<-
Apache > HTTP Server > Documentation > Version 2.4 > Modules

Directive Quick Reference

The directive quick reference shows the usage, default, status, and context of each Apache configuration directive. For more information about each of these, see the Directive Dictionary.

The first column gives the directive name and usage. The second column shows the default value of the directive, if a default exists. If the default is too large to display, it will be truncated and followed by "+".

The third and fourth columns list the contexts where the directive is allowed and the status of the directive according to the legend tables below.

 A  |  B  |  C  |  D  |  E  |  F  |  G  |  H  |  I  |  K  |  L  |  M  |  N  |  O  |  P  |  Q  |  R  |  S  |  T  |  U  |  V  |  W  |  X 
s server config
v virtual host
d directory
h .htaccess
p proxy section
C Core
M MPM
B Base
E Extension
X Experimental
T External
AcceptFilter protocol accept_filter s C
Configures optimizations for a Protocol's Listener Sockets
AcceptPathInfo On|Off|Default Default svdh C
Resources accept trailing pathname information
AccessFileName filename [filename] ... .htaccess sv C
Name of the distributed configuration file
Action action-type cgi-script [virtual] svdh B
Activates a CGI script for a particular handler or content-type
AddAlt string file [file] ... svdh B
Alternate text to display for a file, instead of an icon selected by filename
AddAltByEncoding string MIME-encoding [MIME-encoding] ... svdh B
Alternate text to display for a file instead of an icon selected by MIME-encoding
AddAltByType string MIME-type [MIME-type] ... svdh B
Alternate text to display for a file, instead of an icon selected by MIME content-type
AddCharset charset extension [extension] ... svdh B
Maps the given filename extensions to the specified content charset
AddDefaultCharset On|Off|charset Off svdh C
Default charset parameter to be added when a response content-type is text/plain or text/html
AddDescription string file [file] ... svdh B
Description to display for a file
AddEncoding encoding extension [extension] ... svdh B
Maps the given filename extensions to the specified encoding type
AddHandler handler-name extension [extension] ... svdh B
Maps the filename extensions to the specified handler
AddIcon icon name [name] ... svdh B
Icon to display for a file selected by name
AddIconByEncoding icon MIME-encoding [MIME-encoding] ... svdh B
Icon to display next to files selected by MIME content-encoding
AddIconByType icon MIME-type [MIME-type] ... svdh B
Icon to display next to files selected by MIME content-type
AddInputFilter filter[;filter...] extension [extension] ... svdh B
Maps filename extensions to the filters that will process client requests
AddLanguage language-tag extension [extension] ... svdh B
Maps the given filename extension to the specified content language
AddModuleInfo module-name string sv E
Adds additional information to the module information displayed by the server-info handler
AddOutputFilter filter[;filter...] extension [extension] ... svdh B
Maps filename extensions to the filters that will process responses from the server
AddOutputFilterByType filter[;filter...] media-type [media-type] ... svdh B
assigns an output filter to a particular media-type
AddType media-type extension [extension] ... svdh B
Maps the given filename extensions onto the specified content type
Alias [URL-path] file-path|directory-path svd B
Maps URLs to filesystem locations
AliasMatch regex file-path|directory-path sv B
Maps URLs to filesystem locations using regular expressions
Allow from all|host|env=[!]env-variable [host|env=[!]env-variable] ... dh E
Controls which hosts can access an area of the server
AllowCONNECT port[-port] [port[-port]] ... 443 563 sv E
Ports that are allowed to CONNECT through the proxy
AllowEncodedSlashes On|Off|NoDecode Off sv C
Determines whether encoded path separators in URLs are allowed to be passed through
AllowMethods reset|HTTP-method [HTTP-method]... reset d X
Restrict access to the listed HTTP methods
AllowOverride All|None|directive-type [directive-type] ... None (2.3.9 and lat + d C
Types of directives that are allowed in .htaccess files
AllowOverrideList None|directive [directive-type] ... None d C
Individual directives that are allowed in .htaccess files
Anonymous user [user] ... dh E
Specifies userIDs that are allowed access without password verification
Anonymous_LogEmail On|Off On dh E
Sets whether the password entered will be logged in the error log
Anonymous_MustGiveEmail On|Off On dh E
Specifies whether blank passwords are allowed
Anonymous_NoUserID On|Off Off dh E
Sets whether the userID field may be empty
Anonymous_VerifyEmail On|Off Off dh E
Sets whether to check the password field for a correctly formatted email address
AsyncRequestWorkerFactor factor s M
Limit concurrent connections per process
AuthBasicAuthoritative On|Off On dh B
Sets whether authorization and authentication are passed to lower level modules
AuthBasicFake off|username [password] dh B
Fake basic authentication using the given expressions for username and password
AuthBasicProvider provider-name [provider-name] ... file dh B
Sets the authentication provider(s) for this location
AuthBasicUseDigestAlgorithm MD5|Off Off dh B
Check passwords against the authentication providers as if Digest Authentication was in force instead of Basic Authentication.
AuthDBDUserPWQuery query d E
SQL query to look up a password for a user
AuthDBDUserRealmQuery query d E
SQL query to look up a password hash for a user and realm.
AuthDBMGroupFile file-path dh E
Sets the name of the database file containing the list of user groups for authorization
AuthDBMType default|SDBM|GDBM|NDBM|DB default dh E
Sets the type of database file that is used to store passwords
AuthDBMUserFile file-path dh E
Sets the name of a database file containing the list of users and passwords for authentication
AuthDigestAlgorithm MD5|MD5-sess MD5 dh E
Selects the algorithm used to calculate the challenge and response hashes in digest authentication
AuthDigestDomain URI [URI] ... dh E
URIs that are in the same protection space for digest authentication
AuthDigestNonceLifetime seconds 300 dh E
How long the server nonce is valid
AuthDigestProvider provider-name [provider-name] ... file dh E
Sets the authentication provider(s) for this location
AuthDigestQop none|auth|auth-int [auth|auth-int] auth dh E
Determines the quality-of-protection to use in digest authentication
AuthDigestShmemSize size 1000 s E
The amount of shared memory to allocate for keeping track of clients
AuthFormAuthoritative On|Off On dh B
Sets whether authorization and authentication are passed to lower level modules
AuthFormBody fieldname httpd_body d B
The name of a form field carrying the body of the request to attempt on successful login
AuthFormDisableNoStore On|Off Off d B
Disable the CacheControl no-store header on the login page
AuthFormFakeBasicAuth On|Off Off d B
Fake a Basic Authentication header
AuthFormLocation fieldname httpd_location d B
The name of a form field carrying a URL to redirect to on successful login
AuthFormLoginRequiredLocation url d B
The URL of the page to be redirected to should login be required
AuthFormLoginSuccessLocation url d B
The URL of the page to be redirected to should login be successful
AuthFormLogoutLocation uri d B
The URL to redirect to after a user has logged out
AuthFormMethod fieldname httpd_method d B
The name of a form field carrying the method of the request to attempt on successful login
AuthFormMimetype fieldname httpd_mimetype d B
The name of a form field carrying the mimetype of the body of the request to attempt on successful login
AuthFormPassword fieldname httpd_password d B
The name of a form field carrying the login password
AuthFormProvider provider-name [provider-name] ... file dh B
Sets the authentication provider(s) for this location
AuthFormSitePassphrase secret d B
Bypass authentication checks for high traffic sites
AuthFormSize size 8192 d B
The largest size of the form in bytes that will be parsed for the login details
AuthFormUsername fieldname httpd_username d B
The name of a form field carrying the login username
AuthGroupFile file-path dh B
Sets the name of a text file containing the list of user groups for authorization
AuthLDAPAuthorizePrefix prefix AUTHORIZE_ dh E
Specifies the prefix for environment variables set during authorization
AuthLDAPBindAuthoritative off|on on dh E
Determines if other authentication providers are used when a user can be mapped to a DN but the server cannot successfully bind with the user's credentials.
AuthLDAPBindDN distinguished-name dh E
Optional DN to use in binding to the LDAP server
AuthLDAPBindPassword password dh E
Password used in conjunction with the bind DN
AuthLDAPCharsetConfig file-path s E
Language to charset conversion configuration file
AuthLDAPCompareAsUser on|off off dh E
Use the authenticated user's credentials to perform authorization comparisons
AuthLDAPCompareDNOnServer on|off on dh E
Use the LDAP server to compare the DNs
AuthLDAPDereferenceAliases never|searching|finding|always always dh E
When will the module de-reference aliases
AuthLDAPGroupAttribute attribute member uniqueMember + dh E
LDAP attributes used to identify the user members of groups.
AuthLDAPGroupAttributeIsDN on|off on dh E
Use the DN of the client username when checking for group membership
AuthLDAPInitialBindAsUser off|on off dh E
Determines if the server does the initial DN lookup using the basic authentication users' own username, instead of anonymously or with hard-coded credentials for the server
AuthLDAPInitialBindPattern regex substitution (.*) $1 (remote use + dh E
Specifies the transformation of the basic authentication username to be used when binding to the LDAP server to perform a DN lookup
AuthLDAPMaxSubGroupDepth Number 10 dh E
Specifies the maximum sub-group nesting depth that will be evaluated before the user search is discontinued.
