Apache HTTP Server Version 2.0
Apache Module mod_info
Description: Provides a comprehensive overview of the server configuration Status: Extension Module Identifier: info_module Summary
To configure
mod_info
, add the following to yourhttpd.conf
file.
<Location /server-info>
SetHandler server-info
</Location>
You may wish to add a
<Limit>
clause inside the<location>
directive to limit access to your server configuration information.Once configured, the server information is obtained by accessing
http://your.host.dom/server-info
Note that the configuration files are read by the module at run-time, and therefore the display may not reflect the running server's active configuration if the files have been changed since the server was last reloaded. Also, the configuration files must be readable by the user as which the server is running (see the User
directive), or else the directive settings will not be listed.It should also be noted that if
mod_info
is compiled into the server, its handler capability is available in all configuration files, including per-directory files (e.g.,.htaccess
). This may have security-related ramifications for your site.In particular, this module can leak sensitive information from the configuration directives of other Apache modules such as system paths, usernames/passwords, database names, etc. Due to the way this module works there is no way to block information from it. Therefore, this module should ONLY be used in a controlled environment and always with caution.
Directives
AddModuleInfo Directive
Description: Allows additional information to be added to the module information displayed by the server-info handler Syntax: AddModuleInfo module-name string Context: server config, virtual host Status: Extension Module: mod_info Compatibility: Apache 1.3 and above This allows the content of string to be shown as HTML interpreted, Additional Information for the module module-name. Example:
AddModuleInfo mod_auth.c 'See <A HREF="http://www.apache.org/docs/mod/mod_auth.html">http://www.apache.org/docs/mod/mod_auth.html</A>'