Apache Module mod_info
Apache Module mod_info
|Description:||Provides a comprehensive overview of the server configuration|
mod_info, add the following to your
<Location "/server-info"> SetHandler server-info </Location>
You may wish to use
mod_authz_host inside the
<Location> directive to limit access to your server configuration information:
<Location "/server-info"> SetHandler server-info Require host example.com </Location>
Once configured, the server information is obtained by accessing
mod_info is loaded into the server, its handler capability is available in all configuration files, including per-directory files (e.g.,
.htaccess). This may have security-related ramifications for your site.
In particular, this module can leak sensitive information from the configuration directives of other Apache modules such as system paths, usernames/passwords, database names, etc. Therefore, this module should only be used in a controlled environment and always with caution.
You will probably want to use
mod_authz_host to limit access to your server configuration information.
<Location "/server-info"> SetHandler server-info # Allow access from server itself Require ip 127.0.0.1 # Additionally, allow access from local workstation Require ip 192.168.1.17 </Location>
Selecting the information shown
By default, the server information includes a list of all enabled modules, and for each module, a description of the directives understood by that module, the hooks implemented by that module, and the relevant directives from the current configuration.
Other views of the configuration information are available by appending a query to the
server-info request. For example,
http://your.host.example.com/server-info?config will show all configuration directives.
- Only information relevant to the named module
- Just the configuration directives, not sorted by module
- Only the list of Hooks each module is attached to
- Only a simple list of enabled modules
- Only the basic server information
- List the providers that are available on your server
Dumping the configuration on startup
If the config define
-DDUMP_CONFIG is set,
mod_info will dump the pre-parsed configuration to
stdout during server startup.
httpd -DDUMP_CONFIG -k start
Pre-parsed means that directives like
<IfModule> are evaluated and environment variables are replaced. However it does not represent the final state of the configuration. In particular, it does not represent the merging or overriding that may happen for repeated directives.
This is roughly equivalent to the
mod_info provides its information by reading the parsed configuration, rather than reading the original configuration file. There are a few limitations as a result of the way the parsed configuration tree is created:
- Directives which are executed immediately rather than being stored in the parsed configuration are not listed. These include
- Directives which control the configuration file itself, such as
<IfDefine>are not listed, but the included configuration directives are.
- Comments are not listed. (This may be considered a feature.)
- Configuration directives from
.htaccessfiles are not listed (since they do not form part of the permanent server configuration).
- Container directives such as
<Directory>are listed normally, but
mod_infocannot figure out the line number for the closing
- Directives generated by third party modules such as mod_perl might not be listed.
|Description:||Adds additional information to the module information displayed by the server-info handler|
AddModuleInfo module-name string
|Context:||server config, virtual host|
This allows the content of
string to be shown as HTML interpreted, Additional Information for the module
AddModuleInfo mod_deflate.c 'See <a \ href="http://httpd.apache.org/docs/2.4/mod/mod_deflate.html">\ http://httpd.apache.org/docs/2.4/mod/mod_deflate.html</a>'
© 2018 The Apache Software Foundation
Licensed under the Apache License, Version 2.0.