| A | B | C | D | E | F | G | H | I | K | L | M | N | O | P | Q | R | S | T | U | V | W | X |
| s | server config |
|---|
| v | virtual host |
|---|
| d | directory |
|---|
| h | .htaccess |
|---|
| p | proxy section |
|---|
|
| C | Core |
|---|
| M | MPM |
|---|
| B | Base |
|---|
| E | Extension |
|---|
| X | Experimental |
|---|
| T | External |
|---|
|
Configures optimizations for a Protocol's Listener Sockets
Resources accept trailing pathname information
Name of the distributed configuration file
Activates a CGI script for a particular handler or
content-type
Alternate text to display for a file, instead of an
icon selected by filename
Alternate text to display for a file instead of an icon
selected by MIME-encoding
Alternate text to display for a file, instead of an
icon selected by MIME content-type
Maps the given filename extensions to the specified content
charset
Default charset parameter to be added when a response
content-type is text/plain or text/html
Description to display for a file
Maps the given filename extensions to the specified encoding
type
Maps the filename extensions to the specified
handler
Icon to display for a file selected by name
Icon to display next to files selected by MIME
content-encoding
Icon to display next to files selected by MIME
content-type
Maps filename extensions to the filters that will process
client requests
Maps the given filename extension to the specified content
language
Adds additional information to the module
information displayed by the server-info handler
Maps filename extensions to the filters that will process
responses from the server
assigns an output filter to a particular media-type
Maps the given filename extensions onto the specified content
type
Maps URLs to filesystem locations
Maps URLs to filesystem locations using regular
expressions
Map the full path after the alias in a location.
Controls which hosts can access an area of the
server
Ports that are allowed to CONNECT through the
proxy
Determines whether encoded path separators in URLs are allowed to
be passed through
Restrict access to the listed HTTP methods
Types of directives that are allowed in
.htaccess files
Individual directives that are allowed in
.htaccess files
Specifies userIDs that are allowed access without
password verification
Sets whether the password entered will be logged in the
error log
Specifies whether blank passwords are allowed
Sets whether the userID field may be empty
Sets whether to check the password field for a correctly
formatted email address
Limit concurrent connections per process
Sets whether authorization and authentication are passed to
lower level modules
Fake basic authentication using the given expressions for
username and password
Sets the authentication provider(s) for this location
Check passwords against the authentication providers as if
Digest Authentication was in force instead of Basic Authentication.
SQL query to look up a password for a user
SQL query to look up a password hash for a user and realm.
Sets the name of the database file containing the list
of user groups for authorization
Sets the type of database file that is used to
store passwords
Sets the name of a database file containing the list of users and
passwords for authentication
Selects the algorithm used to calculate the challenge and
response hashes in digest authentication
URIs that are in the same protection space for digest
authentication
How long the server nonce is valid
Sets the authentication provider(s) for this location
Determines the quality-of-protection to use in digest
authentication
The amount of shared memory to allocate for keeping track
of clients
Sets whether authorization and authentication are passed to
lower level modules
The name of a form field carrying the body of the request to attempt on successful login
Disable the CacheControl no-store header on the login page
Fake a Basic Authentication header
The name of a form field carrying a URL to redirect to on successful login
The URL of the page to be redirected to should login be required
The URL of the page to be redirected to should login be successful
The URL to redirect to after a user has logged out
The name of a form field carrying the method of the request to attempt on successful login
The name of a form field carrying the mimetype of the body of the request to attempt on successful login
The name of a form field carrying the login password
Sets the authentication provider(s) for this location
Bypass authentication checks for high traffic sites
The largest size of the form in bytes that will be parsed for the login details
The name of a form field carrying the login username
Sets the name of a text file containing the list
of user groups for authorization
Specifies the prefix for environment variables set during
authorization
Determines if other authentication providers are used when a user can be mapped to a DN but the server cannot successfully bind with the user's credentials.
Optional DN to use in binding to the LDAP server
Password used in conjunction with the bind DN
Language to charset conversion configuration file
Use the authenticated user's credentials to perform authorization comparisons
Use the LDAP server to compare the DNs
When will the module de-reference aliases
LDAP attributes used to identify the user members of
groups.
Use the DN of the client username when checking for
group membership
Determines if the server does the initial DN lookup using the basic authentication users'
own username, instead of anonymously or with hard-coded credentials for the server
Specifies the transformation of the basic authentication username to be used when binding to the LDAP server
to perform a DN lookup
Specifies the maximum sub-group nesting depth that will be
evaluated before the user search is discontinued.
