Configuration

| iMatix home page
| Xitami home page
| << | < | > | >>

Xitami
Version 2.5b4

Configuration

Xitami will run straight out of the box with no configuration. However, advanced users may want to modify Xitami's behaviour with respect to security, CGI, logging, etc. Xitami reads a configuration file, xitami.cfg to get information such as the logfile name and MIME types. This is how the configuration files work:

If no configuration file is present, Xitami will use internal defaults for most values, including some basic MIME types. However a fuller list of MIME types can come only from the config file.
The configuration file must be in the current directory, or on the PATH.
You can either modify the xitami.cfg file directly (not recommended) or create a second file, defaults.cfg, and place modified values there. This is an example of a defaults.cfg file:
```
[Server]
    debug=1
```
The name 'defaults.cfg' can itself be modified in xitami.cfg.
Since the defaults.cfg file is not included in the Xitami distribution, you will no longer lose customised configurations when you re-install the web server.
If you change the defaults.cfg file it will be automatically reloaded by the server after a short delay (usually 60 seconds). If you did not create defaults.cfg, Xitami will auto-reload the xitami.cfg file.
Any command-line options (or control panel options for the GUI versions of Xitami) override the options set in the configuration files.

In this document, configuration options are specified using the notation section:keyword, for instance 'server:debug=1' for the file example above.

Web-Based Administration (WBA) Interface

The URL '/admin' will launch the WBA. This URL is password protected so that it is inaccessible until you have specified a new password. To enable the WBA you should modify xitami.aut and set a password for the [/admin] URL. Note that xitami.aut is re-installed with each new version, so the better long-term approach is to define a [Security]filename= option in defaults.cfg.

The WBA can be used in conjunction with this HTML-based help text, as regards the various config options. At any time you can, of course, modify the config files by hand.

To disable the WBA, remove the xiadmin entry from the [WSX] section in the xitami.cfg and default.cfg files.

The URL '/setup' launches the virtual host WBA. This works like the standard WBA, but only lets you configure the look and feel for one virtual host. Xitami automatically launches the virtual host WBA for the correct configuration file when you access the /setup URL through a virtual host. The virtual host WBA does not let you change directories, define aliases, or FTP options, and all options that impact the whole server are not shown. This tool is designed for commercial hosting sites, and allows clients to customise their website from a distance. You can change the URL used to access the virtual host WBA, in the WSX configuration section.

Configuration File Syntax

A configuration file defines a series of sections, each containing options. Comments are indicated by '#' at any point in the line. Blank lines are ignored. Each option takes this form:

name=value

The option name is case insensitive. You can put spaces around the '=' if wanted. The option value is case-sensitive and may be enclosed in double quotes if necessary. To specify an empty value, use "". For example:

form-prefix=""

You can put references to environment variables in the configuration file values using this syntax: $(NAME). Note that the name must be in uppercase, and that such references cannot be nested.

Prior to version 2.4, Xitami used "_" and "-" interchangeably in the config files; this is no longer the case, and Xitami uses "-" in all keys.

The [Server] Section

This section defines general parameters for the web server.

