Server Directives

Alias

Description	Map URLs and leading URL portions to file system locations.
Synopsis	Alias urlPortion destinationPath
Context	Default server, Virtual host
Example	Alias /manual /ftp/manualDirectory

The Alias directive allows URLs to refer to documents that are stored outside the Document Root. The urlPortion of the request URL will be mapped onto the nominated destinationPath which may be a file or a directory anywhere on the system.

It is an easy mistake to have mismatched trailing slashes. If you have a trailing slash on the urlPortion ensure you also have one on the destinationPath. Appweb will warn you if you have mismatched trailing slashes.

DocumentRoot

Description	Directory containing the documents to be published for the default server.
Synopsis	DocumentRoot directoryPath
Context	Default server, Virtual host
Example	DocumentRoot /var/www

The DocumentRoot directive defines the directory containing the documents that will be served by the default server. The directoryPath should not have a trailing slash.

ErrorDocument

Description	Define an error document to be served when a HTTP error is encountered
Synopsis	ErrorDocument code URL
Context	Default server, Virtual host
Example	ErrorDocument 404 /notFound.html

The ErrorDocument directive configures a specific web page to be served whenever a given HTTP error code is encountered.

ExtraPath

Description	Control extra path processing for a request
Synopsis	ExtraPath on|off
Context	Default server, Virtual host, Location
Example	<Location /esp>     ExtraPath on </Location>

The ExtraPath directive explicitly controls whether extra path processing is performed on a URL. Extra path processing is where the URL portion after an Alias match and script name is stripped and stored in the PATH_INFO and PATH_TRANSLATED variables in the request[] variable array. The ESP handler by default, does not do extrap path processing. Use this directive to enable extra path processing for ESP if you require it.

In the example above, the URL

http://site/esp/myScript.esp/extra/path

would have the /extra/path stripped off and stored in PATH_INFO.

Group

Description	Account group that Appweb will run as.
Synopsis	Group accountGroup
Context	Default server
Example	Group nobody

The Group directive specifies the account group in which Appweb will be a member when running.

WARNING: It is extremely dangerous to run Appweb as Group "root" or "administrators".

It is important that you run Appweb with the lowest system privilege that will get the job done. If any application is compromised, including Appweb, then the system will be safest if the compromised application has as few privileges as possible.

When Appweb starts it initially runs as root or administrator and then changes to the user account defined in the Appweb configuration file by the User directive. As installed, Appweb will be configured to run using the nobody account on Linux and in the guest account on Windows.

HttpChunking

Description	Control use of HTTP 1.1 chunked transfers
Synopsis	HttpChunking [on|off]
Context	Default server, Virtual host
Example	HttpChunking off

The HttpChunking directive enables or disables the use of HTTP 1.1 chunked transfers. By default, chunking is enabled. Chunked transfers will normally be used only when the Appweb handler cannot determine the length of the output response.

Chunking may also be controled on a per-request basis by the use of a custom client header. Using the X-Appweb-Chunk-Transfer header will enable or disable chunked transfers for a single client request. For example:

GET /bigFile.esp HTTP/1.1
X-Appweb-Chunk-Transfer: off

This will disable the use of chunked transfers for this request. When Appweb cannot determine the length of the output response to a request and chunking is disabled, Appweb will close the connection to signify the end of the request. If chunking is enabled, the response will be broken into chunks and the connection may remain open for subsequent requests.

Listen

Description	IP address and port on which to listing for incoming requests.
Synopsis	Listen [IP address:]portNumber
Context	Default server, Virtual Host
Examples	Listen 80 Listen 205.162.77.64:7777

The Listen directive specifies the IP endpoints on which Appweb will listen for incoming HTTP requests. If you specify only the portNumber and omit the IP address, Appweb will listen on all network interfaces including the loop-back adaptor. Multiple Listen directives may be given and Appweb will listen on all the specified endpoints.

If you are using virtual hosts, you must still specify a Listen directive for the endpoint that the virtual host will serve. It makes no difference where you specify a Listen directive. in the configuration file. For compatibility with Apache, you should specify your listen directives outside any VirtualHost blocks.

ListenIF

Description	Network interface and port on which to listing for incoming requests.
Synopsis	ListenIF [Interface:]portNumber
Context	Default server, Virtual Host
Examples	ListenIF eth0 ListenIF eth0:0:80 ListenIF eth0:80

The ListenIF directive specifies the network inteface on which Appweb will listen for incoming HTTP requests. If you specify only network interface, the port number will default to port 80. The network interface may include a virtual IP specifier. This typically includes a colon followed by a virtual interface number. If such a virtual IP interface is used, a port number must be specified. Otherwise the virtual interface number will be interpreted as the port number. Multiple Listen directives may be given and Appweb will listen on all the specified endpoints.

If you are using virtual hosts, you must still specify a Listen directive for the endpoint that the virtual host will serve. It makes no difference where you specify a ListenIF directive in the configuration file. For compatibility with Apache, you should specify your listen directives outside any VirtualHost blocks.

