Configuration Settings

There are two types of configuration settings within the Zeus Web Server; those that control individual virtual servers (per-Virtual Server configuration), and those that affect all Virtual Servers for a given Zeus instance (global configuration).

Global server configurations are stored in the $ZEUSHOME/web/global.cfg file.

Per-Virtual Server configurations are stored in individual Virtual Server configuration files in $ZEUSHOME/webadmin/conf/sites directory.

The following is a comprehensive list of all global and per-Virtual Server configuration parameters. For more details on per-Virtual Server configurations, please refer to the Zeus Web Server product documentation. For more details on configuration and tuning, see the Support Web site.


Global server configuration settings

 
 

Per-Virtual Server configuration settings

 

Global server configuration settings

General configurables (global)

Name Description Default
(when not present)
controlport Integer: the port on which this instance of the web server receives control messages (from the admin server). 9080
controlallow String: comma separated list of IP masks (for example, 192.111.1.0/24) of machines from which control requests to the web server are allowed 127.0.0.1
uid Integer: the default uid which zeus.web children and runners are given 0
gid Integer: the default gid which zeus.web children and runners are given 0
balancer!enabled Boolean: set when the web server is a back-end server behind a Zeus Load Balancer no


Runner tunables

Name Description Default
(when not present)

zeus.statd

tuning!modules!stats!enabled Boolean: whether to enable statistics reporting (that is, statd) yes
tuning!modules!stats!days_to_archive Integer: Days to keep stats data before archiving it (using tar + compress). Zero means never archive. 7
tuning!modules!stats!archive_dir String: directory to archive stats to (blank means silently delete old stats) <blank>
 

zeus.nsapi

tuning!modules!nsapi!enabled Boolean: whether to enable the nsapi runner (zeus.nsapi) yes
 

zeus.isapi

tuning!modules!isapi!enabled Boolean: whether to enable the isapi runner (zeus.isapi) yes
tuning!modules!isapi!external!uid Integer: user id which isapi runner should run as 0
tuning!modules!isapi!external!gid Integer: group id which isapi runner should run as 0
tuning!modules!isapi!external!minthreads Integer: sets the minimum number of threads that the ISAPI runner will spawn (unimplemented) 1
tuning!modules!isapi!external!maxthreads Integer: sets the maximum number of threads that the ISAPI runner will spawn 128
tuning!modules!isapi!external!maxqsize Integer: the maximum queue size for the ISAPI worker thread pool 128*4
tuning!modules!isapi!external!stacksize Integer: (unimplemented) -1
tuning!modules!isapi!external!restartmaxconnections Integer: This causes the ISAPI runner to restart after it receives that many connections. This is primarily to assist running buggy ISAPI filters/extensions that are liable to leak memory. 0 (off)
 

zeus.cgi

tuning!cgid!enabled Boolean: whether to enable to cgi runner yes
tuning!num_cgid Integer: number of cgi runner processes (zeus.cgid) to run 1
 

zeus.ssld

tuning!modules!ssld!library String: the name of the crypto library with which to run. If this is not present, then do not run the ssl runner. <blank>
tuning!modules!ssld!libdir String: any additions to zeus.ssld's LD_LIBRARY_PATH. <blank>
tuning!modules!ssld!nworkers Integer: number of threads in the ssl thread pool (0 means accept compile-time default, 128 at time of writing) 0
tuning!modules!ssld!queuelen Integer: queue length for the ssl thread pool (0 means accept compile-time default, 128*4 at time of writing) 0


TCP tunables

Name Description Default
(when not present)
tuning!listen_queue_size Size of the TCP listen queue 256
tuning!so_rbuff_size Size of the server socket buffer (so_rbuff_size) (bytes) <unset>
tuning!so_wbuff_size Size of the socket write buffer (bytes) <unset>
tuning!so_nagle_off Boolean: disable nagle on each request yes
tuning!multiple_accept Boolean: do multiple accept() calls upon a read bit on the server socket from a poll()/select() yes
tuning!maxaccept Maximum number of accept() calls per server socket per poll()/select() 32
tuning!unique_bind Force each child processes to bind to a unique IP address, and not to each interface no
tuning!bind_any Boolean: have server sockets bind to IPADDR_ANY (mutually exclusive to unique_bind) yes
tuning!use_poll Boolean: use poll() instead of select() yes
maxfds Maximum number of file descriptors to set by setrlimit() (zero means as many as are available) 0