webpages: specifies the directory root where web pages are located. this can be an absolute directory or a relative directory.; Default: ./webpages.
cgi-bin: specifies the directory where cgi programs are located. this can be an absolute directory (starting with '/' or '\', if you prefer) or a relative directory (not starting with '/' or '\'). More information is available.; Default: ./cgi-bin.
cgi-url: specifies the string that xitami uses to detect that a url is to be treated as a cgi. this value must start with '/', and can consist of one or more paths. for instance: '/cgi', '/script', '/scripts/cgi'. this string does not actually refer to a real disk directory; it is translated into a real filename using the cgi-bin option, and a heuristic. More information is available.; Default: /cgi-bin.
refresh: specifies the delay in seconds between each server refresh. at each refresh, the server does a number of administrative tasks: reload the configuration file if changed; reopen the file xitami.aut in any case; cycle the log files if necessary. the refresh rate has a minimum of 10 seconds, unless it is set to 0 in which case no refresh occurs at all. (this can be used to determine if the refresh is causing sporadic problems.); Default: 60.
debug: if 1, the server creates various debugging log files. the file request.log contains every incoming request. the file 'debug.log' in particular logs the processing of the requests. the file 'header.log' contains every response sent back to the browser. use this to debug a virtual host configuration that gives problems, or to determine the cause of a recurrent problem.; Default: 0.
debug-dir: specifies a directory for debug log files. xitami interprets this value as an environment variable if possible, else as a literal directory name. if you want it to refer only to a directory name, end it in '/'.; Default: debug.
temp-dir: specifies a directory for temporary files. the server creates these to pass information to and from cgi programs, and if debugging is enabled, you may find that these accumulate. xitami interprets this value as an environment variable if possible, else as a literal directory name. if you want it to refer only to a directory name, end it in '/'.; Default: temp.
log-dir: specifies the directory for log files. this option applies to all log files that xitami creates, except debug log files. you can leave this option empty, and specify a full path name for each log file: this allows you to put different log files where you like.; Default: ./logs.
header-dir: specifies the directory for header files. header files contain custom http headers, used for all files of some type. for instance, you can ask xitami to output the http header 'cache-control: no-cache' for all files with the extension '.txt' by creating a file called 'header.txt' in this directory, and containing the http header line. each header file matches all files with the same extension.; Default: ./headers.
limit: specifies the maximum number of concurrent http connections. on systems that can handle lots of open sockets (e.g. unix, os/2, winnt, win98), you may want to set this high. xitami does not impose any fixed limit. if you set this value to 0, it means 'no limit'.; Default: 0.
pipe: specifies the http throttle pipe. with a throttle pipe you can restrict the throughput of a website to some fixed maximum, e.g. 64kbps. this can be useful if several websites share a single line, and you need to share this on a quality-of-service basis. the http throttle pipe is applied to all download and upload requests to the website. you can apply a throttle pipe to the entire http server or to specific virtual hosts. pipes are defined in the xml file 'pipedef.xml'. you can edit this file to add new pipes; xitami reloads this automatically after a short delay. each pipe is defined as several 'instances', which are simply individual pipes that share the same characteristics. for example, the default pipedef.xml file defines several pipes with a 64kbps throughput. these are individual instances of a 64kpbs pipe. all transfers that use a specific pipe instance share the bandwidth of that pipe instance.; Default: .
pipedef: specifies the throttle pipe definition file. this is an xml file that follows a specific format - look at pipedef.xml for an explanation. if you define your own throttle pipes, it's a good idea to copy pipedef.xml to something else (e.g. 'mypipes.xml') and then change that. this avoids unpleasant surprises when you upgrade your xitami version. note that we may change the format of the pipe definition file in the future.; Default: pipedef.xml.
background: if 1, the server runs as a background process, on operating systems that support this functionality. if 0, the server runs as a foreground process. background processes are detached from their controlling terminal and must be halted by a system 'kill process' request. foreground processes send their output to the controlling terminal and can be halted by an interrupt key (e.g. ctrl-c). currently, only implemented on unix systems.; Default: 0.
autostart: if 1, the server will run even if it cannot open the http port. it will retry every 5 seconds until you stop the server (which must be done manually if the http service cannot start). the autostart option applies both to the http and the ftp service. this option is useful for systems where the network is not initially active, but comes 'up' after some action (e.g. dialing-up). currently it is implemented only in the 32-bit windows version of xitami, mostly because this is the only platform that actually needs it.; Default: 0.
recover: if 1, the server will try to recover from fatal errors using an internal crash recovery system. this currently only works under windows. when this option is 0, xitami will show a fatal error message and (under windows) allow the web administrator to continue.; Default: 0.
dirsort: specifies the sort order for directory listings. you can sort by file name, extension, size, or modification date/time using any combination of the letters 'n', 'x', 's', and 't'. for instance, dirsort=xnt will sort by extension, then name, then time. to sort in reverse order, use capital letters. for instance to show the most recent files first, use dirsort=t.; Default: n.
dir-script: specifies the gsl script that is used to format http directory listings. gsl is a scripting language used by the imatix gslgen tool, incorporated into xitami. a gsl script is a flexible way to format output texts - see the supplied script for more information. it's a good idea, if you change this script, to copy it and change the copy. otherwise your changes will probably be lost when/if you ever upgrade your xitami installation.; Default: templates/httpdir.gsl.
supervisor: enables or disables the supervisor agent. when enabled, the supervisor agent will regularly check for old log files and temporary files, and remove these. temporary files are deleted when they are over one day old, and log files are deleted when they are more than two weeks old.; Default: 0.
keep-alive: if 1, xitami will allow browsers that support the keep-alive protocol to carry-out multiple requests on a single connection. this can improve performance, especially on pages with very many small files. if 0, the browser creates a new connection for each http request.; Default: 1.
keep-alive-max: a number greater than 1; xitami will allow this many requests on an 'alive' connection before closing it. setting this to 1 has the same effect as setting keep-alive to 0.; Default: 50.
timeout: a 'kept-alive' connection will last this long before xitami closes it. the timeout is specified in seconds. you can actually put this value quite high if wanted: the cost of an open connection is low and does not degrade the server performance. anything more than a minute or so is probably not worth it.; Default: 30.
default1: specifies the default files. up to 32 default files can be specified. when the user specifies a url without filename, the server searches the directory for the default files, in order, from default1 to default32, until a matching file is found or the default sequence ends. note that xitami automatically looks for .html extensions if a .htm file is not found.; Default: index.htm.
default2: specifies the default files. up to 32 default files can be specified. when the user specifies a url without filename, the server searches the directory for the default files, in order, from default1 to default32, until a matching file is found or the default sequence ends. note that xitami automatically looks for .html extensions if a .htm file is not found.; Default: default.htm.
cache-defaults: normally, defaults pages are cached like any other. this means that if the browser has already loaded the page, it will add a http request header 'if-modified-since'. xitami uses this date to determine whether to send the page or not. in most cases, it is appropriate to leave this option enabled. however, if you are developing several sites, you may find that the browser shows the default page from one site when you look at another. you can clear the browser cache and reload, but this is usually pretty tiresome. to fix this disable this option and xitami will never cache defaults pages.; Default: 1.
use-error-script: specifies whether you want to use an error script or not. when enabled, xitami will pass all http errors to the specified gsl script for processing. this is an easy and powerful way to customise error messages in a single place. by default this is disabled, for compatability with earlier releases of xitami, but an error script is supplied as standard, and used if you enable this option.; Default: 0.
error-script: specifies the gsl script that is used to format http error messages. if you use this option, xitami ignores error-header, text-xxx, and error-footer options. gsl is a scripting language used by the imatix gslgen tool, incorporated into xitami. a gsl script is a flexible way to format output texts - see the supplied script for more information. it's a good idea, if you change this script, to copy it and change the copy. otherwise your changes will probably be lost when/if you ever upgrade your xitami installation.; Default: templates/errors.gsl.
error-header: specifies the text used to preface an http error message. the text may either be html, or a filename prefaced by '@'. if the text comes from a file, xitami will re-read this file each time it sends an error response.; Default: @errors/header.htm.
error-footer: specifies the text used to end an http error message. the text may either be html, or a filename prefaced by '@'. if the text comes from a file, xitami will re-read this file each time it sends an error response.; Default: @errors/footer.htm.
text-400: specifies the text used for the http error 'bad request'. this text can either be html, or be a filename prefaced by '@'. the text is always prefixed by the error header and suffixed by the error footer.; Default: @errors/text-400.htm.
text-401: specifies the text used for the http error 'unauthorized'.; Default: @errors/text-401.htm.
text-402: specifies the text used for the http error 'payment required'.; Default: @errors/text-402.htm.
text-403: specifies the text used for the http error 'forbidden'.; Default: @errors/text-403.htm.
text-404: specifies the text used for the http error 'not found'.; Default: @errors/text-404.htm.
text-412: specifies the text used for the http error 'precondition failed'.; Default: @errors/text-412.htm.
text-413: specifies the text used for the http error 'request entity too large'.; Default: @errors/text-413.htm.
text-500: specifies the text used for the http error 'internal error'.; Default: @errors/text-500.htm.
text-501: specifies the text used for the http error 'not implemented'.; Default: @errors/text-501.htm.
text-502: specifies the text used for the http error 'service temporarily overloaded'.; Default: @errors/text-502.htm.
priority: specifies the server priority, on systems where this is possible (currently only windows nt and 95). 1=normal, 2=low, 3=high. you can set the priority to 'low' for systems where the server should not interfere with other processes. you can set the priority to 'high' for systems where the server is the main process.; Default: 1.
ipaddress: specifies the ip address on which xitami should open its http connection. if this is *, xitami will open its connection on all available ip addresses. this is normally a good idea, since it makes configuration much simpler on a multihomed system, and is completely correct on a single-homed system (i.e. a system with just one ip address, which is pretty common). if you have multiple ip addresses and want to run xitami on just one of these, you can specify it here using the standard dotted network address format. this will effectively disable ip-based virtual hosting.; Default: *.
portbase: defines the ip port base for the server. add 80 to this to calculate the actual port used for the http service. for example, to run the server on port 6080, define portbase as 6000. we use a portbase in place of an absolute address so that multiple protocols (e.g. the ftp server embedded into xitami) can be managed as one unit.; Default: 0.
base-host: specifies the name of the configuration file used for the base virtual host. you may need this option when you have virtual hosts that all inherit values from defaults.cfg, but where the base host needs different values.; Default: basehost.cfg.
hostname: specifies your fully-qualified domain name for the server. this name is used whenever the server needs to redirect a request (e.g. for image maps). you may want to provide this when configuring a virtual host. it is not usually necessary on single-hosted systems. the default for this value is the system host name, or virtual host name for virtual hosts.; Default: .
defaults: specifies the name of the local configuration file. this file provides the defaults that are used for all virtual hosts. anything in the defaults file overrides the contents of xitami.cfg.; Default: defaults.cfg.

The [Alias] Section

This section lets you define HTTP aliases. An alias is a virtual directory that points to some arbitrary directory on the server computer. This can be outside the normal webpages directory, e.g. on another drive. Aliases can be structured into multiple levels, e.g. /pub and /pub/documents can both be defined as individual aliases. HTTP aliases always come at the start of the URL. An HTTP alias can also refer to a complete filename, in which case that file will act as the default file for the alias. To define an alias, specify the alias name and the directory it refers to.

This is an example of enties in the [Alias] section:

[Alias]
    cdrom=G:\html
    private/pub=i:\pub
    private/doc=i:\docs\current

The [Virtual-Hosts] Section

This section lets you define virtual hosts. A virtual host can be specified in two ways: by IP address (if your system has multiple IP addresses) or by name (if your system has multiple names). To define a virtual host, specify the virtual IP address or host name and the name of a configuration file .

This is an example of enties in the [Virtual-Hosts] section:

[Virtual-Hosts]
    www.rnd.imatix.com=research.cfg
    253.112.23.51=home.cfg

More information is available.

