Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages


home | help
SHTTPD(1)		FreeBSD	General	Commands Manual		     SHTTPD(1)

     shttpd -- lightweight web server

     shttpd [options] [config_file]
     shttpd -A htpasswd_file domain_name user_name password

     shttpd is small, fast and easy to use web server with CGI,	SSL, Digest
     Authorization support. It can be run as stand-alone server, be managed by
     inetd(8) ,	or be embedded into existing C/C++ application.

     shttpd does not detach from terminal, and makes current working directory
     be	the web	root, unless -root option is specified.

     Unlike other web servers, shttpd does not expect CGI scirpts to be	put in
     a special directory. They may be anywhere.	CGI files are recognized by
     the file extension.

     SSI files are also	recognized by extension. Currently, the	only SSI di-
     rectives supported	are `<!--#include "url-encoded-path" -->' and
     `<!--#exec	"program" -->'.	The `url-encoded-path' can be relative to
     shttpd working directory, or absolute system path.	In the embedded	mode,
     more directives are available: #call, #if/#elif/#endif/#else/#endif.  Un-
     supported SSI directives are silently ignored.

     It	is possible to specify multiple	ports to listen	on. For	example, to
     make shttpd listen	on HTTP	port 80	and HTTPS port 443, one	should start
     it	as `shttpd -ssl_cert cert.pem -ports 80,443s'

     shttpd can	use the	configuration file. By default,	it is "shttpd.conf",
     and if it is present in the same directory	where shttpd lives, the	com-
     mand line options are read	from it. Alternatively,	the configuration file
     may be specified as a last	argument. The format of	the configuration file
     is	exactly	the same as for	the command line options, the only difference
     is	that the command line options must be specified	on separate lines, and
     leading dashes for	option names must be omitted.  Lines beginning with
     '#' are regarded as comments and ignored.

     -A	htpasswd_file domain_name user_name password
	     Add/edit user's password in the passwords file. Deleting users
	     can be done with any text editor. Functionality similar to
	     Apache's htdigest utility.

     -access_log file
	     Access log	file. Default: not set,	no logging is done.

     -acl (+|-)x.x.x.x[/x],...
	     Specify access control list (ACL).	ACL is a comma separated list
	     of	IP subnets, each subnet	is prepended by	'-' or '+' sign. Plus
	     means allow, minus	means deny. If subnet mask is omitted, like
	     "-", then it means single IP address. Mask may vary	from 0
	     to	32 inclusive. Default: not set,	allow all.

     -aliases list
	     This options gives	an ability to serve the	directories outside
	     web root by sort of symbolic linking to certain URI. The list
	     must be comma-separated list of URI=PATH pairs, like this:
	     "/etc/=/my_etc,/tmp=/my_tmp". Default: not	set.

     -auth_PUT file
	     PUT and DELETE passwords file. This must be specified if PUT or
	     DELETE methods are	used. Default: not set.

     -auth_gpass file
	     Location of global	passwords file.	When set, per-directory	.ht-
	     passwd files are ignored, and all accessed	must be	authorised
	     against global passwords file.  Default: not set.

     -auth_realm domain_name
	     Authorization realm. Default: "".

     -cfg_uri uri
	     If	set, shttpd creates special administrative URI where options
	     may be changed at runtime.	 This URI probably wants to be pass-
	     word-protected, look at -protect option, and in the EXAMPLES sec-
	     tion on how to do it. Default: not	set.

     -cgi_env list
	     Pass environment variables	to the CGI script in addition to stan-
	     dard ones.	 The list must be comma-separated list of X=Y pairs,
	     like this:	"VARIABLE1=VALUE1,VARIABLE2=VALUE2".  Default: not

     -cgi_ext list
	     Comma-separated list of CGI extensions.  All files	having these
	     extensions	are treated as CGI scripts. Default: "cgi,pl,php"

     -cgi_interp file
	     Force file	to be a	CGI interpreter	for all	CGI scripts. By	de-
	     fault this	option is not set, and shttpd decides which inter-
	     preter to use by looking at the first line	of CGI script.

     -dir_list yes|no
	     Enable/disable directory listing. Default:	"1" (enabled).

     -error_log	file
	     Error log file. Default: not set, no errors are logged.

     -inetd yes|no
	     Enable/disable inetd mode.	Default: "0" (disabled).

     -mime_types list
	     Additional	to builtin mime	types, in form "EXTENSION1=TYPE1,EX-

     -ports port_list
	     Comma-separated list of ports to listen on. If the	port is	SSL, a
	     letter 's'	must be	appeneded, for example,	"80,443s" will open
	     port 80 and port 443, and connections on port 443 will be SSL-ed.
	     Default: 80

     -protect list
	     Comma separated list of URI=PATH pairs, specifying	that given
	     URIs must the protected with respected password files. Default:
	     not set.

     -root directory
	     Location of the WWW root directory. Default: working directory
	     from which	shttpd has been	started.

     -ssi_ext list
	     Comma separated list of SSI extensions. Default: "shtml,shtm".

     -ssl_cert pem_file
	     Location of SSL certificate file. Default:	not set.

     -systray yes|no
	     Hide console and put an icon on system tray (Windows only). De-
	     fault: no.

     -threads num_threads
	     Number of worker threads. If 1, no	threads	are spawned, and
	     shttpd operates as	single threaded	program. Default: 1.

     -uid login
	     Switch to given user after	startup. Default: not set.

     shttpd can	be built as a library to embed web server functionality	into
     C/C++ application.	The API	functions are declared in a header file
     shttpd.h.	Please refer to	the source package for a header	file and the

     shttpd -root /var/www -ports 8080,8043s -ssl_cert /etc/cert.pem -aliases
	     Start listening on	port 8080 for HTTP, and	8043 for HTTPS connec-
	     tions.  Use /etc/cert.pem as SSL certificate file.	Web root is
	     /var/www. In addition, map	directory /tmp to URI /aa, directory
	     /etc to URI /bb.

     shttpd -acl -,+,+
	     Deny connections from everywhere, allow only IP address
	     and all IP	addresses from subnet to connect.

     shttpd -ports 8080	-cfg_uri /ctl -protect /ctl=/tmp/passwords.txt
	     Start listening on	port 8080, create an administrative URI	"/ctl"
	     where options may be changed at runtime, and protect that URI
	     with authorization.

     http stream tcp nowait nobody /bin/shttpd shttpd -inetd 1 -root /var/www
	     This line in /etc/inetd.conf makes	shttpd run by inetd(8) daemon.


     shttpd is licensed	under the terms	of beerware license.

     Sergey Lyubka <>.

				 Feb 12, 2008


Want to link to this manual page? Use this URL:

home | help