From: dgaudet Date: Thu, 3 Jul 1997 06:01:21 +0000 (+0000) Subject: merge in marc's weblinting changes X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=733935b88821a4ff80ecfa046f7202342a6687e5;p=thirdparty%2Fapache%2Fhttpd.git merge in marc's weblinting changes git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/branches/APACHE_1_2_X@78504 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/docs/manual/misc/descriptors.html b/docs/manual/misc/descriptors.html index bc654d70d23..e5c97f3d21b 100644 --- a/docs/manual/misc/descriptors.html +++ b/docs/manual/misc/descriptors.html @@ -47,7 +47,7 @@ of files a process can have open.

To summarize: 

-  #open files  <=  soft limit  <=  hard limit  <=  kernel limit
+  #open files  <=  soft limit  <=  hard limit  <=  kernel limit

You control the hard and soft limits using the limit (csh) @@ -73,13 +73,13 @@ situation somewhat. Here is a partial list of systems and workarounds will run into trouble if more than approximately 240 Listen directives are used. This may be cured by rebuilding your kernel with a higher FD_SETSIZE. -

+

FreeBSD 2.2, BSDI 2.1+
Similar to the BSDI 2.0 case, you should define FD_SETSIZE and rebuild. But the extra Listen limitation doesn't exist. -

+

Linux
By default Linux has a kernel maximum of 256 open descriptors @@ -95,7 +95,7 @@ situation somewhat. Here is a partial list of systems and workarounds 256. As of this writing the patches available for increasing the number of descriptors do not take this into account. On a dedicated webserver you probably won't run into trouble. -

+

Solaris through 2.5.1
Solaris has a kernel hard limit of 1024 (may be lower in earlier @@ -107,18 +107,18 @@ situation somewhat. Here is a partial list of systems and workarounds build Apache with -DHIGH_SLACK_LINE=256 added to EXTRA_CFLAGS. You will be limited to approximately 240 error logs if you do this. -

+

AIX version ??
AIX appears to have a hard limit of 128 descriptors. End of story. -

+

Others
If you have details on another operating system, please submit it through our Bug Report Page. -

+

diff --git a/docs/manual/misc/security_tips.html b/docs/manual/misc/security_tips.html index cba41ada90f..dc08450aeda 100644 --- a/docs/manual/misc/security_tips.html +++ b/docs/manual/misc/security_tips.html @@ -170,7 +170,13 @@ Also be wary of playing games with the >UserDir directive; setting it to something like "./" would have the same effect, for root, as the first example above. +If you are using Apache 1.3 or above, we strongly recommend that you +include the following line in your server configuration files:

+
+
UserDir disabled root +
+

Please send any other useful security tips to The Apache Group diff --git a/docs/manual/mod/mod_rewrite.html b/docs/manual/mod/mod_rewrite.html index 8d432e4c4ef..4cb6c83b85c 100644 --- a/docs/manual/mod/mod_rewrite.html +++ b/docs/manual/mod/mod_rewrite.html @@ -44,7 +44,6 @@ substitution. It operates on the full URLs (including the PATH_INFO part) both in per-server context (httpd.conf) and per-dir context (.htaccess) and even can generate QUERY_STRING parts on result. The rewritten result can lead to internal sub-processing, external request redirection or to internal proxy throughput. -

The latest version can be found on
@@ -147,7 +146,7 @@ with a slash ('/') then it is assumed to be relative to the config.

- +
To disable the logging of rewriting actions it is not recommended to set Filename @@ -161,7 +160,7 @@ To disable logging either remove or comment out the

- +
SECURITY: See the Apache Security @@ -198,7 +197,7 @@ To disable the logging of rewriting actions simply set Level to 0. This disables all rewrite action logs.

- +
Notice: Using a high value for Level will slow down your Apache server dramatically! Use the rewriting logfile only for debugging or at least @@ -289,7 +288,7 @@ RewriteMap real-to-host txt:/path/to/file/map.real-to-user
  • DBM Hashfile Format

    This is a binary NDBM format file containing the - same contents as the Plain Text Format files. You can create + same contents as the Plain Text Format files. You can create such a file with any NDBM tool or with the dbmmanage program from the support directory of the Apache distribution.

    @@ -346,7 +345,7 @@ context it is of course possible to use this map in per-directory context.

    - +
    For plain text and DBM format files the looked-up keys are cached in-core until the mtime of the mapfile changes or the server does a @@ -384,7 +383,7 @@ will be usually be wrong! There you have to use the RewriteBase directive to specify the correct URL-prefix.

    - +
    So, if your webserver's URLs are not directly related to physical file paths, you have to use RewriteBase in every @@ -424,7 +423,7 @@ In the above example, a request to /xyz/oldstuff.html gets correctly rewritten to the physical file /abc/def/newstuff.html.

    - +
    For the Apache hackers:
    @@ -437,10 +436,10 @@ Request: /xyz/oldstuff.html Internal Processing: - /xyz/oldstuff.html -> /abc/def/oldstuff.html (per-server Alias) - /abc/def/oldstuff.html -> /abc/def/newstuff.html (per-dir RewriteRule) - /abc/def/newstuff.html -> /xyz/newstuff.html (per-dir RewriteBase) - /xyz/newstuff.html -> /abc/def/newstuff.html (per-server Alias) + /xyz/oldstuff.html -> /abc/def/oldstuff.html (per-server Alias) + /abc/def/oldstuff.html -> /abc/def/newstuff.html (per-dir RewriteRule) + /abc/def/newstuff.html -> /xyz/newstuff.html (per-dir RewriteBase) + /xyz/newstuff.html -> /abc/def/newstuff.html (per-server Alias) Result: /abc/def/newstuff.html @@ -471,7 +470,7 @@ sure the design and implementation is correct.