Use the value of the attribute returned during the user
query to set the REMOTE_USER environment variable
Use the DN of the client username to set the REMOTE_USER
environment variable
Use the authenticated user's credentials to perform authorization searches
Specifies the attribute labels, one value per
directive line, used to distinguish the members of the current group that
are groups.
Specifies which LDAP objectClass values identify directory
objects that are groups during sub-group processing.
URL specifying the LDAP search parameters
Controls the manner in which each configuration section's
authorization logic is combined with that of preceding configuration
sections.
Authorization realm for use in HTTP
authentication
Specify a context string for use in the cache key
Enable Authn caching configured anywhere
Specify which authn provider(s) to cache for
Select socache backend provider to use
Set a timeout for cache entries
Enclose a group of directives that represent an
extension of a base authentication provider and referenced by
the specified alias
Enables a FastCGI application to handle the check_authn
authentication hook.
Defines a FastCGI application as a provider for
authentication and/or authorization
Type of user authentication
Sets the name of a text file containing the list of users and
passwords for authentication
Determines whether to redirect the Client to the Referring
page on successful login or logout if a Referer request
header is present
Specify the SQL Query for the required operation
Specify a query to look up a login page for the user
Sets the type of database file that is used to
store list of user groups
Enclose a group of directives that represent an
extension of a base authorization provider and referenced by the specified
alias
Send '403 FORBIDDEN' instead of '401 UNAUTHORIZED' if
authentication succeeds but authorization fails
Number of additional Balancers that can be added Post-configuration
Inherit ProxyPassed Balancers/Workers from the main server
Add a member to a load balancing group
Attempt to persist changes made by the Balancer Manager across restarts.
How the outgoing ETag header should be modified during compression
Maximum input block size
Compression quality
Brotli sliding compression window size
Places the compression ratio in a note for logging
Sets environment variables conditional on HTTP User-Agent
Sets environment variables conditional on User-Agent without
respect to case
Buffer log entries in memory before writing to disk
Maximum size in bytes to buffer by the buffer filter
The default duration to cache a document when no expiry date is specified.
Add an X-Cache-Detail header to the response.
The number of characters in subdirectory names
The number of levels of subdirectories in the
cache.
Disable caching of specified URLs
Enable caching of specified URLs using a specified storage
manager
Cache a list of file handles at startup time
Add an X-Cache header to the response.
Ignore request to not serve cached content to client
Do not store the given HTTP header(s) in the cache.
Ignore the fact that a response has no Last Modified
header.
Ignore query string when caching
Ignore defined session identifiers encoded in the URL when caching
Override the base URL of reverse proxied cache keys.
The factor used to compute an expiry date based on the
LastModified date.
Enable the thundering herd lock.
Set the maximum possible age of a cache lock.
Set the lock path directory.
The maximum time in seconds to cache a document
The maximum size (in bytes) of a document to be placed in the
cache
The minimum time in seconds to cache a document
The minimum size (in bytes) of a document to be placed in the
cache
Allows content-negotiated documents to be
cached by proxy servers
Run the cache from the quick handler.
The minimum size (in bytes) of the document to read and be cached
before sending the data downstream
The minimum time (in milliseconds) that should elapse while reading
before data is sent downstream
The directory root under which cache files are
stored
The shared object cache implementation to use
The maximum size (in bytes) of an entry to be placed in the
cache
The maximum time (in seconds) for a document to be placed in the
cache
The minimum time (in seconds) for a document to be placed in the
cache
The minimum size (in bytes) of the document to read and be cached
before sending the data downstream
The minimum time (in milliseconds) that should elapse while reading
before data is sent downstream
Serve stale content in place of 5xx responses.
Attempt to cache responses that the server reports as expired
Attempt to cache requests or responses that have been marked as no-store.
Attempt to cache responses that the server has marked as private
The length of time to wait for more output from the
CGI program
Technique for locating the interpreter for CGI
scripts
Enables passing HTTP authorization headers to scripts as CGI
variables
The length of time to wait for more output from the
CGI program
Controls how some CGI variables are set
Charset to translate into
Configures charset translation behavior
Source charset of files
Also match files with differing file name extensions.
Limits the action of the speling module to case corrections
Enables the spelling
module
Directory for apache to run chroot(8) after startup.
