diff options
Diffstat (limited to 'rubbos/app/httpd-2.0.64/docs/manual/misc')
27 files changed, 10864 insertions, 0 deletions
diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/custom_errordocs.html b/rubbos/app/httpd-2.0.64/docs/manual/misc/custom_errordocs.html new file mode 100644 index 00000000..23ab34ae --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/custom_errordocs.html @@ -0,0 +1,5 @@ +# GENERATED FROM XML -- DO NOT EDIT + +URI: custom_errordocs.html.en +Content-Language: en +Content-type: text/html; charset=ISO-8859-1 diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/custom_errordocs.html.en b/rubbos/app/httpd-2.0.64/docs/manual/misc/custom_errordocs.html.en new file mode 100644 index 00000000..fc2ccd8e --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/custom_errordocs.html.en @@ -0,0 +1,577 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>International Customized Server Error Messages - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>International Customized Server Error Messages</h1> +<div class="toplang"> +<p><span>Available Languages: </span><a href="../en/misc/custom_errordocs.html" title="English"> en </a></p> +</div> + + + <div class="warning"><h3>Warning:</h3> + <p>This document has not been fully updated + to take into account changes made in the 2.0 version of the + Apache HTTP Server. Some of the information may still be + relevant, but please use it with care.</p> + </div> + + <p>This document describes an easy way to provide your Apache + HTTP Server with a set of customized error messages which take + advantage of <a href="../content-negotiation.html">Content + Negotiation</a> and <code class="module"><a href="../mod/mod_include.html">mod_include</a></code> to return + error messages generated by the server in the client's native + language.</p> + + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#intro">Introduction</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#createdir">Creating an ErrorDocument directory</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#proxy">Customizing Proxy Error Messages</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#listings">HTML Listing of the Discussed Example</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="intro" id="intro">Introduction</a></h2> + + + + <p>By using SSI, all <code class="directive"><a href="../mod/core.html#errordocument">ErrorDocument</a></code> messages + can share a homogenous and consistent style and layout, and + maintenance work (changing images, changing links) is kept to a + minimum because all layout information can be kept in a single + file.</p> + + <p>Error documents can be shared across different servers, or + even hosts, because all varying information is inserted at the + time the error document is returned on behalf of a failed + request.</p> + + <p>Content Negotiation then selects the appropriate language + version of a particular error message text, honoring the + language preferences passed in the client's request. (Users + usually select their favorite languages in the preferences + options menu of today's browsers). When an error document in + the client's primary language version is unavailable, the + secondary languages are tried or a default (fallback) version + is used.</p> + + <p>You have full flexibility in designing your error documents + to your personal taste (or your company's conventions). For + demonstration purposes, we present a simple generic error + document scheme. For this hypothetic server, we assume that all + error messages...</p> + + <ul> + <li>possibly are served by different virtual hosts (different + host name, different IP address, or different port) on the + server machine,</li> + + <li>show a predefined company logo in the right top of the + message (selectable by virtual host),</li> + + <li>print the error title first, followed by an explanatory + text and (depending on the error context) help on how to + resolve the error,</li> + + <li>have some kind of standardized background image,</li> + + <li>display an apache logo and a feedback email address at + the bottom of the error message.</li> + </ul> + + <p>An example of a "document not found" message for a german + client might look like this:</p> + + <p><img src="../images/custom_errordocs.gif" alt="[Needs graphics capability to display]" /></p> + + <p>All links in the document as well as links to the server's + administrator mail address, and even the name and port of the + serving virtual host are inserted in the error document at + "run-time", i.e., when the error actually occurs.</p> + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="createdir" id="createdir">Creating an ErrorDocument directory</a></h2> + + + + <p>For this concept to work as easily as possible, we must take + advantage of as much server support as we can get:</p> + + <ol> + <li>By defining the MultiViews <code class="directive"><a href="../mod/core.html#options">Options</a></code>, we + enable the language selection of the most appropriate + language alternative (content negotiation).</li> + + <li>By setting the <code class="directive"><a href="../mod/mod_negotiation.html#languagepriority">LanguagePriority</a></code> + directive we define a set of default fallback languages in + the situation where the client's browser did not express any + preference at all.</li> + + <li>By enabling <code class="module"><a href="../mod/mod_include.html">mod_include</a></code> + (and disallowing execution of cgi scripts for + security reasons), we allow the server to include building + blocks of the error message, and to substitute the value of + certain environment variables into the generated document + (dynamic HTML) or even to conditionally include or omit parts + of the text.</li> + + <li>The <code class="directive"><a href="../mod/mod_mime.html#addhandler">AddHandler</a></code> and <code class="directive"><a href="../mod/mod_mime.html#addtype">AddType</a></code> directives + are useful for automatically SSI-expanding all files with a + <code>.shtml</code> suffix to <em>text/html</em>.</li> + + <li>By using the <code class="directive"><a href="../mod/mod_alias.html#alias">Alias</a></code> directive, we + keep the error document directory outside of the document + tree because it can be regarded more as a server part than + part of the document tree.</li> + + <li>The <code class="directive"><a href="../mod/core.html#directory"><Directory></a></code> block + restricts these "special" settings to the error document + directory and avoids an impact on any of the settings for the + regular document tree.</li> + + <li>For each of the error codes to be handled (see RFC2068 + for an exact description of each error code, or look at + <code>src/main/http_protocol.c</code> if you wish to see + apache's standard messages), an <code class="directive"><a href="../mod/core.html#errordocument">ErrorDocument</a></code> in + the aliased <code>/errordocs</code> directory is defined. + Note that we only define the basename of the document here + because the MultiViews option will select the best candidate + based on the language suffixes and the client's preferences. + Any error situation with an error code <em>not</em> handled + by a custom document will be dealt with by the server in the + standard way (<em>i.e.</em>, a plain error message in + english).</li> + + <li>Finally, the <code class="directive"><a href="../mod/core.html#allowoverride">AllowOverride</a></code> directive tells + apache that it is not necessary to look for a .htaccess file + in the /errordocs directory: a minor speed optimization.</li> + </ol> + + <p>The resulting <code>httpd.conf</code> configuration would then + look similar to this:</p> + + <div class="note"><h3>Note</h3>Note that you can define your own + error messages using this method for only part of the document + tree, e.g., a /~user/ subtree. In this case, the configuration + could as well be put into the .htaccess file at the root of the + subtree, and the <Directory> and </Directory> + directives -but not the contained directives- must be + omitted.</div> + +<div class="example"><p><code> + LanguagePriority en fr de <br /> + Alias /errordocs /usr/local/apache/errordocs <br /> + <br /> + <Directory /usr/local/apache/errordocs> <br /> + <span class="indent"> + AllowOverride none <br /> + Options MultiViews IncludesNoExec FollowSymLinks <br /> + AddType text/html .shtml <br /> + <FilesMatch "\.shtml[.$]"> <br /> + <span class="indent"> + SetOutputFilter INCLUDES <br /> + </span> + </FilesMatch> <br /> + </span> + </Directory> <br /> + <br /> + # "400 Bad Request", <br /> + ErrorDocument 400 /errordocs/400 <br /> + # "401 Authorization Required", <br /> + ErrorDocument 401 /errordocs/401 <br /> + # "403 Forbidden", <br /> + ErrorDocument 403 /errordocs/403 <br /> + # "404 Not Found", <br /> + ErrorDocument 404 /errordocs/404 <br /> + # "500 Internal Server Error", <br /> + ErrorDocument 500 /errordocs/500 <br /> +</code></p></div> + + <p>The directory for the error messages (here: + <code>/usr/local/apache/errordocs/</code>) must then be created + with the appropriate permissions (readable and executable by + the server uid or gid, only writable for the administrator).</p> + + <h3><a name="naming" id="naming">Naming the Individual Error Document files</a></h3> + + + + <p>By defining the <code>MultiViews</code> option, the server was + told to automatically scan the directory for matching variants + (looking at language and content type suffixes) when a + requested document was not found. In the configuration, we + defined the names for the error documents to be just their + error number (without any suffix).</p> + + <p>The names of the individual error documents are now + determined like this (I'm using 403 as an example, think of it + as a placeholder for any of the configured error + documents):</p> + + <ul> + <li>No file errordocs/403 should exist. Otherwise, it would + be found and served (with the DefaultType, usually + text/plain), all negotiation would be bypassed.</li> + + <li>For each language for which we have an internationalized + version (note that this need not be the same set of languages + for each error code - you can get by with a single language + version until you actually <em>have</em> translated + versions), a document + <code>errordocs/403.shtml.<em>lang</em></code> is created and + filled with the error text in that language (<a href="#createdocs">see below</a>).</li> + + <li>One fallback document called + <code>errordocs/403.shtml</code> is created, usually by + creating a symlink to the default language variant (<a href="#fallback">see below</a>).</li> + </ul> + + + <h3><a name="headfoot" id="headfoot">The Common Header and Footer Files</a></h3> + + + + <p>By putting as much layout information in two special "include + files", the error documents can be reduced to a bare minimum.</p> + + <p>One of these layout files defines the HTML document header + and a configurable list of paths to the icons to be shown in + the resulting error document. These paths are exported as a set + of SSI environment variables and are later evaluated by the + "footer" special file. The title of the current error (which is + put into the TITLE tag and an H1 header) is simply passed in + from the main error document in a variable called + <code>title</code>.</p> + + <p><strong>By changing this file, the layout of all generated + error messages can be changed in a second.</strong> (By + exploiting the features of SSI, you can easily define + different layouts based on the current virtual host, or even + based on the client's domain name).</p> + + <p>The second layout file describes the footer to be displayed + at the bottom of every error message. In this example, it shows + an apache logo, the current server time, the server version + string and adds a mail reference to the site's webmaster.</p> + + <p>For simplicity, the header file is simply called + <code>head.shtml</code> because it contains server-parsed + content but no language specific information. The footer file + exists once for each language translation, plus a symlink for + the default language.</p> + +<div class="example"><p><code> +for English, French and German versions (default english) <br /> +<br /> +foot.shtml.en, <br /> +foot.shtml.fr, <br /> +foot.shtml.de, <br /> +foot.shtml symlink to <br /> +foot.shtml.en +</code></p></div> + + <p>Both files are included into the error document by using the + directives <code><!--#include virtual="head" --></code> + and <code><!--#include virtual="foot" --></code> + respectively: the rest of the magic occurs in mod_negotiation + and in mod_include.</p> + + <p>See <a href="#listings">the listings below</a> to see an + actual HTML implementation of the discussed example.</p> + + + <h3><a name="createdocs" id="createdocs">Creating ErrorDocuments in Different Languages</a></h3> + + + + <p>After all this preparation work, little remains to be said + about the actual documents. They all share a simple common + structure:</p> + +<div class="example"><p><code> +<!--#set var="title" value="<em>error description title</em>" --> <br /> +<!--#include virtual="head" --> <br /> +<span class="indent"> + <em>explanatory error text</em> <br /> +</span> +<!--#include virtual="foot" --> +</code></p></div> + + <p>In the <a href="#listings">listings section</a>, you can see an + example of a [400 Bad Request] error document. Documents as + simple as that certainly cause no problems to translate or + expand.</p> + + + <h3><a name="fallback" id="fallback">The Fallback Language</a></h3> + + + + <p>Do we need a special handling for languages other than those we + have translations for? We did set the LanguagePriority, didn't + we?!</p> + + <p>Well, the LanguagePriority directive is for the case where + the client does not express any language priority at all. But + what happens in the situation where the client wants one of the + languages we do not have, and none of those we do have?</p> + + <p>Without doing anything, the Apache server will usually + return a [406 no acceptable variant] error, listing the choices + from which the client may select. But we're in an error message + already, and important error information might get lost when + the client had to choose a language representation first.</p> + + <p>So, in this situation it appears to be easier to define a + fallback language (by copying or linking, <em>e.g.</em>, the + english version to a language-less version). Because the + negotiation algorithm prefers "more specialized" variants over + "more generic" variants, these generic alternatives will only + be chosen when the normal negotiation did not succeed.</p> + + <p>A simple shell script to do it (execute within the + errordocs/ dir):</p> + +<div class="example"><p><code> + for f in *.shtml.en <br /> + do <br /> + <span class="indent"> + ln -s $f `basename $f .en` <br /> + </span> + done +</code></p></div> + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="proxy" id="proxy">Customizing Proxy Error Messages</a></h2> + + + + <p>As of Apache-1.3, it is possible to use the + <code>ErrorDocument</code> mechanism for proxy error messages + as well (previous versions always returned fixed predefined + error messages).</p> + + <p>Most proxy errors return an error code of [500 Internal + Server Error]. To find out whether a particular error document + was invoked on behalf of a proxy error or because of some other + server error, and what the reason for the failure was, you can + check the contents of the new <code>ERROR_NOTES</code> CGI + environment variable: if invoked for a proxy error, this + variable will contain the actual proxy error message text in + HTML form.</p> + + <p>The following excerpt demonstrates how to exploit the + <code>ERROR_NOTES</code> variable within an error document:</p> + +<div class="example"><p><code> + <!--#if expr="$REDIRECT_ERROR_NOTES = ''" --> <br /> + <br /> + <p> <br /> + <span class="indent"> + The server encountered an unexpected condition <br /> + which prevented it from fulfilling the request. <br /> + </span> + </p> <br /> +<br /> + <p> <br /> + <span class="indent"> + <a href="mailto:<!--#echo var="SERVER_ADMIN" -->" <br /> + SUBJECT="Error message [<!--#echo var="REDIRECT_STATUS" -->] <!--#echo var="title" --> for <!--#echo var="REQUEST_URI" -->"> <br /> + Please forward this error screen to <!--#echo var="SERVER_NAME" -->'s <br /> + WebMaster</a>; it includes useful debugging information about <br /> + the Request which caused the error. <br /> +<br /> + <pre><!--#printenv --></pre> <br /> + </span> + </p> <br /> + <br /> + <!--#else --> <br /> + <span class="indent"> + <!--#echo var="REDIRECT_ERROR_NOTES" --><br /> + </span> +<br /> + <!--#endif --> +</code></p></div> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="listings" id="listings">HTML Listing of the Discussed Example</a></h2> + + + + <p>So, to summarize our example, here's the complete listing of + the <code>400.shtml.en</code> document. You will notice that it + contains almost nothing but the error text (with conditional + additions). Starting with this example, you will find it easy + to add more error documents, or to translate the error + documents to different languages.</p> + +<div class="example"><p><code> +<!--#set var="title" value="Bad Request"--> <br /> +<!--#include virtual="head" --><br /> +<br /> + <p> <br /> + <span class="indent"> + Your browser sent a request that this server could not understand: <br /> + <blockquote> <br /> + <span class="indent"> + <strong><!--#echo var="REQUEST_URI" --></strong><br /> + </span> + </blockquote> <br /> + <br /> + The request could not be understood by the server due to malformed <br /> + syntax. The client should not repeat the request without <br /> + modifications. <br /> + </span> + </p> <br /> +<br /> + <p> <br /> + <span class="indent"> + <!--#if expr="$HTTP_REFERER != ''" --> <br /> + <span class="indent"> + Please inform the owner of <br /> + <a href="<!--#echo var="HTTP_REFERER" -->">the referring page</a> about <br /> + the malformed link. <br /> + </span> + <br /> + <!--#else --> <br /> + <span class="indent"> + Please check your request for typing errors and retry. <br /> + </span> + <br /> + <!--#endif --> <br /> + </span> + </p> <br /> +<br /> +<!--#include virtual="foot" --> +</code></p></div> + + <p>Here is the complete <code>head.shtml.en</code> file (the funny + line breaks avoid empty lines in the document after SSI + processing). Note the configuration section at top. That's + where you configure the images and logos as well as the apache + documentation directory. Look how this file displays two + different logos depending on the content of the virtual host + name ($SERVER_NAME), and that an animated apache logo is shown + if the browser appears to support it (the latter requires + server configuration lines of the form </p> + + <div class="example"><p><code>BrowserMatch "^Mozilla/[2-4]" anigif</code></p></div> + + <p>for browser types which support animated GIFs).</p> + +<div class="example"><p><code> +<!--#if expr="$SERVER_NAME = /.*\.mycompany\.com/" --><br /> +<span class="indent"> +<!--#set var="IMG_CorpLogo" value="http://$SERVER_NAME:$SERVER_PORT/errordocs/CorpLogo.gif" --><br /> +<!--#set var="ALT_CorpLogo" value="Powered by Linux!" --><br /> +</span> +<br /> +<!--#else --> <br /> +<span class="indent"> +<!--#set var="IMG_CorpLogo" value="http://$SERVER_NAME:$SERVER_PORT/errordocs/PrivLogo.gif" --> <br /> +<!--#set var="ALT_CorpLogo" value="Powered by Linux!" --> <br /> +</span> +<!--#endif--> <br /> +<br /> +<!--#set var="IMG_BgImage" value="http://$SERVER_NAME:$SERVER_PORT/errordocs/BgImage.gif" --> <br /> +<!--#set var="DOC_Apache" value="http://$SERVER_NAME:$SERVER_PORT/Apache/" --> <br /> +<br /> +<!--#if expr="$anigif" --> <br /> +<span class="indent"> +<!--#set var="IMG_Apache" value="http://$SERVER_NAME:$SERVER_PORT/icons/apache_anim.gif" --> <br /> +</span> +<!--#else--><br /> +<span class="indent"> +<!--#set var="IMG_Apache" value="http://$SERVER_NAME:$SERVER_PORT/icons/apache_pb.gif" --><br /> +</span> +<!--#endif--><br /> +<br /> + +<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN"> <br /> +<html> <br /> +<head> <br /> + <span class="indent"> + <title> <br /> + [<!--#echo var="REDIRECT_STATUS" -->] <!--#echo var="title" --> <br /> + </title> <br /> + </span> +</head> <br /> +<br /> +<body bgcolor="white" background="<!--#echo var="IMG_BgImage" -->"> <br /> +<span class="indent"> + <h1 align="center"> <br /> + [<!--#echo var="REDIRECT_STATUS" -->] + <!--#echo var="title" --> <br /> + <img src="<!--#echo var="IMG_CorpLogo" -->" <br /> + alt="<!--#echo var="ALT_CorpLogo" -->" align="right"> <br /> + </h1> <br /> +<br /> + <hr /> + <!-- ======================================================== --> <br /> + <div> +</span> +</code></p></div> + + <p>and this is the <code>foot.shtml.en</code> file:</p> + +<div class="example"><p><code> +<span class="indent"> + </div> <br /> + <hr /> <br /> + <br /> + <div align="right"> <br /> + <span class="indent"> + <small>Local Server time: + <!--#echo var="DATE_LOCAL" --></small> <br /> + </span> + </div> <br /> + <br /> + <div align="center"><br /> + <span class="indent"> + <a href="<!--#echo var="DOC_Apache" -->"> <br /> + <img src="<!--#echo var="IMG_Apache" -->" border="0" align="bottom" <br /> + alt="Powered by <!--#echo var="SERVER_SOFTWARE" -->"></a> <br /> + <br /><br /> + + <small><!--#set var="var" value="Powered by $SERVER_SOFTWARE -- <br /> + File last modified on $LAST_MODIFIED" --> <br /> + <!--#echo var="var" --></small> <br /> + </span> + </div> <br /> + <br /> + <p>If the indicated error looks like a misconfiguration, please inform <br /> + <a href="mailto:<!--#echo var="SERVER_ADMIN" -->" <br /> + subject="Feedback about Error message [<!--#echo var="REDIRECT_STATUS" -->] <br /> + <!--#echo var="title" -->, req=<!--#echo var="REQUEST_URI" -->"> <br /> + <!--#echo var="SERVER_NAME" -->'s WebMaster</a>.<br /> + </p><br /> + </span> +<br /> +</body><br /> +</html> +</code></p></div> + + <p>If you have tips to contribute, send mail to <a href="mailto:martin@apache.org">martin@apache.org</a></p> + </div></div> +<div class="bottomlang"> +<p><span>Available Languages: </span><a href="../en/misc/custom_errordocs.html" title="English"> en </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/descriptors.html b/rubbos/app/httpd-2.0.64/docs/manual/misc/descriptors.html new file mode 100644 index 00000000..e751d582 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/descriptors.html @@ -0,0 +1,5 @@ +# GENERATED FROM XML -- DO NOT EDIT + +URI: descriptors.html.en +Content-Language: en +Content-type: text/html; charset=ISO-8859-1 diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/descriptors.html.en b/rubbos/app/httpd-2.0.64/docs/manual/misc/descriptors.html.en new file mode 100644 index 00000000..005356d6 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/descriptors.html.en @@ -0,0 +1,233 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>Descriptors and Apache - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>Descriptors and Apache</h1> +<div class="toplang"> +<p><span>Available Languages: </span><a href="../en/misc/descriptors.html" title="English"> en </a></p> +</div> + + + <div class="warning"><h3>Warning:</h3> + <p>This document has not been fully updated + to take into account changes made in the 2.0 version of the + Apache HTTP Server. Some of the information may still be + relevant, but please use it with care.</p> + </div> + + <p>A <em>descriptor</em>, also commonly called a <em>file + handle</em> is an object that a program uses to read or write + an open file, or open network socket, or a variety of other + devices. It is represented by an integer, and you may be + familiar with <code>stdin</code>, <code>stdout</code>, and + <code>stderr</code> which are descriptors 0, 1, and 2 + respectively. Apache needs a descriptor for each log file, plus + one for each network socket that it listens on, plus a handful + of others. Libraries that Apache uses may also require + descriptors. Normal programs don't open up many descriptors at + all, and so there are some latent problems that you may + experience should you start running Apache with many + descriptors (<em>i.e.</em>, with many virtual hosts).</p> + + <p>The operating system enforces a limit on the number of + descriptors that a program can have open at a time. There are + typically three limits involved here. One is a kernel + limitation, depending on your operating system you will either + be able to tune the number of descriptors available to higher + numbers (this is frequently called <em>FD_SETSIZE</em>). Or you + may be stuck with a (relatively) low amount. The second limit + is called the <em>hard resource</em> limit, and it is sometimes + set by root in an obscure operating system file, but frequently + is the same as the kernel limit. The third limit is called the + <em>soft resource</em> limit. The soft limit is always less + than or equal to the hard limit. For example, the hard limit + may be 1024, but the soft limit only 64. Any user can raise + their soft limit up to the hard limit. Root can raise the hard + limit up to the system maximum limit. The soft limit is the + actual limit that is used when enforcing the maximum number of + files a process can have open.</p> + + <p>To summarize:</p> + +<div class="example"><p><code> + #open files <= soft limit <= hard limit <= kernel limit +</code></p></div> + + + <p>You control the hard and soft limits using the + <code>limit</code> (csh) or <code>ulimit</code> (sh) + directives. See the respective man pages for more information. + For example you can probably use <code>ulimit -n + unlimited</code> to raise your soft limit up to the hard limit. + You should include this command in a shell script which starts + your webserver.</p> + + <p>Unfortunately, it's not always this simple. As mentioned + above, you will probably run into some system limitations that + will need to be worked around somehow. Work was done in version + 1.2.1 to improve the situation somewhat. Here is a partial list + of systems and workarounds (assuming you are using 1.2.1 or + later).</p> + + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#bsdi">BSDI 2.0</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#freebsd">FreeBSD 2.2, BSDI 2.1+</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#linux">Linux</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#solaris">Solaris through 2.5.1</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#AIX">AIX</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#sco">SCO OpenServer</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#tru64">Compaq Tru64 UNIX/Digital UNIX/OSF</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#others">Others</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="bsdi" id="bsdi">BSDI 2.0</a></h2> + + <p>Under BSDI 2.0 you can build Apache to support more + descriptors by adding <code>-DFD_SETSIZE=nnn</code> to + <code>EXTRA_CFLAGS</code> (where nnn is the number of + descriptors you wish to support, keep it less than the hard + limit). But it will run into trouble if more than + approximately 240 Listen directives are used. This may be + cured by rebuilding your kernel with a higher + FD_SETSIZE.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="freebsd" id="freebsd">FreeBSD 2.2, BSDI 2.1+</a></h2> + + <p>Similar to the BSDI 2.0 case, you should define + <code>FD_SETSIZE</code> and rebuild. But the extra Listen + limitation doesn't exist.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="linux" id="linux">Linux</a></h2> + + <p>By default Linux has a kernel maximum of 256 open + descriptors per process. There are several patches available + for the 2.0.x series which raise this to 1024 and beyond, and + you can find them in the "unofficial patches" section of <a href="http://www.linuxhq.com/">the Linux Information HQ</a>. + None of these patches are perfect, and an entirely different + approach is likely to be taken during the 2.1.x development. + Applying these patches will raise the FD_SETSIZE used to + compile all programs, and unless you rebuild all your + libraries you should avoid running any other program with a + soft descriptor limit above 256. As of this writing the + patches available for increasing the number of descriptors do + not take this into account. On a dedicated webserver you + probably won't run into trouble.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="solaris" id="solaris">Solaris through 2.5.1</a></h2> + + <p>Solaris has a kernel hard limit of 1024 (may be lower in + earlier versions). But it has a limitation that files using + the stdio library cannot have a descriptor above 255. Apache + uses the stdio library for the ErrorLog directive. When you + have more than approximately 110 virtual hosts (with an error + log and an access log each) you will need to build Apache + with <code>-DHIGH_SLACK_LINE=256</code> added to + <code>EXTRA_CFLAGS</code>. You will be limited to + approximately 240 error logs if you do this.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="AIX" id="AIX">AIX</a></h2> + + <p>AIX version 3.2?? appears to have a hard limit of 128 + descriptors. End of story. Version 4.1.5 has a hard limit of + 2000.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="sco" id="sco">SCO OpenServer</a></h2> + + <p>Edit the <code>/etc/conf/cf.d/stune</code> file or use + <code>/etc/conf/cf.d/configure</code> choice 7 (User and + Group configuration) and modify the <code>NOFILES</code> + kernel parameter to a suitably higher value. SCO recommends a + number between 60 and 11000, the default is 110. Relink and + reboot, and the new number of descriptors will be + available.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="tru64" id="tru64">Compaq Tru64 UNIX/Digital UNIX/OSF</a></h2> + + <ol> + <li>Raise <code>open_max_soft</code> and + <code>open_max_hard</code> to 4096 in the proc subsystem. + Do a man on sysconfig, sysconfigdb, and + sysconfigtab.</li> + + <li>Raise <code>max-vnodes</code> to a large number which + is greater than the number of apache processes * 4096 + (Setting it to 250,000 should be good for most people). + Do a man on sysconfig, sysconfigdb, and + sysconfigtab.</li> + + <li>If you are using Tru64 5.0, 5.0A, or 5.1, define + <code>NO_SLACK</code> to work around a bug in the OS. + <code>CFLAGS="-DNO_SLACK" ./configure</code></li> + </ol> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="others" id="others">Others</a></h2> + + <p>If you have details on another operating system, please + submit it through our <a href="http://httpd.apache.org/bug_report.html">Bug Report + Page</a>.</p> + + <p>In addition to the problems described above there are + problems with many libraries that Apache uses. The most common + example is the bind DNS resolver library that is used by pretty + much every unix, which fails if it ends up with a descriptor + above 256. We suspect there are other libraries that similar + limitations. So the code as of 1.2.1 takes a defensive stance + and tries to save descriptors less than 16 for use while + processing each request. This is called the <em>low slack + line</em>.</p> + + <p>Note that this shouldn't waste descriptors. If you really + are pushing the limits and Apache can't get a descriptor above + 16 when it wants it, it will settle for one below 16.</p> + + <p>In extreme situations you may want to lower the low slack + line, but you shouldn't ever need to. For example, lowering it + can increase the limits 240 described above under Solaris and + BSDI 2.0. But you'll play a delicate balancing game with the + descriptors needed to serve a request. Should you want to play + this game, the compile time parameter is + <code>LOW_SLACK_LINE</code> and there's a tiny bit of + documentation in the header file <code>httpd.h</code>.</p> + + <p>Finally, if you suspect that all this slack stuff is causing + you problems, you can disable it. Add <code>-DNO_SLACK</code> + to <code>EXTRA_CFLAGS</code> and rebuild. But please report it + to our <a href="http://httpd.apache.org/bug_report.html">Bug + Report Page</a> so that we can investigate. </p> + + </div></div> +<div class="bottomlang"> +<p><span>Available Languages: </span><a href="../en/misc/descriptors.html" title="English"> en </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/fin_wait_2.html b/rubbos/app/httpd-2.0.64/docs/manual/misc/fin_wait_2.html new file mode 100644 index 00000000..64957238 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/fin_wait_2.html @@ -0,0 +1,5 @@ +# GENERATED FROM XML -- DO NOT EDIT + +URI: fin_wait_2.html.en +Content-Language: en +Content-type: text/html; charset=ISO-8859-1 diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/fin_wait_2.html.en b/rubbos/app/httpd-2.0.64/docs/manual/misc/fin_wait_2.html.en new file mode 100644 index 00000000..60da4b0d --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/fin_wait_2.html.en @@ -0,0 +1,422 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>Connections in the FIN_WAIT_2 state and Apache - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>Connections in the FIN_WAIT_2 state and Apache</h1> +<div class="toplang"> +<p><span>Available Languages: </span><a href="../en/misc/fin_wait_2.html" title="English"> en </a></p> +</div> + + + <div class="warning"><h3>Warning:</h3> + <p>This document has not been fully updated + to take into account changes made in the 2.0 version of the + Apache HTTP Server. Some of the information may still be + relevant, but please use it with care.</p> + </div> + + <p>Starting with the Apache 1.2 betas, people are reporting + many more connections in the FIN_WAIT_2 state (as reported + by <code>netstat</code>) than they saw using older + versions. When the server closes a TCP connection, it sends + a packet with the FIN bit set to the client, which then + responds with a packet with the ACK bit set. The client + then sends a packet with the FIN bit set to the server, + which responds with an ACK and the connection is closed. + The state that the connection is in during the period + between when the server gets the ACK from the client and + the server gets the FIN from the client is known as + FIN_WAIT_2. See the <a href="ftp://ds.internic.net/rfc/rfc793.txt">TCP RFC</a> for + the technical details of the state transitions.</p> + + <p>The FIN_WAIT_2 state is somewhat unusual in that there + is no timeout defined in the standard for it. This means + that on many operating systems, a connection in the + FIN_WAIT_2 state will stay around until the system is + rebooted. If the system does not have a timeout and too + many FIN_WAIT_2 connections build up, it can fill up the + space allocated for storing information about the + connections and crash the kernel. The connections in + FIN_WAIT_2 do not tie up an httpd process.</p> + + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#why">Why Does It Happen?</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#what">What Can I Do About it?</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#appendix">Appendix</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="why" id="why">Why Does It Happen?</a></h2> + + <p>There are numerous reasons for it happening, some of them + may not yet be fully clear. What is known follows.</p> + + <h3><a name="buggy" id="buggy">Buggy Clients and Persistent + Connections</a></h3> + + <p>Several clients have a bug which pops up when dealing with + persistent connections (aka + keepalives). When the connection is idle and the server + closes the connection (based on the <code class="directive"><a href="../mod/core.html#keepalivetimeout">KeepAliveTimeout</a></code>), + the client is programmed so that the client does not send + back a FIN and ACK to the server. This means that the + connection stays in the FIN_WAIT_2 state until one of the + following happens:</p> + + <ul> + <li>The client opens a new connection to the same or a + different site, which causes it to fully close the older + connection on that socket.</li> + + <li>The user exits the client, which on some (most?) + clients causes the OS to fully shutdown the + connection.</li> + + <li>The FIN_WAIT_2 times out, on servers that have a + timeout for this state.</li> + </ul> + + <p>If you are lucky, this means that the buggy client will + fully close the connection and release the resources on + your server. However, there are some cases where the socket + is never fully closed, such as a dialup client + disconnecting from their provider before closing the + client. In addition, a client might sit idle for days + without making another connection, and thus may hold its + end of the socket open for days even though it has no + further use for it. <strong>This is a bug in the browser or + in its operating system's TCP implementation.</strong></p> + + <p>The clients on which this problem has been verified to + exist:</p> + + <ul> + <li>Mozilla/3.01 (X11; I; FreeBSD 2.1.5-RELEASE + i386)</li> + + <li>Mozilla/2.02 (X11; I; FreeBSD 2.1.5-RELEASE + i386)</li> + + <li>Mozilla/3.01Gold (X11; I; SunOS 5.5 sun4m)</li> + + <li>MSIE 3.01 on the Macintosh</li> + + <li>MSIE 3.01 on Windows 95</li> + </ul> + + <p>This does not appear to be a problem on:</p> + + <ul> + <li>Mozilla/3.01 (Win95; I)</li> + </ul> + + <p>It is expected that many other clients have the same + problem. What a client <strong>should do</strong> is + periodically check its open socket(s) to see if they have + been closed by the server, and close their side of the + connection if the server has closed. This check need only + occur once every few seconds, and may even be detected by a + OS signal on some systems (<em>e.g.</em>, Win95 and NT + clients have this capability, but they seem to be ignoring + it).</p> + + <p>Apache <strong>cannot</strong> avoid these FIN_WAIT_2 + states unless it disables persistent connections for the + buggy clients, just like we recommend doing for Navigator + 2.x clients due to other bugs. However, non-persistent + connections increase the total number of connections needed + per client and slow retrieval of an image-laden web page. + Since non-persistent connections have their own resource + consumptions and a short waiting period after each closure, + a busy server may need persistence in order to best serve + its clients.</p> + + <p>As far as we know, the client-caused FIN_WAIT_2 problem + is present for all servers that support persistent + connections, including Apache 1.1.x and 1.2.</p> + + + + <h3><a name="code" id="code">A necessary bit of code + introduced in 1.2</a></h3> + + <p>While the above bug is a problem, it is not the whole + problem. Some users have observed no FIN_WAIT_2 problems + with Apache 1.1.x, but with 1.2b enough connections build + up in the FIN_WAIT_2 state to crash their server. The most + likely source for additional FIN_WAIT_2 states is a + function called <code>lingering_close()</code> which was + added between 1.1 and 1.2. This function is necessary for + the proper handling of persistent connections and any + request which includes content in the message body + (<em>e.g.</em>, PUTs and POSTs). What it does is read any + data sent by the client for a certain time after the server + closes the connection. The exact reasons for doing this are + somewhat complicated, but involve what happens if the + client is making a request at the same time the server + sends a response and closes the connection. Without + lingering, the client might be forced to reset its TCP + input buffer before it has a chance to read the server's + response, and thus understand why the connection has + closed. See the <a href="#appendix">appendix</a> for more + details.</p> + + <p>The code in <code>lingering_close()</code> appears to + cause problems for a number of factors, including the + change in traffic patterns that it causes. The code has + been thoroughly reviewed and we are not aware of any bugs + in it. It is possible that there is some problem in the BSD + TCP stack, aside from the lack of a timeout for the + FIN_WAIT_2 state, exposed by the + <code>lingering_close</code> code that causes the observed + problems.</p> + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="what" id="what">What Can I Do About it?</a></h2> + + <p>There are several possible workarounds to the problem, some + of which work better than others.</p> + + <h3><a name="add_timeout" id="add_timeout">Add a timeout for FIN_WAIT_2</a></h3> + + <p>The obvious workaround is to simply have a timeout for the + FIN_WAIT_2 state. This is not specified by the RFC, and + could be claimed to be a violation of the RFC, but it is + widely recognized as being necessary. The following systems + are known to have a timeout:</p> + + <ul> + <li><a href="http://www.freebsd.org/">FreeBSD</a> + versions starting at 2.0 or possibly earlier.</li> + + <li><a href="http://www.netbsd.org/">NetBSD</a> version + 1.2(?)</li> + + <li><a href="http://www.openbsd.org/">OpenBSD</a> all + versions(?)</li> + + <li><a href="http://www.bsdi.com/">BSD/OS</a> 2.1, with + the <a href="ftp://ftp.bsdi.com/bsdi/patches/patches-2.1/K210-027"> + K210-027</a> patch installed.</li> + + <li><a href="http://www.sun.com/">Solaris</a> as of + around version 2.2. The timeout can be tuned by using + <code>ndd</code> to modify + <code>tcp_fin_wait_2_flush_interval</code>, but the + default should be appropriate for most servers and + improper tuning can have negative impacts.</li> + + <li><a href="http://www.linux.org/">Linux</a> 2.0.x and + earlier(?)</li> + + <li><a href="http://www.hp.com/">HP-UX</a> 10.x defaults + to terminating connections in the FIN_WAIT_2 state after + the normal keepalive timeouts. This does not refer to the + persistent connection or HTTP keepalive timeouts, but the + <code>SO_LINGER</code> socket option which is enabled by + Apache. This parameter can be adjusted by using + <code>nettune</code> to modify parameters such as + <code>tcp_keepstart</code> and <code>tcp_keepstop</code>. + In later revisions, there is an explicit timer for + connections in FIN_WAIT_2 that can be modified; contact + HP support for details.</li> + + <li><a href="http://www.sgi.com/">SGI IRIX</a> can be + patched to support a timeout. For IRIX 5.3, 6.2, and 6.3, + use patches 1654, 1703 and 1778 respectively. If you have + trouble locating these patches, please contact your SGI + support channel for help.</li> + + <li><a href="http://www.ncr.com/">NCR's MP RAS Unix</a> + 2.xx and 3.xx both have FIN_WAIT_2 timeouts. In 2.xx it + is non-tunable at 600 seconds, while in 3.xx it defaults + to 600 seconds and is calculated based on the tunable + "max keep alive probes" (default of 8) multiplied by the + "keep alive interval" (default 75 seconds).</li> + + <li><a href="http://www.sequent.com">Sequent's ptx/TCP/IP + for DYNIX/ptx</a> has had a FIN_WAIT_2 timeout since + around release 4.1 in mid-1994.</li> + </ul> + + <p>The following systems are known to not have a + timeout:</p> + + <ul> + <li><a href="http://www.sun.com/">SunOS 4.x</a> does not + and almost certainly never will have one because it as at + the very end of its development cycle for Sun. If you + have kernel source should be easy to patch.</li> + </ul> + + <p>There is a <a href="http://www.apache.org/dist/httpd/contrib/patches/1.2/fin_wait_2.patch"> + patch available</a> for adding a timeout to the FIN_WAIT_2 + state; it was originally intended for BSD/OS, but should be + adaptable to most systems using BSD networking code. You + need kernel source code to be able to use it.</p> + + + + <h3><a name="no_lingering" id="no_lingering">Compile without using + <code>lingering_close()</code></a></h3> + + <p>It is possible to compile Apache 1.2 without using the + <code>lingering_close()</code> function. This will result + in that section of code being similar to that which was in + 1.1. If you do this, be aware that it can cause problems + with PUTs, POSTs and persistent connections, especially if + the client uses pipelining. That said, it is no worse than + on 1.1, and we understand that keeping your server running + is quite important.</p> + + <p>To compile without the <code>lingering_close()</code> + function, add <code>-DNO_LINGCLOSE</code> to the end of the + <code>EXTRA_CFLAGS</code> line in your + <code>Configuration</code> file, rerun + <code class="program"><a href="../programs/Configure.html">Configure</a></code> and rebuild the server.</p> + + + + <h3><a name="so_linger" id="so_linger">Use <code>SO_LINGER</code> as + an alternative to <code>lingering_close()</code></a></h3> + + <p>On most systems, there is an option called + <code>SO_LINGER</code> that can be set with + <code>setsockopt(2)</code>. It does something very similar + to <code>lingering_close()</code>, except that it is broken + on many systems so that it causes far more problems than + <code>lingering_close</code>. On some systems, it could + possibly work better so it may be worth a try if you have + no other alternatives.</p> + + <p>To try it, add <code>-DUSE_SO_LINGER + -DNO_LINGCLOSE</code> to the end of the + <code>EXTRA_CFLAGS</code> line in your + <code>Configuration</code> file, rerun + <code class="program"><a href="../programs/Configure.html">Configure</a></code> and rebuild the server.</p> + + <div class="note"><h3>NOTE</h3>Attempting to use + <code>SO_LINGER</code> and <code>lingering_close()</code> + at the same time is very likely to do very bad things, so + don't.</div> + + + + <h3><a name="increase_mem" id="increase_mem">Increase the amount of memory + used for storing connection state</a></h3> + + <dl> + <dt>BSD based networking code:</dt> + + <dd> + BSD stores network data, such as connection states, in + something called an mbuf. When you get so many + connections that the kernel does not have enough mbufs + to put them all in, your kernel will likely crash. You + can reduce the effects of the problem by increasing the + number of mbufs that are available; this will not + prevent the problem, it will just make the server go + longer before crashing. + + <p>The exact way to increase them may depend on your + OS; look for some reference to the number of "mbufs" or + "mbuf clusters". On many systems, this can be done by + adding the line <code>NMBCLUSTERS="n"</code>, where + <code>n</code> is the number of mbuf clusters you want + to your kernel config file and rebuilding your + kernel.</p> + </dd> + </dl> + + + + <h3><a name="disable" id="disable">Disable KeepAlive</a></h3> + + <p>If you are unable to do any of the above then you + should, as a last resort, disable KeepAlive. Edit your + httpd.conf and change "KeepAlive On" to "KeepAlive + Off".</p> + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="appendix" id="appendix">Appendix</a></h2> + + <p>Below is a message from Roy Fielding, one of the authors + of HTTP/1.1.</p> + + <h3><a name="message" id="message">Why the lingering close + functionality is necessary with HTTP</a></h3> + + <p>The need for a server to linger on a socket after a close + is noted a couple times in the HTTP specs, but not + explained. This explanation is based on discussions between + myself, Henrik Frystyk, Robert S. Thau, Dave Raggett, and + John C. Mallery in the hallways of MIT while I was at W3C.</p> + + <p>If a server closes the input side of the connection + while the client is sending data (or is planning to send + data), then the server's TCP stack will signal an RST + (reset) back to the client. Upon receipt of the RST, the + client will flush its own incoming TCP buffer back to the + un-ACKed packet indicated by the RST packet argument. If + the server has sent a message, usually an error response, + to the client just before the close, and the client + receives the RST packet before its application code has + read the error message from its incoming TCP buffer and + before the server has received the ACK sent by the client + upon receipt of that buffer, then the RST will flush the + error message before the client application has a chance to + see it. The result is that the client is left thinking that + the connection failed for no apparent reason.</p> + + <p>There are two conditions under which this is likely to + occur:</p> + + <ol> + <li>sending POST or PUT data without proper + authorization</li> + + <li>sending multiple requests before each response + (pipelining) and one of the middle requests resulting in + an error or other break-the-connection result.</li> + </ol> + + <p>The solution in all cases is to send the response, close + only the write half of the connection (what shutdown is + supposed to do), and continue reading on the socket until + it is either closed by the client (signifying it has + finally read the response) or a timeout occurs. That is + what the kernel is supposed to do if SO_LINGER is set. + Unfortunately, SO_LINGER has no effect on some systems; on + some other systems, it does not have its own timeout and + thus the TCP memory segments just pile-up until the next + reboot (planned or not).</p> + + <p>Please note that simply removing the linger code will + not solve the problem -- it only moves it to a different + and much harder one to detect.