httpd_core - The core functionality of the Web server.

This manual page summarize the core features of the server not being implemented as EWSAPI modules. The following core config directives are described:

Note:

The SSL support is realized using the SSL application based on OpenSSL. Please refer to ssl(4) for installation requirements for OpenSSL.

SSLeay is an implementation of Netscape's Secure Socket Layer specification - the software encryption protocol specification behind the Netscape Secure Server and the Netscape Navigator Browser.

The SSL Protocol can negotiate an encryption algorithm and session key as well as authenticate a server before the application protocol transmits or receives it's first byte of data. All of the application protocol data is transmitted encrypted, ensuring privacy.

The SSL protocol provides "channel security" which has three basic properties:

*

The channel is private. Encryption is used for all messages after a simple handshake is used to define a secret key.

*

The channel is authenticated. The server end-point of the conversation is always authenticated, while the client endpoint is optionally authenticated.

*

The channel is reliable. The message transport includes a message integrity check (using a MAC).

The SSL mechanism can be enabled in the server by using the SSLCACertificateFile, SSLCertificateFile, SSLCertificateKeyFile, SSLCiphers, SSLVerifyDepth, and the SSLVerifyClient config directives.

Files delivered to the client are MIME typed according to RFC 1590. File suffixes are mapped to MIME types before file delivery.

The mapping between file suffixes and MIME types are specified in the mime.types file. The mime.types reside within the conf directory of the ServerRoot. Refer to the example server root($INETS_ROOT/examples/server_root). MIME types may be added as required to the mime.types file and the DefaultType config directive can be used to specify a default mime type.

Syntax: BindAddress address

Default: BindAddress *

Module: httpd_core(3)

BindAddress defines which address the server will listen to. If the argument is * then the server listens to all addresses otherwise the server will only listen to the address specified. Address can be given either as an IP address or a hostname.

Syntax: DefaultType mime-type

Default: - None - Module: httpd_core(3)

When the server is asked to provide a document type which cannot be determined by the MIME Type Settings, the server must inform the client about the content type of documents and mime-type is used if an unknown type is encountered.

Syntax: DisableChunkedTransferEncodingSend true | false

Default: false

Module: httpd_core(3)

This directive tells the server whether to use chunked transfer-encoding when sending a response to a HTTP/1.1 client.

Syntax: DocumentRoot directory-filename

Default: - Mandatory - Module: httpd_core(3)

DocumentRoot points the Web server to the document space from which to serve documents from. Unless matched by a directive like Alias, the server appends the path from the requested URL to the DocumentRoot to make the path to the document, for example:

DocumentRoot /usr/web

and an access to http://your.server.org/index.html would refer to /usr/web/index.html.

Syntax: KeepAlive true | false

Default: true

Module: httpd_core(3)

This directive tells the server whether to use persistent connection or not when the client claims to be HTTP/1.1 compliant.Note:the value of KeepAlive has changed from previous versions to be compliant with Apache.

Syntax: KeepAliveTimeout seconds

Default:150

Module: httpd_core(3)

The number of seconds the server will wait for a subsequent request from the client before closing the connection. If the load on the server is high you may want to shorten this.

Syntax: MaxBodyAction action

Default: MaxBodyAction close Module: httpd_core(3)

MaxBodyAction specifies the action to be taken when the message body limit has been passed.

close: the default and preferred communication type. ip_comm is also used for all remote message passing in Erlang.

reply414: a reply (status) message with code 414 will be sent to the client prior to closing the socket. Note that this code is not defined in the HTTP/1.0 version of the protocol.

Syntax: MaxBodySize size

Default: MaxBodySize nolimit Module: httpd_core(3)

MaxBodySize limits the size of the message body of HTTP request. The reply to this is specified by the MaxBodyAction directive. Valid size is:

nolimit: the default message body limit, e.g. no limit.

integer(): any positive number.

Syntax: MaxClients number

Default: MaxClients 150 Module: httpd_core(3)

MaxClients limits the number of simultaneous requests that can be supported. No more than this number of child server process's can be created.

Syntax: MaxHeaderAction action

Default: MaxHeaderAction close Module: httpd_core(3)

MaxHeaderAction specifies the action to be taken when the message Header limit has been passed.

close: the socket is closed without any message to the client. This is the default action.

reply414: a reply (status) message with code 414 will be sent to the client prior to closing the socket. Note that this code is not defined in the HTTP/1.0 version of the protocol.

Syntax: MaxHeaderSize size

Default: MaxHeaderSize 10240 Module: httpd_core(3)

MaxHeaderSize limits the size of the message header of HTTP request. The reply to this is specified by the MaxHeaderAction directive. Valid size is:

integer(): any positive number (default is 10240)

nolimit: no limit should be applied

Syntax: MaxKeepAliveRequests NumberOfRequests

Default:- Disabled -

Module: httpd_core(3)

The number of request that a client can do on one connection. When the server has responded to the number of requests defined by MaxKeepAliveRequests the server close the connection. The server will close it even if there are queued request.

