core" + type="section">Directory</directive> section in your main server + configuration file.</p> + + <p>There are two main reasons to avoid the use of + <code>.htaccess</code> files.</p> + + <p>The first of these is performance. When <directive + module="core">AllowOverride</directive> + is set to allow the use of <code>.htaccess</code> files, Apache will + look in every directory for <code>.htaccess</code> files. Thus, + permitting <code>.htaccess</code> files causes a performance hit, + whether or not you actually even use them! Also, the + <code>.htaccess</code> file is loaded every time a document is + requested.</p> + + <p>Further note that Apache must look for <code>.htaccess</code> files + in all higher-level directories, in order to have a full complement of + directives that it must apply. (See section on <a href="#how">how + directives are applied</a>.) Thus, if a file is requested out of a + directory <code>/www/htdocs/example</code>, Apache must look for the + following files:</p> + + <example> + /.htaccess<br /> + /www/.htaccess<br /> + /www/htdocs/.htaccess<br /> + /www/htdocs/example/.htaccess + </example> + + <p>And so, for each file access out of that directory, there are 4 + additional file-system accesses, even if none of those files are + present. (Note that this would only be the case if .htaccess files were + enabled for /, which is not usually the case.)</p> + + <p>The second consideration is one of security. You are permitting + users to modify server configuration, which may result in changes over + which you have no control. Carefully consider whether you want to give + your users this privilege. Note also that giving users less + privileges than they need will lead to additional technical support + requests. Make sure you clearly tell your users what level of + privileges you have given them. Specifying exactly what you have set + <code>AllowOverride</code> to, and pointing them to the relevant + documentation, will save yourself a lot of confusion later.</p> + + <p>Note that it is completely equivalent to put a .htaccess file in a + directory <code>/www/htdocs/example</code> containing a directive, and + to put that same directive in a Directory section <code><Directory + /www/htdocs/example></code> in your main server configuration:</p> + + <p><code>.htaccess</code> file in <code>/www/htdocs/example</code>:</p> + + <example><title>Contents of .htaccess file in + <code>/www/htdocs/example</code></title> + AddType text/example .exm + </example> + + <example><title>Section from your <code>httpd.conf</code> + file</title> + <Directory /www/htdocs/example><br /> + AddType text/example .exm<br /> + </Directory> + </example> + + <p>However, putting this configuration in your server configuration + file will result in less of a performance hit, as the configuration is + loaded once when Apache starts, rather than every time a file is + requested.</p> + + <p>The use of <code>.htaccess</code> files can be disabled completely + by setting the <code>AllowOverride</code> directive to "none"</p> + + <example> + AllowOverride None + </example> +</section> + +<section id="how"><title>How directives are applied</title> + + <p>The configuration directives found in a <code>.htaccess</code> file + are applied to the directory in which the <code>.htaccess</code> file + is found, and to all subdirectories thereof. However, it is important + to also remember that there may have been <code>.htaccess</code> files + in directories higher up. Directives are applied in the order that they + are found. Therefore, a <code>.htaccess</code> file in a particular + directory may override directives found in <code>.htaccess</code> files + found higher up in the directory tree. And those, in turn, may have + overridden directives found yet higher up, or in the main server + configuration file itself.</p> + + <p>Example:</p> + + <p>In the directory <code>/www/htdocs/example1</code> we have a + <code>.htaccess</code> file containing the following:</p> + + <example> + Options +ExecCGI + </example> + + <p>(Note: you must have "<code>AllowOverride Options</code>" in effect + to permit the use of the "<directive + module="core">Options</directive>" directive in + <code>.htaccess</code> files.)</p> + + <p>In the directory <code>/www/htdocs/example1/example2</code> we have + a <code>.htaccess</code> file containing:</p> + + <example> + Options Includes + </example> + + <p>Because of this second <code>.htaccess</code> file, in the directory + <code>/www/htdocs/example1/example2</code>, CGI execution is not + permitted, as only <code>Options Includes</code> is in effect, which + completely overrides any earlier setting that may have been in + place.