Main server settings
The Apache server requires various settings to define its own parameters to provide web services. For the case of using a virtual host, in addition to the settings overridden in the definition of the virtual host (some settings must be redefined), the settings here are also the default settings of the virtual host.
Port 80
Port defines the port used by the httpd daemon in Standalone mode. The standard port is 80. This option is only valid for servers started in standalone mode. For servers started in inetd mode, which port to use is defined in inetd.conf.
Using port 80 under Unix requires root privileges. For security reasons, some administrators believe that the httpd server cannot have security vulnerabilities, so they prefer to use ordinary user privileges to start the server. This way Port 80 and other ports smaller than 1024 cannot be used, but a port larger than 1024 must be used to start httpd. Generally, 8000 or 8080 are also commonly used ports. The Apache httpd server itself can open port 80 with root privileges and then change it to run as an ordinary user. This reduces the risk and therefore does not need to consider this security issue. But if ordinary users also want to install and configure their own WWW server, they have to use a port greater than 1024.
User nobody
Group nogroup
User and Group configuration are the security guarantees of Apache. After Apache opens the port, it will set itself to the user and group set by these two options. permissions to run, thus reducing the risk of the server. This option is also only used in Standalone mode. Inetd mode specifies the user running Apache in inetd.conf. Since the server must perform the setuid() operation to change the identity, the initial process should have root privileges. If a non-root user is used to start Aapche, this configuration will not work.
The default settings are nobody and nogroup. This user and group do not own files in the system, ensuring that the server itself and the CGI process started by it do not have permission to change the file system. In some cases, for example, in order to run CGI and interact with Unix, the server also needs to access files on the server. If nobody and nogroup are still used, files belonging to nobody will appear in the system, which is detrimental to system security. , because other programs will also perform certain operations with the permissions of nobody and nogroup, it is possible to access files owned by these nobody, causing security problems. Normally you set a specific user and group for the Web service and change the user and group settings here.
ServerAdmin you@your.address
Perhaps the only thing that should be changed in the configuration file is ServerAdmin. This item is used to configure the email address of the administrator of the WWW server. This will cause an error in the HTTP service. Conditions are returned to the browser so that the web user can contact the administrator to report the error. It is customary to use the webmaster on the server as the administrator of the WWW server, and send emails sent to the webmaster to the real Web administrator through the alias mechanism of the mail server.
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
