Configuration File Options¶
Here you will find a list of all available configuration lighttpd. They are grouped by module, and a link to each module configuration will provide with more detail information about each option, as well as examples, and other guidelines.
- Configuration File Options
- Lighttpd Core
- mod_access - access restrictions
- mod_accesslog - access log files
- mod_alias - directory aliases
- mod_auth - authentication
- mod_cache - web accelerating
- mod_cgi - cgi
- mod_cml - Cache Meta Language
- mod_compress - compress output
- mod_deflate - dynamic compression (1.5.0)
- mod_dirlisting - directory listing
- mod_evasive - evasive (1.5.0)
- mod_evhost - enhanced virtual host
- mod_expire - cached expiration
- mod_extforward - use X-Forwarded-For
- mod_fastcgi - fastcgi
- mod_flv_streaming - flv streaming
- mod_indexfile - Precautions and documentation
- mod_mem_cache - local file accelerating
- mod_mimemagic - determines the MIME type of a file by looking at a few bytes of its contents
- mod_mysql_vhost - Mysql virtual hosting
- mod_proxy - proxy
- mod_redirect - redirect
- mod_rewrite - rewriting
- mod_rrdtool - rrdtool
- mod_scgi - SCGI
- mod_secure_download - secure and fast download
- mod_setenv - set HTTP Environment
- mod_simple_vhost - simple virtual host
- mod_ssi - server side includes
- mod_status - server status
- mod_trigger_b4_dl - trigger before download
- mod_userdir - user directories
- mod_uploadprogress - upload progress (1.5.0)
- mod_usertrack - user track (cookies)
- mod_webdav - WebDAV
Lighttpd Core¶
| option | description | details |
|---|---|---|
| connection.kbytes-per-second | limit the throughput for each single connection to the given limit in kbyte/s | Details |
| etag.use-inode | Determines if inode-value is used in ETag generation | Details |
| etag.use-mtime | Determines if mtime-value is used in ETag generation | Details |
| etag.use-size | Determines if size-value is used in ETag generation | Details |
| index-file.names | list of files to search for if a directory is requested | Details |
| mimetype.assign | list of known mimetype mappings | Details |
| mimetype.use-xattr | try to use XFS-style extended attribute interface for retreiving the Content-Type | Details |
| server.bind | IP address, hostname or absolute path to the unix-domain socket | Details |
| server.chroot | root-directory of the server | Details |
| server.core-files | enable core files | Details |
| server.dir-listing | enable/disable dir listing | Details |
| server.document-root | document-root of the webserver | Details |
| server.errorfile-prefix | path prefix for special status codes pages | Details |
| server.error-handler-404 | uri to call if the requested file results in a 404 | Details |
| server.errorlog | pathname of the error-log | Details |
| server.errorlog-use-syslog* | send errorlog to syslog | Details |
| server.breakagelog | open as stderr, so all forked applications will write their errors to this (if stderr isn't handled otherwise via a pipe); needed to see mod_cgi stderr in 1.4 | |
| server.event-handler | set the event handler | Details |
| server.follow-symlink | allow to follow-symlinks | Details |
| server.force-lowercase-filenames | enable force all filenames to lowercase | |
| server.groupname | groupname used to run the server | Details |
| server.kbytes-per-second | limit the throughput for all connections to the given limit in kbyte/s | Details |
| server.max-connections | maximum connections | Details |
| server.max-fds | maximum number of file descriptors | Details |
| server.max-keep-alive-idle | maximum number of seconds until a idling keep-alive connection is droped | Details |
| server.max-keep-alive-requests | maximum number of request within a keep-alive session | Details |
| server.max-read-idle | maximum number of seconds until a waiting, non keep-alive read times out and closes the connection | Details |
| server.max-request-size | maximum size in kbytes of the request | Details |
| server.max-worker | number of worker processes to spawn | Details |
| server.max-write-idle | maximum number of seconds until a waiting write call times out | Details |
| server.modules | modules to load | Details |
| server.name | name of the server/virtual server | Details |
| server.network-backend | basic network interface for all platforms at the syscalls read() and write() | Details |
| server.pid-file | set the name and location of the .pid-file | Details |
| server.protocol-http11 | defines if HTTP/1.1 is allowed or not | Details |
| server.range-requests | defines if range requests are allowed or not | Details |
| server.reject-expect-100-with-417 | setting to disable returning of a 417 if "Expect: 100-continue" header | |
| server.stat-cache-engine | select stat() call caching | Details |
| server.tag | set the string returned by the server | Details |
| server.upload-dirs | path to upload directory | Details |
| server.use-ipv6 | bind to the IPv6 socket | Details |
| server.username | username used to run the server | Details |
