[관련 게시물]
Ubuntu 20.04 LTS에서 APM 설치
2020/09/14 - [서버 운영/APM 서버 구축] - 우분투(Ubuntu) 20.04에서 APM 설치 - 아파치(Apache2 설치
2020/09/16 - [서버 운영/APM 서버 구축] - 우분투(Ubuntu) 20.04에서 APM 설치 - 마리아DB(MariaDB) 10.3 설치
2020/09/18 - [서버 운영/APM 서버 구축] - 우분투(Ubuntu) 20.04에서 APM 설치 - 마리아DB(MariaDB) 10.5 설치
2020/09/20 - [서버 운영/APM 서버 구축] - 우분투(Ubuntu) 20.04에서 APM 설치 - PHP 7.4 설치
2020/09/22 - [서버 운영/APM 서버 구축] - 우분투(Ubuntu) 20.04에서 APM 설치 - APM 설치 후 방화벽 설정
2020/09/26 - [서버 운영/APM 서버 구축] - 우분투 20.04 APM 서버 기본 환경 파일 설정 - apache2.conf 기본 설정
2020/09/28 - [서버 운영/APM 서버 구축] - 우분투 20.04 APM 서버 기본 환경 파일 설정 - php.ini 기본 설정
Ubuntu 20.04에서 설치한 Apache2 서버 주요 설정 파일 원문
2020/09/30 - [서버 운영/APM 서버 구축] - 우분투 20.04 APM 서버 주요 환경 파일 목록
2020/10/05 - [서버 운영/APM 서버 구축] - 우분투 20.04 APM 서버 주요 환경 파일 원문 - Apache2
2020/10/07 - [서버 운영/APM 서버 구축] - 우분투 20.04 APM 서버 주요 환경 파일 원문 - PHP 7.4 - php.ini
Ubuntu 20.04에서 설치한 Apache2 서버 주요 설정 파일 내 지시어 설명
2020/10/09 - [서버 운영/APM 서버 구축] - [Ubuntu 20.04 - Apache2 서버] apache2.conf의 기본값에 사용된 지시어 설명
2020/10/11 - [서버 운영/APM 서버 구축] - [Ubuntu 20.04 - Apache2 서버] ports.conf 의 기본값에 사용된 지시어 설명
2020/10/13 - [서버 운영/APM 서버 구축] - [Ubuntu 20.04 - Apache2 서버] envvars의 기본값에 사용된 지시어 설명
2020/10/15 - [서버 운영/APM 서버 구축] - [Ubuntu 20.04 - Apache2 서버] security.conf의 기본값에 사용된 지시어 설명
2020/10/17 - [서버 운영/APM 서버 구축] - [Ubuntu 20.04 - Apache2 서버] 000-default.conf의 기본값에 사용된 지시어 설명
2020/10/19 - [서버 운영/APM 서버 구축] - [Ubuntu 20.04 - Apache2 서버] default-ssl.conf의 기본값에 사용된 지시어 설명
Ubuntu 20.04에서 phpMyAdmin 설치 및 설정2021.02.20 - [서버 운영/APM 서버 구축] - 우분투 20.04에서 phpMyAdmin 설치 01 - 저장소 설치
2021.03.15 - [서버 운영/APM 서버 구축] - 우분투 20.04에서 phpMyAdmin 설치 02 - Apache 서버 관리자를 위한수동 설치(버전 5.1.0 기준)
2021.03.17 - [서버 운영/APM 서버 구축] - 우분투 20.04에서 phpMyAdmin 설치 03 - 보안강화 작업
2021.03.19 - [서버 운영/APM 서버 구축] - phpMyAdmin 설치 04 - 웹호스팅 사용자를 위한 수동 설치(버전 5.1.0 기준)
2021.03.21 - [서버 운영/APM 서버 구축] - phpMyAdmin 설치 05 - setup 페이지를 통한 구성 파일 생성
Ubuntu 18.04 LTS에서 APM 설치
2018/11/09 - [서버 운영/APM 서버 구축] - Apache 서버 설치
2018/11/14 - [서버 운영/APM 서버 구축] - MariaDB 설치
2018/11/16 - [서버 운영/APM 서버 구축] - MariaDB 업그레이드 1
2018/11/16 - [서버 운영/APM 서버 구축] - MariaDB 업그레이드 3
