Summary of Features

Xitami/5 is a simple web server which focuses on security and ease of use. These are the key features explained in this document:

  • Basic and Digest authentication mechanisms using Apache-compatible password files;
  • Standard (NSCA, W3C) and customisable access logs;
  • Scriptable access control using easy-to-write policy language;
  • Predefined access policies: apply blacklist, block hotlinking, private web area;
  • Allow/deny access depending on: client IP address, request headers, user group;
  • Auto-ban for script & form injections, path climbing, proxy probes, over-sized requests.

The on-line help ('xitami —help') explains how to configure further aspects of the server through a set of command-line options:

  --server_name      Announced server name
  --port             Server port for HTTP requests
  --public_port      Public port for HTTP requests
  --trace            Trace network traffic?
  --animate          Animate HTTP agent?
  --verbose          Verbose output?
  --listen           Address (local network interface) to listen on
  --webroot          Path to web root directory
  --index            Index file name
  --default_types    Default document types
  --monitor          Monitor interval, seconds
  --record_stats     Record performance statistics
  --log_path         Active log file directory
  --keep_logs        Keep log files
  --archive_path     Archive log file directory
  --archive_cmd      Archive log file command
  --alert_log        Error log file name
  --access_log       Access log file name
  --access_log_format  Access log file format
  --debug_log        Debug log file name
  --basic_auth       Basic authentication filename
  --digest_auth      Digest authentication filename
  --blacklist        Blacklist filename
  --policy_trace     Debug policy execution?
  --nervosity        Security nervosity, seconds
  --header_max       Max size of HTTP header
  --bucket_max       Max size of content bucket
  --read_timeout     Network read timeout, seconds
  --write_timeout    Network write timeout, seconds
  --tcp_nodelay      TCP/IP NODELAY option
  --tcp_rcvbuf       TCP/IP receive buffer, in bytes
  --tcp_sndbuf       TCP/IP send buffer, in bytes
  --polling_threads  Number of polling OS threads
  --working_threads  Number of working OS threads
Add a New Comment

Edit | Tags | Source | Print

Table of Contents

Virtual Hosting (04 May 2009 08:09)

Directory Lists (04 May 2009 07:38)

2.5 Patches (28 Apr 2009 11:45)

Access Logs (18 Feb 2009 13:44)

Feature Requests (18 Feb 2009 13:43)

Security and Access Control (18 Feb 2009 13:43)

Summary of Features (18 Feb 2009 13:42)