next up previous contents
Next: Enabling Security on Up: CERN HTTPD Previous: Version 3.0

CERN HTTPD Configuration

The CERN HTTPD requires a single configuration file to function. By default, CERN HTTPD looks for this file as `` /etc/httpd.conf'', but it can be held elsewhere and the server told where it is using the -r command line flag.

The list of configuration options that CERN HTTPD supports is very extensive, and we encourage you to read the document CERN HTTPD Reference Manual. Most of the default options are fine to get you started. The ones below are the most important to understand. Note that the order of Pass, Exec, Fail and Map rules is very important.

ServerRoot /usr/www

This directive specifies the server's home directory. By default the server looks in the icons subdirectory of ServerRoot for its gateway icon files.


Set this to the full domain name of your server, for example,
``''. Only necessary if your server doesn't produce its full domain name in response to redirection requests, but it's not a bad idea to set it anyway.

Port 80

This specifies the TCP port for the server to listen on. Port 80 is the default http port, but on a Unix system, ports below 1024 are ``reserved'' and ordinary user programs cannot access them. Thus if you want to run on port 80, then the server will have to run as ``root'' and switch to running with the desired user id after startup. If you don't run on port 80, your URLs must include the port number after the machine name.

UserId wwwowner
GroupId www

These two directives specify the username and group for a standalone server started as root to change to after startup. Leaving the server running as root is extremely inadvisable for security reasons, so by default it then changes to run as user nobody with group nogroup. If you run your server standalone on port 80, and you want it to run as a specific user, you should set these two parameters.

Welcome home.html

The value of Welcome specifies the default file to return when only a directory name is specified in the URL. The defaults are Welcome.html, welcome.html and index.html.

UserDir public_html

HTTPD allows URLs of the form a_user/mydir/index.html
Setting UserDir to `` public_html'' means that this URL would be expanded to `` /usr/home/a_user/public_html/mydir/index.html'' if `` /usr/home/a_user'' is the home directory of the user with username `` a_user''gif. Of course this directory has to be readable by the user id that the www server is being run with.

Exec /cgi-bin/* /usr/www/cgi-bin/*

Exec specifies that URLs that match the first parameter refer to scripts and are mapped onto a file using the second parameter as a template. For instance, the example above would map a URL such as:
onto the script file `` /usr/www/cgi-bin/date'', which would then be executed.

A more complex example would be the URL:,451
Here the above Exec rule would map the URL onto the script
`` /usr/www/cgi-bin/htimage'', and it would pass the additional information `` /www/map/uk_map'' and `` 404,451'' into the script in the environment variables PATH_INFO and QUERY_STRING, as defined in the CGIgif specification.

If a URL matches an Exec rule, no further rules will be processed for that request.

Pass /* /usr/www/htdocs/*

Pass specifies that if the URL matches the first parameter, map it onto a file using the second parameter as a template and return the file. For instance the example here above would map the URL
onto the file `` /usr/www/htdocs/index.html'', which would then be returned to the client. If the URL matches, no further rules from this rules file will be processed for this request, so a general Pass rule such as shown here should be after any Map or Exec rules or they will never be processed.

Map /cgi-bin/img/* /cgi-bin/htimage/usr/www/img/*

The Map command provides translation of the filename in URL. Thus the rule sequence:
Map /* /usr/www/htdocs/*
Pass /*

is functionally equivalent to:
Pass /* /usr/www/htdocs/*

The example given above,
Map /img/* /cgi-bin/htimage/usr/www/img/*
Exec /cgi-bin/* /usr/www/cgi-bin/*

would allow the use of the short URL:,451
in place of the much longer:,451
with exactly the same behaviour.

First `` /img/uk_map?404,451'' matches the Map rule and gets translated to
`` /cgi-bin/htimage/usr/www/img/uk_map?404,451'', which then matches the Exec rule. Note that the order of rules in the rules file is very important here.

Redirect /list.html

Redirect allows you to tell clients where a document has moved to. For instance if you used to maintain a list of server, but no longer have the time to do so, you may redirect people who use your page to someone else's list. Redirection is usually transparent to the user. Redirect can also be used to redirect whole subtrees using wildcard ( *) matches. Of course a Redirect rule must precede any Pass or Exec rules that would otherwise match the URL.

next up previous contents
Next: Enabling Security on Up: CERN HTTPD Previous: Version 3.0

Jon Crowcroft
Wed May 10 11:46:29 BST 1995