</p> +</section> + +<section id="auth"><title>Authentication example</title> + + <p>If you jumped directly to this part of the document to find out how + to do authentication, it is important to note one thing. There is a + common misconception that you are required to use + <code>.htaccess</code> files in order to implement password + authentication. This is not the case. Putting authentication directives + in a <code><Directory></code> section, in your main server + configuration file, is the preferred way to implement this, and + <code>.htaccess</code> files should be used only if you don't have + access to the main server configuration file. See <a + href="#when">above</a> for a discussion of when you should and should + not use <code>.htaccess</code> files.</p> + + <p>Having said that, if you still think you need to use a + <code>.htaccess</code> file, you may find that a configuration such as + what follows may work for you.</p> + + <p>You must have "<code>AllowOverride AuthConfig</code>" in effect for + these directives to be honored.</p> + + <p><code>.htaccess</code> file contents:</p> + + <example> + AuthType Basic<br /> + AuthName "Password Required"<br /> + AuthUserFile /www/passwords/password.file<br /> + AuthGroupFile /www/passwords/group.file<br /> + Require Group admins + </example> + + <p>Note that <code>AllowOverride AuthConfig</code> must be in effect + for these directives to have any effect.</p> + + <p>Please see the <a href="auth.html">authentication tutorial</a> for a + more complete discussion of authentication and authorization.</p> +</section> + +<section id="ssi"><title>Server side includes example</title> + + <p>Another common use of <code>.htaccess</code> files is to enable + Server Side Includes for a particular directory. This may be done with + the following configuration directives, placed in a + <code>.htaccess</code> file in the desired directory:</p> + + <example> + Options +Includes<br /> + AddType text/html shtml<br /> + AddHandler server-parsed shtml + </example> + + <p>Note that <code>AllowOverride Options</code> and <code>AllowOverride + FileInfo</code> must both be in effect for these directives to have any + effect.</p> + + <p>Please see the <a href="ssi.html">SSI tutorial</a> for a more + complete discussion of server-side includes.</p> +</section> + +<section id="cgi"><title>CGI example</title> + + <p>Finally, you may wish to use a <code>.htaccess</code> file to permit + the execution of CGI programs in a particular directory. This may be + implemented with the following configuration:</p> + + <example> + Options +ExecCGI<br /> + AddHandler cgi-script cgi pl + </example> + + <p>Alternately, if you wish to have all files in the given directory be + considered to be CGI programs, this may be done with the following + configuration:</p> + + <example> + Options +ExecCGI<br /> + SetHandler cgi-script + </example> + + <p>Note that <code>AllowOverride Options</code> must be in effect for + these directives to have any effect.</p> + + <p>Please see the <a href="cgi.html">CGI tutorial</a> for a more + complete discussion of CGI programming and configuration.</p> + +</section> + +<section id="troubleshoot"><title>Troubleshooting</title> + + <p>When you put configuration directives in a <code>.htaccess</code> + file, and you don't get the desired effect, there are a number of + things that may be going wrong.</p> + + <p>Most commonly, the problem is that <directive + module="core">AllowOverride</directive> is not + set such that your configuration directives are being honored. Make + sure that you don't have a <code>AllowOverride None</code> in effect + for the file scope in question. A good test for this is to put garbage + in your <code>.htaccess</code> file and reload. If a server error is + not generated, then you almost certainly have <code>AllowOverride + None</code> in effect.</p> + + <p>If, on the other hand, you are getting server errors when trying to + access documents, check your Apache error log. It will likely tell you + that the directive used in your .htaccess file is not permitted. + Alternately, it may tell you that you had a syntax error, which you + will then need to fix.</p> + + </section> + +</manualpage> diff --git a/docs/manual/howto/public_html.html.en b/docs/manual/howto/public_html.html.en new file mode 100644 index 0000000000..df80be4fec --- /dev/null +++ b/docs/manual/howto/public_html.html.en @@ -0,0 +1,108 @@ +<html><head><META http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --><title>Per-user web directories - Apache HTTP Server</title><link href="../style/manual.css" type="text/css" rel="stylesheet"></head><body><blockquote><div align="center"><img src="../images/sub.gif" alt="[APACHE DOCUMENTATION]"><h3>Apache HTTP Server Version 2.0</h3></div><h1 align="center">Per-user web directories</h1> +<p>On systems with multiple users, each user can be permitted to have a + web site in their home directory using the <a href="../mod/mod_userdir.html#userdir" class="directive"><code class="directive">UserDir</code></a> directive. Visitors + to a URL <code>http://example.com/~username/</code> will get content + out of the home directory of the user "<code>username</code>", out of + the subdirectory specified by the <a href="../mod/mod_userdir.html#userdir" class="directive"><code class="directive">UserDir</code></a> directive.