CINXE.COM

mod_userdir - Apache HTTP Server Version 2.4

<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"><head> <meta content="text/html; charset=UTF-8" http-equiv="Content-Type" /> <!-- XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX This file is generated from xml source: DO NOT EDIT XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX --> <title>mod_userdir - Apache HTTP Server Version 2.4</title> <link href="../style/css/manual.css" rel="stylesheet" media="all" type="text/css" title="Main stylesheet" /> <link href="../style/css/manual-loose-100pc.css" rel="alternate stylesheet" media="all" type="text/css" title="No Sidebar - Default font size" /> <link href="../style/css/manual-print.css" rel="stylesheet" media="print" type="text/css" /><link rel="stylesheet" type="text/css" href="../style/css/prettify.css" /> <script src="../style/scripts/prettify.min.js" type="text/javascript"> </script> <link href="../images/favicon.ico" rel="shortcut icon" /></head> <body> <div id="page-header"> <p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p> <p class="apache">Apache HTTP Server Version 2.4</p> <img alt="" src="../images/feather.png" /></div> <div class="up"><a href="./"><img title="&lt;-" alt="&lt;-" src="../images/left.gif" /></a></div> <div id="path"> <a href="http://www.apache.org/">Apache</a> &gt; <a href="http://httpd.apache.org/">HTTP Server</a> &gt; <a href="http://httpd.apache.org/docs/">Documentation</a> &gt; <a href="../">Version 2.4</a> &gt; <a href="./">Modules</a></div> <div id="page-content"> <div id="preamble"><h1>Apache Module mod_userdir</h1> <div class="toplang"> <p><span>Available Languages: </span><a href="../en/mod/mod_userdir.html" title="English">&nbsp;en&nbsp;</a> | <a href="../fr/mod/mod_userdir.html" hreflang="fr" rel="alternate" title="Fran莽ais">&nbsp;fr&nbsp;</a> | <a href="../ja/mod/mod_userdir.html" hreflang="ja" rel="alternate" title="Japanese">&nbsp;ja&nbsp;</a> | <a href="../ko/mod/mod_userdir.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a> | <a href="../tr/mod/mod_userdir.html" hreflang="tr" rel="alternate" title="T眉rk莽e">&nbsp;tr&nbsp;</a></p> </div> <table class="module"><tr><th><a href="module-dict.html#Description">Description:</a></th><td>User-specific directories</td></tr> <tr><th><a href="module-dict.html#Status">Status:</a></th><td>Base</td></tr> <tr><th><a href="module-dict.html#ModuleIdentifier">Module聽Identifier:</a></th><td>userdir_module</td></tr> <tr><th><a href="module-dict.html#SourceFile">Source聽File:</a></th><td>mod_userdir.c</td></tr></table> <h3>Summary</h3> <div class="warning">By using this module you are allowing multiple users to host content within the same origin. The same origin policy is a key principle of Javascript and web security. By hosting web pages in the same origin these pages can read and control each other and security issues in one page may affect another. This is particularly dangerous in combination with web pages involving dynamic content and authentication and when your users don't necessarily trust each other.</div> <p>This module allows user-specific directories to be accessed using the <code>http://example.com/~user/</code> syntax.</p> </div> <div id="quickview"><a href="https://www.apache.org/foundation/contributing.html" class="badge"><img src="https://www.apache.org/images/SupportApache-small.png" alt="Support Apache!" /></a><h3 class="directives">Directives</h3> <ul id="toc"> <li><img alt="" src="../images/down.gif" /> <a href="#userdir">UserDir</a></li> </ul> <h3>Bugfix checklist</h3><ul class="seealso"><li><a href="https://www.apache.org/dist/httpd/CHANGES_2.4">httpd changelog</a></li><li><a href="https://bz.apache.org/bugzilla/buglist.cgi?bug_status=__open__&amp;list_id=144532&amp;product=Apache%20httpd-2&amp;query_format=specific&amp;order=changeddate%20DESC%2Cpriority%2Cbug_severity&amp;component=mod_userdir">Known issues</a></li><li><a href="https://bz.apache.org/bugzilla/enter_bug.cgi?product=Apache%20httpd-2&amp;component=mod_userdir">Report