From: Rich Bowen <rbowen@apache.org>
Date: Fri, 8 May 2026 14:50:47 +0000 (+0000)
Subject: Rebuilds manual after recent changes
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=ca95f1e06f35e9b2be5da4b9fc7e8ac6dbc77d48;p=thirdparty%2Fapache%2Fhttpd.git

Rebuilds manual after recent changes

git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1933943 13f79535-47bb-0310-9956-ffa450edef68
---

diff --git a/docs/manual/mod/core.html.en.utf8 b/docs/manual/mod/core.html.en.utf8
index 2aed12b9a9..cb312e63de 100644
--- a/docs/manual/mod/core.html.en.utf8
+++ b/docs/manual/mod/core.html.en.utf8
@@ -311,26 +311,38 @@ AcceptFilter https connect</pre>
 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Core</td></tr>
 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>core</td></tr>
 </table>
-    <p>While processing a request, the server looks for
-    the first existing configuration file from this list of names in
-    every directory of the path to the document, if distributed
+    <p>The AccessFileName directive allows you to change the name of the file
+    that will be considered for per-directory configuration overrides, in the
+    event that <code class="directive"><a href="#allowoverride">AllowOverride</a></code> is enabled
+    for that directory.</p>
+
+    <div class="warning">We do not recommend that you change this value, and
+    especially that you do not list multiple possible file names, as it makes
+    troubleshooting more difficult for anyone not familiar with your local
+    settings.</div>
+
+    <p>While processing a request, the server looks for files with the name
+    (or names) defined in <code>AccessFileName</code>
+    in every directory of the path to the document, if distributed
     configuration files are <a href="#allowoverride">enabled for that
-    directory</a>. For example:</p>
-
-    <pre class="prettyprint lang-config">AccessFileName .acl</pre>
-
-
-    <p>Before returning the document
+    directory</a>. For example Before returning the document
     <code>/usr/local/web/index.html</code>, the server will read
-    <code>/.acl</code>, <code>/usr/.acl</code>,
-    <code>/usr/local/.acl</code> and <code>/usr/local/web/.acl</code>
-    for directives unless they have been disabled with:</p>
+    <code>/.htaccess</code>, <code>/usr/.htaccess</code>,
+    <code>/usr/local/.htaccess</code> and <code>/usr/local/web/.htaccess</code>
+    for directives.</p>
+
+    <p>For this reason, the default configuration file contains the following stanza:</p>
 
     <pre class="prettyprint lang-config">&lt;Directory "/"&gt;
     AllowOverride None
 &lt;/Directory&gt;</pre>
 
 
+    <p>This configuration block helps prevent unnecessary file accesses in directories
+    outside of your <code class="directive"><a href="#documentroot">DocumentRoot</a></code>. See also the note
+    about this in the <code>AllowOverride</code> directive documentation.</p>
+
+
 <h3>See also</h3>
 <ul>
 <li><code class="directive"><a href="#allowoverride">AllowOverride</a></code></li>
@@ -436,10 +448,9 @@ NoDecode option available in 2.3.12 and later.</td></tr>
 <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Core</td></tr>
 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>core</td></tr>
 </table>
-    <p>When the server finds an <code>.htaccess</code> file (as
-    specified by <code class="directive"><a href="#accessfilename">AccessFileName</a></code>),
-    it needs to know which directives declared in that file can override
-    earlier configuration directives.</p>
+    <p>When the server finds a distributed configuration file (Usually called
+    <code>.htaccess</code> - configurable by the <code class="directive"><a href="#accessfilename">AccessFileName</a></code>), it needs to know which directives
+    declared in that file can override earlier configuration directives.</p>
 
     <div class="note"><h3>Only available in &lt;Directory&gt; sections</h3>
     <code class="directive">AllowOverride</code> is valid only in
@@ -504,9 +515,12 @@ NoDecode option available in 2.3.12 and later.</td></tr>
       <dt><a href="overrides.html#override-limit">Limit</a></dt>
 
