Home > Articles

This chapter is from the book

Apache Configuration File Structure

Apache keeps all its configuration information in text files. The main file is called httpd.conf. This file contains directives and containers, which enable you to customize your Apache installation. Directives configure specific settings of Apache, such as authorization, performance, and network parameters. Containers specify the context to which those settings refer. For example, authorization configuration can refer to the server as a whole, to a directory, or to a single file.


The following rules apply for Apache directive syntax:

  • The directive arguments follow the directive name.
  • Directive arguments are separated by spaces.
  • The number and type of arguments vary from directive to directive; some have no arguments.
  • A directive occupies a single line, but you can continue it on a different line by ending the previous line with a backslash character (\).
  • The pound sign (#) should precede the directive, and must appear on its own line.

The Apache server documentation offers a quick reference for directives at http://httpd.apache.org/docs/2.0/mod/quickreference.html. You'll soon learn about some of the basic directives, but you should supplement your knowledge using the online documentation.

The Apache documentation for directives typically follows this model:

  • Description— This entry provides a brief description of the directive.
  • Syntax— This entry explains the format of the directive options. Compulsory parameters appear in italics, optional parameters appear in italics and brackets.
  • Default— If the directive has a default value, it will appear here.
  • Context— This entry details the containers or sections in which the directive can appear. Containers are explained in the next section. The possible values are server config, virtual host, directory, and .htaccess.
  • Override— Apache directives belong to different categories. The Override field is used to specify which directive categories can appear in .htaccess per-directory configuration files.
  • Status— This entry indicates whether the directive is built in Apache (core), belongs to one of the bundled modules (base or extension, depending on whether they are compiled by default), is part of a Multi-Processing Module (MPM), or is bundled with Apache but not ready for use in a production server (experimental).
  • Module— This entry indicates the module to which the directive belongs.
  • Compatibility— This entry contains information about which versions of Apache support the directive.

Further explanation of the directive follows these entries in the documentation, and a reference to related directives or documentation might appear at the end.


Directive containers, also called sections, limit the scope for which directives apply. If directives are not inside a container, they belong to the default server scope (server config) and apply to the server as a whole.

These are the default Apache directive containers:

  • <VirtualHost> —A VirtualHost directive specifies a virtual server. Apache enables you to host different websites with a single Apache installation. Directives inside this container apply to a particular website. This directive accepts a domain name or IP address and an optional port as arguments. You will learn more about virtual hosts in Chapter 29, "Apache Performance Tuning and Virtual Hosting."
  • <Directory>, <DirectoryMatch>—These containers allow directives to apply to a certain directory or group of directories in the file system. Directory containers take a directory or directory pattern argument. Enclosed directives apply to the specified directories and their subdirectories. The DirectoryMatch container allows regular expression patterns to be specified as an argument. For example, the following allows a match of all second-level subdirectories of the www directory that are made up of four numbers, such as a directory named after a year and month (0906 for September 2006):
    <DirectoryMatch "^/www/.*/[0-9]{4}">
  • <Location>, <LocationMatch>—These containers allow directives to apply to certain requested URLs or URL patterns. They are similar to their Directory counterparts. LocationMatch takes a regular expression as an argument. For example, the following matches directories containing either "/my/data" or "/your/data":
    <LocationMatch "/(my|your)/data">
  • <Files>, <FilesMatch>—Similar to Directory and Location containers, Files sections allow directives to apply to certain files or file patterns.

Containers surround directives, as shown in Listing 3.1.

Example 3.1. Sample Container Directives

 1: <Directory "/some/directory">
 2: SomeDirective1
 3: SomeDirective2
 4: </Directory>
 5: <Location "/downloads/*.html">
 6: SomeDirective3
 7: </Location>
 8: <Files "\.(gif|jpg)">
 9: SomeDirective4
10: </Files>

Sample directives SomeDirective1 and SomeDirective2 will apply to the directory /some/directory and its subdirectories. SomeDirective3 will apply to URLs referring to pages with the .html extension under the /downloads/ URL. SomeDirective4 will apply to all files with .gif or .jpg extensions.