AuthLDAPRemoteUserAttribute uid dh E
Use the value of the attribute returned during the user query to set the REMOTE_USER environment variable
AuthLDAPRemoteUserIsDN on|off off dh E
Use the DN of the client username to set the REMOTE_USER environment variable
AuthLDAPSearchAsUser on|off off dh E
Use the authenticated user's credentials to perform authorization searches
AuthLDAPSubGroupAttribute attribute member uniqueMember + dh E
Specifies the attribute labels, one value per directive line, used to distinguish the members of the current group that are groups.
AuthLDAPSubGroupClass LdapObjectClass groupOfNames groupO + dh E
Specifies which LDAP objectClass values identify directory objects that are groups during sub-group processing.
AuthLDAPURL url [NONE|SSL|TLS|STARTTLS] dh E
URL specifying the LDAP search parameters
AuthMerging Off | And | Or Off dh B
Controls the manner in which each configuration section's authorization logic is combined with that of preceding configuration sections.
AuthName auth-domain dh B
Authorization realm for use in HTTP authentication
AuthnCacheContext directory|server|custom-string directory d B
Specify a context string for use in the cache key
AuthnCacheEnable s B
Enable Authn caching configured anywhere
AuthnCacheProvideFor authn-provider [...] dh B
Specify which authn provider(s) to cache for
AuthnCacheSOCache provider-name[:provider-args] s B
Select socache backend provider to use
AuthnCacheTimeout timeout (seconds) 300 (5 minutes) dh B
Set a timeout for cache entries
<AuthnProviderAlias baseProvider Alias> ... </AuthnProviderAlias> s B
Enclose a group of directives that represent an extension of a base authentication provider and referenced by the specified alias
AuthnzFcgiCheckAuthnProvider provider-name|None option ... d E
Enables a FastCGI application to handle the check_authn authentication hook.
AuthnzFcgiDefineProvider type provider-name backend-address s E
Defines a FastCGI application as a provider for authentication and/or authorization
AuthType None|Basic|Digest|Form dh B
Type of user authentication
AuthUserFile file-path dh B
Sets the name of a text file containing the list of users and passwords for authentication
AuthzDBDLoginToReferer On|Off Off d E
Determines whether to redirect the Client to the Referring page on successful login or logout if a Referer request header is present
AuthzDBDQuery query d E
Specify the SQL Query for the required operation
AuthzDBDRedirectQuery query d E
Specify a query to look up a login page for the user
AuthzDBMType default|SDBM|GDBM|NDBM|DB default dh E
Sets the type of database file that is used to store list of user groups
<AuthzProviderAlias baseProvider Alias Require-Parameters> ... </AuthzProviderAlias> s B
Enclose a group of directives that represent an extension of a base authorization provider and referenced by the specified alias
AuthzSendForbiddenOnFailure On|Off Off dh B
Send '403 FORBIDDEN' instead of '401 UNAUTHORIZED' if authentication succeeds but authorization fails
BalancerGrowth # 5 sv E
Number of additional Balancers that can be added Post-configuration
BalancerInherit On|Off On sv E
Inherit ProxyPassed Balancers/Workers from the main server
BalancerMember [balancerurl] url [key=value [key=value ...]] d E
Add a member to a load balancing group
BalancerPersist On|Off Off sv E
Attempt to persist changes made by the Balancer Manager across restarts.
BrotliAlterETag AddSuffix|NoChange|Remove AddSuffix sv E
How the outgoing ETag header should be modified during compression
BrotliCompressionMaxInputBlock value sv E
Maximum input block size
BrotliCompressionQuality value 5 sv E
Compression quality
BrotliCompressionWindow value 18 sv E
Brotli sliding compression window size
BrotliFilterNote [type] notename sv E
Places the compression ratio in a note for logging
BrowserMatch regex [!]env-variable[=value] [[!]env-variable[=value]] ... svdh B
Sets environment variables conditional on HTTP User-Agent
BrowserMatchNoCase regex [!]env-variable[=value] [[!]env-variable[=value]] ... svdh B
Sets environment variables conditional on User-Agent without respect to case
BufferedLogs On|Off Off s B
Buffer log entries in memory before writing to disk
BufferSize integer 131072 svdh E
Maximum size in bytes to buffer by the buffer filter
CacheDefaultExpire seconds 3600 (one hour) svdh E
The default duration to cache a document when no expiry date is specified.
CacheDetailHeader on|off off svdh E
Add an X-Cache-Detail header to the response.
CacheDirLength length 2 sv E
The number of characters in subdirectory names
CacheDirLevels levels 2 sv E
The number of levels of subdirectories in the cache.
CacheDisable url-string | on svdh E
Disable caching of specified URLs
CacheEnable cache_type [url-string] svd E
Enable caching of specified URLs using a specified storage manager
CacheFile file-path [file-path] ... s X
Cache a list of file handles at startup time
CacheHeader on|off off svdh E
Add an X-Cache header to the response.
CacheIgnoreCacheControl On|Off Off sv E
Ignore request to not serve cached content to client
CacheIgnoreHeaders header-string [header-string] ... None sv E
Do not store the given HTTP header(s) in the cache.
CacheIgnoreNoLastMod On|Off Off svdh E
Ignore the fact that a response has no Last Modified header.
CacheIgnoreQueryString On|Off Off sv E
Ignore query string when caching
CacheIgnoreURLSessionIdentifiers identifier [identifier] ... None sv E
Ignore defined session identifiers encoded in the URL when caching
CacheKeyBaseURL URL sv E
Override the base URL of reverse proxied cache keys.
CacheLastModifiedFactor float 0.1 svdh E
The factor used to compute an expiry date based on the LastModified date.
CacheLock on|off off sv E
Enable the thundering herd lock.
CacheLockMaxAge integer 5 sv E
Set the maximum possible age of a cache lock.
CacheLockPath directory /tmp/mod_cache-lock + sv E
Set the lock path directory.
CacheMaxExpire seconds 86400 (one day) svdh E
The maximum time in seconds to cache a document
CacheMaxFileSize bytes 1000000 svdh E
The maximum size (in bytes) of a document to be placed in the cache
CacheMinExpire seconds 0 svdh E
The minimum time in seconds to cache a document
CacheMinFileSize bytes 1 svdh E
The minimum size (in bytes) of a document to be placed in the cache
CacheNegotiatedDocs On|Off Off sv B
Allows content-negotiated documents to be cached by proxy servers
CacheQuickHandler on|off on sv E
Run the cache from the quick handler.
CacheReadSize bytes 0 svdh E
The minimum size (in bytes) of the document to read and be cached before sending the data downstream
CacheReadTime milliseconds 0 svdh E
The minimum time (in milliseconds) that should elapse while reading before data is sent downstream
CacheRoot directory sv E
The directory root under which cache files are stored
CacheSocache type[:args] sv E
The shared object cache implementation to use
CacheSocacheMaxSize bytes 102400 svdh E
The maximum size (in bytes) of an entry to be placed in the cache
CacheSocacheMaxTime seconds 86400 svdh E
The maximum time (in seconds) for a document to be placed in the cache
CacheSocacheMinTime seconds 600 svdh E
The minimum time (in seconds) for a document to be placed in the cache
CacheSocacheReadSize bytes 0 svdh E
The minimum size (in bytes) of the document to read and be cached before sending the data downstream
CacheSocacheReadTime milliseconds 0 svdh E
The minimum time (in milliseconds) that should elapse while reading before data is sent downstream
CacheStaleOnError on|off on svdh E
Serve stale content in place of 5xx responses.
CacheStoreExpired On|Off Off svdh E
Attempt to cache responses that the server reports as expired
CacheStoreNoStore On|Off Off svdh E
Attempt to cache requests or responses that have been marked as no-store.
CacheStorePrivate On|Off Off svdh E
Attempt to cache responses that the server has marked as private
CGIDScriptTimeout time[s|ms] svdh B
The length of time to wait for more output from the CGI program
CGIMapExtension cgi-path .extension dh C
Technique for locating the interpreter for CGI scripts
CGIPassAuth On|Off Off dh C
Enables passing HTTP authorization headers to scripts as CGI variables
CGIVar variable rule dh C
Controls how some CGI variables are set
CharsetDefault charset svdh E
Charset to translate into
CharsetOptions option [option] ... ImplicitAdd svdh E
Configures charset translation behavior
CharsetSourceEnc charset svdh E
Source charset of files
CheckBasenameMatch on|off On svdh E
Also match files with differing file name extensions.
CheckCaseOnly on|off Off svdh E
Limits the action of the speling module to case corrections
CheckSpelling on|off Off svdh E
Enables the spelling module
ChrootDir /path/to/directory s B
Directory for apache to run chroot(8) after startup.