       <dd>
-      Allow use of the directives controlling host access (<code class="directive"><a href="../mod/mod_access_compat.html#allow">Allow</a></code>, <code class="directive"><a href="../mod/mod_access_compat.html#deny">Deny</a></code> and <code class="directive"><a href="../mod/mod_access_compat.html#order">Order</a></code>).</dd>
-
-
+      Allow use of the legacy host access control directives (<code class="directive"><a href="../mod/mod_access_compat.html#allow">Allow</a></code>, <code class="directive"><a href="../mod/mod_access_compat.html#deny">Deny</a></code> and <code class="directive"><a href="../mod/mod_access_compat.html#order">Order</a></code>). For the modern
+      equivalent, see the <code class="directive"><a href="../mod/mod_authz_core.html#require">Require</a></code>
+      directive, which is controlled by <code>AuthConfig</code>.
+      Also includes <code class="directive"><a href="../mod/mod_include.html#ssietag">SSIETag</a></code>,
+      <code class="directive"><a href="../mod/mod_include.html#ssilastmodified">SSILastModified</a></code>, and
+      <code class="directive"><a href="../mod/mod_include.html#ssilegacyexprparser">SSILegacyExprParser</a></code>.</dd>
 
 
       <dt>Nonfatal=[Override|Unknown|All]</dt>
diff --git a/docs/manual/mod/core.xml.de b/docs/manual/mod/core.xml.de
index b95b2875d0..0345673aea 100644
--- a/docs/manual/mod/core.xml.de
+++ b/docs/manual/mod/core.xml.de
@@ -1,7 +1,7 @@
 <?xml version="1.0"?>
 <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
 <?xml-stylesheet type="text/xsl" href="../style/manual.de.xsl"?>
-<!-- English Revision: 344972:1933866 (outdated) -->
+<!-- English Revision: 344972:1933921 (outdated) -->
 
 <!--
  Licensed to the Apache Software Foundation (ASF) under one or more
diff --git a/docs/manual/mod/core.xml.es b/docs/manual/mod/core.xml.es
index 32cf8942e9..36784b1ca3 100644
--- a/docs/manual/mod/core.xml.es
+++ b/docs/manual/mod/core.xml.es
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
 <?xml-stylesheet type="text/xsl" href="../style/manual.es.xsl"?>
-<!-- English Revision: 1741251:1933866 (outdated) -->
+<!-- English Revision: 1741251:1933921 (outdated) -->
 <!-- Translated by Luis Gil de Bernabé Pfeiffer lgilbernabe[AT]apache.org -->
 <!-- Reviewed by Sergio Ramos-->
 <!--
diff --git a/docs/manual/mod/core.xml.fr b/docs/manual/mod/core.xml.fr
index ef03c31e9c..45645c9aa7 100644
--- a/docs/manual/mod/core.xml.fr
+++ b/docs/manual/mod/core.xml.fr
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8" ?>
 <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
 <?xml-stylesheet type="text/xsl" href="../style/manual.fr.xsl"?>
-<!-- English Revision: 1932811:1933866 (outdated) -->
+<!-- English Revision: 1932811:1933921 (outdated) -->
 <!-- French translation : Lucien GENTIS -->
 <!-- Reviewed by : Vincent Deffontaines -->
 
diff --git a/docs/manual/mod/core.xml.ja b/docs/manual/mod/core.xml.ja
index c32d72f9c5..2e0b1dbbc4 100644
--- a/docs/manual/mod/core.xml.ja
+++ b/docs/manual/mod/core.xml.ja
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8" ?>
 <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
 <?xml-stylesheet type="text/xsl" href="../style/manual.ja.xsl"?>
-<!-- English Revision: 669847:1933866 (outdated) -->
+<!-- English Revision: 669847:1933921 (outdated) -->
 