The [Filter] Section

This section lets you define filter programs. To define a filter, specify a file extension with a leading dot and the filter command. The command may be with a full path, or without, if the program is on the PATH.

This is an example of enties in the [Filter] section:

[Filter]
    .php=c:\php3\php.exe

More information is available.

The [Cgi] Section

This section controls the CGI protocol.

enabled: allows you to disable cgi handling in one stroke. if this is 1, urls that translate to a cgi are allowed. if this is 0, urls that translate to a cgi are rejected with a code 501 (not implemented).; Default: 1.
workdir: defines the directory where cgi programs will run. the web server must have write access to this directory. you can tell xitami to always use the script directory by specifying "-". (this is useful if you put scripts in various subdirectories.) this option applies to filters too.; Default: -.
wildcard: defines whether the cgi url indicator ('/cgi-bin') is allowed anywhere in the url, or only at the start. if 1, it is allowed anywhere in the url. if 0, it may come only at the start of the url. note that setting this to 1 opens a significant security hole, if you also allow people to ftp files into the http area. as soon as someone creates a directory called /cgi-bin, they can upload, and execute, cgi programs. in some configurations this is desirable. in other configurations (e.g. if you allow your users to upload cgi scripts, or if you do not do ftp uploads into the http space) it can be desirable.; Default: 0.
timeout: the maximum time, in seconds, that a cgi program may run. this option prevents looping cgi programs from blocking the server system for more than a short period. however, you will want to tune it if you run exceptionally slow cgis, e.g. large database searches. (which we do not recommend; you should always aim for a response time of less than 2 seconds, and 5 seconds for 'heavy' processing.) if you set this to zero, xitami lets cgis run for an arbitrarily long time (actually one hour) before killing them.; Default: 60.
monitor: the frequency, in milliseconds, at which xitami monitors the progress of cgi programs. if you raise this time to 500, for example, xitami will check the cgi program's progress every 1/2 second. anything less than 100 is not a good idea, probably, since it will slow-down the server.; Default: 200.
dirlist: if 1, the server will generate a directory listing for any url that refers to a cgi directory not containing a default file. if 0, such accesses result in a 403 forbidden response.; Default: 0.
msdos-style: if 1, cgi programs and scripts get all filenames passed through the environment and on the command line in ms-dos format (using backslashes); otherwise they get filenames in unix format (using forward slashes).; Default: 0.
debug: if 1, the server creates files containing the cgi input and output streams, called tmpxxxxx.cgi and tmpxxxxx.cgo. you can use these to debug cgi programs' output.; Default: 0.
stdio: if 1, the server uses standard input/output streams to pass cgi input and output data. this is suitable for languages such as c, perl, etc. that have access to stdin and stdout streams. when using languages that cannot read from stdin or write to stdout, you must set this value to 0, and refer to the cgi_stdin and cgi_stdout environment variables.; Default: 1.
mixed-url: if 1, allows images, html, and other files in the cgi-bin directory. the cgi program can refer to these using relative addressing. if 0, such files are not permitted. note that in any case, executable files (such as perl scripts) are always executed, never downloaded.; Default: 1.
errlog: specifies a filename for output of cgi program errors. a cgi program can send error messages to the stderr stream; these are captured in this log file.; Default: cgierr.log.
environment: if 1, the cgi program gets the full web server environment, including values such as path. if 0, does not have access to such data. the environment data can assist a hostile attack on the host system.; Default: 1.
passargs: if 1, the server will pass url arguments (?arg1+arg2+...)to cgi programs. if 0, these are not passed. under some systems, this can pose a security problem if devious hackers manage to pass arguments to shell scripts that are interpreted as commands or filters. in any case, xitami replaces these 'dangerous' characters: |, >, < by spaces.; Default: 0.
http-fields: defines whether the http request header fields are passed to the cgi program or not.; Default: 1.
http-prefix: defines whether the http request header fields are passed to the cgi program or not.; Default: HTTP_.
form-fields: if 1, the form data (coming from a get or post method) is supplied as environment variables. this can be required by some cgi programs. however, when large forms are used, this may cause the environment to be over-filled. since the form data is also available to the cgi program on its standard input device, it can be useful to set this option to 0.; Default: 1.
form-prefix: if 1, the form data (coming from a get or post method) is supplied as environment variables. this can be required by some cgi programs. however, when large forms are used, this may cause the environment to be over-filled. since the form data is also available to the cgi program on its standard input device, it can be useful to set this option to 0.; Default: FORM_.
form-query: if 1, the form data (coming from a post method) is supplied as the environment variable query_string. if 0, this data is supplied as separate environment variables, and on the standard input device but not as a query_string environment variable. some cgi products (we know of progress webspeed) will barf if this is turned-on, since they do not expect input in both this string and on stdin.; Default: 0.

The [Cgi-Environment] Section

This section lets you define specific CGI environment variables. Each definition is taken literally and passed to the CGI program. This can be useful when using virtual hosts.

This is an example of enties in the [Cgi-Environment] section:

[CGI-Environment]
    HOSTNAME=sales

The [Cgi-Alias] Section

This section lets you define CGI aliases. A CGI alias is a virtual directory that points to some arbitrary directory on the server computer and contains CGI scripts or programs. This combines the functions of the CGI url '/cgi-bin' and an HTTP alias. To define a CGI alias, specify the alias name and the directory it refers to.

This is an example of enties in the [Cgi-Alias] section:

[CGI-Alias]
    demos=G:\site\demos

The [Ssi] Section

This section controls Xitami's built-in server-side includes (SSI) handling. More information is available.

enabled: lets you enable/disable ssi handling.; Default: 1.
timefmt: specifies the format for times shown by ssi pages.; Default: %A, %d-%b-%y %H:%M:%S %Z.
sizefmt: specifies whether size should be shown as bytes or as abbreviations (kb, mg). anything other than the string "bytes" is taken to mean that sizes are shown as abbreviations.; Default: bytes.
timeout: the timeout for cgi programs called from the ssi agent.; Default: 30.
errmsg: error message shown when an ssi command fails. the %s symbol is replaced by the cause of the problem.; Default:
[xitami SSI: %s].
exec: if 1, allows cgis to be executed using the #exec command. since this is a security weakness, this option is switched-off by default.; Default: 0.

The [Security] Section

This section defines HTTP server security options.