a bug</a></li></ul><h3>See also</h3> <ul class="seealso"> <li><a href="../urlmapping.html">Mapping URLs to the Filesystem</a></li> <li><a href="../howto/public_html.html">public_html tutorial</a></li> <li><a href="#comments_section">Comments</a></li></ul></div> <div class="top"><a href="#page-header"><img alt="top" src="../images/up.gif" /></a></div> <div class="directive-section"><h2><a name="UserDir" id="UserDir">UserDir</a> <a name="userdir" id="userdir">Directive</a></h2> <table class="directive"> <tr><th><a href="directive-dict.html#Description">Description:</a></th><td>Location of the user-specific directories</td></tr> <tr><th><a href="directive-dict.html#Syntax">Syntax:</a></th><td><code>UserDir <em>directory-filename</em> [<em>directory-filename</em>] ... </code></td></tr> <tr><th><a href="directive-dict.html#Context">Context:</a></th><td>server config, virtual host</td></tr> <tr><th><a href="directive-dict.html#Status">Status:</a></th><td>Base</td></tr> <tr><th><a href="directive-dict.html#Module">Module:</a></th><td>mod_userdir</td></tr> </table> <p>The <code class="directive">UserDir</code> directive sets the real directory in a user's home directory to use when a request for a document for a user is received. <em>Directory-filename</em> is one of the following:</p> <ul> <li>The name of a directory or a pattern such as those shown below.</li> <li>The keyword <code>disabled</code>. This turns off <em>all</em> username-to-directory translations except those explicitly named with the <code>enabled</code> keyword (see below).</li> <li>The keyword <code>disabled</code> followed by a space-delimited list of usernames. Usernames that appear in such a list will <em>never</em> have directory translation performed, even if they appear in an <code>enabled</code> clause.</li> <li>The keyword <code>enabled</code> followed by a space-delimited list of usernames. These usernames will have directory translation performed even if a global disable is in effect, but not if they also appear in a <code>disabled</code> clause.</li> </ul> <p>If neither the <code>enabled</code> nor the <code>disabled</code> keywords appear in the <code class="directive">Userdir</code> directive, the argument is treated as a filename pattern, and is used to turn the name into a directory specification. A request for <code>http://www.example.com/~bob/one/two.html</code> will be translated to:</p> <table> <tr><th>UserDir directive used</th> <th>Translated path</th></tr> <tr><td>UserDir public_html</td> <td>~bob/public_html/one/two.html</td></tr> <tr><td>UserDir /usr/web</td> <td>/usr/web/bob/one/two.html</td></tr> <tr><td>UserDir /home/*/www</td> <td>/home/bob/www/one/two.html</td></tr> </table> <p>The following directives will send redirects to the client:</p> <table> <tr><th>UserDir directive used</th> <th>Translated path</th></tr> <tr><td>UserDir http://www.example.com/users</td> <td>http://www.example.com/users/bob/one/two.html</td></tr> <tr><td>UserDir http://www.example.com/*/usr</td> <td>http://www.example.com/bob/usr/one/two.html</td></tr> <tr><td>UserDir http://www.example.com/~*/</td> <td>http://www.example.com/~bob/one/two.html</td></tr> </table> <div class="note"> <strong>Be careful when using this directive; for instance, <code>"UserDir ./"</code> would map <code>"/~root"</code> to <code>"/"</code> - which is probably undesirable. It is strongly recommended that your configuration include a "<code>UserDir disabled root</code>" declaration. See also the <code class="directive"><a href="../mod/core.html#directory">Directory</a></code> directive and the <a href="../misc/security_tips.html">Security Tips</a> page for more information.