| static-file.etags | Determines if ETags are generated or not | |
| static-file.exclude-extensions | forbid access to the source of some types of files by extension |
SSL¶
| option | description | details |
|---|---|---|
| ssl.engine | enable/disable ssl engine | Details |
| ssl.pemfile | path to the PEM file for SSL support | Details |
| ssl.ca-file | path to the CA file for support of chained certificates | Details |
| ssl.use-sslv2 | enable/disable use of SSL version 2 | Details |
| ssl.cipher-list | Configure the allowed SSL ciphers | Details |
| ssl.verifyclient.activate | enable/disable client verification | Details |
| ssl.verifyclient.enforce | enable/disable enforcing client verification | Details |
| ssl.verifyclient.depth | certificate depth for client verification | Details |
| ssl.verifyclient.exportcert | enable/disable client certificate export to env:SSL_CLIENT_CERT | Details |
| ssl.verifyclient.username | client certificate entity to export as env:REMOTE_USER (eg. SSL_CLIENT_S_DN_emailAddress, SSL_CLIENT_S_DN_UID, etc.) | Details |
Core Debug Info¶
| option | description |
|---|---|
| debug.log-request-header | log all request headers |
| debug.log-file-not-found | log if a file wasn't found |
| debug.log-condition-handling | log conditionals handling for debugging |
| debug.log-request-header-on-error | log request header, but only when there is an error |
| debug.log-request-handling | log request handling inside lighttpd |
| debug.log-state-handling | log state handling inside lighttpd |
| debug.log-response-header | log the header we send out to the client |
| debug.log-ssl-noise | log some ssl warnings we hide by default (ssl handshake, unknown/bad certificate) |
mod_access - access restrictions¶
| option | description |
|---|---|
| url.access-deny | Denies access to all files with any of given trailing path names |
mod_accesslog - access log files¶
| option | description |
|---|---|
| accesslog.use-syslog | send the accesslog to syslog |
| accesslog.format | the format of the logfile |
| accesslog.filename | name of the file where the accesslog should be written to if syslog is not used |
mod_alias - directory aliases¶
| option | description |
|---|---|
| alias.url | rewrites the document-root for a URL-subset |
mod_auth - authentication¶
| option | description |
|---|---|
| auth.debug | enable/disable authentication module debug information |
| auth.backend | type of authentication backend |
| auth.require | |
| auth.backend.ldap.hostname | hostname of ldap server |
| auth.backend.ldap.starttls | |
| auth.backend.ldap.filter | |
| auth.backend.ldap.bind-pw | |
| auth.backend.ldap.ca-file | |
| auth.backend.ldap.base-dn | |
| auth.backend.ldap.bind-dn | |
| auth.backend.plain.userfile | path to plain userfile |
| auth.backend.plain.groupfile | path to plain groupfile |
| auth.backend.htdigest.userfile | path to htdigest userfile |
| auth.backend.htpasswd.userfile | path to htpassword userfile |
mod_cache - web accelerating¶
| option | description |
|---|---|
| cache.bases | directory arrays which want to save cache files |
| cache.enable | |
| cache.domains | domain pcre regex arrays which mod_cache will cache |
| cache.support-queries | |
| cache.debug | writes mod_cache debuging messages to error.log or not |
| cache.purge-host | pcre regex hosts ip which are allowed to PURGE cache file |
| cache.refresh-pattern |
mod_cgi - cgi¶
| option | description |
|---|---|
| cgi.assign | assign cgi handler to an extension |
| cgi.execute-x-only | requires +x for cgi scripts |
mod_cml - Cache Meta Language¶
| option | description |
|---|---|
| cml.memcache-namespace | (not used yet) |
| cml.power-magnet | a cml file that is executed for each request |
| cml.memcache-hosts | hosts for the memcache.* functions |
| cml.extension | the file extension that is bound to the cml-module |
mod_compress - compress output¶
| option | description |
|---|---|
| compress.max-filesize | maximum size of the original file to be compressed kBytes |
| compress.cache-dir | name of the directory where compressed content will be cached |
| compress.filetype | mimetypes which might get compressed |
mod_deflate - dynamic compression (1.5.0)¶
- mod_deflate documentation (patch available for 1.4.x)
| option | description |
|---|---|
| deflate.enabled | enable/disable deflate support |
| deflate.compression-level | level of compression |
| deflate.mem-level | |
| deflate.window-size | |
| deflate.bzip2 | enable/disable bzip support |
| deflate.min-compress-size | minimum size document before compressing |
| deflate.sync-flush | enable sync flush |
| deflate.output-buffer-size | size of buffer for compression |
| deflate.work-block-size | minimum block size for compression |
| deflate.mimetypes | mimetype listing to be compressed. |
| deflate.debug | enable debug |
mod_dirlisting - directory listing¶
| option | description |
|---|---|
| server.dir-listing*: enable/disable directory listing | |
| dir-listing.activate | enables virtual directory listings if a directory is requested no index-file was found |