 <!--
  Licensed to the Apache Software Foundation (ASF) under one or more
diff --git a/docs/manual/mod/core.xml.tr b/docs/manual/mod/core.xml.tr
index 3eb681b21d..efd2e2ae1a 100644
--- a/docs/manual/mod/core.xml.tr
+++ b/docs/manual/mod/core.xml.tr
@@ -1,7 +1,7 @@
 <?xml version="1.0"?>
 <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
 <?xml-stylesheet type="text/xsl" href="../style/manual.tr.xsl"?>
-<!-- English Revision: 1302855:1933866 (outdated) -->
+<!-- English Revision: 1302855:1933921 (outdated) -->
 <!-- =====================================================
  Translated by: Nilgün Belma Bugüner <nilgun belgeler.org>
    Reviewed by: Orhan Berent <berent belgeler.org>
diff --git a/docs/manual/mod/mod_rewrite.html.en.utf8 b/docs/manual/mod/mod_rewrite.html.en.utf8
index 2c261a28a7..f20369b99d 100644
--- a/docs/manual/mod/mod_rewrite.html.en.utf8
+++ b/docs/manual/mod/mod_rewrite.html.en.utf8
@@ -122,42 +122,27 @@ URLs on the fly</td></tr>
 <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_rewrite</td></tr>
 </table>
       <p>The <code class="directive">RewriteBase</code> directive specifies the
-      URL prefix to be used for per-directory (htaccess)
+      URL prefix to be used for
+      <a class="glossarylink" href="../glossary.html#perdirectory" title="see glossary">per-directory</a>
       <code class="directive"><a href="#rewriterule">RewriteRule</a></code> directives that
       substitute a relative path.</p>
       <p> This directive is <em>required</em> when you use a relative path
-      in a substitution in per-directory (htaccess) context unless any 
+      in a substitution in <a class="glossarylink" href="../glossary.html#perdirectory" title="see glossary">per-directory</a> context unless any
       of the following conditions are true:</p>
       <ul>
           <li> The original request, and the substitution, are underneath the
                <code class="directive"><a href="../mod/core.html#documentroot">DocumentRoot</a></code>
                (as opposed to reachable by other means, such as
                <code class="directive"><a href="../mod/mod_alias.html#alias">Alias</a></code>).</li>
-          <li> The <em>filesystem</em> path to the directory containing the
-               <code class="directive"><a href="#rewriterule">RewriteRule</a></code>,
-               suffixed by the relative
-               substitution is also valid as a URL path on the server
-               (this is rare).</li>
+          <li> The directory-path for which the RewriteRule applies, 
+               suffixed by the relative substitution, is also valid
+               as a URL-path on the server (this is rare).</li>
           <li> In Apache HTTP Server 2.4.16 and later, this directive may be
                 omitted when the request is mapped via
                 <code class="directive"><a href="../mod/mod_alias.html#alias">Alias</a></code>
                 or <code class="module"><a href="../mod/mod_userdir.html">mod_userdir</a></code>.</li>
       </ul>
 
-<p> In the example below, <code class="directive">RewriteBase</code> is necessary
-    to avoid rewriting to http://example.com/opt/myapp-1.2.3/welcome.html
-    since the resource was not relative to the document root.  This
-    misconfiguration would normally cause the server to look for an "opt"
-    directory under the document root.</p>
-<pre class="prettyprint lang-config">DocumentRoot "/var/www/example.com"
-AliasMatch "^/myapp" "/opt/myapp-1.2.3"
-&lt;Directory "/opt/myapp-1.2.3"&gt;
-    RewriteEngine On
-    RewriteBase "/myapp/"
-    RewriteRule "^index\.html$"  "welcome.html"
-&lt;/Directory&gt;</pre>
-
-
 
 </div>
 <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div>
@@ -473,7 +458,7 @@ AliasMatch "^/myapp" "/opt/myapp-1.2.3"
         <em>after</em> the URL translation phase (during which
         <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> operates).</p>
         <p>On the other hand, because <code class="module"><a href="../mod/mod_rewrite.html">mod_rewrite</a></code> implements
-        its per-directory context (<code>.htaccess</code> file) via
+        its <a class="glossarylink" href="../glossary.html#perdirectory" title="see glossary">per-directory</a> context via
         the Fixup phase of the API and because the authorization
         phases come <em>before</em> this phase, you just can use
         <code>%{REMOTE_USER}</code> in that context.</p></li>
@@ -1118,7 +1103,7 @@ RewriteRule  "^/$"                 "/homepage.std.html"     [L]</pre>
 
       <p>The directory-path to which the rule applies is stripped from the currently mapped
       filesystem path before comparison (up to and including a trailing slash). 
-      The net result of this per-directory prefix stripping is that rules in
+      The net result of this <a class="glossarylink" href="../glossary.html#perdirectory" title="see glossary">per-directory</a> prefix stripping is that rules in
       this context only match against the portion of the currently mapped filesystem path 
       "below" the directory-path to which the rule applies.</p>
 
@@ -1141,25 +1126,27 @@ RewriteRule  "^/$"                 "/homepage.std.html"     [L]</pre>
 complexity.</li>
 
 <li>To enable the rewrite engine in this context, you need to set
-"<code>RewriteEngine On</code>" <strong>and</strong>
-the <code>FollowSymLinks</code> or <code>SymLinksIfOwnerMatch</code>
-<code class="directive"><a href="../mod/core.html#options">Options</a></code> must be enabled. If your
-administrator has disabled override of these options for a user's
-directory via <code class="directive"><a href="../mod/core.html#allowoverride">AllowOverride</a></code>, the
-rewrite engine cannot be used in <code>.htaccess</code> files in that
-directory.</li>
+<code>RewriteEngine On</code> <strong>and</strong>
+at least one of the <code>FollowSymLinks</code> or
+<code>SymLinksIfOwnerMatch</code>
+<code class="directive"><a href="../mod/core.html#options">Options</a></code> must be enabled. Note
+that these options cannot be set in a distributed configuration file
+(<code>.htaccess</code>) unless
+<code class="directive"><a href="../mod/core.html#allowoverride">AllowOverride</a></code> permits it
+in the server configuration.</li>
 
