1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
|
<?xml version="1.0" encoding="UTF-8" ?>
<!DOCTYPE manualpage SYSTEM "./style/manualpage.dtd">
<?xml-stylesheet type="text/xsl" href="./style/manual.en.xsl"?>
<!-- $LastChangedRevision$ -->
<!--
Licensed to the Apache Software Foundation (ASF) under one or more
contributor license agreements. See the NOTICE file distributed with
this work for additional information regarding copyright ownership.
The ASF licenses this file to You under the Apache License, Version 2.0
(the "License"); you may not use this file except in compliance with
the License. You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
-->
<manualpage metafile="glossary.xml.meta">
<title>Glossary</title>
<summary>
<p>This glossary defines some of the common terminology related to Apache in
particular, and web serving in general. More information on each concept
is provided in the links.</p>
</summary>
<section id="definitions"><title>Definitions</title>
<dl>
<dt><a name="accesscontrol" id="accesscontrol">Access Control</a></dt>
<dd>The restriction of access to network realms. In an Apache context
usually the restriction of access to certain <em>URLs</em>.<br /> See: <a
href="howto/auth.html">Authentication, Authorization, and Access
Control</a>
</dd>
<dt><a name="algorithm" id="algorithm">Algorithm</a></dt>
<dd>An unambiguous formula or set of rules for solving a problem in a finite
number of steps. Algorithms for encryption are usually called
<dfn>Ciphers</dfn>.
</dd>
<dt><a name="apacheextensiontool" id="apacheextensiontool">APache
eXtension Tool</a> <a name="apxs" id="apxs">(apxs)</a></dt>
<dd>A perl script that aids in compiling <glossary
ref="module">module</glossary> sources into Dynamic Shared Objects
(<glossary ref="dso">DSO</glossary>s) and helps install them in the
Apache Web server.<br />
See: Manual Page: <program>apxs</program>
</dd>
<dt><a name="apacheportableruntime"
id="apacheportableruntime">Apache Portable Runtime</a> <a
name="apr" id="apr">(APR)</a></dt>
<dd>A set of libraries providing many of the basic interfaces
between the server and the operating system. APR is developed
parallel to the Apache HTTP Server as an independent project.<br />
See: <a href="http://apr.apache.org/">Apache Portable Runtime
Project</a>
</dd>
<dt><a name="authentication" id="authentication">Authentication</a></dt>
<dd>The positive identification of a network entity such as a server, a
client, or a user.<br />
See: <a href="howto/auth.html">Authentication, Authorization, and Access
Control</a>
</dd>
<dt><a name="certificate" id="certificate">Certificate</a></dt>
<dd>A data record used for authenticating network entities such
as a server or a client. A certificate contains X.509 information pieces
about its owner (called the subject) and the signing <glossary
ref="certificationauthority">Certification Authority</glossary> (called
the issuer), plus the owner's <glossary ref="publickey">public
key</glossary> and the
signature made by the CA. Network entities verify these signatures
using CA certificates.<br />
See: <a href="ssl/">SSL/TLS Encryption</a>
</dd>
<dt><a name="certificatsigningrequest"
id="certificatsigningrequest">Certificate Signing Request</a>
<a name="csr" id="csr">(CSR)</a></dt>
<dd>An unsigned <glossary ref="certificate">certificate</glossary> for
submission to a <glossary ref="certificationauthority">Certification
Authority</glossary>, which signs it with the <glossary
ref="privatekey">Private Key</glossary> of their CA
<em>Certificate</em>. Once the CSR is signed, it becomes a real
certificate.<br />
See: <a href="ssl/">SSL/TLS Encryption</a>
</dd>
<dt><a name="certificationauthority"
id="certificationauthority">Certification Authority</a>
<a name="ca" id="ca">(CA)</a></dt>
<dd>A trusted third party whose purpose is to sign certificates for network
entities it has authenticated using secure means. Other network entities
can check the signature to verify that a CA has authenticated the bearer
of a certificate.<br />
See: <a href="ssl/">SSL/TLS Encryption</a>
</dd>
<dt><a name="cipher" id="cipher">Cipher</a></dt>
<dd>An algorithm or system for data encryption. Examples are DES, IDEA, RC4,
etc.<br />
See: <a href="ssl/">SSL/TLS Encryption</a>
</dd>
<dt><a name="ciphertext" id="ciphertext">Ciphertext</a></dt>
<dd>The result after <glossary ref="plaintext">Plaintext</glossary> is
passed through a <glossary ref="cipher">Cipher</glossary>.<br /> See: <a
href="ssl/">SSL/TLS Encryption</a>
</dd>
<dt><a name="commongatewayinterface" id="commongatewayinterface">Common
Gateway Interface</a> <a name="cgi" id="cgi">(CGI)</a></dt>
<dd>A standard definition for an interface between a web server and an
external program that allows the external program to service requests.