</p> + + </div></div> +<div class="bottomlang"> +<p><span>Available Languages: </span><a href="../en/misc/fin_wait_2.html" title="English"> en </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/index.html b/rubbos/app/httpd-2.0.64/docs/manual/misc/index.html new file mode 100644 index 00000000..23ec1ec0 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/index.html @@ -0,0 +1,9 @@ +# GENERATED FROM XML -- DO NOT EDIT + +URI: index.html.en +Content-Language: en +Content-type: text/html; charset=ISO-8859-1 + +URI: index.html.tr.utf8 +Content-Language: tr +Content-type: text/html; charset=UTF-8 diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/index.html.en b/rubbos/app/httpd-2.0.64/docs/manual/misc/index.html.en new file mode 100644 index 00000000..81445841 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/index.html.en @@ -0,0 +1,121 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>Apache Miscellaneous Documentation - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page" class="no-sidebar"><div id="page-header"> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="../"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a></div><div id="page-content"><div id="preamble"><h1>Apache Miscellaneous Documentation</h1> +<div class="toplang"> +<p><span>Available Languages: </span><a href="../en/misc/" title="English"> en </a> | +<a href="../tr/misc/" hreflang="tr" rel="alternate" title="Türkçe"> tr </a></p> +</div> + + + <p>Below is a list of additional documentation pages that apply + to the Apache web server development project.</p> + + <div class="warning"><h3>Warning</h3> + <p>Some of the documents below have not been fully updated + to take into account changes made in the 2.0 version of the + Apache HTTP Server. Some of the information may still be + relevant, but please use it with care.</p> + </div> + + <dl> + <dt><a href="custom_errordocs.html">How to use XSSI and + Negotiation for custom ErrorDocuments</a></dt> + + <dd> + <p>Describes a solution which uses XSSI and negotiation to + custom-tailor the Apache ErrorDocuments to taste, adding the + advantage of returning internationalized versions of the + error messages depending on the client's language + preferences.</p> + </dd> + + <dt><a href="descriptors.html">File Descriptor use in + Apache</a></dt> + + <dd> + <p>Describes how Apache uses file descriptors and talks + about various limits imposed on the number of descriptors + available by various operating systems.</p> + </dd> + + <dt><a href="fin_wait_2.html"><code>FIN_WAIT_2</code></a></dt> + + <dd> + <p>A description of the causes of Apache processes going + into the <code>FIN_WAIT_2</code> state, and what you can do + about it.</p> + </dd> + + <dt><a href="known_client_problems.html">Known Client + Problems</a></dt> + + <dd> + <p>A list of problems in HTTP clients which can be mitigated + by Apache.</p> + </dd> + + <dt><a href="perf-tuning.html">Performance Notes - Apache + Tuning</a></dt> + + <dd> + <p>Notes about how to (run-time and compile-time) configure + Apache for highest performance. Notes explaining why Apache + does some things, and why it doesn't do other things (which + make it slower/faster).</p> + </dd> + + <dt><a href="security_tips.html">Security Tips</a></dt> + + <dd> + <p>Some "do"s - and "don't"s - for keeping your Apache web + site secure.</p> + </dd> + + <dt><a href="rewriteguide.html">URL Rewriting Guide</a></dt> + <dd> + <p>This document supplements the <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> + <a href="../mod/mod_rewrite.html">reference documentation</a>. + It describes how one can use Apache's <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> + to solve typical URL-based problems webmasters are usually confronted + with in practice.</p> + </dd> + + <dt><a href="tutorials.html">Apache Tutorials</a></dt> + + <dd> + <p>A list of external resources which help to accomplish common + tasks with the Apache HTTP server.</p> + </dd> + + <dt><a href="relevant_standards.html">Relevant Standards</a></dt> + + <dd> + <p>This document acts as a reference page for most of the relevant + standards that Apache follows.</p> + </dd> + </dl> + </div> +</div> +<div class="bottomlang"> +<p><span>Available Languages: </span><a href="../en/misc/" title="English"> en </a> | +<a href="../tr/misc/" hreflang="tr" rel="alternate" title="Türkçe"> tr </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/index.html.tr.utf8 b/rubbos/app/httpd-2.0.64/docs/manual/misc/index.html.tr.utf8 new file mode 100644 index 00000000..e4cb8a26 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/index.html.tr.utf8 @@ -0,0 +1,122 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="tr" xml:lang="tr"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>Çeşitli Belgeler - Apache HTTP Sunucusu</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page" class="no-sidebar"><div id="page-header"> +<p class="menu"><a href="../mod/">Modüller</a> | <a href="../mod/directives.html">Yönergeler</a> | <a href="../faq/">SSS</a> | <a href="../glossary.html">Terimler</a> | <a href="../sitemap.html">Site Haritası</a></p> +<p class="apache">Apache HTTP Sunucusu Sürüm 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="../"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Sunucusu</a> > <a href="http://httpd.apache.org/docs/">Belgeleme</a> > <a href="../">Sürüm 2.0</a></div><div id="page-content"><div id="preamble"><h1>Çeşitli Belgeler</h1> +<div class="toplang"> +<p><span>Mevcut Diller: </span><a href="../en/misc/" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../tr/misc/" title="Türkçe"> tr </a></p> +</div> + + + <p>Aşağıda listelenen belgeler de Apache HTTP sunucusu geliştirme projesi + kapsamındadır.</p> + + <div class="warning"><h3>Uyarı</h3> + <p>Aşağıdaki belgeler, Apache HTTP Sunucusunun 2.0 sürümünde yapılmış + değişikliklere göre tam olarak güncellenmemiştir. Hala güncel kalmış + bazı bilgiler olabilir, fakat siz yine de bu belgeleri kullanırken + dikkatli olun.</p> + </div> + + <dl> + <dt><a href="custom_errordocs.html">Hata belgelerinin özelleştirilmesi + için XSSI ve içerik uzlaşımının kullanımı</a></dt> + + <dd> + <p>Belgede, istemcinin dil tercihlerine bağlı olarak hata + iletilerinin yerelleştirilmiş sürümlerini döndürmenin yanında + Apache hata belgelerine bir çeşni katmak için XSSI ve içerik + uzlaşımının kullanımıyla ilgili bir çözüme yer verilmiştir.</p> + </dd> + + <dt><a href="descriptors.html">Apache’de dosya tanıtıcılarının + kullanımı</a></dt> + + <dd> + <p>Belgede, Apache’nin çeşitli işletim sistemleri tarafından + dayatılan dosya tanıtıcı miktarları için işletim sistemleri ile + nasıl anlaştığı ve bu dosya tanıtıcılarını nasıl kullandığı + açıklanmıştır.</p> + </dd> + + <dt><a href="fin_wait_2.html"><code>FIN_WAIT_2</code></a></dt> + + <dd> + <p>Belgede, Apache’nin <code>FIN_WAIT_2</code> durumuna girme + sebepleri ile bu konuda neler yapılabileceği açıklanmıştır.</p> + </dd> + + <dt><a href="known_client_problems.html">Bilinen İstemci Sorunları</a> + </dt> + + <dd> + <p>Belgede, HTTP istemcilerinden kaynaklanan bazı sorunların Apache + tarafından hafifletilebilenlerinin bir listesi yer almaktadır.</p> + </dd> + + <dt><a href="perf-tuning.html">Başarım Arttırma İpuçları - Apache’ye + İnce Ayar Çekilmesi</a></dt> + + <dd> + <p>Yüksek başarım elde etmek için Apache yapılandırmasında (çalışma + anında ve derleme sırasında) yapılacaklar ile ilgili bazı bilgiler + yanında Apache’de bazı şeylerin (bir şeyleri hızlandıran ve + yavaşlatan şeylerin) yapılma ve yapılmama sebepleri + açıklanmıştır.</p> + </dd> + + <dt><a href="security_tips.html">Güvenlik İpuçları</a></dt> + + <dd> + <p>Apache HTTP sitenizi güvenli kılmak için yapılacaklar ve + yapılmayacaklar.</p> + </dd> + + <dt><a href="rewriteguide.html">URL Yeniden Yazma Rehberi</a></dt> + + <dd> + <p>Bu belge <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> modülünün <a href="../mod/mod_rewrite.html">başvuru belgesi</a> yerine geçer. + Site yöneticilerinin sıkça karşılaştıkları belli başlı URL temelli + sorunları çözümlemek için Apache’nin <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> + modülünün nasıl kullanılacağını açıklar.</p> + </dd> + + <dt><a href="tutorials.html">Apache Öğreticileri</a></dt> + + <dd> + <p>Apache HTTP Sunucusu ile ilgili görevlerinizi yerine getirmenize + yardımcı olacak harici kaynakların bir listesi.</p> + </dd> + + <dt><a href="relevant_standards.html">İlgili Standartlar</a></dt> + + <dd> + <p>Bu belge Apache’nin uyacağı standartların bir çoğuna atıfta + bulunmak amacıyla hazırlanmıştır.</p> + </dd> + </dl> + + </div> +</div> +<div class="bottomlang"> +<p><span>Mevcut Diller: </span><a href="../en/misc/" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../tr/misc/" title="Türkçe"> tr </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br /><a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a> altında lisanslıdır.</p> +<p class="menu"><a href="../mod/">Modüller</a> | <a href="../mod/directives.html">Yönergeler</a> | <a href="../faq/">SSS</a> | <a href="../glossary.html">Terimler</a> | <a href="../sitemap.html">Site Haritası</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/known_client_problems.html b/rubbos/app/httpd-2.0.64/docs/manual/misc/known_client_problems.html new file mode 100644 index 00000000..9f5b039f --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/known_client_problems.html @@ -0,0 +1,5 @@ +# GENERATED FROM XML -- DO NOT EDIT + +URI: known_client_problems.html.en +Content-Language: en +Content-type: text/html; charset=ISO-8859-1 diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/known_client_problems.html.en b/rubbos/app/httpd-2.0.64/docs/manual/misc/known_client_problems.html.en new file mode 100644 index 00000000..cfc02954 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/known_client_problems.html.en @@ -0,0 +1,408 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>Known Problems in Clients - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>Known Problems in Clients</h1> +<div class="toplang"> +<p><span>Available Languages: </span><a href="../en/misc/known_client_problems.html" title="English"> en </a></p> +</div> + + + <div class="warning"><h3>Warning:</h3> + <p>This document has not been fully updated + to take into account changes made in the 2.0 version of the + Apache HTTP Server. Some of the information may still be + relevant, but please use it with care.</p> + </div> + + <p>Over time the Apache Group has discovered or been notified + of problems with various clients which we have had to work + around, or explain. This document describes these problems and + the workarounds available. It's not arranged in any particular + order. Some familiarity with the standards is assumed, but not + necessary.</p> + + <p>For brevity, <em>Navigator</em> will refer to Netscape's + Navigator product (which in later versions was renamed + "Communicator" and various other names), and <em>MSIE</em> will + refer to Microsoft's Internet Explorer product. All trademarks + and copyrights belong to their respective companies. We welcome + input from the various client authors to correct + inconsistencies in this paper, or to provide us with exact + version numbers where things are broken/fixed.</p> + + <p>For reference, <a href="ftp://ds.internic.net/rfc/rfc1945.txt">RFC1945</a> + defines HTTP/1.0, and <a href="ftp://ds.internic.net/rfc/rfc2068.txt">RFC2068</a> + defines HTTP/1.1. Apache as of version 1.2 is an HTTP/1.1 + server (with an optional HTTP/1.0 proxy).</p> + + <p>Various of these workarounds are triggered by environment + variables. The admin typically controls which are set, and for + which clients, by using <code>mod_browser</code>. Unless + otherwise noted all of these workarounds exist in versions 1.2 + and later.</p> + + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#trailing-crlf">Trailing CRLF on POSTs</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#broken-keepalive">Broken KeepAlive</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#force-response-1.0">Incorrect interpretation of + <code>HTTP/1.1</code> in response</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#msie4.0b2">Requests use HTTP/1.1 but + responses must be in HTTP/1.0</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#byte-257">Boundary problems with + header parsing</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#boundary-string">Multipart responses and + Quoted Boundary Strings</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#byterange-requests">Byterange Requests</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#cookie-merge"><code>Set-Cookie</code> header is + unmergeable</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#gif89-expires"><code>Expires</code> headers + and GIF89A animations</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#no-content-length"><code>POST</code> without + <code>Content-Length</code></a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#jdk-12-bugs">JDK 1.2 betas lose + parts of responses.</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#content-type-persistent"><code>Content-Type</code> + change is not noticed after reload</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#msie-cookie-y2k">MSIE Cookie + problem with expiry date in the year 2000</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#lynx-negotiate-trans">Lynx incorrectly asking for + transparent content negotiation</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#ie40-vary">MSIE 4.0 mishandles Vary + response header</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="trailing-crlf" id="trailing-crlf">Trailing CRLF on POSTs</a></h2> + + <p>This is a legacy issue. The CERN webserver required + <code>POST</code> data to have an extra <code>CRLF</code> + following it. Thus many clients send an extra <code>CRLF</code> + that is not included in the <code>Content-Length</code> of the + request. Apache works around this problem by eating any empty + lines which appear before a request.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="broken-keepalive" id="broken-keepalive">Broken KeepAlive</a></h2> + + <p>Various clients have had broken implementations of + <em>keepalive</em> (persistent connections). In particular the + Windows versions of Navigator 2.0 get very confused when the + server times out an idle connection. The workaround is present + in the default config files:</p> + + <div class="example"><p><code> + BrowserMatch Mozilla/2 nokeepalive + </code></p></div> + + <p>Note that this matches some earlier versions of MSIE, which + began the practice of calling themselves <em>Mozilla</em> in + their user-agent strings just like Navigator.</p> + + <p>MSIE 4.0b2, which claims to support HTTP/1.1, does not + properly support keepalive when it is used on 301 or 302 + (redirect) responses. Unfortunately Apache's + <code>nokeepalive</code> code prior to 1.2.2 would not work + with HTTP/1.1 clients. You must apply <a href="http://www.apache.org/dist/httpd/patches/apply_to_1.2.1/msie_4_0b2_fixes.patch"> + this patch</a> to version 1.2.1. Then add this to your + config:</p> + + <div class="example"><p><code> + BrowserMatch "MSIE 4\.0b2;" nokeepalive + </code></p></div> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="force-response-1.0" id="force-response-1.0">Incorrect interpretation of + <code>HTTP/1.1</code> in response</a></h2> + + <p>To quote from section 3.1 of RFC1945:</p> + + <div class="note"> + HTTP uses a "<MAJOR>.<MINOR>" numbering scheme to + indicate versions of the protocol. The protocol versioning + policy is intended to allow the sender to indicate the format + of a message and its capacity for understanding further HTTP + communication, rather than the features obtained via that + communication. + </div> + + <p>Since Apache is an HTTP/1.1 server, it indicates so as part of + its response. Many client authors mistakenly treat this part of + the response as an indication of the protocol that the response + is in, and then refuse to accept the response.</p> + + <p>The first major indication of this problem was with AOL's + proxy servers. When Apache 1.2 went into beta it was the first + wide-spread HTTP/1.1 server. After some discussion, AOL fixed + their proxies. In anticipation of similar problems, the + <code>force-response-1.0</code> environment variable was added + to Apache. When present Apache will indicate "HTTP/1.0" in + response to an HTTP/1.0 client, but will not in any other way + change the response.</p> + + <p>The pre-1.1 Java Development Kit (JDK) that is used in many + clients (including Navigator 3.x and MSIE 3.x) exhibits this + problem. As do some of the early pre-releases of the 1.1 JDK. + We think it is fixed in the 1.1 JDK release. In any event the + workaround:</p> + + <div class="example"><p><code> + BrowserMatch Java/1.0 force-response-1.0<br /> + BrowserMatch JDK/1.0 force-response-1.0 + </code></p></div> + + <p>RealPlayer 4.0 from Progressive Networks also exhibits this + problem. However they have fixed it in version 4.01 of the + player, but version 4.01 uses the same <code>User-Agent</code> + as version 4.0. The workaround is still:</p> + + <div class="example"><p><code> + BrowserMatch "RealPlayer 4.0" force-response-1.0 + </code></p></div> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="msie4.0b2" id="msie4.0b2">Requests use HTTP/1.1 but + responses must be in HTTP/1.0</a></h2> + + <p>MSIE 4.0b2 has this problem. Its Java VM makes requests in + HTTP/1.1 format but the responses must be in HTTP/1.0 format + (in particular, it does not understand <em>chunked</em> + responses). The workaround is to fool Apache into believing the + request came in HTTP/1.0 format.</p> + + <div class="example"><p><code> + BrowserMatch "MSIE 4\.0b2;" downgrade-1.0 + force-response-1.0 + </code></p></div> + + <p>This workaround is available in 1.2.2, and in a <a href="http://www.apache.org/dist/httpd/patches/apply_to_1.2.1/msie_4_0b2_fixes.patch"> + patch</a> against 1.2.1.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="byte-257" id="byte-257">Boundary problems with + header parsing</a></h2> + + <p>All versions of Navigator from 2.0 through 4.0b2 (and + possibly later) have a problem if the trailing CRLF of the + response header starts at offset 256, 257 or 258 of the + response. A BrowserMatch for this would match on nearly every + hit, so the workaround is enabled automatically on all + responses. The workaround implemented detects when this + condition would occur in a response and adds extra padding to + the header to push the trailing CRLF past offset 258 of the + response.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="boundary-string" id="boundary-string">Multipart responses and + Quoted Boundary Strings</a></h2> + + <p>On multipart responses some clients will not accept quotes + (") around the boundary string. The MIME standard recommends + that such quotes be used. But the clients were probably written + based on one of the examples in RFC2068, which does not include + quotes. Apache does not include quotes on its boundary strings + to workaround this problem.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="byterange-requests" id="byterange-requests">Byterange Requests</a></h2> + + <p>A byterange request is used when the client wishes to + retrieve a portion of an object, not necessarily the entire + object. There was a very old draft which included these + byteranges in the URL. Old clients such as Navigator 2.0b1 and + MSIE 3.0 for the MAC exhibit this behaviour, and it will appear + in the servers' access logs as (failed) attempts to retrieve a + URL with a trailing ";xxx-yyy". Apache does not attempt to + implement this at all.</p> + + <p>A subsequent draft of this standard defines a header + <code>Request-Range</code>, and a response type + <code>multipart/x-byteranges</code>. The HTTP/1.1 standard + includes this draft with a few fixes, and it defines the header + <code>Range</code> and type + <code>multipart/byteranges</code>.</p> + + <p>Navigator (versions 2 and 3) sends both <code>Range</code> + and <code>Request-Range</code> headers (with the same value), + but does not accept a <code>multipart/byteranges</code> + response. The response must be + <code>multipart/x-byteranges</code>. As a workaround, if Apache + receives a <code>Request-Range</code> header it considers it + "higher priority" than a <code>Range</code> header and in + response uses <code>multipart/x-byteranges</code>.</p> + + <p>The Adobe Acrobat Reader plugin makes extensive use of + byteranges and prior to version 3.01 supports only the + <code>multipart/x-byterange</code> response. Unfortunately + there is no clue that it is the plugin making the request. If + the plugin is used with Navigator, the above workaround works + fine. But if the plugin is used with MSIE 3 (on Windows) the + workaround won't work because MSIE 3 doesn't give the + <code>Range-Request</code> clue that Navigator does. To + workaround this, Apache special cases "MSIE 3" in the + <code>User-Agent</code> and serves + <code>multipart/x-byteranges</code>. Note that the necessity + for this with MSIE 3 is actually due to the Acrobat plugin, not + due to the browser.</p> + + <p>Netscape Communicator appears to not issue the non-standard + <code>Request-Range</code> header. When an Acrobat plugin prior + to version 3.01 is used with it, it will not properly + understand byteranges. The user must upgrade their Acrobat + reader to 3.01.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="cookie-merge" id="cookie-merge"><code>Set-Cookie</code> header is + unmergeable</a></h2> + + <p>The HTTP specifications say that it is legal to merge + headers with duplicate names into one (separated by commas). + Some browsers that support Cookies don't like merged headers + and prefer that each <code>Set-Cookie</code> header is sent + separately. When parsing the headers returned by a CGI, Apache + will explicitly avoid merging any <code>Set-Cookie</code> + headers.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="gif89-expires" id="gif89-expires"><code>Expires</code> headers + and GIF89A animations</a></h2> + + <p>Navigator versions 2 through 4 will erroneously re-request + GIF89A animations on each loop of the animation if the first + response included an <code>Expires</code> header. This happens + regardless of how far in the future the expiry time is set. + There is no workaround supplied with Apache, however there are + hacks for <a href="http://www.arctic.org/~dgaudet/patches/apache-1.2-gif89-expires-hack.patch"> + 1.2</a> and for <a href="http://www.arctic.org/~dgaudet/patches/apache-1.3-gif89-expires-hack.patch"> + 1.3</a>.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="no-content-length" id="no-content-length"><code>POST</code> without + <code>Content-Length</code></a></h2> + + <p>In certain situations Navigator 3.01 through 3.03 appear to + incorrectly issue a POST without the request body. There is no + known workaround. It has been fixed in Navigator 3.04, + Netscapes provides some <a href="http://help.netscape.com/kb/client/971014-42.html">information</a>. + There's also <a href="http://www.arctic.org/~dgaudet/apache/no-content-length/"> + some information</a> about the actual problem.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="jdk-12-bugs" id="jdk-12-bugs">JDK 1.2 betas lose + parts of responses.</a></h2> + + <p>The http client in the JDK1.2beta2 and beta3 will throw away + the first part of the response body when both the headers and + the first part of the body are sent in the same network packet + AND keep-alive's are being used. If either condition is not met + then it works fine.</p> + + <p>See also Bug-ID's 4124329 and 4125538 at the java developer + connection.</p> + + <p>If you are seeing this bug yourself, you can add the + following BrowserMatch directive to work around it:</p> + + <div class="example"><p><code> + BrowserMatch "Java1\.2beta[23]" nokeepalive + </code></p></div> + + <p>We don't advocate this though since bending over backwards + for beta software is usually not a good idea; ideally it gets + fixed, new betas or a final release comes out, and no one uses + the broken old software anymore. In theory.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="content-type-persistent" id="content-type-persistent"><code>Content-Type</code> + change is not noticed after reload</a></h2> + + <p>Navigator (all versions?) will cache the + <code>content-type</code> for an object "forever". Using reload + or shift-reload will not cause Navigator to notice a + <code>content-type</code> change. The only work-around is for + the user to flush their caches (memory and disk). By way of an + example, some folks may be using an old <code>mime.types</code> + file which does not map <code>.htm</code> to + <code>text/html</code>, in this case Apache will default to + sending <code>text/plain</code>. If the user requests the page + and it is served as <code>text/plain</code>. After the admin + fixes the server, the user will have to flush their caches + before the object will be shown with the correct + <code>text/html</code> type.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="msie-cookie-y2k" id="msie-cookie-y2k">MSIE Cookie + problem with expiry date in the year 2000</a></h2> + + <p>MSIE versions 3.00 and 3.02 (without the Y2K patch) do not + handle cookie expiry dates in the year 2000 properly. Years + after 2000 and before 2000 work fine. This is fixed in IE4.01 + service pack 1, and in the Y2K patch for IE3.02. Users should + avoid using expiry dates in the year 2000.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="lynx-negotiate-trans" id="lynx-negotiate-trans">Lynx incorrectly asking for + transparent content negotiation</a></h2> + + <p>The Lynx browser versions 2.7 and 2.8 send a "negotiate: + trans" header in their requests, which is an indication the + browser supports transparent content negotiation (TCN). However + the browser does not support TCN. As of version 1.3.4, Apache + supports TCN, and this causes problems with these versions of + Lynx. As a workaround future versions of Apache will ignore + this header when sent by the Lynx client.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="ie40-vary" id="ie40-vary">MSIE 4.0 mishandles Vary + response header</a></h2> + + <p>MSIE 4.0 does not handle a Vary header properly. The Vary + header is generated by mod_rewrite in apache 1.3. The result is + an error from MSIE saying it cannot download the requested + file. There are more details in <a href="http://bugs.apache.org/index/full/4118">PR#4118</a>.</p> + + <p>A workaround is to add the following to your server's + configuration files:</p> + + <div class="example"><p><code> + BrowserMatch "MSIE 4\.0" force-no-vary + </code></p></div> + + <p>(This workaround is only available with releases + <strong>after</strong> 1.3.6 of the Apache Web server.)</p> + + </div></div> +<div class="bottomlang"> +<p><span>Available Languages: </span><a href="../en/misc/known_client_problems.html" title="English"> en </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/perf-tuning.html b/rubbos/app/httpd-2.0.64/docs/manual/misc/perf-tuning.html new file mode 100644 index 00000000..84956329 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/perf-tuning.html @@ -0,0 +1,13 @@ +# GENERATED FROM XML -- DO NOT EDIT + +URI: perf-tuning.html.en +Content-Language: en +Content-type: text/html; charset=ISO-8859-1 + +URI: perf-tuning.html.ko.euc-kr +Content-Language: ko +Content-type: text/html; charset=EUC-KR + +URI: perf-tuning.html.tr.utf8 +Content-Language: tr +Content-type: text/html; charset=UTF-8 diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/perf-tuning.html.en b/rubbos/app/httpd-2.0.64/docs/manual/misc/perf-tuning.html.en new file mode 100644 index 00000000..2a6bc9d1 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/perf-tuning.html.en @@ -0,0 +1,1058 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>Apache Performance Tuning - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>Apache Performance Tuning</h1> +<div class="toplang"> +<p><span>Available Languages: </span><a href="../en/misc/perf-tuning.html" title="English"> en </a> | +<a href="../ko/misc/perf-tuning.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> | +<a href="../tr/misc/perf-tuning.html" hreflang="tr" rel="alternate" title="Türkçe"> tr </a></p> +</div> + + + <p>Apache 2.x is a general-purpose webserver, designed to + provide a balance of flexibility, portability, and performance. + Although it has not been designed specifically to set benchmark + records, Apache 2.x is capable of high performance in many + real-world situations.</p> + + <p>Compared to Apache 1.3, release 2.x contains many additional + optimizations to increase throughput and scalability. Most of + these improvements are enabled by default. However, there are + compile-time and run-time configuration choices that can + significantly affect performance. This document describes the + options that a server administrator can configure to tune the + performance of an Apache 2.x installation. Some of these + configuration options enable the httpd to better take advantage + of the capabilities of the hardware and OS, while others allow + the administrator to trade functionality for speed.</p> + + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#hardware">Hardware and Operating System Issues</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#runtime">Run-Time Configuration Issues</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#compiletime">Compile-Time Configuration Issues</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#trace">Appendix: Detailed Analysis of a Trace</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="hardware" id="hardware">Hardware and Operating System Issues</a></h2> + + + + <p>The single biggest hardware issue affecting webserver + performance is RAM. A webserver should never ever have to swap, + as swapping increases the latency of each request beyond a point + that users consider "fast enough". This causes users to hit + stop and reload, further increasing the load. You can, and + should, control the <code class="directive"><a href="../mod/mpm_common.html#maxclients">MaxClients</a></code> setting so that your server + does not spawn so many children it starts swapping. This procedure + for doing this is simple: determine the size of your average Apache + process, by looking at your process list via a tool such as + <code>top</code>, and divide this into your total available memory, + leaving some room for other processes.</p> + + <p>Beyond that the rest is mundane: get a fast enough CPU, a + fast enough network card, and fast enough disks, where "fast + enough" is something that needs to be determined by + experimentation.</p> + + <p>Operating system choice is largely a matter of local + concerns. But some guidelines that have proven generally + useful are:</p> + + <ul> + <li> + <p>Run the latest stable release and patchlevel of the + operating system that you choose. Many OS suppliers have + introduced significant performance improvements to their + TCP stacks and thread libraries in recent years.</p> + </li> + + <li> + <p>If your OS supports a <code>sendfile(2)</code> system + call, make sure you install the release and/or patches + needed to enable it. (With Linux, for example, this means + using Linux 2.4 or later. For early releases of Solaris 8, + you may need to apply a patch.) On systems where it is + available, <code>sendfile</code> enables Apache 2 to deliver + static content faster and with lower CPU utilization.</p> + </li> + </ul> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="runtime" id="runtime">Run-Time Configuration Issues</a></h2> + + + + <table class="related"><tr><th>Related Modules</th><th>Related Directives</th></tr><tr><td><ul><li><code class="module"><a href="../mod/mod_dir.html">mod_dir</a></code></li><li><code class="module"><a href="../mod/mpm_common.html">mpm_common</a></code></li><li><code class="module"><a href="../mod/mod_status.html">mod_status</a></code></li></ul></td><td><ul><li><code class="directive"><a href="../mod/core.html#allowoverride">AllowOverride</a></code></li><li><code class="directive"><a href="../mod/mod_dir.html#directoryindex">DirectoryIndex</a></code></li><li><code class="directive"><a href="../mod/core.html#hostnamelookups">HostnameLookups</a></code></li><li><code class="directive"><a href="../mod/core.html#enablemmap">EnableMMAP</a></code></li><li><code class="directive"><a href="../mod/core.html#enablesendfile">EnableSendfile</a></code></li><li><code class="directive"><a href="../mod/core.html#keepalivetimeout">KeepAliveTimeout</a></code></li><li><code class="directive"><a href="../mod/prefork.html#maxspareservers">MaxSpareServers</a></code></li><li><code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code></li><li><code class="directive"><a href="../mod/core.html#options">Options</a></code></li><li><code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code></li></ul></td></tr></table> + + <h3><a name="dns" id="dns">HostnameLookups and other DNS considerations</a></h3> + + + + <p>Prior to Apache 1.3, <code class="directive"><a href="../mod/core.html#hostnamelookups">HostnameLookups</a></code> defaulted to <code>On</code>. + This adds latency to every request because it requires a + DNS lookup to complete before the request is finished. In + Apache 1.3 this setting defaults to <code>Off</code>. If you need + to have addresses in your log files resolved to hostnames, use the + <code class="program"><a href="../programs/logresolve.html">logresolve</a></code> + program that comes with Apache, or one of the numerous log + reporting packages which are available.</p> + + <p>It is recommended that you do this sort of postprocessing of + your log files on some machine other than the production web + server machine, in order that this activity not adversely affect + server performance.</p> + + <p>If you use any <code><code class="directive"><a href="../mod/mod_access.html#allow">Allow</a></code> + from domain</code> or <code><code class="directive"><a href="../mod/mod_access.html#deny">Deny</a></code> from domain</code> + directives (i.e., using a hostname, or a domain name, rather than + an IP address) then you will pay for + two DNS lookups (a reverse, followed by a forward lookup + to make sure that the reverse is not being spoofed). For best + performance, therefore, use IP addresses, rather than names, when + using these directives, if possible.</p> + + <p>Note that it's possible to scope the directives, such as + within a <code><Location /server-status></code> section. + In this case the DNS lookups are only performed on requests + matching the criteria. Here's an example which disables lookups + except for <code>.html</code> and <code>.cgi</code> files:</p> + + <div class="example"><p><code> + HostnameLookups off<br /> + <Files ~ "\.(html|cgi)$"><br /> + <span class="indent"> + HostnameLookups on<br /> + </span> + </Files> + </code></p></div> + + <p>But even still, if you just need DNS names in some CGIs you + could consider doing the <code>gethostbyname</code> call in the + specific CGIs that need it.</p> + + + + <h3><a name="symlinks" id="symlinks">FollowSymLinks and SymLinksIfOwnerMatch</a></h3> + + + + <p>Wherever in your URL-space you do not have an <code>Options + FollowSymLinks</code>, or you do have an <code>Options + SymLinksIfOwnerMatch</code> Apache will have to issue extra + system calls to check up on symlinks. One extra call per + filename component. For example, if you had:</p> + + <div class="example"><p><code> + DocumentRoot /www/htdocs<br /> + <Directory /><br /> + <span class="indent"> + Options SymLinksIfOwnerMatch<br /> + </span> + </Directory> + </code></p></div> + + <p>and a request is made for the URI <code>/index.html</code>. + Then Apache will perform <code>lstat(2)</code> on + <code>/www</code>, <code>/www/htdocs</code>, and + <code>/www/htdocs/index.html</code>. The results of these + <code>lstats</code> are never cached, so they will occur on + every single request. If you really desire the symlinks + security checking you can do something like this:</p> + + <div class="example"><p><code> + DocumentRoot /www/htdocs<br /> + <Directory /><br /> + <span class="indent"> + Options FollowSymLinks<br /> + </span> + </Directory><br /> + <br /> + <Directory /www/htdocs><br /> + <span class="indent"> + Options -FollowSymLinks +SymLinksIfOwnerMatch<br /> + </span> + </Directory> + </code></p></div> + + <p>This at least avoids the extra checks for the + <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> path. + Note that you'll need to add similar sections if you + have any <code class="directive"><a href="../mod/mod_alias.html#alias">Alias</a></code> or + <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> paths + outside of your document root. For highest performance, + and no symlink protection, set <code>FollowSymLinks</code> + everywhere, and never set <code>SymLinksIfOwnerMatch</code>.</p> + + + + <h3><a name="htacess" id="htacess">AllowOverride</a></h3> + + + + <p>Wherever in your URL-space you allow overrides (typically + <code>.htaccess</code> files) Apache will attempt to open + <code>.htaccess</code> for each filename component. For + example,</p> + + <div class="example"><p><code> + DocumentRoot /www/htdocs<br /> + <Directory /><br /> + <span class="indent"> + AllowOverride all<br /> + </span> + </Directory> + </code></p></div> + + <p>and a request is made for the URI <code>/index.html</code>. + Then Apache will attempt to open <code>/.htaccess</code>, + <code>/www/.htaccess</code>, and + <code>/www/htdocs/.htaccess</code>. The solutions are similar + to the previous case of <code>Options FollowSymLinks</code>. + For highest performance use <code>AllowOverride None</code> + everywhere in your filesystem.</p> + + + + <h3><a name="negotiation" id="negotiation">Negotiation</a></h3> + + + + <p>If at all possible, avoid content-negotiation if you're + really interested in every last ounce of performance. In + practice the benefits of negotiation outweigh the performance + penalties. There's one case where you can speed up the server. + Instead of using a wildcard such as:</p> + + <div class="example"><p><code> + DirectoryIndex index + </code></p></div> + + <p>Use a complete list of options:</p> + + <div class="example"><p><code> + DirectoryIndex index.cgi index.pl index.shtml index.html + </code></p></div> + + <p>where you list the most common choice first.</p> + + <p>Also note that explicitly creating a <code>type-map</code> + file provides better performance than using + <code>MultiViews</code>, as the necessary information can be + determined by reading this single file, rather than having to + scan the directory for files.</p> + + <p>If your site needs content negotiation consider using + <code>type-map</code> files, rather than the <code>Options + MultiViews</code> directive to accomplish the negotiation. See the + <a href="../content-negotiation.html">Content Negotiation</a> + documentation for a full discussion of the methods of negotiation, + and instructions for creating <code>type-map</code> files.</p> + + + + <h3>Memory-mapping</h3> + + + + <p>In situations where Apache 2.x needs to look at the contents + of a file being delivered--for example, when doing server-side-include + processing--it normally memory-maps the file if the OS supports + some form of <code>mmap(2)</code>.</p> + + <p>On some platforms, this memory-mapping improves performance. + However, there are cases where memory-mapping can hurt the performance + or even the stability of the httpd:</p> + + <ul> + <li> + <p>On some operating systems, <code>mmap</code> does not scale + as well as <code>read(2)</code> when the number of CPUs increases. + On multiprocessor Solaris servers, for example, Apache 2.x sometimes + delivers server-parsed files faster when <code>mmap</code> is disabled.</p> + </li> + + <li> + <p>If you memory-map a file located on an NFS-mounted filesystem + and a process on another NFS client machine deletes or truncates + the file, your process may get a bus error the next time it tries + to access the mapped file content.</p> + </li> + </ul> + + <p>For installations where either of these factors applies, you + should use <code>EnableMMAP off</code> to disable the memory-mapping + of delivered files. (Note: This directive can be overridden on + a per-directory basis.)</p> + + + + <h3>Sendfile</h3> + + + + <p>In situations where Apache 2.x can ignore the contents of the file + to be delivered -- for example, when serving static file content -- + it normally uses the kernel sendfile support the file if the OS + supports the <code>sendfile(2)</code> operation.</p> + + <p>On most platforms, using sendfile improves performance by eliminating + separate read and send mechanics. However, there are cases where using + sendfile can harm the stability of the httpd:</p> + + <ul> + <li> + <p>Some platforms may have broken sendfile support that the build + system did not detect, especially if the binaries were built on + another box and moved to such a machine with broken sendfile support.</p> + </li> + <li> + <p>With an NFS-mounted files, the kernel may be unable + to reliably serve the network file through it's own cache.</p> + </li> + </ul> + + <p>For installations where either of these factors applies, you + should use <code>EnableSendfile off</code> to disable sendfile + delivery of file contents. (Note: This directive can be overridden + on a per-directory basis.)</p> + + + + <h3><a name="process" id="process">Process Creation</a></h3> + + + + <p>Prior to Apache 1.3 the <code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code>, <code class="directive"><a href="../mod/prefork.html#maxspareservers">MaxSpareServers</a></code>, and <code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code> settings all had drastic effects on + benchmark results. In particular, Apache required a "ramp-up" + period in order to reach a number of children sufficient to serve + the load being applied. After the initial spawning of + <code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code> children, + only one child per second would be created to satisfy the + <code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code> + setting. So a server being accessed by 100 simultaneous + clients, using the default <code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code> of <code>5</code> would take on + the order 95 seconds to spawn enough children to handle + the load. This works fine in practice on real-life servers, + because they aren't restarted frequently. But does really + poorly on benchmarks which might only run for ten minutes.</p> + + <p>The one-per-second rule was implemented in an effort to + avoid swamping the machine with the startup of new children. If + the machine is busy spawning children it can't service + requests. But it has such a drastic effect on the perceived + performance of Apache that it had to be replaced. As of Apache + 1.3, the code will relax the one-per-second rule. It will spawn + one, wait a second, then spawn two, wait a second, then spawn + four, and it will continue exponentially until it is spawning + 32 children per second. It will stop whenever it satisfies the + <code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code> + setting.</p> + + <p>This appears to be responsive enough that it's almost + unnecessary to twiddle the <code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code>, <code class="directive"><a href="../mod/prefork.html#maxspareservers">MaxSpareServers</a></code> and <code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code> knobs. When more than 4 children are + spawned per second, a message will be emitted to the + <code class="directive"><a href="../mod/core.html#errorlog">ErrorLog</a></code>. If you + see a lot of these errors then consider tuning these settings. + Use the <code class="module"><a href="../mod/mod_status.html">mod_status</a></code> output as a guide.</p> + + <p>Related to process creation is process death induced by the + <code class="directive"><a href="../mod/mpm_common.html#maxrequestsperchild">MaxRequestsPerChild</a></code> + setting. By default this is <code>0</code>, + which means that there is no limit to the number of requests + handled per child. If your configuration currently has this set + to some very low number, such as <code>30</code>, you may want to bump this + up significantly. If you are running SunOS or an old version of + Solaris, limit this to <code>10000</code> or so because of memory leaks.</p> + + <p>When keep-alives are in use, children will be kept busy + doing nothing waiting for more requests on the already open + connection. The default <code class="directive"><a href="../mod/core.html#keepalivetimeout">KeepAliveTimeout</a></code> of <code>15</code> + seconds attempts to minimize this effect. The tradeoff here is + between network bandwidth and server resources. In no event + should you raise this above about <code>60</code> seconds, as <a href="http://www.research.digital.com/wrl/techreports/abstracts/95.4.html"> + most of the benefits are lost</a>.</p> + + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="compiletime" id="compiletime">Compile-Time Configuration Issues</a></h2> + + + + <h3>Choosing an MPM</h3> + + + + <p>Apache 2.x supports pluggable concurrency models, called + <a href="../mpm.html">Multi-Processing Modules</a> (MPMs). + When building Apache, you must choose an MPM to use. There + are platform-specific MPMs for some platforms: + <code class="module"><a href="../mod/beos.html">beos</a></code>, <code class="module"><a href="../mod/mpm_netware.html">mpm_netware</a></code>, + <code class="module"><a href="../mod/mpmt_os2.html">mpmt_os2</a></code>, and <code class="module"><a href="../mod/mpm_winnt.html">mpm_winnt</a></code>. For + general Unix-type systems, there are several MPMs from which + to choose. The choice of MPM can affect the speed and scalability + of the httpd:</p> + + <ul> + + <li>The <code class="module"><a href="../mod/worker.html">worker</a></code> MPM uses multiple child + processes with many threads each. Each thread handles + one connection at a time. Worker generally is a good + choice for high-traffic servers because it has a smaller + memory footprint than the prefork MPM.</li> + + <li>The <code class="module"><a href="../mod/prefork.html">prefork</a></code> MPM uses multiple child + processes with one thread each. Each process handles + one connection at a time. On many systems, prefork is + comparable in speed to worker, but it uses more memory. + Prefork's threadless design has advantages over worker + in some situations: it can be used with non-thread-safe + third-party modules, and it is easier to debug on platforms + with poor thread debugging support.</li> + + </ul> + + <p>For more information on these and other MPMs, please + see the MPM <a href="../mpm.html">documentation</a>.</p> + + + + <h3><a name="modules" id="modules">Modules</a></h3> + + + + <p>Since memory usage is such an important consideration in + performance, you should attempt to eliminate modules that you are + not actually using. If you have built the modules as <a href="../dso.html">DSOs</a>, eliminating modules is a simple + matter of commenting out the associated <code class="directive"><a href="../mod/mod_so.html#loadmodule">LoadModule</a></code> directive for that module. + This allows you to experiment with removing modules, and seeing + if your site still functions in their absense.</p> + + <p>If, on the other hand, you have modules statically linked + into your Apache binary, you will need to recompile Apache in + order to remove unwanted modules.</p> + + <p>An associated question that arises here is, of course, what + modules you need, and which ones you don't. The answer here + will, of course, vary from one web site to another. However, the + <em>minimal</em> list of modules which you can get by with tends + to include <code class="module"><a href="../mod/mod_mime.html">mod_mime</a></code>, <code class="module"><a href="../mod/mod_dir.html">mod_dir</a></code>, + and <code class="module"><a href="../mod/mod_log_config.html">mod_log_config</a></code>. <code>mod_log_config</code> is, + of course, optional, as you can run a web site without log + files. This is, however, not recommended.</p> + + + + <h3>Atomic Operations</h3> + + + + <p>Some modules, such as <code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code> and + recent development builds of the worker MPM, use APR's + atomic API. This API provides atomic operations that can + be used for lightweight thread synchronization.