Webサーバーの設定方法(Red Hat Linux 9)



●設定方法

 rpmfind.netからダウンロードしてきた最新版のrpmファイルをインストールします。
  # rpm -ivh apache-1.3.20-0vl1.i386.rpm
  # rpm -ivh apache-devel-1.3.20-0vl1.i386.rpm
  # rpm -ivh apache-manual-1.3.20-0vl1.i386.rpm
apacheに関する詳細な情報はこちらを参照してください。

Webサーバ(apache)の設定ファイルの編集
  # vi /etc/httpd/conf/httpd.conf
  ##
  ## httpd.conf -- Apache HTTP server configuration file
  ##
  #
  # Based upon the NCSA server configuration files originally by Rob McCool.
  #
  # This is the main Apache server configuration file.  It contains the
  # configuration directives that give the server its instructions.
  # See <URL:http://www.apache.org/docs/> for detailed information about
  # the directives.
  #
  # Do NOT simply read the instructions in here without understanding
  # what they do.  They're here only as hints or reminders.  If you are unsure
  # consult the online docs. You have been warned.  
  #
  # After this file is processed, the server will look for and process
  # /usr/conf/srm.conf and then /usr/conf/access.conf
  # unless you have overridden these with ResourceConfig and/or
  # AccessConfig directives here.
  #
  # The configuration directives are grouped into three basic sections:
  #  1. Directives that control the operation of the Apache server process as a
  #     whole (the 'global environment').
  #  2. Directives that define the parameters of the 'main' or 'default' server,
  #     which responds to requests that aren't handled by a virtual host.
  #     These directives also provide default values for the settings
  #     of all virtual hosts.
  #  3. Settings for virtual hosts, which allow Web requests to be sent to
  #     different IP addresses or hostnames and have them handled by the
  #     same Apache server process.
  #
  # Configuration and logfile names: If the filenames you specify for many
  # of the server's control files begin with "/" (or "drive:/" for Win32), the
  # server will use that explicit path.  If the filenames do *not* begin
  # with "/", the value of ServerRoot is prepended -- so "logs/foo.log"
  # with ServerRoot set to "/usr/local/apache" will be interpreted by the
  # server as "/usr/local/apache/logs/foo.log".
  #
  ### Section 1: Global Environment
  #
  # The directives in this section affect the overall operation of Apache,
  # such as the number of concurrent requests it can handle or where it
  # can find its configuration files.
  #
  #
  # ServerType is either inetd, or standalone.  Inetd mode is only supported on
  # Unix platforms.
  #
  ServerType standalone  ←  ApacheがInetdからの起動かスタンドアロンかを指定
  #
  # ServerRoot: The top of the directory tree under which the server's
  # configuration, error, and log files are kept.
  #
  # NOTE!  If you intend to place this on an NFS (or otherwise network)
  # mounted filesystem then please read the LockFile documentation
  # (available at <URL:http://www.apache.org/docs/mod/core.html#lockfile>);
  # you will save yourself a lot of trouble.
  #
  # Do NOT add a slash at the end of the directory path.
  #
  ServerRoot /etc/httpd  ←  Apacheが稼動する際のベースディレクトリを指定
  #
  # The LockFile directive sets the path to the lockfile used when Apache
  # is compiled with either USE_FCNTL_SERIALIZED_ACCEPT or
  # USE_FLOCK_SERIALIZED_ACCEPT. This directive should normally be left at
  # its default value. The main reason for changing it is if the logs
  # directory is NFS mounted, since the lockfile MUST BE STORED ON A LOCAL
  # DISK. The PID of the main server process is automatically appended to
  # the filename. 
  #
  LockFile /var/lock/httpd.lock  ←  ロックファイルの名前を指定
  #
  # PidFile: The file in which the server should record its process
  # identification number when it starts.
  #
  PidFile /var/run/httpd.pid  ←  プロセスIDを書きこむファイルの名前を指定
  #
  # ScoreBoardFile: File used to store internal server process information.
  # Not all architectures require this.  But if yours does (you'll know because
  # this file will be  created when you run Apache) then you *must* ensure that
  # no two invocations of Apache share the same scoreboard file.
  #
  ScoreBoardFile /var/run/httpd.scoreboard
          ↑  Apacheが稼動状況を書きこむファイルの名前を指定
  #
  # In the standard configuration, the server will process this file,
  # srm.conf, and access.conf in that order.  The latter two files are
  # now distributed empty, as it is recommended that all directives
  # be kept in a single file for simplicity.  The commented-out values
  # below are the built-in defaults.  You can have the server ignore
  # these files altogether by using "/dev/null" (for Unix) or
  # "nul" (for Win32) for the arguments to the directives.
  #
  #ResourceConfig conf/srm.conf  ←  リソース設定ファイルのパスを指定(srm.conf)
        現在では、httpd.conf に全ての設定を記述できるため、
        /dev/null と指定して無効にする事が推奨されます。
  #AccessConfig conf/access.conf  ←  アクセス設定ファイルのパスを指定(access.conf)