Enables the generation of Content-MD5 HTTP Response
headers
The domain to which the tracking cookie applies
Expiry time for the tracking cookie
Adds the 'HTTPOnly' attribute to the cookie
Name of the tracking cookie
Adds the 'SameSite' attribute to the cookie
Adds the 'Secure' attribute to the cookie
Format of the cookie header field
Enables tracking cookie
Directory where Apache HTTP Server attempts to
switch before dumping core
Sets filename and format of log file
Enable WebDAV HTTP methods
Configure repository root path
Allow PROPFIND, Depth: Infinity requests
Location of the DAV lock database
Location of the DAV lock database
Enable lock discovery
Minimum amount of time the server holds a lock on
a DAV resource
Keepalive time for idle connections
Execute an SQL statement after connecting to a database
Maximum sustained number of connections
Maximum number of connections
Minimum number of connections
Parameters for database connection
Whether to use persistent connections
Define an SQL prepared statement
Specify an SQL driver
Icon to display for files when no specific icon is
configured
Defines a default language-tag to be sent in the Content-Language
header field for all resources in the current context that have not been
assigned a language-tag by some other means.
Base directory for the server run-time files
This directive has no effect other than to emit warnings
if the value is not none. In prior versions, DefaultType
would specify a default media type to assign to response content for
which no other media type configuration could be found.
Define a variable
How the outgoing ETag header should be modified during compression
Fragment size to be compressed at one time by zlib
How much compression do we apply to the output
Places the compression ratio in a note for logging
Maximum size of inflated request bodies
Maximum number of times the inflation ratio for request bodies
can be crossed
Maximum inflation ratio for request bodies
How much memory should be used by zlib for compression
Zlib compression window size
Controls which hosts are denied access to the
server
Enclose a group of directives that apply only to the
named file-system directory, sub-directories, and their contents.
Toggle how this module responds when another handler is configured
List of resources to look for when the client requests
a directory
Configures an external redirect for directory indexes.
Enclose directives that apply to
the contents of file-system directories matching a regular expression.
Toggle trailing slash redirects on or off
Directory that forms the main document tree visible
from the web
Determines whether the privileges required by dtrace are enabled.
Dump all input data to the error log
Dump all output data to the error log
Contains directives that apply only if the condition of a
previous
<If> or
<ElseIf> section is not
satisfied by a request at runtime
Contains directives that apply only if a condition is satisfied
by a request at runtime while the condition of a previous
<If> or
<ElseIf> section is not
satisfied
Enables a hook that runs exception handlers
after a crash
Use memory-mapping to read files during delivery
Use the kernel sendfile support to deliver files to the client
Abort configuration parsing with a custom error message
What the server will return to the client
in case of an error
Location where the server will log errors
Format specification for error log entries
Demonstration directive to illustrate the Apache module
API
Enables generation of Expires
headers
Value of the Expires header configured
by MIME type
Default algorithm for calculating expiration time
Keep track of extended status information for each
request
Define an external filter
Define a default URL for requests that don't map to a file or handler
File attributes used to create the ETag
HTTP response header for static files
Contains directives that apply to matched
filenames
Contains directives that apply to regular-expression matched
filenames
Configure the filter chain
Declare a smart filter
Deal with correct HTTP protocol handling
Register a content filter
Maximum number of pipelined responses above which they are flushed
to the network
Threshold above which pending data are flushed to the
network
Action to take if a single acceptable document is not
found
Forces all matching files to be served with the specified
media type in the HTTP Content-Type header field
Sets filename of the forensic log
Sets filename and format of log file
Directory to write gmon.out profiling data to.
Specify a timeout after which a gracefully shutdown server
will exit.
Group under which the server will answer
requests
Determine file handling in responses
H2 Direct Protocol Switch
Add a response header to be picked up in 103 Early Hints
Determine sending of 103 status codes
Maximum bytes inside a single HTTP/2 DATA frame
Maximum size of response headers
Maximum number of active streams per HTTP/2 session.
Maximum amount of client caused errors to tolerate
Maximum number of seconds h2 workers remain idle until shut down.
Maximum number of worker threads to use per child process.
Minimal number of worker threads to use per child process.
Require HTTP/2 connections to be "modern TLS" only
Determine buffering behavior of output
Determine the range of padding bytes added to payload frames
En-/Disable forward proxy requests via HTTP/2
H2 Server Push Switch
H2 Server Push Diary Size
H2 Server Push Priority
Declares resources for early pushing to the client
Serialize Request/Response Processing Switch
Maximum amount of output data buffered per stream.
