1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
|
.\" $OpenBSD: httpd.8,v 1.27 2007/05/31 19:20:24 jmc Exp $
.\" Copyright (c) 1995-1997 David Robinson. All rights reserved.
.\" Copyright (c) 1997-1999 The Apache Group. All rights reserved.
.\" Copyright (c) 1998-1999 Bob Beck. All rights reserved.
.\" Copyright (c) 2002-2003 Henning Brauer. All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\"
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\"
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in
.\" the documentation and/or other materials provided with the
.\" distribution.
.\"
.\" 3. All advertising materials mentioning features or use of this
.\" software must display the following acknowledgment:
.\" "This product includes software developed by the Apache Group
.\" for use in the Apache HTTP server project (http://www.apache.org/)."
.\"
.\" 4. The names "Apache Server" and "Apache Group" must not be used to
.\" endorse or promote products derived from this software without
.\" prior written permission.
.\"
.\" 5. Redistributions of any form whatsoever must retain the following
.\" acknowledgment:
.\" "This product includes software developed by the Apache Group
.\" for use in the Apache HTTP server project (http://www.apache.org/)."
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE APACHE GROUP ``AS IS'' AND ANY
.\" EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE APACHE GROUP OR
.\" ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
.\" SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
.\" NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
.\" LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
.\" STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
.\" OF THE POSSIBILITY OF SUCH DAMAGE.
.\" ====================================================================
.\"
.\" This software consists of voluntary contributions made by many
.\" individuals on behalf of the Apache Group and was originally based
.\" on public domain software written at the National Center for
.\" Supercomputing Applications, University of Illinois, Urbana-Champaign.
.\" For more information on the Apache Group and the Apache HTTP server
.\" project, please see <http://www.apache.org/>.
.Dd $Mdocdate: May 31 2007 $
.Dt HTTPD 8
.Os
.Sh NAME
.Nm httpd
.Nd Apache Hypertext Transfer Protocol Server
.Sh SYNOPSIS
.Nm httpd
.Bk -words
.Op Fl FhLlSTtuVvX
.Op Fl C Ar directive
.Op Fl c Ar directive
.Op Fl D Ar parameter
.Op Fl d Ar serverroot
.Op Fl f Ar config
.Op Fl R Ar libexecdir
.Ek
.Sh DESCRIPTION
.Nm
is the Apache HyperText Transfer Protocol (HTTP) server program.
It is designed to be run as a stand-alone daemon process.
When used like this it will create a pool of child processes to
handle requests.
To stop it, send a
.Dv TERM
signal to the initial (parent) process.
The PID of this process is written to a file as given in the
configuration file.
Normally this service can be enabled for startup on
.Ox
by editing
.Pa /etc/rc.conf.local .
.Pp
Alternatively,
.Nm
may be invoked by the Internet daemon
.Xr inetd 8
each
time a connection to the HTTP service is made.
.Pp
.Nm
can be made to support HTTPS transactions
if RSA certificates are generated
and the utility is started with the
.Va -DSSL
flag.
See
.Xr ssl 8
for further information.
.Pp
By default,
.Nm
will
.Xr chroot 2
to the
.Dq ServerRoot
path,
serving documents from the
.Dq DocumentRoot
path.
As a result of the default secure behaviour,
.Nm
cannot access any objects outside
.Dq ServerRoot
\- this security measure is taken in case
.Nm
is compromised.
This is not without drawbacks, though:
.Pp
CGI programs may fail due to the limited environment available inside
this chroot space.
.Dq UserDir ,
of course, cannot access files outside the directory space.
Other modules will also have issues.
.Dq DocumentRoot
directories or any other files needed must be inside
.Dq ServerRoot .
For this to work,
pathnames inside the configuration file do not need adjustment relative to
.Dq ServerRoot .
For this option to remain secure, it is important that no files or directories
writable by user
.Ar www
or group
.Ar www
are created inside the
.Dq ServerRoot .
.Pp
The
.Fl u
option
(see below)
can be specified to disable
.Xr chroot 2
functionality.
.Pp
This manual page only lists the command line arguments.