        現在では、httpd.conf に全ての設定を記述できるため、
        /dev/null と指定して無効にする事が推奨されます。
  #
  # Timeout: The number of seconds before receives and sends time out.
  #
  Timeout 300  ←  タイムアウト時間を指定します
  #
  # KeepAlive: Whether or not to allow persistent connections (more than
  # one request per connection). Set to "Off" to deactivate.
  #
  KeepAlive On  ←  キープアライブ機能の使用可否を指定
  #
  # MaxKeepAliveRequests: The maximum number of requests to allow
  # during a persistent connection. Set to 0 to allow an unlimited amount.
  # We recommend you leave this number high, for maximum performance.
  #
  MaxKeepAliveRequests 100  ←  キープアライブ機能で連続して処理できる要求の数
  #
  # KeepAliveTimeout: Number of seconds to wait for the next request from the
  # same client on the same connection.
  #
  KeepAliveTimeout 15  ←  キープアライブ機能のタイムアウト時間
  #
  # Server-pool size regulation.  Rather than making you guess how many
  # server processes you need, Apache dynamically adapts to the load it
  # sees --- that is, it tries to maintain enough server processes to
  # handle the current load, plus a few spare servers to handle transient
  # load spikes (e.g., multiple simultaneous requests from a single
  # Netscape browser).
  #
  # It does this by periodically checking how many servers are waiting
  # for a request.  If there are fewer than MinSpareServers, it creates
  # a new spare.  If there are more than MaxSpareServers, some of the
  # spares die off.  The default values are probably OK for most sites.
  #
  MinSpareServers 5  ←  待機状態のプロセスの下限数
  MaxSpareServers 20  ←  待機状態のプロセスの上限数
  #
  # Number of servers to start initially --- should be a reasonable ballpark
  # figure.
  #
  StartServers 8  ←  最初に起動したときに実行しておくべきサーバ数を設定
  #
  # Limit on total number of servers running, i.e., limit on the number
  # of clients who can simultaneously connect --- if this limit is ever
  # reached, clients will be LOCKED OUT, so it should NOT BE SET TOO LOW.
  # It is intended mainly as a brake to keep a runaway server from taking
  # the system with it as it spirals down...
  #
  MaxClients 150  ←  同時に受け付けることができるクライアントの数を設定
  #
  # MaxRequestsPerChild: the number of requests each child process is
  # allowed to process before the child dies.  The child will exit so
  # as to avoid problems after prolonged use when Apache (and maybe the
  # libraries it uses) leak memory or other resources.  On most systems, this
  # isn't really needed, but a few (such as Solaris) do have notable leaks
  # in the libraries. For these platforms, set to something like 10000
  # or so; a setting of 0 means unlimited.
  #
  # NOTE: This value does not include keepalive requests after the initial
  #       request per connection. For example, if a child process handles
  #       an initial request and 10 subsequent "keptalive" requests, it
  #       would only count as 1 request towards this limit.
  #
  MaxRequestsPerChild 100  ←  ひとつのApacheが処理すべき要求数の指定
  #
  # Listen: Allows you to bind Apache to specific IP addresses and/or
  # ports, in addition to the default. See also the <VirtualHost>
  # directive.
  #
  #Listen 3000  ←  Apacheが要求を待ちうける2つ以上のIPアドレスもしくはポート番号を指定
  #Listen 12.34.56.78:80
  #
  # BindAddress: You can support virtual hosts with this option. This directive
  # is used to tell the server which IP address to listen to. It can either
  # contain "*", an IP address, or a fully qualified Internet domain name.
  # See also the <VirtualHost> and Listen directives.
  #
  #BindAddress *  ←  Apacheが要求を待ちうけるIPアドレスを指定
        *を指定した場合には全てのIPアドレスとなり、
        IPアドレスもしくはホスト名を指定した場合には特定のひとつのIPアドレスで
        クライアントからの要求を待ちうけることになります。
        もし、何個かのIPアドレスで待ち受けを行う場合にはListen指示子を使用してください。
  #
  # Dynamic Shared Object (DSO) Support
  #
  # To be able to use the functionality of a module which was built as a DSO you
  # have to place corresponding `LoadModule' lines at this location so the
  # directives contained in it are actually available _before_ they are used.
  # Please read the file README.DSO in the Apache 1.3 distribution for more
  # details about the DSO mechanism and run `httpd -l' for the list of already
  # built-in (statically linked and thus always available) modules in your httpd
  # binary.
  #
  # Note: The order is which modules are loaded is important.  Don't change
  # the order below without expert advice.
  #
  # Example:
  # LoadModule foo_module modules/mod_foo.so
  #LoadModule mmap_static_module modules/mod_mmap_static.so
  LoadModule vhost_alias_module modules/mod_vhost_alias.so
  LoadModule env_module         modules/mod_env.so
  LoadModule config_log_module  modules/mod_log_config.so
  LoadModule agent_log_module   modules/mod_log_agent.so
  LoadModule referer_log_module modules/mod_log_referer.so
  #LoadModule mime_magic_module  modules/mod_mime_magic.so
  LoadModule mime_module        modules/mod_mime.so
  LoadModule negotiation_module modules/mod_negotiation.so
  LoadModule status_module      modules/mod_status.so
  LoadModule info_module        modules/mod_info.so
  LoadModule includes_module    modules/mod_include.so
  LoadModule autoindex_module   modules/mod_autoindex.so
  LoadModule dir_module         modules/mod_dir.so
  LoadModule cgi_module         modules/mod_cgi.so
