diff options
author | 2015-11-30 01:45:08 -0500 | |
---|---|---|
committer | 2015-11-30 01:45:08 -0500 | |
commit | e8ec7aa8e38a93f5b034ac74cebce5de23710317 (patch) | |
tree | aa031937bf856c1f8d6ad7877b8d2cb0224da5ef /rubbos/app/httpd-2.0.64/docs/manual/misc | |
parent | cc40af334e619bb549038238507407866f774f8f (diff) |
upload http
JIRA: BOTTLENECK-10
Change-Id: I7598427ff904df438ce77c2819ee48ac75ffa8da
Signed-off-by: hongbotian <hongbo.tianhongbo@huawei.com>
Diffstat (limited to 'rubbos/app/httpd-2.0.64/docs/manual/misc')
27 files changed, 10864 insertions, 0 deletions
diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/custom_errordocs.html b/rubbos/app/httpd-2.0.64/docs/manual/misc/custom_errordocs.html new file mode 100644 index 00000000..23ab34ae --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/custom_errordocs.html @@ -0,0 +1,5 @@ +# GENERATED FROM XML -- DO NOT EDIT + +URI: custom_errordocs.html.en +Content-Language: en +Content-type: text/html; charset=ISO-8859-1 diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/custom_errordocs.html.en b/rubbos/app/httpd-2.0.64/docs/manual/misc/custom_errordocs.html.en new file mode 100644 index 00000000..fc2ccd8e --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/custom_errordocs.html.en @@ -0,0 +1,577 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>International Customized Server Error Messages - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>International Customized Server Error Messages</h1> +<div class="toplang"> +<p><span>Available Languages: </span><a href="../en/misc/custom_errordocs.html" title="English"> en </a></p> +</div> + + + <div class="warning"><h3>Warning:</h3> + <p>This document has not been fully updated + to take into account changes made in the 2.0 version of the + Apache HTTP Server. Some of the information may still be + relevant, but please use it with care.</p> + </div> + + <p>This document describes an easy way to provide your Apache + HTTP Server with a set of customized error messages which take + advantage of <a href="../content-negotiation.html">Content + Negotiation</a> and <code class="module"><a href="../mod/mod_include.html">mod_include</a></code> to return + error messages generated by the server in the client's native + language.</p> + + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#intro">Introduction</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#createdir">Creating an ErrorDocument directory</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#proxy">Customizing Proxy Error Messages</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#listings">HTML Listing of the Discussed Example</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="intro" id="intro">Introduction</a></h2> + + + + <p>By using SSI, all <code class="directive"><a href="../mod/core.html#errordocument">ErrorDocument</a></code> messages + can share a homogenous and consistent style and layout, and + maintenance work (changing images, changing links) is kept to a + minimum because all layout information can be kept in a single + file.</p> + + <p>Error documents can be shared across different servers, or + even hosts, because all varying information is inserted at the + time the error document is returned on behalf of a failed + request.</p> + + <p>Content Negotiation then selects the appropriate language + version of a particular error message text, honoring the + language preferences passed in the client's request. (Users + usually select their favorite languages in the preferences + options menu of today's browsers). When an error document in + the client's primary language version is unavailable, the + secondary languages are tried or a default (fallback) version + is used.</p> + + <p>You have full flexibility in designing your error documents + to your personal taste (or your company's conventions). For + demonstration purposes, we present a simple generic error + document scheme. For this hypothetic server, we assume that all + error messages...</p> + + <ul> + <li>possibly are served by different virtual hosts (different + host name, different IP address, or different port) on the + server machine,</li> + + <li>show a predefined company logo in the right top of the + message (selectable by virtual host),</li> + + <li>print the error title first, followed by an explanatory + text and (depending on the error context) help on how to + resolve the error,</li> + + <li>have some kind of standardized background image,</li> + + <li>display an apache logo and a feedback email address at + the bottom of the error message.</li> + </ul> + + <p>An example of a "document not found" message for a german + client might look like this:</p> + + <p><img src="../images/custom_errordocs.gif" alt="[Needs graphics capability to display]" /></p> + + <p>All links in the document as well as links to the server's + administrator mail address, and even the name and port of the + serving virtual host are inserted in the error document at + "run-time", i.e., when the error actually occurs.</p> + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="createdir" id="createdir">Creating an ErrorDocument directory</a></h2> + + + + <p>For this concept to work as easily as possible, we must take + advantage of as much server support as we can get:</p> + + <ol> + <li>By defining the MultiViews <code class="directive"><a href="../mod/core.html#options">Options</a></code>, we + enable the language selection of the most appropriate + language alternative (content negotiation).</li> + + <li>By setting the <code class="directive"><a href="../mod/mod_negotiation.html#languagepriority">LanguagePriority</a></code> + directive we define a set of default fallback languages in + the situation where the client's browser did not express any + preference at all.</li> + + <li>By enabling <code class="module"><a href="../mod/mod_include.html">mod_include</a></code> + (and disallowing execution of cgi scripts for + security reasons), we allow the server to include building + blocks of the error message, and to substitute the value of + certain environment variables into the generated document + (dynamic HTML) or even to conditionally include or omit parts + of the text.</li> + + <li>The <code class="directive"><a href="../mod/mod_mime.html#addhandler">AddHandler</a></code> and <code class="directive"><a href="../mod/mod_mime.html#addtype">AddType</a></code> directives + are useful for automatically SSI-expanding all files with a + <code>.shtml</code> suffix to <em>text/html</em>.</li> + + <li>By using the <code class="directive"><a href="../mod/mod_alias.html#alias">Alias</a></code> directive, we + keep the error document directory outside of the document + tree because it can be regarded more as a server part than + part of the document tree.</li> + + <li>The <code class="directive"><a href="../mod/core.html#directory"><Directory></a></code> block + restricts these "special" settings to the error document + directory and avoids an impact on any of the settings for the + regular document tree.</li> + + <li>For each of the error codes to be handled (see RFC2068 + for an exact description of each error code, or look at + <code>src/main/http_protocol.c</code> if you wish to see + apache's standard messages), an <code class="directive"><a href="../mod/core.html#errordocument">ErrorDocument</a></code> in + the aliased <code>/errordocs</code> directory is defined. + Note that we only define the basename of the document here + because the MultiViews option will select the best candidate + based on the language suffixes and the client's preferences. + Any error situation with an error code <em>not</em> handled + by a custom document will be dealt with by the server in the + standard way (<em>i.e.</em>, a plain error message in + english).</li> + + <li>Finally, the <code class="directive"><a href="../mod/core.html#allowoverride">AllowOverride</a></code> directive tells + apache that it is not necessary to look for a .htaccess file + in the /errordocs directory: a minor speed optimization.</li> + </ol> + + <p>The resulting <code>httpd.conf</code> configuration would then + look similar to this:</p> + + <div class="note"><h3>Note</h3>Note that you can define your own + error messages using this method for only part of the document + tree, e.g., a /~user/ subtree. In this case, the configuration + could as well be put into the .htaccess file at the root of the + subtree, and the <Directory> and </Directory> + directives -but not the contained directives- must be + omitted.</div> + +<div class="example"><p><code> + LanguagePriority en fr de <br /> + Alias /errordocs /usr/local/apache/errordocs <br /> + <br /> + <Directory /usr/local/apache/errordocs> <br /> + <span class="indent"> + AllowOverride none <br /> + Options MultiViews IncludesNoExec FollowSymLinks <br /> + AddType text/html .shtml <br /> + <FilesMatch "\.shtml[.$]"> <br /> + <span class="indent"> + SetOutputFilter INCLUDES <br /> + </span> + </FilesMatch> <br /> + </span> + </Directory> <br /> + <br /> + # "400 Bad Request", <br /> + ErrorDocument 400 /errordocs/400 <br /> + # "401 Authorization Required", <br /> + ErrorDocument 401 /errordocs/401 <br /> + # "403 Forbidden", <br /> + ErrorDocument 403 /errordocs/403 <br /> + # "404 Not Found", <br /> + ErrorDocument 404 /errordocs/404 <br /> + # "500 Internal Server Error", <br /> + ErrorDocument 500 /errordocs/500 <br /> +</code></p></div> + + <p>The directory for the error messages (here: + <code>/usr/local/apache/errordocs/</code>) must then be created + with the appropriate permissions (readable and executable by + the server uid or gid, only writable for the administrator).</p> + + <h3><a name="naming" id="naming">Naming the Individual Error Document files</a></h3> + + + + <p>By defining the <code>MultiViews</code> option, the server was + told to automatically scan the directory for matching variants + (looking at language and content type suffixes) when a + requested document was not found. In the configuration, we + defined the names for the error documents to be just their + error number (without any suffix).</p> + + <p>The names of the individual error documents are now + determined like this (I'm using 403 as an example, think of it + as a placeholder for any of the configured error + documents):</p> + + <ul> + <li>No file errordocs/403 should exist. Otherwise, it would + be found and served (with the DefaultType, usually + text/plain), all negotiation would be bypassed.</li> + + <li>For each language for which we have an internationalized + version (note that this need not be the same set of languages + for each error code - you can get by with a single language + version until you actually <em>have</em> translated + versions), a document + <code>errordocs/403.shtml.<em>lang</em></code> is created and + filled with the error text in that language (<a href="#createdocs">see below</a>).</li> + + <li>One fallback document called + <code>errordocs/403.shtml</code> is created, usually by + creating a symlink to the default language variant (<a href="#fallback">see below</a>).</li> + </ul> + + + <h3><a name="headfoot" id="headfoot">The Common Header and Footer Files</a></h3> + + + + <p>By putting as much layout information in two special "include + files", the error documents can be reduced to a bare minimum.</p> + + <p>One of these layout files defines the HTML document header + and a configurable list of paths to the icons to be shown in + the resulting error document. These paths are exported as a set + of SSI environment variables and are later evaluated by the + "footer" special file. The title of the current error (which is + put into the TITLE tag and an H1 header) is simply passed in + from the main error document in a variable called + <code>title</code>.</p> + + <p><strong>By changing this file, the layout of all generated + error messages can be changed in a second.</strong> (By + exploiting the features of SSI, you can easily define + different layouts based on the current virtual host, or even + based on the client's domain name).</p> + + <p>The second layout file describes the footer to be displayed + at the bottom of every error message. In this example, it shows + an apache logo, the current server time, the server version + string and adds a mail reference to the site's webmaster.</p> + + <p>For simplicity, the header file is simply called + <code>head.shtml</code> because it contains server-parsed + content but no language specific information. The footer file + exists once for each language translation, plus a symlink for + the default language.</p> + +<div class="example"><p><code> +for English, French and German versions (default english) <br /> +<br /> +foot.shtml.en, <br /> +foot.shtml.fr, <br /> +foot.shtml.de, <br /> +foot.shtml symlink to <br /> +foot.shtml.en +</code></p></div> + + <p>Both files are included into the error document by using the + directives <code><!--#include virtual="head" --></code> + and <code><!--#include virtual="foot" --></code> + respectively: the rest of the magic occurs in mod_negotiation + and in mod_include.</p> + + <p>See <a href="#listings">the listings below</a> to see an + actual HTML implementation of the discussed example.</p> + + + <h3><a name="createdocs" id="createdocs">Creating ErrorDocuments in Different Languages</a></h3> + + + + <p>After all this preparation work, little remains to be said + about the actual documents. They all share a simple common + structure:</p> + +<div class="example"><p><code> +<!--#set var="title" value="<em>error description title</em>" --> <br /> +<!--#include virtual="head" --> <br /> +<span class="indent"> + <em>explanatory error text</em> <br /> +</span> +<!--#include virtual="foot" --> +</code></p></div> + + <p>In the <a href="#listings">listings section</a>, you can see an + example of a [400 Bad Request] error document. Documents as + simple as that certainly cause no problems to translate or + expand.</p> + + + <h3><a name="fallback" id="fallback">The Fallback Language</a></h3> + + + + <p>Do we need a special handling for languages other than those we + have translations for? We did set the LanguagePriority, didn't + we?!</p> + + <p>Well, the LanguagePriority directive is for the case where + the client does not express any language priority at all. But + what happens in the situation where the client wants one of the + languages we do not have, and none of those we do have?</p> + + <p>Without doing anything, the Apache server will usually + return a [406 no acceptable variant] error, listing the choices + from which the client may select. But we're in an error message + already, and important error information might get lost when + the client had to choose a language representation first.</p> + + <p>So, in this situation it appears to be easier to define a + fallback language (by copying or linking, <em>e.g.</em>, the + english version to a language-less version). Because the + negotiation algorithm prefers "more specialized" variants over + "more generic" variants, these generic alternatives will only + be chosen when the normal negotiation did not succeed.</p> + + <p>A simple shell script to do it (execute within the + errordocs/ dir):</p> + +<div class="example"><p><code> + for f in *.shtml.en <br /> + do <br /> + <span class="indent"> + ln -s $f `basename $f .en` <br /> + </span> + done +</code></p></div> + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="proxy" id="proxy">Customizing Proxy Error Messages</a></h2> + + + + <p>As of Apache-1.3, it is possible to use the + <code>ErrorDocument</code> mechanism for proxy error messages + as well (previous versions always returned fixed predefined + error messages).</p> + + <p>Most proxy errors return an error code of [500 Internal + Server Error]. To find out whether a particular error document + was invoked on behalf of a proxy error or because of some other + server error, and what the reason for the failure was, you can + check the contents of the new <code>ERROR_NOTES</code> CGI + environment variable: if invoked for a proxy error, this + variable will contain the actual proxy error message text in + HTML form.</p> + + <p>The following excerpt demonstrates how to exploit the + <code>ERROR_NOTES</code> variable within an error document:</p> + +<div class="example"><p><code> + <!--#if expr="$REDIRECT_ERROR_NOTES = ''" --> <br /> + <br /> + <p> <br /> + <span class="indent"> + The server encountered an unexpected condition <br /> + which prevented it from fulfilling the request. <br /> + </span> + </p> <br /> +<br /> + <p> <br /> + <span class="indent"> + <a href="mailto:<!--#echo var="SERVER_ADMIN" -->" <br /> + SUBJECT="Error message [<!--#echo var="REDIRECT_STATUS" -->] <!--#echo var="title" --> for <!--#echo var="REQUEST_URI" -->"> <br /> + Please forward this error screen to <!--#echo var="SERVER_NAME" -->'s <br /> + WebMaster</a>; it includes useful debugging information about <br /> + the Request which caused the error. <br /> +<br /> + <pre><!--#printenv --></pre> <br /> + </span> + </p> <br /> + <br /> + <!--#else --> <br /> + <span class="indent"> + <!--#echo var="REDIRECT_ERROR_NOTES" --><br /> + </span> +<br /> + <!--#endif --> +</code></p></div> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="listings" id="listings">HTML Listing of the Discussed Example</a></h2> + + + + <p>So, to summarize our example, here's the complete listing of + the <code>400.shtml.en</code> document. You will notice that it + contains almost nothing but the error text (with conditional + additions). Starting with this example, you will find it easy + to add more error documents, or to translate the error + documents to different languages.</p> + +<div class="example"><p><code> +<!--#set var="title" value="Bad Request"--> <br /> +<!--#include virtual="head" --><br /> +<br /> + <p> <br /> + <span class="indent"> + Your browser sent a request that this server could not understand: <br /> + <blockquote> <br /> + <span class="indent"> + <strong><!--#echo var="REQUEST_URI" --></strong><br /> + </span> + </blockquote> <br /> + <br /> + The request could not be understood by the server due to malformed <br /> + syntax. The client should not repeat the request without <br /> + modifications. <br /> + </span> + </p> <br /> +<br /> + <p> <br /> + <span class="indent"> + <!--#if expr="$HTTP_REFERER != ''" --> <br /> + <span class="indent"> + Please inform the owner of <br /> + <a href="<!--#echo var="HTTP_REFERER" -->">the referring page</a> about <br /> + the malformed link. <br /> + </span> + <br /> + <!--#else --> <br /> + <span class="indent"> + Please check your request for typing errors and retry. <br /> + </span> + <br /> + <!--#endif --> <br /> + </span> + </p> <br /> +<br /> +<!--#include virtual="foot" --> +</code></p></div> + + <p>Here is the complete <code>head.shtml.en</code> file (the funny + line breaks avoid empty lines in the document after SSI + processing). Note the configuration section at top. That's + where you configure the images and logos as well as the apache + documentation directory. Look how this file displays two + different logos depending on the content of the virtual host + name ($SERVER_NAME), and that an animated apache logo is shown + if the browser appears to support it (the latter requires + server configuration lines of the form </p> + + <div class="example"><p><code>BrowserMatch "^Mozilla/[2-4]" anigif</code></p></div> + + <p>for browser types which support animated GIFs).</p> + +<div class="example"><p><code> +<!--#if expr="$SERVER_NAME = /.*\.mycompany\.com/" --><br /> +<span class="indent"> +<!--#set var="IMG_CorpLogo" value="http://$SERVER_NAME:$SERVER_PORT/errordocs/CorpLogo.gif" --><br /> +<!--#set var="ALT_CorpLogo" value="Powered by Linux!" --><br /> +</span> +<br /> +<!--#else --> <br /> +<span class="indent"> +<!--#set var="IMG_CorpLogo" value="http://$SERVER_NAME:$SERVER_PORT/errordocs/PrivLogo.gif" --> <br /> +<!--#set var="ALT_CorpLogo" value="Powered by Linux!" --> <br /> +</span> +<!--#endif--> <br /> +<br /> +<!--#set var="IMG_BgImage" value="http://$SERVER_NAME:$SERVER_PORT/errordocs/BgImage.gif" --> <br /> +<!--#set var="DOC_Apache" value="http://$SERVER_NAME:$SERVER_PORT/Apache/" --> <br /> +<br /> +<!--#if expr="$anigif" --> <br /> +<span class="indent"> +<!--#set var="IMG_Apache" value="http://$SERVER_NAME:$SERVER_PORT/icons/apache_anim.gif" --> <br /> +</span> +<!--#else--><br /> +<span class="indent"> +<!--#set var="IMG_Apache" value="http://$SERVER_NAME:$SERVER_PORT/icons/apache_pb.gif" --><br /> +</span> +<!--#endif--><br /> +<br /> + +<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN"> <br /> +<html> <br /> +<head> <br /> + <span class="indent"> + <title> <br /> + [<!--#echo var="REDIRECT_STATUS" -->] <!--#echo var="title" --> <br /> + </title> <br /> + </span> +</head> <br /> +<br /> +<body bgcolor="white" background="<!--#echo var="IMG_BgImage" -->"> <br /> +<span class="indent"> + <h1 align="center"> <br /> + [<!--#echo var="REDIRECT_STATUS" -->] + <!--#echo var="title" --> <br /> + <img src="<!--#echo var="IMG_CorpLogo" -->" <br /> + alt="<!--#echo var="ALT_CorpLogo" -->" align="right"> <br /> + </h1> <br /> +<br /> + <hr /> + <!-- ======================================================== --> <br /> + <div> +</span> +</code></p></div> + + <p>and this is the <code>foot.shtml.en</code> file:</p> + +<div class="example"><p><code> +<span class="indent"> + </div> <br /> + <hr /> <br /> + <br /> + <div align="right"> <br /> + <span class="indent"> + <small>Local Server time: + <!--#echo var="DATE_LOCAL" --></small> <br /> + </span> + </div> <br /> + <br /> + <div align="center"><br /> + <span class="indent"> + <a href="<!--#echo var="DOC_Apache" -->"> <br /> + <img src="<!--#echo var="IMG_Apache" -->" border="0" align="bottom" <br /> + alt="Powered by <!--#echo var="SERVER_SOFTWARE" -->"></a> <br /> + <br /><br /> + + <small><!--#set var="var" value="Powered by $SERVER_SOFTWARE -- <br /> + File last modified on $LAST_MODIFIED" --> <br /> + <!--#echo var="var" --></small> <br /> + </span> + </div> <br /> + <br /> + <p>If the indicated error looks like a misconfiguration, please inform <br /> + <a href="mailto:<!--#echo var="SERVER_ADMIN" -->" <br /> + subject="Feedback about Error message [<!--#echo var="REDIRECT_STATUS" -->] <br /> + <!--#echo var="title" -->, req=<!--#echo var="REQUEST_URI" -->"> <br /> + <!--#echo var="SERVER_NAME" -->'s WebMaster</a>.<br /> + </p><br /> + </span> +<br /> +</body><br /> +</html> +</code></p></div> + + <p>If you have tips to contribute, send mail to <a href="mailto:martin@apache.org">martin@apache.org</a></p> + </div></div> +<div class="bottomlang"> +<p><span>Available Languages: </span><a href="../en/misc/custom_errordocs.html" title="English"> en </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/descriptors.html b/rubbos/app/httpd-2.0.64/docs/manual/misc/descriptors.html new file mode 100644 index 00000000..e751d582 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/descriptors.html @@ -0,0 +1,5 @@ +# GENERATED FROM XML -- DO NOT EDIT + +URI: descriptors.html.en +Content-Language: en +Content-type: text/html; charset=ISO-8859-1 diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/descriptors.html.en b/rubbos/app/httpd-2.0.64/docs/manual/misc/descriptors.html.en new file mode 100644 index 00000000..005356d6 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/descriptors.html.en @@ -0,0 +1,233 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>Descriptors and Apache - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>Descriptors and Apache</h1> +<div class="toplang"> +<p><span>Available Languages: </span><a href="../en/misc/descriptors.html" title="English"> en </a></p> +</div> + + + <div class="warning"><h3>Warning:</h3> + <p>This document has not been fully updated + to take into account changes made in the 2.0 version of the + Apache HTTP Server. Some of the information may still be + relevant, but please use it with care.</p> + </div> + + <p>A <em>descriptor</em>, also commonly called a <em>file + handle</em> is an object that a program uses to read or write + an open file, or open network socket, or a variety of other + devices. It is represented by an integer, and you may be + familiar with <code>stdin</code>, <code>stdout</code>, and + <code>stderr</code> which are descriptors 0, 1, and 2 + respectively. Apache needs a descriptor for each log file, plus + one for each network socket that it listens on, plus a handful + of others. Libraries that Apache uses may also require + descriptors. Normal programs don't open up many descriptors at + all, and so there are some latent problems that you may + experience should you start running Apache with many + descriptors (<em>i.e.</em>, with many virtual hosts).</p> + + <p>The operating system enforces a limit on the number of + descriptors that a program can have open at a time. There are + typically three limits involved here. One is a kernel + limitation, depending on your operating system you will either + be able to tune the number of descriptors available to higher + numbers (this is frequently called <em>FD_SETSIZE</em>). Or you + may be stuck with a (relatively) low amount. The second limit + is called the <em>hard resource</em> limit, and it is sometimes + set by root in an obscure operating system file, but frequently + is the same as the kernel limit. The third limit is called the + <em>soft resource</em> limit. The soft limit is always less + than or equal to the hard limit. For example, the hard limit + may be 1024, but the soft limit only 64. Any user can raise + their soft limit up to the hard limit. Root can raise the hard + limit up to the system maximum limit. The soft limit is the + actual limit that is used when enforcing the maximum number of + files a process can have open.</p> + + <p>To summarize:</p> + +<div class="example"><p><code> + #open files <= soft limit <= hard limit <= kernel limit +</code></p></div> + + + <p>You control the hard and soft limits using the + <code>limit</code> (csh) or <code>ulimit</code> (sh) + directives. See the respective man pages for more information. + For example you can probably use <code>ulimit -n + unlimited</code> to raise your soft limit up to the hard limit. + You should include this command in a shell script which starts + your webserver.</p> + + <p>Unfortunately, it's not always this simple. As mentioned + above, you will probably run into some system limitations that + will need to be worked around somehow. Work was done in version + 1.2.1 to improve the situation somewhat. Here is a partial list + of systems and workarounds (assuming you are using 1.2.1 or + later).</p> + + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#bsdi">BSDI 2.0</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#freebsd">FreeBSD 2.2, BSDI 2.1+</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#linux">Linux</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#solaris">Solaris through 2.5.1</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#AIX">AIX</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#sco">SCO OpenServer</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#tru64">Compaq Tru64 UNIX/Digital UNIX/OSF</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#others">Others</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="bsdi" id="bsdi">BSDI 2.0</a></h2> + + <p>Under BSDI 2.0 you can build Apache to support more + descriptors by adding <code>-DFD_SETSIZE=nnn</code> to + <code>EXTRA_CFLAGS</code> (where nnn is the number of + descriptors you wish to support, keep it less than the hard + limit). But it will run into trouble if more than + approximately 240 Listen directives are used. This may be + cured by rebuilding your kernel with a higher + FD_SETSIZE.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="freebsd" id="freebsd">FreeBSD 2.2, BSDI 2.1+</a></h2> + + <p>Similar to the BSDI 2.0 case, you should define + <code>FD_SETSIZE</code> and rebuild. But the extra Listen + limitation doesn't exist.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="linux" id="linux">Linux</a></h2> + + <p>By default Linux has a kernel maximum of 256 open + descriptors per process. There are several patches available + for the 2.0.x series which raise this to 1024 and beyond, and + you can find them in the "unofficial patches" section of <a href="http://www.linuxhq.com/">the Linux Information HQ</a>. + None of these patches are perfect, and an entirely different + approach is likely to be taken during the 2.1.x development. + Applying these patches will raise the FD_SETSIZE used to + compile all programs, and unless you rebuild all your + libraries you should avoid running any other program with a + soft descriptor limit above 256. As of this writing the + patches available for increasing the number of descriptors do + not take this into account. On a dedicated webserver you + probably won't run into trouble.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="solaris" id="solaris">Solaris through 2.5.1</a></h2> + + <p>Solaris has a kernel hard limit of 1024 (may be lower in + earlier versions). But it has a limitation that files using + the stdio library cannot have a descriptor above 255. Apache + uses the stdio library for the ErrorLog directive. When you + have more than approximately 110 virtual hosts (with an error + log and an access log each) you will need to build Apache + with <code>-DHIGH_SLACK_LINE=256</code> added to + <code>EXTRA_CFLAGS</code>. You will be limited to + approximately 240 error logs if you do this.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="AIX" id="AIX">AIX</a></h2> + + <p>AIX version 3.2?? appears to have a hard limit of 128 + descriptors. End of story. Version 4.1.5 has a hard limit of + 2000.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="sco" id="sco">SCO OpenServer</a></h2> + + <p>Edit the <code>/etc/conf/cf.d/stune</code> file or use + <code>/etc/conf/cf.d/configure</code> choice 7 (User and + Group configuration) and modify the <code>NOFILES</code> + kernel parameter to a suitably higher value. SCO recommends a + number between 60 and 11000, the default is 110. Relink and + reboot, and the new number of descriptors will be + available.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="tru64" id="tru64">Compaq Tru64 UNIX/Digital UNIX/OSF</a></h2> + + <ol> + <li>Raise <code>open_max_soft</code> and + <code>open_max_hard</code> to 4096 in the proc subsystem. + Do a man on sysconfig, sysconfigdb, and + sysconfigtab.</li> + + <li>Raise <code>max-vnodes</code> to a large number which + is greater than the number of apache processes * 4096 + (Setting it to 250,000 should be good for most people). + Do a man on sysconfig, sysconfigdb, and + sysconfigtab.</li> + + <li>If you are using Tru64 5.0, 5.0A, or 5.1, define + <code>NO_SLACK</code> to work around a bug in the OS. + <code>CFLAGS="-DNO_SLACK" ./configure</code></li> + </ol> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="others" id="others">Others</a></h2> + + <p>If you have details on another operating system, please + submit it through our <a href="http://httpd.apache.org/bug_report.html">Bug Report + Page</a>.</p> + + <p>In addition to the problems described above there are + problems with many libraries that Apache uses. The most common + example is the bind DNS resolver library that is used by pretty + much every unix, which fails if it ends up with a descriptor + above 256. We suspect there are other libraries that similar + limitations. So the code as of 1.2.1 takes a defensive stance + and tries to save descriptors less than 16 for use while + processing each request. This is called the <em>low slack + line</em>.</p> + + <p>Note that this shouldn't waste descriptors. If you really + are pushing the limits and Apache can't get a descriptor above + 16 when it wants it, it will settle for one below 16.</p> + + <p>In extreme situations you may want to lower the low slack + line, but you shouldn't ever need to. For example, lowering it + can increase the limits 240 described above under Solaris and + BSDI 2.0. But you'll play a delicate balancing game with the + descriptors needed to serve a request. Should you want to play + this game, the compile time parameter is + <code>LOW_SLACK_LINE</code> and there's a tiny bit of + documentation in the header file <code>httpd.h</code>.</p> + + <p>Finally, if you suspect that all this slack stuff is causing + you problems, you can disable it. Add <code>-DNO_SLACK</code> + to <code>EXTRA_CFLAGS</code> and rebuild. But please report it + to our <a href="http://httpd.apache.org/bug_report.html">Bug + Report Page</a> so that we can investigate. </p> + + </div></div> +<div class="bottomlang"> +<p><span>Available Languages: </span><a href="../en/misc/descriptors.html" title="English"> en </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/fin_wait_2.html b/rubbos/app/httpd-2.0.64/docs/manual/misc/fin_wait_2.html new file mode 100644 index 00000000..64957238 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/fin_wait_2.html @@ -0,0 +1,5 @@ +# GENERATED FROM XML -- DO NOT EDIT + +URI: fin_wait_2.html.en +Content-Language: en +Content-type: text/html; charset=ISO-8859-1 diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/fin_wait_2.html.en b/rubbos/app/httpd-2.0.64/docs/manual/misc/fin_wait_2.html.en new file mode 100644 index 00000000..60da4b0d --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/fin_wait_2.html.en @@ -0,0 +1,422 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>Connections in the FIN_WAIT_2 state and Apache - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>Connections in the FIN_WAIT_2 state and Apache</h1> +<div class="toplang"> +<p><span>Available Languages: </span><a href="../en/misc/fin_wait_2.html" title="English"> en </a></p> +</div> + + + <div class="warning"><h3>Warning:</h3> + <p>This document has not been fully updated + to take into account changes made in the 2.0 version of the + Apache HTTP Server. Some of the information may still be + relevant, but please use it with care.</p> + </div> + + <p>Starting with the Apache 1.2 betas, people are reporting + many more connections in the FIN_WAIT_2 state (as reported + by <code>netstat</code>) than they saw using older + versions. When the server closes a TCP connection, it sends + a packet with the FIN bit set to the client, which then + responds with a packet with the ACK bit set. The client + then sends a packet with the FIN bit set to the server, + which responds with an ACK and the connection is closed. + The state that the connection is in during the period + between when the server gets the ACK from the client and + the server gets the FIN from the client is known as + FIN_WAIT_2. See the <a href="ftp://ds.internic.net/rfc/rfc793.txt">TCP RFC</a> for + the technical details of the state transitions.</p> + + <p>The FIN_WAIT_2 state is somewhat unusual in that there + is no timeout defined in the standard for it. This means + that on many operating systems, a connection in the + FIN_WAIT_2 state will stay around until the system is + rebooted. If the system does not have a timeout and too + many FIN_WAIT_2 connections build up, it can fill up the + space allocated for storing information about the + connections and crash the kernel. The connections in + FIN_WAIT_2 do not tie up an httpd process.</p> + + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#why">Why Does It Happen?</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#what">What Can I Do About it?</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#appendix">Appendix</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="why" id="why">Why Does It Happen?</a></h2> + + <p>There are numerous reasons for it happening, some of them + may not yet be fully clear. What is known follows.</p> + + <h3><a name="buggy" id="buggy">Buggy Clients and Persistent + Connections</a></h3> + + <p>Several clients have a bug which pops up when dealing with + persistent connections (aka + keepalives). When the connection is idle and the server + closes the connection (based on the <code class="directive"><a href="../mod/core.html#keepalivetimeout">KeepAliveTimeout</a></code>), + the client is programmed so that the client does not send + back a FIN and ACK to the server. This means that the + connection stays in the FIN_WAIT_2 state until one of the + following happens:</p> + + <ul> + <li>The client opens a new connection to the same or a + different site, which causes it to fully close the older + connection on that socket.</li> + + <li>The user exits the client, which on some (most?) + clients causes the OS to fully shutdown the + connection.</li> + + <li>The FIN_WAIT_2 times out, on servers that have a + timeout for this state.</li> + </ul> + + <p>If you are lucky, this means that the buggy client will + fully close the connection and release the resources on + your server. However, there are some cases where the socket + is never fully closed, such as a dialup client + disconnecting from their provider before closing the + client. In addition, a client might sit idle for days + without making another connection, and thus may hold its + end of the socket open for days even though it has no + further use for it. <strong>This is a bug in the browser or + in its operating system's TCP implementation.</strong></p> + + <p>The clients on which this problem has been verified to + exist:</p> + + <ul> + <li>Mozilla/3.01 (X11; I; FreeBSD 2.1.5-RELEASE + i386)</li> + + <li>Mozilla/2.02 (X11; I; FreeBSD 2.1.5-RELEASE + i386)</li> + + <li>Mozilla/3.01Gold (X11; I; SunOS 5.5 sun4m)</li> + + <li>MSIE 3.01 on the Macintosh</li> + + <li>MSIE 3.01 on Windows 95</li> + </ul> + + <p>This does not appear to be a problem on:</p> + + <ul> + <li>Mozilla/3.01 (Win95; I)</li> + </ul> + + <p>It is expected that many other clients have the same + problem. What a client <strong>should do</strong> is + periodically check its open socket(s) to see if they have + been closed by the server, and close their side of the + connection if the server has closed. This check need only + occur once every few seconds, and may even be detected by a + OS signal on some systems (<em>e.g.</em>, Win95 and NT + clients have this capability, but they seem to be ignoring + it).</p> + + <p>Apache <strong>cannot</strong> avoid these FIN_WAIT_2 + states unless it disables persistent connections for the + buggy clients, just like we recommend doing for Navigator + 2.x clients due to other bugs. However, non-persistent + connections increase the total number of connections needed + per client and slow retrieval of an image-laden web page. + Since non-persistent connections have their own resource + consumptions and a short waiting period after each closure, + a busy server may need persistence in order to best serve + its clients.</p> + + <p>As far as we know, the client-caused FIN_WAIT_2 problem + is present for all servers that support persistent + connections, including Apache 1.1.x and 1.2.</p> + + + + <h3><a name="code" id="code">A necessary bit of code + introduced in 1.2</a></h3> + + <p>While the above bug is a problem, it is not the whole + problem. Some users have observed no FIN_WAIT_2 problems + with Apache 1.1.x, but with 1.2b enough connections build + up in the FIN_WAIT_2 state to crash their server. The most + likely source for additional FIN_WAIT_2 states is a + function called <code>lingering_close()</code> which was + added between 1.1 and 1.2. This function is necessary for + the proper handling of persistent connections and any + request which includes content in the message body + (<em>e.g.</em>, PUTs and POSTs). What it does is read any + data sent by the client for a certain time after the server + closes the connection. The exact reasons for doing this are + somewhat complicated, but involve what happens if the + client is making a request at the same time the server + sends a response and closes the connection. Without + lingering, the client might be forced to reset its TCP + input buffer before it has a chance to read the server's + response, and thus understand why the connection has + closed. See the <a href="#appendix">appendix</a> for more + details.</p> + + <p>The code in <code>lingering_close()</code> appears to + cause problems for a number of factors, including the + change in traffic patterns that it causes. The code has + been thoroughly reviewed and we are not aware of any bugs + in it. It is possible that there is some problem in the BSD + TCP stack, aside from the lack of a timeout for the + FIN_WAIT_2 state, exposed by the + <code>lingering_close</code> code that causes the observed + problems.</p> + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="what" id="what">What Can I Do About it?</a></h2> + + <p>There are several possible workarounds to the problem, some + of which work better than others.</p> + + <h3><a name="add_timeout" id="add_timeout">Add a timeout for FIN_WAIT_2</a></h3> + + <p>The obvious workaround is to simply have a timeout for the + FIN_WAIT_2 state. This is not specified by the RFC, and + could be claimed to be a violation of the RFC, but it is + widely recognized as being necessary. The following systems + are known to have a timeout:</p> + + <ul> + <li><a href="http://www.freebsd.org/">FreeBSD</a> + versions starting at 2.0 or possibly earlier.</li> + + <li><a href="http://www.netbsd.org/">NetBSD</a> version + 1.2(?)</li> + + <li><a href="http://www.openbsd.org/">OpenBSD</a> all + versions(?)</li> + + <li><a href="http://www.bsdi.com/">BSD/OS</a> 2.1, with + the <a href="ftp://ftp.bsdi.com/bsdi/patches/patches-2.1/K210-027"> + K210-027</a> patch installed.</li> + + <li><a href="http://www.sun.com/">Solaris</a> as of + around version 2.2. The timeout can be tuned by using + <code>ndd</code> to modify + <code>tcp_fin_wait_2_flush_interval</code>, but the + default should be appropriate for most servers and + improper tuning can have negative impacts.</li> + + <li><a href="http://www.linux.org/">Linux</a> 2.0.x and + earlier(?)</li> + + <li><a href="http://www.hp.com/">HP-UX</a> 10.x defaults + to terminating connections in the FIN_WAIT_2 state after + the normal keepalive timeouts. This does not refer to the + persistent connection or HTTP keepalive timeouts, but the + <code>SO_LINGER</code> socket option which is enabled by + Apache. This parameter can be adjusted by using + <code>nettune</code> to modify parameters such as + <code>tcp_keepstart</code> and <code>tcp_keepstop</code>. + In later revisions, there is an explicit timer for + connections in FIN_WAIT_2 that can be modified; contact + HP support for details.</li> + + <li><a href="http://www.sgi.com/">SGI IRIX</a> can be + patched to support a timeout. For IRIX 5.3, 6.2, and 6.3, + use patches 1654, 1703 and 1778 respectively. If you have + trouble locating these patches, please contact your SGI + support channel for help.</li> + + <li><a href="http://www.ncr.com/">NCR's MP RAS Unix</a> + 2.xx and 3.xx both have FIN_WAIT_2 timeouts. In 2.xx it + is non-tunable at 600 seconds, while in 3.xx it defaults + to 600 seconds and is calculated based on the tunable + "max keep alive probes" (default of 8) multiplied by the + "keep alive interval" (default 75 seconds).</li> + + <li><a href="http://www.sequent.com">Sequent's ptx/TCP/IP + for DYNIX/ptx</a> has had a FIN_WAIT_2 timeout since + around release 4.1 in mid-1994.</li> + </ul> + + <p>The following systems are known to not have a + timeout:</p> + + <ul> + <li><a href="http://www.sun.com/">SunOS 4.x</a> does not + and almost certainly never will have one because it as at + the very end of its development cycle for Sun. If you + have kernel source should be easy to patch.</li> + </ul> + + <p>There is a <a href="http://www.apache.org/dist/httpd/contrib/patches/1.2/fin_wait_2.patch"> + patch available</a> for adding a timeout to the FIN_WAIT_2 + state; it was originally intended for BSD/OS, but should be + adaptable to most systems using BSD networking code. You + need kernel source code to be able to use it.</p> + + + + <h3><a name="no_lingering" id="no_lingering">Compile without using + <code>lingering_close()</code></a></h3> + + <p>It is possible to compile Apache 1.2 without using the + <code>lingering_close()</code> function. This will result + in that section of code being similar to that which was in + 1.1. If you do this, be aware that it can cause problems + with PUTs, POSTs and persistent connections, especially if + the client uses pipelining. That said, it is no worse than + on 1.1, and we understand that keeping your server running + is quite important.</p> + + <p>To compile without the <code>lingering_close()</code> + function, add <code>-DNO_LINGCLOSE</code> to the end of the + <code>EXTRA_CFLAGS</code> line in your + <code>Configuration</code> file, rerun + <code class="program"><a href="../programs/Configure.html">Configure</a></code> and rebuild the server.</p> + + + + <h3><a name="so_linger" id="so_linger">Use <code>SO_LINGER</code> as + an alternative to <code>lingering_close()</code></a></h3> + + <p>On most systems, there is an option called + <code>SO_LINGER</code> that can be set with + <code>setsockopt(2)</code>. It does something very similar + to <code>lingering_close()</code>, except that it is broken + on many systems so that it causes far more problems than + <code>lingering_close</code>. On some systems, it could + possibly work better so it may be worth a try if you have + no other alternatives.</p> + + <p>To try it, add <code>-DUSE_SO_LINGER + -DNO_LINGCLOSE</code> to the end of the + <code>EXTRA_CFLAGS</code> line in your + <code>Configuration</code> file, rerun + <code class="program"><a href="../programs/Configure.html">Configure</a></code> and rebuild the server.</p> + + <div class="note"><h3>NOTE</h3>Attempting to use + <code>SO_LINGER</code> and <code>lingering_close()</code> + at the same time is very likely to do very bad things, so + don't.</div> + + + + <h3><a name="increase_mem" id="increase_mem">Increase the amount of memory + used for storing connection state</a></h3> + + <dl> + <dt>BSD based networking code:</dt> + + <dd> + BSD stores network data, such as connection states, in + something called an mbuf. When you get so many + connections that the kernel does not have enough mbufs + to put them all in, your kernel will likely crash. You + can reduce the effects of the problem by increasing the + number of mbufs that are available; this will not + prevent the problem, it will just make the server go + longer before crashing. + + <p>The exact way to increase them may depend on your + OS; look for some reference to the number of "mbufs" or + "mbuf clusters". On many systems, this can be done by + adding the line <code>NMBCLUSTERS="n"</code>, where + <code>n</code> is the number of mbuf clusters you want + to your kernel config file and rebuilding your + kernel.</p> + </dd> + </dl> + + + + <h3><a name="disable" id="disable">Disable KeepAlive</a></h3> + + <p>If you are unable to do any of the above then you + should, as a last resort, disable KeepAlive. Edit your + httpd.conf and change "KeepAlive On" to "KeepAlive + Off".</p> + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="appendix" id="appendix">Appendix</a></h2> + + <p>Below is a message from Roy Fielding, one of the authors + of HTTP/1.1.</p> + + <h3><a name="message" id="message">Why the lingering close + functionality is necessary with HTTP</a></h3> + + <p>The need for a server to linger on a socket after a close + is noted a couple times in the HTTP specs, but not + explained. This explanation is based on discussions between + myself, Henrik Frystyk, Robert S. Thau, Dave Raggett, and + John C. Mallery in the hallways of MIT while I was at W3C.</p> + + <p>If a server closes the input side of the connection + while the client is sending data (or is planning to send + data), then the server's TCP stack will signal an RST + (reset) back to the client. Upon receipt of the RST, the + client will flush its own incoming TCP buffer back to the + un-ACKed packet indicated by the RST packet argument. If + the server has sent a message, usually an error response, + to the client just before the close, and the client + receives the RST packet before its application code has + read the error message from its incoming TCP buffer and + before the server has received the ACK sent by the client + upon receipt of that buffer, then the RST will flush the + error message before the client application has a chance to + see it. The result is that the client is left thinking that + the connection failed for no apparent reason.