Maximum time waiting when sending/receiving data to stream processing
Configure the number of seconds of idle time on TLS before shrinking writes
Configure the number of bytes on TLS connection before doing max writes
H2 Upgrade Protocol Switch
En-/Disable WebSockets via HTTP/2
Size of Stream Window for upstream data.
Configure HTTP response headers
Name of the file that will be inserted at the top
of the index listing
Multicast address for heartbeat packets
multicast address to listen for incoming heartbeat requests
Specifies the maximum number of servers that will be sending
heartbeat requests to this server
Path to store heartbeat data when using flat-file storage
Path to read heartbeat data
Enables DNS lookups on client IP addresses
Modify restrictions on HTTP Request Messages
Enables logging of the RFC 1413 identity of the remote
user
Determines the timeout duration for ident requests
Contains directives that apply only if a condition is
satisfied by a request at runtime
Encloses directives that will be processed only
if a test is true at startup
Encloses directives that are processed conditional on the
presence or absence of a specific directive
Encloses directives that will be processed only
if file exists at startup
Encloses directives that are processed conditional on the
presence or absence of a specific module
Encloses directives that are processed conditional on the
presence or absence of a specific section directive
contains version dependent configuration
Default base for imagemap files
Default action when an imagemap is called with coordinates
that are not explicitly mapped
Action if no coordinates are given when calling
an imagemap
Includes other configuration files from within
the server configuration files
Includes other configuration files from within
the server configuration files
Inserts text in the HEAD section of an index page.
Adds to the list of files to hide when listing
a directory
Empties the list of files to hide when listing
a directory
Various configuration settings for directory
indexing
Sets the default ordering of the directory index
Adds a CSS stylesheet to the directory index
Sed command to filter request data (typically POST data)
Record HSE_APPEND_LOG_PARAMETER requests from
ISAPI extensions to the error log
Record HSE_APPEND_LOG_PARAMETER requests from
ISAPI extensions to the query field
ISAPI .dll files to be loaded at startup
Fake asynchronous support for ISAPI callbacks
Log unsupported feature requests from ISAPI
extensions
Size of the Read Ahead Buffer sent to ISAPI
extensions
Enables HTTP persistent connections
Amount of time the server will wait for subsequent
requests on a persistent connection
Keep the request body instead of discarding it up to
the specified maximum size, for potential use by filters such as
mod_include.
The precedence of language variants for cases where
the client does not express a preference
Maximum number of entries in the primary LDAP cache
Time that cached items remain valid
Discard backend connections that have been sitting in the connection pool too long
Specifies the socket connection timeout in seconds
Enable debugging in the LDAP SDK
Number of entries used to cache LDAP compare
operations
Time that entries in the operation cache remain
valid
The maximum number of referral hops to chase before terminating an LDAP query.
Enable referral chasing during queries to the LDAP server.
Configures the number of LDAP server retries.
Configures the delay between LDAP server retries.
Sets the shared memory cache file
Size in bytes of the shared-memory cache
Specifies the timeout for LDAP search and bind operations, in seconds
Sets the file containing or nickname referring to a per
connection client certificate. Not all LDAP toolkits support per
connection client certificates.
Sets the file or database containing global trusted
Certificate Authority or global client certificates
Specifies the SSL/TLS mode to be used when connecting to an LDAP server.
Force server certificate verification
Restrict enclosed access controls to only certain HTTP
methods
Restrict access controls to all HTTP methods
except the named ones
Determine maximum number of internal redirects and nested
subrequests
Restricts the total size of the HTTP request body sent
from the client
Limits the number of HTTP request header fields that
will be accepted from the client
Limits the size of the HTTP request header allowed from the
client
Limit the size of the HTTP request line that will be accepted
from the client
Limits the size of an XML-based request body
IP addresses and ports that the server
listens to
Maximum length of the queue of pending connections
Ratio between the number of CPU cores (online) and the number of
listeners' buckets
Value set for the socket option TCP_DEFER_ACCEPT if it is set
Link in the named object file or library
Links in the object file or library, and adds to the list
of active modules
Applies the enclosed directives only to matching
URLs
Applies the enclosed directives only to regular-expression
matching URLs
Describes a format for use in a log file
Enable tracking of time to first byte (TTFB)
Controls the verbosity of the ErrorLog
Log user-defined message to error log
Configure the compiled code cache.