Cache tunables

Name Description Default
(when not present)
tuning!cache_files Size of the web server file cache (number of files) 8011
tuning!cache_small_file Maximum size of a 'small' file (bytes) (system page size) 4096
tuning!cache_large_file Minimum size of a 'large' file (bytes) 1048577
tuning!cache_stat_expire Time for which the response of a stat() call is cached (seconds) 17
tuning!cache_max_bytes Maximum size to reserve for cached files (bytes) (0 = no limit) 33554432
tuning!cache_flush_interval Time after which unaccessed files are flushed from the cache (seconds) 120


Sendfile tunables

Name Description Default
(when not present)
tuning!sendfile Boolean: enable sendfile (supported platforms only) yes
tuning!sendfile_reservefd number of file descriptors to reserve for sendfile() fd cache (10% of all descriptors if unset) <unset>
tuning!sendfile_minsize minimum file size to be sent with sendfile (bytes) 32768
tuning!sendfile_maxsize maximum file size to be sent with sendfile (bytes) 2147483647


HTTP tunables

Name Description Default
(when not present)
tuning!softservers Boolean: enable 'software' Virtual Servers yes
tuning!keepalive Boolean: enable 'keepalive' yes
tuning!keepalive_timeout Time after which an inactive keepalive connection will be closed (seconds) 15
tuning!keepalive_max Maximum permitted number of keepalive connections (-1 means no limit) 256
tuning!limit_requestheader Integer: Maximum acceptable header size 102400
tuning!limit_requestheaderkeylen Integer: Maximum acceptable length of a header key (such as "Host") 256
tuning!limit_requestheadervallen Integer: Maximum acceptable length of a header value (such as a cookie) 5120
tuning!limit_requestbody Integer: Maximum acceptable request body size (0 == unlimited) 0


SSL tunables

Name Description Default
(when not present)
tuning!ssl_diskcache Boolean: use 2nd level on-disk cache for storing SSL session information no <if tuning!num_children = 1>
yes <if tuning!num_children > 1>


Log management tunables

Name Description Default
(when not present)
tuning!logmanager_cachesize Number of file-descriptors reserved by the logmanager cache 31


Other tunables

Name Description Default
(when not present)
tuning!num_children Number of child zeus.web processes to run 1
tuning!timeout Timeout for client transfers (seconds) 120
tuning!check_symlinks Configure symlink checking (0 = no symlink checking; 1 = always deny symlinked files; 2 = allow if owner of symlink is owner of destination) 0
tuning!dns_resolv.conf String: The name of the resolv.conf file used when starting asynchronous DNS /etc/resolv.conf
tuning!dns_hosts String: The name of the hosts file used when starting asynchronous DNS NULL
tuning!dnscache Integer: size of the DNS cache 10867
tuning!dnscache_expire Integer: Maximum time before DNS entries expire from the internal cache 12 * 60 * 60 (=12 hours)
tuning!maxssidepth Integer: Not used 4
tuning!ssiexpire Integer: Not used 0
tuning!cbuff_size Integer: Cbuff size 8192
tuning!socket_opt Boolean: Socket optimizations active Yes
tuning!reg_cache Boolean: Not used Yes
tuning!support_ssl2 Boolean: Whether to support SSLv2 Yes
tuning!support_ssl3 Boolean: Whether to support SSLv3 Yes
tuning!ssl_keepalive Boolean: Whether to keepalive SSL connections No
tuning!ssl_sessioncache_size Integer: Size of ssl session cache. Should be prime 199
tuning!ssl_sessioncache_expiry Integer: Number of seconds cache data are valid for 24*60*60 (24 hours)
tuning!ca_dir String: Directory containing certificates $ZEUSHOME/etc/CAs
tuning!accept_mutex Boolean: Whether to use a mutex around a socket's accept No
tuning!ldap_timeout Integer: Timeout (in seconds) for an LDAP query 5
tuning!child_priority Integer: Priority we should run our workers at -2
tuning!grandchild_priority Integer: Priority CGIs etc. get run at 1
tuning!crypt_cache_size Integer: Size of crypt() cache 1001
tuning!hash_cache_size Integer: Size of PEM-encoded MD5 cache 1001
tuning!logmanager_open_as_root Boolean: Whether to open log files (for append) as root or not Yes
tuning!use_nca Boolean: Whether to enable Sun NCA support No
tuning!configfile_perms Octal: the file permissions for the config files written to $ZEUSHOME/web/runningsites (same style as 'chmod') 400