</p> + + <p>By default, APR implements these operations using the + most efficient mechanism available on each target + OS/CPU platform. Many modern CPUs, for example, have + an instruction that does an atomic compare-and-swap (CAS) + operation in hardware. On some platforms, however, APR + defaults to a slower, mutex-based implementation of the + atomic API in order to ensure compatibility with older + CPU models that lack such instructions. If you are + building Apache for one of these platforms, and you plan + to run only on newer CPUs, you can select a faster atomic + implementation at build time by configuring Apache with + the <code>--enable-nonportable-atomics</code> option:</p> + + <div class="example"><p><code> + ./buildconf<br /> + ./configure --with-mpm=worker --enable-nonportable-atomics=yes + </code></p></div> + + <p>The <code>--enable-nonportable-atomics</code> option is + relevant for the following platforms:</p> + + <ul> + + <li>Solaris on SPARC<br /> + By default, APR uses mutex-based atomics on Solaris/SPARC. + If you configure with <code>--enable-nonportable-atomics</code>, + however, APR generates code that uses a SPARC v8plus opcode for + fast hardware compare-and-swap. If you configure Apache with + this option, the atomic operations will be more efficient + (allowing for lower CPU utilization and higher concurrency), + but the resulting executable will run only on UltraSPARC + chips. + </li> + + <li>Linux on x86<br /> + By default, APR uses mutex-based atomics on Linux. If you + configure with <code>--enable-nonportable-atomics</code>, + however, APR generates code that uses a 486 opcode for fast + hardware compare-and-swap. This will result in more efficient + atomic operations, but the resulting executable will run only + on 486 and later chips (and not on 386). + </li> + + </ul> + + + + <h3>mod_status and ExtendedStatus On</h3> + + + + <p>If you include <code class="module"><a href="../mod/mod_status.html">mod_status</a></code> and you also set + <code>ExtendedStatus On</code> when building and running + Apache, then on every request Apache will perform two calls to + <code>gettimeofday(2)</code> (or <code>times(2)</code> + depending on your operating system), and (pre-1.3) several + extra calls to <code>time(2)</code>. This is all done so that + the status report contains timing indications. For highest + performance, set <code>ExtendedStatus off</code> (which is the + default).</p> + + + + <h3>accept Serialization - multiple sockets</h3> + + + + <div class="warning"><h3>Warning:</h3> + <p>This section has not been fully updated + to take into account changes made in the 2.x version of the + Apache HTTP Server. Some of the information may still be + relevant, but please use it with care.</p> + </div> + + <p>This discusses a shortcoming in the Unix socket API. Suppose + your web server uses multiple <code class="directive"><a href="../mod/mpm_common.html#listen">Listen</a></code> statements to listen on either multiple + ports or multiple addresses. In order to test each socket + to see if a connection is ready Apache uses + <code>select(2)</code>. <code>select(2)</code> indicates that a + socket has <em>zero</em> or <em>at least one</em> connection + waiting on it. Apache's model includes multiple children, and + all the idle ones test for new connections at the same time. A + naive implementation looks something like this (these examples + do not match the code, they're contrived for pedagogical + purposes):</p> + + <div class="example"><p><code> + for (;;) {<br /> + <span class="indent"> + for (;;) {<br /> + <span class="indent"> + fd_set accept_fds;<br /> + <br /> + FD_ZERO (&accept_fds);<br /> + for (i = first_socket; i <= last_socket; ++i) {<br /> + <span class="indent"> + FD_SET (i, &accept_fds);<br /> + </span> + }<br /> + rc = select (last_socket+1, &accept_fds, NULL, NULL, NULL);<br /> + if (rc < 1) continue;<br /> + new_connection = -1;<br /> + for (i = first_socket; i <= last_socket; ++i) {<br /> + <span class="indent"> + if (FD_ISSET (i, &accept_fds)) {<br /> + <span class="indent"> + new_connection = accept (i, NULL, NULL);<br /> + if (new_connection != -1) break;<br /> + </span> + }<br /> + </span> + }<br /> + if (new_connection != -1) break;<br /> + </span> + }<br /> + process the new_connection;<br /> + </span> + } + </code></p></div> + + <p>But this naive implementation has a serious starvation problem. + Recall that multiple children execute this loop at the same + time, and so multiple children will block at + <code>select</code> when they are in between requests. All + those blocked children will awaken and return from + <code>select</code> when a single request appears on any socket + (the number of children which awaken varies depending on the + operating system and timing issues). They will all then fall + down into the loop and try to <code>accept</code> the + connection. But only one will succeed (assuming there's still + only one connection ready), the rest will be <em>blocked</em> + in <code>accept</code>. This effectively locks those children + into serving requests from that one socket and no other + sockets, and they'll be stuck there until enough new requests + appear on that socket to wake them all up. This starvation + problem was first documented in <a href="http://bugs.apache.org/index/full/467">PR#467</a>. There + are at least two solutions.</p> + + <p>One solution is to make the sockets non-blocking. In this + case the <code>accept</code> won't block the children, and they + will be allowed to continue immediately. But this wastes CPU + time. Suppose you have ten idle children in + <code>select</code>, and one connection arrives. Then nine of + those children will wake up, try to <code>accept</code> the + connection, fail, and loop back into <code>select</code>, + accomplishing nothing. Meanwhile none of those children are + servicing requests that occurred on other sockets until they + get back up to the <code>select</code> again. Overall this + solution does not seem very fruitful unless you have as many + idle CPUs (in a multiprocessor box) as you have idle children, + not a very likely situation.</p> + + <p>Another solution, the one used by Apache, is to serialize + entry into the inner loop. The loop looks like this + (differences highlighted):</p> + + <div class="example"><p><code> + for (;;) {<br /> + <span class="indent"> + <strong>accept_mutex_on ();</strong><br /> + for (;;) {<br /> + <span class="indent"> + fd_set accept_fds;<br /> + <br /> + FD_ZERO (&accept_fds);<br /> + for (i = first_socket; i <= last_socket; ++i) {<br /> + <span class="indent"> + FD_SET (i, &accept_fds);<br /> + </span> + }<br /> + rc = select (last_socket+1, &accept_fds, NULL, NULL, NULL);<br /> + if (rc < 1) continue;<br /> + new_connection = -1;<br /> + for (i = first_socket; i <= last_socket; ++i) {<br /> + <span class="indent"> + if (FD_ISSET (i, &accept_fds)) {<br /> + <span class="indent"> + new_connection = accept (i, NULL, NULL);<br /> + if (new_connection != -1) break;<br /> + </span> + }<br /> + </span> + }<br /> + if (new_connection != -1) break;<br /> + </span> + }<br /> + <strong>accept_mutex_off ();</strong><br /> + process the new_connection;<br /> + </span> + } + </code></p></div> + + <p><a id="serialize" name="serialize">The functions</a> + <code>accept_mutex_on</code> and <code>accept_mutex_off</code> + implement a mutual exclusion semaphore. Only one child can have + the mutex at any time. There are several choices for + implementing these mutexes. The choice is defined in + <code>src/conf.h</code> (pre-1.3) or + <code>src/include/ap_config.h</code> (1.3 or later). Some + architectures do not have any locking choice made, on these + architectures it is unsafe to use multiple + <code class="directive"><a href="../mod/mpm_common.html#listen">Listen</a></code> + directives.</p> + + <p>The directive <code class="directive"><a href="../mod/mpm_common.html#acceptmutex">AcceptMutex</a></code> can be used to + change the selected mutex implementation at run-time.</p> + + <dl> + <dt><code>AcceptMutex flock</code></dt> + + <dd> + <p>This method uses the <code>flock(2)</code> system call to + lock a lock file (located by the <code class="directive"><a href="../mod/mpm_common.html#lockfile">LockFile</a></code> directive).</p> + </dd> + + <dt><code>AcceptMutex fcntl</code></dt> + + <dd> + <p>This method uses the <code>fcntl(2)</code> system call to + lock a lock file (located by the <code class="directive"><a href="../mod/mpm_common.html#lockfile">LockFile</a></code> directive).</p> + </dd> + + <dt><code>AcceptMutex sysvsem</code></dt> + + <dd> + <p>(1.3 or later) This method uses SysV-style semaphores to + implement the mutex. Unfortunately SysV-style semaphores have + some bad side-effects. One is that it's possible Apache will + die without cleaning up the semaphore (see the + <code>ipcs(8)</code> man page). The other is that the + semaphore API allows for a denial of service attack by any + CGIs running under the same uid as the webserver + (<em>i.e.</em>, all CGIs, unless you use something like + <code class="program"><a href="../programs/suexec.html">suexec</a></code> or <code>cgiwrapper</code>). For these + reasons this method is not used on any architecture except + IRIX (where the previous two are prohibitively expensive + on most IRIX boxes).</p> + </dd> + + <dt><code>AcceptMutex pthread</code></dt> + + <dd> + <p>(1.3 or later) This method uses POSIX mutexes and should + work on any architecture implementing the full POSIX threads + specification, however appears to only work on Solaris (2.5 + or later), and even then only in certain configurations. If + you experiment with this you should watch out for your server + hanging and not responding. Static content only servers may + work just fine.</p> + </dd> + + <dt><code>AcceptMutex posixsem</code></dt> + + <dd> + <p>(2.0 or later) This method uses POSIX semaphores. The + semaphore ownership is not recovered if a thread in the process + holding the mutex segfaults, resulting in a hang of the web + server.</p> + </dd> + + </dl> + + <p>If your system has another method of serialization which + isn't in the above list then it may be worthwhile adding code + for it to APR.</p> + + <p>Another solution that has been considered but never + implemented is to partially serialize the loop -- that is, let + in a certain number of processes. This would only be of + interest on multiprocessor boxes where it's possible multiple + children could run simultaneously, and the serialization + actually doesn't take advantage of the full bandwidth. This is + a possible area of future investigation, but priority remains + low because highly parallel web servers are not the norm.</p> + + <p>Ideally you should run servers without multiple + <code class="directive"><a href="../mod/mpm_common.html#listen">Listen</a></code> + statements if you want the highest performance. + But read on.</p> + + + + <h3>accept Serialization - single socket</h3> + + + + <p>The above is fine and dandy for multiple socket servers, but + what about single socket servers? In theory they shouldn't + experience any of these same problems because all children can + just block in <code>accept(2)</code> until a connection + arrives, and no starvation results. In practice this hides + almost the same "spinning" behaviour discussed above in the + non-blocking solution. The way that most TCP stacks are + implemented, the kernel actually wakes up all processes blocked + in <code>accept</code> when a single connection arrives. One of + those processes gets the connection and returns to user-space, + the rest spin in the kernel and go back to sleep when they + discover there's no connection for them. This spinning is + hidden from the user-land code, but it's there nonetheless. + This can result in the same load-spiking wasteful behaviour + that a non-blocking solution to the multiple sockets case + can.</p> + + <p>For this reason we have found that many architectures behave + more "nicely" if we serialize even the single socket case. So + this is actually the default in almost all cases. Crude + experiments under Linux (2.0.30 on a dual Pentium pro 166 + w/128Mb RAM) have shown that the serialization of the single + socket case causes less than a 3% decrease in requests per + second over unserialized single-socket. But unserialized + single-socket showed an extra 100ms latency on each request. + This latency is probably a wash on long haul lines, and only an + issue on LANs. If you want to override the single socket + serialization you can define + <code>SINGLE_LISTEN_UNSERIALIZED_ACCEPT</code> and then + single-socket servers will not serialize at all.</p> + + + + <h3>Lingering Close</h3> + + + + <p>As discussed in <a href="http://www.ics.uci.edu/pub/ietf/http/draft-ietf-http-connection-00.txt"> + draft-ietf-http-connection-00.txt</a> section 8, in order for + an HTTP server to <strong>reliably</strong> implement the + protocol it needs to shutdown each direction of the + communication independently (recall that a TCP connection is + bi-directional, each half is independent of the other). This + fact is often overlooked by other servers, but is correctly + implemented in Apache as of 1.2.</p> + + <p>When this feature was added to Apache it caused a flurry of + problems on various versions of Unix because of a + shortsightedness. The TCP specification does not state that the + <code>FIN_WAIT_2</code> state has a timeout, but it doesn't prohibit it. + On systems without the timeout, Apache 1.2 induces many sockets + stuck forever in the <code>FIN_WAIT_2</code> state. In many cases this + can be avoided by simply upgrading to the latest TCP/IP patches + supplied by the vendor. In cases where the vendor has never + released patches (<em>i.e.</em>, SunOS4 -- although folks with + a source license can patch it themselves) we have decided to + disable this feature.</p> + + <p>There are two ways of accomplishing this. One is the socket + option <code>SO_LINGER</code>. But as fate would have it, this + has never been implemented properly in most TCP/IP stacks. Even + on those stacks with a proper implementation (<em>i.e.</em>, + Linux 2.0.31) this method proves to be more expensive (cputime) + than the next solution.</p> + + <p>For the most part, Apache implements this in a function + called <code>lingering_close</code> (in + <code>http_main.c</code>). The function looks roughly like + this:</p> + + <div class="example"><p><code> + void lingering_close (int s)<br /> + {<br /> + <span class="indent"> + char junk_buffer[2048];<br /> + <br /> + /* shutdown the sending side */<br /> + shutdown (s, 1);<br /> + <br /> + signal (SIGALRM, lingering_death);<br /> + alarm (30);<br /> + <br /> + for (;;) {<br /> + <span class="indent"> + select (s for reading, 2 second timeout);<br /> + if (error) break;<br /> + if (s is ready for reading) {<br /> + <span class="indent"> + if (read (s, junk_buffer, sizeof (junk_buffer)) <= 0) {<br /> + <span class="indent"> + break;<br /> + </span> + }<br /> + /* just toss away whatever is here */<br /> + </span> + }<br /> + </span> + }<br /> + <br /> + close (s);<br /> + </span> + } + </code></p></div> + + <p>This naturally adds some expense at the end of a connection, + but it is required for a reliable implementation. As HTTP/1.1 + becomes more prevalent, and all connections are persistent, + this expense will be amortized over more requests. If you want + to play with fire and disable this feature you can define + <code>NO_LINGCLOSE</code>, but this is not recommended at all. + In particular, as HTTP/1.1 pipelined persistent connections + come into use <code>lingering_close</code> is an absolute + necessity (and <a href="http://www.w3.org/Protocols/HTTP/Performance/Pipeline.html"> + pipelined connections are faster</a>, so you want to support + them).</p> + + + + <h3>Scoreboard File</h3> + + + + <p>Apache's parent and children communicate with each other + through something called the scoreboard. Ideally this should be + implemented in shared memory. For those operating systems that + we either have access to, or have been given detailed ports + for, it typically is implemented using shared memory. The rest + default to using an on-disk file. The on-disk file is not only + slow, but it is unreliable (and less featured). Peruse the + <code>src/main/conf.h</code> file for your architecture and + look for either <code>USE_MMAP_SCOREBOARD</code> or + <code>USE_SHMGET_SCOREBOARD</code>. Defining one of those two + (as well as their companions <code>HAVE_MMAP</code> and + <code>HAVE_SHMGET</code> respectively) enables the supplied + shared memory code. If your system has another type of shared + memory, edit the file <code>src/main/http_main.c</code> and add + the hooks necessary to use it in Apache. (Send us back a patch + too please.)</p> + + <div class="note">Historical note: The Linux port of Apache didn't start to + use shared memory until version 1.2 of Apache. This oversight + resulted in really poor and unreliable behaviour of earlier + versions of Apache on Linux.</div> + + + + <h3>DYNAMIC_MODULE_LIMIT</h3> + + + + <p>If you have no intention of using dynamically loaded modules + (you probably don't if you're reading this and tuning your + server for every last ounce of performance) then you should add + <code>-DDYNAMIC_MODULE_LIMIT=0</code> when building your + server. This will save RAM that's allocated only for supporting + dynamically loaded modules.</p> + + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="trace" id="trace">Appendix: Detailed Analysis of a Trace</a></h2> + + + + <p>Here is a system call trace of Apache 2.0.38 with the worker MPM + on Solaris 8. This trace was collected using:</p> + + <div class="example"><p><code> + truss -l -p <var>httpd_child_pid</var>. + </code></p></div> + + <p>The <code>-l</code> option tells truss to log the ID of the + LWP (lightweight process--Solaris's form of kernel-level thread) + that invokes each system call.</p> + + <p>Other systems may have different system call tracing utilities + such as <code>strace</code>, <code>ktrace</code>, or <code>par</code>. + They all produce similar output.</p> + + <p>In this trace, a client has requested a 10KB static file + from the httpd. Traces of non-static requests or requests + with content negotiation look wildly different (and quite ugly + in some cases).</p> + + <div class="example"><pre>/67: accept(3, 0x00200BEC, 0x00200C0C, 1) (sleeping...) +/67: accept(3, 0x00200BEC, 0x00200C0C, 1) = 9</pre></div> + + <p>In this trace, the listener thread is running within LWP #67.</p> + + <div class="note">Note the lack of <code>accept(2)</code> serialization. On this + particular platform, the worker MPM uses an unserialized accept by + default unless it is listening on multiple ports.</div> + + <div class="example"><pre>/65: lwp_park(0x00000000, 0) = 0 +/67: lwp_unpark(65, 1) = 0</pre></div> + + <p>Upon accepting the connection, the listener thread wakes up + a worker thread to do the request processing. In this trace, + the worker thread that handles the request is mapped to LWP #65.</p> + + <div class="example"><pre>/65: getsockname(9, 0x00200BA4, 0x00200BC4, 1) = 0</pre></div> + + <p>In order to implement virtual hosts, Apache needs to know + the local socket address used to accept the connection. It + is possible to eliminate this call in many situations (such + as when there are no virtual hosts, or when + <code class="directive"><a href="../mod/mpm_common.html#listen">Listen</a></code> directives + are used which do not have wildcard addresses). But + no effort has yet been made to do these optimizations. </p> + + <div class="example"><pre>/65: brk(0x002170E8) = 0 +/65: brk(0x002190E8) = 0</pre></div> + + <p>The <code>brk(2)</code> calls allocate memory from the heap. + It is rare to see these in a system call trace, because the httpd + uses custom memory allocators (<code>apr_pool</code> and + <code>apr_bucket_alloc</code>) for most request processing. + In this trace, the httpd has just been started, so it must + call <code>malloc(3)</code> to get the blocks of raw memory + with which to create the custom memory allocators.</p> + + <div class="example"><pre>/65: fcntl(9, F_GETFL, 0x00000000) = 2 +/65: fstat64(9, 0xFAF7B818) = 0 +/65: getsockopt(9, 65535, 8192, 0xFAF7B918, 0xFAF7B910, 2190656) = 0 +/65: fstat64(9, 0xFAF7B818) = 0 +/65: getsockopt(9, 65535, 8192, 0xFAF7B918, 0xFAF7B914, 2190656) = 0 +/65: setsockopt(9, 65535, 8192, 0xFAF7B918, 4, 2190656) = 0 +/65: fcntl(9, F_SETFL, 0x00000082) = 0</pre></div> + + <p>Next, the worker thread puts the connection to the client (file + descriptor 9) in non-blocking mode. The <code>setsockopt(2)</code> + and <code>getsockopt(2)</code> calls are a side-effect of how + Solaris's libc handles <code>fcntl(2)</code> on sockets.</p> + + <div class="example"><pre>/65: read(9, " G E T / 1 0 k . h t m".., 8000) = 97</pre></div> + + <p>The worker thread reads the request from the client.</p> + + <div class="example"><pre>/65: stat("/var/httpd/apache/httpd-8999/htdocs/10k.html", 0xFAF7B978) = 0 +/65: open("/var/httpd/apache/httpd-8999/htdocs/10k.html", O_RDONLY) = 10</pre></div> + + <p>This httpd has been configured with <code>Options FollowSymLinks</code> + and <code>AllowOverride None</code>. Thus it doesn't need to + <code>lstat(2)</code> each directory in the path leading up to the + requested file, nor check for <code>.htaccess</code> files. + It simply calls <code>stat(2)</code> to verify that the file: + 1) exists, and 2) is a regular file, not a directory.</p> + + <div class="example"><pre>/65: sendfilev(0, 9, 0x00200F90, 2, 0xFAF7B53C) = 10269</pre></div> + + <p>In this example, the httpd is able to send the HTTP response + header and the requested file with a single <code>sendfilev(2)</code> + system call. Sendfile semantics vary among operating systems. On some other + systems, it is necessary to do a <code>write(2)</code> or + <code>writev(2)</code> call to send the headers before calling + <code>sendfile(2)</code>.</p> + + <div class="example"><pre>/65: write(4, " 1 2 7 . 0 . 0 . 1 - ".., 78) = 78</pre></div> + + <p>This <code>write(2)</code> call records the request in the + access log. Note that one thing missing from this trace is a + <code>time(2)</code> call. Unlike Apache 1.3, Apache 2.x uses + <code>gettimeofday(3)</code> to look up the time. On some operating + systems, like Linux or Solaris, <code>gettimeofday</code> has an + optimized implementation that doesn't require as much overhead + as a typical system call.</p> + + <div class="example"><pre>/65: shutdown(9, 1, 1) = 0 +/65: poll(0xFAF7B980, 1, 2000) = 1 +/65: read(9, 0xFAF7BC20, 512) = 0 +/65: close(9) = 0</pre></div> + + <p>The worker thread does a lingering close of the connection.</p> + + <div class="example"><pre>/65: close(10) = 0 +/65: lwp_park(0x00000000, 0) (sleeping...)</pre></div> + + <p>Finally the worker thread closes the file that it has just delivered + and blocks until the listener assigns it another connection.</p> + + <div class="example"><pre>/67: accept(3, 0x001FEB74, 0x001FEB94, 1) (sleeping...)</pre></div> + + <p>Meanwhile, the listener thread is able to accept another connection + as soon as it has dispatched this connection to a worker thread (subject + to some flow-control logic in the worker MPM that throttles the listener + if all the available workers are busy). Though it isn't apparent from + this trace, the next <code>accept(2)</code> can (and usually does, under + high load conditions) occur in parallel with the worker thread's handling + of the just-accepted connection.</p> + + </div></div> +<div class="bottomlang"> +<p><span>Available Languages: </span><a href="../en/misc/perf-tuning.html" title="English"> en </a> | +<a href="../ko/misc/perf-tuning.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> | +<a href="../tr/misc/perf-tuning.html" hreflang="tr" rel="alternate" title="Türkçe"> tr </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/perf-tuning.html.ko.euc-kr b/rubbos/app/httpd-2.0.64/docs/manual/misc/perf-tuning.html.ko.euc-kr new file mode 100644 index 00000000..b5443b1e --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/perf-tuning.html.ko.euc-kr @@ -0,0 +1,978 @@ +<?xml version="1.0" encoding="EUC-KR"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="ko" xml:lang="ko"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>¾ÆÆÄÄ¡ ¼º´ÉÇâ»ó - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">¸ðµâ</a> | <a href="../mod/directives.html">Áö½Ã¾îµé</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">¿ë¾î</a> | <a href="../sitemap.html">»çÀÌÆ®¸Ê</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>¾ÆÆÄÄ¡ ¼º´ÉÇâ»ó</h1> +<div class="toplang"> +<p><span>°¡´ÉÇÑ ¾ð¾î: </span><a href="../en/misc/perf-tuning.html" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../ko/misc/perf-tuning.html" title="Korean"> ko </a> | +<a href="../tr/misc/perf-tuning.html" hreflang="tr" rel="alternate" title="Türkçe"> tr </a></p> +</div> +<div class="outofdate">ÀÌ ¹®¼´Â ÃÖ½ÅÆÇ ¹ø¿ªÀÌ ¾Æ´Õ´Ï´Ù. + ÃÖ±Ù¿¡ º¯°æµÈ ³»¿ëÀº ¿µ¾î ¹®¼¸¦ Âü°íÇϼ¼¿ä.</div> + + + <p>¾ÆÆÄÄ¡ 2.0Àº ±â´É°ú Æ÷Æð¡´É¼º°ú ¼º´ÉÀÇ ±ÕÇüÀÌ ¸Âµµ·Ï + ¼³°èÇÑ ¹ü¿ë À¥¼¹öÀÌ´Ù. º¥Ä¡¸¶Å© ±â·ÏÀ» ¼¼¿ì±âÀ§ÇØ ¼³°èÇÏÁö + ¾Ê¾ÒÁö¸¸ ¾ÆÆÄÄ¡ 2.0Àº ½ÇÁ¦ ¸¹Àº °æ¿ì ³ôÀº ¼º´ÉÀ» ³½´Ù.</p> + + <p>¾ÆÆÄÄ¡ 1.3°ú ºñ±³Çؼ 2.0 ¹öÀüÀº 󸮷®°ú È®À强(scalability)À» + ³ôÀ̱âÀ§ÇØ ¸¹Àº ÃÖÀûȸ¦ Çß´Ù. ±âº»°ªÀ¸·Î ´ëºÎºÐ ÃÖÀûÈÇÑ + °ªÀ» »ç¿ëÇÑ´Ù. ±×·¯³ª ÄÄÆÄÀϽà ȤÀº ½ÇÇà½Ã ¼³Á¤ÀÌ ¼º´É¿¡ + Å« ¿µÇâÀ» ÁÙ ¼ö ÀÖ´Ù. ÀÌ ¹®¼´Â ¾ÆÆÄÄ¡ 2.0ÀÇ ¼º´ÉÀ» Çâ»óÇϱâÀ§ÇØ + ¼¹ö °ü¸®ÀÚ°¡ ¼³Á¤ÇÒ ¼ö ÀÖ´Â ¿É¼ÇÀ» ¼³¸íÇÑ´Ù. ¾î¶² ¼³Á¤ + ¿É¼ÇÀº À¥¼¹ö°¡ Çϵå¿þ¾î¿Í ¿î¿µÃ¼Á¦ÀÇ ±â´ÉÀ» ´õ Àß È°¿ëÇϵµ·Ï + ÇÏ´Â ¹Ý¸é, ¾î¶² ¿É¼ÇÀº ¼Óµµ¸¦ À§ÇØ ±â´ÉÀ» Èñ»ýÇÑ´Ù.</p> + + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#hardware">Çϵå¿þ¾î¿Í ¿î¿µÃ¼Á¦¿¡ ´ëÇؼ</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#runtime">½ÇÇà½Ã ¼³Á¤¿¡ ´ëÇؼ</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#compiletime">ÄÄÆÄÀϽà ¼³Á¤¿¡ ´ëÇؼ</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#trace">ºÎ·Ï: ½Ã½ºÅÛÈ£Ãâ ±â·ÏÀ» ÀÚ¼¼È÷ ºÐ¼®Çϱâ</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="hardware" id="hardware">Çϵå¿þ¾î¿Í ¿î¿µÃ¼Á¦¿¡ ´ëÇؼ</a></h2> + + + + <p>À¥¼¹ö ¼º´É¿¡ °¡Àå Å« ¿µÇâÀ» ÁÖ´Â °ÍÀº ¸Þ¸ð¸®´Ù. ½º¿ÒÀº + ¿äû´ç Áö¿¬½Ã°£À» »ç¿ëÀÚ°¡ "ÃæºÐÈ÷ ºü¸£´Ù°í" »ý°¢ÇÏÁö ¸øÇÏ°Ô + ´Ã¸®±â¶§¹®¿¡ À¥¼¹ö´Â ½º¿ÒÀ» ÇÏ¸é ¾ÈµÈ´Ù. ´À·ÁÁö¸é »ç¿ëÀÚ´Â + Á¤ÁöÇÏ°í ´Ù½Ã Á¢¼ÓÇÏ¿© ºÎÇÏ°¡ °è¼Ó Áõ°¡ÇÑ´Ù. <code class="directive"><a href="../mod/mpm_common.html#maxclients">MaxClients</a></code> Áö½Ã¾î¸¦ Á¶ÀýÇÏ¿© + À¥¼¹ö°¡ ½º¿ÒÀ» ÇÒ Á¤µµ·Î ¸¹Àº ÀÚ½ÄÀ» ¸¸µéÁö¾Êµµ·Ï ÇØ¾ß + ÇÑ´Ù. ¹æ¹ýÀº °£´ÜÇÏ´Ù: <code>top</code>°ú °°Àº µµ±¸¿¡¼ + ÇÁ·Î¼¼½º ¸ñ·ÏÀ» º¸°í ¾ÆÆÄÄ¡ ÇÁ·Î¼¼½ºÀÇ Æò±Õ ¸Þ¸ð¸® »ç¿ë·®À» + ¾Ë¾Æ³½ÈÄ, Àüü »ç¿ë°¡´ÉÇÑ ¸Þ¸ð¸®¿¡¼ ´Ù¸¥ ÇÁ·Î¼¼½ºµéÀÌ »ç¿ëÇÒ + °ø°£À» »« °ª¿¡¼ ³ª´«´Ù.</p> + + <p>³ª¸ÓÁö´Â Æò¹üÇÏ´Ù: ÃæºÐÈ÷ ºü¸¥ CPU, ÃæºÐÈ÷ ºü¸¥ ³×Æ®¿÷Ä«µå, + ÃæºÐÈ÷ ºü¸¥ µð½ºÅ©, ¿©±â¼ "ÃæºÐÈ÷ ºü¸¥"Àº ½ÇÇèÀ» Çؼ °áÁ¤ÇØ¾ß + ÇÑ´Ù.</p> + + <p>¿î¿µÃ¼Á¦´Â º¸Åë °¢ÀÚ ¾Ë¾Æ¼ ¼±ÅÃÇÒ ÀÏÀÌ´Ù. ±×·¯³ª ÀϹÝÀûÀ¸·Î + À¯¿ëÇÏ´Ù°í ÆǸíµÈ ¸î°¡Áö ÁöħÀÌ ÀÖ´Ù:</p> + + <ul> + <li> + <p>¼±ÅÃÇÑ ¿î¿µÃ¼Á¦ÀÇ ÃֽŠ¾ÈÁ¤ ¹öÀü°ú ÆÐÄ¡¸¦ ½ÇÇàÇÑ´Ù. + ¸¹Àº ¿î¿µÃ¼Á¦ Á¦ÀÛ»ç´Â ÃÖ±Ù TCP ½ºÅðú ¾²·¹µå ¶óÀ̺귯¸®¿¡ + ¸¹Àº ¼ÓµµÇâ»óÀ» Çß´Ù.</p> + </li> + + <li> + <p>¿î¿µÃ¼Á¦°¡ <code>sendfile(2)</code> ½Ã½ºÅÛÈ£ÃâÀ» + Áö¿øÇÑ´Ù¸é, À̸¦ »ç¿ëÇϱâÀ§ÇÑ ¹öÀüÀ̳ª ÆÐÄ¡¸¦ ¼³Ä¡ÇÏ¿´´ÂÁö + È®ÀÎÇÑ´Ù. (¿¹¸¦ µé¾î, ¸®´ª½º¶ó¸é 2.4 ÀÌ»ó ¹öÀüÀ» ¶æÇÑ´Ù. + Solaris 8 Ãʱ⠹öÀüÀº ÆÐÄ¡°¡ ÇÊ¿äÇÏ´Ù.) Áö¿øÇÏ´Â ½Ã½ºÅÛÀ̶ó¸é + ¾ÆÆÄÄ¡ 2´Â <code>sendfile</code>À» »ç¿ëÇÏ¿© CPU¸¦ ´ú + »ç¿ëÇϸç Á¤Àû ÆÄÀÏÀ» ´õ »¡¸® Àü¼ÛÇÒ ¼ö ÀÕ´Ù.</p> + </li> + </ul> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="runtime" id="runtime">½ÇÇà½Ã ¼³Á¤¿¡ ´ëÇؼ</a></h2> + + + + <table class="related"><tr><th>°ü·ÃµÈ ¸ðµâ</th><th>°ü·ÃµÈ Áö½Ã¾î</th></tr><tr><td><ul><li><code class="module"><a href="../mod/mod_dir.html">mod_dir</a></code></li><li><code class="module"><a href="../mod/mpm_common.html">mpm_common</a></code></li><li><code class="module"><a href="../mod/mod_status.html">mod_status</a></code></li></ul></td><td><ul><li><code class="directive"><a href="../mod/core.html#allowoverride">AllowOverride</a></code></li><li><code class="directive"><a href="../mod/mod_dir.html#directoryindex">DirectoryIndex</a></code></li><li><code class="directive"><a href="../mod/core.html#hostnamelookups">HostnameLookups</a></code></li><li><code class="directive"><a href="../mod/core.html#enablemmap">EnableMMAP</a></code></li><li><code class="directive"><a href="../mod/core.html#enablesendfile">EnableSendfile</a></code></li><li><code class="directive"><a href="../mod/core.html#keepalivetimeout">KeepAliveTimeout</a></code></li><li><code class="directive"><a href="../mod/prefork.html#maxspareservers">MaxSpareServers</a></code></li><li><code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code></li><li><code class="directive"><a href="../mod/core.html#options">Options</a></code></li><li><code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code></li></ul></td></tr></table> + + <h3><a name="dns" id="dns">HostnameLookups¿Í DNS¿¡ ´ëÇØ °í·ÁÇÒ Á¡µé</a></h3> + + + + <p>¾ÆÆÄÄ¡ 1.3 ÀÌÀü¿¡ <code class="directive"><a href="../mod/core.html#hostnamelookups">HostnameLookups</a></code>ÀÇ ±âº»°ªÀº + <code>On</code>ÀÌ¿´´Ù. ¿äûÀ» ¸¶Ä¡±âÀü¿¡ DNS °Ë»öÀÌ ³¡³ª¾ß + ÇϹǷΠ¿äû¸¶´Ù Áö¿¬ÀÌ »ý°å´Ù. ¾ÆÆÄÄ¡ 1.3¿¡¼ ÀÌ ¼³Á¤ÀÇ + ±âº»°ªÀÌ <code>Off</code>·Î º¯°æµÇ¾ú´Ù. ·Î±×ÆÄÀÏÀÇ ÁÖ¼Ò¸¦ + È£½ºÆ®¸íÀ¸·Î º¯È¯ÇÏ·Á¸é ¿©·¯ ·Î±×ó¸® ÇÁ·Î±×·¥Áß ÇϳªÀÎ, + ¾ÆÆÄÄ¡¿¡ Æ÷ÇÔµÈ <a href="../programs/logresolve.html"><code>logresolve</code></a> + ÇÁ·Î±×·¥À» »ç¿ëÇ϶ó.</p> + + <p>·Î±×ó¸® ÀÛ¾÷ÀÌ ¼¹ö ¼º´É¿¡ ¾Ç¿µÇâÀ» ¹ÌÄ¡¹Ç·Î ½ÇÁ¦ + »ç¿ëÇÏ´Â À¥¼¹ö°¡ ¾Æ´Ñ ´Ù¸¥ ÄÄÇ»ÅÍ¿¡¼ ·Î±×ÆÄÀÏÀ» ÈÄó¸®Çϱæ + ¹Ù¶õ´Ù.</p> + + <p><code><code class="directive"><a href="../mod/mod_access.html#allow">Allow</a></code> + from domain</code>À̳ª <code><code class="directive"><a href="../mod/mod_access.html#deny">Deny</a></code> from domain</code> + Áö½Ã¾î¸¦ »ç¿ëÇÑ´Ù¸é (Áï, IP ÁÖ¼Ò°¡ ¾Æ´Ñ È£½ºÆ®¸íÀ̳ª µµ¸ÞÀθíÀ» + »ç¿ëÇÑ´Ù¸é) ºÎµæÀÌ Áߺ¹-¿ª DNS °Ë»öÀ» (¿ª°Ë»öÀ» ÇÑÈÄ ¾ÇÀÇ·Î + º¯°æµÇ¾ú´ÂÁö È®ÀÎÇϱâÀ§ÇØ ´Ù½Ã °Ë»ö) ÇØ¾ß ÇÑ´Ù. ±×·¯¹Ç·Î + ¼º´ÉÀ» ³ôÀ̱âÀ§ÇØ ÀÌ·± Áö½Ã¾î¿¡´Â °¡´ÉÇϸé À̸§´ë½Å IP + ÁÖ¼Ò¸¦ »ç¿ëÇÑ´Ù.</p> + + <p><code><Location /server-status></code> ¼½¼Ç µîÀ¸·Î + Áö½Ã¾îÀÇ Àû¿ë¹üÀ§¸¦ Á¦ÇÑÇÒ ¼ö ÀÖÀ½À» ±â¾ïÇ϶ó. ÀÌ °æ¿ì + Á¶°Ç¿¡ ¸Â´Â ¿äû¿¡¸¸ DNS Á¶È¸¸¦ ÇÑ´Ù. ´ÙÀ½Àº + <code>.html</code>°ú <code>.cgi</code> ÆÄÀϸ¸ DNS °Ë»öÀ» + ÇÏ´Â ¿¹Á¦´Ù:</p> + + <div class="example"><p><code> + HostnameLookups off<br /> + <Files ~ "\.(html|cgi)$"><br /> + <span class="indent"> + HostnameLookups on<br /> + </span> + </Files> + </code></p></div> + + <p>±×·¯³ª CGI¿¡¼ DNS¸íÀÌ ÇÊ¿äÇÒ »ÓÀ̶ó¸é, ÇÊ¿äÇÑ Æ¯Á¤ + CGI¿¡¼¸¸ <code>gethostbyname</code> È£ÃâÀ» Çϵµ·Ï °í·ÁÇغ¼ + ¼ö ÀÖ´Ù.</p> + + + + <h3><a name="symlinks" id="symlinks">FollowSymLinks¿Í SymLinksIfOwnerMatch</a></h3> + + + + <p>URL °ø°£¿¡¼ <code>Options FollowSymLinks</code>¸¦ + »ç¿ëÇÏÁö¾Ê°í <code>Options SymLinksIfOwnerMatch</code>¸¦ + »ç¿ëÇÏ¸é ¾ÆÆÄÄ¡´Â ½Éº¼¸µÅ©¸¦ °Ë»çÇϱâÀ§ÇØ ½Ã½ºÅÛÈ£ÃâÀ» + Çѹø ´õ ÇØ¾ß ÇÑ´Ù. ÆÄÀϸíÀÇ °¢ ºÎºÐ¸¶´Ù Çѹø¾¿ ´õ È£ÃâÀ» + ÇÑ´Ù. ¿¹¸¦ µé¾î, ¼³Á¤ÀÌ ´ÙÀ½°ú °°°í:</p> + + <div class="example"><p><code> + DocumentRoot /www/htdocs<br /> + <Directory /><br /> + <span class="indent"> + Options SymLinksIfOwnerMatch<br /> + </span> + </Directory> + </code></p></div> + + <p><code>/index.html</code> URI¿¡ ´ëÇÑ ¿äûÀÌ ÀÖ´Ù°í °¡Á¤ÇÏÀÚ. + ±×·¯¸é ¾ÆÆÄÄ¡´Â <code>/www</code>, <code>/www/htdocs</code>, + <code>/www/htdocs/index.html</code> °¢°¢¿¡ ´ëÇØ + <code>lstat(2)</code>¸¦ È£ÃâÇÑ´Ù. <code>lstats</code> + °á°ú¸¦ ij½ÌÇÏÁö ¾Ê±â¶§¹®¿¡ ¿äûÀÌ µé¾î¿Ã ¶§¸¶´Ù ¸Å¹ø °°Àº + ÀÛ¾÷À» ÇÑ´Ù. ÁøÂ¥ ½Éº¼¸µÅ© º¸¾È °Ë»ç¸¦ ¿øÇÑ´Ù¸é ´ÙÀ½°ú + °°ÀÌ ÇÒ ¼ö ÀÖ´Ù:</p> + + <div class="example"><p><code> + DocumentRoot /www/htdocs<br /> + <Directory /><br /> + <span class="indent"> + Options FollowSymLinks<br /> + </span> + </Directory><br /> + <br /> + <Directory /www/htdocs><br /> + <span class="indent"> + Options -FollowSymLinks +SymLinksIfOwnerMatch<br /> + </span> + </Directory> + </code></p></div> + + <p>ÀÌ °æ¿ì ÃÖ¼ÒÇÑ <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> °æ·Î´Â °Ë»çÇÏÁö + ¾Ê´Â´Ù. DocumentRoot ¹Û¿¡ ÀÖ´Â °æ·Î·Î <code class="directive"><a href="../mod/mod_alias.html#alias">Alias</a></code>³ª <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code>À» »ç¿ëÇÑ + °æ¿ì¿¡µµ À§¿Í ºñ½ÁÇÑ ¼½¼ÇÀÌ ÇÊ¿äÇÏ´Ù. ½Éº¼¸µÅ© º¸¾ÈÀ» + °í·ÁÇÏÁö ¾Ê°í ÃÖ°íÀÇ ¼º´ÉÀ» ¾òÀ¸·Á¸é, + <code>FollowSymLinks</code>¸¦ ¼³Á¤ÇÏ°í, + <code>SymLinksIfOwnerMatch</code>´Â Àý´ë·Î ¾ÈµÈ´Ù.</p> + + + + <h3><a name="htacess" id="htacess">AllowOverride</a></h3> + + + + <p>URL °ø°£¿¡¼ overrides¸¦ Çã¿ëÇÑ´Ù¸é (º¸Åë + <code>.htaccess</code> ÆÄÀÏ) ¾ÆÆÄÄ¡´Â ÆÄÀϸíÀÇ °¢ ºÎºÐ¸¶´Ù + <code>.htaccess</code>¸¦ ¿±æ ½ÃµµÇÑ´Ù. ¿¹¸¦ µé¾î,</p> + + <div class="example"><p><code> + DocumentRoot /www/htdocs<br /> + <Directory /><br /> + <span class="indent"> + AllowOverride all<br /> + </span> + </Directory> + </code></p></div> + + <p><code>/index.html</code> URI¿¡ ´ëÇÑ ¿äûÀÌ ÀÖ´Ù°í °¡Á¤ÇÏÀÚ. + ¾ÆÆÄÄ¡´Â <code>/.htaccess</code>, <code>/www/.htaccess</code>, + <code>/www/htdocs/.htaccess</code>¸¦ ¿·Á°í ½ÃµµÇÑ´Ù. + ÇØ°áÃ¥Àº ¾ÕÀÇ <code>Options FollowSymLinks</code> °æ¿ì¿Í + ºñ½ÁÇÏ´Ù. ÃÖ°íÀÇ ¼º´ÉÀ» ¾òÀ¸·Á¸é ÆÄÀϽýºÅÛ¿¡ ´ëÇؼ Ç×»ó + <code>AllowOverride None</code>À» »ç¿ëÇÑ´Ù.</p> + + + + <h3><a name="negotiation" id="negotiation">³»¿ëÇù»ó</a></h3> + + + + <p>°¡´ÉÇÏ°í ÁøÂ¥ Á¶±ÝÀÇ ¼º´ÉÇâ»ó¿¡µµ °ü½ÉÀÌ ÀÖ´Ù¸é ³»¿ëÇù»óÀ» + ¸·´Â´Ù. ½ÇÁ¦·Î Çù»óÀÇ À̵æÀº ¼º´ÉÀúÇϺ¸´Ù ÀÛ´Ù. ¼¹ö¸¦ + ºü¸£°Ô ÇÒ ¼ö ÀÖ´Ù. ´ÙÀ½°ú °°ÀÌ ¿ÍÀϵåÄ«µå¸¦ »ç¿ëÇÏ´Â ´ë½Å:</p> + + <div class="example"><p><code> + DirectoryIndex index + </code></p></div> + + <p>¿ÏÀüÇÑ ¸ñ·ÏÀ» »ç¿ëÇÑ´Ù:</p> + + <div class="example"><p><code> + DirectoryIndex index.cgi index.pl index.shtml index.html + </code></p></div> + + <p>°¡Àå ÈçÇÑ °ÍÀ» ¾Õ¿¡ µÐ´Ù.</p> + + <p>¶Ç, µð·ºÅ丮¿¡¼ ÆÄÀϵéÀ» ã´Â <code>MultiViews</code> + º¸´Ù´Â, ÇÑ ÆÄÀϸ¸ ÀÐÀ¸¸é ÇÊ¿äÇÑ Á¤º¸¸¦ ¾òÀ» ¼ö ÀÖ´Â + <code>type-map</code> ÆÄÀÏÀ» Á÷Á¢ ¸¸µå´Â °ÍÀÌ ´õ ºü¸§À» + ¸í½ÉÇ϶ó.</p> + + <p>»çÀÌÆ®¿¡ ³»¿ëÇù»óÀÌ ÇÊ¿äÇÏ´Ù¸é Çù»óÀ» À§ÇØ <code>Options + MultiViews</code> Áö½Ã¾î¸¦ »ç¿ëÇϱ⺸´Ù <code>type-map</code> + ÆÄÀÏÀ» °í·ÁÇ϶ó. Çù»ó¹æ¹ý¿¡ ´ëÇÑ ÀÚ¼¼ÇÑ ¼³¸í°ú + <code>type-map</code> ÆÄÀÏÀ» ¸¸µå´Â ¹æ¹ýÀº <a href="../content-negotiation.html">³»¿ëÇù»ó</a> ¹®¼¸¦ Âü°íÇ϶ó.</p> + + + + <h3>¸Þ¸ð¸®´ëÀÀ (memory-mapping)</h3> + + + + <p>¿¹¸¦ µé¾î, server-side-include¸¦ ó¸®ÇÏ´Â µî ¾ÆÆÄÄ¡ + 2.0ÀÌ Àü¼ÛÇÒ ÆÄÀÏÀ» ÀÐÀ»¶§ ¿î¿µÃ¼Á¦°¡ <code>mmap(2)</code> + µîÀ» Áö¿øÇÑ´Ù¸é ÆÄÀÏÀ» ¸Þ¸ð¸®´ëÀÀÇÑ´Ù.</p> + + <p>¿©·¯ Ç÷¡Æû¿¡¼ ¸Þ¸ð¸®´ëÀÀÀ» ¼º´ÉÀ» Çâ»óÇÑ´Ù. ±×·¯³ª + ¸Þ¸ð¸®´ëÀÀÀÌ ¼¹öÀÇ ¼º´ÉÀ» ¶³¾îÆ®¸®°í ½ÉÁö¾î ¾ÈÁ¤¼ºÀ» + ÇØÄ¡´Â °æ¿ì°¡ ÀÖ´Ù:</p> + + <ul> + <li> + <p>¾î¶² ¿î¿µÃ¼Á¦¿¡¼ <code>mmap</code>Àº CPU °³¼ö°¡ + ¸¹¾ÆÁú¶§ <code>read(2)</code> ¸¸Å È®À强ÀÌ ÁÁÁö ¾Ê´Ù. + ¿¹¸¦ µé¾î, ´ÙÁßÇÁ·Î¼¼¼ Solaris ¼¹ö¿¡¼ ¾ÆÆÄÄ¡ 2.0Àº + Á¾Á¾ <code>mmap</code>À» »ç¿ëÇÏÁö ¾ÊÀ»¶§ ¼¹ö°¡ ó¸®ÇÑ + ÆÄÀÏÀ» ´õ »¡¸® Àü¼ÛÇÑ´Ù.</p> + </li> + + <li> + <p>NFS ¸¶¿îÆ®ÇÑ ÆÄÀϽýºÅÛ¿¡ ÀÖ´Â ÆÄÀÏÀ» ¸Þ¸ð¸®´ëÀÀÇÏ´Â + µµÁß¿¡ ´Ù¸¥ NFS Ŭ¶óÀ̾ðÆ®¿¡ ÀÖ´Â ÇÁ·Î¼¼½º°¡ ÆÄÀÏÀ» + Áö¿ì°Å³ª ÆÄÀÏÅ©±â¸¦ ÁÙÀ̸é, À¥¼¹ö ÇÁ·Î¼¼½º°¡ ´ÙÀ½ + ¹ø¿¡ ¸Þ¸ð¸®´ëÀÀÇÑ ÆÄÀϳ»¿ëÀ» ÀÐÀ»¶§ bus error°¡ ¹ß»ýÇÒ + ¼ö ÀÖ´Ù.</p> + </li> + </ul> + + <p>À§ÀÇ Á¶°Ç¿¡ ÇØ´çÇϸé Àü¼ÛÇÏ´Â ÆÄÀÏÀ» ¸Þ¸ð¸®´ëÀÀÇÏÁö + ¾Êµµ·Ï <code>EnableMMAP off</code>¸¦ »ç¿ëÇØ¾ß ÇÑ´Ù. (ÁÖÀÇ: + ÀÌ Áö½Ã¾î´Â µð·ºÅ丮º°·Î º¯°æÇÒ ¼ö ÀÖ´Ù.)</p> + + + + <h3>Sendfile</h3> + + + + <p>¾ÆÆÄÄ¡´Â ¿î¿µÃ¼Á¦°¡ <code>sendfile(2)</code>À» Áö¿øÇϸé + Ä¿³Î sendfileÀ» »ç¿ëÇÏ¿© -- ¿¹¸¦ µé¾î, Á¤Àû ÆÄÀÏÀ» ¼ºñ½ºÇÒ¶§ + -- Àü¼ÛÇÒ ÆÄÀÏÀ» Á÷Á¢ ÀÐÁö¾ÊÀ» ¼ö ÀÖ´Ù.</p> + + <p>¿©·¯ Ç÷¡Æû¿¡¼ sendfileÀ» »ç¿ëÇϸé read¿Í send¸¦ µû·Î + ÇÒ ÇÊ¿ä°¡ ¾ø¾î¼ »¡¶óÁø´Ù. ±×·¯³ª sendfileÀ» »ç¿ëÇϸé + À¥¼¹öÀÇ ¾ÈÁ¤¼ºÀ» ÇØÄ¡°ÔµÇ´Â °æ¿ì°¡ ÀÖ´Ù:</p> + + <ul> + <li> + <p>sendfile Áö¿øÀÌ À߸øµÇ¾ú°í ÄÄÆÄÀÏ ½Ã½ºÅÛÀÌ ÀÌÁ¡À» + ¹ß°ßÇÏÁö ¸øÇÏ´Â Ç÷¡ÆûÀÌ ÀÖ´Ù. ƯÈ÷ ´Ù¸¥ ÄÄÇ»ÅÍ¿¡¼ + ½ÇÇàÆÄÀÏÀ» ÄÄÆÄÀÏÇÏ¿© sendfile Áö¿øÀÌ À߸øµÈ ÄÄÇ»ÅÍ·Î + °¡Á®¿Â °æ¿ì¿¡ °¡´ÉÇÏ´Ù.</p> + </li> + <li> + <p>Ä¿³ÎÀº ÀÚ½ÅÀÇ Ä³½¬¸¦ »ç¿ëÇÏ¿© NFS·Î ¸¶¿îÆ®ÇÑ ÆÄÀÏÀ» + ¾ÈÁ¤ÀûÀ¸·Î ¼ºñ½ºÇÒ ¼ö ¾ø´Â °æ¿ì°¡ ÀÖ´Ù.</p> + </li> + </ul> + + <p>À§ÀÇ Á¶°Ç¿¡ ÇØ´çÇϸé ÆÄÀÏÀ» sendfile Àü¼ÛÇÏÁö ¾Êµµ·Ï + <code>EnableSendfile off</code>¸¦ »ç¿ëÇØ¾ß ÇÑ´Ù. (ÁÖÀÇ: + ÀÌ Áö½Ã¾î´Â µð·ºÅ丮º°·Î º¯°æÇÒ ¼ö ÀÖ´Ù.)</p> + + + + <h3><a name="process" id="process">ÇÁ·Î¼¼½º »ý¼º</a></h3> + + + + <p>¾ÆÆÄÄ¡ 1.3 ÀÌÀü¿¡´Â <code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code>, <code class="directive"><a href="../mod/prefork.html#maxspareservers">MaxSpareServers</a></code>, <code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code> ¼³Á¤ÀÌ ¸ðµÎ + º¥Ä¡¸¶Å© °á°ú¿¡ Å« ¿µÇâÀ» ¹ÌÃÆ´Ù. ƯÈ÷ ¾ÆÆÄÄ¡´Â ÀÛ¾÷À» + ¼ºñ½ºÇϱâÀ§ÇØ ÃæºÐÇÑ Àڽļö¿¡ ´Ù´Ù¸¦ ¶§±îÁö "µµ´Þ" ±â°£ÀÌ + ÇÊ¿äÇß´Ù. óÀ½ <code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code>°³ ÀÚ½ÄÀ» + ¸¸µçÈÄ, <code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code> + ¼³Á¤°ª±îÁö ÃÊ´ç ÀÚ½ÄÀ» Çϳª¾¿ ¸¸µé¾ú´Ù. ±×·¡¼ <code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code> ±âº»°ªÀÌ + <code>5</code>ÀÎ ¼¹ö¿¡ Ŭ¶óÀ̾ðÆ® 100°³°¡ µ¿½Ã¿¡ Á¢¼ÓÇϸé + ºÎÇϸ¦ ó¸®Çϱ⿡ ÃæºÐÇÑ ÀÚ½ÄÀ» ¸¸µé±â±îÁö 95ÃÊ°¡ °É·È´Ù. + ÀÚÁÖ Àç½ÃÀÛÇÏÁö ¾Ê´Â ½ÇÁ¦ ¼¹ö¿¡¼´Â Àß µ¿ÀÛÇÏÁö¸¸, 10ºÐ°£¸¸ + ½ÇÇàÇÏ´Â º¥Ä¡¸¶Å© °á°ú´Â ¸Å¿ì ³ª»Ú°Ô ³ª¿Â´Ù.</p> + + <p>ÃÊ´ç ÇÑ°³ ±ÔÄ¢Àº ÀÚ½ÄÀ» »õ·Î ½ÃÀÛÇÏ¸é¼ ¼¹ö¿¡ ¹«¸®¸¦ + ÁÖÁö ¾ÊÀ¸·Á°í Á¤Çß´Ù. ÄÄÇ»ÅÍ°¡ ÀÚ½ÄÀ» ½ÃÀÛÇÏ´À¶ó ¹Ù»Ú¸é + ¿äûÀ» ¼ºñ½ºÇÒ ¼ö ¾ø´Ù. ±×·¯³ª ÀÌ ±ÔÄ¢ÀÌ ¾ÆÆÄÄ¡ÀÇ Ã¼°¨ + ¼º´É¿¡ ¾Ç¿µÇâÀ» ÁÖ¾î º¯°æÇÏ¿´´Ù. ¾ÆÆÄÄ¡ 1.3¿¡¼ ÃÊ´ç ÇÑ°³ + ±ÔÄ¢Àº ¿ÏȵǾú´Ù. ÄÚµå´Â ÀÚ½Ä ÇÑ°³¸¦ ¸¸µé°í, 1ÃÊ ½¬°í, + µÎ°³¸¦ ¸¸µé°í, 1ÃÊ ½¬°í, ³×°³¸¦ ¸¸µé°í, ÀÌ·± ½ÄÀ¸·Î ÃÊ´ç + ÀÚ½ÄÀ» 32°³ ¸¸µé¶§±îÁö Áö¼ö·Î Áõ°¡ÇÑ´Ù. Àڽļö°¡ <code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code> ¼³Á¤¿¡ ´Ù´Ù¸£¸é + Áõ°¡¸¦ Áß´ÜÇÑ´Ù.</p> + + <p>ÀÌ °æ¿ì ¹ÝÀÀ¼Óµµ°¡ »¡¶óÁ®¼ <code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code>, <code class="directive"><a href="../mod/prefork.html#maxspareservers">MaxSpareServers</a></code>, <code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code>¸¦ °ÅÀÇ ¼³Á¤ÇÒ ÇÊ¿ä°¡ ¾ø´Ù. ÀÏÃÊ¿¡ + ÀÚ½ÄÀ» 4°³ ÀÌ»ó »ý¼ºÇϸé <code class="directive"><a href="../mod/core.html#errorlog">ErrorLog</a></code>¿¡ ±â·ÏÇÑ´Ù. ÀÌ·± ¿À·ù¹®ÀÌ + ¸¹ÀÌ º¸À̸é ÀÌ ¼³Á¤µéÀ» Á¶ÀýÇÏ±æ ¹Ù¶õ´Ù. + <code class="module"><a href="../mod/mod_status.html">mod_status</a></code> °á°ú°¡ µµ¿òÀÌ µÉ °ÍÀÌ´Ù.</p> + + <p>ÇÁ·Î¼¼½º »ý¼º°ú °ü·ÃÇÏ¿© <code class="directive"><a href="../mod/mpm_common.html#maxrequestsperchild">MaxRequestsPerChild</a></code> ¼³Á¤Àº + ÇÁ·Î¼¼½º¸¦ Á¾·áÇÑ´Ù. ±âº»°ªÀº ÀڽĴç ó¸®ÇÒ ¿äû¼ö¿¡ Á¦ÇÑÀÌ + ¾ø´Ù´Â <code>0</code>ÀÌ´Ù. ÇöÀç ¼³Á¤ÀÌ <code>30</code>°ú + °°ÀÌ ¸Å¿ì ÀÛÀº °ªÀ¸·Î ¼³Á¤µÇÀÖ´Ù¸é, °ªÀ» »ó´çÈ÷ ³ôÈú ÇÊ¿ä°¡ + ÀÖ´Ù. SunOS³ª ¿À·¡µÈ Solaris ¹öÀüÀ» »ç¿ëÇÑ´Ù¸é, ¸Þ¸ð¸®À¯Ã⶧¹®¿¡ + ÀÌ °ªÀ» <code>10000</code> Á¤µµ·Î ¼³Á¤Ç϶ó.</p> + + <p>¿¬°áÀ¯Áö(keep-alive)¸¦ »ç¿ëÇÑ´Ù¸é ÀڽĵéÀº ÀÌ¹Ì ¿¸° + ¿¬°á¿¡¼ Ãß°¡ ¿äûÀ» ±â´Ù¸®¸ç ¾Æ¹«°Íµµ ÇÏÁö¾Ê±â¶§¹®¿¡ °è¼Ó + ¹Ù»Ú´Ù. <code class="directive"><a href="../mod/core.html#keepalivetimeout">KeepAliveTimeout</a></code>ÀÇ + ±âº»°ª <code>15</code> ÃÊ´Â ÀÌ·± Çö»óÀ» ÃÖ¼ÒÈÇÑ´Ù. ³×Æ®¿÷ + ´ë¿ªÆø°ú ¼¹ö ÀÚ¿ø °£ÀÇ ±ÕÇüÀÌ ¸Â°Ô ¼³Á¤ÇÑ´Ù. <a href="http://www.research.digital.com/wrl/techreports/abstracts/95.4.html"> + ¿¬°áÀ¯ÁöÀÇ ´ëºÎºÐÀÇ ÀÌÁ¡ÀÌ »ç¶óÁö±â¶§¹®¿¡</a> ¾î¶² °æ¿ì¿¡µµ + ÀÌ °ªÀ» <code>60</code> ÃÊ ÀÌ»óÀ¸·Î ¿Ã¸®Áö ¸¶¶ó.</p> + + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="compiletime" id="compiletime">ÄÄÆÄÀϽà ¼³Á¤¿¡ ´ëÇؼ</a></h2> + + + + <h3>MPM ¼±ÅÃ</h3> + + + + <p>¾ÆÆÄÄ¡ 2.x´Â <a href="../mpm.html">´ÙÁß󸮸ðµâ</a> + (MPMs)À̶ó´Â ±³Ã¼ÇÒ ¼ö ÀÖ´Â µ¿±âÈ ¸ðµ¨À» Áö¿øÇÑ´Ù. ¾ÆÆÄÄ¡¸¦ + ÄÄÆÄÀÏÇÒ¶§ MPMÀ» ¼±ÅÃÇØ¾ß ÇÑ´Ù. <code class="module"><a href="../mod/beos.html">beos</a></code>, + <code class="module"><a href="../mod/mpm_netware.html">mpm_netware</a></code>, <code class="module"><a href="../mod/mpmt_os2.html">mpmt_os2</a></code>, + <code class="module"><a href="../mod/mpm_winnt.html">mpm_winnt</a></code>¿Í °°ÀÌ Æ¯Á¤ Ç÷¡Æû¿¡¼¸¸ »ç¿ëÇÒ + ¼ö ÀÖ´Â MPMµµ ÀÖ´Ù. ÀϹÝÀûÀÎ À¯´Ð½º·ù ½Ã½ºÅÛÀº ¿©·¯ MPM + Áß¿¡ Çϳª¸¦ ¼±ÅÃÇÒ ¼ö ÀÖ´Ù. À¥¼¹öÀÇ ¼Óµµ¿Í + È®À强(scalability)Àº ¾î¶² MPMÀ» ¼±ÅÃÇ߳Ŀ¡ ´Þ·È´Ù:</p> + + <ul> + + <li><code class="module"><a href="../mod/worker.html">worker</a></code> MPMÀº ¿©·¯ ÀÚ½Ä ÇÁ·Î¼¼½º°¡ + °¢°¢ ¿©·¯ ¾²·¹µå¸¦ »ç¿ëÇÑ´Ù. °¢ ¾²·¹µå´Â Çѹø¿¡ ÇÑ ¿¬°áÀ» + ´ã´çÇÑ´Ù. ÀϹÝÀûÀ¸·Î worker´Â prefork MPM º¸´Ù ÀûÀº + ¸Þ¸ð¸®¸¦ »ç¿ëÇϹǷΠÅë½Å·®ÀÌ ¸¹Àº ¼¹ö¿¡ ÀûÀýÇÏ´Ù.</li> + + <li><code class="module"><a href="../mod/prefork.html">prefork</a></code> MPMÀº ¾²·¹µå°¡ ÇÑ°³ÀÎ ÀÚ½Ä + ÇÁ·Î¼¼½º¸¦ ¿©·¯°³ »ç¿ëÇÑ´Ù. °¢ ÇÁ·Î¼¼½º´Â Çѹø¿¡ ÇÑ + ¿¬°áÀ» ´ã´çÇÑ´Ù. ¿©·¯ ½Ã½ºÅÛ¿¡¼ preforkÀÇ ¼Óµµ´Â worker¿Í + ºñ½ÁÇÏÁö¸¸, ´õ ¸¹Àº ¸Þ¸ð¸®¸¦ »ç¿ëÇÑ´Ù. ´ÙÀ½°ú °°Àº »óȲ¿¡¼ + ¾²·¹µå¸¦ »ç¿ëÇÏÁö ¾Ê´Â prefork ¹æ½ÄÀÌ worker¿¡ ºñÇØ + ÀÌÁ¡À» °¡Áø´Ù: ¾²·¹µå¿¡ ¾ÈÀüÇÏÁö (thread-safe) ¾ÊÀº + Á¦»ïÀÚ°¡ ¸¸µç ¸ðµâÀ» »ç¿ëÇÒ ¼ö ÀÖ°í, ¾²·¹µå µð¹ö±ë Áö¿øÀÌ + ºó¾àÇÑ Ç÷¡Æû¿¡¼ ½±°Ô µð¹ö±ëÇÒ ¼ö ÀÖ´Ù.</li> + + </ul> + + <p>ÀÌ MPMµé°ú ´Ù¸¥ MPM¿¡ ´ëÇØ ´õ ÀÚ¼¼ÇÑ Á¤º¸´Â MPM <a href="../mpm.html">¹®¼</a>¸¦ Âü°íÇÏ±æ ¹Ù¶õ´Ù.</p> + + + + <h3><a name="modules" id="modules">¸ðµâ</a></h3> + + + + <p>¸Þ¸ð¸® »ç¿ë·®ÀÌ ¼º´É¿¡¼ °¡Àå Áß¿äÇÑ ¿äÀÎÀ̱⶧¹®¿¡ + ½ÇÁ¦·Î »ç¿ëÇÏÁö ¾Ê´Â ¸ðµâÀ» Á¦°ÅÇغ¸ÀÚ. ¸ðµâÀ» <a href="../dso.html">DSO</a>·Î ÄÄÆÄÀÏÇß´Ù¸é °£´ÜÈ÷ ±× + ¸ðµâ¿¡ ´ëÇÑ <code class="directive"><a href="../mod/mod_so.html#loadmodule">LoadModule</a></code> Áö½Ã¾î¸¦ ÁÖ¼®Ã³¸®Çϸé + µÈ´Ù. ±×·¡¼ ¸ðµâÀ» Á¦°ÅÇÏ°í ½ÇÇàÇÏ¿© »çÀÌÆ®°¡ ¸ðµâ¾øÀ̵µ + Á¤»óÀûÀ¸·Î µ¿ÀÛÇÏ´ÂÁö »ìÆ캼 ¼ö ÀÖ´Ù.</p> + + <p>¹Ý´ë·Î ¸ðµâÀÌ ¾ÆÆÄÄ¡ ½ÇÇàÆÄÀÏ¿¡ Á¤ÀûÀ¸·Î ¸µÅ©µÇÀÖ´Ù¸é + ¿øÇÏÁö ¾Ê´Â ¸ðµâÀ» Á¦°ÅÇϱâÀ§ÇØ ¾ÆÆÄÄ¡¸¦ ÀçÄÄÆÄÀÏÇØ¾ß + ÇÑ´Ù.</p> + + <p>¿©±â¼ ´ç¿¬È÷ ¾î¶² ¸ðµâÀ» »ç¿ëÇÏ°í »ç¿ëÇÏÁö ¸»Áö + Àǹ®ÀÌ »ý±ä´Ù. Á¤´äÀº À¥»çÀÌÆ®¸¶´Ù ´Ù¸£´Ù. ±×·¯³ª ¾Æ¸¶µµ + <em>ÃÖ¼ÒÇÑ</em> <code class="module"><a href="../mod/mod_mime.html">mod_mime</a></code>, + <code class="module"><a href="../mod/mod_dir.html">mod_dir</a></code>, <code class="module"><a href="../mod/mod_log_config.html">mod_log_config</a></code> + ¸ðµâÀº »ç¿ëÇÒ °ÍÀÌ´Ù. ¹°·Ð À¥»çÀÌÆ®¿¡ ·Î±×ÆÄÀÏÀÌ ÇÊ¿ä¾ø´Ù¸é + <code>mod_log_config</code>´Â ¾ø¾îµµ µÈ´Ù. ±×·¯³ª ÃßõÇÏÁö + ¾Ê´Â´Ù.</p> + + + + <h3>Atomic ¸í·É</h3> + + + + <p><code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code> °°Àº ¸ðµâ°ú ÃÖ±Ù °³¹ßÁßÀÎ + worker MPMÀº APRÀÇ atomic API¸¦ »ç¿ëÇÑ´Ù. ÀÌ API´Â °æ·®±Þ + ¾²·¹µå µ¿±âȸ¦ À§ÇÒ atomic ¸í·ÉÀ» Á¦°øÇÑ´Ù.</p> + + <p>±âº»ÀûÀ¸·Î APRÀº °¢ ¿î¿µÃ¼Á¦/CPU Ç÷¡Æû¿¡¼ °¡Àå È¿À²ÀûÀÎ + ¹æ¹ýÀ» »ç¿ëÇÏ¿© ÀÌ ¸í·ÉÀ» ±¸ÇöÇÑ´Ù. ¿¹¸¦ µé¾î, ¿©·¯ ÃֽŠ+ CPU¿¡´Â Çϵå¿þ¾î·Î atomic compare-and-swap (CAS) ¿¬»êÀ» + ÇÏ´Â ¸í·É¾î°¡ ÀÖ´Ù. ±×·¯³ª ¾î¶² Ç÷¡Æû¿¡¼ APRÀº ÀÌ·± + ¸í·É¾î°¡ ¾ø´Â ¿À·¡µÈ CPU¿Í ȣȯ¼ºÀ» À§ÇØ ´õ ´À¸° mutex±â¹Ý + ±¸ÇöÀ» ±âº»ÀûÀ¸·Î »ç¿ëÇÑ´Ù. ÀÌ·± Ç÷¡Æû¿¡¼ ¾ÆÆÄÄ¡¸¦ + ÄÄÆÄÀÏÇÒ¶§ ¾ÆÆÄÄ¡¸¦ ÃֽŠCPU¿¡¼¸¸ ½ÇÇàÇÒ °èȹÀ̶ó¸é, + ¾ÆÆÄÄ¡¸¦ ±¸¼ºÇÒ¶§ <code>--enable-nonportable-atomics</code> + ¿É¼ÇÀ» »ç¿ëÇÏ¿© ´õ ºü¸¥ atomic ±¸ÇöÀ» ¼±ÅÃÇÒ ¼ö ÀÖ´Ù:</p> + + <div class="example"><p><code> + ./buildconf<br /> + ./configure --with-mpm=worker --enable-nonportable-atomics=yes + </code></p></div> + + <p><code>--enable-nonportable-atomics</code> ¿É¼ÇÀº ´ÙÀ½°ú + °°Àº Ç÷¡Æû¿¡ ¿µÇâÀÌ ÀÖ´Ù:</p> + + <ul> + + <li>SPARC¿¡¼ Solaris<br /> + ±âº»ÀûÀ¸·Î APRÀº Solaris/SPARC¿¡¼ mutex±â¹Ý atomicÀ» + »ç¿ëÇÑ´Ù. ±×·¯³ª ±¸¼ºÇÒ¶§ + <code>--enable-nonportable-atomics</code>¸¦ »ç¿ëÇϸé + APRÀº ºü¸¥ Çϵå¿þ¾î compare-and-swapÀ» À§ÇÑ SPARC + v8plus ¸í·É¾î¸¦ »ç¿ëÇÑ´Ù. ÀÌ ¿É¼ÇÀ» »ç¿ëÇϸé atomic + ¸í·ÉÀÌ ´õ È¿À²ÀûÀÌÁö¸¸ (CPU¸¦ ´ú »ç¿ëÇÏ°í ´õ ³ôÀº + µ¿±âÈ°¡ °¡´ÉÇÏ´Ù), ÄÄÆÄÀÏÇÑ ½ÇÇàÆÄÀÏÀº UltraSPARC + Ĩ¿¡¼¸¸ ½ÇÇàÇÒ ¼ö ÀÖ´Ù. + </li> + + <li>Linux on x86<br /> + ±âº»ÀûÀ¸·Î APRÀº ¸®´ª½º¿¡¼ mutex±â¹Ý atomicÀ» + »ç¿ëÇÑ´Ù. ±×·¯³ª ±¸¼ºÇÒ¶§ + <code>--enable-nonportable-atomics</code>¸¦ »ç¿ëÇϸé + APRÀº ºü¸¥ Çϵå¿þ¾î compare-and-swapÀ» À§ÇÑ 486 + ¸í·É¾î¸¦ »ç¿ëÇÑ´Ù. ´õ È¿À²ÀûÀÎ atomic ¸í·ÉÀÌ °¡´ÉÇÏÁö¸¸, + ÄÄÆÄÀÏÇÑ ½ÇÇàÆÄÀÏÀº 486 ÀÌ»ó Ĩ¿¡¼¸¸ (386Àº ¾ÈµÈ´Ù) + ½ÇÇàÇÒ ¼ö ÀÖ´Ù. + </li> + + </ul> + + + + <h3>mod_status¿Í ExtendedStatus On</h3> + + + + <p>¾ÆÆÄÄ¡¸¦ ÄÄÆÄÀÏÇÒ¶§ <code class="module"><a href="../mod/mod_status.html">mod_status</a></code>¸¦ Æ÷ÇÔÇÏ°í + ½ÇÇàÇÒ¶§ <code>ExtendedStatus On</code>À» ¼³Á¤ÇÏ¸é ¾ÆÆÄÄ¡´Â + ¿äûÀ» ¹ÞÀ»¶§¸¶´Ù <code>gettimeofday(2)</code>(ȤÀº ¿î¿µÃ¼Á¦¿¡ + µû¶ó <code>times(2)</code>)¸¦ µÎ¹ø È£ÃâÇÏ°í (1.3 ÀÌÀü¿¡´Â) + <code>time(2)</code>µµ Ãß°¡·Î ¿©·¯¹ø È£ÃâÇÑ´Ù. »óÅ º¸°í¼¿¡ + µ¿À۽ð£ÀÌ ÇÊ¿äÇϱ⠶§¹®ÀÌ´Ù. ÃÖ»óÀÇ ¼º´ÉÀ» ¾òÀ¸·Á¸é + (±âº»°ªÀÎ) <code>ExtendedStatus off</code>¸¦ ¼³Á¤ÇÑ´Ù.</p> + + + + <h3>accept Á÷·ÄÈ - ¿©·¯ ¼ÒÄÏ</h3> + + + + <div class="warning"><h3>ÁÖÀÇ:</h3> + <p> ¾Æ·¡ ¹®¼´Â ¾ÆÆÄÄ¡ À¥¼¹ö 2.0 ¹öÀü¿¡¼ º¯°æµÈ ³»¿ëÀ» + ´ã°í ÀÖÁö ¾Ê´Ù. ¾ÆÁ÷µµ À¯È¿ÇÑ Á¤º¸°¡ ÀÖÁö¸¸, ÁÖÀÇÇؼ + »ç¿ëÇÏ±æ ¹Ù¶õ´Ù.</p> + </div> + + <p>À¯´Ð½º ¼ÒÄÏ APIÀÇ ´ÜÁ¡À» ¼³¸íÇÑ´Ù. À¥¼¹ö°¡ ¿©·¯ Æ÷Æ® + ȤÀº ¿©·¯ ÁÖ¼Ò¸¦ ±â´Ù¸®±âÀ§ÇØ ¿©·¯ <code class="directive"><a href="../mod/mpm_common.html#listen">Listen</a></code>À» »ç¿ëÇÑ´Ù°í °¡Á¤ÇÏÀÚ. + ¿¬°áÀÌ °¡´ÉÇÑÁö °¢ ¼ÒÄÏÀ» °Ë»çÇϱâÀ§ÇØ ¾ÆÆÄÄ¡´Â + <code>select(2)</code>¸¦ »ç¿ëÇÑ´Ù. <code>select(2)</code>´Â + ¼ÒÄÏ¿¡ ±â´Ù¸®°í ÀÖ´Â ¿¬°áÀÌ <em>¾ø´ÂÁö</em> ȤÀº <em>ÃÖ¼ÒÇÑ + ÇÑ°³</em> ÀÖ´ÂÁö ¾Ë·ÁÁØ´Ù. ¾ÆÆÄÄ¡¿¡´Â ¿©·¯ ÀÚ½ÄÀÌ ÀÖ°í, + ½¬°í ÀÖ´Â ¸ðµç ÀÚ½ÄÀº µ¿½Ã¿¡ »õ·Î¿î ¿¬°áÀ» °Ë»çÇÑ´Ù. ¿ø·¡ + ±¸ÇöÀº ´ÙÀ½°ú ºñ½ÁÇÏ´Ù (ÀÌ ¿¹´Â Äڵ忡¼ °¡Á®¿ÀÁö ¾Ê¾Ò´Ù. + ´ÜÁö ¼³¸íÇϱâÀ§ÇÑ ¿ëµµ·Î ¸¸µé¾ú´Ù.):</p> + + <div class="example"><p><code> + for (;;) {<br /> + <span class="indent"> + for (;;) {<br /> + <span class="indent"> + fd_set accept_fds;<br /> + <br /> + FD_ZERO (&accept_fds);<br /> + for (i = first_socket; i <= last_socket; ++i) {<br /> + <span class="indent"> + FD_SET (i, &accept_fds);<br /> + </span> + }<br /> + rc = select (last_socket+1, &accept_fds, NULL, NULL, NULL);<br /> + if (rc < 1) continue;<br /> + new_connection = -1;<br /> + for (i = first_socket; i <= last_socket; ++i) {<br /> + <span class="indent"> + if (FD_ISSET (i, &accept_fds)) {<br /> + <span class="indent"> + new_connection = accept (i, NULL, NULL);<br /> + if (new_connection != -1) break;<br /> + </span> + }<br /> + </span> + }<br /> + if (new_connection != -1) break;<br /> + </span> + }<br /> + process the new_connection;<br /> + </span> + } + </code></p></div> + + <p>±×·¯³ª À§ÀÇ ´Ü¼øÇÑ ±¸Çö¿¡´Â ½É°¢ÇÑ °í°¥(starvation) + ¹®Á¦°¡ ÀÖ´Ù. ¿©·¯ ÀÚ½ÄÀÌ µ¿½Ã¿¡ ÀÌ ¹Ýº¹¹®À» ½ÇÇàÇϸé, + ¿äûÀ» ±â´Ù¸®¸ç ¸ðµÎ <code>select</code>¿¡¼ ¸ØÃá´Ù. À̶§ + ¾î¶² ¼ÒÄÏ¿¡ ¿äûÀÌ Çϳª¶óµµ µé¾î¿À¸é ¸ðµç ÀÚ½ÄÀÌ ±ú¾î³´Ù + (±ú¾î³ª´Â ÀÚ½ÄÀÇ °³¼ö´Â ¿î¿µÃ¼Á¦¿Í ŸÀֿ̹¡ µû¶ó ´Ù¸£´Ù). + À̵éÀº ¸ðµÎ ¿¬°áÀ» <code>accept</code>ÇÏ±æ ½ÃµµÇÑ´Ù. ±×·¯³ª + (¾ÆÁ÷µµ ÇÑ ¿¬°á¸¸ ´ë±âÁßÀ̶ó¸é) ÇÑ Àڽĸ¸ ¼º°øÇÏ°í, ³ª¸ÓÁö´Â + <code>accept</code>¿¡¼ <em>¸ØÃá´Ù.</em> ±×·¯¸é ÀÌ ÀڽĵéÀº + ÇÑ ¼ÒÄÏÀÇ ¿äû¸¸À» ¼ºñ½ºÇϵµ·Ï ¹¿©¼, ±× ¼ÒÄÏÀ¸·Î »õ·Î¿î + ¿äûÀÌ ÃæºÐÈ÷ µé¾î¿Í¼ ¸ðµç ÀÚ½ÄÀ» ±ú¿ï¶§±îÁö Á¤ÁöÇØÀÖ´Ù. + ÀÌ·± °í°¥ ¹®Á¦´Â <a href="http://bugs.apache.org/index/full/467">PR#467</a>¿¡ + óÀ½ º¸°íµÇ¾ú´Ù. ÃÖ¼ÒÇÑ µÎ°¡Áö ÇØ°áÃ¥ÀÌ ÀÖ´Ù.</p> + + <p>ÇÑ°¡Áö´Â ¼ÒÄÏÀ» ´ë±âÇÏÁö ¾Êµµ·Ï (non-blocking) ¸¸µå´Â + ¹æ¹ýÀÌ´Ù. ÀÌ °æ¿ì ÀÚ½ÄÀÌ <code>accept</code>¸¦ Çصµ ¸ØÃßÁö + ¾Ê°í, Áï½Ã ÁøÇàÇÒ ¼ö ÀÖ´Ù. ±×·¯³ª CPU ½Ã°£À» ³¶ºñÇÑ´Ù. + <code>select</code>¿¡¼ ½¬´Â ÀÚ½ÄÀÌ 10°³ ÀÖ°í, »õ·Î ¿¬°áÀÌ + ÇÑ°³ µé¾î¿Ô´Ù°í °¡Á¤ÇÏÀÚ. ±×·¯¸é ÀÌ ÀÚ½ÄÁß 9°³´Â ±ú¾î³ª¼ + ¿¬°áÀ» <code>accept</code>ÇÏ±æ ½ÃµµÇÏ°í ½ÇÆÐÇÏ¸é ¾Æ¹« + Àϵµ ÇÏÁö ¾Ê°í ´Ù½Ã <code>select</code>¸¦ ¹Ýº¹ÇÑ´Ù. ´Ù½Ã + <code>select</code>·Î µ¹¾Æ¿Ã ¶§±îÁö ¾î¶² Àڽĵµ ´Ù¸¥ ¼ÒÄÏ¿¡ + µé¾î¿Â ¿äûÀ» ¼ºñ½ºÇÏÁö ¾Ê´Â´Ù. (´ÙÁßÇÁ·Î¼¼¼ ÄÄÇ»ÅÍ¿¡¼) + ½¬´Â ÀÚ½Ä °³¼ö¸¸Å CPU °³¼ö°¡ ÀÖ´Â µå¹® °æ¿ì°¡ ¾Æ´Ï¶ó¸é + ÀÌ ÇØ°áÃ¥Àº º°·Î ÁÁ¾Æº¸ÀÌÁö ¾Ê´Â´Ù.</p> + + <p>´Ù¸¥ ¹æ¹ýÀº ¾ÆÆÄÄ¡°¡ »ç¿ëÇÏ´Â ¹æ¹ýÀ¸·Î ³»ºÎ ¹Ýº¹¹®¿¡ + ÇÑ Àڽĸ¸À» µé¿©º¸³½´Ù. ¹Ýº¹¹®Àº ´ÙÀ½°ú °°´Ù (Â÷À̸¦ + °Á¶ÇßÀ½):</p> + + <div class="example"><p><code> + for (;;) {<br /> + <span class="indent"> + <strong>accept_mutex_on ();</strong><br /> + for (;;) {<br /> + <span class="indent"> + fd_set accept_fds;<br /> + <br /> + FD_ZERO (&accept_fds);<br /> + for (i = first_socket; i <= last_socket; ++i) {<br /> + <span class="indent"> + FD_SET (i, &accept_fds);<br /> + </span> + }<br /> + rc = select (last_socket+1, &accept_fds, NULL, NULL, NULL);<br /> + if (rc < 1) continue;<br /> + new_connection = -1;<br /> + for (i = first_socket; i <= last_socket; ++i) {<br /> + <span class="indent"> + if (FD_ISSET (i, &accept_fds)) {<br /> + <span class="indent"> + new_connection = accept (i, NULL, NULL);<br /> + if (new_connection != -1) break;<br /> + </span> + }<br /> + </span> + }<br /> + if (new_connection != -1) break;<br /> + </span> + }<br /> + <strong>accept_mutex_off ();</strong><br /> + process the new_connection;<br /> + </span> + } + </code></p></div> + + <p><code>accept_mutex_on</code>°ú <code>accept_mutex_off</code> + <a id="serialize" name="serialize">ÇÔ¼ö</a>´Â mutex ¼¼¸¶Æ÷¾î¸¦ + ±¸ÇöÇÑ´Ù. Çѹø¿¡ ¿ÀÁ÷ ÇÑ Àڽĸ¸ÀÌ mutex¸¦ °¡Áú ¼ö ÀÖ´Ù. + mutex¸¦ ±¸ÇöÇÏ´Â ¹æ¹ýÀº ¿©·¯°¡ÁöÀÌ´Ù. ±¸Çö ¹æ¹ýÀº (1.3 + ÀÌÀü) <code>src/conf.h</code>³ª (1.3°ú ±× ÀÌÈÄ) + <code>src/include/ap_config.h</code>¿¡ Á¤ÀǵÇÀÖ´Ù. ¾î¶² + ¾ÆÅ°ÅØÃÄ´Â Àá±Ý(locking) ¹æ¹ýÀ» ¼±ÅÃÇÏÁö ¾Ê±â¶§¹®¿¡, ÀÌ·± + ¾ÆÅ°ÅØÃÄ¿¡¼ ¿©·¯ <code class="directive"><a href="../mod/mpm_common.html#listen">Listen</a></code> Áö½Ã¾î¸¦ »ç¿ëÇϸé + À§ÇèÇÏ´Ù.</p> + + <p>½ÇÇà½Ã <code class="directive"><a href="../mod/mpm_common.html#acceptmutex">AcceptMutex</a></code> Áö½Ã¾î¸¦ »ç¿ëÇÏ¿© + mutex ±¸ÇöÀ» º¯°æÇÒ ¼ö ÀÖ´Ù.</p> + + <dl> + <dt><code>AcceptMutex flock</code></dt> + + <dd> + <p>ÀÌ ¹æ¹ýÀº Àá±ÝÆÄÀÏÀ» Àá±×±âÀ§ÇØ <code>flock(2)</code> + ½Ã½ºÅÛÈ£ÃâÀ» »ç¿ëÇÑ´Ù (Àá±ÝÆÄÀÏ À§Ä¡´Â <code class="directive"><a href="../mod/mpm_common.html#lockfile">LockFile</a></code> Áö½Ã¾î·Î ÁöÁ¤).</p> + </dd> + + <dt><code>AcceptMutex fcntl</code></dt> + + <dd> + <p>ÀÌ ¹æ¹ýÀº Àá±ÝÆÄÀÏÀ» Àá±×±âÀ§ÇØ <code>fcntl(2)</code> + ½Ã½ºÅÛÈ£ÃâÀ» »ç¿ëÇÑ´Ù (Àá±ÝÆÄÀÏ À§Ä¡´Â <code class="directive"><a href="../mod/mpm_common.html#lockfile">LockFile</a></code> Áö½Ã¾î·Î ÁöÁ¤).</p> + </dd> + + <dt><code>AcceptMutex sysvsem</code></dt> + + <dd> + <p>(1.3°ú ±× ÀÌÈÄ) ÀÌ ¹æ¹ýÀ» SysV½Ä ¼¼¸¶Æ÷¾î¸¦ »ç¿ëÇÏ¿© + mutex¸¦ ±¸ÇöÇÑ´Ù. ºÒÇàÈ÷µµ SysV½Ä ¼¼¸¶Æ÷¾î´Â ³ª»Û + ºÎÀÛ¿ëÀÌ ÀÖ´Ù. Çϳª´Â ¾ÆÆÄÄ¡°¡ ¼¼¸¶Æ÷¾î¸¦ Á¤¸®ÇÏÁö + ¾Ê°í Á×À» ¼ö ÀÖ´Â Á¡ÀÌ´Ù (<code>ipcs(8)</code> manpage + Âü°í). ´Ù¸¥ Çϳª´Â À¥¼¹ö¿Í µ¿ÀÏÇÑ uid·Î ½ÇÇàÇÏ´Â + CGI°¡ (<em>Áï,</em> <code>suexec</code>³ª + <code>cgiwrapper</code>¸¦ »ç¿ëÇÏÁö¾Ê´Â ÇÑ ¸ðµç CGI) + ¼¼¸¶Æ÷¾î API¸¦ »ç¿ëÇÏ¿© ¼ºñ½º°ÅºÎ°ø°ÝÀ» ÇÒ ¼ö ÀÖ´Â + Á¡ÀÌ´Ù. ÀÌ·± ÀÌÀ¯¶§¹®¿¡ IRIX¸¦ Á¦¿ÜÇÑ ¾ÆÅ°ÅØÃÄ¿¡¼ + ÀÌ ¹æ¹ýÀ» »ç¿ëÇÏÁö ¾Ê´Â´Ù (´ëºÎºÐÀÇ IRIX ÄÄÇ»ÅÍ¿¡¼ + ¾ÕÀÇ µÎ ¹æ¹ýÀº Áö³ªÄ¡°Ô ¹ö°Ì´Ù).</p> + </dd> + + <dt><code>AcceptMutex pthread</code></dt> + + <dd> + <p>(1.3°ú ±× ÀÌÈÄ) ÀÌ ¹æ¹ýÀº POSIX mutex¸¦ »ç¿ëÇϱ⶧¹®¿¡ + POSIX ¾²·¹µå ±Ô¾àÀ» ¿ÏÀüÈ÷ ±¸ÇöÇÑ ¾ÆÅ°ÅØÃĶó¸é ¸ðµÎ + »ç¿ë°¡´ÉÇÏÁö¸¸, (2.5 ÀÌÈÄ) Solaris¿¡¼¸¸ ±×°Íµµ ƯÁ¤ + ±¸¼º¿¡¼¸¸ µ¿ÀÛÇÏ´Â µíÇÏ´Ù. ÀÌ ¹æ¹ýÀ» ½ÃµµÇغ»´Ù¸é + ¼¹ö°¡ ¸ØÃç¼ ÀÀ´äÀ» ¾ÈÇÏ´ÂÁö »ìÆìºÁ¾ß ÇÑ´Ù. Á¤Àû + ³»¿ë¸¸ ¼ºñ½ºÇÏ´Â ¼¹ö´Â Àß µ¿ÀÛÇÏ´Â °Í °°´Ù.