CONTENT

CHANGES

Szukaj

#top Konfiguracja¶

[<<]|[<]|[^]|[v]|[>]|[>>]|[Zwiń]|[#top]|[X]

#top Listen¶

Zobacz także Listen dla: Apache | Nginx | Lighttpd | thttpd | HAProxy | Varnish | SQUID

Dokumentacja Lighttpd: server.bind
Dokumentacja Lighttpd: server.use-ipv6
Składnia: server.bind = "address"
Domyślna wartość: bind to all interfaces (IPv4 by default, IPv6 if you enable IPv6 with server.use-ipv6)
Domyślna wartość: server.use-ipv6 disable;
Opis:

EXAMPLES

server.port = 80
server.bind="192.0.2.1"

#top Timeout¶

Zobacz także Timeout dla: Apache | Nginx | Lighttpd | thttpd | HAProxy | Varnish | SQUID

Dokumentacja Lighttpd: Lighttpd Core, server.max-read-idle
Składnia: server.max-read-idle = time;
Domyślna wartość: 60
Opis: maximum number of seconds until a waiting, non keep-alive read times out and closes the connection

Dokumentacja Lighttpd: Lighttpd Core, server.max-write-idle
Składnia: server.max-write-idle = time;
Domyślna wartość: 360
Opis: maximum number of seconds until a waiting write call times out and closes the connection

Dokumentacja Lighttpd: Lighttpd Core, server.max-keep-alive-idle
Składnia: server.max-keep-alive-idle = time;
Domyślna wartość: 5
Opis: Maximum number of seconds until an idling keep-alive connection is dropped.

EXAMPLES

# default values
server.max-read-idle = 60;
server.max-write-idle = 360;
server.max-keep-alive-idle = 5;

#top Signature¶

## send a different Server: header
## be nice and keep it at lighttpd
server.tag                 = "lighttpd"

#top vhosts default¶

$HTTP["host"] != "news.example.org" {
    simple-vhost.server-root = "/srv/nginx/vhosts/"
    simple-vhost.default-host = "example.org"
    simple-vhost.document-root = "pages"
    server.errorlog = log_root + "/default-error.log"
    accesslog.filename = log_root + "/default-access.log"
}

$HTTP["host"] == "news.example.org" {
    server.document-root = "/var/www/servers/news2.example.org/pages/"
    server.errorlog = log_root + "/news_example_org-error.log"
    accesslog.filename = log_root + "/news_example_org-access.log"
}

#top vhosts SSL¶

$SERVER["socket"] == "10.0.0.1:443" {
        ssl.engine = "enable"
        ssl.pemfile = "/etc/lighttpd/ssl/domain1.com.pem"
        ssl.use-sslv2 = "disable"
        $HTTP["host"] == "domain1.com" {
          server.document-root = "/srv/nginx/vhosts/domain1.com"
        }
        server.errorlog = log_root + "/domain1_com-error.log"
        accesslog.filename = log_root + "/domain1_com-access.log"
    }

$SERVER["socket"] == "10.0.0.2:443" {
        ssl.engine = "enable"
        ssl.pemfile = "/etc/lighttpd/ssl/domain2.com.pem"
        ssl.use-sslv2 = "disable"
        $HTTP["host"] == "domain2.com" {
          server.document-root = "/www/servers/domain2.com"
        }
        server.errorlog = log_root + "/domain2_com-error.log"
        accesslog.filename = log_root + "/domain2_com-access.log"
    }

#top ErrorLog¶

Zobacz także ErrorLog dla: Apache | Nginx | Lighttpd | thttpd | HAProxy | Varnish | SQUID

Dokumentacja Lighttpd: server.errorlog
Składnia: server.errorlog = "/path/to/error-log"
Dokumentacja Lighttpd: server.errorlog-use-syslog
Składnia: server.errorlog-use-syslog option
Opis: Określa ścieżkę do pliku z informacjami błędów. Zgodnie z dokumentacją:
NOTE: This directive should be used only once within a configuration and NOT for each virtual host (if any)
server.errorlog is global instead of per virtual host
serwer Lighttpd może posiadać tylko jeden plik z logami błedów. W odróżnieniu do innych serwerów nie można skonfigurować osobnego pliku z błędami per każdy skonfigurowany virtual host (analogicznie do accesslog).