CGI module (global)

Name Description Default
(when not present)
tuning!modules!cgi!cleansize Number of file descriptors to close before exec unimplemented
tuning!modules!cgi!defaultuid Integer: default uid with which CGIs will be run 65534
tuning!modules!cgi!defaultgid Integer: default gid with which CGIs will be run 65534
tuning!modules!cgi!logstderr Boolean: log to stderr instead of client Yes
tuning!modules!cgi!minuid Integer: minimum uid with which CGIs can run 0
tuning!modules!cgi!mingid Integer: minimum gid with which CGIs can run 0


ISAPI module (global)

Name Description Default
(when not present)
tuning!modules!isapi!dlopen_global Boolean: Whether to dlopen modules globally no
tuning!modules!isapi!ext_cache ISAPI DLL cache size (0 = no cache) 101


Log module (global)

Name Description Default
(when not present)
tuning!modules!log!external_locking Boolean: Whether to use external write locking (unimplemented) no
tuning!modules!log!auto_rotate Boolean: auto rotation of logs yes
tuning!modules!log!cache_size Integer: Minimum size of filesystem writes (in bytes) 32*1024
tuning!modules!log!flush_time Integer: Time between log flushes in seconds 10


Per-Virtual Server configuration settings

General configuration

Name Description Default
(when not present)
errloglevel Integer: the minimum level of error which gets logged (higher is more serious) <maximum logging>
ip_name Server address (URL) of the Virtual Server <user_specified>
port port on which the Virtual Server listens 80
comment Server comment (URL encoded) <blank>
docroot Virtual Server's filesystem document root <blank>
creationdate date on which server was created (unixtime) <unixtime>
webmaster Webmaster e-mail address. If unset, the admin server makes a guess based on webmaster@<hostname>, having stripped off the www. prefix <unset>
dnslookup Boolean: enable reverse DNS lookup no
errlog Filepath location of the error logfile $ZEUSHOME/web/log/errors
aliases Space-separated list of soft-Virtual Server aliases <blank>
bindaddr Space-separated list of explicit bind addresses for Virtual Server <blank>
bindport Space-separated list of explicit bind ports for Virtual Server <blank>


Environment variables

Name Description Default
(when not present)
env!inherited!<ENV> Inherit the value of the environment variable <ENV> from the shell (PATH and TZ by default) <unset>
env!extra!<ENV> Value to be assigned to the environment variable <ENV> <unset>


SSL configuration

Name Description Default
(when not present)
security!enabled Boolean: enable SSL no
security!client_cert Client certificate status (0 = do not request certs; 1 = request cert if available; 2 = require cert for access) 0
security!private_key Filesystem location of private certificate <user_specified>
security!public_key Filesystem location of public certificate <user_specified>