</p> + </dd> + + <dt><code>AcceptMutex posixsem</code></dt> + + <dd> + <p>(2.0°ú ±× ÀÌÈÄ) ÀÌ ¹æ¹ýÀº POSIX ¼¼¸¶Æ÷¾î¸¦ »ç¿ëÇÑ´Ù. + mutex¸¦ °¡Áø ÇÁ·Î¼¼½ºÀÇ ¾²·¹µå°¡ Á״´ٸé(segfault) + ¼¼¸¶Æ÷¾î ¼ÒÀ¯±ÇÀÌ È¸º¹µÇÁö ¾Ê¾Æ¼ À¥¼¹ö°¡ ¸ØÃá´Ù.</p> + </dd> + + </dl> + + <p>½Ã½ºÅÛ¿¡ À§ ¸ñ·Ï¿¡ ¾ø´Â Á÷·ÄÈ(serialization) ¹æ¹ýÀÌ + ÀÖ´Ù¸é ±× ¹æ¹ýÀ» »ç¿ëÇÏ´Â Äڵ带 APR¿¡ Ãß°¡ÇÒ °¡Ä¡°¡ ÀÖ´Ù.</p> + + <p>°í·Á´Â ÇغÃÁö¸¸ ±¸ÇöÇÏÁö¾ÊÀº ´Ù¸¥ ¹æ¹ýÀº ºÎºÐÀûÀ¸·Î + ¹Ýº¹¹®À» Á÷·ÄÈÇÏ´Â ¹æ¹ýÀÌ´Ù. Áï, ÇÁ·Î¼¼¼¸¦ ¸î°³¸¸ µé¿©º¸³»´Â + °ÍÀÌ´Ù. ÀÌ ¹æ¹ýÀº ¿©·¯ ÀÚ½ÄÀ» µ¿½Ã¿¡ ½ÇÇàÇÒ ¼ö ÀÖ¾î¼ + Á÷·Äȶ§¹®¿¡ Àüü ´ë¿ªÆøÀ» È°¿ëÇÏÁö ¸øÇÏ´Â ´ÙÁßÇÁ·Î¼¼¼ + ÄÄÇ»ÅÍ¿¡¼¸¸ °ü½ÉÀ» °¡Á®º¼ ¼ö ÀÖ´Ù. ¾ÕÀ¸·Î »ìÆ캼 ºÎºÐÀÌÁö¸¸, + ¸Å¿ì º´·ÄÈµÈ À¥¼¹ö°¡ ÈçÇÏÁö ¾Ê¾Æ¼ ¿ì¼±¼øÀ§°¡ ³·´Ù.</p> + + <p>ÃÖ»óÀÇ ¼º´ÉÀ» ¾ò±âÀ§Çؼ´Â ¿©·¯ <code class="directive"><a href="../mod/mpm_common.html#listen">Listen</a></code> ¹®À» »ç¿ëÇÏÁö ¾Ê´Â + °ÍÀÌ ÀÌ»óÀûÀÌ´Ù. ±×·¯³ª °è¼Ó ¼³¸íÇÑ´Ù.</p> + + + + <h3>accept Á÷·ÄÈ - ¼ÒÄÏ ÇÑ°³</h3> + + + + <p>¾ÕÀÇ ¼³¸íÀº ´ÙÁß¼ÒÄÏ ¼¹ö¿¡´Â ÁÁÁö¸¸, ¼ÒÄÏÀÌ ÇÑ°³ÀÎ + ¼¹ö´Â ¾î¶²°¡? ¿¬°áÀÌ µµÂøÇÒ¶§±îÁö ¸ðµç ÀÚ½ÄÀÌ + <code>accept(2)</code>¿¡¼ ¸ØÃçÀֱ⶧¹®¿¡ ÀÌ·Ð»ó °°Àº + ¹®Á¦°¡ ¹ß»ýÇÏÁö ¾Ê°í, °í°¥ ¹®Á¦µµ ¾ø´Ù. ±×·¯³ª ½ÇÁ¦·Î´Â + ¾Õ¿¡¼ ¸»ÇÑ ´ë±âÇÏÁö ¾Ê´Â (non-blocking) ¹æ¹ý¿¡¼ ¹ß»ýÇÏ´Â + "°øȸÀü(spinning)" Çö»óÀ» °¨Ãß°í ÀÖ´Ù. ´ëºÎºÐÀÇ TCP ½ºÅÃÀº + ¿¬°áÀÌ µµÂøÇϸé Ä¿³ÎÀÌ <code>accept</code>¿¡¼ ¸ØÃçÀÖ´Â + ¸ðµç ÀÚ½ÄÀ» ±ú¿ìµµ·Ï ±¸ÇöµÇÀÖ´Ù. ÇÁ·Î¼¼½ºÁß ÇÑ°³°¡ ¿¬°áÀ» + ¾ò°í »ç¿ëÀÚ¿µ¿ªÀ¸·Î µ¹¾Æ°¡°í, ³ª¸ÓÁö´Â Ä¿³Î¿¡¼ °øȸÀüÇÏ¿© + ¿¬°áÀÌ ¾øÀ½À» ¹ß°ßÇÏ¸é ´Ù½Ã ÀáÀ» ÀÜ´Ù. »ç¿ëÀÚ¿µ¿ª Äڵ忡¼´Â + ÀÌ·± °øȸÀüÀ» ¾Ë ¼ö ¾øÁö¸¸, ºÐ¸íÈ÷ Á¸ÀçÇÑ´Ù. ±×·¡¼ ´ÙÁß¼ÒÄÏÀÇ + ´ë±âÇÏÁö ¾Ê´Â ¹æ¹ý°ú µ¿ÀÏÇÏ°Ô ºÎÇϸ¦ ³ôÀÌ´Â ºÒÇÊ¿äÇÑ ÇൿÀÌ + ÀϾÙ.</p> + + <p>±×·¡¼ ¿ì¸®´Â ¿©·¯ ¾ÆÅ°ÅØÃÄ¿¡¼ ¼ÒÄÏÀÌ ÇÑ°³ÀÎ °æ¿ì¿¡µµ + Á÷·ÄÈÇÏ¸é ´õ "Àß" µ¿ÀÛÇÔÀ» ¹ß°ßÇß´Ù. ±×·¡¼ °ÅÀÇ ´ëºÎºÐÀÇ + °æ¿ì ±âº»ÀûÀ¸·Î Á÷·Äȸ¦ »ç¿ëÇÑ´Ù. ¸®´ª½º¿¡¼ (Ä¿³Î 2.0.30, + 128Mb ¸Þ¸ð¸®¿¡ µà¾ó Pentium pro) ½ÇÇèÇÑ °á°ú ¼ÒÄÏ ÇÑ°³¸¦ + Á÷·ÄÈÇϸé ÇÏÁö ¾ÊÀº °æ¿ì¿¡ ºñÇØ ÃÊ´ç ¿äûÀÌ 3% ¹Ì¸¸ + ÁÙ¾îµé¾ú´Ù. ±×·¯³ª Á÷·Äȸ¦ ÇÏÁö ¾ÊÀº °æ¿ì ¿äû´ç 100ms + Áö¿¬ÀÌ ¹ß»ýÇß´Ù. ÀÌ Áö¿¬Àº ¾Æ¸¶µµ LAN¿¡¼ ¹ß»ýÇÏ´Â ±ä + ¿¬°á¼±¶§¹®ÀÏ °ÍÀÌ´Ù. ¼ÒÄÏÀÌ ÇÑ°³ÀÎ °æ¿ì Á÷·Äȸ¦ »ç¿ëÇÏÁö + ¾ÊÀ¸·Á¸é <code>SINGLE_LISTEN_UNSERIALIZED_ACCEPT</code>¸¦ + Á¤ÀÇÇÑ´Ù.</p> + + + + <h3>Close Áö¿¬(lingering)</h3> + + + + <p><a href="http://www.ics.uci.edu/pub/ietf/http/draft-ietf-http-connection-00.txt"> + draft-ietf-http-connection-00.txt</a> 8Àý¿¡¼ ¼³¸íÇϵíÀÌ + <strong>¾ÈÁ¤ÀûÀÎ</strong> À¥¼¹ö°¡ µÇ·Á¸é, Åë½ÅÀÇ ¾ç ¹æÇâÀ» + µ¶¸³ÀûÀ¸·Î ´ÝÀ» ¼ö ÀÖ¾î¾ß ÇÑ´Ù (TCP ¿¬°áÀº ½Ö¹æÇâÀÌ°í, + ¹æÇâÀº ¼·Î µ¶¸³ÀûÀÌ´Ù). ÀÌÁ¡À» ´Ù¸¥ ¼¹ö¿¡¼´Â ÀÚÁÖ + °£°úÇÏÁö¸¸, ¾ÆÆÄÄ¡´Â 1.2ºÎÅÍ Á¤È®È÷ ±¸ÇöÇØ¿Ô´Ù.</p> + + <p>ÀÌ ±â´ÉÀ» ºÎÁÖÀÇÇÏ°Ô ¾ÆÆÄÄ¡¿¡ Ãß°¡ÇßÀ»¶§ ¿©·¯ À¯´Ð½º + ¹öÀü¿¡¼ ¸¹Àº ¹®Á¦°¡ ¹ß»ýÇß´Ù. TCP ±Ô¾àÀº + <code>FIN_WAIT_2</code>¿¡ ŸÀӾƿôÀÌ ÀÖ´Ù°í Á¤ÇÏÁö ¾Ê¾ÒÁö¸¸, + ±ÝÁöÇÏÁöµµ ¾Ê¾Ò´Ù. ŸÀӾƿôÀÌ ¾ø´Â ½Ã½ºÅÛ¿¡¼ ¾ÆÆÄÄ¡ 1.2´Â + ¸¹Àº ¼ÒÄÏÀ» ¿µ¿øÈ÷ <code>FIN_WAIT_2</code> »óÅ·Π¸¸µé¾ú´Ù. + ¸¹Àº °æ¿ì ÀÌ ¹®Á¦´Â Á¦Àۻ簡 Á¦°øÇÏ´Â ÃֽŠTCP/IP ÆÐÄ¡¸¦ + Àû¿ëÇÏ¿© ÇØ°áÇÒ ¼ö ÀÖ´Ù. ±×·¯³ª Á¦Àۻ簡 ÆÐÄ¡¸¦ ¹ßÇ¥ÇÏÁö + ¾Ê´Â °æ¿ì°¡ (<em>Áï,</em> SunOS4 -- ¼Ò½º ¶óÀ̼±½º°¡ ÀÖ´Â + »ç¶÷Àº Á÷Á¢ ÆÐÄ¡ÇÒ ¼ö ÀÖÁö¸¸) Àֱ⶧¹®¿¡ ÀÌ ±â´ÉÀ» »ç¿ëÇÏÁö + ¾Ê±â·Î °áÁ¤Çß´Ù.</p> + + <p>¹æ¹ýÀº µÎ°¡Áö´Ù. Çϳª´Â ¼ÒÄÏ ¿É¼Ç <code>SO_LINGER</code>¸¦ + »ç¿ëÇÏ´Â ¹æ¹ýÀÌ´Ù. ±×·¯³ª ºÒÇàÈ÷µµ ´ëºÎºÐÀÇ TCP/IP ½ºÅÃÀº + ÀÌ ¿É¼ÇÀ» ¿Ã¹Ù·Î ±¸ÇöÇÏÁö ¾Ê¾Ò´Ù. ¿Ã¹Ù·Î ±¸ÇöÇÑ ½ºÅÿ¡¼ + Á¶Â÷µµ (<em>Áï,</em> ¸®´ª½º 2.0.31) ÀÌ ¹æ¹ýÀº ´ÙÀ½ ¹æ¹ýº¸´Ù + ´õ cpu¸¦ Àâ¾Æ¸Ô´Â´Ù.</p> + + <p>¾ÆÆÄÄ¡´Â º¸Åë (<code>http_main.c</code>¿¡ ÀÖ´Â) + <code>lingering_close</code>¶ó´Â ÇÔ¼ö¸¦ »ç¿ëÇÑ´Ù. ÀÌ ÇÔ¼ö´Â + ´ëÃæ ´ÙÀ½°ú °°´Ù:</p> + + <div class="example"><p><code> + void lingering_close (int s)<br /> + {<br /> + <span class="indent"> + char junk_buffer[2048];<br /> + <br /> + /* shutdown the sending side */<br /> + shutdown (s, 1);<br /> + <br /> + signal (SIGALRM, lingering_death);<br /> + alarm (30);<br /> + <br /> + for (;;) {<br /> + <span class="indent"> + select (s for reading, 2 second timeout);<br /> + if (error) break;<br /> + if (s is ready for reading) {<br /> + <span class="indent"> + if (read (s, junk_buffer, sizeof (junk_buffer)) <= 0) {<br /> + <span class="indent"> + break;<br /> + </span> + }<br /> + /* just toss away whatever is here */<br /> + </span> + }<br /> + </span> + }<br /> + <br /> + close (s);<br /> + </span> + } + </code></p></div> + + <p>ÀÌ ÄÚµå´Â ¿¬°áÀ» ´ÝÀ»¶§ ´õ CPU¸¦ »ç¿ëÇÏÁö¸¸, ¾ÈÁ¤ÀûÀÎ + ±¸ÇöÀ» À§ÇØ ÇÊ¿äÇÏ´Ù. HTTP/1.1ÀÌ ´õ ³Î¸® ÆÛÁö°í ¸ðµç ¿¬°áÀ» + À¯ÁöÇÑ´Ù¸é(persistent), ¿¬°áÀ» ¹Þ´Â ºñ¿ëÀº ¿©·¯ ¿äûÀ» + ó¸®ÇÏ¸é¼ »ó¼âµÉ °ÍÀÌ´Ù. À§ÇèÇÏ°Ôµµ + <code>NO_LINGCLOSE</code>¸¦ Á¤ÀÇÇÏ¿© ÀÌ ±â´ÉÀ» »ç¿ëÇÏÁö + ¾ÊÀ» ¼ö ÀÖÁö¸¸, Àý´ë·Î ±ÇÇÏÁö ¾Ê´Â´Ù. ƯÈ÷ HTTP/1.1 + ÆÄÀÌÇÁ¶óÀÎ <span class="transnote">(<em>¿ªÁÖ;</em> ¿¬°áÀ¯Áö »óÅ¿¡¼ ÀÀ´äÀ» ±â´Ù¸®Áö + ¾Ê°í ¿©·¯ ¿äûÀ» º¸³»´Â ±â¼ú)</span> ¿¬°áÀ¯Áö¿¡´Â + <code>lingering_close</code>°¡ ÇʼöÀûÀÌ´Ù (±×¸®°í <a href="http://www.w3.org/Protocols/HTTP/Performance/Pipeline.html"> + ÆÄÀÌÇÁ¶óÀÎ ¿¬°áÀÌ ´õ ºü¸£±â¶§¹®¿¡</a> »ç¿ëÇÏ±æ ¹Ù¶ö °ÍÀÌ´Ù).</p> + + + + <h3>Scoreboard ÆÄÀÏ</h3> + + + + <p>¾ÆÆÄÄ¡ÀÇ ºÎ¸ð¿Í ÀÚ½ÄÀº scoreboard¶ó´Â °ÍÀ» ÅëÇØ ¼·Î + Åë½ÅÇÑ´Ù. ÀÌ»óÀûÀ¸·Î´Â scoreboard¸¦ °øÀ¯¸Þ¸ð¸®·Î ±¸ÇöÇØ¾ß + ÇÑ´Ù. ¿ì¸® °³¹ßÀÚ°¡ ÇØ´ç ¿î¿µÃ¼Á¦¿¡ Á¢±ÙÇÒ ¼ö Àְųª »ó¼¼ÇÑ + Æ÷Æà °á°ú¸¦ ¹ÞÀº °æ¿ì º¸Åë °øÀ¯¸Þ¸ð¸®¸¦ »ç¿ëÇÏ¿© ±¸ÇöÇÑ´Ù. + ³ª¸ÓÁö´Â µð½ºÅ©¿¡ ÀÖ´Â ÆÄÀÏÀ» »ç¿ëÇÏ¿© ±¸ÇöÇÑ´Ù. µð½ºÅ©¿¡ + ÀÖ´Â ÆÄÀÏÀº ´À¸®°í ½Å·Úµµ°¡ ¶³¾îÁø´Ù (±â´Éµµ ´õ Àû´Ù). + <code>src/main/conf.h</code> ÆÄÀÏ¿¡¼ »ç¿ëÇÏ´Â ¾ÆÅ°ÅØÃĸ¦ + ã¾Æ¼ <code>USE_MMAP_SCOREBOARD</code> ȤÀº + <code>USE_SHMGET_SCOREBOARD</code>ÀÎÁö È®ÀÎÇÑ´Ù. µÑÁß + Çϳª¸¦ (°¢°¢ ÇÔ²² »ç¿ëÇÒ <code>HAVE_MMAP</code>À̳ª + <code>HAVE_SHMGET</code>µµ °°ÀÌ) Á¤ÀÇÇÏ¸é °øÀ¯¸Þ¸ð¸® Äڵ带 + »ç¿ëÇÑ´Ù. ½Ã½ºÅÛÀÌ ´Ù¸¥ Á¾·ùÀÇ °øÀ¯¸Þ¸ð¸®¸¦ »ç¿ëÇÑ´Ù¸é + <code>src/main/http_main.c</code> ÆÄÀÏÀ» ¼öÁ¤ÇÏ¿© ¾ÆÆÄÄ¡¿¡¼ + °øÀ¯¸Þ¸ð¸®¸¦ »ç¿ëÇÒ ¼ö ÀÖµµ·Ï ÈÅ(hook)À» Ãß°¡Ç϶ó. (¶ÇÇÑ + ÆÐÄ¡¸¦ ¿ì¸®¿¡°Ô º¸³»ÁÖ±æ ¹Ù¶õ´Ù.)</p> + + <div class="note">¿ª»çÀû ¼³¸í: ¾ÆÆÄÄ¡ÀÇ ¸®´ª½º ¹öÀüÀº ¾ÆÆÄÄ¡ 1.2 ¹öÀüºÎÅÍ + °øÀ¯¸Þ¸ð¸®¸¦ »ç¿ëÇϱ⠽ÃÀÛÇß´Ù. ¸®´ª½º¿¡¼ Ãʱ⠾ÆÆÄÄ¡ + ¹öÀüÀÌ ´À¸®°í ½Å·Úµµ°¡ ¶³¾îÁ³±â ¶§¹®ÀÌ´Ù.</div> + + + + <h3>DYNAMIC_MODULE_LIMIT</h3> + + + + <p>¸ðµâÀ» µ¿ÀûÀ¸·Î ÀоîµéÀÌÁö ¾Ê´Â´Ù¸é (°¡´ÉÇÑ Á¶±ÝÀÌ¶óµµ + ¼º´ÉÀ» ³ôÀ̱âÀ§ÇØ ÀÌ ±ÛÀ» ÀÐ´Â´Ù¸é ¾Æ¸¶µµ ¸ðµâÀ» µ¿ÀûÀ¸·Î + ÀоîµéÀÌÁö ¾ÊÀ» °ÍÀÌ´Ù), ¼¹ö¸¦ ÄÄÆÄÀÏÇÒ¶§ + <code>-DDYNAMIC_MODULE_LIMIT=0</code>À» Ãß°¡ÇÑ´Ù. ±×·¯¸é + ¸ðµâÀ» µ¿ÀûÀ¸·Î ÀоîµéÀ̱âÀ§ÇØ ÇÒ´çÇÏ´Â ¸Þ¸ð¸®¸¦ Àý¾àÇÑ´Ù.</p> + + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="trace" id="trace">ºÎ·Ï: ½Ã½ºÅÛÈ£Ãâ ±â·ÏÀ» ÀÚ¼¼È÷ ºÐ¼®Çϱâ</a></h2> + + + + <p>´ÙÀ½Àº Solaris 8¿¡¼ worker MPMÀ» »ç¿ëÇÑ ¾ÆÆÄÄ¡ 2.0.38ÀÇ + ½Ã½ºÅÛÈ£Ãâ ±â·Ï(trace)ÀÌ´Ù. ¾Æ·¡ ¸í·É¾î¸¦ »ç¿ëÇÏ¿© ±â·ÏÀ» + ¾ò¾ú´Ù:</p> + + <div class="example"><p><code> + truss -l -p <var>httpd_child_pid</var>. + </code></p></div> + + <p><code>-l</code> ¿É¼ÇÀ» »ç¿ëÇϸé truss´Â ½Ã½ºÅÛÈ£ÃâÀ» + ÇÏ´Â LWP (lightweight process, °æ·®±Þ ÇÁ·Î¼¼½º--SolarisÀÇ + Ä¿³Î¼öÁØ ¾²·¹µå) ID¸¦ °°ÀÌ ±â·ÏÇÑ´Ù.</p> + + <p>´Ù¸¥ ½Ã½ºÅÛ¿¡´Â <code>strace</code>, <code>ktrace</code>, + <code>par</code> °°Àº ½Ã½ºÅÛÈ£Ãâ ÃßÀû µµ±¸°¡ ÀÖ´Ù. °á°ú´Â + ºñ½ÁÇÏ´Ù.</p> + + <p>Ŭ¶óÀ̾ðÆ®´Â À¥¼¹ö¿¡°Ô Å©±â°¡ 10KBÀÎ Á¤Àû ÆÄÀÏÀ» ¿äûÇÑ´Ù. + Á¤ÀûÀÎ ÆÄÀÏÀ» ¿äûÇÏÁö ¾Ê°Å³ª ³»¿ëÇù»óÇÏ´Â ¿äûÀ» ÇÑ °æ¿ì + ±â·ÏÀÌ ¸Å¿ì ´Ù¸£´Ù (¶§·Î´Â ¸Å¿ì ¾Ë¾Æº¸±â Èûµé´Ù).</p> + + <div class="example"><pre>/67: accept(3, 0x00200BEC, 0x00200C0C, 1) (sleeping...) +/67: accept(3, 0x00200BEC, 0x00200C0C, 1) = 9</pre></div> + + <p>À§¿¡¼ ¿¬°á´ë±â(listener) ¾²·¹µå°¡ LWP #67¿¡¼ ½ÇÇàµÊÀ» + ¾Ë ¼ö ÀÖ´Ù.</p> + + <div class="note"><code>accept(2)</code> Á÷·Äȸ¦ »ç¿ëÇÏÁö ¾ÊÀ½À» ÁÖ¸ñÇ϶ó. + ¿©·¯ Æ÷Æ®¸¦ ±â´Ù¸®Áö¾Ê´Â °æ¿ì ÀÌ Ç÷¡ÆûÀÇ worker MPMÀº + ±âº»ÀûÀ¸·Î Á÷·ÄÈÇÏÁö ¾ÊÀº accept¸¦ »ç¿ëÇÑ´Ù.</div> + + <div class="example"><pre>/65: lwp_park(0x00000000, 0) = 0 +/67: lwp_unpark(65, 1) = 0</pre></div> + + <p>¿¬°áÀº ¹Þ¾ÆµéÀÌ°í(accept) ¿¬°á´ë±â ¾²·¹µå´Â + worker ¾²·¹µå¸¦ ±ú¿ö¼ ¿äûÀ» ó¸®ÇÏ°Ô ÇÑ´Ù. ¾Æ·¡ ±â·Ï¿¡¼ + ¿äûÀ» ó¸®ÇÏ´Â worker ¾²·¹µå°¡ LWP #65ÀÓÀ» ¾Ë ¼ö ÀÖ´Ù.</p> + + <div class="example"><pre>/65: getsockname(9, 0x00200BA4, 0x00200BC4, 1) = 0</pre></div> + + <p>°¡»óÈ£½ºÆ®¸¦ ±¸ÇöÇϱâÀ§ÇØ ¾ÆÆÄÄ¡´Â ¿¬°áÀ» ¹Þ¾ÆµéÀÎ + Áö¿ª(local) ¼ÒÄÏ ÁÖ¼Ò¸¦ ¾Ë¾Æ¾ß ÇÑ´Ù. (°¡»óÈ£½ºÆ®¸¦ »ç¿ëÇÏÁö + ¾Ê°Å³ª <code class="directive"><a href="../mod/mpm_common.html#listen">Listen</a></code> + Áö½Ã¾î¿¡ ¿ÍÀϵåÄ«µå ÁÖ¼Ò¸¦ »ç¿ëÇÏÁö ¾ÊÀº °æ¿ì µî) ¸¹Àº °æ¿ì + ÀÌ È£ÃâÀ» ¾ø¾Ù ¼ö ÀÖ´Ù. ±×·¯³ª ¾ÆÁ÷ ÀÌ·± ÃÖÀûÈ ÀÛ¾÷ÀÌ + ¾ÈµÇÀÖ´Ù. </p> + + <div class="example"><pre>/65: brk(0x002170E8) = 0 +/65: brk(0x002190E8) = 0</pre></div> + + <p><code>brk(2)</code> È£ÃâÀº Èü(heap)¿¡¼ ¸Þ¸ð¸®¸¦ ÇÒ´çÇÑ´Ù. + À¥¼¹ö´Â ´ëºÎºÐÀÇ ¿äû 󸮽à ÀÚü ¸Þ¸ð¸® + ÇÒ´çÀÚ(<code>apr_pool</code>°ú <code>apr_bucket_alloc</code>)¸¦ + »ç¿ëÇϱ⶧¹®¿¡ ½Ã½ºÅÛÈ£Ãâ ±â·Ï¿¡¼ ÀÌ ½Ã½ºÅÛÈ£ÃâÀ» º¸±â°¡ + µå¹°´Ù. ÀÌ ±â·Ï¿¡¼ À¥¼¹ö´Â ½ÃÀÛÇÏÀÚ¸¶ÀÚ ÀÚü ¸Þ¸ð¸® ÇÒ´çÀÚ°¡ + »ç¿ëÇÒ ¸Þ¸ð¸®ºí·ÏÀ» ¾ò±âÀ§ÇØ <code>malloc(3)</code>À» È£ÃâÇÑ´Ù.</p> + + <div class="example"><pre>/65: fcntl(9, F_GETFL, 0x00000000) = 2 +/65: fstat64(9, 0xFAF7B818) = 0 +/65: getsockopt(9, 65535, 8192, 0xFAF7B918, 0xFAF7B910, 2190656) = 0 +/65: fstat64(9, 0xFAF7B818) = 0 +/65: getsockopt(9, 65535, 8192, 0xFAF7B918, 0xFAF7B914, 2190656) = 0 +/65: setsockopt(9, 65535, 8192, 0xFAF7B918, 4, 2190656) = 0 +/65: fcntl(9, F_SETFL, 0x00000082) = 0</pre></div> + + <p>´ÙÀ½ worker ¾²·¹µå´Â Ŭ¶óÀ̾ðÆ®ÀÇ ¿¬°á(ÆÄÀϱâ¼úÀÚ 9)À» + ´ë±â¾ÈÇÔ(non-blocking) »óÅ·Π¹Ù²Û´Ù. <code>setsockopt(2)</code>¿Í + <code>getsockopt(2)</code> È£ÃâÀº SolarisÀÇ libc°¡ ¼ÒÄÏ¿¡ + ´ëÇÑ <code>fcntl(2)</code>À» ¾î¶»°Ô ó¸®ÇÏ´ÂÁö º¸¿©ÁØ´Ù.</p> + + <div class="example"><pre>/65: read(9, " G E T / 1 0 k . h t m".., 8000) = 97</pre></div> + + <p>worker ¾²·¹µå´Â Ŭ¶óÀ̾ðÆ®·Î ºÎÅÍ ¿äûÀ» Àд´Ù.</p> + + <div class="example"><pre>/65: stat("/var/httpd/apache/httpd-8999/htdocs/10k.html", 0xFAF7B978) = 0 +/65: open("/var/httpd/apache/httpd-8999/htdocs/10k.html", O_RDONLY) = 10</pre></div> + + <p>À¥¼¹ö ¼³Á¤Àº <code>Options FollowSymLinks</code>¿Í + <code>AllowOverride None</code>ÀÌ´Ù. ±×·¡¼ ¿äûÇÑ ÆÄÀÏ°æ·ÎÀÇ + °¢ µð·ºÅ丮¿¡ ´ëÇØ <code>lstat(2)</code>Çϰųª + <code>.htaccess</code> ÆÄÀÏÀ» °Ë»çÇÒ ÇÊ¿ä°¡ ¾ø´Ù. ÆÄÀÏÀ» + °Ë»çÇϱâÀ§ÇØ, 1) ÆÄÀÏÀÌ ÀÖ´ÂÁö, 2) µð·ºÅ丮°¡ ¾Æ´Ñ ÀϹÝÆÄÀÏÀÎÁö, + <code>stat(2)</code> È£Ã⸸ ÇÏ¸é µÈ´Ù.</p> + + <div class="example"><pre>/65: sendfilev(0, 9, 0x00200F90, 2, 0xFAF7B53C) = 10269</pre></div> + + <p>ÀÌ °æ¿ì À¥¼¹ö´Â ÇѹøÀÇ <code>sendfilev(2)</code> ½Ã½ºÅÛÈ£Ãâ·Î + HTTP ÀÀ´äÇì´õ¿Í ¿äûÇÑ ÆÄÀÏÀ» Àü¼ÛÇÒ ¼ö ÀÖ´Ù. Sendfile Áö¿ø¿©ºÎ´Â + ¿î¿µÃ¼Á¦¸¶´Ù ´Ù¸£´Ù. ´Ù¸¥ ½Ã½ºÅÛÀ̶ó¸é <code>sendfile(2)</code>À» + È£ÃâÇϱâ Àü¿¡ Çì´õ¸¦ º¸³»±âÀ§ÇØ <code>write(2)</code>³ª + <code>writev(2)</code> È£ÃâÀ» ÇÑ´Ù.</p> + + <div class="example"><pre>/65: write(4, " 1 2 7 . 0 . 0 . 1 - ".., 78) = 78</pre></div> + + <p><code>write(2)</code> È£ÃâÀº Á¢±Ù·Î±×(access log)¿¡ ¿äûÀ» + ±â·ÏÇÑ´Ù. ÀÌ ±â·Ï¿¡ <code>time(2)</code> È£ÃâÀÌ ¾øÀ½À» ÁÖ¸ñÇ϶ó. + ¾ÆÆÄÄ¡ 1.3°ú ´Þ¸® ¾ÆÆÄÄ¡ 2.0Àº ½Ã°£À» ¾Ë±âÀ§ÇØ + <code>gettimeofday(3)</code>¸¦ »ç¿ëÇÑ´Ù. + <code>gettimeofday</code>¸¦ ÃÖÀûÈÇÑ ¸®´ª½º¿Í Solaris °°Àº + ¸î¸î ¿î¿µÃ¼Á¦¿¡¼´Â ÀϹÝÀûÀÎ ½Ã½ºÅÛÈ£Ã⠺δãÀÌ ¾ø´Ù.</p> + + <div class="example"><pre>/65: shutdown(9, 1, 1) = 0 +/65: poll(0xFAF7B980, 1, 2000) = 1 +/65: read(9, 0xFAF7BC20, 512) = 0 +/65: close(9) = 0</pre></div> + + <p>worker ¾²·¹µå´Â ¿¬°áÀ» Áö¿¬´Ý±â(lingering close)ÇÑ´Ù.</p> + + <div class="example"><pre>/65: close(10) = 0 +/65: lwp_park(0x00000000, 0) (sleeping...)</pre></div> + + <p>¸¶Áö¸·À¸·Î worker ¾²·¹µå´Â ¹æ±Ý Àü¼ÛÇÑ ÆÄÀÏÀ» ´Ý°í, + ¿¬°á´ë±â(listener) ¾²·¹µå°¡ ´Ù¸¥ ¿¬°áÀ» ÇÒ´çÇÒ ¶§±îÁö + Á¤ÁöÇÑ´Ù.</p> + + <div class="example"><pre>/67: accept(3, 0x001FEB74, 0x001FEB94, 1) (sleeping...)</pre></div> + + <p>±×µ¿¾È ¿¬°á´ë±â ¾²·¹µå´Â ¿¬°áÀ» (¸ðµç worker°¡ ÀÛ¾÷ÁßÀ̸é + ¿¬°á´ë±â ¾²·¹µå¸¦ ¸ØÃß´Â worker MPMÀÇ È帧Á¦¾î ±â´É¿¡ µû¶ó) + worker ¾²·¹µå¿¡ ÇÒ´çÇÏÀÚ¸¶ÀÚ ´Ù¸¥ ¿¬°áÀ» ¹Þ¾ÆµéÀÏ ¼ö ÀÖ´Ù. + ÀÌ ±â·Ï¿¡´Â ³ª¿ÀÁö ¾ÊÁö¸¸, worker ¾²·¹µå°¡ ¹æ±Ý ¹ÞÀº ¿¬°áÀ» + ó¸®ÇÏ´Â µ¿¾È ´ÙÀ½ <code>accept(2)</code>°¡ (¿äûÀÌ ¸Å¿ì + ¸¹Àº °æ¿ì Ç×»ó) ÀϾ ¼ö ÀÖ´Ù.</p> + + </div></div> +<div class="bottomlang"> +<p><span>°¡´ÉÇÑ ¾ð¾î: </span><a href="../en/misc/perf-tuning.html" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../ko/misc/perf-tuning.html" title="Korean"> ko </a> | +<a href="../tr/misc/perf-tuning.html" hreflang="tr" rel="alternate" title="Türkçe"> tr </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">¸ðµâ</a> | <a href="../mod/directives.html">Áö½Ã¾îµé</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">¿ë¾î</a> | <a href="../sitemap.html">»çÀÌÆ®¸Ê</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/perf-tuning.html.tr.utf8 b/rubbos/app/httpd-2.0.64/docs/manual/misc/perf-tuning.html.tr.utf8 new file mode 100644 index 00000000..44b6dba2 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/perf-tuning.html.tr.utf8 @@ -0,0 +1,1100 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="tr" xml:lang="tr"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>Apache’de Başarımın Arttırılması - Apache HTTP Sunucusu</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">Modüller</a> | <a href="../mod/directives.html">Yönergeler</a> | <a href="../faq/">SSS</a> | <a href="../glossary.html">Terimler</a> | <a href="../sitemap.html">Site Haritası</a></p> +<p class="apache">Apache HTTP Sunucusu Sürüm 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Sunucusu</a> > <a href="http://httpd.apache.org/docs/">Belgeleme</a> > <a href="../">Sürüm 2.0</a> > <a href="./">Çeşitli Belgeler</a></div><div id="page-content"><div id="preamble"><h1>Apache’de Başarımın Arttırılması</h1> +<div class="toplang"> +<p><span>Mevcut Diller: </span><a href="../en/misc/perf-tuning.html" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../ko/misc/perf-tuning.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> | +<a href="../tr/misc/perf-tuning.html" title="Türkçe"> tr </a></p> +</div> + + + <p>Apache 2.x, esneklik, taşınabilirlik ve başarım arasında bir denge + sağlamak üzere tasarlanmış genel amaçlı bir HTTP sunucusudur. Başka + sunucularla kıyaslama denemelerinde öne geçmek üzere tasarlanmamış + olsa da Apache 2.x gerçek yaşamda karşılaşılan pek çok durumda oldukça + yüksek bir başarıma ulaşacak yetenektedir.</p> + + <p>Apache 1.3 ile karşılaştırıldığında 2.x sürümleri toplam veri hızını + ve ölçeklenebilirliği arttırmak için pek çok en iyileme seçeneği + içerir. Bu iyileştirmelerin pek çoğu zaten öntanımlı olarak etkin + olmakla birlikte derleme ve kullanım sırasında başarımı önemli ölçüde + etkileyebilen yapılandırma seçenekleri de mevcuttur. Bu belgede, bir + Apache 2.x kurulumunda sunucu yöneticisinin sunucunun başarımını + arttırmak amacıyla yapılandırma sırasında neler yapabileceğinden + bahsedilmiştir. Bu yapılandırma seçeneklerinden bazıları, httpd’nin + donanımın ve işletim sisteminin olanaklarından daha iyi + yararlanabilmesini sağlarken bir kısmı da daha hızlı bir sunum için + yöneticinin işlevsellikten ödün verebilmesini olanaklı kılar.</p> + + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#hardware">Donanım ve İşletim Sistemi ile İlgili Konular</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#runtime">Çalışma Anı Yapılandırması ile İlgili Konular</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#compiletime">Derleme Sırasında Yapılandırma ile İlgili Konular</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#trace">Ek: Bir çağrı izlemesinin ayrıntılı çözümlemesi</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="hardware" id="hardware">Donanım ve İşletim Sistemi ile İlgili Konular</a></h2> + + + + <p>HTTP sunucusunun başarımını etkileyen en önemli donanım bellektir + (RAM). Bir HTTP sunucusu asla takaslama yapmamalıdır. Çünkü takaslama, + kullanıcının "yeterince hız" umduğu noktada sunumun gecikmesine sebep + olur. Böyle bir durumda kullanıcılar yüklemeyi durdurup tekrar + başlatma eğilimindedirler; sonuçta yük daha da artar. <code class="directive"><a href="../mod/mpm_common.html#maxclients">MaxClients</a></code> yönergesinin değerini + değiştirerek takaslamaya sebep olabilecek kadar çok çocuk süreç + oluşturulmasını engelleyebilirsiniz ve böyle bir durumda bunu mutlaka + yapmalısınız. Bunun için yapacağınız işlem basittir: <code>top</code> + benzeri bir araç üzerinden çalışan süreçlerinizin bir listesini alıp + Apache süreçlerinizin ortalama büyüklüğünü saptayıp, mevcut bellekten + bir kısmını diğer süreçler için ayırdıktan sonra kalan miktarı bu + değere bölerseniz yönergeye atayacağınız değeri bulmuş olursunuz.</p> + + <p>Donanımın diğer unsurları için kararı siz verin: Daha hızlı işlemci, + daha hızlı ağ kartı, daha hızlı disk; daha hızlının ne kadar hızlı + olacağını deneyimlerinize bağlı olarak tamamen sizin ihtiyaçlarınız + belirler.</p> + + <p>İşletim sistemi seçimi büyük oranda yerel ilgi konusudur. Fakat yine + de, genelde yararlılığı kanıtlanmış bazı kurallar bu seçimde size + yardımcı olabilir:</p> + + <ul> + <li> + <p>Seçtiğiniz işletim sisteminin (çekirdeğin) en son kararlı + sürümünü çalıştırın. Bir çok işletim sistemi, son yıllarda TCP + yığıtları ve evre kütüphaneleri ile ilgili belirgin iyileştirmeler + yapmışlar ve yapmaktadırlar.</p> + </li> + + <li> + <p>İşletim sisteminiz <code>sendfile</code>(2) sistem çağrısını + destekliyorsa bunun etkinleştirilebildiği sürümün kurulu olması + önemlidir. (Örneğin, Linux için bu, Linux 2.4 ve sonraki sürümler + anlamına gelirken, Solaris için Solaris 8’den önceki sürümlerin + yamanması gerektirdiği anlamına gelmektedir.) + <code>sendfile</code> işlevinin desteklendiği sistemlerde Apache 2 + duruk içeriği daha hızlı teslim etmek ve işlemci kullanımını + düşürmek amacıyla bu işlevselliği kullanacaktır.</p> + </li> + </ul> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="runtime" id="runtime">Çalışma Anı Yapılandırması ile İlgili Konular</a></h2> + + + + <table class="related"><tr><th>İlgili Modüller</th><th>İlgili Yönergeler</th></tr><tr><td><ul><li><code class="module"><a href="../mod/mod_dir.html">mod_dir</a></code></li><li><code class="module"><a href="../mod/mpm_common.html">mpm_common</a></code></li><li><code class="module"><a href="../mod/mod_status.html">mod_status</a></code></li></ul></td><td><ul><li><code class="directive"><a href="../mod/core.html#allowoverride">AllowOverride</a></code></li><li><code class="directive"><a href="../mod/mod_dir.html#directoryindex">DirectoryIndex</a></code></li><li><code class="directive"><a href="../mod/core.html#hostnamelookups">HostnameLookups</a></code></li><li><code class="directive"><a href="../mod/core.html#enablemmap">EnableMMAP</a></code></li><li><code class="directive"><a href="../mod/core.html#enablesendfile">EnableSendfile</a></code></li><li><code class="directive"><a href="../mod/core.html#keepalivetimeout">KeepAliveTimeout</a></code></li><li><code class="directive"><a href="../mod/prefork.html#maxspareservers">MaxSpareServers</a></code></li><li><code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code></li><li><code class="directive"><a href="../mod/core.html#options">Options</a></code></li><li><code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code></li></ul></td></tr></table> + + <h3><a name="dns" id="dns"><code>HostnameLookups</code> ve DNS ile ilgili diğer konular</a></h3> + + + + <p>Apache 1.3 öncesinde, <code class="directive"><a href="../mod/core.html#hostnamelookups">HostnameLookups</a></code> yönergesinin öntanımlı değeri + <code>On</code> idi. İstek yerine getirilmeden önce bir DNS sorgusu + yapılmasını gerektirmesi sebebiyle bu ayarlama her istekte bir + miktar gecikmeye sebep olurdu. Apache 1.3’ten itibaren yönergenin + öntanımlı değeri <code>Off</code> yapılmıştır. Eğer günlük + dosyalarınızda konak isimlerinin bulunmasını isterseniz, Apache ile + birlikte gelen <code class="program"><a href="../programs/logresolve.html">logresolve</a></code> programını + kullanabileceğiniz gibi günlük raporlarını çözümleyen Apache ile + gelmeyen programlardan herhangi birini de kullanabilirsiniz.</p> + + <p>Günlük dosyaları üzerindeki bu işlemi sunucu makinesi dışında + günlük dosyasının bir kopyası üzerinde yapmanızı öneririz. Aksi + takdirde sunucunuzun başarımı önemli ölçüde etkilenebilir.</p> + + <p><code class="directive"><a href="../mod/mod_access.html#allow">Allow</a></code> veya + <code class="directive"><a href="../mod/mod_access.html#deny">Deny</a></code> + yönergelerinde IP adresi yerine bir konak veya alan ismi + belirtirseniz, iki DNS sorguluk bir bedel ödersiniz (biri normal, + diğeri IP taklidine karşı ters DNS sorgusu). Başarımı en iyilemek + için bu yönergelerde mümkün olduğunca isim yerine IP adreslerini + kullanınız.</p> + + <p><code class="directive"><a href="../mod/core.html#hostnamelookups">HostnameLookups</a></code> + yönergelerinin <code><Location /server-status></code> gibi + bölüm yönergelerinin içinde de yer alabileceğini unutmayın. Bu gibi + durumlarda DNS sorguları sadece istek kuralla eşleştiği takdirde + yapılacaktır. Aşağıdaki örnekte <code>.html</code> ve + <code>.cgi</code> dosyalarına yapılan istekler hariç DNS sorguları + iptal edilmektedir:</p> + + <div class="example"><p><code> + HostnameLookups off<br /> + <Files ~ "\.(html|cgi)$"><br /> + <span class="indent"> + HostnameLookups on<br /> + </span> + </Files> + </code></p></div> + + <p>Yine de bazı CGI’lerin DNS isimlerine ihtiyacı olursa bu CGI’lerin + bu ihtiyaçlarına yönelik olarak <code>gethostbyname</code> çağrıları + yapabileceğini gözardı etmeyiniz.</p> + + + + <h3><a name="symlinks" id="symlinks"><code>FollowSymLinks</code> ve + <code>SymLinksIfOwnerMatch</code></a></h3> + + + + <p>URL uzayınızda geçerli olmak üzere bir <code>Options + FollowSymLinks</code> yoksa veya <code>Options + SymLinksIfOwnerMatch</code> yönergeleri varsa, Apache her sembolik + bağın üzerinde bazı sınamalar yapmak için ek bir sistem çağrısından + başka istenen her dosya için de ayrı bir çağrı yapacaktır.</p> + + <div class="example"><h3>Örnek:</h3><p><code> + DocumentRoot /siteler/htdocs<br /> + <Directory /><br /> + <span class="indent"> + Options SymLinksIfOwnerMatch<br /> + </span> + </Directory> + </code></p></div> + + <p>Bu durumda <code>/index.html</code> için bir istek yapıldığında + Apache, <code>/siteler</code>, <code>/siteler/htdocs</code> ve<br /> + <code>/siteler/htdocs/index.html</code> üzerinde + <code>lstat</code>(2) çağrıları yapacaktır. <code>lstat</code> + sonuçları önbelleğe kaydedilmediğinden bu işlem her istekte + yinelenecektir. Amacınız gerçekten sembolik bağları güvenlik + açısından sınamaksa bunu şöyle yapabilirsiniz:</p> + + <div class="example"><p><code> + DocumentRoot /siteler/htdocs<br /> + <Directory /><br /> + <span class="indent"> + Options FollowSymLinks<br /> + </span> + </Directory><br /> + <br /> + <Directory /sitem/htdocs><br /> + <span class="indent"> + Options -FollowSymLinks +SymLinksIfOwnerMatch<br /> + </span> + </Directory> + </code></p></div> + + <p>Böylece <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> altındaki + dosyalar için fazladan bir çağrı yapılmasını engellemiş olursunuz. + Eğer bazı bölümlerde <code class="directive"><a href="../mod/mod_alias.html#alias">Alias</a></code>, <code class="directive"><a href="../mod/mod_rewrite.html#rewriterule">RewriteRule</a></code> gibi yönergeler üzerinden belge kök + dizininizin dışında kalan dosya yollarına sahipseniz benzer + işlemleri onlar için de yapmalısınız. Sembolik bağ koruması yapmamak + suretiyle başarımı arttırmak isterseniz, <code>FollowSymLinks</code> + seçeneğini her yerde etkin kılın ve + <code>SymLinksIfOwnerMatch</code> seçeneğini asla + etkinleştirmeyin.</p> + + + + <h3><a name="htacess" id="htacess"><code>AllowOverride</code></a></h3> + + + + <p>Genellikle <code>.htaccess</code> dosyaları üzerinden yapıldığı + gibi URL uzayınızda geçersizleştirmelere izin veriyorsanız, Apache + her dosya bileşeni için bu <code>.htaccess</code> dosyalarını açmaya + çalışacaktır.</p> + + <div class="example"><h3>Örnek:</h3><p><code> + DocumentRoot /siteler/htdocs<br /> + <Directory /><br /> + <span class="indent"> + AllowOverride all<br /> + </span> + </Directory> + </code></p></div> + + <p>Bu durumda <code>/index.html</code> sayfasına yapılan bir istek için + Apache, <code>/.htaccess</code>, <code>/siteler/.htaccess</code> ve + <code>/siteler/htdocs/.htaccess</code> dosyalarını açmaya + çalışacaktır. Çözüm <code>Options FollowSymLinks</code> durumunun + benzeridir; başarımı arttırmak için dosya sisteminizin her yerinde + <code>AllowOverride None</code> olsun.</p> + + + + <h3><a name="negotiation" id="negotiation">Dil Uzlaşımı</a></h3> + + + + <p>Başarımı son kırıntısına kadar arttırmak istiyorsanız, mümkünse + içerik dili uzlaşımı da yapmayın. Dil uzlaşımından yararlanmak + isterken büyük başarım kayıplarına uğrayabilirsiniz. Böyle bir + durumda sunucunun başarımını arttırmanın tek bir yolu vardır. </p> + + <div class="example"><p><code> + DirectoryIndex index + </code></p></div> + + <p>Yukarıdaki gibi bir dosya ismi kalıbı kullanmak yerine, aşağıdaki + gibi seçenekleri tam bir liste halinde belirtin:</p> + + <div class="example"><p><code> + DirectoryIndex index.cgi index.pl index.shtml index.html + </code></p></div> + + <p>Buradaki sıralama öncelik sırasını belirler; yani, + öncelikli olmasını istediğiniz seçeneği listenin başına + yazmalısınız.</p> + + <p>İstenen dosya için <code>MultiViews</code> kullanarak dizini + taratmak yerine, gerekli bilgiyi tek bir dosyadan okutmak suretiyle + başarımı arttırabilirsiniz. Bu amaçla türeşlem + (<code>type-map</code>) dosyaları kullanmanız yeterli olacaktır.</p> + + <p>Sitenizde içerik dili uzlaşımına gerek varsa, bunu <code>Options + MultiViews</code> yönergesi üzerinden değil, türeşlem dosyaları + kullanarak yapmayı deneyin. İçerik dili uzlaşımı ve türeşlem + dosyalarının oluşturulması hakkında daha ayrıntılı bilgi edinmek + için <a href="../content-negotiation.html">İçerik Uzlaşımı</a> + belgesine bakınız.</p> + + + + <h3>Bellek Eşlemleri</h3> + + + + <p>Apache’nin SSI sayfalarında olduğu gibi teslim edilecek dosyanın + içeriğine bakma gereği duyduğu durumlarda, eğer işletim sistemi + <code>mmap</code>(2) ve benzerlerini destekliyorsa çekirdek normal + olarak dosyayı belleğe kopyalayacaktır.</p> + + <p>Bazı platformlarda bu belleğe eşleme işlemi başarımı arttırsa da + başarımın veya httpd kararlılığının zora girdiği durumlar + olabilmektedir:</p> + + <ul> + <li> + <p>Bazı işletim sistemlerinde işlemci sayısı artışına bağlı + olarak, <code>mmap</code> işlevi <code>read</code>(2) kadar iyi + ölçeklenmemiştir. Örneğin, çok işlemcili Solaris sunucularda + <code>mmap</code> iptal edildiği takdirde içeriği sunucu + tarafından işlenen dosyalar üzerinde bazen daha hızlı işlem + yapılabilmektedir.</p> + </li> + + <li> + <p>Belleğe kopyalanacak dosya NFS üzerinden bağlanan bir dosya + sistemindeyse ve dosya başka bir NFS istemcisi makine tarafından + silinmiş veya dosyanın boyutu değiştirilmişse sunucunuz dosyaya + tekrar erişmeye çalıştığında bir hata alabilecektir.</p> + </li> + </ul> + + <p>Böyle durumların olasılık dahilinde olduğu kurulumlarda içeriği + sunucu tarafından işlenecek dosyaların belleğe kopyalanmaması için + yapılandırmanıza <code>EnableMMAP off</code> satırını ekleyiniz. + (Dikkat: Bu yönerge dizin seviyesinde geçersizleştirilebilen + yönergelerdendir.)</p> + + + + <h3><code>sendfile</code></h3> + + + + <p>Apache’nin duruk dosyalarda olduğu gibi teslim edilecek dosyanın + içeriğine bakmadığı durumlarda, eğer işletim sistemi + <code>sendfile</code>(2) desteğine sahipse çekirdek normal olarak bu + desteği kullanacaktır.</p> + + <p>Bazı platformlarda <code>sendfile</code> kullanımı, okuma ve yazma + işlemlerinin ayrı ayrı yapılmamasını sağlasa da + <code>sendfile</code> kullanımının httpd kararlılığını bozduğu bazı + durumlar sözkonusudur:</p> + + <ul> + <li> + <p>Bazı platformlar derleme sisteminin saptayamadığı bozuk bir + <code>sendfile</code> desteğine sahip olabilir. Özellikle + derleme işleminin başka bir platformda yapılıp + <code>sendfile</code> desteği bozuk bir makineye kurulum + yapıldığı durumlarda bu desteğin bozuk olduğu + saptanamayacaktır.</p> + </li> + <li> + <p>Çekirdek, NFS üzerinden erişilen ağ dosyalarını kendi önbelleği + üzerinden gerektiği gibi sunamayabilir.</p> + </li> + </ul> + + <p>Böyle durumların olasılık dahilinde olduğu kurulumlarda içeriğin + <code>sendfile</code> desteğiyle teslim edilmemesi için + yapılandırmanıza <code>EnableSendfile off</code> satırını ekleyiniz. + (Dikkat: Bu yönerge dizin seviyesinde geçersizleştirilebilen + yönergelerdendir.)</p> + + + + <h3><a name="process" id="process">Süreç Oluşturma</a></h3> + + + + <p>Apache 1.3 öncesinde <code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code>, <code class="directive"><a href="../mod/prefork.html#maxspareservers">MaxSpareServers</a></code> ve <code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code> ayarları, başka sunucularla kıyaslama + denemelerinde olağanüstü kötü sonuçlar alınmasına sebep olmaktaydı. + Özellikle uygulanan yükü karşılamaya yetecek sayıda çocuk süreç + oluşturulması aşamasında Apache’nin elde ettiği ivme bunlardan + biriydi. Başlangıçta <code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code> yönergesiyle belli sayıda süreç + oluşturulduktan sonra her saniyede bir tane olmak üzere <code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code> sayıda çocuk süreç + oluşturulmaktaydı. Örneğin, aynı anda 100 isteğe yanıt vermek için + <code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code> + yönergesinin öntanımlı değeri olarak başta <code>5</code> süreç + oluşturulduğundan kalan süreçler için 95 saniye geçmesi gerekirdi. + Sık sık yeniden başlatılmadıklarından dolayı gerçek hayatta + sunucuların başına gelen de buydu. Başka sunucularla kıyaslama + denemelerinde ise işlem sadece on dakika sürmekte ve içler acısı + sonuçlar alınmaktaydı.</p> + + <p>Saniyede bir kuralı, sunucunun yeni çocukları oluşturması sırasında + sistemin aşırı meşgul duruma düşmemesi için alınmış bir önlemdi. + Makine çocuk süreç oluşturmakla meşgul edildiği sürece isteklere + yanıt veremeyecektir. Böylesi bir durum Apache’nin başarımını + kötüleştirmekten başka işe yaramayacaktır. Apache 1.3’te saniyede + bir kuralı biraz esnetildi. Yeni gerçeklenimde artık bir süreç + oluşturduktan bir saniye sonra iki süreç, bir saniye sonra dört + süreç oluşturulmakta ve işlem, saniyede 32 çocuk süreç oluşturulur + duruma gelene kadar böyle ivmelenmektedir. Çocuk süreç oluşturma + işlemi <code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code> + değerine ulaşılınca durmaktadır.</p> + + <p>Bu, <code class="directive"><a href="../mod/prefork.html#minspareservers">MinSpareServers</a></code>, + <code class="directive"><a href="../mod/prefork.html#maxspareservers">MaxSpareServers</a></code> ve + <code class="directive"><a href="../mod/mpm_common.html#startservers">StartServers</a></code> ayarlarıyla + oynamayı neredeyse gereksiz kılacak kadar iyi sonuçlar verecek gibi + görünmektedir. Saniyede 4 çocuktan fazlası oluşturulmaya + başlandığında hata günlüğüne bazı iletiler düşmeye başlar. Bu + iletilerin sayısı çok artarsa bu ayarlarla oynama vakti gelmiş + demektir. Bunun için <code class="module"><a href="../mod/mod_status.html">mod_status</a></code> çıktısını bir + kılavuz olarak kullanabilirsiniz.</p> + + <p>Süreç oluşturmayla ilgili olarak süreç ölümü <code class="directive"><a href="../mod/mpm_common.html#maxrequestsperchild">MaxRequestsPerChild</a></code> değeri ile + sağlanır. Bu değer öntanımlı olarak <code>0</code> olup, çocuk süreç + başına istek sayısının sınırsız olduğu anlamına gelir. Eğer + yapılandırmanızda bu değeri <code>30</code> gibi çok düşük bir + değere ayarlarsanız bunu hemen kaldırmak zorunda kalabilirsiniz. + Sunucunuzu SunOS veya Solaris’in eski bir sürümü üzerinde + çalıştırıyorsanız bellek kaçaklarına sebep olmamak için bu değeri + <code>10000</code> ile sınırlayınız.</p> + + <p>Kalıcı bağlantı özelliğini kullanıyorsanız, çocuk süreçler zaten + açık bağlantılardan istek beklemekte olacaklardır. <code class="directive"><a href="../mod/core.html#keepalivetimeout">KeepAliveTimeout</a></code> yönergesinin öntanımlı + değeri <code>15</code> saniye olup bu etkiyi en aza indirmeye yönelik + süredir. Burada ağ band genişliği ile sunucu kaynaklarının kullanımı + arasında bir seçim yapmak söz konusudur. Hiçbir şey umurunuzda + değilse <a href="http://www.research.digital.com/wrl/techreports/abstracts/95.4.html"> + çoğu ayrıcalığın yitirilmesi pahasına</a> bu değeri rahatça + <code>60</code> saniyenin üzerine çıkarabilirsiniz.</p> + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="compiletime" id="compiletime">Derleme Sırasında Yapılandırma ile İlgili Konular</a></h2> + + + <h3>MPM Seçimi</h3> + + + <p>Apache 2.x, <a href="../mpm.html">Çok Süreçlilik Modülleri</a> + (MPM) adı verilen eklemlenebilir çok görevlilik modellerini + destekler. Apache’yi derlerken bu MPM’lerden birini seçmeniz + gerekir. MPM’lerden bazıları platformlara özeldir: + <code class="module"><a href="../mod/beos.html">beos</a></code>, <code class="module"><a href="../mod/mpm_netware.html">mpm_netware</a></code>, + <code class="module"><a href="../mod/mpmt_os2.html">mpmt_os2</a></code> ve <code class="module"><a href="../mod/mpm_winnt.html">mpm_winnt</a></code>. Unix + benzeri sistemler için ise seçebileceğiniz modül sayısı birden + fazladır. MPM seçiminin httpd’nin hızında ve ölçeklenebilirliğinde + bazı etkileri olabilir:</p> + + <ul> + + <li><code class="module"><a href="../mod/worker.html">worker</a></code> modülü her biri çok evreli çok sayıda + çocuk süreç kullanımını destekler. Her evre aynı anda tek bir + bağlantıya hizmet sunar. Aynı hizmeti daha az bellek harcayarak + vermesi nedeniyle yüksek trafiğe sahip sunucularda + <code class="module"><a href="../mod/prefork.html">prefork</a></code> modülüne göre daha iyi bir seçimdir.</li> + + <li><code class="module"><a href="../mod/prefork.html">prefork</a></code> modülü her biri tek bir evreye sahip + çok sayıda çocuk süreç kullanımını destekler. Her süreç aynı anda + tek bir bağlantıya hizmet sunar. Çoğu sistemde daha hızlı olması + nedeniyle <code class="module"><a href="../mod/worker.html">worker</a></code> modülüne göre daha iyi bir seçim + olarak görünürse de bunu daha fazla bellek kullanarak sağlar. + <code class="module"><a href="../mod/prefork.html">prefork</a></code> modülünün evresiz tasarımının + <code class="module"><a href="../mod/worker.html">worker</a></code> modülüne göre bazı yararlı tarafları + vardır: Çok evreli sistemlerde güvenilir olmayan üçüncü parti + modülleri kullanabilir ve evrelerde hata ayıklamanın yetersiz + kaldığı platformlarda hatalarını ayıklamak daha kolaydır.</li> + + </ul> + + <p>Bu modüller ve diğerleri hakkında daha ayrıntılı bilgi edinmek için + <a href="../mpm.html">Çok Süreçlilik Modülleri</a> belgesine + bakınız.</p> + + + + <h3><a name="modules" id="modules">Modüller</a></h3> + + + + <p>Bellek kullanımı başarım konusunda önemli olduğundan gerçekte + kullanmadığınız modülleri elemeye çalışmalısınız. Modülleri birer <a href="../dso.html">DSO</a> olarak derlediyseniz <code class="directive"><a href="../mod/mod_so.html#loadmodule">LoadModule</a></code> yönergesinin bulunduğu satırı + açıklama haline getirmeniz modülden kurtulmanız için yeterli + olacaktır. Modülleri bu şekilde kaldırarak onların yokluğunda + sitenizin hala işlevlerini yerine getirdiğini görme şansına da + kavuşmuş olursunuz.</p> + + <p>Ancak, eğer modülleri Apache çalıştırılabilirinin içine + gömmüşseniz istenmeyen modülleri kaldırmak için Apache'yi yeniden + derlemeniz gerekir.</p> + + <p>Bu noktada bir soru akla gelebilir: Hangi modüller gerekli, + hangileri değil? Bu sorunun yanıtı şüphesiz siteden siteye değişir. + Ancak, olmazsa olmaz moüller olarak <code class="module"><a href="../mod/mod_mime.html">mod_mime</a></code>, + <code class="module"><a href="../mod/mod_dir.html">mod_dir</a></code> ve <code class="module"><a href="../mod/mod_log_config.html">mod_log_config</a></code> + modüllerini sayabiliriz. Bunlardan <code>mod_log_config</code> + olmadan da bir sitenin çalışabileceğinden hareketle bu modülün + varlığı isteğe bağlı olsa da bu modülü kaldırmanızı önermiyoruz.</p> + + + + <h3>Atomik İşlemler</h3> + + + + <p>Worker MPM'nin en son geliştirme sürümleri ve + <code class="module"><a href="../mod/mod_cache.html">mod_cache</a></code> gibi bazı modüller APR'nin atomik API'sini + kullanırlar. Bu API, düşük ayarlı evre eşzamanlamasında atomik + işlemler yapar.</p> + + <p>Öntanımlı olarak, APR bu işlemleri hedef işletim sistemi/işlemci + platformunda kullanılabilecek en verimli mekanizmayı kullanarak + gerçekleştirir. Günümüz işlemcilerinin çoğu, örneğin, bir atomik + karşılaştırma ve takas (CAS) işlemini donanımda gerçekleştirmektedir. + Bazı platformlarda APR'nin atomik işlemler için öntanımlı olarak daha + yavaş olan mutekslere dayalı gerçeklenimi kullanmasının sebebi eski + işlemcilerde bu tür makine kodlarının yokluğudur. Apache'yi bu tür + platformalarda günümüz işlemcileriyde çalıştırmayı düşünüyorsanız + Apache'yi derlemek için yapılandırırken en hızlı atomik işlemin + seçilebilmesi için <code>--enable-nonportable-atomics</code> + seçeneğini kullanın:</p> + + <div class="example"><p><code> + ./buildconf<br /> + ./configure --with-mpm=worker --enable-nonportable-atomics=yes + </code></p></div> + + <p><code>--enable-nonportable-atomics</code> seçeneği şu platformlar + için uygundur:</p> + + <ul> + + <li>SPARC üzerinde Solaris<br /> + APR öntanımlı olarak, SPARC/Solaris üzerinde mutekslere dayalı + atomik işlemleri kullanır. Ancak, + <code>--enable-nonportable-atomics</code> yapılandırmasını + kullanırsanız, donanım üzerinde hızlı karşılaştırma ve takas + için uygun SPARC v8plus kodunu kullanacak şekilde kod üretilir. + Apache'yi bu seçenekle yapılandırırsanız atomik işlemler daha + verimli olacak fakat derlenen Apache çalıştırılabiliri sadece + UltraSPARC kırmığı üzerinde çalışacaktır. + </li> + + <li>x86 üzerinde Linux<br /> + APR öntanımlı olarak, Linux üzerinde mutekslere dayalı atomik + işlemleri kullanır. Ancak, + <code>--enable-nonportable-atomics</code> yapılandırmasını + kullanırsanız, donanım üzerinde hızlı karşılaştırma ve takas + için uygun 486 kodunu kullanacak şekilde kod üretilir. Apache'yi + bu seçenekle yapılandırırsanız atomik işlemler daha verimli + olacak fakat derlenen Apache çalıştırılabiliri (386 üzerinde + değil) sadece 486 ve sonrası kırmıklarda çalışacaktır. + </li> + + </ul> + + + + <h3><code>mod_status</code> ve <code>ExtendedStatus On</code> + </h3> + + + + <p><code class="module"><a href="../mod/mod_status.html">mod_status</a></code> modülünü derlemiş ve Apache'yi + yapılandırır ve çalıştırırken <code>ExtendedStatus On</code> satırını + da kullanmışsanız Apache her istek üzerinde + <code>gettimeofday(2)</code> (veya işletim sistemine bağlı olarak + <code>time(2)</code>) çağrısından başka (1.3 öncesinde) fazladan + defalarca <code>time(2)</code> çağrıları yapacaktır. Bu çağrılarla + durum raporununun zamanlama bilgilerini içermesi sağlanır. Başarımı + arttırmak için <code>ExtendedStatus off</code> yapın (zaten öntanımlı + böyledir).</p> + + + + <h3><code>accept</code> dizgilemesi ve çok soketli işlem</h3> + + + + <div class="warning"><h3>Uyarı:</h3> + <p>Bu bölüm, Apache HTTP sunucusunun 2.x sürümlerinde yapılan + değişikliklere göre tamamen güncellenmemiştir. Bazı bilgiler hala + geçerliyse de lütfen dikkatli kullanınız.</p> + </div> + + <p>Burada Unix soket arayüzü gerçeklenirken ihmal edilen bir durumdan + bahsedeceğiz. HTTP sunucunuzun çok sayıda adresten çok sayıda portu + dinlemek için çok sayıda <code class="directive"><a href="../mod/mpm_common.html#listen">Listen</a></code> yönergesi kullanmakta olduğunu varsayalım. Her + soketi çalıştığını görmek için denerken Apache bağlantı için + <code>select(2)</code> kullanacaktır. <code>select(2)</code> çağrısı + bu soketin üzerinde <em>sıfır</em> veya <em>en azından bir</em> + bağlantının beklemekte olduğu anlamına gelir. Apache'nin modeli çok + sayıda çocuk süreç içerir ve boşta olanların tümünde aynı anda yeni + bağlantılar denenebilir. Gerçekte çalışan kod bu olmasa da meramımızı + anlatmak için kodun şöyle bir şey olduğunu varsayabiliriz:</p> + + <div class="example"><p><code> + for (;;) {<br /> + <span class="indent"> + for (;;) {<br /> + <span class="indent"> + fd_set accept_fds;<br /> + <br /> + FD_ZERO (&accept_fds);<br /> + for (i = first_socket; i <= last_socket; ++i) {<br /> + <span class="indent"> + FD_SET (i, &accept_fds);<br /> + </span> + }<br /> + rc = select (last_socket+1, &accept_fds, NULL, NULL, NULL);<br /> + if (rc < 1) continue;<br /> + new_connection = -1;<br /> + for (i = first_socket; i <= last_socket; ++i) {<br /> + <span class="indent"> + if (FD_ISSET (i, &accept_fds)) {<br /> + <span class="indent"> + new_connection = accept (i, NULL, NULL);<br /> + if (new_connection != -1) break;<br /> + </span> + }<br /> + </span> + }<br /> + if (new_connection != -1) break;<br /> + </span> + }<br /> + process the new_connection;<br /> + </span> + } + </code></p></div> + + <p>Bu özet gerçeklenim bir takım açlık sorunlarına sebep olur. Bu + döngünün çalışması sırasında aynı anda çok sayıda çocuk süreç yeniden + çağrılır ve istekler arasında kalan çoğu çocuk da <code>select</code> + ile engellenir. Engellenen tüm bu çocuklar soketlerden herhangi biri + üzerinde tek bir istek göründüğünde <code>select</code> tarafından + uyandırılıp işleme sokulmak üzere döndürülürler (uyandırılan çocuk + sayısı işletim sistemine ve zamanlama ayarlarına göre değişiklik + gösterir). Bunların hepsi döngüye katılıp bağlantı kabul etmeye + (<code>accept</code>) çalışırlar. Fakat içlerinden yalnız biri + (sadece bir bağlantı isteğinin mevcut olduğu varsayımıyla) bunu + başarabilir. Kalanının bağlantı kabul etmesi (<code>accept</code>) + engellenir. Bu durum, bu çocukları istekleri başka başka soketlerden + değil mecburen tek bir soketten kabul etmeye kilitler ve bu soket + üzerinde yeni bir istek belirip uyandırılana kadar bu durumda + kalırlar. Bu açlık sorunu ilk olarak <a href="http://bugs.apache.org/index/full/467">PR#467</a> sayılı raporla + belgelenmiştir. Bu sorunun en az iki çözümü vardır.</p> + + <p>Çözümün biri engellenmeyen soket kullanımıdır. Bu durumda + <code>accept</code> çocukları engellemeyecek ve yapılan bir + bağlantının ardından diğer çocuklar durumları değişmeksizin bağlantı + beklemeye devam edeceklerdir. Fakat bu durum işlemci zamanının boşa + harcanmasına sebep olur. Seçilmiş (<code>select</code>) boşta on + çocuğun olduğunu ve bir bağlantı geldiğini varsayalım. Kalan dokuz + çocuk işine devam edip bağlantı kabul etmeyi (<code>accept</code>) + deneyecek, başarızsız olacak, dönecek başa, tekrar seçilecek + (<code>select</code>) ve böyle hiçbir iş yapmadan dönüp duracaktır. Bu + arada hizmet sunmakta olanlar da işlerini bitirdikten sonra bu + döngüdeki yerlerini alacaklardır. Aynı kutunun içinde boşta bir sürü + işlemciniz (çok işlemcili sistemler) yoksa bu çözüm pek verimli + olmayacaktır.</p> + + <p>Diğer çözüm ise Apache tarafından kullanılan çözüm olup, girdiyi + bir iç döngüde sıraya sokmaktır. Döngü aşağıda örneklenmiştir (farklar + vurgulanmıştır):</p> + + <div class="example"><p><code> + for (;;) {<br /> + <span class="indent"> + <strong>accept_mutex_on ();</strong><br /> + for (;;) {<br /> + <span class="indent"> + fd_set accept_fds;<br /> + <br /> + FD_ZERO (&accept_fds);<br /> + for (i = first_socket; i <= last_socket; ++i) {<br /> + <span class="indent"> + FD_SET (i, &accept_fds);<br /> + </span> + }<br /> + rc = select (last_socket+1, &accept_fds, NULL, NULL, NULL);<br /> + if (rc < 1) continue;<br /> + new_connection = -1;<br /> + for (i = first_socket; i <= last_socket; ++i) {<br /> + <span class="indent"> + if (FD_ISSET (i, &accept_fds)) {<br /> + <span class="indent"> + new_connection = accept (i, NULL, NULL);<br /> + if (new_connection != -1) break;<br /> + </span> + }<br /> + </span> + }<br /> + if (new_connection != -1) break;<br /> + </span> + }<br /> + <strong>accept_mutex_off ();</strong><br /> + process the new_connection;<br /> + </span> + } + </code></p></div> + + <p><code>accept_mutex_on</code> ve <code>accept_mutex_off</code> <a id="serialize" name="serialize">işlevleri</a> bir karşılıklı red + semoforu oluştururlar. Mutekse aynı anda sadece bir çocuk sahip + olabilir. Bu muteksleri gerçeklemek için çeşitli seçenekler vardır. + Seçim, <code>src/conf.h</code> (1.3 öncesi) veya + <code>src/include/ap_config.h</code> (1.3 ve sonrası) dosyasında + tanımlanmıştır. Bazı mimariler bir kilitleme seçeneğine sahip + değildir. Böyle mimarilerde çok sayıda <code class="directive"><a href="../mod/mpm_common.html#listen">Listen</a></code> yönergesi kullanmak güvenilir + olmayacaktır.</p> + + <p><code class="directive"><a href="../mod/mpm_common.html#acceptmutex">AcceptMutex</a></code> yönergesi, + seçilen muteks gerçeklenimini çalışma anında değiştirmek için + kullanılabilir.</p> + + <dl> + <dt><code>AcceptMutex flock</code></dt> + + <dd> + <p>Bu yöntem, bir kilit dosyasını kilitlemek için + <code>flock(2)</code> sistem çağrısını kullanır (Kilit dosyasının + yeri <code class="directive"><a href="../mod/mpm_common.html#lockfile">LockFile</a></code> + yönergesiyle belirtilir).</p> + </dd> + + <dt><code>AcceptMutex fcntl</code></dt> + + <dd> + <p>Bu yöntem, bir kilit dosyasını kilitlemek için + <code>fcntl(2)</code> sistem çağrısını kullanır (Kilit dosyasının + yeri <code class="directive"><a href="../mod/mpm_common.html#lockfile">LockFile</a></code> + yönergesiyle belirtilir).</p> + </dd> + + <dt><code>AcceptMutex sysvsem</code></dt> + + <dd> + <p>(1.3 ve sonrası) Bu yöntem muteksi gerçeklemek için SysV tarzı + semaforları kullanır. Maalesef, SysV tarzı semaforların bazı yan + etkileri vardır. Bunlardan biri Apache'nin semaforu temizlemeden + ölme ihtimalidir (<code>ipcs(8)</code> kılavuz sayfasına bakınız). + Diğer biri, CGI'lerin sunucu ile aynı kullanıcı kimliğini + kullanmaları nedeniyle semafor arayüzünün hizmet reddi + saldırılarına açık olmasıdır (<code class="program"><a href="../programs/suexec.html">suexec</a></code> veya + <code>cgiwrapper</code> gibi bir şeyler kullanmadıkça bütün + CGI'ler için söz konusudur). Bu sebeple bu yöntem IRIX haricinde + hiçbir mimaride kullanılmaz (önceki ikisi çoğu IRIX makine için + elde edilmesi imkansız derecede pahalı olduğundan).</p> + </dd> + + <dt><code>AcceptMutex pthread</code></dt> + + <dd> + <p>(1.3 ve sonrası) Bu yöntem POSIX mutekslerini kullanır ve POSIX + evreleri belirtiminin tamamen gerçeklendiği mimarilerde çalışması + gerekirse de sadece Solaris (2.5 ve sonrası) üzerinde ve sadece + belli yapılandırmalarla çalışmakta gibi görünmektedir. Bunu + denemişseniz sunucunuzun çöktüğünü ve yanıt vermediğini + görmüşsünüzdür. Sadece duruk içerikli sunucular iyi + çalışmaktadır.</p> + </dd> + + <dt><code>AcceptMutex posixsem</code></dt> + + <dd> + <p>(2.0 ve sonrası) Bu yöntem POSIX semaforlarını kullanır. Eğer + işlem sırasında bir evre muteks kaynaklı parçalama arızalarıyla + karşı karşıya kalırsa HTTP sunucusunun çökmesiyle semaforun sahibi + kurtarılamaz.</p> + </dd> + + </dl> + + <p>Eğer sisteminiz yukarıda bahsedilenler dışında başka bir dizgileme + yöntemi kullanıyorsa bununla ilgili kodun APR'ye eklenmesi girilen + zahmete değecektir.</p> + + <p>Başka bir çözüm daha vardır ancak döngü kısmen dizgilenmeyeceğinden + (yani belli sayıda sürece izin verilemeyeceğinden) asla + gerçeklenmemiştir. Bu sadece, aynı anda çok sayıda çocuk sürecin + çalışabileceği ve dolayısıyla band genişliğinin tüm yönleriyle + kullanılabileceği çok işlemcili sistemlerde ilginç olabilirdi. Bu + gelecekte incelenmeye değer bir konu olmakla beraber çok sayıda HTTP + sunucusunun aynı anda aynı amaca hizmet edecek şekilde çalışması + standart olarak pek mümkün görülmediğinden bu olasılık çok + düşüktür.</p> + + <p>En yüksek başarımı elde etmek için ideal olanı sunucuları + çalıştırırken çok sayıda <code class="directive"><a href="../mod/mpm_common.html#listen">Listen</a></code> yönergesi kullanmamaktır. Fakat siz yine de + okumaya devam edin.</p> + + + + <h3><code>accept</code> dizgilemesi - tek soket</h3> + + + + <p>Çok soketli sunucular için yukarıda açıklananlar iyi güzel de tek + soketli sunucularda durum ne? Kuramsal olarak, bunların hiçbiriyle bir + sorunları olmaması gerekir. Çünkü yeni bir bağlantı gelene kadar tüm + çocuklar <code>accept(2)</code> ile engellenirler dolayısıyla hiçbir + açlık sorununun ortaya çıkmaması gerekir. Uygulamada ise son + kullanıcıdan gizli olarak, yukarıda engellenmeyen çocuklar çözümünde + bahsedilenle hemen hemen aynı "boşa dönüp durma" davranışı mevcuttur. + Çoğu TCP yığıtı bu yolu gerçeklemiştir. Çekirdek, yeni bir bağlantı + ortaya çıktığında <code>accept</code> ile engellenen tüm süreçleri + uyandırır. Bu süreçlerden bağlantıyı alan kullanıcı bölgesine geçerken + çekirdek içinde döngüde olan diğerleri de yeni bağlantı keşfedilene + kadar uykularına geri dönerler. Bu çekirdek içi döngü, kullanıcı + bölgesindeki kodlara görünür değildir ama bu olmadıkları anlamına + gelmez. Bu durum, çok soketli engellenmeyen çocuklar çözümündeki boşa + döngünün sebep olduğu gereksiz işlemci yükü sorununu içinde + barındırır.</p> + + <p>Bununla birlikte, tek soketli durumda bile bundan daha verimli bir + davranış sergileyen bir çok mimari bulduk. Bu aslında hemen hemen her + durumda öntanımlı olarak böyledir. Linux altında yapılan üstünkörü + denemelerde (128MB bellekli çift Pentium pro 166 işlemcili makinede + Linux 2.0.30) tek sokette dizgilemenin dizgilenmemiş duruma göre + saniyede %3 daha az istekle sonuçlandığı gösterilmiştir. Fakat + dizgilenmemiş tek soket durumunda her istekte 100ms'lik ek bir gecikme + olduğu görülmüştür. Bu gecikmenin sebebi muhtemelen uzun mesafeli + hatlar olup sadece yerel ağlarda söz konusudur. Tek soketli + dizgilemeyi geçersiz kılmak için + <code>SINGLE_LISTEN_UNSERIALIZED_ACCEPT</code> tanımlarsanız tek + soketli sunucularda artık dizgileme yapılmayacaktır.