]>
Commit | Line | Data |
---|---|---|
3ea75603 MT |
1 | ## |
2 | ## httpd.conf -- Apache HTTP server configuration file | |
3 | ## | |
4 | ## $Id: httpd.conf,v 1.15.2.7 2005/04/16 11:40:15 rkerr Exp $ | |
5 | ## | |
6 | ServerType standalone | |
7 | ServerRoot /etc/httpd | |
8 | ||
9 | LockFile /var/lock/httpd.lock | |
10 | PidFile /var/run/httpd.pid | |
11 | ScoreBoardFile /var/run/httpd.scoreboard | |
12 | Timeout 900 | |
13 | KeepAlive On | |
14 | MaxKeepAliveRequests 100 | |
15 | KeepAliveTimeout 15 | |
16 | MinSpareServers 1 | |
17 | MaxSpareServers 2 | |
18 | StartServers 2 | |
19 | MaxClients 10 | |
20 | MaxRequestsPerChild 100 | |
894c6feb | 21 | Port 444 |
3ea75603 MT |
22 | Listen 444 |
23 | User nobody | |
24 | Group nobody | |
25 | ServerAdmin root@localhost | |
26 | ServerTokens Prod | |
27 | DocumentRoot /home/httpd/html | |
28 | # Limit track/trace requests | |
29 | RewriteEngine on | |
30 | RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS) | |
31 | RewriteRule .* - [F] | |
32 | ||
33 | <Directory /> | |
34 | Options None | |
35 | AllowOverride None | |
36 | </Directory> | |
37 | <Directory /home/httpd/html> | |
38 | Options ExecCGI | |
39 | AllowOverride None | |
40 | Order allow,deny | |
41 | Allow from all | |
42 | </Directory> | |
43 | <DirectoryMatch "/home/httpd/html/(graphs|sgraph)"> | |
44 | AuthName "Restricted" | |
45 | AuthType Basic | |
894c6feb | 46 | AuthUserFile /var/ipfire/auth/users |
3ea75603 MT |
47 | require user admin |
48 | </DirectoryMatch> | |
49 | ScriptAlias /cgi-bin/ /home/httpd/cgi-bin/ | |
50 | <Directory /home/httpd/cgi-bin> | |
51 | AllowOverride None | |
52 | Options None | |
894c6feb | 53 | AuthName "IPFire - Restricted" |
3ea75603 MT |
54 | AuthType Basic |
55 | AuthUserFile /var/ipfire/auth/users | |
56 | Require user admin | |
ed38f89d MT |
57 | <Files chpasswd.cgi> |
58 | Satisfy Any | |
59 | Allow from All | |
60 | </Files> | |
61 | <Files webaccess.cgi> | |
62 | Satisfy Any | |
63 | Allow from All | |
64 | </Files> | |
3ea75603 MT |
65 | <Files credits.cgi> |
66 | Satisfy Any | |
67 | Allow from All | |
68 | </Files> | |
69 | <Files dial.cgi> | |
70 | Require user admin dial | |
71 | </Files> | |
72 | </Directory> | |
73 | <IfModule mod_dir.c> | |
74 | DirectoryIndex index.html index.htm index.shtml index.cgi | |
75 | </IfModule> | |
76 | AccessFileName .htaccess | |
77 | <Files ~ "^\.ht"> | |
78 | Order allow,deny | |
79 | Deny from all | |
80 | </Files> | |
81 | <IfModule mod_mime.c> | |
82 | TypesConfig /etc/mime.types | |
83 | </IfModule> | |
84 | DefaultType text/plain | |
85 | ||
86 | HostnameLookups Off | |
87 | ErrorLog /var/log/httpd/error_log | |
88 | LogLevel warn | |
89 | LogFormat "%h %l %u %t \"%r\" %>s %b" common | |
90 | CustomLog /var/log/httpd/access_log common | |
91 | ServerSignature Off | |
92 | AddHandler cgi-script .cgi | |
93 | <IfModule mod_setenvif.c> | |
94 | BrowserMatch "Mozilla/2" nokeepalive | |
95 | BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0 | |
96 | BrowserMatch "RealPlayer 4\.0" force-response-1.0 | |
97 | BrowserMatch "Java/1\.0" force-response-1.0 | |
98 | BrowserMatch "JDK/1\.0" force-response-1.0 | |
99 | </IfModule> | |
100 | ||
101 | ### | |
102 | ### SSL Configuration | |
103 | ### | |
104 | AddType application/x-x509-ca-cert .crt | |
105 | AddType application/x-pkcs7-crl .crl | |
106 | ||
107 | SSLPassPhraseDialog builtin | |
108 | SSLSessionCache dbm:/var/log/httpd/ssl_scache | |
109 | SSLSessionCacheTimeout 900 | |
110 | SSLMutex file:/var/log/httpd/ssl_mutex | |
111 | SSLRandomSeed startup builtin | |
112 | SSLRandomSeed connect builtin | |
113 | SSLLog /var/log/httpd/ssl_engine_log | |
114 | SSLLogLevel info | |
115 | ||
116 | <VirtualHost _default_:444> | |
117 | RewriteEngine on | |
118 | RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS) | |
119 | RewriteRule .* - [F] | |
120 | DocumentRoot /home/httpd/html | |
121 | ServerAdmin root@localhost | |
122 | ErrorLog /var/log/httpd/error_log | |
123 | TransferLog /var/log/httpd/access_log | |
124 | SSLEngine on | |
125 | SSLProtocol all -SSLv2 | |
126 | SSLCipherSuite ALL:!ADH:!EXPORT56:!eNULL:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP | |
127 | SSLCertificateFile /etc/httpd/server.crt | |
128 | SSLCertificateKeyFile /etc/httpd/server.key | |
129 | <Files ~ "\.(cgi|shtml?)$"> | |
130 | SSLOptions +StdEnvVars | |
131 | </Files> | |
132 | <Directory /home/httpd/cgi-bin> | |
133 | SSLOptions +StdEnvVars | |
134 | </Directory> | |
135 | SetEnv HOME /home/nobody | |
136 | SetEnvIf User-Agent ".*MSIE.*" \ | |
137 | nokeepalive ssl-unclean-shutdown \ | |
138 | downgrade-1.0 force-response-1.0 | |
139 | CustomLog /var/log/httpd/ssl_request_log \ | |
140 | "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" | |
141 | </VirtualHost> | |
142 | ||
143 | <Directory /home/httpd/html/backup> | |
144 | Options None | |
145 | AllowOverride None | |
146 | AuthName "Restricted" | |
147 | AuthType Basic | |
148 | AuthUserFile /var/ipfire/auth/users | |
149 | require user admin | |
150 | </Directory> | |
151 | ||
152 | include /etc/httpd/conf/hostname.conf |