Access module

Name Description Default
(when not present)
modules!access!enabled Boolean: enable access module no
modules!access!verbose Boolean: log access trace information to the web server error log no
modules!access!conf_version Integer: a version number: if this is incremented then the access module is reloaded (unimplemented) <unset>
modules!access!users!<user> Password of the user <user> (encrypted) <unset>
modules!access!groups!<group> Establish group <group> <unset>
modules!access!groups!<group>!<user> Add user <user> to group <group> <unset>
modules!access!rules!<rule_number>!type Type of rule (allow or deny) <unset>
modules!access!rules!<rule_number>!hosts String: hostname(s) that rule <rule_number> affects optionally according to a regular expression prefixed by a "~" <unset>
modules!access!rules!<rule_number>!ips String: IP address(es) that rule <rule_number> affects optionally according to a regular expression prefixed by a "~" <unset>
modules!access!rules!<rule_number>!<group> Group <group> that rule <rule_number> affects <none>
modules!access!rules!<rule_number>!url String: url (prefix) for this rule optionally according to a regular expression prefixed by a "~" <unset>
modules!access!rules!<rule_number>!<user> User <user> that rule <rule_number> affects <none>
modules!access!ldap!enabled Boolean: use an LDAP database for the access module no
modules!access!ldap!binddn Distinguished name of the LDAP object to bind as <unset>
modules!access!ldap!passwd Password of the LDAP binddn object <unset>
modules!access!ldap!ttl Integer: ttl for LDAP cache (seconds) 120
modules!access!ldap!group_url LDAP URL used to return group data for a given user ($u) <unset>
modules!access!ldap!user_url LDAP URL used to return password data for a given user ($u) <unset>


CGI module

Name Description Default
(when not present)
modules!cgi!enabled Boolean: enable the CGI module no
modules!cgi!allowanywhere Allow CGI scripts to be run from any docroot location no
modules!cgi!allowcmd Boolean: allow the SSI exec command no
modules!cgi!ulimitas Maximum address space per CGI (bytes, 0 indicates unlimited) 0
modules!cgi!ulimitcpu Maximum CPU time per CGI (seconds, 0 indicates unlimited) 0
modules!cgi!ulimitdata Maximum data segments per CGI (bytes, 0 indicates unlimited) 0
modules!cgi!ulimitnproc Maximum number of processes available to CGI user (0 indicates unlimited) 0
modules!cgi!ulimittime Integer: maximum clock time for CGI scripts <unset>
modules!cgi!autoid User and group for CGI to run as (0 = user specified; 1 = file owner, 2 = docroot owner) 0
modules!cgi!uid User for CGI to run as (when autoid = 0) <unset>
modules!cgi!gid Group for CGI to run as (when autoid = 0) <unset>
modules!cgi!priority Integer: priority to give CGI runner processes <value of tuning!grandchild_priority>
modules!cgi!chroot Boolean: run CGI scripts chrooted no
modules!cgi!chroot_dirs!<dir> Chroot to filesystem directory <dir> before executing CGI <unset>
modules!cgi!logenabled Boolean: enable logging of cgi scripts to specific files no
modules!cgi!logfile File to log cgi errors(%d => docroot, %t => date stamp, %v => Virtual Server name) <unset>
modules!cgi!logsize Maximum size to allow the cgi error file to grow to (kb, 0 indicates unlimited) 0
modules!cgi!logid Who owns the cgi error log file ( docroot = docroot owner, script = script owner ) script


Dirlist module

Name Description Default
(when not present)
modules!dirlist!enabled Boolean: enable the Dirlist module no


Distributed module

Name Description Default
(when not present)
modules!distributed!enabled Boolean: enable the distributed module no
modules!distributed!timeout Integer: (unimplemented) 120
modules!distributed!authd!urls!<url>!server The host:port to be used for the authentication API for the URL <url> <unset>
modules!distributed!authd!urls!<url>!realm The realm to be used for the authentication API for the URL <url> <unset>
modules!distributed!sockd!mappings!<name> The host:port to be used for the content API for the service name <name> <unset>
modules!distributed!sockd!prefix The service prefix to be used for the content API /server/socket/
modules!distributed!servlet!server The host:port to be used for the Java Servlet server <unset>
modules!distributed!servlet!prefix The service prefix to be used for Java Servlets <unset>