2018/11/19 - [서버 운영/APM 서버 구축] - PHP7 설치
2018/11/21 - [서버 운영/APM 서버 구축] - 서버 환경 파일 수정 - php.ini, apache2.conf
Ubuntu 18.04 LTS에서 MariaDB 백업 및 업그레이드
2019/01/15 - [서버 운영/APM 서버 구축] - MariaDB & MySQL 백업과 복원 - Nextcloud 14
2019/06/27 - [서버 운영/APM 서버 구축] - MariaDB 업그레이드 (Upgrading from MariaDB 10.3 to MariaDB 10.4)
Ubuntu 18.04 LTS에서 PHP 버전 전환
Ubuntu 18.04 LTS에서 phpmyadmin 설치 및 운용
2018/11/23 - [서버 운영/APM 서버 구축] - phpmyadmin 설치 - APT 패키지 관리자를 통한 설치
2019/06/18 - [서버 운영/APM 서버 구축] - APT 패키지 관리자를 통해 설치한 phpMyAdmin 업그레이드 방법(업그레이드 버전 4.9.0.1)
2019/07/01 - [서버 운영/APM 서버 구축] - phpMyAdmin 수동 설치 01 - 일반 설치
2019/07/03 - [서버 운영/APM 서버 구축] - phpMyAdmin 수동 설치 02 - 심볼릭 링크를 이용한 보안 접속
XAMPP 설치 및 운용
2019/04/20 - [서버 운영/서버 구축 꾸러미] - XAMPP에 대하여(버전 7.1.28 / 7.2.17 / 7.3.4)
2019/04/22 - [서버 운영/서버 구축 꾸러미] - XAMPP for Windows 7.3.4 인스톨러 설치
2019/04/25 - [서버 운영/서버 구축 꾸러미] - XAMPP for Windows 설정
2019/06/03 - [서버 운영/서버 구축 꾸러미] - XAMPP 포터블(portable) 사용법
2019/06/05 - [서버 운영/서버 구축 꾸러미] - XAMPP for Linux 4.3.5 설치 및 사용법
서버 운영을 위한 관련 연재글
2018/11/07 - [리눅스/Ubuntu] - 방화벽 설정 - ufw
2018/11/12 - [서버 운영/버추얼박스(VirtualBox)] - 가상머신(Virtualbox) 내 서버 외부접속
2019/01/05 - [미디어위키/미디어위키 설치 및 관리] - 호스트 컴퓨터에서 가상머신 내 미디어위키 접속 및 작업을 위한 버추얼박스 포트포워딩 설정
Ubuntu 20.04 Apache2 주요 구성 파일 원문
/etc/apache2/apache2.conf
study@study-VirtualBox:~$ cat -n /etc/apache2/apache2.conf
1 # This is the main Apache server configuration file. It contains the
2 # configuration directives that give the server its instructions.
3 # See http://httpd.apache.org/docs/2.4/ for detailed information about
4 # the directives and /usr/share/doc/apache2/README.Debian about Debian specific
5 # hints.
6 #
7 #
8 # Summary of how the Apache 2 configuration works in Debian:
9 # The Apache 2 web server configuration in Debian is quite different to
10 # upstream's suggested way to configure the web server. This is because Debian's
11 # default Apache2 installation attempts to make adding and removing modules,
12 # virtual hosts, and extra configuration directives as flexible as possible, in
13 # order to make automating the changes and administering the server as easy as
14 # possible.