There is an <a href="http://www.ietf.org/rfc/rfc3875">Informational
RFC</a> which covers the specifics.<br />
See: <a href="howto/cgi.html">Dynamic Content with CGI</a>
</dd>
<dt><a name="configurationdirective"
id="configurationdirective">Configuration Directive</a></dt>
<dd>See: <glossary ref="directive">Directive</glossary></dd>
<dt><a name="configurationfile" id="configurationfile">Configuration
File</a></dt>
<dd>A text file containing <glossary ref="directive">Directives</glossary>
that control the configuration of Apache.<br />
See: <a href="configuring.html">Configuration Files</a>
</dd>
<dt><a name="connect" id="connect">CONNECT</a></dt>
<dd>An HTTP <glossary ref="method">method</glossary> for proxying raw data
channels over HTTP. It can be used to encapsulate other protocols, such as
the SSL protocol.
</dd>
<dt><a name="context" id="context">Context</a></dt>
<dd>An area in the <glossary ref="configurationfile">configuration
files</glossary> where certain types of <glossary
ref="directive">directives</glossary> are allowed.<br />
See: <a href="mod/directive-dict.html#Context">Terms Used to Describe
Apache Directives</a>
</dd>
<dt><a name="digitalsignature" id="digitalsignature">Digital
Signature</a></dt>
<dd>An encrypted text block that validates a certificate or other file. A
<glossary ref="certificationauthority">Certification Authority</glossary>
creates a signature by generating a hash of the <em>Public Key</em>
embedded in a <em>Certificate</em>, then encrypting the hash with its own
<em>Private Key</em>. Only the CA's public key can decrypt the signature,
verifying that the CA has authenticated the network entity that owns the
<em>Certificate</em>.<br />
See: <a href="ssl/">SSL/TLS Encryption</a>
</dd>
<dt><a name="directive" id="directive">Directive</a></dt>
<dd>A configuration command that controls one or more aspects of Apache's
behavior. Directives are placed in the <glossary
ref="configurationfile">Configuration File</glossary><br />
See: <a href="mod/directives.html">Directive Index</a>
</dd>
<dt><a name="dynamicsharedobject" id="dynamicsharedobject">Dynamic
Shared Object</a> <a name="dso" id="dso">(DSO)</a></dt>
<dd><glossary ref="module">Modules</glossary> compiled separately from the
Apache <program>httpd</program> binary that can be loaded on-demand.<br />
See: <a href="dso.html">Dynamic Shared Object Support</a>
</dd>
<dt><a name="environmentvariable" id="environmentvariable">Environment
Variable</a> <a name="env-variable"
id="env-variable">(env-variable)</a></dt>
<dd>Named variables managed by the operating system shell and used to store
information and communicate between programs. Apache also contains
internal variables that are referred to as environment variables, but are
stored in internal Apache structures, rather than in the shell
environment.<br />
See: <a href="env.html">Environment Variables in Apache</a>
</dd>
<dt><a name="export-crippled" id="export-crippled">Export-Crippled</a></dt>
<dd>Diminished in cryptographic strength (and security) in order to comply
with the United States' Export Administration Regulations (EAR).
Export-crippled cryptographic software is limited to a small key size,
resulting in <em>Ciphertext</em> which usually can be decrypted by brute
force.<br />
See: <a href="ssl/">SSL/TLS Encryption</a>
</dd>
<dt><a name="filter" id="filter">Filter</a></dt>
<dd>A process that is applied to data that is sent or received by the
server. Input filters process data sent by the client to the server,
while output filters process documents on the server before they are sent
to the client. For example, the <code>INCLUDES</code> output filter
processes documents for <glossary ref="ssi">Server Side
Includes</glossary>.<br />
See: <a href="filter.html">Filters</a>
</dd>
<dt><a name="fully-qualifieddomain-name"
id="fully-qualifieddomain-name">Fully-Qualified Domain-Name</a>
<a name="fqdn" id="fqdn">(FQDN)</a></dt>
<dd>The unique name of a network entity, consisting of a hostname and a
domain name that can resolve to an IP address. For example,
<code>www</code> is a hostname, <code>example.com</code> is a domain name,
and <code>www.example.com</code> is a fully-qualified domain name.