Provide a hook for the access_checker phase of request processing
Provide a hook for the auth_checker phase of request processing
Provide a hook for the check_user_id phase of request processing
Provide a hook for the fixups phase of a request
processing
Provide a hook for the insert_filter phase of request processing
Provide a hook for the access log phase of a request
processing
Provide a hook for the map_to_storage phase of request processing
Provide a hook for the pre_translate phase of a request
processing
Provide a hook for the translate name phase of request processing
Provide a hook for the type_checker phase of request processing
Controls how parent configuration sections are merged into children
Provide a Lua function for content input filtering
Map a path to a lua handler
Provide a Lua function for content output filtering
Add a directory to lua's package.cpath
Add a directory to lua's package.path
Provide a hook for the quick handler of request processing
Specify the base path for resolving relative paths for
mod_lua directives
One of once, request, conn, thread -- default is once
Define a configuration file macro
Limit on the number of connections that an individual child server
will handle during its life
Number of requests allowed on a persistent
connection
Maximum amount of memory that the main allocator is allowed
to hold without calling free()
Number of overlapping ranges (eg: 100-200,150-300) allowed before returning the complete
resource
Number of range reversals (eg: 100-200,50-70) allowed before returning the complete
resource
Number of ranges allowed before returning the complete
resource
Maximum number of connections that will be processed
simultaneously
Maximum number of idle child server processes
Maximum number of idle threads
Set the maximum number of worker threads
How long to delay activation of new certificates
Control if base server may be managed or only virtual hosts.
File containing x509 trust anchors to verify ACME servers.
Type of ACME challenge used to prove domain ownership.
You confirm that you accepted the Terms of Service of the Certificate
Authority.
The URL(s) of the ACME Certificate Authority to use.
Set name and URL pattern for a certificate monitoring site.
Specify a static certificate file for the MD.
Specify a static private key for for the static cerrtificate.
The URL of a certificate log monitor.
The protocol to use with the Certificate Authority.
Exposes public certificate information in JSON.
Set the command for setup/teardown of dns-01 challenges
Set the type of arguments to call MDChallengeDns01 with
Determines how often certificates are checked
Email address used for account registration
former name of MDRenewMode.
Set the external account binding keyid and hmac values to use at CA
Define a proxy for outgoing connections.
How long to delay the first certificate check.
Determines how DNS names are matched to vhosts
Additional hostname for the managed domain.
Control if the alias domain names are automatically added.
Handle events for Manage Domains
Control if new certificates carry the OCSP Must Staple flag.
Run a program when a Managed Domain is ready.
Define list of domain names that belong to one group.
Container for directives applied to the same managed domains.
Map external to internal ports for domain ownership verification.
Set type and size of the private keys generated.
Use a specific ACME profile from the CA
Control if an MDProfile is mandatory.
Controls if certificates shall be renewed.
usage of the ACME ARI extension (rfc9773).
Control when a certificate will be renewed.
Redirects http: traffic to https: for Managed Domains.
Time length for first retry, doubled on every consecutive error.
The number of errors before a failover to another CA is triggered
Control if Managed Domain information is added to server-status.
Enable stapling for certificates not managed by mod_md.
Enable stapling for all or a particular MDomain.
Controls when old responses should be removed.
Control when the stapling responses will be renewed.
Path on the local file system to store the Managed Domains data.
Configure locking of store for updates
Define the time window when you want to be warned about an expiring certificate.
Keepalive time for idle connections
Controls whether the server merges consecutive slashes in URLs.
Determines whether trailers are merged into headers
Name of the directory to find CERN-style meta information
files
Activates CERN meta-file processing
File name suffix for the file containing CERN-style
meta information
Enable MIME-type determination based on file contents
using the specified magic file
Minimum number of idle child server processes
Minimum number of idle threads available to handle request
spikes
Map a list of files into memory at startup time
Modem standard to simulate
Tells
mod_mime to treat
path_info
components as part of the filename
The types of files that will be included when searching for
a matching file with MultiViews
Configures mutex mechanism and lock file directory for all
or specified mutexes
DEPRECATED: Designates an IP address for name-virtual
hosting
Hosts, domains, or networks that will be connected to
directly
List of additional client certificates
Allows a connection to be upgraded to an SSL connection upon request
Configures what features are available in a particular
directory
Controls the default access state and the order in which
Allow and Deny are
evaluated.