</p> + +<ul><li><a href="#related">Per-user web directories</a></li><li><a href="#userdir">Setting the file path with <a href="../mod/mod_userdir.html#userdir" class="directive"><code class="directive">UserDir</code></a></a></li><li><a href="#enable">Restricting what users are permitted to use this + feature</a></li><li><a href="#cgi">Enabling a cgi directory for each user</a></li><li><a href="#htaccess">Allowing users to alter configuration</a></li></ul><hr><h2><a name="related">Per-user web directories</a></h2> + + <table border="1"><tr><td valign="top"><strong>Related Modules</strong><br><br><code><a href="../mod/mod_userdir.html">mod_userdir</a></code><br></td><td valign="top"><strong>Related Directives</strong><br><br><a href="../mod/mod_userdir.html#userdir" class="directive"><code class="directive">UserDir</code></a><br><a href="../mod/core.html#directorymatch" class="directive"><code class="directive">DirectoryMatch</code></a><br><a href="../mod/core.html#allowoverride" class="directive"><code class="directive">AllowOverride</code></a><br></td></tr></table> + <h2><a name="userdir">Setting the file path with <a href="../mod/mod_userdir.html#userdir" class="directive"><code class="directive">UserDir</code></a></a></h2> + + + <p>The <a href="../mod/mod_userdir.html#userdir" class="directive"><code class="directive">UserDir</code></a> + directive specifies a directory out of which per-user + content is loaded. This directive may take several different forms.</p> + + <p>If a path is given which does not start with a leading slash, it is + assumed to be a directory path relative to the home directory of the + specified user. Given this configuration:</p> + + <blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><code> + UserDir public_html + </code></td></tr></table></blockquote> + + <p>the URL <code>http://example.com/~rbowen/file.html</code> will be + translated to the file path + <code>/home/rbowen/public_html/file.html</code></p> + + <p>If a path is given starting with a slash, a directory path will be + constructed using that path, plus the username specified. Given this + configuration:</p> + + <blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><code> + UserDir /var/html + </code></td></tr></table></blockquote> + + <p>the URL <code>http://example.com/~rbowen/file.html</code> will be + translated to the file path <code>/var/html/rbowen/file.html</code></p> + + <p>If a path is provided which contains an asterisk (*), a path is used + in which the asterisk is replaced with the username. Given this + configuration:</p> + + <blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><code> + UserDir /var/www/*/docs + </code></td></tr></table></blockquote> + + <p>the URL <code>http://example.com/~rbowen/file.html</code> will be + translated to the file path + <code>/var/www/rbowen/docs/file.html</code></p> + + <h2><a name="enable">Restricting what users are permitted to use this + feature</a></h2> + + + <p>Using the syntax show in the UserDir documentation, you can restrict + what users are permitted to use this functionality:</p> + + <blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><code> + UserDir enabled<br> + UserDir disabled root jro fish + </code></td></tr></table></blockquote> + + <p>The configuration above will enable the feature for all users + except for those listed in the <code>disabled</code> statement. + You can, likewise, disable the feature for all but a few users by + using a configuration like the following:</p> + + <blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><code> + UserDir disabled<br> + UserDir enabled rbowen krietz + </code></td></tr></table></blockquote> + + <p>See <a href="../mod/userdir.html#userdir" class="directive"><code class="directive">UserDir</code></a> + documentation for additional examples.</p> + + <h2><a name="cgi">Enabling a cgi directory for each user</a></h2> + + + <p>In order to give each user their own cgi-bin directory, you can use + a <a href="../mod/core.html#directorymatch" class="directive"><code class="directive">DirectoryMatch</code></a> + directive to make a particular subdirectory of a user's home directory + cgi-enabled.</p> + + <blockquote><table cellpadding="10"><tr><td bgcolor="#eeeeee"><code> + <DirectoryMatch /home/*/cgi-bin/><br> + Options +ExecCGI<br> + SetHandler cgi-script<br> + </DirectoryMatch> + </code></td></tr></table></blockquote> + + <h2><a name="htaccess">Allowing users to alter configuration</a></h2> + + + <p>If you want to allows users to modify the server configuration in + their web space, they will need to use <code>.htaccess</code> files to + make these changed. Ensure that you have set <a href="../mod/core.html#allowoverride" class="directive"><code class="directive">AllowOverride</code></a> to a + value sufficient for the directives that you want to permit the users + to modify. See the <a href="htaccess.html">.htaccess tutorial</a> for + additional details on how this works.</p> + + <hr></blockquote><h3 align="center">Apache HTTP Server Version 2.0</h3><a href="./"><img src="../images/index.gif" alt="Index"></a><a href="../"><img src="../images/home.gif" alt="Home"></a></body></html>