</p> + + + + <h3>Kapatmayı zamana yaymak</h3> + + + + <p><a href="http://www.ics.uci.edu/pub/ietf/http/draft-ietf-http-connection-00.txt">draft-ietf-http-connection-00.txt</a> taslağının 8. bölümünde + bahsedildiği gibi, bir HTTP sunucusunun protokolü <strong>güvenilir + şekilde</strong> gerçeklemesi için her iki yöndeki iletişimi + birbirinden bağımsız olarak (iki yönlü bir TCP bağlantısının her + yarısını diğerinden bağımsız olarak) kapatması gerekir. Bu olgu başka + sunucular tarafından çoğunlukla dikkate alınmaz fakat Apache'nin 1.2 + sürümünden beri gerektiği gibi gerçeklenmektedir.</p> + + <p>Bu özellik Apache'ye eklendiğinde Unix'in çeşitli sürümlerinde + uzgörüsüzlükten dolayı bir takım geçici telaş sorunlarına sebep oldu. + TCP belirtimi <code>FIN_WAIT_2</code> durumunda bir zaman aşımından + bahsetmez ama yasaklamaz da. Zaman aşımı olmayan sistemlerde, Apache + 1.2 çoğu soketin sonsuza kadar <code>FIN_WAIT_2</code> durumunda + takılıp kalmasına sebep olur. Çoğu durumda, satıcıdan sağlanan en son + TCP/IP yamalarını uygulanarak bu önlenebilir. Satıcının hiçbir yeni + yama dağıtmadığı durumlarda (örneğin, SunOS4 -- bir kaynak lisansı ile + insanlar bunu kendileri yamayabilirse de) bu özelliği devre dışı + bırakmaya karar verdik.</p> + + <p>Bunun üstesinden gelmenin iki yolu vardır. Bunlardan biri + <code>SO_LINGER</code> soket seçeneğidir. Bu işin kaderi buymuş gibi + görünürse de çoğu TCP/IP yığıtında bu gerektiği gibi + gerçeklenmemiştir. Bu yığıtlar üzerinde, bu yöntemin, doğru bir + gerçeklenimle bile (örneğin, Linux 2.0.31) sonraki çözümden daha + pahalı olduğu ortaya çıkmıştır.</p> + + <p>Çoğunlukla, Apache bunu (<code>http_main.c</code> içindeki) + <code>lingering_close</code> adında bir işlevle gerçekler. Bu işlev + kabaca şöyle görünür:</p> + + <div class="example"><p><code> + void lingering_close (int s)<br /> + {<br /> + <span class="indent"> + char junk_buffer[2048];<br /> + <br /> + /* gönderen tarafı kapat */<br /> + shutdown (s, 1);<br /> + <br /> + signal (SIGALRM, lingering_death);<br /> + alarm (30);<br /> + <br /> + for (;;) {<br /> + <span class="indent"> + /* s'i okumak için, 2 saniyelik zaman aşımı ile seç */<br /> + select (s for reading, 2 second timeout);<br /> + /* Hata oluşmuşsa döngüden çık */<br /> + if (error) break;<br /> + /* s okumak için hazırsa */<br /> + if (s is ready for reading) {<br /> + <span class="indent"> + if (read (s, junk_buffer, sizeof (junk_buffer)) <= 0) {<br /> + <span class="indent"> + break;<br /> + </span> + }<br /> + /* geri kalan herşey burada */<br /> + </span> + }<br /> + </span> + }<br /> + <br /> + close (s);<br /> + </span> + } + </code></p></div> + + <p>Bağlantı sonunda bu doğal olarak biraz daha masrafa yol açar, fakat + güvenilir bir gerçeklenim için bu gereklidir. HTTP/1.1'in daha yaygın + kullanılmaya başlanması ve tüm bağlantıların kalıcı hale gelmesiyle bu + gerçeklenim daha fazla istek üzerinden kendi masrafını + karşılayacaktır. Ateşle oynamak ve bu özelliği devre dışı bırakmak + isterseniz <code>NO_LINGCLOSE</code>'u tanımlayabilirsiniz, fakat bu + asla önerilmez. Özellikle, HTTP/1.1'den itibaren boruhatlı kalıcı + bağlantıların <code>lingering_close</code> kullanmaya başlaması mutlak + bir gerekliliktir (ve <a href="http://www.w3.org/Protocols/HTTP/Performance/Pipeline.html"> + boruhatlı bağlantıların daha hızlı</a> olması nedeniyle bu + bağlantıları desteklemek isteyebilirsiniz).</p> + + + + <h3>Çetele Dosyası</h3> + + + + <p>Apache'nin ana ve alt süreçleri birbirleriyle çetele denen birşey + üzerinden haberleşirler. Bunun en mükemmel şekilde paylaşımlı bellekte + gerçeklenmesi gerekir. Eriştiğimiz veya portlarını ayrıntılı olarak + belirttiğimiz işletim sistemleri için bu, genellikle paylaşımlı bellek + kullanılarak gerçeklenir. Geri kalanlar, öntanımlı olarak bunu bir + disk dosyası kullanarak gerçekler. Bir disk dosyaı yavaş olmanın yanı + sıra güvenilir de değildir (ve daha az özelliğe sahiptir). Mimarinizin + <code>src/main/conf.h</code> dosyasını inceleyin ve + <code>USE_MMAP_SCOREBOARD</code> veya + <code>USE_SHMGET_SCOREBOARD</code>'a bakın. Bu ikisinden birinin (ve + yanı sıra sırasıyla <code>HAVE_MMAP</code> veya + <code>HAVE_SHMGET</code>'in) tanımlanmış olması, sağlanan paylaşımlı + bellek kodunu etkinleştirir. Eğer sisteminiz diğer türdeki paylaşımlı + belleğe sahipse, <code>src/main/http_main.c</code> dosyasını açıp, + Apache'de bu belleği kullanması gereken kanca işlevleri ekleyin (Bize + de bir yama yollayın, lütfen).</p> + + <div class="note">Tarihsel bilgi: Apache'nin Linux uyarlaması, Apache'nin 1.2 + sürümüne kadar paylaşımlı belleği kullanmaya başlamamıştı. Bu kusur, + Apache'nin Linux üzerindeki erken dönem sürümlerinin davranışlarının + zayıf ve güvenilmez olmasına yol açmıştı.</div> + + + + <h3>DYNAMIC_MODULE_LIMIT</h3> + + + + <p>Devingen olarak yüklenen modülleri kullanmamak niyetindeyseniz + (burayı okuyan ve sunucunuzun başarımını son kırıntısına kadar + arttırmakla ilgilenen biriyseniz bunu düşünmezsiniz), sunucunuzu + derlerken seçenekler arasına <code>-DDYNAMIC_MODULE_LIMIT=0</code> + seçeneğini de ekleyin. Bu suretle, sadece, devingen olarak yüklenen + modüller için ayrılacak belleği kazanmış olacaksınız.</p> + + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="trace" id="trace">Ek: Bir çağrı izlemesinin ayrıntılı çözümlemesi</a></h2> + + + + <p>Burada, Solaris 8 üzerinde worker MPM'li Apache 2.0.38'in bir sistem + çağrısı izlenmektedir. Bu izleme şu komutla elde edilmiştir:</p> + + <div class="example"><p><code> + truss -l -p <var>httpd_çocuk_pidi</var>. + </code></p></div> + + <p><code>-l</code> seçeneği, truss'a hafif bir sürecin yaptığı her + sistem çağrısını (hafif süreç -- HS -- Solaris'in bir çekirdek seviyesi + evreleme biçimi) günlüğe yazmasını söyler.</p> + + <p>Diğer sistemlerin sistem çağrılarını izleyen farklı araçları vardır + (<code>strace</code>, <code>ktrace</code>, <code>par</code> gibi). + Bunlar da benzer çıktılar üretirler.</p> + + <p>Bu izleme sırasında, bir istemci httpd'den 10 KB'lık duruk bir dosya + talebinde bulunmuştur. Duruk olmayan veya içerik uzlaşımlı isteklerin + izleme kayıtları vahşice (bazı durumlarda epey çirkince) farklı + görünür.</p> + + <div class="example"><p><code> + /67: accept(3, 0x00200BEC, 0x00200C0C, 1) (uykuda...)<br /> + /67: accept(3, 0x00200BEC, 0x00200C0C, 1) = 9 + </code></p></div> + + <p>Bu izlemede, dinleyen evre HS #67 içinde çalışmaktadır.</p> + + <div class="note"><code>accept(2)</code> dizgelemesinin olmayışına dikkat edin. + Özellikle bu platformda worker MPM, çok sayıda portu dinlemedikçe, + öntanımlı olarak dizgeleştirilmemiş bir accept çağrısı kullanır.</div> + + <div class="example"><p><code> + /65: lwp_park(0x00000000, 0) = 0<br /> + /67: lwp_unpark(65, 1) = 0 + </code></p></div> + + <p>Bağlantının kabul edilmesiyle, dinleyici evre isteği yerine getirmek + üzere bir worker evresini uyandırır. Bu izlemede, isteği yerine getiren + worker evresi HS #65'e aittir.</p> + + <div class="example"><p><code> + /65: getsockname(9, 0x00200BA4, 0x00200BC4, 1) = 0 + </code></p></div> + + <p>Sanal konakların gerçeklenimi sırasında, Apache'nin, bağlantıları + kabul etmek için kullanılan yerel soket adreslerini bilmesi gerekir. + Çoğu durumda bu çağrıyı bertaraf etmek mümkündür (hiç sanal konağın + olmadığı veya <code class="directive"><a href="../mod/mpm_common.html#listen">Listen</a></code> + yönergelerinin mutlak adreslerle kullanıldığı durumlarda). Fakat bu en + iyilemeleri yapmak için henüz bir çaba harcanmamıştır.</p> + + <div class="example"><p><code> + /65: brk(0x002170E8) = 0<br /> + /65: brk(0x002190E8) = 0 + </code></p></div> + + <p><code>brk(2)</code> çağrıları devingen bellekten bellek ayırır. httpd + çoğu isteği yerine getirirken özel bellek ayırıcılar + (<code>apr_pool</code> ve <code>apr_bucket_alloc</code>) kullandığından + bunlar bir sistem çağrısı izlemesinde nadiren görünür. Bu izlemede, + httpd henüz yeni başlatıldığından, özel bellek ayırıcıları oluşturmak + için ham bellek bloklarını ayırmak amacıyla <code>malloc(3)</code> + çağrıları yapması gerekir.</p> + + <div class="example"><p><code> +/65: fcntl(9, F_GETFL, 0x00000000) = 2<br /> +/65: fstat64(9, 0xFAF7B818) = 0<br /> +/65: getsockopt(9, 65535, 8192, 0xFAF7B918, 0xFAF7B910, 2190656) = 0<br /> +/65: fstat64(9, 0xFAF7B818) = 0<br /> +/65: getsockopt(9, 65535, 8192, 0xFAF7B918, 0xFAF7B914, 2190656) = 0<br /> +/65: setsockopt(9, 65535, 8192, 0xFAF7B918, 4, 2190656) = 0<br /> +/65: fcntl(9, F_SETFL, 0x00000082) = 0 + </code></p></div> + + <p>Ardından, worker evresi istemciye (dosya tanıtıcısı 9) engellenmeyen + kipte bir bağlantı açar. <code>setsockopt(2)</code> + ve <code>getsockopt(2)</code> çağrıları, Solaris libc'sinin soketler + üzerindeki <code>fcntl(2)</code> çağrısı yanında birer yan etkiden + ibarettirler.</p> + + <div class="example"><p><code> + /65: read(9, " G E T / 1 0 k . h t m".., 8000) = 97 + </code></p></div> + + <p>Worker evresi istemciden isteği okur.</p> + + <div class="example"><p><code> +/65: stat("/var/httpd/apache/httpd-8999/htdocs/10k.html", 0xFAF7B978) = 0<br /> +/65: open("/var/httpd/apache/httpd-8999/htdocs/10k.html", O_RDONLY) = 10 + </code></p></div> + + <p>Bu httpd <code>Options FollowSymLinks</code> ve <code>AllowOverride + None</code> ile yapılandırılmıştır. Bu bakımdan, ne istenen dosya ile + sonuçlanan yol üzerindeki her dizinde <code>lstat(2)</code> çağrısına ne + de <code>.htaccess</code> dosyalarına bakılmasına gerek vardır. + <code>stat(2)</code> çağrısı basitçe dosya için şunları doğrulamak + amacıyla yapılır: 1) dosya mevcuttur ve 2) bir dizin değil normal bir + dosyadır.</p> + + <div class="example"><p><code> + /65: sendfilev(0, 9, 0x00200F90, 2, 0xFAF7B53C) = 10269 + </code></p></div> + + <p>Bu örnekte, httpd, istenen dosyayı ve HTTP yanıt başlığını tek bir + <code>sendfilev(2)</code> sistem çağrısı ile göndermektedir. Dosya + gönderim işleminin anlamı sistemden sisteme değişiklik gösterir. Bazı + sistemlerde, <code>sendfile(2)</code> çağrısından önce başlıkları + göndermek için <code>write(2)</code> veya <code>writev(2)</code> + çağrısı yapmak gerekir.</p> + + <div class="example"><p><code> + /65: write(4, " 1 2 7 . 0 . 0 . 1 - ".., 78) = 78 + </code></p></div> + + <p>Bu <code>write(2)</code> çağrısı isteği erişim günlüğüne kaydeder. Bu + izlemede eksik olan tek şey, <code>time(2)</code> çağrısıdır. Apache + 1.3'ün aksine, Apache 2.x zamana bakmak için + <code>gettimeofday(3)</code> çağırısını kullanır. Linux ve Solaris gibi + bazı işletim sistemleri, <code>gettimeofday</code> işlevinin, sıradan + bir sistem çağrısından daha fazla götürüsü olmayan en iyilenmiş bir + gerçeklenimine sahiptir.</p> + + <div class="example"><p><code> + /65: shutdown(9, 1, 1) = 0<br /> + /65: poll(0xFAF7B980, 1, 2000) = 1<br /> + /65: read(9, 0xFAF7BC20, 512) = 0<br /> + /65: close(9) = 0 + </code></p></div> + + <p>Burada worker evresi bağlantıyı zamana yaymaktadır.</p> + + <div class="example"><p><code> + /65: close(10) = 0<br /> + /65: lwp_park(0x00000000, 0) (uykuda...) + </code></p></div> + + <p>Son olarak, worker evresi teslim edilen dosyayı kapattıktan sonra + dinleyici evre tarafından başka bir bağlantı atanıncaya kadar beklemeye + alınır.</p> + + <div class="example"><p><code> + /67: accept(3, 0x001FEB74, 0x001FEB94, 1) (uykuda...) + </code></p></div> + + <p>Bu arada, dinleyici evre bağlantıyı bir worker evresine atar atamaz + başka bir bağlantıyı beklemeye başlar (Mevcut tüm evreler meşgulse + dinleyici evreyi baskılayan worker MPM'nin akış denetim şemasına konu + olur). Bu izlemede görünmüyor olsa da sonraki <code>accept(2)</code> + çağrısı, yeni bağlantı kabul eden worker evresine paralel olarak + yapılabilir (aşırı yük durumlarında normal olarak, bu yapılır).</p> + + </div></div> +<div class="bottomlang"> +<p><span>Mevcut Diller: </span><a href="../en/misc/perf-tuning.html" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../ko/misc/perf-tuning.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> | +<a href="../tr/misc/perf-tuning.html" title="Türkçe"> tr </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br /><a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a> altında lisanslıdır.</p> +<p class="menu"><a href="../mod/">Modüller</a> | <a href="../mod/directives.html">Yönergeler</a> | <a href="../faq/">SSS</a> | <a href="../glossary.html">Terimler</a> | <a href="../sitemap.html">Site Haritası</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/relevant_standards.html b/rubbos/app/httpd-2.0.64/docs/manual/misc/relevant_standards.html new file mode 100644 index 00000000..0890a9e4 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/relevant_standards.html @@ -0,0 +1,9 @@ +# GENERATED FROM XML -- DO NOT EDIT + +URI: relevant_standards.html.en +Content-Language: en +Content-type: text/html; charset=ISO-8859-1 + +URI: relevant_standards.html.ko.euc-kr +Content-Language: ko +Content-type: text/html; charset=EUC-KR diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/relevant_standards.html.en b/rubbos/app/httpd-2.0.64/docs/manual/misc/relevant_standards.html.en new file mode 100644 index 00000000..2924d461 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/relevant_standards.html.en @@ -0,0 +1,199 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>Relevant Standards - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>Relevant Standards</h1> +<div class="toplang"> +<p><span>Available Languages: </span><a href="../en/misc/relevant_standards.html" title="English"> en </a> | +<a href="../ko/misc/relevant_standards.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p> +</div> + + <p>This page documents all the relevant standards that the + Apache HTTP Server follows, along with brief descriptions.</p> + + <p>In addition to the information listed below, the following resources + should be consulted:</p> + + <ul> + <li> + <a href="http://purl.org/NET/http-errata"> + http://purl.org/NET/http-errata</a> - HTTP/1.1 Specification Errata + </li> + <li> + <a href="http://www.rfc-editor.org/errata.html"> + http://www.rfc-editor.org/errata.html</a> - RFC Errata + </li> + <li> + <a href="http://ftp.ics.uci.edu/pub/ietf/http/#RFC"> + http://ftp.ics.uci.edu/pub/ietf/http/#RFC</a> - A pre-compiled list + of HTTP related RFCs + </li> + </ul> + + <div class="warning"><h3>Notice</h3> + <p>This document is not yet complete.</p> + </div> + + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#http_recommendations">HTTP Recommendations</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#html_recommendations">HTML Recommendations</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#authentication">Authentication</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#language_country_codes">Language/Country Codes</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="http_recommendations" id="http_recommendations">HTTP Recommendations</a></h2> + + <p>Regardless of what modules are compiled and used, Apache as a + basic web server complies with the following IETF recommendations:</p> + + <dl> + <dt><a href="http://www.rfc-editor.org/rfc/rfc1945.txt">RFC 1945</a> + (Informational)</dt> + + <dd>The Hypertext Transfer Protocol (HTTP) is an application-level + protocol with the lightness and speed necessary for distributed, + collaborative, hypermedia information systems. This documents + HTTP/1.0.</dd> + + <dt><a href="http://www.rfc-editor.org/rfc/rfc2616.txt">RFC 2616</a> + (Standards Track)</dt> + + <dd>The Hypertext Transfer Protocol (HTTP) is an + application-level protocol for distributed, collaborative, + hypermedia information systems. This documents HTTP/1.1.</dd> + + <dt><a href="http://www.rfc-editor.org/rfc/rfc2396.txt">RFC 2396</a> + (Standards Track)</dt> + + <dd>A Uniform Resource Identifier (URI) is a compact string of + characters for identifying an abstract or physical resource.</dd> + </dl> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="html_recommendations" id="html_recommendations">HTML Recommendations</a></h2> + + <p>Regarding the Hypertext Markup Language, Apache complies with + the following IETF and W3C recommendations:</p> + + <dl> + <dt><a href="http://www.rfc-editor.org/rfc/rfc2854.txt">RFC 2854</a> + (Informational)</dt> + + <dd>This document summarizes the history of HTML development, + and defines the "text/html" MIME type by pointing to the relevant + W3C recommendations.</dd> + + <dt><a href="http://www.w3.org/TR/html401">HTML 4.01 Specification</a> + (<a href="http://www.w3.org/MarkUp/html4-updates/errata">Errata</a>) + </dt> + + <dd>This specification defines the HyperText Markup Language (HTML), + the publishing language of the World Wide Web. This specification + defines HTML 4.01, which is a subversion of HTML 4.</dd> + + <dt><a href="http://www.w3.org/TR/REC-html32">HTML 3.2 Reference + Specification</a></dt> + + <dd>The HyperText Markup Language (HTML) is a simple markup language + used to create hypertext documents that are portable from one + platform to another. HTML documents are SGML documents.</dd> + + <dt><a href="http://www.w3.org/TR/xhtml11/">XHTML 1.1 - + Module-based XHTML</a> + (<a href="http://www.w3.org/2001/04/REC-xhtml-modularization-20010410-errata">Errata</a>) + </dt> + + <dd>This Recommendation defines a new XHTML document type + that is based upon the module framework and modules defined in + Modularization of XHTML.</dd> + + <dt><a href="http://www.w3.org/TR/xhtml1">XHTML 1.0 The + Extensible HyperText Markup Language (Second Edition)</a> + (<a href="http://www.w3.org/2002/08/REC-xhtml1-20020801-errata">Errata</a>) + </dt> + + <dd>This specification defines the Second Edition of XHTML 1.0, + a reformulation of HTML 4 as an XML 1.0 application, and three + DTDs corresponding to the ones defined by HTML 4.</dd> + </dl> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="authentication" id="authentication">Authentication</a></h2> + + <p>Concerning the different methods of authentication, Apache + follows the following IETF recommendations:</p> + + <dl> + <dt><a href="http://www.rfc-editor.org/rfc/rfc2617.txt">RFC 2617</a> + (Draft standard)</dt> + + <dd>"HTTP/1.0", includes the specification for a Basic + Access Authentication scheme.</dd> + + </dl> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="language_country_codes" id="language_country_codes">Language/Country Codes</a></h2> + + <p>The following links document ISO and other language and country + code information:</p> + + <dl> + <dt><a href="http://www.loc.gov/standards/iso639-2/">ISO 639-2</a></dt> + + <dd>ISO 639 provides two sets of language codes, one as a two-letter + code set (639-1) and another as a three-letter code set (this part + of ISO 639) for the representation of names of languages.</dd> + + <dt><a href="http://www.iso.ch/iso/en/prods-services/iso3166ma/02iso-3166-code-lists/index.html"> + ISO 3166-1</a></dt> + + <dd>These pages document the country names (official short names + in English) in alphabetical order as given in ISO 3166-1 and the + corresponding ISO 3166-1-alpha-2 code elements.</dd> + + <dt><a href="http://www.rfc-editor.org/rfc/bcp/bcp47.txt">BCP 47</a> + (Best Current Practice), + <a href="http://www.rfc-editor.org/rfc/rfc3066.txt">RFC 3066</a></dt> + + <dd>This document describes a language tag for use in cases where + it is desired to indicate the language used in an information + object, how to register values for use in this language tag, + and a construct for matching such language tags.</dd> + + <dt><a href="http://www.rfc-editor.org/rfc/rfc3282.txt">RFC 3282</a> + (Standards Track)</dt> + + <dd>This document defines a "Content-language:" header, for use in + cases where one desires to indicate the language of something that + has RFC 822-like headers, like MIME body parts or Web documents, + and an "Accept-Language:" header for use in cases where one wishes + to indicate one's preferences with regard to language.</dd> + </dl> + + </div></div> +<div class="bottomlang"> +<p><span>Available Languages: </span><a href="../en/misc/relevant_standards.html" title="English"> en </a> | +<a href="../ko/misc/relevant_standards.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/relevant_standards.html.ko.euc-kr b/rubbos/app/httpd-2.0.64/docs/manual/misc/relevant_standards.html.ko.euc-kr new file mode 100644 index 00000000..acbccb9d --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/relevant_standards.html.ko.euc-kr @@ -0,0 +1,191 @@ +<?xml version="1.0" encoding="EUC-KR"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="ko" xml:lang="ko"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>°ü·Ã Ç¥ÁØ - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">¸ðµâ</a> | <a href="../mod/directives.html">Áö½Ã¾îµé</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">¿ë¾î</a> | <a href="../sitemap.html">»çÀÌÆ®¸Ê</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>°ü·Ã Ç¥ÁØ</h1> +<div class="toplang"> +<p><span>°¡´ÉÇÑ ¾ð¾î: </span><a href="../en/misc/relevant_standards.html" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../ko/misc/relevant_standards.html" title="Korean"> ko </a></p> +</div> + + <p>ÀÌ ¹®¼¿¡´Â °£´ÜÇÑ ¼³¸í°ú ÇÔ²² ¾ÆÆÄÄ¡ À¥¼¹ö°¡ µû¸£´Â + ¸ðµç °ü·Ã Ç¥ÁØÀ» ¿°ÅÇÑ´Ù.</p> + + <p>¾Æ·¡ Á¤º¸¿¡ ´õÇÏ¿© ´ÙÀ½ ÀÚ·áµµ »ìÆìºÁ¾ß ÇÑ´Ù:</p> + + <ul> + <li> + <a href="http://purl.org/NET/http-errata"> + http://purl.org/NET/http-errata</a> - HTTP/1.1 ±Ô¾à + Á¤¿ÀÇ¥ + </li> + <li> + <a href="http://www.rfc-editor.org/errata.html"> + http://www.rfc-editor.org/errata.html</a> - RFC Á¤¿ÀÇ¥ + </li> + <li> + <a href="http://ftp.ics.uci.edu/pub/ietf/http/#RFC"> + http://ftp.ics.uci.edu/pub/ietf/http/#RFC</a> - HTTP + °ü·Ã RFC ¸ñ·Ï + </li> + </ul> + + <div class="warning"><h3>ÁÖÀÇ</h3> + <p>ÀÌ ¹®¼´Â ¾ÆÁ÷ ¿ÏÀüÇÏÁö ¾Ê´Ù.</p> + </div> + + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#http_recommendations">HTTP ±Ç°í</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#html_recommendations">HTML ±Ç°í</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#authentication">ÀÎÁõ</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#language_country_codes">¾ð¾î/±¹°¡ ÄÚµå</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="http_recommendations" id="http_recommendations">HTTP ±Ç°í</a></h2> + + <p>¾î¶² ¸ðµâÀ» ÄÄÆÄÀÏÇÏ°í »ç¿ëÇÏ´ÂÁö¿Í °ü°è¾øÀÌ ±âº»ÀûÀ¸·Î + À¥¼¹öÀÎ ¾ÆÆÄÄ¡´Â ´ÙÀ½ IETF ±Ç°í(recommendation)¸¦ µû¸¥´Ù:</p> + + <dl> + <dt><a href="http://www.rfc-editor.org/rfc/rfc1945.txt">RFC 1945</a> + (Informational)</dt> + + <dd>ÇÏÀÌÆÛÅؽºÆ® Àü¼Û ÇÁ·ÎÅäÄÝ (Hypertext Transfer Protocol, + HTTP)Àº ºÐ»ê, Çùµ¿, ÇÏÀÌÆÛ¸Åü Á¤º¸ ½Ã½ºÅÛ¿¡ ÇÊ¿äÇÑ ºü¸£°í + °¡º¿î ¾îÇø®ÄÉÀÌ¼Ç ¼öÁØ(application-level) ÇÁ·ÎÅäÄÝÀÌ´Ù. + ÀÌ ¹®¼´Â HTTP/1.0À» ¼³¸íÇÑ´Ù.</dd> + + <dt><a href="http://www.rfc-editor.org/rfc/rfc2616.txt">RFC 2616</a> + (Standards Track)</dt> + + <dd>ÇÏÀÌÆÛÅؽºÆ® Àü¼Û ÇÁ·ÎÅäÄÝ (Hypertext Transfer Protocol, + HTTP)Àº ºÐ»ê, Çùµ¿, ÇÏÀÌÆÛ¸Åü Á¤º¸ ½Ã½ºÅÛÀ» À§ÇÑ ¾îÇø®ÄÉÀÌ¼Ç + ¼öÁØ ÇÁ·ÎÅäÄÝÀÌ´Ù. ÀÌ ¹®¼´Â HTTP/1.1À» ¼³¸íÇÑ´Ù.</dd> + + <dt><a href="http://www.rfc-editor.org/rfc/rfc2396.txt">RFC 2396</a> + (Standards Track)</dt> + + <dd>Ç¥ÁØ ÀÚ¿ø ½Äº°ÀÚ (Uniform Resource Identifier, URI)´Â + Ãß»óÀû ȤÀº ¹°¸®Àû ÀÚ¿øÀ» ½Äº°ÇϱâÀ§ÇÑ ÂªÀº ¹®ÀÚ¿ÀÌ´Ù.</dd> + </dl> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="html_recommendations" id="html_recommendations">HTML ±Ç°í</a></h2> + + <p>ÇÏÀÌÆÛÅؽºÆ® ¸¶Å©¾÷ ¾ð¾î (Hypertext Markup Language, + HTML)¿Í °ü·ÃÇÏ¿© ¾ÆÆÄÄ¡´Â ´ÙÀ½ IETF ±Ç°í¿Í W3C ±Ç°í¸¦ µû¸¥´Ù:</p> + + <dl> + <dt><a href="http://www.rfc-editor.org/rfc/rfc2854.txt">RFC 2854</a> + (Informational)</dt> + + <dd>ÀÌ ¹®¼´Â HTML °³¹ß°úÁ¤À» ¿ä¾àÇÏ°í, °ü·Ã W3C ±Ç°í¸¦ + ±â¹ÝÀ¸·Î "text/html" MIME typeÀ» Á¤ÀÇÇÑ´Ù.</dd> + + <dt><a href="http://www.w3.org/TR/html401">HTML 4.01 ±Ô¾à</a> + (<a href="http://www.w3.org/MarkUp/html4-updates/errata">Errata</a>) + </dt> + + <dd>ÀÌ ±Ô¾àÀº ¿ùµå¿ÍÀ̵åÀ¥ÀÇ ÃâÆǾð¾îÀÎ ÇÏÀÌÆÛÅؽºÆ® ¸¶Å©¾÷ + ¾ð¾î (Hypertext Markup Language, HTML)¸¦ Á¤ÀÇÇÑ´Ù. ÀÌ + ±Ô¾àÀº HTML 4ÀÇ ÇÏÀ§¹öÀüÀÎ HTML 4.01À» Á¤ÀÇÇÑ´Ù.</dd> + + <dt><a href="http://www.w3.org/TR/REC-html32">HTML 3.2 Âü°í ±Ô¾à</a></dt> + + <dd>ÇÏÀÌÆÛÅؽºÆ® ¸¶Å©¾÷ ¾ð¾î (Hypertext Markup Language, + HTML)´Â Ç÷¡Æû°ú ¹«°üÇÑ ÇÏÀÌÆÛÅؽºÆ® ¹®¼¸¦ À§ÇÑ °£´ÜÇÑ + ¸¶Å©¾÷ ¾ð¾îÀÌ´Ù. HTML ¹®¼´Â SGML ¹®¼À̱⵵ ÇÏ´Ù.</dd> + + <dt><a href="http://www.w3.org/TR/xhtml11/">XHTML 1.1 - + ¸ðµâ±â¹Ý XHTML</a> + (<a href="http://www.w3.org/2001/04/REC-xhtml-modularization-20010410-errata">Á¤¿ÀÇ¥</a>) + </dt> + + <dd>ÀÌ ±Ç°í´Â Modularization of XHTML¿¡¼ Á¤ÀÇÇÑ ¸ðµâ + Ç÷¹ÀÓ¿öÅ©¿Í ¸ðµâµéÀ» ±â¹ÝÀ¸·Î »õ·Î¿î XHTML document typeÀ» + Á¤ÀÇÇÑ´Ù.</dd> + + <dt><a href="http://www.w3.org/TR/xhtml1">XHTML 1.0 + È®Àå ÇÏÀÌÆÛÅؽºÆ® ¸¶Å©¾÷ ¾ð¾î (Extensible HyperText Markup + Language) (Second Edition)</a> + (<a href="http://www.w3.org/2002/08/REC-xhtml1-20020801-errata">Á¤¿ÀÇ¥</a>) + </dt> + + <dd>ÀÌ ¹®¼´Â HTML 4¸¦ XML 1.0À¸·Î À籸¼ºÇÑ XHTML 1.0ÀÇ + µÎ¹ø° ¹öÀü°ú HTML 4¿¡ ÇØ´çÇÏ´Â ¼¼°¡Áö DTD¸¦ Á¤ÀÇÇÑ´Ù.</dd> + </dl> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="authentication" id="authentication">ÀÎÁõ</a></h2> + + <p>ÀÎÁõ¹æ¹ý¿¡ ´ëÇØ ¾ÆÆÄÄ¡´Â ´ÙÀ½ IETF ±Ç°í¸¦ µû¸¥´Ù:</p> + + <dl> + <dt><a href="http://www.rfc-editor.org/rfc/rfc2617.txt">RFC 2617</a> + (Draft standard)</dt> + + <dd>Basic Access Authentication ±Ô¾àÀ» Æ÷ÇÔÇÑ "HTTP/1.0".</dd> + + </dl> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="language_country_codes" id="language_country_codes">¾ð¾î/±¹°¡ ÄÚµå</a></h2> + + <p>¾Æ·¡ ¸µÅ©¿¡ ISO¿Í ´Ù¸¥ ¾ð¾î/±¹°¡ ÄÚµå Á¤º¸°¡ ÀÖ´Ù:</p> + + <dl> + <dt><a href="http://www.loc.gov/standards/iso639-2/">ISO 639-2</a></dt> + + <dd>ISO 639´Â ¾ð¾îÀÇ À̸§À» ³ªÅ¸³»´Â µÎ°¡Áö ¾ð¾î Äڵ带 + Á¦°øÇÑ´Ù. Çϳª´Â (639-1) µÎ ±ÛÀÚ ÄÚµåÀÌ°í ´Ù¸¥ Çϳª´Â + (ÀÌ ¹®¼) ¼¼ ±ÛÀÚ ÄÚµåÀÌ´Ù.</dd> + + <dt><a href="http://www.iso.ch/iso/en/prods-services/iso3166ma/02iso-3166-code-lists/index.html"> + ISO 3166-1</a></dt> + + <dd>ÀÌ ¹®¼´Â ISO 3166-1°ú ISO 3166-1-alpha-2 Äڵ忡 µû¶ó + ¾ËÆĺª ¼ø¼·Î (¿µ¾î·Î ªÀº °ø½ÄÀ̸§) ±¹°¡¸íÀ» ¿°ÅÇÑ´Ù.</dd> + + <dt><a href="http://www.rfc-editor.org/rfc/bcp/bcp47.txt">BCP 47</a> + (Best Current Practice), + <a href="http://www.rfc-editor.org/rfc/rfc3066.txt">RFC 3066</a></dt> + + <dd>ÀÌ ¹®¼´Â Á¤º¸ °´Ã¼¿¡ »ç¿ëÇÑ ¾ð¾î¸¦ ¾Ë¸®±âÀ§ÇØ »ç¿ëÇÒ + ¾ð¾î ÅÂ±×¿Í ¾ð¾î ű׿¡ »ç¿ëÇÒ °ªÀ» µî·ÏÇÏ´Â ¹æ¹ý, ¾ð¾î + ű׸¦ ã´Â ¹æ½ÄÀ» ¼³¸íÇÑ´Ù.</dd> + + <dt><a href="http://www.rfc-editor.org/rfc/rfc3282.txt">RFC 3282</a> + (Standards Track)</dt> + + <dd>ÀÌ ¹®¼´Â MIME ³»¿ë ºÎºÐ°ú À¥ ¹®¼¿Í °°Àº RFC 822½Ä + Çì´õ°¡ ÀÖ´Â Á¤º¸ÀÇ ¾ð¾î¸¦ ¾Ë¸®±âÀ§ÇÑ "Content-language:" + Çì´õ¿Í, ¼±È£ÇÏ´Â ¾ð¾î¸¦ ³ªÅ¸³»´Â "Accept-Language:" Çì´õ¸¦ + Á¤ÀÇÇÑ´Ù.</dd> + </dl> + + </div></div> +<div class="bottomlang"> +<p><span>°¡´ÉÇÑ ¾ð¾î: </span><a href="../en/misc/relevant_standards.html" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../ko/misc/relevant_standards.html" title="Korean"> ko </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">¸ðµâ</a> | <a href="../mod/directives.html">Áö½Ã¾îµé</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">¿ë¾î</a> | <a href="../sitemap.html">»çÀÌÆ®¸Ê</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/rewriteguide.html b/rubbos/app/httpd-2.0.64/docs/manual/misc/rewriteguide.html new file mode 100644 index 00000000..e58a64eb --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/rewriteguide.html @@ -0,0 +1,9 @@ +# GENERATED FROM XML -- DO NOT EDIT + +URI: rewriteguide.html.en +Content-Language: en +Content-type: text/html; charset=ISO-8859-1 + +URI: rewriteguide.html.ko.euc-kr +Content-Language: ko +Content-type: text/html; charset=EUC-KR diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/rewriteguide.html.en b/rubbos/app/httpd-2.0.64/docs/manual/misc/rewriteguide.html.en new file mode 100644 index 00000000..733f48bd --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/rewriteguide.html.en @@ -0,0 +1,2110 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>URL Rewriting Guide - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>URL Rewriting Guide</h1> +<div class="toplang"> +<p><span>Available Languages: </span><a href="../en/misc/rewriteguide.html" title="English"> en </a> | +<a href="../ko/misc/rewriteguide.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p> +</div> + + <div class="note"> + <p>Originally written by<br /> + <cite>Ralf S. Engelschall <rse@apache.org></cite><br /> + December 1997</p> + </div> + + <p>This document supplements the <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> + <a href="../mod/mod_rewrite.html">reference documentation</a>. + It describes how one can use Apache's <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> + to solve typical URL-based problems with which webmasters are + commonony confronted. We give detailed descriptions on how to + solve each problem by configuring URL rewriting rulesets.</p> + + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#ToC1">Introduction to <code>mod_rewrite</code></a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#ToC2">Practical Solutions</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#url">URL Layout</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#content">Content Handling</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#access">Access Restriction</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#other">Other</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="ToC1" id="ToC1">Introduction to <code>mod_rewrite</code></a></h2> + + + + <p>The Apache module <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> is a killer + one, i.e. it is a really sophisticated module which provides + a powerful way to do URL manipulations. With it you can do nearly + all types of URL manipulations you ever dreamed about. + The price you have to pay is to accept complexity, because + <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>'s major drawback is that it is + not easy to understand and use for the beginner. And even + Apache experts sometimes discover new aspects where + <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> can help.</p> + + <p>In other words: With <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> you either + shoot yourself in the foot the first time and never use it again + or love it for the rest of your life because of its power. + This paper tries to give you a few initial success events to + avoid the first case by presenting already invented solutions + to you.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="ToC2" id="ToC2">Practical Solutions</a></h2> + + + + <p>Here come a lot of practical solutions I've either invented + myself or collected from other people's solutions in the past. + Feel free to learn the black magic of URL rewriting from + these examples.</p> + + <div class="warning">ATTENTION: Depending on your server-configuration + it can be necessary to slightly change the examples for your + situation, e.g. adding the <code>[PT]</code> flag when + additionally using <code class="module"><a href="../mod/mod_alias.html">mod_alias</a></code> and + <code class="module"><a href="../mod/mod_userdir.html">mod_userdir</a></code>, etc. Or rewriting a ruleset + to fit in <code>.htaccess</code> context instead + of per-server context. Always try to understand what a + particular ruleset really does before you use it. It + avoid problems.</div> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="url" id="url">URL Layout</a></h2> + + + + <h3>Canonical URLs</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>On some webservers there are more than one URL for a + resource. Usually there are canonical URLs (which should be + actually used and distributed) and those which are just + shortcuts, internal ones, etc. Independent of which URL the + user supplied with the request he should finally see the + canonical one only.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We do an external HTTP redirect for all non-canonical + URLs to fix them in the location view of the Browser and + for all subsequent requests. In the example ruleset below + we replace <code>/~user</code> by the canonical + <code>/u/user</code> and fix a missing trailing slash for + <code>/u/user</code>.</p> + +<div class="example"><pre> +RewriteRule ^/<strong>~</strong>([^/]+)/?(.*) /<strong>u</strong>/$1/$2 [<strong>R</strong>] +RewriteRule ^/([uge])/(<strong>[^/]+</strong>)$ /$1/$2<strong>/</strong> [<strong>R</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>Canonical Hostnames</h3> + + + + <dl> + <dt>Description:</dt> + + <dd>The goal of this rule is to force the use of a particular + hostname, in preference to other hostnames which may be used to + reach the same site. For example, if you wish to force the use + of <strong>www.example.com</strong> instead of + <strong>example.com</strong>, you might use a variant of the + following recipe.</dd> + + <dt>Solution:</dt> + + <dd> +<div class="example"><pre> +# For sites running on a port other than 80 +RewriteCond %{HTTP_HOST} !^www\.example\.com [NC] +RewriteCond %{HTTP_HOST} !^$ +RewriteCond %{SERVER_PORT} !^80$ +RewriteRule ^/(.*) http://www.example.com:%{SERVER_PORT}/$1 [L,R] + +# And for a site running on port 80 +RewriteCond %{HTTP_HOST} !^www\.example\.com [NC] +RewriteCond %{HTTP_HOST} !^$ +RewriteRule ^/(.*) http://www.example.com/$1 [L,R] +</pre></div> + </dd> + </dl> + + + + <h3>Moved <code>DocumentRoot</code></h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Usually the <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> + of the webserver directly relates to the URL "<code>/</code>". + But often this data is not really of top-level priority, it is + perhaps just one entity of a lot of data pools. For instance at + our Intranet sites there are <code>/e/www/</code> + (the homepage for WWW), <code>/e/sww/</code> (the homepage for + the Intranet) etc. Now because the data of the <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> stays at <code>/e/www/</code> we had + to make sure that all inlined images and other stuff inside this + data pool work for subsequent requests.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We redirect the URL <code>/</code> to + <code>/e/www/</code>: + </p> + +<div class="example"><pre> +RewriteEngine on +RewriteRule <strong>^/$</strong> /e/www/ [<strong>R</strong>] +</pre></div> + + <p>Note that this can also be handled using the <code class="directive"><a href="../mod/mod_alias.html#redirectmatch">RedirectMatch</a></code> directive:</p> + + <div class="example"><p><code> + RedirectMatch ^/$ http://example.com/e/www/ + </code></p></div> + </dd> + </dl> + + + + <h3>Trailing Slash Problem</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Every webmaster can sing a song about the problem of + the trailing slash on URLs referencing directories. If they + are missing, the server dumps an error, because if you say + <code>/~quux/foo</code> instead of <code>/~quux/foo/</code> + then the server searches for a <em>file</em> named + <code>foo</code>. And because this file is a directory it + complains. Actually it tries to fix it itself in most of + the cases, but sometimes this mechanism need to be emulated + by you. For instance after you have done a lot of + complicated URL rewritings to CGI scripts etc.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>The solution to this subtle problem is to let the server + add the trailing slash automatically. To do this + correctly we have to use an external redirect, so the + browser correctly requests subsequent images etc. If we + only did a internal rewrite, this would only work for the + directory page, but would go wrong when any images are + included into this page with relative URLs, because the + browser would request an in-lined object. For instance, a + request for <code>image.gif</code> in + <code>/~quux/foo/index.html</code> would become + <code>/~quux/image.gif</code> without the external + redirect!</p> + + <p>So, to do this trick we write:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteRule ^foo<strong>$</strong> foo<strong>/</strong> [<strong>R</strong>] +</pre></div> + + <p>The crazy and lazy can even do the following in the + top-level <code>.htaccess</code> file of their homedir. + But notice that this creates some processing + overhead.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteCond %{REQUEST_FILENAME} <strong>-d</strong> +RewriteRule ^(.+<strong>[^/]</strong>)$ $1<strong>/</strong> [R] +</pre></div> + </dd> + </dl> + + + + <h3>Webcluster through Homogeneous URL Layout</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>We want to create a homogeneous and consistent URL + layout over all WWW servers on a Intranet webcluster, i.e. + all URLs (per definition server local and thus server + dependent!) become actually server <em>independent</em>! + What we want is to give the WWW namespace a consistent + server-independent layout: no URL should have to include + any physically correct target server. The cluster itself + should drive us automatically to the physical target + host.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>First, the knowledge of the target servers come from + (distributed) external maps which contain information + where our users, groups and entities stay. The have the + form</p> + +<div class="example"><pre> +user1 server_of_user1 +user2 server_of_user2 +: : +</pre></div> + + <p>We put them into files <code>map.xxx-to-host</code>. + Second we need to instruct all servers to redirect URLs + of the forms</p> + +<div class="example"><pre> +/u/user/anypath +/g/group/anypath +/e/entity/anypath +</pre></div> + + <p>to</p> + +<div class="example"><pre> +http://physical-host/u/user/anypath +http://physical-host/g/group/anypath +http://physical-host/e/entity/anypath +</pre></div> + + <p>when the URL is not locally valid to a server. The + following ruleset does this for us by the help of the map + files (assuming that server0 is a default server which + will be used if a user has no entry in the map):</p> + +<div class="example"><pre> +RewriteEngine on + +RewriteMap user-to-host txt:/path/to/map.user-to-host +RewriteMap group-to-host txt:/path/to/map.group-to-host +RewriteMap entity-to-host txt:/path/to/map.entity-to-host + +RewriteRule ^/u/<strong>([^/]+)</strong>/?(.*) http://<strong>${user-to-host:$1|server0}</strong>/u/$1/$2 +RewriteRule ^/g/<strong>([^/]+)</strong>/?(.*) http://<strong>${group-to-host:$1|server0}</strong>/g/$1/$2 +RewriteRule ^/e/<strong>([^/]+)</strong>/?(.*) http://<strong>${entity-to-host:$1|server0}</strong>/e/$1/$2 + +RewriteRule ^/([uge])/([^/]+)/?$ /$1/$2/.www/ +RewriteRule ^/([uge])/([^/]+)/([^.]+.+) /$1/$2/.www/$3\ +</pre></div> + </dd> + </dl> + + + + <h3>Move Homedirs to Different Webserver</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Many webmasters have asked for a solution to the + following situation: They wanted to redirect just all + homedirs on a webserver to another webserver. They usually + need such things when establishing a newer webserver which + will replace the old one over time.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>The solution is trivial with <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>. + On the old webserver we just redirect all + <code>/~user/anypath</code> URLs to + <code>http://newserver/~user/anypath</code>.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteRule ^/~(.+) http://<strong>newserver</strong>/~$1 [R,L] +</pre></div> + </dd> + </dl> + + + + <h3>Structured Homedirs</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Some sites with thousands of users usually use a + structured homedir layout, i.e. each homedir is in a + subdirectory which begins for instance with the first + character of the username. So, <code>/~foo/anypath</code> + is <code>/home/<strong>f</strong>/foo/.www/anypath</code> + while <code>/~bar/anypath</code> is + <code>/home/<strong>b</strong>/bar/.www/anypath</code>.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We use the following ruleset to expand the tilde URLs + into exactly the above layout.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteRule ^/~(<strong>([a-z])</strong>[a-z0-9]+)(.*) /home/<strong>$2</strong>/$1/.www$3 +</pre></div> + </dd> + </dl> + + + + <h3>Filesystem Reorganization</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>This really is a hardcore example: a killer application + which heavily uses per-directory + <code>RewriteRules</code> to get a smooth look and feel + on the Web while its data structure is never touched or + adjusted. Background: <strong><em>net.sw</em></strong> is + my archive of freely available Unix software packages, + which I started to collect in 1992. It is both my hobby + and job to to this, because while I'm studying computer + science I have also worked for many years as a system and + network administrator in my spare time. Every week I need + some sort of software so I created a deep hierarchy of + directories where I stored the packages:</p> + +<div class="example"><pre> +drwxrwxr-x 2 netsw users 512 Aug 3 18:39 Audio/ +drwxrwxr-x 2 netsw users 512 Jul 9 14:37 Benchmark/ +drwxrwxr-x 12 netsw users 512 Jul 9 00:34 Crypto/ +drwxrwxr-x 5 netsw users 512 Jul 9 00:41 Database/ +drwxrwxr-x 4 netsw users 512 Jul 30 19:25 Dicts/ +drwxrwxr-x 10 netsw users 512 Jul 9 01:54 Graphic/ +drwxrwxr-x 5 netsw users 512 Jul 9 01:58 Hackers/ +drwxrwxr-x 8 netsw users 512 Jul 9 03:19 InfoSys/ +drwxrwxr-x 3 netsw users 512 Jul 9 03:21 Math/ +drwxrwxr-x 3 netsw users 512 Jul 9 03:24 Misc/ +drwxrwxr-x 9 netsw users 512 Aug 1 16:33 Network/ +drwxrwxr-x 2 netsw users 512 Jul 9 05:53 Office/ +drwxrwxr-x 7 netsw users 512 Jul 9 09:24 SoftEng/ +drwxrwxr-x 7 netsw users 512 Jul 9 12:17 System/ +drwxrwxr-x 12 netsw users 512 Aug 3 20:15 Typesetting/ +drwxrwxr-x 10 netsw users 512 Jul 9 14:08 X11/ +</pre></div> + + <p>In July 1996 I decided to make this archive public to + the world via a nice Web interface. "Nice" means that I + wanted to offer an interface where you can browse + directly through the archive hierarchy. And "nice" means + that I didn't wanted to change anything inside this + hierarchy - not even by putting some CGI scripts at the + top of it. Why? Because the above structure should be + later accessible via FTP as well, and I didn't want any + Web or CGI stuff to be there.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>The solution has two parts: The first is a set of CGI + scripts which create all the pages at all directory + levels on-the-fly. I put them under + <code>/e/netsw/.www/</code> as follows:</p> + +<div class="example"><pre> +-rw-r--r-- 1 netsw users 1318 Aug 1 18:10 .wwwacl +drwxr-xr-x 18 netsw users 512 Aug 5 15:51 DATA/ +-rw-rw-rw- 1 netsw users 372982 Aug 5 16:35 LOGFILE +-rw-r--r-- 1 netsw users 659 Aug 4 09:27 TODO +-rw-r--r-- 1 netsw users 5697 Aug 1 18:01 netsw-about.html +-rwxr-xr-x 1 netsw users 579 Aug 2 10:33 netsw-access.pl +-rwxr-xr-x 1 netsw users 1532 Aug 1 17:35 netsw-changes.cgi +-rwxr-xr-x 1 netsw users 2866 Aug 5 14:49 netsw-home.cgi +drwxr-xr-x 2 netsw users 512 Jul 8 23:47 netsw-img/ +-rwxr-xr-x 1 netsw users 24050 Aug 5 15:49 netsw-lsdir.cgi +-rwxr-xr-x 1 netsw users 1589 Aug 3 18:43 netsw-search.cgi +-rwxr-xr-x 1 netsw users 1885 Aug 1 17:41 netsw-tree.cgi +-rw-r--r-- 1 netsw users 234 Jul 30 16:35 netsw-unlimit.lst +</pre></div> + + <p>The <code>DATA/</code> subdirectory holds the above + directory structure, i.e. the real + <strong><em>net.sw</em></strong> stuff and gets + automatically updated via <code>rdist</code> from time to + time. The second part of the problem remains: how to link + these two structures together into one smooth-looking URL + tree? We want to hide the <code>DATA/</code> directory + from the user while running the appropriate CGI scripts + for the various URLs. Here is the solution: first I put + the following into the per-directory configuration file + in the <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> + of the server to rewrite the announced URL + <code>/net.sw/</code> to the internal path + <code>/e/netsw</code>:</p> + +<div class="example"><pre> +RewriteRule ^net.sw$ net.sw/ [R] +RewriteRule ^net.sw/(.*)$ e/netsw/$1 +</pre></div> + + <p>The first rule is for requests which miss the trailing + slash! The second rule does the real thing. And then + comes the killer configuration which stays in the + per-directory config file + <code>/e/netsw/.www/.wwwacl</code>:</p> + +<div class="example"><pre> +Options ExecCGI FollowSymLinks Includes MultiViews + +RewriteEngine on + +# we are reached via /net.sw/ prefix +RewriteBase /net.sw/ + +# first we rewrite the root dir to +# the handling cgi script +RewriteRule ^$ netsw-home.cgi [L] +RewriteRule ^index\.html$ netsw-home.cgi [L] + +# strip out the subdirs when +# the browser requests us from perdir pages +RewriteRule ^.+/(netsw-[^/]+/.+)$ $1 [L] + +# and now break the rewriting for local files +RewriteRule ^netsw-home\.cgi.* - [L] +RewriteRule ^netsw-changes\.cgi.* - [L] +RewriteRule ^netsw-search\.cgi.* - [L] +RewriteRule ^netsw-tree\.cgi$ - [L] +RewriteRule ^netsw-about\.html$ - [L] +RewriteRule ^netsw-img/.*$ - [L] + +# anything else is a subdir which gets handled +# by another cgi script +RewriteRule !^netsw-lsdir\.cgi.* - [C] +RewriteRule (.*) netsw-lsdir.cgi/$1 +</pre></div> + + <p>Some hints for interpretation:</p> + + <ol> + <li>Notice the <code>L</code> (last) flag and no + substitution field ('<code>-</code>') in the forth part</li> + + <li>Notice the <code>!</code> (not) character and + the <code>C</code> (chain) flag at the first rule + in the last part</li> + + <li>Notice the catch-all pattern in the last rule</li> + </ol> + </dd> + </dl> + + + + <h3>NCSA imagemap to Apache <code>mod_imap</code></h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>When switching from the NCSA webserver to the more + modern Apache webserver a lot of people want a smooth + transition. So they want pages which use their old NCSA + <code>imagemap</code> program to work under Apache with the + modern <code class="module"><a href="../mod/mod_imap.html">mod_imap</a></code>. The problem is that there + are a lot of hyperlinks around which reference the + <code>imagemap</code> program via + <code>/cgi-bin/imagemap/path/to/page.map</code>. Under + Apache this has to read just + <code>/path/to/page.map</code>.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We use a global rule to remove the prefix on-the-fly for + all requests:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteRule ^/cgi-bin/imagemap(.*) $1 [PT] +</pre></div> + </dd> + </dl> + + + + <h3>Search pages in more than one directory</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Sometimes it is necessary to let the webserver search + for pages in more than one directory. Here MultiViews or + other techniques cannot help.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We program a explicit ruleset which searches for the + files in the directories.</p> + +<div class="example"><pre> +RewriteEngine on + +# first try to find it in custom/... +# ...and if found stop and be happy: +RewriteCond /your/docroot/<strong>dir1</strong>/%{REQUEST_FILENAME} -f +RewriteRule ^(.+) /your/docroot/<strong>dir1</strong>/$1 [L] + +# second try to find it in pub/... +# ...and if found stop and be happy: +RewriteCond /your/docroot/<strong>dir2</strong>/%{REQUEST_FILENAME} -f +RewriteRule ^(.+) /your/docroot/<strong>dir2</strong>/$1 [L] + +# else go on for other Alias or ScriptAlias directives, +# etc. +RewriteRule ^(.+) - [PT] +</pre></div> + </dd> + </dl> + + + + <h3>Set Environment Variables According To URL Parts</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Perhaps you want to keep status information between + requests and use the URL to encode it. But you don't want + to use a CGI wrapper for all pages just to strip out this + information.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We use a rewrite rule to strip out the status information + and remember it via an environment variable which can be + later dereferenced from within XSSI or CGI. This way a + URL <code>/foo/S=java/bar/</code> gets translated to + <code>/foo/bar/</code> and the environment variable named + <code>STATUS</code> is set to the value "java".</p> + +<div class="example"><pre> +RewriteEngine on +RewriteRule ^(.*)/<strong>S=([^/]+)</strong>/(.*) $1/$3 [E=<strong>STATUS:$2</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>Virtual User Hosts</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Assume that you want to provide + <code>www.<strong>username</strong>.host.domain.com</code> + for the homepage of username via just DNS A records to the + same machine and without any virtualhosts on this + machine.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>For HTTP/1.0 requests there is no solution, but for + HTTP/1.1 requests which contain a Host: HTTP header we + can use the following ruleset to rewrite + <code>http://www.username.host.com/anypath</code> + internally to <code>/home/username/anypath</code>:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteCond %{<strong>HTTP_HOST</strong>} ^www\.<strong>[^.]+</strong>\.host\.com$ +RewriteRule ^(.+) %{HTTP_HOST}$1 [C] +RewriteRule ^www\.<strong>([^.]+)</strong>\.host\.com(.*) /home/<strong>$1</strong>$2 +</pre></div> + </dd> + </dl> + + + + <h3>Redirect Homedirs For Foreigners</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>We want to redirect homedir URLs to another webserver + <code>www.somewhere.com</code> when the requesting user + does not stay in the local domain + <code>ourdomain.com</code>. This is sometimes used in + virtual host contexts.