Sed command for filtering response content
Passes environment variables from the shell
File where the server records the process ID
of the daemon
Trade off processing speed and efficiency vs security against
malicious privileges-aware code.
Protocol for a listening socket
Turn the echo server on or off
Protocols available for a server/virtual host
Determines if order of Protocols determines precedence during negotiation
Container for directives applied to proxied resources
Forward 100-continue expectation to the origin server
Add proxy information in X-Forwarded-* headers
Determines how to handle bad header lines in a
response
Words, hosts, or domains that are banned from being
proxied
Default domain name for proxied requests
Override error pages for proxied content
Pathname to DBM file.
DBM type of file.
Enable the module functionality.
Specify the type of backend FastCGI application
Allow variables sent to FastCGI servers to be fixed up
Define the character set for proxied FTP listings
Whether wildcards in requested filenames are escaped when sent to the FTP server
Whether wildcards in requested filenames trigger a file listing
Creates a named condition expression to use to determine health of the backend based on its response
Creates a named template for setting various health check parameters
Sets the total server-wide size of the threadpool used for the health check workers
Sets the buffer size increment for buffering inline scripts and
stylesheets.
Specify a charset for mod_proxy_html output.
Sets an HTML or XHTML document type declaration.
Turns the proxy_html filter on or off.
Specify attributes to treat as scripting events.
Determines whether to fix links in inline scripts, stylesheets,
and scripting events.
Fixes for simple HTML errors.
Enables per-request interpolation of
ProxyHTMLURLMap rules.
Specify HTML elements that have URL attributes to be rewritten.
Turns on or off extra pre-parsing of metadata in HTML
<head> sections.
Determines whether to strip HTML comments.
Defines a rule to rewrite HTML links
Determine size of internal data throughput buffer
Container for directives applied to regular-expression-matched
proxied resources
Maximum number of proxies that a request can be forwarded
through
Maps remote servers into the local server URL-space
Inherit ProxyPass directives defined from the main server
Enable Environment Variable interpolation in Reverse Proxy configurations
Maps remote servers into the local server URL-space using regular expressions
Adjusts the URL in HTTP response headers sent from a reverse
proxied server
Adjusts the Domain string in Set-Cookie headers from a reverse-
proxied server
Adjusts the Path string in Set-Cookie headers from a reverse-
proxied server
Use incoming Host HTTP request header for proxy
request
Network buffer size for proxied HTTP and FTP
connections
Remote proxy used to handle certain requests
Remote proxy used to handle requests matched by regular
expressions
Enables forward (standard) proxy requests
Enable or disable internal redirect responses from the
backend
Enable evaluation of X-Sendfile pseudo response
header
Set various Proxy balancer or member parameters
Set local IP address for outgoing proxy connections
Show Proxy LoadBalancer status in mod_status
Network timeout for proxied requests
Information provided in the Via HTTP response
header for proxied requests
Controls whether the REDIRECT_URL environment variable is
fully qualified
Size of the buffers used to read data
Name of the file that will be inserted at the end
of the index listing
TCP receive buffer size
Sends an external redirect asking the client to fetch
a different URL
Sends an external redirect based on a regular expression match
of the current URL
Sends an external permanent redirect asking the client to fetch
a different URL
Allows relative redirect targets.
Sends an external temporary redirect asking the client to fetch
a different URL
TTL used for the connection pool with the Redis server(s)
R/W timeout used for the connection with the Redis server(s)
Reflect an input header to the output headers
Allow to configure global/default options for regexes
Register non-standard HTTP methods
Declare the header field which should be parsed for useragent IP addresses
Declare client intranet IP addresses trusted to present the RemoteIPHeader value
Declare client intranet IP addresses trusted to present the RemoteIPHeader value
Declare the header field which will record all intermediate IP addresses
Enable or disable PROXY protocol handling
Disable processing of PROXY header for certain hosts or networks
Declare client intranet IP addresses trusted to present the RemoteIPHeader value
Declare client intranet IP addresses trusted to present the RemoteIPHeader value
Removes any character set associations for a set of file
extensions
Removes any content encoding associations for a set of file
extensions
Removes any handler associations for a set of file
extensions
Removes any input filter associations for a set of file
extensions
Removes any language associations for a set of file
extensions
Removes any output filter associations for a set of file
extensions
Removes any content type associations for a set of file
extensions
Configure HTTP request headers
Set timeout values for completing the TLS handshake, receiving
the request headers and/or body from client.