</p> + + <p>There are two conditions under which this is likely to + occur:</p> + + <ol> + <li>sending POST or PUT data without proper + authorization</li> + + <li>sending multiple requests before each response + (pipelining) and one of the middle requests resulting in + an error or other break-the-connection result.</li> + </ol> + + <p>The solution in all cases is to send the response, close + only the write half of the connection (what shutdown is + supposed to do), and continue reading on the socket until + it is either closed by the client (signifying it has + finally read the response) or a timeout occurs. That is + what the kernel is supposed to do if SO_LINGER is set. + Unfortunately, SO_LINGER has no effect on some systems; on + some other systems, it does not have its own timeout and + thus the TCP memory segments just pile-up until the next + reboot (planned or not).</p> + + <p>Please note that simply removing the linger code will + not solve the problem -- it only moves it to a different + and much harder one to detect.</p> + + </div></div> +<div class="bottomlang"> +<p><span>Available Languages: </span><a href="../en/misc/fin_wait_2.html" title="English"> en </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/index.html b/rubbos/app/httpd-2.0.64/docs/manual/misc/index.html new file mode 100644 index 00000000..23ec1ec0 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/index.html @@ -0,0 +1,9 @@ +# GENERATED FROM XML -- DO NOT EDIT + +URI: index.html.en +Content-Language: en +Content-type: text/html; charset=ISO-8859-1 + +URI: index.html.tr.utf8 +Content-Language: tr +Content-type: text/html; charset=UTF-8 diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/index.html.en b/rubbos/app/httpd-2.0.64/docs/manual/misc/index.html.en new file mode 100644 index 00000000..81445841 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/index.html.en @@ -0,0 +1,121 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>Apache Miscellaneous Documentation - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page" class="no-sidebar"><div id="page-header"> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="../"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a></div><div id="page-content"><div id="preamble"><h1>Apache Miscellaneous Documentation</h1> +<div class="toplang"> +<p><span>Available Languages: </span><a href="../en/misc/" title="English"> en </a> | +<a href="../tr/misc/" hreflang="tr" rel="alternate" title="T�rk�e"> tr </a></p> +</div> + + + <p>Below is a list of additional documentation pages that apply + to the Apache web server development project.</p> + + <div class="warning"><h3>Warning</h3> + <p>Some of the documents below have not been fully updated + to take into account changes made in the 2.0 version of the + Apache HTTP Server. Some of the information may still be + relevant, but please use it with care.</p> + </div> + + <dl> + <dt><a href="custom_errordocs.html">How to use XSSI and + Negotiation for custom ErrorDocuments</a></dt> + + <dd> + <p>Describes a solution which uses XSSI and negotiation to + custom-tailor the Apache ErrorDocuments to taste, adding the + advantage of returning internationalized versions of the + error messages depending on the client's language + preferences.</p> + </dd> + + <dt><a href="descriptors.html">File Descriptor use in + Apache</a></dt> + + <dd> + <p>Describes how Apache uses file descriptors and talks + about various limits imposed on the number of descriptors + available by various operating systems.</p> + </dd> + + <dt><a href="fin_wait_2.html"><code>FIN_WAIT_2</code></a></dt> + + <dd> + <p>A description of the causes of Apache processes going + into the <code>FIN_WAIT_2</code> state, and what you can do + about it.</p> + </dd> + + <dt><a href="known_client_problems.html">Known Client + Problems</a></dt> + + <dd> + <p>A list of problems in HTTP clients which can be mitigated + by Apache.</p> + </dd> + + <dt><a href="perf-tuning.html">Performance Notes - Apache + Tuning</a></dt> + + <dd> + <p>Notes about how to (run-time and compile-time) configure + Apache for highest performance. Notes explaining why Apache + does some things, and why it doesn't do other things (which + make it slower/faster).</p> + </dd> + + <dt><a href="security_tips.html">Security Tips</a></dt> + + <dd> + <p>Some "do"s - and "don't"s - for keeping your Apache web + site secure.</p> + </dd> + + <dt><a href="rewriteguide.html">URL Rewriting Guide</a></dt> + <dd> + <p>This document supplements the <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> + <a href="../mod/mod_rewrite.html">reference documentation</a>. + It describes how one can use Apache's <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> + to solve typical URL-based problems webmasters are usually confronted + with in practice.</p> + </dd> + + <dt><a href="tutorials.html">Apache Tutorials</a></dt> + + <dd> + <p>A list of external resources which help to accomplish common + tasks with the Apache HTTP server.</p> + </dd> + + <dt><a href="relevant_standards.html">Relevant Standards</a></dt> + + <dd> + <p>This document acts as a reference page for most of the relevant + standards that Apache follows.</p> + </dd> + </dl> + </div> +</div> +<div class="bottomlang"> +<p><span>Available Languages: </span><a href="../en/misc/" title="English"> en </a> | +<a href="../tr/misc/" hreflang="tr" rel="alternate" title="T�rk�e"> tr </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/index.html.tr.utf8 b/rubbos/app/httpd-2.0.64/docs/manual/misc/index.html.tr.utf8 new file mode 100644 index 00000000..e4cb8a26 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/index.html.tr.utf8 @@ -0,0 +1,122 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="tr" xml:lang="tr"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>Çeşitli Belgeler - Apache HTTP Sunucusu</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page" class="no-sidebar"><div id="page-header"> +<p class="menu"><a href="../mod/">Modüller</a> | <a href="../mod/directives.html">Yönergeler</a> | <a href="../faq/">SSS</a> | <a href="../glossary.html">Terimler</a> | <a href="../sitemap.html">Site Haritası</a></p> +<p class="apache">Apache HTTP Sunucusu Sürüm 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="../"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Sunucusu</a> > <a href="http://httpd.apache.org/docs/">Belgeleme</a> > <a href="../">Sürüm 2.0</a></div><div id="page-content"><div id="preamble"><h1>Çeşitli Belgeler</h1> +<div class="toplang"> +<p><span>Mevcut Diller: </span><a href="../en/misc/" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../tr/misc/" title="Türkçe"> tr </a></p> +</div> + + + <p>Aşağıda listelenen belgeler de Apache HTTP sunucusu geliştirme projesi + kapsamındadır.</p> + + <div class="warning"><h3>Uyarı</h3> + <p>Aşağıdaki belgeler, Apache HTTP Sunucusunun 2.0 sürümünde yapılmış + değişikliklere göre tam olarak güncellenmemiştir. Hala güncel kalmış + bazı bilgiler olabilir, fakat siz yine de bu belgeleri kullanırken + dikkatli olun.</p> + </div> + + <dl> + <dt><a href="custom_errordocs.html">Hata belgelerinin özelleştirilmesi + için XSSI ve içerik uzlaşımının kullanımı</a></dt> + + <dd> + <p>Belgede, istemcinin dil tercihlerine bağlı olarak hata + iletilerinin yerelleştirilmiş sürümlerini döndürmenin yanında + Apache hata belgelerine bir çeşni katmak için XSSI ve içerik + uzlaşımının kullanımıyla ilgili bir çözüme yer verilmiştir.</p> + </dd> + + <dt><a href="descriptors.html">Apache’de dosya tanıtıcılarının + kullanımı</a></dt> + + <dd> + <p>Belgede, Apache’nin çeşitli işletim sistemleri tarafından + dayatılan dosya tanıtıcı miktarları için işletim sistemleri ile + nasıl anlaştığı ve bu dosya tanıtıcılarını nasıl kullandığı + açıklanmıştır.</p> + </dd> + + <dt><a href="fin_wait_2.html"><code>FIN_WAIT_2</code></a></dt> + + <dd> + <p>Belgede, Apache’nin <code>FIN_WAIT_2</code> durumuna girme + sebepleri ile bu konuda neler yapılabileceği açıklanmıştır.</p> + </dd> + + <dt><a href="known_client_problems.html">Bilinen İstemci Sorunları</a> + </dt> + + <dd> + <p>Belgede, HTTP istemcilerinden kaynaklanan bazı sorunların Apache + tarafından hafifletilebilenlerinin bir listesi yer almaktadır.</p> + </dd> + + <dt><a href="perf-tuning.html">Başarım Arttırma İpuçları - Apache’ye + İnce Ayar Çekilmesi</a></dt> + + <dd> + <p>Yüksek başarım elde etmek için Apache yapılandırmasında (çalışma + anında ve derleme sırasında) yapılacaklar ile ilgili bazı bilgiler + yanında Apache’de bazı şeylerin (bir şeyleri hızlandıran ve + yavaşlatan şeylerin) yapılma ve yapılmama sebepleri + açıklanmıştır.</p> + </dd> + + <dt><a href="security_tips.html">Güvenlik İpuçları</a></dt> + + <dd> + <p>Apache HTTP sitenizi güvenli kılmak için yapılacaklar ve + yapılmayacaklar.</p> + </dd> + + <dt><a href="rewriteguide.html">URL Yeniden Yazma Rehberi</a></dt> + + <dd> + <p>Bu belge <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> modülünün <a href="../mod/mod_rewrite.html">başvuru belgesi</a> yerine geçer. + Site yöneticilerinin sıkça karşılaştıkları belli başlı URL temelli + sorunları çözümlemek için Apache’nin <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> + modülünün nasıl kullanılacağını açıklar.</p> + </dd> + + <dt><a href="tutorials.html">Apache Öğreticileri</a></dt> + + <dd> + <p>Apache HTTP Sunucusu ile ilgili görevlerinizi yerine getirmenize + yardımcı olacak harici kaynakların bir listesi.</p> + </dd> + + <dt><a href="relevant_standards.html">İlgili Standartlar</a></dt> + + <dd> + <p>Bu belge Apache’nin uyacağı standartların bir çoğuna atıfta + bulunmak amacıyla hazırlanmıştır.</p> + </dd> + </dl> + + </div> +</div> +<div class="bottomlang"> +<p><span>Mevcut Diller: </span><a href="../en/misc/" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../tr/misc/" title="Türkçe"> tr </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br /><a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a> altında lisanslıdır.</p> +<p class="menu"><a href="../mod/">Modüller</a> | <a href="../mod/directives.html">Yönergeler</a> | <a href="../faq/">SSS</a> | <a href="../glossary.html">Terimler</a> | <a href="../sitemap.html">Site Haritası</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/known_client_problems.html b/rubbos/app/httpd-2.0.64/docs/manual/misc/known_client_problems.html new file mode 100644 index 00000000..9f5b039f --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/known_client_problems.html @@ -0,0 +1,5 @@ +# GENERATED FROM XML -- DO NOT EDIT + +URI: known_client_problems.html.en +Content-Language: en +Content-type: text/html; charset=ISO-8859-1 diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/known_client_problems.html.en b/rubbos/app/httpd-2.0.64/docs/manual/misc/known_client_problems.html.en new file mode 100644 index 00000000..cfc02954 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/known_client_problems.html.en @@ -0,0 +1,408 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>Known Problems in Clients - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>Known Problems in Clients</h1> +<div class="toplang"> +<p><span>Available Languages: </span><a href="../en/misc/known_client_problems.html" title="English"> en </a></p> +</div> + + + <div class="warning"><h3>Warning:</h3> + <p>This document has not been fully updated + to take into account changes made in the 2.0 version of the + Apache HTTP Server. Some of the information may still be + relevant, but please use it with care.</p> + </div> + + <p>Over time the Apache Group has discovered or been notified + of problems with various clients which we have had to work + around, or explain. This document describes these problems and + the workarounds available. It's not arranged in any particular + order. Some familiarity with the standards is assumed, but not + necessary.</p> + + <p>For brevity, <em>Navigator</em> will refer to Netscape's + Navigator product (which in later versions was renamed + "Communicator" and various other names), and <em>MSIE</em> will + refer to Microsoft's Internet Explorer product. All trademarks + and copyrights belong to their respective companies. We welcome + input from the various client authors to correct + inconsistencies in this paper, or to provide us with exact + version numbers where things are broken/fixed.</p> + + <p>For reference, <a href="ftp://ds.internic.net/rfc/rfc1945.txt">RFC1945</a> + defines HTTP/1.0, and <a href="ftp://ds.internic.net/rfc/rfc2068.txt">RFC2068</a> + defines HTTP/1.1. Apache as of version 1.2 is an HTTP/1.1 + server (with an optional HTTP/1.0 proxy).</p> + + <p>Various of these workarounds are triggered by environment + variables. The admin typically controls which are set, and for + which clients, by using <code>mod_browser</code>. Unless + otherwise noted all of these workarounds exist in versions 1.2 + and later.</p> + + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#trailing-crlf">Trailing CRLF on POSTs</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#broken-keepalive">Broken KeepAlive</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#force-response-1.0">Incorrect interpretation of + <code>HTTP/1.1</code> in response</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#msie4.0b2">Requests use HTTP/1.1 but + responses must be in HTTP/1.0</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#byte-257">Boundary problems with + header parsing</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#boundary-string">Multipart responses and + Quoted Boundary Strings</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#byterange-requests">Byterange Requests</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#cookie-merge"><code>Set-Cookie</code> header is + unmergeable</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#gif89-expires"><code>Expires</code> headers + and GIF89A animations</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#no-content-length"><code>POST</code> without + <code>Content-Length</code></a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#jdk-12-bugs">JDK 1.2 betas lose + parts of responses.</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#content-type-persistent"><code>Content-Type</code> + change is not noticed after reload</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#msie-cookie-y2k">MSIE Cookie + problem with expiry date in the year 2000</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#lynx-negotiate-trans">Lynx incorrectly asking for + transparent content negotiation</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#ie40-vary">MSIE 4.0 mishandles Vary + response header</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="trailing-crlf" id="trailing-crlf">Trailing CRLF on POSTs</a></h2> + + <p>This is a legacy issue. The CERN webserver required + <code>POST</code> data to have an extra <code>CRLF</code> + following it. Thus many clients send an extra <code>CRLF</code> + that is not included in the <code>Content-Length</code> of the + request. Apache works around this problem by eating any empty + lines which appear before a request.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="broken-keepalive" id="broken-keepalive">Broken KeepAlive</a></h2> + + <p>Various clients have had broken implementations of + <em>keepalive</em> (persistent connections). In particular the + Windows versions of Navigator 2.0 get very confused when the + server times out an idle connection. The workaround is present + in the default config files:</p> + + <div class="example"><p><code> + BrowserMatch Mozilla/2 nokeepalive + </code></p></div> + + <p>Note that this matches some earlier versions of MSIE, which + began the practice of calling themselves <em>Mozilla</em> in + their user-agent strings just like Navigator.</p> + + <p>MSIE 4.0b2, which claims to support HTTP/1.1, does not + properly support keepalive when it is used on 301 or 302 + (redirect) responses. Unfortunately Apache's + <code>nokeepalive</code> code prior to 1.2.2 would not work + with HTTP/1.1 clients. You must apply <a href="http://www.apache.org/dist/httpd/patches/apply_to_1.2.1/msie_4_0b2_fixes.patch"> + this patch</a> to version 1.2.1. Then add this to your + config:</p> + + <div class="example"><p><code> + BrowserMatch "MSIE 4\.0b2;" nokeepalive + </code></p></div> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="force-response-1.0" id="force-response-1.0">Incorrect interpretation of + <code>HTTP/1.1</code> in response</a></h2> + + <p>To quote from section 3.1 of RFC1945:</p> + + <div class="note"> + HTTP uses a "<MAJOR>.<MINOR>" numbering scheme to + indicate versions of the protocol. The protocol versioning + policy is intended to allow the sender to indicate the format + of a message and its capacity for understanding further HTTP + communication, rather than the features obtained via that + communication. + </div> + + <p>Since Apache is an HTTP/1.1 server, it indicates so as part of + its response. Many client authors mistakenly treat this part of + the response as an indication of the protocol that the response + is in, and then refuse to accept the response.</p> + + <p>The first major indication of this problem was with AOL's + proxy servers. When Apache 1.2 went into beta it was the first + wide-spread HTTP/1.1 server. After some discussion, AOL fixed + their proxies. In anticipation of similar problems, the + <code>force-response-1.0</code> environment variable was added + to Apache. When present Apache will indicate "HTTP/1.0" in + response to an HTTP/1.0 client, but will not in any other way + change the response.</p> + + <p>The pre-1.1 Java Development Kit (JDK) that is used in many + clients (including Navigator 3.x and MSIE 3.x) exhibits this + problem. As do some of the early pre-releases of the 1.1 JDK. + We think it is fixed in the 1.1 JDK release. In any event the + workaround:</p> + + <div class="example"><p><code> + BrowserMatch Java/1.0 force-response-1.0<br /> + BrowserMatch JDK/1.0 force-response-1.0 + </code></p></div> + + <p>RealPlayer 4.0 from Progressive Networks also exhibits this + problem. However they have fixed it in version 4.01 of the + player, but version 4.01 uses the same <code>User-Agent</code> + as version 4.0. The workaround is still:</p> + + <div class="example"><p><code> + BrowserMatch "RealPlayer 4.0" force-response-1.0 + </code></p></div> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="msie4.0b2" id="msie4.0b2">Requests use HTTP/1.1 but + responses must be in HTTP/1.0</a></h2> + + <p>MSIE 4.0b2 has this problem. Its Java VM makes requests in + HTTP/1.1 format but the responses must be in HTTP/1.0 format + (in particular, it does not understand <em>chunked</em> + responses). The workaround is to fool Apache into believing the + request came in HTTP/1.0 format.</p> + + <div class="example"><p><code> + BrowserMatch "MSIE 4\.0b2;" downgrade-1.0 + force-response-1.0 + </code></p></div> + + <p>This workaround is available in 1.2.2, and in a <a href="http://www.apache.org/dist/httpd/patches/apply_to_1.2.1/msie_4_0b2_fixes.patch"> + patch</a> against 1.2.1.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="byte-257" id="byte-257">Boundary problems with + header parsing</a></h2> + + <p>All versions of Navigator from 2.0 through 4.0b2 (and + possibly later) have a problem if the trailing CRLF of the + response header starts at offset 256, 257 or 258 of the + response. A BrowserMatch for this would match on nearly every + hit, so the workaround is enabled automatically on all + responses. The workaround implemented detects when this + condition would occur in a response and adds extra padding to + the header to push the trailing CRLF past offset 258 of the + response.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="boundary-string" id="boundary-string">Multipart responses and + Quoted Boundary Strings</a></h2> + + <p>On multipart responses some clients will not accept quotes + (") around the boundary string. The MIME standard recommends + that such quotes be used. But the clients were probably written + based on one of the examples in RFC2068, which does not include + quotes. Apache does not include quotes on its boundary strings + to workaround this problem.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="byterange-requests" id="byterange-requests">Byterange Requests</a></h2> + + <p>A byterange request is used when the client wishes to + retrieve a portion of an object, not necessarily the entire + object. There was a very old draft which included these + byteranges in the URL. Old clients such as Navigator 2.0b1 and + MSIE 3.0 for the MAC exhibit this behaviour, and it will appear + in the servers' access logs as (failed) attempts to retrieve a + URL with a trailing ";xxx-yyy". Apache does not attempt to + implement this at all.</p> + + <p>A subsequent draft of this standard defines a header + <code>Request-Range</code>, and a response type + <code>multipart/x-byteranges</code>. The HTTP/1.1 standard + includes this draft with a few fixes, and it defines the header + <code>Range</code> and type + <code>multipart/byteranges</code>.</p> + + <p>Navigator (versions 2 and 3) sends both <code>Range</code> + and <code>Request-Range</code> headers (with the same value), + but does not accept a <code>multipart/byteranges</code> + response. The response must be + <code>multipart/x-byteranges</code>. As a workaround, if Apache + receives a <code>Request-Range</code> header it considers it + "higher priority" than a <code>Range</code> header and in + response uses <code>multipart/x-byteranges</code>.</p> + + <p>The Adobe Acrobat Reader plugin makes extensive use of + byteranges and prior to version 3.01 supports only the + <code>multipart/x-byterange</code> response. Unfortunately + there is no clue that it is the plugin making the request. If + the plugin is used with Navigator, the above workaround works + fine. But if the plugin is used with MSIE 3 (on Windows) the + workaround won't work because MSIE 3 doesn't give the + <code>Range-Request</code> clue that Navigator does. To + workaround this, Apache special cases "MSIE 3" in the + <code>User-Agent</code> and serves + <code>multipart/x-byteranges</code>. Note that the necessity + for this with MSIE 3 is actually due to the Acrobat plugin, not + due to the browser.</p> + + <p>Netscape Communicator appears to not issue the non-standard + <code>Request-Range</code> header. When an Acrobat plugin prior + to version 3.01 is used with it, it will not properly + understand byteranges. The user must upgrade their Acrobat + reader to 3.01.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="cookie-merge" id="cookie-merge"><code>Set-Cookie</code> header is + unmergeable</a></h2> + + <p>The HTTP specifications say that it is legal to merge + headers with duplicate names into one (separated by commas). + Some browsers that support Cookies don't like merged headers + and prefer that each <code>Set-Cookie</code> header is sent + separately. When parsing the headers returned by a CGI, Apache + will explicitly avoid merging any <code>Set-Cookie</code> + headers.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="gif89-expires" id="gif89-expires"><code>Expires</code> headers + and GIF89A animations</a></h2> + + <p>Navigator versions 2 through 4 will erroneously re-request + GIF89A animations on each loop of the animation if the first + response included an <code>Expires</code> header. This happens + regardless of how far in the future the expiry time is set. + There is no workaround supplied with Apache, however there are + hacks for <a href="http://www.arctic.org/~dgaudet/patches/apache-1.2-gif89-expires-hack.patch"> + 1.2</a> and for <a href="http://www.arctic.org/~dgaudet/patches/apache-1.3-gif89-expires-hack.patch"> + 1.3</a>.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="no-content-length" id="no-content-length"><code>POST</code> without + <code>Content-Length</code></a></h2> + + <p>In certain situations Navigator 3.01 through 3.03 appear to + incorrectly issue a POST without the request body. There is no + known workaround. It has been fixed in Navigator 3.04, + Netscapes provides some <a href="http://help.netscape.com/kb/client/971014-42.html">information</a>. + There's also <a href="http://www.arctic.org/~dgaudet/apache/no-content-length/"> + some information</a> about the actual problem.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="jdk-12-bugs" id="jdk-12-bugs">JDK 1.2 betas lose + parts of responses.</a></h2> + + <p>The http client in the JDK1.2beta2 and beta3 will throw away + the first part of the response body when both the headers and + the first part of the body are sent in the same network packet + AND keep-alive's are being used. If either condition is not met + then it works fine.</p> + + <p>See also Bug-ID's 4124329 and 4125538 at the java developer + connection.</p> + + <p>If you are seeing this bug yourself, you can add the + following BrowserMatch directive to work around it:</p> + + <div class="example"><p><code> + BrowserMatch "Java1\.2beta[23]" nokeepalive + </code></p></div> + + <p>We don't advocate this though since bending over backwards + for beta software is usually not a good idea; ideally it gets + fixed, new betas or a final release comes out, and no one uses + the broken old software anymore. In theory.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="content-type-persistent" id="content-type-persistent"><code>Content-Type</code> + change is not noticed after reload</a></h2> + + <p>Navigator (all versions?) will cache the + <code>content-type</code> for an object "forever". Using reload + or shift-reload will not cause Navigator to notice a + <code>content-type</code> change. The only work-around is for + the user to flush their caches (memory and disk). By way of an + example, some folks may be using an old <code>mime.types</code> + file which does not map <code>.htm</code> to + <code>text/html</code>, in this case Apache will default to + sending <code>text/plain</code>. If the user requests the page + and it is served as <code>text/plain</code>. After the admin + fixes the server, the user will have to flush their caches + before the object will be shown with the correct + <code>text/html</code> type.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="msie-cookie-y2k" id="msie-cookie-y2k">MSIE Cookie + problem with expiry date in the year 2000</a></h2> + + <p>MSIE versions 3.00 and 3.02 (without the Y2K patch) do not + handle cookie expiry dates in the year 2000 properly. Years + after 2000 and before 2000 work fine. This is fixed in IE4.01 + service pack 1, and in the Y2K patch for IE3.02. Users should + avoid using expiry dates in the year 2000.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="lynx-negotiate-trans" id="lynx-negotiate-trans">Lynx incorrectly asking for + transparent content negotiation</a></h2> + + <p>The Lynx browser versions 2.7 and 2.8 send a "negotiate: + trans" header in their requests, which is an indication the + browser supports transparent content negotiation (TCN). However + the browser does not support TCN. As of version 1.3.4, Apache + supports TCN, and this causes problems with these versions of + Lynx. As a workaround future versions of Apache will ignore + this header when sent by the Lynx client.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="ie40-vary" id="ie40-vary">MSIE 4.0 mishandles Vary + response header</a></h2> + + <p>MSIE 4.0 does not handle a Vary header properly. The Vary + header is generated by mod_rewrite in apache 1.3. The result is + an error from MSIE saying it cannot download the requested + file. There are more details in <a href="http://bugs.apache.org/index/full/4118">PR#4118</a>.</p> + + <p>A workaround is to add the following to your server's + configuration files:</p> + + <div class="example"><p><code> + BrowserMatch "MSIE 4\.0" force-no-vary + </code></p></div> + + <p>(This workaround is only available with releases + <strong>after</strong> 1.3.6 of the Apache Web server.)</p> + + </div></div> +<div class="bottomlang"> +<p><span>Available Languages: </span><a href="../en/misc/known_client_problems.html" title="English"> en </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/perf-tuning.html b/rubbos/app/httpd-2.0.64/docs/manual/misc/perf-tuning.html new file mode 100644 index 00000000..84956329 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/perf-tuning.html @@ -0,0 +1,13 @@ +# GENERATED FROM XML -- DO NOT EDIT + +URI: perf-tuning.html.en +Content-Language: en +Content-type: text/html; charset=ISO-8859-1 + +URI: perf-tuning.html.ko.euc-kr +Content-Language: ko +Content-type: text/html; charset=EUC-KR + +URI: perf-tuning.html.tr.utf8 +Content-Language: tr +Content-type: text/html; charset=UTF-8 diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/perf-tuning.html.en b/rubbos/app/httpd-2.0.64/docs/manual/misc/perf-tuning.html.en new file mode 100644 index 00000000..2a6bc9d1 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/perf-tuning.html.en @@ -0,0 +1,1058 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>Apache Performance Tuning - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>Apache Performance Tuning</h1> +<div class="toplang"> +<p><span>Available Languages: </span><a href="../en/misc/perf-tuning.html" title="English"> en </a> | +<a href="../ko/misc/perf-tuning.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> | +<a href="../tr/misc/perf-tuning.html" hreflang="tr" rel="alternate" title="T�rk�e"> tr </a></p> +</div> + + + <p>Apache 2.x is a general-purpose webserver, designed to + provide a balance of flexibility, portability, and performance. + Although it has not been designed specifically to set benchmark + records, Apache 2.x is capable of high performance in many + real-world situations.</p> + + <p>Compared to Apache 1.3, release 2.x contains many additional + optimizations to increase throughput and scalability. Most of + these improvements are enabled by default. However, there are + compile-time and run-time configuration choices that can + significantly affect performance. This document describes the + options that a server administrator can configure to tune the + performance of an Apache 2.x installation. Some of these + configuration options enable the httpd to better take advantage + of the capabilities of the hardware and OS, while others allow + the administrator to trade functionality for speed.</p> + + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#hardware">Hardware and Operating System Issues</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#runtime">Run-Time Configuration Issues</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#compiletime">Compile-Time Configuration Issues</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#trace">Appendix: Detailed Analysis of a Trace</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="hardware" id="hardware">Hardware and Operating System Issues</a></h2> + + + + <p>The single biggest hardware issue affecting webserver + performance is RAM. A webserver should never ever have to swap, + as swapping increases the latency of each request beyond a point + that users consider "fast enough". This causes users to hit + stop and reload, further increasing the load. You can, and + should, control the <code class="directive"><a href="../mod/mpm_common.html#maxclients">MaxClients</a></code> setting so that your server + does not spawn so many children it starts swapping. This procedure + for doing this is simple: determine the size of your average Apache + process, by looking at your process list via a tool such as + <code>top</code>, and divide this into your total available memory, + leaving some room for other processes.</p> + + <p>Beyond that the rest is mundane: get a fast enough CPU, a + fast enough network card, and fast enough disks, where "fast + enough" is something that needs to be determined by + experimentation.</p> + + <p>Operating system choice is largely a matter of local + concerns. But some guidelines that have proven generally + useful are:</p> + + <ul> + <li> + <p>Run the latest stable release and patchlevel of the + operating system that you choose. Many OS suppliers have + introduced significant performance improvements to their + TCP stacks and thread libraries in recent years.</p> + </li> + + <li> + <p>If your OS supports a <code>sendfile(2)</code> system + call, make sure you install the release and/or patches + needed to enable it. (With Linux, for example, this means + using Linux 2.4 or later. For early releases of Solaris 8, + you may need to apply a patch.) On systems where it is + available, <code>sendfile</code> enables Apache 2 to deliver + static content faster and with lower CPU utilization.</p> + </li> + </ul> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="runtime" id="runtime">Run-Time Configuration Issues</a></h2> + + + + <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="../mod/mod_dir.html">mod_dir</a></code></li><li><code class="module"><a href="../mod/mpm_common.html">mpm_common</a></code></li><li><code class="module"><a href="../mod/mod_status.html">mod_status</a></code></li></ul></td><td><ul><li><code class="directive"><a href="../mod/core.html#allowoverride">AllowOverride</a></code></li><li><code class="directive"><a href="../mod/mod_dir.html#directoryindex">DirectoryIndex</a></code></li><li><code class="directive"><a href="../mod/core.html#hostnamelookups">HostnameLookups</a></code></li><li><code class="directive"><a href="../mod/core.html#enablemmap">EnableMMAP</a></code></li><li><code class="directive"><a href="../mod/core.html#enablesendfile">EnableSendfile</a></code></li><li><code class="directive"><a href="../mod/core.html#keepalivetimeout">KeepAliveTimeout</a></code></li><li><code class="directive"><a href="../mod/prefork.html#maxspareservers">MaxSpareServers</a></code></li><li><code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code></li><li><code class="directive"><a href="../mod/core.html#options">Options</a></code></li><li><code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code></li></ul></td></tr></table> + + <h3><a name="dns" id="dns">HostnameLookups and other DNS considerations</a></h3> + + + + <p>Prior to Apache 1.3, <code class="directive"><a href="../mod/core.html#hostnamelookups">HostnameLookups</a></code> defaulted to <code>On</code>. + This adds latency to every request because it requires a + DNS lookup to complete before the request is finished. In + Apache 1.3 this setting defaults to <code>Off</code>. If you need + to have addresses in your log files resolved to hostnames, use the + <code class="program"><a href="../programs/logresolve.html">logresolve</a></code> + program that comes with Apache, or one of the numerous log + reporting packages which are available.</p> + + <p>It is recommended that you do this sort of postprocessing of + your log files on some machine other than the production web + server machine, in order that this activity not adversely affect + server performance.</p> + + <p>If you use any <code><code class="directive"><a href="../mod/mod_access.html#allow">Allow</a></code> + from domain</code> or <code><code class="directive"><a href="../mod/mod_access.html#deny">Deny</a></code> from domain</code> + directives (i.e., using a hostname, or a domain name, rather than + an IP address) then you will pay for + two DNS lookups (a reverse, followed by a forward lookup + to make sure that the reverse is not being spoofed). For best + performance, therefore, use IP addresses, rather than names, when + using these directives, if possible.</p> + + <p>Note that it's possible to scope the directives, such as + within a <code><Location /server-status></code> section. + In this case the DNS lookups are only performed on requests + matching the criteria. Here's an example which disables lookups + except for <code>.html</code> and <code>.cgi</code> files:</p> + + <div class="example"><p><code> + HostnameLookups off<br /> + <Files ~ "\.(html|cgi)$"><br /> + <span class="indent"> + HostnameLookups on<br /> + </span> + </Files> + </code></p></div> + + <p>But even still, if you just need DNS names in some CGIs you + could consider doing the <code>gethostbyname</code> call in the + specific CGIs that need it.</p> + + + + <h3><a name="symlinks" id="symlinks">FollowSymLinks and SymLinksIfOwnerMatch</a></h3> + + + + <p>Wherever in your URL-space you do not have an <code>Options + FollowSymLinks</code>, or you do have an <code>Options + SymLinksIfOwnerMatch</code> Apache will have to issue extra + system calls to check up on symlinks. One extra call per + filename component. For example, if you had:</p> + + <div class="example"><p><code> + DocumentRoot /www/htdocs<br /> + <Directory /><br /> + <span class="indent"> + Options SymLinksIfOwnerMatch<br /> + </span> + </Directory> + </code></p></div> + + <p>and a request is made for the URI <code>/index.html</code>. + Then Apache will perform <code>lstat(2)</code> on + <code>/www</code>, <code>/www/htdocs</code>, and + <code>/www/htdocs/index.html</code>. The results of these + <code>lstats</code> are never cached, so they will occur on + every single request. If you really desire the symlinks + security checking you can do something like this:</p> + + <div class="example"><p><code> + DocumentRoot /www/htdocs<br /> + <Directory /><br /> + <span class="indent"> + Options FollowSymLinks<br /> + </span> + </Directory><br /> + <br /> + <Directory /www/htdocs><br /> + <span class="indent"> + Options -FollowSymLinks +SymLinksIfOwnerMatch<br /> + </span> + </Directory> + </code></p></div> + + <p>This at least avoids the extra checks for the + <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> path. + Note that you'll need to add similar sections if you + have any <code class="directive"><a href="../mod/mod_alias.html#alias">Alias</a></code> or + <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> paths + outside of your document root. For highest performance, + and no symlink protection, set <code>FollowSymLinks</code> + everywhere, and never set <code>SymLinksIfOwnerMatch</code>.</p> + + + + <h3><a name="htacess" id="htacess">AllowOverride</a></h3> + + + + <p>Wherever in your URL-space you allow overrides (typically + <code>.htaccess</code> files) Apache will attempt to open + <code>.htaccess</code> for each filename component. For + example,</p> + + <div class="example"><p><code> + DocumentRoot /www/htdocs<br /> + <Directory /><br /> + <span class="indent"> + AllowOverride all<br /> + </span> + </Directory> + </code></p></div> + + <p>and a request is made for the URI <code>/index.html</code>. + Then Apache will attempt to open <code>/.htaccess</code>, + <code>/www/.htaccess</code>, and + <code>/www/htdocs/.htaccess</code>. The solutions are similar + to the previous case of <code>Options FollowSymLinks</code>. + For highest performance use <code>AllowOverride None</code> + everywhere in your filesystem.</p> + + + + <h3><a name="negotiation" id="negotiation">Negotiation</a></h3> + + + + <p>If at all possible, avoid content-negotiation if you're + really interested in every last ounce of performance. In + practice the benefits of negotiation outweigh the performance + penalties. There's one case where you can speed up the server. + Instead of using a wildcard such as:</p> + + <div class="example"><p><code> + DirectoryIndex index + </code></p></div> + + <p>Use a complete list of options:</p> + + <div class="example"><p><code> + DirectoryIndex index.cgi index.pl index.shtml index.html + </code></p></div> + + <p>where you list the most common choice first.</p> + + <p>Also note that explicitly creating a <code>type-map</code> + file provides better performance than using + <code>MultiViews</code>, as the necessary information can be + determined by reading this single file, rather than having to + scan the directory for files.</p> + + <p>If your site needs content negotiation consider using + <code>type-map</code> files, rather than the <code>Options + MultiViews</code> directive to accomplish the negotiation. See the + <a href="../content-negotiation.html">Content Negotiation</a> + documentation for a full discussion of the methods of negotiation, + and instructions for creating <code>type-map</code> files.</p> + + + + <h3>Memory-mapping</h3> + + + + <p>In situations where Apache 2.x needs to look at the contents + of a file being delivered--for example, when doing server-side-include + processing--it normally memory-maps the file if the OS supports + some form of <code>mmap(2)</code>.</p> + + <p>On some platforms, this memory-mapping improves performance. + However, there are cases where memory-mapping can hurt the performance + or even the stability of the httpd:</p> + + <ul> + <li> + <p>On some operating systems, <code>mmap</code> does not scale + as well as <code>read(2)</code> when the number of CPUs increases. + On multiprocessor Solaris servers, for example, Apache 2.x sometimes + delivers server-parsed files faster when <code>mmap</code> is disabled.</p> + </li> + + <li> + <p>If you memory-map a file located on an NFS-mounted filesystem + and a process on another NFS client machine deletes or truncates + the file, your process may get a bus error the next time it tries + to access the mapped file content.</p> + </li> + </ul> + + <p>For installations where either of these factors applies, you + should use <code>EnableMMAP off</code> to disable the memory-mapping + of delivered files. (Note: This directive can be overridden on + a per-directory basis.)</p> + + + + <h3>Sendfile</h3> + + + + <p>In situations where Apache 2.x can ignore the contents of the file + to be delivered -- for example, when serving static file content -- + it normally uses the kernel sendfile support the file if the OS + supports the <code>sendfile(2)</code> operation.</p> + + <p>On most platforms, using sendfile improves performance by eliminating + separate read and send mechanics. However, there are cases where using + sendfile can harm the stability of the httpd:</p> + + <ul> + <li> + <p>Some platforms may have broken sendfile support that the build + system did not detect, especially if the binaries were built on + another box and moved to such a machine with broken sendfile support.</p> + </li> + <li> + <p>With an NFS-mounted files, the kernel may be unable + to reliably serve the network file through it's own cache.</p> + </li> + </ul> + + <p>For installations where either of these factors applies, you + should use <code>EnableSendfile off</code> to disable sendfile + delivery of file contents. (Note: This directive can be overridden + on a per-directory basis.)</p> + + + + <h3><a name="process" id="process">Process Creation</a></h3> + + + + <p>Prior to Apache 1.3 the <code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code>, <code class="directive"><a href="../mod/prefork.html#maxspareservers">MaxSpareServers</a></code>, and <code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code> settings all had drastic effects on + benchmark results. In particular, Apache required a "ramp-up" + period in order to reach a number of children sufficient to serve + the load being applied. After the initial spawning of + <code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code> children, + only one child per second would be created to satisfy the + <code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code> + setting. So a server being accessed by 100 simultaneous + clients, using the default <code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code> of <code>5</code> would take on + the order 95 seconds to spawn enough children to handle + the load. This works fine in practice on real-life servers, + because they aren't restarted frequently. But does really + poorly on benchmarks which might only run for ten minutes.</p> + + <p>The one-per-second rule was implemented in an effort to + avoid swamping the machine with the startup of new children. If + the machine is busy spawning children it can't service + requests. But it has such a drastic effect on the perceived + performance of Apache that it had to be replaced. As of Apache + 1.3, the code will relax the one-per-second rule. It will spawn + one, wait a second, then spawn two, wait a second, then spawn + four, and it will continue exponentially until it is spawning + 32 children per second. It will stop whenever it satisfies the + <code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code> + setting.</p> + + <p>This appears to be responsive enough that it's almost + unnecessary to twiddle the <code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code>, <code class="directive"><a href="../mod/prefork.html#maxspareservers">MaxSpareServers</a></code> and <code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code> knobs. When more than 4 children are + spawned per second, a message will be emitted to the + <code class="directive"><a href="../mod/core.html#errorlog">ErrorLog</a></code>. If you + see a lot of these errors then consider tuning these settings. + Use the <code class="module"><a href="../mod/mod_status.html">mod_status</a></code> output as a guide.</p> + + <p>Related to process creation is process death induced by the + <code class="directive"><a href="../mod/mpm_common.html#maxrequestsperchild">MaxRequestsPerChild</a></code> + setting. By default this is <code>0</code>, + which means that there is no limit to the number of requests + handled per child. If your configuration currently has this set + to some very low number, such as <code>30</code>, you may want to bump this + up significantly. If you are running SunOS or an old version of + Solaris, limit this to <code>10000</code> or so because of memory leaks.</p> + + <p>When keep-alives are in use, children will be kept busy + doing nothing waiting for more requests on the already open + connection. The default <code class="directive"><a href="../mod/core.html#keepalivetimeout">KeepAliveTimeout</a></code> of <code>15</code> + seconds attempts to minimize this effect. The tradeoff here is + between network bandwidth and server resources. In no event + should you raise this above about <code>60</code> seconds, as <a href="http://www.research.digital.com/wrl/techreports/abstracts/95.4.html"> + most of the benefits are lost</a>.</p> + + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="compiletime" id="compiletime">Compile-Time Configuration Issues</a></h2> + + + + <h3>Choosing an MPM</h3> + + + + <p>Apache 2.x supports pluggable concurrency models, called + <a href="../mpm.html">Multi-Processing Modules</a> (MPMs). + When building Apache, you must choose an MPM to use. There + are platform-specific MPMs for some platforms: + <code class="module"><a href="../mod/beos.html">beos</a></code>, <code class="module"><a href="../mod/mpm_netware.html">mpm_netware</a></code>, + <code class="module"><a href="../mod/mpmt_os2.html">mpmt_os2</a></code>, and <code class="module"><a href="../mod/mpm_winnt.html">mpm_winnt</a></code>. For + general Unix-type systems, there are several MPMs from which + to choose. The choice of MPM can affect the speed and scalability + of the httpd:</p> + + <ul> + + <li>The <code class="module"><a href="../mod/worker.html">worker</a></code> MPM uses multiple child + processes with many threads each. Each thread handles + one connection at a time. Worker generally is a good + choice for high-traffic servers because it has a smaller + memory footprint than the prefork MPM.</li> + + <li>The <code class="module"><a href="../mod/prefork.html">prefork</a></code> MPM uses multiple child + processes with one thread each. Each process handles + one connection at a time. On many systems, prefork is + comparable in speed to worker, but it uses more memory. + Prefork's threadless design has advantages over worker + in some situations: it can be used with non-thread-safe + third-party modules, and it is easier to debug on platforms + with poor thread debugging support.</li> + + </ul> + + <p>For more information on these and other MPMs, please + see the MPM <a href="../mpm.html">documentation</a>.</p> + + + + <h3><a name="modules" id="modules">Modules</a></h3> + + + + <p>Since memory usage is such an important consideration in + performance, you should attempt to eliminate modules that you are + not actually using. If you have built the modules as <a href="../dso.html">DSOs</a>, eliminating modules is a simple + matter of commenting out the associated <code class="directive"><a href="../mod/mod_so.html#loadmodule">LoadModule</a></code> directive for that module. + This allows you to experiment with removing modules, and seeing + if your site still functions in their absense.