</dd>
<dt><a name="handler" id="handler">Handler</a></dt>
<dd>An internal Apache representation of the action to be performed when a
file is called. Generally, files have implicit handlers, based on the file
type. Normally, all files are simply served by the server, but certain
file types are "handled" separately. For example, the
<code>cgi-script</code> handler designates files to be processed as
<glossary ref="cgi">CGIs</glossary>.<br />
See: <a href="handler.html">Apache's Handler Use</a>
</dd>
<dt><a name="hash" id="hash">Hash</a></dt>
<dd>A mathematical one-way, irreversible algorithm generating a string with
fixed-length from another string of any length. Different input strings
will usually produce different hashes (depending on the hash function).
</dd>
<dt><a name="header" id="header">Header</a></dt>
<dd>The part of the <glossary ref="http">HTTP</glossary> request and
response that is sent before the actual content, and that contains
meta-information describing the content.
</dd>
<dt><a name="htaccess" id="htaccess">.htaccess</a></dt>
<dd>A <glossary ref="configurationfile">configuration file</glossary> that
is placed inside the web tree and applies configuration <glossary
ref="directive">directives</glossary> to the directory where it is
placed and all sub-directories. Despite its name, this file can hold
almost any type of directive, not just access-control directives.<br />
See: <a href="configuring.html">Configuration Files</a>
</dd>
<dt><a name="httpd.conf" id="httpd.conf">httpd.conf</a></dt>
<dd>The main Apache <glossary ref="configurationfile">configuration
file</glossary>. The default location is
<code>/usr/local/apache2/conf/httpd.conf</code>, but it may be moved using
run-time or compile-time configuration.<br />
See: <a href="configuring.html">Configuration Files</a>
</dd>
<dt><a name="hypertexttransferprotocol"
id="hypertexttransferprotocol">HyperText Transfer Protocol</a>
<a name="http" id="hhtp">(HTTP)</a></dt>
<dd>The standard transmission protocol used on the World Wide Web. Apache
implements version 1.1 of the protocol, referred to as HTTP/1.1 and
defined by <a href="http://ietf.org/rfc/rfc2616.txt">RFC 2616</a>.
</dd>
<dt><a name="https" id="https">HTTPS</a></dt>
<dd>The HyperText Transfer Protocol (Secure), the standard encrypted
communication mechanism on the World Wide Web. This is actually just HTTP
over <glossary ref="ssl">SSL</glossary>.<br />
See: <a href="ssl/">SSL/TLS Encryption</a>
</dd>
<dt><a name="method" id="method">Method</a></dt>
<dd>In the context of <glossary ref="http">HTTP</glossary>, an action to
perform on a resource, specified on the request line by the client. Some
of the methods available in HTTP are <code>GET</code>, <code>POST</code>,
and <code>PUT</code>.
</dd>
<dt><a name="messagedigest" id="messagedigest">Message Digest</a></dt>
<dd>A hash of a message, which can be used to verify that the contents of
the message have not been altered in transit.<br />
See: <a href="ssl/">SSL/TLS Encryption</a>
</dd>
<dt><a name="mime-type" id="mime-type">MIME-type</a></dt>
<dd>A way to describe the kind of document being transmitted. Its name
comes from that fact that its format is borrowed from the Multipurpose
Internet Mail Extensions. It consists of a major type and a minor type,
separated by a slash. Some examples are <code>text/html</code>,
<code>image/gif</code>, and <code>application/octet-stream</code>. In
HTTP, the MIME-type is transmitted in the <code>Content-Type</code>
<glossary ref="header">header</glossary>.<br />
See: <a href="mod/mod_mime.html">mod_mime</a>
</dd>
<dt><a name="module" id="module">Module</a></dt>
<dd>An independent part of a program. Much of Apache's functionality is
contained in modules that you can choose to include or exclude. Modules
that are compiled into the Apache <program>httpd</program> binary are
called <dfn>static modules</dfn>, while modules that are stored
separately and can be optionally loaded at run-time are called
<dfn>dynamic modules</dfn> or <glossary ref="dso">DSOs</glossary>.