\ No newline at end of file diff --git a/docs/manual/howto/public_html.xml b/docs/manual/howto/public_html.xml new file mode 100644 index 0000000000..b2bf17d606 --- /dev/null +++ b/docs/manual/howto/public_html.xml @@ -0,0 +1,136 @@ +<?xml version='1.0' encoding='UTF-8' ?> +<!DOCTYPE manualpage SYSTEM "../style/manualpage.dtd"> +<?xml-stylesheet type="text/xsl" href="../style/manual.en.xsl"?> +<manualpage> +<relativepath href=".."/> + + <title>Per-user web directories</title> + +<summary> +<p>On systems with multiple users, each user can be permitted to have a + web site in their home directory using the <directive + module="mod_userdir">UserDir</directive> directive. Visitors + to a URL <code>http://example.com/~username/</code> will get content + out of the home directory of the user "<code>username</code>", out of + the subdirectory specified by the <directive + module="mod_userdir">UserDir</directive> directive.</p> + +</summary> + + <section id="related"> + <title>Per-user web directories</title> + <related> + <modulelist> + <module>mod_userdir</module> + </modulelist> + <directivelist> + <directive module="mod_userdir">UserDir</directive> + <directive module="core">DirectoryMatch</directive> + <directive module="core">AllowOverride</directive> + </directivelist> + </related> + </section> + + <section id="userdir"> + <title>Setting the file path with <directive + module="mod_userdir">UserDir</directive></title> + + <p>The <directive module="mod_userdir">UserDir</directive> + directive specifies a directory out of which per-user + content is loaded. This directive may take several different forms.</p> + + <p>If a path is given which does not start with a leading slash, it is + assumed to be a directory path relative to the home directory of the + specified user. Given this configuration:</p> + + <example> + UserDir public_html + </example> + + <p>the URL <code>http://example.com/~rbowen/file.html</code> will be + translated to the file path + <code>/home/rbowen/public_html/file.html</code></p> + + <p>If a path is given starting with a slash, a directory path will be + constructed using that path, plus the username specified. Given this + configuration:</p> + + <example> + UserDir /var/html + </example> + + <p>the URL <code>http://example.com/~rbowen/file.html</code> will be + translated to the file path <code>/var/html/rbowen/file.html</code></p> + + <p>If a path is provided which contains an asterisk (*), a path is used + in which the asterisk is replaced with the username. Given this + configuration:</p> + + <example> + UserDir /var/www/*/docs + </example> + + <p>the URL <code>http://example.com/~rbowen/file.html</code> will be + translated to the file path + <code>/var/www/rbowen/docs/file.html</code></p> + + </section> + + <section id="enable"> + <title>Restricting what users are permitted to use this + feature</title> + + <p>Using the syntax show in the UserDir documentation, you can restrict + what users are permitted to use this functionality:</p> + + <example> + UserDir enabled<br /> + UserDir disabled root jro fish + </example> + + <p>The configuration above will enable the feature for all users + except for those listed in the <code>disabled</code> statement. + You can, likewise, disable the feature for all but a few users by + using a configuration like the following:</p> + + <example> + UserDir disabled<br /> + UserDir enabled rbowen krietz + </example> + + <p>See <directive module="userdir">UserDir</directive> + documentation for additional examples.</p> + + </section> + + <section id="cgi"> + <title>Enabling a cgi directory for each user</title> + + <p>In order to give each user their own cgi-bin directory, you can use + a <directive module="core">DirectoryMatch</directive> + directive to make a particular subdirectory of a user's home directory + cgi-enabled.</p> + + <example> + <DirectoryMatch /home/*/cgi-bin/><br /> + Options +ExecCGI<br /> + SetHandler cgi-script<br /> + </DirectoryMatch> + </example> + + </section> + + <section id="htaccess"> + <title>Allowing users to alter configuration</title> + + <p>If you want to allows users to modify the server configuration in + their web space, they will need to use <code>.htaccess</code> files to + make these changed. Ensure that you have set <directive + module="core">AllowOverride</directive> to a + value sufficient for the directives that you want to permit the users + to modify. See the <a href="htaccess.html">.htaccess tutorial</a> for + additional details on how this works.</p> + + </section> + +</manualpage> |