ContentDigest On|Off Off svdh C
Enables the generation of Content-MD5 HTTP Response headers
CookieDomain domain svdh E
The domain to which the tracking cookie applies
CookieExpires expiry-period svdh E
Expiry time for the tracking cookie
CookieHTTPOnly on|off off svdh E
Adds the 'HTTPOnly' attribute to the cookie
CookieName token Apache svdh E
Name of the tracking cookie
CookieSameSite None|Lax|Strict svdh E
Adds the 'SameSite' attribute to the cookie
CookieSecure on|off off svdh E
Adds the 'Secure' attribute to the cookie
CookieStyle Netscape|Cookie|Cookie2|RFC2109|RFC2965 Netscape svdh E
Format of the cookie header field
CookieTracking on|off off svdh E
Enables tracking cookie
CoreDumpDirectory directory s M
Directory where Apache HTTP Server attempts to switch before dumping core
CustomLog file|pipe format|nickname [env=[!]environment-variable| expr=expression] sv B
Sets filename and format of log file
Dav On|Off|provider-name Off d E
Enable WebDAV HTTP methods
DavDepthInfinity on|off off svd E
Allow PROPFIND, Depth: Infinity requests
DavGenericLockDB file-path svd E
Location of the DAV lock database
DavLockDB file-path sv E
Location of the DAV lock database
DavLockDiscovery on|off on svdh E
Enable lock discovery
DavMinTimeout seconds 0 svd E
Minimum amount of time the server holds a lock on a DAV resource
DBDExptime time-in-seconds 300 sv E
Keepalive time for idle connections
DBDInitSQL "SQL statement" sv E
Execute an SQL statement after connecting to a database
DBDKeep number 2 sv E
Maximum sustained number of connections
DBDMax number 10 sv E
Maximum number of connections
DBDMin number 1 sv E
Minimum number of connections
DBDParams param1=value1[,param2=value2] sv E
Parameters for database connection
DBDPersist On|Off sv E
Whether to use persistent connections
DBDPrepareSQL "SQL statement" label sv E
Define an SQL prepared statement
DBDriver name sv E
Specify an SQL driver
DefaultIcon url-path svdh B
Icon to display for files when no specific icon is configured
DefaultLanguage language-tag svdh B
Defines a default language-tag to be sent in the Content-Language header field for all resources in the current context that have not been assigned a language-tag by some other means.
DefaultRuntimeDir directory-path DEFAULT_REL_RUNTIME + s C
Base directory for the server run-time files
DefaultType media-type|none none svdh C
This directive has no effect other than to emit warnings if the value is not none. In prior versions, DefaultType would specify a default media type to assign to response content for which no other media type configuration could be found.
Define parameter-name [parameter-value] svd C
Define a variable
DeflateBufferSize value 8096 sv E
Fragment size to be compressed at one time by zlib
DeflateCompressionLevel value sv E
How much compression do we apply to the output
DeflateFilterNote [type] notename sv E
Places the compression ratio in a note for logging
DeflateInflateLimitRequestBody value svdh E
Maximum size of inflated request bodies
DeflateInflateRatioBurst value 3 svdh E
Maximum number of times the inflation ratio for request bodies can be crossed
DeflateInflateRatioLimit value 200 svdh E
Maximum inflation ratio for request bodies
DeflateMemLevel value 9 sv E
How much memory should be used by zlib for compression
DeflateWindowSize value 15 sv E
Zlib compression window size
Deny from all|host|env=[!]env-variable [host|env=[!]env-variable] ... dh E
Controls which hosts are denied access to the server
<Directory directory-path> ... </Directory> sv C
Enclose a group of directives that apply only to the named file-system directory, sub-directories, and their contents.
DirectoryCheckHandler On|Off Off svdh B
Toggle how this module responds when another handler is configured
DirectoryIndex disabled | local-url [local-url] ... index.html svdh B
List of resources to look for when the client requests a directory
DirectoryIndexRedirect on | off | permanent | temp | seeother | 3xx-code off svdh B
Configures an external redirect for directory indexes.
<DirectoryMatch regex> ... </DirectoryMatch> sv C
Enclose directives that apply to the contents of file-system directories matching a regular expression.
DirectorySlash On|Off On svdh B
Toggle trailing slash redirects on or off
DocumentRoot directory-path "/usr/local/apache/ + sv C
Directory that forms the main document tree visible from the web
DTracePrivileges On|Off Off s X
Determines whether the privileges required by dtrace are enabled.
DumpIOInput On|Off Off s E
Dump all input data to the error log
DumpIOOutput On|Off Off s E
Dump all output data to the error log
<Else> ... </Else> svdh C
Contains directives that apply only if the condition of a previous <If> or <ElseIf> section is not satisfied by a request at runtime
<ElseIf expression> ... </ElseIf> svdh C
Contains directives that apply only if a condition is satisfied by a request at runtime while the condition of a previous <If> or <ElseIf> section is not satisfied
EnableExceptionHook On|Off Off s M
Enables a hook that runs exception handlers after a crash
EnableMMAP On|Off On svdh C
Use memory-mapping to read files during delivery
EnableSendfile On|Off Off svdh C
Use the kernel sendfile support to deliver files to the client
Error message svdh C
Abort configuration parsing with a custom error message
ErrorDocument error-code document svdh C
What the server will return to the client in case of an error
ErrorLog file-path|syslog[:[facility][:tag]] logs/error_log (Uni + sv C
Location where the server will log errors
ErrorLogFormat [connection|request] format sv C
Format specification for error log entries
Example svdh X
Demonstration directive to illustrate the Apache module API
ExpiresActive On|Off Off svdh E
Enables generation of Expires headers
ExpiresByType MIME-type <code>seconds svdh E
Value of the Expires header configured by MIME type
ExpiresDefault <code>seconds svdh E
Default algorithm for calculating expiration time
ExtendedStatus On|Off Off[*] s C
Keep track of extended status information for each request
ExtFilterDefine filtername parameters s E
Define an external filter
ExtFilterOptions option [option] ... NoLogStderr d E
Configure mod_ext_filter options
FallbackResource disabled | local-url svdh B
Define a default URL for requests that don't map to a file
FileETag component ... MTime Size svdh C
File attributes used to create the ETag HTTP response header for static files
<Files filename> ... </Files> svdh C
Contains directives that apply to matched filenames
<FilesMatch regex> ... </FilesMatch> svdh C
Contains directives that apply to regular-expression matched filenames
FilterChain [+=-@!]filter-name ... svdh B
Configure the filter chain
FilterDeclare filter-name [type] svdh B
Declare a smart filter
FilterProtocol filter-name [provider-name] proto-flags svdh B
Deal with correct HTTP protocol handling
FilterProvider filter-name provider-name expression svdh B
Register a content filter
FilterTrace filter-name level svd B
Get debug/diagnostic information from mod_filter
FlushMaxPipelined number 5 sv C
Maximum number of pipelined responses above which they are flushed to the network
FlushMaxThreshold number-of-bytes 65536 sv C
Threshold above which pending data are flushed to the network
ForceLanguagePriority None|Prefer|Fallback [Prefer|Fallback] Prefer svdh B
Action to take if a single acceptable document is not found
ForceType media-type|None dh C
Forces all matching files to be served with the specified media type in the HTTP Content-Type header field
ForensicLog filename|pipe sv E
Sets filename of the forensic log
GlobalLogfile|pipe format|nickname [env=[!]environment-variable| expr=expression] s B
Sets filename and format of log file
GprofDir /tmp/gprof/|/tmp/gprof/% sv C
Directory to write gmon.out profiling data to.
GracefulShutdownTimeout seconds 0 s M
Specify a timeout after which a gracefully shutdown server will exit.
Group unix-group #-1 s B
Group under which the server will answer requests
H2CopyFiles on|off off svdh E
Determine file handling in responses
H2Direct on|off on for h2c, off for + sv E
H2 Direct Protocol Switch
H2EarlyHints on|off off sv E
Determine sending of 103 status codes
H2MaxSessionStreams n 100 sv E
Maximum number of active streams per HTTP/2 session.
H2MaxWorkerIdleSeconds n 600 s E
Maximum number of seconds h2 workers remain idle until shut down.
H2MaxWorkers n s E
Maximum number of worker threads to use per child process.
H2MinWorkers n s E
Minimal number of worker threads to use per child process.
H2ModernTLSOnly on|off on sv E
Require HTTP/2 connections to be "modern TLS" only
H2OutputBuffering on|off on sv E
Determine buffering behaviour of output
H2Padding numbits 0 sv E
Determine the range of padding bytes added to payload frames
H2Push on|off on svdh E
H2 Server Push Switch
H2PushDiarySize n 256 sv E
H2 Server Push Diary Size
H2PushPriority mime-type [after|before|interleaved] [weight] * After 16 sv E
H2 Server Push Priority
H2PushResource [add] path [critical] svdh E
Declares resources for early pushing to the client
H2SerializeHeaders on|off off sv E
Serialize Request/Response Processing Switch
H2StreamMaxMemSize bytes 65536 sv E
Maximum amount of output data buffered per stream.
H2TLSCoolDownSecs seconds 1 sv E
Configure the number of seconds of idle time on TLS before shrinking writes
H2TLSWarmUpSize amount 1048576 sv E
Configure the number of bytes on TLS connection before doing max writes
H2Upgrade on|off on for h2c, off for + svdh E
H2 Upgrade Protocol Switch
H2WindowSize bytes 65535 sv E
Size of Stream Window for upstream data.
