0

I am looking through the modules that my apache server has loaded. To get this list I am using the following command:

apachectl -M

In the list this provides there are a number of modules that I don't immediately recognise, specifically:

  • core_module
  • mpm_prefork_module
  • http_module
  • so_module

So the question is : Does anybody know of a way of tracking down the location of the module file and the conf file that loaded it

Worth noting that these are not loaded from httpd.conf (/etc/httpd/conf/httpd.conf) or the conf.d/*.conf location that httpd.conf includes. However there are conf files here that include other locations and these include others and its all a bit rabbit hole. So if there is a command to get the info I need then all the better

Improve this question

1 Answer 1

Reset to default
2

I believe all of these modules have been enabled by default via compile-time flags, so you wouldn't need to explicitly load them with LoadModule.

Improve this answer
5
  • Is there anyway I can verify that? Commented Feb 13, 2015 at 20:10
  • So "apachectl -V" returns: Server MPM:Prefork compiled with.... -D APACHE_MPM_DIR="server/mpm/prefork" -D APR_HAS_SENDFILE -D APR_HAS_MMAP -D APR_HAVE_IPV6 -D APR_USE_SYSVSEM_SERIALIZE -D APR_USE_PTHREAD_SERIALIZE -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT -D APR_HAS_OTHER_CHILD -D AP_HAVE_RELIABLE_PIPED_LOGS -D DYNAMIC_MODULE_LIMIT=128 -D HTTPD_ROOT="p" -D SUEXEC_BIN="p" -D DEFAULT_PIDLOG="p" -D DEFAULT_SCOREBOARD="p" -D DEFAULT_LOCKFILE="p" -D DEFAULT_ERRORLOG="p" -D AP_TYPES_CONFIG_FILE="p" -D SERVER_CONFIG_FILE="p" Commented Feb 13, 2015 at 20:15
  • 1
    The core module is, as the name implies, the core module and can't be disabled. The mpm module also can't be disabled, but can be changed via the compile flags. The other two I can't find any documentation about, but judging by the name, they're probably default like core and can't be disabled as well. As far as checking, I'm not sure, but on my servers, they're not declared explicitly but also show up on apachectl -M. Commented Feb 13, 2015 at 20:32
  • Thanks for checking your server, the reason for checking this is that I think the server is compromised. In the past I have seen servers with malicious modules running and named innocently (for example : mod_view_proxy) - So if yours has these modules then they are not the cause Commented Feb 13, 2015 at 20:35
  • Yeah, my servers have those, except for the mpm one, which we use a different mpm (worker). But yours is a valid one for sure. And for the documentation, I've found it for the so module and it seems like a basic module for apache as well: httpd.apache.org/docs/2.2/mod/mod_so.html Commented Feb 13, 2015 at 20:40

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.