This article briefly introduces more than a dozen Apache configuration skills:
1, how to set up a wait time
Set in httpd.conf:
Timeout n
Where n is an integer, the unit is second.
Set this timeout for three situations:
2, how to receive a total time of GET request
Time between the TCP package receiving a POST and PUT requests
Response (ACK) time interval in TCP package
3, how to make Apache listens at a specific port
Modify httpd.conf About Listen's options, for example:
Listen 8000
Is the Apache listens at 8000 ports
And if you want to specify the listening port and listen address, you can use:
Listen 192.170.2.1:80 listen 192.170.2.5:8000
This makes Apache simultaneously listens at 80 ports of 192.170.2.1 and 8000 ports of 192.170.2.5.
Of course, you can also set it in httpd.conf:
Port 80
This will achieve a similar effect.
4, how to set the maximum number of idle processes in Apache
Modify httpd.conf, set inside:
MaxSpareServers n
Where N is an integer. This time when the idle process exceeds N, the Apache master process will kill excess idle processes and keep the idle process in N, saving system resources. If this parameter is adjusted in an Apache very busy site, it is not a good idea at any time.
At the same time, you can also set:
MinSpareServers N
To limit the minimum number of idle processes to speed up the reaction speed.
5. How apache sets the number of sub-service processes at startup
Set in httpd.conf:
StartServers 5
After starting Apache, there are 5 empty legs waiting to be accepted.
You can also refer to MinsPareServers and MaxSpareServers settings.
6, how to set the maximum number of requests for each connection in Apache
Set in httpd.conf:
MaxkeepaliveRequests 100
This will ensure that in a connection, if the number of requests reaches 100 will no longer respond to this new request to ensure that the system resources will not be occupied by a certain connection. However, the actual configuration is required to speed up this value to get higher system performance.
7, how to set up the duration of the session in Apache
In the version above Apache1.2, you can set in httpd.conf:
Keepalive On KeepaliveTimeout 15
This limits the holding time of each session for 15 seconds. The use of session can make many requests can be sent through the same TCP connection, saving network resources and system resources.
8, how to make Apache to verify the client
Can be set in httpd.conf:
Hostnamelookups on | Off | Double
If you use ON, then only one check, if you use Double, then a forward resolution after performing a reflection, only twice the results are in line with each other, and OFF is not domain name verification.
If it is for security, it is recommended to use Double; in order to speed up the access speed, it is recommended to use OFF.
9. How to make Apache only listen in specific IP
Modify httpd.conf, use inside
Bindaddress 192.168.0.1
This allows Apache only listens the outside world to 192.168.0.1 HTTP requests. If you are using:
Bindaddress *
Type Apache listens to HTTP requests on all network interfaces.
Of course, you can also be implemented with a firewall.
10. How to limit the size of the message body of the HTTP request in apache settings in httpd.conf:
LimitRequestBody N
n is an integer, and the unit is byte.
The CGI script generally submits the contents of the form as a message to the server, so the size of the message main body is now useful when using CGI. For example, use CGI to upload files, if there is a setting:
LimitRequestBody 102400
Then the upload file exceeds 100K, it will report an error.
11, how to modify the Apache's document root
Modify the DocumentRoot option in httpd.conf to the specified directory, such as:
Documentroot / WWW / HTDOCS
This http://localhost/index.html is corresponding / www/htdocs/index.html
12. How to modify the maximum number of Apache
Setting in httpd.conf:
MaxClients n
n is an integer, indicating the maximum connection number, the value ranges between 1 and 256, if you want the apache to support more connections, then you need to modify the httpd.h file in the source code, change the defined hard_server_limit value and then then then Compilation.
13. How to make each user have a separate cgi-bin directory
There are two optional methods:
(1) Add the following properties in the Apache configuration file with regard to the PUBLIC_HTML:
Scriptaliasmatch ^ / ~ ([^ /] *) / cgi-bin /(.*) / home / $ 1 / cgi-bin / $ 2
(2) Add the following properties inside the Apache configuration file to the settings of public_html:
14, how to adjust the maximum number of processes in Apache
Apache allows the maximum number of processes to be requested to be 256, and the maxClients limit is 256. If the user is more, the user can only see Waiting for Reply .... Then wait until the next available process. This maximum number is determined by the Apache - its NT version can have 1024, but the Unix version is only 256, you can see in src / include / httpd.h:
#ifndef hard_server_limit #ifdef Win32 #define hard_server_limit 1024 #Else #define hard_server_limit 256 #ENDIF #ENDIF
You can transfer it to 1024 and then compile your system.
15. How to block users from an Internet address Access Apache Server
You can use Deny and Allow to restrict access, such as users who want to ban 202.202.202.xx networks:
16, how to record apache browser and reference information in the log
You need to compile MOD_LOG_CONFIG into your Apache server and use the following configuration:
Customlog logs / access_log "% H% L% U% T"% r "% s% b"% {referer} i ""% {user-agent} i ""
17. How to modify the head information returned by Apache
Problem Analysis: When the client is connected to the Apache server, Apache generally returns information such as the server version, non-default module, for example: Server: Apache / 1.3.26 (UNIX) mod_perl / 1.26
solve:
You can make the following settings on the Apache profile to reduce the information about the server to the minimum:
ServerToKens PROD
note:
This will return a certain server information after setting this setting, such as:
Server: Apache
But this will not have much impact on server security, because many scanning software is when scanning is the header information returned by your server. If you want to turn the relevant information returned by the server:
Server: IT is a none-apache server
Then you have to change the source code.