EXAMPLES

##
## Some Variable definition which will make chrooting easier.
##
## if you add a variable here. Add the corresponding variable in the
## chroot example aswell.
##
var.log_root    = "/var/log/lighttpd"

##
##  Logging Options
## ------------------
##
## all logging options can be overwritten per vhost.
##
## Path to the error log file
##
server.errorlog             = log_root + "/error.log"

#top AccessLog¶

Zobacz także AccessLog dla: Apache | Nginx | Lighttpd | thttpd | HAProxy | Varnish | SQUID

Dokumentacja Lighttpd: accesslog.use-syslog
Dokumentacja Lighttpd: accesslog.syslog-level
Dokumentacja Lighttpd: accesslog.filename
Składnia: accesslog.filename = "/path/to/access.log"
Opis:

EXAMPLES

##
## Some Variable definition which will make chrooting easier.
##
## if you add a variable here. Add the corresponding variable in the
## chroot example aswell.
##
var.log_root    = "/var/log/lighttpd"

##
## Default access log.
##
accesslog.filename          = log_root + "/access.log"

#top LogFormat¶

##
## The default format produces CLF compatible output.
## For available parameters see access.txt
##
#accesslog.format = "%h %l %u %t \"%r\" %b %>s \"%{User-Agent}i\" \"%{Referer}i\""

The log format can contain common variables, and variables that exist only at the time of a log write:

Option	Description
`%%`	a percent sign
`%h`	name or address of remote-host
`%l`	ident name (not supported)
`%u`	authenticated user
`%t`	timestamp of the end-time of the request
`%r`	request-line
`%s`	status code
`%b`	bytes sent for the body
`%i`	HTTP-header field
`%a`	remote address
`%A`	local address
`%B`	same as %b
`%C`	cookie field (not supported)
`%D`	time used in ms (not supported)
`%e`	environment
`%f`	physical filename
`%H`	request protocol (HTTP/1.0, ...)
`%m`	request method (GET, POST, ...)
`%n`	(not supported)
`%o`	`response header`_
`%p`	server port
`%P`	(not supported)
`%q`	query string
`%T`	time used in seconds
`%U`	request URL
`%v`	server-name
`%V`	HTTP request host name
`%X`	connection status
`%I`	bytes incomming
`%O`	bytes outgoing

#top server status¶

# We need to load the module first.
server.modules = ( ..., "mod_status", ... )

# If you want to open the status page just for users from the local network
# cover it in a conditional.
$HTTP["remoteip"] == "10.0.0.0/8" {
    status.status-url = "/server-status" 
}

EXAMPLES
W głównym pliku konfiguracyjnym serwera /etc/lighttpd/lighttpd.conf należy aktywować konfigurację statusu:

##
## enable server-status
##
include "conf.d/status.conf"

W pliku konfiguracyjnym modułu /etc/lighttpd/conf.d/status.conf należy wprowadzić stosowne zmiany, aby zezwolić na wywoływanie adresu statusu:

$HTTP["remoteip"] == "10.0.0.0/8" {
##
## configure urls for the various parts of the module.
##
  status.status-url          = "/server-status"
  status.config-url          = "/server-config"
  status.statistics-url      = "/server-statistics"
##
## add JavaScript which allows client-side sorting for the connection
## overview
##
  status.enable-sort         = "enable"
}

$HTTP["remoteip"] == "127.0.0.0/8" {
##
## configure urls for the various parts of the module.
##
  status.status-url          = "/server-status"
  status.config-url          = "/server-config"
  status.statistics-url      = "/server-statistics"
##
## add JavaScript which allows client-side sorting for the connection
## overview
##
  status.enable-sort         = "enable"
}

$HTTP["remoteip"] == "10.0.0.0/8" {
##
## configure urls for the various parts of the module.
##
  status.status-url          = "/server-status"
  status.config-url          = "/server-config"
  status.statistics-url      = "/server-statistics"
##
## add JavaScript which allows client-side sorting for the connection
## overview
##
  status.enable-sort         = "enable"
}

##
#######################################################################

Po wprowadzeniu powyższych zmian niezbędny jest restart serwera lighttpd:

/etc/init.d/lighttpd restart

Wynik wywołania adresu statystyk http://example.org/server-status:

<?xml version="1.0" encoding="iso-8859-1"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
         "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
 <head>
  <title>Status</title>
  <style type="text/css">
    table.status { border: black solid thin; }
    td { white-space: nowrap; }
    td.int { background-color: #f0f0f0; text-align: right }
    td.string { background-color: #f0f0f0; text-align: left }
    th.status { background-color: black; color: white; font-weight: bold; }
    a.sortheader { background-color: black; color: white; font-weight: bold; text-decoration: none; display: block; }
    span.sortarrow { color: white; text-decoration: none; }
  </style>
<script type="text/javascript">
// <!--
var sort_column;
var prev_span = null;
function get_inner_text(el) {
 if((typeof el == 'string')||(typeof el == 'undefined'))
  return el;
 if(el.innerText)
  return el.innerText;
 else {
  var str = "";
  var cs = el.childNodes;
  var l = cs.length;
  for (i=0;i<l;i++) {
   if (cs[i].nodeType==1) str += get_inner_text(cs[i]);
   else if (cs[i].nodeType==3) str += cs[i].nodeValue;
  }
 }
 return str;
}
function sortfn(a,b) {
 var at = get_inner_text(a.cells[sort_column]);
 var bt = get_inner_text(b.cells[sort_column]);
 if (a.cells[sort_column].className == 'int') {
  return parseInt(at)-parseInt(bt);
 } else {
  aa = at.toLowerCase();
  bb = bt.toLowerCase();
  if (aa==bb) return 0;
  else if (aa<bb) return -1;
  else return 1;
 }
}
function resort(lnk) {
 var span = lnk.childNodes[1];
 var table = lnk.parentNode.parentNode.parentNode.parentNode;
 var rows = new Array();
 for (j=1;j<table.rows.length;j++)
  rows[j-1] = table.rows[j];
 sort_column = lnk.parentNode.cellIndex;
 rows.sort(sortfn);
 if (prev_span != null) prev_span.innerHTML = '';
 if (span.getAttribute('sortdir')=='down') {
  span.innerHTML = '&uarr;';
  span.setAttribute('sortdir','up');
  rows.reverse();
 } else {
  span.innerHTML = '&darr;';
  span.setAttribute('sortdir','down');
 }
 for (i=0;i<rows.length;i++)
  table.tBodies[0].appendChild(rows[i]);
 prev_span = span;
}
// -->
</script>
 </head>
 <body>
<h1>Server-Status (lighttpd 1.4.28)</h1><table summary="status" class="status"><tr><td>Hostname</td><td class="string">10.41.0.58:86 ()</td></tr>
<tr><td>Uptime</td><td class="string">4 min 11 s</td></tr>
<tr><td>Started at</td><td class="string">2016-04-05 20:39:29</td></tr>
<tr><th colspan="2">absolute (since start)</th></tr>
<tr><td>Requests</td><td class="string">8  req</td></tr>
<tr><td>Traffic</td><td class="string">30.54 kbyte</td></tr>
<tr><th colspan="2">average (since start)</th></tr>
<tr><td>Requests</td><td class="string">0  req/s</td></tr>
<tr><td>Traffic</td><td class="string">124.59  byte/s</td></tr>
<tr><th colspan="2">average (5s sliding average)</th></tr>
<tr><td>Requests</td><td class="string">0  req/s</td></tr>
<tr><td>Traffic</td><td class="string">0.00  byte/s</td></tr>
</table>
<hr />
<pre><strong>legend</strong>
. = connect, C = close, E = hard error, k = keep-alive
r = read, R = read-POST, W = write, h = handle-request
q = request-start,  Q = request-end
s = response-start, S = response-end
<strong>1 connections</strong>
h
</pre><hr />
<h2>Connections</h2>
<table summary="status" class="status">
<tr><th class="status"><a href="#" class="sortheader" onclick="resort(this);return false;">Client IP<span class="sortarrow">:</span></a></th>
<th class="status"><a href="#" class="sortheader" onclick="resort(this);return false;">Read<span class="sortarrow">:</span></a></th>
<th class="status"><a href="#" class="sortheader" onclick="resort(this);return false;">Written<span class="sortarrow">:</span></a></th>
<th class="status"><a href="#" class="sortheader" onclick="resort(this);return false;">State<span class="sortarrow">:</span></a></th>
<th class="status"><a href="#" class="sortheader" onclick="resort(this);return false;">Time<span class="sortarrow">:</span></a></th>
<th class="status"><a href="#" class="sortheader" onclick="resort(this);return false;">Host<span class="sortarrow">:</span></a></th>
<th class="status"><a href="#" class="sortheader" onclick="resort(this);return false;">URI<span class="sortarrow">:</span></a></th>
<th class="status"><a href="#" class="sortheader" onclick="resort(this);return false;">File<span class="sortarrow">:</span></a></th>
</tr>
<tr><td class="string">10.0.0.3</td><td class="int">0/0</td><td class="int">0/4480</td><td class="string">handle-req</td><td class="int">1</td><td class="string">10.41.0.58:86</td><td class="string">/server-status (/server-status)</td><td class="string"></td></tr>
</table>
 </body>
</html>