| dir-listing.external-css | path to an external css stylesheet for the directory listing |
| dir-listing.encoding | set a encoding for the generated directory listing |
| dir-listing.hide-dotfiles | if enabled, does not list hidden files in directory listings generated by the dir-listing option |
| dir-listing.show-header | include HEADER.txt files above the directory listing |
| dir-listing.hide-header-file | enables hide header file from directory listing |
| dir-listing.show-readme | include README.txt files below the directory listing |
| dir-listing.hide-readme-file | enables displaying readme file in directory listing |
| dir-listing.exclude | files that match any of the specified regular expressions will be excluded from listings |
| dir-listing.set-footer | displays a string in the footer of a listing page |
mod_evasive - evasive (1.5.0)¶
| option | description |
|---|---|
| evasive.max-conns-per-ip | upper limit of number of connections per ip allowed |
mod_evhost - enhanced virtual host¶
| option | description |
|---|---|
| evhost.path-pattern | pattern with wildcards to be replace to build a documentroot |
mod_expire - cached expiration¶
| option | description |
|---|---|
| expire.url | assignes a expiration to all files below the specified path |
mod_extforward - use X-Forwarded-For¶
extract the client's "real" IP from X-Forwarded-For header
| option | description |
|---|---|
| extforward.forwarder | set trust level of proxy ip's |
mod_fastcgi - fastcgi¶
| option | description |
|---|---|
| fastcgi.map-extensions | map multiple extensions to the same fastcgi server |
| fastcgi.debug | a value between 0 and 65535 to set the debug-level in the FastCGI module |
| fastcgi.server | tell the module where to send FastCGI requests to |
| fastcgi.server-option | description |
|---|---|
| host | is ip of the FastCGI process |
| port | is tcp-port on the "host" used by the FastCGI process |
| socket | path to the unix-domain socket |
| bin-path | path to the local FastCGI binary which should be started if no local FastCGI is running |
| bin-environment | set environment of FastCGI binary |
| bin-copy-environment | copy environment from server for FastCGI binary |
| mode | is the FastCGI protocol mode. Default is "responder", also "authorizer" mode is implemented |
| docroot | docroot on the remote host |
| allow-x-send-file | controls if X-LIGHTTPD-send-file and X-Sendfile headers are allowed |
| broken-scriptfilename | breaks SCRIPT_FILENAME in a way that PHP can extract PATH_INFO from it |
| max-procs | upper limit of processes to start |
| check-local | enable/disable check for requested file in document root |
| disable-time | time to wait before a disabled backend is checked again |
| strip-request-uri | strip part of request-uri |
| fix-root-scriptname | use this for backends with extension "/" (and check-local is disabled), only works > 1.4.22 |
mod_flv_streaming - flv streaming¶
flv-streaming.extensions: extensions of flv filesBlog EntryAdditional InformationFlash Video Player 3.5mod_indexfile - Precautions and documentation¶
mod_mem_cache - local file accelerating¶
| option | description |
|---|---|
| mem-cache.filetypes | content-type arrays which want to put into memory |
| mem-cache.enable | |
| mem-cache.max-memory | maxium memory in Mbytes mod-mem-cache can use |
| mem-cache.max-file-size | maxium file size in Kbytes of single file to cache in memory |
| mem-cache.lru-remove-count | |
| mem-cache.expire-time | memory cache's expire time in minutes |
| mem-cache.slru-thresold | slru threshold (against hit counter) |
mod_mimemagic - determines the MIME type of a file by looking at a few bytes of its contents¶
| option | description |
|---|---|
| mimemagic.file | path of magic.mime file |
| mimemagic.override-global-mimetype |
mod_mysql_vhost - Mysql virtual hosting¶
| option | description |
|---|---|
| mysql-vhost.hostname | hostname of mysql server |
| mysql-vhost.db | database name |
| mysql-vhost.user | username to access database |
| mysql-vhost.pass | password to access database |
| mysql-vhost.sql | SQL statement to execute to obtain docroot |
| mysql-vhost.port | port where to connect to database |
| mysql-vhost.sock | socket where to connect to database |
mod_proxy - proxy¶
| option | description |
|---|---|
| proxy.balance | select type of balancing algorithm (round-robin, hash, fair) |
| proxy.debug | enable/disable proxy debug information |
| proxy.server | where to send Proxy requests |
| proxy.server-option | description |
|---|---|
| host | ip of host to send requests |
| port | listening port of host |
mod_redirect - redirect¶
| option | description | note |
|---|---|---|
| url.redirect | redirects a set of URLs externally | |
| url.redirect-code | defines the http code that is sent with the redirect URL | Added in 1.5.0 |
mod_rewrite - rewriting¶
| option | description |
|---|---|
| url.rewrite-once | rewrites a set of URLs internally and skip the rest |
| url.rewrite-repeat | rewrites a set of URLs internally in the webserver, continue applying rewrite rules |