    The RewriteCond directive defines a rule condition. Precede a -RewriteRule directive with one or more RewriteCond +RewriteRule directive with one or more RewriteCond directives. The following rewriting rule is only used if its pattern matches the current @@ -562,7 +561,7 @@ IS_SUBREQ

    - +
    These variables all correspond to the similar named HTTP MIME-headers, C variables of the Apache server or struct tm fields of the Unix @@ -770,7 +769,7 @@ for special cases where it is better to match the negative pattern or as a last default rule.

    - +
    Notice! When using the NOT character to negate a pattern you cannot have grouped wildcard parts in the pattern. This is impossible because when @@ -814,7 +813,7 @@ conjunction with the C (chain) flag to be able to have more than one pattern to be applied before a substitution occurs.

    - +
    Notice: There is a special feature. When you prefix a substitution field with http://thishost[:thisport] then @@ -962,7 +961,7 @@ comma-separated list of the following flags: typical example is the use of mod_alias and mod_rewrite..

    - +
    - -
    For the Apache hackers:
    @@ -995,7 +994,7 @@ comma-separated list of the following flags:

    - +
    Remember: Never forget that Pattern gets applied to a complete URL in per-server configuration files. But in per-directory configuration @@ -1012,7 +1011,7 @@ external redirect or proxy throughput (if flag P is used!) is forced!

    - +
    Notice! To enable the rewriting engine for per-directory configuration files you need to set ``RewriteEngine On'' in these files and @@ -1120,10 +1119,6 @@ request ``GET /somepath/localpath/pathinfo'':
    -

    -

    Example:

    diff --git a/docs/manual/mod/mod_userdir.html b/docs/manual/mod/mod_userdir.html index cca87f5020e..fb0a201c890 100644 --- a/docs/manual/mod/mod_userdir.html +++ b/docs/manual/mod/mod_userdir.html @@ -33,42 +33,71 @@ is compiled in by default. It provides for user-specific directories. Status: Base
    Module: mod_userdir
    Compatibility: All forms except the UserDir -public_html form are only available in Apache 1.1 or above.

    +public_html form are only available in Apache 1.1 or above. Use +of the enabled keyword, or disabled with a +list of usernames, is only available in Apache 1.3 and above.

    The UserDir directive sets the real directory in a user's home directory to use when a request for a document for a user is received. -Directory is either disabled, to disable this feature, - or the name of a directory, following one of the following -patterns. If not disabled, then a request for +Directory/filename is one of the following: +

    +
      +
    • The name of a directory or a pattern such as those shown below. +
      • +
    • The keyword disabled. This turns off all + username-to-directory translations except those explicitly named with + the enabled keyword (see below). +
      • +
    • The keyword disabled followed by a space-delimited + list of usernames. Usernames that appear in such a list will + never have directory translation performed, even if they + appear in an enabled clause. +
      • +
    • The keyword enabled followed by a space-delimited list + of usernames. These usernames will have directory translation + performed even if a global disable is in effect, but not if they also + appear in a disabled clause. +
      • +
    +

    +If neither the enabled nor the disabled +keywords appear in the Userdir directive, the argument is +treated as a filename pattern, and is used to turn the name into a +directory specification. A request for http://www.foo.com/~bob/one/two.html will be translated to: 

    -UserDir public_html     -> ~bob/public_html/one/two.html
-UserDir /usr/web        -> /usr/web/bob/one/two.html
-UserDir /home/*/www     -> /home/bob/www/one/two.html
+UserDir public_html     -> ~bob/public_html/one/two.html
+UserDir /usr/web        -> /usr/web/bob/one/two.html
+UserDir /home/*/www     -> /home/bob/www/one/two.html
    The following directives will send redirects to the client: 
    -UserDir http://www.foo.com/users   -> http//www.foo.com/users/bob/one/two.html
-UserDir http://www.foo.com/*/usr   -> http://www.foo.com/bob/usr/one/two.html
-UserDir http://www.foo.com/~*/     -> http://www.foo.com/~bob/one/two.html
+UserDir http://www.foo.com/users   -> http//www.foo.com/users/bob/one/two.html
+UserDir http://www.foo.com/*/usr   -> http://www.foo.com/bob/usr/one/two.html
+UserDir http://www.foo.com/~*/     -> http://www.foo.com/~bob/one/two.html
    - -

    - -Be careful when using this directive; for instance, "UserDir -./" would map "/~root" to -"/" - which is probably undesirable. See also -the -<Directory> -directive and the -Security Tips -page for more information. -

    +
    + + Be careful when using this directive; for instance, + "UserDir ./" would map + "/~root" to + "/" - which is probably undesirable. If you are + running Apache 1.3 or above, it is strongly recommended that your + configuration include a + "UserDir disabled root" declaration. + See also + the + <Directory> + directive and the + Security Tips + page for more information. + +