Modules that are included by default
are called <dfn>base modules</dfn>. Many modules are available for Apache
that are not distributed as part of the Apache HTTP Server <glossary
ref="tarball">tarball</glossary>. These are referred to as
<dfn>third-party modules</dfn>.<br />
See: <a href="mod/">Module Index</a>
</dd>
<dt><a name="modulemagicnumber" id="modulemagicnumber">Module Magic
Number</a> (<a name="mmn" id="mmn">MMN</a>)</dt>
<dd>Module Magic Number is a constant defined in the Apache source code that
is associated with binary compatibility of modules. It is changed when
internal Apache structures, function calls and other significant parts of
API change in such a way that binary compatibility cannot be guaranteed
any more. On MMN change, all third party modules have to be at least
recompiled, sometimes even slightly changed in order to work with the new
version of Apache.
</dd>
<dt><a name="openssl" id="openssl">OpenSSL</a></dt>
<dd>The Open Source toolkit for SSL/TLS<br />
See <a href="http://www.openssl.org/">http://www.openssl.org/</a>#
</dd>
<dt><a name="passphrase" id="passphrase">Pass Phrase</a></dt>
<dd>The word or phrase that protects private key files. It prevents
unauthorized users from encrypting them. Usually it's just the secret
encryption/decryption key used for <glossary
ref="cipher">Ciphers</glossary>.<br />
See: <a href="ssl/">SSL/TLS Encryption</a>
</dd>
<dt><a name="plaintext" id="plaintext">Plaintext</a></dt>
<dd>The unencrypted text.</dd>
<dt><a name="privatekey" id="privatekey">Private Key</a></dt>
<dd>The secret key in a <glossary ref="publickeycryptography">Public Key
Cryptography</glossary> system, used to decrypt incoming messages and
sign outgoing ones.<br />
See: <a href="ssl/">SSL/TLS Encryption</a>
</dd>
<dt><a name="proxy" id="proxy">Proxy</a></dt>
<dd>An intermediate server that sits between the client and the <em>origin
server</em>. It accepts requests from clients, transmits those requests
on to the origin server, and then returns the response from the origin
server to the client. If several clients request the same content, the
proxy can deliver that content from its cache, rather than requesting it
from the origin server each time, thereby reducing response time.<br />
See: <a href="mod/mod_proxy.html">mod_proxy</a>
</dd>
<dt><a name="publickey" id="publickey">Public Key</a></dt>
<dd>The publicly available key in a <glossary
ref="publickeycryptography">Public Key Cryptography</glossary> system,
used to encrypt messages bound for its owner and to decrypt signatures
made by its owner.<br />
See: <a href="ssl/">SSL/TLS Encryption</a>
</dd>
<dt><a name="publickeycryptography"
id="publickeycryptography">Public Key Cryptography</a></dt>
<dd>The study and application of asymmetric encryption systems, which use
one key for encryption and another for decryption. A corresponding pair of
such keys constitutes a key pair. Also called Asymmetric Cryptography.
<br />
See: <a href="ssl/">SSL/TLS Encryption</a>
</dd>
<dt><a name="regularexpresion" id="regularexpresion">Regular Expression</a>
<a name="regex" id="regex">(Regex)</a></dt>
<dd>A way of describing a pattern in text - for example, "all the words that
begin with the letter A" or "every 10-digit phone number" or even "Every
sentence with two commas in it, and no capital letter Q". Regular
expressions are useful in Apache because they let you apply certain
attributes against collections of files or resources in very flexible ways
- for example, all .gif and .jpg files under any "images" directory could
be written as "<code>/images/.*(jpg|gif)$</code>". In places where
regular expressions are used to replace strings, the special variables
$1 ... $9 contain backreferences to the grouped parts (in parentheses) of
the matched expression. The special variable $0 contains a backerference
to the whole matched expression. To write a literal dollar sign in a
replacement string, it can be escaped with a backslash. Historically, the
variable & could be used as alias for $0 in some places. This is no
longer possible since version 2.3.6. Apache uses Perl Compatible Regular
Expressions provided by the <a href="http://www.pcre.org/">PCRE</a>
library. You can find more documentation about PCRE's regular expression
syntax at that site, or at
<a href="http://en.wikipedia.org/wiki/PCRE">Wikipedia</a>.
</dd>
<dt><a name="reverseproxy" id="reverseproxy">Reverse Proxy</a></dt>
<dd>A <glossary ref="proxy">proxy</glossary> server that appears to the client
as if it is an <em>origin server</em>. This is useful to hide the real
origin server from the client for security reasons, or to load balance.
