fhttpd configuration file (`fhttpd.conf`)

Keyword and format	Description
AccessRealm `realmname realmfile`	Defines access realm and corresponding password file (in `/etc/passwd` format).
AccessRights `filemask` restrict AccessRights `filemask` allow AccessRights `filemask realm` :all: AccessRights `filemask realm user`	Defines access to some group of files. `filemask` is a wildcard mask, although "/" is considered to be a regular character, so "/home/ftp/pub/" will mean everything in or under /home/ftp/pub. Statements are processed in their order in configuration file, restrict* disallows access, *allow* allows access without password, mentioning `realm` and `user` allows access for that user or all users in the realm, if the username is "`:all:`".
AddressRoot `hostname rootdir`	Defines "anonymous FTP/HTTP root directory" for IP address. Anonymous FTP and HTTP sessions will use that directory instead of default one (home directory of "ftp" user or default HTTP root directory), if request is sent to one of IP addresses of the server, defined by `hostname`. Also, the same `hostname` will be displayed in FTP login message and directory headers (if AddressRoot is not defined for some address of the server, primary host/domain name will be displayed, even if the request comes to non-primary address).
[Auth]Application `name pathmask username maxinstances[,maxinstances_per_uid] maxqueue mappedpathmask` [`executable` [[-p\|-s [`arguments`]]]]	Defines application module, implemented as a `process`. `pathmask` is only used to check for trailing slash matching (if `pathmask` just contains trailing slash, only URLs with trailing slash or mentioning index files will match, and vice versa) while remapping is done by `mappedpathmask`. "-" as the `pathmask` disables distinguishing between requests with and without trailing slash. If `executable` is omitted, application is assumed to be remote, connected by TCP socket, and `username` is used for authentication (with the `username` and the password of that user). Executable can connect from anywhere, if the authentication succeeds, and different instances of the same program may be connected from different hosts (for example, to distribute the load), but the total number of connected instances can't exceed `maxinstances`. If `executable` is mentioned, it is executed on startup as `username`, and server uses pipes or `AF_UNIX` sockets to its stdin and stdout for communication. Additional copies of `executable` will be started if the requests number will require that, but the `maxinstances` number limits the possible number of them. If comma and `maxinstances_per_uid` is specified, module will run under user's userid, if `~username` mapping is used. `maxinstances_per_uid` will limit the number of instances running under the same userid. `maxqueue` is the number of requests in the queue (sent to the application, but not answered). Value 1 implies synchronous-only operations. -p option specifies communication through pipes, and -s option specifies communication through `AF_UNIX` sockets. All arguments starting from -s or -p are passed as the command line to the process. The number of arguments can't exceed 12. If "AuthApplication" version of keyword is used, `REMOTE_PW` field with user's password is passed to the application along with `REMOTE_USER`, so application can perform authentication for itself. Only trusted applications should use that mode because HTTP clients send password even if it is entered before for something else at the same host, so applications can see passwords, intended for other files or applications. fhttpd file I/O and CGI support module is implemented as `fhttpd-file` application module since version 0.3.0, so all servers should have it mentioned if they support files and/or CGI access (see example).
DefaultFooter `footer`	Defines default `footer` for directories without `.footer.html` file. It can contain any valid HTML markup with "`_`" in the place of spaces and "`\_`" in the place of "`_`". "`$D`" will be replaced by directory name, "`$H`" - by host name, "`$$`" - by "$" sign. See Special files and URLs for directory listings for details.
DefaultHeader `header`	Defines default `header` for directories without `.header.html` file. It can contain any valid HTML markup with "`_`" in the place of spaces and "`\_`" in the place of "`_`". "`$D`" will be replaced by directory name, "`$H`" - by host name, "`$$`" - by "$" sign. See Special files and URLs for directory listings for details.
[Abs]DirType `filemask prefix suffix`	Defines how directories will be represented in the automatically generated directory list. `prefix` and `suffix` can contain any valid HTML markup with "`_`" in the place of spaces and "`\_`" in the place of "`_`". `filemask` is handled like in AccessRights, `earlier records have higher priority`. Names are taken how they will appear in request, not how they will look on real filesystem, unless "AbsDirType" version of keyword is used.
[Special]ExecMask `filemask`	Defines which files can be executed as CGI scripts. SpecialExecMask version of the keyword disables forced "`HTTP/1.0 200 OK`" first response line, so the script can return its own one, containing redirection or any other response code. `filemask` is handled like in AccessRights.
FTPPort [`host:]port`	`port` is an FTP server port number (default value is 21), 0 disables FTP server support by fhttpd. FTP data port will be `port`-1. If `host` and colon are present, fhttpd will bind its FTP socket only to the IP address that corresponds to `host`.
[Abs]GetRule UNCONDITIONAL `parameter` [`parameter-value`] [Abs]GetRule `field operator value name-operator name-value parameter` [`parameter-value`]	Defines name remapping, unconditional or based on some fields in HTTP requests. `field` is the request field (case-insensitive), `operator` can be `EQ` (equal), `NE` (not equal), `EQCI` (equal, case insensitive) or `NECI` (not equal, case insensitive), `value` is a wildcard expression. `name-operator` can be `NAMEEQ` (name equal), `NAMENE` (name not equal), `NAMEEQCI` (name equal, case insensitive) or `NAMENECI` (name not equal, case insensitive). `name-value` (wildcard) defines the set of names in request, in which `parameter` (`BASEDIR`, `CWD` or `NAME`) will be replaced by `parameter-value`. If `parameter-value` is omitted, original value of parameter is restored. All statements are processed in their order in configuration file, using original fields and names. Names are taken how they will appear in request, not how they will look on real filesystem, unless "AbsGetRule" version of keyword is used. In versions since 0.2.2 redirection between files and scripts is supported without restrictions.
HonorKeepAlive	Honor `Keep-Alive` request option (HTTP/1.0 persistent connections).
HTTPPort [`host:]port`	`port` is an HTTP server port number (default value is 80), 0 disables HTTP server support by fhttpd (but that will be pointless). If `host` and colon are present, fhttpd will bind its HTTP socket only to the IP address that corresponds to `host`.
HTTPRoot `pathname`	Defines default HTTP root directory as `pathname`.
[Abs]Inbound `filemask`	Defines FTP inbound files. `filemask` is handled like in AccessRights. Names are taken how they will appear in request, not how they will look on real filesystem, unless "AbsInbound" version of keyword is used.
LogApplication `name pathmask username maxinstances[,maxinstances_per_uid] maxqueue mappedpathmask` [`executable` [[-p\|-s [`arguments`]]]]

fhttpd configuration file (fhttpd.conf)

fhttpd configuration file (`fhttpd.conf`)