</p> + + <p>If, on the other hand, you have modules statically linked + into your Apache binary, you will need to recompile Apache in + order to remove unwanted modules.</p> + + <p>An associated question that arises here is, of course, what + modules you need, and which ones you don't. The answer here + will, of course, vary from one web site to another. However, the + <em>minimal</em> list of modules which you can get by with tends + to include <code class="module"><a href="../mod/mod_mime.html">mod_mime</a></code>, <code class="module"><a href="../mod/mod_dir.html">mod_dir</a></code>, + and <code class="module"><a href="../mod/mod_log_config.html">mod_log_config</a></code>. <code>mod_log_config</code> is, + of course, optional, as you can run a web site without log + files. This is, however, not recommended.</p> + + + + <h3>Atomic Operations</h3> + + + + <p>Some modules, such as <code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code> and + recent development builds of the worker MPM, use APR's + atomic API. This API provides atomic operations that can + be used for lightweight thread synchronization.</p> + + <p>By default, APR implements these operations using the + most efficient mechanism available on each target + OS/CPU platform. Many modern CPUs, for example, have + an instruction that does an atomic compare-and-swap (CAS) + operation in hardware. On some platforms, however, APR + defaults to a slower, mutex-based implementation of the + atomic API in order to ensure compatibility with older + CPU models that lack such instructions. If you are + building Apache for one of these platforms, and you plan + to run only on newer CPUs, you can select a faster atomic + implementation at build time by configuring Apache with + the <code>--enable-nonportable-atomics</code> option:</p> + + <div class="example"><p><code> + ./buildconf<br /> + ./configure --with-mpm=worker --enable-nonportable-atomics=yes + </code></p></div> + + <p>The <code>--enable-nonportable-atomics</code> option is + relevant for the following platforms:</p> + + <ul> + + <li>Solaris on SPARC<br /> + By default, APR uses mutex-based atomics on Solaris/SPARC. + If you configure with <code>--enable-nonportable-atomics</code>, + however, APR generates code that uses a SPARC v8plus opcode for + fast hardware compare-and-swap. If you configure Apache with + this option, the atomic operations will be more efficient + (allowing for lower CPU utilization and higher concurrency), + but the resulting executable will run only on UltraSPARC + chips. + </li> + + <li>Linux on x86<br /> + By default, APR uses mutex-based atomics on Linux. If you + configure with <code>--enable-nonportable-atomics</code>, + however, APR generates code that uses a 486 opcode for fast + hardware compare-and-swap. This will result in more efficient + atomic operations, but the resulting executable will run only + on 486 and later chips (and not on 386). + </li> + + </ul> + + + + <h3>mod_status and ExtendedStatus On</h3> + + + + <p>If you include <code class="module"><a href="../mod/mod_status.html">mod_status</a></code> and you also set + <code>ExtendedStatus On</code> when building and running + Apache, then on every request Apache will perform two calls to + <code>gettimeofday(2)</code> (or <code>times(2)</code> + depending on your operating system), and (pre-1.3) several + extra calls to <code>time(2)</code>. This is all done so that + the status report contains timing indications. For highest + performance, set <code>ExtendedStatus off</code> (which is the + default).</p> + + + + <h3>accept Serialization - multiple sockets</h3> + + + + <div class="warning"><h3>Warning:</h3> + <p>This section has not been fully updated + to take into account changes made in the 2.x version of the + Apache HTTP Server. Some of the information may still be + relevant, but please use it with care.</p> + </div> + + <p>This discusses a shortcoming in the Unix socket API. Suppose + your web server uses multiple <code class="directive"><a href="../mod/mpm_common.html#listen">Listen</a></code> statements to listen on either multiple + ports or multiple addresses. In order to test each socket + to see if a connection is ready Apache uses + <code>select(2)</code>. <code>select(2)</code> indicates that a + socket has <em>zero</em> or <em>at least one</em> connection + waiting on it. Apache's model includes multiple children, and + all the idle ones test for new connections at the same time. A + naive implementation looks something like this (these examples + do not match the code, they're contrived for pedagogical + purposes):</p> + + <div class="example"><p><code> + for (;;) {<br /> + <span class="indent"> + for (;;) {<br /> + <span class="indent"> + fd_set accept_fds;<br /> + <br /> + FD_ZERO (&accept_fds);<br /> + for (i = first_socket; i <= last_socket; ++i) {<br /> + <span class="indent"> + FD_SET (i, &accept_fds);<br /> + </span> + }<br /> + rc = select (last_socket+1, &accept_fds, NULL, NULL, NULL);<br /> + if (rc < 1) continue;<br /> + new_connection = -1;<br /> + for (i = first_socket; i <= last_socket; ++i) {<br /> + <span class="indent"> + if (FD_ISSET (i, &accept_fds)) {<br /> + <span class="indent"> + new_connection = accept (i, NULL, NULL);<br /> + if (new_connection != -1) break;<br /> + </span> + }<br /> + </span> + }<br /> + if (new_connection != -1) break;<br /> + </span> + }<br /> + process the new_connection;<br /> + </span> + } + </code></p></div> + + <p>But this naive implementation has a serious starvation problem. + Recall that multiple children execute this loop at the same + time, and so multiple children will block at + <code>select</code> when they are in between requests. All + those blocked children will awaken and return from + <code>select</code> when a single request appears on any socket + (the number of children which awaken varies depending on the + operating system and timing issues). They will all then fall + down into the loop and try to <code>accept</code> the + connection. But only one will succeed (assuming there's still + only one connection ready), the rest will be <em>blocked</em> + in <code>accept</code>. This effectively locks those children + into serving requests from that one socket and no other + sockets, and they'll be stuck there until enough new requests + appear on that socket to wake them all up. This starvation + problem was first documented in <a href="http://bugs.apache.org/index/full/467">PR#467</a>. There + are at least two solutions.</p> + + <p>One solution is to make the sockets non-blocking. In this + case the <code>accept</code> won't block the children, and they + will be allowed to continue immediately. But this wastes CPU + time. Suppose you have ten idle children in + <code>select</code>, and one connection arrives. Then nine of + those children will wake up, try to <code>accept</code> the + connection, fail, and loop back into <code>select</code>, + accomplishing nothing. Meanwhile none of those children are + servicing requests that occurred on other sockets until they + get back up to the <code>select</code> again. Overall this + solution does not seem very fruitful unless you have as many + idle CPUs (in a multiprocessor box) as you have idle children, + not a very likely situation.</p> + + <p>Another solution, the one used by Apache, is to serialize + entry into the inner loop. The loop looks like this + (differences highlighted):</p> + + <div class="example"><p><code> + for (;;) {<br /> + <span class="indent"> + <strong>accept_mutex_on ();</strong><br /> + for (;;) {<br /> + <span class="indent"> + fd_set accept_fds;<br /> + <br /> + FD_ZERO (&accept_fds);<br /> + for (i = first_socket; i <= last_socket; ++i) {<br /> + <span class="indent"> + FD_SET (i, &accept_fds);<br /> + </span> + }<br /> + rc = select (last_socket+1, &accept_fds, NULL, NULL, NULL);<br /> + if (rc < 1) continue;<br /> + new_connection = -1;<br /> + for (i = first_socket; i <= last_socket; ++i) {<br /> + <span class="indent"> + if (FD_ISSET (i, &accept_fds)) {<br /> + <span class="indent"> + new_connection = accept (i, NULL, NULL);<br /> + if (new_connection != -1) break;<br /> + </span> + }<br /> + </span> + }<br /> + if (new_connection != -1) break;<br /> + </span> + }<br /> + <strong>accept_mutex_off ();</strong><br /> + process the new_connection;<br /> + </span> + } + </code></p></div> + + <p><a id="serialize" name="serialize">The functions</a> + <code>accept_mutex_on</code> and <code>accept_mutex_off</code> + implement a mutual exclusion semaphore. Only one child can have + the mutex at any time. There are several choices for + implementing these mutexes. The choice is defined in + <code>src/conf.h</code> (pre-1.3) or + <code>src/include/ap_config.h</code> (1.3 or later). Some + architectures do not have any locking choice made, on these + architectures it is unsafe to use multiple + <code class="directive"><a href="../mod/mpm_common.html#listen">Listen</a></code> + directives.</p> + + <p>The directive <code class="directive"><a href="../mod/mpm_common.html#acceptmutex">AcceptMutex</a></code> can be used to + change the selected mutex implementation at run-time.</p> + + <dl> + <dt><code>AcceptMutex flock</code></dt> + + <dd> + <p>This method uses the <code>flock(2)</code> system call to + lock a lock file (located by the <code class="directive"><a href="../mod/mpm_common.html#lockfile">LockFile</a></code> directive).</p> + </dd> + + <dt><code>AcceptMutex fcntl</code></dt> + + <dd> + <p>This method uses the <code>fcntl(2)</code> system call to + lock a lock file (located by the <code class="directive"><a href="../mod/mpm_common.html#lockfile">LockFile</a></code> directive).</p> + </dd> + + <dt><code>AcceptMutex sysvsem</code></dt> + + <dd> + <p>(1.3 or later) This method uses SysV-style semaphores to + implement the mutex. Unfortunately SysV-style semaphores have + some bad side-effects. One is that it's possible Apache will + die without cleaning up the semaphore (see the + <code>ipcs(8)</code> man page). The other is that the + semaphore API allows for a denial of service attack by any + CGIs running under the same uid as the webserver + (<em>i.e.</em>, all CGIs, unless you use something like + <code class="program"><a href="../programs/suexec.html">suexec</a></code> or <code>cgiwrapper</code>). For these + reasons this method is not used on any architecture except + IRIX (where the previous two are prohibitively expensive + on most IRIX boxes).</p> + </dd> + + <dt><code>AcceptMutex pthread</code></dt> + + <dd> + <p>(1.3 or later) This method uses POSIX mutexes and should + work on any architecture implementing the full POSIX threads + specification, however appears to only work on Solaris (2.5 + or later), and even then only in certain configurations. If + you experiment with this you should watch out for your server + hanging and not responding. Static content only servers may + work just fine.</p> + </dd> + + <dt><code>AcceptMutex posixsem</code></dt> + + <dd> + <p>(2.0 or later) This method uses POSIX semaphores. The + semaphore ownership is not recovered if a thread in the process + holding the mutex segfaults, resulting in a hang of the web + server.</p> + </dd> + + </dl> + + <p>If your system has another method of serialization which + isn't in the above list then it may be worthwhile adding code + for it to APR.</p> + + <p>Another solution that has been considered but never + implemented is to partially serialize the loop -- that is, let + in a certain number of processes. This would only be of + interest on multiprocessor boxes where it's possible multiple + children could run simultaneously, and the serialization + actually doesn't take advantage of the full bandwidth. This is + a possible area of future investigation, but priority remains + low because highly parallel web servers are not the norm.</p> + + <p>Ideally you should run servers without multiple + <code class="directive"><a href="../mod/mpm_common.html#listen">Listen</a></code> + statements if you want the highest performance. + But read on.</p> + + + + <h3>accept Serialization - single socket</h3> + + + + <p>The above is fine and dandy for multiple socket servers, but + what about single socket servers? In theory they shouldn't + experience any of these same problems because all children can + just block in <code>accept(2)</code> until a connection + arrives, and no starvation results. In practice this hides + almost the same "spinning" behaviour discussed above in the + non-blocking solution. The way that most TCP stacks are + implemented, the kernel actually wakes up all processes blocked + in <code>accept</code> when a single connection arrives. One of + those processes gets the connection and returns to user-space, + the rest spin in the kernel and go back to sleep when they + discover there's no connection for them. This spinning is + hidden from the user-land code, but it's there nonetheless. + This can result in the same load-spiking wasteful behaviour + that a non-blocking solution to the multiple sockets case + can.</p> + + <p>For this reason we have found that many architectures behave + more "nicely" if we serialize even the single socket case. So + this is actually the default in almost all cases. Crude + experiments under Linux (2.0.30 on a dual Pentium pro 166 + w/128Mb RAM) have shown that the serialization of the single + socket case causes less than a 3% decrease in requests per + second over unserialized single-socket. But unserialized + single-socket showed an extra 100ms latency on each request. + This latency is probably a wash on long haul lines, and only an + issue on LANs. If you want to override the single socket + serialization you can define + <code>SINGLE_LISTEN_UNSERIALIZED_ACCEPT</code> and then + single-socket servers will not serialize at all.</p> + + + + <h3>Lingering Close</h3> + + + + <p>As discussed in <a href="http://www.ics.uci.edu/pub/ietf/http/draft-ietf-http-connection-00.txt"> + draft-ietf-http-connection-00.txt</a> section 8, in order for + an HTTP server to <strong>reliably</strong> implement the + protocol it needs to shutdown each direction of the + communication independently (recall that a TCP connection is + bi-directional, each half is independent of the other). This + fact is often overlooked by other servers, but is correctly + implemented in Apache as of 1.2.</p> + + <p>When this feature was added to Apache it caused a flurry of + problems on various versions of Unix because of a + shortsightedness. The TCP specification does not state that the + <code>FIN_WAIT_2</code> state has a timeout, but it doesn't prohibit it. + On systems without the timeout, Apache 1.2 induces many sockets + stuck forever in the <code>FIN_WAIT_2</code> state. In many cases this + can be avoided by simply upgrading to the latest TCP/IP patches + supplied by the vendor. In cases where the vendor has never + released patches (<em>i.e.</em>, SunOS4 -- although folks with + a source license can patch it themselves) we have decided to + disable this feature.</p> + + <p>There are two ways of accomplishing this. One is the socket + option <code>SO_LINGER</code>. But as fate would have it, this + has never been implemented properly in most TCP/IP stacks. Even + on those stacks with a proper implementation (<em>i.e.</em>, + Linux 2.0.31) this method proves to be more expensive (cputime) + than the next solution.</p> + + <p>For the most part, Apache implements this in a function + called <code>lingering_close</code> (in + <code>http_main.c</code>). The function looks roughly like + this:</p> + + <div class="example"><p><code> + void lingering_close (int s)<br /> + {<br /> + <span class="indent"> + char junk_buffer[2048];<br /> + <br /> + /* shutdown the sending side */<br /> + shutdown (s, 1);<br /> + <br /> + signal (SIGALRM, lingering_death);<br /> + alarm (30);<br /> + <br /> + for (;;) {<br /> + <span class="indent"> + select (s for reading, 2 second timeout);<br /> + if (error) break;<br /> + if (s is ready for reading) {<br /> + <span class="indent"> + if (read (s, junk_buffer, sizeof (junk_buffer)) <= 0) {<br /> + <span class="indent"> + break;<br /> + </span> + }<br /> + /* just toss away whatever is here */<br /> + </span> + }<br /> + </span> + }<br /> + <br /> + close (s);<br /> + </span> + } + </code></p></div> + + <p>This naturally adds some expense at the end of a connection, + but it is required for a reliable implementation. As HTTP/1.1 + becomes more prevalent, and all connections are persistent, + this expense will be amortized over more requests. If you want + to play with fire and disable this feature you can define + <code>NO_LINGCLOSE</code>, but this is not recommended at all. + In particular, as HTTP/1.1 pipelined persistent connections + come into use <code>lingering_close</code> is an absolute + necessity (and <a href="http://www.w3.org/Protocols/HTTP/Performance/Pipeline.html"> + pipelined connections are faster</a>, so you want to support + them).</p> + + + + <h3>Scoreboard File</h3> + + + + <p>Apache's parent and children communicate with each other + through something called the scoreboard. Ideally this should be + implemented in shared memory. For those operating systems that + we either have access to, or have been given detailed ports + for, it typically is implemented using shared memory. The rest + default to using an on-disk file. The on-disk file is not only + slow, but it is unreliable (and less featured). Peruse the + <code>src/main/conf.h</code> file for your architecture and + look for either <code>USE_MMAP_SCOREBOARD</code> or + <code>USE_SHMGET_SCOREBOARD</code>. Defining one of those two + (as well as their companions <code>HAVE_MMAP</code> and + <code>HAVE_SHMGET</code> respectively) enables the supplied + shared memory code. If your system has another type of shared + memory, edit the file <code>src/main/http_main.c</code> and add + the hooks necessary to use it in Apache. (Send us back a patch + too please.)</p> + + <div class="note">Historical note: The Linux port of Apache didn't start to + use shared memory until version 1.2 of Apache. This oversight + resulted in really poor and unreliable behaviour of earlier + versions of Apache on Linux.</div> + + + + <h3>DYNAMIC_MODULE_LIMIT</h3> + + + + <p>If you have no intention of using dynamically loaded modules + (you probably don't if you're reading this and tuning your + server for every last ounce of performance) then you should add + <code>-DDYNAMIC_MODULE_LIMIT=0</code> when building your + server. This will save RAM that's allocated only for supporting + dynamically loaded modules.</p> + + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="trace" id="trace">Appendix: Detailed Analysis of a Trace</a></h2> + + + + <p>Here is a system call trace of Apache 2.0.38 with the worker MPM + on Solaris 8. This trace was collected using:</p> + + <div class="example"><p><code> + truss -l -p <var>httpd_child_pid</var>. + </code></p></div> + + <p>The <code>-l</code> option tells truss to log the ID of the + LWP (lightweight process--Solaris's form of kernel-level thread) + that invokes each system call.</p> + + <p>Other systems may have different system call tracing utilities + such as <code>strace</code>, <code>ktrace</code>, or <code>par</code>. + They all produce similar output.</p> + + <p>In this trace, a client has requested a 10KB static file + from the httpd. Traces of non-static requests or requests + with content negotiation look wildly different (and quite ugly + in some cases).</p> + + <div class="example"><pre>/67: accept(3, 0x00200BEC, 0x00200C0C, 1) (sleeping...) +/67: accept(3, 0x00200BEC, 0x00200C0C, 1) = 9</pre></div> + + <p>In this trace, the listener thread is running within LWP #67.</p> + + <div class="note">Note the lack of <code>accept(2)</code> serialization. On this + particular platform, the worker MPM uses an unserialized accept by + default unless it is listening on multiple ports.</div> + + <div class="example"><pre>/65: lwp_park(0x00000000, 0) = 0 +/67: lwp_unpark(65, 1) = 0</pre></div> + + <p>Upon accepting the connection, the listener thread wakes up + a worker thread to do the request processing. In this trace, + the worker thread that handles the request is mapped to LWP #65.</p> + + <div class="example"><pre>/65: getsockname(9, 0x00200BA4, 0x00200BC4, 1) = 0</pre></div> + + <p>In order to implement virtual hosts, Apache needs to know + the local socket address used to accept the connection. It + is possible to eliminate this call in many situations (such + as when there are no virtual hosts, or when + <code class="directive"><a href="../mod/mpm_common.html#listen">Listen</a></code> directives + are used which do not have wildcard addresses). But + no effort has yet been made to do these optimizations. </p> + + <div class="example"><pre>/65: brk(0x002170E8) = 0 +/65: brk(0x002190E8) = 0</pre></div> + + <p>The <code>brk(2)</code> calls allocate memory from the heap. + It is rare to see these in a system call trace, because the httpd + uses custom memory allocators (<code>apr_pool</code> and + <code>apr_bucket_alloc</code>) for most request processing. + In this trace, the httpd has just been started, so it must + call <code>malloc(3)</code> to get the blocks of raw memory + with which to create the custom memory allocators.</p> + + <div class="example"><pre>/65: fcntl(9, F_GETFL, 0x00000000) = 2 +/65: fstat64(9, 0xFAF7B818) = 0 +/65: getsockopt(9, 65535, 8192, 0xFAF7B918, 0xFAF7B910, 2190656) = 0 +/65: fstat64(9, 0xFAF7B818) = 0 +/65: getsockopt(9, 65535, 8192, 0xFAF7B918, 0xFAF7B914, 2190656) = 0 +/65: setsockopt(9, 65535, 8192, 0xFAF7B918, 4, 2190656) = 0 +/65: fcntl(9, F_SETFL, 0x00000082) = 0</pre></div> + + <p>Next, the worker thread puts the connection to the client (file + descriptor 9) in non-blocking mode. The <code>setsockopt(2)</code> + and <code>getsockopt(2)</code> calls are a side-effect of how + Solaris's libc handles <code>fcntl(2)</code> on sockets.</p> + + <div class="example"><pre>/65: read(9, " G E T / 1 0 k . h t m".., 8000) = 97</pre></div> + + <p>The worker thread reads the request from the client.</p> + + <div class="example"><pre>/65: stat("/var/httpd/apache/httpd-8999/htdocs/10k.html", 0xFAF7B978) = 0 +/65: open("/var/httpd/apache/httpd-8999/htdocs/10k.html", O_RDONLY) = 10</pre></div> + + <p>This httpd has been configured with <code>Options FollowSymLinks</code> + and <code>AllowOverride None</code>. Thus it doesn't need to + <code>lstat(2)</code> each directory in the path leading up to the + requested file, nor check for <code>.htaccess</code> files. + It simply calls <code>stat(2)</code> to verify that the file: + 1) exists, and 2) is a regular file, not a directory.</p> + + <div class="example"><pre>/65: sendfilev(0, 9, 0x00200F90, 2, 0xFAF7B53C) = 10269</pre></div> + + <p>In this example, the httpd is able to send the HTTP response + header and the requested file with a single <code>sendfilev(2)</code> + system call. Sendfile semantics vary among operating systems. On some other + systems, it is necessary to do a <code>write(2)</code> or + <code>writev(2)</code> call to send the headers before calling + <code>sendfile(2)</code>.</p> + + <div class="example"><pre>/65: write(4, " 1 2 7 . 0 . 0 . 1 - ".., 78) = 78</pre></div> + + <p>This <code>write(2)</code> call records the request in the + access log. Note that one thing missing from this trace is a + <code>time(2)</code> call. Unlike Apache 1.3, Apache 2.x uses + <code>gettimeofday(3)</code> to look up the time. On some operating + systems, like Linux or Solaris, <code>gettimeofday</code> has an + optimized implementation that doesn't require as much overhead + as a typical system call.</p> + + <div class="example"><pre>/65: shutdown(9, 1, 1) = 0 +/65: poll(0xFAF7B980, 1, 2000) = 1 +/65: read(9, 0xFAF7BC20, 512) = 0 +/65: close(9) = 0</pre></div> + + <p>The worker thread does a lingering close of the connection.</p> + + <div class="example"><pre>/65: close(10) = 0 +/65: lwp_park(0x00000000, 0) (sleeping...)</pre></div> + + <p>Finally the worker thread closes the file that it has just delivered + and blocks until the listener assigns it another connection.</p> + + <div class="example"><pre>/67: accept(3, 0x001FEB74, 0x001FEB94, 1) (sleeping...)</pre></div> + + <p>Meanwhile, the listener thread is able to accept another connection + as soon as it has dispatched this connection to a worker thread (subject + to some flow-control logic in the worker MPM that throttles the listener + if all the available workers are busy). Though it isn't apparent from + this trace, the next <code>accept(2)</code> can (and usually does, under + high load conditions) occur in parallel with the worker thread's handling + of the just-accepted connection.</p> + + </div></div> +<div class="bottomlang"> +<p><span>Available Languages: </span><a href="../en/misc/perf-tuning.html" title="English"> en </a> | +<a href="../ko/misc/perf-tuning.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> | +<a href="../tr/misc/perf-tuning.html" hreflang="tr" rel="alternate" title="T�rk�e"> tr </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/perf-tuning.html.ko.euc-kr b/rubbos/app/httpd-2.0.64/docs/manual/misc/perf-tuning.html.ko.euc-kr new file mode 100644 index 00000000..b5443b1e --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/perf-tuning.html.ko.euc-kr @@ -0,0 +1,978 @@ +<?xml version="1.0" encoding="EUC-KR"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="ko" xml:lang="ko"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>����ġ ������� - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">���</a> | <a href="../mod/directives.html">���þ��</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">���</a> | <a href="../sitemap.html">����Ʈ��</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>����ġ �������</h1> +<div class="toplang"> +<p><span>������ ���: </span><a href="../en/misc/perf-tuning.html" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../ko/misc/perf-tuning.html" title="Korean"> ko </a> | +<a href="../tr/misc/perf-tuning.html" hreflang="tr" rel="alternate" title="Türkçe"> tr </a></p> +</div> +<div class="outofdate">�� ������ �ֽ��� ������ �ƴմϴ�. + �ֱٿ� ����� ������ ���� ������ �����ϼ���.</div> + + + <p>����ġ 2.0�� ��ɰ� ���ð��ɼ��� ������ ������ �µ��� + ������ ���� �������̴�. ��ġ��ũ ����� ��������� �������� + �ʾ����� ����ġ 2.0�� ���� ���� ��� ���� ������ ����.</p> + + <p>����ġ 1.3�� ���ؼ� 2.0 ������ ó������ Ȯ�强(scalability)�� + ���̱����� ���� ����ȭ�� �ߴ�. �⺻������ ��κ� ����ȭ�� + ���� ����Ѵ�. ���� �����Ͻ� Ȥ�� ����� ������ ���ɿ� + ū ������ �� �� �ִ�. �� ������ ����ġ 2.0�� ������ ����ϱ����� + ���� �����ڰ� ������ �� �ִ� �ɼ��� �����Ѵ�. � ���� + �ɼ��� �������� �ϵ����� �ü���� ����� �� �� Ȱ���ϵ��� + �ϴ� �ݸ�, � �ɼ��� �ӵ��� ���� ����� ����Ѵ�.</p> + + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#hardware">�ϵ����� �ü���� ���ؼ�</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#runtime">����� ������ ���ؼ�</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#compiletime">�����Ͻ� ������ ���ؼ�</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#trace">�η�: �ý���ȣ�� ����� �ڼ��� �м��ϱ�</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="hardware" id="hardware">�ϵ����� �ü���� ���ؼ�</a></h2> + + + + <p>������ ���ɿ� ���� ū ������ �ִ� ���� ��. ������ + ��û�� �����ð��� ����ڰ� "����� �����ٰ�" �������� ���ϰ� + �ø������ �������� ������ �ϸ� �ȵȴ�. �������� ����ڴ� + �����ϰ� �ٽ� �����Ͽ� ���ϰ� ��� �����Ѵ�. <code class="directive"><a href="../mod/mpm_common.html#maxclients">MaxClients</a></code> ���þ �����Ͽ� + �������� ������ �� ������ ���� �ڽ��� �������ʵ��� �ؾ� + �Ѵ�. ����� �����ϴ�: <code>top</code>�� ���� �������� + ���μ��� ����� ���� ����ġ ���μ����� ��� �� ��뷮�� + �˾Ƴ���, ��ü ��밡���� ���� �ٸ� ���μ������� ����� + ������ �� ������ ������.</p> + + <p>�������� ����ϴ�: ����� ���� CPU, ����� ���� ��Ʈ��ī��, + ����� ���� ��ũ, ���⼭ "����� ����"�� ������ �ؼ� �����ؾ� + �Ѵ�.</p> + + <p>�ü���� ���� ���� �˾Ƽ� ������ ���̴�. ���� �Ϲ������� + �����ϴٰ� �Ǹ��� ��� ��ħ�� �ִ�:</p> + + <ul> + <li> + <p>������ �ü���� �ֽ� ���� ������ ��ġ�� �����Ѵ�. + ���� �ü�� ���ۻ�� �ֱ� TCP ���ð� ������ ���̺귯���� + ���� �ӵ������ �ߴ�.</p> + </li> + + <li> + <p>�ü���� <code>sendfile(2)</code> �ý���ȣ���� + �����Ѵٸ�, �̸� ����ϱ����� �����̳� ��ġ�� ��ġ�Ͽ����� + Ȯ���Ѵ�. (���� ���, ��������� 2.4 �̻� ������ ���Ѵ�. + Solaris 8 �ʱ� ������ ��ġ�� �ʿ��ϴ�.) �����ϴ� �ý����̶�� + ����ġ 2�� <code>sendfile</code>�� ����Ͽ� CPU�� �� + ����ϸ� ���� ������ �� ���� ������ �� �մ�.</p> + </li> + </ul> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="runtime" id="runtime">����� ������ ���ؼ�</a></h2> + + + + <table class="related"><tr><th>���õ� ���</th><th>���õ� ���þ�</th></tr><tr><td><ul><li><code class="module"><a href="../mod/mod_dir.html">mod_dir</a></code></li><li><code class="module"><a href="../mod/mpm_common.html">mpm_common</a></code></li><li><code class="module"><a href="../mod/mod_status.html">mod_status</a></code></li></ul></td><td><ul><li><code class="directive"><a href="../mod/core.html#allowoverride">AllowOverride</a></code></li><li><code class="directive"><a href="../mod/mod_dir.html#directoryindex">DirectoryIndex</a></code></li><li><code class="directive"><a href="../mod/core.html#hostnamelookups">HostnameLookups</a></code></li><li><code class="directive"><a href="../mod/core.html#enablemmap">EnableMMAP</a></code></li><li><code class="directive"><a href="../mod/core.html#enablesendfile">EnableSendfile</a></code></li><li><code class="directive"><a href="../mod/core.html#keepalivetimeout">KeepAliveTimeout</a></code></li><li><code class="directive"><a href="../mod/prefork.html#maxspareservers">MaxSpareServers</a></code></li><li><code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code></li><li><code class="directive"><a href="../mod/core.html#options">Options</a></code></li><li><code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code></li></ul></td></tr></table> + + <h3><a name="dns" id="dns">HostnameLookups�� DNS�� ���� ������ ����</a></h3> + + + + <p>����ġ 1.3 ������ <code class="directive"><a href="../mod/core.html#hostnamelookups">HostnameLookups</a></code>�� �⺻���� + <code>On</code>�̿���. ��û�� ��ġ������ DNS �˻��� ������ + �ϹǷ� ��û���� ������ �����. ����ġ 1.3���� �� ������ + �⺻���� <code>Off</code>�� ����Ǿ���. �α������� �ּҸ� + ȣ��Ʈ������ ��ȯ�Ϸ��� ���� �α�ó�� ���α��� �ϳ���, + ����ġ�� ���Ե� <a href="../programs/logresolve.html"><code>logresolve</code></a> + ���α��� ����϶�.</p> + + <p>�α�ó�� �۾��� ���� ���ɿ� �ǿ����� ��ġ�Ƿ� ���� + ����ϴ� �������� �ƴ� �ٸ� ��ǻ�Ϳ��� �α������� ��ó���ϱ� + �ٶ���.</p> + + <p><code><code class="directive"><a href="../mod/mod_access.html#allow">Allow</a></code> + from domain</code>�̳� <code><code class="directive"><a href="../mod/mod_access.html#deny">Deny</a></code> from domain</code> + ���þ ����Ѵٸ� (��, IP �ּҰ� �ƴ� ȣ��Ʈ���̳� �����θ��� + ����Ѵٸ�) �ε��� �ߺ�-�� DNS �˻��� (���˻��� ���� ���Ƿ� + ����Ǿ����� Ȯ���ϱ����� �ٽ� �˻�) �ؾ� �Ѵ�. ���Ƿ� + ������ ���̱����� �̷� ���þ�� �����ϸ� �̸���� IP + �ּҸ� ����Ѵ�.</p> + + <p><code><Location /server-status></code> ���� ������ + ���þ��� ��������� ������ �� ������ ����϶�. �� ��� + ���ǿ� �´� ��û���� DNS ��ȸ�� �Ѵ�. ������ + <code>.html</code>�� <code>.cgi</code> ���ϸ� DNS �˻��� + �ϴ� ������:</p> + + <div class="example"><p><code> + HostnameLookups off<br /> + <Files ~ "\.(html|cgi)$"><br /> + <span class="indent"> + HostnameLookups on<br /> + </span> + </Files> + </code></p></div> + + <p>���� CGI���� DNS���� �ʿ��� ���̶��, �ʿ��� Ư�� + CGI������ <code>gethostbyname</code> ȣ���� �ϵ��� �����غ� + �� �ִ�.</p> + + + + <h3><a name="symlinks" id="symlinks">FollowSymLinks�� SymLinksIfOwnerMatch</a></h3> + + + + <p>URL �������� <code>Options FollowSymLinks</code>�� + ��������ʰ� <code>Options SymLinksIfOwnerMatch</code>�� + ����ϸ� ����ġ�� �ɺ���ũ�� �˻��ϱ����� �ý���ȣ���� + �ѹ� �� �ؾ� �Ѵ�. ���ϸ��� �� �κи��� �ѹ��� �� ȣ���� + �Ѵ�. ���� ���, ������ ������ ����:</p> + + <div class="example"><p><code> + DocumentRoot /www/htdocs<br /> + <Directory /><br /> + <span class="indent"> + Options SymLinksIfOwnerMatch<br /> + </span> + </Directory> + </code></p></div> + + <p><code>/index.html</code> URI�� ���� ��û�� �ִٰ� ��������. + ���� ����ġ�� <code>/www</code>, <code>/www/htdocs</code>, + <code>/www/htdocs/index.html</code> ������ ���� + <code>lstat(2)</code>�� ȣ���Ѵ�. <code>lstats</code> + ����� ij������ �ʱ���� ��û�� ���� ������ �Ź� ���� + �۾��� �Ѵ�. ��¥ �ɺ���ũ ���� �˻縦 ���Ѵٸ� ������ + ���� �� �� �ִ�:</p> + + <div class="example"><p><code> + DocumentRoot /www/htdocs<br /> + <Directory /><br /> + <span class="indent"> + Options FollowSymLinks<br /> + </span> + </Directory><br /> + <br /> + <Directory /www/htdocs><br /> + <span class="indent"> + Options -FollowSymLinks +SymLinksIfOwnerMatch<br /> + </span> + </Directory> + </code></p></div> + + <p>�� ��� �ּ��� <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> ��δ� �˻����� + �ʴ´�. DocumentRoot �ۿ� �ִ� ��η� <code class="directive"><a href="../mod/mod_alias.html#alias">Alias</a></code>�� <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code>�� ����� + ��쿡�� ���� ����� ������ �ʿ��ϴ�. �ɺ���ũ ������ + �������� �ʰ� �ְ��� ������ ��������, + <code>FollowSymLinks</code>�� �����ϰ�, + <code>SymLinksIfOwnerMatch</code>�� ����� �ȵȴ�.</p> + + + + <h3><a name="htacess" id="htacess">AllowOverride</a></h3> + + + + <p>URL �������� overrides�� ����Ѵٸ� (���� + <code>.htaccess</code> ����) ����ġ�� ���ϸ��� �� �κи��� + <code>.htaccess</code>�� ���� �õ��Ѵ�. ���� ���,</p> + + <div class="example"><p><code> + DocumentRoot /www/htdocs<br /> + <Directory /><br /> + <span class="indent"> + AllowOverride all<br /> + </span> + </Directory> + </code></p></div> + + <p><code>/index.html</code> URI�� ���� ��û�� �ִٰ� ��������. + ����ġ�� <code>/.htaccess</code>, <code>/www/.htaccess</code>, + <code>/www/htdocs/.htaccess</code>�� ������ �õ��Ѵ�. + �ذ�å�� ���� <code>Options FollowSymLinks</code> ���� + ����ϴ�. �ְ��� ������ �������� ���Ͻý��ۿ� ���ؼ� �� + <code>AllowOverride None</code>�� ����Ѵ�.</p> + + + + <h3><a name="negotiation" id="negotiation">��������</a></h3> + + + + <p>�����ϰ� ��¥ ������ ������� ������ �ִٸ� ���������� + ���´�. ������ ������ �̵��� �������Ϻ��� �۴�. ������ + ������ �� �� �ִ�. ������ ���� ���ϵ�ī�带 ����ϴ� ���:</p> + + <div class="example"><p><code> + DirectoryIndex index + </code></p></div> + + <p>������ ����� ����Ѵ�:</p> + + <div class="example"><p><code> + DirectoryIndex index.cgi index.pl index.shtml index.html + </code></p></div> + + <p>���� ���� ���� �տ� �д�.</p> + + <p>��, ���丮���� ���ϵ��� ã�� <code>MultiViews</code> + ���ٴ�, �� ���ϸ� ������ �ʿ��� ������ ���� �� �ִ� + <code>type-map</code> ������ ���� ����� ���� �� ������ + �����϶�.</p> + + <p>����Ʈ�� ���������� �ʿ��ϴٸ� ������ ���� <code>Options + MultiViews</code> ���þ ����ϱ⺸�� <code>type-map</code> + ������ �����϶�. �������� ���� �ڼ��� ������ + <code>type-map</code> ������ ����� ����� <a href="../content-negotiation.html">��������</a> ������ �����϶�.</p> + + + + <h3>���� (memory-mapping)</h3> + + + + <p>���� ���, server-side-include�� ó���ϴ� �� ����ġ + 2.0�� ������ ������ ������ �ü���� <code>mmap(2)</code> + ���� �����Ѵٸ� ������ �����Ѵ�.</p> + + <p>���� �÷������� ������ ������ ����Ѵ�. ���� + ������ ������ ������ ����Ʈ���� ������ �������� + ��ġ�� ��찡 �ִ�:</p> + + <ul> + <li> + <p>� �ü������ <code>mmap</code>�� CPU ������ + �������� <code>read(2)</code> ��ŭ Ȯ�强�� ���� �ʴ�. + ���� ���, �������μ��� Solaris �������� ����ġ 2.0�� + ���� <code>mmap</code>�� ������� ������ ������ ó���� + ������ �� ���� �����Ѵ�.</p> + </li> + + <li> + <p>NFS ����Ʈ�� ���Ͻý��ۿ� �ִ� ������ �����ϴ� + ���߿� �ٸ� NFS Ŭ���̾�Ʈ�� �ִ� ���μ����� ������ + ����ų� ����ũ�⸦ ���̸�, ������ ���μ����� ���� + ���� ������ ���ϳ����� ������ bus error�� ���� + �� �ִ�.</p> + </li> + </ul> + + <p>���� ���ǿ� �ش��ϸ� �����ϴ� ������ �������� + �ʵ��� <code>EnableMMAP off</code>�� ����ؾ� �Ѵ�. (����: + �� ���þ�� ���丮���� ������ �� �ִ�.)</p> + + + + <h3>Sendfile</h3> + + + + <p>����ġ�� �ü���� <code>sendfile(2)</code>�� �����ϸ� + Ŀ�� sendfile�� ����Ͽ� -- ���� ���, ���� ������ �����Ҷ� + -- ������ ������ ���� �������� �� �ִ�.</p> + + <p>���� �÷������� sendfile�� ����ϸ� read�� send�� ���� + �� �ʿ䰡 ��� ��������. ���� sendfile�� ����ϸ� + �������� �������� ��ġ�ԵǴ� ��찡 �ִ�:</p> + + <ul> + <li> + <p>sendfile ������ �߸��Ǿ��� ������ �ý����� ������ + �߰����� ���ϴ� �÷����� �ִ�. Ư�� �ٸ� ��ǻ�Ϳ��� + ���������� �������Ͽ� sendfile ������ �߸��� ��ǻ�ͷ� + ������ ��쿡 �����ϴ�.</p> + </li> + <li> + <p>Ŀ���� �ڽ��� ij���� ����Ͽ� NFS�� ����Ʈ�� ������ + ���������� ������ �� ���� ��찡 �ִ�.</p> + </li> + </ul> + + <p>���� ���ǿ� �ش��ϸ� ������ sendfile �������� �ʵ��� + <code>EnableSendfile off</code>�� ����ؾ� �Ѵ�. (����: + �� ���þ�� ���丮���� ������ �� �ִ�.)</p> + + + + <h3><a name="process" id="process">���μ��� ����</a></h3> + + + + <p>����ġ 1.3 �������� <code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code>, <code class="directive"><a href="../mod/prefork.html#maxspareservers">MaxSpareServers</a></code>, <code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code> ������ ��� + ��ġ��ũ ����� ū ������ ���ƴ�. Ư�� ����ġ�� �۾��� + �����ϱ����� ����� �ڽļ��� �ٴٸ� ������ "����" �Ⱓ�� + �ʿ��ߴ�. ó�� <code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code>�� �ڽ��� + ������, <code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code> + ���������� �ʴ� �ڽ��� �ϳ��� �������. ���� <code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code> �⺻���� + <code>5</code>�� ������ Ŭ���̾�Ʈ 100���� ���ÿ� �����ϸ� + ���ϸ� ó���ϱ ����� �ڽ��� �������� 95�ʰ� �ɷȴ�. + ���� ��������� �ʴ� ���� ���������� �� ����������, 10�а��� + �����ϴ� ��ġ��ũ ����� �ſ� ���ڰ� ���´�.</p> + + <p>�ʴ� �Ѱ� ��Ģ�� �ڽ��� ���� �����ϸ鼭 ������ ������ + ���� �������� ���ߴ�. ��ǻ�Ͱ� �ڽ��� �����ϴ��� �ٻڸ� + ��û�� ������ �� ����. ���� �� ��Ģ�� ����ġ�� ü�� + ���ɿ� �ǿ����� �־� �����Ͽ���. ����ġ 1.3���� �ʴ� �Ѱ� + ��Ģ�� ��ȭ�Ǿ���. �ڵ�� �ڽ� �Ѱ��� �����, 1�� ����, + �ΰ��� �����, 1�� ����, �װ��� �����, �̷� ������ �ʴ� + �ڽ��� 32�� ���鶧���� ������ �����Ѵ�. �ڽļ��� <code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code> ������ �ٴٸ��� + ������ �ߴ��Ѵ�.</p> + + <p>�� ��� �����ӵ��� �������� <code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code>, <code class="directive"><a href="../mod/prefork.html#maxspareservers">MaxSpareServers</a></code>, <code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code>�� ���� ������ �ʿ䰡 ����. ���ʿ� + �ڽ��� 4�� �̻� �����ϸ� <code class="directive"><a href="../mod/core.html#errorlog">ErrorLog</a></code>�� ����Ѵ�. �̷� �������� + ���� ���̸� �� �������� �����ϱ� �ٶ���. + <code class="module"><a href="../mod/mod_status.html">mod_status</a></code> ����� ������ �� ���̴�.</p> + + <p>���μ��� ������ �����Ͽ� <code class="directive"><a href="../mod/mpm_common.html#maxrequestsperchild">MaxRequestsPerChild</a></code> ������ + ���μ����� �����Ѵ�. �⺻���� �ڽĴ� ó���� ��û���� ������ + ���ٴ� <code>0</code>�̴�. ���� ������ <code>30</code>�� + ���� �ſ� ���� ������ �������ִٸ�, ���� ����� ���� �ʿ䰡 + �ִ�. SunOS�� ������ Solaris ������ ����Ѵٸ�, ��������� + �� ���� <code>10000</code> ������ �����϶�.</p> + + <p>��������(keep-alive)�� ����Ѵٸ� �ڽĵ��� �̹� ���� + ���ῡ�� �߰� ��û�� ��ٸ��� �ƹ��͵� �����ʱ���� ��� + �ٻڴ�. <code class="directive"><a href="../mod/core.html#keepalivetimeout">KeepAliveTimeout</a></code>�� + �⺻�� <code>15</code> �ʴ� �̷� ������ �ּ�ȭ�Ѵ�. ��Ʈ�� + �뿪���� ���� �ڿ� ���� ������ �°� �����Ѵ�. <a href="http://www.research.digital.com/wrl/techreports/abstracts/95.4.html"> + ���������� ��κ��� ������ ����������</a> � ��쿡�� + �� ���� <code>60</code> �� �̻����� �ø��� ����.</p> + + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="compiletime" id="compiletime">�����Ͻ� ������ ���ؼ�</a></h2> + + + + <h3>MPM ����</h3> + + + + <p>����ġ 2.x�� <a href="../mpm.html">����ó�����</a> + (MPMs)�̶�� ��ü�� �� �ִ� ����ȭ ���� �����Ѵ�. ����ġ�� + �������Ҷ� MPM�� �����ؾ� �Ѵ�. <code class="module"><a href="../mod/beos.html">beos</a></code>, + <code class="module"><a href="../mod/mpm_netware.html">mpm_netware</a></code>, <code class="module"><a href="../mod/mpmt_os2.html">mpmt_os2</a></code>, + <code class="module"><a href="../mod/mpm_winnt.html">mpm_winnt</a></code>�� ���� Ư�� �÷��������� ����� + �� �ִ� MPM�� �ִ�. �Ϲ����� ���н��� �ý����� ���� MPM + �߿� �ϳ��� ������ �� �ִ�. �������� �ӵ��� + Ȯ�强(scalability)�� � MPM�� �����߳Ŀ� �ȴ�:</p> + + <ul> + + <li><code class="module"><a href="../mod/worker.html">worker</a></code> MPM�� ���� �ڽ� ���μ����� + ���� ���� �����带 ����Ѵ�. �� ������� �ѹ��� �� ������ + ����Ѵ�. �Ϲ������� worker�� prefork MPM ���� ���� + �� ����ϹǷ� ��ŷ��� ���� ������ �����ϴ�.</li> + + <li><code class="module"><a href="../mod/prefork.html">prefork</a></code> MPM�� �����尡 �Ѱ��� �ڽ� + ���μ����� ������ ����Ѵ�. �� ���μ����� �ѹ��� �� + ������ ����Ѵ�. ���� �ý��ۿ��� prefork�� �ӵ��� worker�� + ���������, �� ���� �� ����Ѵ�. ������ ���� ��Ȳ���� + �����带 ������� �ʴ� prefork ����� worker�� ���� + ������ ������: �����忡 �������� (thread-safe) ���� + �����ڰ� ���� ����� ����� �� �ְ�, ������ ����� ������ + ����� �÷������� ���� ������� �� �ִ�.</li> + + </ul> + + <p>�� MPM��� �ٸ� MPM�� ���� �� �ڼ��� ������ MPM <a href="../mpm.html">����</a>�� �����ϱ� �ٶ���.</p> + + + + <h3><a name="modules" id="modules">���</a></h3> + + + + <p>�� ��뷮�� ���ɿ��� ���� �߿��� �����̱���� + ������ ������� �ʴ� ����� �����غ���. ����� <a href="../dso.html">DSO</a>�� �������ߴٸ� ������ �� + �� ���� <code class="directive"><a href="../mod/mod_so.html#loadmodule">LoadModule</a></code> ���þ �ּ�ó���ϸ� + �ȴ�. ���� ����� �����ϰ� �����Ͽ� ����Ʈ�� �����̵� + ���������� �����ϴ��� ���캼 �� �ִ�.</p> + + <p>�ݴ�� ����� ����ġ �������Ͽ� �������� ��ũ���ִٸ� + ������ �ʴ� ����� �����ϱ����� ����ġ�� ���������ؾ� + �Ѵ�.</p> + + <p>���⼭ �翬�� � ����� ����ϰ� ������� ���� + �ǹ��� �����. ������ ������Ʈ���� �ٸ���. ���� �Ƹ��� + <em>�ּ���</em> <code class="module"><a href="../mod/mod_mime.html">mod_mime</a></code>, + <code class="module"><a href="../mod/mod_dir.html">mod_dir</a></code>, <code class="module"><a href="../mod/mod_log_config.html">mod_log_config</a></code> + ����� ����� ���̴�. ���� ������Ʈ�� �α������� �ʿ���ٸ� + <code>mod_log_config</code>�� ��� �ȴ�. ���� ��õ���� + �ʴ´�.</p> + + + + <h3>Atomic ����</h3> + + + + <p><code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code> ���� ���� �ֱ� �������� + worker MPM�� APR�� atomic API�� ����Ѵ�. �� API�� �淮�� + ������ ����ȭ�� ���� atomic ������ �����Ѵ�.</p> + + <p>�⺻������ APR�� �� �ü��/CPU �÷������� ���� ȿ������ + ����� ����Ͽ� �� ������ �����Ѵ�. ���� ���, ���� �ֽ� + CPU���� �ϵ����� atomic compare-and-swap (CAS) ������ + �ϴ� ���ɾ �ִ�. ���� � �÷������� APR�� �̷� + ���ɾ ���� ������ CPU�� ȣȯ���� ���� �� ���� mutex��� + ������ �⺻������ ����Ѵ�. �̷� �÷������� ����ġ�� + �������Ҷ� ����ġ�� �ֽ� CPU������ ������ ��ȹ�̶��, + ����ġ�� �����Ҷ� <code>--enable-nonportable-atomics</code> + �ɼ��� ����Ͽ� �� ���� atomic ������ ������ �� �ִ�:</p> + + <div class="example"><p><code> + ./buildconf<br /> + ./configure --with-mpm=worker --enable-nonportable-atomics=yes + </code></p></div> + + <p><code>--enable-nonportable-atomics</code> �ɼ��� ������ + ���� �÷����� ������ �ִ�:</p> + + <ul> + + <li>SPARC���� Solaris<br /> + �⺻������ APR�� Solaris/SPARC���� mutex��� atomic�� + ����Ѵ�. ���� �����Ҷ� + <code>--enable-nonportable-atomics</code>�� ����ϸ� + APR�� ���� �ϵ���� compare-and-swap�� ���� SPARC + v8plus ���ɾ ����Ѵ�. �� �ɼ��� ����ϸ� atomic + ������ �� ȿ���������� (CPU�� �� ����ϰ� �� ���� + ����ȭ�� �����ϴ�), �������� ���������� UltraSPARC + Ĩ������ ������ �� �ִ�. + </li> + + <li>Linux on x86<br /> + �⺻������ APR�� ���������� mutex��� atomic�� + ����Ѵ�. ���� �����Ҷ� + <code>--enable-nonportable-atomics</code>�� ����ϸ� + APR�� ���� �ϵ���� compare-and-swap�� ���� 486 + ���ɾ ����Ѵ�. �� ȿ������ atomic ������ ����������, + �������� ���������� 486 �̻� Ĩ������ (386�� �ȵȴ�) + ������ �� �ִ�. + </li> + + </ul> + + + + <h3>mod_status�� ExtendedStatus On</h3> + + + + <p>����ġ�� �������Ҷ� <code class="module"><a href="../mod/mod_status.html">mod_status</a></code>�� �����ϰ� + �����Ҷ� <code>ExtendedStatus On</code>�� �����ϸ� ����ġ�� + ��û�� ���������� <code>gettimeofday(2)</code>(Ȥ�� �ü���� + ���� <code>times(2)</code>)�� �ι� ȣ���ϰ� (1.3 ��������) + <code>time(2)</code>�� �߰��� ������ ȣ���Ѵ�. ���� �������� + ���۽ð��� �ʿ��ϱ� �����̴�. �ֻ��� ������ �������� + (�⺻����) <code>ExtendedStatus off</code>�� �����Ѵ�.</p> + + + + <h3>accept ����ȭ - ���� ����</h3> + + + + <div class="warning"><h3>����:</h3> + <p> �Ʒ� ������ ����ġ ������ 2.0 �������� ����� ������ + ��� ���� �ʴ�. ������ ��ȿ�� ������ ������, �����ؼ� + ����ϱ� �ٶ���.</p> + </div> + + <p>���н� ���� API�� ������ �����Ѵ�. �������� ���� ��Ʈ + Ȥ�� ���� �ּҸ� ��ٸ������� ���� <code class="directive"><a href="../mod/mpm_common.html#listen">Listen</a></code>�� ����Ѵٰ� ��������. + ������ �������� �� ������ �˻��ϱ����� ����ġ�� + <code>select(2)</code>�� ����Ѵ�. <code>select(2)</code>�� + ���Ͽ� ��ٸ��� �ִ� ������ <em>������</em> Ȥ�� <em>�ּ��� + �Ѱ�</em> �ִ��� �˷��ش�. ����ġ���� ���� �ڽ��� �ְ�, + ���� �ִ� ��� �ڽ��� ���ÿ� ���ο� ������ �˻��Ѵ�. ���� + ������ ������ ����ϴ� (�� ���� �ڵ忡�� �������� �ʾҴ�. + ���� �����ϱ����� �뵵�� �������.):</p> + + <div class="example"><p><code> + for (;;) {<br /> + <span class="indent"> + for (;;) {<br /> + <span class="indent"> + fd_set accept_fds;<br /> + <br /> + FD_ZERO (&accept_fds);<br /> + for (i = first_socket; i <= last_socket; ++i) {<br /> + <span class="indent"> + FD_SET (i, &accept_fds);<br /> + </span> + }<br /> + rc = select (last_socket+1, &accept_fds, NULL, NULL, NULL);<br /> + if (rc < 1) continue;<br /> + new_connection = -1;<br /> + for (i = first_socket; i <= last_socket; ++i) {<br /> + <span class="indent"> + if (FD_ISSET (i, &accept_fds)) {<br /> + <span class="indent"> + new_connection = accept (i, NULL, NULL);<br /> + if (new_connection != -1) break;<br /> + </span> + }<br /> + </span> + }<br /> + if (new_connection != -1) break;<br /> + </span> + }<br /> + process the new_connection;<br /> + </span> + } + </code></p></div> + + <p>���� ���� �ܼ��� �������� �ɰ��� ����(starvation) + ������ �ִ�. ���� �ڽ��� ���ÿ� �� �ݺ����� �����ϸ�, + ��û�� ��ٸ��� ��� <code>select</code>���� �����. �̶� + � ���Ͽ� ��û�� �ϳ��� ������ ��� �ڽ��� ����� + (����� �ڽ��� ������ �ü���� Ÿ�ֿ̹� ���� �ٸ���). + �̵��� ��� ������ <code>accept</code>�ϱ� �õ��Ѵ�. ���� + (������ �� ���Ḹ ������̶��) �� �ڽĸ� �����ϰ�, �������� + <code>accept</code>���� <em>�����.</em> ���� �� �ڽĵ��� + �� ������ ��û���� �����ϵ��� ������, �� �������� ���ο� + ��û�� ����� ���ͼ� ��� �ڽ��� ���ﶧ���� �������ִ�. + �̷� ���� ������ <a href="http://bugs.apache.org/index/full/467">PR#467</a>�� + ó�� �����Ǿ���. �ּ��� �ΰ��� �ذ�å�� �ִ�.</p> + + <p>�Ѱ����� ������ ������� �ʵ��� (non-blocking) ����� + ����̴�. �� ��� �ڽ��� <code>accept</code>�� �ص� ������ + �ʰ�, ��� ������ �� �ִ�. ���� CPU �ð��� �����Ѵ�. + <code>select</code>���� ���� �ڽ��� 10�� �ְ�, ���� ������ + �Ѱ� ���Դٰ� ��������. ���� �� �ڽ��� 9���� ����� + ������ <code>accept</code>�ϱ� �õ��ϰ� �����ϸ� �ƹ� + �ϵ� ���� �ʰ� �ٽ� <code>select</code>�� �ݺ��Ѵ�. �ٽ� + <code>select</code>�� ���ƿ� ������ � �ڽĵ� �ٸ� ���Ͽ� + ���� ��û�� �������� �ʴ´�. (�������μ��� ��ǻ�Ϳ���) + ���� �ڽ� ������ŭ CPU ������ �ִ� �幮 ��찡 �ƴ϶�� + �� �ذ�å�� ���� ���ƺ����� �ʴ´�.</p> + + <p>�ٸ� ����� ����ġ�� ����ϴ� ������� ���� �ݺ����� + �� �ڽĸ��� �鿩������. �ݺ����� ������ ���� (���̸� + ��������):</p> + + <div class="example"><p><code> + for (;;) {<br /> + <span class="indent"> + <strong>accept_mutex_on ();</strong><br /> + for (;;) {<br /> + <span class="indent"> + fd_set accept_fds;<br /> + <br /> + FD_ZERO (&accept_fds);<br /> + for (i = first_socket; i <= last_socket; ++i) {<br /> + <span class="indent"> + FD_SET (i, &accept_fds);<br /> + </span> + }<br /> + rc = select (last_socket+1, &accept_fds, NULL, NULL, NULL);<br /> + if (rc < 1) continue;<br /> + new_connection = -1;<br /> + for (i = first_socket; i <= last_socket; ++i) {<br /> + <span class="indent"> + if (FD_ISSET (i, &accept_fds)) {<br /> + <span class="indent"> + new_connection = accept (i, NULL, NULL);<br /> + if (new_connection != -1) break;<br /> + </span> + }<br /> + </span> + }<br /> + if (new_connection != -1) break;<br /> + </span> + }<br /> + <strong>accept_mutex_off ();</strong><br /> + process the new_connection;<br /> + </span> + } + </code></p></div> + + <p><code>accept_mutex_on</code>�� <code>accept_mutex_off</code> + <a id="serialize" name="serialize">�Լ�</a>�� mutex ������� + �����Ѵ�. �ѹ��� ���� �� �ڽĸ��� mutex�� ���� �� �ִ�. + mutex�� �����ϴ� ����� ���������̴�. ���� ����� (1.3 + ����) <code>src/conf.h</code>�� (1.3�� �� ����) + <code>src/include/ap_config.h</code>�� ���ǵ��ִ�. � + ��Ű���Ĵ� ���(locking) ����� �������� �ʱ����, �̷� + ��Ű���Ŀ��� ���� <code class="directive"><a href="../mod/mpm_common.html#listen">Listen</a></code> ���þ ����ϸ� + �����ϴ�.</p> + + <p>����� <code class="directive"><a href="../mod/mpm_common.html#acceptmutex">AcceptMutex</a></code> ���þ ����Ͽ� + mutex ������ ������ �� �ִ�.