Linux Unleashed, Third Edition:Configuring a WWW Site

-->

The next configuration file to check is srm.conf, which is used to handle the server resources. The variables that have to be checked or set in the srm.conf file are as follows:

`AccessFileName`	The file that gives access permissions (default is `.htaccess`).
`AddDescription`	Provides a description of a type of file. For example, an entry could be `AddDescription PostScript file *.ps`. Multiple entries are allowed.
`AddEncoding`	Indicates that files with a particular extension are encoded somehow, such as `AddEncoding compress Z`. Multiple entries are allowed.
`AddIcon`	Gives the name of the icon to display for each type of file.
`AddIconType`	Uses `MIME` type to determine the icon to use.
`AddType`	Overrides `MIME` definitions for extensions.
`Alias`	Substitutes one pathname for another, such as `Alias data /usr/www/data`.
`DefaultType`	The default `MIME` type, usually `text/plain`.
`DefaultIcon`	The default icon to use when `FancyIndexing` is on (default is `/icons/unknown.xbm`).
`DirectoryIndex`	Filename to return when the URL is for your service only. Default value is `index.html`.
`DocumentRoot`	Absolute path to the HTML document directory. Default is `/usr/local/etc/httpd/htdocs`.
`FancyIndexing`	Adds icons and filename information to the file list for indexing. Default is on. (This option is for backward compatibility with the first release of HTTP.)
`HeaderName`	The filename used at the top of a list of files being indexed. Default is `Header`.
`IndexOptions`	Indexing parameters (including `FancyIndexing`, `IconsAreLinks`, `ScanHTMLTitles`, `SuppressLastModified`, `SuppressSize`, and `SuppressDescription`).
`ReadmeName`	The footer file is displayed with directory indexes. Default is `README`.
`Redirect`	Maps a path to another URL.
`ScriptAlias`	Similar to `Alias` but for scripts.
`UserDir`	Directory users can use for `httpd` access. Default is `public_html`. Usually set to a user’s home page directory. Can be set to `DISABLED`.

The third file to examine and modify is access.conf-dist, which defines the services available to WWW browsers. Usually, everything is accessible to a browser, but you may want to modify the file to tighten security or disable some services not supported on your Web site. The format of the conf-dist file is different than the two preceding configuration files. It uses a set of “sectioning directives” delineated by angle brackets. The general format of an entry is:


<Directory Dir_Name>

…

</Directory>

and anything between the beginning and ending delimiters (<Directory> and </Directory>, respectively) are directives. Actually, it’s not quite that easy because there are several variations that can exist in the file. The best way to customize the access.conf-dist file is to follow these steps for a typical Web server installation:

1. Locate the Options directive and remove the Indexes option. This prevents users from browsing the httpd directory. Valid Options entries are discussed shortly.

2. Locate the first Directory directive and check the path to the cgi-bin directory. The default path is /usr/local/etc/httpd/cgi-bin.

3. Find the AllowOverride variable and set it to None (this prevents others from changing the settings). The default is All. Valid values for the AllowOverride variable are discussed shortly.

4. Find the Limit directive and set to whichever value you want.

The Limit directive controls access to your server. The following are valid values for the Limit directive:

`allow`	Allows specific host names following the `allow` keyword to access the service.
`deny`	Denies specific host names following the `deny` keyword from accessing the service.
`order`	Specifies the order in which `allow` and `deny` directives are evaluated (usually set to `deny,allow` but can also be `allow,deny`).
`require`	Requires authentication through a user file specified in the `AuthUserFile` entry.

The Options directive can have several entries, all of which have a different purpose. The default entry for Options is


Options Indexes FollowSymLinks

You removed the Indexes entry from the Options directive in the first step of the preceding customization procedure. These entries all apply to the directory the Options field appears in. The valid entries for the Options directive are:

`All`	All features enabled.
`ExecCGI`	`cgi` scripts can be executed from this directory.
`FollowSymLinks`	Allows `httpd` to follow symbolic links.
`Includes`	`Include` files for the server are enabled.
`IncludesNoExec`	`Include` files for the server are enabled but the `exec` option is disabled.
`Indexes`	Enables users to retrieve server-generated indexes (doesn’t affect precompiled indexes).
`None`	No features enabled.
`SymLinksIfOwnerMatch`	Follows symbolic links only if the user ID of the symbolic link matches the user ID of the file.

Table of Contents