]>
Commit | Line | Data |
---|---|---|
3ea75603 MT |
1 | ## |
2 | ## httpd.conf -- Apache HTTP server configuration file | |
3 | ## | |
3ea75603 MT |
4 | ServerType standalone |
5 | ServerRoot /etc/httpd | |
6 | ||
7 | LockFile /var/lock/httpd.lock | |
8 | PidFile /var/run/httpd.pid | |
9 | ScoreBoardFile /var/run/httpd.scoreboard | |
10 | Timeout 900 | |
11 | KeepAlive On | |
12 | MaxKeepAliveRequests 100 | |
13 | KeepAliveTimeout 15 | |
14 | MinSpareServers 1 | |
15 | MaxSpareServers 2 | |
16 | StartServers 2 | |
17 | MaxClients 10 | |
18 | MaxRequestsPerChild 100 | |
10e4f239 MT |
19 | Port 81 |
20 | Listen 81 | |
3ea75603 MT |
21 | Listen 444 |
22 | User nobody | |
23 | Group nobody | |
24 | ServerAdmin root@localhost | |
25 | ServerTokens Prod | |
26 | DocumentRoot /home/httpd/html | |
27 | # Limit track/trace requests | |
28 | RewriteEngine on | |
29 | RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS) | |
30 | RewriteRule .* - [F] | |
31 | ||
32 | <Directory /> | |
33 | Options None | |
34 | AllowOverride None | |
35 | </Directory> | |
36 | <Directory /home/httpd/html> | |
37 | Options ExecCGI | |
38 | AllowOverride None | |
39 | Order allow,deny | |
40 | Allow from all | |
41 | </Directory> | |
42 | <DirectoryMatch "/home/httpd/html/(graphs|sgraph)"> | |
6693216e | 43 | AuthName "IPFire - Restricted" |
3ea75603 | 44 | AuthType Basic |
894c6feb | 45 | AuthUserFile /var/ipfire/auth/users |
10e4f239 | 46 | Require user admin |
3ea75603 MT |
47 | </DirectoryMatch> |
48 | ScriptAlias /cgi-bin/ /home/httpd/cgi-bin/ | |
49 | <Directory /home/httpd/cgi-bin> | |
50 | AllowOverride None | |
51 | Options None | |
894c6feb | 52 | AuthName "IPFire - Restricted" |
3ea75603 MT |
53 | AuthType Basic |
54 | AuthUserFile /var/ipfire/auth/users | |
55 | Require user admin | |
ed38f89d MT |
56 | <Files chpasswd.cgi> |
57 | Satisfy Any | |
58 | Allow from All | |
59 | </Files> | |
60 | <Files webaccess.cgi> | |
61 | Satisfy Any | |
62 | Allow from All | |
63 | </Files> | |
3ea75603 MT |
64 | <Files credits.cgi> |
65 | Satisfy Any | |
66 | Allow from All | |
67 | </Files> | |
68 | <Files dial.cgi> | |
69 | Require user admin dial | |
70 | </Files> | |
71 | </Directory> | |
72 | <IfModule mod_dir.c> | |
73 | DirectoryIndex index.html index.htm index.shtml index.cgi | |
74 | </IfModule> | |
75 | AccessFileName .htaccess | |
76 | <Files ~ "^\.ht"> | |
77 | Order allow,deny | |
78 | Deny from all | |
79 | </Files> | |
80 | <IfModule mod_mime.c> | |
81 | TypesConfig /etc/mime.types | |
82 | </IfModule> | |
83 | DefaultType text/plain | |
84 | ||
85 | HostnameLookups Off | |
86 | ErrorLog /var/log/httpd/error_log | |
87 | LogLevel warn | |
88 | LogFormat "%h %l %u %t \"%r\" %>s %b" common | |
89 | CustomLog /var/log/httpd/access_log common | |
90 | ServerSignature Off | |
91 | AddHandler cgi-script .cgi | |
92 | <IfModule mod_setenvif.c> | |
93 | BrowserMatch "Mozilla/2" nokeepalive | |
94 | BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0 | |
95 | BrowserMatch "RealPlayer 4\.0" force-response-1.0 | |
96 | BrowserMatch "Java/1\.0" force-response-1.0 | |
97 | BrowserMatch "JDK/1\.0" force-response-1.0 | |
98 | </IfModule> | |
99 | ||
100 | ### | |
101 | ### SSL Configuration | |
102 | ### | |
103 | AddType application/x-x509-ca-cert .crt | |
104 | AddType application/x-pkcs7-crl .crl | |
105 | ||
106 | SSLPassPhraseDialog builtin | |
107 | SSLSessionCache dbm:/var/log/httpd/ssl_scache | |
108 | SSLSessionCacheTimeout 900 | |
109 | SSLMutex file:/var/log/httpd/ssl_mutex | |
110 | SSLRandomSeed startup builtin | |
111 | SSLRandomSeed connect builtin | |
112 | SSLLog /var/log/httpd/ssl_engine_log | |
113 | SSLLogLevel info | |
114 | ||
115 | <VirtualHost _default_:444> | |
116 | RewriteEngine on | |
117 | RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS) | |
118 | RewriteRule .* - [F] | |
119 | DocumentRoot /home/httpd/html | |
120 | ServerAdmin root@localhost | |
121 | ErrorLog /var/log/httpd/error_log | |
122 | TransferLog /var/log/httpd/access_log | |
123 | SSLEngine on | |
124 | SSLProtocol all -SSLv2 | |
125 | SSLCipherSuite ALL:!ADH:!EXPORT56:!eNULL:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP | |
126 | SSLCertificateFile /etc/httpd/server.crt | |
127 | SSLCertificateKeyFile /etc/httpd/server.key | |
128 | <Files ~ "\.(cgi|shtml?)$"> | |
129 | SSLOptions +StdEnvVars | |
130 | </Files> | |
131 | <Directory /home/httpd/cgi-bin> | |
132 | SSLOptions +StdEnvVars | |
133 | </Directory> | |
134 | SetEnv HOME /home/nobody | |
135 | SetEnvIf User-Agent ".*MSIE.*" \ | |
136 | nokeepalive ssl-unclean-shutdown \ | |
137 | downgrade-1.0 force-response-1.0 | |
138 | CustomLog /var/log/httpd/ssl_request_log \ | |
139 | "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" | |
140 | </VirtualHost> | |
141 | ||
142 | <Directory /home/httpd/html/backup> | |
143 | Options None | |
144 | AllowOverride None | |
6693216e | 145 | AuthName "IPFire - Restricted" |
3ea75603 MT |
146 | AuthType Basic |
147 | AuthUserFile /var/ipfire/auth/users | |
148 | require user admin | |
149 | </Directory> | |
150 | ||
151 | include /etc/httpd/conf/hostname.conf |