</p> + + <dl> + <dt><code>AcceptMutex flock</code></dt> + + <dd> + <p>�� ����� ��������� ��ױ����� <code>flock(2)</code> + �ý���ȣ���� ����Ѵ� (������� ��ġ�� <code class="directive"><a href="../mod/mpm_common.html#lockfile">LockFile</a></code> ���þ�� ����).</p> + </dd> + + <dt><code>AcceptMutex fcntl</code></dt> + + <dd> + <p>�� ����� ��������� ��ױ����� <code>fcntl(2)</code> + �ý���ȣ���� ����Ѵ� (������� ��ġ�� <code class="directive"><a href="../mod/mpm_common.html#lockfile">LockFile</a></code> ���þ�� ����).</p> + </dd> + + <dt><code>AcceptMutex sysvsem</code></dt> + + <dd> + <p>(1.3�� �� ����) �� ����� SysV�� ������� ����Ͽ� + mutex�� �����Ѵ�. �������� SysV�� ��������� ���� + ���ۿ��� �ִ�. �ϳ��� ����ġ�� ������� �������� + �ʰ� ���� �� �ִ� ���̴� (<code>ipcs(8)</code> manpage + ����). �ٸ� �ϳ��� �������� ������ uid�� �����ϴ� + CGI�� (<em>��,</em> <code>suexec</code>�� + <code>cgiwrapper</code>�� ��������ʴ� �� ��� CGI) + �������� API�� ����Ͽ� ���źΰ����� �� �� �ִ� + ���̴�. �̷� ���������� IRIX�� ������ ��Ű���Ŀ��� + �� ����� ������� �ʴ´� (��κ��� IRIX ��ǻ�Ϳ��� + ���� �� ����� ����ġ�� ���̴�).</p> + </dd> + + <dt><code>AcceptMutex pthread</code></dt> + + <dd> + <p>(1.3�� �� ����) �� ����� POSIX mutex�� ����ϱ���� + POSIX ������ �Ծ��� ������ ������ ��Ű���Ķ�� ��� + ��밡��������, (2.5 ����) Solaris������ �װ͵� Ư�� + ���������� �����ϴ� ���ϴ�. �� ����� �õ��غ��ٸ� + ������ ���缭 ������ ���ϴ��� ������� �Ѵ�. ���� + ���븸 �����ϴ� ������ �� �����ϴ� �� ����.</p> + </dd> + + <dt><code>AcceptMutex posixsem</code></dt> + + <dd> + <p>(2.0�� �� ����) �� ����� POSIX ������� ����Ѵ�. + mutex�� ���� ���μ����� �����尡 �״´ٸ�(segfault) + �������� �������� ȸ������ �ʾƼ� �������� �����.</p> + </dd> + + </dl> + + <p>�ý��ۿ� �� ��Ͽ� ���� ����ȭ(serialization) ����� + �ִٸ� �� ����� ����ϴ� �ڵ带 APR�� �߰��� ��ġ�� �ִ�.</p> + + <p>������ �غ����� ������������ �ٸ� ����� �κ������� + �ݺ����� ����ȭ�ϴ� ����̴�. ��, ���μ����� ��� �鿩������ + ���̴�. �� ����� ���� �ڽ��� ���ÿ� ������ �� �־ + ����ȭ������ ��ü �뿪���� Ȱ������ ���ϴ� �������μ��� + ��ǻ�Ϳ����� ������ ������ �� �ִ�. ������ ���캼 �κ�������, + �ſ� ����ȭ�� �������� ������ �ʾƼ� �켱������ ����.</p> + + <p>�ֻ��� ������ ������ؼ��� ���� <code class="directive"><a href="../mod/mpm_common.html#listen">Listen</a></code> ���� ������� �ʴ� + ���� �̻����̴�. ���� ��� �����Ѵ�.</p> + + + + <h3>accept ����ȭ - ���� �Ѱ�</h3> + + + + <p>���� ������ ������ �������� ������, ������ �Ѱ��� + ������ ���? ������ �����Ҷ����� ��� �ڽ��� + <code>accept(2)</code>���� �����ֱ���� �̷л� ���� + ������ ������ �ʰ�, ���� ������ ����. ���� �����δ� + �տ��� ���� ������� �ʴ� (non-blocking) ������� ���ϴ� + "��ȸ��(spinning)" ������ ���߰� �ִ�. ��κ��� TCP ������ + ������ �����ϸ� Ŀ���� <code>accept</code>���� �����ִ� + ��� �ڽ��� ���쵵�� �������ִ�. ���μ����� �Ѱ��� ������ + ��� ����ڿ������� ���ư���, �������� Ŀ�ο��� ��ȸ���Ͽ� + ������ ������ �߰��ϸ� �ٽ� ���� �ܴ�. ����ڿ��� �ڵ忡���� + �̷� ��ȸ���� �� �� ������, �и��� �����Ѵ�. ���� �������� + ������� �ʴ� ����� �����ϰ� ���ϸ� ���̴� ���ʿ��� �ൿ�� + �Ͼ��.</p> + + <p>���� �츮�� ���� ��Ű���Ŀ��� ������ �Ѱ��� ��쿡�� + ����ȭ�ϸ� �� "��" �������� �߰��ߴ�. ���� ���� ��κ��� + ��� �⺻������ ����ȭ�� ����Ѵ�. ���������� (Ŀ�� 2.0.30, + 128Mb �� ��� Pentium pro) ������ ��� ���� �Ѱ��� + ����ȭ�ϸ� ���� ���� ��쿡 ���� �ʴ� ��û�� 3% �̸� + �پ�����. ���� ����ȭ�� ���� ���� ��� ��û�� 100ms + ������ ���ߴ�. �� ������ �Ƹ��� LAN���� ���ϴ� �� + ���ἱ������ ���̴�. ������ �Ѱ��� ��� ����ȭ�� ������� + �������� <code>SINGLE_LISTEN_UNSERIALIZED_ACCEPT</code>�� + �����Ѵ�.</p> + + + + <h3>Close ����(lingering)</h3> + + + + <p><a href="http://www.ics.uci.edu/pub/ietf/http/draft-ietf-http-connection-00.txt"> + draft-ietf-http-connection-00.txt</a> 8������ �����ϵ��� + <strong>��������</strong> �������� �Ƿ���, ����� �� ������ + ���������� ���� �� �־�� �Ѵ� (TCP ������ �ֹ����̰�, + ������ ���� �������̴�). ������ �ٸ� ���������� ���� + ����������, ����ġ�� 1.2���� ��Ȯ�� �����ؿԴ�.</p> + + <p>�� ����� �������ϰ� ����ġ�� �߰������� ���� ���н� + �������� ���� ������ ���ߴ�. TCP �Ծ��� + <code>FIN_WAIT_2</code>�� Ÿ�Ӿƿ��� �ִٰ� ������ �ʾ�����, + ���������� �ʾҴ�. Ÿ�Ӿƿ��� ���� �ý��ۿ��� ����ġ 1.2�� + ���� ������ ������ <code>FIN_WAIT_2</code> ���·� �������. + ���� ��� �� ������ ���ۻ簡 �����ϴ� �ֽ� TCP/IP ��ġ�� + �����Ͽ� �ذ��� �� �ִ�. ���� ���ۻ簡 ��ġ�� ��ǥ���� + �ʴ� ��찡 (<em>��,</em> SunOS4 -- �ҽ� ���̼����� �ִ� + ����� ���� ��ġ�� �� ������) �ֱ���� �� ����� ������� + �ʱ�� �����ߴ�.</p> + + <p>����� �ΰ�����. �ϳ��� ���� �ɼ� <code>SO_LINGER</code>�� + ����ϴ� ����̴�. ���� �������� ��κ��� TCP/IP ������ + �� �ɼ��� �ùٷ� �������� �ʾҴ�. �ùٷ� ������ ���ÿ��� + ������ (<em>��,</em> ������ 2.0.31) �� ����� ���� ������� + �� cpu�� ��ƸԴ´�.</p> + + <p>����ġ�� ���� (<code>http_main.c</code>�� �ִ�) + <code>lingering_close</code>��� �Լ��� ����Ѵ�. �� �Լ��� + ���� ������ ����:</p> + + <div class="example"><p><code> + void lingering_close (int s)<br /> + {<br /> + <span class="indent"> + char junk_buffer[2048];<br /> + <br /> + /* shutdown the sending side */<br /> + shutdown (s, 1);<br /> + <br /> + signal (SIGALRM, lingering_death);<br /> + alarm (30);<br /> + <br /> + for (;;) {<br /> + <span class="indent"> + select (s for reading, 2 second timeout);<br /> + if (error) break;<br /> + if (s is ready for reading) {<br /> + <span class="indent"> + if (read (s, junk_buffer, sizeof (junk_buffer)) <= 0) {<br /> + <span class="indent"> + break;<br /> + </span> + }<br /> + /* just toss away whatever is here */<br /> + </span> + }<br /> + </span> + }<br /> + <br /> + close (s);<br /> + </span> + } + </code></p></div> + + <p>�� �ڵ�� ������ ������ �� CPU�� ���������, �������� + ������ ���� �ʿ��ϴ�. HTTP/1.1�� �� �θ� ������ ��� ������ + �����Ѵٸ�(persistent), ������ �� ����� ���� ��û�� + ó���ϸ鼭 ���� ���̴�. �����ϰԵ� + <code>NO_LINGCLOSE</code>�� �����Ͽ� �� ����� ������� + ���� �� ������, ����� ������ �ʴ´�. Ư�� HTTP/1.1 + ���������� <span class="transnote">(<em>����;</em> �������� ���¿��� ������ ��ٸ��� + �ʰ� ���� ��û�� ������ ���)</span> ������������ + <code>lingering_close</code>�� �ʼ����̴� (���� <a href="http://www.w3.org/Protocols/HTTP/Performance/Pipeline.html"> + ���������� ������ �� ���������</a> ����ϱ� �ٶ� ���̴�).</p> + + + + <h3>Scoreboard ����</h3> + + + + <p>����ġ�� �θ�� �ڽ��� scoreboard��� ���� ���� ���� + ����Ѵ�. �̻������δ� scoreboard�� ������ �����ؾ� + �Ѵ�. �츮 �����ڰ� �ش� �ü���� ������ �� �ְų� ���� + ���� ����� ���� ��� ���� ������ ����Ͽ� �����Ѵ�. + �������� ��ũ�� �ִ� ������ ����Ͽ� �����Ѵ�. ��ũ�� + �ִ� ������ ������ �ŷڵ��� �������� (��ɵ� �� ����). + <code>src/main/conf.h</code> ���Ͽ��� ����ϴ� ��Ű���ĸ� + ã�Ƽ� <code>USE_MMAP_SCOREBOARD</code> Ȥ�� + <code>USE_SHMGET_SCOREBOARD</code>���� Ȯ���Ѵ�. ���� + �ϳ��� (���� �Բ� ����� <code>HAVE_MMAP</code>�̳� + <code>HAVE_SHMGET</code>�� ����) �����ϸ� ������ �ڵ带 + ����Ѵ�. �ý����� �ٸ� ������ ������ ����Ѵٸ� + <code>src/main/http_main.c</code> ������ �����Ͽ� ����ġ���� + ������ ����� �� �ֵ��� ��(hook)�� �߰��϶�. (���� + ��ġ�� �츮���� �����ֱ� �ٶ���.)</p> + + <div class="note">������ ����: ����ġ�� ������ ������ ����ġ 1.2 �������� + ������ ����ϱ� �����ߴ�. ���������� �ʱ� ����ġ + ������ ������ �ŷڵ��� �������� �����̴�.</div> + + + + <h3>DYNAMIC_MODULE_LIMIT</h3> + + + + <p>����� �������� �о������ �ʴ´ٸ� (������ �����̶� + ������ ���̱����� �� ���� �д´ٸ� �Ƹ��� ����� �������� + �о������ ���� ���̴�), ������ �������Ҷ� + <code>-DDYNAMIC_MODULE_LIMIT=0</code>�� �߰��Ѵ�. ���� + ����� �������� �о���̱����� �Ҵ��ϴ� �� �����Ѵ�.</p> + + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="trace" id="trace">�η�: �ý���ȣ�� ����� �ڼ��� �м��ϱ�</a></h2> + + + + <p>������ Solaris 8���� worker MPM�� ����� ����ġ 2.0.38�� + �ý���ȣ�� ���(trace)�̴�. �Ʒ� ���ɾ ����Ͽ� ����� + �����:</p> + + <div class="example"><p><code> + truss -l -p <var>httpd_child_pid</var>. + </code></p></div> + + <p><code>-l</code> �ɼ��� ����ϸ� truss�� �ý���ȣ���� + �ϴ� LWP (lightweight process, �淮�� ���μ���--Solaris�� + Ŀ�μ��� ������) ID�� ���� ����Ѵ�.</p> + + <p>�ٸ� �ý��ۿ��� <code>strace</code>, <code>ktrace</code>, + <code>par</code> ���� �ý���ȣ�� ���� ������ �ִ�. ����� + ����ϴ�.</p> + + <p>Ŭ���̾�Ʈ�� ���������� ũ�Ⱑ 10KB�� ���� ������ ��û�Ѵ�. + ������ ������ ��û���� �ʰų� ���������ϴ� ��û�� �� ��� + ����� �ſ� �ٸ��� (���δ� �ſ� �˾ƺ��� �����).</p> + + <div class="example"><pre>/67: accept(3, 0x00200BEC, 0x00200C0C, 1) (sleeping...) +/67: accept(3, 0x00200BEC, 0x00200C0C, 1) = 9</pre></div> + + <p>������ ������(listener) �����尡 LWP #67���� ������� + �� �� �ִ�.</p> + + <div class="note"><code>accept(2)</code> ����ȭ�� ������� ������ �ָ��϶�. + ���� ��Ʈ�� ��ٸ����ʴ� ��� �� �÷����� worker MPM�� + �⺻������ ����ȭ���� ���� accept�� ����Ѵ�.</div> + + <div class="example"><pre>/65: lwp_park(0x00000000, 0) = 0 +/67: lwp_unpark(65, 1) = 0</pre></div> + + <p>������ �Ƶ��̰�(accept) ������ ������� + worker �����带 ������ ��û�� ó���ϰ� �Ѵ�. �Ʒ� ��Ͽ��� + ��û�� ó���ϴ� worker �����尡 LWP #65���� �� �� �ִ�.</p> + + <div class="example"><pre>/65: getsockname(9, 0x00200BA4, 0x00200BC4, 1) = 0</pre></div> + + <p>����ȣ��Ʈ�� �����ϱ����� ����ġ�� ������ �Ƶ��� + ����(local) ���� �ּҸ� �˾ƾ� �Ѵ�. (����ȣ��Ʈ�� ������� + �ʰų� <code class="directive"><a href="../mod/mpm_common.html#listen">Listen</a></code> + ���þ ���ϵ�ī�� �ּҸ� ������� ���� ��� ��) ���� ��� + �� ȣ���� ���� �� �ִ�. ���� ���� �̷� ����ȭ �۾��� + �ȵ��ִ�. </p> + + <div class="example"><pre>/65: brk(0x002170E8) = 0 +/65: brk(0x002190E8) = 0</pre></div> + + <p><code>brk(2)</code> ȣ���� ��(heap)���� �� �Ҵ��Ѵ�. + �������� ��κ��� ��û ó���� ��ü �� + �Ҵ���(<code>apr_pool</code>�� <code>apr_bucket_alloc</code>)�� + ����ϱ���� �ý���ȣ�� ��Ͽ��� �� �ý���ȣ���� ���Ⱑ + �幰��. �� ��Ͽ��� �������� �������ڸ��� ��ü �� �Ҵ��ڰ� + ����� ������ ������� <code>malloc(3)</code>�� ȣ���Ѵ�.</p> + + <div class="example"><pre>/65: fcntl(9, F_GETFL, 0x00000000) = 2 +/65: fstat64(9, 0xFAF7B818) = 0 +/65: getsockopt(9, 65535, 8192, 0xFAF7B918, 0xFAF7B910, 2190656) = 0 +/65: fstat64(9, 0xFAF7B818) = 0 +/65: getsockopt(9, 65535, 8192, 0xFAF7B918, 0xFAF7B914, 2190656) = 0 +/65: setsockopt(9, 65535, 8192, 0xFAF7B918, 4, 2190656) = 0 +/65: fcntl(9, F_SETFL, 0x00000082) = 0</pre></div> + + <p>���� worker ������� Ŭ���̾�Ʈ�� ����(���ϱ���� 9)�� + ������(non-blocking) ���·� �ٲ۴�. <code>setsockopt(2)</code>�� + <code>getsockopt(2)</code> ȣ���� Solaris�� libc�� ���Ͽ� + ���� <code>fcntl(2)</code>�� ��� ó���ϴ��� �����ش�.</p> + + <div class="example"><pre>/65: read(9, " G E T / 1 0 k . h t m".., 8000) = 97</pre></div> + + <p>worker ������� Ŭ���̾�Ʈ�� ���� ��û�� �д´�.</p> + + <div class="example"><pre>/65: stat("/var/httpd/apache/httpd-8999/htdocs/10k.html", 0xFAF7B978) = 0 +/65: open("/var/httpd/apache/httpd-8999/htdocs/10k.html", O_RDONLY) = 10</pre></div> + + <p>������ ������ <code>Options FollowSymLinks</code>�� + <code>AllowOverride None</code>�̴�. ���� ��û�� ���ϰ���� + �� ���丮�� ���� <code>lstat(2)</code>�ϰų� + <code>.htaccess</code> ������ �˻��� �ʿ䰡 ����. ������ + �˻��ϱ�����, 1) ������ �ִ���, 2) ���丮�� �ƴ� �Ϲ���������, + <code>stat(2)</code> ȣ�⸸ �ϸ� �ȴ�.</p> + + <div class="example"><pre>/65: sendfilev(0, 9, 0x00200F90, 2, 0xFAF7B53C) = 10269</pre></div> + + <p>�� ��� �������� �ѹ��� <code>sendfilev(2)</code> �ý���ȣ��� + HTTP ��������� ��û�� ������ ������ �� �ִ�. Sendfile �������δ� + �ü������ �ٸ���. �ٸ� �ý����̶�� <code>sendfile(2)</code>�� + ȣ���ϱ� ���� ����� ���������� <code>write(2)</code>�� + <code>writev(2)</code> ȣ���� �Ѵ�.</p> + + <div class="example"><pre>/65: write(4, " 1 2 7 . 0 . 0 . 1 - ".., 78) = 78</pre></div> + + <p><code>write(2)</code> ȣ���� ���ٷα�(access log)�� ��û�� + ����Ѵ�. �� ��Ͽ� <code>time(2)</code> ȣ���� ������ �ָ��϶�. + ����ġ 1.3�� �� ����ġ 2.0�� �ð��� �˱����� + <code>gettimeofday(3)</code>�� ����Ѵ�. + <code>gettimeofday</code>�� ����ȭ�� �������� Solaris ���� + ��� �ü�������� �Ϲ����� �ý���ȣ�� �δ��� ����.</p> + + <div class="example"><pre>/65: shutdown(9, 1, 1) = 0 +/65: poll(0xFAF7B980, 1, 2000) = 1 +/65: read(9, 0xFAF7BC20, 512) = 0 +/65: close(9) = 0</pre></div> + + <p>worker ������� ������ �����ݱ�(lingering close)�Ѵ�.</p> + + <div class="example"><pre>/65: close(10) = 0 +/65: lwp_park(0x00000000, 0) (sleeping...)</pre></div> + + <p>���������� worker ������� ��� ������ ������ �ݰ�, + ������(listener) �����尡 �ٸ� ������ �Ҵ��� ������ + �����Ѵ�.</p> + + <div class="example"><pre>/67: accept(3, 0x001FEB74, 0x001FEB94, 1) (sleeping...)</pre></div> + + <p>���� ������ ������� ������ (��� worker�� �۾����̸� + ������ �����带 ���ߴ� worker MPM�� �帧���� ��ɿ� ����) + worker �����忡 �Ҵ����ڸ��� �ٸ� ������ �Ƶ��� �� �ִ�. + �� ��Ͽ��� ������ ������, worker �����尡 ��� ���� ������ + ó���ϴ� ���� ���� <code>accept(2)</code>�� (��û�� �ſ� + ���� ��� ��) �Ͼ �� �ִ�.</p> + + </div></div> +<div class="bottomlang"> +<p><span>������ ���: </span><a href="../en/misc/perf-tuning.html" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../ko/misc/perf-tuning.html" title="Korean"> ko </a> | +<a href="../tr/misc/perf-tuning.html" hreflang="tr" rel="alternate" title="Türkçe"> tr </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">���</a> | <a href="../mod/directives.html">���þ��</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">���</a> | <a href="../sitemap.html">����Ʈ��</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/perf-tuning.html.tr.utf8 b/rubbos/app/httpd-2.0.64/docs/manual/misc/perf-tuning.html.tr.utf8 new file mode 100644 index 00000000..44b6dba2 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/perf-tuning.html.tr.utf8 @@ -0,0 +1,1100 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="tr" xml:lang="tr"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>Apache’de Başarımın Arttırılması - Apache HTTP Sunucusu</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">Modüller</a> | <a href="../mod/directives.html">Yönergeler</a> | <a href="../faq/">SSS</a> | <a href="../glossary.html">Terimler</a> | <a href="../sitemap.html">Site Haritası</a></p> +<p class="apache">Apache HTTP Sunucusu Sürüm 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Sunucusu</a> > <a href="http://httpd.apache.org/docs/">Belgeleme</a> > <a href="../">Sürüm 2.0</a> > <a href="./">Çeşitli Belgeler</a></div><div id="page-content"><div id="preamble"><h1>Apache’de Başarımın Arttırılması</h1> +<div class="toplang"> +<p><span>Mevcut Diller: </span><a href="../en/misc/perf-tuning.html" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../ko/misc/perf-tuning.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> | +<a href="../tr/misc/perf-tuning.html" title="Türkçe"> tr </a></p> +</div> + + + <p>Apache 2.x, esneklik, taşınabilirlik ve başarım arasında bir denge + sağlamak üzere tasarlanmış genel amaçlı bir HTTP sunucusudur. Başka + sunucularla kıyaslama denemelerinde öne geçmek üzere tasarlanmamış + olsa da Apache 2.x gerçek yaşamda karşılaşılan pek çok durumda oldukça + yüksek bir başarıma ulaşacak yetenektedir.</p> + + <p>Apache 1.3 ile karşılaştırıldığında 2.x sürümleri toplam veri hızını + ve ölçeklenebilirliği arttırmak için pek çok en iyileme seçeneği + içerir. Bu iyileştirmelerin pek çoğu zaten öntanımlı olarak etkin + olmakla birlikte derleme ve kullanım sırasında başarımı önemli ölçüde + etkileyebilen yapılandırma seçenekleri de mevcuttur. Bu belgede, bir + Apache 2.x kurulumunda sunucu yöneticisinin sunucunun başarımını + arttırmak amacıyla yapılandırma sırasında neler yapabileceğinden + bahsedilmiştir. Bu yapılandırma seçeneklerinden bazıları, httpd’nin + donanımın ve işletim sisteminin olanaklarından daha iyi + yararlanabilmesini sağlarken bir kısmı da daha hızlı bir sunum için + yöneticinin işlevsellikten ödün verebilmesini olanaklı kılar.</p> + + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#hardware">Donanım ve İşletim Sistemi ile İlgili Konular</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#runtime">Çalışma Anı Yapılandırması ile İlgili Konular</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#compiletime">Derleme Sırasında Yapılandırma ile İlgili Konular</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#trace">Ek: Bir çağrı izlemesinin ayrıntılı çözümlemesi</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="hardware" id="hardware">Donanım ve İşletim Sistemi ile İlgili Konular</a></h2> + + + + <p>HTTP sunucusunun başarımını etkileyen en önemli donanım bellektir + (RAM). Bir HTTP sunucusu asla takaslama yapmamalıdır. Çünkü takaslama, + kullanıcının "yeterince hız" umduğu noktada sunumun gecikmesine sebep + olur. Böyle bir durumda kullanıcılar yüklemeyi durdurup tekrar + başlatma eğilimindedirler; sonuçta yük daha da artar. <code class="directive"><a href="../mod/mpm_common.html#maxclients">MaxClients</a></code> yönergesinin değerini + değiştirerek takaslamaya sebep olabilecek kadar çok çocuk süreç + oluşturulmasını engelleyebilirsiniz ve böyle bir durumda bunu mutlaka + yapmalısınız. Bunun için yapacağınız işlem basittir: <code>top</code> + benzeri bir araç üzerinden çalışan süreçlerinizin bir listesini alıp + Apache süreçlerinizin ortalama büyüklüğünü saptayıp, mevcut bellekten + bir kısmını diğer süreçler için ayırdıktan sonra kalan miktarı bu + değere bölerseniz yönergeye atayacağınız değeri bulmuş olursunuz.</p> + + <p>Donanımın diğer unsurları için kararı siz verin: Daha hızlı işlemci, + daha hızlı ağ kartı, daha hızlı disk; daha hızlının ne kadar hızlı + olacağını deneyimlerinize bağlı olarak tamamen sizin ihtiyaçlarınız + belirler.</p> + + <p>İşletim sistemi seçimi büyük oranda yerel ilgi konusudur. Fakat yine + de, genelde yararlılığı kanıtlanmış bazı kurallar bu seçimde size + yardımcı olabilir:</p> + + <ul> + <li> + <p>Seçtiğiniz işletim sisteminin (çekirdeğin) en son kararlı + sürümünü çalıştırın. Bir çok işletim sistemi, son yıllarda TCP + yığıtları ve evre kütüphaneleri ile ilgili belirgin iyileştirmeler + yapmışlar ve yapmaktadırlar.</p> + </li> + + <li> + <p>İşletim sisteminiz <code>sendfile</code>(2) sistem çağrısını + destekliyorsa bunun etkinleştirilebildiği sürümün kurulu olması + önemlidir. (Örneğin, Linux için bu, Linux 2.4 ve sonraki sürümler + anlamına gelirken, Solaris için Solaris 8’den önceki sürümlerin + yamanması gerektirdiği anlamına gelmektedir.) + <code>sendfile</code> işlevinin desteklendiği sistemlerde Apache 2 + duruk içeriği daha hızlı teslim etmek ve işlemci kullanımını + düşürmek amacıyla bu işlevselliği kullanacaktır.</p> + </li> + </ul> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="runtime" id="runtime">Çalışma Anı Yapılandırması ile İlgili Konular</a></h2> + + + + <table class="related"><tr><th>İlgili Modüller</th><th>İlgili Yönergeler</th></tr><tr><td><ul><li><code class="module"><a href="../mod/mod_dir.html">mod_dir</a></code></li><li><code class="module"><a href="../mod/mpm_common.html">mpm_common</a></code></li><li><code class="module"><a href="../mod/mod_status.html">mod_status</a></code></li></ul></td><td><ul><li><code class="directive"><a href="../mod/core.html#allowoverride">AllowOverride</a></code></li><li><code class="directive"><a href="../mod/mod_dir.html#directoryindex">DirectoryIndex</a></code></li><li><code class="directive"><a href="../mod/core.html#hostnamelookups">HostnameLookups</a></code></li><li><code class="directive"><a href="../mod/core.html#enablemmap">EnableMMAP</a></code></li><li><code class="directive"><a href="../mod/core.html#enablesendfile">EnableSendfile</a></code></li><li><code class="directive"><a href="../mod/core.html#keepalivetimeout">KeepAliveTimeout</a></code></li><li><code class="directive"><a href="../mod/prefork.html#maxspareservers">MaxSpareServers</a></code></li><li><code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code></li><li><code class="directive"><a href="../mod/core.html#options">Options</a></code></li><li><code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code></li></ul></td></tr></table> + + <h3><a name="dns" id="dns"><code>HostnameLookups</code> ve DNS ile ilgili diğer konular</a></h3> + + + + <p>Apache 1.3 öncesinde, <code class="directive"><a href="../mod/core.html#hostnamelookups">HostnameLookups</a></code> yönergesinin öntanımlı değeri + <code>On</code> idi. İstek yerine getirilmeden önce bir DNS sorgusu + yapılmasını gerektirmesi sebebiyle bu ayarlama her istekte bir + miktar gecikmeye sebep olurdu. Apache 1.3’ten itibaren yönergenin + öntanımlı değeri <code>Off</code> yapılmıştır. Eğer günlük + dosyalarınızda konak isimlerinin bulunmasını isterseniz, Apache ile + birlikte gelen <code class="program"><a href="../programs/logresolve.html">logresolve</a></code> programını + kullanabileceğiniz gibi günlük raporlarını çözümleyen Apache ile + gelmeyen programlardan herhangi birini de kullanabilirsiniz.</p> + + <p>Günlük dosyaları üzerindeki bu işlemi sunucu makinesi dışında + günlük dosyasının bir kopyası üzerinde yapmanızı öneririz. Aksi + takdirde sunucunuzun başarımı önemli ölçüde etkilenebilir.</p> + + <p><code class="directive"><a href="../mod/mod_access.html#allow">Allow</a></code> veya + <code class="directive"><a href="../mod/mod_access.html#deny">Deny</a></code> + yönergelerinde IP adresi yerine bir konak veya alan ismi + belirtirseniz, iki DNS sorguluk bir bedel ödersiniz (biri normal, + diğeri IP taklidine karşı ters DNS sorgusu). Başarımı en iyilemek + için bu yönergelerde mümkün olduğunca isim yerine IP adreslerini + kullanınız.</p> + + <p><code class="directive"><a href="../mod/core.html#hostnamelookups">HostnameLookups</a></code> + yönergelerinin <code><Location /server-status></code> gibi + bölüm yönergelerinin içinde de yer alabileceğini unutmayın. Bu gibi + durumlarda DNS sorguları sadece istek kuralla eşleştiği takdirde + yapılacaktır. Aşağıdaki örnekte <code>.html</code> ve + <code>.cgi</code> dosyalarına yapılan istekler hariç DNS sorguları + iptal edilmektedir:</p> + + <div class="example"><p><code> + HostnameLookups off<br /> + <Files ~ "\.(html|cgi)$"><br /> + <span class="indent"> + HostnameLookups on<br /> + </span> + </Files> + </code></p></div> + + <p>Yine de bazı CGI’lerin DNS isimlerine ihtiyacı olursa bu CGI’lerin + bu ihtiyaçlarına yönelik olarak <code>gethostbyname</code> çağrıları + yapabileceğini gözardı etmeyiniz.</p> + + + + <h3><a name="symlinks" id="symlinks"><code>FollowSymLinks</code> ve + <code>SymLinksIfOwnerMatch</code></a></h3> + + + + <p>URL uzayınızda geçerli olmak üzere bir <code>Options + FollowSymLinks</code> yoksa veya <code>Options + SymLinksIfOwnerMatch</code> yönergeleri varsa, Apache her sembolik + bağın üzerinde bazı sınamalar yapmak için ek bir sistem çağrısından + başka istenen her dosya için de ayrı bir çağrı yapacaktır.</p> + + <div class="example"><h3>Örnek:</h3><p><code> + DocumentRoot /siteler/htdocs<br /> + <Directory /><br /> + <span class="indent"> + Options SymLinksIfOwnerMatch<br /> + </span> + </Directory> + </code></p></div> + + <p>Bu durumda <code>/index.html</code> için bir istek yapıldığında + Apache, <code>/siteler</code>, <code>/siteler/htdocs</code> ve<br /> + <code>/siteler/htdocs/index.html</code> üzerinde + <code>lstat</code>(2) çağrıları yapacaktır. <code>lstat</code> + sonuçları önbelleğe kaydedilmediğinden bu işlem her istekte + yinelenecektir. Amacınız gerçekten sembolik bağları güvenlik + açısından sınamaksa bunu şöyle yapabilirsiniz:</p> + + <div class="example"><p><code> + DocumentRoot /siteler/htdocs<br /> + <Directory /><br /> + <span class="indent"> + Options FollowSymLinks<br /> + </span> + </Directory><br /> + <br /> + <Directory /sitem/htdocs><br /> + <span class="indent"> + Options -FollowSymLinks +SymLinksIfOwnerMatch<br /> + </span> + </Directory> + </code></p></div> + + <p>Böylece <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> altındaki + dosyalar için fazladan bir çağrı yapılmasını engellemiş olursunuz. + Eğer bazı bölümlerde <code class="directive"><a href="../mod/mod_alias.html#alias">Alias</a></code>, <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> gibi yönergeler üzerinden belge kök + dizininizin dışında kalan dosya yollarına sahipseniz benzer + işlemleri onlar için de yapmalısınız. Sembolik bağ koruması yapmamak + suretiyle başarımı arttırmak isterseniz, <code>FollowSymLinks</code> + seçeneğini her yerde etkin kılın ve + <code>SymLinksIfOwnerMatch</code> seçeneğini asla + etkinleştirmeyin.</p> + + + + <h3><a name="htacess" id="htacess"><code>AllowOverride</code></a></h3> + + + + <p>Genellikle <code>.htaccess</code> dosyaları üzerinden yapıldığı + gibi URL uzayınızda geçersizleştirmelere izin veriyorsanız, Apache + her dosya bileşeni için bu <code>.htaccess</code> dosyalarını açmaya + çalışacaktır.</p> + + <div class="example"><h3>Örnek:</h3><p><code> + DocumentRoot /siteler/htdocs<br /> + <Directory /><br /> + <span class="indent"> + AllowOverride all<br /> + </span> + </Directory> + </code></p></div> + + <p>Bu durumda <code>/index.html</code> sayfasına yapılan bir istek için + Apache, <code>/.htaccess</code>, <code>/siteler/.htaccess</code> ve + <code>/siteler/htdocs/.htaccess</code> dosyalarını açmaya + çalışacaktır. Çözüm <code>Options FollowSymLinks</code> durumunun + benzeridir; başarımı arttırmak için dosya sisteminizin her yerinde + <code>AllowOverride None</code> olsun.</p> + + + + <h3><a name="negotiation" id="negotiation">Dil Uzlaşımı</a></h3> + + + + <p>Başarımı son kırıntısına kadar arttırmak istiyorsanız, mümkünse + içerik dili uzlaşımı da yapmayın. Dil uzlaşımından yararlanmak + isterken büyük başarım kayıplarına uğrayabilirsiniz. Böyle bir + durumda sunucunun başarımını arttırmanın tek bir yolu vardır. </p> + + <div class="example"><p><code> + DirectoryIndex index + </code></p></div> + + <p>Yukarıdaki gibi bir dosya ismi kalıbı kullanmak yerine, aşağıdaki + gibi seçenekleri tam bir liste halinde belirtin:</p> + + <div class="example"><p><code> + DirectoryIndex index.cgi index.pl index.shtml index.html + </code></p></div> + + <p>Buradaki sıralama öncelik sırasını belirler; yani, + öncelikli olmasını istediğiniz seçeneği listenin başına + yazmalısınız.</p> + + <p>İstenen dosya için <code>MultiViews</code> kullanarak dizini + taratmak yerine, gerekli bilgiyi tek bir dosyadan okutmak suretiyle + başarımı arttırabilirsiniz. Bu amaçla türeşlem + (<code>type-map</code>) dosyaları kullanmanız yeterli olacaktır.</p> + + <p>Sitenizde içerik dili uzlaşımına gerek varsa, bunu <code>Options + MultiViews</code> yönergesi üzerinden değil, türeşlem dosyaları + kullanarak yapmayı deneyin. İçerik dili uzlaşımı ve türeşlem + dosyalarının oluşturulması hakkında daha ayrıntılı bilgi edinmek + için <a href="../content-negotiation.html">İçerik Uzlaşımı</a> + belgesine bakınız.</p> + + + + <h3>Bellek Eşlemleri</h3> + + + + <p>Apache’nin SSI sayfalarında olduğu gibi teslim edilecek dosyanın + içeriğine bakma gereği duyduğu durumlarda, eğer işletim sistemi + <code>mmap</code>(2) ve benzerlerini destekliyorsa çekirdek normal + olarak dosyayı belleğe kopyalayacaktır.</p> + + <p>Bazı platformlarda bu belleğe eşleme işlemi başarımı arttırsa da + başarımın veya httpd kararlılığının zora girdiği durumlar + olabilmektedir:</p> + + <ul> + <li> + <p>Bazı işletim sistemlerinde işlemci sayısı artışına bağlı + olarak, <code>mmap</code> işlevi <code>read</code>(2) kadar iyi + ölçeklenmemiştir. Örneğin, çok işlemcili Solaris sunucularda + <code>mmap</code> iptal edildiği takdirde içeriği sunucu + tarafından işlenen dosyalar üzerinde bazen daha hızlı işlem + yapılabilmektedir.</p> + </li> + + <li> + <p>Belleğe kopyalanacak dosya NFS üzerinden bağlanan bir dosya + sistemindeyse ve dosya başka bir NFS istemcisi makine tarafından + silinmiş veya dosyanın boyutu değiştirilmişse sunucunuz dosyaya + tekrar erişmeye çalıştığında bir hata alabilecektir.</p> + </li> + </ul> + + <p>Böyle durumların olasılık dahilinde olduğu kurulumlarda içeriği + sunucu tarafından işlenecek dosyaların belleğe kopyalanmaması için + yapılandırmanıza <code>EnableMMAP off</code> satırını ekleyiniz. + (Dikkat: Bu yönerge dizin seviyesinde geçersizleştirilebilen + yönergelerdendir.)</p> + + + + <h3><code>sendfile</code></h3> + + + + <p>Apache’nin duruk dosyalarda olduğu gibi teslim edilecek dosyanın + içeriğine bakmadığı durumlarda, eğer işletim sistemi + <code>sendfile</code>(2) desteğine sahipse çekirdek normal olarak bu + desteği kullanacaktır.</p> + + <p>Bazı platformlarda <code>sendfile</code> kullanımı, okuma ve yazma + işlemlerinin ayrı ayrı yapılmamasını sağlasa da + <code>sendfile</code> kullanımının httpd kararlılığını bozduğu bazı + durumlar sözkonusudur:</p> + + <ul> + <li> + <p>Bazı platformlar derleme sisteminin saptayamadığı bozuk bir + <code>sendfile</code> desteğine sahip olabilir. Özellikle + derleme işleminin başka bir platformda yapılıp + <code>sendfile</code> desteği bozuk bir makineye kurulum + yapıldığı durumlarda bu desteğin bozuk olduğu + saptanamayacaktır.</p> + </li> + <li> + <p>Çekirdek, NFS üzerinden erişilen ağ dosyalarını kendi önbelleği + üzerinden gerektiği gibi sunamayabilir.</p> + </li> + </ul> + + <p>Böyle durumların olasılık dahilinde olduğu kurulumlarda içeriğin + <code>sendfile</code> desteğiyle teslim edilmemesi için + yapılandırmanıza <code>EnableSendfile off</code> satırını ekleyiniz. + (Dikkat: Bu yönerge dizin seviyesinde geçersizleştirilebilen + yönergelerdendir.)</p> + + + + <h3><a name="process" id="process">Süreç Oluşturma</a></h3> + + + + <p>Apache 1.3 öncesinde <code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code>, <code class="directive"><a href="../mod/prefork.html#maxspareservers">MaxSpareServers</a></code> ve <code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code> ayarları, başka sunucularla kıyaslama + denemelerinde olağanüstü kötü sonuçlar alınmasına sebep olmaktaydı. + Özellikle uygulanan yükü karşılamaya yetecek sayıda çocuk süreç + oluşturulması aşamasında Apache’nin elde ettiği ivme bunlardan + biriydi. Başlangıçta <code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code> yönergesiyle belli sayıda süreç + oluşturulduktan sonra her saniyede bir tane olmak üzere <code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code> sayıda çocuk süreç + oluşturulmaktaydı. Örneğin, aynı anda 100 isteğe yanıt vermek için + <code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code> + yönergesinin öntanımlı değeri olarak başta <code>5</code> süreç + oluşturulduğundan kalan süreçler için 95 saniye geçmesi gerekirdi. + Sık sık yeniden başlatılmadıklarından dolayı gerçek hayatta + sunucuların başına gelen de buydu. Başka sunucularla kıyaslama + denemelerinde ise işlem sadece on dakika sürmekte ve içler acısı + sonuçlar alınmaktaydı.</p> + + <p>Saniyede bir kuralı, sunucunun yeni çocukları oluşturması sırasında + sistemin aşırı meşgul duruma düşmemesi için alınmış bir önlemdi. + Makine çocuk süreç oluşturmakla meşgul edildiği sürece isteklere + yanıt veremeyecektir. Böylesi bir durum Apache’nin başarımını + kötüleştirmekten başka işe yaramayacaktır. Apache 1.3’te saniyede + bir kuralı biraz esnetildi. Yeni gerçeklenimde artık bir süreç + oluşturduktan bir saniye sonra iki süreç, bir saniye sonra dört + süreç oluşturulmakta ve işlem, saniyede 32 çocuk süreç oluşturulur + duruma gelene kadar böyle ivmelenmektedir. Çocuk süreç oluşturma + işlemi <code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code> + değerine ulaşılınca durmaktadır.</p> + + <p>Bu, <code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code>, + <code class="directive"><a href="../mod/prefork.html#maxspareservers">MaxSpareServers</a></code> ve + <code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code> ayarlarıyla + oynamayı neredeyse gereksiz kılacak kadar iyi sonuçlar verecek gibi + görünmektedir. Saniyede 4 çocuktan fazlası oluşturulmaya + başlandığında hata günlüğüne bazı iletiler düşmeye başlar. Bu + iletilerin sayısı çok artarsa bu ayarlarla oynama vakti gelmiş + demektir. Bunun için <code class="module"><a href="../mod/mod_status.html">mod_status</a></code> çıktısını bir + kılavuz olarak kullanabilirsiniz.</p> + + <p>Süreç oluşturmayla ilgili olarak süreç ölümü <code class="directive"><a href="../mod/mpm_common.html#maxrequestsperchild">MaxRequestsPerChild</a></code> değeri ile + sağlanır. Bu değer öntanımlı olarak <code>0</code> olup, çocuk süreç + başına istek sayısının sınırsız olduğu anlamına gelir. Eğer + yapılandırmanızda bu değeri <code>30</code> gibi çok düşük bir + değere ayarlarsanız bunu hemen kaldırmak zorunda kalabilirsiniz. + Sunucunuzu SunOS veya Solaris’in eski bir sürümü üzerinde + çalıştırıyorsanız bellek kaçaklarına sebep olmamak için bu değeri + <code>10000</code> ile sınırlayınız.</p> + + <p>Kalıcı bağlantı özelliğini kullanıyorsanız, çocuk süreçler zaten + açık bağlantılardan istek beklemekte olacaklardır. <code class="directive"><a href="../mod/core.html#keepalivetimeout">KeepAliveTimeout</a></code> yönergesinin öntanımlı + değeri <code>15</code> saniye olup bu etkiyi en aza indirmeye yönelik + süredir. Burada ağ band genişliği ile sunucu kaynaklarının kullanımı + arasında bir seçim yapmak söz konusudur. Hiçbir şey umurunuzda + değilse <a href="http://www.research.digital.com/wrl/techreports/abstracts/95.4.html"> + çoğu ayrıcalığın yitirilmesi pahasına</a> bu değeri rahatça + <code>60</code> saniyenin üzerine çıkarabilirsiniz.</p> + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="compiletime" id="compiletime">Derleme Sırasında Yapılandırma ile İlgili Konular</a></h2> + + + <h3>MPM Seçimi</h3> + + + <p>Apache 2.x, <a href="../mpm.html">Çok Süreçlilik Modülleri</a> + (MPM) adı verilen eklemlenebilir çok görevlilik modellerini + destekler. Apache’yi derlerken bu MPM’lerden birini seçmeniz + gerekir. MPM’lerden bazıları platformlara özeldir: + <code class="module"><a href="../mod/beos.html">beos</a></code>, <code class="module"><a href="../mod/mpm_netware.html">mpm_netware</a></code>, + <code class="module"><a href="../mod/mpmt_os2.html">mpmt_os2</a></code> ve <code class="module"><a href="../mod/mpm_winnt.html">mpm_winnt</a></code>. Unix + benzeri sistemler için ise seçebileceğiniz modül sayısı birden + fazladır. MPM seçiminin httpd’nin hızında ve ölçeklenebilirliğinde + bazı etkileri olabilir:</p> + + <ul> + + <li><code class="module"><a href="../mod/worker.html">worker</a></code> modülü her biri çok evreli çok sayıda + çocuk süreç kullanımını destekler. Her evre aynı anda tek bir + bağlantıya hizmet sunar. Aynı hizmeti daha az bellek harcayarak + vermesi nedeniyle yüksek trafiğe sahip sunucularda + <code class="module"><a href="../mod/prefork.html">prefork</a></code> modülüne göre daha iyi bir seçimdir.</li> + + <li><code class="module"><a href="../mod/prefork.html">prefork</a></code> modülü her biri tek bir evreye sahip + çok sayıda çocuk süreç kullanımını destekler. Her süreç aynı anda + tek bir bağlantıya hizmet sunar. Çoğu sistemde daha hızlı olması + nedeniyle <code class="module"><a href="../mod/worker.html">worker</a></code> modülüne göre daha iyi bir seçim + olarak görünürse de bunu daha fazla bellek kullanarak sağlar. + <code class="module"><a href="../mod/prefork.html">prefork</a></code> modülünün evresiz tasarımının + <code class="module"><a href="../mod/worker.html">worker</a></code> modülüne göre bazı yararlı tarafları + vardır: Çok evreli sistemlerde güvenilir olmayan üçüncü parti + modülleri kullanabilir ve evrelerde hata ayıklamanın yetersiz + kaldığı platformlarda hatalarını ayıklamak daha kolaydır.</li> + + </ul> + + <p>Bu modüller ve diğerleri hakkında daha ayrıntılı bilgi edinmek için + <a href="../mpm.html">Çok Süreçlilik Modülleri</a> belgesine + bakınız.</p> + + + + <h3><a name="modules" id="modules">Modüller</a></h3> + + + + <p>Bellek kullanımı başarım konusunda önemli olduğundan gerçekte + kullanmadığınız modülleri elemeye çalışmalısınız. Modülleri birer <a href="../dso.html">DSO</a> olarak derlediyseniz <code class="directive"><a href="../mod/mod_so.html#loadmodule">LoadModule</a></code> yönergesinin bulunduğu satırı + açıklama haline getirmeniz modülden kurtulmanız için yeterli + olacaktır. Modülleri bu şekilde kaldırarak onların yokluğunda + sitenizin hala işlevlerini yerine getirdiğini görme şansına da + kavuşmuş olursunuz.</p> + + <p>Ancak, eğer modülleri Apache çalıştırılabilirinin içine + gömmüşseniz istenmeyen modülleri kaldırmak için Apache'yi yeniden + derlemeniz gerekir.</p> + + <p>Bu noktada bir soru akla gelebilir: Hangi modüller gerekli, + hangileri değil? Bu sorunun yanıtı şüphesiz siteden siteye değişir. + Ancak, olmazsa olmaz moüller olarak <code class="module"><a href="../mod/mod_mime.html">mod_mime</a></code>, + <code class="module"><a href="../mod/mod_dir.html">mod_dir</a></code> ve <code class="module"><a href="../mod/mod_log_config.html">mod_log_config</a></code> + modüllerini sayabiliriz. Bunlardan <code>mod_log_config</code> + olmadan da bir sitenin çalışabileceğinden hareketle bu modülün + varlığı isteğe bağlı olsa da bu modülü kaldırmanızı önermiyoruz.</p> + + + + <h3>Atomik İşlemler</h3> + + + + <p>Worker MPM'nin en son geliştirme sürümleri ve + <code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code> gibi bazı modüller APR'nin atomik API'sini + kullanırlar. Bu API, düşük ayarlı evre eşzamanlamasında atomik + işlemler yapar.</p> + + <p>Öntanımlı olarak, APR bu işlemleri hedef işletim sistemi/işlemci + platformunda kullanılabilecek en verimli mekanizmayı kullanarak + gerçekleştirir. Günümüz işlemcilerinin çoğu, örneğin, bir atomik + karşılaştırma ve takas (CAS) işlemini donanımda gerçekleştirmektedir. + Bazı platformlarda APR'nin atomik işlemler için öntanımlı olarak daha + yavaş olan mutekslere dayalı gerçeklenimi kullanmasının sebebi eski + işlemcilerde bu tür makine kodlarının yokluğudur. Apache'yi bu tür + platformalarda günümüz işlemcileriyde çalıştırmayı düşünüyorsanız + Apache'yi derlemek için yapılandırırken en hızlı atomik işlemin + seçilebilmesi için <code>--enable-nonportable-atomics</code> + seçeneğini kullanın:</p> + + <div class="example"><p><code> + ./buildconf<br /> + ./configure --with-mpm=worker --enable-nonportable-atomics=yes + </code></p></div> + + <p><code>--enable-nonportable-atomics</code> seçeneği şu platformlar + için uygundur:</p> + + <ul> + + <li>SPARC üzerinde Solaris<br /> + APR öntanımlı olarak, SPARC/Solaris üzerinde mutekslere dayalı + atomik işlemleri kullanır. Ancak, + <code>--enable-nonportable-atomics</code> yapılandırmasını + kullanırsanız, donanım üzerinde hızlı karşılaştırma ve takas + için uygun SPARC v8plus kodunu kullanacak şekilde kod üretilir. + Apache'yi bu seçenekle yapılandırırsanız atomik işlemler daha + verimli olacak fakat derlenen Apache çalıştırılabiliri sadece + UltraSPARC kırmığı üzerinde çalışacaktır. + </li> + + <li>x86 üzerinde Linux<br /> + APR öntanımlı olarak, Linux üzerinde mutekslere dayalı atomik + işlemleri kullanır. Ancak, + <code>--enable-nonportable-atomics</code> yapılandırmasını + kullanırsanız, donanım üzerinde hızlı karşılaştırma ve takas + için uygun 486 kodunu kullanacak şekilde kod üretilir. Apache'yi + bu seçenekle yapılandırırsanız atomik işlemler daha verimli + olacak fakat derlenen Apache çalıştırılabiliri (386 üzerinde + değil) sadece 486 ve sonrası kırmıklarda çalışacaktır. + </li> + + </ul> + + + + <h3><code>mod_status</code> ve <code>ExtendedStatus On</code> + </h3> + + + + <p><code class="module"><a href="../mod/mod_status.html">mod_status</a></code> modülünü derlemiş ve Apache'yi + yapılandırır ve çalıştırırken <code>ExtendedStatus On</code> satırını + da kullanmışsanız Apache her istek üzerinde + <code>gettimeofday(2)</code> (veya işletim sistemine bağlı olarak + <code>time(2)</code>) çağrısından başka (1.3 öncesinde) fazladan + defalarca <code>time(2)</code> çağrıları yapacaktır. Bu çağrılarla + durum raporununun zamanlama bilgilerini içermesi sağlanır. Başarımı + arttırmak için <code>ExtendedStatus off</code> yapın (zaten öntanımlı + böyledir).</p> + + + + <h3><code>accept</code> dizgilemesi ve çok soketli işlem</h3> + + + + <div class="warning"><h3>Uyarı:</h3> + <p>Bu bölüm, Apache HTTP sunucusunun 2.x sürümlerinde yapılan + değişikliklere göre tamamen güncellenmemiştir. Bazı bilgiler hala + geçerliyse de lütfen dikkatli kullanınız.</p> + </div> + + <p>Burada Unix soket arayüzü gerçeklenirken ihmal edilen bir durumdan + bahsedeceğiz. HTTP sunucunuzun çok sayıda adresten çok sayıda portu + dinlemek için çok sayıda <code class="directive"><a href="../mod/mpm_common.html#listen">Listen</a></code> yönergesi kullanmakta olduğunu varsayalım. Her + soketi çalıştığını görmek için denerken Apache bağlantı için + <code>select(2)</code> kullanacaktır. <code>select(2)</code> çağrısı + bu soketin üzerinde <em>sıfır</em> veya <em>en azından bir</em> + bağlantının beklemekte olduğu anlamına gelir. Apache'nin modeli çok + sayıda çocuk süreç içerir ve boşta olanların tümünde aynı anda yeni + bağlantılar denenebilir. Gerçekte çalışan kod bu olmasa da meramımızı + anlatmak için kodun şöyle bir şey olduğunu varsayabiliriz:</p> + + <div class="example"><p><code> + for (;;) {<br /> + <span class="indent"> + for (;;) {<br /> + <span class="indent"> + fd_set accept_fds;<br /> + <br /> + FD_ZERO (&accept_fds);<br /> + for (i = first_socket; i <= last_socket; ++i) {<br /> + <span class="indent"> + FD_SET (i, &accept_fds);<br /> + </span> + }<br /> + rc = select (last_socket+1, &accept_fds, NULL, NULL, NULL);<br /> + if (rc < 1) continue;<br /> + new_connection = -1;<br /> + for (i = first_socket; i <= last_socket; ++i) {<br /> + <span class="indent"> + if (FD_ISSET (i, &accept_fds)) {<br /> + <span class="indent"> + new_connection = accept (i, NULL, NULL);<br /> + if (new_connection != -1) break;<br /> + </span> + }<br /> + </span> + }<br /> + if (new_connection != -1) break;<br /> + </span> + }<br /> + process the new_connection;<br /> + </span> + } + </code></p></div> + + <p>Bu özet gerçeklenim bir takım açlık sorunlarına sebep olur. Bu + döngünün çalışması sırasında aynı anda çok sayıda çocuk süreç yeniden + çağrılır ve istekler arasında kalan çoğu çocuk da <code>select</code> + ile engellenir. Engellenen tüm bu çocuklar soketlerden herhangi biri + üzerinde tek bir istek göründüğünde <code>select</code> tarafından + uyandırılıp işleme sokulmak üzere döndürülürler (uyandırılan çocuk + sayısı işletim sistemine ve zamanlama ayarlarına göre değişiklik + gösterir). Bunların hepsi döngüye katılıp bağlantı kabul etmeye + (<code>accept</code>) çalışırlar. Fakat içlerinden yalnız biri + (sadece bir bağlantı isteğinin mevcut olduğu varsayımıyla) bunu + başarabilir. Kalanının bağlantı kabul etmesi (<code>accept</code>) + engellenir. Bu durum, bu çocukları istekleri başka başka soketlerden + değil mecburen tek bir soketten kabul etmeye kilitler ve bu soket + üzerinde yeni bir istek belirip uyandırılana kadar bu durumda + kalırlar. Bu açlık sorunu ilk olarak <a href="http://bugs.apache.org/index/full/467">PR#467</a> sayılı raporla + belgelenmiştir. Bu sorunun en az iki çözümü vardır.</p> + + <p>Çözümün biri engellenmeyen soket kullanımıdır. Bu durumda + <code>accept</code> çocukları engellemeyecek ve yapılan bir + bağlantının ardından diğer çocuklar durumları değişmeksizin bağlantı + beklemeye devam edeceklerdir. Fakat bu durum işlemci zamanının boşa + harcanmasına sebep olur. Seçilmiş (<code>select</code>) boşta on + çocuğun olduğunu ve bir bağlantı geldiğini varsayalım. Kalan dokuz + çocuk işine devam edip bağlantı kabul etmeyi (<code>accept</code>) + deneyecek, başarızsız olacak, dönecek başa, tekrar seçilecek + (<code>select</code>) ve böyle hiçbir iş yapmadan dönüp duracaktır. Bu + arada hizmet sunmakta olanlar da işlerini bitirdikten sonra bu + döngüdeki yerlerini alacaklardır. Aynı kutunun içinde boşta bir sürü + işlemciniz (çok işlemcili sistemler) yoksa bu çözüm pek verimli + olmayacaktır.</p> + + <p>Diğer çözüm ise Apache tarafından kullanılan çözüm olup, girdiyi + bir iç döngüde sıraya sokmaktır. Döngü aşağıda örneklenmiştir (farklar + vurgulanmıştır):</p> + + <div class="example"><p><code> + for (;;) {<br /> + <span class="indent"> + <strong>accept_mutex_on ();</strong><br /> + for (;;) {<br /> + <span class="indent"> + fd_set accept_fds;<br /> + <br /> + FD_ZERO (&accept_fds);<br /> + for (i = first_socket; i <= last_socket; ++i) {<br /> + <span class="indent"> + FD_SET (i, &accept_fds);<br /> + </span> + }<br /> + rc = select (last_socket+1, &accept_fds, NULL, NULL, NULL);<br /> + if (rc < 1) continue;<br /> + new_connection = -1;<br /> + for (i = first_socket; i <= last_socket; ++i) {<br /> + <span class="indent"> + if (FD_ISSET (i, &accept_fds)) {<br /> + <span class="indent"> + new_connection = accept (i, NULL, NULL);<br /> + if (new_connection != -1) break;<br /> + </span> + }<br /> + </span> + }<br /> + if (new_connection != -1) break;<br /> + </span> + }<br /> + <strong>accept_mutex_off ();</strong><br /> + process the new_connection;<br /> + </span> + } + </code></p></div> + + <p><code>accept_mutex_on</code> ve <code>accept_mutex_off</code> <a id="serialize" name="serialize">işlevleri</a> bir karşılıklı red + semoforu oluştururlar. Mutekse aynı anda sadece bir çocuk sahip + olabilir. Bu muteksleri gerçeklemek için çeşitli seçenekler vardır. + Seçim, <code>src/conf.h</code> (1.3 öncesi) veya + <code>src/include/ap_config.h</code> (1.3 ve sonrası) dosyasında + tanımlanmıştır. Bazı mimariler bir kilitleme seçeneğine sahip + değildir. Böyle mimarilerde çok sayıda <code class="directive"><a href="../mod/mpm_common.html#listen">Listen</a></code> yönergesi kullanmak güvenilir + olmayacaktır.</p> + + <p><code class="directive"><a href="../mod/mpm_common.html#acceptmutex">AcceptMutex</a></code> yönergesi, + seçilen muteks gerçeklenimini çalışma anında değiştirmek için + kullanılabilir.</p> + + <dl> + <dt><code>AcceptMutex flock</code></dt> + + <dd> + <p>Bu yöntem, bir kilit dosyasını kilitlemek için + <code>flock(2)</code> sistem çağrısını kullanır (Kilit dosyasının + yeri <code class="directive"><a href="../mod/mpm_common.html#lockfile">LockFile</a></code> + yönergesiyle belirtilir).</p> + </dd> + + <dt><code>AcceptMutex fcntl</code></dt> + + <dd> + <p>Bu yöntem, bir kilit dosyasını kilitlemek için + <code>fcntl(2)</code> sistem çağrısını kullanır (Kilit dosyasının + yeri <code class="directive"><a href="../mod/mpm_common.html#lockfile">LockFile</a></code> + yönergesiyle belirtilir).</p> + </dd> + + <dt><code>AcceptMutex sysvsem</code></dt> + + <dd> + <p>(1.3 ve sonrası) Bu yöntem muteksi gerçeklemek için SysV tarzı + semaforları kullanır. Maalesef, SysV tarzı semaforların bazı yan + etkileri vardır. Bunlardan biri Apache'nin semaforu temizlemeden + ölme ihtimalidir (<code>ipcs(8)</code> kılavuz sayfasına bakınız). + Diğer biri, CGI'lerin sunucu ile aynı kullanıcı kimliğini + kullanmaları nedeniyle semafor arayüzünün hizmet reddi + saldırılarına açık olmasıdır (<code class="program"><a href="../programs/suexec.html">suexec</a></code> veya + <code>cgiwrapper</code> gibi bir şeyler kullanmadıkça bütün + CGI'ler için söz konusudur). Bu sebeple bu yöntem IRIX haricinde + hiçbir mimaride kullanılmaz (önceki ikisi çoğu IRIX makine için + elde edilmesi imkansız derecede pahalı olduğundan).</p> + </dd> + + <dt><code>AcceptMutex pthread</code></dt> + + <dd> + <p>(1.3 ve sonrası) Bu yöntem POSIX mutekslerini kullanır ve POSIX + evreleri belirtiminin tamamen gerçeklendiği mimarilerde çalışması + gerekirse de sadece Solaris (2.5 ve sonrası) üzerinde ve sadece + belli yapılandırmalarla çalışmakta gibi görünmektedir. Bunu + denemişseniz sunucunuzun çöktüğünü ve yanıt vermediğini + görmüşsünüzdür. Sadece duruk içerikli sunucular iyi + çalışmaktadır.</p> + </dd> + + <dt><code>AcceptMutex posixsem</code></dt> + + <dd> + <p>(2.0 ve sonrası) Bu yöntem POSIX semaforlarını kullanır. Eğer + işlem sırasında bir evre muteks kaynaklı parçalama arızalarıyla + karşı karşıya kalırsa HTTP sunucusunun çökmesiyle semaforun sahibi + kurtarılamaz.</p> + </dd> + + </dl> + + <p>Eğer sisteminiz yukarıda bahsedilenler dışında başka bir dizgileme + yöntemi kullanıyorsa bununla ilgili kodun APR'ye eklenmesi girilen + zahmete değecektir.</p> + + <p>Başka bir çözüm daha vardır ancak döngü kısmen dizgilenmeyeceğinden + (yani belli sayıda sürece izin verilemeyeceğinden) asla + gerçeklenmemiştir. Bu sadece, aynı anda çok sayıda çocuk sürecin + çalışabileceği ve dolayısıyla band genişliğinin tüm yönleriyle + kullanılabileceği çok işlemcili sistemlerde ilginç olabilirdi. Bu + gelecekte incelenmeye değer bir konu olmakla beraber çok sayıda HTTP + sunucusunun aynı anda aynı amaca hizmet edecek şekilde çalışması + standart olarak pek mümkün görülmediğinden bu olasılık çok + düşüktür.</p> + + <p>En yüksek başarımı elde etmek için ideal olanı sunucuları + çalıştırırken çok sayıda <code class="directive"><a href="../mod/mpm_common.html#listen">Listen</a></code> yönergesi kullanmamaktır. Fakat siz yine de + okumaya devam edin.