filename: specifies the basic authentication file.; Default: xitami.aut.
password-case: if 1, passwords are case-sensitive. if 0, passwords are always converted to lower-case before validation. if you set this to 0, be sure to use lower-case passwords in the password file.; Default: 1.
dirlist: if 1, the server will generate a directory listing for any url that refers to a directory not containing a default file. if 0, such accesses result in a 403 forbidden response. if the directory url is followed by '?sort=', then the following string is used to sort the directory, and override the dirsort option. for instance: 'http://www.imatix.com/pub/xitami/?sort=t'.; Default: 1.
admin: if 1, the server will allow access to the web-based administration pages (wba). if 0, the wba agent will not be started. this is a safe way to disable wba access, for sites where this is not needed and poses a potential security hole.; Default: 1.
superuser: specifies the superuser password. if this is "" or "-", no superuser access is allowed. anything else is accepted as a password for all protected resources, including the online administration functions. this password overrides the webmask for any resource. so, be really careful. it does not override the webmask for the entire server.; Default: .
safepaths: if 1, the server will refuse access to 'unsafe' urls, which is a notion that microsoft invented when they allowed the same file to have a short and a long filename. when this is enabled, xitami rejects any urls that contain a directory name which can be translated to a different long name and the user receives a 403 error message. if 0, this check is not done.; Default: 1.
webmask: limits the set of clients that can connect to the http server. this provides an easy way of creating an extranet web service - you can put your server on the internet, but allow access to a fixed set of ip addresses. use 'webmask=local' to specify just local addresses, or 'webmask=item,item,...' to specify one or more types of access. each item allows or excludes some ip address(es): '250.12.13.*' allows matching addresses, '!250.12.13.*' excludes matching addresses (but does not allow others). '!250.12.13.*,*' excludes one set of addresses and allows all others. 'webmask=@iplist.txt' reads the list of webmasks from a text file. More information is available.; Default: *.
setuid: specifies whether the server switches to a safe user id and group at startup. this only works under unix systems. when you use this option, you can be certain that the server runs with the minimum necessary privileges.; Default: 0.
setuid-user: when the security:setuid option is enabled, switches to this user id after opening its http and ftp ports. you should ensure that the user id exists and has suitable authority to write to log files, etc.; Default: nobody.
setuid-group: when the security:setuid option is enabled, switches to this group id after opening its http and ftp ports. you should ensure that the group id exists and has suitable authority to write to log files, etc. if you set this option to an empty value, e.g. "", xitami does not change the group id.; Default: nogroup.
cgi-username: specifies the username under which cgis will be run. if blank, runs under the same user id as started xitami.; Default: .
cgi-password: specifies a password to start cgis under the specified user id. this is required under windows only.; Default: .
cgi-groupname: specifies a password to start cgis under the specified user id. this is required under windows only.; Default: .

The [Serverlog] Section

This section controls the server error and information log.

enabled: specifies whether server logging is enabled or not.; Default: 1.
filename: specifies the name of the server log file.; Default: xitami.log.
cycle: specifies when to cycle the log file. when xitami cycles a log file, it first moves or copies the existing data to another file, then creates a new, empty log file.; Default: daily.
cycle-how: specifies how to cycle the log file.; Default: rename.
cycle-time: specifies the time of day, or minute past the hour, that the log file is cycled.; Default: 00:00.
cycle-day: specifies the day of the week or month that the log file is cycled.; Default: 0.
cycle-size: specifies the maximum size in kbytes for the log file; after that it is cycled.; Default: 0.
cycle-lines: specifies the maximum size in lines for the log file; after that it is cycled.; Default: 0.
cycle-arg: specifies an argument used for the various cycle-how options. when renaming a file or concatenating it onto another, xitami uses the argument as a time-stamped filename. when moving the file, xitami uses the argument as a time-stamped directory name. when processing the file through an arbitrary command, it uses the argument as a time-stamped command string. xitami does not use the argument when deleting log files. format this argument from any of the following timestamp fiels, mixed with other text.; Default: xi%yy%mm%dd.log.

The [Accesslog] Section

This section controls the server access log, recording HTTP hits.

enabled: specifies whether logging is enabled or not.; Default: 1.
filename: specifies the name of the log file.; Default: access.log.
local: specifies whether to include local addresses or not.; Default: 1.
format: specifies the log file format. the log file format you use needs to be compatible with whatever tool you use to analyze log files and build statistics. the most common tools work with an extended form of the ncsa log file format, also called 'common log file format'. we call this "clfx". an other commonly-used format is that produced by microsoft web servers. xitami also creates log files in two xml formats, which you can easily process using gslgen to you create arbitrary reports, statistics, and html analyses. lastly, you can create your own format, for specific purposes. impressed? we are... :-); Default: CLFX.
custom: custom log file format. this is an arbitrary text string that contains symbols as listed below. symbols are enclosed by $( and ) in the string.; Default: .
translate: specifies whether to do reverse-dns translations of the logged ip addresses, or not. reverse-dns translation can take some time, and if you need log file data quickly, leave this disabled. enabling reverse-dns translations will not slow- down xitami.; Default: 0.
cycle: specifies when to cycle the log file. when xitami cycles a log file, it first moves or copies the existing data to another file, then creates a new, empty log file.; Default: daily.
cycle-how: specifies how to cycle the log file.; Default: rename.
cycle-time: specifies the time of day, or minute past the hour, that the log file is cycled.; Default: 00:00.
cycle-day: specifies the day of the week or month that the log file is cycled.; Default: 0.
cycle-size: specifies the maximum size in kbytes for the log file; after that it is cycled.; Default: 0.
cycle-lines: specifies the maximum size in lines for the log file; after that it is cycled.; Default: 0.
cycle-arg: specifies an argument used for the various cycle-how options. when renaming a file or concatenating it onto another, xitami uses the argument as a time-stamped filename. when moving the file, xitami uses the argument as a time-stamped directory name. when processing the file through an arbitrary command, it uses the argument as a time-stamped command string. xitami does not use the argument when deleting log files. format this argument from any of the following timestamp fiels, mixed with other text.; Default: ac%yy%mm%dd.log.

The [Errorlog] Section

This section controls the server error log, recording HTTP errors.

enabled: specifies whether logging is enabled or not.; Default: 1.
filename: specifies the name of the log file.; Default: errors.log.
local: specifies whether to include local addresses or not.; Default: 1.
format: specifies the log file format. the log file format you use needs to be compatible with whatever tool you use to analyze log files and build statistics. the most common tools work with an extended form of the ncsa log file format, also called 'common log file format'. we call this "clfx". an other commonly-used format is that produced by microsoft web servers. xitami also creates log files in two xml formats, which you can easily process using gslgen to you create arbitrary reports, statistics, and html analyses. lastly, you can create your own format, for specific purposes. impressed? we are... :-); Default: CLFX.
custom: custom log file format. this is an arbitrary text string that contains symbols as listed below. symbols are enclosed by $( and ) in the string.; Default: .
translate: specifies whether to do reverse-dns translations of the logged ip addresses, or not. reverse-dns translation can take some time, and if you need log file data quickly, leave this disabled. enabling reverse-dns translations will not slow- down xitami.; Default: 0.
cycle: specifies when to cycle the log file. when xitami cycles a log file, it first moves or copies the existing data to another file, then creates a new, empty log file.; Default: daily.
cycle-how: specifies how to cycle the log file.; Default: rename.
cycle-time: specifies the time of day, or minute past the hour, that the log file is cycled.; Default: 00:00.
cycle-day: specifies the day of the week or month that the log file is cycled.; Default: 0.
cycle-size: specifies the maximum size in kbytes for the log file; after that it is cycled.; Default: 0.
cycle-lines: specifies the maximum size in lines for the log file; after that it is cycled.; Default: 0.
cycle-arg: specifies an argument used for the various cycle-how options. when renaming a file or concatenating it onto another, xitami uses the argument as a time-stamped filename. when moving the file, xitami uses the argument as a time-stamped directory name. when processing the file through an arbitrary command, it uses the argument as a time-stamped command string. xitami does not use the argument when deleting log files. format this argument from any of the following timestamp fiels, mixed with other text.; Default: er%yy%mm%dd.log.

The [Ddns] Section

This section configures the Xitami dynamic DNS (DDNS) client. You can define multiple DDNS registrations by duplicating this section of the configuration file and naming the extra sections [Ddns1], [Ddns2], etc. Xitami looks for these in order, and stops when it can't find one.

