merecat.conf

NAME

merecat.conf — merecat httpd configuration file

INTRODUCTION

When merecat starts up it looks for its configuration file, /etc/merecat.conf. This manual page documents the settings available, which allows for more advanced setups. For simpler use-cases, however, you may not need a merecat.conf since the server runs fine with only command line parameters.

DESCRIPTION

The syntax of the config file is UNIX style key = value, separated by whitespace. The “#” character marks the start of a comment to end of line. The \ character can be used as an escape character. Note: changes to the configuration file are require a restart of merecat, unlike many other UNIX daemons SIGHUP does not reload the .conf file.

Configuration Directives

charset = “STRING”

Character set to use with text MIME types, default “UTF-8”. If the default unicode charset causes trouble, try “iso-8859-1”.

check-referer = <true | false>

Enable check for external sites referencing material on your web server. For more information on referrers, see merecat(8). Disabled by default.

check-symlinks = <true | false>

For increased security, set this to true. Unless running chrooted in which case this is not really necessary. Disabled by default.

chroot = <true | false>

Change web server root to WEBDIR, or the current directory, if no WEBDIR is given as argument. Chrooting is a security measure and means that merecat.conf cannot access files outside it, unless files are bind mounted, or similar into the chroot. Disabled by default.

compression-level = -1..9

Control the compression level of the built-in Apache-like mod_deflate. The default value is -1, which gives a reasonable compromize between speed and compression. To disable compression set this to 0 and to get maximum compression, 9.

The default setting, -1, means all "text/*" MIME type files, larger than 256 bytes, are compressed before sending to the client.

directory = DIR

If no WEBDIR is given on the command line this option can be used to change the web server document root. Defaults to the current directory. When chrooting this is the root directory, see the data-directory directive for more help.

data-directory = DIR

This setting is only relevant when chrooting, it adjusts the web server document root relative to the directory directive.

global-passwd = <true | false>

Set this to true to protect the entire directory tree with a single .htpasswd and/or .htaccess file. When unset, which is the default, merecat.conf looks for a local .htpasswd and .htaccess file, or serves the file without password.

hostname = HOSTNAME

The hostname to bind to when multihoming. For more details on this, see below discussion.

list-dotfiles = <true | false>

If dotfiles should be skipped in directory listings. Disabled by default.

local-pattern = “PATTERN”

Used with check-referer, see merecat(8) for more details.

max-age = SEC

Controls the global max-age setting, in seconds, set in the HTTP/1.1 “Cache-Control: max-age” header, returned with all responses. The default setting is disabled since v2.32 and the user is recommended to use per-resource cache control. See the server location directive for details.

port = PORT

The web server Internet port to listen to, defaults to 80, or 443 when HTTPS is enabled. See the ssl section below for more on configuring an HTTPS server.

url-pattern = “PATTERN”

Used with check-referer, see merecat(8) for more details.

username = “NAME”

Set username to drop privileges to after startup. Defaults to "nobody" which usually is defined on all UNIX systems.

virtual-host = <true | false>

Enable virtual hosting, disabled by default. For more information on this, see merecat(8).

user-agent-deny = “PATTERN”

Wildcard pattern to deny access to illicit hammering bots. When set a matching user-agent will receive a 403 for all its requests. Use for instance “**SemrushBot**” or “**SemrushBot**|**MJ12Bot**|**DotBot**” to match multiple user-agents.

The default is disabled, i.e. all user-agents are allowed.

cgi “PATTERN” {

Wildcard pattern for CGI programs, for instance “**.cgi” or “**.cgi|/cgi-bin/*”. See the dedicated CGI section in merecat(8) for more on this.

}

 

php “PATTERN” {

Wildcard pattern for PHP scripts, for instance “**.php*” or “**.php5*|**.php4*|**.php*”. Notice the trailing *, it is very important otherwise any HTTP GET request with arguments will fail.

}

 

ssi “PATTERN” {

Wildcard pattern for triggering SSI, for instance “**.shtml” or “**.shtml|**.stm|**.shtm”.

}

 

ssl {

}

 

server name {

}

 

SEE ALSO

merecat(8)

AUTHORS

Jef Poskanzer ⟨[email protected]⟩ wrote the famous thttpd which merecat.conf is based on.
Joachim Wiberg ⟨[email protected]⟩ added the .conf file parser and this man page.