Apache 2.4 的 module

最後更新: 2016-03-03



  • mod_include
  • actions_module
  • allowmethods_module
  • info_module
  • mod_remoteip
  • logio_module
  • Filter - data_module
  • Login - authn_anon_module
  • Login - mod_authz_owner
  • echo_module
  • mod_dumpio
  • mod_logio
  • substitute_module
  • dbd_module
  • mod_unique_id
  • socache_*
  • mod_slotmem_*
  • mod_lua
  • mod_revocator
  • autoindex_module
  • unixd_module




Server-parsed html documents


AddType text/html .shtml
AddOutputFilter INCLUDES .shtml




Execute CGI scripts based on media type or request method.

Syntax:    Action action-type cgi-script [virtual]



# case sensitive

<Location "/">
   AllowMethods GET POST OPTIONS




Provides a comprehensive overview of the server configuration

<Location "/server-info">
    SetHandler server-info
    Require host example.com




Replaces the original client IP address for the connection with the useragent IP address list

presented by a proxies or a load balancer via the request headers.

IP address is then used for the mod_authz_host Require ip feature, is reported by mod_status,

and is recorded by mod_log_config %a and core %a format strings.

The underlying client IP of the connection is available in the %{c}a format string.

Enable this behavior from intermediate hosts (proxies, etc)


When multiple, comma delimited useragent IP addresses are listed in the header value,

they are processed in Right-to-Left order.

Processing halts when a given useragent IP address is not trusted to present the preceding IP address.

The header field is updated to this remaining list of unconfirmed IP addresses,

or if all IP addresses were trusted, this header is removed from the request altogether.


# header-field header as the useragent IP address

# subject to further configuration of the RemoteIPInternalProxy and RemoteIPTrustedProxy directives.

RemoteIPHeader header-field

# adds one or more addresses (or address blocks) to trust as presenting a valid RemoteIPHeader value

# any IP address presented in this header, including private intranet addresses, are trusted

RemoteIPInternalProxy proxy-ip|proxy-ip/subnet|hostname ...

# a file parsed at startup, and builds a list of addresses (or address blocks) to trust

#  '#' hash character designates a comment line

RemoteIPInternalProxyList filename

i.e. reverve proxy ( client --> nginx --> apache )



# Centos 7 的 Apache2.4 包含了此 module 並預設載入了
LoadModule remoteip_module modules/mod_remoteip.so


# treat the value of the specified header-field header as the useragent IP address
RemoteIPHeader X-Forwarded-For

# any IP address presented in this header, including private intranet addresses, are trusted

 LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

用在 Proxy 的情況

RemoteIPProxiesHeader HeaderFieldName
RemoteIPProxyProtocol On|Off
RemoteIPProxyProtocolExceptions host|range [host|range] [host|range]
RemoteIPTrustedProxy proxy-ip|proxy-ip/subnet|hostname ...
RemoteIPTrustedProxyList filename








Convert response body into an RFC2397 data URL

Data URLs can be embedded inline within web pages using something like the mod_include module, to remove the need for clients to make separate connections to fetch what may potentially be many small images. Data URLs may also be included into pages generated by scripting languages such as PHP.

<Location "/data/images">
    SetOutputFilter DATA





Allows "anonymous" user access to authenticated areas


This module authorizes access to files by comparing the userid used for HTTP authentication (the web userid)
with the file-system owner or group of the requested file.




A simple echo server to illustrate protocol modules
(Telnet to it and type stuff, and it will echo it)

Default:    ProtocolEcho Off




Dumps all I/O to error log as desired.



Logging of input and output bytes per request

# including headers
%I     Bytes received
%O     Bytes sent







mod_dbd manages SQL database connections using APR. It provides database connections on request to modules requiring SQL database functions, and takes care of managing databases with optimal efficiency and scalability for both threaded and non-threaded MPMs.




Provides an environment variable with a unique identifier for each request




a shared object cache provider which provides for creation and access to a cache backed




Slot-based shared memory provider


Access to a shared memory segment in which the datasets are organized in "slots."

All shared memory is cleared and cleaned with each restart


Access to a plain memory segment in which the datasets are organized in "slots."

If the memory needs to be shared between threads and processes, a better provider would be mod_slotmem_shm.




Provides Lua hooks into various portions of the httpd request processing

<Files "*.lua">
    SetHandler lua-script




retrieves and installs remote Certificate Revocation Lists (CRLs) into an Apache web server.




A file located in that directory, typically called index.html. The DirectoryIndex directive sets the name of the file or files to be used.

This is controlled by mod_dir.

Otherwise, a listing generated by the server. The other directives control the format of this listing.




- ChrootDir Directive
- Group Directive
- User Directive
- Suexec Directive

Directory for apache to run chroot(8) after startup.

Syntax:    ChrootDir /path/to/directory
Default:    none