Tests whether an authenticated user is authorized by
an authorization provider.
Enclose a group of authorization directives of which none
must fail and at least one must succeed for the enclosing directive to
succeed.
Enclose a group of authorization directives of which one
must succeed for the enclosing directive to succeed.
Enclose a group of authorization directives of which none
must succeed for the enclosing directive to not fail.
Sets the base URL for per-directory rewrites
Defines a condition under which rewriting will take place
Enables or disables runtime rewriting engine
Defines a mapping function for key-lookup
Sets some special options for the rewrite engine
Defines rules for the rewriting engine
Limits the CPU consumption of processes launched
by Apache httpd children
Limits the memory consumption of processes launched
by Apache httpd children
Limits the number of processes that can be launched by
processes launched by Apache httpd children
Interaction between host-level access control and
user authentication
Location of the file used to store coordination data for
the child processes
Activates a CGI script for a particular request
method.
Maps a URL to a filesystem location and designates the
target as a CGI script
Maps a URL to a filesystem location using a regular expression
and designates the target as a CGI script
Technique for locating the interpreter for CGI
scripts
Location of the CGI script error logfile
Maximum amount of PUT or POST requests that will be recorded
in the scriptlog
Size limit of the CGI script logfile
The filename prefix of the socket to use for communication with
the cgi daemon
Enables SSL encryption for the specified port
Determine if mod_status displays the first 63 characters
of a request or the last 63, assuming the request itself is greater than
63 chars.
TCP buffer size
Email address that the server includes in error
messages sent to the client
Alternate names for a host used when matching requests
to name-virtual hosts
Upper limit on configurable number of processes
Hostname and port that the server uses to identify
itself
Legacy URL pathname for a name-based virtual host that
is accessed by an incompatible browser
Base directory for the server installation
Configures the footer on server-generated documents
Configures the Server HTTP response
header
Enables a session for the current directory or location
Name and attributes for the RFC2109 cookie storing the session
Name and attributes for the RFC2965 cookie storing the session
Control for whether session cookies should be removed from incoming HTTP headers
The crypto cipher to be used to encrypt the session
The crypto driver to be used to encrypt the session
The key used to encrypt the session
File containing keys used to encrypt the session
Name and attributes for the RFC2109 cookie storing the session ID
Name and attributes for the RFC2965 cookie storing the session ID
Control for whether session ID cookies should be removed from incoming HTTP headers
The SQL query to use to remove sessions from the database
The SQL query to use to insert sessions into the database
Enable a per user session
The SQL query to use to select sessions from the database
The SQL query to use to update existing sessions in the database
Control whether the contents of the session are written to the
HTTP_SESSION environment variable
Define URL prefixes for which a session is ignored
Define the number of seconds a session's expiry may change without
the session being updated
Import session updates from a given HTTP response header
Define URL prefixes for which a session is valid
Define a maximum age in seconds for a session
Sets environment variables
Sets environment variables based on attributes of the request
Sets environment variables based on an ap_expr expression
Sets environment variables based on attributes of the request
without respect to case
Forces all matching files to be processed by a
handler
Sets the filters that will process client requests and POST
input
Sets the filters that will process responses from the
server
String that ends an include element
Error message displayed when there is an SSI
error
Controls whether ETags are generated by the server.
Controls whether Last-Modified headers are generated by the
server.
Enable compatibility mode for conditional expressions.
