Apache 2.2 2.4 different




2.4 與 2.2 的分別


Access control

2.2 configuration:

Order deny,allow
Deny from all

2.4 configuration:

Require all denied


2.2 configuration:

Order allow,deny
Allow from all

2.4 configuration:

Require all granted


2.2 configuration:

Order Deny,Allow
Deny from all
Allow from example.org

2.4 configuration:

Require host example.org

Require ip 192.168.88



<Files *.ini>
  <IfModule mod_authz_core.c>
     # Apache 2.4
        Require all denied
   <IfModule !mod_authz_core.c>
     # Apache 2.2
     deny from all


Dynamically loaded MPMs (Multi-Processing Modules)


Event MPM => "fix" for Apache's "keep alive problem"
* making it so Apache no longer needs to have one thread open per concurrent client.


Config file variables

Define rootDir /var/www

=============== New Modules

mod_macro (available since 2.4.5)
    Provide macros within configuration files.




 advanced substitution module

 allow you to configure Apache to handle the form authentication and then pass the credentials back to your application
 * Enables the use of session state for clients, using cookie or database storage.


mod_ssl enhancements
    share your SSL Session cache between Apache servers using a memcache server
mod_proxy_balancer enhancements
    1. changes for BalancerMembers via balancer-manager
    2. BalancerMembers can be set to 'Drain' so that they only respond to existing sticky sessions, allowing them to be taken gracefully offline.
    3. Balancer settings can be persistent after restarts.

MaxRequestWorkers & MaxConnectionsPerChild


MaxClients has been renamed to MaxRequestWorkers,

which describes more accurately what it does.

MaxRequestsPerChild has been renamed to MaxConnectionsPerChild


Include & IncludeOptional


Ubuntu 在 Apache2.4 有以下 Setting

IncludeOptional mods-enabled/*.load
IncludeOptional mods-enabled/*.conf

Include ports.conf

IncludeOptional 與 Include 的分別

"IncludeOptional" identically to the "Include" directive


當 Include  沒有中 wildcards 時會"ERROR" start 唔起,  而 IncludeOptional 會 ignore include 唔到 file


 * absolute path

 * relative to the ServerRoot (grep ServerRoot /etc/httpd/conf)




Performance setting


# Use memory-mapping to read files during delivery
# Default:    On
#EnableMMAP off


For NFS mounted files, this feature may be disabled explicitly

<Directory "/path-to-nfs-files">
  EnableMMAP Off


# Use the kernel sendfile support to deliver files to the client
# Default: Off
EnableSendfile on


# Default會 load 的 module 放了在

  • /etc/httpd/conf.modules.d/00-base.conf




<VirtualHost *:80>
        ServerName x.x.x.x
    ErrorLog /dev/null
    TransferLog /dev/null
    ServerAdmin x@x
    <Directory /var/www/html>
        Require all granted


<VirtualHost *:80>
    Define DOMAIN x.x

    ServerAdmin x@x

    ServerName ${DOMAIN}
    ServerAlias www.${DOMAIN}

    DirectoryIndex index.php index.htm index.html

    DocumentRoot /home/vhosts/${DOMAIN}/public_html
    <Directory /home/vhosts/${DOMAIN}/public_html>
        Require all granted
        Options -Indexes
        AllowOverride All
    IndexOptions FancyIndexing

    ErrorLog /home/vhosts/${DOMAIN}/logs/error.log
    CustomLog /home/vhosts/${DOMAIN}/logs/access.log combined




Setting on Different Version


不同 Version load 不同 setting

<IfModule mod_authz_core.c>
  # Apache 2.4
    Require ip
<IfModule !mod_authz_core.c>
  # Apache 2.2
  Order Deny,Allow
  Deny from All
  Allow from

# check version

<IfModule !mod_version.c>
  LoadModule version_module /usr/lib/apache2/modules/mod_version.so

<IfVersion < 2.4>
  LoadModule pagespeed_module /usr/lib/apache2/modules/mod_pagespeed.so
<IfVersion >= 2.4.2>
  LoadModule pagespeed_module /usr/lib/apache2/modules/mod_pagespeed_ap24.so





# The TimeOut directive defines the length of time Apache httpd will wait for I/O in various circumstances:
# When reading data from the client, the length of time to wait for a TCP packet to arrive if the read buffer is empty.
# For initial data on a new connection, this directive doesn't take effect until after any configured AcceptFilter has passed the new connection to the server.
# When writing data to the client, the length of time to wait for an acknowledgement of a packet if the send buffer is full.

# Default: 60

TimeOut seconds

# Default: On

KeepAlive On

# Default: 5 sec.

KeepAliveTimeout 1





Logging for mod_rewrite is now achieved using the ErrorLog directive


LogLevel alert rewrite:trace3