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>Just a rewrite condition:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteCond %{REMOTE_HOST} <strong>!^.+\.ourdomain\.com$</strong> +RewriteRule ^(/~.+) http://www.somewhere.com/$1 [R,L] +</pre></div> + </dd> + </dl> + + + + <h3>Redirect Failing URLs To Other Webserver</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>A typical FAQ about URL rewriting is how to redirect + failing requests on webserver A to webserver B. Usually + this is done via <code class="directive"><a href="../mod/core.html#errordocument">ErrorDocument</a></code> CGI-scripts in Perl, but + there is also a <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> solution. + But notice that this performs more poorly than using an + <code class="directive"><a href="../mod/core.html#errordocument">ErrorDocument</a></code> + CGI-script!</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>The first solution has the best performance but less + flexibility, and is less error safe:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteCond /your/docroot/%{REQUEST_FILENAME} <strong>!-f</strong> +RewriteRule ^(.+) http://<strong>webserverB</strong>.dom/$1 +</pre></div> + + <p>The problem here is that this will only work for pages + inside the <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code>. While you can add more + Conditions (for instance to also handle homedirs, etc.) + there is better variant:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteCond %{REQUEST_URI} <strong>!-U</strong> +RewriteRule ^(.+) http://<strong>webserverB</strong>.dom/$1 +</pre></div> + + <p>This uses the URL look-ahead feature of <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>. + The result is that this will work for all types of URLs + and is a safe way. But it does a performance impact on + the webserver, because for every request there is one + more internal subrequest. So, if your webserver runs on a + powerful CPU, use this one. If it is a slow machine, use + the first approach or better a <code class="directive"><a href="../mod/core.html#errordocument">ErrorDocument</a></code> CGI-script.</p> + </dd> + </dl> + + + + <h3>Extended Redirection</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Sometimes we need more control (concerning the + character escaping mechanism) of URLs on redirects. + Usually the Apache kernels URL escape function also + escapes anchors, i.e. URLs like "<code>url#anchor</code>". + You cannot use this directly on redirects with + <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> because the + <code>uri_escape()</code> function of Apache + would also escape the hash character. + How can we redirect to such a URL?</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We have to use a kludge by the use of a NPH-CGI script + which does the redirect itself. Because here no escaping + is done (NPH=non-parseable headers). First we introduce a + new URL scheme <code>xredirect:</code> by the following + per-server config-line (should be one of the last rewrite + rules):</p> + +<div class="example"><pre> +RewriteRule ^xredirect:(.+) /path/to/nph-xredirect.cgi/$1 \ + [T=application/x-httpd-cgi,L] +</pre></div> + + <p>This forces all URLs prefixed with + <code>xredirect:</code> to be piped through the + <code>nph-xredirect.cgi</code> program. And this program + just looks like:</p> + +<div class="example"><pre> +#!/path/to/perl +## +## nph-xredirect.cgi -- NPH/CGI script for extended redirects +## Copyright (c) 1997 Ralf S. Engelschall, All Rights Reserved. +## + +$| = 1; +$url = $ENV{'PATH_INFO'}; + +print "HTTP/1.0 302 Moved Temporarily\n"; +print "Server: $ENV{'SERVER_SOFTWARE'}\n"; +print "Location: $url\n"; +print "Content-type: text/html\n"; +print "\n"; +print "<html>\n"; +print "<head>\n"; +print "<title>302 Moved Temporarily (EXTENDED)</title>\n"; +print "</head>\n"; +print "<body>\n"; +print "<h1>Moved Temporarily (EXTENDED)</h1>\n"; +print "The document has moved <a HREF=\"$url\">here</a>.<p>\n"; +print "</body>\n"; +print "</html>\n"; + +##EOF## +</pre></div> + + <p>This provides you with the functionality to do + redirects to all URL schemes, i.e. including the one + which are not directly accepted by <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>. + For instance you can now also redirect to + <code>news:newsgroup</code> via</p> + +<div class="example"><pre> +RewriteRule ^anyurl xredirect:news:newsgroup +</pre></div> + + <div class="note">Notice: You have not to put <code>[R]</code> or + <code>[R,L]</code> to the above rule because the + <code>xredirect:</code> need to be expanded later + by our special "pipe through" rule above.</div> + </dd> + </dl> + + + + <h3>Archive Access Multiplexer</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Do you know the great CPAN (Comprehensive Perl Archive + Network) under <a href="http://www.perl.com/CPAN">http://www.perl.com/CPAN</a>? + This does a redirect to one of several FTP servers around + the world which carry a CPAN mirror and is approximately + near the location of the requesting client. Actually this + can be called an FTP access multiplexing service. While + CPAN runs via CGI scripts, how can a similar approach + implemented via <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>?</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>First we notice that from version 3.0.0 + <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> can + also use the "<code>ftp:</code>" scheme on redirects. + And second, the location approximation can be done by a + <code class="directive"><a href="../mod/mod_rewrite.html#rewritemap">RewriteMap</a></code> + over the top-level domain of the client. + With a tricky chained ruleset we can use this top-level + domain as a key to our multiplexing map.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteMap multiplex txt:/path/to/map.cxan +RewriteRule ^/CxAN/(.*) %{REMOTE_HOST}::$1 [C] +RewriteRule ^.+\.<strong>([a-zA-Z]+)</strong>::(.*)$ ${multiplex:<strong>$1</strong>|ftp.default.dom}$2 [R,L] +</pre></div> + +<div class="example"><pre> +## +## map.cxan -- Multiplexing Map for CxAN +## + +de ftp://ftp.cxan.de/CxAN/ +uk ftp://ftp.cxan.uk/CxAN/ +com ftp://ftp.cxan.com/CxAN/ + : +##EOF## +</pre></div> + </dd> + </dl> + + + + <h3>Time-Dependent Rewriting</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>When tricks like time-dependent content should happen a + lot of webmasters still use CGI scripts which do for + instance redirects to specialized pages. How can it be done + via <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>?</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>There are a lot of variables named <code>TIME_xxx</code> + for rewrite conditions. In conjunction with the special + lexicographic comparison patterns <code><STRING</code>, + <code>>STRING</code> and <code>=STRING</code> we can + do time-dependent redirects:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteCond %{TIME_HOUR}%{TIME_MIN} >0700 +RewriteCond %{TIME_HOUR}%{TIME_MIN} <1900 +RewriteRule ^foo\.html$ foo.day.html +RewriteRule ^foo\.html$ foo.night.html +</pre></div> + + <p>This provides the content of <code>foo.day.html</code> + under the URL <code>foo.html</code> from + <code>07:00-19:00</code> and at the remaining time the + contents of <code>foo.night.html</code>. Just a nice + feature for a homepage...</p> + </dd> + </dl> + + + + <h3>Backward Compatibility for YYYY to XXXX migration</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>How can we make URLs backward compatible (still + existing virtually) after migrating <code>document.YYYY</code> + to <code>document.XXXX</code>, e.g. after translating a + bunch of <code>.html</code> files to <code>.phtml</code>?</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We just rewrite the name to its basename and test for + existence of the new extension. If it exists, we take + that name, else we rewrite the URL to its original state.</p> + + +<div class="example"><pre> +# backward compatibility ruleset for +# rewriting document.html to document.phtml +# when and only when document.phtml exists +# but no longer document.html +RewriteEngine on +RewriteBase /~quux/ +# parse out basename, but remember the fact +RewriteRule ^(.*)\.html$ $1 [C,E=WasHTML:yes] +# rewrite to document.phtml if exists +RewriteCond %{REQUEST_FILENAME}.phtml -f +RewriteRule ^(.*)$ $1.phtml [S=1] +# else reverse the previous basename cutout +RewriteCond %{ENV:WasHTML} ^yes$ +RewriteRule ^(.*)$ $1.html +</pre></div> + </dd> + </dl> + + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="content" id="content">Content Handling</a></h2> + + + + <h3>From Old to New (intern)</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Assume we have recently renamed the page + <code>foo.html</code> to <code>bar.html</code> and now want + to provide the old URL for backward compatibility. Actually + we want that users of the old URL even not recognize that + the pages was renamed.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We rewrite the old URL to the new one internally via the + following rule:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteRule ^<strong>foo</strong>\.html$ <strong>bar</strong>.html +</pre></div> + </dd> + </dl> + + + + <h3>From Old to New (extern)</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Assume again that we have recently renamed the page + <code>foo.html</code> to <code>bar.html</code> and now want + to provide the old URL for backward compatibility. But this + time we want that the users of the old URL get hinted to + the new one, i.e. their browsers Location field should + change, too.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We force a HTTP redirect to the new URL which leads to a + change of the browsers and thus the users view:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteRule ^<strong>foo</strong>\.html$ <strong>bar</strong>.html [<strong>R</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>Browser Dependent Content</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>At least for important top-level pages it is sometimes + necessary to provide the optimum of browser dependent + content, i.e. one has to provide a maximum version for the + latest Netscape variants, a minimum version for the Lynx + browsers and a average feature version for all others.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We cannot use content negotiation because the browsers do + not provide their type in that form. Instead we have to + act on the HTTP header "User-Agent". The following condig + does the following: If the HTTP header "User-Agent" + begins with "Mozilla/3", the page <code>foo.html</code> + is rewritten to <code>foo.NS.html</code> and and the + rewriting stops. If the browser is "Lynx" or "Mozilla" of + version 1 or 2 the URL becomes <code>foo.20.html</code>. + All other browsers receive page <code>foo.32.html</code>. + This is done by the following ruleset:</p> + +<div class="example"><pre> +RewriteCond %{HTTP_USER_AGENT} ^<strong>Mozilla/3</strong>.* +RewriteRule ^foo\.html$ foo.<strong>NS</strong>.html [<strong>L</strong>] + +RewriteCond %{HTTP_USER_AGENT} ^<strong>Lynx/</strong>.* [OR] +RewriteCond %{HTTP_USER_AGENT} ^<strong>Mozilla/[12]</strong>.* +RewriteRule ^foo\.html$ foo.<strong>20</strong>.html [<strong>L</strong>] + +RewriteRule ^foo\.html$ foo.<strong>32</strong>.html [<strong>L</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>Dynamic Mirror</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Assume there are nice webpages on remote hosts we want + to bring into our namespace. For FTP servers we would use + the <code>mirror</code> program which actually maintains an + explicit up-to-date copy of the remote data on the local + machine. For a webserver we could use the program + <code>webcopy</code> which acts similar via HTTP. But both + techniques have one major drawback: The local copy is + always just as up-to-date as often we run the program. It + would be much better if the mirror is not a static one we + have to establish explicitly. Instead we want a dynamic + mirror with data which gets updated automatically when + there is need (updated data on the remote host).</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>To provide this feature we map the remote webpage or even + the complete remote webarea to our namespace by the use + of the <dfn>Proxy Throughput</dfn> feature + (flag <code>[P]</code>):</p> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteRule ^<strong>hotsheet/</strong>(.*)$ <strong>http://www.tstimpreso.com/hotsheet/</strong>$1 [<strong>P</strong>] +</pre></div> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteRule ^<strong>usa-news\.html</strong>$ <strong>http://www.quux-corp.com/news/index.html</strong> [<strong>P</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>Reverse Dynamic Mirror</h3> + + + + <dl> + <dt>Description:</dt> + + <dd>...</dd> + + <dt>Solution:</dt> + + <dd> +<div class="example"><pre> +RewriteEngine on +RewriteCond /mirror/of/remotesite/$1 -U +RewriteRule ^http://www\.remotesite\.com/(.*)$ /mirror/of/remotesite/$1 +</pre></div> + </dd> + </dl> + + + + <h3>Retrieve Missing Data from Intranet</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>This is a tricky way of virtually running a corporate + (external) Internet webserver + (<code>www.quux-corp.dom</code>), while actually keeping + and maintaining its data on a (internal) Intranet webserver + (<code>www2.quux-corp.dom</code>) which is protected by a + firewall. The trick is that on the external webserver we + retrieve the requested data on-the-fly from the internal + one.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>First, we have to make sure that our firewall still + protects the internal webserver and that only the + external webserver is allowed to retrieve data from it. + For a packet-filtering firewall we could for instance + configure a firewall ruleset like the following:</p> + +<div class="example"><pre> +<strong>ALLOW</strong> Host www.quux-corp.dom Port >1024 --> Host www2.quux-corp.dom Port <strong>80</strong> +<strong>DENY</strong> Host * Port * --> Host www2.quux-corp.dom Port <strong>80</strong> +</pre></div> + + <p>Just adjust it to your actual configuration syntax. + Now we can establish the <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> + rules which request the missing data in the background + through the proxy throughput feature:</p> + +<div class="example"><pre> +RewriteRule ^/~([^/]+)/?(.*) /home/$1/.www/$2 +RewriteCond %{REQUEST_FILENAME} <strong>!-f</strong> +RewriteCond %{REQUEST_FILENAME} <strong>!-d</strong> +RewriteRule ^/home/([^/]+)/.www/?(.*) http://<strong>www2</strong>.quux-corp.dom/~$1/pub/$2 [<strong>P</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>Load Balancing</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Suppose we want to load balance the traffic to + <code>www.foo.com</code> over <code>www[0-5].foo.com</code> + (a total of 6 servers). How can this be done?</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>There are a lot of possible solutions for this problem. + We will discuss first a commonly known DNS-based variant + and then the special one with <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>:</p> + + <ol> + <li> + <strong>DNS Round-Robin</strong> + + <p>The simplest method for load-balancing is to use + the DNS round-robin feature of <code>BIND</code>. + Here you just configure <code>www[0-9].foo.com</code> + as usual in your DNS with A(address) records, e.g.</p> + +<div class="example"><pre> +www0 IN A 1.2.3.1 +www1 IN A 1.2.3.2 +www2 IN A 1.2.3.3 +www3 IN A 1.2.3.4 +www4 IN A 1.2.3.5 +www5 IN A 1.2.3.6 +</pre></div> + + <p>Then you additionally add the following entry:</p> + +<div class="example"><pre> +www IN CNAME www0.foo.com. + IN CNAME www1.foo.com. + IN CNAME www2.foo.com. + IN CNAME www3.foo.com. + IN CNAME www4.foo.com. + IN CNAME www5.foo.com. + IN CNAME www6.foo.com. +</pre></div> + + <p>Notice that this seems wrong, but is actually an + intended feature of <code>BIND</code> and can be used + in this way. However, now when <code>www.foo.com</code> gets + resolved, <code>BIND</code> gives out <code>www0-www6</code> + - but in a slightly permutated/rotated order every time. + This way the clients are spread over the various + servers. But notice that this not a perfect load + balancing scheme, because DNS resolve information + gets cached by the other nameservers on the net, so + once a client has resolved <code>www.foo.com</code> + to a particular <code>wwwN.foo.com</code>, all + subsequent requests also go to this particular name + <code>wwwN.foo.com</code>. But the final result is + ok, because the total sum of the requests are really + spread over the various webservers.</p> + </li> + + <li> + <strong>DNS Load-Balancing</strong> + + <p>A sophisticated DNS-based method for + load-balancing is to use the program + <code>lbnamed</code> which can be found at <a href="http://www.stanford.edu/~schemers/docs/lbnamed/lbnamed.html"> + http://www.stanford.edu/~schemers/docs/lbnamed/lbnamed.html</a>. + It is a Perl 5 program in conjunction with auxilliary + tools which provides a real load-balancing for + DNS.</p> + </li> + + <li> + <strong>Proxy Throughput Round-Robin</strong> + + <p>In this variant we use <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> + and its proxy throughput feature. First we dedicate + <code>www0.foo.com</code> to be actually + <code>www.foo.com</code> by using a single</p> + +<div class="example"><pre> +www IN CNAME www0.foo.com. +</pre></div> + + <p>entry in the DNS. Then we convert + <code>www0.foo.com</code> to a proxy-only server, + i.e. we configure this machine so all arriving URLs + are just pushed through the internal proxy to one of + the 5 other servers (<code>www1-www5</code>). To + accomplish this we first establish a ruleset which + contacts a load balancing script <code>lb.pl</code> + for all URLs.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteMap lb prg:/path/to/lb.pl +RewriteRule ^/(.+)$ ${lb:$1} [P,L] +</pre></div> + + <p>Then we write <code>lb.pl</code>:</p> + +<div class="example"><pre> +#!/path/to/perl +## +## lb.pl -- load balancing script +## + +$| = 1; + +$name = "www"; # the hostname base +$first = 1; # the first server (not 0 here, because 0 is myself) +$last = 5; # the last server in the round-robin +$domain = "foo.dom"; # the domainname + +$cnt = 0; +while (<STDIN>) { + $cnt = (($cnt+1) % ($last+1-$first)); + $server = sprintf("%s%d.%s", $name, $cnt+$first, $domain); + print "http://$server/$_"; +} + +##EOF## +</pre></div> + + <div class="note">A last notice: Why is this useful? Seems like + <code>www0.foo.com</code> still is overloaded? The + answer is yes, it is overloaded, but with plain proxy + throughput requests, only! All SSI, CGI, ePerl, etc. + processing is completely done on the other machines. + This is the essential point.</div> + </li> + + <li> + <strong>Hardware/TCP Round-Robin</strong> + + <p>There is a hardware solution available, too. Cisco + has a beast called LocalDirector which does a load + balancing at the TCP/IP level. Actually this is some + sort of a circuit level gateway in front of a + webcluster. If you have enough money and really need + a solution with high performance, use this one.</p> + </li> + </ol> + </dd> + </dl> + + + + <h3>New MIME-type, New Service</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>On the net there are a lot of nifty CGI programs. But + their usage is usually boring, so a lot of webmaster + don't use them. Even Apache's Action handler feature for + MIME-types is only appropriate when the CGI programs + don't need special URLs (actually <code>PATH_INFO</code> + and <code>QUERY_STRINGS</code>) as their input. First, + let us configure a new file type with extension + <code>.scgi</code> (for secure CGI) which will be processed + by the popular <code>cgiwrap</code> program. The problem + here is that for instance we use a Homogeneous URL Layout + (see above) a file inside the user homedirs has the URL + <code>/u/user/foo/bar.scgi</code>. But + <code>cgiwrap</code> needs the URL in the form + <code>/~user/foo/bar.scgi/</code>. The following rule + solves the problem:</p> + +<div class="example"><pre> +RewriteRule ^/[uge]/<strong>([^/]+)</strong>/\.www/(.+)\.scgi(.*) ... +... /internal/cgi/user/cgiwrap/~<strong>$1</strong>/$2.scgi$3 [NS,<strong>T=application/x-http-cgi</strong>] +</pre></div> + + <p>Or assume we have some more nifty programs: + <code>wwwlog</code> (which displays the + <code>access.log</code> for a URL subtree and + <code>wwwidx</code> (which runs Glimpse on a URL + subtree). We have to provide the URL area to these + programs so they know on which area they have to act on. + But usually this ugly, because they are all the times + still requested from that areas, i.e. typically we would + run the <code>swwidx</code> program from within + <code>/u/user/foo/</code> via hyperlink to</p> + +<div class="example"><pre> +/internal/cgi/user/swwidx?i=/u/user/foo/ +</pre></div> + + <p>which is ugly. Because we have to hard-code + <strong>both</strong> the location of the area + <strong>and</strong> the location of the CGI inside the + hyperlink. When we have to reorganize the area, we spend a + lot of time changing the various hyperlinks.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>The solution here is to provide a special new URL format + which automatically leads to the proper CGI invocation. + We configure the following:</p> + +<div class="example"><pre> +RewriteRule ^/([uge])/([^/]+)(/?.*)/\* /internal/cgi/user/wwwidx?i=/$1/$2$3/ +RewriteRule ^/([uge])/([^/]+)(/?.*):log /internal/cgi/user/wwwlog?f=/$1/$2$3 +</pre></div> + + <p>Now the hyperlink to search at + <code>/u/user/foo/</code> reads only</p> + +<div class="example"><pre> +HREF="*" +</pre></div> + + <p>which internally gets automatically transformed to</p> + +<div class="example"><pre> +/internal/cgi/user/wwwidx?i=/u/user/foo/ +</pre></div> + + <p>The same approach leads to an invocation for the + access log CGI program when the hyperlink + <code>:log</code> gets used.</p> + </dd> + </dl> + + + + <h3>From Static to Dynamic</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>How can we transform a static page + <code>foo.html</code> into a dynamic variant + <code>foo.cgi</code> in a seamless way, i.e. without notice + by the browser/user.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We just rewrite the URL to the CGI-script and force the + correct MIME-type so it gets really run as a CGI-script. + This way a request to <code>/~quux/foo.html</code> + internally leads to the invocation of + <code>/~quux/foo.cgi</code>.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteRule ^foo\.<strong>html</strong>$ foo.<strong>cgi</strong> [T=<strong>application/x-httpd-cgi</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>On-the-fly Content-Regeneration</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Here comes a really esoteric feature: Dynamically + generated but statically served pages, i.e. pages should be + delivered as pure static pages (read from the filesystem + and just passed through), but they have to be generated + dynamically by the webserver if missing. This way you can + have CGI-generated pages which are statically served unless + one (or a cronjob) removes the static contents. Then the + contents gets refreshed.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + This is done via the following ruleset: + +<div class="example"><pre> +RewriteCond %{REQUEST_FILENAME} <strong>!-s</strong> +RewriteRule ^page\.<strong>html</strong>$ page.<strong>cgi</strong> [T=application/x-httpd-cgi,L] +</pre></div> + + <p>Here a request to <code>page.html</code> leads to a + internal run of a corresponding <code>page.cgi</code> if + <code>page.html</code> is still missing or has filesize + null. The trick here is that <code>page.cgi</code> is a + usual CGI script which (additionally to its <code>STDOUT</code>) + writes its output to the file <code>page.html</code>. + Once it was run, the server sends out the data of + <code>page.html</code>. When the webmaster wants to force + a refresh the contents, he just removes + <code>page.html</code> (usually done by a cronjob).</p> + </dd> + </dl> + + + + <h3>Document With Autorefresh</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Wouldn't it be nice while creating a complex webpage if + the webbrowser would automatically refresh the page every + time we write a new version from within our editor? + Impossible?</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>No! We just combine the MIME multipart feature, the + webserver NPH feature and the URL manipulation power of + <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>. First, we establish a new + URL feature: Adding just <code>:refresh</code> to any + URL causes this to be refreshed every time it gets + updated on the filesystem.</p> + +<div class="example"><pre> +RewriteRule ^(/[uge]/[^/]+/?.*):refresh /internal/cgi/apache/nph-refresh?f=$1 +</pre></div> + + <p>Now when we reference the URL</p> + +<div class="example"><pre> +/u/foo/bar/page.html:refresh +</pre></div> + + <p>this leads to the internal invocation of the URL</p> + +<div class="example"><pre> +/internal/cgi/apache/nph-refresh?f=/u/foo/bar/page.html +</pre></div> + + <p>The only missing part is the NPH-CGI script. Although + one would usually say "left as an exercise to the reader" + ;-) I will provide this, too.</p> + +<div class="example"><pre> +#!/sw/bin/perl +## +## nph-refresh -- NPH/CGI script for auto refreshing pages +## Copyright (c) 1997 Ralf S. Engelschall, All Rights Reserved. +## +$| = 1; + +# split the QUERY_STRING variable +@pairs = split(/&/, $ENV{'QUERY_STRING'}); +foreach $pair (@pairs) { + ($name, $value) = split(/=/, $pair); + $name =~ tr/A-Z/a-z/; + $name = 'QS_' . $name; + $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; + eval "\$$name = \"$value\""; +} +$QS_s = 1 if ($QS_s eq ''); +$QS_n = 3600 if ($QS_n eq ''); +if ($QS_f eq '') { + print "HTTP/1.0 200 OK\n"; + print "Content-type: text/html\n\n"; + print "&lt;b&gt;ERROR&lt;/b&gt;: No file given\n"; + exit(0); +} +if (! -f $QS_f) { + print "HTTP/1.0 200 OK\n"; + print "Content-type: text/html\n\n"; + print "&lt;b&gt;ERROR&lt;/b&gt;: File $QS_f not found\n"; + exit(0); +} + +sub print_http_headers_multipart_begin { + print "HTTP/1.0 200 OK\n"; + $bound = "ThisRandomString12345"; + print "Content-type: multipart/x-mixed-replace;boundary=$bound\n"; + &print_http_headers_multipart_next; +} + +sub print_http_headers_multipart_next { + print "\n--$bound\n"; +} + +sub print_http_headers_multipart_end { + print "\n--$bound--\n"; +} + +sub displayhtml { + local($buffer) = @_; + $len = length($buffer); + print "Content-type: text/html\n"; + print "Content-length: $len\n\n"; + print $buffer; +} + +sub readfile { + local($file) = @_; + local(*FP, $size, $buffer, $bytes); + ($x, $x, $x, $x, $x, $x, $x, $size) = stat($file); + $size = sprintf("%d", $size); + open(FP, "&lt;$file"); + $bytes = sysread(FP, $buffer, $size); + close(FP); + return $buffer; +} + +$buffer = &readfile($QS_f); +&print_http_headers_multipart_begin; +&displayhtml($buffer); + +sub mystat { + local($file) = $_[0]; + local($time); + + ($x, $x, $x, $x, $x, $x, $x, $x, $x, $mtime) = stat($file); + return $mtime; +} + +$mtimeL = &mystat($QS_f); +$mtime = $mtime; +for ($n = 0; $n &lt; $QS_n; $n++) { + while (1) { + $mtime = &mystat($QS_f); + if ($mtime ne $mtimeL) { + $mtimeL = $mtime; + sleep(2); + $buffer = &readfile($QS_f); + &print_http_headers_multipart_next; + &displayhtml($buffer); + sleep(5); + $mtimeL = &mystat($QS_f); + last; + } + sleep($QS_s); + } +} + +&print_http_headers_multipart_end; + +exit(0); + +##EOF## +</pre></div> + </dd> + </dl> + + + + <h3>Mass Virtual Hosting</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>The <code class="directive"><a href="../mod/core.html#virtualhost"><VirtualHost></a></code> feature of Apache is nice + and works great when you just have a few dozens + virtual hosts. But when you are an ISP and have hundreds of + virtual hosts to provide this feature is not the best + choice.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>To provide this feature we map the remote webpage or even + the complete remote webarea to our namespace by the use + of the <dfn>Proxy Throughput</dfn> feature (flag <code>[P]</code>):</p> + +<div class="example"><pre> +## +## vhost.map +## +www.vhost1.dom:80 /path/to/docroot/vhost1 +www.vhost2.dom:80 /path/to/docroot/vhost2 + : +www.vhostN.dom:80 /path/to/docroot/vhostN +</pre></div> + +<div class="example"><pre> +## +## httpd.conf +## + : +# use the canonical hostname on redirects, etc. +UseCanonicalName on + + : +# add the virtual host in front of the CLF-format +CustomLog /path/to/access_log "%{VHOST}e %h %l %u %t \"%r\" %>s %b" + : + +# enable the rewriting engine in the main server +RewriteEngine on + +# define two maps: one for fixing the URL and one which defines +# the available virtual hosts with their corresponding +# DocumentRoot. +RewriteMap lowercase int:tolower +RewriteMap vhost txt:/path/to/vhost.map + +# Now do the actual virtual host mapping +# via a huge and complicated single rule: +# +# 1. make sure we don't map for common locations +RewriteCond %{REQUEST_URI} !^/commonurl1/.* +RewriteCond %{REQUEST_URI} !^/commonurl2/.* + : +RewriteCond %{REQUEST_URI} !^/commonurlN/.* +# +# 2. make sure we have a Host header, because +# currently our approach only supports +# virtual hosting through this header +RewriteCond %{HTTP_HOST} !^$ +# +# 3. lowercase the hostname +RewriteCond ${lowercase:%{HTTP_HOST}|NONE} ^(.+)$ +# +# 4. lookup this hostname in vhost.map and +# remember it only when it is a path +# (and not "NONE" from above) +RewriteCond ${vhost:%1} ^(/.*)$ +# +# 5. finally we can map the URL to its docroot location +# and remember the virtual host for logging puposes +RewriteRule ^/(.*)$ %1/$1 [E=VHOST:${lowercase:%{HTTP_HOST}}] + : +</pre></div> + </dd> + </dl> + + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="access" id="access">Access Restriction</a></h2> + + + + <h3>Blocking of Robots</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>How can we block a really annoying robot from + retrieving pages of a specific webarea? A + <code>/robots.txt</code> file containing entries of the + "Robot Exclusion Protocol" is typically not enough to get + rid of such a robot.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We use a ruleset which forbids the URLs of the webarea + <code>/~quux/foo/arc/</code> (perhaps a very deep + directory indexed area where the robot traversal would + create big server load). We have to make sure that we + forbid access only to the particular robot, i.e. just + forbidding the host where the robot runs is not enough. + This would block users from this host, too. We accomplish + this by also matching the User-Agent HTTP header + information.</p> + +<div class="example"><pre> +RewriteCond %{HTTP_USER_AGENT} ^<strong>NameOfBadRobot</strong>.* +RewriteCond %{REMOTE_ADDR} ^<strong>123\.45\.67\.[8-9]</strong>$ +RewriteRule ^<strong>/~quux/foo/arc/</strong>.+ - [<strong>F</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>Blocked Inline-Images</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Assume we have under <code>http://www.quux-corp.de/~quux/</code> + some pages with inlined GIF graphics. These graphics are + nice, so others directly incorporate them via hyperlinks to + their pages. We don't like this practice because it adds + useless traffic to our server.</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>While we cannot 100% protect the images from inclusion, + we can at least restrict the cases where the browser + sends a HTTP Referer header.</p> + +<div class="example"><pre> +RewriteCond %{HTTP_REFERER} <strong>!^$</strong> +RewriteCond %{HTTP_REFERER} !^http://www.quux-corp.de/~quux/.*$ [NC] +RewriteRule <strong>.*\.gif$</strong> - [F] +</pre></div> + +<div class="example"><pre> +RewriteCond %{HTTP_REFERER} !^$ +RewriteCond %{HTTP_REFERER} !.*/foo-with-gif\.html$ +RewriteRule <strong>^inlined-in-foo\.gif$</strong> - [F] +</pre></div> + </dd> + </dl> + + + + <h3>Host Deny</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>How can we forbid a list of externally configured hosts + from using our server?</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>For Apache >= 1.3b6:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteMap hosts-deny txt:/path/to/hosts.deny +RewriteCond ${hosts-deny:%{REMOTE_HOST}|NOT-FOUND} !=NOT-FOUND [OR] +RewriteCond ${hosts-deny:%{REMOTE_ADDR}|NOT-FOUND} !=NOT-FOUND +RewriteRule ^/.* - [F] +</pre></div> + + <p>For Apache <= 1.3b6:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteMap hosts-deny txt:/path/to/hosts.deny +RewriteRule ^/(.*)$ ${hosts-deny:%{REMOTE_HOST}|NOT-FOUND}/$1 +RewriteRule !^NOT-FOUND/.* - [F] +RewriteRule ^NOT-FOUND/(.*)$ ${hosts-deny:%{REMOTE_ADDR}|NOT-FOUND}/$1 +RewriteRule !^NOT-FOUND/.* - [F] +RewriteRule ^NOT-FOUND/(.*)$ /$1 +</pre></div> + +<div class="example"><pre> +## +## hosts.deny +## +## ATTENTION! This is a map, not a list, even when we treat it as such. +## mod_rewrite parses it for key/value pairs, so at least a +## dummy value "-" must be present for each entry. +## + +193.102.180.41 - +bsdti1.sdm.de - +192.76.162.40 - +</pre></div> + </dd> + </dl> + + + + <h3>Proxy Deny</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>How can we forbid a certain host or even a user of a + special host from using the Apache proxy?</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We first have to make sure <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> + is below(!) <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> in the Configuration + file when compiling the Apache webserver. This way it gets + called <em>before</em> <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code>. Then we + configure the following for a host-dependent deny...</p> + +<div class="example"><pre> +RewriteCond %{REMOTE_HOST} <strong>^badhost\.mydomain\.com$</strong> +RewriteRule !^http://[^/.]\.mydomain.com.* - [F] +</pre></div> + + <p>...and this one for a user@host-dependent deny:</p> + +<div class="example"><pre> +RewriteCond %{REMOTE_IDENT}@%{REMOTE_HOST} <strong>^badguy@badhost\.mydomain\.com$</strong> +RewriteRule !^http://[^/.]\.mydomain.com.* - [F] +</pre></div> + </dd> + </dl> + + + + <h3>Special Authentication Variant</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>Sometimes a very special authentication is needed, for + instance a authentication which checks for a set of + explicitly configured users. Only these should receive + access and without explicit prompting (which would occur + when using the Basic Auth via <code class="module"><a href="../mod/mod_auth.html">mod_auth</a></code>).</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>We use a list of rewrite conditions to exclude all except + our friends:</p> + +<div class="example"><pre> +RewriteCond %{REMOTE_IDENT}@%{REMOTE_HOST} <strong>!^friend1@client1.quux-corp\.com$</strong> +RewriteCond %{REMOTE_IDENT}@%{REMOTE_HOST} <strong>!^friend2</strong>@client2.quux-corp\.com$ +RewriteCond %{REMOTE_IDENT}@%{REMOTE_HOST} <strong>!^friend3</strong>@client3.quux-corp\.com$ +RewriteRule ^/~quux/only-for-friends/ - [F] +</pre></div> + </dd> + </dl> + + + + <h3>Referer-based Deflector</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>How can we program a flexible URL Deflector which acts + on the "Referer" HTTP header and can be configured with as + many referring pages as we like?</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>Use the following really tricky ruleset...</p> + +<div class="example"><pre> +RewriteMap deflector txt:/path/to/deflector.map + +RewriteCond %{HTTP_REFERER} !="" +RewriteCond ${deflector:%{HTTP_REFERER}} ^-$ +RewriteRule ^.* %{HTTP_REFERER} [R,L] + +RewriteCond %{HTTP_REFERER} !="" +RewriteCond ${deflector:%{HTTP_REFERER}|NOT-FOUND} !=NOT-FOUND +RewriteRule ^.* ${deflector:%{HTTP_REFERER}} [R,L] +</pre></div> + + <p>... in conjunction with a corresponding rewrite + map:</p> + +<div class="example"><pre> +## +## deflector.map +## + +http://www.badguys.com/bad/index.html - +http://www.badguys.com/bad/index2.html - +http://www.badguys.com/bad/index3.html http://somewhere.com/ +</pre></div> + + <p>This automatically redirects the request back to the + referring page (when "<code>-</code>" is used as the value + in the map) or to a specific URL (when an URL is specified + in the map as the second argument).</p> + </dd> + </dl> + + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="other" id="other">Other</a></h2> + + + + <h3>External Rewriting Engine</h3> + + + + <dl> + <dt>Description:</dt> + + <dd> + <p>A FAQ: How can we solve the FOO/BAR/QUUX/etc. + problem? There seems no solution by the use of + <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>...</p> + </dd> + + <dt>Solution:</dt> + + <dd> + <p>Use an external <code class="directive"><a href="../mod/mod_rewrite.html#rewritemap">RewriteMap</a></code>, i.e. a program which acts + like a <code class="directive"><a href="../mod/mod_rewrite.html#rewritemap">RewriteMap</a></code>. It is run once on startup of Apache + receives the requested URLs on <code>STDIN</code> and has + to put the resulting (usually rewritten) URL on + <code>STDOUT</code> (same order!).</p> + +<div class="example"><pre> +RewriteEngine on +RewriteMap quux-map <strong>prg:</strong>/path/to/map.quux.pl +RewriteRule ^/~quux/(.*)$ /~quux/<strong>${quux-map:$1}</strong> +</pre></div> + +<div class="example"><pre> +#!/path/to/perl + +# disable buffered I/O which would lead +# to deadloops for the Apache server +$| = 1; + +# read URLs one per line from stdin and +# generate substitution URL on stdout +while (<>) { + s|^foo/|bar/|; + print $_; +} +</pre></div> + + <p>This is a demonstration-only example and just rewrites + all URLs <code>/~quux/foo/...</code> to + <code>/~quux/bar/...</code>. Actually you can program + whatever you like. But notice that while such maps can be + <strong>used</strong> also by an average user, only the + system administrator can <strong>define</strong> it.</p> + </dd> + </dl> + + + + </div></div> +<div class="bottomlang"> +<p><span>Available Languages: </span><a href="../en/misc/rewriteguide.html" title="English"> en </a> | +<a href="../ko/misc/rewriteguide.html" hreflang="ko" rel="alternate" title="Korean"> ko </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/rewriteguide.html.ko.euc-kr b/rubbos/app/httpd-2.0.64/docs/manual/misc/rewriteguide.html.ko.euc-kr new file mode 100644 index 00000000..694b8f01 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/rewriteguide.html.ko.euc-kr @@ -0,0 +1,2013 @@ +<?xml version="1.0" encoding="EUC-KR"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="ko" xml:lang="ko"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>URL ÀçÀÛ¼º Áöħ¼ - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">¸ðµâ</a> | <a href="../mod/directives.html">Áö½Ã¾îµé</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">¿ë¾î</a> | <a href="../sitemap.html">»çÀÌÆ®¸Ê</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>URL ÀçÀÛ¼º Áöħ¼</h1> +<div class="toplang"> +<p><span>°¡´ÉÇÑ ¾ð¾î: </span><a href="../en/misc/rewriteguide.html" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../ko/misc/rewriteguide.html" title="Korean"> ko </a></p> +</div> +<div class="outofdate">ÀÌ ¹®¼´Â ÃÖ½ÅÆÇ ¹ø¿ªÀÌ ¾Æ´Õ´Ï´Ù. + ÃÖ±Ù¿¡ º¯°æµÈ ³»¿ëÀº ¿µ¾î ¹®¼¸¦ Âü°íÇϼ¼¿ä.</div> + + <div class="note"> + <p>¿øÀúÀÚ<br /> + <cite>Ralf S. Engelschall <rse@apache.org></cite><br /> + 1997³â 12¿ù</p> + </div> + + <p>ÀÌ ¹®¼´Â <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> <a href="../mod/mod_rewrite.html">ÂüÁ¶ ¹®¼</a>¸¦ º¸ÃæÇÑ´Ù. + ÀÌ ¹®¼´Â À¥°ü¸®ÀÚ°¡ ½ÇÁ¦ ÀÛ¾÷¿¡¼ ºÎµúÄ¡°ÔµÇ´Â ÀüÇüÀûÀÎ + URL°ü·Ã ¹®Á¦¸¦ ÇØ°áÇϱâÀ§Çؼ ¾î¶»°Ô ¾ÆÆÄÄ¡ + <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>¸¦ »ç¿ëÇÏ´ÂÁö ¼³¸íÇÑ´Ù. URL + ÀçÀÛ¼º ±ÔÄ¢À» ¼³Á¤ÇÏ¿© ¹®Á¦¸¦ ÇØ°áÇÏ´Â ¹æ¹ýÀ» ÀÚ¼¼È÷ ¼³¸íÇÑ´Ù.</p> + + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#ToC1"><code>mod_rewrite</code> ¼Ò°³</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#ToC2">½Ç¿ëÀûÀÎ ÇØ°áÃ¥</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#url">URL ±¸Á¶</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#content">ÄÁÅÙÃ÷ ´Ù·ç±â</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#access">Á¢±Ù Á¦ÇÑ</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#other">±âŸ</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="ToC1" id="ToC1"><code>mod_rewrite</code> ¼Ò°³</a></h2> + + + + <p>¾ÆÆÄÄ¡ <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> ¸ðµâÀº ±²ÀåÇÏ´Ù. + Áï, URLÀ» Á¶ÀÛÇÒ ¼ö ÀÖ´Â °·ÂÇÏ°í ½Ç·Î Á¤±³ÇÑ ¸ðµâÀÌ´Ù. + »ó»óÇØ¿Ô´ø °ÅÀÇ ¸ðµç Á¾·ùÀÇ URL Á¶ÀÛÀÌ °¡´ÉÇÏ´Ù. ±×·¯³ª + ±× ´ë°¡·Î »ç¿ëÇϱ⠺¹ÀâÇÏ´Ù. <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>ÀÇ + ÃÖ´ë ´ÜÁ¡Àº Ãʺ¸ÀÚ°¡ ÀÌÇØÇÏ°í »ç¿ëÇϱ⠽±Áö ¾Ê´Ù´Â Á¡ÀÌ´Ù. + ½ÉÁö¾î ¾ÆÆÄÄ¡ Àü¹®°¡µµ Á¾Á¾ <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>ÀÇ + »õ·Î¿î ¿ëµµ¸¦ ¹ß°ßÇÑ´Ù.</p> + + <p>´Ù¸¥ ¸»·Î: <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>¿¡ ´ëÇØ ´ç½ÅÀº + óÀ½¿¡ °ÌÀ» ¸Ô°í Àý´ë·Î ´Ù½Ã »ç¿ëÇÏÁö ¾Ê°Å³ª, °·ÂÇÔ¿¡ ¸Å·áµÇ¾î + ¾ÕÀ¸·Î »î µ¿¾È »ç¶û¿¡ ºüÁú °ÍÀÌ´Ù. ÀÌ ±ÛÀº ù¹ø° °æ¿ì¸¦ + ¸·±âÀ§ÇØ ÀÌ¹Ì ¾Ë·ÁÁø ¸î°¡Áö ¼º°ø»ç·Ê¸¦ ¼Ò°³ÇÏ·Á°í ÇÑ´Ù.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="ToC2" id="ToC2">½Ç¿ëÀûÀÎ ÇØ°áÃ¥</a></h2> + + + + <p>ÀÌÁ¦ ³»°¡ Á÷Á¢ ¸¸µé¾ú°Å³ª ´Ù¸¥ »ç¶÷µéÀÌ ¸¸µç ¸¹Àº ½Ç¿ëÀûÀÎ + ÇØ°áÃ¥ÀÌ ³ª¿Â´Ù. ¿¹Á¦¿¡¼ URL ÀçÀÛ¼ºÀÇ È渶¼úÀ» ¸¶À½²¯ ¹è¿ì±æ + ¹Ù¶õ´Ù.</p> + + <div class="warning">ÁÖÀÇ: ¼¹ö ¼³Á¤¿¡ µû¶ó »óȲ¿¡ ¸Â°Ô + ¿¹Á¦¸¦ Á¶±Ý ¼öÁ¤ÇØ¾ß ÇÒ °æ¿ì°¡ ÀÖ´Ù. ¿¹¸¦ µé¾î, Ãß°¡·Î + <code class="module"><a href="../mod/mod_alias.html">mod_alias</a></code>, <code class="module"><a href="../mod/mod_userdir.html">mod_userdir</a></code> + µîÀ» »ç¿ëÇÑ´Ù¸é <code>[PT]</code> Ç÷¡±×¸¦ Ãß°¡ÇÑ´Ù. ȤÀº + ÁÖ¼¹ö¼³Á¤/°¡»óÈ£½ºÆ® »ç¿ëÀå¼Ò°¡ ¾Æ´Ñ <code>.htaccess</code> + »ç¿ëÀå¼Ò¿¡ ¾Ë¸Â°Ô ±ÔÄ¢À» ¼öÁ¤ÇÒ ¼öµµ ÀÖ´Ù. »ç¿ëÇϱâ Àü¿¡ + Ç×»ó ±ÔÄ¢ÀÌ ¾î¶² ±â´ÉÀ» ÇÏ´ÂÁö ÀÌÇØÇϵµ·Ï Çضó. ±×·¯¸é ¹®Á¦¸¦ + ÇÇÇÒ ¼ö ÀÖ´Ù.</div> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="url" id="url">URL ±¸Á¶</a></h2> + + + + <h3>±âÁØÀÌ µÇ´Â URL</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>ÇÑ ¸®¼Ò½º¿¡ ´ëÇØ ¿©·¯ URLÀ» °¡Áö´Â À¥¼¹ö°¡ ÀÖ´Ù. + º¸Åë (½ÇÁ¦ »ç¿ëÇÏ°í ¾Ë·ÁÁ®¾ß ÇÒ) ±âÁØÀÌ µÇ´Â URL°ú, + ´ÜÃà ȤÀº ³»ºÎ ¿ëµµÀÇ URLÀÌ ÀÖ´Ù. »ç¿ëÀÚ°¡ ¿äû¿¡ + ¾î¶² URLÀ» »ç¿ëÇÏ´øÁö ±âÁØÀÌ µÇ´Â URL¸¸À» º¸¿©Áà¾ß + ÇÑ´Ù.</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>±âÁØÀÌ µÇÁö¾Ê´Â ¸ðµç URLÀ» ºê¶ó¿ìÀú°¡ ¾Ëµµ·Ï °íÄ¡±âÀ§ÇØ + ¿ÜºÎ HTTP ¸®´ÙÀÌ·º¼ÇÇÑ´Ù. ¿¹¸¦ µé¾î ¾Æ·¡ ±ÔÄ¢Àº + <code>/~user</code>¸¦ ±âÁØÀÌ µÇ´Â <code>/u/user</code>·Î + ´ëüÇÏ°í, <code>/u/user</code> ¸¶Áö¸·¿¡ ½½·¡½¬°¡ ¾ø´Ù¸é + Ãß°¡ÇÑ´Ù.</p> + +<div class="example"><pre> +RewriteRule ^/<strong>~</strong>([^/]+)/?(.*) /<strong>u</strong>/$1/$2 [<strong>R</strong>] +RewriteRule ^/([uge])/(<strong>[^/]+</strong>)$ /$1/$2<strong>/</strong> [<strong>R</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>±âÁØÀÌ µÇ´Â È£½ºÆ®¸í</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd>ÀÌ ±ÔÄ¢Àº µ¿ÀÏÇÑ »çÀÌÆ®¿¡ µµ´ÞÇÒ ¼ö ÀÖ´Â ´Ù¸¥ È£½ºÆ®¸í + ´ë½Å ƯÁ¤ È£½ºÆ®¸íÀ» »ç¿ëÇϵµ·Ï °Á¦ÇÑ´Ù. ¿¹¸¦ µé¾î, + <strong>example.com</strong> ´ë½Å + <strong>www.example.com</strong>À» »ç¿ëÇϵµ·Ï °Á¦ÇÏ°í + ½Í´Ù¸é ´ÙÀ½°ú °°Àº ±ÔÄ¢À» »ç¿ëÇÒ ¼ö ÀÖ´Ù.</dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> +<div class="example"><pre> +# 80¹øÀÌ ¾Æ´Ñ Æ÷Æ®¿¡¼ ½ÇÇàÇÏ´Â »çÀÌÆ®¿ë +RewriteCond %{HTTP_HOST} !^fully\.qualified\.domain\.name [NC] +RewriteCond %{HTTP_HOST} !^$ +RewriteCond %{SERVER_PORT} !^80$ +RewriteRule ^/(.*) http://fully.qualified.domain.name:%{SERVER_PORT}/$1 [L,R] + +# ±×¸®°í, 80¹ø Æ÷Æ®¿¡¼ ½ÇÇàÇÏ´Â »çÀÌÆ®¿ë +RewriteCond %{HTTP_HOST} !^fully\.qualified\.domain\.name [NC] +RewriteCond %{HTTP_HOST} !^$ +RewriteRule ^/(.*) http://fully.qualified.domain.name/$1 [L,R] +</pre></div> + </dd> + </dl> + + + + <h3><code>DocumentRoot</code>¸¦ ¿Å±ä °æ¿ì</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>À¥¼¹öÀÇ <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code>´Â º¸Åë URL + "<code>/</code>"°ú Á÷Á¢ °ü·ÃÀÖ´Ù. ±×·¯³ª ÀÌ°÷¿¡ ¸ðµç + ÀÚ·á°¡ ÀÖÁö ¾Ê°í, ÀÚ·á°¡ ´Ù¸¥ ¿©·¯ °÷¿¡ Èð¾îÁ®ÀÖ´Â + °æ¿ì°¡ ÀÖ´Ù. ¿¹¸¦ µé¾î ÀÎÆ®¶ó³Ý »çÀÌÆ®¿¡ (¿ÜºÎ¸¦ À§ÇÑ + ȨÆäÀÌÁö) <code>/e/www/</code>¿Í (ÀÎÆ®¶ó³ÝÀ» À§ÇÑ + ȨÆäÀÌÁö) <code>/e/sww/</code>°¡ ÀÖ´Ù°í ÇÏÀÚ. ÀÌÁ¦ + <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code>°¡ + <code>/e/www/</code>À̱⶧¹®¿¡, ¿äû¿¡¼ ÆäÀÌÁö¿¡ + Æ÷ÇÔµÈ ±×¸² µîÀ» ÀÌ°÷¿¡¼ °¡Á®¿Í¾ß ÇÑ´Ù.</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>¿ì¸®´Â URL <code>/</code>¸¦ <code>/e/www/</code>·Î + ¸®´ÙÀÌ·º¼Ç¸¸ ÇÏ¸é µÈ´Ù. »ç¼ÒÇØ º¸ÀÌÁö¸¸ ½ÇÁ¦·Î + <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>¸¦ »ç¿ëÇؼ¸¸ °¡´ÉÇÏ´Ù. + (<code class="module"><a href="../mod/mod_alias.html">mod_alias</a></code> µîÀÌ Á¦°øÇÏ´Â) URL + <em>Alias</em> °°Àº ÀüÇüÀûÀÎ ¹æ¹ýÀº <em>¾ÕºÎºÐ</em>¸¸ + ã´Â´Ù. <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code>°¡ + ¸ðµç URLÀÇ ¾ÕºÎºÐÀ̱⶧¹®¿¡ ÀÌ ¹æ¹ýÀ» »ç¿ëÇÏ¿© ¸®´ÙÀÌ·º¼ÇÀ» + ÇÒ ¼ö ¾ø´Ù. <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>¸¦ »ç¿ëÇϸé + ÁøÂ¥ °£´ÜÇÏ´Ù:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteRule <strong>^/$</strong> /e/www/ [<strong>R</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>¸¶Áö¸· ½½·¡½¬ ¹®Á¦</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>µð·ºÅ丮¸¦ ÁöĪÇÏ´Â URLÀÇ ¸¶Áö¸· ½½·¡½¬ ¹®Á¦°¡ + ¾ø´Ù¸é ¸ðµç À¥°ü¸®Àڴ ȯȣÇÒ °ÍÀÌ´Ù. ½½·¡½¬°¡ ¾ø´Ù¸é, + Áï <code>/~quux/foo/</code> ´ë½Å <code>/~quux/foo</code>¸¦ + »ç¿ëÇÏ¸é ¼¹ö°¡ <code>foo</code>¶ó´Â <em>ÆÄÀÏ</em>À» + ã±â¶§¹®¿¡ ¿À·ù°¡ ¹ß»ýÇÑ´Ù. ÆÄÀÏÀÌ µð·ºÅ丮À̱⶧¹®¿¡ + ¹Þ¾ÆµéÀÌÁö ¾Ê´Â´Ù. ´ëºÎºÐÀÇ °æ¿ì º¸Åë ¼¹ö°¡ ÀÚµ¿À¸·Î + URLÀ» °íÄ¡Áö¸¸, °¡²û Á÷Á¢ ÇØÁà¾ß ÇÒ °æ¿ì°¡ ÀÖ´Ù. ¿¹¸¦ + µé¾î, CGI ½ºÅ©¸³Æ® µîÀ¸·Î º¹ÀâÇÑ URL ÀçÀÛ¼ºÀ» ÇÑ ÈÄ¿¡ + ±×·¯ÇÏ´Ù.</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>ÀÌ ¹Ì¹¦ÇÑ ¹®Á¦ÀÇ ÇØ°á¹æ¹ýÀº ¼¹ö°¡ ÀÚµ¿À¸·Î ¸¶Áö¸· + ½½·¡½¬¸¦ Ãß°¡ÇÏ´Â °ÍÀÌ´Ù. ºê¶ó¿ìÀú°¡ ³ª¸ÓÁö ±×¸² µîÀ» + ¿Ã¹Ù·Î ¿äûÇÒ ¼ö ÀÖµµ·Ï, ¿ÜºÎ ¸®´ÙÀÌ·º¼ÇÀ» ÇØ¾ß ÇÑ´Ù. + ³»ºÎ ¸®´ÙÀÌ·º¼ÇÀ» ÇÑ´Ù¸é µð·ºÅ丮 ÆäÀÌÁö¿¡¸¸ µ¿ÀÛÇÏ¿© + ÀÌ ÆäÀÌÁö°¡ »ó´ë URL·Î Æ÷ÇÔÇÏ´Â ±×¸²À» ºê¶ó¿ìÀú°¡ + ¿äûÇÒ¶§ ãÀ» ¼ö ¾ø´Ù. ¿¹¸¦ µé¾î, ¿ÜºÎ ¸®´ÙÀÌ·º¼ÇÀ» + »ç¿ëÇÏÁö ¾ÊÀ»¶§ <code>/~quux/foo/index.html</code>¿¡¼ + <code>image.gif</code>¸¦ ¿äûÇϸé + <code>/~quux/image.gif</code>¸¦ ¿äûÇÏ°Ô µÈ´Ù!</p> + + <p>±×·¡¼ À̸¦ ÇØ°áÇϱâÀ§ÇØ ´ÙÀ½°ú °°ÀÌ ¼³Á¤ÇÑ´Ù:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteRule ^foo<strong>$</strong> foo<strong>/</strong> [<strong>R</strong>] +</pre></div> + + <p>Ȩµð·ºÅ丮ÀÇ ÃÖ»óÀ§ <code>.htaccess</code> ÆÄÀÏ¿¡ + ´ÙÀ½°ú °°ÀÌ ¼³Á¤ÇÒ ¼öµµ ÀÖ´Ù. ±×·¯³ª ó¸®Çϴµ¥ ºÎ´ãÀÌ + µÈ´Ù.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteCond %{REQUEST_FILENAME} <strong>-d</strong> +RewriteRule ^(.+<strong>[^/]</strong>)$ $1<strong>/</strong> [R] +</pre></div> + </dd> + </dl> + + + + <h3>ÀÏ°üµÈ URL ±¸Á¶·Î ¸¸µç À¥Å¬·¯½ºÅÍ</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>ÀÎÆ®¶ó³Ý À¥¼¹ö±ºÀÇ ¸ðµç À¥¼¹ö¿¡ µ¿ÀÏÇÏ°í ÀÏ°üµÈ + URL ±¸Á¶¸¦ ¸¸µé°í ½Í´Ù. Áï, ¸ðµç (Á¤ÀÇ»ó ¼¹ö¿¡ ¼ÓÇÏ¿© + ¼¹ö¿¡ ÀÇÁ¸ÀûÀÎ!) URLÀ» ¼¹ö <em>µ¶¸³ÀûÀ¸·Î</em> ¸¸µç´Ù! + À¥ À̸§°ø°£¿¡ ¼¹öµ¶¸³ÀûÀÎ µ¿ÀÏÇÑ ±¸Á¶¸¦ ºÎ¿©ÇØ¾ß ÇÑ´Ù: + URLÀº ½ÇÁ¦ ¼¹ö¸¦ ÁöĪÇÏ¸é ¾ÈµÈ´Ù. ¼¹ö±ºÀÌ ÀÚµ¿À¸·Î + ½ÇÁ¦ ¼¹ö·Î À¯µµÇÑ´Ù.</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>¸ÕÀú »ç¿ëÀÚ, ±×·ì, µ¶¸³Ã¼ÀÇ À§Ä¡ Á¤º¸¸¦ ÀúÀåÇÑ + (ºÐ»êµÈ) ¿ÜºÎ¸Ê¿¡ ½ÇÁ¦ ¼¹ö Á¤º¸¸¦ ¾ò¾î¿Â´Ù. ¿ÜºÎ¸ÊÀº + ´ÙÀ½°ú °°Àº Çü½ÄÀÌ´Ù</p> + +<div class="example"><pre> +user1 server_of_user1 +user2 server_of_user2 +: : +</pre></div> + + <p>¿ì¸®´Â ÀÌ Á¤º¸¸¦ °¢°¢ <code>map.xxx-to-host</code> + ÆÄÀÏ¿¡ ÀúÀåÇß´Ù. ´ÙÀ½À¸·Î ¸ðµç ¼¹ö¿¡¼ URLÀÌ ¼¹ö¿¡ + ¾ø´Ù¸é ´ÙÀ½°ú °°Àº URLÀ»,</p> + +<div class="example"><pre> +/u/user/anypath +/g/group/anypath +/e/entity/anypath +</pre></div> + + <p>´ÙÀ½°ú °°ÀÌ ¸®´ÙÀÌ·º¼ÇÇÑ´Ù</p> + +<div class="example"><pre> +http://physical-host/u/user/anypath +http://physical-host/g/group/anypath +http://physical-host/e/entity/anypath +</pre></div> + + <p>¾Æ·¡ ±ÔÄ¢Àº ¸ÊÆÄÀÏÀ» »ç¿ëÇÏ¿© ÀÌ ÀÛ¾÷À» ÇÑ´Ù (server0Àº + ¸Ê¿¡ Ç׸ñÀÌ ¾ø´Â °æ¿ì »ç¿ëÇÒ ±âº»¼¹ö¶ó°í °¡Á¤ÇÑ´Ù):</p> + +<div class="example"><pre> +RewriteEngine on + +RewriteMap user-to-host txt:/path/to/map.user-to-host +RewriteMap group-to-host txt:/path/to/map.group-to-host +RewriteMap entity-to-host txt:/path/to/map.entity-to-host + +RewriteRule ^/u/<strong>([^/]+)</strong>/?(.*) http://<strong>${user-to-host:$1|server0}</strong>/u/$1/$2 +RewriteRule ^/g/<strong>([^/]+)</strong>/?(.*) http://<strong>${group-to-host:$1|server0}</strong>/g/$1/$2 +RewriteRule ^/e/<strong>([^/]+)</strong>/?(.*) http://<strong>${entity-to-host:$1|server0}</strong>/e/$1/$2 + +RewriteRule ^/([uge])/([^/]+)/?$ /$1/$2/.www/ +RewriteRule ^/([uge])/([^/]+)/([^.]+.+) /$1/$2/.www/$3\ +</pre></div> + </dd> + </dl> + + + + <h3>Ȩµð·ºÅ丮¸¦ ´Ù¸¥ À¥¼¹ö·Î ÀÌÀü</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>¸¹Àº À¥°ü¸®ÀÚ´Â À¥¼¹öÀÇ ¸ðµç Ȩµð·ºÅ丮¸¦ ´Ù¸¥ + À¥¼¹ö·Î ÀÌÀüÇÑ °æ¿ì ÇØ°áÃ¥À» ¹°¾îº»´Ù. ÀÌ ¹æ¹ýÀº + ÀÌÀü ¼¹ö¸¦ ´ëüÇÒ »õ·Î¿î ¼¹ö¸¦ ±¸¼ºÇϴµ¥ ½Ã°£ÀÌ + °É¸®´Â °æ¿ì¿¡ ÇÊ¿äÇÏ´Ù.</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p><code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>¸¦ »ç¿ëÇÏ¸é °£´ÜÇÏ´Ù. + ÀÌÀü À¥¼¹ö´Â ¸ðµç <code>/~user/anypath</code> URLÀ» + <code>http://newserver/~user/anypath</code>·Î + ¸®´ÙÀÌ·º¼ÇÇÏ¸é µÈ´Ù.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteRule ^/~(.