  LoadModule asis_module        modules/mod_asis.so
  LoadModule imap_module        modules/mod_imap.so
  LoadModule action_module      modules/mod_actions.so
  #LoadModule speling_module     modules/mod_speling.so
  LoadModule userdir_module     modules/mod_userdir.so
  LoadModule alias_module       modules/mod_alias.so
  LoadModule rewrite_module     modules/mod_rewrite.so
  LoadModule access_module      modules/mod_access.so
  LoadModule auth_module        modules/mod_auth.so
  LoadModule anon_auth_module   modules/mod_auth_anon.so
  LoadModule db_auth_module     modules/mod_auth_db.so
  LoadModule digest_module      modules/mod_digest.so
  LoadModule proxy_module       modules/libproxy.so
  #LoadModule cern_meta_module   modules/mod_cern_meta.so
  LoadModule expires_module     modules/mod_expires.so
  LoadModule headers_module     modules/mod_headers.so
  LoadModule usertrack_module   modules/mod_usertrack.so
  #LoadModule example_module     modules/mod_example.so
  #LoadModule unique_id_module   modules/mod_unique_id.so
  LoadModule setenvif_module    modules/mod_setenvif.so
  #LoadModule bandwidth_module   modules/mod_bandwidth.so
  #LoadModule put_module		modules/mod_put.so
  # Extra Modules
  #LoadModule perl_module        modules/libperl.so
  #LoadModule php_module         modules/mod_php.so
  #LoadModule php3_module        modules/libphp3.so
  #  Reconstruction of the complete module list from all available modules
  #  (static and shared ones) to achieve correct module execution order.
  #  [WHENEVER YOU CHANGE THE LOADMODULE SECTION ABOVE UPDATE THIS, TOO]
  ClearModuleList  ←  モジュールリストをクリア
        Apacheにあらかじめ組み込まれているモジュールリストをクリアし、
        有効なモジュールをリセットします。
        このあとで、AddModuleディレクティブにより無効にされた
        モジュールを有効にする事が可能です。
  #AddModule mod_mmap_static.c  ←  組み込み済みのモジュールを有効にする
        Apacheにあらかじめ組み込まれているものの無効にされているモジュールを、
        有効にする事が出来ます。
        なお、Apacheは有効なモジュールのリストを持っており、このリストを無効にする場合には
        ClearModuleList指示子を利用し、その後にAddModule指示子でモジュールを有効にします。
  AddModule mod_vhost_alias.c
  AddModule mod_env.c
  AddModule mod_log_config.c
  AddModule mod_log_agent.c
  AddModule mod_log_referer.c
  #AddModule mod_mime_magic.c
  AddModule mod_mime.c
  AddModule mod_negotiation.c
  AddModule mod_status.c
  AddModule mod_info.c
  AddModule mod_include.c
  AddModule mod_autoindex.c
  AddModule mod_dir.c
  AddModule mod_cgi.c
  AddModule mod_asis.c
  AddModule mod_imap.c
  AddModule mod_actions.c
  #AddModule mod_speling.c
  AddModule mod_userdir.c
  AddModule mod_alias.c
  AddModule mod_rewrite.c
  AddModule mod_access.c
  AddModule mod_auth.c
  AddModule mod_auth_anon.c
  AddModule mod_auth_db.c
  AddModule mod_digest.c
  AddModule mod_proxy.c
  #AddModule mod_cern_meta.c
  AddModule mod_expires.c
  AddModule mod_headers.c
  AddModule mod_usertrack.c
  #AddModule mod_example.c
  #AddModule mod_unique_id.c
  AddModule mod_so.c
  AddModule mod_setenvif.c
  #AddModule mod_bandwidth.c
  #AddModule mod_put.c
  # Extra Modules
  #AddModule mod_perl.c
  #AddModule mod_php.c
  #AddModule mod_php3.c
  #
  # ExtendedStatus: controls whether Apache will generate "full" status
  # information (ExtendedStatus On) or just basic information (ExtendedStatus
  # Off) when the "server-status" handler is called. The default is Off.
  #
  #ExtendedStatus On  ←  サーバ状況の表示時に、拡張表示を行うか否かを指定
  ### Section 2: 'Main' server configuration
  #
  # The directives in this section set up the values used by the 'main'
  # server, which responds to any requests that aren't handled by a
  # <VirtualHost> definition.  These values also provide defaults for
  # any <VirtualHost> containers you may define later in the file.
  #
  # All of these directives may appear inside <VirtualHost> containers,
  # in which case these default settings will be overridden for the
  # virtual host being defined.
  #
  #
  # If your ServerType directive (set earlier in the 'Global Environment'
  # section) is set to "inetd", the next few directives don't have any
  # effect since their settings are defined by the inetd configuration.
  # Skip ahead to the ServerAdmin directive.
  #
  #
  # Port: The port to which the standalone server listens. For
  # ports < 1023, you will need httpd to be run as root initially.
  #
  Port 80  ←  Apacheが待ちうけるポート番号を指定
  #
  # If you wish httpd to run as a different user or group, you must run
  # httpd as root initially and it will switch.  
  #
  # User/Group: The name (or #number) of the user/group to run httpd as.
  #  . On SCO (ODT 3) use "User nouser" and "Group nogroup".
  #  . On HPUX you may not be able to use shared memory as nobody, and the
  #    suggested workaround is to create a user www and use that user.
  #  NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
  #  when the value of (unsigned)Group is above 60000; 
  #  don't use Group nobody on these systems!
  #
  User nobody  ←  Apacheが動作するユーザ名称を指定
  Group nobody  ←  Apacheが動作するグループ名称を指定
  #
  # ServerAdmin: Your address, where problems with the server should be
  # e-mailed.  This address appears on some server-generated pages, such
  # as error documents.
  #
  ServerAdmin root@localhost  ←  サーバ管理者のメールアドレスを指定
        エラーメッセージをサーバが生成するときや、
        ディレクトリ一覧表示時にフッターとして表示する際などに用いられるものです。