15
16 # It is split into several files forming the configuration hierarchy outlined
17 # below, all located in the /etc/apache2/ directory:
18 #
19 # /etc/apache2/
20 # |-- apache2.conf
21 # | `-- ports.conf
22 # |-- mods-enabled
23 # | |-- *.load
24 # | `-- *.conf
25 # |-- conf-enabled
26 # | `-- *.conf
27 # `-- sites-enabled
28 # `-- *.conf
29 #
30 #
31 # * apache2.conf is the main configuration file (this file). It puts the pieces
32 # together by including all remaining configuration files when starting up the
33 # web server.
34 #
35 # * ports.conf is always included from the main configuration file. It is
36 # supposed to determine listening ports for incoming connections which can be
37 # customized anytime.
38 #
39 # * Configuration files in the mods-enabled/, conf-enabled/ and sites-enabled/
40 # directories contain particular configuration snippets which manage modules,
41 # global configuration fragments, or virtual host configurations,
42 # respectively.
43 #
44 # They are activated by symlinking available configuration files from their
45 # respective *-available/ counterparts. These should be managed by using our
46 # helpers a2enmod/a2dismod, a2ensite/a2dissite and a2enconf/a2disconf. See
47 # their respective man pages for detailed information.
48 #
49 # * The binary is called apache2. Due to the use of environment variables, in
50 # the default configuration, apache2 needs to be started/stopped with
51 # /etc/init.d/apache2 or apache2ctl. Calling /usr/bin/apache2 directly will not
52 # work with the default configuration.
53
54
55 # Global configuration
56 #
57
58 #
59 # ServerRoot: The top of the directory tree under which the server's
60 # configuration, error, and log files are kept.
61 #
62 # NOTE! If you intend to place this on an NFS (or otherwise network)
63 # mounted filesystem then please read the Mutex documentation (available
64 # at );
65 # you will save yourself a lot of trouble.
66 #
67 # Do NOT add a slash at the end of the directory path.
68 #
69 #ServerRoot "/etc/apache2"
70
71 #
72 # The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
73 #
74 #Mutex file:$ default
75
76 #
77 # The directory where shm and other runtime files will be stored.
78 #
79
80 DefaultRuntimeDir $
81
82 #
83 # PidFile: The file in which the server should record its process
84 # identification number when it starts.
85 # This needs to be set in /etc/apache2/envvars
86 #
87 PidFile $
88
89 #
90 # Timeout: The number of seconds before receives and sends time out.
91 #
92 Timeout 300
93
94 #
95 # KeepAlive: Whether or not to allow persistent connections (more than
96 # one request per connection). Set to "Off" to deactivate.
97 #
98 KeepAlive On
99
100 #
101 # MaxKeepAliveRequests: The maximum number of requests to allow
102 # during a persistent connection. Set to 0 to allow an unlimited amount.
103 # We recommend you leave this number high, for maximum performance.
104 #
105 MaxKeepAliveRequests 100
106
107 #
108 # KeepAliveTimeout: Number of seconds to wait for the next request from the
109 # same client on the same connection.
110 #
111 KeepAliveTimeout 5
112
113
114 # These need to be set in /etc/apache2/envvars
115 User $
116 Group $
117
118 #
119 # HostnameLookups: Log the names of clients or just their IP addresses
120 # e.g., www.apache.org (on) or 204.62.129.132 (off).
121 # The default is off because it'd be overall better for the net if people
122 # had to knowingly turn this feature on, since enabling it means that
123 # each client request will result in AT LEAST one lookup request to the
124 # nameserver.
125 #
126 HostnameLookups Off
127
128 # ErrorLog: The location of the error log file.
129 # If you do not specify an ErrorLog directive within a
130 # container, error messages relating to that virtual host will be
131 # logged here. If you *do* define an error logfile for a
132 # container, that host's errors will be logged there and not here.
133 #
134 ErrorLog $/error.log
135
136 #
137 # LogLevel: Control the severity of messages logged to the error_log.
