Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Contact Us
Online Help
Domain Status
Man Pages

Virtual Servers

Topology Map

Server Agreement
Year 2038

USA Flag



Man Pages

Manual Reference Pages  -  MOHAWK.CONF (5)


mohawk.conf - mohawk(8) configuration file


Server Configuration
Vhosts Configuration


mohawk.conf is the configuration file for the http daemon mohawk(8).

Comments can be put anywhere in the file using a hash mark ('#'), and extend to the end of the current line.

Arguments containing whitespace should be surrounded by double quotes ().


debug<on off>
  If mohawk(8) is compiled with -DUSE_DEBUG, this option control the debug mode. The cli option ’-d’ take precedence.
on Activate the debug mode, this prevent mohawk(8) to fork in background as well as activeing verbose output.
off (default)
  Run in background.

For example,

debug on

  mohawk(8) will chroot itself in the given directory.

For example,

chroot /var/www/chroot

  Include file(s) that match pattern. If the default max level recursion (5) is not enought, recompile mohawk(8) with -DMAX_INCLUDE_DEPTH=your_level

For example,

include /usr/local/etc/mohawk.d/local.conf

  Read mime type from file.

For example,

mime_type /etc/nginx/mime.types

mime_type<key value>
  Global list of mime type (where type and extension(s) are autodetected), delimited with brace. Default is application/octet-stream. Shortest extension come first.

For example,

mime_type { text/plain "c h" x application/xxx }
mime_type { html text/html txt text/plain }

Invert the two lines and a request for a ’h’ document will return ’text/html’ and a request for a ’x’ document will return ’text/plain’. The first match win.
  mohawk(8) write his pid in this file, before any chroot. The cli option ’-p pidfile’ take precedence.

For example,

pidfile /var/run/

  Use facility for logging. See /usr/include/syslog.h for the list of facilities name. Default is daemon.

For example,

syslog_facility local2

  Run mohawk(8) as another user, nobody by default. username must exists on the system.

For example,

user www-data


A vhost is configured by a list of option, delimited with brace. A ’default’ vhost is mandatory. Each another vhost inherit her configuration from this vhost. Inherit configuration from another vhost is possible with ’vhost child clone parent { }’.

List of option could be uni or multi line, comment start with ’#’.

For example,

vhost default {

<list of option>

authentication<on off>
  Enable / disable (default) authentication. See auth_path below.

For example,

authentication off

cgi_expose_mohawk_version<on off>
  Enable / disable (default) the environment variable MOHAWK_VERSION.

For example,

cgi_expose_mohawk_version on

dirlist<on off>
  Enable / disable (default) directory listing.

For example,

dirlist on

hostname_in_rootdir<on off>
  Use / don’t use hostname (default) in rootdir. When vhost contains patterns, use it.

For example,

hostname_in_rootdir on

x_forwarded_for<on off>
  Enable / disable (default) use X-Forwarded-For header
  Path to the authentication file. The rootdir of the vhost *must not* contains this directory.

For example,

auth_path /tmp/chroot/secure_vhost/secure

  Set the default charset.

For example,

charset iso-8859-15

  The custom css for directory listing page relative to the vhost rootdir.

For example,

dirlist_css_url /dirlist.css

  Set the email of the administrator

For example,


  If defined, set Expires and Cache-Control headers

For example,

maxage 3600

  Set the environment variable SERVER_SOFTWARE

For example,

mohawk_name "What did you expect ?"

  The root directory for the given vhost. The ’document_root’ is defined as chroot + rootdir. If hostname_in_root is on, the document_root is defined as chroot + rootdir + hostname. For ’default’ vhost, ’document_root’ is always defined as chroot + rootdir.

For example,

rootdir /tmp/chroot/virtual-hosts

  The url for the status page (information concerning the running mohawk(8) process).
auth_patterns<list of pattern>
  The glob pattens to determine which url require authentication. For a fully authentication vhost, use ’*’. See auth_path option.

For example,

auth_patterns { /admin/* /secure/* }

cgi_patterns<list of pattern>
  The glob pattens to determine which files are to be considered as CGIs.

For example,

cgi_patterns { *.cgi *.pl *.sh }

index_names<list of pattern>
  List of file name to use as index directory

For example,

index_names { index.html index.htm default.html }

no_auth_patterns<list of pattern>
  The glob pattens to determine which url does not require authentication.

For example,

no_auth_patterns { /css/* /js/* /img/* }

no_cgi_maps<list of pattern>
  List the url that will not be mapped to cgi even if defined in a cgi_map.