Header [condition] add|append|echo|edit|edit*|merge|set|setifempty|unset|note header [[expr=]value [replacement] [early|env=[!]varname|expr=expression]] svdh E
Configure HTTP response headers
HeaderName filename svdh B
Name of the file that will be inserted at the top of the index listing
HeartbeatAddress addr:port s X
Multicast address for heartbeat packets
HeartbeatListen addr:port s X
multicast address to listen for incoming heartbeat requests
HeartbeatMaxServers number-of-servers 10 s X
Specifies the maximum number of servers that will be sending heartbeat requests to this server
HeartbeatStorage file-path logs/hb.dat s X
Path to store heartbeat data when using flat-file storage
HeartbeatStorage file-path logs/hb.dat s X
Path to read heartbeat data
HostnameLookups On|Off|Double Off svd C
Enables DNS lookups on client IP addresses
HttpProtocolOptions [Strict|Unsafe] [RegisteredMethods|LenientMethods] [Allow0.9|Require1.0] Strict LenientMetho + sv C
Modify restrictions on HTTP Request Messages
IdentityCheck On|Off Off svd E
Enables logging of the RFC 1413 identity of the remote user
IdentityCheckTimeout seconds 30 svd E
Determines the timeout duration for ident requests
<If expression> ... </If> svdh C
Contains directives that apply only if a condition is satisfied by a request at runtime
<IfDefine [!]parameter-name> ... </IfDefine> svdh C
Encloses directives that will be processed only if a test is true at startup
<IfDirective [!]directive-name> ... </IfDirective> svdh C
Encloses directives that are processed conditional on the presence or absence of a specific directive
<IfFile [!]filename> ... </IfFile> svdh C
Encloses directives that will be processed only if file exists at startup
<IfModule [!]module-file|module-identifier> ... </IfModule> svdh C
Encloses directives that are processed conditional on the presence or absence of a specific module
<IfSection [!]section-name> ... </IfSection> svdh C
Encloses directives that are processed conditional on the presence or absence of a specific section directive
<IfVersion [[!]operator] version> ... </IfVersion> svdh E
contains version dependent configuration
ImapBase map|referer|URL http://servername/ svdh B
Default base for imagemap files
ImapDefault error|nocontent|map|referer|URL nocontent svdh B
Default action when an imagemap is called with coordinates that are not explicitly mapped
ImapMenu none|formatted|semiformatted|unformatted formatted svdh B
Action if no coordinates are given when calling an imagemap
Include file-path|directory-path|wildcard svd C
Includes other configuration files from within the server configuration files
IncludeOptional file-path|directory-path|wildcard svd C
Includes other configuration files from within the server configuration files
IndexHeadInsert "markup ..." svdh B
Inserts text in the HEAD section of an index page.
IndexIgnore file [file] ... "." svdh B
Adds to the list of files to hide when listing a directory
IndexIgnoreReset ON|OFF svdh B
Empties the list of files to hide when listing a directory
IndexOptions [+|-]option [[+|-]option] ... svdh B
Various configuration settings for directory indexing
IndexOrderDefault Ascending|Descending Name|Date|Size|Description Ascending Name svdh B
Sets the default ordering of the directory index
IndexStyleSheet url-path svdh B
Adds a CSS stylesheet to the directory index
InputSed sed-command dh X
Sed command to filter request data (typically POST data)
ISAPIAppendLogToErrors on|off off svdh B
Record HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the error log
ISAPIAppendLogToQuery on|off on svdh B
Record HSE_APPEND_LOG_PARAMETER requests from ISAPI extensions to the query field
ISAPICacheFile file-path [file-path] ... sv B
ISAPI .dll files to be loaded at startup
ISAPIFakeAsync on|off off svdh B
Fake asynchronous support for ISAPI callbacks
ISAPILogNotSupported on|off off svdh B
Log unsupported feature requests from ISAPI extensions
ISAPIReadAheadBuffer size 49152 svdh B
Size of the Read Ahead Buffer sent to ISAPI extensions
KeepAlive On|Off On sv C
Enables HTTP persistent connections
KeepAliveTimeout num[ms] 5 sv C
Amount of time the server will wait for subsequent requests on a persistent connection
KeptBodySize maximum size in bytes 0 d B
Keep the request body instead of discarding it up to the specified maximum size, for potential use by filters such as mod_include.
LanguagePriority MIME-lang [MIME-lang] ... svdh B
The precedence of language variants for cases where the client does not express a preference
LDAPCacheEntries number 1024 s E
Maximum number of entries in the primary LDAP cache
LDAPCacheTTL seconds 600 s E
Time that cached items remain valid
LDAPConnectionPoolTTL n -1 sv E
Discard backend connections that have been sitting in the connection pool too long
LDAPConnectionTimeout seconds s E
Specifies the socket connection timeout in seconds
LDAPLibraryDebug 7 s E
Enable debugging in the LDAP SDK
LDAPOpCacheEntries number 1024 s E
Number of entries used to cache LDAP compare operations
LDAPOpCacheTTL seconds 600 s E
Time that entries in the operation cache remain valid
LDAPReferralHopLimit number dh E
The maximum number of referral hops to chase before terminating an LDAP query.
LDAPReferrals On|Off|default On dh E
Enable referral chasing during queries to the LDAP server.
LDAPRetries number-of-retries 3 s E
Configures the number of LDAP server retries.
LDAPRetryDelay seconds 0 s E
Configures the delay between LDAP server retries.
LDAPSharedCacheFile directory-path/filename s E
Sets the shared memory cache file
LDAPSharedCacheSize bytes 500000 s E
Size in bytes of the shared-memory cache
LDAPTimeout seconds 60 s E
Specifies the timeout for LDAP search and bind operations, in seconds
LDAPTrustedClientCert type directory-path/filename/nickname [password] dh E
Sets the file containing or nickname referring to a per connection client certificate. Not all LDAP toolkits support per connection client certificates.
LDAPTrustedGlobalCert type directory-path/filename [password] s E
Sets the file or database containing global trusted Certificate Authority or global client certificates
LDAPTrustedMode type sv E
Specifies the SSL/TLS mode to be used when connecting to an LDAP server.
LDAPVerifyServerCert On|Off On s E
Force server certificate verification
<Limit method [method] ... > ... </Limit> dh C
Restrict enclosed access controls to only certain HTTP methods
<LimitExcept method [method] ... > ... </LimitExcept> dh C
Restrict access controls to all HTTP methods except the named ones
LimitInternalRecursion number [number] 10 sv C
Determine maximum number of internal redirects and nested subrequests
LimitRequestBody bytes 1073741824 svdh C
Restricts the total size of the HTTP request body sent from the client
LimitRequestFields number 100 sv C
Limits the number of HTTP request header fields that will be accepted from the client
LimitRequestFieldSize bytes 8190 sv C
Limits the size of the HTTP request header allowed from the client
LimitRequestLine bytes 8190 sv C
Limit the size of the HTTP request line that will be accepted from the client
LimitXMLRequestBody bytes 1000000 svdh C
Limits the size of an XML-based request body
Listen [IP-address:]portnumber [protocol] s M
IP addresses and ports that the server listens to
ListenBackLog backlog 511 s M
Maximum length of the queue of pending connections
ListenCoresBucketsRatio ratio 0 (disabled) s M
Ratio between the number of CPU cores (online) and the number of listeners' buckets
LoadFile filename [filename] ... sv E
Link in the named object file or library
LoadModule module filename sv E
Links in the object file or library, and adds to the list of active modules
<Location URL-path|URL> ... </Location> sv C
Applies the enclosed directives only to matching URLs
<LocationMatch regex> ... </LocationMatch> sv C
Applies the enclosed directives only to regular-expression matching URLs
LogFormat format|nickname [nickname] "%h %l %u %t \"%r\" + sv B
Describes a format for use in a log file
LogIOTrackTTFB ON|OFF OFF svdh E
Enable tracking of time to first byte (TTFB)
LogLevel [module:]level [module:level] ... warn svd C
Controls the verbosity of the ErrorLog
LogMessage message [hook=hook] [expr=expression] d X
Log user-defined message to error log
LuaAuthzProvider provider_name /path/to/lua/script.lua function_name s E
Plug an authorization provider function into mod_authz_core
LuaCodeCache stat|forever|never stat svdh E
Configure the compiled code cache.