+) http://<strong>newserver</strong>/~$1 [R,L] +</pre></div> + </dd> + </dl> + + + + <h3>Ȩµð·ºÅ丮 ±¸Á¶ ¸¸µé±â</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>»ç¿ëÀÚ°¡ ¼öõ¸íÀÎ »çÀÌÆ®´Â º¸Åë Ȩµð·ºÅ丮 ±¸Á¶¸¦ + ¸¸µç´Ù. Áï, ¿¹¸¦ µé¾î À̸§ÀÌ »ç¿ëÀÚ¸íÀÇ Ã¹¹ø° ¹®ÀÚÀÎ + ÇÏÀ§µð·ºÅ丮¿¡ Ȩµð·ºÅ丮¸¦ µÐ´Ù. ±×·¡¼, + <code>/~foo/anypath</code>´Â + <code>/home/<strong>f</strong>/foo/.www/anypath</code>ÀÌ°í, + <code>/~bar/anypath</code>´Â + <code>/home/<strong>b</strong>/bar/.www/anypath</code>ÀÌ´Ù.</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>¹°°áÇ¥½Ã°¡ ÀÖ´Â URLÀ» À§¿Í °°Àº ±¸Á¶·Î º¯È¯ÇϱâÀ§ÇØ + ´ÙÀ½ ±ÔÄ¢À» »ç¿ëÇÑ´Ù.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteRule ^/~(<strong>([a-z])</strong>[a-z0-9]+)(.*) /home/<strong>$2</strong>/$1/.www$3 +</pre></div> + </dd> + </dl> + + + + <h3>ÆÄÀϽýºÅÛ À籸¼º</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>ÀÌ ¿¹´Â ½Ç·Î ÇϵåÄÚ¾îÀûÀÌ´Ù: µð·ºÅ丮º° + <code>RewriteRules</code>¸¦ ¸Å¿ì ¸¹ÀÌ »ç¿ëÇÏ¿© ÀÚ·á + ÀÚü´Â ±×´ë·Î µÐü·Î À¥¿¡ ÀڷḦ ÀÚ¿¬½º·´°Ô ºê¶ó¿ì¡Çϵµ·Ï + ÇÑ´Ù. ¹è°æ: ³ª´Â 1992³â ºÎÅÍ ÀÚÀ¯·Ó°Ô »ç¿ëÇÒ ¼ö ÀÖ´Â + À¯´Ð½º ¼ÒÇÁÆ®¿þ¾îµéÀ» <strong><em>net.sw</em></strong>¿¡ + ¸ð¾ÆµÎ°í ÀÖ¾ú´Ù. ÀÌ´Â ³»°¡ ÄÄÇ»ÅÍ°úÇÐÀ» °øºÎÇÏ¸é¼ + ¿©·¯Çص¿¾È ¿©°¡½Ã°£¿¡ ½Ã½ºÅÛ °ü¸®ÀÚ¿Í ³×Æ®¿÷ °ü¸®ÀÚ¸¦ + ÇؿԱ⶧¹®¿¡ ³» Ãë¹ÌÀÌÀÚ ÀÏÀÌ´Ù. ¸ÅÁÖ¸¶´Ù »õ·Î ¼ÒÇÁÆ®¿þ¾î°¡ + Ãß°¡µÉ ¶§¸¶´Ù µð·ºÅ丮¸¦ ±í°Ô ¸¸µé¾î¿Ô´Ù:</p> + +<div class="example"><pre> +drwxrwxr-x 2 netsw users 512 Aug 3 18:39 Audio/ +drwxrwxr-x 2 netsw users 512 Jul 9 14:37 Benchmark/ +drwxrwxr-x 12 netsw users 512 Jul 9 00:34 Crypto/ +drwxrwxr-x 5 netsw users 512 Jul 9 00:41 Database/ +drwxrwxr-x 4 netsw users 512 Jul 30 19:25 Dicts/ +drwxrwxr-x 10 netsw users 512 Jul 9 01:54 Graphic/ +drwxrwxr-x 5 netsw users 512 Jul 9 01:58 Hackers/ +drwxrwxr-x 8 netsw users 512 Jul 9 03:19 InfoSys/ +drwxrwxr-x 3 netsw users 512 Jul 9 03:21 Math/ +drwxrwxr-x 3 netsw users 512 Jul 9 03:24 Misc/ +drwxrwxr-x 9 netsw users 512 Aug 1 16:33 Network/ +drwxrwxr-x 2 netsw users 512 Jul 9 05:53 Office/ +drwxrwxr-x 7 netsw users 512 Jul 9 09:24 SoftEng/ +drwxrwxr-x 7 netsw users 512 Jul 9 12:17 System/ +drwxrwxr-x 12 netsw users 512 Aug 3 20:15 Typesetting/ +drwxrwxr-x 10 netsw users 512 Jul 9 14:08 X11/ +</pre></div> + + <p>1996³â 7¿ù ÀÌ ÀúÀå¼Ò¸¦ ¸ÚÀÖ´Â À¥ ÀÎÅÍÆäÀ̽º¸¦ ÅëÇØ + ¼¼»ó¿¡ °ø°³Çϱâ·Î °áÁ¤ÇÞ´Ù. "¸ÚÀÖ´Ù"´Â ¸»Àº, ÃÖ»óÀ§ + µð·ºÅ丮¿¡ CGI ½ºÅ©¸³Æ®¸¦ µÎÁö ¾Ê°íµµ, ÀúÀå¼Ò °èÃþ±¸Á¶¸¦ + Á÷Á¢ ºê¶ó¿ìÁúÇÏ±æ ¹Ù¶õ´Ù´Â ¶æÀÌ´Ù. ¿Ö? ÀúÀå¼Ò¸¦ ³ªÁß¿¡ + FTP·Îµµ Á¢±ÙÇÒ ¼ö ÀÖµµ·Ï ¸¸µé ¿¹Á¤ÀÌ¿´±â¶§¹®¿¡ À¥À̳ª + CGI¿Í °ü·ÃµÈ ³»¿ëÀ» °°ÀÌ µÎ±â ½È¾ú´Ù.</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>ÇØ°áÃ¥Àº µÎ ºÎºÐÀ¸·Î ³ª´¶´Ù: ¸ÕÀú µð·ºÅ丮 ¼öÁØ¿¡¼ + ÇÊ¿äÇÑ ¸ðµç ÆäÀÌÁö¸¦ µ¿ÀûÀ¸·Î ¸¸µå´Â CGI ½ºÅ©¸³Æ®°¡ + ÇÊ¿äÇÏ´Ù. ³ª´Â ÀÌ ½ºÅ©¸³Æ®µéÀ» ´ÙÀ½°ú °°ÀÌ + <code>/e/netsw/.www/</code>¿¡ µÎ¾ú´Ù:</p> + +<div class="example"><pre> +-rw-r--r-- 1 netsw users 1318 Aug 1 18:10 .wwwacl +drwxr-xr-x 18 netsw users 512 Aug 5 15:51 DATA/ +-rw-rw-rw- 1 netsw users 372982 Aug 5 16:35 LOGFILE +-rw-r--r-- 1 netsw users 659 Aug 4 09:27 TODO +-rw-r--r-- 1 netsw users 5697 Aug 1 18:01 netsw-about.html +-rwxr-xr-x 1 netsw users 579 Aug 2 10:33 netsw-access.pl +-rwxr-xr-x 1 netsw users 1532 Aug 1 17:35 netsw-changes.cgi +-rwxr-xr-x 1 netsw users 2866 Aug 5 14:49 netsw-home.cgi +drwxr-xr-x 2 netsw users 512 Jul 8 23:47 netsw-img/ +-rwxr-xr-x 1 netsw users 24050 Aug 5 15:49 netsw-lsdir.cgi +-rwxr-xr-x 1 netsw users 1589 Aug 3 18:43 netsw-search.cgi +-rwxr-xr-x 1 netsw users 1885 Aug 1 17:41 netsw-tree.cgi +-rw-r--r-- 1 netsw users 234 Jul 30 16:35 netsw-unlimit.lst +</pre></div> + + <p><code>DATA/</code> ÇÏÀ§µð·ºÅ丮¿¡ À§¿¡¼ ¸»ÇÑ ÀúÀå¼Ò°¡ + ÀÖ´Ù. ½ÇÁ¦ <strong><em>net.sw</em></strong>ÀÇ ³»¿ëÀº º¸Åë + <code>rdist</code>¸¦ »ç¿ëÇÏ¿© ÀÚµ¿À¸·Î °¡Á®¿Â´Ù. µÎ¹ø° + ºÎºÐÀÌ ³²¾Ò´Ù: ¾î¶»°Ô ÀÌ µÎ ±¸Á¶¸¦ ÇϳªÀÇ ÀÚ¿¬½º·¯¿î + URL ±¸Á¶·Î ¿¬°áÇϴ°¡? »ç¿ëÀÚ¿¡°Ô <code>DATA/</code> + µð·ºÅ丮¸¦ °¨Ãß°í, URL¸¶´Ù ÀûÀýÇÑ CGI ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇÏ°í + ½Í´Ù. ÇØ°áÃ¥Àº ´ÙÀ½°ú °°´Ù: ¸ÕÀú ¼¹öÀÇ <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code>¿¡¼ °ø°³µÈ + URL <code>/net.sw/</code>¸¦ ³»ºÎ °æ·Î <code>/e/netsw</code>·Î + ÀçÀÛ¼ºÇϱâÀ§ÇØ µð·ºÅ丮º° ¼³Á¤ÆÄÀÏ¿¡ ´ÙÀ½°ú °°ÀÌ ¼³Á¤ÇÑ´Ù:</p> + +<div class="example"><pre> +RewriteRule ^net.sw$ net.sw/ [R] +RewriteRule ^net.sw/(.*)$ e/netsw/$1 +</pre></div> + + <p>ù¹ø° ±ÔÄ¢Àº ¸¶Áö¸·¿¡ ½½·¡½¬°¡ ¾ø´Â ¿äûÀ» À§Çؼ + »ç¿ëÇß´Ù! µÎ¹ø° ±ÔÄ¢ÀÌ ½ÇÁ¦ ÀÛ¾÷À» ÇÑ´Ù. ±×¸®°í µð·ºÅ丮º° + ¼³Á¤ÆÄÀÏ <code>/e/netsw/.www/.wwwacl</code>¿¡ °áÁ¤ÀûÀÎ + ¼³Á¤ÀÌ ³ª¿Â´Ù:</p> + +<div class="example"><pre> +Options ExecCGI FollowSymLinks Includes MultiViews + +RewriteEngine on + +# ¾Õ ºÎºÐÀÌ /net.sw/ ·Î Á¢±ÙÇÑ´Ù +RewriteBase /net.sw/ + +# ¸ÕÀú ÃÖ»óÀ§ µð·ºÅ丮¸¦ +# cgi ½ºÅ©¸³Æ®·Î ÀçÀÛ¼ºÇÑ´Ù +RewriteRule ^$ netsw-home.cgi [L] +RewriteRule ^index\.html$ netsw-home.cgi [L] + +# ºê¶ó¿ìÀú°¡ µð·ºÅ丮º° ÆäÀÌÁö¸¦ ¿äûÇÑ °æ¿ì +# ÇÏÀ§µð·ºÅ丮¸¦ ÃßÃâÇÑ´Ù +RewriteRule ^.+/(netsw-[^/]+/.+)$ $1 [L] + +# ÀÌÁ¦ ÀçÀÛ¼ºÀ» ¸¶Ä£´Ù +RewriteRule ^netsw-home\.cgi.* - [L] +RewriteRule ^netsw-changes\.cgi.* - [L] +RewriteRule ^netsw-search\.cgi.* - [L] +RewriteRule ^netsw-tree\.cgi$ - [L] +RewriteRule ^netsw-about\.html$ - [L] +RewriteRule ^netsw-img/.*$ - [L] + +# ´Ù¸¥ cgi ½ºÅ©¸³Æ®°¡ ó¸®ÇÒ +# ÇÏÀ§µð·ºÅ丮°¡ ³²¾Ò´Ù +RewriteRule !^netsw-lsdir\.cgi.* - [C] +RewriteRule (.*) netsw-lsdir.cgi/$1 +</pre></div> + + <p>Çؼ®À» À§ÇÑ ÈùÆ®:</p> + + <ol> + <li>³×¹ø° ºÎºÐ¿¡¼ ´ëü Çʵå('<code>-</code>')°¡ + ¾ø°í <code>L</code> (last) Ç÷¡±×°¡ ÀÖÀ½À» ÁÖ¸ñÇ϶ó</li> + + <li>¸¶Áö¸· ºÎºÐ¿¡¼ ù¹ø° ±ÔÄ¢¿¡ <code>!</code> + (not) ¹®ÀÚ¿Í <code>C</code> (chain) Ç÷¡±×¸¦ ÁÖ¸ñÇ϶ó</li> + + <li>¸¶Áö¸· ±ÔÄ¢¿¡¼ ±âŸ ÇØ´çÇÏÁö ¾Ê´Â ¸ðµç °æ¿ì¸¦ + Àâ¾Æ³»´Â ÆÐÅÏÀ» ÁÖ¸ñÇ϶ó</li> + </ol> + </dd> + </dl> + + + + <h3>NCSA imagemapÀ» ¾ÆÆÄÄ¡ <code>mod_imap</code>À¸·Î</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>»ç¶÷µéÀº NCSA À¥¼¹ö¿¡¼ Çö´ëÀûÀÎ ¾ÆÆÄÄ¡ À¥¼¹ö·Î + ÀÚ¿¬½º·´°Ô ¿Å°Ü°¡±æ ¹Ù¶õ´Ù. ±×·¡¼ ¿À·¡µÈ NCSA + <code>imagemap</code> ÇÁ·Î±×·¥À» »ç¿ëÇÑ ÆäÀÌÁö¸¦ Çö´ëÀûÀÎ + ¾ÆÆÄÄ¡ <code class="module"><a href="../mod/mod_imap.html">mod_imap</a></code>·Î ó¸®ÇÏ±æ ¹Ù¶õ´Ù. + ¹®Á¦´Â <code>imagemap</code> ÇÁ·Î±×·¥À» + <code>/cgi-bin/imagemap/path/to/page.map</code>°ú + °°ÀÌ ÂüÁ¶ÇÏ´Â ÇÏÀÌÆÛ¸µÅ©°¡ ¸¹´Ù´Â °ÍÀÌ´Ù. ¾ÆÆÄÄ¡´Â + <code>/path/to/page.map</code>°ú °°Àº ¿äûÀ» ¹Þ¾Æ¾ß + ÇÑ´Ù.</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>¸ðµç ¿äû¿¡¼ ¾ÕºÎºÐÀ» µ¿ÀûÀ¸·Î Á¦°ÅÇÏ´Â Àü¿ª ±ÔÄ¢À» + »ç¿ëÇÑ´Ù:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteRule ^/cgi-bin/imagemap(.*) $1 [PT] +</pre></div> + </dd> + </dl> + + + + <h3>¿©·¯ µð·ºÅ丮¿¡¼ ÆäÀÌÁö °Ë»ö</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>°¡²û À¥¼¹ö°¡ ¿©·¯ µð·ºÅ丮¿¡¼ ÆÄÀÏÀ» ã¾Æ¾ß ÇÒ + ¶§°¡ ÀÖ´Ù. ÀÌ °æ¿ì MultiViews³ª ´Ù¸¥ ¹æ¹ýÀº µµ¿òÀÌ + ¾ÈµÈ´Ù.</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>¿©·¯ µð·ºÅ丮¿¡¼ ÆÄÀÏÀ» ã´Â ±ÔÄ¢À» Á÷Á¢ ÇÁ·Î±×·¥ÇÑ´Ù.</p> + +<div class="example"><pre> +RewriteEngine on + +# ¸ÕÀú custom/¿¡¼ ã±æ ½ÃµµÇÏ°í... +# ...ãÀ¸¸é ³¡! +RewriteCond /your/docroot/<strong>dir1</strong>/%{REQUEST_FILENAME} -f +RewriteRule ^(.+) /your/docroot/<strong>dir1</strong>/$1 [L] + +# µÎ¹ø°·Î pub/¿¡¼ ã±æ ½ÃµµÇÑ´Ù... +# ...ãÀ¸¸é ³¡! +RewriteCond /your/docroot/<strong>dir2</strong>/%{REQUEST_FILENAME} -f +RewriteRule ^(.+) /your/docroot/<strong>dir2</strong>/$1 [L] + +# ¸øãÀ¸¸é ´Ù¸¥ Alias³ª ScriptAlias Áö½Ã¾î µîÀ¸·Î ÁøÇàÇÑ´Ù. +RewriteRule ^(.+) - [PT] +</pre></div> + </dd> + </dl> + + + + <h3>URL¿¡ µû¶ó ȯ°æº¯¼ö¸¦ ¼³Á¤ÇÑ´Ù</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>¿äûµé°£¿¡ »óÅÂÁ¤º¸¸¦ À¯ÁöÇϱâÀ§ÇØ URL¿¡ Á¤º¸¸¦ + ÀÎÄÚµùÇÏ´Â ¹æ¹ýµµ ÀÖ´Ù. ±×·¯³ª ´ÜÁö ÀÌ Á¤º¸¸¦ Á¦°ÅÇϱâÀ§ÇØ + ¸ðµç ÆäÀÌÁö¿¡ CGI wrapper¸¦ »ç¿ëÇÏ°í ½ÍÁö ¾Ê´Ù.</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>ÀçÀÛ¼º ±ÔÄ¢À» »ç¿ëÇÏ¿© »óÅÂÁ¤º¸¸¦ ÃßÃâÇÏ°í, ÃßÃâÇÑ + Á¤º¸¸¦ ³ªÁß¿¡ XSSI³ª CGI¿¡¼ »ç¿ëÇϱâÀ§ÇØ È¯°æº¯¼ö¿¡ + ÀúÀåÇÑ´Ù. ±×·¡¼ URL <code>/foo/S=java/bar/</code>´Â + <code>/foo/bar/</code>·Î º¯È¯µÇ°í <code>STATUS</code>¶ó´Â + ȯ°æº¯¼ö °ªÀ» "java"·Î ¼³Á¤ÇÑ´Ù.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteRule ^(.*)/<strong>S=([^/]+)</strong>/(.*) $1/$3 [E=<strong>STATUS:$2</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>°¡»ó »ç¿ëÀÚ È£½ºÆ®</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>°¡»óÈ£½ºÆ®¸¦ »ç¿ëÇÏÁö ¾Ê°í °°Àº ÄÄÇ»ÅÍ·Î DNS A + ·¹Äڵ带 ¼³Á¤ÇÏ¿© + <code>www.<strong>username</strong>.host.domain.com</code>À» + »ç¿ëÀÚÀÇ È¨ÆäÀÌÁö·Î Á¦°øÇÏ°í ½Í´Ù.</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>HTTP/1.0 ¿äûÀÇ °æ¿ì ¹æ¹ýÀÌ ¾øÁö¸¸, Host: HTTP + Çì´õ¸¦ Æ÷ÇÔÇÑ HTTP/1.1 ¿äûÀº ´ÙÀ½ ±ÔÄ¢À» »ç¿ëÇÏ¿© + ³»ºÎÀûÀ¸·Î <code>http://www.username.host.com/anypath</code>¸¦ + <code>/home/username/anypath</code>·Î ÀçÀÛ¼ºÇÒ ¼ö + ÀÖ´Ù:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteCond %{<strong>HTTP_HOST</strong>} ^www\.<strong>[^.]+</strong>\.host\.com$ +RewriteRule ^(.+) %{HTTP_HOST}$1 [C] +RewriteRule ^www\.<strong>([^.]+)</strong>\.host\.com(.*) /home/<strong>$1</strong>$2 +</pre></div> + </dd> + </dl> + + + + <h3>Ȩµð·ºÅ丮¸¦ ¿ÜºÎ ¼¹ö·Î ¸®´ÙÀÌ·º¼Ç</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>Áö¿ª µµ¸ÞÀÎ <code>ourdomain.com</code> ¹Û¿¡¼ ¿äûÀÌ + µé¾î¿À¸é Ȩµð·ºÅ丮 URLÀ» ´Ù¸¥ À¥¼¹ö + <code>www.somewhere.com</code>À¸·Î ¸®´Ù¸®·º¼ÇÇϱæ + ¹Ù¶õ´Ù. Á¾Á¾ °¡»óÈ£½ºÆ® »ç¿ëÀå¼Ò¿¡¼ »ç¿ëÇÑ´Ù.</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>ÀçÀÛ¼º Á¶°ÇÀ» »ç¿ëÇÏ¸é µÈ´Ù:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteCond %{REMOTE_HOST} <strong>!^.+\.ourdomain\.com$</strong> +RewriteRule ^(/~.+) http://www.somewhere.com/$1 [R,L] +</pre></div> + </dd> + </dl> + + + + <h3>½ÇÆÐÇÑ URLÀ» ´Ù¸¥ À¥¼¹ö·Î ¸®´ÙÀÌ·º¼Ç</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>URL ÀçÀÛ¼º¿¡ ´ëÇؼ À¥¼¹ö A¿¡ ÇØ´ç ÆÄÀÏÀÌ ¾ø´Â + °æ¿ì À¥¼¹ö B·Î ¿äûÀ» ¸®´ÙÀÌ·º¼ÇÇÏ´Â ¹æ¹ýÀ» ÀÚÁÖ + ¹°¾îº»´Ù. º¸Åë Perl·Î ÀÛ¼ºÇÑ <code class="directive"><a href="../mod/core.html#errordocument">ErrorDocument</a></code> CGI ½ºÅ©¸³Æ®¸¦ + »ç¿ëÇÏÁö¸¸, <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>¸¦ »ç¿ëÇÏ´Â + ¹æ¹ýµµ ÀÖ´Ù. ±×·¯³ª ¼º´ÉÀº <code class="directive"><a href="../mod/core.html#errordocument">ErrorDocument</a></code> CGI ½ºÅ©¸³Æ®º¸´Ù + ¶³¾îÁüÀ» ¸í½ÉÇ϶ó!</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>ù¹ø° ¹æ¹ýÀº ºü¸£Áö¸¸ À¯¿¬¼ºÀÌ ¶³¾îÁö°í ¿ÏÀüÇÏÁö + ¾Ê´Ù:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteCond /your/docroot/%{REQUEST_FILENAME} <strong>!-f</strong> +RewriteRule ^(.+) http://<strong>webserverB</strong>.dom/$1 +</pre></div> + + <p>ÀÌ ¹æ¹ýÀÇ ´ÜÁ¡Àº <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code> ¾È¿¡ ÀÖ´Â ÆäÀÌÁö¸¸ + °¡´ÉÇÏ´Ù´Â Á¡ÀÌ´Ù. (¿¹¸¦ µé¾î Ȩµð·ºÅ丮 µîÀ» À§ÇØ) + Á¶°ÇÀ» Ãß°¡ÇÒ ¼ö ÀÖÁö¸¸, ´õ ÁÁÀº ¹æ¹ýÀÌ ÀÖ´Ù:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteCond %{REQUEST_URI} <strong>!-U</strong> +RewriteRule ^(.+) http://<strong>webserverB</strong>.dom/$1 +</pre></div> + + <p><code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>ÀÇ URL Àü¹æÂüÁ¶(look-ahead)¸¦ + »ç¿ëÇÑ´Ù. ±×·¡¼ ¸ðµç URL¿¡ µ¿ÀÛÇÏ°í ¾ÈÀüÇÏ´Ù. ±×·¯³ª + ¸ðµç ¿äû¸¶´Ù ³»ºÎ ÇÏÀ§¿äûÀ» Çѹø ´õ Çϱ⶧¹®¿¡ À¥¼¹ö + ¼º´É¿¡ ¾Ç¿µÇâÀ» ÁØ´Ù. ±×·¡¼ °·ÂÇÑ CPU¿¡¼ À¥¼¹ö¸¦ + ½ÇÇàÇÑ´Ù¸é »ç¿ëÇ϶ó. ÄÄÇ»ÅÍ°¡ ´À¸®´Ù¸é ù¹ø° ¹æ¹ýÀ̳ª + ´õ ³ªÀº <code class="directive"><a href="../mod/core.html#errordocument">ErrorDocument</a></code> + CGI ½ºÅ©¸³Æ®¸¦ »ç¿ëÇ϶ó.</p> + </dd> + </dl> + + + + <h3>È®Àå ¸®´ÙÀÌ·º¼Ç</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>°¡²û ¸®´ÙÀÌ·º¼ÇÇÏ´Â URLÀ» ´õ Á¶ÀýÇÒ ÇÊ¿ä°¡ ÀÖ´Ù. + ¾ÆÆÄÄ¡ ³»ºÎ URL escape ÇÔ¼ö´Â "<code>url#anchor</code>" + °°Àº URLÀÇ anchorµµ escapeÇÑ´Ù. ¾ÆÆÄÄ¡ÀÇ + <code>uri_escape()</code> ÇÔ¼ö´Â ¿ì¹°Á¤ÀÚ(#)µµ °°ÀÌ + escapeÇϹǷΠ»ç¿ëÇÒ ¼ö ¾ø´Ù. ±×·¯¸é ¾î¶»°Ô ÀÌ·± URL·Î + ¸®´ÙÀÌ·º¼ÇÇÒ ¼ö ÀÖ³ª?</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>Á÷Á¢ ¸®´ÙÀÌ·º¼ÇÇÏ´Â NPH-CGI ½ºÅ©¸³Æ®¸¦ »ç¿ëÇÑ ÇØ°áÃ¥ÀÌ + ÇÊ¿äÇÏ´Ù. escape¸¦ ÇÏÁö ¾Ê±â¶§¹®ÀÌ´Ù (NPH=non-parseable + headers). ¸ÕÀú ´ÙÀ½ ¼¹ö¼³Á¤À» ÇÏ¿© (ÀçÀÛ¼º ±ÔÄ¢ÀÇ + ³¡ºÎºÐ¿¡ »ç¿ëÇØ¾ß ÇÑ´Ù) »õ·Î¿î URL scheme + <code>xredirect:</code>¸¦ µµÀÔÇÑ´Ù:</p> + +<div class="example"><pre> +RewriteRule ^xredirect:(.+) /path/to/nph-xredirect.cgi/$1 \ + [T=application/x-httpd-cgi,L] +</pre></div> + + <p>±×·¯¸é <code>xredirect:</code>·Î ½ÃÀÛÇÏ´Â ¸ðµç URLÀº + <code>nph-xredirect.cgi</code> ÇÁ·Î±×·¥À» ÅëÇÏ°Ô µÈ´Ù. + ÇÁ·Î±×·¥Àº ´ÙÀ½°ú °°´Ù:</p> + +<div class="example"><pre> +#!/path/to/perl +## +## nph-xredirect.cgi -- NPH/CGI script for extended redirects +## Copyright (c) 1997 Ralf S. Engelschall, All Rights Reserved. +## + +$| = 1; +$url = $ENV{'PATH_INFO'}; + +print "HTTP/1.0 302 Moved Temporarily\n"; +print "Server: $ENV{'SERVER_SOFTWARE'}\n"; +print "Location: $url\n"; +print "Content-type: text/html\n"; +print "\n"; +print "<html>\n"; +print "<head>\n"; +print "<title>302 Moved Temporarily (EXTENDED)</title>\n"; +print "</head>\n"; +print "<body>\n"; +print "<h1>Moved Temporarily (EXTENDED)</h1>\n"; +print "The document has moved <a HREF=\"$url\">here</a>.<p>\n"; +print "</body>\n"; +print "</html>\n"; + +##EOF## +</pre></div> + + <p>±×·¯¸é <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>°¡ Á÷Á¢ ¹ÞÁö¸øÇÏ´Â + ¸ðµç URL schemeÀ¸·Î ¸®´ÙÀÌ·º¼ÇÇÒ ¼ö ÀÖ´Ù. ¿¹¸¦ µé¾î, + ´ÙÀ½°ú °°ÀÌ <code>news:newsgroup</code>À¸·Î ¸®´ÙÀÌ·º¼ÇÇÒ + ¼ö ÀÖ´Ù</p> + +<div class="example"><pre> +RewriteRule ^anyurl xredirect:news:newsgroup +</pre></div> + + <div class="note">ÁÖÀÇ: À§ÀÇ Æ¯º°ÇÑ "Åë°ú" ±ÔÄ¢À» »ç¿ëÇÏ¿© + <code>xredirect:</code>¸¦ ¸¶Áö¸·¿¡ È®ÀåÇØ¾ß Çϱ⶧¹®¿¡ + ±ÔÄ¢¿¡ <code>[R]</code>À̳ª <code>[R,L]</code>À» »ç¿ëÇϸé + ¾ÈµÈ´Ù.</div> + </dd> + </dl> + + + + <h3>ÀúÀå¼Ò Á¢±Ù Áß°è(multiplexer)</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p><a href="http://www.perl.com/CPAN">http://www.perl.com/CPAN</a>¿¡ + ÀÖ´Â ´ë´ÜÇÑ CPAN (Comprehensive Perl Archive Network)À» + ¾Æ´Â°¡? ÀÌ ÁÖ¼Ò´Â ¼¼°è¿¡ Èð¾îÁø ¿©·¯ CPAN ¹Ì·¯ FTP + ¼¹öÁß Å¬¶óÀ̾ðÆ®¿¡ °¡±îÀÌ ÀÖ´Â ¼¹ö·Î ¸®´ÙÀÌ·º¼ÇÇÑ´Ù. + À̸¦ FTP Á¢±Ù Áß°è ¼ºñ½º¶ó°í ÇÑ´Ù. CPANÀº CGI ½ºÅ©¸³Æ®¸¦ + »ç¿ëÇÏÁö¸¸, <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>¸¦ »ç¿ëÇÏ¿© + ºñ½ÁÇÏ°Ô ¸¸µé ¼ö ÀÖÀ»±î?</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>¸ÕÀú <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> 3.0.0 ¹öÀüºÎÅÍ + ¸®´ÙÀÌ·º¼Ç¿¡ "<code>ftp:</code>" schemeÀ» »ç¿ëÇÒ ¼ö + ÀÖ´Ù. ´ÙÀ½À¸·Î Ŭ¶óÀ̾ðÆ®ÀÇ ÃÖ»óÀ§ µµ¸ÞÀÎÀ» <code class="directive"><a href="../mod/mod_rewrite.html#rewritemap">RewriteMap</a></code>°ú °°ÀÌ + »ç¿ëÇÏ¿© À§Ä¡¸¦ ÃßÁ¤ÇÒ ¼ö ÀÖ´Ù. º¹ÀâÈ÷ ¿«ÀÎ ±ÔÄ¢¿¡¼ + ÃÖ»óÀ§ µµ¸ÞÀÎÀ» Áß°è¸ÊÀÇ Å°·Î »ç¿ëÇÑ´Ù.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteMap multiplex txt:/path/to/map.cxan +RewriteRule ^/CxAN/(.*) %{REMOTE_HOST}::$1 [C] +RewriteRule ^.+\.<strong>([a-zA-Z]+)</strong>::(.*)$ ${multiplex:<strong>$1</strong>|ftp.default.dom}$2 [R,L] +</pre></div> + +<div class="example"><pre> +## +## map.cxan -- Multiplexing Map for CxAN +## + +de ftp://ftp.cxan.de/CxAN/ +uk ftp://ftp.cxan.uk/CxAN/ +com ftp://ftp.cxan.com/CxAN/ + : +##EOF## +</pre></div> + </dd> + </dl> + + + + <h3>½Ã°£¿¡ µû¸¥ ÀçÀÛ¼º</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>½Ã°£¿¡ µû¶ó ´Ù¸¥ ³»¿ëÀ» ¼ºñ½ºÇÏ´Â °æ¿ì ¸¹Àº À¥°ü¸®ÀÚ´Â + Àá½Ã Ưº°ÇÑ ÆäÀÌÁö·Î ¸®´ÙÀÌ·º¼ÇÇϱâÀ§ÇØ CGI ½ºÅ©¸³Æ®¸¦ + »ç¿ëÇÑ´Ù. <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>·Î´Â ¾î¶»°Ô + ÇÒ ¼ö Àִ°¡?</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>ÀçÀÛ¼º Á¶°Ç¿¡¼ »ç¿ëÇÒ ¼ö ÀÖ´Â ¿©·¯ <code>TIME_xxx</code> + º¯¼ö°¡ ÀÖ´Ù. º¯¼ö¿Í Ưº°ÇÑ »çÀü¼ø¼ ºñ±³ + <code><STRING</code>, <code>>STRING</code>, + <code>=STRING</code>À» »ç¿ëÇÏ¿© ½Ã°£¿¡ µû¶ó ¸®´ÙÀÌ·º¼ÇÇÒ + ¼ö ÀÖ´Ù:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteCond %{TIME_HOUR}%{TIME_MIN} >0700 +RewriteCond %{TIME_HOUR}%{TIME_MIN} <1900 +RewriteRule ^foo\.html$ foo.day.html +RewriteRule ^foo\.html$ foo.night.html +</pre></div> + + <p>URL <code>foo.html</code>À» ¿äûÇϸé + <code>07:00-19:00</code> µ¿¾È <code>foo.day.html</code> + ³»¿ëÀ» ¼ºñ½ºÇÏ°í, ³ª¸ÓÁö ½Ã°£ µ¿¾È + <code>foo.night.html</code> ³»¿ëÀ» ¼ºñ½ºÇÑ´Ù. ȨÆäÀÌÁö¿¡¼ + »ç¿ëÇϱâ ÁÁÀº ±â´ÉÀÌ´Ù...</p> + </dd> + </dl> + + + + <h3>YYYY¸¦ XXXX·Î ÀÌÀüÇÑ °æ¿ì ¿ªÈ£È¯</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>¿©·¯ <code>.html</code> ÆÄÀÏÀ» <code>.phtml</code>·Î + º¯È¯ÇÏ´Â µî <code>document.YYYY</code>¸¦ + <code>document.XXXX</code>·Î ÀÌÀüÇÑÈÄ ¿ªÈ£È¯(backward + compatibility) URLÀ» (°¡»óÀûÀ¸·Î Á¸ÀçÇÏ°Ô) ¸¸µé ¼ö + ÀÖ³ª?</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>À̸§À» ±âº»À̸§À¸·Î ÀçÀÛ¼ºÇÑÈÄ »õ·Î¿î È®ÀåÀÚ¸¦ + °¡Áø ÆÄÀÏÀÌ ÀÖ´ÂÁö °Ë»çÇÑ´Ù. ÀÖ´Ù¸é ±× ÆÄÀϸíÀ» »ç¿ëÇÏ°í, + ¾øÀ¸¸é URLÀ» ¿ø·¡ »óÅ·ΠÀçÀÛ¼ºÇÑ´Ù.</p> + + +<div class="example"><pre> +# ¹®¼.html ÀÌ ¾ø°í +# ¹®¼.phtml ¸¸ ÀÖ´Â °æ¿ì +# ¹®¼.html À» ¹®¼.phtml ·Î +# ÀçÀÛ¼ºÇÏ´Â ¿ªÈ£È¯ ±ÔÄ¢ +RewriteEngine on +RewriteBase /~quux/ +# ±âº»À̸§À» ã°í, ã¾Ò´Ù´Â »ç½ÇÀ» ±â¾ïÇÑ´Ù +RewriteRule ^(.*)\.html$ $1 [C,E=WasHTML:yes] +# ÆÄÀÏÀÌ ÀÖ´Ù¸é ¹®¼.phtml ·Î ÀçÀÛ¼ºÇÑ´Ù +RewriteCond %{REQUEST_FILENAME}.phtml -f +RewriteRule ^(.*)$ $1.phtml [S=1] +# ¾Æ´Ï¸é ¾Õ¿¡¼ ãÀº ±âº»À̸§À» µÇµ¹¸°´Ù +RewriteCond %{ENV:WasHTML} ^yes$ +RewriteRule ^(.*)$ $1.html +</pre></div> + </dd> + </dl> + + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="content" id="content">ÄÁÅÙÃ÷ ´Ù·ç±â</a></h2> + + + + <h3>»õ·Î ÀÌÀü (°¨Ãß±â)</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>ÃÖ±Ù <code>foo.html</code>À» <code>bar.html</code>·Î + º¯°æÇÏ°í ¿ªÈ£È¯¼ºÀ» À§ÇØ ÀÌÀü URLÀ» °è¼Ó Á¦°øÇÏ°í + ½Í´Ù°í °¡Á¤ÇÏÀÚ. »ç¿ëÀÚ´Â ÀÌÀü URLÀÌ º¯°æµÇ¾ú´Ù´Â + »ç½ÇÀ» ´«Ä¡Ã¤Áö ¸øÇÑ´Ù.</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>´ÙÀ½ ±ÔÄ¢À¸·Î ÀÌÀü URLÀ» ³»ºÎÀûÀ¸·Î »õ·Î¿î URL·Î + ÀçÀÛ¼ºÇÑ´Ù:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteRule ^<strong>foo</strong>\.html$ <strong>bar</strong>.html +</pre></div> + </dd> + </dl> + + + + <h3>»õ·Î ÀÌÀü (¾Ë¸®±â)</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>´Ù½Ã <code>foo.html</code>À» <code>bar.html</code>·Î + º¯°æÇÏ°í ¿ªÈ£È¯¼ºÀ» À§ÇØ ÀÌÀü URLÀ» °è¼Ó Á¦°øÇÏ°í + ½Í´Ù°í °¡Á¤ÇÏÀÚ. ±×·¯³ª ÀÌÁ¦´Â ÀÌÀü URLÀ» »ç¿ëÇϸé + »ç¿ëÀÚ¿¡°Ô »õ·Î¿î URLÀ» ÈùÆ®·Î ¾Ë·ÁÁØ´Ù. Áï, ºê¶ó¿ìÀú + ÁÖ¼ÒâÀÌ º¯ÇÑ´Ù.</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>»õ·Î¿î URL·Î HTTP ¸®´ÙÀÌ·º¼ÇÇÏ´Ù. ±×·¯¸é ºê¶ó¿ìÀú°¡ + »õ·Î¿î URL¸¦ º¸ÀÌ°í º¯°æ»ç½ÇÀ» »ç¿ëÀÚ°¡ ¾Ë°ÔµÈ´Ù:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteRule ^<strong>foo</strong>\.html$ <strong>bar</strong>.html [<strong>R</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>ºê¶ó¿ìÀú¿¡ µû¸¥ ³»¿ë</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>ÃÖ¼ÒÇÑ Áß¿äÇÑ ÃÖ»óÀ§ ÆäÀÌÁö´Â ºê¶ó¿ìÀú¿¡ ÃÖÀûÈµÈ + ³»¿ëÀ¸·Î ¼ºñ½ºÇؾßÇÒ °æ¿ì°¡ ÀÖ´Ù. Áï, ÃֽŠNetscape + ºê¶ó¿ìÀú¿¡°Ô´Â ÃÖ»óÀÇ ¹öÀüÀ», Lynx ºê¶ó¿ìÀú¿¡°Ô´Â + ÃÖÀú ¹öÀüÀ», ³ª¸ÓÁö ºê¶ó¿ìÀú¿¡´Â Æò±ÕÀûÀÎ ¹öÀüÀ» + Á¦°øÇÑ´Ù.</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>ºê¶ó¿ìÀú°¡ ³»¿ëÇù»óÀ» À§ÇØ ÀÚ½ÅÀÇ Á¾·ù¿¡ ´ëÇÑ Á¤º¸¸¦ + Á¦°øÇÏÁö ¾Ê±â¶§¹®¿¡ ³»¿ëÇù»óÀ» »ç¿ëÇÒ ¼ö ¾ø´Ù. ´ë½Å + HTTP "User-Agent" Çì´õ¸¦ »ç¿ëÇÑ´Ù. ´ÙÀ½ ±ÔÄ¢Àº HTTP + "User-Agent" Çì´õ°¡ "Mozilla/3"À¸·Î ½ÃÀÛÇϸé + <code>foo.html</code> ÆäÀÌÁö¸¦ <code>foo.NS.html</code>·Î + ÀçÀÛ¼ºÇÏ°í ÀçÀÛ¼ºÀ» Áß´ÜÇÑ´Ù. ºê¶ó¿ìÀú°¡ "Lynx"³ª + "Mozilla" ¹öÀü 1 ȤÀº 2¶ó¸é URLÀº + <code>foo.20.html</code>ÀÌ µÈ´Ù. ³ª¸ÓÁö ºê¶ó¿ìÀú´Â + <code>foo.32.html</code> ÆäÀÌÁö¸¦ ¹Þ´Â´Ù. ¾Æ·¡ ±ÔÄ¢ÀÌ + ÀÌ ÀÛ¾÷À» ÇÑ´Ù:</p> + +<div class="example"><pre> +RewriteCond %{HTTP_USER_AGENT} ^<strong>Mozilla/3</strong>.* +RewriteRule ^foo\.html$ foo.<strong>NS</strong>.html [<strong>L</strong>] + +RewriteCond %{HTTP_USER_AGENT} ^<strong>Lynx/</strong>.* [OR] +RewriteCond %{HTTP_USER_AGENT} ^<strong>Mozilla/[12]</strong>.* +RewriteRule ^foo\.html$ foo.<strong>20</strong>.html [<strong>L</strong>] + +RewriteRule ^foo\.html$ foo.<strong>32</strong>.html [<strong>L</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>µ¿Àû ¹Ì·¯</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>¿ÜºÎ È£½ºÆ®¿¡ ¿ì¸® »çÀÌÆ®·Î °¡Á®¿À°í ½ÍÀº ÁÁÀº + À¥ÆäÀÌÁö°¡ ÀÖ´Ù°í °¡Á¤ÇÏÀÚ. FTP ¼¹öÀÇ °æ¿ì Á÷Á¢ ¿ÜºÎ + ÀÚ·áÀÇ Ãֽź¹»çº»À» À¯ÁöÇÏ´Â <code>mirror</code> ÇÁ·Î±×·¥À» + »ç¿ëÇÒ ¼ö ÀÖ°í, À¥¼¹ö¶ó¸é HTTP·Î ºñ½ÁÇÑ ÀÛ¾÷À» ÇÏ´Â + <code>webcopy</code> ÇÁ·Î±×·¥À» »ç¿ëÇÒ ¼ö ÀÖ´Ù. ±×·¯³ª + µÎ ¹æ¹ý ¸ðµÎ ´ÜÁ¡ÀÌ ÀÖ´Ù: º¹»çº»Àº °¡²û¾¿ ÇÁ·Î±×·¥À» + ½ÇÇàÇØÁÙ ¶§¸¸ ÃÖ½ÅÆÇÀ¸·Î À¯ÁöµÈ´Ù. Á÷Á¢ ±¸¼ºÇؾßÇÏ´Â + Á¤ÀûÀÎ ¹Ì·¯°¡ ¾Æ´Ï¶ó¸é ÁÁ°Ú´Ù. ´ë½Å (¿ÜºÎ È£½ºÆ®¿¡¼ + ÀÚ·á°¡ °»½ÅµÇ¸é) ÇÊ¿äÇÒ¶§ ÀÚµ¿À¸·Î ÀڷḦ °»½ÅÇÏ´Â + µ¿Àû ¹Ì·¯°¡ ÇÊ¿äÇÏ´Ù.</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>À̸¦ À§ÇØ <dfn>Proxy Throughput</dfn> ±â´ÉÀ» (Ç÷¡±× + <code>[P]</code>) »ç¿ëÇÏ¿© ¿ÜºÎ À¥ÆäÀÌÁö ȤÀº ¿ÜºÎ + À¥°ø°£ Àüü¸¦ ¿ì¸® À̸§°ø°£À¸·Î ´ëÀÀÇÑ´Ù:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteRule ^<strong>hotsheet/</strong>(.*)$ <strong>http://www.tstimpreso.com/hotsheet/</strong>$1 [<strong>P</strong>] +</pre></div> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteRule ^<strong>usa-news\.html</strong>$ <strong>http://www.quux-corp.com/news/index.html</strong> [<strong>P</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>µ¿Àû ¿ª¹Ì·¯</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd>...</dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> +<div class="example"><pre> +RewriteEngine on +RewriteCond /mirror/of/remotesite/$1 -U +RewriteRule ^http://www\.remotesite\.com/(.*)$ /mirror/of/remotesite/$1 +</pre></div> + </dd> + </dl> + + + + <h3>¾ø´Â ÀڷḦ ÀÎÆ®¶ó³Ý¿¡¼ °¡Á®¿À±â</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>½ÇÁ¦ ÀڷḦ ¹æȺ®ÀÌ º¸È£ÇÏ´Â (³»ºÎ) ÀÎÆ®¶ó³Ý À¥¼¹ö¿¡ + (<code>www2.quux-corp.dom</code>) ÀúÀåÇϸé¼, ±â¾÷ÀÇ + (¿ÜºÎ) ÀÎÅÍ³Ý À¥¼¹ö¸¦ (<code>www.quux-corp.dom</code>) + ½ÇÇàÇÏ´Â °Íó·³ º¸ÀÌ°Ô ÇÑ´Ù. ¿ÜºÎ À¥¼¹ö´Â ¿äûÇÑ + ÀڷḦ ³»ºÎ À¥¼¹ö¿¡¼ °¡Á®¿Â´Ù.</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>¸ÕÀú ¹æȺ®ÀÌ ³»ºÎ À¥¼¹ö¸¦ º¸È£ÇÏ°í ¿ÜºÎ À¥¼¹ö¸¸ÀÌ + ³»ºÎ À¥¼¹ö¿¡¼ ÀڷḦ ¾òÀ» ¼ö ÀÖ°Ô ÇÑ´Ù. ´ÙÀ½°ú °°ÀÌ + ÆÐŶÇÊÅ͸µ ¹æȺ®À» ¼³Á¤ÇÑ´Ù:</p> + +<div class="example"><pre> +<strong>ALLOW</strong> Host www.quux-corp.dom Port >1024 --> Host www2.quux-corp.dom Port <strong>80</strong> +<strong>DENY</strong> Host * Port * --> Host www2.quux-corp.dom Port <strong>80</strong> +</pre></div> + + <p>½ÇÁ¦ ¼³Á¤¹®¹ý¿¡ ¾Ë¸Â°Ô °íÃĶó. ¾ø´Â ÀڷḦ ³»ºÎÀûÀ¸·Î + proxy throughput ±â´ÉÀ» ÅëÇØ ¿äûÇÏ´Â + <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> ±ÔÄ¢À» ÀÛ¼ºÇÑ´Ù:</p> + +<div class="example"><pre> +RewriteRule ^/~([^/]+)/?(.*) /home/$1/.www/$2 +RewriteCond %{REQUEST_FILENAME} <strong>!-f</strong> +RewriteCond %{REQUEST_FILENAME} <strong>!-d</strong> +RewriteRule ^/home/([^/]+)/.www/?(.*) http://<strong>www2</strong>.quux-corp.dom/~$1/pub/$2 [<strong>P</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>·Îµå¹ë·±½Ì (ºÎÇÏ ºÐ»êÇϱâ)</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p><code>www.foo.com</code>ÀÇ Åë½Å·®À» + <code>www[0-5].foo.com</code> (ÃÑ ¼¹ö 6´ë)À¸·Î ºÐ»êÇÏ°í + ½Í´Ù. ¾î¶»°Ô Çϴ°¡?</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>¸Å¿ì ´Ù¾çÇÑ ¹æ¹ýÀ¸·Î ÀÌ ¹®Á¦¸¦ ÇØ°áÇÒ ¼ö ÀÖ´Ù. + ¸ÕÀú DNS¸¦ »ç¿ëÇÑ Àß ¾Ë·ÁÁø ¹æ¹ýÀ» ¼³¸íÇÏ°í, + <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>¸¦ »ç¿ëÇÏ´Â °æ¿ì¸¦ »ìÆ캸ÀÚ:</p> + + <ol> + <li> + <strong>DNS Round-Robin</strong> + + <p>°¡Àå °£´ÜÇÑ ·Îµå¹ë·±½Ì ¹æ¹ýÀº <code>BIND</code>ÀÇ + DNS round-robin ¹æ½ÄÀ» »ç¿ëÇÏ´Â °ÍÀÌ´Ù. ´ÙÀ½°ú + °°ÀÌ DNS A(address) ·¹Äڵ忡 + <code>www[0-9].foo.com</code>À» ¼³Á¤ÇÑ´Ù.</p> + +<div class="example"><pre> +www0 IN A 1.2.3.1 +www1 IN A 1.2.3.2 +www2 IN A 1.2.3.3 +www3 IN A 1.2.3.4 +www4 IN A 1.2.3.5 +www5 IN A 1.2.3.6 +</pre></div> + + <p>±×¸®°í ´ÙÀ½ Ç׸ñÀ» Ãß°¡ÇÑ´Ù:</p> + +<div class="example"><pre> +www IN CNAME www0.foo.com. + IN CNAME www1.foo.com. + IN CNAME www2.foo.com. + IN CNAME www3.foo.com. + IN CNAME www4.foo.com. + IN CNAME www5.foo.com. + IN CNAME www6.foo.com. +</pre></div> + + <p>À߸øµÈ °Íó·³ º¸ÀÌÁö¸¸, ½ÇÁ¦·Î <code>BIND</code>ÀÇ + ÀǵµµÈ ±â´ÉÀÌ´Ù. ÀÌÁ¦ <code>www.foo.com</code>À» + ãÀ¸¸é, <code>BIND</code>´Â ¸Å¹ø ¼ø¼¸¦ Á¶±Ý¾¿ + ¹Ù²ã°¡¸ç <code>www0-www6</code>À» ¹ÝȯÇÑ´Ù. ±×·¡¼ + Ŭ¶óÀ̾ðÆ®µéÀ» ¿©·¯ ¼¹ö·Î ºÐ»êÇÑ´Ù. ±×·¯³ª DNS + °Ë»ö °á°ú°¡ ³×Æ®¿÷ÀÇ ´Ù¸¥ ³×ÀÓ¼¹ö¿¡ ij½¬µÇ¿© + <code>www.foo.com</code>À» ãÀº °á°ú°¡ ƯÁ¤ + <code>wwwN.foo.com</code>À̸é Ŭ¶óÀ̾ðÆ®ÀÇ ´ÙÀ½ + ¿äûµéµµ °°Àº <code>wwwN.foo.com</code>À¸·Î + º¸³»Áö±â¶§¹®¿¡ ¿Ïº®ÇÑ ·Îµå¹ë·±½Ì ±â¹ýÀÌ ¾Æ´ÔÀ» + ÁÖÀÇÇ϶ó. ±×·¯³ª Å©°Ô º¸¸é ¿äûÀÌ ¿©·¯ À¥¼¹ö¿¡ + ºÐ»êµÇ¹Ç·Î È¿°ú°¡ ÁÁ´Ù.</p> + </li> + + <li> + <strong>DNS ·Îµå¹ë·±½Ì</strong> + + <p><a href="http://www.stanford.edu/~schemers/docs/lbnamed/lbnamed.html">http://www.stanford.edu/~schemers/docs/lbnamed/lbnamed.html</a>¿¡ + ÀÖ´Â <code>lbnamed</code> ÇÁ·Î±×·¥À» »ç¿ëÇÏ¿© + Á¤±³ÇÑ DNS±â¹Ý ·Îµå¹ë·±½ÌÀ» ÇÒ ¼ö ÀÖ´Ù. DNS°¡ + ½ÇÁ¦ ·Îµå¹ë·±½ÌÀ» Çϵµ·Ï ¸¸µå´Â ¿©·¯ µµ±¸¿Í Perl + 5 ÇÁ·Î±×·¥ÀÌ´Ù.</p> + </li> + + <li> + <strong>Proxy Throughput Round-Robin</strong> + + <p>ÀÌ ¹æ¹ýÀº <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>¿Í proxy + throughput ±â´ÉÀ» »ç¿ëÇÑ´Ù. ¸ÕÀú DNS¿¡ ´ÙÀ½ Ç׸ñÀ» + »ç¿ëÇÏ¿© <code>www0.foo.com</code>ÀÌ ½ÇÁ¦ + <code>www.foo.com</code>À» Àü´ãÇÏ°Ô ÇÑ´Ù</p> + +<div class="example"><pre> +www IN CNAME www0.foo.com. +</pre></div> + + <p>±×¸®°í <code>www0.foo.com</code>À» ÇÁ·Ï½ÃÀü¿ë + ¼¹ö·Î º¯°æÇÑ´Ù. Áï, URLÀ» ¹ÞÀ¸¸é ¼¹ö´Â ³»ºÎ + ÇÁ·Ï½Ã¸¦ ÅëÇØ ´Ù¸¥ 5´ë ¼¹öÁß (<code>www1-www5</code>) + ÇÑ´ë·Î º¸³»±â¸¸ ÇÑ´Ù. À̸¦ À§ÇØ ¸ÕÀú ¸ðµç URLÀ» + ·Îµå¹ë·±½Ì ½ºÅ©¸³Æ® <code>lb.pl</code>·Î º¸³»´Â + ±ÔÄ¢À» ¸¸µç´Ù.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteMap lb prg:/path/to/lb.pl +RewriteRule ^/(.+)$ ${lb:$1} [P,L] +</pre></div> + + <p><code>lb.pl</code>À» ÀÛ¼ºÇÑ´Ù:</p> + +<div class="example"><pre> +#!/path/to/perl +## +## lb.pl -- ·Îµå¹ë·±½Ì ½ºÅ©¸³Æ® +## + +$| = 1; + +$name = "www"; # ±âº» È£½ºÆ®¸í +$first = 1; # ù¹ø° ¼¹ö (ÀÚ½ÅÀÌ 0À̱⠶§¹®¿¡, 0À» »ç¿ëÇÏÁö ¾Ê´Â´Ù) +$last = 5; # round-robin¿¡¼ ¸¶Áö¸· ¼¹ö +$domain = "foo.dom"; # µµ¸ÞÀθí + +$cnt = 0; +while (<STDIN>) { + $cnt = (($cnt+1) % ($last+1-$first)); + $server = sprintf("%s%d.%s", $name, $cnt+$first, $domain); + print "http://$server/$_"; +} + +##EOF## +</pre></div> + + <div class="note">¸¶Áö¸· ÁÖÀÇ: ¿Ö ÀÌ ¹æ¹ýÀÌ À¯¿ëÇÑ°¡? + <code>www0.foo.com</code>¿¡ ºÎ´ãÀÌ °¡Áö¾Ê´Â°¡? + ¹°·Ð, ºÎ´ãÀÌ µÈ´Ù. ±×·¯³ª ´Ü¼øÇÑ proxy throughput + ¿äû¸¸ Çϱ⶧¹®¿¡ ±¦Âú´Ù! ¸ðµç SSI, CGI, ePerl + µîÀº ÀüÀûÀ¸·Î ´Ù¸¥ ¼¹ö°¡ ó¸®ÇÑ´Ù. ÀÌ°ÍÀÌ ÇÙ½ÉÀÌ´Ù.</div> + </li> + + <li> + <strong>Çϵå¿þ¾î/TCP Round-Robin</strong> + + <p>Çϵå¿þ¾î¸¦ »ç¿ëÇÑ ÇØ°áÃ¥µµ ÀÖ´Ù. Cisco´Â TCP/IP + ¼öÁØ¿¡¼ ·Îµå¹ë·±½ÌÀ» ÇÏ´Â LocalDirector¶ó´Â ±«¹°À» + ÆÇ´Ù. ½ÇÁ¦·Î´Â À¥¼¹ö±º ¾Õ´Ü¿¡ À§Ä¡ÇÏ´Â ÀÏÁ¾ÀÇ + ȸ·Î¼öÁØ °ÔÀÌÆ®¿þÀÌ´Ù. ÀÚ±ÝÀÌ ÃæºÐÇÏ°í °í¼º´É + ÇØ°áÃ¥ÀÌ ÇÊ¿äÇÏ´Ù¸é ÀÌ°ÍÀ» »ç¿ëÇ϶ó.</p> + </li> + </ol> + </dd> + </dl> + + + + <h3>»õ·Î¿î MIME-type, »õ·Î¿î ¼ºñ½º</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>³×Æ®¿÷¿¡´Â ¸ÚÁø CGI ÇÁ·Î±×·¥µéÀÌ ¸¹´Ù. ±×·¯³ª »ç¿ëÇϱâ + ¹ø°Å·¯¿ö¼ ¸¹Àº À¥°ü¸®ÀÚ°¡ »ç¿ëÇÏÁö ¾Ê´Â´Ù. ¾ÆÆÄÄ¡ÀÇ + MIME-type¿¡ µû¸¥ Action Çڵ鷯 ±â´Éµµ CGI ÇÁ·Î±×·¥ÀÌ + Ưº°ÇÑ URLÀ» (Á¤È®È÷ <code>PATH_INFO</code>¿Í + <code>QUERY_STRINGS</code>) ÇÁ·Î±×·¥ÀÇ ÀÔ·ÂÀ¸·Î »ç¿ëÇÏÁö + ¾ÊÀ» ¶§¸¸ ÀûÀýÇÏ´Ù. ¸ÕÀú, È®ÀåÀÚ°¡ (secure CGI¸¦ ÁÙ¿©) + <code>.scgi</code>ÀÎ ÆÄÀÏÀ» À¯¸íÇÑ <code>cgiwrap</code> + ÇÁ·Î±×·¥À¸·Î ó¸®ÇϱâÀ§ÇØ »õ·Î¿î typeÀ» ¼³Á¤ÇÑ´Ù. + ¹®Á¦´Â (À§¿¡¼ º») ÀÏ°üµÈ URL ±¸Á¶¸¦ »ç¿ëÇÏ´Â °æ¿ì + »ç¿ëÀÚ È¨µð·ºÅ丮°¡ <code>/u/user/foo/bar.scgi</code>°°Àº + URLÀÎ Á¡ÀÌ´Ù. <code>cgiwrap</code>´Â + <code>/~user/foo/bar.scgi/</code> Çü½ÄÀÇ URLÀ» + ¿øÇϱ⶧¹®ÀÌ´Ù. ´ÙÀ½ ±ÔÄ¢ÀÌ ¹®Á¦¸¦ ÇØ°áÇÑ´Ù:</p> + +<div class="example"><pre> +RewriteRule ^/[uge]/<strong>([^/]+)</strong>/\.www/(.+)\.scgi(.*) ... +... /internal/cgi/user/cgiwrap/~<strong>$1</strong>/$2.scgi$3 [NS,<strong>T=application/x-http-cgi</strong>] +</pre></div> + + <p>ÀÌÁ¦ ´Ù¸¥ ¸ÚÁø ÇÁ·Î±×·¥, (URL ÇÏÀ§Æ®¸®¿¡ ´ëÇÑ + <code>access.log</code>¸¦ Ãâ·ÂÇÏ´Â) <code>wwwlog</code>¿Í + (URL ÇÏÀ§Æ®¸®¿¡ Glimpse¸¦ ½ÇÇàÇÏ´Â) <code>wwwidx</code>°¡ + ÀÖ´Ù°í °¡Á¤ÇÏÀÚ. ¿ì¸®´Â ÇÁ·Î±×·¥¿¡°Ô ÀÛ¾÷ÇÒ ´ë»óÀÎ + URL ¿µ¿ªÀ» ¾Ë·ÁÁà¾ß ÇÑ´Ù. ±×·¯³ª ¿äûÇÒ¶§¸¶´Ù Ç×»ó + Àû¾îÁà¾ß Çϱ⶧¹®¿¡ ±ò²ûÇÏÁö ¾Ê´Ù. Áï, º¸Åë + <code>/u/user/foo/</code>¿¡ ´ëÇØ <code>swwidx</code> + ÇÁ·Î±×·¥À» ½ÇÇàÇÑ´Ù¸é ´ÙÀ½°ú °°Àº ¸µÅ©¸¦ »ç¿ëÇÑ´Ù</p> + +<div class="example"><pre> +/internal/cgi/user/swwidx?i=/u/user/foo/ +</pre></div> + + <p>±ò²ûÇÏÁö ¾Ê´Ù. ¸µÅ©¿¡ ¿µ¿ªÀÇ À§Ä¡<strong>¿Í</strong> + CGI À§Ä¡¸¦ <strong>¸ðµÎ</strong> Àû¾î¾ß Çϱ⶧¹®ÀÌ´Ù. + ¿µ¿ªÀ» À籸¼ºÇÑ´Ù¸é ¿©·¯ ÇÏÀÌÆÛ¸µÅ©¸¦ ¼öÁ¤Çϴµ¥ ¸¹Àº + ½Ã°£ÀÌ °É¸± °ÍÀÌ´Ù.</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>ÇØ°áÃ¥Àº ÀÚµ¿À¸·Î ÀûÀýÇÑ CGI¸¦ ½ÇÇàÇÏ´Â »õ·Î¿î + Ưº°ÇÑ URL Çü½ÄÀ» ¸¸µå´Â °ÍÀÌ´Ù. ´ÙÀ½°ú °°ÀÌ ¼³Á¤ÇÑ´Ù:</p> + +<div class="example"><pre> +RewriteRule ^/([uge])/([^/]+)(/?.*)/\* /internal/cgi/user/wwwidx?i=/$1/$2$3/ +RewriteRule ^/([uge])/([^/]+)(/?.*):log /internal/cgi/user/wwwlog?f=/$1/$2$3 +</pre></div> + + <p>ÀÌÁ¦ <code>/u/user/foo/</code>À» °Ë»öÇÏ´Â ¸µÅ©´Â + ´ÙÀ½°ú °°´Ù</p> + +<div class="example"><pre> +HREF="*" +/u/user/foo/* (???) +</pre></div> + + <p>³»ºÎÀûÀ¸·Î ´ÙÀ½°ú °°ÀÌ ÀÚµ¿º¯È¯µÈ´Ù</p> + +<div class="example"><pre> +/internal/cgi/user/wwwidx?i=/u/user/foo/ +</pre></div> + + <p>°°Àº ¹æ¹ýÀ¸·Î ¸µÅ© µÚ¿¡ <code>:log</code>¸¦ »ç¿ëÇÏ¿© + Á¢±Ù ·Î±× CGI ÇÁ·Î±×·¥À» ½ÇÇàÇÒ ¼ö ÀÖ´Ù.</p> + </dd> + </dl> + + + + <h3>Á¤Àû¿¡¼ µ¿ÀûÀ¸·Î</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>¾î¶»°Ô ºê¶ó¿ìÀú¿Í »ç¿ëÀÚ°¡ ¸ð¸£°Ô ÀÚ¿¬½º·´°Ô Á¤Àû + ÆäÀÌÁö <code>foo.html</code>À» µ¿ÀûÀÎ <code>foo.cgi</code>·Î + º¯°æÇÒ ¼ö ÀÖ³ª.</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>URLÀ» CGI ½ºÅ©¸³Æ®·Î ÀçÀÛ¼ºÇÏ°í, MIME-typeÀ» ¼öÁ¤ÇÏ¿© + CGI ½ºÅ©¸³Æ®·Î ½ÇÇàÇÏ°Ô ÇÑ´Ù. ±×·¡¼ + <code>/~quux/foo.html</code>¸¦ ¿äûÇÏ¸é ³»ºÎÀûÀ¸·Î + <code>/~quux/foo.cgi</code>¸¦ ½ÇÇàÇÏ°Ô µÈ´Ù.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteBase /~quux/ +RewriteRule ^foo\.<strong>html</strong>$ foo.<strong>cgi</strong> [T=<strong>application/x-httpd-cgi</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>Áï¼® ÄÁÅÙÃ÷ Àç»ý¼º</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>ÀÌ ¹æ¹ýÀº ½Ç·Î ºñ±âÀÌ´Ù: µ¿ÀûÀ¸·Î ÆäÀÌÁö¸¦ »ý¼ºÇÏÁö¸¸, + Á¤ÀûÀ¸·Î ÆäÀÌÁö¸¦ ¼ºñ½ºÇÑ´Ù. Áï, ÆäÀÌÁö´Â ¼ø¼öÇÏ°Ô + (ÆÄÀϽýºÅÛ¿¡¼ ÀÐÀº ³»¿ëÀ» ±×´ë·Î) Á¤Àû ÆäÀÌÁö·Î + Àü´ÞµÇÁö¸¸, ¾øÀ» °æ¿ì À¥¼¹ö°¡ µ¿ÀûÀ¸·Î »ý¼ºÇÑ´Ù. + ±×·¯¸é ´©°¡ (ȤÀº cron ÀÛ¾÷ÀÌ) Á¤Àû ÄÁÅÙÃ÷¸¦ Áö¿ìÁö¾Ê´Â + ÇÑ CGI°¡ »ý¼ºÇÑ ÆäÀÌÁö¸¦ Á¤ÀûÀ¸·Î ¼ºñ½ºÇÑ´Ù. ÄÁÅÙÃ÷¸¦ + Áö¿ì¸é ³»¿ëÀ» °»½ÅÇÑ´Ù.</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + ´ÙÀ½ ±ÔÄ¢À» »ç¿ëÇÑ´Ù: + +<div class="example"><pre> +RewriteCond %{REQUEST_FILENAME} <strong>!-s</strong> +RewriteRule ^page\.<strong>html</strong>$ page.<strong>cgi</strong> [T=application/x-httpd-cgi,L] +</pre></div> + + <p>¿©±â¼ <code>page.html</code>¸¦ ¿äûÇÒ¶§ + <code>page.html</code>ÀÌ ¾ø°Å³ª ÆÄÀÏÅ©±â°¡ 0ÀÎ °æ¿ì + ³»ºÎÀûÀ¸·Î <code>page.cgi</code>¸¦ ½ÇÇàÇÑ´Ù. ¿©±â¼ + ºñ°áÀº <code>page.cgi</code>°¡ ÀϹÝÀûÀÎ CGI ½ºÅ©¸³Æ®¿Í + °°ÀÌ <code>STDOUT</code>¿¡ Ãâ·ÂÇÏ°í, Ãß°¡·Î Ãâ·ÂÀ» + <code>page.html</code> ÆÄÀÏ¿¡ Àû´Â´Ù. Çѹø ½ÇÇàÇÑÈÄ + ¼¹ö´Â <code>page.html</code>ÀÇ Á¤º¸¸¦ º¸³½´Ù. À¥°ü¸®ÀÚ°¡ + °Àç·Î ³»¿ëÀ» °»½ÅÇÏ°í ½Í´Ù¸é, (º¸Åë cron ÀÛ¾÷ÀÌ) + <code>page.html</code>À» Áö¿ì±â¸¸ ÇÏ¸é µÈ´Ù.</p> + </dd> + </dl> + + + + <h3>ÀÚµ¿À¸·Î »õ·Î °íħÇÏ´Â ¹®¼</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>º¹ÀâÇÑ À¥ÆäÀÌÁö¸¦ ¸¸µé¶§ ÆíÁýÀÚ°¡ ³»¿ëÀ» ¼öÁ¤ÇÒ + ¶§¸¶´Ù ÀÚµ¿À¸·Î ÆäÀÌÁö¸¦ »õ·Î °íħÇÏ´Â À¥ºê¶ó¿ìÀú°¡ + ÀÖÀ¸¸é ¾ó¸¶³ª ÁÁÀ»±î? ºÒ°¡´ÉÇÑ°¡?</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>°¡´ÉÇÏ´Ù! MIME multipart ±â´É°ú À¥¼¹ö NPH ±â´É, + <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>ÀÇ URL Á¶ÀÛ ´É·ÂÀ» °áÇÕÇϸé + µÈ´Ù. ¸ÕÀú, »õ·Î¿î URL ±â´ÉÀ» ¸¸µç´Ù: URL¿¡ + <code>:refresh</code>¸¦ Ãß°¡Çϱ⸸ Çϸé ÆÄÀϽýºÅÛ¿¡¼ + ¼öÁ¤µÉ ¶§¸¶´Ù »õ·Î °íħÇÑ´Ù.</p> + +<div class="example"><pre> +RewriteRule ^(/[uge]/[^/]+/?.*):refresh /internal/cgi/apache/nph-refresh?f=$1 +</pre></div> + + <p>ÀÌÁ¦ ´ÙÀ½ URL¿¡ Á¢±ÙÇϸé</p> + +<div class="example"><pre> +/u/foo/bar/page.html:refresh +</pre></div> + + <p>´ÙÀ½ URLÀ» ³»ºÎÀûÀ¸·Î ºÎ¸¥´Ù</p> + +<div class="example"><pre> +/internal/cgi/apache/nph-refresh?f=/u/foo/bar/page.html +</pre></div> + + <p>ÀÌÁ¦ NPH-CGI ½ºÅ©¸³Æ®¸¸ ³²¾Ò´Ù. º¸Åë "µ¶ÀÚ¿¡°Ô + ¿¬½ÀÀ¸·Î ³²°ÜµÒ"À̶ó°í ¸»ÇÏÁö¸¸ ;-) ³ª´Â À̰͵µ Á¦°øÇÑ´Ù.</p> + +<div class="example"><pre> +#!/sw/bin/perl +## +## nph-refresh -- NPH/CGI script for auto refreshing pages +## Copyright (c) 1997 Ralf S. Engelschall, All Rights Reserved. +## +$| = 1; + +# split the QUERY_STRING variable +@pairs = split(/&/, $ENV{'QUERY_STRING'}); +foreach $pair (@pairs) { + ($name, $value) = split(/=/, $pair); + $name =~ tr/A-Z/a-z/; + $name = 'QS_' . $name; + $value =~ s/%([a-fA-F0-9][a-fA-F0-9])/pack("C", hex($1))/eg; + eval "\$$name = \"$value\""; +} +$QS_s = 1 if ($QS_s eq ''); +$QS_n = 3600 if ($QS_n eq ''); +if ($QS_f eq '') { + print "HTTP/1.0 200 OK\n"; + print "Content-type: text/html\n\n"; + print "&lt;b&gt;ERROR&lt;/b&gt;: No file given\n"; + exit(0); +} +if (! -f $QS_f) { + print "HTTP/1.0 200 OK\n"; + print "Content-type: text/html\n\n"; + print "&lt;b&gt;ERROR&lt;/b&gt;: File $QS_f not found\n"; + exit(0); +} + +sub print_http_headers_multipart_begin { + print "HTTP/1.0 200 OK\n"; + $bound = "ThisRandomString12345"; + print "Content-type: multipart/x-mixed-replace;boundary=$bound\n"; + &print_http_headers_multipart_next; +} + +sub print_http_headers_multipart_next { + print "\n--$bound\n"; +} + +sub print_http_headers_multipart_end { + print "\n--$bound--\n"; +} + +sub displayhtml { + local($buffer) = @_; + $len = length($buffer); + print "Content-type: text/html\n"; + print "Content-length: $len\n\n"; + print $buffer; +} + +sub readfile { + local($file) = @_; + local(*FP, $size, $buffer, $bytes); + ($x, $x, $x, $x, $x, $x, $x, $size) = stat($file); + $size = sprintf("%d", $size); + open(FP, "&lt;$file"); + $bytes = sysread(FP, $buffer, $size); + close(FP); + return $buffer; +} + +$buffer = &readfile($QS_f); +&print_http_headers_multipart_begin; +&displayhtml($buffer); + +sub mystat { + local($file) = $_[0]; + local($time); + + ($x, $x, $x, $x, $x, $x, $x, $x, $x, $mtime) = stat($file); + return $mtime; +} + +$mtimeL = &mystat($QS_f); +$mtime = $mtime; +for ($n = 0; $n &lt; $QS_n; $n++) { + while (1) { + $mtime = &mystat($QS_f); + if ($mtime ne $mtimeL) { + $mtimeL = $mtime; + sleep(2); + $buffer = &readfile($QS_f); + &print_http_headers_multipart_next; + &displayhtml($buffer); + sleep(5); + $mtimeL = &mystat($QS_f); + last; + } + sleep($QS_s); + } +} + +&print_http_headers_multipart_end; + +exit(0); + +##EOF## +</pre></div> + </dd> + </dl> + + + + <h3>´ë·®ÀÇ °¡»óÈ£½ºÆ®</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>°¡»óÈ£½ºÆ®°¡ ¸î°³¸¸ ÀÖ´Ù¸é ¾ÆÆÄÄ¡ÀÇ <code class="directive"><a href="../mod/core.html#virtualhost"><VirtualHost></a></code> + ±â´ÉÀÌ Àß µ¿ÀÛÇÑ´Ù. ±×·¯³ª °¡»óÈ£½ºÆ®°¡ ¼ö¹é°³ ÀÖ´Â + ISP¶ó¸é ÀÌ ±â´ÉÀÌ ÃÖ¼±Àº ¾Æ´Ï´Ù.</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>ÀÌ ±â´ÉÀ» Á¦°øÇÏ·Á¸é <dfn>Proxy Throughput</dfn> + ±â´ÉÀ» (Ç÷¡±× <code>[P]</code>) »ç¿ëÇÏ¿© ¿ÜºÎ À¥ÆäÀÌÁö + ȤÀº Àüü ¿ÜºÎ À¥¿µ¿ªÀ» ¿ì¸®ÀÇ À̸§°ø°£¿¡ ´ëÀÀÇÑ´Ù:</p> + +<div class="example"><pre> +## +## vhost.map +## +www.vhost1.dom:80 /path/to/docroot/vhost1 +www.vhost2.dom:80 /path/to/docroot/vhost2 + : +www.vhostN.dom:80 /path/to/docroot/vhostN +</pre></div> + +<div class="example"><pre> +## +## httpd.conf +## + : +# ¸®´ÙÀÌ·ºÆ®ÇÒ¶§ Á¤±Ô È£½ºÆ®¸íÀ» »ç¿ëÇÑ´Ù. +UseCanonicalName on + + : +# °¡»óÈ£½ºÆ®¸¦ CLF Çü½Ä ¾Õ¿¡ Ãß°¡ÇÑ´Ù +CustomLog /path/to/access_log "%{VHOST}e %h %l %u %t \"%r\" %>s %b" + : + +# ÁÖ¼¹ö¿¡¼ ÀçÀÛ¼º ¿£ÁøÀ» »ç¿ëÇÑ´Ù +RewriteEngine on + +# µÎ ¸ÊÀ» Á¤ÀÇÇÑ´Ù: Çϳª´Â URLÀ» °íÄ¡°í, +# ´Ù¸¥ Çϳª´Â °¡»óÈ£½ºÆ®º° DocumentRoot¸¦ +# Á¤ÀÇÇÑ´Ù. +RewriteMap lowercase int:tolower +RewriteMap vhost txt:/path/to/vhost.map + +# ÀÌÁ¦ Å©°í º¹ÀâÇÑ ±ÔÄ¢ ÇÑ°³¸¦ »ç¿ëÇÏ¿© +# °¡»óÈ£½ºÆ®·Î ´ëÀÀÇÑ´Ù. +# +# 1. °¡»óÈ£½ºÆ®µéÀÌ °°ÀÌ »ç¿ëÇÏ´Â À§Ä¡´Â ´ëÀÀÇÏÁö ¾Ê´Â´Ù +RewriteCond %{REQUEST_URI} !^/commonurl1/.* +RewriteCond %{REQUEST_URI} !^/commonurl2/.* + : +RewriteCond %{REQUEST_URI} !^/commonurlN/.* +# +# 2. ¿ì¸®°¡ ÇöÀç »ç¿ëÇÏ´Â ¹æ¹ýÀÌ Host Çì´õ¸¦ +# °¡»óÈ£½ºÆ®¸¦ Áö¿øÇϹǷΠ+# Host Çì´õ°¡ ÀÖ´ÂÁö È®ÀÎÇÑ´Ù +RewriteCond %{HTTP_HOST} !^$ +# +# 3. È£½ºÆ®¸íÀ» ¼Ò¹®ÀÚ·Î ¸¸µç´Ù +RewriteCond ${lowercase:%{HTTP_HOST}|NONE} ^(.+)$ +# +# 4. vhost.map¿¡¼ È£½ºÆ®¸íÀ» ã°í +# °æ·ÎÀ϶§¸¸ ±â¾ïÇÑ´Ù +# (À§¿¡¼ "NONE"Àº ¾Æ´Ï´Ù) +RewriteCond ${vhost:%1} ^(/.*)$ +# +# 5. ¸¶Áö¸·À¸·Î URLÀ» ¹®¼ À§Ä¡·Î ´ëÀÀÇÏ°í +# ·Î±×¿¡ ³²±â±âÀ§ÇØ °¡»óÈ£½ºÆ®¸¦ ±â¾ïÇØ µÐ´Ù +RewriteRule ^/(.*)$ %1/$1 [E=VHOST:${lowercase:%{HTTP_HOST}}] + : +</pre></div> + </dd> + </dl> + + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="access" id="access">Á¢±Ù Á¦ÇÑ</a></h2> + + + + <h3>·Îº¿ ¸·±â</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>¾î¶»°Ô Çϸé ƯÁ¤ À¥°ø°£ÀÇ ÆäÀÌÁö¸¦ ±Ü¾î¸ðÀ¸´Â ±ÍÂúÀº + ·Îº¿À» ¸·À» ¼ö ÀÖ³ª? "Robot Exclusion Protocol" Ç׸ñÀ» + ÀúÀåÇÑ <code>/robots.txt</code> ÆÄÀÏÀº º¸Åë ÀÌ·± ·Îº¿À» + ¸·´Âµ¥ ÃæºÐÇÏÁö ¾Ê´Ù.</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>(¾Æ¸¶µµ µð·ºÅ丮°¡ ±í¾î¼ ·Îº¿ÀÌ µ¹¾Æ´Ù´Ï¸é ¼¹ö¿¡ + ºÎ´ãÀÌ Å« °æ¿ì) À¥°ø°£ <code>/~quux/foo/arc/</code>¿¡ + ÀÖ´Â URLµéÀ» °ÅºÎÇÏ´Â ±ÔÄ¢À» »ç¿ëÇÑ´Ù. ¿ì¸®´Â ƯÁ¤ + ·Îº¿ÀÇ Á¢±ÙÀ» ¸·¾Æ¾ß ÇÑ´Ù. Áï, ·Îº¿À» ½ÇÇàÇϴ ȣ½ºÆ®¸¦ + ¸·´Â °ÍÀ¸·Î´Â ºÒÃæºÐÇϸç, ±× È£½ºÆ®ÀÇ »ç¿ëÀÚµµ ¸·¾Æ¹ö¸®°Ô + µÈ´Ù. User-Agent HTTP Çì´õ Á¤º¸µµ ºñ±³ÇÑ´Ù.</p> + +<div class="example"><pre> +RewriteCond %{HTTP_USER_AGENT} ^<strong>NameOfBadRobot</strong>.* +RewriteCond %{REMOTE_ADDR} ^<strong>123\.45\.67\.[8-9]</strong>$ +RewriteRule ^<strong>/~quux/foo/arc/</strong>.+ - [<strong>F</strong>] +</pre></div> + </dd> + </dl> + + + + <h3>±×¸² ÆÛ°¡±â ¹æÁö</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p><code>http://www.quux-corp.de/~quux/</code>¿¡ ÀÖ´Â + ÆäÀÌÁöµéÀÌ GIF ±×¸²À» Æ÷ÇÔÇÑ´Ù°í °¡Á¤ÇÏÀÚ. ÀÌ ±×¸²ÀÌ + ¸ÚÀÖ¾î¼, ´Ù¸¥ »ç¶÷µéÀÌ ÀÚ½ÅÀÇ ÆäÀÌÁö¿¡ Á÷Á¢ ¸µÅ©¸¦ + °Ç´Ù. ¼¹ö¿¡ ºÒÇÊ¿äÇÑ ºÎ´ãÀÌ µÇ¹Ç·Î ¸·°í ½Í´Ù.</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>±×¸²À» 100% º¸È£ÇÒ ¼ö´Â ¾øÁö¸¸, ÃÖ¼ÒÇÑ ºê¶ó¿ìÀú°¡ + HTTP Referer Çì´õ¸¦ º¸³»´Â °æ¿ì Á¦ÇÑÇÒ ¼ö ÀÖ´Ù.</p> + +<div class="example"><pre> +RewriteCond %{HTTP_REFERER} <strong>!^$</strong> +RewriteCond %{HTTP_REFERER} !^http://www.quux-corp.de/~quux/.*$ [NC] +RewriteRule <strong>.*\.gif$</strong> - [F] +</pre></div> + +<div class="example"><pre> +RewriteCond %{HTTP_REFERER} !^$ +RewriteCond %{HTTP_REFERER} !.*/foo-with-gif\.html$ +RewriteRule <strong>^inlined-in-foo\.gif$</strong> - [F] +</pre></div> + </dd> + </dl> + + + + <h3>È£½ºÆ® °ÅºÎ</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>¾î¶»°Ô ¿ÜºÎ¿¡¼ ¼¹ö¿¡ Á¢±ÙÇÒ ¼ö ¾ø´Â È£½ºÆ® ¸ñ·ÏÀ» + ¼³Á¤ÇÒ ¼ö ÀÖ³ª?</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>¾ÆÆÄÄ¡ >= 1.3b6¿¡¼:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteMap hosts-deny txt:/path/to/hosts.deny +RewriteCond ${hosts-deny:%{REMOTE_HOST}|NOT-FOUND} !=NOT-FOUND [OR] +RewriteCond ${hosts-deny:%{REMOTE_ADDR}|NOT-FOUND} !=NOT-FOUND +RewriteRule ^/.* - [F] +</pre></div> + + <p>¾ÆÆÄÄ¡ <= 1.3b6¿¡¼:</p> + +<div class="example"><pre> +RewriteEngine on +RewriteMap hosts-deny txt:/path/to/hosts.deny +RewriteRule ^/(.*)$ ${hosts-deny:%{REMOTE_HOST}|NOT-FOUND}/$1 +RewriteRule !^NOT-FOUND/.* - [F] +RewriteRule ^NOT-FOUND/(.*)$ ${hosts-deny:%{REMOTE_ADDR}|NOT-FOUND}/$1 +RewriteRule !^NOT-FOUND/.* - [F] +RewriteRule ^NOT-FOUND/(.*)$ /$1 +</pre></div> + +<div class="example"><pre> +## +## hosts.deny +## +## ÁÖÀÇ! ÀÌ°ÍÀº ¸ñ·Ïó·³ º¸ÀÌÁö¸¸ ¸ñ·ÏÀÌ ¾Æ´Ï¶ó ¸ÊÀÌ´Ù. +## mod_rewrite´Â ÀÌ Á¤º¸¸¦ Å°/°ª ½ÖÀ¸·Î Çؼ®Çϱ⶧¹®¿¡, +## °¢ Ç׸ñÀÇ °ª ÀÚ¸®¿¡ ÃÖ¼ÒÇÑ "-"°¡ ÇÊ¿äÇÏ´Ù. +## + +193.102.180.41 - +bsdti1.sdm.de - +192.76.162.40 - +</pre></div> + </dd> + </dl> + + + + <h3>ÇÁ·Ï½Ã °ÅºÎ</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>¾î¶»°Ô ƯÁ¤ È£½ºÆ® ȤÀº ƯÁ¤ È£½ºÆ®ÀÇ »ç¿ëÀÚ°¡ + ¾ÆÆÄÄ¡ ÇÁ·Ï½Ã¸¦ »ç¿ëÇÒ ¼ö ¾øµµ·Ï Çϳª?</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>¸ÕÀú ¾ÆÆÄÄ¡ À¥¼¹ö¸¦ ÄÄÆÄÀÏÇÒ¶§ ±¸¼ºÆÄÀÏ¿¡¼ + <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>°¡ <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> + ¾Æ·¡¿¡(!) ÀÖ¾î¾ß ÇÑ´Ù. ±×·¯¸é <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>´Â + <code class="module"><a href="../mod/mod_proxy.html">mod_proxy</a></code> <em>ÀÌÀü¿¡</em> ºÒ¸°´Ù. + ÀÌÁ¦ ´ÙÀ½°ú °°ÀÌ Æ¯Á¤ È£½ºÆ®¸¦ °ÅºÎÇϵµ·Ï ¼³Á¤ÇÑ´Ù...</p> + +<div class="example"><pre> +RewriteCond %{REMOTE_HOST} <strong>^badhost\.mydomain\.com$</strong> +RewriteRule !^http://[^/.]\.mydomain.com.* - [F] +</pre></div> + + <p>...±×¸®°í ´ÙÀ½Àº user@host¿¡ µû¶ó °ÅºÎÇÑ´Ù:</p> + +<div class="example"><pre> +RewriteCond %{REMOTE_IDENT}@%{REMOTE_HOST} <strong>^badguy@badhost\.mydomain\.com$</strong> +RewriteRule !^http://[^/.]\.mydomain.com.* - [F] +</pre></div> + </dd> + </dl> + + + + <h3>Ưº°ÇÑ ÀÎÁõ ¹æ½Ä</h3> + + + + <dl> + <dt>»óÈ°¼³¸í:</dt> + + <dd> + <p>°¡²û ¸Å¿ì Ưº°ÇÑ ÀÎÁõÀÌ ÇÊ¿äÇÒ ¶§°¡ ÀÖ´Ù. ¿¹¸¦ + µé¾î, ¹Ì¸® ¼³Á¤ÇصР»ç¿ëÀÚÀÎÁö °Ë»çÇÑ´Ù. À̵鿡°Ô¸¸ + (<code class="module"><a href="../mod/mod_auth.html">mod_auth</a></code>ÀÇ Basic Auth¸¦ »ç¿ëÇÑ + °æ¿ì¿Í ´Þ¸®) º°´Ù¸¥ ¹°À½¾øÀÌ Á¢±ÙÀ» Çã¿ëÇÑ´Ù.</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>Ä£±¸¸¸ Á¢±ÙÀÌ °¡´ÉÇϵµ·Ï ÀçÀÛ¼º ±ÔÄ¢µéÀ» »ç¿ëÇÑ´Ù:</p> + +<div class="example"><pre> +RewriteCond %{REMOTE_IDENT}@%{REMOTE_HOST} <strong>!^friend1@client1.quux-corp\.com$</strong> +RewriteCond %{REMOTE_IDENT}@%{REMOTE_HOST} <strong>!^friend2</strong>@client2.quux-corp\.com$ +RewriteCond %{REMOTE_IDENT}@%{REMOTE_HOST} <strong>!^friend3</strong>@client3.quux-corp\.com$ +RewriteRule ^/~quux/only-for-friends/ - [F] +</pre></div> + </dd> + </dl> + + + + <h3>Referer±â¹Ý º¯È¯±â(deflector)</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>"Referer" HTTP Çì´õ¿¡ µû¶ó ¿øÇϴ´ë·Î ÂüÁ¶ÆäÀÌÁö¸¦ + ¼³Á¤ÇÒ ¼ö ÀÖ´Â À¯¿¬ÇÑ URL º¯È¯±â¸¦ ¸¸µé ¼ö Àִ°¡?</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>´ÙÀ½°ú °°ÀÌ º¹ÀâÇÑ ±ÔÄ¢À»...</p> + +<div class="example"><pre> +RewriteMap deflector txt:/path/to/deflector.map + +RewriteCond %{HTTP_REFERER} !="" +RewriteCond ${deflector:%{HTTP_REFERER}} ^-$ +RewriteRule ^.* %{HTTP_REFERER} [R,L] + +RewriteCond %{HTTP_REFERER} !="" +RewriteCond ${deflector:%{HTTP_REFERER}|NOT-FOUND} !=NOT-FOUND +RewriteRule ^.* ${deflector:%{HTTP_REFERER}} [R,L] +</pre></div> + + <p>... ÀçÀÛ¼º ¸Ê°ú °°ÀÌ »ç¿ëÇÑ´Ù:</p> + +<div class="example"><pre> +## +## deflector.map +## + +http://www.badguys.com/bad/index.html - +http://www.badguys.com/bad/index2.html - +http://www.badguys.com/bad/index3.html http://somewhere.com/ +</pre></div> + + <p>±×·¯¸é ¿äûÀ» ÀÚµ¿À¸·Î (¸Ê¿¡¼ °ªÀ¸·Î "<code>-</code>"¸¦ + »ç¿ëÇÑ °æ¿ì) ÂüÁ¶ÆäÀÌÁö³ª (URLÀÌ ¸Ê¿¡ ÀÖ´Â °æ¿ì µÎ¹ø° + ¾Æ±Ô¸ÕÆ®·Î) ƯÁ¤ URL·Î ¸®´ÙÀÌ·º¼ÇÇÑ´Ù.</p> + </dd> + </dl> + + + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="other" id="other">±âŸ</a></h2> + + + + <h3>¿ÜºÎ ÀçÀÛ¼º ¿£Áø</h3> + + + + <dl> + <dt>»óȲ¼³¸í:</dt> + + <dd> + <p>FAQ: ¾î¶»°Ô ÀÌ·±Àú·± Àâ´ÙÇÑ ¹®Á¦¸¦ Ç® ¼ö Àִ°¡? + <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code>·Î´Â ÇØ°áÃ¥ÀÌ ¾Èº¸ÀδÙ...</p> + </dd> + + <dt>ÇØ°áÃ¥:</dt> + + <dd> + <p>¿ÜºÎ <code class="directive"><a href="../mod/mod_rewrite.html#rewritemap">RewriteMap</a></code>À» »ç¿ëÇ϶ó. + Áï, ÇÁ·Î±×·¥ÀÌ <code class="directive"><a href="../mod/mod_rewrite.html#rewritemap">RewriteMap</a></code> ¿ªÇÒÀ» + ÇÑ´Ù. ÇÁ·Î±×·¥Àº ¾ÆÆÄÄ¡°¡ ½ÃÀÛÇÒ¶§ ½ÃÀÛÇÏ¿© + <code>STDIN</code>¿¡¼ ¿äûÇÑ URLÀ» ¹Þ°í, (°°Àº ¼ø¼·Î!) + °á°ú (º¸Åë ÀçÀÛ¼ºµÈ) URLÀ» <code>STDOUT</code>¿¡ Ãâ·ÂÇÑ´Ù.</p> + +<div class="example"><pre> +RewriteEngine on +RewriteMap quux-map <strong>prg:</strong>/path/to/map.quux.pl +RewriteRule ^/~quux/(.*)$ /~quux/<strong>${quux-map:$1}</strong> +</pre></div> + +<div class="example"><pre> +#!/path/to/perl + +# ¾ÆÆÄÄ¡ ¼¹ö°¡ ¸ØÃßÁö ¾Êµµ·Ï +# ÀÔÃâ·Â ¹öÆÛ¸¦ »ç¿ëÇÏÁö ¾Ê´Â´Ù +$| = 1; + +# stdin¿¡¼ ÇÑÁÙ¾¿ URLÀ» Àаí +# stdout¿¡ º¯È¯ÇÑ URLÀ» Ãâ·ÂÇÑ´Ù +while (<>) { + s|^foo/|bar/|; + print $_; +} +</pre></div> + + <p>¼³¸íÇϱâÀ§ÇØ ¸ðµç <code>/~quux/foo/...</code> URLÀ» + <code>/~quux/bar/...</code>·Î ÀçÀÛ¼ºÇÏ´Â ½ºÅ©¸³Æ®¸¦ + ¿¹·Î µé¾ú´Ù. ½ÇÁ¦·Î ¸¶À½´ë·Î ÇÁ·Î±×·¡¹ÖÇÒ ¼ö ÀÖ´Ù. + ±×·¯³ª ÀÏ¹Ý »ç¿ëÀÚ°¡ ÀÌ·± ¸ÊÀ» <strong>»ç¿ëÇÒ</strong> + ¼ö ÀÖ´Ù°í ÇÏ´õ¶ó°í, ¿ÀÁ÷ ½Ã½ºÅÛ °ü¸®ÀÚ¸¸ÀÌ ¸ÊÀ» + <strong>Á¤ÀÇÇؾß</strong> ÇÔÀ» ÁÖÀÇÇ϶ó.</p> + </dd> + </dl> + + + + </div></div> +<div class="bottomlang"> +<p><span>°¡´ÉÇÑ ¾ð¾î: </span><a href="../en/misc/rewriteguide.html" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../ko/misc/rewriteguide.html" title="Korean"> ko </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">¸ðµâ</a> | <a href="../mod/directives.html">Áö½Ã¾îµé</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">¿ë¾î</a> | <a href="../sitemap.html">»çÀÌÆ®¸Ê</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html b/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html new file mode 100644 index 00000000..893872b5 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html @@ -0,0 +1,13 @@ +# GENERATED FROM XML -- DO NOT EDIT + +URI: security_tips.html.en +Content-Language: en +Content-type: text/html; charset=ISO-8859-1 + +URI: security_tips.html.ko.euc-kr +Content-Language: ko +Content-type: text/html; charset=EUC-KR + +URI: security_tips.html.tr.utf8 +Content-Language: tr +Content-type: text/html; charset=UTF-8 diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html.en b/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html.en new file mode 100644 index 00000000..560c8259 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html.en @@ -0,0 +1,354 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>Security Tips - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>Security Tips</h1> +<div class="toplang"> +<p><span>Available Languages: </span><a href="../en/misc/security_tips.html" title="English"> en </a> | +<a href="../ko/misc/security_tips.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> | +<a href="../tr/misc/security_tips.html" hreflang="tr" rel="alternate" title="Türkçe"> tr </a></p> +</div> + + <p>Some hints and tips on security issues in setting up a web server. + Some of the suggestions will be general, others specific to Apache.</p> + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#uptodate">Keep up to Date</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#serverroot">Permissions on ServerRoot Directories</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#ssi">Server Side Includes</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#cgi">CGI in General</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#nsaliasedcgi">Non Script Aliased CGI</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#saliasedcgi">Script Aliased CGI</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#dynamic">Other sources of dynamic content</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#systemsettings">Protecting System Settings</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#protectserverfiles">Protect Server Files by Default</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#watchyourlogs">Watching Your Logs</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="uptodate" id="uptodate">Keep up to Date</a></h2> + + <p>The Apache HTTP Server has a good record for security and a + developer community highly concerned about security issues. But + it is inevitable that some problems -- small or large -- will be + discovered in software after it is released. For this reason, it + is crucial to keep aware of updates to the software. If you have + obtained your version of the HTTP Server directly from Apache, we + highly recommend you subscribe to the <a href="http://httpd.apache.org/lists.html#http-announce">Apache + HTTP Server Announcements List</a> where you can keep informed of + new releases and security updates. Similar services are available + from most third-party distributors of Apache software.</p> + + <p>Of course, most times that a web server is compromised, it is + not because of problems in the HTTP Server code. Rather, it comes + from problems in add-on code, CGI scripts, or the underlying + Operating System. You must therefore stay aware of problems and + updates with all the software on your system.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="serverroot" id="serverroot">Permissions on ServerRoot Directories</a></h2> + + + + <p>In typical operation, Apache is started by the root user, and it + switches to the user defined by the <code class="directive"><a href="../mod/mpm_common.html#user">User</a></code> directive to serve hits. As is the + case with any command that root executes, you must take care that it is + protected from modification by non-root users. Not only must the files + themselves be writeable only by root, but so must the directories, and + parents of all directories. For example, if you choose to place + ServerRoot in <code>/usr/local/apache</code> then it is suggested that + you create that directory as root, with commands like these:</p> + + <div class="example"><p><code> + mkdir /usr/local/apache <br /> + cd /usr/local/apache <br /> + mkdir bin conf logs <br /> + chown 0 . bin conf logs <br /> + chgrp 0 . bin conf logs <br /> + chmod 755 . bin conf logs + </code></p></div> + + <p>It is assumed that <code>/</code>, <code>/usr</code>, and + <code>/usr/local</code> are only modifiable by root. When you install the + <code class="program"><a href="../programs/httpd.html">httpd</a></code> executable, you should ensure that it is + similarly protected:</p> + + <div class="example"><p><code> + cp httpd /usr/local/apache/bin <br /> + chown 0 /usr/local/apache/bin/httpd <br /> + chgrp 0 /usr/local/apache/bin/httpd <br /> + chmod 511 /usr/local/apache/bin/httpd + </code></p></div> + + <p>You can create an htdocs subdirectory which is modifiable by other + users -- since root never executes any files out of there, and shouldn't + be creating files in there.</p> + + <p>If you allow non-root users to modify any files that root either + executes or writes on then you open your system to root compromises. + For example, someone could replace the <code class="program"><a href="../programs/httpd.html">httpd</a></code> binary so + that the next time you start it, it will execute some arbitrary code. If + the logs directory is writeable (by a non-root user), someone could replace + a log file with a symlink to some other system file, and then root + might overwrite that file with arbitrary data. If the log files + themselves are writeable (by a non-root user), then someone may be + able to overwrite the log itself with bogus data.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="ssi" id="ssi">Server Side Includes</a></h2> + + + + <p>Server Side Includes (SSI) present a server administrator with + several potential security risks.