138 # Available values: trace8, ..., trace1, debug, info, notice, warn,
139 # error, crit, alert, emerg.
140 # It is also possible to configure the log level for particular modules, e.g.
141 # "LogLevel info ssl:warn"
142 #
143 LogLevel warn
144
145 # Include module configuration:
146 IncludeOptional mods-enabled/*.load
147 IncludeOptional mods-enabled/*.conf
148
149 # Include list of ports to listen on
150 Include ports.conf
151
152
153 # Sets the default security model of the Apache2 HTTPD server. It does
154 # not allow access to the root filesystem outside of /usr/share and /var/www.
155 # The former is used by web applications packaged in Debian,
156 # the latter may be used for local directories served by the web server. If
157 # your system is serving content from a sub-directory in /srv you must allow
158 # access here, or in any related virtual host.
159
160 Options FollowSymLinks
161 AllowOverride None
162 Require all denied
163
164
165
166 AllowOverride None
167 Require all granted
168
169
170
171 Options Indexes FollowSymLinks
172 AllowOverride None
173 Require all granted
174
175
176 #
177 # Options Indexes FollowSymLinks
178 # AllowOverride None
179 # Require all granted
180 #
181
182
183
184
185 # AccessFileName: The name of the file to look for in each directory
186 # for additional configuration directives. See also the AllowOverride
187 # directive.
188 #
189 AccessFileName .htaccess
190
191 #
192 # The following lines prevent .htaccess and .htpasswd files from being
193 # viewed by Web clients.
194 #
195
196 Require all denied
197
198
199
200 #
201 # The following directives define some format nicknames for use with
202 # a CustomLog directive.
203 #
204 # These deviate from the Common Log Format definitions in that they use %O
205 # (the actual bytes sent including headers) instead of %b (the size of the
206 # requested file), because the latter makes it impossible to detect partial
207 # requests.
208 #
209 # Note that the use of %i instead of %h is not recommended.
210 # Use mod_remoteip instead.
211 #
212 LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%i\" \"%i\"" vhost_combined
213 LogFormat "%h %l %u %t \"%r\" %>s %O \"%i\" \"%i\"" combined
214 LogFormat "%h %l %u %t \"%r\" %>s %O" common
215 LogFormat "%i -> %U" referer
216 LogFormat "%i" agent
217
218 # Include of directories ignores editors' and dpkg's backup files,
219 # see README.Debian for details.
220
221 # Include generic snippets of statements
222 IncludeOptional conf-enabled/*.conf
223
224 # Include the virtual host configurations:
225 IncludeOptional sites-enabled/*.conf
226
227 # vim: syntax=apache ts=4 sw=4 sts=4 sr noet
study@study-VirtualBox:~$
/etc/apache2/ports.conf
study@study-VirtualBox:~$ cat -n /etc/apache2/ports.conf
1 # If you just change the port or add more ports here, you will likely also
2 # have to change the VirtualHost statement in
3 # /etc/apache2/sites-enabled/000-default.conf
4
5 Listen 80
6
7
8 Listen 443
9
10
11
12 Listen 443
13
14
15 # vim: syntax=apache ts=4 sw=4 sts=4 sr noet
study@study-VirtualBox:~$
/etc/apache2/envvars
study@study-VirtualBox:~$ cat -n /etc/apache2/envvars
1 # envvars - default environment variables for apache2ctl
2
3 # this won't be correct after changing uid
4 unset HOME
5
6 # for supporting multiple apache2 instances
7 if [ "$" != "$" ] ; then
8 SUFFIX="-$"
9 else
10 SUFFIX=
11 fi
12
13 # Since there is no sane way to get the parsed apache2 config in scripts, some
14 # settings are defined via environment variables and then used in apache2ctl,
15 # /etc/init.d/apache2, /etc/logrotate.d/apache2, etc.