This is an example of enties in the [Ddns] section:

[Ddns]
    enabled=1
    refresh=3600
    service=localhost
    domain=my.ddns.test
    username=me@localhost
    password=FurkYFurt
[Ddns1]
    enabled=1
    service=xitami.net
    domain=myhost.xitami.net
    username=joe23@aol.com
    password=TZO-xxxx-xxxx-xxxx-xxxx

More information is available.

enabled: tells xitami whether to sign-on to the ddns service at start-up or not. this is normally switched off when you don't use ddns and switched on when you do.; Default: 0.
filename: specifies the ddns definition file. this is an xml file that follows a specific format - look at ddnsdef.xml for an explanation. if you define your own customised ddns services, it's a good idea to copy ddnsdef.xml to something else (e.g. 'myddnss.xml') and then change that. this avoids unpleasant surprises when you upgrade your xitami version. note that we may change the format of the ddns definition file in the future.; Default: ddnsdef.xml.
refresh: xitami will automatically refresh its ddns connections if you set this to a non-zero value. this delay is measured in seconds.; Default: 3600.
service: defines the ddns service to use.; Default: localhost.
domain: defines the dynamic domain name you are using. this must be the complete domain name, for instance 'myhost.xitami.net'.; Default: -.
username: defines your username. usually you define this when you register your ddns name. for xitami.net and tzo.com, it is an e-mail address.; Default: -.
password: defines your password. usually you define this when you register your ddns name. for xitami.net and tzo.com, this is a key of the form "tzo-xxxx-xxxx-xxxx-xxxx". for ns1.net, the password is sent to you when you register.; Default: -.

The [Rdns] Section

This section defines the configuration of the reverse-DNS lookups used by Xitami to translate IP addresses for its access log files.

primary-server: defines the primary dns server used for lookups. this value is mandatory for rdns lookups. specify it as an dotted ip address.; Default: 127.0.0.1.
secondary-server: defines a secondary dns server, if one is available. this will provide a backup rdns server if the primary server does not respond. specify it as an dotted ip address.; Default: .
recurse-lookups: specifies whether xitami uses recursive lookups or not. depending on the dns configuration, this can be faster or slower than non-recursive lookups.; Default: 1.
debug: specifies whether xitami should output trace entries for its rdns work. if 1, each rdns lookup sends trace information to debug.log. use this if you are having problems getting reverse-dns lookups to work.; Default: 0.

The [Mime] Section

This section lets you define MIME types. A MIME type is information sent to the browser with each file, telling the browser how to handle the file. Specify each MIME type as a file extension and the corresponding MIME type. Note that a large set of MIME types are loaded as standard. The MIME type 'default' is used for file extensions that don't match anything else. The file extension and MIME type must be specified in lowercase. To specify a MIME type for files with no extension, use ".=xxx/xxx".

This is an example of enties in the [Mime] section:

[Mime]
    default=*/*                #   Default MIME type
    htm=text/html
    html=text/html
    .=text/plain               #   Files with no extension
    gif=image/gif
    jpeg=image/jpeg
    jpg=image/jpeg
    doc=application/msword

These entries are loaded by default:

Entry: Definition

Default MIME type

default */*

Text MIME types

. text/plain

etx text/x-setext

htm text/html

html text/html

htp text/html

rtx text/richtext

tsv text/tab-separated-values

txt text/plain

Image MIME types

fh image/x-freehand

fh4 image/x-freehand

fh5 image/x-freehand

fh7 image/x-freehand

fhc image/x-freehand

gif image/gif

ief image/ief

jpe image/jpeg

jpeg image/jpeg

jpg image/jpeg

pbm image/x-portable-bitmap

pgm image/x-portable-graymap

png image/png

pnm image/x-portable-anymap

ppm image/x-portable-pixmap

ras image/x-cmu-raster

rgb image/x-rgb

tif image/tiff

tiff image/tiff

xbm image/x-xbitmap

xpm image/x-xpixmap

xwd image/x-xwindowdump

Video MIME types

avi video/msvideo

mov video/quicktime

movie video/x-sgi-movie

mpe video/mpeg

mpeg video/mpeg

mpg video/mpeg

qt video/quicktime

qtv video/quicktime

Audio MIME types

aif audio/x-aiff

aifc audio/x-aiff

aiff audio/x-aiff

au audio/basic

m3u audio/mpegurl

mid audio/midi

mp3 audio/mpeg

mp3url audio/mpegurl

ra audio/x-realaudio

ram audio/x-pn-realaudio

rm audio/x-pn-realaudio

rmi audio/midi

rpm audio/x-pn-realaudio-plugin

snd audio/basic

wav audio/wav

Application MIME types

aab application/x-authorware-bin

aam application/x-authorware-map

aas application/x-authorware-seg

ai application/postscript

bcpio application/x-bcpio

bin application/octet-stream

cdf application/x-netcdf

cpio application/x-cpio

csh application/x-csh

dcr application/x-director

dir application/x-director

doc application/msword

dvi application/x-dvi

dxr application/x-director

eps application/postscript

exe application/octet-stream

gtar application/x-gtar

gz application/x-gzip

hdf application/x-hdf

jar application/java-archive

js application/x-javascript

latex application/x-latex

ltx application/x-latex

lzh application/x-lzh

man application/x-troff-man

me application/x-troff-me

ms application/x-troff-ms

nc application/x-netcdf

oda application/oda

pdf application/pdf

ps application/postscript

roff application/x-troff

rtf application/rtf

sh application/x-sh

shar application/x-shar

spl application/futuresplash

src application/x-wais-source

sv4cpio application/x-sv4cpio

sv4crc application/x-sv4crc

swf application/x-shockwave-flash

t application/x-troff

tar application/tar

tcl application/x-tcl

tex application/x-tex

texi application/x-texinfo

texinfo application/x-texinfo

tgz application/x-gzip

tr application/x-troff

txi application/x-texinfo

ustar application/x-ustar

zip application/zip

VRML MIME types

wrl x-world/x-vrml

wrz x-world/x-vrml

Entry:	Definition
Default MIME type
default	/
Text MIME types
.	text/plain
etx	text/x-setext
htm	text/html
html	text/html
htp	text/html
rtx	text/richtext
tsv	text/tab-separated-values
txt	text/plain
Image MIME types
fh	image/x-freehand
fh4	image/x-freehand
fh5	image/x-freehand
fh7	image/x-freehand
fhc	image/x-freehand
gif	image/gif
ief	image/ief
jpe	image/jpeg
jpeg	image/jpeg
jpg	image/jpeg
pbm	image/x-portable-bitmap
pgm	image/x-portable-graymap
png	image/png
pnm	image/x-portable-anymap
ppm	image/x-portable-pixmap
ras	image/x-cmu-raster
rgb	image/x-rgb
tif	image/tiff
tiff	image/tiff
xbm	image/x-xbitmap
xpm	image/x-xpixmap
xwd	image/x-xwindowdump
Video MIME types
avi	video/msvideo
mov	video/quicktime
movie	video/x-sgi-movie
mpe	video/mpeg
mpeg	video/mpeg
mpg	video/mpeg
qt	video/quicktime
qtv	video/quicktime
Audio MIME types
aif	audio/x-aiff
aifc	audio/x-aiff
aiff	audio/x-aiff
au	audio/basic
m3u	audio/mpegurl
mid	audio/midi
mp3	audio/mpeg
mp3url	audio/mpegurl
ra	audio/x-realaudio
ram	audio/x-pn-realaudio
rm	audio/x-pn-realaudio
rmi	audio/midi
rpm	audio/x-pn-realaudio-plugin
snd	audio/basic
wav	audio/wav
Application MIME types
aab	application/x-authorware-bin
aam	application/x-authorware-map
aas	application/x-authorware-seg
ai	application/postscript
bcpio	application/x-bcpio
bin	application/octet-stream
cdf	application/x-netcdf
cpio	application/x-cpio
csh	application/x-csh
dcr	application/x-director
dir	application/x-director
doc	application/msword
dvi	application/x-dvi
dxr	application/x-director
eps	application/postscript
exe	application/octet-stream
gtar	application/x-gtar
gz	application/x-gzip
hdf	application/x-hdf
jar	application/java-archive
js	application/x-javascript
latex	application/x-latex
ltx	application/x-latex
lzh	application/x-lzh
man	application/x-troff-man
me	application/x-troff-me
ms	application/x-troff-ms
nc	application/x-netcdf
oda	application/oda
pdf	application/pdf
ps	application/postscript
roff	application/x-troff
rtf	application/rtf
sh	application/x-sh
shar	application/x-shar
spl	application/futuresplash
src	application/x-wais-source
sv4cpio	application/x-sv4cpio
sv4crc	application/x-sv4crc
swf	application/x-shockwave-flash
t	application/x-troff
tar	application/tar
tcl	application/x-tcl
tex	application/x-tex
texi	application/x-texinfo
texinfo	application/x-texinfo
tgz	application/x-gzip
tr	application/x-troff
txi	application/x-texinfo
ustar	application/x-ustar
zip	application/zip
VRML MIME types
wrl	x-world/x-vrml
wrz	x-world/x-vrml