LuaHookAccessChecker /path/to/lua/script.lua hook_function_name [early|late] svdh E
Provide a hook for the access_checker phase of request processing
LuaHookAuthChecker /path/to/lua/script.lua hook_function_name [early|late] svdh E
Provide a hook for the auth_checker phase of request processing
LuaHookCheckUserID /path/to/lua/script.lua hook_function_name [early|late] svdh E
Provide a hook for the check_user_id phase of request processing
LuaHookFixups /path/to/lua/script.lua hook_function_name svdh E
Provide a hook for the fixups phase of a request processing
LuaHookInsertFilter /path/to/lua/script.lua hook_function_name svdh E
Provide a hook for the insert_filter phase of request processing
LuaHookLog /path/to/lua/script.lua log_function_name svdh E
Provide a hook for the access log phase of a request processing
LuaHookMapToStorage /path/to/lua/script.lua hook_function_name svdh E
Provide a hook for the map_to_storage phase of request processing
LuaHookPreTranslate /path/to/lua/script.lua hook_function_name svdh E
Provide a hook for the pre_translate phase of a request processing
LuaHookTranslateName /path/to/lua/script.lua hook_function_name [early|late] sv E
Provide a hook for the translate name phase of request processing
LuaHookTypeChecker /path/to/lua/script.lua hook_function_name svdh E
Provide a hook for the type_checker phase of request processing
LuaInherit none|parent-first|parent-last parent-first svdh E
Controls how parent configuration sections are merged into children
LuaInputFilter filter_name /path/to/lua/script.lua function_name s E
Provide a Lua function for content input filtering
LuaMapHandler uri-pattern /path/to/lua/script.lua [function-name] svdh E
Map a path to a lua handler
LuaOutputFilter filter_name /path/to/lua/script.lua function_name s E
Provide a Lua function for content output filtering
LuaPackageCPath /path/to/include/?.soa svdh E
Add a directory to lua's package.cpath
LuaPackagePath /path/to/include/?.lua svdh E
Add a directory to lua's package.path
LuaQuickHandler /path/to/script.lua hook_function_name sv E
Provide a hook for the quick handler of request processing
LuaRoot /path/to/a/directory svdh E
Specify the base path for resolving relative paths for mod_lua directives
LuaScope once|request|conn|thread|server [min] [max] once svdh E
One of once, request, conn, thread -- default is once
<Macro name [par1 .. parN]> ... </Macro> svd B
Define a configuration file macro
MaxConnectionsPerChild number 0 s M
Limit on the number of connections that an individual child server will handle during its life
MaxKeepAliveRequests number 100 sv C
Number of requests allowed on a persistent connection
MaxMemFree KBytes 2048 s M
Maximum amount of memory that the main allocator is allowed to hold without calling free()
MaxRangeOverlaps default | unlimited | none | number-of-ranges 20 svd C
Number of overlapping ranges (eg: 100-200,150-300) allowed before returning the complete resource
MaxRangeReversals default | unlimited | none | number-of-ranges 20 svd C
Number of range reversals (eg: 100-200,50-70) allowed before returning the complete resource
MaxRanges default | unlimited | none | number-of-ranges 200 svd C
Number of ranges allowed before returning the complete resource
MaxRequestWorkers number s M
Maximum number of connections that will be processed simultaneously
MaxSpareServers number 10 s M
Maximum number of idle child server processes
MaxSpareThreads number s M
Maximum number of idle threads
MaxThreads number 2048 s M
Set the maximum number of worker threads
MDActivationDelay duration s X
-
MDBaseServer on|off off s X
Control if base server may be managed or only virtual hosts.
MDCAChallenges name [ name ... ] tls-alpn-01 http-01 + s X
Type of ACME challenge used to prove domain ownership.
MDCertificateAgreement accepted s X
You confirm that you accepted the Terms of Service of the Certificate Authority.
MDCertificateAuthority url letsencrypt s X
The URL(s) of the ACME Certificate Authority to use.
MDCertificateCheck name url s X
-
MDCertificateFile path-to-pem-file s X
Specify a static certificate file for the MD.
MDCertificateKeyFile path-to-file s X
Specify a static private key for for the static cerrtificate.
MDCertificateMonitor name url crt.sh https://crt. + s X
The URL of a certificate log monitor.
MDCertificateProtocol protocol ACME s X
The protocol to use with the Certificate Authority.
MDCertificateStatus on|off on s X
Exposes public certificate information in JSON.
MDChallengeDns01 path-to-command s X
-
MDContactEmail address s X
-
MDDriveMode always|auto|manual auto s X
former name of MDRenewMode.
MDExternalAccountBinding key-id hmac-64 | none | file none s X
-
MDHttpProxy url s X
Define a proxy for outgoing connections.
MDMember hostname s X
Additional hostname for the managed domain.
MDMembers auto|manual auto s X
Control if the alias domain names are automatically added.
MDMessageCmd path-to-cmd optional-args s X
Handle events for Manage Domains
MDMustStaple on|off off s X
Control if new certificates carry the OCSP Must Staple flag.
MDNotifyCmd path [ args ] s X
Run a program when a Managed Domain is ready.
MDomain dns-name [ other-dns-name... ] [auto|manual] s X
Define list of domain names that belong to one group.
<MDomainSet dns-name [ other-dns-name... ]>...</MDomainSet> s X
Container for directives applied to the same managed domains.
MDPortMap map1 [ map2 ] http:80 https:443 s X
Map external to internal ports for domain ownership verification.
MDPrivateKeys type [ params... ] RSA 2048 s X
Set type and size of the private keys generated.
MDRenewMode always|auto|manual auto s X
Controls if certificates shall be renewed.
MDRenewWindow duration 33% s X
Control when a certificate will be renewed.
MDRequireHttps off|temporary|permanent off s X
Redirects http: traffic to https: for Managed Domains.
MDRetryDelay duration 5s s X
-
MDRetryFailover number 13 s X
-
MDServerStatus on|off on s X
Control if Managed Domain information is added to server-status.
MDStapleOthers on|off on s X
Enable stapling for certificates not managed by mod_md.
MDStapling on|off off s X
Enable stapling for all or a particular MDomain.
MDStaplingKeepResponse duration 7d s X
Controls when old responses should be removed.
MDStaplingRenewWindow duration 33% s X
Control when the stapling responses will be renewed.
MDStoreDir path md s X
Path on the local file system to store the Managed Domains data.
MDStoreLocks on|off|duration off s X
-
MDWarnWindow duration 10% s X
Define the time window when you want to be warned about an expiring certificate.
MemcacheConnTTL num[units] 15s sv E
Keepalive time for idle connections
MergeSlashes ON|OFF ON sv C
Controls whether the server merges consecutive slashes in URLs.
MergeTrailers [on|off] off sv C
Determines whether trailers are merged into headers
MetaDir directory .web svdh E
Name of the directory to find CERN-style meta information files
MetaFiles on|off off svdh E
Activates CERN meta-file processing
MetaSuffix suffix .meta svdh E
File name suffix for the file containing CERN-style meta information
MimeMagicFile file-path sv E
Enable MIME-type determination based on file contents using the specified magic file
MinSpareServers number 5 s M
Minimum number of idle child server processes
MinSpareThreads number s M
Minimum number of idle threads available to handle request spikes
MMapFile file-path [file-path] ... s X
Map a list of files into memory at startup time
ModemStandard V.21|V.26bis|V.32|V.34|V.92 d X
Modem standard to simulate
ModMimeUsePathInfo On|Off Off d B
Tells mod_mime to treat path_info components as part of the filename
MultiviewsMatch Any|NegotiatedOnly|Filters|Handlers [Handlers|Filters] NegotiatedOnly svdh B
The types of files that will be included when searching for a matching file with MultiViews
Mutex mechanism [default|mutex-name] ... [OmitPID] default s C
Configures mutex mechanism and lock file directory for all or specified mutexes
NameVirtualHost addr[:port] s C
DEPRECATED: Designates an IP address for name-virtual hosting
NoProxy host [host] ... sv E
Hosts, domains, or networks that will be connected to directly
NWSSLTrustedCerts filename [filename] ... s B
List of additional client certificates
NWSSLUpgradeable [IP-address:]portnumber s B
Allows a connection to be upgraded to an SSL connection upon request
Options [+|-]option [[+|-]option] ... FollowSymlinks svdh C
Configures what features are available in a particular directory
Order ordering Deny,Allow dh E
Controls the default access state and the order in which Allow and Deny are evaluated.
OutputSed sed-command dh X
Sed command for filtering response content
PassEnv env-variable [env-variable] ... svdh B
Passes environment variables from the shell
PidFile filename logs/httpd.pid s M
File where the server records the process ID of the daemon
PrivilegesMode FAST|SECURE|SELECTIVE FAST svd X
Trade off processing speed and efficiency vs security against malicious privileges-aware code.
Protocol protocol sv C
Protocol for a listening socket
ProtocolEcho On|Off Off sv X
Turn the echo server on or off
Protocols protocol ... http/1.1 sv C
Protocols available for a server/virtual host
ProtocolsHonorOrder On|Off On sv C
Determines if order of Protocols determines precedence during negotiation
<Proxy wildcard-url> ...</Proxy> sv E
Container for directives applied to proxied resources
Proxy100Continue Off|On On svd E
Forward 100-continue expectation to the origin server
ProxyAddHeaders Off|On On svd E
Add proxy information in X-Forwarded-* headers
ProxyBadHeader IsError|Ignore|StartBody IsError sv E
Determines how to handle bad header lines in a response
ProxyBlock *|word|host|domain [word|host|domain] ... sv E
Words, hosts, or domains that are banned from being proxied
ProxyDomain Domain sv E
Default domain name for proxied requests
ProxyErrorOverride Off|On [code ...] Off svd E
Override error pages for proxied content
ProxyExpressDBMFile pathname sv E
Pathname to DBM file.
ProxyExpressDBMType type default sv E
DBM type of file.
