Here you will find a list of all available configuration lighttpd. They are grouped by module, and a link to each module configuration will provide with more detail information about each option, as well as examples, and other guidelines.
option |
description |
details |
connection.kbytes-per-second |
limit the throughput for each single connection to the given limit in kbyte/s |
Details |
etag.use-inode |
Determines if inode-value is used in ETag generation |
Details |
etag.use-mtime |
Determines if mtime-value is used in ETag generation |
Details |
etag.use-size |
Determines if size-value is used in ETag generation |
Details |
index-file.names |
list of files to search for if a directory is requested |
Details |
mimetype.assign |
list of known mimetype mappings |
Details |
mimetype.use-xattr |
try to use XFS-style extended attribute interface for retreiving the Content-Type |
Details |
server.bind |
IP address, hostname or absolute path to the unix-domain socket |
Details |
server.chroot |
root-directory of the server |
Details |
server.core-files |
enable core files |
Details |
server.dir-listing |
enable/disable dir listing |
Details |
server.document-root |
document-root of the webserver |
Details |
server.errorfile-prefix |
path prefix for special status codes pages |
Details |
server.error-handler-404 |
uri to call if the requested file results in a 404 |
Details |
server.errorlog |
pathname of the error-log |
Details |
server.errorlog-use-syslog* |
send errorlog to syslog |
Details |
server.breakagelog |
open as stderr, so all forked applications will write their errors to this (if stderr isn't handled otherwise via a pipe); needed to see mod_cgi stderr in 1.4 |
|
server.event-handler |
set the event handler |
Details |
server.follow-symlink |
allow to follow-symlinks |
Details |
server.force-lowercase-filenames |
enable force all filenames to lowercase |
|
server.groupname |
groupname used to run the server |
Details |
server.kbytes-per-second |
limit the throughput for all connections to the given limit in kbyte/s |
Details |
server.max-connections |
maximum connections |
Details |
server.max-fds |
maximum number of file descriptors |
Details |
server.max-keep-alive-idle |
maximum number of seconds until a idling keep-alive connection is droped |
Details |
server.max-keep-alive-requests |
maximum number of request within a keep-alive session |
Details |
server.max-read-idle |
maximum number of seconds until a waiting, non keep-alive read times out and closes the connection |
Details |
server.max-request-size |
maximum size in kbytes of the request |
Details |
server.max-worker |
number of worker processes to spawn |
Details |
server.max-write-idle |
maximum number of seconds until a waiting write call times out |
Details |
server.modules |
modules to load |
Details |
server.name |
name of the server/virtual server |
Details |
server.network-backend |
basic network interface for all platforms at the syscalls read() and write() |
Details |
server.pid-file |
set the name and location of the .pid-file |
Details |
server.protocol-http11 |
defines if HTTP/1.1 is allowed or not |
Details |
server.range-requests |
defines if range requests are allowed or not |
Details |
server.reject-expect-100-with-417 |
setting to disable returning of a 417 if "Expect: 100-continue" header |
|
server.stat-cache-engine |
select stat() call caching |
Details |
server.tag |
set the string returned by the server |
Details |
server.upload-dirs |
path to upload directory |
Details |
server.use-ipv6 |
bind to the IPv6 socket |
Details |
server.username |
username used to run the server |
Details |
static-file.etags |
Determines if ETags are generated or not |
|
static-file.exclude-extensions |
forbid access to the source of some types of files by extension |
|
option |
description |
details |
ssl.engine |
enable/disable ssl engine |
Details |
ssl.pemfile |
path to the PEM file for SSL support |
Details |
ssl.ca-file |
path to the CA file for support of chained certificates |
Details |
ssl.use-sslv2 |
enable/disable use of SSL version 2 |
Details |
ssl.cipher-list |
Configure the allowed SSL ciphers |
Details |
ssl.honor-cipher-order |
enable/disable honoring the order of ciphers set in ssl.cipher-list (set by default when ssl.cipher-list is set) |
Details |
ssl.disable-client-renegotiation |
enable/disable mitigation of client triggered re-negotiation (see CVE-2009-3555) |
Details |
ssl.verifyclient.activate |
enable/disable client verification |
Details |
ssl.verifyclient.enforce |
enable/disable enforcing client verification |
Details |
ssl.verifyclient.depth |
certificate depth for client verification |
Details |
ssl.verifyclient.exportcert |
enable/disable client certificate export to env:SSL_CLIENT_CERT |
Details |
ssl.verifyclient.username |
client certificate entity to export as env:REMOTE_USER (eg. SSL_CLIENT_S_DN_emailAddress, SSL_CLIENT_S_DN_UID, etc.) |
Details |
option |
description |
debug.log-request-header |
log all request headers |
debug.log-file-not-found |
log if a file wasn't found |
debug.log-condition-handling |
log conditionals handling for debugging |
debug.log-request-header-on-error |
log request header, but only when there is an error |
