Linux Unleashed, Third Edition:Configuring a WWW Site
-->
Previous
Table of Contents
Next
The next configuration file to check is srm.conf, which is used to handle the server resources. The variables that have to be checked or set in the srm.conf file are as follows:
AccessFileName
The file that gives access permissions (default is .htaccess).
AddDescription
Provides a description of a type of file. For example, an entry could be AddDescription PostScript file *.ps. Multiple entries are allowed.
AddEncoding
Indicates that files with a particular extension are encoded somehow, such as AddEncoding compress Z. Multiple entries are allowed.
AddIcon
Gives the name of the icon to display for each type of file.
AddIconType
Uses MIME type to determine the icon to use.
AddType
Overrides MIME definitions for extensions.
Alias
Substitutes one pathname for another, such as Alias data /usr/www/data.
DefaultType
The default MIME type, usually text/plain.
DefaultIcon
The default icon to use when FancyIndexing is on (default is /icons/unknown.xbm).
DirectoryIndex
Filename to return when the URL is for your service only. Default value is index.html.
DocumentRoot
Absolute path to the HTML document directory. Default is /usr/local/etc/httpd/htdocs.
FancyIndexing
Adds icons and filename information to the file list for indexing. Default is on. (This option is for backward compatibility with the first release of HTTP.)
HeaderName
The filename used at the top of a list of files being indexed. Default is Header.
ReadmeName
The footer file is displayed with directory indexes. Default is README.
Redirect
Maps a path to another URL.
ScriptAlias
Similar to Alias but for scripts.
UserDir
Directory users can use for httpd access. Default is public_html. Usually set to a users home page directory. Can be set to DISABLED.
The third file to examine and modify is access.conf-dist, which defines the services available to WWW browsers. Usually, everything is accessible to a browser, but you may want to modify the file to tighten security or disable some services not supported on your Web site. The format of the conf-dist file is different than the two preceding configuration files. It uses a set of sectioning directives delineated by angle brackets. The general format of an entry is:
<Directory Dir_Name>
</Directory>
and anything between the beginning and ending delimiters (<Directory> and </Directory>, respectively) are directives. Actually, its not quite that easy because there are several variations that can exist in the file. The best way to customize the access.conf-dist file is to follow these steps for a typical Web server installation:
1. Locate the Options directive and remove the Indexes option. This prevents users from browsing the httpd directory. Valid Options entries are discussed shortly.
2. Locate the first Directory directive and check the path to the cgi-bin directory. The default path is /usr/local/etc/httpd/cgi-bin.
3. Find the AllowOverride variable and set it to None (this prevents others from changing the settings). The default is All. Valid values for the AllowOverride variable are discussed shortly.
4. Find the Limit directive and set to whichever value you want.
The Limit directive controls access to your server. The following are valid values for the Limit directive:
allow
Allows specific host names following the allow keyword to access the service.
deny
Denies specific host names following the deny keyword from accessing the service.
order
Specifies the order in which allow and deny directives are evaluated (usually set to deny,allow but can also be allow,deny).
require
Requires authentication through a user file specified in the AuthUserFile entry.
The Options directive can have several entries, all of which have a different purpose. The default entry for Options is
Options Indexes FollowSymLinks
You removed the Indexes entry from the Options directive in the first step of the preceding customization procedure. These entries all apply to the directory the Options field appears in. The valid entries for the Options directive are:
All
All features enabled.
ExecCGI
cgi scripts can be executed from this directory.
FollowSymLinks
Allows httpd to follow symbolic links.
Includes
Include files for the server are enabled.
IncludesNoExec
Include files for the server are enabled but the exec option is disabled.