</p> + + + + <h3><code>accept</code> dizgilemesi - tek soket</h3> + + + + <p>Çok soketli sunucular için yukarıda açıklananlar iyi güzel de tek + soketli sunucularda durum ne? Kuramsal olarak, bunların hiçbiriyle bir + sorunları olmaması gerekir. Çünkü yeni bir bağlantı gelene kadar tüm + çocuklar <code>accept(2)</code> ile engellenirler dolayısıyla hiçbir + açlık sorununun ortaya çıkmaması gerekir. Uygulamada ise son + kullanıcıdan gizli olarak, yukarıda engellenmeyen çocuklar çözümünde + bahsedilenle hemen hemen aynı "boşa dönüp durma" davranışı mevcuttur. + Çoğu TCP yığıtı bu yolu gerçeklemiştir. Çekirdek, yeni bir bağlantı + ortaya çıktığında <code>accept</code> ile engellenen tüm süreçleri + uyandırır. Bu süreçlerden bağlantıyı alan kullanıcı bölgesine geçerken + çekirdek içinde döngüde olan diğerleri de yeni bağlantı keşfedilene + kadar uykularına geri dönerler. Bu çekirdek içi döngü, kullanıcı + bölgesindeki kodlara görünür değildir ama bu olmadıkları anlamına + gelmez. Bu durum, çok soketli engellenmeyen çocuklar çözümündeki boşa + döngünün sebep olduğu gereksiz işlemci yükü sorununu içinde + barındırır.</p> + + <p>Bununla birlikte, tek soketli durumda bile bundan daha verimli bir + davranış sergileyen bir çok mimari bulduk. Bu aslında hemen hemen her + durumda öntanımlı olarak böyledir. Linux altında yapılan üstünkörü + denemelerde (128MB bellekli çift Pentium pro 166 işlemcili makinede + Linux 2.0.30) tek sokette dizgilemenin dizgilenmemiş duruma göre + saniyede %3 daha az istekle sonuçlandığı gösterilmiştir. Fakat + dizgilenmemiş tek soket durumunda her istekte 100ms'lik ek bir gecikme + olduğu görülmüştür. Bu gecikmenin sebebi muhtemelen uzun mesafeli + hatlar olup sadece yerel ağlarda söz konusudur. Tek soketli + dizgilemeyi geçersiz kılmak için + <code>SINGLE_LISTEN_UNSERIALIZED_ACCEPT</code> tanımlarsanız tek + soketli sunucularda artık dizgileme yapılmayacaktır.</p> + + + + <h3>Kapatmayı zamana yaymak</h3> + + + + <p><a href="http://www.ics.uci.edu/pub/ietf/http/draft-ietf-http-connection-00.txt">draft-ietf-http-connection-00.txt</a> taslağının 8. bölümünde + bahsedildiği gibi, bir HTTP sunucusunun protokolü <strong>güvenilir + şekilde</strong> gerçeklemesi için her iki yöndeki iletişimi + birbirinden bağımsız olarak (iki yönlü bir TCP bağlantısının her + yarısını diğerinden bağımsız olarak) kapatması gerekir. Bu olgu başka + sunucular tarafından çoğunlukla dikkate alınmaz fakat Apache'nin 1.2 + sürümünden beri gerektiği gibi gerçeklenmektedir.</p> + + <p>Bu özellik Apache'ye eklendiğinde Unix'in çeşitli sürümlerinde + uzgörüsüzlükten dolayı bir takım geçici telaş sorunlarına sebep oldu. + TCP belirtimi <code>FIN_WAIT_2</code> durumunda bir zaman aşımından + bahsetmez ama yasaklamaz da. Zaman aşımı olmayan sistemlerde, Apache + 1.2 çoğu soketin sonsuza kadar <code>FIN_WAIT_2</code> durumunda + takılıp kalmasına sebep olur. Çoğu durumda, satıcıdan sağlanan en son + TCP/IP yamalarını uygulanarak bu önlenebilir. Satıcının hiçbir yeni + yama dağıtmadığı durumlarda (örneğin, SunOS4 -- bir kaynak lisansı ile + insanlar bunu kendileri yamayabilirse de) bu özelliği devre dışı + bırakmaya karar verdik.</p> + + <p>Bunun üstesinden gelmenin iki yolu vardır. Bunlardan biri + <code>SO_LINGER</code> soket seçeneğidir. Bu işin kaderi buymuş gibi + görünürse de çoğu TCP/IP yığıtında bu gerektiği gibi + gerçeklenmemiştir. Bu yığıtlar üzerinde, bu yöntemin, doğru bir + gerçeklenimle bile (örneğin, Linux 2.0.31) sonraki çözümden daha + pahalı olduğu ortaya çıkmıştır.</p> + + <p>Çoğunlukla, Apache bunu (<code>http_main.c</code> içindeki) + <code>lingering_close</code> adında bir işlevle gerçekler. Bu işlev + kabaca şöyle görünür:</p> + + <div class="example"><p><code> + void lingering_close (int s)<br /> + {<br /> + <span class="indent"> + char junk_buffer[2048];<br /> + <br /> + /* gönderen tarafı kapat */<br /> + shutdown (s, 1);<br /> + <br /> + signal (SIGALRM, lingering_death);<br /> + alarm (30);<br /> + <br /> + for (;;) {<br /> + <span class="indent"> + /* s'i okumak için, 2 saniyelik zaman aşımı ile seç */<br /> + select (s for reading, 2 second timeout);<br /> + /* Hata oluşmuşsa döngüden çık */<br /> + if (error) break;<br /> + /* s okumak için hazırsa */<br /> + if (s is ready for reading) {<br /> + <span class="indent"> + if (read (s, junk_buffer, sizeof (junk_buffer)) <= 0) {<br /> + <span class="indent"> + break;<br /> + </span> + }<br /> + /* geri kalan herşey burada */<br /> + </span> + }<br /> + </span> + }<br /> + <br /> + close (s);<br /> + </span> + } + </code></p></div> + + <p>Bağlantı sonunda bu doğal olarak biraz daha masrafa yol açar, fakat + güvenilir bir gerçeklenim için bu gereklidir. HTTP/1.1'in daha yaygın + kullanılmaya başlanması ve tüm bağlantıların kalıcı hale gelmesiyle bu + gerçeklenim daha fazla istek üzerinden kendi masrafını + karşılayacaktır. Ateşle oynamak ve bu özelliği devre dışı bırakmak + isterseniz <code>NO_LINGCLOSE</code>'u tanımlayabilirsiniz, fakat bu + asla önerilmez. Özellikle, HTTP/1.1'den itibaren boruhatlı kalıcı + bağlantıların <code>lingering_close</code> kullanmaya başlaması mutlak + bir gerekliliktir (ve <a href="http://www.w3.org/Protocols/HTTP/Performance/Pipeline.html"> + boruhatlı bağlantıların daha hızlı</a> olması nedeniyle bu + bağlantıları desteklemek isteyebilirsiniz).</p> + + + + <h3>Çetele Dosyası</h3> + + + + <p>Apache'nin ana ve alt süreçleri birbirleriyle çetele denen birşey + üzerinden haberleşirler. Bunun en mükemmel şekilde paylaşımlı bellekte + gerçeklenmesi gerekir. Eriştiğimiz veya portlarını ayrıntılı olarak + belirttiğimiz işletim sistemleri için bu, genellikle paylaşımlı bellek + kullanılarak gerçeklenir. Geri kalanlar, öntanımlı olarak bunu bir + disk dosyası kullanarak gerçekler. Bir disk dosyaı yavaş olmanın yanı + sıra güvenilir de değildir (ve daha az özelliğe sahiptir). Mimarinizin + <code>src/main/conf.h</code> dosyasını inceleyin ve + <code>USE_MMAP_SCOREBOARD</code> veya + <code>USE_SHMGET_SCOREBOARD</code>'a bakın. Bu ikisinden birinin (ve + yanı sıra sırasıyla <code>HAVE_MMAP</code> veya + <code>HAVE_SHMGET</code>'in) tanımlanmış olması, sağlanan paylaşımlı + bellek kodunu etkinleştirir. Eğer sisteminiz diğer türdeki paylaşımlı + belleğe sahipse, <code>src/main/http_main.c</code> dosyasını açıp, + Apache'de bu belleği kullanması gereken kanca işlevleri ekleyin (Bize + de bir yama yollayın, lütfen).</p> + + <div class="note">Tarihsel bilgi: Apache'nin Linux uyarlaması, Apache'nin 1.2 + sürümüne kadar paylaşımlı belleği kullanmaya başlamamıştı. Bu kusur, + Apache'nin Linux üzerindeki erken dönem sürümlerinin davranışlarının + zayıf ve güvenilmez olmasına yol açmıştı.</div> + + + + <h3>DYNAMIC_MODULE_LIMIT</h3> + + + + <p>Devingen olarak yüklenen modülleri kullanmamak niyetindeyseniz + (burayı okuyan ve sunucunuzun başarımını son kırıntısına kadar + arttırmakla ilgilenen biriyseniz bunu düşünmezsiniz), sunucunuzu + derlerken seçenekler arasına <code>-DDYNAMIC_MODULE_LIMIT=0</code> + seçeneğini de ekleyin. Bu suretle, sadece, devingen olarak yüklenen + modüller için ayrılacak belleği kazanmış olacaksınız.</p> + + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="trace" id="trace">Ek: Bir çağrı izlemesinin ayrıntılı çözümlemesi</a></h2> + + + + <p>Burada, Solaris 8 üzerinde worker MPM'li Apache 2.0.38'in bir sistem + çağrısı izlenmektedir. Bu izleme şu komutla elde edilmiştir:</p> + + <div class="example"><p><code> + truss -l -p <var>httpd_çocuk_pidi</var>. + </code></p></div> + + <p><code>-l</code> seçeneği, truss'a hafif bir sürecin yaptığı her + sistem çağrısını (hafif süreç -- HS -- Solaris'in bir çekirdek seviyesi + evreleme biçimi) günlüğe yazmasını söyler.</p> + + <p>Diğer sistemlerin sistem çağrılarını izleyen farklı araçları vardır + (<code>strace</code>, <code>ktrace</code>, <code>par</code> gibi). + Bunlar da benzer çıktılar üretirler.</p> + + <p>Bu izleme sırasında, bir istemci httpd'den 10 KB'lık duruk bir dosya + talebinde bulunmuştur. Duruk olmayan veya içerik uzlaşımlı isteklerin + izleme kayıtları vahşice (bazı durumlarda epey çirkince) farklı + görünür.</p> + + <div class="example"><p><code> + /67: accept(3, 0x00200BEC, 0x00200C0C, 1) (uykuda...)<br /> + /67: accept(3, 0x00200BEC, 0x00200C0C, 1) = 9 + </code></p></div> + + <p>Bu izlemede, dinleyen evre HS #67 içinde çalışmaktadır.</p> + + <div class="note"><code>accept(2)</code> dizgelemesinin olmayışına dikkat edin. + Özellikle bu platformda worker MPM, çok sayıda portu dinlemedikçe, + öntanımlı olarak dizgeleştirilmemiş bir accept çağrısı kullanır.</div> + + <div class="example"><p><code> + /65: lwp_park(0x00000000, 0) = 0<br /> + /67: lwp_unpark(65, 1) = 0 + </code></p></div> + + <p>Bağlantının kabul edilmesiyle, dinleyici evre isteği yerine getirmek + üzere bir worker evresini uyandırır. Bu izlemede, isteği yerine getiren + worker evresi HS #65'e aittir.</p> + + <div class="example"><p><code> + /65: getsockname(9, 0x00200BA4, 0x00200BC4, 1) = 0 + </code></p></div> + + <p>Sanal konakların gerçeklenimi sırasında, Apache'nin, bağlantıları + kabul etmek için kullanılan yerel soket adreslerini bilmesi gerekir. + Çoğu durumda bu çağrıyı bertaraf etmek mümkündür (hiç sanal konağın + olmadığı veya <code class="directive"><a href="../mod/mpm_common.html#listen">Listen</a></code> + yönergelerinin mutlak adreslerle kullanıldığı durumlarda). Fakat bu en + iyilemeleri yapmak için henüz bir çaba harcanmamıştır.</p> + + <div class="example"><p><code> + /65: brk(0x002170E8) = 0<br /> + /65: brk(0x002190E8) = 0 + </code></p></div> + + <p><code>brk(2)</code> çağrıları devingen bellekten bellek ayırır. httpd + çoğu isteği yerine getirirken özel bellek ayırıcılar + (<code>apr_pool</code> ve <code>apr_bucket_alloc</code>) kullandığından + bunlar bir sistem çağrısı izlemesinde nadiren görünür. Bu izlemede, + httpd henüz yeni başlatıldığından, özel bellek ayırıcıları oluşturmak + için ham bellek bloklarını ayırmak amacıyla <code>malloc(3)</code> + çağrıları yapması gerekir.</p> + + <div class="example"><p><code> +/65: fcntl(9, F_GETFL, 0x00000000) = 2<br /> +/65: fstat64(9, 0xFAF7B818) = 0<br /> +/65: getsockopt(9, 65535, 8192, 0xFAF7B918, 0xFAF7B910, 2190656) = 0<br /> +/65: fstat64(9, 0xFAF7B818) = 0<br /> +/65: getsockopt(9, 65535, 8192, 0xFAF7B918, 0xFAF7B914, 2190656) = 0<br /> +/65: setsockopt(9, 65535, 8192, 0xFAF7B918, 4, 2190656) = 0<br /> +/65: fcntl(9, F_SETFL, 0x00000082) = 0 + </code></p></div> + + <p>Ardından, worker evresi istemciye (dosya tanıtıcısı 9) engellenmeyen + kipte bir bağlantı açar. <code>setsockopt(2)</code> + ve <code>getsockopt(2)</code> çağrıları, Solaris libc'sinin soketler + üzerindeki <code>fcntl(2)</code> çağrısı yanında birer yan etkiden + ibarettirler.</p> + + <div class="example"><p><code> + /65: read(9, " G E T / 1 0 k . h t m".., 8000) = 97 + </code></p></div> + + <p>Worker evresi istemciden isteği okur.</p> + + <div class="example"><p><code> +/65: stat("/var/httpd/apache/httpd-8999/htdocs/10k.html", 0xFAF7B978) = 0<br /> +/65: open("/var/httpd/apache/httpd-8999/htdocs/10k.html", O_RDONLY) = 10 + </code></p></div> + + <p>Bu httpd <code>Options FollowSymLinks</code> ve <code>AllowOverride + None</code> ile yapılandırılmıştır. Bu bakımdan, ne istenen dosya ile + sonuçlanan yol üzerindeki her dizinde <code>lstat(2)</code> çağrısına ne + de <code>.htaccess</code> dosyalarına bakılmasına gerek vardır. + <code>stat(2)</code> çağrısı basitçe dosya için şunları doğrulamak + amacıyla yapılır: 1) dosya mevcuttur ve 2) bir dizin değil normal bir + dosyadır.</p> + + <div class="example"><p><code> + /65: sendfilev(0, 9, 0x00200F90, 2, 0xFAF7B53C) = 10269 + </code></p></div> + + <p>Bu örnekte, httpd, istenen dosyayı ve HTTP yanıt başlığını tek bir + <code>sendfilev(2)</code> sistem çağrısı ile göndermektedir. Dosya + gönderim işleminin anlamı sistemden sisteme değişiklik gösterir. Bazı + sistemlerde, <code>sendfile(2)</code> çağrısından önce başlıkları + göndermek için <code>write(2)</code> veya <code>writev(2)</code> + çağrısı yapmak gerekir.</p> + + <div class="example"><p><code> + /65: write(4, " 1 2 7 . 0 . 0 . 1 - ".., 78) = 78 + </code></p></div> + + <p>Bu <code>write(2)</code> çağrısı isteği erişim günlüğüne kaydeder. Bu + izlemede eksik olan tek şey, <code>time(2)</code> çağrısıdır. Apache + 1.3'ün aksine, Apache 2.x zamana bakmak için + <code>gettimeofday(3)</code> çağırısını kullanır. Linux ve Solaris gibi + bazı işletim sistemleri, <code>gettimeofday</code> işlevinin, sıradan + bir sistem çağrısından daha fazla götürüsü olmayan en iyilenmiş bir + gerçeklenimine sahiptir.</p> + + <div class="example"><p><code> + /65: shutdown(9, 1, 1) = 0<br /> + /65: poll(0xFAF7B980, 1, 2000) = 1<br /> + /65: read(9, 0xFAF7BC20, 512) = 0<br /> + /65: close(9) = 0 + </code></p></div> + + <p>Burada worker evresi bağlantıyı zamana yaymaktadır.</p> + + <div class="example"><p><code> + /65: close(10) = 0<br /> + /65: lwp_park(0x00000000, 0) (uykuda...) + </code></p></div> + + <p>Son olarak, worker evresi teslim edilen dosyayı kapattıktan sonra + dinleyici evre tarafından başka bir bağlantı atanıncaya kadar beklemeye + alınır.</p> + + <div class="example"><p><code> + /67: accept(3, 0x001FEB74, 0x001FEB94, 1) (uykuda...) + </code></p></div> + + <p>Bu arada, dinleyici evre bağlantıyı bir worker evresine atar atamaz + başka bir bağlantıyı beklemeye başlar (Mevcut tüm evreler meşgulse + dinleyici evreyi baskılayan worker MPM'nin akış denetim şemasına konu + olur). Bu izlemede görünmüyor olsa da sonraki <code>accept(2)</code> + çağrısı, yeni bağlantı kabul eden worker evresine paralel olarak + yapılabilir (aşırı yük durumlarında normal olarak, bu yapılır).</p> + + </div></div> +<div class="bottomlang"> +<p><span>Mevcut Diller: </span><a href="../en/misc/perf-tuning.html" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../ko/misc/perf-tuning.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> | +<a href="../tr/misc/perf-tuning.html" title="Türkçe"> tr </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br /><a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a> altında lisanslıdır.</p> +<p class="menu"><a href="../mod/">Modüller</a> | <a href="../mod/directives.html">Yönergeler</a> | <a href="../faq/">SSS</a> | <a href="../glossary.html">Terimler</a> | <a href="../sitemap.html">Site Haritası</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/relevant_standards.html b/rubbos/app/httpd-2.0.64/docs/manual/misc/relevant_standards.html new file mode 100644 index 00000000..0890a9e4 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/relevant_standards.html @@ -0,0 +1,9 @@ +# GENERATED FROM XML -- DO NOT EDIT + +URI: relevant_standards.html.en +Content-Language: en +Content-type: text/html; charset=ISO-8859-1 + +URI: relevant_standards.html.ko.euc-kr +Content-Language: ko +Content-type: text/html; charset=EUC-KR diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/relevant_standards.html.en b/rubbos/app/httpd-2.0.64/docs/manual/misc/relevant_standards.html.en new file mode 100644 index 00000000..2924d461 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/relevant_standards.html.en @@ -0,0 +1,199 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>Relevant Standards - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>Relevant Standards</h1> +<div class="toplang"> +<p><span>Available Languages: </span><a href="../en/misc/relevant_standards.html" title="English"> en </a> | +<a href="../ko/misc/relevant_standards.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p> +</div> + + <p>This page documents all the relevant standards that the + Apache HTTP Server follows, along with brief descriptions.</p> + + <p>In addition to the information listed below, the following resources + should be consulted:</p> + + <ul> + <li> + <a href="http://purl.org/NET/http-errata"> + http://purl.org/NET/http-errata</a> - HTTP/1.1 Specification Errata + </li> + <li> + <a href="http://www.rfc-editor.org/errata.html"> + http://www.rfc-editor.org/errata.html</a> - RFC Errata + </li> + <li> + <a href="http://ftp.ics.uci.edu/pub/ietf/http/#RFC"> + http://ftp.ics.uci.edu/pub/ietf/http/#RFC</a> - A pre-compiled list + of HTTP related RFCs + </li> + </ul> + + <div class="warning"><h3>Notice</h3> + <p>This document is not yet complete.</p> + </div> + + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#http_recommendations">HTTP Recommendations</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#html_recommendations">HTML Recommendations</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#authentication">Authentication</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#language_country_codes">Language/Country Codes</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="http_recommendations" id="http_recommendations">HTTP Recommendations</a></h2> + + <p>Regardless of what modules are compiled and used, Apache as a + basic web server complies with the following IETF recommendations:</p> + + <dl> + <dt><a href="http://www.rfc-editor.org/rfc/rfc1945.txt">RFC 1945</a> + (Informational)</dt> + + <dd>The Hypertext Transfer Protocol (HTTP) is an application-level + protocol with the lightness and speed necessary for distributed, + collaborative, hypermedia information systems. This documents + HTTP/1.0.</dd> + + <dt><a href="http://www.rfc-editor.org/rfc/rfc2616.txt">RFC 2616</a> + (Standards Track)</dt> + + <dd>The Hypertext Transfer Protocol (HTTP) is an + application-level protocol for distributed, collaborative, + hypermedia information systems. This documents HTTP/1.1.</dd> + + <dt><a href="http://www.rfc-editor.org/rfc/rfc2396.txt">RFC 2396</a> + (Standards Track)</dt> + + <dd>A Uniform Resource Identifier (URI) is a compact string of + characters for identifying an abstract or physical resource.</dd> + </dl> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="html_recommendations" id="html_recommendations">HTML Recommendations</a></h2> + + <p>Regarding the Hypertext Markup Language, Apache complies with + the following IETF and W3C recommendations:</p> + + <dl> + <dt><a href="http://www.rfc-editor.org/rfc/rfc2854.txt">RFC 2854</a> + (Informational)</dt> + + <dd>This document summarizes the history of HTML development, + and defines the "text/html" MIME type by pointing to the relevant + W3C recommendations.</dd> + + <dt><a href="http://www.w3.org/TR/html401">HTML 4.01 Specification</a> + (<a href="http://www.w3.org/MarkUp/html4-updates/errata">Errata</a>) + </dt> + + <dd>This specification defines the HyperText Markup Language (HTML), + the publishing language of the World Wide Web. This specification + defines HTML 4.01, which is a subversion of HTML 4.</dd> + + <dt><a href="http://www.w3.org/TR/REC-html32">HTML 3.2 Reference + Specification</a></dt> + + <dd>The HyperText Markup Language (HTML) is a simple markup language + used to create hypertext documents that are portable from one + platform to another. HTML documents are SGML documents.</dd> + + <dt><a href="http://www.w3.org/TR/xhtml11/">XHTML 1.1 - + Module-based XHTML</a> + (<a href="http://www.w3.org/2001/04/REC-xhtml-modularization-20010410-errata">Errata</a>) + </dt> + + <dd>This Recommendation defines a new XHTML document type + that is based upon the module framework and modules defined in + Modularization of XHTML.</dd> + + <dt><a href="http://www.w3.org/TR/xhtml1">XHTML 1.0 The + Extensible HyperText Markup Language (Second Edition)</a> + (<a href="http://www.w3.org/2002/08/REC-xhtml1-20020801-errata">Errata</a>) + </dt> + + <dd>This specification defines the Second Edition of XHTML 1.0, + a reformulation of HTML 4 as an XML 1.0 application, and three + DTDs corresponding to the ones defined by HTML 4.</dd> + </dl> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="authentication" id="authentication">Authentication</a></h2> + + <p>Concerning the different methods of authentication, Apache + follows the following IETF recommendations:</p> + + <dl> + <dt><a href="http://www.rfc-editor.org/rfc/rfc2617.txt">RFC 2617</a> + (Draft standard)</dt> + + <dd>"HTTP/1.0", includes the specification for a Basic + Access Authentication scheme.</dd> + + </dl> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="language_country_codes" id="language_country_codes">Language/Country Codes</a></h2> + + <p>The following links document ISO and other language and country + code information:</p> + + <dl> + <dt><a href="http://www.loc.gov/standards/iso639-2/">ISO 639-2</a></dt> + + <dd>ISO 639 provides two sets of language codes, one as a two-letter + code set (639-1) and another as a three-letter code set (this part + of ISO 639) for the representation of names of languages.</dd> + + <dt><a href="http://www.iso.ch/iso/en/prods-services/iso3166ma/02iso-3166-code-lists/index.html"> + ISO 3166-1</a></dt> + + <dd>These pages document the country names (official short names + in English) in alphabetical order as given in ISO 3166-1 and the + corresponding ISO 3166-1-alpha-2 code elements.</dd> + + <dt><a href="http://www.rfc-editor.org/rfc/bcp/bcp47.txt">BCP 47</a> + (Best Current Practice), + <a href="http://www.rfc-editor.org/rfc/rfc3066.txt">RFC 3066</a></dt> + + <dd>This document describes a language tag for use in cases where + it is desired to indicate the language used in an information + object, how to register values for use in this language tag, + and a construct for matching such language tags.</dd> + + <dt><a href="http://www.rfc-editor.org/rfc/rfc3282.txt">RFC 3282</a> + (Standards Track)</dt> + + <dd>This document defines a "Content-language:" header, for use in + cases where one desires to indicate the language of something that + has RFC 822-like headers, like MIME body parts or Web documents, + and an "Accept-Language:" header for use in cases where one wishes + to indicate one's preferences with regard to language.</dd> + </dl> + + </div></div> +<div class="bottomlang"> +<p><span>Available Languages: </span><a href="../en/misc/relevant_standards.html" title="English"> en </a> | +<a href="../ko/misc/relevant_standards.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/relevant_standards.html.ko.euc-kr b/rubbos/app/httpd-2.0.64/docs/manual/misc/relevant_standards.html.ko.euc-kr new file mode 100644 index 00000000..acbccb9d --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/relevant_standards.html.ko.euc-kr @@ -0,0 +1,191 @@ +<?xml version="1.0" encoding="EUC-KR"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="ko" xml:lang="ko"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>���� ǥ�� - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">���</a> | <a href="../mod/directives.html">���þ��</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">���</a> | <a href="../sitemap.html">����Ʈ��</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>���� ǥ��</h1> +<div class="toplang"> +<p><span>������ ���: </span><a href="../en/misc/relevant_standards.html" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../ko/misc/relevant_standards.html" title="Korean"> ko </a></p> +</div> + + <p>�� �������� ������ ������ �Բ� ����ġ �������� ������ + ��� ���� ǥ���� �����Ѵ�.</p> + + <p>�Ʒ� ������ ���Ͽ� ���� �ڷᵵ ������� �Ѵ�:</p> + + <ul> + <li> + <a href="http://purl.org/NET/http-errata"> + http://purl.org/NET/http-errata</a> - HTTP/1.1 �Ծ� + ����ǥ + </li> + <li> + <a href="http://www.rfc-editor.org/errata.html"> + http://www.rfc-editor.org/errata.html</a> - RFC ����ǥ + </li> + <li> + <a href="http://ftp.ics.uci.edu/pub/ietf/http/#RFC"> + http://ftp.ics.uci.edu/pub/ietf/http/#RFC</a> - HTTP + ���� RFC ��� + </li> + </ul> + + <div class="warning"><h3>����</h3> + <p>�� ������ ���� �������� �ʴ�.</p> + </div> + + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#http_recommendations">HTTP �ǰ�</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#html_recommendations">HTML �ǰ�</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#authentication">����</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#language_country_codes">���/���� �ڵ�</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="http_recommendations" id="http_recommendations">HTTP �ǰ�</a></h2> + + <p>� ����� �������ϰ� ����ϴ����� ������� �⺻������ + �������� ����ġ�� ���� IETF �ǰ�(recommendation)�� ������:</p> + + <dl> + <dt><a href="http://www.rfc-editor.org/rfc/rfc1945.txt">RFC 1945</a> + (Informational)</dt> + + <dd>�������ؽ�Ʈ ���� �������� (Hypertext Transfer Protocol, + HTTP)�� �л�, ����, �����۸�ü ���� �ý��ۿ� �ʿ��� ������ + ������ ���ø����̼� ����(application-level) ���������̴�. + �� ������ HTTP/1.0�� �����Ѵ�.</dd> + + <dt><a href="http://www.rfc-editor.org/rfc/rfc2616.txt">RFC 2616</a> + (Standards Track)</dt> + + <dd>�������ؽ�Ʈ ���� �������� (Hypertext Transfer Protocol, + HTTP)�� �л�, ����, �����۸�ü ���� �ý����� ���� ���ø����̼� + ���� ���������̴�. �� ������ HTTP/1.1�� �����Ѵ�.</dd> + + <dt><a href="http://www.rfc-editor.org/rfc/rfc2396.txt">RFC 2396</a> + (Standards Track)</dt> + + <dd>ǥ�� �ڿ� �ĺ��� (Uniform Resource Identifier, URI)�� + ���� Ȥ�� ������ �ڿ��� �ĺ��ϱ����� ª�� ���ڿ��̴�.</dd> + </dl> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="html_recommendations" id="html_recommendations">HTML �ǰ�</a></h2> + + <p>�������ؽ�Ʈ ��ũ�� ��� (Hypertext Markup Language, + HTML)�� �����Ͽ� ����ġ�� ���� IETF �ǰ��� W3C �ǰ��� ������:</p> + + <dl> + <dt><a href="http://www.rfc-editor.org/rfc/rfc2854.txt">RFC 2854</a> + (Informational)</dt> + + <dd>�� ������ HTML ���߰����� ����ϰ�, ���� W3C �ǰ��� + ������� "text/html" MIME type�� �����Ѵ�.</dd> + + <dt><a href="http://www.w3.org/TR/html401">HTML 4.01 �Ծ�</a> + (<a href="http://www.w3.org/MarkUp/html4-updates/errata">Errata</a>) + </dt> + + <dd>�� �Ծ��� ������̵����� ���Ǿ���� �������ؽ�Ʈ ��ũ�� + ��� (Hypertext Markup Language, HTML)�� �����Ѵ�. �� + �Ծ��� HTML 4�� ���������� HTML 4.01�� �����Ѵ�.</dd> + + <dt><a href="http://www.w3.org/TR/REC-html32">HTML 3.2 ���� �Ծ�</a></dt> + + <dd>�������ؽ�Ʈ ��ũ�� ��� (Hypertext Markup Language, + HTML)�� �÷����� ������ �������ؽ�Ʈ ������ ���� ������ + ��ũ�� ����̴�. HTML ������ SGML �����̱ �ϴ�.</dd> + + <dt><a href="http://www.w3.org/TR/xhtml11/">XHTML 1.1 - + ����� XHTML</a> + (<a href="http://www.w3.org/2001/04/REC-xhtml-modularization-20010410-errata">����ǥ</a>) + </dt> + + <dd>�� �ǰ��� Modularization of XHTML���� ������ ��� + �÷��ӿ�ũ�� ������ ������� ���ο� XHTML document type�� + �����Ѵ�.</dd> + + <dt><a href="http://www.w3.org/TR/xhtml1">XHTML 1.0 + Ȯ�� �������ؽ�Ʈ ��ũ�� ��� (Extensible HyperText Markup + Language) (Second Edition)</a> + (<a href="http://www.w3.org/2002/08/REC-xhtml1-20020801-errata">����ǥ</a>) + </dt> + + <dd>�� ������ HTML 4�� XML 1.0���� �籸���� XHTML 1.0�� + �ι�° ������ HTML 4�� �ش��ϴ� ������ DTD�� �����Ѵ�.</dd> + </dl> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="authentication" id="authentication">����</a></h2> + + <p>��������� ���� ����ġ�� ���� IETF �ǰ��� ������:</p> + + <dl> + <dt><a href="http://www.rfc-editor.org/rfc/rfc2617.txt">RFC 2617</a> + (Draft standard)</dt> + + <dd>Basic Access Authentication �Ծ��� ������ "HTTP/1.0".</dd> + + </dl> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="language_country_codes" id="language_country_codes">���/���� �ڵ�</a></h2> + + <p>�Ʒ� ��ũ�� ISO�� �ٸ� ���/���� �ڵ� ������ �ִ�:</p> + + <dl> + <dt><a href="http://www.loc.gov/standards/iso639-2/">ISO 639-2</a></dt> + + <dd>ISO 639�� ����� �̸��� ��Ÿ���� �ΰ��� ��� �ڵ带 + �����Ѵ�. �ϳ��� (639-1) �� ���� �ڵ��̰� �ٸ� �ϳ��� + (�� ����) �� ���� �ڵ��̴�.</dd> + + <dt><a href="http://www.iso.ch/iso/en/prods-services/iso3166ma/02iso-3166-code-lists/index.html"> + ISO 3166-1</a></dt> + + <dd>�� ������ ISO 3166-1�� ISO 3166-1-alpha-2 �ڵ忡 ���� + ���ĺ� ������ (����� ª�� �����̸�) �������� �����Ѵ�.</dd> + + <dt><a href="http://www.rfc-editor.org/rfc/bcp/bcp47.txt">BCP 47</a> + (Best Current Practice), + <a href="http://www.rfc-editor.org/rfc/rfc3066.txt">RFC 3066</a></dt> + + <dd>�� ������ ���� ��ü�� ����� �� �˸������� ����� + ��� �±� ��� �±� ����� ���� ����ϴ� ���, ��� + �±� ã�� ����� �����Ѵ�.</dd> + + <dt><a href="http://www.rfc-editor.org/rfc/rfc3282.txt">RFC 3282</a> + (Standards Track)</dt> + + <dd>�� ������ MIME ���� �κа� �� ������ ���� RFC 822�� + ����� �ִ� ������ �� �˸������� "Content-language:" + �����, ��ȣ�ϴ� �� ��Ÿ���� "Accept-Language:" ����� + �����Ѵ�.</dd> + </dl> + + </div></div> +<div class="bottomlang"> +<p><span>������ ���: </span><a href="../en/misc/relevant_standards.html" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../ko/misc/relevant_standards.html" title="Korean"> ko </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">���</a> | <a href="../mod/directives.html">���þ��</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">���</a> | <a href="../sitemap.html">����Ʈ��</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/rewriteguide.html b/rubbos/app/httpd-2.0.64/docs/manual/misc/rewriteguide.html new file mode 100644 index 00000000..e58a64eb --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/rewriteguide.html @@ -0,0 +1,9 @@ +# GENERATED FROM XML -- DO NOT EDIT + +URI: rewriteguide.html.en +Content-Language: en +Content-type: text/html; charset=ISO-8859-1 + +URI: rewriteguide.html.ko.euc-kr +Content-Language: ko +Content-type: text/html; charset=EUC-KR diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/rewriteguide.html.en b/rubbos/app/httpd-2.0.64/docs/manual/misc/rewriteguide.html.en new file mode 100644 index 00000000..733f48bd --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/rewriteguide.html.en @@ -0,0 +1,2110 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>URL Rewriting Guide - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>URL Rewriting Guide</h1> +<div class="toplang"> +<p><span>Available Languages: </span><a href="../en/misc/rewriteguide.html" title="English"> en </a> | +<a href="../ko/misc/rewriteguide.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p> +</div> + + <div class="note"> + <p>Originally written by<br /> + <cite>Ralf S. Engelschall <rse@apache.org></cite><br /> + December 1997</p> + </div> + + <p>This document supplements the <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> + <a href="../mod/mod_rewrite.html">reference documentation</a>. + It describes how one can use Apache's <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> + to solve typical URL-based problems with which webmasters are + commonony confronted. We give detailed descriptions on how to + solve each problem by configuring URL rewriting rulesets.</p> + + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#ToC1">Introduction to <code>mod_rewrite</code></a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#ToC2">Practical Solutions</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#url">URL Layout</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#content">Content Handling</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#access">Access Restriction</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#other">Other</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="ToC1" id="ToC1">Introduction to <code>mod_rewrite</code></a></h2> + + + + <p>The Apache module <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> is a killer + one, i.e. it is a really sophisticated module which provides + a powerful way to do URL manipulations. With it you can do nearly + all types of URL manipulations you ever dreamed about. + The price you have to pay is to accept complexity, because + <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>'s major drawback is that it is + not easy to understand and use for the beginner. And even + Apache experts sometimes discover new aspects where + <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> can help.</p> + + <p>In other words: With <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> you either + shoot yourself in the foot the first time and never use it again + or love it for the rest of your life because of its power. + This paper tries to give you a few initial success events to + avoid the first case by presenting already invented solutions + to you.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="ToC2" id="ToC2">Practical Solutions</a></h2> + + + + <p>Here come a lot of practical solutions I've either invented + myself or collected from other people's solutions in the past. + Feel free to learn the black magic of URL rewriting from + these examples.</p> + + <div class="warning">ATTENTION: Depending on your server-configuration + it can be necessary to slightly change the examples for your + situation, e.g. adding the <code>[PT]</code> flag when + additionally using <code class="module"><a href="../mod/mod_alias.html">mod_alias</a></code> and + <code class="module"><a href="../mod/mod_userdir.html">mod_userdir</a></code>, etc. Or rewriting a ruleset + to fit in <code>.htaccess</code> context instead + of per-server context. Always try to understand what a + particular ruleset really does before you use it. It + avoid problems.</div> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="url" id="url">URL Layout</a></h2> + + + + <h3>Canonical URLs</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>On some webservers there are more than one URL for a + resource. Usually there are canonical URLs (which should be + actually used and distributed) and those which are just + shortcuts, internal ones, etc. Independent of which URL the + user supplied with the request he should finally see the + canonical one only.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We do an external HTTP redirect for all non-canonical + URLs to fix them in the location view of the Browser and + for all subsequent requests. In the example ruleset below + we replace <code>/~user</code> by the canonical + <code>/u/user</code> and fix a missing trailing slash for + <code>/u/user</code>.</p> + +<div class="example"><pre> +RewriteRule ^/<strong>~</strong>([^/]+)/?(.*) /<strong>u</strong>/$1/$2 [<strong>R</strong>] +RewriteRule ^/([uge])/(<strong>[^/]+</strong>)$ /$1/$2<strong>/</strong> [<strong>R</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>Canonical Hostnames</h3> + + + + <dl> + <dt>Description:</dt> + + <dd>The goal of this rule is to force the use of a particular + hostname, in preference to other hostnames which may be used to + reach the same site. For example, if you wish to force the use + of <strong>www.example.com</strong> instead of + <strong>example.com</strong>, you might use a variant of the + following recipe.</dd> + + <dt>Solution:</dt> + + <dd> +<div class="example"><pre> +# For sites running on a port other than 80 +RewriteCond %{HTTP_HOST} !^www\.example\.com [NC] +RewriteCond %{HTTP_HOST} !^$ +RewriteCond %{SERVER_PORT} !^80$ +RewriteRule ^/(.*) http://www.example.com:%{SERVER_PORT}/$1 [L,R] + +# And for a site running on port 80 +RewriteCond %{HTTP_HOST} !^www\.example\.com [NC] +RewriteCond %{HTTP_HOST} !^$ +RewriteRule ^/(.*) http://www.example.com/$1 [L,R] +</pre></div> + </dd> + </dl> + + + + <h3>Moved <code>DocumentRoot</code></h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Usually the <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> + of the webserver directly relates to the URL "<code>/</code>". + But often this data is not really of top-level priority, it is + perhaps just one entity of a lot of data pools. For instance at + our Intranet sites there are <code>/e/www/</code> + (the homepage for WWW), <code>/e/sww/</code> (the homepage for + the Intranet) etc. Now because the data of the <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> stays at <code>/e/www/</code> we had + to make sure that all inlined images and other stuff inside this + data pool work for subsequent requests.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We redirect the URL <code>/</code> to + <code>/e/www/</code>: + </p> + +<div class="example"><pre> +RewriteEngine on +RewriteRule <strong>^/$</strong> /e/www/ [<strong>R</strong>] +</pre></div> + + <p>Note that this can also be handled using the <code class="directive"><a href="../mod/mod_alias.html#redirectmatch">RedirectMatch</a></code> directive:</p> + + <div class="example"><p><code> + RedirectMatch ^/$ http://example.com/e/www/ + </code></p></div> + </dd> + </dl> + + + + <h3>Trailing Slash Problem</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Every webmaster can sing a song about the problem of + the trailing slash on URLs referencing directories. If they + are missing, the server dumps an error, because if you say + <code>/~quux/foo</code> instead of <code>/~quux/foo/</code> + then the server searches for a <em>file</em> named + <code>foo</code>. And because this file is a directory it + complains. Actually it tries to fix it itself in most of + the cases, but sometimes this mechanism need to be emulated + by you. For instance after you have done a lot of + complicated URL rewritings to CGI scripts etc.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>The solution to this subtle problem is to let the server + add the trailing slash automatically. To do this + correctly we have to use an external redirect, so the + browser correctly requests subsequent images etc. If we + only did a internal rewrite, this would only work for the + directory page, but would go wrong when any images are + included into this page with relative URLs, because the + browser would request an in-lined object. For instance, a + request for <code>image.gif</code> in + <code>/~quux/foo/index.html</code> would become + <code>/~quux/image.gif</code> without the external + redirect!</p> + + <p>So, to do this trick we write:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteRule ^foo<strong>$</strong> foo<strong>/</strong> [<strong>R</strong>] +</pre></div> + + <p>The crazy and lazy can even do the following in the + top-level <code>.htaccess</code> file of their homedir. + But notice that this creates some processing + overhead.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteCond %{REQUEST_FILENAME} <strong>-d</strong> +RewriteRule ^(.+<strong>[^/]</strong>)$ $1<strong>/</strong> [R] +</pre></div> + </dd> + </dl> + + + + <h3>Webcluster through Homogeneous URL Layout</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>We want to create a homogeneous and consistent URL + layout over all WWW servers on a Intranet webcluster, i.e. + all URLs (per definition server local and thus server + dependent!) become actually server <em>independent</em>! + What we want is to give the WWW namespace a consistent + server-independent layout: no URL should have to include + any physically correct target server. The cluster itself + should drive us automatically to the physical target + host.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>First, the knowledge of the target servers come from + (distributed) external maps which contain information + where our users, groups and entities stay. The have the + form</p> + +<div class="example"><pre> +user1 server_of_user1 +user2 server_of_user2 +: : +</pre></div> + + <p>We put them into files <code>map.xxx-to-host</code>. + Second we need to instruct all servers to redirect URLs + of the forms</p> + +<div class="example"><pre> +/u/user/anypath +/g/group/anypath +/e/entity/anypath +</pre></div> + + <p>to</p> + +<div class="example"><pre> +http://physical-host/u/user/anypath +http://physical-host/g/group/anypath +http://physical-host/e/entity/anypath +</pre></div> + + <p>when the URL is not locally valid to a server. The + following ruleset does this for us by the help of the map + files (assuming that server0 is a default server which + will be used if a user has no entry in the map):</p> + +<div class="example"><pre> +RewriteEngine on + +RewriteMap user-to-host txt:/path/to/map.user-to-host +RewriteMap group-to-host txt:/path/to/map.group-to-host +RewriteMap entity-to-host txt:/path/to/map.entity-to-host + +RewriteRule ^/u/<strong>([^/]+)</strong>/?(.*) http://<strong>${user-to-host:$1|server0}</strong>/u/$1/$2 +RewriteRule ^/g/<strong>([^/]+)</strong>/?(.*) http://<strong>${group-to-host:$1|server0}</strong>/g/$1/$2 +RewriteRule ^/e/<strong>([^/]+)</strong>/?(.*) http://<strong>${entity-to-host:$1|server0}</strong>/e/$1/$2 + +RewriteRule ^/([uge])/([^/]+)/?$ /$1/$2/.www/ +RewriteRule ^/([uge])/([^/]+)/([^.]+.+) /$1/$2/.www/$3\ +</pre></div> + </dd> + </dl> + + + + <h3>Move Homedirs to Different Webserver</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Many webmasters have asked for a solution to the + following situation: They wanted to redirect just all + homedirs on a webserver to another webserver. They usually + need such things when establishing a newer webserver which + will replace the old one over time.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>The solution is trivial with <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>. + On the old webserver we just redirect all + <code>/~user/anypath</code> URLs to + <code>http://newserver/~user/anypath</code>.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteRule ^/~(.+) http://<strong>newserver</strong>/~$1 [R,L] +</pre></div> + </dd> + </dl> + + + + <h3>Structured Homedirs</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Some sites with thousands of users usually use a + structured homedir layout, i.e. each homedir is in a + subdirectory which begins for instance with the first + character of the username. So, <code>/~foo/anypath</code> + is <code>/home/<strong>f</strong>/foo/.www/anypath</code> + while <code>/~bar/anypath</code> is + <code>/home/<strong>b</strong>/bar/.www/anypath</code>.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We use the following ruleset to expand the tilde URLs + into exactly the above layout.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteRule ^/~(<strong>([a-z])</strong>[a-z0-9]+)(.*) /home/<strong>$2</strong>/$1/.www$3 +</pre></div> + </dd> + </dl> + + + + <h3>Filesystem Reorganization</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>This really is a hardcore example: a killer application + which heavily uses per-directory + <code>RewriteRules</code> to get a smooth look and feel + on the Web while its data structure is never touched or + adjusted. Background: <strong><em>net.sw</em></strong> is + my archive of freely available Unix software packages, + which I started to collect in 1992. It is both my hobby + and job to to this, because while I'm studying computer + science I have also worked for many years as a system and + network administrator in my spare time. Every week I need + some sort of software so I created a deep hierarchy of + directories where I stored the packages:</p> + +<div class="example"><pre> +drwxrwxr-x 2 netsw users 512 Aug 3 18:39 Audio/ +drwxrwxr-x 2 netsw users 512 Jul 9 14:37 Benchmark/ +drwxrwxr-x 12 netsw users 512 Jul 9 00:34 Crypto/ +drwxrwxr-x 5 netsw users 512 Jul 9 00:41 Database/ +drwxrwxr-x 4 netsw users 512 Jul 30 19:25 Dicts/ +drwxrwxr-x 10 netsw users 512 Jul 9 01:54 Graphic/ +drwxrwxr-x 5 netsw users 512 Jul 9 01:58 Hackers/ +drwxrwxr-x 8 netsw users 512 Jul 9 03:19 InfoSys/ +drwxrwxr-x 3 netsw users 512 Jul 9 03:21 Math/ +drwxrwxr-x 3 netsw users 512 Jul 9 03:24 Misc/ +drwxrwxr-x 9 netsw users 512 Aug 1 16:33 Network/ +drwxrwxr-x 2 netsw users 512 Jul 9 05:53 Office/ +drwxrwxr-x 7 netsw users 512 Jul 9 09:24 SoftEng/ +drwxrwxr-x 7 netsw users 512 Jul 9 12:17 System/ +drwxrwxr-x 12 netsw users 512 Aug 3 20:15 Typesetting/ +drwxrwxr-x 10 netsw users 512 Jul 9 14:08 X11/ +</pre></div> + + <p>In July 1996 I decided to make this archive public to + the world via a nice Web interface. "Nice" means that I + wanted to offer an interface where you can browse + directly through the archive hierarchy. And "nice" means + that I didn't wanted to change anything inside this + hierarchy - not even by putting some CGI scripts at the + top of it. Why? Because the above structure should be + later accessible via FTP as well, and I didn't want any + Web or CGI stuff to be there.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>The solution has two parts: The first is a set of CGI + scripts which create all the pages at all directory + levels on-the-fly. I put them under + <code>/e/netsw/.www/</code> as follows:</p> + +<div class="example"><pre> +-rw-r--r-- 1 netsw users 1318 Aug 1 18:10 .wwwacl +drwxr-xr-x 18 netsw users 512 Aug 5 15:51 DATA/ +-rw-rw-rw- 1 netsw users 372982 Aug 5 16:35 LOGFILE +-rw-r--r-- 1 netsw users 659 Aug 4 09:27 TODO +-rw-r--r-- 1 netsw users 5697 Aug 1 18:01 netsw-about.html +-rwxr-xr-x 1 netsw users 579 Aug 2 10:33 netsw-access.pl +-rwxr-xr-x 1 netsw users 1532 Aug 1 17:35 netsw-changes.cgi +-rwxr-xr-x 1 netsw users 2866 Aug 5 14:49 netsw-home.cgi +drwxr-xr-x 2 netsw users 512 Jul 8 23:47 netsw-img/ +-rwxr-xr-x 1 netsw users 24050 Aug 5 15:49 netsw-lsdir.cgi +-rwxr-xr-x 1 netsw users 1589 Aug 3 18:43 netsw-search.cgi +-rwxr-xr-x 1 netsw users 1885 Aug 1 17:41 netsw-tree.cgi +-rw-r--r-- 1 netsw users 234 Jul 30 16:35 netsw-unlimit.lst +</pre></div> + + <p>The <code>DATA/</code> subdirectory holds the above + directory structure, i.e. the real + <strong><em>net.sw</em></strong> stuff and gets + automatically updated via <code>rdist</code> from time to + time. The second part of the problem remains: how to link + these two structures together into one smooth-looking URL + tree? We want to hide the <code>DATA/</code> directory + from the user while running the appropriate CGI scripts + for the various URLs. Here is the solution: first I put + the following into the per-directory configuration file + in the <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> + of the server to rewrite the announced URL + <code>/net.sw/</code> to the internal path + <code>/e/netsw</code>:</p> + +<div class="example"><pre> +RewriteRule ^net.sw$ net.sw/ [R] +RewriteRule ^net.sw/(.*)$ e/netsw/$1 +</pre></div> + + <p>The first rule is for requests which miss the trailing + slash! The second rule does the real thing. And then + comes the killer configuration which stays in the + per-directory config file + <code>/e/netsw/.www/.wwwacl</code>:</p> + +<div class="example"><pre> +Options ExecCGI FollowSymLinks Includes MultiViews + +RewriteEngine on + +# we are reached via /net.sw/ prefix +RewriteBase /net.sw/ + +# first we rewrite the root dir to +# the handling cgi script +RewriteRule ^$ netsw-home.cgi [L] +RewriteRule ^index\.html$ netsw-home.cgi [L] + +# strip out the subdirs when +# the browser requests us from perdir pages +RewriteRule ^.+/(netsw-[^/]+/.+)$ $1 [L] + +# and now break the rewriting for local files +RewriteRule ^netsw-home\.cgi.* - [L] +RewriteRule ^netsw-changes\.cgi.* - [L] +RewriteRule ^netsw-search\.cgi.* - [L] +RewriteRule ^netsw-tree\.cgi$ - [L] +RewriteRule ^netsw-about\.html$ - [L] +RewriteRule ^netsw-img/.*$ - [L] + +# anything else is a subdir which gets handled +# by another cgi script +RewriteRule !^netsw-lsdir\.cgi.* - [C] +RewriteRule (.*) netsw-lsdir.cgi/$1 +</pre></div> + + <p>Some hints for interpretation:</p> + + <ol> + <li>Notice the <code>L</code> (last) flag and no + substitution field ('<code>-</code>') in the forth part</li> + + <li>Notice the <code>!</code> (not) character and + the <code>C</code> (chain) flag at the first rule + in the last part</li> + + <li>Notice the catch-all pattern in the last rule</li> + </ol> + </dd> + </dl> + + + + <h3>NCSA imagemap to Apache <code>mod_imap</code></h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>When switching from the NCSA webserver to the more + modern Apache webserver a lot of people want a smooth + transition. So they want pages which use their old NCSA + <code>imagemap</code> program to work under Apache with the + modern <code class="module"><a href="../mod/mod_imap.html">mod_imap</a></code>. The problem is that there + are a lot of hyperlinks around which reference the + <code>imagemap</code> program via + <code>/cgi-bin/imagemap/path/to/page.map</code>. Under + Apache this has to read just + <code>/path/to/page.map</code>.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We use a global rule to remove the prefix on-the-fly for + all requests:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteRule ^/cgi-bin/imagemap(.*) $1 [PT] +</pre></div> + </dd> + </dl> + + + + <h3>Search pages in more than one directory</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Sometimes it is necessary to let the webserver search + for pages in more than one directory. Here MultiViews or + other techniques cannot help.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We program a explicit ruleset which searches for the + files in the directories.</p> + +<div class="example"><pre> +RewriteEngine on + +# first try to find it in custom/... +# ...and if found stop and be happy: +RewriteCond /your/docroot/<strong>dir1</strong>/%{REQUEST_FILENAME} -f +RewriteRule ^(.+) /your/docroot/<strong>dir1</strong>/$1 [L] + +# second try to find it in pub/... +# ...and if found stop and be happy: +RewriteCond /your/docroot/<strong>dir2</strong>/%{REQUEST_FILENAME} -f +RewriteRule ^(.+) /your/docroot/<strong>dir2</strong>/$1 [L] + +# else go on for other Alias or ScriptAlias directives, +# etc. +RewriteRule ^(.