For details of the directives necessary to configure
.Nm ,
see the Apache manual in
.Pa /var/www/htdocs/manual/ .
Paths in this manual page reflect those
compiled into
.Nm
by default with
.Ox .
.Pp
The options are as follows:
.Bl -tag -width Ds
.It Fl C Ar directive
Process the configuration
.Ar directive
before reading config files.
.It Fl c Ar directive
Process the configuration
.Ar directive
after reading config files.
.It Fl D Ar parameter
Sets a configuration
.Ar parameter
which can be used with
<IfDefine>...</IfDefine> sections in the configuration files
to conditionally skip or process commands.
.It Fl d Ar serverroot
Set the initial value for the
.Dq ServerRoot
directive to
.Ar serverroot .
This can be overridden by the
.Dq ServerRoot
command in the configuration file.
The default is
.Pa /var/www .
.It Fl F
Run the main process in foreground.
For process supervisors.
.It Fl f Ar config
Execute the commands in the file
.Ar config
on startup.
If
.Ar config
does not begin with a /, then it is taken to be a path relative to
the ServerRoot.
The default is
.Pa conf/httpd.conf .
.It Fl h
Output a short summary of available command line options.
.It Fl L
Output a list of directives together with expected arguments and
places where the directive is valid.
.It Fl l
Output a list of modules compiled into the server.
.It Fl R Ar libexecdir
This option is only available if
.Nm
was built with the
.Dv SHARED_CORE
rule enabled which forces the
.Nm
core code to be placed into a dynamic shared object (DSO) file.
This file is searched in a hardcoded path under ServerRoot per default.
Use this option to override.
.It Fl S
Show the settings as parsed from the config file (currently only shows the
virtualhost settings).
.It Fl T
Run syntax tests for configuration files only, without DocumentRoot checks.
The program immediately exits after this syntax parsing with either a return
code of 0 (Syntax OK) or return code not equal to 0 (Syntax Error).
.It Fl t
Run syntax tests for configuration files only, including DocumentRoot checks.
The program immediately exits after this syntax parsing with either a return
code of 0 (Syntax OK) or return code not equal to 0 (Syntax Error).
.It Fl u
By default
.Nm
will
.Xr chroot 2
to the
.Dq ServerRoot
path.
The
.Fl u
option disables this behaviour, and returns
.Nm
to the expanded "unsecure" behaviour.
.It Fl V
Print the version and build parameters of
.Nm httpd ,
and then exit.
.It Fl v
Print the version of
.Nm httpd ,
and then exit.
.It Fl X
Run in single-process mode, for internal debugging purposes only; the daemon
does not detach from the terminal or fork any children.
Do NOT use this mode to provide ordinary web service.
.El
.Pp
The documents served by
.Nm
should not be owned by the user which
.Nm
is running as (usually user
.Ar www
and group
.Ar www ) .
They must, however, be readable by this user.
.Sh FILES
.Bl -tag -width /etc/passwd -compact
.It Pa /var/www/cgi-bin/
.It Pa /var/www/conf/httpd.conf
.It Pa /var/www/conf/httpd.conf-dist
.It Pa /var/www/conf/magic
.It Pa /var/www/conf/mime.types
.It Pa /var/www/icons/
.It Pa /var/www/logs/access_log
.It Pa /var/www/logs/error_log
.It Pa /var/www/logs/etag-state
.It Pa /var/www/logs/httpd.pid
.It Pa /var/www/logs/ssl_engine_log
.It Pa /var/www/logs/ssl_request_log
.It Pa /var/www/logs/ssl_scache.db
.It Pa /var/www/users/
.It Pa /etc/rc.conf.local
.El
.Sh SEE ALSO
.Xr dbmmanage 1 ,
.Xr htdigest 1 ,
.Xr htpasswd 1 ,
.Xr chroot 2 ,
.Xr apachectl 8 ,
.Xr apxs 8 ,
.Xr inetd 8 ,
.Xr logresolve 8 ,
.Xr rc.conf.local 8 ,
.Xr rotatelogs 8 ,
.Xr ssl 8 ,
.Xr suexec 8
.Pp
The Apache manual:
.Pa /var/www/htdocs/manual/ .
|