Conditional Evaluation

Apache provides support for conditional containers. Directives enclosed in these containers will be processed only if certain conditions are met.

  • <IfDefine>—Directives in this container will be processed if a specific command-line switch is passed to the Apache executable. The directive in Listing 3.2 will be processed only if the -DMyModule switch is passed to the Apache binary being executed. You can pass this directly or by modifying the apachectl script, as described in the "Apache-Related Commands" section later in this chapter.

    IfDefine containers also allow the argument to be negated. That is, directives inside a <IfDefine !MyModule> section—notice the exclamation point before the MyModule name—will be processed only if no -DMyModule parameter is passed as a command-line argument.

  • <IfModule>—Directives in an IfModule section will be processed only if the module passed as an argument is present in the web server. For example, Apache ships with a default httpd.conf configuration file that provides support for different MPMs. Only the configuration belonging to the MPM compiled into Apache will be processed, as you can see in Listing 3.3. The purpose of the example is to illustrate that only one of the directive groups will be evaluated.

Example 3.2. IfDefine Example

1: <IfDefine MyModule>
2: LoadModule my_module modules/libmymodule.so
3: </IfDefine>

Example 3.3. IfModule Example

 1: <IfModule prefork.c>
 2: StartServers         5
 3: MinSpareServers      5
 4: MaxSpareServers     10
 5: MaxClients          20
 6: MaxRequestsPerChild  0
 7: </IfModule>
 9: <IfModule worker.c>
10: StartServers         3
11: MaxClients           8
12: MinSpareThreads      5
13: MaxSpareThreads     10
14: ThreadsPerChild     25
15: MaxRequestsPerChild  0
16: </IfModule>

The ServerRoot Directive

The ServerRoot directive takes a single argument: a directory path pointing to the directory where the server lives. All relative path references in other directives are relative to the value of ServerRoot. If you compiled Apache from source on Linux/UNIX, as described earlier in this chapter, the default value of ServerRoot is /usr/local/apache2. The ServerRoot for Mac OS X users defaults to /Library/WebServer. If you used the Windows installer, the ServerRoot is C:\Program Files\Apache Group.

Per-Directory Configuration Files

Apache uses per-directory configuration files to allow directives to exist outside the main configuration file, httpd.conf. These special files can be placed in the filesystem. Apache will process the content of these files if a document is requested in a directory containing one of these files or any subdirectories under it. The contents of all the applicable per-directory configuration files are merged and processed. For example, if Apache receives a request for the /usr/local/apache2/htdocs/index.html file, it will look for per-directory configuration files in the /,/usr, /usr/local, /usr/local/apache2, and /usr/local/apache2/htdocs directories, in that order.

Per-directory configuration files are called .htaccess by default. This is for historical reasons; they were originally used to protect access to directories containing HTML files.

The directive AccessFileName enables you to change the name of the per-directory configuration files from .htaccess to something else. It accepts a list of filenames that Apache will use when looking for per-directory configuration files.

To determine whether a directive can be overridden in the per-directory configuration file, check whether the Context: field of the directive syntax definition contains .htaccess.

Apache directives belong to different groups, specified in the Override field in the directive syntax description. Possible values for the Override field are as follows:

  • AuthConfig—Authorization directives
  • FileInfo—Directives controlling document types
  • Indexes—Directives controlling directory indexing
  • Limit—Directives controlling host access
  • Options—Directives controlling specific directory features

You can control which of these directive groups can appear in per-directory configuration files by using the AllowOverride directive. AllowOverride can also take an All or a None argument. All means that directives belonging to all groups can appear in the configuration file. None disables per-directory files in a directory and any of its subdirectories. Listing 3.4 shows how to disable per-directory configuration files for the server as a whole. This improves performance and is the default Apache configuration.

Example 3.4. Disabling Per-Directory Configuration Files

1: <Directory />
2: AllowOverride none
3: </Directory>

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020