Syntax: Modules module module ...

Default: Modules mod_get mod_head mod_log

Module: httpd_core(3)

Modules defines which EWSAPI modules to be used in a specific server setup. module is a module in the code path of the server which has been written in accordance with the Erlang Web Server API in the Inets Users Guide. The server executes functionality in each module, from left to right (from now on called EWSAPI Module Sequence).

Before altering the EWSAPI Modules Sequence please observe what types of data each module uses and propagates. Read the "EWSAPI Interaction" section for each module and the EWSAPI Module Interaction in the Inets Users Guide description in httpd(3).

Syntax: Port number

Default: Port 80

Module: httpd_core(3)

Port defines which port number the server should use (0 to 65535). Certain port numbers are reserved for particular protocols, i.e. examine your OS characteristics(/etc/services) for a list of reserved ports. The standard port for HTTP is 80.

All ports numbered below 1024 are reserved for system use and regular (non-root) users cannot use them, i.e. to use port 80 you must start the Erlang node as root. (sic!) If you do not have root access choose an unused port above 1024 typically 8000, 8080 or 8888.

Syntax: ServerAdmin email-address

Default: ServerAdmin unknown@unknown

Module: httpd_core(3)

ServerAdmin defines the email-address of the server administrator, to be included in any error messages returned by the server. It may be worth setting up a dedicated user for this because clients do not always state which server they have comments about, for example:

ServerAdmin www-admin@white-house.com

Syntax: ServerName fully-qualified domain name

Default: - Mandatory -

Module: httpd_core(3)

ServerName sets the fully-qualified domain name of the server.

Syntax: ServerRoot directory-filename

Default: - Mandatory -

Module: httpd_core(3)

ServerRoot defines a directory-filename where the server has it's operational home, e.g. used to store log files and system icons. Relative paths specified in the config file refer to this directory-filename (See mod_log(3)).

Syntax: SocketType type

Default: SocketType ip_comm

Module: httpd_core(3)

SocketType defines which underlying communication type to be used. Valid socket types are:

ip_comm: the default and preferred communication type. ip_comm is also used for all remote message passing in Erlang.

ssl: the communication type to be used to support SSL (Read more about Secure Sockets Layer (SSL) in httpd(3)).

Syntax: SSLCACertificateFile filename

Default: - None -

Module: httpd_core(3)

SSLCACertificateFile points at a PEM encoded certificate of the certification authorities. Read more about PEM encoded certificates in the SSL application documentation. Read more about PEM encoded certificates in the SSL application documentation.

Syntax: SSLCertificateFile filename

Default: - None -

Module: httpd_core(3)

SSLCertificateFile points at a PEM encoded certificate. Read more about PEM encoded certificates in the SSL application documentation. The dummy certificate server.pem($INETS/examples/server_root/ssl/), in the Inets distribution, can be used for test purposes. Read more about PEM encoded certificates in the SSL application documentation.

Syntax: SSLCertificateKeyFile filename

Default: - None -

Module: httpd_core(3)

SSLCertificateKeyFile is used to point at a certificate key file. This directive should only be used if a certificate key has not been bundled with the certificate file pointed at by SSLCertificateFile.

Syntax: SSLVerifyClient type

Default: - None -

Module: httpd_core(3)

Set type to:

0: if no client certificate is required.

1: if the client may present a valid certificate.

2: if the client must present a valid certificate.

3: if the client may present a valid certificate but it is not required to have a valid CA.

Read more about SSL in the application documentation.

Syntax: SSLVerifyDepth integer

Default: - None -

Module: httpd_core(3)

This directive specifies how far up or down the (certification) chain we are prepared to go before giving up.

Read more about SSL in the application documentation.

Syntax: SSLCiphers ciphers

Default: - None -

Module: httpd_core(3)

SSLCihers is a colon separated list of ciphers.

Read more about SSL in the application documentation.

Syntax: SSLPasswordCallbackFunction function

Default: - None -

Module: httpd_core(3)

The SSLPasswordCallbackFunction function in module SSLPasswordCallbackModule is called in order to retrieve the user's password.

Read more about SSL in the application documentation.

Syntax: SSLPasswordCallbackModule function

Default: - None -

Module: httpd_core(3)

The SSLPasswordCallbackFunction function in the SSLPasswordCallbackModule module is called in order to retrieve the user's password.

Read more about SSL in the application documentation.

httpd(3)

Joakim Grebenö  - support@erlang.ericsson.se