16 export APACHE_RUN_USER=www-data
17 export APACHE_RUN_GROUP=www-data
18 # temporary state file location. This might be changed to /run in Wheezy+1
19 export APACHE_PID_FILE=/var/run/apache2$SUFFIX/apache2.pid
20 export APACHE_RUN_DIR=/var/run/apache2$SUFFIX
21 export APACHE_LOCK_DIR=/var/lock/apache2$SUFFIX
22 # Only /var/log/apache2 is handled by /etc/logrotate.d/apache2.
23 export APACHE_LOG_DIR=/var/log/apache2$SUFFIX
24
25 ## The locale used by some modules like mod_dav
26 export LANG=C
27 ## Uncomment the following line to use the system default locale instead:
28 #. /etc/default/locale
29
30 export LANG
31
32 ## The command to get the status for 'apache2ctl status'.
33 ## Some packages providing 'www-browser' need '--dump' instead of '-dump'.
34 #export APACHE_LYNX='www-browser -dump'
35
36 ## If you need a higher file descriptor limit, uncomment and adjust the
37 ## following line (default is 8192):
38 #APACHE_ULIMIT_MAX_FILES='ulimit -n 65536'
39
40 ## If you would like to pass arguments to the web server, add them below
41 ## to the APACHE_ARGUMENTS environment.
42 #export APACHE_ARGUMENTS=''
43
44 ## Enable the debug mode for maintainer scripts.
45 ## This will produce a verbose output on package installations of web server modules and web application
46 ## installations which interact with Apache
47 #export APACHE2_MAINTSCRIPT_DEBUG=1
study@study-VirtualBox:~$
/etc/apache2/conf-available/security.conf
#
# Disable access to the entire file system except for the directories that
# are explicitly allowed later.
#
# This currently breaks the configurations that come with some web application
# Debian packages.
#
#
# AllowOverride None
# Require all denied
#
# Changing the following options will not really affect the security of the
# server, but might make attacks slightly more difficult in some cases.
#
# ServerTokens
# This directive configures what you return as the Server HTTP response
# Header. The default is 'Full' which sends information about the OS-Type
# and compiled in modules.
# Set to one of: Full | OS | Minimal | Minor | Major | Prod
# where Full conveys the most information, and Prod the least.
#ServerTokens Minimal
ServerTokens OS
#ServerTokens Full
#
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (internal error documents, FTP directory
# listings, mod_status and mod_info output etc., but not CGI generated
# documents or custom error documents).
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
# Set to one of: On | Off | EMail
#ServerSignature Off
ServerSignature On
#
# Allow TRACE method
#
# Set to "extended" to also reflect the request body (only for testing and
# diagnostic purposes).
#
# Set to one of: On | Off | extended
TraceEnable Off
#TraceEnable On
#
# Forbid access to version control directories
#
# If you use version control systems in your document root, you should
# probably deny access to their directories. For example, for subversion:
#
#<directorymatch "="" \.svn">
# Require all denied
#
#
# Setting this header will prevent MSIE from interpreting files as something
# else than declared by the content type in the HTTP headers.
# Requires mod_headers to be enabled.
#
#Header set X-Content-Type-Options: "nosniff"
#
# Setting this header will prevent other sites from embedding pages from this
# site as frames. This defends against clickjacking attacks.
# Requires mod_headers to be enabled.
#
#Header set X-Frame-Options: "sameorigin"
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
/etc/apache2/sites-available/000-default.conf
tudy@study-VirtualBox:~$ cat -n /etc/apache2/sites-available/000-default.conf
1
2 # The ServerName directive sets the request scheme, hostname and port that
3 # the server uses to identify itself. This is used when creating
4 # redirection URLs. In the context of virtual hosts, the ServerName
5 # specifies what hostname must appear in the request's Host: header to
6 # match this virtual host. For the default virtual host (this file) this
7 # value is not decisive as it is used as a last resort host regardless.
8 # However, you must set it for any further virtual host explicitly.
