Hack 89 Editing the Apache Web Server's Configuration


Wading through Apache's long configuration file isn't as hard as it seems when you know what to look for.

The standard Apache configuration file, located at /etc/httpd/httpd.conf, is as large as it is well-documented. Take its introductory warning to heart:

Do not simply read the instructions . . . without understanding what they do. They're here only as hints or reminders. If you are unsure, consult the online docs. You have been warned.

For your own reference, the online docs are available at the Apache web site (http://httpd.apache.org/docs/).

Unlike the user configuration (later in this hack), this is the heart of Apache; everything in this file controls what features (modules) Apache loads at startup, as well as the default set of access restrictions, file types, and so much more. When searching through this file for something specific (say, how do I turn on CGI [Hack #92]), the quickest way to find and learn is to search for the feature you want to enable. In our case, we'll start looking for CGI. The first two matches we find are:

LoadModule cgi_module libexec/httpd/mod_cgi.so
AddModule mod_cgi.c

You'll see a number of these lines within the Apache config file. If you've ever worked with a plug-in-based program, you'll easily recognize their intent; these lines load different features into the Apache web server. Apache calls these modules, and you'll see a lot of module names start with mod_, such as mod_perl and mod_php. Lines that are commented out (that is to say, lines that are prefaced with a # character) are inactive.

On the other hand, if you're not interested in the specifics of how Apache configures itself, but rather about configurations specific to your web site (like, then you'll want to look into user configurations. In most Apache installations, user-based web serving is handled generically; for every user on the system, be it 2 or 2,000, the same configuration applies. If an administrator wanted to change the capabilities of user mimi, she'd usually have to create a specific <Directory> block within the httpd.conf file.

Apple and Mac OS X makes this a lot easier by creating a config file for each user of the system; these files are located in /etc/httpd/users/, take the form of username.conf, and are automatically merged into the main Apache configuration file at startup. If I open the morbus.conf in that directory, I see:

<Directory "/Users/morbus/Sites/">
  Options Indexes MultiViews
  AllowOverride None
  Order allow,deny
  Allow from all

These are pretty common default settings for directories under Apache; you'll see similar entries in the main configuration file for Apache's default document root (for OS X, that's /Library/WebServer/Documents). Editing [Hack #88] either the user configuration file or httpd.conf involves authenticating as an administrative user [Hack #50] and then making your changes, such as this one, to block outside access:

<Directory "/Users/morbus/Sites/">
  Options Indexes MultiViews
  AllowOverride None
  Order deny,allow
  Deny from all
  Allow from

89.1 Restarting Apache

Each time you make alterations to any of Apache's configuration files and save your changes, you'll need to restart Apache by issuing the following command:

% sudo apachectl restart
httpd restarted

apachectl is a simple interface for controlling (starting, stopping, and restarting) Apache; type man apachectl for more information on the various command-line switches. Once Apache has restarted, your configuration changes will be active.

89.2 See Also

  • Apache Web-Serving with Mac OS X: Part 2 (http://www.macdevcenter.com/lpt/a//mac/2001/12/14/apache_two.html)

  • Apache Web-Serving with Mac OS X: Part 4 (http://www.macdevcenter.com/pub/a/mac/2002/01/29/apache_macosx_four.html)