Module mod_info

This module provides a comprehensive overview of the server configuration including all installed modules and directives in the configuration files.

Status: Extension
Source File: mod_info.c
Module Identifier: info_module
Compatibility: Available in Apache 1.1 and later.

Directives

Using mod_info

To configure it, add the following to your access.conf file.

<Location /server-info>
SetHandler server-info
</Location>
You may wish to add a <Limit> clause inside the location directive to limit access to your server configuration information.

Once configured, the server information is obtained by accessing http://your.host.dom/server-info

Note that the configuration files are read by the module at run-time, and therefore the display may not reflect the running server's active configuration if the files have been changed since the server was last reloaded. Also, the configuration files must be readable by the user as which the server is running (see the User directive), or else the directive settings will not be listed.

It should also be noted that if mod_info is compiled into the server, its handler capability is available in all configuration files, including per-directory files (e.g., .htaccess). This may have security-related ramifications for your site.

In particular, this module can leak sensitive information from the configuration directives of other Apache modules such as system paths, usernames/passwords, database names, etc. Due to the way this module works there is no way to block information from it. Therefore, this module should ONLY be used in a controlled environment and always with caution.


AddModuleInfo

Syntax: AddModuleInfo module-name string
Context: server config, virtual host
Status: Extension
Module: mod_info
Compatibility: Apache 1.3 and above

This allows the content of string to be shown as HTML interpreted, Additional Information for the module module-name. Example:

AddModuleInfo mod_auth.c 'See <A HREF="http://www.apache.org/docs/mod/mod_auth.html">http://www.apache.org/docs/mod/mod_auth.html</A>'