Errors module

Name Description Default
(when not present)
modules!errors!enabled Boolean: enable the Errors module no
modules!errors!directory Filesystem path to the directory containing custom error pages <unset>


FastCGI module

Name Description Default
(when not present)
modules!fastcgi!enabled Boolean: enable the FastCGI module no
modules!fastcgi!remote!<path> The host:port to be used for the remote FastCGI referenced by docroot path <path> <unset>
modules!fastcgi!authorizers!<dir> The location of the FastCGI used to authenticate the docroot directory <dir> <unset>
modules!fastcgi!env!<ENV> Value to be assigned to the environment variable <ENV> <unset>


FrontPage module

Name Description Default
(when not present)
modules!frontpage!enabled Boolean: enable the FrontPage module no
modules!frontpage!fphome String: Filesystem location of the FrontPage distribution /usr/local/frontpage


Get module

Name Description Default
(when not present)
modules!get!enabled Boolean: enable the Get module no


Htaccess module

Name Description Default
(when not present)
modules!htaccess!enabled Boolean: enable the htaccess module no
modules!htaccess!accessfilename String: name of the local htaccess files .htaccess
modules!htaccess!globalfile String: filesystem location of the global htaccess file <unset>


Imagemap module

Name Description Default
(when not present)
modules!imagemap!enabled Boolean: enable the Imagemap module no


Index module

Name Description Default
(when not present)
modules!index!enabled Boolean: enable the Index module no
modules!index!files String: filenames to use as the default index page (priority left to right) <unset>


ISAPI module

Name Description Default
(when not present)
modules!isapi!enabled Boolean: enable the ISAPI module no
modules!isapi!filters!<file> String: filename <file> of in-process ISAPI filter <unset>
modules!isapi!efilters!<file> String: filename <file> of out-of-process ISAPI filter <unset>
modules!isapi!external!maxthreads Integer: sets the maximum number of threads that the ISAPI runner will spawn 128
modules!isapi!external!minthreads Integer: sets the minimum number of threads that the ISAPI runner will spawn (unimplemented) 1
modules!isapi!runeextensions Boolean: run ISAPI extensions out-of-process no


JServ module

Name Description Default
(when not present)
modules!jserv!enabled Boolean: enable the JServ module no
modules!jserv!mounts!<mount>!server Servlet server hostname for the mount point <mount> <user_specified>
modules!jserv!mounts!<mount>!port Servlet server port for the mount point <mount> 8007
modules!jserv!mounts!<mount>!zone Servlet zone for the mount point <mount> root
modules!jserv!mounts!<mount>!protocol Protocol for the mount point <mount> (ajpv11/ajpv12) ajpv11


Log module

Name Description Default
(when not present)
modules!log!enabled Boolean: enable the Log module no
modules!log!filename Filename for the request log <unset>
modules!log!format format to use for the request log output %h %l %u %t "%r" %s %b
modules!log!ssi Boolean: whether SSI subrequests are logged yes


Map module

Name Description Default
(when not present)
modules!map!enabled Boolean: enable the Map module no
modules!map!handlers!<extension> String: path and name of the handler for the given extension <unset>
modules!map!homedir!enabled Boolean: enable user home directories yes
modules!map!homedir!file String: file to use in order to associate usernames with their home directory filesystem locations /etc/passwd
modules!map!homedir!ldap_numeric Boolean: whether to validate when referrer is missing no
modules!map!homedir!path String: explicit home directory path <unset>
modules!map!homedir!dir String: subdirectory to use from the home directories public_html
modules!map!homedir!ldap_filter String: unimplemented cn=%u
modules!map!homedir!ldap_url1 LDAP URL for username <unset>
modules!map!homedir!ldap_url2 Additional LDAP URL for nested queries for username <unset>
modules!map!homedir!ldap_homeprefix Filesystem home directory prefix <user_specified>
modules!map!homedir!ldap_binddn Distinguished name of the LDAP object to bind as <user_specified>
modules!map!homedir!ldap_passwd Password of the LDAP binddn object (encrypted) <user_specified>
modules!map!homedir!ldap_cachettl Integer: ttl for LDAP cache 30
modules!map!alias!<docroot_path>!type Alias type to use for alias of docroot path <docroot_path> (simple/cgi/fastcgi/isapi) <unset>
modules!map!alias!<docroot_path>!filepath Filesystem path to use for alias of docroot path <docroot_path> <unset>
modules!map!alias_types!<type> Mime type to use for alias of type <type> (by default, simple is application/x-httpd-alias, cgi is application/x-httpd-cgi, fastcgi, isapi) <unset>