  #
  # ServerName: allows you to set a host name which is sent back to clients for
  # your server if it's different than the one the program would get (i.e., use
  # "www" instead of the host's real name).
  #
  # Note: You cannot just invent host names and hope they work. The name you 
  # define here must be a valid DNS name for your host. If you don't understand
  # this, ask your network administrator.
  # If your host doesn't have a registered DNS name, enter its IP address here.
  # You will have to access it by its address (e.g., http://123.45.67.89/)
  # anyway, and this will make redirections work in a sensible way.
  #
  #ServerName localhost  ←  複数のホスト名を利用する際の動作を指定
  #
  # DocumentRoot: The directory out of which you will serve your
  # documents. By default, all requests are taken from this directory, but
  # symbolic links and aliases may be used to point to other locations.
  #
  DocumentRoot /home/httpd/html  ←  ドキュメントの置いているディレクトリを指定
        コンテンツを提供する際に、トップページが置かれているディレクトリを指定します。
        もし、Alias指示子を始めとしたパス指定の指示子がない場合には、
        ここで指定したディレクトリの配下が公開されることになります。
        なお、ディレクトリ指定をする際に、語尾には / をつけないようにして下さい。
  #
  # Each directory to which Apache has access, can be configured with respect
  # to which services and features are allowed and/or disabled in that
  # directory (and its subdirectories). 
  #
  # First, we configure the "default" to be a very restrictive set of 
  # permissions.  
  #
  <Directory />
      Options FollowSymLinks  ←  オプションの指定
      AllowOverride None  ←  アクセスファイルに記述できる指示子の制限
        サーバがアクセスファイル(htaccessファイル)を
        対象のディレクトリ内(もしくはその上位のディレクトリ)で発見すると、
        その中に記述された指示子を適用していきますが、
        AllowOverride指示子によりアクセスファイルに指定することの
        できる指示子を制限する事が可能です。
        なお、指定できる種別には、AuthConfig FileInfo Indexes Limit Options の
        5種類があり、アクセスファイル内の指示子が有効(上書)にできるか否かを設定します。

  </Directory>
  #
  # Note that from this point forward you must specifically allow
  # particular features to be enabled - so if something's not working as
  # you might expect, make sure that you have specifically enabled it
  # below.
  #
  #
  # This should be changed to whatever you set DocumentRoot to.
  #
  <Directory /home/httpd/html>
  #
  # This may also be "None", "All", or any combination of "Indexes",
  # "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews".
  #
  # Note that "MultiViews" must be named *explicitly* --- "Options All"
  # doesn't give it to you.
  #
      Options Indexes Includes FollowSymLinks  ←  オプションの指定
  #
  # This controls which options the .htaccess files in directories can
  # override. Can also be "All", or any combination of "Options", "FileInfo", 
  # "AuthConfig", and "Limit"
  #
      AllowOverride None  ←  アクセスファイルに記述できる指示子の制限
  #
  # Controls who can get stuff from this server.
  #
      Order allow,deny  ←  アクセスの許可・拒否の適用順序
      Allow from all  ←  アクセスを許可するホスト/ネットワークを指定
  </Directory>
  #
  # UserDir: The name of the directory which is appended onto a user's home
  # directory if a ~user request is received.
  #
  UserDir public_html  ←  〜(チルダ)アクセスの際にサーチするディレクトリ名称
  #
  # Control access to UserDir directories.  The following is an example
  # for a site where these directories are restricted to read-only.
  #
  #<Directory /home/*/public_html>
  #    AllowOverride FileInfo AuthConfig Limit
  #    Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
  #    <Limit GET POST OPTIONS PROPFIND>
  #        Order allow,denyy  ←  アクセスの許可・拒否の適用順序
  #        Allow from all  ←  アクセスを許可するホスト/ネットワークを指定
  #    </Limit>
  #    <Limit PUT DELETE PATCH PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
  #        Order deny,allowy  ←  アクセスの許可・拒否の適用順序
  #        Deny from all  ←  アクセスを拒否するホスト/ネットワークを指定
  #    </Limit>
  #</Directory>
  <Directory /home/httpd/html/mrtg>
    AuthType Basic  ←  ユーザ認証の種別を選択
        通常はBasicのみ利用できますが、モジュールの組み込みにより他の認証が利用可能になります。
    AuthName router_traffic  ←  認証に関する名称を設定
        認証が必要な際にクライアントに送られ、アクセスするためには
        どのユーザ名とパスワードを利用すれば良いのかをクライアントに判断させることが出来ます。
    AuthUserFile /home/httpd/auth_user/router_admin
          ↑  認証の際に利用する、ユーザ名を列挙したファイルの名前を指定します。
        ファイルは、UNIXのパスワードファイルと同じように1行に1ユーザを指定しますが、
        フィールド形式は、ユーザ名と暗号化されたパスワードを 
        :(コロン)で区切ったものとなります。
    require valid-user  ←  アクセスの制限を指定します
        ディレクトリやファイルへのアクセスを制限します。
        Require user ユーザID ユーザID …
            指定されたユーザID以外では、アクセスができなくなります。
        Require group グループ名 グループ名 …
            指定されたグループに所属するユーザ以外では、アクセスができなくなります。
        Require valid-user
            認証が完了したユーザは全てアクセスが可能です。
            もちろん、ユーザIDとパスワードが間違っていた場合にはアクセスできません。
  </Directory>
  #
  # DirectoryIndex: Name of the file or files to use as a pre-written HTML
  # directory index.  Separate multiple entries with spaces.
  #
  DirectoryIndex index.html index.htm index.shtml index.cgi
          ↑  ディレクトリアクセスの際に通常利用されるインデックスファイルの名前を指定
  #
  # AccessFileName: The name of the file to look for in each directory
  # for access control information.
  #
  AccessFileName .htaccess  ←  ディレクトリ毎の設定ファイル(アクセスファイル)の名前を指定
        アクセスファイルの中には、さまざまな指示子を記述する事ができ、
        ディレクトリ毎にさまざまな設定の追加を行え、複数のユーザで利用している際に有用でしょう。
        なお、アクセスファイルで指定された指示子はそのサブディレクトリでも有効ですが、
        サブディレクトリ内に別のアクセスファイルがあった場合には、そちらが優先されます。

