# 10-AUG-1994 # Configuration file for default server installation. See bottom of # file for description of configuration (rules) file format. # #localaddress 128.146.235.50 # set only for multi-homed host. #hostname www.xyxxy.com #Port 8000 # # Set trace level to current value of environment variable http_log_level. # Since second argument in TraceLevel rule is null, trace data will go # to error log file. # TraceLevel http_log_level # # Enable access log (common format), entries will be appended to file access.log # AccessLog access.log # # Disable reverse host lookup. When enabled, hostnames are logged rather than # addresses. # DNSLookup off # # Define list of welcome files (index files) to search for when only a # directory is specified in the URL, 1 file per welcome directive. # Welcome index.html Welcome index.htmlx Welcome welcome.html # # Turn on directory browsing (on by default) so files that don't have # directories will get list of files formatted into HTML. # Note: The Welcome and DirAccess rules only apply when the internal browser # is being used, they don't apply if http_suffixes defines an external # browser (presenation rule for text/file-directory). # DirAccess on # include http_suffixes.conf # suffixes definitions. # # Comment out the following line to disable searches. The argument is # the script name (default www_root:[00000].exe) to execute. search www_root:[bin]index_search.exe #search www_root:[bin]dtsearch.com # # Comment out the following line to disable the authenticator sub-process. # The authenticator must be running in order for any 'protect' rules to # function properly. # authenticator www_root:[000000]cel_authenticator # # Protect certain urls in order to demonstrate the protection mechanism hostprot /www/hostprot.html www_root:[000000]level1.prot protect /www/userprot.html www_root:[000000]level2.prot # # Sample exec definition. It assumes the following directory structure: # # www_root:[000000] Server account login directory. # www_root:[bin] Contains scripts. # www_root:[documents] Contains HTML files (home page, etc). # map /help* /htbin/helpgate/help* exec /htbin/* www_root:[bin] exec /tarserv/* sys$node::"0=WWWTAR"tar_archive: # # Configure access to home files directory (www_root:[documents]). Set alias # /www to translate to /www_root/documents. # map / /www/index.html pass /www/* /www_root/documents/* pass /www_root/documents/* pass /www_root/script_code/* # # Only allow certain of the login directory (www_root:[000000]) files to be # accessible, then prohibit www_root/000000/* in order to prevent users from # circumventing the protected files by putting adding a series of root dirs. # pass /www_root/000000/wwwexec.com pass /www_root/000000/sample_authenticator.c fail /www_root/000000/* # # Comment out the follow line to disable user directory access. The server will # allow access to the web subdirectory of a user's account if set by the user. # userdir www # # Fail everything else (this is the default, but include for completeness). # fail * ################################################################################## # # Format of rules file: # Comments are delimited by #. # # map template result # If address matches template, use result string for future rulse. # Template and result must be in unix file specification format # (/device/dir/dir/...). # # pass template [result] # if address matches the template, use it as is. If result argument # is present, perform map operation and use translation. # # userdir sub-dir # if address matches template /~username/xxx, replace with # /device/directory/sub-dir/xxx where device and directory are specified # username's default device and directory. Note that sub-dir string # must not have a leading slash. (e.g. userdir web). # # fail template # Prohibit access to this address. # # redirect template url # If address matches template, a redirect will be sent to the client # redirecting it to the specified URL. The URL must be in absolute # format (include scheme and host). Local redirects are redundant # since they can be handled by map directives. # # htbin directory * obsolete * # Superceded by exec directory, for compatibility this directive is # mapped internally to "exec /htbin/* directory". # # exec dir-template [node::["obj-spec"]]script-directory # If address matches dir-template, invoke corresponding script # in corresponding script directory. Note that dir-template must be # in unix fomrmat (/dir/dir...) and script-directory must be in VMS # format (disk:[dir]). If the script directory is prefixed with a # DECnet node, the script task will be started on that node instead # of the default. If a node is specified, a object specification # ("object=" or "0=taskname") may be specified. # # accesslog logfile # Name of access log file. The file specified by logfile is