</strong> </div> <p>Additional examples:</p> <p>To allow a few users to have <code>UserDir</code> directories, but not anyone else, use the following:</p> <pre class="prettyprint lang-config">UserDir disabled UserDir enabled user1 user2 user3</pre> <p>To allow most users to have <code>UserDir</code> directories, but deny this to a few, use the following:</p> <pre class="prettyprint lang-config">UserDir disabled user4 user5 user6</pre> <p>It is also possible to specify alternative user directories. If you use a command like:</p> <pre class="prettyprint lang-config">UserDir "public_html" "/usr/web" "http://www.example.com/"</pre> <p>With a request for <code>http://www.example.com/~bob/one/two.html</code>, will try to find the page at <code>~bob/public_html/one/two.html</code> first, then <code>/usr/web/bob/one/two.html</code>, and finally it will send a redirect to <code>http://www.example.com/bob/one/two.html</code>.</p> <p>If you add a redirect, it must be the last alternative in the list. Apache httpd cannot determine if the redirect succeeded or not, so if you have the redirect earlier in the list, that will always be the alternative that is used.</p> <p>User directory substitution is not active by default in versions 2.1.4 and later. In earlier versions, <code>UserDir public_html</code> was assumed if no <code class="directive">UserDir</code> directive was present.</p> <div class="note"><h3>Merging details</h3> <p> Lists of specific enabled and disabled users are replaced, not merged, from global to virtual host scope</p></div> <h3>See also</h3> <ul> <li> <a href="../howto/public_html.html">Per-user web directories tutorial</a> </li> </ul> </div> </div> <div class="bottomlang"> <p><span>Available Languages: </span><a href="../en/mod/mod_userdir.html" title="English">&nbsp;en&nbsp;</a> | <a href="../fr/mod/mod_userdir.html" hreflang="fr" rel="alternate" title="Fran莽ais">&nbsp;fr&nbsp;</a> | <a href="../ja/mod/mod_userdir.html" hreflang="ja" rel="alternate" title="Japanese">&nbsp;ja&nbsp;</a> | <a href="../ko/mod/mod_userdir.html" hreflang="ko" rel="alternate" title="Korean">&nbsp;ko&nbsp;</a> | <a href="../tr/mod/mod_userdir.html" hreflang="tr" rel="alternate" title="T眉rk莽e">&nbsp;tr&nbsp;</a></p> </div><div class="top"><a href="#page-header"><img src="../images/up.gif" alt="top" /></a></div><div class="section"><h2><a id="comments_section" name="comments_section">Comments</a></h2><div class="warning"><strong>Notice:</strong><br />This is not a Q&amp;A section. Comments placed here should be pointed towards suggestions on improving the documentation or server, and may be removed by our moderators if they are either implemented or considered invalid/off-topic. Questions on how to manage the Apache HTTP Server should be directed at either our IRC channel, #httpd, on Libera.chat, or sent to our <a href="https://httpd.apache.org/lists.html">mailing lists</a>.</div> <script type="text/javascript"><!--//--><![CDATA[//><!-- var comments_shortname = 'httpd'; var comments_identifier = 'http://httpd.apache.org/docs/2.4/mod/mod_userdir.html'; (function(w, d) { if (w.location.hostname.toLowerCase() == "httpd.apache.org") { d.write('<div id="comments_thread"><\/div>'); var s = d.createElement('script'); s.type = 'text/javascript'; s.async = true; s.src = 'https://comments.apache.org/show_comments.lua?site=' + comments_shortname + '&page=' + comments_identifier; (d.getElementsByTagName('head')[0] || d.getElementsByTagName('body')[0]).appendChild(s); } else { d.write('<div id="comments_thread">Comments are disabled for this page at the moment.<\/div>'); } })(window, document); //--><!]]></script></div><div id="footer"> <p class="apache">Copyright 2024 The Apache Software Foundation.<br />Licensed under the <a href="http://www.apache.org/licenses/LICENSE-2.0">Apache License, Version 2.0</a>.</p> <p class="menu"><a href="../mod/">Modules</a> | <a href="../mod/directives.html">Directives</a> | <a href="http://wiki.apache.org/httpd/FAQ">FAQ</a> | <a href="../glossary.html">Glossary</a> | <a href="../sitemap.html">Sitemap</a></p></div><script type="text/javascript"><!--//--><![CDATA[//><!-- if (typeof(prettyPrint) !== 'undefined') { prettyPrint(); } //--><!]]></script> </body></html>

Pages: 1 2 3 4 5 6 7 8 9 10