ProxyExpressEnable on|off off sv E
Enable the module functionality.
ProxyFCGIBackendType FPM|GENERIC FPM svdh E
Specify the type of backend FastCGI application
ProxyFCGISetEnvIf conditional-expression [!]environment-variable-name [value-expression] svdh E
Allow variables sent to FastCGI servers to be fixed up
ProxyFtpDirCharset character_set ISO-8859-1 svd E
Define the character set for proxied FTP listings
ProxyFtpEscapeWildcards on|off on svd E
Whether wildcards in requested filenames are escaped when sent to the FTP server
ProxyFtpListOnWildcard on|off on svd E
Whether wildcards in requested filenames trigger a file listing
ProxyHCExpr name {ap_expr expression} sv E
Creates a named condition expression to use to determine health of the backend based on its response
ProxyHCTemplate name parameter=setting [...] sv E
Creates a named template for setting various health check parameters
ProxyHCTPsize size 16 s E
Sets the total server-wide size of the threadpool used for the health check workers
ProxyHTMLBufSize bytes 8192 svd B
Sets the buffer size increment for buffering inline scripts and stylesheets.
ProxyHTMLCharsetOut Charset | * svd B
Specify a charset for mod_proxy_html output.
ProxyHTMLDocType HTML|XHTML [Legacy]
OR
ProxyHTMLDocType fpi [SGML|XML]
svd B
Sets an HTML or XHTML document type declaration.
ProxyHTMLEnable On|Off Off svd B
Turns the proxy_html filter on or off.
ProxyHTMLEvents attribute [attribute ...] svd B
Specify attributes to treat as scripting events.
ProxyHTMLExtended On|Off Off svd B
Determines whether to fix links in inline scripts, stylesheets, and scripting events.
ProxyHTMLFixups [lowercase] [dospath] [reset] svd B
Fixes for simple HTML errors.
ProxyHTMLInterp On|Off Off svd B
Enables per-request interpolation of ProxyHTMLURLMap rules.
ProxyHTMLLinks element attribute [attribute2 ...] svd B
Specify HTML elements that have URL attributes to be rewritten.
ProxyHTMLMeta On|Off Off svd B
Turns on or off extra pre-parsing of metadata in HTML <head> sections.
ProxyHTMLStripComments On|Off Off svd B
Determines whether to strip HTML comments.
ProxyHTMLURLMap from-pattern to-pattern [flags] [cond] svd B
Defines a rule to rewrite HTML links
ProxyIOBufferSize bytes 8192 sv E
Determine size of internal data throughput buffer
<ProxyMatch regex> ...</ProxyMatch> sv E
Container for directives applied to regular-expression-matched proxied resources
ProxyMaxForwards number -1 sv E
Maximum number of proxies that a request can be forwarded through
ProxyPass [path] !|url [key=value [key=value ...]] [nocanon] [interpolate] [noquery] svd E
Maps remote servers into the local server URL-space
ProxyPassInherit On|Off On sv E
Inherit ProxyPass directives defined from the main server
ProxyPassInterpolateEnv On|Off Off svd E
Enable Environment Variable interpolation in Reverse Proxy configurations
ProxyPassMatch [regex] !|url [key=value [key=value ...]] svd E
Maps remote servers into the local server URL-space using regular expressions
ProxyPassReverse [path] url [interpolate] svd E
Adjusts the URL in HTTP response headers sent from a reverse proxied server
ProxyPassReverseCookieDomain internal-domain public-domain [interpolate] svd E
Adjusts the Domain string in Set-Cookie headers from a reverse- proxied server
ProxyPassReverseCookiePath internal-path public-path [interpolate] svd E
Adjusts the Path string in Set-Cookie headers from a reverse- proxied server
ProxyPreserveHost On|Off Off svd E
Use incoming Host HTTP request header for proxy request
ProxyReceiveBufferSize bytes 0 sv E
Network buffer size for proxied HTTP and FTP connections
ProxyRemote match remote-server sv E
Remote proxy used to handle certain requests
ProxyRemoteMatch regex remote-server sv E
Remote proxy used to handle requests matched by regular expressions
ProxyRequests On|Off Off sv E
Enables forward (standard) proxy requests
ProxySCGIInternalRedirect On|Off|Headername On svd E
Enable or disable internal redirect responses from the backend
ProxySCGISendfile On|Off|Headername Off svd E
Enable evaluation of X-Sendfile pseudo response header
ProxySet url key=value [key=value ...] svd E
Set various Proxy balancer or member parameters
ProxySourceAddress address sv E
Set local IP address for outgoing proxy connections
ProxyStatus Off|On|Full Off sv E
Show Proxy LoadBalancer status in mod_status
ProxyTimeout seconds sv E
Network timeout for proxied requests
ProxyVia On|Off|Full|Block Off sv E
Information provided in the Via HTTP response header for proxied requests
ProxyWebsocketFallbackToProxyHttp On|Off On sv E
Instructs this module to let mod_proxy_http handle the request
QualifyRedirectURL On|Off Off svd C
Controls whether the REDIRECT_URL environment variable is fully qualified
ReadBufferSize bytes 8192 svd C
Size of the buffers used to read data
ReadmeName filename svdh B
Name of the file that will be inserted at the end of the index listing
ReceiveBufferSize bytes 0 s M
TCP receive buffer size
Redirect [status] [URL-path] URL svdh B
Sends an external redirect asking the client to fetch a different URL
RedirectMatch [status] regex URL svdh B
Sends an external redirect based on a regular expression match of the current URL
RedirectPermanent URL-path URL svdh B
Sends an external permanent redirect asking the client to fetch a different URL
RedirectTemp URL-path URL svdh B
Sends an external temporary redirect asking the client to fetch a different URL
RedisConnPoolTTL num[units] 15s sv E
TTL used for the connection pool with the Redis server(s)
RedisTimeout num[units] 5s sv E
R/W timeout used for the connection with the Redis server(s)
ReflectorHeader inputheader [outputheader] svdh B
Reflect an input header to the output headers
RegexDefaultOptions [none] [+|-]option [[+|-]option] ... DOTALL DOLLAR_ENDON + s C
Allow to configure global/default options for regexes
RegisterHttpMethod method [method [...]] s C
Register non-standard HTTP methods
RemoteIPHeader header-field sv B
Declare the header field which should be parsed for useragent IP addresses
RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ... sv B
Declare client intranet IP addresses trusted to present the RemoteIPHeader value
RemoteIPInternalProxyList filename sv B
Declare client intranet IP addresses trusted to present the RemoteIPHeader value
RemoteIPProxiesHeader HeaderFieldName sv B
Declare the header field which will record all intermediate IP addresses
RemoteIPProxyProtocol On|Off sv B
Enable or disable PROXY protocol handling
RemoteIPProxyProtocolExceptions host|range [host|range] [host|range] sv B
Disable processing of PROXY header for certain hosts or networks
RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ... sv B
Declare client intranet IP addresses trusted to present the RemoteIPHeader value
RemoteIPTrustedProxyList filename sv B
Declare client intranet IP addresses trusted to present the RemoteIPHeader value
RemoveCharset extension [extension] ... vdh B
Removes any character set associations for a set of file extensions
RemoveEncoding extension [extension] ... vdh B
Removes any content encoding associations for a set of file extensions
RemoveHandler extension [extension] ... vdh B
Removes any handler associations for a set of file extensions
RemoveInputFilter extension [extension] ... vdh B
Removes any input filter associations for a set of file extensions
RemoveLanguage extension [extension] ... vdh B
Removes any language associations for a set of file extensions
RemoveOutputFilter extension [extension] ... vdh B
Removes any output filter associations for a set of file extensions
RemoveType extension [extension] ... vdh B
Removes any content type associations for a set of file extensions
RequestHeader add|append|edit|edit*|merge|set|setifempty|unset header [[expr=]value [replacement] [early|env=[!]varname|expr=expression]] svdh E
Configure HTTP request headers
RequestReadTimeout [handshake=timeout[-maxtimeout][,MinRate=rate] [header=timeout[-maxtimeout][,MinRate=rate] [body=timeout[-maxtimeout][,MinRate=rate] handshake=0 header= + sv E
Set timeout values for completing the TLS handshake, receiving the request headers and/or body from client.
Require [not] entity-name [entity-name] ... dh B
Tests whether an authenticated user is authorized by an authorization provider.
<RequireAll> ... </RequireAll> dh B
Enclose a group of authorization directives of which none must fail and at least one must succeed for the enclosing directive to succeed.
<RequireAny> ... </RequireAny> dh B
Enclose a group of authorization directives of which one must succeed for the enclosing directive to succeed.
<RequireNone> ... </RequireNone> dh B
Enclose a group of authorization directives of which none must succeed for the enclosing directive to not fail.