opened # for append or created if it does not exist. # # dnslookup [on|off] # Enable/disable translation of remote host address to Domain Name # Server host name. If enabled, the translated name will appear # in the log files. # # tracelevel level [tracefile] # Set trace level and trace file for debugging. You may specify level # as either a numeric constant or a environment variable (DCL symbol) # name. The trace level has the same meaning as the environment # variable http_log_level and will override it. The optional tracefile # parameter specifies a separate file to record the trace, if missing # trace entries will go to the standard error log file. # # include config-file # Read specified file and process records as if they were being read # from original file at the point of the include statement. Includes # may be nested to 20 levels (who would do that?). # # defprot dir-template protection-setup-file # Set default protection setup file for protect and hostprot directives. # # protect dir-template [protection-setup-file] # If address matches dir-template, validate access against that # granted by protection-setup-file. The protection-setup-file argument # may be in either unix or VMS format. # # hostprot dir-template [protection-setup-file] # Same as protect command above except that simpler (level 1) # protection checks take place. Only groupmask directives in setup # file are processed and only items without usernames (i.e. # @xxx.xxx.xxx.xxx) are checked. # # search [node::["obj-spec"]]script-name # Search script to use to search documents. If search rule not # present, searches will be disabled. # # suffix [.sfx|*|*.*] representation encoding [quality] # bind data-type to file suffix. Special values for suffix fields are # * (match any file that hasn't matched another suffix) and *.* ( # (match file with suffix that hasn't matched another suffix). # The represention field is the MIME content-type. # Data encodings: BASE64 QUOTED_PRINTABLE 8BIT 7BIT BINARY x-token. # # presentation representation [node::["obj-spec"]]script-name # Used by clients to map respresentations to a command to execute to # render that representation (e.g. mpeg). Script-name is VMS file # specification of script to execute to convert source file to contents # standard content-type for transmission to client. If a presentation # for rep. "text/file-directory" is defined, the corresponding script # will be invoked to format 'directory' URLS (ending in '/'). # Default directory for the script is WWW_ROOT:[000000]. # # welcome index-filename # Adds index-filename to list of default file names to search for when # the requested URL is a directory (ends in slash). The files are # searched for in the same order as they appear in the configuration # file. If no welcome directives are defined, the server uses a # default list of index.html, index.htmlx for compatibilty with # previous releases. # # If the first welcome rule has no index-filename specified, all # checks will be disabled. # # diraccess [on|off|selective] [filename] # Controls whether server generates an automatic directory listing # when no welcome page found in a directory. A value of 'on' enables # directory generation and a value of 'off' disables the listing. A # value of 'selective' causes the server to list the directory iff it # contains the specified filename (defaults to .www_browsable). # # localaddress ip-address # For multi-homed hosts, specifies the address of the interface # (or pseudo-interface) which server is to listen on. ip-address # must be in 'dot' format (i.e. 128.146.235.50). # # hostname name # Specified the hostname to use for server-generated redirects. By # default server used value of HTTP_DEFAULT_HOST enviroment variable. # # port port-num [nocache-port-num] # Specifies port number server is to listen on, overriding the port # specified on the command line. # # Operation: # At server startup, rules file is read sequentially. The presence and/or # values of any 'search', 'authenticator', 'suffix', and 'presentation' # commands is noted/saved. All other rules are tokenized and saved # in a table for processing in the same order that they occur in the rules # file when a URL is to be translated. Comments are discarded. # # The ident portion of a URL is translated by making a copy of it in a work # area and testing the work area copy against each entry in the tokenized # rule list. A rule that matches against the translation in the work area # may rewrite the translation (see map rule), subsequent tests for # triggering rules will be made against the new translation. # # The data from suffix rules is kept in a different data structure optimized # for finding highest quality representation supported by a client request. ##################################################################################