 <li>See the <code class="directive"><a href="#rewritebase">RewriteBase</a></code>
 directive for more information regarding what prefix will be added back to
 relative substitutions.</li>
 
-<li> If you wish to match against the full URL-path in a per-directory context
+<li> If you wish to match against the full URL-path in a 
+<a class="glossarylink" href="../glossary.html#perdirectory" title="see glossary">per-directory</a> context
 RewriteRule, use the <code>%{REQUEST_URI}</code> variable in
 a <code class="directive"><a href="#rewritecond">RewriteCond</a></code>.</li>
 
 <li>The removed prefix always ends with a slash, meaning the matching occurs against a string which
 <em>never</em> has a leading slash.  Therefore, a <em>Pattern</em> with <code>^/</code> never
-matches in per-directory context.</li>
+matches in <a class="glossarylink" href="../glossary.html#perdirectory" title="see glossary">per-directory</a> context.</li>
 
 <li>Although rewrite rules are syntactically permitted in <code class="directive"><a href="../mod/core.html#location">&lt;Location&gt;</a></code> and <code class="directive"><a href="../mod/core.html#files">&lt;Files&gt;</a></code> sections
 (including their regular expression counterparts), this
@@ -1272,13 +1259,13 @@ cannot use <code>$N</code> in the substitution string!
         <li><strong>Starts with <code>/</code>, server/vhost context:</strong>
         Treated as a file-system path if the first path component exists
         on disk; otherwise treated as a URL-path.</li>
-        <li><strong>Starts with <code>/</code>, per-directory context:</strong>
+        <li><strong>Starts with <code>/</code>, <a class="glossarylink" href="../glossary.html#perdirectory" title="see glossary">per-directory</a> context:</strong>
         Always treated as a URL-path. No file-system guessing occurs.</li>
         <li><strong>Does not start with <code>/</code> (relative),
         server/vhost context:</strong> Treated as a URL-path relative
         to the current request URI.</li>
         <li><strong>Does not start with <code>/</code> (relative),
-        per-directory context:</strong> Treated as a URL-path relative
+        <a class="glossarylink" href="../glossary.html#perdirectory" title="see glossary">per-directory</a> context:</strong> Treated as a URL-path relative
         to the directory-path for which the <code class="directive"><a href="../mod/core.html#directory">Directory</a></code> or <code>.htaccess</code>
         applies. See <code class="directive">RewriteBase</code> for controlling
         the prefix added to relative substitutions.</li>
@@ -1395,7 +1382,7 @@ cannot use <code>$N</code> in the substitution string!
         <td>END</td>
         <td>Stop the rewriting process immediately and don't apply any
         more rules. Also prevents further execution of rewrite rules
-        in per-directory context. (Available in 2.3.9 and later)
+        in <a class="glossarylink" href="../glossary.html#perdirectory" title="see glossary">per-directory</a> context. (Available in 2.3.9 and later)
         <em><a href="../rewrite/flags.html#flag_end">details ...</a></em></td>
     </tr>
 <tr>
@@ -1422,7 +1409,7 @@ cannot use <code>$N</code> in the substitution string!
 <tr>
         <td>last|L</td>
         <td>Stop the rewriting process immediately and don't apply any
-        more rules. Especially note caveats for per-directory context (see also the END flag). <em><a href="../rewrite/flags.html#flag_l">details ...</a></em></td>
+        more rules. Especially note caveats for <a class="glossarylink" href="../glossary.html#perdirectory" title="see glossary">per-directory</a> context (see also the END flag). <em><a href="../rewrite/flags.html#flag_l">details ...</a></em></td>
     </tr>
 <tr class="odd">
         <td>next|N</td>
diff --git a/docs/manual/mod/mod_rewrite.xml.fr b/docs/manual/mod/mod_rewrite.xml.fr
index f08040a19f..d02df57e72 100644
--- a/docs/manual/mod/mod_rewrite.xml.fr
+++ b/docs/manual/mod/mod_rewrite.xml.fr
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8" ?>
 <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
 <?xml-stylesheet type="text/xsl" href="../style/manual.fr.xsl"?>
-<!-- English Revision: 1932387:1933815 (outdated) -->
+<!-- English Revision: 1932387:1933937 (outdated) -->
 <!-- French translation : Lucien GENTIS -->
 <!-- Reviewed by : Vincent Deffontaines -->
 