The [Console] Section

This section controls the browser-based admin screens.

startup: specifies the initial screen to show; the values for this option are deliberately not documented. change this option only using the wba.; Default: 1.
refresh: specifies whether the console information screens should refresh automatically or not. this only works with browsers that support the meta http-equiv="refresh" tag. on most modern browsers, the refresh option causes warning messages.; Default: 0.
rate: specifies the rate at which the refresh occurs, in seconds.; Default: 10.
capture: specifies whether console output is sent to a file or not.; Default: 1.
filename: if the capture option is set, this option specifies a filename.; Default: console.log.
append: if the capture option is set, this option controls whether the console log is cleared each time the server is started, or not.; Default: 0.
javascript: if 1, the wba screens will use small amounts of javascript to improve the user-interface; for instance placing the cursor on the first input field automatically. if 0, javascript will not be used. in general enabling javascript will give better results.; Default: 1.
large-icons: if 1, the wba screens will show large icons on the icon bar. if 0, they will show small icons with only images, no text labels.; Default: 1.

The [Win32] Section

This section controls options specific to the 32-bit Windows versions of Xitami.

16bit-cgi: defines whether 16-bit cgis are supported or not. if they are, all cgis are run in a separate virtual machine. this is safe but slow. if you use only 32-bit cgis, you can run cgis faster by setting this option to 0.; Default: 0.
secure: if 1, the 'stop', 'start', and 'terminate' buttons on the xitami windows control panel are disabled. this is intended for configurations where the server may only be halted by an authorised administrator, using the wba control panel.; Default: 0.
service-name: this option is used under windows nt for the nt service version of xitami. you can only change this by manually editing defaults.cfg; it is not shown in the wba. change this before installing xiwinnt. you can use this option to install multiple instances of xitami each with a different service name and title (as defined by the win32:service-text option). you will need a separate working directory for each such xitami service that you start.; Default: Xitami.
service-text: this option is used under windows nt for the nt service version of xitami. you can only change this by manually editing defaults.cfg; it is not shown in the wba. to enable the change, run 'xiwinnt -u', then 'xiwinnt -i'.; Default: Xitami Web Server.

The [Wsx] Section

This section lets you define web server extension (WSX) agents. An example of a WSX agent is the WBA agent. Each entry in this section defines a URL prefix and an agent name. The prefix identifies all URLs passed to this agent, and consists of one or more directory names separated by '/'. To disable a preloaded WSX agent, clear the agent name.

This is an example of enties in the [Wsx] section:

[WSX]
    admin=xiadmin      #   Web-based administration agent "/admin"
    error=""           #   Error simulation agent disabled

More information is available.

These entries are loaded by default:

Entry: Definition

Preloaded WSX agents

.gsl xixxml

.map xiimap

.shtm xixssi

.shtml xixssi

.ssi xixssi

.xml xixxml

admin xiadmin

error xierror

Entry:	Definition
Preloaded WSX agents
.gsl	xixxml
.map	xiimap
.shtm	xixssi
.shtml	xixssi
.ssi	xixssi
.xml	xixxml
admin	xiadmin
error	xierror

The [Ftp] Section

This section controls Xitami's FTP service.