</p> + + <p>The first risk is the increased load on the server. All + SSI-enabled files have to be parsed by Apache, whether or not + there are any SSI directives included within the files. While this + load increase is minor, in a shared server environment it can become + significant.</p> + + <p>SSI files also pose the same risks that are associated with CGI + scripts in general. Using the <code>exec cmd</code> element, SSI-enabled + files can execute any CGI script or program under the permissions of the + user and group Apache runs as, as configured in + <code>httpd.conf</code>.</p> + + <p>There are ways to enhance the security of SSI files while still + taking advantage of the benefits they provide.</p> + + <p>To isolate the damage a wayward SSI file can cause, a server + administrator can enable <a href="../suexec.html">suexec</a> as + described in the <a href="#cgi">CGI in General</a> section.</p> + + <p>Enabling SSI for files with <code>.html</code> or <code>.htm</code> + extensions can be dangerous. This is especially true in a shared, or high + traffic, server environment. SSI-enabled files should have a separate + extension, such as the conventional <code>.shtml</code>. This helps keep + server load at a minimum and allows for easier management of risk.</p> + + <p>Another solution is to disable the ability to run scripts and + programs from SSI pages. To do this replace <code>Includes</code> + with <code>IncludesNOEXEC</code> in the <code class="directive"><a href="../mod/core.html#options">Options</a></code> directive. Note that users may + still use <code><--#include virtual="..." --></code> to execute CGI + scripts if these scripts are in directories designated by a <code class="directive"><a href="../mod/mod_alias.html#scriptalias">ScriptAlias</a></code> directive.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="cgi" id="cgi">CGI in General</a></h2> + + + + <p>First of all, you always have to remember that you must trust the + writers of the CGI scripts/programs or your ability to spot potential + security holes in CGI, whether they were deliberate or accidental. CGI + scripts can run essentially arbitrary commands on your system with the + permissions of the web server user and can therefore be extremely + dangerous if they are not carefully checked.</p> + + <p>All the CGI scripts will run as the same user, so they have potential + to conflict (accidentally or deliberately) with other scripts e.g. User + A hates User B, so he writes a script to trash User B's CGI database. One + program which can be used to allow scripts to run as different users is + <a href="../suexec.html">suEXEC</a> which is included with Apache as of + 1.2 and is called from special hooks in the Apache server code. Another + popular way of doing this is with + <a href="http://cgiwrap.unixtools.org/">CGIWrap</a>.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="nsaliasedcgi" id="nsaliasedcgi">Non Script Aliased CGI</a></h2> + + + + <p>Allowing users to execute CGI scripts in any directory should only be + considered if:</p> + + <ul> + <li>You trust your users not to write scripts which will deliberately + or accidentally expose your system to an attack.</li> + <li>You consider security at your site to be so feeble in other areas, + as to make one more potential hole irrelevant.</li> + <li>You have no users, and nobody ever visits your server.</li> + </ul> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="saliasedcgi" id="saliasedcgi">Script Aliased CGI</a></h2> + + + + <p>Limiting CGI to special directories gives the admin control over what + goes into those directories. This is inevitably more secure than non + script aliased CGI, but only if users with write access to the + directories are trusted or the admin is willing to test each + new CGI script/program for potential security holes.</p> + + <p>Most sites choose this option over the non script aliased CGI + approach.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="dynamic" id="dynamic">Other sources of dynamic content</a></h2> + + + + <p>Embedded scripting options which run as part of the server itself, + such as <code>mod_php</code>, <code>mod_perl</code>, <code>mod_tcl</code>, + and <code>mod_python</code>, run under the identity of the server itself + (see the <code class="directive"><a href="../mod/mpm_common.html#user">User</a></code> directive), and + therefore scripts executed by these engines potentially can access + anything the server user can. Some scripting engines may provide + restrictions, but it is better to be safe and assume not.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="systemsettings" id="systemsettings">Protecting System Settings</a></h2> + + + + <p>To run a really tight ship, you'll want to stop users from setting + up <code>.htaccess</code> files which can override security features + you've configured. Here's one way to do it.</p> + + <p>In the server configuration file, put</p> + + <div class="example"><p><code> + <Directory /> <br /> + AllowOverride None <br /> + </Directory> + </code></p></div> + + <p>This prevents the use of <code>.htaccess</code> files in all + directories apart from those specifically enabled.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="protectserverfiles" id="protectserverfiles">Protect Server Files by Default</a></h2> + + + + <p>One aspect of Apache which is occasionally misunderstood is the + feature of default access. That is, unless you take steps to change it, + if the server can find its way to a file through normal URL mapping + rules, it can serve it to clients.</p> + + <p>For instance, consider the following example:</p> + + <div class="example"><p><code> + # cd /; ln -s / public_html <br /> + Accessing <code>http://localhost/~root/</code> + </code></p></div> + + <p>This would allow clients to walk through the entire filesystem. To + work around this, add the following block to your server's + configuration:</p> + + <div class="example"><p><code> + <Directory /> <br /> + Order Deny,Allow <br /> + Deny from all <br /> + </Directory> + </code></p></div> + + <p>This will forbid default access to filesystem locations. Add + appropriate <code class="directive"><a href="../mod/core.html#directory">Directory</a></code> blocks to + allow access only in those areas you wish. For example,</p> + + <div class="example"><p><code> + <Directory /usr/users/*/public_html> <br /> + Order Deny,Allow <br /> + Allow from all <br /> + </Directory> <br /> + <Directory /usr/local/httpd> <br /> + Order Deny,Allow <br /> + Allow from all <br /> + </Directory> + </code></p></div> + + <p>Pay particular attention to the interactions of <code class="directive"><a href="../mod/core.html#location">Location</a></code> and <code class="directive"><a href="../mod/core.html#directory">Directory</a></code> directives; for instance, even + if <code><Directory /></code> denies access, a <code> + <Location /></code> directive might overturn it.</p> + + <p>Also be wary of playing games with the <code class="directive"><a href="../mod/mod_userdir.html#userdir">UserDir</a></code> directive; setting it to + something like <code>./</code> would have the same effect, for root, as + the first example above. If you are using Apache 1.3 or above, we strongly + recommend that you include the following line in your server + configuration files:</p> + + <div class="example"><p><code> + UserDir disabled root + </code></p></div> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="watchyourlogs" id="watchyourlogs">Watching Your Logs</a></h2> + + + + <p>To keep up-to-date with what is actually going on against your server + you have to check the <a href="../logs.html">Log Files</a>. Even though + the log files only reports what has already happened, they will give you + some understanding of what attacks is thrown against the server and + allow you to check if the necessary level of security is present.</p> + + <p>A couple of examples:</p> + + <div class="example"><p><code> + grep -c "/jsp/source.jsp?/jsp/ /jsp/source.jsp??" access_log <br /> + grep "client denied" error_log | tail -n 10 + </code></p></div> + + <p>The first example will list the number of attacks trying to exploit the + <a href="http://online.securityfocus.com/bid/4876/info/">Apache Tomcat + Source.JSP Malformed Request Information Disclosure Vulnerability</a>, + the second example will list the ten last denied clients, for example:</p> + + <div class="example"><p><code> + [Thu Jul 11 17:18:39 2002] [error] [client foo.bar.com] client denied + by server configuration: /usr/local/apache/htdocs/.htpasswd + </code></p></div> + + <p>As you can see, the log files only report what already has happened, so + if the client had been able to access the <code>.htpasswd</code> file you + would have seen something similar to:</p> + + <div class="example"><p><code> + foo.bar.com - - [12/Jul/2002:01:59:13 +0200] "GET /.htpasswd HTTP/1.1" + </code></p></div> + + <p>in your <a href="../logs.html#accesslog">Access Log</a>. This means + you probably commented out the following in your server configuration + file:</p> + + <div class="example"><p><code> + <Files ~ "^\.ht"> <br /> + Order allow,deny <br /> + Deny from all <br /> + </Files> + </code></p></div> + + </div></div> +<div class="bottomlang"> +<p><span>Available Languages: </span><a href="../en/misc/security_tips.html" title="English"> en </a> | +<a href="../ko/misc/security_tips.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> | +<a href="../tr/misc/security_tips.html" hreflang="tr" rel="alternate" title="Türkçe"> tr </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html.ko.euc-kr b/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html.ko.euc-kr new file mode 100644 index 00000000..58c56f14 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html.ko.euc-kr @@ -0,0 +1,345 @@ +<?xml version="1.0" encoding="EUC-KR"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="ko" xml:lang="ko"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>º¸¾È ÆÁ - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">¸ðµâ</a> | <a href="../mod/directives.html">Áö½Ã¾îµé</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">¿ë¾î</a> | <a href="../sitemap.html">»çÀÌÆ®¸Ê</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>º¸¾È ÆÁ</h1> +<div class="toplang"> +<p><span>°¡´ÉÇÑ ¾ð¾î: </span><a href="../en/misc/security_tips.html" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../ko/misc/security_tips.html" title="Korean"> ko </a> | +<a href="../tr/misc/security_tips.html" hreflang="tr" rel="alternate" title="Türkçe"> tr </a></p> +</div> +<div class="outofdate">ÀÌ ¹®¼´Â ÃÖ½ÅÆÇ ¹ø¿ªÀÌ ¾Æ´Õ´Ï´Ù. + ÃÖ±Ù¿¡ º¯°æµÈ ³»¿ëÀº ¿µ¾î ¹®¼¸¦ Âü°íÇϼ¼¿ä.</div> + + <p>À¥¼¹ö¸¦ ¿î¿µÇÒ¶§ µµ¿òÀÌ µÉ º¸¾È °ü·Ã ÈùÆ®¿Í ÆÁÀÌ´Ù. + ¾î¶² °ÍÀº ÀϹÝÀûÀÌ°í, ¾î¶² °ÍÀº ¾ÆÆÄÄ¡¿¡¸¸ ÇØ´çÇÏ´Â °ÍÀÌ´Ù.</p> + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#uptodate">ÃÖ½ÅÆÇÀ¸·Î À¯ÁöÇϱâ</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#serverroot">ServerRoot µð·ºÅ丮 ±ÇÇÑ</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#ssi">Server Side Includes</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#cgi">ÀϹÝÀûÀÎ CGI</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#nsaliasedcgi">ScriptAliasÇÏÁö ¾ÊÀº CGI</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#saliasedcgi">ScriptAliasÇÑ CGI</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#dynamic">µ¿Àû ³»¿ëÀ» »ý¼ºÇÏ´Â ´Ù¸¥ ¹æ¹ý</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#systemsettings">½Ã½ºÅÛ ¼³Á¤ º¸È£Çϱâ</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#protectserverfiles">±âº»ÀûÀ¸·Î ¼¹ö¿¡ ÀÖ´Â ÆÄÀÏ º¸È£Çϱâ</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#watchyourlogs">·Î±× »ìÆ캸±â</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="uptodate" id="uptodate">ÃÖ½ÅÆÇÀ¸·Î À¯ÁöÇϱâ</a></h2> + + <p>¾ÆÆÄÄ¡ À¥¼¹ö´Â ¾ÈÀü°ú º¸¾È ¹®Á¦¿¡ °ü½ÉÀÌ ¸¹Àº °³¹ßÀÚ + °øµ¿Ã¼·Î À¯¸íÇÏ´Ù. ±×·¯³ª Å©°Ç ÀÛ°Ç ¹ßÇ¥ÈÄ ¹ß°ßµÇ´Â ¹®Á¦µéÀ» + ÇÇÇÒ ¼ö ¾ø´Ù. ±×·¡¼ ¼ÒÇÁÆ®¿þ¾î¸¦ ÃֽŹöÀüÀ¸·Î À¯ÁöÇÏ´Â + °ÍÀÌ Áß¿äÇÏ´Ù. ¾ÆÆÄÄ¡¿¡¼ Á÷Á¢ À¥¼¹ö¸¦ ´Ù¿î·ÎµåÇß´Ù¸é, + »õ·Î¿î ¹öÀü°ú º¸¾È ¾÷µ¥ÀÌÆ®¸¦ ¾Ë·ÁÁÖ´Â <a href="http://httpd.apache.org/lists.html#http-announce">¾ÆÆÄÄ¡ + À¥¼¹ö ¹ßÇ¥ ¸ÞÀϸµ¸®½ºÆ®</a>¸¦ ±¸µ¶ÇÏ±æ °·ÂÈ÷ ±ÇÇÑ´Ù. + ¾ÆÆÄÄ¡ ¼ÒÇÁÆ®¿þ¾î¸¦ ¹èÆ÷ÇÏ´Â ¸¹Àº Á¦»ïÀڵ鵵 ºñ½ÁÇÑ ¼ºñ½º¸¦ + Á¦°øÇÑ´Ù.</p> + + <p>¹°·Ð À¥¼¹ö Äڵ嶧¹®¿¡ À¥¼¹ö°¡ °ø°ÝÀ» ´çÇÏ´Â °æ¿ì´Â + ¸¹Áö ¾Ê´Ù. ±×º¸´Ù Ãß°¡ ÄÚµå, CGI ½ºÅ©¸³Æ®, ÇÏÀ§ ¿î¿µÃ¼Á¦ÀÇ + ¹®Á¦·Î °ø°ÝÀ» ´çÇÏ´Â °æ¿ì°¡ ¸¹´Ù. ±×·¯¹Ç·Î Ç×»ó ÁÖÀÇÇϸç + ½Ã½ºÅÛÀÇ ¸ðµç ¼ÒÇÁÆ®¿þ¾î¸¦ ¾÷µ¥ÀÌÆ®ÇØ¾ß ÇÑ´Ù.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="serverroot" id="serverroot">ServerRoot µð·ºÅ丮 ±ÇÇÑ</a></h2> + + + + <p>º¸Åë root »ç¿ëÀÚ°¡ ¾ÆÆÄÄ¡¸¦ ½ÃÀÛÇÑ ÈÄ, ¿äûÀ» ¼ºñ½ºÇϱâÀ§ÇØ + <code class="directive"><a href="../mod/mpm_common.html#user">User</a></code> Áö½Ã¾î·Î + ÁöÁ¤ÇÑ »ç¿ëÀÚ·Î º¯È¯ÇÑ´Ù. root°¡ ½ÇÇàÇÏ´Â ¸í·É¾î°¡ ÀÖ´Ù¸é, + root ÀÌ¿ÜÀÇ »ç¿ëÀÚ°¡ ¼öÁ¤ÇÏÁö ¸øÇϵµ·Ï ÁÖÀÇÇØ¾ß ÇÑ´Ù. ÀÌ + ÆÄÀϵéÀ» root¸¸ ¾µ ¼ö ÀÖ¾î¾ß ÇÏ°í, µð·ºÅ丮¿Í ¸ðµç »óÀ§µð·ºÅ丮µµ + ¸¶Âù°¡Áö´Ù. ¿¹¸¦ µé¾î, ServerRoot·Î /usr/local/apache¸¦ + »ç¿ëÇÑ´Ù¸é root »ç¿ëÀÚ°¡ ´ÙÀ½°ú °°ÀÌ µð·ºÅ丮¸¦ ¸¸µé±æ + Á¦¾ÈÇÑ´Ù:</p> + + <div class="example"><p><code> + mkdir /usr/local/apache <br /> + cd /usr/local/apache <br /> + mkdir bin conf logs <br /> + chown 0 . bin conf logs <br /> + chgrp 0 . bin conf logs <br /> + chmod 755 . bin conf logs + </code></p></div> + + <p>±×·¯¸é /, /usr, /usr/local Àº root¸¸ÀÌ ¼öÁ¤ÇÒ ¼ö ÀÖ´Ù. + httpd ½ÇÇàÆÄÀÏÀ» ¼³Ä¡ÇÒ¶§ ´ÙÀ½°ú °°ÀÌ º¸È£ÇØ¾ß ÇÑ´Ù:</p> + + <div class="example"><p><code> + cp httpd /usr/local/apache/bin <br /> + chown 0 /usr/local/apache/bin/httpd <br /> + chgrp 0 /usr/local/apache/bin/httpd <br /> + chmod 511 /usr/local/apache/bin/httpd + </code></p></div> + + <p>htdocs ÇÏÀ§µð·ºÅ丮´Â ´Ù¸¥ »ç¿ëÀÚµéÀÌ ¼öÁ¤ÇÒ ¼ö ÀÖµµ·Ï + ¸¸µé ¼ö ÀÖ´Ù -- root´Â ±×°÷¿¡ ÀÖ´Â ÆÄÀÏÀ» ½ÇÇàÇÏÁöµµ, ¸¸µéÁöµµ + ¾Ê¾Æ¾ß ÇÑ´Ù.</p> + + <p>root°¡ ¾Æ´Ñ »ç¿ëÀÚ°¡ root°¡ ½ÇÇàÇϰųª ¾²±â°¡´ÉÇÑ ÆÄÀÏÀ» + ¼öÁ¤ÇÒ ¼ö ÀÖ´Ù¸é ½Ã½ºÅÛÀÇ root ±ÇÇÑÀ» ÈÉÄ¥ ¼ö ÀÖ´Ù. ¿¹¸¦ + µé¾î, ´©±º°¡ httpd ½ÇÇàÆÄÀÏÀ» º¯°æÇÏ¿´´Ù¸é ´ÙÀ½¹ø ½ÃÀÛÇÒ¶§ + ÀÓÀÇÀÇ Äڵ带 ½ÇÇàÇÏ°Ô µÈ´Ù. logs µð·ºÅ丮°¡ (root°¡ ¾Æ´Ñ + »ç¿ëÀÚ¿¡°Ô) ¾²±â°¡´ÉÇÏ´Ù¸é ´©±º°¡ ·Î±×ÆÄÀÏÀ» ´Ù¸¥ ½Ã½ºÅÛÆÄÀÏ·Î + ½Éº¼¸µÅ©¸¦ °É¾î¼ root°¡ ÆÄÀÏ¿¡ ÀÓÀÇÀÇ ÀڷḦ µ¤¾î¾µ ¼ö + ÀÖ´Ù. ·Î±×ÆÄÀÏÀÌ (root°¡ ¾Æ´Ñ »ç¿ëÀÚ¿¡°Ô) ¾²±â°¡´ÉÇÏ´Ù¸é + ´©±º°¡ ·Î±×¿¡ ÀÌ»óÇÑ ÀڷḦ ±â·ÏÇÒ ¼ö ÀÖ´Ù.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="ssi" id="ssi">Server Side Includes</a></h2> + + + + <p>Server Side Includes (SSI)´Â ¼¹ö °ü¸®ÀÚ¿¡°Ô º¸¾È»ó ¸î°¡Áö + ÀáÀçÀûÀÎ À§ÇèÀÌ´Ù.</p> + + <p>ù¹ø° À§ÇèÀº ¼¹öÀÇ ºÎÇϸ¦ ´Ã¸®´Â Á¡ÀÌ´Ù. ¾ÆÆÄÄ¡´Â ÆÄÀÏ¿¡ + SSI Áö½Ã¾î°¡ ÀÖ´ÂÁö ¿©ºÎ¿Í °ü°è¾øÀÌ ¸ðµç SSI ÆÄÀÏÀ» ºÐ¼®ÇØ¾ß + ÇÑ´Ù. Á¶±Ý ºÎÇÏ°¡ ´ÃÁö¸¸, ¼¹ö¸¦ ¿©·¯ »ç¶÷ÀÌ °°ÀÌ »ç¿ëÇÏ´Â + ȯ°æ¿¡¼´Â ½É°¢ÇÒ ¼ö ÀÖ´Ù.</p> + + <p>¶Ç, SSI ÆÄÀÏÀº ÀϹÝÀûÀÎ CGI ½ºÅ©¸³Æ®¿Í µ¿ÀÏÇÑ À§ÇèÀ» + °¡Áø´Ù. SSI ÆÄÀÏ¿¡¼ "exec cmd"¸¦ »ç¿ëÇϸé httpd.conf¿¡¼ + ¾ÆÆÄÄ¡¸¦ ½ÇÇàÇϵµ·Ï ¼³Á¤ÇÑ »ç¿ëÀÚ¿Í ±×·ì ±ÇÇÑÀ¸·Î CGI + ½ºÅ©¸³Æ®³ª ÇÁ·Î±×·¥À» ½ÇÇàÇÒ ¼ö ÀÖ´Ù.</p> + + <p>ÀåÁ¡À» È°¿ëÇÏ¸é¼ SSI ÆÄÀÏÀÇ º¸¾ÈÀ» Çâ»ó½ÃÅ°´Â ¹æ¹ýÀÌ + ÀÖ´Ù.</p> + + <p>SSI ÆÄÀÏÀÌ °¡Á®¿Ã ¼ö ÀÖ´Â ÇÇÇظ¦ °Ý¸®ÇϱâÀ§ÇØ ¼¹ö°ü¸®ÀÚ´Â + <a href="#cgi">ÀϹÝÀûÀÎ CGI</a> Àý¿¡¼ ¼³¸íÇÏ´Â ¹æ¹ýÀ¸·Î + <a href="../suexec.html">suexec</a>¸¦ »ç¿ëÇÒ ¼ö ÀÖ´Ù</p> + + <p>.htmlÀ̳ª .htm È®ÀåÀÚ¸¦ SSI ÆÄÀÏ·Î »ç¿ëÇÏ´Â °ÍÀº À§ÇèÇÏ´Ù. + ƯÈ÷ ¿©·¯ »ç¶÷ÀÌ °øÀ¯Çϰųª Åë½Å·®ÀÌ ¸¹Àº ¼¹ö ȯ°æ¿¡¼ + À§ÇèÇÏ´Ù. SSI ÆÄÀÏÀº ÀϹÝÀûÀ¸·Î ¸¹ÀÌ »ç¿ëÇÏ´Â .shtml °°Àº + º°µµÀÇ È®ÀåÀÚ¸¦ °¡Á®¾ß ÇÑ´Ù. ±×·¯¸é ¼¹ö ºÎÇϸ¦ ÃÖ¼ÒÈÇÏ°í + À§Çè¿ä¼Ò¸¦ ½±°Ô °ü¸®ÇÒ ¼ö ÀÖ´Ù.</p> + + <p>´Ù¸¥ ¹æ¹ýÀº SSI ÆäÀÌÁö°¡ ½ºÅ©¸³Æ®³ª ÇÁ·Î±×·¥À» ½ÇÇàÇÏÁö + ¸øÇϵµ·Ï ¸¸µå´Â °ÍÀÌ´Ù. <code class="directive"><a href="../mod/core.html#options">Options</a></code> Áö½Ã¾î¿¡¼ <code>Includes</code> + ´ë½Å <code>IncludesNOEXEC</code>¸¦ »ç¿ëÇÑ´Ù. ±×·¡µµ ½ºÅ©¸³Æ®°¡ + <code class="directive"><a href="../mod/mod_alias.html#scriptalias">ScriptAlias</a></code> Áö½Ã¾î·Î + ÁöÁ¤ÇÑ µð·ºÅ丮¿¡ ÀÖ´Ù¸é <--#include virtual="..." -->¸¦ + »ç¿ëÇÏ¿© CGI ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇÒ ¼ö ÀÖÀ½À» ÁÖÀÇÇ϶ó.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="cgi" id="cgi">ÀϹÝÀûÀÎ CGI</a></h2> + + + + <p>°á±¹ ´ç½ÅÀº Ç×»ó CGI ½ºÅ©¸³Æ®/ÇÁ·Î±×·¥ÀÇ ÀúÀÚ¸¦ ½Å·ÚÇØ¾ß + ÇÏ°í, °íÀÇ°Ç ½Ç¼öÀÌ°Ç CGIÀÇ ÀáÀçÀûÀÎ º¸¾È»ó ÇãÁ¡À» ¹ß°ßÇÒ + ¼ö ÀÖ¾î¾ß ÇÑ´Ù. ±âº»ÀûÀ¸·Î CGI ½ºÅ©¸³Æ®´Â À¥¼¹ö »ç¿ëÀÚ + ±ÇÇÑÀ¸·Î ½Ã½ºÅÛ¿¡¼ ¾î¶² ¸í·É¾î¶óµµ ½ÇÇàÇÒ ¼ö Àֱ⶧¹®¿¡ + ÁÖÀÇÀÖ°Ô È®ÀÎÇÏÁö ¾ÊÀ¸¸é ¸Å¿ì À§ÇèÇÏ´Ù.</p> + + <p>¸ðµç CGI ½ºÅ©¸³Æ®°¡ °°Àº »ç¿ëÀÚ·Î ½ÇÇàµÇ±â¶§¹®¿¡ ´Ù¸¥ + ½ºÅ©¸³Æ®¿Í (°íÀÇ°Ç ½Ç¼öÀÌ°Ç) Ãæµ¹ÇÒ °¡´É¼ºÀÌ ÀÖ´Ù. ¿¹¸¦ + µé¾î, »ç¿ëÀÚ A´Â »ç¿ëÀÚ B¸¦ ¸Å¿ì ½È¾îÇÏ¿©, »ç¿ëÀÚ BÀÇ CGI + µ¥ÀÌÅͺ£À̽º¸¦ Áö¿ö¹ö¸®´Â ½ºÅ©¸³Æ®¸¦ ÀÛ¼ºÇÒ ¼ö ÀÖ´Ù. ¾ÆÆÄÄ¡ + 1.2 ¹öÀüºÎÅÍ Æ÷ÇԵǾú°í ¾ÆÆÄÄ¡ ¼¹ö¿¡¼ Ưº°ÇÑ ÈÅ(hook)À¸·Î + µ¿ÀÛÇÏ´Â <a href="../suexec.html">suEXEC</a>´Â ½ºÅ©¸³Æ®¸¦ + ´Ù¸¥ »ç¿ëÀÚ·Î ½ÇÇàÇÏ´Â ¹æ¹ýÁß Çϳª´Ù. ´Ù¸¥ ´ëÁßÀûÀÎ ¹æ¹ý¿¡´Â + <a href="http://cgiwrap.unixtools.org/">CGIWrap</a>ÀÌ ÀÖ´Ù.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="nsaliasedcgi" id="nsaliasedcgi">ScriptAliasÇÏÁö ¾ÊÀº CGI</a></h2> + + + + <p>´ÙÀ½ Á¶°ÇÀ» ¸¸Á·ÇÒ¶§¸¸ »ç¿ëÀÚ°¡ ¾î¶² µð·ºÅ丮¿¡¼¶óµµ + CGI ½ºÅ©¸³Æ®¸¦ ½ÇÇàÇϵµ·Ï Çã¿ëÇÒ ¼ö ÀÖ´Ù:</p> + + <ul> + <li>´ç½ÅÀº °íÀÇ°Ç ½Ç¼öÀÌ°Ç »ç¿ëÀÚ°¡ ½Ã½ºÅÛÀ» °ø°Ý¿¡ ³ëÃâ½ÃÅ°´Â + ½ºÅ©¸³Æ®¸¦ ÀÛ¼ºÇÏÁö ¾Ê´Â´Ù°í ¹Ï´Â´Ù.</li> + <li>½Ã½ºÅÛÀÇ ´Ù¸¥ ºÎºÐÀÇ º¸¾ÈÀÌ ¾àÇؼ, ÀáÀçÀûÀÎ ÇãÁ¡À» + Çϳª ´õ ¸¸µé¾îµµ ³ªºüÁú °ÍÀÌ ¾ø´Ù°í »ý°¢ÇÏ´Â °æ¿ì.</li> + <li>»ç¿ëÀÚ°¡ ¾ø°í, ¾Æ¸¶ ¾Æ¹«µµ ¼¹ö¸¦ ¹æ¹®ÇÏÁö¾Ê´Â °æ¿ì.</li> + </ul> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="saliasedcgi" id="saliasedcgi">ScriptAliasÇÑ CGI</a></h2> + + + + <p>ƯÁ¤ µð·ºÅ丮¿¡¼¸¸ CGI¸¦ ½ÇÇàÇÒ ¼ö ÀÖµµ·Ï Á¦ÇÑÇÏ¸é °ü¸®ÀÚ´Â + ÀÌµé µð·ºÅ丮¸¦ ÅëÁ¦ÇÒ ¼ö ÀÖ´Ù. ÀÌ °æ¿ì´Â scriptaliasÇÏÁö + ¾ÊÀº CGIº¸´Ù È®½ÇÈ÷ ¾ÈÀüÇÏ´Ù. ´Ü, ½Å·ÚÇÏ´Â »ç¿ëÀÚ¸¸ µð·ºÅ丮¿¡ + Á¢±ÙÇÒ ¼ö ÀÖ°í, °ü¸®ÀÚ°¡ »õ·Î¿î CGI ½ºÅ©¸³Æ®/ÇÁ·Î±×·¥ÀÇ + ÀáÀçÀûÀÎ º¸¾È»ó ÇãÁ¡À» °Ë»çÇÒ ¿ëÀÌ°¡ ÀÖ´Ù¸é.</p> + + <p>´ëºÎºÐÀÇ »çÀÌÆ®´Â scriptaliasÇÏÁö ¾ÊÀº CGI ¹æ½Ä ´ë½Å + ÀÌ ¹æ½ÄÀ» »ç¿ëÇÑ´Ù.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="dynamic" id="dynamic">µ¿Àû ³»¿ëÀ» »ý¼ºÇÏ´Â ´Ù¸¥ ¹æ¹ý</a></h2> + + + + <p> + mod_php, mod_perl, mod_tcl, mod_python °°ÀÌ ¼¹öÀÇ ÀϺηΠ+ µ¿ÀÛÇÏ´Â ÀÓº£µðµå ½ºÅ©¸³Æ®´Â ¼¹ö¿Í °°Àº »ç¿ëÀÚ·Î (<code class="directive"><a href="../mod/mpm_common.html#user">User</a></code> Áö½Ã¾î Âü°í) ½ÇÇàµÇ±â¶§¹®¿¡, + ½ºÅ©¸³Æ® ¿£ÁøÀÌ ½ÇÇàÇÏ´Â ½ºÅ©¸³Æ®´Â ÀáÀçÀûÀ¸·Î ¼¹ö »ç¿ëÀÚ°¡ + Á¢±ÙÇÒ ¼ö ÀÖ´Â ¸ðµç °Í¿¡ Á¢±ÙÇÒ ¼ö ÀÖ´Ù. ¾î¶² ½ºÅ©¸³Æ® ¿£ÁøÀº + ¾î´ÀÁ¤µµ Á¦ÇÑÀ» ÇÏÁö¸¸, ¾ÈÀüÇÏ´Ù°í °¡Á¤ÇÏÁö ¾Ê´Â °ÍÀÌ ÁÁ´Ù.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="systemsettings" id="systemsettings">½Ã½ºÅÛ ¼³Á¤ º¸È£Çϱâ</a></h2> + + + + <p>Á¤¸»·Î ¾ÈÀüÇÑ ¼¹ö¸¦ ¿î¿µÇÏ·Á¸é »ç¿ëÀÚ°¡ + <code>.htaccess</code> ÆÄÀÏÀ» »ç¿ëÇÏ¿© ´ç½ÅÀÌ ¼³Á¤ÇÑ º¸¾È±â´ÉÀ» + º¯°æÇÏ±æ ¹Ù¶óÁö ¾ÊÀ» °ÍÀÌ´Ù. ±×·¯±âÀ§ÇØ ´ÙÀ½°ú °°Àº ¹æ¹ýÀÌ + ÀÖ´Ù.</p> + + <p>¼¹ö ¼³Á¤ÆÄÀÏ¿¡ ´ÙÀ½À» Ãß°¡ÇÑ´Ù</p> + + <div class="example"><p><code> + <Directory /> <br /> + AllowOverride None <br /> + </Directory> + </code></p></div> + + <p>±×·¯¸é »ç¿ë°¡´ÉÇϵµ·Ï ¸í½ÃÀûÀ¸·Î Çã¿ëÇÑ µð·ºÅ丮¸¦ Á¦¿ÜÇÏ°í´Â + <code>.htaccess</code> ÆÄÀÏÀ» »ç¿ëÇÒ ¼ö ¾ø´Ù.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="protectserverfiles" id="protectserverfiles">±âº»ÀûÀ¸·Î ¼¹ö¿¡ ÀÖ´Â ÆÄÀÏ º¸È£Çϱâ</a></h2> + + + + <p>»ç¶÷µéÀº Á¾Á¾ ¾ÆÆÄÄ¡ÀÇ ±âº» Á¢±Ù¿¡ ´ëÇØ À߸ø ¾Ë°íÀÖ´Ù. + Áï, ¼¹ö°¡ ÀϹÝÀûÀÎ URL ´ëÀÀ ±ÔÄ¢À» »ç¿ëÇÏ¿© ÆÄÀÏÀ» ãÀ» + ¼ö ÀÖ´Ù¸é, Ưº°È÷ Á¶Ä¡¸¦ ÇÏÁö ¾Ê´ÂÇÑ Å¬¶óÀ̾ðÆ®¿¡°Ô ÆÄÀÏÀÌ + ¼ºñ½ºµÉ ¼ö ÀÖ´Ù.</p> + + <p>¿¹¸¦ µé¾î, ¾Æ·¡¿Í °°Àº °æ¿ì:</p> + + <div class="example"><p><code> + # cd /; ln -s / public_html <br /> + <code>http://localhost/~root/</code> ¿¡ Á¢±ÙÇÑ´Ù + </code></p></div> + + <p>±×·¯¸é Ŭ¶óÀ̾ðÆ®´Â Àüü ÆÄÀϽýºÅÛÀ» µ¹¾Æ´Ù´Ò ¼ö ÀÖ´Ù. + À̸¦ ¸·±âÀ§ÇØ ¼¹ö¼³Á¤¿¡¼ ´ÙÀ½°ú °°Àº Á¶Ä¡¸¦ ÇÑ´Ù:</p> + + <div class="example"><p><code> + <Directory /> <br /> + Order Deny,Allow <br /> + Deny from all <br /> + </Directory> + </code></p></div> + + <p>±×·¯¸é ÆÄÀϽýºÅÛ À§Ä¡¿¡ ´ëÇØ ±âº» Á¢±ÙÀÌ °ÅºÎµÈ´Ù. + ¿øÇÏ´Â ¿µ¿ª¿¡ Á¢±ÙÇÒ ¼ö ÀÖµµ·Ï ´ÙÀ½°ú °°Àº <code class="directive"><a href="../mod/core.html#directory">Directory</a></code> ºí·ÏÀ» Ãß°¡ÇÑ´Ù.</p> + + <div class="example"><p><code> + <Directory /usr/users/*/public_html> <br /> + Order Deny,Allow <br /> + Allow from all <br /> + </Directory> <br /> + <Directory /usr/local/httpd> <br /> + Order Deny,Allow <br /> + Allow from all <br /> + </Directory> + </code></p></div> + + <p><code class="directive"><a href="../mod/core.html#location">Location</a></code>°ú <code class="directive"><a href="../mod/core.html#directory">Directory</a></code> Áö½Ã¾î¸¦ °°ÀÌ »ç¿ëÇÏ´Â + °æ¿ì Ưº°È÷ ÁÖÀǸ¦ ±â¿ï¿©¶ó. ¿¹¸¦ µé¾î, <code><Directory + /></code>°¡ Á¢±ÙÀ» °ÅºÎÇÏ´õ¶óµµ <code><Location + /></code> Áö½Ã¾î°¡ À̸¦ ¹«½ÃÇÒ ¼ö ÀÖ´Ù</p> + + <p><code class="directive"><a href="../mod/mod_userdir.html#userdir">UserDir</a></code> Áö½Ã¾î¸¦ + »ç¿ëÇÏ´Â °æ¿ì¿¡µµ ÁÖÀÇÇ϶ó. Áö½Ã¾î¸¦ "./" °°ÀÌ ¼³Á¤Çϸé + root »ç¿ëÀÚ¿¡ ´ëÇØ ¹Ù·Î À§ÀÇ °æ¿ì¿Í °°Àº ¹®Á¦°¡ ¹ß»ýÇÑ´Ù. + ¾ÆÆÄÄ¡ 1.3 ÀÌ»óÀ» »ç¿ëÇÑ´Ù¸é ¼¹ö ¼³Á¤ÆÄÀÏ¿¡ ¾Æ·¡ ÁÙÀ» Ãß°¡Çϱæ + °·ÂÈ÷ ±ÇÇÑ´Ù:</p> + + <div class="example"><p><code> + UserDir disabled root + </code></p></div> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="watchyourlogs" id="watchyourlogs">·Î±× »ìÆ캸±â</a></h2> + + + + <p>½ÇÁ¦·Î ¼¹ö¿¡¼ ¹«½¼ ÀÏÀÌ À־°í ÀÖ´ÂÁö ¾Ë·Á¸é <a href="../logs.html">·Î±×ÆÄÀÏ</a>À» »ìÆìºÁ¾ß ÇÑ´Ù. ·Î±×ÆÄÀÏÀº + ÀÌ¹Ì ÀÏ¾î³ Àϸ¸À» º¸°íÇÏÁö¸¸, ¼¹ö¿¡ ¾î¶² °ø°ÝÀÌ ÀÖ¾ú´ÂÁö + ¾Ë·ÁÁÖ°í ÇöÀç ÇÊ¿äÇÑ ¸¸Å ¾ÈÀüÇÑÁö È®ÀÎÇÏ°Ô ÇØÁØ´Ù.</p> + + <p>¿©·¯°¡Áö ¿¹:</p> + + <div class="example"><p><code> + grep -c "/jsp/source.jsp?/jsp/ /jsp/source.jsp??" access_log <br /> + grep "client denied" error_log | tail -n 10 + </code></p></div> + + <p>ù¹ø° ¿¹´Â <a href="http://online.securityfocus.com/bid/4876/info/">À߸øµÈ + Source.JSP ¿äûÀ¸·Î ¼¹öÁ¤º¸¸¦ ¾Ë¾Æ³¾ ¼ö ÀÖ´Â TomcatÀÇ + Ãë¾àÁ¡</a>¸¦ ÀÌ¿ëÇÏ·Á´Â °ø°Ý Ƚ¼ö¸¦ ¾Ë·ÁÁÖ°í, µÎ¹ø° ¿¹´Â + Á¢±ÙÀÌ °ÅºÎµÈ Ãֱ٠Ŭ¶óÀ̾ðÆ® 10°³¸¦ ´ÙÀ½°ú °°ÀÌ º¸¿©ÁØ´Ù:</p> + + <div class="example"><p><code> + [Thu Jul 11 17:18:39 2002] [error] [client foo.bar.com] client denied + by server configuration: /usr/local/apache/htdocs/.htpasswd + </code></p></div> + + <p>Àß ¾Ë µíÀÌ ·Î±×ÆÄÀÏÀº ÀÌ¹Ì ¹ß»ýÇÑ »ç°Ç¸¸À» º¸°íÇÑ´Ù. + ±×·¡¼ Ŭ¶óÀ̾ðÆ®°¡ <code>.htpasswd</code> ÆÄÀÏ¿¡ Á¢±ÙÇÒ + ¼ö ÀÖ¾ú´Ù¸é <a href="../logs.html#accesslog">Á¢±Ù ·Î±×</a>¿¡ + ´ÙÀ½°ú °°Àº ±â·ÏÀÌ ³²À» °ÍÀÌ´Ù:</p> + + <div class="example"><p><code> + foo.bar.com - - [12/Jul/2002:01:59:13 +0200] "GET /.htpasswd HTTP/1.1" + </code></p></div> + + <p>Áï, ´ç½ÅÀº ¼¹ö ¼³Á¤ÆÄÀÏ¿¡¼ ´ÙÀ½ ºÎºÐÀ» ÁÖ¼®Ã³¸®ÇßÀ» + °ÍÀÌ´Ù:</p> + + <div class="example"><p><code> + <Files ~ "^\.ht"> <br /> + Order allow,deny <br /> + Deny from all <br /> + <Files> + </code></p></div> + + </div></div> +<div class="bottomlang"> +<p><span>°¡´ÉÇÑ ¾ð¾î: </span><a href="../en/misc/security_tips.html" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../ko/misc/security_tips.html" title="Korean"> ko </a> | +<a href="../tr/misc/security_tips.html" hreflang="tr" rel="alternate" title="Türkçe"> tr </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">¸ðµâ</a> | <a href="../mod/directives.html">Áö½Ã¾îµé</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">¿ë¾î</a> | <a href="../sitemap.html">»çÀÌÆ®¸Ê</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html.tr.utf8 b/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html.tr.utf8 new file mode 100644 index 00000000..7257521f --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/security_tips.html.tr.utf8 @@ -0,0 +1,344 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="tr" xml:lang="tr"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>Güvenlik İpuçları - Apache HTTP Sunucusu</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">Modüller</a> | <a href="../mod/directives.html">Yönergeler</a> | <a href="../faq/">SSS</a> | <a href="../glossary.html">Terimler</a> | <a href="../sitemap.html">Site Haritası</a></p> +<p class="apache">Apache HTTP Sunucusu Sürüm 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Sunucusu</a> > <a href="http://httpd.apache.org/docs/">Belgeleme</a> > <a href="../">Sürüm 2.0</a> > <a href="./">Çeşitli Belgeler</a></div><div id="page-content"><div id="preamble"><h1>Güvenlik İpuçları</h1> +<div class="toplang"> +<p><span>Mevcut Diller: </span><a href="../en/misc/security_tips.html" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../ko/misc/security_tips.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> | +<a href="../tr/misc/security_tips.html" title="Türkçe"> tr </a></p> +</div> + + <p>Bir HTTP Sunucusunu ayarlarken dikkat edilmesi gerekenler ve bazı + ipuçları. Öneriler kısmen Apache’ye özel kısmen de genel olacaktır.</p> + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#uptodate">Güncel Tutma</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#serverroot"><code>ServerRoot</code> Dizinlerinin İzinleri</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#ssi">Sunucu Taraflı İçerik Yerleştirme</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#cgi">CGI Genelinde</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#nsaliasedcgi"><code>ScriptAlias</code>’sız CGI</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#saliasedcgi"><code>ScriptAlias</code>’lı CGI</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#dynamic">Devingen içerikli kaynaklar</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#systemsettings">Sistem Ayarlarının Korunması</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#protectserverfiles">Sunucu dosyalarının öntanımlı olarak korunması</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#watchyourlogs">Günlüklerin İzlenmesi</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="uptodate" id="uptodate">Güncel Tutma</a></h2> + + <p>Apache HTTP Sunucusu iyi bir güvenlik sicilinin yanında güvenlik + konularıyla oldukça ilgili bir geliştirici topluluğuna sahiptir. Fakat, + bir yazılımın dağıtılmasının ardından küçük ya da büyük bazı sorunların + keşfedilmesi kaçınılmazdır. Bu sebeple, yazılım güncellemelerinden + haberdar olmak oldukça önem kazanır. HTTP sunucunuzu doğrudan + Apache’den temin ediyorsanız yeni sürümler ve güvenlik güncellemeleri + ile ilgili bilgileri tam zamanında alabilmek için <a href="http://httpd.apache.org/lists.html#http-announce">Apache + HTTP Sunucusu Duyuru Listesi</a>ne mutlaka üye olmanızı öneririz. + Apache yazılımının üçüncü parti dağıtımlarını yapanların da buna benzer + hizmetleri vardır.</p> + + <p>Şüphesiz, bir HTTP sunucusu, sunucu kodunda bir sorun olmasa da + tehlike altındadır. Eklenti kodları, CGI betikleri hatta işletim + sisteminden kaynaklanan sorunlar nedeniyle bu ortaya çıkabilir. Bu + bakımdan, sisteminizdeki tüm yazılımların sorunları ve güncellemeleri + hakkında bilgi sahibi olmalısınız.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="serverroot" id="serverroot"><code>ServerRoot</code> Dizinlerinin İzinleri</a></h2> + + + <p>Normalde, Apache root kullanıcı tarafından başlatılır ve hizmetleri + sunarken <code class="directive"><a href="../mod/mpm_common.html#user">User</a></code> yönergesi + tarafından tanımlanan kullanıcının aidiyetinde çalışır. Root tarafından + çalıştırılan komutlarda olduğu gibi, root olmayan kullanıcıların + yapacakları değişikliklerden korunmak konusunda da dikkatli + olmalısınız. Dosyaların sadece root tarafından yazılabilir olmasını + sağlamak yeterli değildir, bu dizinler ve üst dizinler için de + yapılmalıdır. Örneğin, sunucu kök dizininin + <code>/usr/local/apache</code> olmasına karar verdiyseniz, bu dizini + root olarak şöyle oluşturmanız önerilir:</p> + + <div class="example"><p><code> + mkdir /usr/local/apache <br /> + cd /usr/local/apache <br /> + mkdir bin conf logs <br /> + chown 0 . bin conf logs <br /> + chgrp 0 . bin conf logs <br /> + chmod 755 . bin conf logs + </code></p></div> + + <p><code>/</code>, <code>/usr</code>, <code>/usr/local</code> + dizinlerinde sadece root tarafından değişiklik yapılabileceği kabul + edilir. <code class="program"><a href="../programs/httpd.html">httpd</a></code> çalıştırılabilirini kurarken de benzer + bir önlemin alındığından emin olmalısınız:</p> + + <div class="example"><p><code> + cp httpd /usr/local/apache/bin <br /> + chown 0 /usr/local/apache/bin/httpd <br /> + chgrp 0 /usr/local/apache/bin/httpd <br /> + chmod 511 /usr/local/apache/bin/httpd + </code></p></div> + + <p>Diğer kullanıcıların değişiklik yapabileceği bir dizin olarak bir + <code>htdocs</code> dizini oluşturabilirsiniz. Bu dizine root + tarafından çalıştırılabilecek dosyalar konulmamalı ve burada root + tarafından hiçbir dosya oluşturulmamalıdır.</p> + + <p>Diğer kullanıcılara root tarafından yazılabilen ve çalıştırılabilen + dosyalarda değişiklik yapma hakkını tanırsanız, onlara root + kullanıcısını ele geçirilebilme hakkını da tanımış olursunuz. Örneğin, + biri <code class="program"><a href="../programs/httpd.html">httpd</a></code> çalıştırılabilirini zararlı bir programla + değiştirebilir ve o programı tekrar çalıştırdığınız sırada program + yapacağını yapmış olur. Günlükleri kaydettiğiniz dizin herkes + tarafından yazılabilen bir dizin olduğu takdirde, birileri bir günlük + dosyasını bir sistem dosyasına sembolik bağ haline getirerek root + kullanıcısının bu dosyaya ilgisiz şeyler yazmasına sebep olabilir. + Günlüklerin dosyaları herkes tarafından yazılabilir olduğu takdirde ise + birileri dosyaya yanıltıcı veriler girebilir.</p> + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="ssi" id="ssi">Sunucu Taraflı İçerik Yerleştirme</a></h2> + + + <p>SSI sayfaları bir sunucu yöneticisi açısından çeşitli olası risklere + kaynaklık edebilir.</p> + + <p>İlk risk, sunucu yükündeki artış olasılığıdır. Tüm SSI sayfaları, SSI + kodu içersin içermesin Apache tarafından çözümlenir. Bu küçük bir artış + gibi görünürse de bir paylaşımlı sunucu ortamında önemli bir yük haline + gelebilir.</p> + + <p>SSI sayfaları, CGI betikleriyle ilgili riskleri de taşır. <code>exec + cmd</code> elemanı kullanılarak bir SSI sayfasından herhangi bir CGI + betiğini veya bir sistem programını Apache’nin aidiyetinde olduğu + kullanıcının yetkisiyle çalıştırmak mümkündür.</p> + + <p>SSI sayfalarının yararlı özelliklerinden yararlanırken güvenliğini de + arttırmanın bazı yolları vardır.</p> + + <p>Sunucu yöneticisi, bir başıbozuk SSI sayfasının sebep olabileceği + zararları bertaraf etmek için <a href="#cgi">CGI Genelinde</a> + bölümünde açıklandığı gibi <a href="../suexec.html">suexec</a>’i etkin + kılabilir.</p> + + <p>SSI sayfalarını <code>.html</code> veya <code>.htm</code> + uzantılarıyla etkinleştirmek tehlikeli olabilir. Bu özellikle + paylaşımlı ve yüksek trafikli bir sunucu ortamında önemlidir. SSI + sayfalarını normal sayfalardan farklı olarak <code>.shtml</code> gibi + bildik bir uzantıyla etkinleştirmek gerekir. Bu, sunucu yükünü asgari + düzeyde tutmaya ve risk yönetimini kolaylaştırmaya yarar.</p> + + <p>Diğer bir çözüm de SSI sayfalarından betik ve program çalıştırmayı + iptal etmektir. Bu, <code class="directive"><a href="../mod/core.html#options">Options</a></code> + yönergesine değer olarak <code>Includes</code> yerine + <code>IncludesNOEXEC</code> vererek sağlanır. Ancak, eğer betiklerin + bulunduğu dizinde <code class="directive"><a href="../mod/mod_alias.html#scriptalias">ScriptAlias</a></code> + yönergesiyle CGI betiklerinin çalışması mümkün kılınmışsa, + kullanıcıların <code><--#include virtual="..." --></code> ile bu + betikleri çalıştırabileceklerine dikkat ediniz.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="cgi" id="cgi">CGI Genelinde</a></h2> + + + <p>Herşeyden önce ya CGI betiğini/programını yazanlara ya da kendinizin + CGI'deki güvenlik açıklarını (ister kasıtlı olsun ister tesadüfi) + yakalama becerinize güvenmek zorundasınız. CGI betikleri esasen + sisteminizdeki komutları site kullanıcılarının izinleriyle + çalıştırırlar. Bu bakımdan dikkatle denenmedikleri takdirde oldukça + tehlikeli olabilirler.</p> + + <p>CGI betiklerinin hepsi aynı kullanıcının aidiyetinde çalışırsa diğer + betiklerle aralarında çelişkilerin ortaya çıkması ister istemez + kaçınılmazdır. Örneğin A kullanıcısının B kullanıcısına garezi varsa + bir betik yazıp B’nin CGI veritabanını silebilir. Bu gibi durumların + ortaya çıkmaması için betiklerin farklı kullanıcıların aidiyetlerinde + çalışmasını sağlayan ve 1.2 sürümünden beri Apache ile dağıtılan <a href="../suexec.html">suEXEC</a> diye bir program vardır. Başka bir yol + da <a href="http://cgiwrap.unixtools.org/">CGIWrap</a> kullanmaktır.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="nsaliasedcgi" id="nsaliasedcgi"><code>ScriptAlias</code>’sız CGI</a></h2> + + + <p>Kullanıcıların sitenin her yerinde CGI betiklerini çalıştırmalarına + izin vermek ancak şu koşullarda mümkün olabilir:</p> + + <ul> + <li>Kullanıcılarınızın kasıtlı ya da kasıtsız sistemi saldırıya açık + hale getirecek betikler yazmayacaklarına tam güveniniz vardır.</li> + <li>Sitenizin güvenliği zaten o kadar kötüdür ki, bir delik daha + açılmasının mahzuru yoktur.</li> + <li>Sitenizin sizden başka kullanıcısı yoktur ve sunucunuzu sizden + başka hiç kimsenin ziyaret etmesi mümkün değildir.</li> + </ul> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="saliasedcgi" id="saliasedcgi"><code>ScriptAlias</code>’lı CGI</a></h2> + + + <p>CGI’yi belli dizinlerle sınırlamak yöneticiye bu dizinlerde daha iyi + denetim imkanı sağlar. Bu kaçınılmaz olarak <code class="directive"><a href="../mod/mod_alias.html#scriptalias">ScriptAlias</a></code>’sız CGI’den çok daha + güvenlidir, ancak bu dizinlere yazma hakkı olan kullanıcılarınız + güvenilir kişiler olması ve site yöneticisinin de olası güvenlik + açıklarına karşı CGI betiklerini ve programlarını denemeye istekli + olması şartıyla.</p> + + <p>Çoğu site yöneticisi <code>ScriptAlias</code>’sız CGI yerine bu + yaklaşımı seçer.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="dynamic" id="dynamic">Devingen içerikli kaynaklar</a></h2> + + + <p>Sunucunun bir parçası gibi çalışan, <code>mod_php</code>, + <code>mod_perl</code>, <code>mod_tcl</code> ve <code>mod_python</code> + gibi gömülü betik çalıştırma seçenekleri sunucuyu çalıştıran + kullanıcının aidiyetinde çalışırlar (<code class="directive"><a href="../mod/mpm_common.html#user">User</a></code> yönergesine bakınız). Bu bakımdan bu betik + yorumlayıcılar tarafından çalıştırılan betikler, sunucu kullanıcısının + eriştiği herşeye erişebilirler. Bazı betik yorumlayıcıların getirdiği + bazı sınırlamalar varsa da bunlara pek güvenmemek, gerekli sınamaları + yine de yapmak gerekir.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="systemsettings" id="systemsettings">Sistem Ayarlarının Korunması</a></h2> + + + <p>Güvenliği gerçekten sıkı tutmak istiyorsanız, kullanıcılarınızın + yapılandırmanızdaki güvenlik ayarlarını geçersiz kılmak için + <code>.htaccess</code> dosyalarını kullanabilmelerinin de önüne + geçmelisiniz. Bunu yapmanın tek bir yolu vardır.</p> + + <p>Sunucu yapılandırma dosyanıza şunu yerleştirin:</p> + + <div class="example"><p><code> + <Directory /> + <span class="indent"> + AllowOverride None + </span> + </Directory> + </code></p></div> + + <p>Böylece, belli dizinlerde özellikle etkinleştirilmedikçe bütün + dizinlerde <code>.htaccess</code> dosyalarının kullanımını engellemiş + olursunuz.</p> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="protectserverfiles" id="protectserverfiles">Sunucu dosyalarının öntanımlı olarak korunması</a></h2> + + + <p>Apache’nin ister istemez yanlış anlaşılan yönlerinden biri öntanımlı erişim özelliğidir. Yani siz aksine bir şeyler yapmadıkça, sunucu normal URL eşleme kurallarını kullanarak bir dosyayı bulabildiği sürece onu istemciye sunacaktır.</p> + + <p>Örneğin, aşağıdaki durumu ele alalım:</p> + + <div class="example"><p><code> + # cd /; ln -s / public_html + </code></p></div> + + <p>Ve, tarayıcınıza <code>http://localhost/~root/</code> yazın.</p> + + <p>Böylece, istemcilerin tüm dosya sisteminizi gezmelerine izin vermiş olursunuz. Bu işlemin sonuçlarının önünü almak için sunucu yapılandırma dosyanıza şunları yazın:</p> + + <div class="example"><p><code> + <Directory /> + <span class="indent"> + Order Deny,Allow <br /> + Deny from all + </span> + </Directory> + </code></p></div> + + <p>Bu suretle, dosya sisteminize öntanımlı erişimi yasaklamış olursunuz. Erişime izin vermek istediğiniz dizinler için uygun <code class="directive"><a href="../mod/core.html#directory">Directory</a></code> bölümleri eklemeniz yeterli olacaktır. Örnek:</p> + + <div class="example"><p><code> + <Directory /usr/users/*/public_html> + <span class="indent"> + Order Deny,Allow <br /> + Allow from all + </span> + </Directory> <br /> + <Directory /usr/local/httpd> + <span class="indent"> + Order Deny,Allow <br /> + Allow from all + </span> + </Directory> + </code></p></div> + + <p><code class="directive"><a href="../mod/core.html#location">Location</a></code> ve <code class="directive"><a href="../mod/core.html#directory">Directory</a></code> yönergelerinin etkileşimine de özellikle önem vermelisiniz; örneğin <code><Directory /></code> erişimi yasaklarken bir <code><Location /></code> yönergesi bunu ortadan kaldırabilir.</p> + + <p><code class="directive"><a href="../mod/mod_userdir.html#userdir">UserDir</a></code> yönergesi de size buna benzer bir oyun oynayabilir; yönergeye <code>./</code> atamasını yaparsanız, root kullanıcısı söz konusu olduğunda yukarıda ilk örnekteki durumla karşılaşırız. Apache 1.3 veya üstünü kullanıyorsanız, sunucu yapılandırma dosyanızda aşağıdaki satırın mutlaka bulunmasını öneririz:</p> + + <div class="example"><p><code> + UserDir disabled root + </code></p></div> + + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="watchyourlogs" id="watchyourlogs">Günlüklerin İzlenmesi</a></h2> + + + <p>Sunucunuzda olup biteni günü gününe bilmek istiyorsanız <a href="../logs.html">günlük dosyalarına</a> bakmalısınız. Günlük dosyaları sadece olup biteni raporlamakla kalmaz, sunucunuza ne tür saldırılar yapıldığını ve güvenlik seviyenizin yeterli olup olmadığını anlamanızı da sağlarlar.</p> + + <p>Bazı örnekler:</p> + + <div class="example"><p><code> + grep -c "/jsp/source.jsp?/jsp/ /jsp/source.jsp??" access_log <br /> + grep "client denied" error_log | tail -n 10 + </code></p></div> + + <p>İlk örnek, <a href="http://online.securityfocus.com/bid/4876/info/">Apache Tomcat + Source.JSP Bozuk İstek Bilgilerini İfşa Açığı</a>nı istismar etmeyi deneyen saldırıların sayısını verirken ikinci örnek, reddedilen son on istemciyi listeler; örnek:</p> + + <div class="example"><p><code> + [Thu Jul 11 17:18:39 2002] [error] [client falan.filan.dom] client denied + by server configuration: /usr/local/apache/htdocs/.htpasswd + </code></p></div> + + <p>Gördüğünüz gibi günlük dosyaları sadece ne olup bittiğini raporlar, bu bakımdan eğer istemci <code>.htpasswd</code> dosyasına erişebiliyorsa <a href="../logs.html#accesslog">erişim günlüğünüzde</a> şuna benzer bir kayıt görürsünüz:</p> + + <div class="example"><p><code> + falan.filan.dom - - [12/Jul/2002:01:59:13 +0200] "GET /.htpasswd HTTP/1.1" + </code></p></div> + + <p>Bu, sunucu yapılandırma dosyanızda aşağıdaki yapılandırmayı iptal ettiğiniz anlamına gelir:</p> + + <div class="example"><p><code> + <Files ~ "^\.ht"> + <span class="indent"> + Order allow,deny <br /> + Deny from all + </span> + </Files> + </code></p></div> + + </div></div> +<div class="bottomlang"> +<p><span>Mevcut Diller: </span><a href="../en/misc/security_tips.html" hreflang="en" rel="alternate" title="English"> en </a> | +<a href="../ko/misc/security_tips.html" hreflang="ko" rel="alternate" title="Korean"> ko </a> | +<a href="../tr/misc/security_tips.html" title="Türkçe"> tr </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br /><a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a> altında lisanslıdır.</p> +<p class="menu"><a href="../mod/">Modüller</a> | <a href="../mod/directives.html">Yönergeler</a> | <a href="../faq/">SSS</a> | <a href="../glossary.html">Terimler</a> | <a href="../sitemap.html">Site Haritası</a></p></div> +</body></html>
\ No newline at end of file diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/tutorials.html b/rubbos/app/httpd-2.0.64/docs/manual/misc/tutorials.html new file mode 100644 index 00000000..e17505c2 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/tutorials.html @@ -0,0 +1,5 @@ +# GENERATED FROM XML -- DO NOT EDIT + +URI: tutorials.html.en +Content-Language: en +Content-type: text/html; charset=ISO-8859-1 diff --git a/rubbos/app/httpd-2.0.64/docs/manual/misc/tutorials.html.en b/rubbos/app/httpd-2.0.64/docs/manual/misc/tutorials.html.en new file mode 100644 index 00000000..0b9f2d12 --- /dev/null +++ b/rubbos/app/httpd-2.0.64/docs/manual/misc/tutorials.html.en @@ -0,0 +1,211 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> +<html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head><!-- + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + This file is generated from xml source: DO NOT EDIT + XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX + --> +<title>Apache Tutorials - Apache HTTP Server</title> +<link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> +<link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> +<link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /> +<link href="../images/favicon.ico" rel="shortcut icon" /></head> +<body id="manual-page"><div id="page-header"> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p> +<p class="apache">Apache HTTP Server Version 2.0</p> +<img alt="" src="../images/feather.gif" /></div> +<div class="up"><a href="./"><img title="<-" alt="<-" src="../images/left.gif" /></a></div> +<div id="path"> +<a href="http://www.apache.org/">Apache</a> > <a href="http://httpd.apache.org/">HTTP Server</a> > <a href="http://httpd.apache.org/docs/">Documentation</a> > <a href="../">Version 2.0</a> > <a href="./">Miscellaneous Documentation</a></div><div id="page-content"><div id="preamble"><h1>Apache Tutorials</h1> +<div class="toplang"> +<p><span>Available Languages: </span><a href="../en/misc/tutorials.html" title="English"> en </a></p> +</div> + + + <div class="warning"><h3>Warning:</h3> + <p>This document has not been fully updated + to take into account changes made in the 2.0 version of the + Apache HTTP Server. Some of the information may still be + relevant, but please use it with care.</p> + </div> + + <p>The following documents give you step-by-step instructions + on how to accomplish common tasks with the Apache HTTP server. + Many of these documents are located at external sites and are + not the work of the Apache Software Foundation. Copyright to + documents on external sites is owned by the authors or their + assignees. Please consult the <a href="../">official Apache + Server documentation</a> to verify what you read on external + sites.</p> + + </div> +<div id="quickview"><ul id="toc"><li><img alt="" src="../images/down.gif" /> <a href="#starting">Installation & Getting Started</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#basics">Basic Configuration</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#security">Security</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#logging">Logging</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#cgi_ssi">CGI and SSI</a></li> +<li><img alt="" src="../images/down.gif" /> <a href="#other">Other Features</a></li> +</ul></div> +<div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="starting" id="starting">Installation & Getting Started</a></h2> + + + + <ul> + <li><a href="http://apachetoday.com/news_story.php3?ltsn=2000-06-1-001-01-NW-DP-LF"> + Getting Started with Apache 1.3</a> (ApacheToday)</li> + + <li><a href="http://apachetoday.com/news_story.php3?ltsn=2000-07-10-001-01-NW-LF-SW"> + Configuring Your Apache Server Installation</a> + (ApacheToday)</li> + + <li><a href="http://www.onlamp.com/pub/a/apache/2000/02/24/installing_apache.html"> + Getting, Installing, and Running Apache (on Unix)</a> + (O'Reilly Network Apache DevCenter)</li> + + <li><a href="http://www.builder.com/Servers/Apache/ss01.html">Maximum + Apache: Getting Started</a> (CNET Builder.com)</li> + + <li><a href="http://www.devshed.com/Server_Side/Administration/APACHE/"> + How to Build the Apache of Your Dreams</a> (Developer + Shed)</li> + </ul> + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="basics" id="basics">Basic Configuration</a></h2> + + + + <ul> + <li><a href="http://www.onlamp.com/pub/a/apache/2000/03/02/configuring_apache.html"> + An Amble Through Apache Configuration</a> (O'Reilly Network + Apache DevCenter)</li> + + <li><a href="http://apachetoday.com/news_story.php3?ltsn=2000-07-19-002-01-NW-LF-SW"> + Using .htaccess Files with Apache</a> (ApacheToday)</li> + + <li><a href="http://apachetoday.com/news_story.php3?ltsn=2000-07-17-001-01-PS"> + Setting Up Virtual Hosts</a> (ApacheToday)</li> + + <li><a href="http://www.builder.com/Servers/Apache/ss02.html">Maximum + Apache: Configure Apache</a> (CNET Builder.com)</li> + + <li><a href="http://www.devshed.com/Server_Side/Administration/MoreApache/"> + Getting More Out of Apache</a> (Developer Shed)</li> + </ul> + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="security" id="security">Security</a></h2> + + + + <ul> + <li><a href="http://www.linuxplanet.com/linuxplanet/tutorials/1527/1/"> + Security and Apache: An Essential Primer</a> + (LinuxPlanet)</li> + + <li><a href="http://www.apacheweek.com/features/userauth">Using User + Authentication</a> (Apacheweek)</li> + + <li><a href="http://www.apacheweek.com/features/dbmauth">DBM + User Authentication</a> (Apacheweek)</li> + + <li><a href="http://linux.com/security/newsitem.phtml?sid=12&aid=3549"> + An Introduction to Securing Apache</a> (Linux.com)</li> + + <li><a href="http://linux.com/security/newsitem.phtml?sid=12&aid=3667"> + Securing Apache - Access Control</a> (Linux.com)</li> + + <li>Apache Authentication <a href="http://apachetoday.com/news_story.php3?ltsn=2000-07-24-002-01-NW-LF-SW"> + Part 1</a> - <a href="http://apachetoday.com/news_story.php3?ltsn=2000-07-31-001-01-NW-DP-LF"> + Part 2</a> - <a href="http://apachetoday.com/news_story.php3?ltsn=2000-08-07-001-01-NW-LF-SW"> + Part 3</a> - <a href="http://apachetoday.com/news_story.php3?ltsn=2000-08-14-001-01-NW-LF-SW"> + Part 4</a> (ApacheToday)</li> + + <li><a href="http://apachetoday.com/news_story.php3?ltsn=2000-11-13-003-01-SC-LF-SW"> + mod_access: Restricting Access by Host</a> (ApacheToday)</li> + </ul> + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="logging" id="logging">Logging</a></h2> + + + + <ul> + <li><a href="http://www.onlamp.com/pub/a/apache/2000/03/10/log_rhythms.html"> + Log Rhythms</a> (O'Reilly Network Apache DevCenter)</li> + + <li><a href="http://www.apacheweek.com/features/logfiles">Gathering + Visitor Information: Customising Your Logfiles</a> + (Apacheweek)</li> + + <li>Apache Guide: Logging <a href="http://apachetoday.com/news_story.php3?ltsn=2000-08-21-003-01-NW-LF-SW"> + Part 1</a> - <a href="http://apachetoday.com/news_story.php3?ltsn=2000-08-28-001-01-NW-LF-SW"> + Part 2</a> - <a href="http://apachetoday.com/news_story.php3?ltsn=2000-09-05-001-01-NW-LF-SW"> + Part 3</a> - <a href="http://apachetoday.com/news_story.php3?ltsn=2000-09-18-003-01-NW-LF-SW"> + Part 4</a> - <a href="http://apachetoday.com/news_story.php3?ltsn=2000-09-25-001-01-NW-LF-SW"> + Part 5</a> (ApacheToday)</li> + </ul> + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="cgi_ssi" id="cgi_ssi">CGI and SSI</a></h2> + + + + <ul> + <li><a href="http://apachetoday.com/news_story.php3?ltsn=2000-06-05-001-10-NW-LF-SW"> + Dynamic Content with CGI</a> (ApacheToday)</li> + + <li><a href="http://www.cpan.org/doc/FAQs/cgi/idiots-guide.html"> + The Idiot's Guide to Solving Perl CGI Problems</a> + (CPAN)</li> + + <li><a href="http://www.linuxplanet.com/linuxplanet/tutorials/1445/1/"> + Executing CGI Scripts as Other Users</a> (LinuxPlanet)</li> + + <li><a href="http://www.htmlhelp.org/faq/cgifaq.html">CGI + Programming FAQ</a> (Web Design Group)</li> + + <li>Introduction to Server Side Includes <a href="http://apachetoday.com/news_story.php3?ltsn=2000-06-12-001-01-PS"> + Part 1</a> - <a href="http://apachetoday.com/news_story.php3?ltsn=2000-06-19-002-01-NW-LF-SW"> + Part 2</a> (ApacheToday)</li> + + <li><a href="http://apachetoday.com/news_story.php3?ltsn=2000-06-26-001-01-NW-LF-SW"> + Advanced SSI Techniques</a> (ApacheToday)</li> + + <li><a href="http://www.builder.com/Servers/ApacheFiles/082400/">Setting + up CGI and SSI with Apache</a> (CNET Builder.com)</li> + </ul> + </div><div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> +<div class="section"> +<h2><a name="other" id="other">Other Features</a></h2> + + + + <ul> + <li><a href="http://www.apacheweek.com/features/negotiation">Content + Negotiation Explained</a> (Apacheweek)</li> + + <li><a href="http://www.apacheweek.com/features/imagemaps">Using + Apache Imagemaps</a> (Apacheweek)</li> + + <li><a href="http://apachetoday.com/news_story.php3?ltsn=2000-06-14-002-01-PS"> + Keeping Your Images from Adorning Other Sites</a> + (ApacheToday)</li> + + <li><a href="http://ppewww.ph.gla.ac.uk/~flavell/www/lang-neg.html">Language + Negotiation Notes</a> (Alan J. Flavell)</li> + </ul> + + <p>If you have a pointer to an accurate and well-written + tutorial not included here, please let us know by submitting it + to the <a href="http://bugs.apache.org/">Apache Bug + Database</a>.</p> + </div></div> +<div class="bottomlang"> +<p><span>Available Languages: </span><a href="../en/misc/tutorials.html" title="English"> en </a></p> +</div><div id="footer"> +<p class="apache">Copyright 2009 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> +<p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="../faq/">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div> +</body></html>
\ No newline at end of file |