diff --git a/docs/manual/mod/mod_ssl.html.en.utf8 b/docs/manual/mod/mod_ssl.html.en.utf8
index 4807671e78..9e87d5989b 100644
--- a/docs/manual/mod/mod_ssl.html.en.utf8
+++ b/docs/manual/mod/mod_ssl.html.en.utf8
@@ -720,11 +720,30 @@ algorithm type.
 Finally the end-entity certificate's private key can also be
 added to the certificate file instead of using a separate
 <code class="directive"><a href="#sslcertificatekeyfile">SSLCertificateKeyFile</a></code>
-directive. This practice is highly discouraged. If it is used,
-the certificate files using such an embedded key must be configured
-after the certificates using a separate key file. If the private
-key is encrypted, the pass phrase dialog is forced at startup time.
-</p>
+directive.</p>
+
+<div class="warning"><h3>Do not combine key and certificate in one file</h3>
+<p>This practice is highly discouraged for the following reasons:</p>
+<ul>
+<li><strong>Security</strong>: Keeping the private key in a separate file
+allows stricter file permissions. The certificate file can be
+world-readable (it is public data), while the key file should be
+readable only by root. Combining them in one file means any
+misconfiguration or vulnerability that exposes the certificate file
+also exposes the private key.</li>
+<li><strong>Ordering constraint</strong>: If a combined file is used,
+all <code class="directive">SSLCertificateFile</code> directives referencing
+such combined files must appear <em>after</em> any
+<code class="directive">SSLCertificateFile</code> directives that use a
+separate key file. Violating this ordering will cause errors at
+startup.</li>
+<li><strong>Maintenance</strong>: Separate files make it immediately
+clear which file contains what, simplifying certificate rotation
+and audits.</li>
+</ul>
+<p>If the private key is encrypted, the pass phrase dialog is forced
+at startup time.</p>
+</div>
 
 <p>As an alternative to storing certificates and private keys in
 files, a certificate identifier can be used to identify a certificate
@@ -813,12 +832,13 @@ to support multiple algorithms for server authentication. For each
 directive, there must be a matching <code class="directive">SSLCertificateFile</code>
 directive.</p>
 
-<p>
-The private key may also be combined with the certificate in the file given by
-<code class="directive"><a href="#sslcertificatefile">SSLCertificateFile</a></code>, but this practice
-is highly discouraged. If it is used, the certificate files using such
-an embedded key must be configured after the certificates using a separate
-key file.</p>
+<div class="warning"><h3>Do not combine key and certificate in one file</h3>
+<p>The private key may also be combined with the certificate in the
+file given by <code class="directive"><a href="#sslcertificatefile">SSLCertificateFile</a></code>,
+but this practice is highly discouraged. See the warning in the
+<code class="directive">SSLCertificateFile</code> documentation for a full
+explanation of the risks and constraints.</p>
+</div>
 
 <p>As an alternative to storing private keys in files, a key
 identifier can be used to identify a private key stored in a
diff --git a/docs/manual/mod/mod_ssl.xml.es b/docs/manual/mod/mod_ssl.xml.es
index 608be53233..a5439ff9d4 100644
--- a/docs/manual/mod/mod_ssl.xml.es
+++ b/docs/manual/mod/mod_ssl.xml.es
@@ -1,7 +1,7 @@
 <?xml version="1.0"?>
 <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
 <?xml-stylesheet type="text/xsl" href="../style/manual.es.xsl"?>
-<!-- English Revision: 1817381:1933788 (outdated) -->
+<!-- English Revision: 1817381:1933923 (outdated) -->
 <!-- Spanish Translation: Daniel Ferradal <dferradal@apache.org> -->
 <!-- Updated and reviewed: Luis Gil de bernabe <lgilbernabe@apache.org> -->
 
diff --git a/docs/manual/mod/mod_ssl.xml.fr b/docs/manual/mod/mod_ssl.xml.fr
index 8ab88e1d21..4b4b1207f0 100644
--- a/docs/manual/mod/mod_ssl.xml.fr
+++ b/docs/manual/mod/mod_ssl.xml.fr
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8" ?>
 <!DOCTYPE modulesynopsis SYSTEM "../style/modulesynopsis.dtd">
 <?xml-stylesheet type="text/xsl" href="../style/manual.fr.xsl"?>
-<!-- English Revision: 1933097:1933788 (outdated) -->
+<!-- English Revision: 1933097:1933923 (outdated) -->
 <!-- French translation : Lucien GENTIS -->
 <!-- Reviewed by : Vincent Deffontaines -->