</dd>
<dt><a name="securesocketslayer" id="securesocketslayer">Secure Sockets
Layer</a> <a name="ssl" id="ssl">(SSL)</a></dt>
<dd>A protocol created by Netscape Communications Corporation for general
communication authentication and encryption over TCP/IP networks. The most
popular usage is <em>HTTPS</em>, i.e. the HyperText Transfer Protocol (HTTP)
over SSL.<br />
See: <a href="ssl/">SSL/TLS Encryption</a>
</dd>
<dt><a name="servernameindication" id="servernameindication">Server Name
Indication</a> <a name="sni" id="sni">(SNI)</a></dt>
<dd>An SSL function that allows passing the desired server
hostname in the initial SSL handshake message, so that the web
server can select the correct virtual host configuration to use
in processing the SSL handshake. It was added to SSL starting
with the TLS extensions, RFC 3546. <br />
See: <a href="ssl/ssl_faq.html">the SSL FAQ</a>
and <a href="http://www.ietf.org/rfc/rfc3546.txt">RFC 3546</a>
</dd>
<dt><a name="serversideincludes" id="serversideincludes">Server Side
Includes</a> <a name="ssi" id="ssi">(SSI)</a></dt>
<dd>A technique for embedding processing directives inside HTML files.<br />
See: <a href="howto/ssi.html">Introduction to Server Side Includes</a>
</dd>
<dt><a name="session" id="session">Session</a></dt>
<dd>The context information of a communication in general.</dd>
<dt><a name="ssleay" id="ssleay">SSLeay</a></dt>
<dd>The original SSL/TLS implementation library developed by Eric A.
Young
</dd>
<dt><a name="symmetriccryptophraphy" id="symmetriccryptophraphy">Symmetric
Cryptography</a></dt>
<dd>The study and application of <em>Ciphers</em> that use a single secret key
for both encryption and decryption operations.<br />
See: <a href="ssl/">SSL/TLS Encryption</a>
</dd>
<dt><a name="tarball" id="tarball">Tarball</a></dt>
<dd>A package of files gathered together using the <code>tar</code> utility.
Apache distributions are stored in compressed tar archives or using
pkzip.
</dd>
<dt><a name="transportlayersecurity" id="transportlayersecurity">Transport
Layer Security</a> <a name="tls" id="tls">(TLS)</a></dt>
<dd>The successor protocol to SSL, created by the Internet Engineering Task
Force (IETF) for general communication authentication and encryption over
TCP/IP networks. TLS version 1 is nearly identical with SSL version 3.<br />
See: <a href="ssl/">SSL/TLS Encryption</a>
</dd>
<dt><a name="uniformresourcelocator" id="uniformresourcelocator">Uniform
Resource Locator</a> <a name="url" id="url">(URL)</a></dt>
<dd>The name/address of a resource on the Internet. This is the common
informal term for what is formally called a <glossary
ref="uniformresourceidentifier">Uniform Resource Identifier</glossary>.
URLs are usually made up of a scheme, like <code>http</code> or
<code>https</code>, a hostname, and a path. A URL for this page might
be <code>http://httpd.apache.org/docs/&httpd.docs;/glossary.html</code>.
</dd>
<dt><a name="uniformresourceidentifier"
id="uniformresourceidentifier">Uniform Resource Identifier</a>
<a name="URI" id="URI">(URI)</a></dt>
<dd>A compact string of characters for identifying an abstract or physical
resource. It is formally defined by <a
href="http://www.ietf.org/rfc/rfc2396.txt">RFC 2396</a>. URIs used on the
world-wide web are commonly referred to as <glossary
ref="url">URLs</glossary>.
</dd>
<dt><a name="virtualhosting" id="virtualhosting">Virtual Hosting</a></dt>
<dd>Serving multiple websites using a single instance of Apache. <em>IP
virtual hosting</em> differentiates between websites based on their IP
address, while <em>name-based virtual hosting</em> uses only the name of the
host and can therefore host many sites on the same IP address.<br />
See: <a href="vhosts/">Apache Virtual Host documentation</a>
</dd>
<dt><a name="x.509" id="x.509">X.509</a></dt>
<dd>An authentication certificate scheme recommended by the International
Telecommunication Union (ITU-T) which is used for SSL/TLS authentication.<br
/> See: <a href="ssl/">SSL/TLS Encryption</a>
</dd>
</dl>
</section>
</manualpage>
|