9 #ServerName www.example.com
10
11 ServerAdmin webmaster@localhost
12 DocumentRoot /var/www/html
13
14 # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
15 # error, crit, alert, emerg.
16 # It is also possible to configure the loglevel for particular
17 # modules, e.g.
18 #LogLevel info ssl:warn
19
20 ErrorLog $/error.log
21 CustomLog $/access.log combined
22
23 # For most configuration files from conf-available/, which are
24 # enabled or disabled at a global level, it is possible to
25 # include a line for only one particular virtual host. For example the
26 # following line enables the CGI configuration for this host only
27 # after it has been globally disabled with "a2disconf".
28 #Include conf-available/serve-cgi-bin.conf
29
30
31 # vim: syntax=apache ts=4 sw=4 sts=4 sr noet
study@study-VirtualBox:~$
/etc/apache2/sites-available/default-ssl.conf
study@study-VirtualBox:~$ cat -n /etc/apache2/sites-available/default-ssl.conf
1
2
3 ServerAdmin webmaster@localhost
4
5 DocumentRoot /var/www/html
6
7 # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
8 # error, crit, alert, emerg.
9 # It is also possible to configure the loglevel for particular
10 # modules, e.g.
11 #LogLevel info ssl:warn
12
13 ErrorLog $/error.log
14 CustomLog $/access.log combined
15
16 # For most configuration files from conf-available/, which are
17 # enabled or disabled at a global level, it is possible to
18 # include a line for only one particular virtual host. For example the
19 # following line enables the CGI configuration for this host only
20 # after it has been globally disabled with "a2disconf".
21 #Include conf-available/serve-cgi-bin.conf
22
23 # SSL Engine Switch:
24 # Enable/Disable SSL for this virtual host.
25 SSLEngine on
26
27 # A self-signed (snakeoil) certificate can be created by installing
28 # the ssl-cert package. See
29 # /usr/share/doc/apache2/README.Debian.gz for more info.
30 # If both key and certificate are stored in the same file, only the
31 # SSLCertificateFile directive is needed.
32 SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
33 SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
34
35 # Server Certificate Chain:
36 # Point SSLCertificateChainFile at a file containing the
37 # concatenation of PEM encoded CA certificates which form the
38 # certificate chain for the server certificate. Alternatively
39 # the referenced file can be the same as SSLCertificateFile
40 # when the CA certificates are directly appended to the server
41 # certificate for convinience.
42 #SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt
43
44 # Certificate Authority (CA):
45 # Set the CA certificate verification path where to find CA
46 # certificates for client authentication or alternatively one
47 # huge file containing all of them (file must be PEM encoded)
48 # Note: Inside SSLCACertificatePath you need hash symlinks
49 # to point to the certificate files. Use the provided
50 # Makefile to update the hash symlinks after changes.
51 #SSLCACertificatePath /etc/ssl/certs/
52 #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt
53
54 # Certificate Revocation Lists (CRL):
55 # Set the CA revocation path where to find CA CRLs for client
56 # authentication or alternatively one huge file containing all
57 # of them (file must be PEM encoded)
58 # Note: Inside SSLCARevocationPath you need hash symlinks
59 # to point to the certificate files. Use the provided
60 # Makefile to update the hash symlinks after changes.
61 #SSLCARevocationPath /etc/apache2/ssl.crl/
62 #SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl
63
64 # Client Authentication (Type):
65 # Client certificate verification type and depth. Types are
66 # none, optional, require and optional_no_ca. Depth is a
67 # number which specifies how deeply to verify the certificate
68 # issuer chain before deciding the certificate is not valid.
69 #SSLVerifyClient require
70 #SSLVerifyDepth 10
71
72 # SSL Engine Options:
73 # Set various options for the SSL engine.
74 # o FakeBasicAuth:
75 # Translate the client X.509 into a Basic Authorisation. This means that
76 # the standard Auth/DBMAuth methods can be used for access control. The
77 # user name is the `one line' version of the client's X.509 certificate.