  #
  # The following lines prevent .htaccess files from being viewed by
  # Web clients.  Since .htaccess files often contain authorization
  # information, access is disallowed for security reasons.  Comment
  # these lines out if you want Web visitors to see the contents of
  # .htaccess files.  If you change the AccessFileName directive above,
  # be sure to make the corresponding changes here.
  #
  # Also, folks tend to use names such as .htpasswd for password
  # files, so this will protect those as well.
  #
  <Files ~ "^\.ht">
      Order allow,deny  ←  アクセスの許可・拒否の適用順序
      Deny from all  ←  アクセスを拒否するホスト/ネットワークを指定
  </Files>
  #
  # CacheNegotiatedDocs: By default, Apache sends "Pragma: no-cache" with each
  # document that was negotiated on the basis of content. This asks proxy
  # servers not to cache the document. Uncommenting the following line disables
  # this behavior, and proxies will be allowed to cache the documents.
  #
  #CacheNegotiatedDocs  ←  PROXY関連
  #
  # UseCanonicalName:  (new for 1.3)  With this setting turned on, whenever
  # Apache needs to construct a self-referencing URL (a URL that refers back
  # to the server the response is coming from) it will use ServerName and
  # Port to form a "canonical" name.  With this setting off, Apache will
  # use the hostname:port that the client supplied, when possible.  This
  # also affects SERVER_NAME and SERVER_PORT in CGI scripts.
  #
  UseCanonicalName On  ←  アクセスに複数ホスト名を利用する場合におけるホスト名の扱いを設定
  #
  # TypesConfig describes where the mime.types file (or equivalent) is
  # to be found.
  #
  TypesConfig /etc/mime.types  ←  ???
  #
  # DefaultType is the default MIME type the server will use for a document
  # if it cannot otherwise determine one, such as from filename extensions.
  # If your server contains mostly text or HTML documents, "text/plain" is
  # a good value.  If most of your content is binary, such as applications
  # or images, you may want to use "application/octet-stream" instead to
  # keep browsers from trying to display binary files as though they are
  # text.
  #
  DefaultType text/plain  ←  標準のMIMEタイプを指定
        MIMEモジュール(mod_mime)が含まれている際には、
        対象ファイルの拡張子からドキュメントタイプを判断し、
        またMIMEマジックモジュール(mod_mime_magic)が含まれている際には、
        対象ファイルの中身からドキュメントタイプを判別する事ができます。
  #
  # The mod_mime_magic module allows the server to use various hints from the
  # contents of the file itself to determine its type.  The MIMEMagicFile
  # directive tells the module where the hint definitions are located.
  # mod_mime_magic is not part of the default server (you have to add
  # it yourself with a LoadModule [see the DSO paragraph in the 'Global
  # Environment' section], or recompile the server and include mod_mime_magic
  # as part of the configuration), so it's enclosed in an <IfModule> container.
  # This means that the MIMEMagicFile directive will only be processed if the
  # module is part of the server.
  #
  <IfModule mod_mime_magic.c>
      MIMEMagicFile share/magic  ←  ???
  </IfModule>
  #
  # HostnameLookups: Log the names of clients or just their IP addresses
  # e.g., www.apache.org (on) or 204.62.129.132 (off).
  # The default is off because it'd be overall better for the net if people
  # had to knowingly turn this feature on, since enabling it means that
  # each client request will result in AT LEAST one lookup request to the
  # nameserver.
  #
  HostnameLookups Off  ←  アクセスの際にIPアドレスの逆引きを行うか
  #
  # ErrorLog: The location of the error log file.
  # If you do not specify an ErrorLog directive within a <VirtualHost>
  # container, error messages relating to that virtual host will be
  # logged here.  If you *do* define an error logfile for a <VirtualHost>
  # container, that host's errors will be logged there and not here.
  #
  ErrorLog /var/log/httpd/error_log  ←  エラーログのパス名を指定
  #
  # LogLevel: Control the number of messages logged to the error_log.
  # Possible values include: debug, info, notice, warn, error, crit,
  # alert, emerg.
  #
  LogLevel warn  ←  エラーログに残すレベル指定
  #
  # The following directives define some format nicknames for use with
  # a CustomLog directive (see below).
  #
  LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
  LogFormat "%h %l %u %t \"%r\" %>s %b" common
  LogFormat "%{Referer}i -> %U" referer
  LogFormat "%{User-agent}i" agent  ←  ???