| url.rewrite | same as url.rewrite-once |
| url.rewrite-final | same as url.rewrite-once |
| url.rewrite-[repeat-]if-not-file | rewrites a set of urls internally and checks if files do not exist |
mod_rrdtool - rrdtool¶
| option | description |
|---|---|
| rrdtool.db-name | filename of the rrd-database |
| rrdtool.binary | path to the rrdtool binary |
mod_scgi - SCGI¶
| option | description |
|---|---|
| scgi.map-extensions | map multiple extensions to the same scgi server |
| scgi.debug | a value between 0 and 65535 to set the debug-level in the SCGI module |
| scgi.server | tell the module where to send SCGI requests to |
| scgi.server-option | description |
|---|---|
| host | is ip of the SCGI process |
| port | is tcp-port on the "host" used by the SCGI process |
| socket | path to the unix-domain socket |
| bin-path | path to the local SCGI binary which should be started if no local SCGI is running |
| bin-environment | set environment of SCGI binary |
| bin-copy-environment | copy environment from server for SCGI binary |
| docroot | docroot on the remote host |
| allow-x-send-file | controls if X-LIGHTTPD-send-file and X-Sendfile headers are allowed |
| broken-scriptfilename | breaks SCRIPT_FILENAME in a way that PHP can extract PATH_INFO from it |
| idle-timeout | number of seconds before a unused process gets terminated |
| max-procs | upper limit of processes to start |
| min-procs | sets the minium processes to start |
| min-procs-not-working | |
| max-load-per-proc | maximum number of waiting processes on average per process before a new process is spawned |
| check-local | enable/disable check for requested file in document root |
| disable-time | time to wait before a disabled backend is checked again |
| strip-request-uri | strip part of request-uri |
mod_secure_download - secure and fast download¶
| option | description |
|---|---|
| secdownload.document-root | path to the download area |
| secdownload.timeout | how long in seconds is the secret valid |
| secdownload.uri-prefix | prefix to url for download |
| secdownload.secret | Secret string that will be used for the checksum calculation |
mod_setenv - set HTTP Environment¶
| option | description |
|---|---|
| setenv.add-response-header | adds a value to the process environment that is passed to the external applications |
| setenv.add-request-header | adds a header to the HTTP response sent to the client |
| setenv.add-environment | adds a value to the process environment that is passed to the external applications |
mod_simple_vhost - simple virtual host¶
| option | description |
|---|---|
| simple-vhost.document-root | path below the vhost directory |
| simple-vhost.server-root | root of the virtual host |
| simple-vhost.default-host | use this hostname if the requested hostname does not have its own directory |
| simple-vhost.debug | debug simple vhosts module |
mod_ssi - server side includes¶
| option | description |
|---|---|
| ssi.extension | extension of files processed by mod_ssi |
mod_status - server status¶
| option | description |
|---|---|
| status.config-url | relative URL for the config page which displays the loaded modules |
| status.statistics-url | relative URL for a plain-text page containing the internal statistics |
| status.enable-sort | add JavaScript which allows client-side sorting for the connection overview |
| status.status-url | relative URL which is used to retrieve the status-page |
mod_trigger_b4_dl - trigger before download¶
| option | description |
|---|---|
| trigger-before-download.trigger-url | url for trigger pages |
| trigger-before-download.trigger-timeout | time for download link to live |
| trigger-before-download.download-url | url for downloads |
| trigger-before-download.deny-url | url to show when visitor denied a download |
| trigger-before-download.gdbm-filename | path to gdm file |
| trigger-before-download.memcache-hosts | hosts for the memcache.* functions |
| trigger-before-download.memcache-namespace | (not used yet) |
| trigger-before-download.debug |
mod_userdir - user directories¶
| option | description |
|---|---|
| userdir.basepath | if set, don't check /etc/passwd for homedir |
| userdir.exclude-user | list of usernames which may not use this feature |
| userdir.path | usually it should be set to "public_html" to take ~/public_html/ as the document root |
| userdir.include-user | if set, only users from this list may use the feature |
mod_uploadprogress - upload progress (1.5.0)¶
| option | description |
|---|---|
| upload-progress.progress-url |
mod_usertrack - user track (cookies)¶
| option | description |
|---|---|
| usertrack.cookie-name | |
| ~'_usertrack.cookiename_'~ | (deprecated) |
| usertrack.cookie-domain | |
| usertrack.cookie-max-age |
mod_webdav - WebDAV¶
| option | description |
|---|---|
| webdav.activate | enable/disable WebDAV |
| webdav.is-readonly | enable/disable read only |
| webdav.sqlite-db-name | pathname to SQLite database |
| webdav.log-xml | Log the XML Request bodies for debugging |