78 # Note that no password is obtained from the user. Every entry in the user
79 # file needs this password: `xxj31ZMTZzkVA'.
80 # o ExportCertData:
81 # This exports two additional environment variables: SSL_CLIENT_CERT and
82 # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
83 # server (always existing) and the client (only existing when client
84 # authentication is used). This can be used to import the certificates
85 # into CGI scripts.
86 # o StdEnvVars:
87 # This exports the standard SSL/TLS related `SSL_*' environment variables.
88 # Per default this exportation is switched off for performance reasons,
89 # because the extraction step is an expensive operation and is usually
90 # useless for serving static content. So one usually enables the
91 # exportation for CGI and SSI requests only.
92 # o OptRenegotiate:
93 # This enables optimized SSL connection renegotiation handling when SSL
94 # directives are used in per-directory context.
95 #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
96
97 SSLOptions +StdEnvVars
98
99
100 SSLOptions +StdEnvVars
101
102
103 # SSL Protocol Adjustments:
104 # The safe and default but still SSL/TLS standard compliant shutdown
105 # approach is that mod_ssl sends the close notify alert but doesn't wait for
106 # the close notify alert from client. When you need a different shutdown
107 # approach you can use one of the following variables:
108 # o ssl-unclean-shutdown:
109 # This forces an unclean shutdown when the connection is closed, i.e. no
110 # SSL close notify alert is send or allowed to received. This violates
111 # the SSL/TLS standard but is needed for some brain-dead browsers. Use
112 # this when you receive I/O errors because of the standard approach where
113 # mod_ssl sends the close notify alert.
114 # o ssl-accurate-shutdown:
115 # This forces an accurate shutdown when the connection is closed, i.e. a
116 # SSL close notify alert is send and mod_ssl waits for the close notify
117 # alert of the client. This is 100% SSL/TLS standard compliant, but in
118 # practice often causes hanging connections with brain-dead browsers. Use
119 # this only for browsers where you know that their SSL implementation
120 # works correctly.
121 # Notice: Most problems of broken clients are also related to the HTTP
122 # keep-alive facility, so you usually additionally want to disable
123 # keep-alive for those clients, too. Use variable "nokeepalive" for this.
124 # Similarly, one has to force some clients to use HTTP/1.0 to workaround
125 # their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
126 # "force-response-1.0" for this.
127 # BrowserMatch "MSIE [2-6]" \
128 # nokeepalive ssl-unclean-shutdown \
129 # downgrade-1.0 force-response-1.0
130
131
132
133
134 # vim: syntax=apache ts=4 sw=4 sts=4 sr noet
study@study-VirtualBox:~$
'서버 운영 > APM 서버 구축' 카테고리의 다른 글
[Ubuntu 20.04 - Apache2 서버] envvars의 기본값에 사용된 지시어 설명 (0) | 2020.10.13 |
---|---|
[Ubuntu 20.04 - Apache2 서버] ports.conf 의 기본값에 사용된 지시어 설명 (0) | 2020.10.11 |
[Ubuntu 20.04 - Apache2 서버] apache2.conf의 기본값에 사용된 지시어 설명 (0) | 2020.10.09 |
우분투 20.04 APM 서버 주요 환경 파일 원문 - PHP 7.4 - php.ini (0) | 2020.10.07 |
우분투 20.04 APM 서버 주요 환경 파일 목록 (0) | 2020.09.30 |
우분투 20.04 APM 서버 기본 환경 파일 설정 - php.ini 기본 설정 (1) | 2020.09.28 |
우분투 20.04 APM 서버 기본 환경 파일 설정 - apache2.conf 기본 설정 (0) | 2020.09.26 |
MariaDB 10.4 이후의 계정 인증 관련 변화(unix_socket, mysql_native_password 인증 / 계정, 암호 및 전역 권한 정보 저장 테이블 변경 등) (0) | 2020.09.24 |