Protocol

Description	HTTP protocol version to use
Synopsis	Protocol [HTTP/1.0 | HTTP/1.1]
Context	Default server
Example	Protocol HTTP/1.0

The Protocol directive specifies the HTTP protocol version to respond with. If the Protocol directive specifies HTTP/1.0, a browser may issue requests using either HTTP/1.0 or HTTP/1.1. However, the response will always be downgraded to use HTTP/1.0 without Keep-Alive support.

If the Protocol directive specifies HTTP/1.1 and a browser makes a request using HTTP/1.0 it will not be processed and the client will receive an error.

NOTE: this directive is proprietary to Appweb and is not an Apache directive.

Redirect

Description	Redirect requests to a new target.
Synopsis	Redirect [status] oldUrl newUrl
Context	Default server, VirtualHost, Directory
Example	Redirect temp /pressRelease.html /fixedPressRelease.html Redirect permanent /acme.html http://www.coyote.com/acme.html Redirect 410 /membersOnly

The Redirect directive translates requests to a URL into a new URL. The old URL may be a full URL or it may be a leading portion of a URL. Typical use for URL portions is to redirect all requests below a directory to another directory or site.

The new URL may be local to the system, in which case it will begin with a "/" character. Or it may be on another system, in which case it will begin with "http://". In both cases, the user will receive a HTTP redirection response informing them of the new location of the document.

The status argument may be either a numeric HTTP code or it may be one of the following symbolic codes:

• permanent -- Permanent redirection. HTTP code 301.
• temp -- Temporary redirection. HTTP code 302
• seeother -- Document has been replaced, see other document. HTTP code 303.
• gone -- The resource has been remove. HTTP code 410. The newURL argument is ignored.

ScriptAlias

Description	Map a URL to a destination and enable CGI script processing for that location.
Synopsis	ScriptAlias urlPath destinationPath
Context	Default server, Virtual Host
Example	ScriptAlias /cgi-bin/ /var/myHost/cgi-bin

The ScriptAlias directive maps a URL to a file system path and enables the processing of CGI scripts in that directory. The ScriptAlias directive is a convenient short-hand and is equivalent to the following directives:

<Location /cgi-bin>
   Alias /cgi-bin/ "/var/myHost/cgi-bin/"
   SetHandler cgiHandler
</Location>

SECURITY WARNING: Make sure you locate your CGI script directories outside the DocumentRoot.

ServerName

Description	Define the fully qualified hostname and port number for the server to use.
Synopsis	ServerName hostName
Context	Default server, Virtual Host
Example	ServerName www.acme.com

The ServerName directive allows the server to create a HTTP address for itself to use when creating redirection URLs. The hostName should be a fully qualified domain name with port number if using a port other than port 80.

When used inside Name VirtualHost blocks, the ServerName directive specifies the name that must be specified in the "Host" HTTP header.

ServerRoot

Description	Directory containing the core Appweb installation files
Synopsis	ServerRoot directoryPath
Context	Default server
Example	ServerRoot /etc/appweb

The ServerRoot is by default /etc/appweb on Linux and C:\appweb on Windows. It is important that the server root directory be protected against modification by other users. It should be owned by either root or administrator and should only be writable by these users.

SessionAutoCreate

Description	Specifies if client session state stores should be automatically created.
Synopsis	SessionAutoCreate on|off
Context	Default server, Virtual Host
Example	SessionAutoCreate on

Client session state can be used to preserve state information for a given client across individual HTTP requests. A client session is represented by a session ID that is stored in a cookie on the clients system. Once created, all requests from the client supply the session ID cookie and the Appweb server uses that to retrieve the state variable store for that client.

If SessionAutoCreate is not enabled, sessions may still be used but each web page will need to activate session handling. For example: ESP pages should call useSessions at the top of the page.

TraceMethod

Description	Control the Trace HTTP method
Synopsis	TraceMethod on|off
Context	Default server
Example	TraceMethod on

The TraceMethod directive controls whether the TRACE HTTP method is enabled or not. Starting with version 2.2.2, the Trace method is disabled by default as it can represent a security risk. Use "TraceMethod on" to enable the trace method.

TypesConfig

Description	Specify the location of the Mime types file
Synopsis	TypesConfig directoryPath
Context	Default server
Example	TypesConfig /etc/appweb/mime.types

The TypeConfig directive specifies the location of the MIME types files. This file contains the mappings from file extensions to content types and is used by Appweb to determine the document content type which is included in the HTTP response back to the browser. The MIME types file included with Appweb follows the standard specified by IANA.

The directory path may be an absolute path or it may be relative to the ServerRoot directory.

The MIME types file has lines of the format:

ApplicationType [extensions]...

Feel free to modify the default mime types file, but be careful to save it as it will be overwritten should you upgrade Appweb.

User

Description	The user account that Appweb will run as.
Synopsis	User accountName
Context	Default server
Example	User nobody

The User directive instructs Appweb to change accounts to run as the specified accountName.
The User directive can only be used if Appweb is started using a privileged account such as root. Normally Appweb is started using the account root or administrator and thereafter it changes to run with less privilege using the specified accountName.

The accountName chosen for the User directive should have minimal privilege and should not be able to read or modify any files outside the DocumentRoot or specified Alias directories.

SECURITY WARNING: do not run as root or administrator. Omitting the User directive can have the same effect as using a "User root" directive.