Apache HTTP server – most commonly used configuration directives

The main configuration file for Apache is /etc/httpd/conf/httpd.conf. Apache runs as installed, but you can modify configuration directives in this file to customize Apache for your environment. Some of these directives are described in the post below.

Listen [IP address:]port

Tells the server to accept incoming requests on the specified port or IP address and port combination. By default, the server responds to requests on all IP interfaces on port 80. If you specify a port number other than 80, a request to the server must include the port number (as in www.example.com:8080). This is a required directive. Examples are as follows:

Listen 80

ServerName FQDN[:port]

Specifies the fully qualified domain name or IP address of the server and an optional port that Apache listens on. The FQDN must be able to be resolved by DNS. If no FQDN is specified, Apache performs a DNS reverse name lookup on the IP address. If no port is specified, the server uses the port from the incoming request, as shown in the following example:

ServerName www.example.com:80

ServerRoot directory-path

The top of the directory hierarchy under which the Apache server’s configuration, error, and log files are kept. The default is /etc/httpd. Do not add a slash at the end of directory-path:

ServerRoot /etc/httpd

DocumentRoot directory-path

The top of the directory hierarchy that holds the Apache server content. Do not end the path name with a slash. The apache user needs read access to any files and execute access to the directory and any subdirectories in the hierarchy. The following is the default:

DocumentRoot /var/www/html

UserDir directory-path | disabled | enabled user-list

Allows users identified by the user-list argument to publish content from their home directories. The directory-path is the name of a directory in a user’s home directory from which Apache publishes content. If directory-path is not defined, the default is ~/public_html. The following example enables this feature for user user01. Assuming that the ServerName is www.example.com, browsing to http://www.example.com/~user01 displays the user01 user’s webpage.

UserDir enabled user01

ErrorLog filename | syslog[:facility]

Specifies the name of the file, relative to ServerRoot, that Apache sends error messages to. Alternatively, syslog specifies that Apache must send errors to rsyslogd. The optional facility argument specifies which rsyslogd facility to use. The default facility is local7.

ErrorLog logs/error_log

LoadModule module filename


Apache, like the Linux kernel, uses external modules to extend functionality. These modules are called dynamic shared objects (DSOs). The module argument is the name of the DSO and filename is the path name of the module, relative to ServerRoot. More than 60 modules are included with Apache, and more than 50 of these are loaded by default. An index of all the modules is available at http://httpd.apache.org/docs/2.4/mod/.

LoadModule auth_basic_module modules/mod_auth_basic.so

Allow from All | host [host …]

Specifies which clients can access content. All serve content to any client. Alternatively, you

can list the specific hosts that are allowed access to content.

Deny from All | host [host …]

Specifies which clients are not allowed access to content.

Order deny,allow | allow,deny

Specifies the order in which Allow and Deny directives are evaluated. deny, allow evaluates deny directives first and then allow directives. The following example grants access to clients from the example.com domain only, by first denying access to all and then allowing it from .example.com:

Order deny,allow
Deny from all
Allow from .example.com

Timeout num

Specifies the number of seconds Apache waits for network operations to finish. The default is 60.


Leave a Reply

Your email address will not be published. Required fields are marked *