Apache HTTP Server Version 2.0

Apache Module mod_info

Description: Provides a comprehensive overview of the server configuration
Status: Extension
Module Identifier: info_module


To configure mod_info, add the following to your httpd.conf file.

<Location /server-info>
SetHandler server-info

You may wish to add a <Limit> clause inside the <location> directive to limit access to your server configuration information.

Once configured, the server information is obtained by accessing http://your.host.dom/server-info

Note that the configuration files are read by the module at run-time, and therefore the display may not reflect the running server's active configuration if the files have been changed since the server was last reloaded. Also, the configuration files must be readable by the user as which the server is running (see the User directive), or else the directive settings will not be listed.

It should also be noted that if mod_info is compiled into the server, its handler capability is available in all configuration files, including per-directory files (e.g., .htaccess). This may have security-related ramifications for your site.

In particular, this module can leak sensitive information from the configuration directives of other Apache modules such as system paths, usernames/passwords, database names, etc. Due to the way this module works there is no way to block information from it. Therefore, this module should ONLY be used in a controlled environment and always with caution.


AddModuleInfo Directive

Description: Allows additional information to be added to the module information displayed by the server-info handler
Syntax: AddModuleInfo module-name string
Context: server config, virtual host
Status: Extension
Module: mod_info
Compatibility: Apache 1.3 and above

This allows the content of string to be shown as HTML interpreted, Additional Information for the module module-name. Example:

AddModuleInfo mod_auth.c 'See <A HREF="http://www.apache.org/docs/mod/mod_auth.html">http://www.apache.org/docs/mod/mod_auth.html</A>'

Apache HTTP Server Version 2.0