Description

Multithreaded HTTP webserver for Windows

Author: Martin 'Bilbo' Petricek
WWW: http://www.petricek.net/

Installation

Copy exweserv.exe to any reasonable place in system.
Configure server. You can use commented sample.en.conf as starting point.
Server is launched by:
 exweserv.exe <name of config file>

If you wish to run server each time with windows start, add to this key in registry:
"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunServices"
a field names "exweserv" with value "<path to server>\exweserv.exe <name of configuration file>"

You can run multiple simultaneous servers with different configuration files if needed

Page for monitoring server (if enabled in configuration) is on address /*
(for example "http://localhost/*")

Configuration

Field types used in configuration
integer valueAny integer value
string valueAny string value (without any quotes, if quoted, the quotes become part of the string)
boolean value1 means yes, 0 means no. (actually positive integer means yes and anything else no)
authentication record You can have multiple these records, each specifying one valid username with password for user/password based access
Format is login:type:password
type specifies password type (0=plaintext, 5=md5)
If no passwords are specified, access is allowed to everybody, otherwise only to one of users logging in with their passwords
IP recordIP address in format X.X.X.X or address range in format X.X.X.X-Y.Y.Y.Y. The second address should be greater than first.
This is used with allow/ban configuration records, when used, the records are traversed from last to first and first record specifying either allow or ban for remote address is used. If no ban/allow record of given type is found in configuration for given address, access is granted.
Note: you can specify "all" in this record - it is same, as if you write 0.0.0.0-255.255.255.255
You can specify ban=all to ban everyone and then under this line allow only specific IP's
Note: When both IP based and user/password based access are used, access is granted only to users satisfying both restrictions

General configuration

port

Format: port=[integer value]
Default: 80
Specifies port on which the server will listen

silent

Format: silent=[boolean value]
Default: 0 (no)
Specifies whether to be silent (show no messagebox) when error occur (like if there are errors in configuration file or listen port is already taken)

monitorauth

Format: monitorauth=[authentication record]
Control user/password based access to server monitor pages

monitorban, monitorallow

Format: monitorban=[IP record]
Format: monitorallow=[IP record]
Control IP based access to server monitoring pages

proxyban, proxyallow

Format: proxyban=[IP record]
Format: proxyallow=[IP record]
Control IP based access to proxy

logmonitor

Format: logmonitor=[boolean value]
Default: 0 (no)
Specify, whether to log accesses to server monitoring pages in access and error log.

Virtual roots

Virtual domains and directories can be configured. Each is mapped to any physical path on disk.
If any configuration directive is outside virtual server definition (<root...> and </root> tags), then it is as "default" for all virtual servers specified after that directive (unless overriden by new value). These defaults are also used if no virtual directory or host matches the request.

<root>

Format:
<root [string value-domain and path]>
virtual root specific configuration
</root>

Anything from domain and path before first slash (/) is treated as hostname, if hostname begins with dot, it will match any hostname ending with given name.
For example ".centrum.cz" will match mail.centrum.cz, www.centrum.cz, and also "centrum.cz". If domain is empty, any domain will match and anything behind / is treated as directory name. So "/dir" will match directory /dir in all domains.
Records are evaluated from last to first and first matching given hostname and path is used.

alias

Format: alias=[string value-domain and path]>
Aliases must be specified as last values of a block between <root...> and </root> They will create an alias and copy the configuration from the virtual root currently being defined under a new virtual domain or directory. They have same effect as new <root...> and </root> block with exactly the same configuration

Virtual roots configuration

Following configuration can be used either in any of virtual roots, affecting only this root, or outside of them, affecting default configuration.

diskroot

Format: diskroot=[string value]
Default: (current directory)
diskroot specifies where to look for pages

logformat

Format: logformat=[string value]
Default: %r
This string specifies format for records in access log. Each record is one line and you can use these codes in string:
Code... will be replaced with:
%%character: %
%{Field}Field from http request headers
%aremote IP address
%Bresponse length in bytes (amount of data send without headers)
%mrequest method (GET, POST, ...)
%qquery string (without ?)
%rfirst line of request
%sresponse code (200, 206, ...)
%ttime in format (day/month/year:hour:minute:second)
%uusername (with http authentification)
%UURL
%vwebroot
For "almost-apache" format, use: %a - %u [%t] "%r" %s %B

accesslog

Format: accesslog=[string value]
Default: (empty string)
Specifies file, where to log accesses. Empty string means this logging is turned off. Multiple virtual roots can use single accesslog file.

errorlog

Format: errorlog=[string value]
Default: (empty string)
Specifies file, where to log errors. Empty string means this logging is turned off. Multiple virtual roots can use single errorlog file.

dirlist

Format: dirlist=[integer value]
Default: 1
Directory listing style.
0=listing forbidden, 1=simple format.
More listing styles may come in future.

auth

Format: auth=[authentication record]
Control user/password based access to all pages in given diskroot

ipban, ipallow

Format: ipban=[IP record]
Format: ipallow=[IP record]
Control IP based access to all pages in given diskroot

index

Format: index=[comma delimited string values]
index specifies index page (pages) delimited by comma. If no such page is present in directory, a listing will be sent (unless forbidden).
Pages are checked from first to last, first matching is used.

action

Format: action=[mask];[mime-type];[action];[parameter]
For various file types you can set various actions. You can have multiple such configuration directives in file, each for different file mask
FieldMeaning
mask You can use these characters in mask:
*=any nymber (0 or more) of any characters
?=any 1 character
Any other characters must match corresponding characters in filename
If file matches mask, rule is used.
If file matches multiple masks, only first rule in order is used and then the evaluation is stopped
mime-type set mime-type for this type of file. If mime-type for file is not specified, is is taken from table hardcoded in server
action Can have folowing values:
forbid : send error message "Forbidden" instead of file (HTTP code 500)
exec : file will be run on server (cgi)
execnph : file will be run on server (nph-cgi)
sendnph : file will be send without adding any HTTP headers (useful if file contain already all headers) With sendnph anyhing from incoming headers is ignored (specifically method and Range)
parameter if action is exec or execnph, thes specifies an interpreter. It is then launched and its first parameter will be the filename, instead of launching the file directly (useful for perl scripts, etc ....)

error

Format: error=[integer value-error code];[string value-error page]
For various errors you can have various custom error pages.
Path is either absolute or relative to diskroot in current configuration

Server by itself uses these HTTP error codes:
400 Bad request
401 Unauthorized
403 Forbidden
404 File notfound
416 Bad range
501 Unsupported
500 Internal server error

If file with error page is not found, server will send default error message.
Filters on actions are applied or the error page (so if it is a perl script and you set server to run them it is run)
If the page do not contain full path (including drive), path is taken relative to diskroot where the error happened.
If error occured before server finds the virtual root for this request (like 400 error), error page from default config is used.

Other documentation

install.en.txtInstallation instructions
description.en.txtDecription of program
changelog.en.txtChangelog
gpl.txtLicense for using program (GPL)
This manual in czech language