  #
  # The location and format of the access logfile (Common Logfile Format).
  # If you do not define any access logfiles within a <VirtualHost>
  # container, they will be logged here.  Contrariwise, if you *do*
  # define per-<VirtualHost> access logfiles, transactions will be
  # logged therein and *not* in this file.
  #
  CustomLog /var/log/httpd/access_log common  ←  ログをとる
  #
  # If you would like to have agent and referer logfiles, uncomment the
  # following directives.
  #
  #CustomLog /var/log/httpd/referer_log referer
  #CustomLog /var/log/httpd/agent_log agent
  #
  # If you prefer a single logfile with access, agent, and referer information
  # (Combined Logfile Format) you can use the following directive.
  #
  #CustomLog /var/log/httpd/access_log combined
  #
  # Optionally add a line containing the server version and virtual host
  # name to server-generated pages (error documents, FTP directory listings,
  # mod_status and mod_info output etc., but not CGI generated documents).
  # Set to "EMail" to also include a mailto: link to the ServerAdmin.
  # Set to one of:  On | Off | EMail
  #
  ServerSignature On  ←  Apacheがメッセージを生成する際の署名を指定
  #
  # Aliases: Add here as many aliases as you need (with no limit). The format is 
  # Alias fakename realname
  #
  # Note that if you include a trailing / on fakename then the server will
  # require it to be present in the URL.  So "/icons" isn't aliased in this
  # example, only "/icons/"..
  #
  Alias /icons/ /home/httpd/icons/  ←  特定のURIに対してエイリアスを指定する
  <Directory /home/httpd/icons>
      Options Indexes MultiViews  ←  オプションの指定
      AllowOverride None  ←  アクセスファイルに記述できる指示子の制限
      Order allow,deny  ←  アクセスの許可・拒否の適用順序
      Allow from all  ←  アクセスを許可するホスト/ネットワークを指定
  </Directory>
  #
  # ScriptAlias: This controls which directories contain server scripts.
  # ScriptAliases are essentially the same as Aliases, except that
  # documents in the realname directory are treated as applications and
  # run by the server when requested rather than as documents sent to the client.
  # The same rules about trailing "/" apply to ScriptAlias directives as to
  # Alias.
  #
  ScriptAlias /cgi-bin/ /home/httpd/cgi-bin/  ←  CGI実行専用のディレクトリの名前を指定
  #
  # "/home/httpd/cgi-bin" should be changed to whatever your ScriptAliased
  # CGI directory exists, if you have that configured.
  #
  <Directory /home/httpd/cgi-bin>
      AllowOverride None  ←  アクセスファイルに記述できる指示子の制限
      Options ExecCGI  ←  オプションの指定
      Order allow,deny  ←  アクセスの許可・拒否の適用順序
      Allow from all  ←  アクセスを許可するホスト/ネットワークを指定
  </Directory>
  #
  # Redirect allows you to tell clients about documents which used to exist in
  # your server's namespace, but do not anymore. This allows you to tell the
  # clients where to look for the relocated document.
  # Format: Redirect old-URI new-URL
  #
  #
  # Directives controlling the display of server-generated directory listings.
  #
  #
  # FancyIndexing: whether you want fancy directory indexing or standard
  #
  IndexOptions FancyIndexing  ←  ディレクトリインデックスを表示する際のオプションを指定
  #
  # AddIcon* directives tell the server which icon to show for different
  # files or filename extensions.  These are only displayed for
  # FancyIndexed directories.
  #
  AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
          ↑  ディレクトリリスト表示時のアイコンをMIMEエンコーディング毎に指定
        ディレクトリ一覧を表示する際に、IndexOptions指示子において
        FancyIndexingが指定されていると、アイコンを利用したHTMLドキュメントを返します。
        その際に、特定のMIMEエンコーディングごとに表示するアイコンを指定したければ、
        この指示子によって指定する事が可能です。
  AddIconByType (TXT,/icons/text.gif) text/*
          ↑  ディレクトリリスト表示時のアイコンをMIMEタイプ毎に指定
        ディレクトリ一覧を表示する際に、IndexOptions指示子において
        FancyIndexingが指定されていると、アイコンを利用したHTMLドキュメントを返します。
        その際に、特定のMIMEエンコーディングごとに表示するアイコンを指定したければ、
        この指示子によって指定する事が可能です。
  AddIconByType (IMG,/icons/image2.gif) image/*
  AddIconByType (SND,/icons/sound2.gif) audio/*
  AddIconByType (VID,/icons/movie.gif) video/*
  AddIcon /icons/binary.gif .bin .exe
          ↑  ディレクトリ一覧作成時の、表示するアイコンを拡張子ごとに指定
        ディレクトリ一覧を表示する際に、IndexOptions指示子において
        FancyIndexingが指定されていると、アイコンを利用したHTMLドキュメントを返します。
        その際に、特定のMIMEエンコーディングごとに表示するアイコンを指定したければ、
        この指示子によって指定する事が可能です。
  AddIcon /icons/binhex.gif .hqx
  AddIcon /icons/tar.gif .tar
  AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
  AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
  AddIcon /icons/a.gif .ps .ai .eps
  AddIcon /icons/layout.gif .html .shtml .htm .pdf
  AddIcon /icons/text.gif .txt
  AddIcon /icons/c.gif .c
  AddIcon /icons/p.gif .pl .py
  AddIcon /icons/f.gif .for
  AddIcon /icons/dvi.gif .dvi
  AddIcon /icons/uuencoded.gif .uu
  AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
  AddIcon /icons/tex.gif .tex
  AddIcon /icons/bomb.gif core
  AddIcon /icons/back.gif ..
  AddIcon /icons/hand.right.gif README
  AddIcon /icons/folder.gif ^^DIRECTORY^^
  AddIcon /icons/blank.gif ^^BLANKICON^^
  #
  # DefaultIcon: which icon to show for files which do not have an icon
  # explicitly set.
  #
  DefaultIcon /icons/unknown.gif  ←  ディレクトリリスト表示時の標準アイコンを指定
  #
  # AddDescription: allows you to place a short description after a file in
  # server-generated indexes.  These are only displayed for FancyIndexed
  # directories.
  # Format: AddDescription "description" filename
  #
  #AddDescription "GZIP compressed document" .gz
          ↑  ディレクトリリスト表示時に付記する注釈文を拡張子毎に指定
        ディレクトリ一覧を表示する際に、IndexOptions指示子においてFancyIndexingが
        指定されていると、アイコンを利用したHTMLドキュメントを返します。
        その際に、拡張子ごとに特定の文字列を注釈としてリスト中に付記したければ、
        この指示子によって指定してください。
  #AddDescription "tar archive" .tar
  #AddDescription "GZIP compressed tar archive" .tgz
  #
  # ReadmeName: the name of the README file the server will look for by
  # default, and append to directory listings.
  #
  # HeaderName: the name of a file which should be prepended to
  # directory indexes. 
  #
  # The server will first look for name.html and include it if found.
  # If name.html doesn't exist, the server will then look for name.txt
  # and include it as plaintext if found.
  #
  ReadmeName README  ←  ???
  HeaderName HEADER
          ↑  ディレクトリリスト表示時に上部に表示するメッセージを記述したファイルの名前を指定
  #
  # IndexIgnore: a set of filenames which directory indexing should ignore
  # and not include in the listing.  Shell-style wildcarding is permitted.
  #
  IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
          ↑ ディレクトリ一覧表示時にリストへ含めないファイルの名前を指定 
  #
  # AddEncoding: allows you to have certain browsers (Mosaic/X 2.1+) uncompress
  # information on the fly. Note: Not all browsers support this.
  # Despite the name similarity, the following Add* directives have nothing
  # to do with the FancyIndexing customization directives above.
  #
  AddEncoding x-compress Z  ←  URIの拡張子部分ごとに、MIMEエンコーディングを指定
  AddEncoding x-gzip gz tgz
  #
  # AddLanguage: allows you to specify the language of a document. You can
  # then use content negotiation to give a browser a file in a language
  # it can understand.  Note that the suffix does not have to be the same
  # as the language keyword --- those with documents in Polish (whose
  # net-standard language code is pl) may wish to use "AddLanguage pl .po" 
  # to avoid the ambiguity with the common suffix for perl scripts.
  #
  AddLanguage en .en  ←  URIの拡張子部分ごとに、MIME言語名を指定
        アクセスされた際のURLの拡張子部分を判断し、
        ここで指定したMIME言語名をクライアントに伝えます。
  AddLanguage ja .ja
  AddCharset EUC-JP .euc  ←  ???