debug.log-request-handling |
log request handling inside lighttpd |
debug.log-state-handling |
log state handling inside lighttpd |
debug.log-response-header |
log the header we send out to the client |
debug.log-ssl-noise |
log some ssl warnings we hide by default (ssl handshake, unknown/bad certificate) |
option |
description |
auth.debug |
enable/disable authentication module debug information |
auth.backend |
type of authentication backend |
auth.require |
|
auth.backend.ldap.hostname |
hostname of ldap server |
auth.backend.ldap.starttls |
|
auth.backend.ldap.filter |
|
auth.backend.ldap.bind-pw |
|
auth.backend.ldap.ca-file |
|
auth.backend.ldap.base-dn |
|
auth.backend.ldap.bind-dn |
|
auth.backend.plain.userfile |
path to plain userfile |
auth.backend.plain.groupfile |
path to plain groupfile |
auth.backend.htdigest.userfile |
path to htdigest userfile |
auth.backend.htpasswd.userfile |
path to htpassword userfile |
option |
description |
deflate.enabled |
enable/disable deflate support |
deflate.compression-level |
level of compression |
deflate.mem-level |
|
deflate.window-size |
|
deflate.bzip2 |
enable/disable bzip support |
deflate.min-compress-size |
minimum size document before compressing |
deflate.sync-flush |
enable sync flush |
deflate.output-buffer-size |
size of buffer for compression |
deflate.work-block-size |
minimum block size for compression |
deflate.mimetypes |
mimetype listing to be compressed. |
deflate.debug |
enable debug |
option |
description |
server.dir-listing*: enable/disable directory listing |
dir-listing.activate |
enables virtual directory listings if a directory is requested no index-file was found |
dir-listing.external-css |
path to an external css stylesheet for the directory listing |
dir-listing.encoding |
set a encoding for the generated directory listing |
dir-listing.hide-dotfiles |
if enabled, does not list hidden files in directory listings generated by the dir-listing option |
dir-listing.show-header |
include HEADER.txt files above the directory listing |
dir-listing.hide-header-file |
enables hide header file from directory listing |
dir-listing.show-readme |
include README.txt files below the directory listing |
dir-listing.hide-readme-file |
enables displaying readme file in directory listing |
dir-listing.exclude |
files that match any of the specified regular expressions will be excluded from listings |
dir-listing.set-footer |
displays a string in the footer of a listing page |
fastcgi.server-option |
description |
host |
is ip of the FastCGI process |
port |
is tcp-port on the "host" used by the FastCGI process |
socket |
path to the unix-domain socket |
bin-path |
path to the local FastCGI binary which should be started if no local FastCGI is running |
bin-environment |
set environment of FastCGI binary |
bin-copy-environment |
copy environment from server for FastCGI binary |
mode |
is the FastCGI protocol mode. Default is "responder", also "authorizer" mode is implemented |
docroot |
docroot on the remote host |
allow-x-send-file |
controls if X-LIGHTTPD-send-file and X-Sendfile headers are allowed |
broken-scriptfilename |
breaks SCRIPT_FILENAME in a way that PHP can extract PATH_INFO from it |
max-procs |
upper limit of processes to start |
check-local |
enable/disable check for requested file in document root |
disable-time |
time to wait before a disabled backend is checked again |
strip-request-uri |
strip part of request-uri |
fix-root-scriptname |
use this for backends with extension "/" (and check-local is disabled), only works > 1.4.22 |
scgi.server-option |
description |
host |
is ip of the SCGI process |
port |
is tcp-port on the "host" used by the SCGI process |
socket |
path to the unix-domain socket |
bin-path |
path to the local SCGI binary which should be started if no local SCGI is running |
bin-environment |
set environment of SCGI binary |
bin-copy-environment |
copy environment from server for SCGI binary |
docroot |
docroot on the remote host |
allow-x-send-file |
controls if X-LIGHTTPD-send-file and X-Sendfile headers are allowed |
broken-scriptfilename |
breaks SCRIPT_FILENAME in a way that PHP can extract PATH_INFO from it |
idle-timeout |
number of seconds before a unused process gets terminated |
max-procs |
upper limit of processes to start |
min-procs |
sets the minium processes to start |
min-procs-not-working |
|
max-load-per-proc |
maximum number of waiting processes on average per process before a new process is spawned |
check-local |
enable/disable check for requested file in document root |
disable-time |
time to wait before a disabled backend is checked again |
strip-request-uri |
strip part of request-uri |
option |
description |
trigger-before-download.trigger-url |
url for trigger pages |
trigger-before-download.trigger-timeout |
time for download link to live |
trigger-before-download.download-url |
url for downloads |
trigger-before-download.deny-url |
url to show when visitor denied a download |
trigger-before-download.gdbm-filename |
path to gdm file |
trigger-before-download.memcache-hosts |
hosts for the memcache.* functions |
trigger-before-download.memcache-namespace |
(not used yet) |
trigger-before-download.debug |
|