#top Modules¶

#top mod-logging¶

#top mod-misc¶

#top mod-auth¶

#top mod-headers¶

#top mod-proxy¶

proxy.balance: might be one of 'fair' (default), 'hash', 'round-robin' or 'sticky'.
'sticky' (since 1.4.44) sends requests from the same (client) IP to the same backend.

proxy.balance = "fair"
$HTTP["host"] == "cen05dev.xen.wbcd.pl" {
  proxy.balance = "hash"
  proxy.server  = ( "" => (
                            ( "host" => "10.41.0.54", "port" => 81 ),
                            ( "host" => "10.41.0.56", "port" => 81 )
                          ) )
}
$HTTP["host"] == "cen06dev.xen.wbcd.pl" {
  proxy.balance = "hash"
  proxy.server  = ( "" => (
                            ( "host" => "10.41.0.54", "port" => 81 ),
                            ( "host" => "10.41.0.56", "port" => 81 )
                          ) )
}

#top Access Restrictions¶

#top AccessAllow¶

#top AccessDeny¶

#top headers¶

#top HTTP Header Add¶

Zobacz także HTTP Header Add dla: Apache | Nginx | Lighttpd | thttpd | HAProxy | Varnish | SQUID

Dokumentacja Lighttpd: mod_setenv - set HTTP Environment
Składnia: setenv.add-request-header = ( "Header-Name" => "Header-cont")
Składnia: setenv.add-response-header = ( "Header-Name" => "Header-cont")
Opis:

EXAMPLES

setenv.add-request-header = ("X-Proxy" => server.name)
setenv.add-response-header = ("MyHeader" => "Hello From Lighttpd")

#top HTTP Header Set¶

Zobacz także HTTP Header Set dla: Apache | Nginx | Lighttpd | thttpd | HAProxy | Varnish | SQUID

Dokumentacja Lighttpd: Docs ModSetEnv - Lighttpd
Składnia: setenv.set-request-header = ( "Header-Name" => "Header-cont")
Składnia: setenv.set-response-header = ( "Header-Name" => "Header-cont")
Opis:

EXAMPLES

setenv.set-request-header = ("X-Proxy" => server.name)
setenv.set-response-header = ("MyHeader" => "Hello From Lighttpd")

#top HTTP Header Remove¶

#top Header Access¶

#top Header MIME¶

#top TLS Engine¶

Dokumentacja Lighttpd: Secure HTTP
Dokumentacja Lighttpd: SSL on multiple domains

#top TLS Enable¶

$SERVER["socket"] == ":443" {
ssl.engine = "enable"
}

#top TLS Cert/Key File¶

Zobacz także TLS Cert/Key File dla: Apache | Nginx | Lighttpd | thttpd | HAProxy | Varnish | SQUID

Dokumentacja Lighttpd: Secure HTTP / Configuration / Details
Składnia: ssl.pemfile = /path/to/the/PEM.file
Opis:

Dokumentacja Lighttpd: Chained certificates
Składnia: ssl.ca-file = /path/to/the/CA.file
Opis:

Dokumentacja Lighttpd: Diffie-Hellman and Elliptic-Curve Diffie-Hellman parameters
Składnia: ssl.dh-file = /path/to/the/PEM/file/for/Diffie-Hellman.key
Opis:

EXAMPLES

ssl.pemfile = "/etc/lighttpd/ssl/server.pem"
ssl.ca-file = "/etc/lighttpd/ssl/ca.crt"
ssl.dh-file = "/etc/lighttpd/ssl/dh2048.pem"

#top TLS Protocols¶

ssl.use-sslv2 = "disable"
ssl.use-sslv3 = "disable"

#top TLS CipherSuite¶

# The more generic version (without the restriction to RSA keys) is
ssl.cipher-list = "HIGH !aNULL !3DES +kEDH +kRSA !kSRP !kPSK"
# Make the server prefer the order of the server side cipher suite instead of the client suite.
# This option is enabled by default, but only used if ssl.cipher-list is set.
ssl.honor-cipher-order = "enable"

#top TLS Compression¶

#top TLS Options¶

ssl.disable-client-renegotiation = "disable"

Zmodyfikowany ostatnio: 2018/01/04 19:49:27 (7 lat temu), textsize: 32,6 kB, htmlsize: 58,6 kB

Zapraszam do komentowania, zgłaszania sugestii, propozycji, własnych przykładów, ...

Dodaj komentarzKomentarze użytkowników