From 6beeb1b708550be0d4a53b272283e17e5e35fe17 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sun, 7 Apr 2024 17:01:30 +0200 Subject: Adding upstream version 2.4.57. Signed-off-by: Daniel Baumann --- docs/manual/mod/mod_info.html.en | 231 +++++++++++++++++++++++++++++++++++++++ 1 file changed, 231 insertions(+) create mode 100644 docs/manual/mod/mod_info.html.en (limited to 'docs/manual/mod/mod_info.html.en') diff --git a/docs/manual/mod/mod_info.html.en b/docs/manual/mod/mod_info.html.en new file mode 100644 index 0000000..a276ac3 --- /dev/null +++ b/docs/manual/mod/mod_info.html.en @@ -0,0 +1,231 @@ + + + + + +mod_info - Apache HTTP Server Version 2.4 + + + + + + + +
+

Modules | Directives | FAQ | Glossary | Sitemap

+

Apache HTTP Server Version 2.4

+
+
<-
+ +
+

Apache Module mod_info

+
+

Available Languages:  en  | + fr  | + ja  | + ko 

+
+ + + +
Description:Provides a comprehensive overview of the server +configuration
Status:Extension
Module Identifier:info_module
Source File:mod_info.c
+

Summary

+ +

To configure mod_info, add the following to your + httpd.conf file.

+ + 
<Location "/server-info">
+    SetHandler server-info
+</Location>
+ + +

You may wish to use mod_authz_host inside the + <Location> + directive to limit access to your server configuration + information:

+ + 
<Location "/server-info">
+    SetHandler server-info
+    Require host example.com
+</Location>
+ + +

Once configured, the server information is obtained by + accessing http://your.host.example.com/server-info

+
+ +
top
+
+

Security Issues

+

Once mod_info is loaded into the server, its + handler capability is available in all configuration + files, including per-directory files (e.g., + .htaccess). This may have security-related + ramifications for your site.

+ +

In particular, this module can leak sensitive information + from the configuration directives of other Apache modules such as + system paths, usernames/passwords, database names, etc. Therefore, + this module should only be + used in a controlled environment and always with caution.

+ +

You will probably want to use mod_authz_host + to limit access to your server configuration information.

+ +

Access control

<Location "/server-info">
+    SetHandler server-info
+    # Allow access from server itself
+    Require ip 127.0.0.1
+
+    # Additionally, allow access from local workstation
+    Require ip 192.168.1.17
+</Location>
+
+
top
+
+

Selecting the information shown

+

By default, the server information includes a list of + all enabled modules, and for each module, a description of + the directives understood by that module, the hooks implemented + by that module, and the relevant directives from the current + configuration.

+ +

Other views of the configuration information are available by + appending a query to the server-info request. For + example, http://your.host.example.com/server-info?config + will show all configuration directives.

+ +
+
?<module-name>
+
Only information relevant to the named module
+
?config
+
Just the configuration directives, not sorted by module
+
?hooks
+
Only the list of Hooks each module is attached to
+
?list
+
Only a simple list of enabled modules
+
?server
+
Only the basic server information
+
?providers
+
List the providers that are available on your server
+
+
top
+
+

Dumping the configuration on startup

+

If the config define -DDUMP_CONFIG is set, + mod_info will dump the pre-parsed configuration to + stdout during server startup.

+ + 
httpd -DDUMP_CONFIG -k start
+ + +

Pre-parsed means that directives like + <IfDefine> and + <IfModule> are + evaluated and environment variables are replaced. However it does + not represent the final state of the configuration. In particular, + it does not represent the merging or overriding that may happen + for repeated directives.

+ +

This is roughly equivalent to the ?config query.

+
top
+
+

Known Limitations

+

mod_info provides its information by reading the + parsed configuration, rather than reading the original configuration + file. There are a few limitations as a result of the way the parsed + configuration tree is created:

+
    +
  • Directives which are executed immediately rather than being + stored in the parsed configuration are not listed. These include + ServerRoot, + LoadModule, and + LoadFile.
    • +
  • Directives which control the configuration file itself, such as + Include, + <IfModule> and + <IfDefine> are not + listed, but the included configuration directives are.
    • +
  • Comments are not listed. (This may be considered a feature.)
    • +
  • Configuration directives from .htaccess files are + not listed (since they do not form part of the permanent server + configuration).
    • +
  • Container directives such as + <Directory> + are listed normally, but mod_info cannot figure + out the line number for the closing + </Directory>.
    • +
  • Directives generated by third party modules such as mod_perl + might not be listed.
    • +
+
+
top
+

AddModuleInfo Directive

+ + + + + + +
Description:Adds additional information to the module +information displayed by the server-info handler
Syntax:AddModuleInfo module-name string
Context:server config, virtual host
Status:Extension
Module:mod_info
+

This allows the content of string to be shown as + HTML interpreted, Additional Information for + the module module-name. Example:

+ + 
AddModuleInfo mod_deflate.c 'See <a \
+    href="http://httpd.apache.org/docs/2.4/mod/mod_deflate.html">\
+    http://httpd.apache.org/docs/2.4/mod/mod_deflate.html</a>'
+ + +
+
+
+

Available Languages:  en  | + fr  | + ja  | + ko 

+
top

Comments

Notice:
This is not a Q&A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Libera.chat, or sent to our mailing lists.
+
+ \ No newline at end of file -- cgit v1.2.3