  AddCharset ISO-2022-JP .jis
  AddCharset SHIFT_JIS .sjis
  AddLanguage fr .fr
  AddLanguage de .de
  AddLanguage da .da
  AddLanguage el .el
  AddLanguage it .it
  #
  # LanguagePriority: allows you to give precedence to some languages
  # in case of a tie during content negotiation.
  # Just list the languages in decreasing order of preference.
  #
  LanguagePriority en ja fr de  ←  MIME言語名の優先順位を指定
  #DefaultLanguage ja  ←  MIME言語名が判別できない際のデフォルトを指定
  #
  # AddType: allows you to tweak mime.types without actually editing it, or to
  # make certain files to be certain types.
  #
  # For example, the PHP3 module (not part of the Apache distribution - see
  # http://www.php.net) will typically use:
  #
  <IfModule mod_php3.c>
    AddType application/x-httpd-php3 .php3  ←  URIの拡張子部分ごとに、MIMEタイプを指定
    AddType application/x-httpd-php3-source .phps
  </IfModule>
  # The following is for PHP/FI (PHP2):
  <IfModule mod_php.c>
    AddType application/x-httpd-php .phtml
  </IfModule>
  AddType application/x-tar .tgz
  #
  # AddHandler: allows you to map certain file extensions to "handlers",
  # actions unrelated to filetype. These can be either built into the server
  # or added with the Action command (see below)
  #
  # If you want to use server side includes, or CGI outside
  # ScriptAliased directories, uncomment the following lines.
  #
  # To use CGI scripts:
  #
  #AddHandler cgi-script .cgi  ←  拡張子により、そのハンドラーを指定
        アクセスされたURIの拡張子部分によって、
        特定のハンドラーを呼び出せるように設定します。
        ハンドラーとはアクセスを受けた際にファイルをそのまま返さず、
        あらかじめ用意した別の処理を行う機能で、cgi-script(CGIハンドラー)や
        server-parsed(SSIハンドラー)などが用意されています。
  #
  # To use server-parsed HTML files
  #
  AddType text/html .shtml
  AddHandler server-parsed .shtml
  #
  # Uncomment the following line to enable Apache's send-asis HTTP file
  # feature
  #
  #AddHandler send-as-is asis
  #
  # If you wish to use server-parsed imagemap files, use
  #
  AddHandler imap-file map
  #
  # To enable type maps, you might want to use
  #
  #AddHandler type-map var
  #
  # Action: lets you define media types that will execute a script whenever
  # a matching file is called. This eliminates the need for repeated URL
  # pathnames for oft-used CGI file processors.
  # Format: Action media/type /cgi-script/location
  # Format: Action handler-name /cgi-script/location
  #
  #
  # MetaDir: specifies the name of the directory in which Apache can find
  # meta information files. These files contain additional HTTP headers
  # to include when sending the document
  #
  #MetaDir .web  ←  ???
  #
  # MetaSuffix: specifies the file name suffix for the file containing the
  # meta information.
  #
  #MetaSuffix .meta  ←  ???
  #
  # Customizable error response (Apache style)
  #  these come in three flavors
  #
  #    1) plain text
  #ErrorDocument 500 "The server made a boo boo.
  #  n.b.  the (") marks it as text, it does not get output
  #
  #    2) local redirects
  #ErrorDocument 404 /missing.html
  #  to redirect to local URL /missing.html
  #ErrorDocument 404 /cgi-bin/missing_handler.pl
  #  N.B.: You can redirect to a script or a document using server-side-includes.
  #
  #    3) external redirects
  #ErrorDocument 402 http://some.other_server.com/subscription_info.html
  #  N.B.: Many of the environment variables associated with the original
  #  request will *not* be available to such a script.
  #
  # The following directives modify normal HTTP response behavior.
  # The first directive disables keepalive for Netscape 2.x and browsers that
  # spoof it. There are known problems with these browser implementations.
  # The second directive is for Microsoft Internet Explorer 4.0b2
  # which has a broken HTTP/1.1 implementation and does not properly
  # support keepalive when it is used on 301 or 302 (redirect) responses.
  #
  BrowserMatch "Mozilla/2" nokeepalive
          ↑  クライアントから送信されたブラウザ情報をもとに設定する
        サーバがクライアントから受け取ったヘッダのひとつである
        USER-AGENTヘッダにはクライアントソフトウェアの情報が入っており、
        ブラウザ情報やOSの情報を知る事が出来ます。
        そして、クライアントブラウザによって、
        特定の機能を有効にしたり無効にしたりする事が可能です。
       ※この指示子は、Apache 1.3以降でsetenvifモジュールにまとめられました。
  BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
  #
  # The following directive disables HTTP/1.1 responses to browsers which
  # are in violation of the HTTP/1.0 spec by not being able to grok a
  # basic 1.1 response.
  #
  BrowserMatch "RealPlayer 4\.0" force-response-1.0
  BrowserMatch "Java/1\.0" force-response-1.0
  BrowserMatch "JDK/1\.0" force-response-1.0
  # If the perl module is installed, this will be enabled.
  <IfModule mod_perl.c>
    Alias /perl/ /home/httpd/perl/
    <Location /perl>
      SetHandler perl-script  ←  ???
      PerlHandler Apache::Registry  ←  ???