String that starts an include element
Configures the format in which date strings are
displayed
String displayed when an unset variable is echoed
File of concatenated PEM-encoded CA Certificates
for Client Auth
Directory of PEM-encoded CA Certificates for
Client Auth
File of concatenated PEM-encoded CA Certificates
for defining acceptable CA names
Directory of PEM-encoded CA Certificates for
defining acceptable CA names
Enable CRL-based revocation checking
File of concatenated PEM-encoded CA CRLs for
Client Auth
Directory of PEM-encoded CA CRLs for
Client Auth
File of PEM-encoded Server CA Certificates
Server PEM-encoded X.509 certificate data file or token identifier
Server PEM-encoded private key file
Cipher Suite available for negotiation in SSL
handshake
Enable compression on the SSL level
Enable use of a cryptographic hardware accelerator
SSL Engine Operation Switch
SSL FIPS mode Switch
Option to prefer the server's cipher preference order
Option to enable support for insecure renegotiation
Set the default responder URI for OCSP validation
Enable OCSP validation of the client certificate chain
skip the OCSP responder certificates verification
Force use of the default responder URI for OCSP validation
Proxy URL to use for OCSP requests
Set of trusted PEM encoded OCSP responder certificates
Timeout for OCSP queries
Maximum allowable age for OCSP responses
Maximum allowable time skew for OCSP response validation
Use a nonce within OCSP queries
Configure OpenSSL parameters through its SSL_CONF API
Configure various SSL engine run-time options
Type of pass phrase dialog for encrypted private
keys
Configure usable SSL/TLS protocol versions
File of concatenated PEM-encoded CA Certificates
for Remote Server Auth
Directory of PEM-encoded CA Certificates for
Remote Server Auth
Enable CRL-based revocation checking for Remote Server Auth
File of concatenated PEM-encoded CA CRLs for
Remote Server Auth
Directory of PEM-encoded CA CRLs for
Remote Server Auth
Whether to check the remote server certificate's CN field
Whether to check if remote server certificate is expired
Configure host name checking for remote server certificates
Cipher Suite available for negotiation in SSL
proxy handshake
SSL Proxy Engine Operation Switch
File of concatenated PEM-encoded CA certificates to be used by the proxy for choosing a certificate
File of concatenated PEM-encoded client certificates and keys to be used by the proxy
Directory of PEM-encoded client certificates and keys to be used by the proxy
Configure usable SSL protocol flavors for proxy usage
Type of remote server Certificate verification
Maximum depth of CA Certificates in Remote Server
Certificate verification
Pseudo Random Number Generator (PRNG) seeding
source
Set the size for the SSL renegotiation buffer
Allow access only when an arbitrarily complex
boolean expression is true
Deny access when SSL is not used for the
HTTP request
Type of the global/inter-process SSL Session
Cache
Number of seconds before an SSL session expires
in the Session Cache
Persistent encryption/decryption key for TLS session tickets
Enable or disable use of TLS session tickets
SRP unknown user seed
Path to SRP verifier file
Configures the OCSP stapling cache
Number of seconds before expiring invalid responses in the OCSP stapling cache
Synthesize "tryLater" responses for failed OCSP stapling queries
Override the OCSP responder URI specified in the certificate's AIA extension
Timeout for OCSP stapling queries
Maximum allowable age for OCSP stapling responses
Maximum allowable time skew for OCSP stapling response validation
Pass stapling related OCSP errors on to client
Number of seconds before expiring responses in the OCSP stapling cache
Whether to allow non-SNI clients to access a name-based virtual
host.
Variable name to determine user name
Enable stapling of OCSP responses in the TLS handshake
Type of Client Certificate verification
Maximum depth of CA Certificates in Client
Certificate verification
Set compatibility policy for SNI client access to virtual hosts.
Number of child server processes created at startup
Number of threads created on startup
Controls whether the server requires the requested hostname be
listed enumerated in the virtual host handling the request
Pattern to filter the response content
Change the merge order of inherited patterns
Set the maximum line size
Enable or disable the suEXEC feature
User and group for CGI programs to run as
Sets the upper limit on the configurable number of threads
per child process
Number of threads created by each child process
The size in bytes of the stack used by threads handling
client connections
Amount of time the server will wait for
certain events before failing a request
Determines the behavior on TRACE requests
Specify location of a log file
The location of the mime.types file
Controls what UNC host names can be accessed by the server
Undefine the existence of a variable
Undefine a macro
Removes variables from the environment
Use a macro
Configures how the server determines its own name and
port
Configures how the server determines its own port
The userid under which the server will answer
requests
Location of the user-specific directories
Determines whether the virtualhost can run
subprocesses, and the privileges available to subprocesses.
Assign arbitrary privileges to subprocesses created
by a virtual host.
Sets the Group ID under which a virtual host runs.
Assign arbitrary privileges to a virtual host.
Determines whether the server runs with enhanced security
for the virtualhost.
Sets the User ID under which a virtual host runs.
Dynamically configure the location of the document root
for a given virtual host
Dynamically configure the location of the document root
for a given virtual host
Contains directives that apply only to a specific
hostname or IP address
Dynamically configure the location of the CGI directory for
a given virtual host
Dynamically configure the location of the CGI directory for
a given virtual host
Watchdog interval in seconds
Parse SSI directives in files with the execute bit
set
Recognize Aliases for encoding values
Advise the parser to skip leading junk.