RewriteBase URL-path dh E
Sets the base URL for per-directory rewrites
RewriteCond TestString CondPattern [flags] svdh E
Defines a condition under which rewriting will take place
RewriteEngine on|off off svdh E
Enables or disables runtime rewriting engine
RewriteMap MapName MapType:MapSource [MapTypeOptions] sv E
Defines a mapping function for key-lookup
RewriteOptions Options svdh E
Sets some special options for the rewrite engine
RewriteRule Pattern Substitution [flags] svdh E
Defines rules for the rewriting engine
RLimitCPU seconds|max [seconds|max] svdh C
Limits the CPU consumption of processes launched by Apache httpd children
RLimitMEM bytes|max [bytes|max] svdh C
Limits the memory consumption of processes launched by Apache httpd children
RLimitNPROC number|max [number|max] svdh C
Limits the number of processes that can be launched by processes launched by Apache httpd children
Satisfy Any|All All dh E
Interaction between host-level access control and user authentication
ScoreBoardFile file-path logs/apache_runtime + s M
Location of the file used to store coordination data for the child processes
Script method cgi-script svd B
Activates a CGI script for a particular request method.
ScriptAlias [URL-path] file-path|directory-path svd B
Maps a URL to a filesystem location and designates the target as a CGI script
ScriptAliasMatch regex file-path|directory-path sv B
Maps a URL to a filesystem location using a regular expression and designates the target as a CGI script
ScriptInterpreterSource Registry|Registry-Strict|Script Script svdh C
Technique for locating the interpreter for CGI scripts
ScriptLog file-path sv B
Location of the CGI script error logfile
ScriptLogBuffer bytes 1024 sv B
Maximum amount of PUT or POST requests that will be recorded in the scriptlog
ScriptLogLength bytes 10385760 sv B
Size limit of the CGI script logfile
ScriptSock file-path cgisock s B
The filename prefix of the socket to use for communication with the cgi daemon
SecureListen [IP-address:]portnumber Certificate-Name [MUTUAL] s B
Enables SSL encryption for the specified port
SeeRequestTail On|Off Off s C
Determine if mod_status displays the first 63 characters of a request or the last 63, assuming the request itself is greater than 63 chars.
SendBufferSize bytes 0 s M
TCP buffer size
ServerAdmin email-address|URL sv C
Email address that the server includes in error messages sent to the client
ServerAlias hostname [hostname] ... v C
Alternate names for a host used when matching requests to name-virtual hosts
ServerLimit number s M
Upper limit on configurable number of processes
ServerName [scheme://]domain-name|ip-address[:port] sv C
Hostname and port that the server uses to identify itself
ServerPath URL-path v C
Legacy URL pathname for a name-based virtual host that is accessed by an incompatible browser
ServerRoot directory-path /usr/local/apache s C
Base directory for the server installation
ServerSignature On|Off|EMail Off svdh C
Configures the footer on server-generated documents
ServerTokens Major|Minor|Min[imal]|Prod[uctOnly]|OS|Full Full s C
Configures the Server HTTP response header
Session On|Off Off svdh E
Enables a session for the current directory or location
SessionCookieName name attributes svdh E
Name and attributes for the RFC2109 cookie storing the session
SessionCookieName2 name attributes svdh E
Name and attributes for the RFC2965 cookie storing the session
SessionCookieRemove On|Off Off svdh E
Control for whether session cookies should be removed from incoming HTTP headers
SessionCryptoCipher name aes256 svdh X
The crypto cipher to be used to encrypt the session
SessionCryptoDriver name [param[=value]] s X
The crypto driver to be used to encrypt the session
SessionCryptoPassphrase secret [ secret ... ] svdh X
The key used to encrypt the session
SessionCryptoPassphraseFile filename svd X
File containing keys used to encrypt the session
SessionDBDCookieName name attributes svdh E
Name and attributes for the RFC2109 cookie storing the session ID
SessionDBDCookieName2 name attributes svdh E
Name and attributes for the RFC2965 cookie storing the session ID
SessionDBDCookieRemove On|Off On svdh E
Control for whether session ID cookies should be removed from incoming HTTP headers
SessionDBDDeleteLabel label deletesession svdh E
The SQL query to use to remove sessions from the database
SessionDBDInsertLabel label insertsession svdh E
The SQL query to use to insert sessions into the database
SessionDBDPerUser On|Off Off svdh E
Enable a per user session
SessionDBDSelectLabel label selectsession svdh E
The SQL query to use to select sessions from the database
SessionDBDUpdateLabel label updatesession svdh E
The SQL query to use to update existing sessions in the database
SessionEnv On|Off Off svdh E
Control whether the contents of the session are written to the HTTP_SESSION environment variable
SessionExclude path svdh E
Define URL prefixes for which a session is ignored
SessionExpiryUpdateInterval interval 0 (always update) svdh E
Define the number of seconds a session's expiry may change without the session being updated
SessionHeader header svdh E
Import session updates from a given HTTP response header
SessionInclude path svdh E
Define URL prefixes for which a session is valid
SessionMaxAge maxage 0 svdh E
Define a maximum age in seconds for a session
SetEnv env-variable [value] svdh B
Sets environment variables
SetEnvIf attribute regex [!]env-variable[=value] [[!]env-variable[=value]] ... svdh B
Sets environment variables based on attributes of the request
SetEnvIfExpr expr [!]env-variable[=value] [[!]env-variable[=value]] ... svdh B
Sets environment variables based on an ap_expr expression
SetEnvIfNoCase attribute regex [!]env-variable[=value] [[!]env-variable[=value]] ... svdh B
Sets environment variables based on attributes of the request without respect to case
SetHandler handler-name|none|expression svdh C
Forces all matching files to be processed by a handler
SetInputFilter filter[;filter...] svdh C
Sets the filters that will process client requests and POST input
SetOutputFilter filter[;filter...] svdh C
Sets the filters that will process responses from the server
SSIEndTag tag "-->" sv B
String that ends an include element
SSIErrorMsg message "[an error occurred + svdh B
Error message displayed when there is an SSI error
SSIETag on|off off dh B
Controls whether ETags are generated by the server.
SSILastModified on|off off dh B
Controls whether Last-Modified headers are generated by the server.
SSILegacyExprParser on|off off dh B
Enable compatibility mode for conditional expressions.
SSIStartTag tag "<!--#" sv B
String that starts an include element
SSITimeFormat formatstring "%A, %d-%b-%Y %H:%M + svdh B
Configures the format in which date strings are displayed
SSIUndefinedEcho string "(none)" svdh B
String displayed when an unset variable is echoed
SSLCACertificateFile file-path sv E
File of concatenated PEM-encoded CA Certificates for Client Auth
SSLCACertificatePath directory-path sv E
Directory of PEM-encoded CA Certificates for Client Auth
SSLCADNRequestFile file-path sv E
File of concatenated PEM-encoded CA Certificates for defining acceptable CA names
SSLCADNRequestPath directory-path sv E
Directory of PEM-encoded CA Certificates for defining acceptable CA names
SSLCARevocationCheck chain|leaf|none [flags ...] none sv E
Enable CRL-based revocation checking
SSLCARevocationFile file-path sv E
File of concatenated PEM-encoded CA CRLs for Client Auth
SSLCARevocationPath directory-path sv E
Directory of PEM-encoded CA CRLs for Client Auth
SSLCertificateChainFile file-path sv E
File of PEM-encoded Server CA Certificates
SSLCertificateFile file-path|certid sv E
Server PEM-encoded X.509 certificate data file or token identifier
SSLCertificateKeyFile file-path|keyid sv E
Server PEM-encoded private key file
SSLCipherSuite [protocol] cipher-spec DEFAULT (depends on + svdh E
Cipher Suite available for negotiation in SSL handshake
SSLCompression on|off off sv E
Enable compression on the SSL level
SSLCryptoDevice engine builtin s E
Enable use of a cryptographic hardware accelerator
SSLEngine on|off|optional off sv E
SSL Engine Operation Switch
SSLFIPS on|off off s E
SSL FIPS mode Switch
SSLHonorCipherOrder on|off off sv E
Option to prefer the server's cipher preference order
SSLInsecureRenegotiation on|off off sv E
Option to enable support for insecure renegotiation
SSLOCSPDefaultResponder uri sv E
Set the default responder URI for OCSP validation
SSLOCSPEnable on|leaf|off off sv E
Enable OCSP validation of the client certificate chain
SSLOCSPNoverify on|off off sv E
skip the OCSP responder certificates verification
SSLOCSPOverrideResponder on|off off sv E
Force use of the default responder URI for OCSP validation
SSLOCSPProxyURL url sv E
Proxy URL to use for OCSP requests
SSLOCSPResponderCertificateFile file sv E
Set of trusted PEM encoded OCSP responder certificates
SSLOCSPResponderTimeout seconds 10 sv E
Timeout for OCSP queries
SSLOCSPResponseMaxAge seconds -1 sv E
Maximum allowable age for OCSP responses
SSLOCSPResponseTimeSkew seconds 300 sv E
Maximum allowable time skew for OCSP response validation
SSLOCSPUseRequestNonce on|off on sv E
Use a nonce within OCSP queries
SSLOpenSSLConfCmd command-name command-value sv E
