logo
Apache Lounge
Webmasters

 

About Forum Index Downloads Search Register Log in RSS X


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Your donations will help to keep this site alive and well, and continuing building binaries. Apache Lounge is not sponsored.
Post new topic   Forum Index -> Apache View previous topic :: View next topic
Reply to topic   Topic: Changing in conf/httpd.conf vs overriding in conf.d/ file
Author
cathyf



Joined: 11 Jan 2017
Posts: 1
Location: US, Western IL

PostPosted: Wed 11 Jan '17 22:48    Post subject: Changing in conf/httpd.conf vs overriding in conf.d/ file Reply with quote

I am a newbie apache admin, and I have been tasked with the project of migrating apache 2.0 & 2.2 running on red hat 4, 5, and 6 to apache 2.4 running on RHEL 7. I think I understand how it works, but I don't quite "get" how the conf.d files should relate to the main conf/httpd.conf file.

In the 2.0 & 2.2 configs that I am porting from, everything is in the one giant conf/httpd.conf file, but things have been added in odd places on the different servers, so diff gives you everything different even when differences are minimal.

When I installed the default httpd on RHEL7, I get a more complicated setup. I next installed ssl, and I saw how that added a conf.d/ssl.conf and a conf.modules.d/00-ssl.conf.

I understand how the Include directives work, and how settings in the conf/httpd.conf file can be set to a default value first and then customized via changing the settings of those directives later in a .conf file in the conf.d directory. I understand that for totally different add-on packages you want to give them their own encapsulated configuration files and not mess with the main conf/httpd.conf, for no other reason than it gives the developers of that software the ability to set variables the way they need without having to change anything in conf/httpd.conf.

But the piece I'm not getting is two-fold: first of all, what things must I edit directly in the conf/httpd.conf file? Obviously ServerRoot for one, because without that the Include isn't going to go to the right conf.d directory to override it -- so chicken-and-egg problem otherwise. But secondly, even if I can override this or that setting by having it appear with its default value in the conf/httpd.conf and then its customized setting in a file in conf.d, what are the circumstances when I should or should not do that?

So red hat gives me three files already in conf.d, autoindex.conf, userdir.conf and welcome.conf. The directives in those 3 files are not in conf/httpd.conf, so this is the only way that you get them to be set. So far, so good -- nice example of modular coding.

Red hat also gives me a bunch of .conf files in a directory /usr/share/doc/httpd-2.4.6. They are:
Code:
httpd-dav.conf
httpd-default.conf
httpd-info.conf
httpd-languages.conf
httpd-manual.conf
httpd-mpm.conf
httpd-multilang-errordoc.conf
httpd-vhosts.conf
proxy-html.conf

Those files are what I'm supposed to use if we need those software packages. So I copy the conf file into my conf.d directory and make any necessary customizations, and for things we aren't using (dav) I just don't put it in at all.

Ok, to go back to the "one of these things is not like the others" question: every .conf file in /usr/share/doc/httpd-2.4.6 except for httpd-default.conf sets things which are not set in conf/httpd.conf, and in previous versions of apache, they were somewhere in the main conf/httpd.conf.

Then there is httpd-default.conf, which is here:
Code:
#
# This configuration file reflects default settings for Apache HTTP Server.
#
# You may change these, but chances are that you may not need to.
#

#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 60

#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On

#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100

#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 5

#
# UseCanonicalName: Determines how Apache constructs self-referencing
# URLs and the SERVER_NAME and SERVER_PORT variables.
# When set "Off", Apache will use the Hostname and Port supplied
# by the client.  When set "On", Apache will use the value of the
# ServerName directive.
#
UseCanonicalName Off

#
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives.  See also the AllowOverride
# directive.
#
AccessFileName .htaccess

#
# ServerTokens
# This directive configures what you return as the Server HTTP response
# Header. The default is 'Full' which sends information about the OS-Type
# and compiled in modules.
# Set to one of:  Full | OS | Minor | Minimal | Major | Prod
# where Full conveys the most information, and Prod the least.
#
ServerTokens Full

#
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (internal error documents, FTP directory
# listings, mod_status and mod_info output etc., but not CGI generated
# documents or custom error documents).
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
# Set to one of:  On | Off | EMail
#
ServerSignature Off

#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off

#
# Set a timeout for how long the client may take to send the request header
# and body.
# The default for the headers is header=20-40,MinRate=500, which means wait
# for the first byte of headers for 20 seconds. If some data arrives,
# increase the timeout corresponding to a data rate of 500 bytes/s, but not
# above 40 seconds.
# The default for the request body is body=20,MinRate=500, which is the same
# but has no upper limit for the timeout.
# To disable, set to header=0 body=0
#
<IfModule reqtimeout_module>
  RequestReadTimeout header=20-40,MinRate=500 body=20,MinRate=500
</IfModule>

Everything in httpd-default.conf is already defined in conf/httpd.conf! And I in fact need to customize a couple of those things -- Timeout needs to be 300 rather than 60, KeepAliveTimeout needs to be 2 rather than 5, ServerTokens needs to be Prod rather than Full.

So should I put httpd-default.conf into conf.d and make those changes in conf.d/httpd-default.conf?

Which brings me to the meat of the question. What should I do with the OTHER things which I need to change from the values that are getting set in httpd.conf? I've got these:
Code:
AddHandler
Listen
DirectoryIndex
User/Group
DocumentRoot
authorization for my DocumentRoot

Can I, and more importantly, should I make those changes directly in conf/httpd.conf? Should I create a file in conf.d? (for example name it conf.d/zoverrides.conf)

Here is the list of what you get for httpd files after using yum to install httpd and ssl in an RHEL 7 server:
Code:

/etc/httpd/conf:
httpd.conf
httpd.conf.orig
magic

/etc/httpd/conf.d:
autoindex.conf
README
ssl.conf
userdir.conf
welcome.conf

/etc/httpd/conf.modules.d:
00-base.conf
00-dav.conf
00-lua.conf
00-mpm.conf
00-proxy.conf
00-ssl.conf
00-systemd.conf
01-cgi.conf

/usr/share/doc/httpd-2.4.6:
ABOUT_APACHE
CHANGES
httpd-dav.conf
httpd-default.conf
httpd-info.conf
httpd-languages.conf
httpd-manual.conf
httpd-mpm.conf
httpd-multilang-errordoc.conf
httpd-vhosts.conf
LICENSE
NOTICE
proxy-html.conf
README
VERSIONING
Back to top
James Blond
Moderator


Joined: 19 Jan 2006
Posts: 7288
Location: Germany, Next to Hamburg

PostPosted: Thu 26 Jan '17 15:46    Post subject: Reply with quote

I would add each vhost in a single file in conf.d

with

Code:
/usr/sbin/httpd -S


you can check which files are loaded.
Back to top


Reply to topic   Topic: Changing in conf/httpd.conf vs overriding in conf.d/ file View previous topic :: View next topic
Post new topic   Forum Index -> Apache