+) - [PT] +</pre></div> + </dd> + </dl> + + + + <h3>Set Environment Variables According To URL Parts</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Perhaps you want to keep status information between + requests and use the URL to encode it. But you don't want + to use a CGI wrapper for all pages just to strip out this + information.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We use a rewrite rule to strip out the status information + and remember it via an environment variable which can be + later dereferenced from within XSSI or CGI. This way a + URL <code>/foo/S=java/bar/</code> gets translated to + <code>/foo/bar/</code> and the environment variable named + <code>STATUS</code> is set to the value "java".</p> + +<div class="example"><pre> +RewriteEngine on +RewriteRule ^(.*)/<strong>S=([^/]+)</strong>/(.*) $1/$3 [E=<strong>STATUS:$2</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>Virtual User Hosts</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Assume that you want to provide + <code>www.<strong>username</strong>.host.domain.com</code> + for the homepage of username via just DNS A records to the + same machine and without any virtualhosts on this + machine.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>For HTTP/1.0 requests there is no solution, but for + HTTP/1.1 requests which contain a Host: HTTP header we + can use the following ruleset to rewrite + <code>http://www.username.host.com/anypath</code> + internally to <code>/home/username/anypath</code>:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteCond %{<strong>HTTP_HOST</strong>} ^www\.<strong>[^.]+</strong>\.host\.com$ +RewriteRule ^(.+) %{HTTP_HOST}$1 [C] +RewriteRule ^www\.<strong>([^.]+)</strong>\.host\.com(.*) /home/<strong>$1</strong>$2 +</pre></div> + </dd> + </dl> + + + + <h3>Redirect Homedirs For Foreigners</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>We want to redirect homedir URLs to another webserver + <code>www.somewhere.com</code> when the requesting user + does not stay in the local domain + <code>ourdomain.com</code>. This is sometimes used in + virtual host contexts.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>Just a rewrite condition:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteCond %{REMOTE_HOST} <strong>!^.+\.ourdomain\.com$</strong> +RewriteRule ^(/~.+) http://www.somewhere.com/$1 [R,L] +</pre></div> + </dd> + </dl> + + + + <h3>Redirect Failing URLs To Other Webserver</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>A typical FAQ about URL rewriting is how to redirect + failing requests on webserver A to webserver B. Usually + this is done via <code class="directive"><a href="../mod/core.html#errordocument">ErrorDocument</a></code> CGI-scripts in Perl, but + there is also a <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> solution. + But notice that this performs more poorly than using an + <code class="directive"><a href="../mod/core.html#errordocument">ErrorDocument</a></code> + CGI-script!</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>The first solution has the best performance but less + flexibility, and is less error safe:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteCond /your/docroot/%{REQUEST_FILENAME} <strong>!-f</strong> +RewriteRule ^(.+) http://<strong>webserverB</strong>.dom/$1 +</pre></div> + + <p>The problem here is that this will only work for pages + inside the <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code>. While you can add more + Conditions (for instance to also handle homedirs, etc.) + there is better variant:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteCond %{REQUEST_URI} <strong>!-U</strong> +RewriteRule ^(.+) http://<strong>webserverB</strong>.dom/$1 +</pre></div> + + <p>This uses the URL look-ahead feature of <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>. + The result is that this will work for all types of URLs + and is a safe way. But it does a performance impact on + the webserver, because for every request there is one + more internal subrequest. So, if your webserver runs on a + powerful CPU, use this one. If it is a slow machine, use + the first approach or better a <code class="directive"><a href="../mod/core.html#errordocument">ErrorDocument</a></code> CGI-script.</p> + </dd> + </dl> + + + + <h3>Extended Redirection</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Sometimes we need more control (concerning the + character escaping mechanism) of URLs on redirects. + Usually the Apache kernels URL escape function also + escapes anchors, i.e. URLs like "<code>url#anchor</code>". + You cannot use this directly on redirects with + <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> because the + <code>uri_escape()</code> function of Apache + would also escape the hash character. + How can we redirect to such a URL?</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We have to use a kludge by the use of a NPH-CGI script + which does the redirect itself. Because here no escaping + is done (NPH=non-parseable headers). First we introduce a + new URL scheme <code>xredirect:</code> by the following + per-server config-line (should be one of the last rewrite + rules):</p> + +<div class="example"><pre> +RewriteRule ^xredirect:(.+) /path/to/nph-xredirect.cgi/$1 \ + [T=application/x-httpd-cgi,L] +</pre></div> + + <p>This forces all URLs prefixed with + <code>xredirect:</code> to be piped through the + <code>nph-xredirect.cgi</code> program. And this program + just looks like:</p> + +<div class="example"><pre> +#!/path/to/perl +## +## nph-xredirect.cgi -- NPH/CGI script for extended redirects +## Copyright (c) 1997 Ralf S. Engelschall, All Rights Reserved. +## + +$| = 1; +$url = $ENV{'PATH_INFO'}; + +print "HTTP/1.0 302 Moved Temporarily\n"; +print "Server: $ENV{'SERVER_SOFTWARE'}\n"; +print "Location: $url\n"; +print "Content-type: text/html\n"; +print "\n"; +print "<html>\n"; +print "<head>\n"; +print "<title>302 Moved Temporarily (EXTENDED)</title>\n"; +print "</head>\n"; +print "<body>\n"; +print "<h1>Moved Temporarily (EXTENDED)</h1>\n"; +print "The document has moved <a HREF=\"$url\">here</a>.<p>\n"; +print "</body>\n"; +print "</html>\n"; + +##EOF## +</pre></div> + + <p>This provides you with the functionality to do + redirects to all URL schemes, i.e. including the one + which are not directly accepted by <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>. + For instance you can now also redirect to + <code>news:newsgroup</code> via</p> + +<div class="example"><pre> +RewriteRule ^anyurl xredirect:news:newsgroup +</pre></div> + + <div class="note">Notice: You have not to put <code>[R]</code> or + <code>[R,L]</code> to the above rule because the + <code>xredirect:</code> need to be expanded later + by our special "pipe through" rule above.</div> + </dd> + </dl> + + + + <h3>Archive Access Multiplexer</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Do you know the great CPAN (Comprehensive Perl Archive + Network) under <a href="http://www.perl.com/CPAN">http://www.perl.com/CPAN</a>? + This does a redirect to one of several FTP servers around + the world which carry a CPAN mirror and is approximately + near the location of the requesting client. Actually this + can be called an FTP access multiplexing service. While + CPAN runs via CGI scripts, how can a similar approach + implemented via <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>?</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>First we notice that from version 3.0.0 + <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> can + also use the "<code>ftp:</code>" scheme on redirects. + And second, the location approximation can be done by a + <code class="directive"><a href="../mod/mod_rewrite.html#rewritemap">RewriteMap</a></code> + over the top-level domain of the client. + With a tricky chained ruleset we can use this top-level + domain as a key to our multiplexing map.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteMap multiplex txt:/path/to/map.cxan +RewriteRule ^/CxAN/(.*) %{REMOTE_HOST}::$1 [C] +RewriteRule ^.+\.<strong>([a-zA-Z]+)</strong>::(.*)$ ${multiplex:<strong>$1</strong>|ftp.default.dom}$2 [R,L] +</pre></div> + +<div class="example"><pre> +## +## map.cxan -- Multiplexing Map for CxAN +## + +de ftp://ftp.cxan.de/CxAN/ +uk ftp://ftp.cxan.uk/CxAN/ +com ftp://ftp.cxan.com/CxAN/ + : +##EOF## +</pre></div> + </dd> + </dl> + + + + <h3>Time-Dependent Rewriting</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>When tricks like time-dependent content should happen a + lot of webmasters still use CGI scripts which do for + instance redirects to specialized pages. How can it be done + via <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>?</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>There are a lot of variables named <code>TIME_xxx</code> + for rewrite conditions. In conjunction with the special + lexicographic comparison patterns <code><STRING</code>, + <code>>STRING</code> and <code>=STRING</code> we can + do time-dependent redirects:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteCond %{TIME_HOUR}%{TIME_MIN} >0700 +RewriteCond %{TIME_HOUR}%{TIME_MIN} <1900 +RewriteRule ^foo\.html$ foo.day.html +RewriteRule ^foo\.html$ foo.night.html +</pre></div> + + <p>This provides the content of <code>foo.day.html</code> + under the URL <code>foo.html</code> from + <code>07:00-19:00</code> and at the remaining time the + contents of <code>foo.night.html</code>. Just a nice + feature for a homepage...</p> + </dd> + </dl> + + + + <h3>Backward Compatibility for YYYY to XXXX migration</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>How can we make URLs backward compatible (still + existing virtually) after migrating <code>document.YYYY</code> + to <code>document.XXXX</code>, e.g. after translating a + bunch of <code>.html</code> files to <code>.phtml</code>?</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We just rewrite the name to its basename and test for + existence of the new extension. If it exists, we take + that name, else we rewrite the URL to its original state.</p> + + +<div class="example"><pre> +# backward compatibility ruleset for +# rewriting document.html to document.phtml +# when and only when document.phtml exists +# but no longer document.html +RewriteEngine on +RewriteBase /~quux/ +# parse out basename, but remember the fact +RewriteRule ^(.*)\.html$ $1 [C,E=WasHTML:yes] +# rewrite to document.phtml if exists +RewriteCond %{REQUEST_FILENAME}.phtml -f +RewriteRule ^(.*)$ $1.phtml [S=1] +# else reverse the previous basename cutout +RewriteCond %{ENV:WasHTML} ^yes$ +RewriteRule ^(.*)$ $1.html +</pre></div> + </dd> + </dl> + + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="content" id="content">Content Handling</a></h2> + + + + <h3>From Old to New (intern)</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Assume we have recently renamed the page + <code>foo.html</code> to <code>bar.html</code> and now want + to provide the old URL for backward compatibility. Actually + we want that users of the old URL even not recognize that + the pages was renamed.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We rewrite the old URL to the new one internally via the + following rule:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteRule ^<strong>foo</strong>\.html$ <strong>bar</strong>.html +</pre></div> + </dd> + </dl> + + + + <h3>From Old to New (extern)</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Assume again that we have recently renamed the page + <code>foo.html</code> to <code>bar.html</code> and now want + to provide the old URL for backward compatibility. But this + time we want that the users of the old URL get hinted to + the new one, i.e. their browsers Location field should + change, too.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We force a HTTP redirect to the new URL which leads to a + change of the browsers and thus the users view:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteRule ^<strong>foo</strong>\.html$ <strong>bar</strong>.html [<strong>R</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>Browser Dependent Content</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>At least for important top-level pages it is sometimes + necessary to provide the optimum of browser dependent + content, i.e. one has to provide a maximum version for the + latest Netscape variants, a minimum version for the Lynx + browsers and a average feature version for all others.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We cannot use content negotiation because the browsers do + not provide their type in that form. Instead we have to + act on the HTTP header "User-Agent". The following condig + does the following: If the HTTP header "User-Agent" + begins with "Mozilla/3", the page <code>foo.html</code> + is rewritten to <code>foo.NS.html</code> and and the + rewriting stops. If the browser is "Lynx" or "Mozilla" of + version 1 or 2 the URL becomes <code>foo.20.html</code>. + All other browsers receive page <code>foo.32.html</code>. + This is done by the following ruleset:</p> + +<div class="example"><pre> +RewriteCond %{HTTP_USER_AGENT} ^<strong>Mozilla/3</strong>.* +RewriteRule ^foo\.html$ foo.<strong>NS</strong>.html [<strong>L</strong>] + +RewriteCond %{HTTP_USER_AGENT} ^<strong>Lynx/</strong>.* [OR] +RewriteCond %{HTTP_USER_AGENT} ^<strong>Mozilla/[12]</strong>.* +RewriteRule ^foo\.html$ foo.<strong>20</strong>.html [<strong>L</strong>] + +RewriteRule ^foo\.html$ foo.<strong>32</strong>.html [<strong>L</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>Dynamic Mirror</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Assume there are nice webpages on remote hosts we want + to bring into our namespace. For FTP servers we would use + the <code>mirror</code> program which actually maintains an + explicit up-to-date copy of the remote data on the local + machine. For a webserver we could use the program + <code>webcopy</code> which acts similar via HTTP. But both + techniques have one major drawback: The local copy is + always just as up-to-date as often we run the program. It + would be much better if the mirror is not a static one we + have to establish explicitly. Instead we want a dynamic + mirror with data which gets updated automatically when + there is need (updated data on the remote host).</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>To provide this feature we map the remote webpage or even + the complete remote webarea to our namespace by the use + of the <dfn>Proxy Throughput</dfn> feature + (flag <code>[P]</code>):</p> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteRule ^<strong>hotsheet/</strong>(.*)$ <strong>http://www.tstimpreso.com/hotsheet/</strong>$1 [<strong>P</strong>] +</pre></div> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteRule ^<strong>usa-news\.html</strong>$ <strong>http://www.quux-corp.com/news/index.html</strong> [<strong>P</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>Reverse Dynamic Mirror</h3> + + + + <dl> + <dt>Description:</dt> + + <dd>...</dd> + + <dt>Solution:</dt> + + <dd> +<div class="example"><pre> +RewriteEngine on +RewriteCond /mirror/of/remotesite/$1 -U +RewriteRule ^http://www\.remotesite\.com/(.*)$ /mirror/of/remotesite/$1 +</pre></div> + </dd> + </dl> + + + + <h3>Retrieve Missing Data from Intranet</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>This is a tricky way of virtually running a corporate + (external) Internet webserver + (<code>www.quux-corp.dom</code>), while actually keeping + and maintaining its data on a (internal) Intranet webserver + (<code>www2.quux-corp.dom</code>) which is protected by a + firewall. The trick is that on the external webserver we + retrieve the requested data on-the-fly from the internal + one.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>First, we have to make sure that our firewall still + protects the internal webserver and that only the + external webserver is allowed to retrieve data from it. + For a packet-filtering firewall we could for instance + configure a firewall ruleset like the following:</p> + +<div class="example"><pre> +<strong>ALLOW</strong> Host www.quux-corp.dom Port >1024 --> Host www2.quux-corp.dom Port <strong>80</strong> +<strong>DENY</strong> Host * Port * --> Host www2.quux-corp.dom Port <strong>80</strong> +</pre></div> + + <p>Just adjust it to your actual configuration syntax. + Now we can establish the <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> + rules which request the missing data in the background + through the proxy throughput feature:</p> + +<div class="example"><pre> +RewriteRule ^/~([^/]+)/?(.*) /home/$1/.www/$2 +RewriteCond %{REQUEST_FILENAME} <strong>!-f</strong> +RewriteCond %{REQUEST_FILENAME} <strong>!-d</strong> +RewriteRule ^/home/([^/]+)/.www/?(.*) http://<strong>www2</strong>.quux-corp.dom/~$1/pub/$2 [<strong>P</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>Load Balancing</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Suppose we want to load balance the traffic to + <code>www.foo.com</code> over <code>www[0-5].foo.com</code> + (a total of 6 servers). How can this be done?</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>There are a lot of possible solutions for this problem. + We will discuss first a commonly known DNS-based variant + and then the special one with <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>:</p> + + <ol> + <li> + <strong>DNS Round-Robin</strong> + + <p>The simplest method for load-balancing is to use + the DNS round-robin feature of <code>BIND</code>. + Here you just configure <code>www[0-9].foo.com</code> + as usual in your DNS with A(address) records, e.g.</p> + +<div class="example"><pre> +www0 IN A 1.2.3.1 +www1 IN A 1.2.3.2 +www2 IN A 1.2.3.3 +www3 IN A 1.2.3.4 +www4 IN A 1.2.3.5 +www5 IN A 1.2.3.6 +</pre></div> + + <p>Then you additionally add the following entry:</p> + +<div class="example"><pre> +www IN CNAME www0.foo.com. + IN CNAME www1.foo.com. + IN CNAME www2.foo.com. + IN CNAME www3.foo.com. + IN CNAME www4.foo.com. + IN CNAME www5.foo.com. + IN CNAME www6.foo.com. +</pre></div> + + <p>Notice that this seems wrong, but is actually an + intended feature of <code>BIND</code> and can be used + in this way. However, now when <code>www.foo.com</code> gets + resolved, <code>BIND</code> gives out <code>www0-www6</code> + - but in a slightly permutated/rotated order every time. + This way the clients are spread over the various + servers. But notice that this not a perfect load + balancing scheme, because DNS resolve information + gets cached by the other nameservers on the net, so + once a client has resolved <code>www.foo.com</code> + to a particular <code>wwwN.foo.com</code>, all + subsequent requests also go to this particular name + <code>wwwN.foo.com</code>. But the final result is + ok, because the total sum of the requests are really + spread over the various webservers.</p> + </li> + + <li> + <strong>DNS Load-Balancing</strong> + + <p>A sophisticated DNS-based method for + load-balancing is to use the program + <code>lbnamed</code> which can be found at <a href="http://www.stanford.edu/~schemers/docs/lbnamed/lbnamed.html"> + http://www.stanford.edu/~schemers/docs/lbnamed/lbnamed.html</a>. + It is a Perl 5 program in conjunction with auxilliary + tools which provides a real load-balancing for + DNS.</p> + </li> + + <li> + <strong>Proxy Throughput Round-Robin</strong> + + <p>In this variant we use <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> + and its proxy throughput feature. First we dedicate + <code>www0.foo.com</code> to be actually + <code>www.foo.com</code> by using a single</p> + +<div class="example"><pre> +www IN CNAME www0.foo.com. +</pre></div> + + <p>entry in the DNS. Then we convert + <code>www0.foo.com</code> to a proxy-only server, + i.e. we configure this machine so all arriving URLs + are just pushed through the internal proxy to one of + the 5 other servers (<code>www1-www5</code>). To + accomplish this we first establish a ruleset which + contacts a load balancing script <code>lb.pl</code> + for all URLs.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteMap lb prg:/path/to/lb.pl +RewriteRule ^/(.+)$ ${lb:$1} [P,L] +</pre></div> + + <p>Then we write <code>lb.pl</code>:</p> + +<div class="example"><pre> +#!/path/to/perl +## +## lb.pl -- load balancing script +## + +$| = 1; + +$name = "www"; # the hostname base +$first = 1; # the first server (not 0 here, because 0 is myself) +$last = 5; # the last server in the round-robin +$domain = "foo.dom"; # the domainname + +$cnt = 0; +while (<STDIN>) { + $cnt = (($cnt+1) % ($last+1-$first)); + $server = sprintf("%s%d.%s", $name, $cnt+$first, $domain); + print "http://$server/$_"; +} + +##EOF## +</pre></div> + + <div class="note">A last notice: Why is this useful? Seems like + <code>www0.foo.com</code> still is overloaded? The + answer is yes, it is overloaded, but with plain proxy + throughput requests, only! All SSI, CGI, ePerl, etc. + processing is completely done on the other machines. + This is the essential point.</div> + </li> + + <li> + <strong>Hardware/TCP Round-Robin</strong> + + <p>There is a hardware solution available, too. Cisco + has a beast called LocalDirector which does a load + balancing at the TCP/IP level. Actually this is some + sort of a circuit level gateway in front of a + webcluster. If you have enough money and really need + a solution with high performance, use this one.</p> + </li> + </ol> + </dd> + </dl> + + + + <h3>New MIME-type, New Service</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>On the net there are a lot of nifty CGI programs. But + their usage is usually boring, so a lot of webmaster + don't use them. Even Apache's Action handler feature for + MIME-types is only appropriate when the CGI programs + don't need special URLs (actually <code>PATH_INFO</code> + and <code>QUERY_STRINGS</code>) as their input. First, + let us configure a new file type with extension + <code>.scgi</code> (for secure CGI) which will be processed + by the popular <code>cgiwrap</code> program. The problem + here is that for instance we use a Homogeneous URL Layout + (see above) a file inside the user homedirs has the URL + <code>/u/user/foo/bar.scgi</code>. But + <code>cgiwrap</code> needs the URL in the form + <code>/~user/foo/bar.scgi/</code>. The following rule + solves the problem:</p> + +<div class="example"><pre> +RewriteRule ^/[uge]/<strong>([^/]+)</strong>/\.www/(.+)\.scgi(.*) ... +... /internal/cgi/user/cgiwrap/~<strong>$1</strong>/$2.scgi$3 [NS,<strong>T=application/x-http-cgi</strong>] +</pre></div> + + <p>Or assume we have some more nifty programs: + <code>wwwlog</code> (which displays the + <code>access.log</code> for a URL subtree and + <code>wwwidx</code> (which runs Glimpse on a URL + subtree). We have to provide the URL area to these + programs so they know on which area they have to act on. + But usually this ugly, because they are all the times + still requested from that areas, i.e. typically we would + run the <code>swwidx</code> program from within + <code>/u/user/foo/</code> via hyperlink to</p> + +<div class="example"><pre> +/internal/cgi/user/swwidx?i=/u/user/foo/ +</pre></div> + + <p>which is ugly. Because we have to hard-code + <strong>both</strong> the location of the area + <strong>and</strong> the location of the CGI inside the + hyperlink. When we have to reorganize the area, we spend a + lot of time changing the various hyperlinks.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>The solution here is to provide a special new URL format + which automatically leads to the proper CGI invocation. + We configure the following:</p> + +<div class="example"><pre> +RewriteRule ^/([uge])/([^/]+)(/?.*)/\* /internal/cgi/user/wwwidx?i=/$1/$2$3/ +RewriteRule ^/([uge])/([^/]+)(/?.*):log /internal/cgi/user/wwwlog?f=/$1/$2$3 +</pre></div> + + <p>Now the hyperlink to search at + <code>/u/user/foo/</code> reads only</p> + +<div class="example"><pre> +HREF="*" +</pre></div> + + <p>which internally gets automatically transformed to</p> + +<div class="example"><pre> +/internal/cgi/user/wwwidx?i=/u/user/foo/ +</pre></div> + + <p>The same approach leads to an invocation for the + access log CGI program when the hyperlink + <code>:log</code> gets used.</p> + </dd> + </dl> + + + + <h3>From Static to Dynamic</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>How can we transform a static page + <code>foo.html</code> into a dynamic variant + <code>foo.cgi</code> in a seamless way, i.e. without notice + by the browser/user.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We just rewrite the URL to the CGI-script and force the + correct MIME-type so it gets really run as a CGI-script. + This way a request to <code>/~quux/foo.html</code> + internally leads to the invocation of + <code>/~quux/foo.cgi</code>.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteRule ^foo\.<strong>html</strong>$ foo.<strong>cgi</strong> [T=<strong>application/x-httpd-cgi</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>On-the-fly Content-Regeneration</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Here comes a really esoteric feature: Dynamically + generated but statically served pages, i.e. pages should be + delivered as pure static pages (read from the filesystem + and just passed through), but they have to be generated + dynamically by the webserver if missing. This way you can + have CGI-generated pages which are statically served unless + one (or a cronjob) removes the static contents. Then the + contents gets refreshed.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + This is done via the following ruleset: + +<div class="example"><pre> +RewriteCond %{REQUEST_FILENAME} <strong>!-s</strong> +RewriteRule ^page\.<strong>html</strong>$ page.<strong>cgi</strong> [T=application/x-httpd-cgi,L] +</pre></div> + + <p>Here a request to <code>page.html</code> leads to a + internal run of a corresponding <code>page.cgi</code> if + <code>page.html</code> is still missing or has filesize + null. The trick here is that <code>page.cgi</code> is a + usual CGI script which (additionally to its <code>STDOUT</code>) + writes its output to the file <code>page.html</code>. + Once it was run, the server sends out the data of + <code>page.html</code>. When the webmaster wants to force + a refresh the contents, he just removes + <code>page.html</code> (usually done by a cronjob).</p> + </dd> + </dl> + + + + <h3>Document With Autorefresh</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Wouldn't it be nice while creating a complex webpage if + the webbrowser would automatically refresh the page every + time we write a new version from within our editor? + Impossible?</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>No! We just combine the MIME multipart feature, the + webserver NPH feature and the URL manipulation power of + <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>. First, we establish a new + URL feature: Adding just <code>:refresh</code> to any + URL causes this to be refreshed every time it gets + updated on the filesystem.</p> + +<div class="example"><pre> +RewriteRule ^(/[uge]/[^/]+/?.*):refresh /internal/cgi/apache/nph-refresh?f=$1 +</pre></div> + + <p>Now when we reference the URL</p> + +<div class="example"><pre> +/u/foo/bar/page.html:refresh +</pre></div> + + <p>this leads to the internal invocation of the URL</p> + +<div class="example"><pre> +/internal/cgi/apache/nph-refresh?f=/u/foo/bar/page.html +</pre></div> + + <p>The only missing part is the NPH-CGI script. Although + one would usually say "left as an exercise to the reader" + ;-) I will provide this, too.</p> + +<div class="example"><pre> +#!/sw/bin/perl +## +## nph-refresh -- NPH/CGI script for auto refreshing pages +## Copyright (c) 1997 Ralf S. Engelschall, All Rights Reserved. +## +$| = 1; + +# split the QUERY_STRING variable +@pairs = split(/&/, $ENV{'QUERY_STRING'}); +foreach $pair (@pairs) { + ($name, $value) = split(/=/, $pair); + $name =~ tr/A-Z/a-z/; + $name = 'QS_' . $name; + $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; + eval "\$$name = \"$value\""; +} +$QS_s = 1 if ($QS_s eq ''); +$QS_n = 3600 if ($QS_n eq ''); +if ($QS_f eq '') { + print "HTTP/1.0 200 OK\n"; + print "Content-type: text/html\n\n"; + print "&lt;b&gt;ERROR&lt;/b&gt;: No file given\n"; + exit(0); +} +if (! -f $QS_f) { + print "HTTP/1.0 200 OK\n"; + print "Content-type: text/html\n\n"; + print "&lt;b&gt;ERROR&lt;/b&gt;: File $QS_f not found\n"; + exit(0); +} + +sub print_http_headers_multipart_begin { + print "HTTP/1.0 200 OK\n"; + $bound = "ThisRandomString12345"; + print "Content-type: multipart/x-mixed-replace;boundary=$bound\n"; + &print_http_headers_multipart_next; +} + +sub print_http_headers_multipart_next { + print "\n--$bound\n"; +} + +sub print_http_headers_multipart_end { + print "\n--$bound--\n"; +} + +sub displayhtml { + local($buffer) = @_; + $len = length($buffer); + print "Content-type: text/html\n"; + print "Content-length: $len\n\n"; + print $buffer; +} + +sub readfile { + local($file) = @_; + local(*FP, $size, $buffer, $bytes); + ($x, $x, $x, $x, $x, $x, $x, $size) = stat($file); + $size = sprintf("%d", $size); + open(FP, "&lt;$file"); + $bytes = sysread(FP, $buffer, $size); + close(FP); + return $buffer; +} + +$buffer = &readfile($QS_f); +&print_http_headers_multipart_begin; +&displayhtml($buffer); + +sub mystat { + local($file) = $_[0]; + local($time); + + ($x, $x, $x, $x, $x, $x, $x, $x, $x, $mtime) = stat($file); + return $mtime; +} + +$mtimeL = &mystat($QS_f); +$mtime = $mtime; +for ($n = 0; $n &lt; $QS_n; $n++) { + while (1) { + $mtime = &mystat($QS_f); + if ($mtime ne $mtimeL) { + $mtimeL = $mtime; + sleep(2); + $buffer = &readfile($QS_f); + &print_http_headers_multipart_next; + &displayhtml($buffer); + sleep(5); + $mtimeL = &mystat($QS_f); + last; + } + sleep($QS_s); + } +} + +&print_http_headers_multipart_end; + +exit(0); + +##EOF## +</pre></div> + </dd> + </dl> + + + + <h3>Mass Virtual Hosting</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>The <code class="directive"><a href="../mod/core.html#virtualhost"><VirtualHost></a></code> feature of Apache is nice + and works great when you just have a few dozens + virtual hosts. But when you are an ISP and have hundreds of + virtual hosts to provide this feature is not the best + choice.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>To provide this feature we map the remote webpage or even + the complete remote webarea to our namespace by the use + of the <dfn>Proxy Throughput</dfn> feature (flag <code>[P]</code>):</p> + +<div class="example"><pre> +## +## vhost.map +## +www.vhost1.dom:80 /path/to/docroot/vhost1 +www.vhost2.dom:80 /path/to/docroot/vhost2 + : +www.vhostN.dom:80 /path/to/docroot/vhostN +</pre></div> + +<div class="example"><pre> +## +## httpd.conf +## + : +# use the canonical hostname on redirects, etc. +UseCanonicalName on + + : +# add the virtual host in front of the CLF-format +CustomLog /path/to/access_log "%{VHOST}e %h %l %u %t \"%r\" %>s %b" + : + +# enable the rewriting engine in the main server +RewriteEngine on + +# define two maps: one for fixing the URL and one which defines +# the available virtual hosts with their corresponding +# DocumentRoot. +RewriteMap lowercase int:tolower +RewriteMap vhost txt:/path/to/vhost.map + +# Now do the actual virtual host mapping +# via a huge and complicated single rule: +# +# 1. make sure we don't map for common locations +RewriteCond %{REQUEST_URI} !^/commonurl1/.* +RewriteCond %{REQUEST_URI} !^/commonurl2/.* + : +RewriteCond %{REQUEST_URI} !^/commonurlN/.* +# +# 2. make sure we have a Host header, because +# currently our approach only supports +# virtual hosting through this header +RewriteCond %{HTTP_HOST} !^$ +# +# 3. lowercase the hostname +RewriteCond ${lowercase:%{HTTP_HOST}|NONE} ^(.+)$ +# +# 4. lookup this hostname in vhost.map and +# remember it only when it is a path +# (and not "NONE" from above) +RewriteCond ${vhost:%1} ^(/.*)$ +# +# 5. finally we can map the URL to its docroot location +# and remember the virtual host for logging puposes +RewriteRule ^/(.*)$ %1/$1 [E=VHOST:${lowercase:%{HTTP_HOST}}] + : +</pre></div> + </dd> + </dl> + + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="access" id="access">Access Restriction</a></h2> + + + + <h3>Blocking of Robots</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>How can we block a really annoying robot from + retrieving pages of a specific webarea? A + <code>/robots.txt</code> file containing entries of the + "Robot Exclusion Protocol" is typically not enough to get + rid of such a robot.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We use a ruleset which forbids the URLs of the webarea + <code>/~quux/foo/arc/</code> (perhaps a very deep + directory indexed area where the robot traversal would + create big server load). We have to make sure that we + forbid access only to the particular robot, i.e. just + forbidding the host where the robot runs is not enough. + This would block users from this host, too. We accomplish + this by also matching the User-Agent HTTP header + information.</p> + +<div class="example"><pre> +RewriteCond %{HTTP_USER_AGENT} ^<strong>NameOfBadRobot</strong>.* +RewriteCond %{REMOTE_ADDR} ^<strong>123\.45\.67\.[8-9]</strong>$ +RewriteRule ^<strong>/~quux/foo/arc/</strong>.+ - [<strong>F</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>Blocked Inline-Images</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Assume we have under <code>http://www.quux-corp.de/~quux/</code> + some pages with inlined GIF graphics. These graphics are + nice, so others directly incorporate them via hyperlinks to + their pages. We don't like this practice because it adds + useless traffic to our server.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>While we cannot 100% protect the images from inclusion, + we can at least restrict the cases where the browser + sends a HTTP Referer header.</p> + +<div class="example"><pre> +RewriteCond %{HTTP_REFERER} <strong>!^$</strong> +RewriteCond %{HTTP_REFERER} !^http://www.quux-corp.de/~quux/.*$ [NC] +RewriteRule <strong>.*\.gif$</strong> - [F] +</pre></div> + +<div class="example"><pre> +RewriteCond %{HTTP_REFERER} !^$ +RewriteCond %{HTTP_REFERER} !.*/foo-with-gif\.html$ +RewriteRule <strong>^inlined-in-foo\.gif$</strong> - [F] +</pre></div> + </dd> + </dl> + + + + <h3>Host Deny</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>How can we forbid a list of externally configured hosts + from using our server?</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>For Apache >= 1.3b6:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteMap hosts-deny txt:/path/to/hosts.deny +RewriteCond ${hosts-deny:%{REMOTE_HOST}|NOT-FOUND} !=NOT-FOUND [OR] +RewriteCond ${hosts-deny:%{REMOTE_ADDR}|NOT-FOUND} !=NOT-FOUND +RewriteRule ^/.* - [F] +</pre></div> + + <p>For Apache <= 1.3b6:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteMap hosts-deny txt:/path/to/hosts.deny +RewriteRule ^/(.*)$ ${hosts-deny:%{REMOTE_HOST}|NOT-FOUND}/$1 +RewriteRule !^NOT-FOUND/.* - [F] +RewriteRule ^NOT-FOUND/(.*)$ ${hosts-deny:%{REMOTE_ADDR}|NOT-FOUND}/$1 +RewriteRule !^NOT-FOUND/.* - [F] +RewriteRule ^NOT-FOUND/(.*)$ /$1 +</pre></div> + +<div class="example"><pre> +## +## hosts.deny +## +## ATTENTION! This is a map, not a list, even when we treat it as such. +## mod_rewrite parses it for key/value pairs, so at least a +## dummy value "-" must be present for each entry. +## + +193.102.180.41 - +bsdti1.sdm.de - +192.76.162.40 - +</pre></div> + </dd> + </dl> + + + + <h3>Proxy Deny</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>How can we forbid a certain host or even a user of a + special host from using the Apache proxy?</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We first have to make sure <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> + is below(!) <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> in the Configuration + file when compiling the Apache webserver. This way it gets + called <em>before</em> <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code>. Then we + configure the following for a host-dependent deny...</p> + +<div class="example"><pre> +RewriteCond %{REMOTE_HOST} <strong>^badhost\.mydomain\.com$</strong> +RewriteRule !^http://[^/.]\.mydomain.com.* - [F] +</pre></div> + + <p>...and this one for a user@host-dependent deny:</p> + +<div class="example"><pre> +RewriteCond %{REMOTE_IDENT}@%{REMOTE_HOST} <strong>^badguy@badhost\.mydomain\.com$</strong> +RewriteRule !^http://[^/.]\.mydomain.com.* - [F] +</pre></div> + </dd> + </dl> + + + + <h3>Special Authentication Variant</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Sometimes a very special authentication is needed, for + instance a authentication which checks for a set of + explicitly configured users. Only these should receive + access and without explicit prompting (which would occur + when using the Basic Auth via <code class="module"><a href="../mod/mod_auth.html">mod_auth</a></code>).</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We use a list of rewrite conditions to exclude all except + our friends:</p> + +<div class="example"><pre> +RewriteCond %{REMOTE_IDENT}@%{REMOTE_HOST} <strong>!^friend1@client1.quux-corp\.com$</strong> +RewriteCond %{REMOTE_IDENT}@%{REMOTE_HOST} <strong>!^friend2</strong>@client2.quux-corp\.com$ +RewriteCond %{REMOTE_IDENT}@%{REMOTE_HOST} <strong>!^friend3</strong>@client3.quux-corp\.com$ +RewriteRule ^/~quux/only-for-friends/ - [F] +</pre></div> + </dd> + </dl> + + + + <h3>Referer-based Deflector</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>How can we program a flexible URL Deflector which acts + on the "Referer" HTTP header and can be configured with as + many referring pages as we like?</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>Use the following really tricky ruleset...</p> + +<div class="example"><pre> +RewriteMap deflector txt:/path/to/deflector.map + +RewriteCond %{HTTP_REFERER} !="" +RewriteCond ${deflector:%{HTTP_REFERER}} ^-$ +RewriteRule ^.* %{HTTP_REFERER} [R,L] + +RewriteCond %{HTTP_REFERER} !="" +RewriteCond ${deflector:%{HTTP_REFERER}|NOT-FOUND} !=NOT-FOUND +RewriteRule ^.* ${deflector:%{HTTP_REFERER}} [R,L] +</pre></div> + + <p>... in conjunction with a corresponding rewrite + map:</p> + +<div class="example"><pre> +## +## deflector.map +## + +http://www.badguys.com/bad/index.html - +http://www.badguys.com/bad/index2.html - +http://www.badguys.com/bad/index3.html http://somewhere.com/ +</pre></div> + + <p>This automatically redirects the request back to the + referring page (when "<code>-</code>" is used as the value + in the map) or to a specific URL (when an URL is specified + in the map as the second argument).</p> + </dd> + </dl> + + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="other" id="other">Other</a></h2> + + + + <h3>External Rewriting Engine</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>A FAQ: How can we solve the FOO/BAR/QUUX/etc. + problem? There seems no solution by the use of + <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>...</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>Use an external <code class="directive"><a href="../mod/mod_rewrite.html#rewritemap">RewriteMap</a></code>, i.e. a program which acts + like a <code class="directive"><a href="../mod/mod_rewrite.html#rewritemap">RewriteMap</a></code>. It is run once on startup of Apache + receives the requested URLs on <code>STDIN</code> and has + to put the resulting (usually rewritten) URL on + <code>STDOUT</code> (same order!).</p> + +<div class="example"><pre> +RewriteEngine on +RewriteMap quux-map <strong>prg:</strong>/path/to/map.quux.pl +RewriteRule ^/~quux/(.*)$ /~quux/<strong>${quux-map:$1}</strong> +</pre></div> + +<div class="example"><pre> +#!/path/to/perl + +# disable buffered I/O which would lead +# to deadloops for the Apache server +$| = 1; + +# read URLs one per line from stdin and +# generate substitution URL on stdout +while (<>) { + s|^foo/|bar/|; + print $_; +} +</pre></div> + + <p>This is a demonstration-only example and just rewrites + all URLs <code>/~quux/foo/...</code> to + <code>/~quux/bar/...</code>. Actually you can program + whatever you like. But notice that while such maps can be + <strong>used</strong> also by an average user, only the + system administrator can <strong>define</strong> it.</p> + </dd> + </dl> + + + + </div></div> +<div class="bottomlang"> +<p><span>Available Languages: </span><a href="../en/misc/rewriteguide.html" title="English"> en </a> | +<a href="../ko/misc/rewriteguide.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/rewriteguide.html.ko.euc-kr b/rubbos/app/httpd-2.0.64/docs/manual/misc/rewriteguide.html.ko.euc-kr new file mode 100644 index 00000000..694b8f01 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/rewriteguide.html.ko.euc-kr @@ -0,0 +1,2013 @@ +<?xml version="1.0" encoding="EUC-KR"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="ko" xml:lang="ko"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>URL ���ۼ� ��ħ�� - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">���</a> | <a href="../mod/directives.html">���þ��</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">���</a> | <a href="../sitemap.html">����Ʈ��</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>URL ���ۼ� ��ħ��</h1> +<div class="toplang"> +<p><span>������ ���: </span><a href="../en/misc/rewriteguide.html" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../ko/misc/rewriteguide.html" title="Korean"> ko </a></p> +</div> +<div class="outofdate">�� ������ �ֽ��� ������ �ƴմϴ�. + �ֱٿ� ����� ������ ���� ������ �����ϼ���.</div> + + <div class="note"> + <p>������<br /> + <cite>Ralf S. Engelschall <rse@apache.org></cite><br /> + 1997�� 12��</p> + </div> + + <p>�� ������ <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> <a href="../mod/mod_rewrite.html">���� ����</a>�� �����Ѵ�. + �� ������ �������ڰ� ���� �۾����� �ε�ġ�ԵǴ� �������� + URL���� ������ �ذ��ϱ����ؼ� ��� ����ġ + <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>�� ����ϴ��� �����Ѵ�. URL + ���ۼ� ��Ģ�� �����Ͽ� ������ �ذ��ϴ� ����� �ڼ��� �����Ѵ�.</p> + + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#ToC1"><code>mod_rewrite</code> �Ұ�</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#ToC2">�ǿ����� �ذ�å</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#url">URL ����</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#content">������ �ٷ��</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#access">���� ����</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#other">��Ÿ</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="ToC1" id="ToC1"><code>mod_rewrite</code> �Ұ�</a></h2> + + + + <p>����ġ <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> ����� �����ϴ�. + ��, URL�� ������ �� �ִ� �����ϰ� �Ƿ� ������ ����̴�. + ����ؿԴ� ���� ��� ������ URL ������ �����ϴ�. ���� + �� �밡�� ����ϱ� �����ϴ�. <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>�� + �ִ� ������ �ʺ��ڰ� �����ϰ� ����ϱ� ���� �ʴٴ� ���̴�. + ������ ����ġ �������� ���� <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>�� + ���ο� �뵵�� �߰��Ѵ�.</p> + + <p>�ٸ� ����: <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>�� ���� ����� + ó���� ���� �� ����� �ٽ� ������� �ʰų�, �����Կ� �ŷ�Ǿ� + ������ �� ���� ����� ���� ���̴�. �� ���� ù��° ��츦 + �������� �̹� �˷��� ��� ������ʸ� �Ұ��Ϸ��� �Ѵ�.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="ToC2" id="ToC2">�ǿ����� �ذ�å</a></h2> + + + + <p>���� ���� ���� ������ų� �ٸ� ������� ���� ���� �ǿ����� + �ذ�å�� ���´�. �������� URL ���ۼ��� �渶���� ������ ���� + �ٶ���.</p> + + <div class="warning">����: ���� ������ ���� ��Ȳ�� �°� + ������ ���� �����ؾ� �� ��찡 �ִ�. ���� ���, �߰��� + <code class="module"><a href="../mod/mod_alias.html">mod_alias</a></code>, <code class="module"><a href="../mod/mod_userdir.html">mod_userdir</a></code> + ���� ����Ѵٸ� <code>[PT]</code> �÷��� �߰��Ѵ�. Ȥ�� + �ּ�������/����ȣ��Ʈ �����Ұ� �ƴ� <code>.htaccess</code> + �����ҿ� �˸°� ��Ģ�� ������ ���� �ִ�. ����ϱ� ���� + �� ��Ģ�� � ����� �ϴ��� �����ϵ��� �ض�. ���� ������ + ���� �� �ִ�.</div> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="url" id="url">URL ����</a></h2> + + + + <h3>������ �Ǵ� URL</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>�� ���ҽ��� ���� ���� URL�� ������ �������� �ִ�. + ���� (���� ����ϰ� �˷����� ��) ������ �Ǵ� URL��, + ���� Ȥ�� ���� �뵵�� URL�� �ִ�. ����ڰ� ��û�� + � URL�� ����ϴ��� ������ �Ǵ� URL���� ������� + �Ѵ�.</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>������ �����ʴ� ��� URL�� �������� �˵��� ��ġ������ + �ܺ� HTTP �����̷����Ѵ�. ���� ��� �Ʒ� ��Ģ�� + <code>/~user</code>�� ������ �Ǵ� <code>/u/user</code>�� + ��ü�ϰ�, <code>/u/user</code> �������� �������� ���ٸ� + �߰��Ѵ�.</p> + +<div class="example"><pre> +RewriteRule ^/<strong>~</strong>([^/]+)/?(.*) /<strong>u</strong>/$1/$2 [<strong>R</strong>] +RewriteRule ^/([uge])/(<strong>[^/]+</strong>)$ /$1/$2<strong>/</strong> [<strong>R</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>������ �Ǵ� ȣ��Ʈ��</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd>�� ��Ģ�� ������ ����Ʈ�� ������ �� �ִ� �ٸ� ȣ��Ʈ�� + ��� Ư�� ȣ��Ʈ���� ����ϵ��� �����Ѵ�. ���� ���, + <strong>example.com</strong> ��� + <strong>www.example.com</strong>�� ����ϵ��� �����ϰ� + �ʹٸ� ������ ���� ��Ģ�� ����� �� �ִ�.</dd> + + <dt>�ذ�å:</dt> + + <dd> +<div class="example"><pre> +# 80���� �ƴ� ��Ʈ���� �����ϴ� ����Ʈ�� +RewriteCond %{HTTP_HOST} !^fully\.qualified\.domain\.name [NC] +RewriteCond %{HTTP_HOST} !^$ +RewriteCond %{SERVER_PORT} !^80$ +RewriteRule ^/(.*) http://fully.qualified.domain.name:%{SERVER_PORT}/$1 [L,R] + +# ����, 80�� ��Ʈ���� �����ϴ� ����Ʈ�� +RewriteCond %{HTTP_HOST} !^fully\.qualified\.domain\.name [NC] +RewriteCond %{HTTP_HOST} !^$ +RewriteRule ^/(.*) http://fully.qualified.domain.name/$1 [L,R] +</pre></div> + </dd> + </dl> + + + + <h3><code>DocumentRoot</code>�� �ű� ���</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>�������� <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code>�� ���� URL + "<code>/</code>"�� ���� �����ִ�. ���� �̰��� ��� + �ڷᰡ ���� �ʰ�, �ڷᰡ �ٸ� ���� ���� ������ִ� + ��찡 �ִ�. ���� ��� ��Ʈ��� ����Ʈ�� (�ܺθ� ���� + Ȩ������) <code>/e/www/</code>�� (��Ʈ����� ���� + Ȩ������) <code>/e/sww/</code>�� �ִٰ� ����. ���� + <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code>�� + <code>/e/www/</code>�̱����, ��û���� �������� + ���Ե� �� ���� �̰����� �����;� �Ѵ�.</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>�츮�� URL <code>/</code>�� <code>/e/www/</code>�� + �����̷��Ǹ� �ϸ� �ȴ�. ����� �������� ������ + <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>�� ����ؼ��� �����ϴ�. + (<code class="module"><a href="../mod/mod_alias.html">mod_alias</a></code> ���� �����ϴ�) URL + <em>Alias</em> ���� �������� ����� <em>�պκ�</em>�� + ã�´�. <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code>�� + ��� URL�� �պκ��̱���� �� ����� ����Ͽ� �����̷����� + �� �� ����. <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>�� ����ϸ� + ��¥ �����ϴ�:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteRule <strong>^/$</strong> /e/www/ [<strong>R</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>������ ������ ����</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>���丮�� ��Ī�ϴ� URL�� ������ ������ ������ + ���ٸ� ��� �������ڴ� ȯȣ�� ���̴�. �������� ���ٸ�, + �� <code>/~quux/foo/</code> ��� <code>/~quux/foo</code>�� + ����ϸ� ������ <code>foo</code>��� <em>����</em>�� + ã����� ������ ���Ѵ�. ������ ���丮�̱���� + �Ƶ����� �ʴ´�. ��κ��� ��� ���� ������ �ڵ����� + URL�� ��ġ����, ���� ���� ����� �� ��찡 �ִ�. ���� + ���, CGI ��ũ��Ʈ ������ ������ URL ���ۼ��� �� �Ŀ� + ���ϴ�.</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>�� �̹��� ������ �ذ����� ������ �ڵ����� ������ + �������� �߰��ϴ� ���̴�. �������� ������ �� ���� + �ùٷ� ��û�� �� �ֵ���, �ܺ� �����̷����� �ؾ� �Ѵ�. + ���� �����̷����� �Ѵٸ� ���丮 ���������� �����Ͽ� + �� �������� ��� URL�� �����ϴ� ���� �������� + ��û�Ҷ� ã�� �� ����. ���� ���, �ܺ� �����̷����� + ������� ������ <code>/~quux/foo/index.html</code>���� + <code>image.gif</code>�� ��û�ϸ� + <code>/~quux/image.gif</code>�� ��û�ϰ� �ȴ�!</p> + + <p>���� �̸� �ذ��ϱ����� ������ ���� �����Ѵ�:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteRule ^foo<strong>$</strong> foo<strong>/</strong> [<strong>R</strong>] +</pre></div> + + <p>Ȩ���丮�� �ֻ��� <code>.htaccess</code> ���Ͽ� + ������ ���� ������ ���� �ִ�. ���� ó���ϴµ� �δ��� + �ȴ�.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteCond %{REQUEST_FILENAME} <strong>-d</strong> +RewriteRule ^(.