]>
Commit | Line | Data |
---|---|---|
3ea75603 MT |
1 | ## |
2 | ## httpd.conf -- Apache HTTP server configuration file | |
3 | ## | |
4 | ## $Id: httpd.conf,v 1.15.2.7 2005/04/16 11:40:15 rkerr Exp $ | |
5 | ## | |
6 | ServerType standalone | |
7 | ServerRoot /etc/httpd | |
8 | ||
9 | LockFile /var/lock/httpd.lock | |
10 | PidFile /var/run/httpd.pid | |
11 | ScoreBoardFile /var/run/httpd.scoreboard | |
12 | Timeout 900 | |
13 | KeepAlive On | |
14 | MaxKeepAliveRequests 100 | |
15 | KeepAliveTimeout 15 | |
16 | MinSpareServers 1 | |
17 | MaxSpareServers 2 | |
18 | StartServers 2 | |
19 | MaxClients 10 | |
20 | MaxRequestsPerChild 100 | |
21 | Port 81 | |
22 | Listen 81 | |
23 | Listen 444 | |
24 | User nobody | |
25 | Group nobody | |
26 | ServerAdmin root@localhost | |
27 | ServerTokens Prod | |
28 | DocumentRoot /home/httpd/html | |
29 | # Limit track/trace requests | |
30 | RewriteEngine on | |
31 | RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS) | |
32 | RewriteRule .* - [F] | |
33 | ||
34 | <Directory /> | |
35 | Options None | |
36 | AllowOverride None | |
37 | </Directory> | |
38 | <Directory /home/httpd/html> | |
39 | Options ExecCGI | |
40 | AllowOverride None | |
41 | Order allow,deny | |
42 | Allow from all | |
43 | </Directory> | |
44 | <DirectoryMatch "/home/httpd/html/(graphs|sgraph)"> | |
45 | AuthName "Restricted" | |
46 | AuthType Basic | |
47 | AuthUserFile CONFIG_ROOT/auth/users | |
48 | require user admin | |
49 | </DirectoryMatch> | |
50 | ScriptAlias /cgi-bin/ /home/httpd/cgi-bin/ | |
51 | <Directory /home/httpd/cgi-bin> | |
52 | AllowOverride None | |
53 | Options None | |
54 | AuthName "Restricted" | |
55 | AuthType Basic | |
56 | AuthUserFile /var/ipfire/auth/users | |
57 | Require user admin | |
ed38f89d MT |
58 | <Files chpasswd.cgi> |
59 | Satisfy Any | |
60 | Allow from All | |
61 | </Files> | |
62 | <Files webaccess.cgi> | |
63 | Satisfy Any | |
64 | Allow from All | |
65 | </Files> | |
3ea75603 MT |
66 | <Files credits.cgi> |
67 | Satisfy Any | |
68 | Allow from All | |
69 | </Files> | |
70 | <Files dial.cgi> | |
71 | Require user admin dial | |
72 | </Files> | |
73 | </Directory> | |
74 | <IfModule mod_dir.c> | |
75 | DirectoryIndex index.html index.htm index.shtml index.cgi | |
76 | </IfModule> | |
77 | AccessFileName .htaccess | |
78 | <Files ~ "^\.ht"> | |
79 | Order allow,deny | |
80 | Deny from all | |
81 | </Files> | |
82 | <IfModule mod_mime.c> | |
83 | TypesConfig /etc/mime.types | |
84 | </IfModule> | |
85 | DefaultType text/plain | |
86 | ||
87 | HostnameLookups Off | |
88 | ErrorLog /var/log/httpd/error_log | |
89 | LogLevel warn | |
90 | LogFormat "%h %l %u %t \"%r\" %>s %b" common | |
91 | CustomLog /var/log/httpd/access_log common | |
92 | ServerSignature Off | |
93 | AddHandler cgi-script .cgi | |
94 | <IfModule mod_setenvif.c> | |
95 | BrowserMatch "Mozilla/2" nokeepalive | |
96 | BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0 | |
97 | BrowserMatch "RealPlayer 4\.0" force-response-1.0 | |
98 | BrowserMatch "Java/1\.0" force-response-1.0 | |
99 | BrowserMatch "JDK/1\.0" force-response-1.0 | |
100 | </IfModule> | |
101 | ||
102 | ### | |
103 | ### SSL Configuration | |
104 | ### | |
105 | AddType application/x-x509-ca-cert .crt | |
106 | AddType application/x-pkcs7-crl .crl | |
107 | ||
108 | SSLPassPhraseDialog builtin | |
109 | SSLSessionCache dbm:/var/log/httpd/ssl_scache | |
110 | SSLSessionCacheTimeout 900 | |
111 | SSLMutex file:/var/log/httpd/ssl_mutex | |
112 | SSLRandomSeed startup builtin | |
113 | SSLRandomSeed connect builtin | |
114 | SSLLog /var/log/httpd/ssl_engine_log | |
115 | SSLLogLevel info | |
116 | ||
117 | <VirtualHost _default_:444> | |
118 | RewriteEngine on | |
119 | RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS) | |
120 | RewriteRule .* - [F] | |
121 | DocumentRoot /home/httpd/html | |
122 | ServerAdmin root@localhost | |
123 | ErrorLog /var/log/httpd/error_log | |
124 | TransferLog /var/log/httpd/access_log | |
125 | SSLEngine on | |
126 | SSLProtocol all -SSLv2 | |
127 | SSLCipherSuite ALL:!ADH:!EXPORT56:!eNULL:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP | |
128 | SSLCertificateFile /etc/httpd/server.crt | |
129 | SSLCertificateKeyFile /etc/httpd/server.key | |
130 | <Files ~ "\.(cgi|shtml?)$"> | |
131 | SSLOptions +StdEnvVars | |
132 | </Files> | |
133 | <Directory /home/httpd/cgi-bin> | |
134 | SSLOptions +StdEnvVars | |
135 | </Directory> | |
136 | SetEnv HOME /home/nobody | |
137 | SetEnvIf User-Agent ".*MSIE.*" \ | |
138 | nokeepalive ssl-unclean-shutdown \ | |
139 | downgrade-1.0 force-response-1.0 | |
140 | CustomLog /var/log/httpd/ssl_request_log \ | |
141 | "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" | |
142 | </VirtualHost> | |
143 | ||
144 | <Directory /home/httpd/html/backup> | |
145 | Options None | |
146 | AllowOverride None | |
147 | AuthName "Restricted" | |
148 | AuthType Basic | |
149 | AuthUserFile /var/ipfire/auth/users | |
150 | require user admin | |
151 | </Directory> | |
152 | ||
153 | include /etc/httpd/conf/hostname.conf |