Options
Optionsoptionoption ...Default: All Server config, virtual host, directory, .htaccess
The Options
directive is unusually multipurpose
and does not fit into any one site or strategic context, so we had
better look at it on its own. It gives the webmaster some
far-reaching control over what people get up to on their own sites.
option can be set to
None, in which case none of the extra features are
enabled, or one or more of the following:
Even though the server follows the symlink, it does not change the
pathname used to match against <Directory>
sections.
This option gets ignored if set inside a
<Location> section (see Chapter 14).
Includes
Server-side includes are permitted — and forbidden if this is not set.
IncludesNOEXEC
Server-side includes are permitted, but the #exec
command and #exec CGI are disabled. It is still
possible to #include virtual CGI scripts from
ScriptAliased directories.
Indexes
If the customer requests a URL that maps to a directory and there is no index.html there, this option allows the suite of indexing commands to be used, and a formatted listing is returned (see Chapter 7 ).
MultiViews
Content-negotiated MultiViews are supported. This
includes AddLanguage and image negotiation (see
Chapter 6).
SymLinksIfOwnerMatch
The server will only follow symbolic links for which the target file or directory is owned by the same user id as the link.
The arguments can be preceded by + or
-, in which case they are added or removed. The
following command, for example, adds Indexes but
removes ExecCGI:
Options +Indexes -ExecCGI
If no options are set and there is no
<Limit> directive, the effect is as if
All had been set, which means, of course, that
MultiViews is notset. If any options are set, All is
turned off.
This has at least one odd effect, which we will demonstrate at .../site.options. Notice that the file go has been slightly modified:
test -d logs || mkdir logs httpd -f 'pwd'/conf/httpd$1.conf -d 'pwd'
There is an ... /htdocs directory without an index.html and a very simple Config file:
User Webuser Group Webgroup ServerName www.butterthlies.com DocumentRoot /usr/www/APACHE3/APACHE3/site.ownindex/htdocs
Type ./go in the usual way. As you access the
site, you see a directory of ... /htdocs. Now,
if you copy the Config file to .../conf/httpd1.conf
and add the line:
Options ExecCGI
Kill Apache, restart it with ./go 1, and access it
again, you see a rather baffling message:
FORBIDDEN You don't have permission to access / on this server
(or something similar, depending on your browser). The reason is that
when Options is not mentioned, it is, by default,
set to All. By switching
ExecCGI on, you switch all the others off,
including Indexes. The cure for the problem is to
edit the Config file (.../conf/httpd2.conf) so
that the new line reads:
Options +ExecCGI
Similarly, if + or - are not
used and multiple options could apply to a directory, the last most
specific one is taken. For example
(.../conf/httpd3.conf ):
Options ExecCGI Options Indexes
results in only Indexes being set; it might
surprise you that CGIs did not work. The same effect can arise
through multiple <Directory> blocks:
<Directory /web/docs> Options Indexes FollowSymLinks </Directory> <Directory /web/docs/specs> Options Includes </Directory>
Only Includes is set for
/web/docs/specs.