+<strong>[^/]</strong>)$ $1<strong>/</strong> [R] +</pre></div> + </dd> + </dl> + + + + <h3>�ϰ��� URL ������ ���� ��Ŭ������</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>��Ʈ��� ���������� ��� �������� �����ϰ� �ϰ��� + URL ������ ����� �ʹ�. ��, ��� (���ǻ� ������ ���Ͽ� + ������ ��������!) URL�� ���� <em>����������</em> �����! + �� �̸������� ������������ ������ ������ �ο��ؾ� �Ѵ�: + URL�� ���� ������ ��Ī�ϸ� �ȵȴ�. �������� �ڵ����� + ���� ������ �����Ѵ�.</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>���� �����, ��, ����ü�� ��ġ ������ ������ + (�л��) �ܺθʿ� ���� ���� ������ ���´�. �ܺθ��� + ������ ���� �����̴�</p> + +<div class="example"><pre> +user1 server_of_user1 +user2 server_of_user2 +: : +</pre></div> + + <p>�츮�� �� ������ ���� <code>map.xxx-to-host</code> + ���Ͽ� �����ߴ�. �������� ��� �������� URL�� ������ + ���ٸ� ������ ���� URL��,</p> + +<div class="example"><pre> +/u/user/anypath +/g/group/anypath +/e/entity/anypath +</pre></div> + + <p>������ ���� �����̷����Ѵ�</p> + +<div class="example"><pre> +http://physical-host/u/user/anypath +http://physical-host/g/group/anypath +http://physical-host/e/entity/anypath +</pre></div> + + <p>�Ʒ� ��Ģ�� �������� ����Ͽ� �� �۾��� �Ѵ� (server0�� + �ʿ� ���� ���� ��� ����� �⺻������� �����Ѵ�):</p> + +<div class="example"><pre> +RewriteEngine on + +RewriteMap user-to-host txt:/path/to/map.user-to-host +RewriteMap group-to-host txt:/path/to/map.group-to-host +RewriteMap entity-to-host txt:/path/to/map.entity-to-host + +RewriteRule ^/u/<strong>([^/]+)</strong>/?(.*) http://<strong>${user-to-host:$1|server0}</strong>/u/$1/$2 +RewriteRule ^/g/<strong>([^/]+)</strong>/?(.*) http://<strong>${group-to-host:$1|server0}</strong>/g/$1/$2 +RewriteRule ^/e/<strong>([^/]+)</strong>/?(.*) http://<strong>${entity-to-host:$1|server0}</strong>/e/$1/$2 + +RewriteRule ^/([uge])/([^/]+)/?$ /$1/$2/.www/ +RewriteRule ^/([uge])/([^/]+)/([^.]+.+) /$1/$2/.www/$3\ +</pre></div> + </dd> + </dl> + + + + <h3>Ȩ���丮�� �ٸ� �������� ����</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>���� �������ڴ� �������� ��� Ȩ���丮�� �ٸ� + �������� ������ ��� �ذ�å�� �����. �� ����� + ���� ������ ��ü�� ���ο� ������ �����ϴµ� �ð��� + �ɸ��� ��쿡 �ʿ��ϴ�.</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p><code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>�� ����ϸ� �����ϴ�. + ���� �������� ��� <code>/~user/anypath</code> URL�� + <code>http://newserver/~user/anypath</code>�� + �����̷����ϸ� �ȴ�.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteRule ^/~(.+) http://<strong>newserver</strong>/~$1 [R,L] +</pre></div> + </dd> + </dl> + + + + <h3>Ȩ���丮 ���� �����</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>����ڰ� ��õ���� ����Ʈ�� ���� Ȩ���丮 ������ + �����. ��, ���� ��� �̸��� ����ڸ��� ù��° ������ + �������丮�� Ȩ���丮�� �д�. ����, + <code>/~foo/anypath</code>�� + <code>/home/<strong>f</strong>/foo/.www/anypath</code>�̰�, + <code>/~bar/anypath</code>�� + <code>/home/<strong>b</strong>/bar/.www/anypath</code>�̴�.</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>����ǥ�ð� �ִ� URL�� ���� ���� ������ ��ȯ�ϱ����� + ���� ��Ģ�� ����Ѵ�.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteRule ^/~(<strong>([a-z])</strong>[a-z0-9]+)(.*) /home/<strong>$2</strong>/$1/.www$3 +</pre></div> + </dd> + </dl> + + + + <h3>���Ͻý��� �籸��</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>�� ���� �Ƿ� �ϵ��ھ����̴�: ���丮�� + <code>RewriteRules</code>�� �ſ� ���� ����Ͽ� �ڷ� + ��ü�� �״�� ��ü�� ���� �ڷḦ �ڿ������� ����¡�ϵ��� + �Ѵ�. ���: ���� 1992�� ���� �����Ӱ� ����� �� �ִ� + ���н� ����Ʈ������� <strong><em>net.sw</em></strong>�� + ��Ƶΰ� �־���. �̴� ���� ��ǻ�Ͱ����� �����ϸ鼭 + �����ص��� �����ð��� �ý��� �����ڿ� ��Ʈ�� �����ڸ� + �ؿԱ���� �� ������� ���̴�. ���ָ��� ���� ����Ʈ��� + �߰��� ������ ���丮�� ���� �����Դ�:</p> + +<div class="example"><pre> +drwxrwxr-x 2 netsw users 512 Aug 3 18:39 Audio/ +drwxrwxr-x 2 netsw users 512 Jul 9 14:37 Benchmark/ +drwxrwxr-x 12 netsw users 512 Jul 9 00:34 Crypto/ +drwxrwxr-x 5 netsw users 512 Jul 9 00:41 Database/ +drwxrwxr-x 4 netsw users 512 Jul 30 19:25 Dicts/ +drwxrwxr-x 10 netsw users 512 Jul 9 01:54 Graphic/ +drwxrwxr-x 5 netsw users 512 Jul 9 01:58 Hackers/ +drwxrwxr-x 8 netsw users 512 Jul 9 03:19 InfoSys/ +drwxrwxr-x 3 netsw users 512 Jul 9 03:21 Math/ +drwxrwxr-x 3 netsw users 512 Jul 9 03:24 Misc/ +drwxrwxr-x 9 netsw users 512 Aug 1 16:33 Network/ +drwxrwxr-x 2 netsw users 512 Jul 9 05:53 Office/ +drwxrwxr-x 7 netsw users 512 Jul 9 09:24 SoftEng/ +drwxrwxr-x 7 netsw users 512 Jul 9 12:17 System/ +drwxrwxr-x 12 netsw users 512 Aug 3 20:15 Typesetting/ +drwxrwxr-x 10 netsw users 512 Jul 9 14:08 X11/ +</pre></div> + + <p>1996�� 7�� �� ����Ҹ� ���ִ� �� �������̽��� ���� + ���� �����ϱ�� ������. "���ִ�"�� ����, �ֻ��� + ���丮�� CGI ��ũ��Ʈ�� ���� �ʰ���, ����� ���������� + ���� �������ϱ� �ٶ��ٴ� ���̴�. ��? ����Ҹ� ���߿� + FTP�ε� ������ �� �ֵ��� ���� �����̿������ ���̳� + CGI�� ���õ� ������ ���� �α� �Ⱦ���.</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>�ذ�å�� �� �κ����� ������: ���� ���丮 ���ؿ��� + �ʿ��� ��� �������� �������� ����� CGI ��ũ��Ʈ�� + �ʿ��ϴ�. ���� �� ��ũ��Ʈ���� ������ ���� + <code>/e/netsw/.www/</code>�� �ξ���:</p> + +<div class="example"><pre> +-rw-r--r-- 1 netsw users 1318 Aug 1 18:10 .wwwacl +drwxr-xr-x 18 netsw users 512 Aug 5 15:51 DATA/ +-rw-rw-rw- 1 netsw users 372982 Aug 5 16:35 LOGFILE +-rw-r--r-- 1 netsw users 659 Aug 4 09:27 TODO +-rw-r--r-- 1 netsw users 5697 Aug 1 18:01 netsw-about.html +-rwxr-xr-x 1 netsw users 579 Aug 2 10:33 netsw-access.pl +-rwxr-xr-x 1 netsw users 1532 Aug 1 17:35 netsw-changes.cgi +-rwxr-xr-x 1 netsw users 2866 Aug 5 14:49 netsw-home.cgi +drwxr-xr-x 2 netsw users 512 Jul 8 23:47 netsw-img/ +-rwxr-xr-x 1 netsw users 24050 Aug 5 15:49 netsw-lsdir.cgi +-rwxr-xr-x 1 netsw users 1589 Aug 3 18:43 netsw-search.cgi +-rwxr-xr-x 1 netsw users 1885 Aug 1 17:41 netsw-tree.cgi +-rw-r--r-- 1 netsw users 234 Jul 30 16:35 netsw-unlimit.lst +</pre></div> + + <p><code>DATA/</code> �������丮�� ������ ���� ����Ұ� + �ִ�. ���� <strong><em>net.sw</em></strong>�� ������ ���� + <code>rdist</code>�� ����Ͽ� �ڵ����� �����´�. �ι�° + �κ��� ���Ҵ�: ��� �� �� ������ �ϳ��� �ڿ������� + URL ������ �����ϴ°�? ����ڿ��� <code>DATA/</code> + ���丮�� ���߰�, URL���� ������ CGI ��ũ��Ʈ�� �����ϰ� + �ʹ�. �ذ�å�� ������ ����: ���� ������ <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code>���� ������ + URL <code>/net.sw/</code>�� ���� ��� <code>/e/netsw</code>�� + ���ۼ��ϱ����� ���丮�� �������Ͽ� ������ ���� �����Ѵ�:</p> + +<div class="example"><pre> +RewriteRule ^net.sw$ net.sw/ [R] +RewriteRule ^net.sw/(.*)$ e/netsw/$1 +</pre></div> + + <p>ù��° ��Ģ�� �������� �������� ���� ��û�� ���ؼ� + ����ߴ�! �ι�° ��Ģ�� ���� �۾��� �Ѵ�. ���� ���丮�� + �������� <code>/e/netsw/.www/.wwwacl</code>�� �������� + ������ ���´�:</p> + +<div class="example"><pre> +Options ExecCGI FollowSymLinks Includes MultiViews + +RewriteEngine on + +# �� �κ��� /net.sw/ �� �����Ѵ� +RewriteBase /net.sw/ + +# ���� �ֻ��� ���丮�� +# cgi ��ũ��Ʈ�� ���ۼ��Ѵ� +RewriteRule ^$ netsw-home.cgi [L] +RewriteRule ^index\.html$ netsw-home.cgi [L] + +# �������� ���丮�� �������� ��û�� ��� +# �������丮�� �����Ѵ� +RewriteRule ^.+/(netsw-[^/]+/.+)$ $1 [L] + +# ���� ���ۼ��� ��ģ�� +RewriteRule ^netsw-home\.cgi.* - [L] +RewriteRule ^netsw-changes\.cgi.* - [L] +RewriteRule ^netsw-search\.cgi.* - [L] +RewriteRule ^netsw-tree\.cgi$ - [L] +RewriteRule ^netsw-about\.html$ - [L] +RewriteRule ^netsw-img/.*$ - [L] + +# �ٸ� cgi ��ũ��Ʈ�� ó���� +# �������丮�� ���Ҵ� +RewriteRule !^netsw-lsdir\.cgi.* - [C] +RewriteRule (.*) netsw-lsdir.cgi/$1 +</pre></div> + + <p>�ؼ��� ���� ��Ʈ:</p> + + <ol> + <li>��° �κп��� ��ü �ʵ�('<code>-</code>')�� + ���� <code>L</code> (last) �÷��װ� ������ �ָ��϶�</li> + + <li>������ �κп��� ù��° ��Ģ�� <code>!</code> + (not) ���ڿ� <code>C</code> (chain) �÷��� �ָ��϶�</li> + + <li>������ ��Ģ���� ��Ÿ �ش����� �ʴ� ��� ��츦 + ��Ƴ��� ������ �ָ��϶�</li> + </ol> + </dd> + </dl> + + + + <h3>NCSA imagemap�� ����ġ <code>mod_imap</code>����</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>������� NCSA ���������� �������� ����ġ �������� + �ڿ������� �Űܰ��� �ٶ���. ���� ������ NCSA + <code>imagemap</code> ���α��� ����� �������� �������� + ����ġ <code class="module"><a href="../mod/mod_imap.html">mod_imap</a></code>�� ó���ϱ� �ٶ���. + ������ <code>imagemap</code> ���α��� + <code>/cgi-bin/imagemap/path/to/page.map</code>�� + ���� �����ϴ� �����۸�ũ�� ���ٴ� ���̴�. ����ġ�� + <code>/path/to/page.map</code>�� ���� ��û�� �ƾ� + �Ѵ�.</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>��� ��û���� �պκ��� �������� �����ϴ� ���� ��Ģ�� + ����Ѵ�:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteRule ^/cgi-bin/imagemap(.*) $1 [PT] +</pre></div> + </dd> + </dl> + + + + <h3>���� ���丮���� ������ �˻�</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>���� �������� ���� ���丮���� ������ ã�ƾ� �� + ���� �ִ�. �� ��� MultiViews�� �ٸ� ����� ������ + �ȵȴ�.</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>���� ���丮���� ������ ã�� ��Ģ�� ���� ���α��Ѵ�.</p> + +<div class="example"><pre> +RewriteEngine on + +# ���� custom/���� ã�� �õ��ϰ�... +# ...ã���� ��! +RewriteCond /your/docroot/<strong>dir1</strong>/%{REQUEST_FILENAME} -f +RewriteRule ^(.+) /your/docroot/<strong>dir1</strong>/$1 [L] + +# �ι�°�� pub/���� ã�� �õ��Ѵ�... +# ...ã���� ��! +RewriteCond /your/docroot/<strong>dir2</strong>/%{REQUEST_FILENAME} -f +RewriteRule ^(.+) /your/docroot/<strong>dir2</strong>/$1 [L] + +# ��ã���� �ٸ� Alias�� ScriptAlias ���þ� ������ �����Ѵ�. +RewriteRule ^(.+) - [PT] +</pre></div> + </dd> + </dl> + + + + <h3>URL�� ���� ȯ�溯���� �����Ѵ�</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>��û�鰣�� ���������� �����ϱ����� URL�� ������ + ���ڵ��ϴ� ����� �ִ�. ���� ���� �� ������ �����ϱ����� + ��� �������� CGI wrapper�� ����ϰ� ���� �ʴ�.</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>���ۼ� ��Ģ�� ����Ͽ� ���������� �����ϰ�, ������ + ������ ���߿� XSSI�� CGI���� ����ϱ����� ȯ�溯���� + �����Ѵ�. ���� URL <code>/foo/S=java/bar/</code>�� + <code>/foo/bar/</code>�� ��ȯ�ǰ� <code>STATUS</code>��� + ȯ�溯�� ���� "java"�� �����Ѵ�.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteRule ^(.*)/<strong>S=([^/]+)</strong>/(.*) $1/$3 [E=<strong>STATUS:$2</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>���� ����� ȣ��Ʈ</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>����ȣ��Ʈ�� ������� �ʰ� ���� ��ǻ�ͷ� DNS A + ���ڵ带 �����Ͽ� + <code>www.<strong>username</strong>.host.domain.com</code>�� + ������� Ȩ�������� �����ϰ� �ʹ�.</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>HTTP/1.0 ��û�� ��� ����� ������, Host: HTTP + ����� ������ HTTP/1.1 ��û�� ���� ��Ģ�� ����Ͽ� + ���������� <code>http://www.username.host.com/anypath</code>�� + <code>/home/username/anypath</code>�� ���ۼ��� �� + �ִ�:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteCond %{<strong>HTTP_HOST</strong>} ^www\.<strong>[^.]+</strong>\.host\.com$ +RewriteRule ^(.+) %{HTTP_HOST}$1 [C] +RewriteRule ^www\.<strong>([^.]+)</strong>\.host\.com(.*) /home/<strong>$1</strong>$2 +</pre></div> + </dd> + </dl> + + + + <h3>Ȩ���丮�� �ܺ� ������ �����̷���</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>���� ������ <code>ourdomain.com</code> �ۿ��� ��û�� + ������ Ȩ���丮 URL�� �ٸ� ������ + <code>www.somewhere.com</code>���� ���ٸ������ϱ� + �ٶ���. ���� ����ȣ��Ʈ �����ҿ��� ����Ѵ�.</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>���ۼ� ������ ����ϸ� �ȴ�:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteCond %{REMOTE_HOST} <strong>!^.+\.ourdomain\.com$</strong> +RewriteRule ^(/~.+) http://www.somewhere.com/$1 [R,L] +</pre></div> + </dd> + </dl> + + + + <h3>������ URL�� �ٸ� �������� �����̷���</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>URL ���ۼ��� ���ؼ� ������ A�� �ش� ������ ���� + ��� ������ B�� ��û�� �����̷����ϴ� ����� ���� + �����. ���� Perl�� �ۼ��� <code class="directive"><a href="../mod/core.html#errordocument">ErrorDocument</a></code> CGI ��ũ��Ʈ�� + ���������, <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>�� ����ϴ� + ����� �ִ�. ���� ������ <code class="directive"><a href="../mod/core.html#errordocument">ErrorDocument</a></code> CGI ��ũ��Ʈ���� + �������� �����϶�!</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>ù��° ����� �������� �������� �������� �������� + �ʴ�:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteCond /your/docroot/%{REQUEST_FILENAME} <strong>!-f</strong> +RewriteRule ^(.+) http://<strong>webserverB</strong>.dom/$1 +</pre></div> + + <p>�� ����� ������ <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> �ȿ� �ִ� �������� + �����ϴٴ� ���̴�. (���� ��� Ȩ���丮 ���� ����) + ������ �߰��� �� ������, �� ���� ����� �ִ�:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteCond %{REQUEST_URI} <strong>!-U</strong> +RewriteRule ^(.+) http://<strong>webserverB</strong>.dom/$1 +</pre></div> + + <p><code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>�� URL ��������(look-ahead)�� + ����Ѵ�. ���� ��� URL�� �����ϰ� �����ϴ�. ���� + ��� ��û���� ���� ������û�� �ѹ� �� �ϱ���� ������ + ���ɿ� �ǿ����� �ش�. ���� ������ CPU���� �������� + �����Ѵٸ� ����϶�. ��ǻ�Ͱ� �����ٸ� ù��° ����̳� + �� ���� <code class="directive"><a href="../mod/core.html#errordocument">ErrorDocument</a></code> + CGI ��ũ��Ʈ�� ����϶�.</p> + </dd> + </dl> + + + + <h3>Ȯ�� �����̷���</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>���� �����̷����ϴ� URL�� �� ������ �ʿ䰡 �ִ�. + ����ġ ���� URL escape �Լ��� "<code>url#anchor</code>" + ���� URL�� anchor�� escape�Ѵ�. ����ġ�� + <code>uri_escape()</code> �Լ��� �칰����(#)�� ���� + escape�ϹǷ� ����� �� ����. ���� ��� �̷� URL�� + �����̷����� �� �ֳ�?</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>���� �����̷����ϴ� NPH-CGI ��ũ��Ʈ�� ����� �ذ�å�� + �ʿ��ϴ�. escape�� ���� �ʱ���̴� (NPH=non-parseable + headers). ���� ���� ���������� �Ͽ� (���ۼ� ��Ģ�� + ���κп� ����ؾ� �Ѵ�) ���ο� URL scheme + <code>xredirect:</code>�� �����Ѵ�:</p> + +<div class="example"><pre> +RewriteRule ^xredirect:(.+) /path/to/nph-xredirect.cgi/$1 \ + [T=application/x-httpd-cgi,L] +</pre></div> + + <p>���� <code>xredirect:</code>�� �����ϴ� ��� URL�� + <code>nph-xredirect.cgi</code> ���α��� ���ϰ� �ȴ�. + ���α��� ������ ����:</p> + +<div class="example"><pre> +#!/path/to/perl +## +## nph-xredirect.cgi -- NPH/CGI script for extended redirects +## Copyright (c) 1997 Ralf S. Engelschall, All Rights Reserved. +## + +$| = 1; +$url = $ENV{'PATH_INFO'}; + +print "HTTP/1.0 302 Moved Temporarily\n"; +print "Server: $ENV{'SERVER_SOFTWARE'}\n"; +print "Location: $url\n"; +print "Content-type: text/html\n"; +print "\n"; +print "<html>\n"; +print "<head>\n"; +print "<title>302 Moved Temporarily (EXTENDED)</title>\n"; +print "</head>\n"; +print "<body>\n"; +print "<h1>Moved Temporarily (EXTENDED)</h1>\n"; +print "The document has moved <a HREF=\"$url\">here</a>.<p>\n"; +print "</body>\n"; +print "</html>\n"; + +##EOF## +</pre></div> + + <p>���� <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>�� ���� �������ϴ� + ��� URL scheme���� �����̷����� �� �ִ�. ���� ���, + ������ ���� <code>news:newsgroup</code>���� �����̷����� + �� �ִ�</p> + +<div class="example"><pre> +RewriteRule ^anyurl xredirect:news:newsgroup +</pre></div> + + <div class="note">����: ���� Ư���� "���" ��Ģ�� ����Ͽ� + <code>xredirect:</code>�� �������� Ȯ���ؾ� �ϱ���� + ��Ģ�� <code>[R]</code>�̳� <code>[R,L]</code>�� ����ϸ� + �ȵȴ�.</div> + </dd> + </dl> + + + + <h3>����� ���� �߰�(multiplexer)</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p><a href="http://www.perl.com/CPAN">http://www.perl.com/CPAN</a>�� + �ִ� ����� CPAN (Comprehensive Perl Archive Network)�� + �ƴ°�? �� �ּҴ� ���迡 ����� ���� CPAN �̷� FTP + ������ Ŭ���̾�Ʈ�� ������ �ִ� ������ �����̷����Ѵ�. + �̸� FTP ���� �߰� ����� �Ѵ�. CPAN�� CGI ��ũ��Ʈ�� + ���������, <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>�� ����Ͽ� + ����ϰ� ���� �� ������?</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>���� <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> 3.0.0 �������� + �����̷��ǿ� "<code>ftp:</code>" scheme�� ����� �� + �ִ�. �������� Ŭ���̾�Ʈ�� �ֻ��� �������� <code class="directive"><a href="../mod/mod_rewrite.html#rewritemap">RewriteMap</a></code>�� ���� + ����Ͽ� ��ġ�� ������ �� �ִ�. ������ ���� ��Ģ���� + �ֻ��� �������� �߰���� Ű�� ����Ѵ�.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteMap multiplex txt:/path/to/map.cxan +RewriteRule ^/CxAN/(.*) %{REMOTE_HOST}::$1 [C] +RewriteRule ^.+\.<strong>([a-zA-Z]+)</strong>::(.*)$ ${multiplex:<strong>$1</strong>|ftp.default.dom}$2 [R,L] +</pre></div> + +<div class="example"><pre> +## +## map.cxan -- Multiplexing Map for CxAN +## + +de ftp://ftp.cxan.de/CxAN/ +uk ftp://ftp.cxan.uk/CxAN/ +com ftp://ftp.cxan.com/CxAN/ + : +##EOF## +</pre></div> + </dd> + </dl> + + + + <h3>�ð��� ���� ���ۼ�</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>�ð��� ���� �ٸ� ������ �����ϴ� ��� ���� �������ڴ� + ��� Ư���� �������� �����̷����ϱ����� CGI ��ũ��Ʈ�� + ����Ѵ�. <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>�δ� ��� + �� �� �ִ°�?</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>���ۼ� ���ǿ��� ����� �� �ִ� ���� <code>TIME_xxx</code> + ������ �ִ�. ������ Ư���� �������� �� + <code><STRING</code>, <code>>STRING</code>, + <code>=STRING</code>�� ����Ͽ� �ð��� ���� �����̷����� + �� �ִ�:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteCond %{TIME_HOUR}%{TIME_MIN} >0700 +RewriteCond %{TIME_HOUR}%{TIME_MIN} <1900 +RewriteRule ^foo\.html$ foo.day.html +RewriteRule ^foo\.html$ foo.night.html +</pre></div> + + <p>URL <code>foo.html</code>�� ��û�ϸ� + <code>07:00-19:00</code> ���� <code>foo.day.html</code> + ������ �����ϰ�, ������ �ð� ���� + <code>foo.night.html</code> ������ �����Ѵ�. Ȩ���������� + ����ϱ� ���� ����̴�...</p> + </dd> + </dl> + + + + <h3>YYYY�� XXXX�� ������ ��� ��ȣȯ</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>���� <code>.html</code> ������ <code>.phtml</code>�� + ��ȯ�ϴ� �� <code>document.YYYY</code>�� + <code>document.XXXX</code>�� �������� ��ȣȯ(backward + compatibility) URL�� (���������� �����ϰ�) ���� �� + �ֳ�?</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>�̸��� �⺻�̸����� ���ۼ����� ���ο� Ȯ���ڸ� + ���� ������ �ִ��� �˻��Ѵ�. �ִٸ� �� ���ϸ��� ����ϰ�, + ������ URL�� ���� ���·� ���ۼ��Ѵ�.</p> + + +<div class="example"><pre> +# ����.html �� ���� +# ����.phtml �� �ִ� ��� +# ����.html �� ����.phtml �� +# ���ۼ��ϴ� ��ȣȯ ��Ģ +RewriteEngine on +RewriteBase /~quux/ +# �⺻�̸��� ã��, ã�Ҵٴ� ����� ����Ѵ� +RewriteRule ^(.*)\.html$ $1 [C,E=WasHTML:yes] +# ������ �ִٸ� ����.phtml �� ���ۼ��Ѵ� +RewriteCond %{REQUEST_FILENAME}.phtml -f +RewriteRule ^(.*)$ $1.phtml [S=1] +# �ƴϸ� �տ��� ã�� �⺻�̸��� �ǵ����� +RewriteCond %{ENV:WasHTML} ^yes$ +RewriteRule ^(.*)$ $1.html +</pre></div> + </dd> + </dl> + + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="content" id="content">������ �ٷ��</a></h2> + + + + <h3>���� ���� (���߱�)</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>�ֱ� <code>foo.html</code>�� <code>bar.html</code>�� + �����ϰ� ��ȣȯ���� ���� ���� URL�� ��� �����ϰ� + �ʹٰ� ��������. ����ڴ� ���� URL�� ����Ǿ��ٴ� + ����� ��ġä�� ���Ѵ�.</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>���� ��Ģ���� ���� URL�� ���������� ���ο� URL�� + ���ۼ��Ѵ�:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteRule ^<strong>foo</strong>\.html$ <strong>bar</strong>.html +</pre></div> + </dd> + </dl> + + + + <h3>���� ���� (�˸���)</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>�ٽ� <code>foo.html</code>�� <code>bar.html</code>�� + �����ϰ� ��ȣȯ���� ���� ���� URL�� ��� �����ϰ� + �ʹٰ� ��������. ���� ������ ���� URL�� ����ϸ� + ����ڿ��� ���ο� URL�� ��Ʈ�� �˷��ش�. ��, ������ + �ּ�â�� ���Ѵ�.</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>���ο� URL�� HTTP �����̷����ϴ�. ���� �������� + ���ο� URL�� ���̰� �������� ����ڰ� �˰Եȴ�:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteRule ^<strong>foo</strong>\.html$ <strong>bar</strong>.html [<strong>R</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>�������� ���� ����</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>�ּ��� �߿��� �ֻ��� �������� �������� ����ȭ�� + �������� �����ؾ��� ��찡 �ִ�. ��, �ֽ� Netscape + ���������Դ� �ֻ��� ������, Lynx ���������Դ� + ���� ������, ������ ���������� ������� ������ + �����Ѵ�.</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>�������� ���������� ���� �ڽ��� ������ ���� ������ + �������� �ʱ���� ���������� ����� �� ����. ��� + HTTP "User-Agent" ����� ����Ѵ�. ���� ��Ģ�� HTTP + "User-Agent" ����� "Mozilla/3"���� �����ϸ� + <code>foo.html</code> �������� <code>foo.NS.html</code>�� + ���ۼ��ϰ� ���ۼ��� �ߴ��Ѵ�. �������� "Lynx"�� + "Mozilla" ���� 1 Ȥ�� 2��� URL�� + <code>foo.20.html</code>�� �ȴ�. ������ �������� + <code>foo.32.html</code> �������� �´�. �Ʒ� ��Ģ�� + �� �۾��� �Ѵ�:</p> + +<div class="example"><pre> +RewriteCond %{HTTP_USER_AGENT} ^<strong>Mozilla/3</strong>.* +RewriteRule ^foo\.html$ foo.<strong>NS</strong>.html [<strong>L</strong>] + +RewriteCond %{HTTP_USER_AGENT} ^<strong>Lynx/</strong>.* [OR] +RewriteCond %{HTTP_USER_AGENT} ^<strong>Mozilla/[12]</strong>.* +RewriteRule ^foo\.html$ foo.<strong>20</strong>.html [<strong>L</strong>] + +RewriteRule ^foo\.html$ foo.<strong>32</strong>.html [<strong>L</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>���� �̷�</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>�ܺ� ȣ��Ʈ�� �츮 ����Ʈ�� �������� ���� ���� + ���������� �ִٰ� ��������. FTP ������ ��� ���� �ܺ� + �ڷ��� �ֽź��纻�� �����ϴ� <code>mirror</code> ���α��� + ����� �� �ְ�, ��������� HTTP�� ����� �۾��� �ϴ� + <code>webcopy</code> ���α��� ����� �� �ִ�. ���� + �� ��� ��� ������ �ִ�: ���纻�� ������ ���α��� + �������� ���� �ֽ������� �����ȴ�. ���� �����ؾ��ϴ� + ������ �̷��� �ƴ϶�� ���ڴ�. ��� (�ܺ� ȣ��Ʈ���� + �ڷᰡ ���ŵǸ�) �ʿ��Ҷ� �ڵ����� �ڷḦ �����ϴ� + ���� �̷��� �ʿ��ϴ�.</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>�̸� ���� <dfn>Proxy Throughput</dfn> ����� (�÷��� + <code>[P]</code>) ����Ͽ� �ܺ� �������� Ȥ�� �ܺ� + ������ ��ü�� �츮 �̸��������� �����Ѵ�:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteRule ^<strong>hotsheet/</strong>(.*)$ <strong>http://www.tstimpreso.com/hotsheet/</strong>$1 [<strong>P</strong>] +</pre></div> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteRule ^<strong>usa-news\.html</strong>$ <strong>http://www.quux-corp.com/news/index.html</strong> [<strong>P</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>���� ���̷�</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd>...</dd> + + <dt>�ذ�å:</dt> + + <dd> +<div class="example"><pre> +RewriteEngine on +RewriteCond /mirror/of/remotesite/$1 -U +RewriteRule ^http://www\.remotesite\.com/(.*)$ /mirror/of/remotesite/$1 +</pre></div> + </dd> + </dl> + + + + <h3>���� �ڷḦ ��Ʈ��ݿ��� ��������</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>���� �ڷḦ ��ȭ���� ��ȣ�ϴ� (����) ��Ʈ��� �������� + (<code>www2.quux-corp.dom</code>) �����ϸ鼭, ����� + (�ܺ�) ���ͳ� �������� (<code>www.quux-corp.dom</code>) + �����ϴ� ��ó�� ���̰� �Ѵ�. �ܺ� �������� ��û�� + �ڷḦ ���� ���������� �����´�.</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>���� ��ȭ���� ���� �������� ��ȣ�ϰ� �ܺ� ���������� + ���� ���������� �ڷḦ ���� �� �ְ� �Ѵ�. ������ ���� + ��Ŷ���� ��ȭ���� �����Ѵ�:</p> + +<div class="example"><pre> +<strong>ALLOW</strong> Host www.quux-corp.dom Port >1024 --> Host www2.quux-corp.dom Port <strong>80</strong> +<strong>DENY</strong> Host * Port * --> Host www2.quux-corp.dom Port <strong>80</strong> +</pre></div> + + <p>���� ���������� �˸°� ���Ķ�. ���� �ڷḦ ���������� + proxy throughput ����� ���� ��û�ϴ� + <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> ��Ģ�� �ۼ��Ѵ�:</p> + +<div class="example"><pre> +RewriteRule ^/~([^/]+)/?(.*) /home/$1/.www/$2 +RewriteCond %{REQUEST_FILENAME} <strong>!-f</strong> +RewriteCond %{REQUEST_FILENAME} <strong>!-d</strong> +RewriteRule ^/home/([^/]+)/.www/?(.*) http://<strong>www2</strong>.quux-corp.dom/~$1/pub/$2 [<strong>P</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>�ε�뷱�� (���� �л��ϱ�)</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p><code>www.foo.com</code>�� ��ŷ��� + <code>www[0-5].foo.com</code> (�� ���� 6��)���� �л��ϰ� + �ʹ�. ��� �ϴ°�?</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>�ſ� �پ��� ������� �� ������ �ذ��� �� �ִ�. + ���� DNS�� ����� �� �˷��� ����� �����ϰ�, + <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>�� ����ϴ� ��츦 ���캸��:</p> + + <ol> + <li> + <strong>DNS Round-Robin</strong> + + <p>���� ������ �ε�뷱�� ����� <code>BIND</code>�� + DNS round-robin ����� ����ϴ� ���̴�. ������ + ���� DNS A(address) ���ڵ忡 + <code>www[0-9].foo.com</code>�� �����Ѵ�.</p> + +<div class="example"><pre> +www0 IN A 1.2.3.1 +www1 IN A 1.2.3.2 +www2 IN A 1.2.3.3 +www3 IN A 1.2.3.4 +www4 IN A 1.2.3.5 +www5 IN A 1.2.3.6 +</pre></div> + + <p>���� ���� ���� �߰��Ѵ�:</p> + +<div class="example"><pre> +www IN CNAME www0.foo.com. + IN CNAME www1.foo.com. + IN CNAME www2.foo.com. + IN CNAME www3.foo.com. + IN CNAME www4.foo.com. + IN CNAME www5.foo.com. + IN CNAME www6.foo.com. +</pre></div> + + <p>�߸��� ��ó�� ��������, ������ <code>BIND</code>�� + �ǵ��� ����̴�. ���� <code>www.foo.com</code>�� + ã����, <code>BIND</code>�� �Ź� ������ ���ݾ� + �ٲ㰡�� <code>www0-www6</code>�� ��ȯ�Ѵ�. ���� + Ŭ���̾�Ʈ���� ���� ������ �л��Ѵ�. ���� DNS + �˻� ����� ��Ʈ���� �ٸ� ���Ӽ����� ij���ǿ� + <code>www.foo.com</code>�� ã�� ����� Ư�� + <code>wwwN.foo.com</code>�̸� Ŭ���̾�Ʈ�� ���� + ��û�鵵 ���� <code>wwwN.foo.com</code>���� + ����������� �Ϻ��� �ε�뷱�� ����� �ƴ��� + �����϶�. ���� ũ�� ���� ��û�� ���� �������� + �л�ǹǷ� ȿ���� ����.</p> + </li> + + <li> + <strong>DNS �ε�뷱��</strong> + + <p><a href="http://www.stanford.edu/~schemers/docs/lbnamed/lbnamed.html">http://www.stanford.edu/~schemers/docs/lbnamed/lbnamed.html</a>�� + �ִ� <code>lbnamed</code> ���α��� ����Ͽ� + ������ DNS��� �ε�뷱���� �� �� �ִ�. DNS�� + ���� �ε�뷱���� �ϵ��� ����� ���� ������ Perl + 5 ���α��̴�.</p> + </li> + + <li> + <strong>Proxy Throughput Round-Robin</strong> + + <p>�� ����� <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>�� proxy + throughput ����� ����Ѵ�. ���� DNS�� ���� ���� + ����Ͽ� <code>www0.foo.com</code>�� ���� + <code>www.foo.com</code>�� �����ϰ� �Ѵ�</p> + +<div class="example"><pre> +www IN CNAME www0.foo.com. +</pre></div> + + <p>���� <code>www0.foo.com</code>�� ���Ͻ����� + ������ �����Ѵ�. ��, URL�� ������ ������ ���� + ���Ͻø� ���� �ٸ� 5�� ������ (<code>www1-www5</code>) + �Ѵ�� �����⸸ �Ѵ�. �̸� ���� ���� ��� URL�� + �ε�뷱�� ��ũ��Ʈ <code>lb.pl</code>�� ������ + ��Ģ�� �����.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteMap lb prg:/path/to/lb.pl +RewriteRule ^/(.+)$ ${lb:$1} [P,L] +</pre></div> + + <p><code>lb.pl</code>�� �ۼ��Ѵ�:</p> + +<div class="example"><pre> +#!/path/to/perl +## +## lb.pl -- �ε�뷱�� ��ũ��Ʈ +## + +$| = 1; + +$name = "www"; # �⺻ ȣ��Ʈ�� +$first = 1; # ù��° ���� (�ڽ��� 0�̱� ������, 0�� ������� �ʴ´�) +$last = 5; # round-robin���� ������ ���� +$domain = "foo.dom"; # �����θ� + +$cnt = 0; +while (<STDIN>) { + $cnt = (($cnt+1) % ($last+1-$first)); + $server = sprintf("%s%d.%s", $name, $cnt+$first, $domain); + print "http://$server/$_"; +} + +##EOF## +</pre></div> + + <div class="note">������ ����: �� �� ����� �����Ѱ�? + <code>www0.foo.com</code>�� �δ��� �����ʴ°�? + ����, �δ��� �ȴ�. ���� �ܼ��� proxy throughput + ��û�� �ϱ���� ������! ��� SSI, CGI, ePerl + ���� �������� �ٸ� ������ ó���Ѵ�. �̰��� �ٽ��̴�.</div> + </li> + + <li> + <strong>�ϵ����/TCP Round-Robin</strong> + + <p>�ϵ��� ����� �ذ�å�� �ִ�. Cisco�� TCP/IP + ���ؿ��� �ε�뷱���� �ϴ� LocalDirector��� ������ + �Ǵ�. �����δ� �������� �մܿ� ��ġ�ϴ� ������ + ȸ�μ��� ����Ʈ���̴�. �ڱ��� ����ϰ� ������ + �ذ�å�� �ʿ��ϴٸ� �̰��� ����϶�.</p> + </li> + </ol> + </dd> + </dl> + + + + <h3>���ο� MIME-type, ���ο� ����</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>��Ʈ������ ���� CGI ���α����� ����. ���� ����ϱ� + ���ŷ����� ���� �������ڰ� ������� �ʴ´�. ����ġ�� + MIME-type�� ���� Action �ڵ鷯 ��ɵ� CGI ���α��� + Ư���� URL�� (��Ȯ�� <code>PATH_INFO</code>�� + <code>QUERY_STRINGS</code>) ���α��� �Է����� ������� + ���� ���� �����ϴ�. ����, Ȯ���ڰ� (secure CGI�� �ٿ�) + <code>.scgi</code>�� ������ ������ <code>cgiwrap</code> + ���α����� ó���ϱ����� ���ο� type�� �����Ѵ�. + ������ (������ ��) �ϰ��� URL ������ ����ϴ� ��� + ����� Ȩ���丮�� <code>/u/user/foo/bar.scgi</code>���� + URL�� ���̴�. <code>cgiwrap</code>�� + <code>/~user/foo/bar.scgi/</code> ������ URL�� + ���ϱ���̴�. ���� ��Ģ�� ������ �ذ��Ѵ�:</p> + +<div class="example"><pre> +RewriteRule ^/[uge]/<strong>([^/]+)</strong>/\.www/(.+)\.scgi(.*) ... +... /internal/cgi/user/cgiwrap/~<strong>$1</strong>/$2.scgi$3 [NS,<strong>T=application/x-http-cgi</strong>] +</pre></div> + + <p>���� �ٸ� ���� ���α�, (URL ����Ʈ���� ���� + <code>access.log</code>�� ����ϴ�) <code>wwwlog</code>�� + (URL ����Ʈ���� Glimpse�� �����ϴ�) <code>wwwidx</code>�� + �ִٰ� ��������. �츮�� ���α����� �۾��� ����� + URL ������ �˷���� �Ѵ�. ���� ��û�Ҷ����� �� + ������� �ϱ���� ������� �ʴ�. ��, ���� + <code>/u/user/foo/</code>�� ���� <code>swwidx</code> + ���α��� �����Ѵٸ� ������ ���� ��ũ�� ����Ѵ�</p> + +<div class="example"><pre> +/internal/cgi/user/swwidx?i=/u/user/foo/ +</pre></div> + + <p>������� �ʴ�. ��ũ�� ������ ��ġ<strong>��</strong> + CGI ��ġ�� <strong>���</strong> ����� �ϱ���̴�. + ������ �籸���Ѵٸ� ���� �����۸�ũ�� �����ϴµ� ���� + �ð��� �ɸ� ���̴�.</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>�ذ�å�� �ڵ����� ������ CGI�� �����ϴ� ���ο� + Ư���� URL ������ ����� ���̴�. ������ ���� �����Ѵ�:</p> + +<div class="example"><pre> +RewriteRule ^/([uge])/([^/]+)(/?.*)/\* /internal/cgi/user/wwwidx?i=/$1/$2$3/ +RewriteRule ^/([uge])/([^/]+)(/?.*):log /internal/cgi/user/wwwlog?f=/$1/$2$3 +</pre></div> + + <p>���� <code>/u/user/foo/</code>�� �˻��ϴ� ��ũ�� + ������ ����</p> + +<div class="example"><pre> +HREF="*" +/u/user/foo/* (???) +</pre></div> + + <p>���������� ������ ���� �ڵ���ȯ�ȴ�</p> + +<div class="example"><pre> +/internal/cgi/user/wwwidx?i=/u/user/foo/ +</pre></div> + + <p>���� ������� ��ũ �ڿ� <code>:log</code>�� ����Ͽ� + ���� �α� CGI ���α��� ������ �� �ִ�.</p> + </dd> + </dl> + + + + <h3>�������� ��������</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>��� �������� ����ڰ� �� �ڿ������� ���� + ������ <code>foo.html</code>�� ������ <code>foo.cgi</code>�� + ������ �� �ֳ�.</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>URL�� CGI ��ũ��Ʈ�� ���ۼ��ϰ�, MIME-type�� �����Ͽ� + CGI ��ũ��Ʈ�� �����ϰ� �Ѵ�. ���� + <code>/~quux/foo.html</code>�� ��û�ϸ� ���������� + <code>/~quux/foo.cgi</code>�� �����ϰ� �ȴ�.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteRule ^foo\.<strong>html</strong>$ foo.<strong>cgi</strong> [T=<strong>application/x-httpd-cgi</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>�N ������ �����</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>�� ����� �Ƿ� ����̴�: �������� �������� ����������, + �������� �������� �����Ѵ�. ��, �������� �����ϰ� + (���Ͻý��ۿ��� ���� ������ �״��) ���� �������� + ��������, ���� ��� �������� �������� �����Ѵ�. + ���� ���� (Ȥ�� cron �۾���) ���� �������� �������ʴ� + �� CGI�� ������ �������� �������� �����Ѵ�. �������� + ����� ������ �����Ѵ�.</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + ���� ��Ģ�� ����Ѵ�: + +<div class="example"><pre> +RewriteCond %{REQUEST_FILENAME} <strong>!-s</strong> +RewriteRule ^page\.<strong>html</strong>$ page.<strong>cgi</strong> [T=application/x-httpd-cgi,L] +</pre></div> + + <p>���⼭ <code>page.html</code>�� ��û�Ҷ� + <code>page.html</code>�� ���ų� ����ũ�Ⱑ 0�� ��� + ���������� <code>page.cgi</code>�� �����Ѵ�. ���⼭ + ����� <code>page.cgi</code>�� �Ϲ����� CGI ��ũ��Ʈ�� + ���� <code>STDOUT</code>�� ����ϰ�, �߰��� ����� + <code>page.html</code> ���Ͽ� ���´�. �ѹ� �������� + ������ <code>page.html</code>�� ������ ������. �������ڰ� + ����� ������ �����ϰ� �ʹٸ�, (���� cron �۾���) + <code>page.html</code>�� ����⸸ �ϸ� �ȴ�.</p> + </dd> + </dl> + + + + <h3>�ڵ����� ���� ��ħ�ϴ� ����</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>������ ���������� ���鶧 �����ڰ� ������ ������ + ������ �ڵ����� �������� ���� ��ħ�ϴ� ���������� + ������ �� ������? �Ұ����Ѱ�?</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>�����ϴ�! MIME multipart ��ɰ� ������ NPH ���, + <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>�� URL ���� �ɷ��� �����ϸ� + �ȴ�. ����, ���ο� URL ����� �����: URL�� + <code>:refresh</code>�� �߰��ϱ⸸ �ϸ� ���Ͻý��ۿ��� + ������ ������ ���� ��ħ�Ѵ�.</p> + +<div class="example"><pre> +RewriteRule ^(/[uge]/[^/]+/?.*):refresh /internal/cgi/apache/nph-refresh?f=$1 +</pre></div> + + <p>���� ���� URL�� �����ϸ�</p> + +<div class="example"><pre> +/u/foo/bar/page.html:refresh +</pre></div> + + <p>���� URL�� ���������� �θ���</p> + +<div class="example"><pre> +/internal/cgi/apache/nph-refresh?f=/u/foo/bar/page.html +</pre></div> + + <p>���� NPH-CGI ��ũ��Ʈ�� ���Ҵ�. ���� "���ڿ��� + �������� ���ܵ�"�̶�� �������� ;-) ���� �̰͵� �����Ѵ�.</p> + +<div class="example"><pre> +#!/sw/bin/perl +## +## nph-refresh -- NPH/CGI script for auto refreshing pages +## Copyright (c) 1997 Ralf S. Engelschall, All Rights Reserved. +## +$| = 1; + +# split the QUERY_STRING variable +@pairs = split(/&/, $ENV{'QUERY_STRING'}); +foreach $pair (@pairs) { + ($name, $value) = split(/=/, $pair); + $name =~ tr/A-Z/a-z/; + $name = 'QS_' . $name; + $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; + eval "\$$name = \"$value\""; +} +$QS_s = 1 if ($QS_s eq ''); +$QS_n = 3600 if ($QS_n eq ''); +if ($QS_f eq '') { + print "HTTP/1.0 200 OK\n"; + print "Content-type: text/html\n\n"; + print "&lt;b&gt;ERROR&lt;/b&gt;: No file given\n"; + exit(0); +} +if (! -f $QS_f) { + print "HTTP/1.0 200 OK\n"; + print "Content-type: text/html\n\n"; + print "&lt;b&gt;ERROR&lt;/b&gt;: File $QS_f not found\n"; + exit(0); +} + +sub print_http_headers_multipart_begin { + print "HTTP/1.0 200 OK\n"; + $bound = "ThisRandomString12345"; + print "Content-type: multipart/x-mixed-replace;boundary=$bound\n"; + &print_http_headers_multipart_next; +} + +sub print_http_headers_multipart_next { + print "\n--$bound\n"; +} + +sub print_http_headers_multipart_end { + print "\n--$bound--\n"; +} + +sub displayhtml { + local($buffer) = @_; + $len = length($buffer); + print "Content-type: text/html\n"; + print "Content-length: $len\n\n"; + print $buffer; +} + +sub readfile { + local($file) = @_; + local(*FP, $size, $buffer, $bytes); + ($x, $x, $x, $x, $x, $x, $x, $size) = stat($file); + $size = sprintf("%d", $size); + open(FP, "&lt;$file"); + $bytes = sysread(FP, $buffer, $size); + close(FP); + return $buffer; +} + +$buffer = &readfile($QS_f); +&print_http_headers_multipart_begin; +&displayhtml($buffer); + +sub mystat { + local($file) = $_[0]; + local($time); + + ($x, $x, $x, $x, $x, $x, $x, $x, $x, $mtime) = stat($file); + return $mtime; +} + +$mtimeL = &mystat($QS_f); +$mtime = $mtime; +for ($n = 0; $n &lt; $QS_n; $n++) { + while (1) { + $mtime = &mystat($QS_f); + if ($mtime ne $mtimeL) { + $mtimeL = $mtime; + sleep(2); + $buffer = &readfile($QS_f); + &print_http_headers_multipart_next; + &displayhtml($buffer); + sleep(5); + $mtimeL = &mystat($QS_f); + last; + } + sleep($QS_s); + } +} + +&print_http_headers_multipart_end; + +exit(0); + +##EOF## +</pre></div> + </dd> + </dl> + + + + <h3>�뷮�� ����ȣ��Ʈ</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>����ȣ��Ʈ�� ��� �ִٸ� ����ġ�� <code class="directive"><a href="../mod/core.html#virtualhost"><VirtualHost></a></code> + ����� �� �����Ѵ�. ���� ����ȣ��Ʈ�� ���鰳 �ִ� + ISP��� �� ����� �ּ��� �ƴϴ�.</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>�� ����� �����Ϸ��� <dfn>Proxy Throughput</dfn> + ����� (�÷��� <code>[P]</code>) ����Ͽ� �ܺ� �������� + Ȥ�� ��ü �ܺ� �������� �츮�� �̸������� �����Ѵ�:</p> + +<div class="example"><pre> +## +## vhost.map +## +www.vhost1.dom:80 /path/to/docroot/vhost1 +www.vhost2.dom:80 /path/to/docroot/vhost2 + : +www.vhostN.dom:80 /path/to/docroot/vhostN +</pre></div> + +<div class="example"><pre> +## +## httpd.conf +## + : +# �����̷�Ʈ�Ҷ� ���� ȣ��Ʈ���� ����Ѵ�. +UseCanonicalName on + + : +# ����ȣ��Ʈ�� CLF ���� �տ� �߰��Ѵ� +CustomLog /path/to/access_log "%{VHOST}e %h %l %u %t \"%r\" %>s %b" + : + +# �ּ������� ���ۼ� ������ ����Ѵ� +RewriteEngine on + +# �� ���� �����Ѵ�: �ϳ��� URL�� ��ġ��, +# �ٸ� �ϳ��� ����ȣ��Ʈ�� DocumentRoot�� +# �����Ѵ�. +RewriteMap lowercase int:tolower +RewriteMap vhost txt:/path/to/vhost.map + +# ���� ũ�� ������ ��Ģ �Ѱ��� ����Ͽ� +# ����ȣ��Ʈ�� �����Ѵ�. +# +# 1. ����ȣ��Ʈ���� ���� ����ϴ� ��ġ�� �������� �ʴ´� +RewriteCond %{REQUEST_URI} !^/commonurl1/.* +RewriteCond %{REQUEST_URI} !^/commonurl2/.* + : +RewriteCond %{REQUEST_URI} !^/commonurlN/.* +# +# 2. �츮�� ���� ����ϴ� ����� Host ����� +# ����ȣ��Ʈ�� �����ϹǷ� +# Host ����� �ִ��� Ȯ���Ѵ� +RewriteCond %{HTTP_HOST} !^$ +# +# 3. ȣ��Ʈ���� �ҹ��ڷ� ����� +RewriteCond ${lowercase:%{HTTP_HOST}|NONE} ^(.+)$ +# +# 4. vhost.map���� ȣ��Ʈ���� ã�� +# ����϶��� ����Ѵ� +# (������ "NONE"�� �ƴϴ�) +RewriteCond ${vhost:%1} ^(/.*)$ +# +# 5. ���������� URL�� ���� ��ġ�� �����ϰ� +# �α� ��������� ����ȣ��Ʈ�� ����� �д� +RewriteRule ^/(.*)$ %1/$1 [E=VHOST:${lowercase:%{HTTP_HOST}}] + : +</pre></div> + </dd> + </dl> + + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="access" id="access">���� ����</a></h2> + + + + <h3>�κ� ����</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>��� �ϸ� Ư�� �������� �������� �ܾ������ ������ + �κ��� ���� �� �ֳ�? "Robot Exclusion Protocol" ���� + ������ <code>/robots.txt</code> ������ ���� �̷� �κ��� + ���µ� ������� �ʴ�.</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>(�Ƹ��� ���丮�� ��� �κ��� ���ƴٴϸ� ������ + �δ��� ū ���) ������ <code>/~quux/foo/arc/</code>�� + �ִ� URL���� �ź��ϴ� ��Ģ�� ����Ѵ�. �츮�� Ư�� + �κ��� ������ ���ƾ� �Ѵ�. ��, �κ��� �����ϴ� ȣ��Ʈ�� + ���� �����δ� ������ϸ�, �� ȣ��Ʈ�� ����ڵ� ���ƹ����� + �ȴ�. User-Agent HTTP ��� ������ ���Ѵ�.</p> + +<div class="example"><pre> +RewriteCond %{HTTP_USER_AGENT} ^<strong>NameOfBadRobot</strong>.* +RewriteCond %{REMOTE_ADDR} ^<strong>123\.45\.67\.[8-9]</strong>$ +RewriteRule ^<strong>/~quux/foo/arc/</strong>.+ - [<strong>F</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>�� �۰��� ����</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p><code>http://www.quux-corp.de/~quux/</code>�� �ִ� + ���������� GIF ���� �����Ѵٰ� ��������. �� ���� + ���־, �ٸ� ������� �ڽ��� �������� ���� ��ũ�� + �Ǵ�. ������ ���ʿ��� �δ��� �ǹǷ� ���� �ʹ�.</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>���� 100% ��ȣ�� ���� ������, �ּ��� �������� + HTTP Referer ����� ������ ��� ������ �� �ִ�.</p> + +<div class="example"><pre> +RewriteCond %{HTTP_REFERER} <strong>!^$</strong> +RewriteCond %{HTTP_REFERER} !^http://www.quux-corp.de/~quux/.*$ [NC] +RewriteRule <strong>.*\.gif$</strong> - [F] +</pre></div> + +<div class="example"><pre> +RewriteCond %{HTTP_REFERER} !^$ +RewriteCond %{HTTP_REFERER} !.*/foo-with-gif\.html$ +RewriteRule <strong>^inlined-in-foo\.gif$</strong> - [F] +</pre></div> + </dd> + </dl> + + + + <h3>ȣ��Ʈ �ź�</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>��� �ܺο��� ������ ������ �� ���� ȣ��Ʈ ����� + ������ �� �ֳ�?</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>����ġ >= 1.3b6����:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteMap hosts-deny txt:/path/to/hosts.deny +RewriteCond ${hosts-deny:%{REMOTE_HOST}|NOT-FOUND} !=NOT-FOUND [OR] +RewriteCond ${hosts-deny:%{REMOTE_ADDR}|NOT-FOUND} !=NOT-FOUND +RewriteRule ^/.* - [F] +</pre></div> + + <p>����ġ <= 1.3b6����:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteMap hosts-deny txt:/path/to/hosts.deny +RewriteRule ^/(.*)$ ${hosts-deny:%{REMOTE_HOST}|NOT-FOUND}/$1 +RewriteRule !^NOT-FOUND/.* - [F] +RewriteRule ^NOT-FOUND/(.*)$ ${hosts-deny:%{REMOTE_ADDR}|NOT-FOUND}/$1 +RewriteRule !^NOT-FOUND/.* - [F] +RewriteRule ^NOT-FOUND/(.*)$ /$1 +</pre></div> + +<div class="example"><pre> +## +## hosts.deny +## +## ����! �̰��� ���ó�� �������� ����� �ƴ϶� ���̴�. +## mod_rewrite�� �� ������ Ű/�� ������ �ؼ��ϱ����, +## �� ���� �� �ڸ��� �ּ��� "-"�� �ʿ��ϴ�. +## + +193.102.180.41 - +bsdti1.sdm.de - +192.76.162.40 - +</pre></div> + </dd> + </dl> + + + + <h3>���Ͻ� �ź�</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>��� Ư�� ȣ��Ʈ Ȥ�� Ư�� ȣ��Ʈ�� ����ڰ� + ����ġ ���Ͻø� ����� �� ������ �ϳ�?</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>���� ����ġ �������� �������Ҷ� �������Ͽ��� + <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>�� <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> + �Ʒ���(!) �־�� �Ѵ�. ���� <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>�� + <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> <em>������</em> �Ҹ���. + ���� ������ ���� Ư�� ȣ��Ʈ�� �ź��ϵ��� �����Ѵ�...</p> + +<div class="example"><pre> +RewriteCond %{REMOTE_HOST} <strong>^badhost\.mydomain\.com$</strong> +RewriteRule !^http://[^/.]\.mydomain.com.* - [F] +</pre></div> + + <p>...���� ������ user@host�� ���� �ź��Ѵ�:</p> + +<div class="example"><pre> +RewriteCond %{REMOTE_IDENT}@%{REMOTE_HOST} <strong>^badguy@badhost\.mydomain\.com$</strong> +RewriteRule !^http://[^/.]\.mydomain.com.* - [F] +</pre></div> + </dd> + </dl> + + + + <h3>Ư���� ���� ���</h3> + + + + <dl> + <dt>��Ȱ����:</dt> + + <dd> + <p>���� �ſ� Ư���� ������ �ʿ��� ���� �ִ�. ���� + ���, �̸� �����ص� ��������� �˻��Ѵ�. �̵鿡�Ը� + (<code class="module"><a href="../mod/mod_auth.html">mod_auth</a></code>�� Basic Auth�� ����� + ���� ��) ���ٸ� �������� ������ ����Ѵ�.</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>ģ���� ������ �����ϵ��� ���ۼ� ��Ģ���� ����Ѵ�:</p> + +<div class="example"><pre> +RewriteCond %{REMOTE_IDENT}@%{REMOTE_HOST} <strong>!^friend1@client1.quux-corp\.com$</strong> +RewriteCond %{REMOTE_IDENT}@%{REMOTE_HOST} <strong>!^friend2</strong>@client2.quux-corp\.com$ +RewriteCond %{REMOTE_IDENT}@%{REMOTE_HOST} <strong>!^friend3</strong>@client3.quux-corp\.com$ +RewriteRule ^/~quux/only-for-friends/ - [F] +</pre></div> + </dd> + </dl> + + + + <h3>Referer��� ��ȯ��(deflector)</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>"Referer" HTTP ����� ���� ���ϴ´�� ������������ + ������ �� �ִ� ������ URL ��ȯ�⸦ ���� �� �ִ°�?</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>������ ���� ������ ��Ģ��...</p> + +<div class="example"><pre> +RewriteMap deflector txt:/path/to/deflector.map + +RewriteCond %{HTTP_REFERER} !="" +RewriteCond ${deflector:%{HTTP_REFERER}} ^-$ +RewriteRule ^.* %{HTTP_REFERER} [R,L] + +RewriteCond %{HTTP_REFERER} !="" +RewriteCond ${deflector:%{HTTP_REFERER}|NOT-FOUND} !=NOT-FOUND +RewriteRule ^.* ${deflector:%{HTTP_REFERER}} [R,L] +</pre></div> + + <p>... ���ۼ� �ʰ� ���� ����Ѵ�:</p> + +<div class="example"><pre> +## +## deflector.map +## + +http://www.badguys.com/bad/index.html - +http://www.badguys.com/bad/index2.html - +http://www.badguys.com/bad/index3.html http://somewhere.com/ +</pre></div> + + <p>���� ��û�� �ڵ����� (�ʿ��� ������ "<code>-</code>"�� + ����� ���) ������������ (URL�� �ʿ� �ִ� ��� �ι�° + �ƱԸ�Ʈ��) Ư�� URL�� �����̷����Ѵ�.</p> + </dd> + </dl> + + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="other" id="other">��Ÿ</a></h2> + + + + <h3>�ܺ� ���ۼ� ����</h3> + + + + <dl> + <dt>��Ȳ����:</dt> + + <dd> + <p>FAQ: ��� �̷����� ����� ������ Ǯ �� �ִ°�? + <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>�δ� �ذ�å�� �Ⱥ��δ�...</p> + </dd> + + <dt>�ذ�å:</dt> + + <dd> + <p>�ܺ� <code class="directive"><a href="../mod/mod_rewrite.html#rewritemap">RewriteMap</a></code>�� ����϶�. + ��, ���α��� <code class="directive"><a href="../mod/mod_rewrite.html#rewritemap">RewriteMap</a></code> ������ + �Ѵ�. ���α��� ����ġ�� �����Ҷ� �����Ͽ� + <code>STDIN</code>���� ��û�� URL�� �ް�, (���� ������!) + ��� (���� ���ۼ���) URL�� <code>STDOUT</code>�� ����Ѵ�.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteMap quux-map <strong>prg:</strong>/path/to/map.quux.pl +RewriteRule ^/~quux/(.*)$ /~quux/<strong>${quux-map:$1}</strong> +</pre></div> + +<div class="example"><pre> +#!/path/to/perl + +# ����ġ ������ ������ �ʵ��� +# ����� ���۸� ������� �ʴ´� +$| = 1; + +# stdin���� ���پ� URL�� �а� +# stdout�� ��ȯ�� URL�� ����Ѵ� +while (<>) { + s|^foo/|bar/|; + print $_; +} +</pre></div> + + <p>�����ϱ����� ��� <code>/~quux/foo/...</code> URL�� + <code>/~quux/bar/...</code>�� ���ۼ��ϴ� ��ũ��Ʈ�� + ���� �����. ������ ������� ���α����� �� �ִ�. + ���� �Ϲ� ����ڰ� �̷� ���� <strong>�����</strong> + �� �ִٰ� �ϴ����, ���� �ý��� �����ڸ��� ���� + <strong>�����ؾ�</strong> ���� �����϶�.</p> + </dd> + </dl> + + + + </div></div> +<div class="bottomlang"> +<p><span>������ ���: </span><a href="../en/misc/rewriteguide.html" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../ko/misc/rewriteguide.html" title="Korean"> ko </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">���</a> | <a href="../mod/directives.html">���þ��</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">���</a> | <a href="../sitemap.html">����Ʈ��</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html b/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html new file mode 100644 index 00000000..893872b5 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html @@ -0,0 +1,13 @@ +# GENERATED FROM XML -- DO NOT EDIT + +URI: security_tips.html.en +Content-Language: en +Content-type: text/html; charset=ISO-8859-1 + +URI: security_tips.html.ko.euc-kr +Content-Language: ko +Content-type: text/html; charset=EUC-KR + +URI: security_tips.html.tr.utf8 +Content-Language: tr +Content-type: text/html; charset=UTF-8 diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html.en b/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html.en new file mode 100644 index 00000000..560c8259 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html.en @@ -0,0 +1,354 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>Security Tips - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>Security Tips</h1> +<div class="toplang"> +<p><span>Available Languages: </span><a href="../en/misc/security_tips.html" title="English"> en </a> | +<a href="../ko/misc/security_tips.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> | +<a href="../tr/misc/security_tips.html" hreflang="tr" rel="alternate" title="T�rk�e"> tr </a></p> +</div> + + <p>Some hints and tips on security issues in setting up a web server. + Some of the suggestions will be general, others specific to Apache.</p> + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#uptodate">Keep up to Date</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#serverroot">Permissions on ServerRoot Directories</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#ssi">Server Side Includes</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#cgi">CGI in General</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#nsaliasedcgi">Non Script Aliased CGI</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#saliasedcgi">Script Aliased CGI</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#dynamic">Other sources of dynamic content</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#systemsettings">Protecting System Settings</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#protectserverfiles">Protect Server Files by Default</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#watchyourlogs">Watching Your Logs</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="uptodate" id="uptodate">Keep up to Date</a></h2> + + <p>The Apache HTTP Server has a good record for security and a + developer community highly concerned about security issues. But + it is inevitable that some problems -- small or large -- will be + discovered in software after it is released. For this reason, it + is crucial to keep aware of updates to the software. If you have + obtained your version of the HTTP Server directly from Apache, we + highly recommend you subscribe to the <a href="http://httpd.apache.org/lists.html#http-announce">Apache + HTTP Server Announcements List</a> where you can keep informed of + new releases and security updates. Similar services are available + from most third-party distributors of Apache software.</p> + + <p>Of course, most times that a web server is compromised, it is + not because of problems in the HTTP Server code. Rather, it comes + from problems in add-on code, CGI scripts, or the underlying + Operating System. You must therefore stay aware of problems and + updates with all the software on your system.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="serverroot" id="serverroot">Permissions on ServerRoot Directories</a></h2> + + + + <p>In typical operation, Apache is started by the root user, and it + switches to the user defined by the <code class="directive"><a href="../mod/mpm_common.html#user">User</a></code> directive to serve hits. As is the + case with any command that root executes, you must take care that it is + protected from modification by non-root users. Not only must the files + themselves be writeable only by root, but so must the directories, and + parents of all directories. For example, if you choose to place + ServerRoot in <code>/usr/local/apache</code> then it is suggested that + you create that directory as root, with commands like these:</p> + + <div class="example"><p><code> + mkdir /usr/local/apache <br /> + cd /usr/local/apache <br /> + mkdir bin conf logs <br /> + chown 0 . bin conf logs <br /> + chgrp 0 . bin conf logs <br /> + chmod 755 . bin conf logs + </code></p></div> + + <p>It is assumed that <code>/</code>, <code>/usr</code>, and + <code>/usr/local</code> are only modifiable by root. When you install the + <code class="program"><a href="../programs/httpd.html">httpd</a></code> executable, you should ensure that it is + similarly protected:</p> + + <div class="example"><p><code> + cp httpd /usr/local/apache/bin <br /> + chown 0 /usr/local/apache/bin/httpd <br /> + chgrp 0 /usr/local/apache/bin/httpd <br /> + chmod 511 /usr/local/apache/bin/httpd + </code></p></div> + + <p>You can create an htdocs subdirectory which is modifiable by other + users -- since root never executes any files out of there, and shouldn't + be creating files in there.