For example,

no_cgi_map { /rescue/status* }

no_log_patterns<list of pattern>
  Don’t log if request match pattern.

For example,

no_log_patterns { /css/* /js/* /img/* /packages/* }

grant_access<list of prefix/mask>
  If set, access is granted only if remote_addr match one of the prefixes. Using ’!’ deny access to the specified prefix/netmak.

For example,

grant_access { 2001:dead:beaf::/48 }
grant_access { ! } # bad access / deny order:
grant_access { !2001:dead:beaf:1::/64 2001:dead:beaf::/48 } # good access / deny order:

cgi_env<list of key value>
  List of environnement variable to pass to CGIs in the form of: key "value" where key is the variable "value" is the content of the variable.

For example,

cgi_env { CBLOG_PATH "/var/db/cblog/" }
cgi_env {
  VAR1 "value1"
  VAR2 "value2"
  # not use here
  #VAR3 "value3"

cgi_map<list of key value>
  List of url mapping that will in fact execute the given CGI in the form of: pattern path/url/to/the/cgi. pattern is a glob pattern.

For example,

cgi_map { /cblog/* /cblog.cgi /debug/* /cgi/ }

listen Xo
  on<...> port<port>
  The listen on directive take a interface, hostname, ipv4 or ipv6 param. port is optionnal (http by default). Multiple directives are authorized. Be careful, without listen directive, mohawk(8). will listen on all interfaces port http.

For example,

listen on em0
listen on localhost port 2222
listen on
listen on 2001:dead:beef::1 port dns

  Reset a option. The resettables options are:
  • auth_path
  • auth_patterns
  • cgi_env
  • cgi_map
  • cgi_patterns
  • charset
  • dirlist_css_url
  • email_admin
  • index_names
  • mohawk_name
  • no_auth_patterns
  • no_cgi_maps
  • no_log_patterns
  • grant_access
  • status_url


Minimal configuration: no chroot, listen on all interfaces, all addresses, serve /tmp:

mime_type { html text/html txt text/plain }

vhost default { rootdir /tmp dirlist on }

Complex configuration: chroot, listen on some interfaces, some addresses, black hole default vhost, authentication, cgi:

chroot /var/www/chroot
user www-data
mime_type { html text/html txt text/plain }

# no HTTP 1.0 client vhost default { # chroot is defined, we need /var/www/chroot/var/empty rootdir /var/empty }

# vhost * { # em0 is the public interface listen on em0 port 8080 # vr0 is the local interface listen on vr0

# chroot is defined and it’s not default vhost # a request # become /var/www/chroot/srv/ rootdir /srv/

#authentication off #cgi_expose_mohawk_version #dirlist off # we listen on public interface port 8080, a proxy is present x_forwarded_for on

# no authentication #auth_path charset latin1

dirlist_css_url /css/dir.css maxage 3600 mohawk_name "Mohawk rulez !!!" # we don’t activate any status url # some informations may be sensible #status_url # no authentication #auth_patterns { } #no cgi #cgi_patterns { } # usual settings index_names { index.html index.htm default.html } # no authentication #no_auth_patterns { } # no cgi #no_cgi_maps { } # we log all #no_log_patterns { } # no restriction #grant_access { } # no cgi_env #cgi_env { } # no cgi_map #cgi_map { } }

vhost { # add some listen listen on listen on port 8888 # /var/www/chroot/classified/www/ rootdir /classified/www # activate authentication authentication on # auth path # we can shared .htpasswd # /var/www/chroot/classified/authentication/.htpasswd auth_path /classified/authentication/ no_auth_patterns { /css/* /img/* /js/* } # don’t log some stuff, same as no_auth_patterns no_log_patterns { /css/* /img/* /js/* } }

vhost clone { # listen only on lo0 reset listen listen on lo0 # keep roodir, /var/www/chroot/classified/www/ # don’t share .htpasswd auth_path /classified/ # all request require authentication reset no_auth_patterns auth_patterns { * } cgi_expose_mohawk_version off cgi_patterns { *.cgi *.pl } reset index_names index_names { crack.cgi } reset no_cgi_maps cgi_map { /download/* / /upload/* /add_virus.cgi } cgi_env { DATABASE "postgresql:admin:Haxxor ftw" } grant_access { } mohawk_name "" # we log all reset no_log_patterns }


.An Baptiste Daroussin <>
.An Freddy Dissaux <>
Search for    or go to Top of page |  Section 5 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.