      Options +ExecCGI  ←  オプションの指定
    </Location>
  </IfModule>
  #
  # Allow http put (such as Netscape Gold's publish feature)
  # Use htpasswd to generate /etc/httpd/conf/passwd.
  # You must unremark these two lines at the top of this file as well:
  #LoadModule put_module		modules/mod_put.so
  #AddModule mod_put.c
  #
  #Alias /upload /tmp
  #<Location /upload>
  #    EnablePut On  ←  ???
  #    AuthType Basic  ←  ユーザ認証の種別を選択
  #    AuthName Temporary  ←  認証に関する名称を設定
  #    AuthUserFile /etc/httpd/conf/passwd
          ↑  認証の際に利用する、ユーザ名を列挙したファイルの名前を指定します。
  #    EnableDelete Off  ←  ???
  #    umask 007  ←  ???
  #    <Limit PUT>
  #	require valid-user  ←  アクセスの制限を指定します
  #    </Limit>
  #</Location>
  #
  # Allow server status reports, with the URL of http://servername/server-status
  # Change the ".your_domain.com" to match your domain to enable.
  #
  #<Location /server-status>
  #    SetHandler server-status
  #    Order deny,allow
  #    Deny from all
  #    Allow from .your_domain.com
  #</Location>
  #
  # Allow remote server configuration reports, with the URL of
  #  http://servername/server-info (requires that mod_info.c be loaded).
  # Change the ".your_domain.com" to match your domain to enable.
  #
  #<Location /server-info>
  #    SetHandler server-info
  #    Order deny,allow
  #    Deny from all
  #    Allow from .your_domain.com
  #</Location>
  # Allow access to local system documentation from localhost
  Alias /doc/ /usr/doc/
  <Location /doc>
    order deny,allow
    deny from all
    allow from localhost
    Options Indexes FollowSymLinks
  </Location>
  #
  # There have been reports of people trying to abuse an old bug from pre-1.1
  # days.  This bug involved a CGI script distributed as a part of Apache.
  # By uncommenting these lines you can redirect these attacks to a logging 
  # script on phf.apache.org.  Or, you can record them yourself, using the script
  # support/phf_abuse_log.cgi.
  #
  #<Location /cgi-bin/phf*>
  #    Deny from all
  #    ErrorDocument 403 http://phf.apache.org/phf_abuse_log.cgi
          ↑  エラー時のメッセージを指定
        問題やエラーが発生したとき、独自のメッセージをクライアントに返すように、
        設定することが出来ます。 
        設定は、次の3種類を指定できます。
          1.メッセージを直接指定する
          2.メッセージを記述したファイルへのURIを指定する
          3.エラーメッセージへのリダイレクトを指定する
        ErrorDocument指示子の次にエラーコード(例えば、ファイルが無い場合は404)を記述し、
        その次にメッセージもしくはURI/URLを記述します。
          なお、メッセージを記述するときは " 記号を文字の先頭につけることにより認識されます。
        ※エラー時にCGIを呼び出す設定には気をつけてください。
        CGIがエラーのときにエラー処理のCGIが呼び出されない場合があります。
  #</Location>
  #
  # Proxy Server directives. Uncomment the following lines to
  # enable the proxy server:
  #
  #<IfModule mod_proxy.c>
  #ProxyRequests On
  #
  #<Directory proxy:*>
  #    Order deny,allow
  #    Deny from all
  #    Allow from .your_domain.com
  #</Directory>
  #
  # Enable/disable the handling of HTTP/1.1 "Via:" headers.
  # ("Full" adds the server version; "Block" removes all outgoing Via: headers)
  # Set to one of: Off | On | Full | Block
  #
  #ProxyVia On  ←  PROXY関連
  #
  # To enable the cache as well, edit and uncomment the following lines:
  # (no cacheing without CacheRoot)
  #
  #CacheRoot /var/cache/httpd
  #CacheSize 5  ←  PROXY関連
  #CacheGcInterval 4  ←  PROXY関連
  #CacheMaxExpire 24  ←  PROXY関連
  #CacheLastModifiedFactor 0.1  ←  PROXY関連
  #CacheDefaultExpire 1  ←  PROXY関連
  #NoCache a_domain.com another_domain.edu joes.garage_sale.com  ← ??? 
  #</IfModule>
  # End of proxy directives.
  ### Section 3: Virtual Hosts
  #
  # VirtualHost: If you want to maintain multiple domains/hostnames on your
  # machine you can setup VirtualHost containers for them.
  # Please see the documentation at <URL:http://www.apache.org/docs/vhosts/>
  # for further details before you try to setup virtual hosts.
  # You may use the command line option '-S' to verify your virtual host
  # configuration.
  #
  # If you want to use name-based virtual hosts you need to define at
  # least one IP address (and port number) for them.
  #
  #NameVirtualHost 12.34.56.78:80
          ↑  ネームベースのバーチャルホストを利用する際の対象IPアドレスを指定
  #NameVirtualHost 12.34.56.78
  #
  # VirtualHost example:
  # Almost any Apache directive may go into a VirtualHost container.
  #
  #<VirtualHost ip.address.of.host.some_domain.com>
  #    ServerAdmin webmaster@host.some_domain.com  ←  サーバ管理者のメールアドレスを指定
  #    DocumentRoot /www/docs/host.some_domain.com
          ↑  ドキュメントの置いているディレクトリを指定
  #    ServerName host.some_domain.com  ←  複数のホスト名を利用する際の動作を指定
  #    ErrorLog logs/host.some_domain.com-error_log  ←  エラーログのパス名を指定
  #    CustomLog logs/host.some_domain.com-access_log common  ←  ログをとる
  #</VirtualHost>
  #<VirtualHost _default_:*>
  #</VirtualHost>
Webサーバのログファイル

/var/log/httpd/access_logと/var/log/httpd/error_logに出力されます。

メモ

apacheでユーザのホームページを公開するには、ユーザのホームディレクトリのアクセス権でその他のアクセス権に実行権を与える必要があります。