</p> + + <p>If you allow non-root users to modify any files that root either + executes or writes on then you open your system to root compromises. + For example, someone could replace the <code class="program"><a href="../programs/httpd.html">httpd</a></code> binary so + that the next time you start it, it will execute some arbitrary code. If + the logs directory is writeable (by a non-root user), someone could replace + a log file with a symlink to some other system file, and then root + might overwrite that file with arbitrary data. If the log files + themselves are writeable (by a non-root user), then someone may be + able to overwrite the log itself with bogus data.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="ssi" id="ssi">Server Side Includes</a></h2> + + + + <p>Server Side Includes (SSI) present a server administrator with + several potential security risks.</p> + + <p>The first risk is the increased load on the server. All + SSI-enabled files have to be parsed by Apache, whether or not + there are any SSI directives included within the files. While this + load increase is minor, in a shared server environment it can become + significant.</p> + + <p>SSI files also pose the same risks that are associated with CGI + scripts in general. Using the <code>exec cmd</code> element, SSI-enabled + files can execute any CGI script or program under the permissions of the + user and group Apache runs as, as configured in + <code>httpd.conf</code>.</p> + + <p>There are ways to enhance the security of SSI files while still + taking advantage of the benefits they provide.</p> + + <p>To isolate the damage a wayward SSI file can cause, a server + administrator can enable <a href="../suexec.html">suexec</a> as + described in the <a href="#cgi">CGI in General</a> section.</p> + + <p>Enabling SSI for files with <code>.html</code> or <code>.htm</code> + extensions can be dangerous. This is especially true in a shared, or high + traffic, server environment. SSI-enabled files should have a separate + extension, such as the conventional <code>.shtml</code>. This helps keep + server load at a minimum and allows for easier management of risk.</p> + + <p>Another solution is to disable the ability to run scripts and + programs from SSI pages. To do this replace <code>Includes</code> + with <code>IncludesNOEXEC</code> in the <code class="directive"><a href="../mod/core.html#options">Options</a></code> directive. Note that users may + still use <code><--#include virtual="..." --></code> to execute CGI + scripts if these scripts are in directories designated by a <code class="directive"><a href="../mod/mod_alias.html#scriptalias">ScriptAlias</a></code> directive.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="cgi" id="cgi">CGI in General</a></h2> + + + + <p>First of all, you always have to remember that you must trust the + writers of the CGI scripts/programs or your ability to spot potential + security holes in CGI, whether they were deliberate or accidental. CGI + scripts can run essentially arbitrary commands on your system with the + permissions of the web server user and can therefore be extremely + dangerous if they are not carefully checked.</p> + + <p>All the CGI scripts will run as the same user, so they have potential + to conflict (accidentally or deliberately) with other scripts e.g. User + A hates User B, so he writes a script to trash User B's CGI database. One + program which can be used to allow scripts to run as different users is + <a href="../suexec.html">suEXEC</a> which is included with Apache as of + 1.2 and is called from special hooks in the Apache server code. Another + popular way of doing this is with + <a href="http://cgiwrap.unixtools.org/">CGIWrap</a>.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="nsaliasedcgi" id="nsaliasedcgi">Non Script Aliased CGI</a></h2> + + + + <p>Allowing users to execute CGI scripts in any directory should only be + considered if:</p> + + <ul> + <li>You trust your users not to write scripts which will deliberately + or accidentally expose your system to an attack.</li> + <li>You consider security at your site to be so feeble in other areas, + as to make one more potential hole irrelevant.</li> + <li>You have no users, and nobody ever visits your server.</li> + </ul> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="saliasedcgi" id="saliasedcgi">Script Aliased CGI</a></h2> + + + + <p>Limiting CGI to special directories gives the admin control over what + goes into those directories. This is inevitably more secure than non + script aliased CGI, but only if users with write access to the + directories are trusted or the admin is willing to test each + new CGI script/program for potential security holes.</p> + + <p>Most sites choose this option over the non script aliased CGI + approach.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="dynamic" id="dynamic">Other sources of dynamic content</a></h2> + + + + <p>Embedded scripting options which run as part of the server itself, + such as <code>mod_php</code>, <code>mod_perl</code>, <code>mod_tcl</code>, + and <code>mod_python</code>, run under the identity of the server itself + (see the <code class="directive"><a href="../mod/mpm_common.html#user">User</a></code> directive), and + therefore scripts executed by these engines potentially can access + anything the server user can. Some scripting engines may provide + restrictions, but it is better to be safe and assume not.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="systemsettings" id="systemsettings">Protecting System Settings</a></h2> + + + + <p>To run a really tight ship, you'll want to stop users from setting + up <code>.htaccess</code> files which can override security features + you've configured. Here's one way to do it.</p> + + <p>In the server configuration file, put</p> + + <div class="example"><p><code> + <Directory /> <br /> + AllowOverride None <br /> + </Directory> + </code></p></div> + + <p>This prevents the use of <code>.htaccess</code> files in all + directories apart from those specifically enabled.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="protectserverfiles" id="protectserverfiles">Protect Server Files by Default</a></h2> + + + + <p>One aspect of Apache which is occasionally misunderstood is the + feature of default access. That is, unless you take steps to change it, + if the server can find its way to a file through normal URL mapping + rules, it can serve it to clients.</p> + + <p>For instance, consider the following example:</p> + + <div class="example"><p><code> + # cd /; ln -s / public_html <br /> + Accessing <code>http://localhost/~root/</code> + </code></p></div> + + <p>This would allow clients to walk through the entire filesystem. To + work around this, add the following block to your server's + configuration:</p> + + <div class="example"><p><code> + <Directory /> <br /> + Order Deny,Allow <br /> + Deny from all <br /> + </Directory> + </code></p></div> + + <p>This will forbid default access to filesystem locations. Add + appropriate <code class="directive"><a href="../mod/core.html#directory">Directory</a></code> blocks to + allow access only in those areas you wish. For example,</p> + + <div class="example"><p><code> + <Directory /usr/users/*/public_html> <br /> + Order Deny,Allow <br /> + Allow from all <br /> + </Directory> <br /> + <Directory /usr/local/httpd> <br /> + Order Deny,Allow <br /> + Allow from all <br /> + </Directory> + </code></p></div> + + <p>Pay particular attention to the interactions of <code class="directive"><a href="../mod/core.html#location">Location</a></code> and <code class="directive"><a href="../mod/core.html#directory">Directory</a></code> directives; for instance, even + if <code><Directory /></code> denies access, a <code> + <Location /></code> directive might overturn it.</p> + + <p>Also be wary of playing games with the <code class="directive"><a href="../mod/mod_userdir.html#userdir">UserDir</a></code> directive; setting it to + something like <code>./</code> would have the same effect, for root, as + the first example above. If you are using Apache 1.3 or above, we strongly + recommend that you include the following line in your server + configuration files:</p> + + <div class="example"><p><code> + UserDir disabled root + </code></p></div> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="watchyourlogs" id="watchyourlogs">Watching Your Logs</a></h2> + + + + <p>To keep up-to-date with what is actually going on against your server + you have to check the <a href="../logs.html">Log Files</a>. Even though + the log files only reports what has already happened, they will give you + some understanding of what attacks is thrown against the server and + allow you to check if the necessary level of security is present.</p> + + <p>A couple of examples:</p> + + <div class="example"><p><code> + grep -c "/jsp/source.jsp?/jsp/ /jsp/source.jsp??" access_log <br /> + grep "client denied" error_log | tail -n 10 + </code></p></div> + + <p>The first example will list the number of attacks trying to exploit the + <a href="http://online.securityfocus.com/bid/4876/info/">Apache Tomcat + Source.JSP Malformed Request Information Disclosure Vulnerability</a>, + the second example will list the ten last denied clients, for example:</p> + + <div class="example"><p><code> + [Thu Jul 11 17:18:39 2002] [error] [client foo.bar.com] client denied + by server configuration: /usr/local/apache/htdocs/.htpasswd + </code></p></div> + + <p>As you can see, the log files only report what already has happened, so + if the client had been able to access the <code>.htpasswd</code> file you + would have seen something similar to:</p> + + <div class="example"><p><code> + foo.bar.com - - [12/Jul/2002:01:59:13 +0200] "GET /.htpasswd HTTP/1.1" + </code></p></div> + + <p>in your <a href="../logs.html#accesslog">Access Log</a>. This means + you probably commented out the following in your server configuration + file:</p> + + <div class="example"><p><code> + <Files ~ "^\.ht"> <br /> + Order allow,deny <br /> + Deny from all <br /> + </Files> + </code></p></div> + + </div></div> +<div class="bottomlang"> +<p><span>Available Languages: </span><a href="../en/misc/security_tips.html" title="English"> en </a> | +<a href="../ko/misc/security_tips.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> | +<a href="../tr/misc/security_tips.html" hreflang="tr" rel="alternate" title="T�rk�e"> tr </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html.ko.euc-kr b/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html.ko.euc-kr new file mode 100644 index 00000000..58c56f14 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html.ko.euc-kr @@ -0,0 +1,345 @@ +<?xml version="1.0" encoding="EUC-KR"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="ko" xml:lang="ko"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>���� �� - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">���</a> | <a href="../mod/directives.html">���þ��</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">���</a> | <a href="../sitemap.html">����Ʈ��</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>���� ��</h1> +<div class="toplang"> +<p><span>������ ���: </span><a href="../en/misc/security_tips.html" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../ko/misc/security_tips.html" title="Korean"> ko </a> | +<a href="../tr/misc/security_tips.html" hreflang="tr" rel="alternate" title="Türkçe"> tr </a></p> +</div> +<div class="outofdate">�� ������ �ֽ��� ������ �ƴմϴ�. + �ֱٿ� ����� ������ ���� ������ �����ϼ���.</div> + + <p>�������� ��Ҷ� ������ �� ���� ���� ��Ʈ�� ���̴�. + � ���� �Ϲ����̰�, � ���� ����ġ���� �ش��ϴ� ���̴�.</p> + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#uptodate">�ֽ������� �����ϱ�</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#serverroot">ServerRoot ���丮 ����</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#ssi">Server Side Includes</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#cgi">�Ϲ����� CGI</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#nsaliasedcgi">ScriptAlias���� ���� CGI</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#saliasedcgi">ScriptAlias�� CGI</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#dynamic">���� ������ �����ϴ� �ٸ� ���</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#systemsettings">�ý��� ���� ��ȣ�ϱ�</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#protectserverfiles">�⺻������ ������ �ִ� ���� ��ȣ�ϱ�</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#watchyourlogs">�α� ���캸��</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="uptodate" id="uptodate">�ֽ������� �����ϱ�</a></h2> + + <p>����ġ �������� ������ ���� ������ ������ ���� ������ + ����ü�� �����ϴ�. ���� ũ�� �۰� ��ǥ�� �߰ߵǴ� �������� + ���� �� ����. ���� ����Ʈ��� �ֽŹ������� �����ϴ� + ���� �߿��ϴ�. ����ġ���� ���� �������� �ٿ�ε��ߴٸ�, + ���ο� ������ ���� ������Ʈ�� �˷��ִ� <a href="http://httpd.apache.org/lists.html#http-announce">����ġ + ������ ��ǥ ���ϸ�����Ʈ</a>�� �����ϱ� ������ ���Ѵ�. + ����ġ ����Ʈ��� �����ϴ� ���� �����ڵ鵵 ����� ���� + �����Ѵ�.</p> + + <p>���� ������ �ڵ嶧���� �������� ������ ���ϴ� ���� + ���� �ʴ�. ���� �߰� �ڵ�, CGI ��ũ��Ʈ, ���� �ü���� + ������ ������ ���ϴ� ��찡 ����. ���Ƿ� �� �����ϸ� + �ý����� ��� ����Ʈ��� ������Ʈ�ؾ� �Ѵ�.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="serverroot" id="serverroot">ServerRoot ���丮 ����</a></h2> + + + + <p>���� root ����ڰ� ����ġ�� ������ ��, ��û�� �����ϱ����� + <code class="directive"><a href="../mod/mpm_common.html#user">User</a></code> ���þ�� + ������ ����ڷ� ��ȯ�Ѵ�. root�� �����ϴ� ���ɾ �ִٸ�, + root �̿��� ����ڰ� �������� ���ϵ��� �����ؾ� �Ѵ�. �� + ���ϵ��� root�� �� �� �־�� �ϰ�, ���丮�� ��� �������丮�� + ����������. ���� ���, ServerRoot�� /usr/local/apache�� + ����Ѵٸ� root ����ڰ� ������ ���� ���丮�� ����� + �����Ѵ�:</p> + + <div class="example"><p><code> + mkdir /usr/local/apache <br /> + cd /usr/local/apache <br /> + mkdir bin conf logs <br /> + chown 0 . bin conf logs <br /> + chgrp 0 . bin conf logs <br /> + chmod 755 . bin conf logs + </code></p></div> + + <p>���� /, /usr, /usr/local �� root���� ������ �� �ִ�. + httpd ���������� ��ġ�Ҷ� ������ ���� ��ȣ�ؾ� �Ѵ�:</p> + + <div class="example"><p><code> + cp httpd /usr/local/apache/bin <br /> + chown 0 /usr/local/apache/bin/httpd <br /> + chgrp 0 /usr/local/apache/bin/httpd <br /> + chmod 511 /usr/local/apache/bin/httpd + </code></p></div> + + <p>htdocs �������丮�� �ٸ� ����ڵ��� ������ �� �ֵ��� + ���� �� �ִ� -- root�� �װ��� �ִ� ������ ����������, �������� + �ʾƾ� �Ѵ�.</p> + + <p>root�� �ƴ� ����ڰ� root�� �����ϰų� ���Ⱑ���� ������ + ������ �� �ִٸ� �ý����� root ������ ��ĥ �� �ִ�. ���� + ���, ������ httpd ���������� �����Ͽ��ٸ� ������ �����Ҷ� + ������ �ڵ带 �����ϰ� �ȴ�. logs ���丮�� (root�� �ƴ� + ����ڿ���) ���Ⱑ���ϴٸ� ������ �α������� �ٸ� �ý������Ϸ� + �ɺ���ũ�� �ɾ root�� ���Ͽ� ������ �ڷḦ ��� �� + �ִ�. �α������� (root�� �ƴ� ����ڿ���) ���Ⱑ���ϴٸ� + ������ �α� �̻��� �ڷḦ ����� �� �ִ�.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="ssi" id="ssi">Server Side Includes</a></h2> + + + + <p>Server Side Includes (SSI)�� ���� �����ڿ��� ���Ȼ� ��� + �������� �����̴�.</p> + + <p>ù��° ������ ������ ���ϸ� �ø��� ���̴�. ����ġ�� ���Ͽ� + SSI ���þ �ִ��� ���ο� ������� ��� SSI ������ �м��ؾ� + �Ѵ�. ���� ���ϰ� ������, ������ ���� ����� ���� ����ϴ� + ȯ�濡���� �ɰ��� �� �ִ�.</p> + + <p>��, SSI ������ �Ϲ����� CGI ��ũ��Ʈ�� ������ ������ + ������. SSI ���Ͽ��� "exec cmd"�� ����ϸ� httpd.conf���� + ����ġ�� �����ϵ��� ������ ����ڿ� �� �������� CGI + ��ũ��Ʈ�� ���α��� ������ �� �ִ�.</p> + + <p>������ Ȱ���ϸ鼭 SSI ������ ������ ����Ű�� ����� + �ִ�.</p> + + <p>SSI ������ ������ �� �ִ� ���ظ� �ݸ��ϱ����� ���������ڴ� + <a href="#cgi">�Ϲ����� CGI</a> ������ �����ϴ� ������� + <a href="../suexec.html">suexec</a>�� ����� �� �ִ�</p> + + <p>.html�̳� .htm Ȯ���ڸ� SSI ���Ϸ� ����ϴ� ���� �����ϴ�. + Ư�� ���� ����� �����ϰų� ��ŷ��� ���� ���� ȯ�濡�� + �����ϴ�. SSI ������ �Ϲ������� ���� ����ϴ� .shtml ���� + ������ Ȯ���ڸ� ������ �Ѵ�. ���� ���� ���ϸ� �ּ�ȭ�ϰ� + �����Ҹ� ���� ������ �� �ִ�.</p> + + <p>�ٸ� ����� SSI �������� ��ũ��Ʈ�� ���α��� �������� + ���ϵ��� ����� ���̴�. <code class="directive"><a href="../mod/core.html#options">Options</a></code> ���þ�� <code>Includes</code> + ��� <code>IncludesNOEXEC</code>�� ����Ѵ�. ���� ��ũ��Ʈ�� + <code class="directive"><a href="../mod/mod_alias.html#scriptalias">ScriptAlias</a></code> ���þ�� + ������ ���丮�� �ִٸ� <--#include virtual="..." -->�� + ����Ͽ� CGI ��ũ��Ʈ�� ������ �� ������ �����϶�.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="cgi" id="cgi">�Ϲ����� CGI</a></h2> + + + + <p>�ᱹ ����� �� CGI ��ũ��Ʈ/���α��� ���ڸ� �ŷ��ؾ� + �ϰ�, ���ǰ� �Ǽ��̰� CGI�� �������� ���Ȼ� ������ �߰��� + �� �־�� �Ѵ�. �⺻������ CGI ��ũ��Ʈ�� ������ ����� + �������� �ý��ۿ��� � ���ɾ�� ������ �� �ֱ���� + �����ְ� Ȯ������ ������ �ſ� �����ϴ�.</p> + + <p>��� CGI ��ũ��Ʈ�� ���� ����ڷ� ����DZ���� �ٸ� + ��ũ��Ʈ�� (���ǰ� �Ǽ��̰�) �浹�� ���ɼ��� �ִ�. ���� + ���, ����� A�� ����� B�� �ſ� �Ⱦ��Ͽ�, ����� B�� CGI + �����ͺ��̽��� ���������� ��ũ��Ʈ�� �ۼ��� �� �ִ�. ����ġ + 1.2 �������� ���ԵǾ��� ����ġ �������� Ư���� ��(hook)���� + �����ϴ� <a href="../suexec.html">suEXEC</a>�� ��ũ��Ʈ�� + �ٸ� ����ڷ� �����ϴ� ����� �ϳ���. �ٸ� �������� ������� + <a href="http://cgiwrap.unixtools.org/">CGIWrap</a>�� �ִ�.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="nsaliasedcgi" id="nsaliasedcgi">ScriptAlias���� ���� CGI</a></h2> + + + + <p>���� ������ �����Ҷ��� ����ڰ� � ���丮������ + CGI ��ũ��Ʈ�� �����ϵ��� ����� �� �ִ�:</p> + + <ul> + <li>����� ���ǰ� �Ǽ��̰� ����ڰ� �ý����� ���ݿ� �����Ű�� + ��ũ��Ʈ�� �ۼ����� �ʴ´ٰ� �ϴ´�.</li> + <li>�ý����� �ٸ� �κ��� ������ ���ؼ�, �������� ������ + �ϳ� �� ���� ������ ���� ���ٰ� �����ϴ� ���.</li> + <li>����ڰ� ����, �Ƹ� �ƹ��� ������ �湮�����ʴ� ���.</li> + </ul> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="saliasedcgi" id="saliasedcgi">ScriptAlias�� CGI</a></h2> + + + + <p>Ư�� ���丮������ CGI�� ������ �� �ֵ��� �����ϸ� �����ڴ� + �̵� ���丮�� ������ �� �ִ�. �� ���� scriptalias���� + ���� CGI���� Ȯ���� �����ϴ�. ��, �ŷ��ϴ� ����ڸ� ���丮�� + ������ �� �ְ�, �����ڰ� ���ο� CGI ��ũ��Ʈ/���α��� + �������� ���Ȼ� ������ �˻��� ���̰� �ִٸ�.</p> + + <p>��κ��� ����Ʈ�� scriptalias���� ���� CGI ��� ��� + �� ����� ����Ѵ�.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="dynamic" id="dynamic">���� ������ �����ϴ� �ٸ� ���</a></h2> + + + + <p> + mod_php, mod_perl, mod_tcl, mod_python ���� ������ �Ϻη� + �����ϴ� �Ӻ���� ��ũ��Ʈ�� ������ ���� ����ڷ� (<code class="directive"><a href="../mod/mpm_common.html#user">User</a></code> ���þ� ����) ����DZ����, + ��ũ��Ʈ ������ �����ϴ� ��ũ��Ʈ�� ���������� ���� ����ڰ� + ������ �� �ִ� ��� �Ϳ� ������ �� �ִ�. � ��ũ��Ʈ ������ + ������� ������ ������, �����ϴٰ� �������� �ʴ� ���� ����.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="systemsettings" id="systemsettings">�ý��� ���� ��ȣ�ϱ�</a></h2> + + + + <p>������ ������ ������ ��Ϸ��� ����ڰ� + <code>.htaccess</code> ������ ����Ͽ� ����� ������ ���ȱ���� + �����ϱ� �ٶ��� ���� ���̴�. �������� ������ ���� ����� + �ִ�.</p> + + <p>���� �������Ͽ� ������ �߰��Ѵ�</p> + + <div class="example"><p><code> + <Directory /> <br /> + AllowOverride None <br /> + </Directory> + </code></p></div> + + <p>���� ��밡���ϵ��� ���������� ����� ���丮�� �����ϰ��� + <code>.htaccess</code> ������ ����� �� ����.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="protectserverfiles" id="protectserverfiles">�⺻������ ������ �ִ� ���� ��ȣ�ϱ�</a></h2> + + + + <p>������� ���� ����ġ�� �⺻ ���ٿ� ���� �߸� �˰��ִ�. + ��, ������ �Ϲ����� URL ���� ��Ģ�� ����Ͽ� ������ ã�� + �� �ִٸ�, Ư���� ��ġ�� ���� �ʴ��� Ŭ���̾�Ʈ���� ������ + ���� �� �ִ�.</p> + + <p>���� ���, �Ʒ��� ���� ���:</p> + + <div class="example"><p><code> + # cd /; ln -s / public_html <br /> + <code>http://localhost/~root/</code> �� �����Ѵ� + </code></p></div> + + <p>���� Ŭ���̾�Ʈ�� ��ü ���Ͻý����� ���ƴٴ� �� �ִ�. + �̸� �������� ������������ ������ ���� ��ġ�� �Ѵ�:</p> + + <div class="example"><p><code> + <Directory /> <br /> + Order Deny,Allow <br /> + Deny from all <br /> + </Directory> + </code></p></div> + + <p>���� ���Ͻý��� ��ġ�� ���� �⺻ ������ �źεȴ�. + ���ϴ� ������ ������ �� �ֵ��� ������ ���� <code class="directive"><a href="../mod/core.html#directory">Directory</a></code> ������ �߰��Ѵ�.</p> + + <div class="example"><p><code> + <Directory /usr/users/*/public_html> <br /> + Order Deny,Allow <br /> + Allow from all <br /> + </Directory> <br /> + <Directory /usr/local/httpd> <br /> + Order Deny,Allow <br /> + Allow from all <br /> + </Directory> + </code></p></div> + + <p><code class="directive"><a href="../mod/core.html#location">Location</a></code>�� <code class="directive"><a href="../mod/core.html#directory">Directory</a></code> ���þ ���� ����ϴ� + ��� Ư���� ���Ǹ� ��←��. ���� ���, <code><Directory + /></code>�� ������ �ź��ϴ��� <code><Location + /></code> ���þ �̸� ������ �� �ִ�</p> + + <p><code class="directive"><a href="../mod/mod_userdir.html#userdir">UserDir</a></code> ���þ + ����ϴ� ��쿡�� �����϶�. ���þ "./" ���� �����ϸ� + root ����ڿ� ���� �ٷ� ���� ���� ���� ������ ���Ѵ�. + ����ġ 1.3 �̻��� ����Ѵٸ� ���� �������Ͽ� �Ʒ� ���� �߰��ϱ� + ������ ���Ѵ�:</p> + + <div class="example"><p><code> + UserDir disabled root + </code></p></div> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="watchyourlogs" id="watchyourlogs">�α� ���캸��</a></h2> + + + + <p>������ �������� ���� ���� �־�� �ִ��� �˷��� <a href="../logs.html">�α�����</a>�� ������� �Ѵ�. �α������� + �̹� �Ͼ �ϸ��� ����������, ������ � ������ �־����� + �˷��ְ� ���� �ʿ��� ��ŭ �������� Ȯ���ϰ� ���ش�.</p> + + <p>�������� ��:</p> + + <div class="example"><p><code> + grep -c "/jsp/source.jsp?/jsp/ /jsp/source.jsp??" access_log <br /> + grep "client denied" error_log | tail -n 10 + </code></p></div> + + <p>ù��° ���� <a href="http://online.securityfocus.com/bid/4876/info/">�߸��� + Source.JSP ��û���� ���������� �˾Ƴ� �� �ִ� Tomcat�� + �����</a>�� �̿��Ϸ��� ���� Ƚ���� �˷��ְ�, �ι�° ���� + ������ �źε� �ֱ� Ŭ���̾�Ʈ 10���� ������ ���� �����ش�:</p> + + <div class="example"><p><code> + [Thu Jul 11 17:18:39 2002] [error] [client foo.bar.com] client denied + by server configuration: /usr/local/apache/htdocs/.htpasswd + </code></p></div> + + <p>�� �� ���� �α������� �̹� ���� ��Ǹ��� �����Ѵ�. + ���� Ŭ���̾�Ʈ�� <code>.htpasswd</code> ���Ͽ� ������ + �� �־��ٸ� <a href="../logs.html#accesslog">���� �α�</a>�� + ������ ���� ����� ���� ���̴�:</p> + + <div class="example"><p><code> + foo.bar.com - - [12/Jul/2002:01:59:13 +0200] "GET /.htpasswd HTTP/1.1" + </code></p></div> + + <p>��, ����� ���� �������Ͽ��� ���� �κ��� �ּ�ó������ + ���̴�:</p> + + <div class="example"><p><code> + <Files ~ "^\.ht"> <br /> + Order allow,deny <br /> + Deny from all <br /> + <Files> + </code></p></div> + + </div></div> +<div class="bottomlang"> +<p><span>������ ���: </span><a href="../en/misc/security_tips.html" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../ko/misc/security_tips.html" title="Korean"> ko </a> | +<a href="../tr/misc/security_tips.html" hreflang="tr" rel="alternate" title="Türkçe"> tr </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">���</a> | <a href="../mod/directives.html">���þ��</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">���</a> | <a href="../sitemap.html">����Ʈ��</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html.tr.utf8 b/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html.tr.utf8 new file mode 100644 index 00000000..7257521f --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html.tr.utf8 @@ -0,0 +1,344 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="tr" xml:lang="tr"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>Güvenlik İpuçları - Apache HTTP Sunucusu</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">Modüller</a> | <a href="../mod/directives.html">Yönergeler</a> | <a href="../faq/">SSS</a> | <a href="../glossary.html">Terimler</a> | <a href="../sitemap.html">Site Haritası</a></p> +<p class="apache">Apache HTTP Sunucusu Sürüm 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Sunucusu</a> > <a href="http://httpd.apache.org/docs/">Belgeleme</a> > <a href="../">Sürüm 2.0</a> > <a href="./">Çeşitli Belgeler</a></div><div id="page-content"><div id="preamble"><h1>Güvenlik İpuçları</h1> +<div class="toplang"> +<p><span>Mevcut Diller: </span><a href="../en/misc/security_tips.html" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../ko/misc/security_tips.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> | +<a href="../tr/misc/security_tips.html" title="Türkçe"> tr </a></p> +</div> + + <p>Bir HTTP Sunucusunu ayarlarken dikkat edilmesi gerekenler ve bazı + ipuçları. Öneriler kısmen Apache’ye özel kısmen de genel olacaktır.</p> + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#uptodate">Güncel Tutma</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#serverroot"><code>ServerRoot</code> Dizinlerinin İzinleri</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#ssi">Sunucu Taraflı İçerik Yerleştirme</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#cgi">CGI Genelinde</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#nsaliasedcgi"><code>ScriptAlias</code>’sız CGI</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#saliasedcgi"><code>ScriptAlias</code>’lı CGI</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#dynamic">Devingen içerikli kaynaklar</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#systemsettings">Sistem Ayarlarının Korunması</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#protectserverfiles">Sunucu dosyalarının öntanımlı olarak korunması</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#watchyourlogs">Günlüklerin İzlenmesi</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="uptodate" id="uptodate">Güncel Tutma</a></h2> + + <p>Apache HTTP Sunucusu iyi bir güvenlik sicilinin yanında güvenlik + konularıyla oldukça ilgili bir geliştirici topluluğuna sahiptir. Fakat, + bir yazılımın dağıtılmasının ardından küçük ya da büyük bazı sorunların + keşfedilmesi kaçınılmazdır. Bu sebeple, yazılım güncellemelerinden + haberdar olmak oldukça önem kazanır. HTTP sunucunuzu doğrudan + Apache’den temin ediyorsanız yeni sürümler ve güvenlik güncellemeleri + ile ilgili bilgileri tam zamanında alabilmek için <a href="http://httpd.apache.org/lists.html#http-announce">Apache + HTTP Sunucusu Duyuru Listesi</a>ne mutlaka üye olmanızı öneririz. + Apache yazılımının üçüncü parti dağıtımlarını yapanların da buna benzer + hizmetleri vardır.</p> + + <p>Şüphesiz, bir HTTP sunucusu, sunucu kodunda bir sorun olmasa da + tehlike altındadır. Eklenti kodları, CGI betikleri hatta işletim + sisteminden kaynaklanan sorunlar nedeniyle bu ortaya çıkabilir. Bu + bakımdan, sisteminizdeki tüm yazılımların sorunları ve güncellemeleri + hakkında bilgi sahibi olmalısınız.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="serverroot" id="serverroot"><code>ServerRoot</code> Dizinlerinin İzinleri</a></h2> + + + <p>Normalde, Apache root kullanıcı tarafından başlatılır ve hizmetleri + sunarken <code class="directive"><a href="../mod/mpm_common.html#user">User</a></code> yönergesi + tarafından tanımlanan kullanıcının aidiyetinde çalışır. Root tarafından + çalıştırılan komutlarda olduğu gibi, root olmayan kullanıcıların + yapacakları değişikliklerden korunmak konusunda da dikkatli + olmalısınız. Dosyaların sadece root tarafından yazılabilir olmasını + sağlamak yeterli değildir, bu dizinler ve üst dizinler için de + yapılmalıdır. Örneğin, sunucu kök dizininin + <code>/usr/local/apache</code> olmasına karar verdiyseniz, bu dizini + root olarak şöyle oluşturmanız önerilir:</p> + + <div class="example"><p><code> + mkdir /usr/local/apache <br /> + cd /usr/local/apache <br /> + mkdir bin conf logs <br /> + chown 0 . bin conf logs <br /> + chgrp 0 . bin conf logs <br /> + chmod 755 . bin conf logs + </code></p></div> + + <p><code>/</code>, <code>/usr</code>, <code>/usr/local</code> + dizinlerinde sadece root tarafından değişiklik yapılabileceği kabul + edilir. <code class="program"><a href="../programs/httpd.html">httpd</a></code> çalıştırılabilirini kurarken de benzer + bir önlemin alındığından emin olmalısınız:</p> + + <div class="example"><p><code> + cp httpd /usr/local/apache/bin <br /> + chown 0 /usr/local/apache/bin/httpd <br /> + chgrp 0 /usr/local/apache/bin/httpd <br /> + chmod 511 /usr/local/apache/bin/httpd + </code></p></div> + + <p>Diğer kullanıcıların değişiklik yapabileceği bir dizin olarak bir + <code>htdocs</code> dizini oluşturabilirsiniz. Bu dizine root + tarafından çalıştırılabilecek dosyalar konulmamalı ve burada root + tarafından hiçbir dosya oluşturulmamalıdır.</p> + + <p>Diğer kullanıcılara root tarafından yazılabilen ve çalıştırılabilen + dosyalarda değişiklik yapma hakkını tanırsanız, onlara root + kullanıcısını ele geçirilebilme hakkını da tanımış olursunuz. Örneğin, + biri <code class="program"><a href="../programs/httpd.html">httpd</a></code> çalıştırılabilirini zararlı bir programla + değiştirebilir ve o programı tekrar çalıştırdığınız sırada program + yapacağını yapmış olur. Günlükleri kaydettiğiniz dizin herkes + tarafından yazılabilen bir dizin olduğu takdirde, birileri bir günlük + dosyasını bir sistem dosyasına sembolik bağ haline getirerek root + kullanıcısının bu dosyaya ilgisiz şeyler yazmasına sebep olabilir. + Günlüklerin dosyaları herkes tarafından yazılabilir olduğu takdirde ise + birileri dosyaya yanıltıcı veriler girebilir.</p> + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="ssi" id="ssi">Sunucu Taraflı İçerik Yerleştirme</a></h2> + + + <p>SSI sayfaları bir sunucu yöneticisi açısından çeşitli olası risklere + kaynaklık edebilir.</p> + + <p>İlk risk, sunucu yükündeki artış olasılığıdır. Tüm SSI sayfaları, SSI + kodu içersin içermesin Apache tarafından çözümlenir. Bu küçük bir artış + gibi görünürse de bir paylaşımlı sunucu ortamında önemli bir yük haline + gelebilir.</p> + + <p>SSI sayfaları, CGI betikleriyle ilgili riskleri de taşır. <code>exec + cmd</code> elemanı kullanılarak bir SSI sayfasından herhangi bir CGI + betiğini veya bir sistem programını Apache’nin aidiyetinde olduğu + kullanıcının yetkisiyle çalıştırmak mümkündür.</p> + + <p>SSI sayfalarının yararlı özelliklerinden yararlanırken güvenliğini de + arttırmanın bazı yolları vardır.</p> + + <p>Sunucu yöneticisi, bir başıbozuk SSI sayfasının sebep olabileceği + zararları bertaraf etmek için <a href="#cgi">CGI Genelinde</a> + bölümünde açıklandığı gibi <a href="../suexec.html">suexec</a>’i etkin + kılabilir.</p> + + <p>SSI sayfalarını <code>.html</code> veya <code>.htm</code> + uzantılarıyla etkinleştirmek tehlikeli olabilir. Bu özellikle + paylaşımlı ve yüksek trafikli bir sunucu ortamında önemlidir. SSI + sayfalarını normal sayfalardan farklı olarak <code>.shtml</code> gibi + bildik bir uzantıyla etkinleştirmek gerekir. Bu, sunucu yükünü asgari + düzeyde tutmaya ve risk yönetimini kolaylaştırmaya yarar.</p> + + <p>Diğer bir çözüm de SSI sayfalarından betik ve program çalıştırmayı + iptal etmektir. Bu, <code class="directive"><a href="../mod/core.html#options">Options</a></code> + yönergesine değer olarak <code>Includes</code> yerine + <code>IncludesNOEXEC</code> vererek sağlanır. Ancak, eğer betiklerin + bulunduğu dizinde <code class="directive"><a href="../mod/mod_alias.html#scriptalias">ScriptAlias</a></code> + yönergesiyle CGI betiklerinin çalışması mümkün kılınmışsa, + kullanıcıların <code><--#include virtual="..." --></code> ile bu + betikleri çalıştırabileceklerine dikkat ediniz.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="cgi" id="cgi">CGI Genelinde</a></h2> + + + <p>Herşeyden önce ya CGI betiğini/programını yazanlara ya da kendinizin + CGI'deki güvenlik açıklarını (ister kasıtlı olsun ister tesadüfi) + yakalama becerinize güvenmek zorundasınız. CGI betikleri esasen + sisteminizdeki komutları site kullanıcılarının izinleriyle + çalıştırırlar. Bu bakımdan dikkatle denenmedikleri takdirde oldukça + tehlikeli olabilirler.</p> + + <p>CGI betiklerinin hepsi aynı kullanıcının aidiyetinde çalışırsa diğer + betiklerle aralarında çelişkilerin ortaya çıkması ister istemez + kaçınılmazdır. Örneğin A kullanıcısının B kullanıcısına garezi varsa + bir betik yazıp B’nin CGI veritabanını silebilir. Bu gibi durumların + ortaya çıkmaması için betiklerin farklı kullanıcıların aidiyetlerinde + çalışmasını sağlayan ve 1.2 sürümünden beri Apache ile dağıtılan <a href="../suexec.html">suEXEC</a> diye bir program vardır. Başka bir yol + da <a href="http://cgiwrap.unixtools.org/">CGIWrap</a> kullanmaktır.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="nsaliasedcgi" id="nsaliasedcgi"><code>ScriptAlias</code>’sız CGI</a></h2> + + + <p>Kullanıcıların sitenin her yerinde CGI betiklerini çalıştırmalarına + izin vermek ancak şu koşullarda mümkün olabilir:</p> + + <ul> + <li>Kullanıcılarınızın kasıtlı ya da kasıtsız sistemi saldırıya açık + hale getirecek betikler yazmayacaklarına tam güveniniz vardır.</li> + <li>Sitenizin güvenliği zaten o kadar kötüdür ki, bir delik daha + açılmasının mahzuru yoktur.</li> + <li>Sitenizin sizden başka kullanıcısı yoktur ve sunucunuzu sizden + başka hiç kimsenin ziyaret etmesi mümkün değildir.</li> + </ul> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="saliasedcgi" id="saliasedcgi"><code>ScriptAlias</code>’lı CGI</a></h2> + + + <p>CGI’yi belli dizinlerle sınırlamak yöneticiye bu dizinlerde daha iyi + denetim imkanı sağlar. Bu kaçınılmaz olarak <code class="directive"><a href="../mod/mod_alias.html#scriptalias">ScriptAlias</a></code>’sız CGI’den çok daha + güvenlidir, ancak bu dizinlere yazma hakkı olan kullanıcılarınız + güvenilir kişiler olması ve site yöneticisinin de olası güvenlik + açıklarına karşı CGI betiklerini ve programlarını denemeye istekli + olması şartıyla.</p> + + <p>Çoğu site yöneticisi <code>ScriptAlias</code>’sız CGI yerine bu + yaklaşımı seçer.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="dynamic" id="dynamic">Devingen içerikli kaynaklar</a></h2> + + + <p>Sunucunun bir parçası gibi çalışan, <code>mod_php</code>, + <code>mod_perl</code>, <code>mod_tcl</code> ve <code>mod_python</code> + gibi gömülü betik çalıştırma seçenekleri sunucuyu çalıştıran + kullanıcının aidiyetinde çalışırlar (<code class="directive"><a href="../mod/mpm_common.html#user">User</a></code> yönergesine bakınız). Bu bakımdan bu betik + yorumlayıcılar tarafından çalıştırılan betikler, sunucu kullanıcısının + eriştiği herşeye erişebilirler. Bazı betik yorumlayıcıların getirdiği + bazı sınırlamalar varsa da bunlara pek güvenmemek, gerekli sınamaları + yine de yapmak gerekir.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="systemsettings" id="systemsettings">Sistem Ayarlarının Korunması</a></h2> + + + <p>Güvenliği gerçekten sıkı tutmak istiyorsanız, kullanıcılarınızın + yapılandırmanızdaki güvenlik ayarlarını geçersiz kılmak için + <code>.htaccess</code> dosyalarını kullanabilmelerinin de önüne + geçmelisiniz. Bunu yapmanın tek bir yolu vardır.</p> + + <p>Sunucu yapılandırma dosyanıza şunu yerleştirin:</p> + + <div class="example"><p><code> + <Directory /> + <span class="indent"> + AllowOverride None + </span> + </Directory> + </code></p></div> + + <p>Böylece, belli dizinlerde özellikle etkinleştirilmedikçe bütün + dizinlerde <code>.htaccess</code> dosyalarının kullanımını engellemiş + olursunuz.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="protectserverfiles" id="protectserverfiles">Sunucu dosyalarının öntanımlı olarak korunması</a></h2> + + + <p>Apache’nin ister istemez yanlış anlaşılan yönlerinden biri öntanımlı erişim özelliğidir. Yani siz aksine bir şeyler yapmadıkça, sunucu normal URL eşleme kurallarını kullanarak bir dosyayı bulabildiği sürece onu istemciye sunacaktır.</p> + + <p>Örneğin, aşağıdaki durumu ele alalım:</p> + + <div class="example"><p><code> + # cd /; ln -s / public_html + </code></p></div> + + <p>Ve, tarayıcınıza <code>http://localhost/~root/</code> yazın.</p> + + <p>Böylece, istemcilerin tüm dosya sisteminizi gezmelerine izin vermiş olursunuz. Bu işlemin sonuçlarının önünü almak için sunucu yapılandırma dosyanıza şunları yazın:</p> + + <div class="example"><p><code> + <Directory /> + <span class="indent"> + Order Deny,Allow <br /> + Deny from all + </span> + </Directory> + </code></p></div> + + <p>Bu suretle, dosya sisteminize öntanımlı erişimi yasaklamış olursunuz. Erişime izin vermek istediğiniz dizinler için uygun <code class="directive"><a href="../mod/core.html#directory">Directory</a></code> bölümleri eklemeniz yeterli olacaktır. Örnek:</p> + + <div class="example"><p><code> + <Directory /usr/users/*/public_html> + <span class="indent"> + Order Deny,Allow <br /> + Allow from all + </span> + </Directory> <br /> + <Directory /usr/local/httpd> + <span class="indent"> + Order Deny,Allow <br /> + Allow from all + </span> + </Directory> + </code></p></div> + + <p><code class="directive"><a href="../mod/core.html#location">Location</a></code> ve <code class="directive"><a href="../mod/core.html#directory">Directory</a></code> yönergelerinin etkileşimine de özellikle önem vermelisiniz; örneğin <code><Directory /></code> erişimi yasaklarken bir <code><Location /></code> yönergesi bunu ortadan kaldırabilir.</p> + + <p><code class="directive"><a href="../mod/mod_userdir.html#userdir">UserDir</a></code> yönergesi de size buna benzer bir oyun oynayabilir; yönergeye <code>./</code> atamasını yaparsanız, root kullanıcısı söz konusu olduğunda yukarıda ilk örnekteki durumla karşılaşırız. Apache 1.3 veya üstünü kullanıyorsanız, sunucu yapılandırma dosyanızda aşağıdaki satırın mutlaka bulunmasını öneririz:</p> + + <div class="example"><p><code> + UserDir disabled root + </code></p></div> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="watchyourlogs" id="watchyourlogs">Günlüklerin İzlenmesi</a></h2> + + + <p>Sunucunuzda olup biteni günü gününe bilmek istiyorsanız <a href="../logs.html">günlük dosyalarına</a> bakmalısınız. Günlük dosyaları sadece olup biteni raporlamakla kalmaz, sunucunuza ne tür saldırılar yapıldığını ve güvenlik seviyenizin yeterli olup olmadığını anlamanızı da sağlarlar.</p> + + <p>Bazı örnekler:</p> + + <div class="example"><p><code> + grep -c "/jsp/source.jsp?/jsp/ /jsp/source.jsp??" access_log <br /> + grep "client denied" error_log | tail -n 10 + </code></p></div> + + <p>İlk örnek, <a href="http://online.securityfocus.com/bid/4876/info/">Apache Tomcat + Source.JSP Bozuk İstek Bilgilerini İfşa Açığı</a>nı istismar etmeyi deneyen saldırıların sayısını verirken ikinci örnek, reddedilen son on istemciyi listeler; örnek:</p> + + <div class="example"><p><code> + [Thu Jul 11 17:18:39 2002] [error] [client falan.filan.dom] client denied + by server configuration: /usr/local/apache/htdocs/.htpasswd + </code></p></div> + + <p>Gördüğünüz gibi günlük dosyaları sadece ne olup bittiğini raporlar, bu bakımdan eğer istemci <code>.htpasswd</code> dosyasına erişebiliyorsa <a href="../logs.html#accesslog">erişim günlüğünüzde</a> şuna benzer bir kayıt görürsünüz:</p> + + <div class="example"><p><code> + falan.filan.dom - - [12/Jul/2002:01:59:13 +0200] "GET /.htpasswd HTTP/1.1" + </code></p></div> + + <p>Bu, sunucu yapılandırma dosyanızda aşağıdaki yapılandırmayı iptal ettiğiniz anlamına gelir:</p> + + <div class="example"><p><code> + <Files ~ "^\.ht"> + <span class="indent"> + Order allow,deny <br /> + Deny from all + </span> + </Files> + </code></p></div> + + </div></div> +<div class="bottomlang"> +<p><span>Mevcut Diller: </span><a href="../en/misc/security_tips.html" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../ko/misc/security_tips.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> | +<a href="../tr/misc/security_tips.html" title="Türkçe"> tr </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br /><a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a> altında lisanslıdır.</p> +<p class="menu"><a href="../mod/">Modüller</a> | <a href="../mod/directives.html">Yönergeler</a> | <a href="../faq/">SSS</a> | <a href="../glossary.html">Terimler</a> | <a href="../sitemap.html">Site Haritası</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/tutorials.html b/rubbos/app/httpd-2.0.64/docs/manual/misc/tutorials.html new file mode 100644 index 00000000..e17505c2 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/tutorials.html @@ -0,0 +1,5 @@ +# GENERATED FROM XML -- DO NOT EDIT + +URI: tutorials.html.en +Content-Language: en +Content-type: text/html; charset=ISO-8859-1 diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/tutorials.html.en b/rubbos/app/httpd-2.0.64/docs/manual/misc/tutorials.html.en new file mode 100644 index 00000000..0b9f2d12 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/tutorials.html.en @@ -0,0 +1,211 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>Apache Tutorials - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>Apache Tutorials</h1> +<div class="toplang"> +<p><span>Available Languages: </span><a href="../en/misc/tutorials.html" title="English"> en </a></p> +</div> + + + <div class="warning"><h3>Warning:</h3> + <p>This document has not been fully updated + to take into account changes made in the 2.0 version of the + Apache HTTP Server. Some of the information may still be + relevant, but please use it with care.</p> + </div> + + <p>The following documents give you step-by-step instructions + on how to accomplish common tasks with the Apache HTTP server. + Many of these documents are located at external sites and are + not the work of the Apache Software Foundation. Copyright to + documents on external sites is owned by the authors or their + assignees. Please consult the <a href="../">official Apache + Server documentation</a> to verify what you read on external + sites.</p> + + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#starting">Installation & Getting Started</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#basics">Basic Configuration</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#security">Security</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#logging">Logging</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#cgi_ssi">CGI and SSI</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#other">Other Features</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="starting" id="starting">Installation & Getting Started</a></h2> + + + + <ul> + <li><a href="http://apachetoday.com/news_story.php3?ltsn=2000-06-1-001-01-NW-DP-LF"> + Getting Started with Apache 1.3</a> (ApacheToday)</li> + + <li><a href="http://apachetoday.com/news_story.php3?ltsn=2000-07-10-001-01-NW-LF-SW"> + Configuring Your Apache Server Installation</a> + (ApacheToday)</li> + + <li><a href="http://www.onlamp.com/pub/a/apache/2000/02/24/installing_apache.html"> + Getting, Installing, and Running Apache (on Unix)</a> + (O'Reilly Network Apache DevCenter)</li> + + <li><a href="http://www.builder.com/Servers/Apache/ss01.html">Maximum + Apache: Getting Started</a> (CNET Builder.com)</li> + + <li><a href="http://www.devshed.com/Server_Side/Administration/APACHE/"> + How to Build the Apache of Your Dreams</a> (Developer + Shed)</li> + </ul> + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="basics" id="basics">Basic Configuration</a></h2> + + + + <ul> + <li><a href="http://www.onlamp.com/pub/a/apache/2000/03/02/configuring_apache.html"> + An Amble Through Apache Configuration</a> (O'Reilly Network + Apache DevCenter)</li> + + <li><a href="http://apachetoday.com/news_story.php3?ltsn=2000-07-19-002-01-NW-LF-SW"> + Using .htaccess Files with Apache</a> (ApacheToday)</li> + + <li><a href="http://apachetoday.com/news_story.php3?ltsn=2000-07-17-001-01-PS"> + Setting Up Virtual Hosts</a> (ApacheToday)</li> + + <li><a href="http://www.builder.com/Servers/Apache/ss02.html">Maximum + Apache: Configure Apache</a> (CNET Builder.com)</li> + + <li><a href="http://www.devshed.com/Server_Side/Administration/MoreApache/"> + Getting More Out of Apache</a> (Developer Shed)</li> + </ul> + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="security" id="security">Security</a></h2> + + + + <ul> + <li><a href="http://www.linuxplanet.com/linuxplanet/tutorials/1527/1/"> + Security and Apache: An Essential Primer</a> + (LinuxPlanet)</li> + + <li><a href="http://www.apacheweek.com/features/userauth">Using User + Authentication</a> (Apacheweek)</li> + + <li><a href="http://www.apacheweek.com/features/dbmauth">DBM + User Authentication</a> (Apacheweek)</li> + + <li><a href="http://linux.com/security/newsitem.phtml?sid=12&aid=3549"> + An Introduction to Securing Apache</a> (Linux.com)</li> + + <li><a href="http://linux.com/security/newsitem.phtml?sid=12&aid=3667"> + Securing Apache - Access Control</a> (Linux.com)</li> + + <li>Apache Authentication <a href="http://apachetoday.com/news_story.php3?ltsn=2000-07-24-002-01-NW-LF-SW"> + Part 1</a> - <a href="http://apachetoday.com/news_story.php3?ltsn=2000-07-31-001-01-NW-DP-LF"> + Part 2</a> - <a href="http://apachetoday.com/news_story.php3?ltsn=2000-08-07-001-01-NW-LF-SW"> + Part 3</a> - <a href="http://apachetoday.com/news_story.php3?ltsn=2000-08-14-001-01-NW-LF-SW"> + Part 4</a> (ApacheToday)</li> + + <li><a href="http://apachetoday.com/news_story.php3?ltsn=2000-11-13-003-01-SC-LF-SW"> + mod_access: Restricting Access by Host</a> (ApacheToday)</li> + </ul> + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="logging" id="logging">Logging</a></h2> + + + + <ul> + <li><a href="http://www.onlamp.com/pub/a/apache/2000/03/10/log_rhythms.html"> + Log Rhythms</a> (O'Reilly Network Apache DevCenter)</li> + + <li><a href="http://www.apacheweek.com/features/logfiles">Gathering + Visitor Information: Customising Your Logfiles</a> + (Apacheweek)</li> + + <li>Apache Guide: Logging <a href="http://apachetoday.com/news_story.php3?ltsn=2000-08-21-003-01-NW-LF-SW"> + Part 1</a> - <a href="http://apachetoday.com/news_story.php3?ltsn=2000-08-28-001-01-NW-LF-SW"> + Part 2</a> - <a href="http://apachetoday.com/news_story.php3?ltsn=2000-09-05-001-01-NW-LF-SW"> + Part 3</a> - <a href="http://apachetoday.com/news_story.php3?ltsn=2000-09-18-003-01-NW-LF-SW"> + Part 4</a> - <a href="http://apachetoday.com/news_story.php3?ltsn=2000-09-25-001-01-NW-LF-SW"> + Part 5</a> (ApacheToday)</li> + </ul> + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="cgi_ssi" id="cgi_ssi">CGI and SSI</a></h2> + + + + <ul> + <li><a href="http://apachetoday.com/news_story.php3?ltsn=2000-06-05-001-10-NW-LF-SW"> + Dynamic Content with CGI</a> (ApacheToday)</li> + + <li><a href="http://www.cpan.org/doc/FAQs/cgi/idiots-guide.html"> + The Idiot's Guide to Solving Perl CGI Problems</a> + (CPAN)</li> + + <li><a href="http://www.linuxplanet.com/linuxplanet/tutorials/1445/1/"> + Executing CGI Scripts as Other Users</a> (LinuxPlanet)</li> + + <li><a href="http://www.htmlhelp.org/faq/cgifaq.html">CGI + Programming FAQ</a> (Web Design Group)</li> + + <li>Introduction to Server Side Includes <a href="http://apachetoday.com/news_story.php3?ltsn=2000-06-12-001-01-PS"> + Part 1</a> - <a href="http://apachetoday.com/news_story.php3?ltsn=2000-06-19-002-01-NW-LF-SW"> + Part 2</a> (ApacheToday)</li> + + <li><a href="http://apachetoday.com/news_story.php3?ltsn=2000-06-26-001-01-NW-LF-SW"> + Advanced SSI Techniques</a> (ApacheToday)</li> + + <li><a href="http://www.builder.com/Servers/ApacheFiles/082400/">Setting + up CGI and SSI with Apache</a> (CNET Builder.com)</li> + </ul> + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="other" id="other">Other Features</a></h2> + + + + <ul> + <li><a href="http://www.apacheweek.com/features/negotiation">Content + Negotiation Explained</a> (Apacheweek)</li> + + <li><a href="http://www.apacheweek.com/features/imagemaps">Using + Apache Imagemaps</a> (Apacheweek)</li> + + <li><a href="http://apachetoday.com/news_story.php3?ltsn=2000-06-14-002-01-PS"> + Keeping Your Images from Adorning Other Sites</a> + (ApacheToday)</li> + + <li><a href="http://ppewww.ph.gla.ac.uk/~flavell/www/lang-neg.html">Language + Negotiation Notes</a> (Alan J. Flavell)</li> + </ul> + + <p>If you have a pointer to an accurate and well-written + tutorial not included here, please let us know by submitting it + to the <a href="http://bugs.apache.org/">Apache Bug + Database</a>.</p> + </div></div> +<div class="bottomlang"> +<p><span>Available Languages: </span><a href="../en/misc/tutorials.html" title="English"> en </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div> +</body></html>
\ No newline at end of file |