enabled: specifies whether the ftp service is enabled or not. if you change this, restart xitami for the changes to take effect.; Default: 1.
root: specifies the root directory for ftp logins, unless a specific directory is defined for the current user.; Default: ./ftproot.
port: specifies the ftp connection port. the port is shifted by the portbase specified for the main http service. for instance if you specify a port 21, and a portbase of 8000, your server will accept ftp connections on port 8021 and http connections on port 8080.; Default: 21.
timeout: specifies the time in seconds after which inactive control connections are closed. an ftp session requires one control connection, plus one data connection during file transfers. you should tune this timeout to suit the requirements of your system. for instance, under an os like windows 95, sockets are a limited resource, so a shorter timeout is a good idea. for sites with a small user group, you can use high timeouts, which users generally prefer.; Default: 300.
limit: specifies the maximum number of users that may login at once. on systems that can handle lots of open sockets (e.g. unix, os/2, winnt, win98), you may want to increase this. xitami does not impose any fixed limit. if you set this value to 0, it means 'no limit'.; Default: 25.
pipe: specifies the default ftp throttle pipe. with a throttle pipe you can restrict the throughput of a ftp site to some fixed maximum, e.g. 64kbps. this can be useful if several ftp sites share a single line, and you need to share this on a quality-of-service basis. the ftp throttle pipe is used for uploads and downloads for the ftp service, except where the profile for a user specifies a different throttle pipe. pipes are defined in the xml file 'pipedef.xml'. you can edit this file to add new pipes; xitami reloads this automatically after a short delay. each pipe is defined as several 'instances', which are simply individual pipes that share the same characteristics. for example, the default pipedef.xml file defines several pipes with a 64kbps throughput. these are individual instances of a 64kpbs pipe. all transfers that use a specific pipe instance share the bandwidth of that pipe instance.; Default: .
user-file: specifies the name of the ftp user definition file.; Default: ftpusers.aut.
directory-file: specifies the name of the directory definition file.; Default: ftpdirs.aut.
dirsort: specifies the sort order for directory listings. you can sort by file name, extension, size, or modification date/time using any combination of the letters 'n', 'x', 's', and 't'. for instance, dirsort=xnt will sort by extension, then name, then time. to sort in reverse order, use capital letters. for instance to show the most recent files first, use dirsort=t.; Default: n.
message-script: specifies the gsl script that is used to format ftp messages. if you use this option, xitami ignores the welcome, signoff, and login-text options. gsl is a scripting language used by the imatix gslgen tool, incorporated into xitami. a gsl script is a flexible way to format output texts - see the supplied script for more information. it's a good idea, if you change this script, to copy it and change the copy. otherwise your changes will probably be lost when/if you ever upgrade your xitami installation.; Default: templates/ftpmesg.gsl.
welcome: specifies a text to be shown when a user connects to the ftp server. this can be literal text, or the name of a file, preceded by '@'. the file can contain up to 2000 characters. any lines that start with '#' are ignored as comments. if you modify this file, it is safest to make a copy (call it welcome.txt or something) and change this option to refer to the changed file. this avoids unpleasant surprises when you reinstall the next latest greatest version of xitami.; Default: @ftphello.txt.
signoff: specifies a text to be shown when a user ends the ftp session. this can be literal text, or the name of a file, preceded by '@'. the file can contain up to 2000 characters. any lines that start with '#' are ignored as comments. if you modify this file, it is safest to make a copy (call it goodbye.txt or something) and change this option to refer to the changed file. this avoids unpleasant surprises when you reinstall the next latest greatest version of xitami.; Default: @ftpadios.txt.
login-text: specifies a text to be shown when a user logs-in to the ftp server. this can be literal text, or the name of a file, preceded by '@'. the file can contain up to 2000 characters. any lines that start with '#' are ignored as comments. if you modify this file, it is safest to make a copy (call it login.txt or something) and change this option to refer to the changed file. xitami will search for this file first in the user's login directory, then in the main xitami directory.; Default: @ftplogin.txt.
user-at-host: this flag controls whether xitami allows virtual hosts using the syntax 'username@hostname'. this syntax is supported by some ftp clients, and allows you to use multiple ftp virtual hosts on a single ip address.; Default: 1.
email-check: if 1, the ftp server will check that the e-mail address supplied for anonymous logins is a valid address. the nature of the check is not documented (it may just look for an '@' in the address).; Default: 0.
http-aliases: specifies whether the http [alias] section should be used by the ftp service. this can be useful in configurations where you want to share the same data between services, but it can be a security risk if you want to use ftp aliases to access directories outside the http space.; Default: 0.
soft-quota: specifies the default soft quota for ftp users who are subject to a quota. you can also specify quota values for individual users. this value is specified in megabytes, as a decimal number (using a decimal point, not comma, even in europe). when a user exceeds their soft quota, they start getting warning messages.; Default: 2.5.
hard-quota: specifies the default hard quota for ftp users who are subject to a quota. you can also specify quota values for individual users. this value is specified in megabytes, as a decimal number. when a user exceeds their hard quota, they cannot upload new files.; Default: 5.
webmask: specifies the set of clients that can connect to the ftp server. use 'webmask=local' to specify just local addresses, or 'webmask=item,item,...' to specify one or more types of access. each item allows or excludes some ip address(es): '250.12.13.*' allows matching addresses, '!250.12.13.*' excludes matching addresses (but does not allow others). '!250.12.13.*,*' excludes one set of addresses and allows all others. 'webmask=@iplist.txt' reads the list of webmasks from a text file. More information is available.; Default: *.
password-case: if 1, ftp passwords are case-sensitive. if 0, passwords are always converted to lower-case before validation. if you set this to 0, be sure to use only lower-case passwords in the password file.; Default: 1.
data-port: specifies the port at which data connections will be made. xitami scans for free ports, so this is simply the start of a range of ports. the port is shifted by whatever value was used for the server portbase.; Default: 200.
force-ip: indicates whether passive connections must be forced to the ip address specified in the 'ipaddress' option.; Default: 0.
ipaddress: the ip address used for passive connections. if '*', accepts passive connections on all local available ip addresses.; Default: *.

The [Ftp-Alias] Section

This section lets you define FTP aliases. An FTP alias looks like a root directory for ftp users, and point to some arbitrary directory on the server.+ The alias name itself may not contain '/'. It is not case sensitive. FTP aliases are only shown to 'root' users, i.e. those with an empty root value, or those who have the 'aliases=1' option defined. Aliases are shown only if the user has GET access, and if the specified user's root directory actually exists.

This is an example of enties in the [Ftp-Alias] section:

[FTP-Alias]
    demos=G:\site\demos

The [Ftplog] Section

This section controls the server access log, recording FTP hits.

enabled: specifies whether logging is enabled or not.; Default: 1.
filename: specifies the name of the log file.; Default: access.log.
local: specifies whether to include local addresses or not.; Default: 1.
format: specifies the log file format. the log file format you use needs to be compatible with whatever tool you use to analyze log files and build statistics. the most common tools work with an extended form of the ncsa log file format, also called 'common log file format'. we call this "clfx". an other commonly-used format is that produced by microsoft web servers. xitami also creates log files in two xml formats, which you can easily process using gslgen to you create arbitrary reports, statistics, and html analyses. lastly, you can create your own format, for specific purposes. impressed? we are... :-); Default: CLFX.
custom: custom log file format. this is an arbitrary text string that contains symbols as listed below. symbols are enclosed by $( and ) in the string.; Default: .
translate: specifies whether to do reverse-dns translations of the logged ip addresses, or not. reverse-dns translation can take some time, and if you need log file data quickly, leave this disabled. enabling reverse-dns translations will not slow- down xitami.; Default: 0.
cycle: specifies when to cycle the log file. when xitami cycles a log file, it first moves or copies the existing data to another file, then creates a new, empty log file.; Default: daily.
cycle-how: specifies how to cycle the log file.; Default: rename.
cycle-time: specifies the time of day, or minute past the hour, that the log file is cycled.; Default: 00:00.
cycle-day: specifies the day of the week or month that the log file is cycled.; Default: 0.
cycle-size: specifies the maximum size in kbytes for the log file; after that it is cycled.; Default: 0.
cycle-lines: specifies the maximum size in lines for the log file; after that it is cycled.; Default: 0.
cycle-arg: specifies an argument used for the various cycle-how options. when renaming a file or concatenating it onto another, xitami uses the argument as a time-stamped filename. when moving the file, xitami uses the argument as a time-stamped directory name. when processing the file through an arbitrary command, it uses the argument as a time-stamped command string. xitami does not use the argument when deleting log files. format this argument from any of the following timestamp fiels, mixed with other text.; Default: ac%yy%mm%dd.log.

The [Ftperrlog] Section

This section controls the FTP error log.

enabled: specifies whether logging is enabled or not.; Default: 1.
filename: specifies the name of the log file.; Default: errors.log.
local: specifies whether to include local addresses or not.; Default: 1.
format: specifies the log file format. the log file format you use needs to be compatible with whatever tool you use to analyze log files and build statistics. the most common tools work with an extended form of the ncsa log file format, also called 'common log file format'. we call this "clfx". an other commonly-used format is that produced by microsoft web servers. xitami also creates log files in two xml formats, which you can easily process using gslgen to you create arbitrary reports, statistics, and html analyses. lastly, you can create your own format, for specific purposes. impressed? we are... :-); Default: CLFX.
custom: custom log file format. this is an arbitrary text string that contains symbols as listed below. symbols are enclosed by $( and ) in the string.; Default: .
translate: specifies whether to do reverse-dns translations of the logged ip addresses, or not. reverse-dns translation can take some time, and if you need log file data quickly, leave this disabled. enabling reverse-dns translations will not slow- down xitami.; Default: 0.
cycle: specifies when to cycle the log file. when xitami cycles a log file, it first moves or copies the existing data to another file, then creates a new, empty log file.; Default: daily.
cycle-how: specifies how to cycle the log file.; Default: rename.
cycle-time: specifies the time of day, or minute past the hour, that the log file is cycled.; Default: 00:00.
cycle-day: specifies the day of the week or month that the log file is cycled.; Default: 0.
cycle-size: specifies the maximum size in kbytes for the log file; after that it is cycled.; Default: 0.
cycle-lines: specifies the maximum size in lines for the log file; after that it is cycled.; Default: 0.
cycle-arg: specifies an argument used for the various cycle-how options. when renaming a file or concatenating it onto another, xitami uses the argument as a time-stamped filename. when moving the file, xitami uses the argument as a time-stamped directory name. when processing the file through an arbitrary command, it uses the argument as a time-stamped command string. xitami does not use the argument when deleting log files. format this argument from any of the following timestamp fiels, mixed with other text.; Default: er%yy%mm%dd.log.