MIME module

Name Description Default
(when not present)
modules!mime!enabled Boolean: enable the MIME module no
modules!mime!default Default MIME type text/plain
modules!mime!types!<extension> String: MIME type to use for extension <extension> <unset>


NSAPI module

Name Description Default
(when not present)
modules!nsapi!enabled Boolean: enable the NSAPI module no
modules!nsapi!config_root String: filesystem location for NSAPI configuration <unset>
modules!nsapi!uid User for NSAPI processes to run as (unset defaults to child web server process) <unset>
modules!nsapi!gid Group for NSAPI processes to run as (unset defaults to child web server process) <unset>


Put module

Name Description Default
(when not present)
modules!put!enabled Boolean: enable the Put module no
modules!put!save_as_user Boolean: set uploaded file ownership as the uid/gid with which the web server is running, otherwise the supplied authenticated user must be in /etc/passwd no


Referrer module

Name Description Default
(when not present)
modules!referrer!allowmissingreferrer Boolean: Whether to validate when referrer is missing no
modules!referrer!enabled Boolean: enable the Referrer module no
modules!referrer!suffixes unimplemented unimplemented
modules!referrer!mimetypes Space-separated list of MIME types for referer validation <unset>
modules!referrer!denyurl URL that denied requests will be redirected to <unset>
modules!referrer!validreferrers Space-separated list of valid referrer hostnames, IP addresses or IP masks <unset>


Search module

Name Description Default
(when not present)
modules!search!enabled Boolean: enable the Search module no
modules!search!index Index file <unset>
modules!search!url URL for search queries <unset>
modules!search!input_template Input template file <unset>
modules!search!output_template Output template file <unset>


Spelling Spelling module

Name Description Default
(when not present)
modules!spelling!enabled Boolean: enable the Spelling module no
modules!spelling!repairtype Fix case problems only (0) or misspellings as well (1) 0


Stats module

Name Description Default
(when not present)
modules!stats!enabled Boolean: enable the Stats module no


Subserver module

Name Description Default
(when not present)
modules!subserver!custom_dso String: the name of the custom dso to use $ZEUSHOME/web/bin/subserver_map.so
modules!subserver!enabled Boolean: enable the Subserver module no
modules!subserver!layout Filesystem layout (standard layout = 0, simple multi-directory = 1, complex multi-directory = 2, custom Subserver map = 3) 0
modules!subserver!prefix URL Prefix <unset>
modules!subserver!suffix URL Suffix <unset>
modules!subserver!autoserveradmin Boolean: auto-determine webmaster email address no
modules!subserver!autoserveradminuser username to use for webmaster email address <unset>


Throttle module

Name Description Default
(when not present)
modules!throttle!enabled Boolean: enable the Throttle module no
modules!throttle!limit Throughput limit for Virtual Server (bytes/second). Zero means no limit 0
modules!throttle!maxconns Maximum simultaneous connections for Virtual Server. Zero means no limit 0
modules!throttle!subserver Boolean: enable/disable independent throttle limits for each Subserver no


Usertrack module

Name Description Default
(when not present)
modules!usertrack!enabled Boolean: enable the Usertrack module no
modules!usertrack!cookiename Usertrack cookie prefix ZeusCookieMachine
modules!usertrack!expiry Boolean: enable explicit cookie expiry times no
modules!usertrack!expire!days Number of days for cookie to persist. Summed with ...!hours <user_specified>
modules!usertrack!expire!hours Number of hours for cookie to persist. Summed with ...!days <user_specified>