Configure OpenSSL parameters through its SSL_CONF API
SSLOptions [+|-]option ... svdh E
Configure various SSL engine run-time options
SSLPassPhraseDialog type builtin s E
Type of pass phrase dialog for encrypted private keys
SSLProtocol [+|-]protocol ... all -SSLv3 (up to 2 + sv E
Configure usable SSL/TLS protocol versions
SSLProxyCACertificateFile file-path svp E
File of concatenated PEM-encoded CA Certificates for Remote Server Auth
SSLProxyCACertificatePath directory-path svp E
Directory of PEM-encoded CA Certificates for Remote Server Auth
SSLProxyCARevocationCheck chain|leaf|none none svp E
Enable CRL-based revocation checking for Remote Server Auth
SSLProxyCARevocationFile file-path svp E
File of concatenated PEM-encoded CA CRLs for Remote Server Auth
SSLProxyCARevocationPath directory-path svp E
Directory of PEM-encoded CA CRLs for Remote Server Auth
SSLProxyCheckPeerCN on|off on svp E
Whether to check the remote server certificate's CN field
SSLProxyCheckPeerExpire on|off on svp E
Whether to check if remote server certificate is expired
SSLProxyCheckPeerName on|off on svp E
Configure host name checking for remote server certificates
SSLProxyCipherSuite [protocol] cipher-spec ALL:!ADH:RC4+RSA:+H + svp E
Cipher Suite available for negotiation in SSL proxy handshake
SSLProxyEngine on|off off svp E
SSL Proxy Engine Operation Switch
SSLProxyMachineCertificateChainFile filename svp E
File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate
SSLProxyMachineCertificateFile filename svp E
File of concatenated PEM-encoded client certificates and keys to be used by the proxy
SSLProxyMachineCertificatePath directory svp E
Directory of PEM-encoded client certificates and keys to be used by the proxy
SSLProxyProtocol [+|-]protocol ... all -SSLv3 (up to 2 + svp E
Configure usable SSL protocol flavors for proxy usage
SSLProxyVerify level none svp E
Type of remote server Certificate verification
SSLProxyVerifyDepth number 1 svp E
Maximum depth of CA Certificates in Remote Server Certificate verification
SSLRandomSeed context source [bytes] s E
Pseudo Random Number Generator (PRNG) seeding source
SSLRenegBufferSize bytes 131072 dh E
Set the size for the SSL renegotiation buffer
SSLRequire expression dh E
Allow access only when an arbitrarily complex boolean expression is true
SSLRequireSSL dh E
Deny access when SSL is not used for the HTTP request
SSLSessionCache type none s E
Type of the global/inter-process SSL Session Cache
SSLSessionCacheTimeout seconds 300 sv E
Number of seconds before an SSL session expires in the Session Cache
SSLSessionTicketKeyFile file-path sv E
Persistent encryption/decryption key for TLS session tickets
SSLSessionTickets on|off on sv E
Enable or disable use of TLS session tickets
SSLSRPUnknownUserSeed secret-string sv E
SRP unknown user seed
SSLSRPVerifierFile file-path sv E
Path to SRP verifier file
SSLStaplingCache type s E
Configures the OCSP stapling cache
SSLStaplingErrorCacheTimeout seconds 600 sv E
Number of seconds before expiring invalid responses in the OCSP stapling cache
SSLStaplingFakeTryLater on|off on sv E
Synthesize "tryLater" responses for failed OCSP stapling queries
SSLStaplingForceURL uri sv E
Override the OCSP responder URI specified in the certificate's AIA extension
SSLStaplingResponderTimeout seconds 10 sv E
Timeout for OCSP stapling queries
SSLStaplingResponseMaxAge seconds -1 sv E
Maximum allowable age for OCSP stapling responses
SSLStaplingResponseTimeSkew seconds 300 sv E
Maximum allowable time skew for OCSP stapling response validation
SSLStaplingReturnResponderErrors on|off on sv E
Pass stapling related OCSP errors on to client
SSLStaplingStandardCacheTimeout seconds 3600 sv E
Number of seconds before expiring responses in the OCSP stapling cache
SSLStrictSNIVHostCheck on|off off sv E
Whether to allow non-SNI clients to access a name-based virtual host.
SSLUserName varname sdh E
Variable name to determine user name
SSLUseStapling on|off off sv E
Enable stapling of OCSP responses in the TLS handshake
SSLVerifyClient level none svdh E
Type of Client Certificate verification
SSLVerifyDepth number 1 svdh E
Maximum depth of CA Certificates in Client Certificate verification
StartServers number s M
Number of child server processes created at startup
StartThreads number s M
Number of threads created on startup
StrictHostCheck ON|OFF OFF sv C
Controls whether the server requires the requested hostname be listed enumerated in the virtual host handling the request
Substitute s/pattern/substitution/[infq] dh E
Pattern to filter the response content
SubstituteInheritBefore on|off off dh E
Change the merge order of inherited patterns
SubstituteMaxLineLength bytes(b|B|k|K|m|M|g|G) 1m dh E
Set the maximum line size
Suexec On|Off s B
Enable or disable the suEXEC feature
SuexecUserGroup User Group sv E
User and group for CGI programs to run as
ThreadLimit number s M
Sets the upper limit on the configurable number of threads per child process
ThreadsPerChild number s M
Number of threads created by each child process
ThreadStackSize size s M
The size in bytes of the stack used by threads handling client connections
TimeOut seconds 60 sv C
Amount of time the server will wait for certain events before failing a request
TLSCertificate cert_file [key_file] sv X
adds a certificate and key (PEM encoded) to a server/virtual host.
TLSCiphersPrefer cipher(-list) sv X
defines ciphers that are preferred.
TLSCiphersSuppress cipher(-list) sv X
defines ciphers that are not to be used.
TLSEngine [address:]port s X
defines on which address+port the module shall handle incoming connections.
TLSHonorClientOrder on|off on sv X
determines if the order of ciphers supported by the client is honored
TLSOptions [+|-]option svdh X
enables SSL variables for requests.
TLSProtocol version+ v1.2+ sv X
specifies the minimum version of the TLS protocol to use.
TLSProxyCA file.pem svp X
sets the root certificates to validate the backend server with.
TLSProxyCiphersPrefer cipher(-list) svp X
defines ciphers that are preferred for a proxy connection.
TLSProxyCiphersSuppress cipher(-list) svp X
defines ciphers that are not to be used for a proxy connection.
TLSProxyEngine on|off svp X
enables TLS for backend connections.
TLSProxyMachineCertificate cert_file [key_file] svp X
adds a certificate and key file (PEM encoded) to a proxy setup.
TLSProxyProtocol version+ v1.2+ svp X
specifies the minimum version of the TLS protocol to use in proxy connections.
TLSSessionCache cache-spec s X
specifies the cache for TLS session resumption.
TLSStrictSNI on|off on s X
enforces exact matches of client server indicators (SNI) against host names.
TraceEnable [on|off|extended] on sv C
Determines the behavior on TRACE requests
TransferLog file|pipe sv B
Specify location of a log file
TypesConfig file-path conf/mime.types s B
The location of the mime.types file
UnDefine parameter-name s C
Undefine the existence of a variable
UndefMacro name svd B
Undefine a macro
UnsetEnv env-variable [env-variable] ... svdh B
Removes variables from the environment
Use name [value1 ... valueN] svd B
Use a macro
UseCanonicalName On|Off|DNS Off svd C
Configures how the server determines its own name and port
UseCanonicalPhysicalPort On|Off Off svd C
Configures how the server determines its own port
User unix-userid #-1 s B
The userid under which the server will answer requests
UserDir directory-filename [directory-filename] ... sv B
Location of the user-specific directories
VHostCGIMode On|Off|Secure On v X
Determines whether the virtualhost can run subprocesses, and the privileges available to subprocesses.
VHostCGIPrivs [+-]?privilege-name [[+-]?privilege-name] ... v X
Assign arbitrary privileges to subprocesses created by a virtual host.
VHostGroup unix-groupid v X
Sets the Group ID under which a virtual host runs.
VHostPrivs [+-]?privilege-name [[+-]?privilege-name] ... v X
Assign arbitrary privileges to a virtual host.
VHostSecure On|Off On v X
Determines whether the server runs with enhanced security for the virtualhost.
VHostUser unix-userid v X
Sets the User ID under which a virtual host runs.
VirtualDocumentRoot interpolated-directory|none none sv E
Dynamically configure the location of the document root for a given virtual host
VirtualDocumentRootIP interpolated-directory|none none sv E
Dynamically configure the location of the document root for a given virtual host
<VirtualHost addr[:port] [addr[:port]] ...> ... </VirtualHost> s C
Contains directives that apply only to a specific hostname or IP address
VirtualScriptAlias interpolated-directory|none none sv E
Dynamically configure the location of the CGI directory for a given virtual host
VirtualScriptAliasIP interpolated-directory|none none sv E
Dynamically configure the location of the CGI directory for a given virtual host
WatchdogInterval time-interval[s] 1 s B
Watchdog interval in seconds
XBitHack on|off|full off svdh B
Parse SSI directives in files with the execute bit set
xml2EncAlias charset alias [alias ...] s B
Recognise Aliases for encoding values
xml2EncDefault name svdh B
Sets a default encoding to assume when absolutely no information can be automatically detected
xml2StartParse element [element ...] svdh B
Advise the parser to skip leading junk.
top