The [Lrwp] Section

This section controls the LRWP (long-running web process) protocol. More information is available.

enabled: specifies whether the lrwp agent is enabled or not.; Default: 1.
port: specifies the port on which the lrwp agent accepts connections.; Default: 81.
webmask: specifies the webmask for lrwp clients. normally this is restricted to local lrwp clients, but you can also construct lrwp networks from multiple servers. use 'webmask=local' to specify just local addresses, or 'webmask=item,item,...' to specify one or more types of access. each item allows or excludes some ip address(es): '250.12.13.*' allows matching addresses, '!250.12.13.*' excludes matching addresses (but does not allow others). '!250.12.13.*,*' excludes one set of addresses and allows all others. 'webmask=@iplist.txt' reads the list of webmasks from a text file. More information is available.; Default: local.
allow-all: allows all lrwp clients to connect. if this is set to 1, any lrwp application will be allowed to connect. otherwise the lrwp-application section must be used to authorise specific applications, and optionally specify a password to use during the authentication stage.; Default: 1.

The [Lrwp-Application] Section

This section consists of one entry per application name (either URL prefix, or a URL "extension" name). The entry should either to be set to "*" to indicate the application is allowed without authentication, or to a password/phrase that is used in LRWP 2.0 authentication with that application. If a password/phrase is specified, then LRWP 1.0 clients will not be allowed to connect with that name (as they cannot perform the required authentication).

This is an example of enties in the [Lrwp-Application] section:

[LRWP-Application]
    testapp=*             # Connect without any password
    secureapp=funky161    # Connect using secure password

The [Ssl-Http] Section

This section controls the interface between Xitami and the SSL (secure socket layer) agent. The SSL agent is active in Xitami/Pro, the professional version of Xitami.

enabled: specifies whether the ssl interface is enabled or not.; Default: 1.
config-file: specifies the ssl configuration filename.; Default: sslhttp.cfs.

Field with specific values

These options occur in several sections and are selected from a list of possible values.

Log file format

Specifies the log file format. The log file format you use needs to be compatible with whatever tool you use to analyze log files and build statistics. The most common tools work with an extended form of the NCSA log file format, also called 'common log file format'. We call this "CLFX". An other commonly-used format is that produced by Microsoft web servers. Xitami also creates log files in two XML formats, which you can easily process using GSLgen to you create arbitrary reports, statistics, and HTML analyses. Lastly, you can create your own format, for specific purposes. Impressed? We are... :-) These are the possible values for the log file format:

Value: Has this meaning:

clf Common-log format, as used by the NCSA httpd server. Defined as: '$(client) - $(user) [$(datetime)] "$(request)" $(status) $(sent)'

clfx Extended CLF, as used by Apache and Xitami. Defined as: '$(client) - $(user) [$(datetime)] "$(request)" $(status) $(sent) "$(referer)" "$(agent)"'

ms Microsoft format as used by IIS. Defined as: '$(client), $(user), $(mon)/$(day)/$(year), $(hh):$(mm):$(ss), $(service), Xitami, $(ipsrv), $(stime), $(recd), $(sent), $(status), 0, $(method), $(file)'

lml iMatix Logfile Markup Language, an XML format. Defined as: ''

xlml iMatix Extended LML, a richer XML format. Defined as: ''

custom User defined format, specified in custom field, and built from any combination of log format specifiers mixed with other text.

Value:	Has this meaning:
clf	Common-log format, as used by the NCSA httpd server. Defined as: '$(client) - $(user) [$(datetime)] "$(request)" $(status) $(sent)'
clfx	Extended CLF, as used by Apache and Xitami. Defined as: '$(client) - $(user) [$(datetime)] "$(request)" $(status) $(sent) "$(referer)" "$(agent)"'
ms	Microsoft format as used by IIS. Defined as: '$(client), $(user), $(mon)/$(day)/$(year), $(hh):$(mm):$(ss), $(service), Xitami, $(ipsrv), $(stime), $(recd), $(sent), $(status), 0, $(method), $(file)'
lml	iMatix Logfile Markup Language, an XML format. Defined as: ''
xlml	iMatix Extended LML, a richer XML format. Defined as: ''
custom	User defined format, specified in custom field, and built from any combination of log format specifiers mixed with other text.

Log file cycle option

Specifies when to cycle the log file. When Xitami cycles a log file, it first moves or copies the existing data to another file, then creates a new, empty log file. These are the possible values for the log file cycle option:

Value: Has this meaning:

startup When the server starts

hourly Each hour at some specified time

daily Each day at some specified time

weekly Each week at some specified day and time

monthly Each month at some specified day and time

manual Manually only

size When the log file gets larger than some specified size in Kbytes.

lines When the log file gets larger than some specified size in lines.

Value:	Has this meaning:
startup	When the server starts
hourly	Each hour at some specified time
daily	Each day at some specified time
weekly	Each week at some specified day and time
monthly	Each month at some specified day and time
manual	Manually only
size	When the log file gets larger than some specified size in Kbytes.
lines	When the log file gets larger than some specified size in lines.

Log file cycle-how option

Specifies how to cycle the log file. These are the possible values for the log file cycle-how option:

Value: Has this meaning:

rename Rename the old log file, and create a new file.

delete Delete the old log file, and create a new file.

move Move the old log file to some directory, and create a new file.

concat Append the old log file to some file, and create a new file.

process Run an arbitrary command to process the file, then create a new file.

Value:	Has this meaning:
rename	Rename the old log file, and create a new file.
delete	Delete the old log file, and create a new file.
move	Move the old log file to some directory, and create a new file.
concat	Append the old log file to some file, and create a new file.
process	Run an arbitrary command to process the file, then create a new file.

Using Webmasks

Xitami uses 'webmasks' to allow or deny access to resources. The simplest webmask is:

webmask=*

which allows all IP addresses. The '*' matches part or all of an IP address, in this case, all addresses.

To restrict accesses to local IP connections (i.e. originating from the same system), use the form:

webmask=local

More complex webmasks consist of several terms, separated by commas. For example:

webmask=192.*,!221.201.*,1.233.12.*

To see whether the IP address of a client is allowed or rejected by a webmask, Xitami starts with the first term, and looks at each term to see whether it explicitly allows or denies the client IP address. The order of the terms is very important. For example:

webmask=!192.*,*

First rejects any addresses that start with '192.', and then allows all (other) addresses. A client connecting from '192.1.1.1' will be rejected by the first term.

However, the same two terms, exchanged, have a different effect:

webmask=*,!192.*

Here, all clients are allowed by the first term, '*', and Xitami will not even look at the second term.

Lastly, you can put webmask information into a text file. Use this form:

webmask=@filename

Enter the webmask terms in the specified file, using whitespace or blank lines freely. If the webmask file is not present, Xitami displays an error message in its log files, and acts as if the webmask was not defined at all.

Using the Error Simulation Function

Xitami lets you simulate a specific HTTP error, useful if you've defined customised error messages. Use the special URL 'error?xxx' where 'xxx' is the 3-digit HTTP error code you want to simulate. For instance, to simulate a 402 error (Payment Required), use a URL like this: http://localhost/error?402. You can simulate a 302 error (temporary redirection) using a URL like this: http://localhost/error?302:/somedir/somepage.htm.