4 RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS)
7 DocumentRoot /srv/web/ipfire/html
8 ServerAdmin root@localhost
9 ErrorLog /var/log/httpd/error_log
10 TransferLog /var/log/httpd/access_log
13 SSLProtocol all -SSLv2 -SSLv3
14 SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:CAMELLIA128-SHA:AES256-GCM-SHA384:AES256-SHA256:AES256-SHA:CAMELLIA256-SHA
15 SSLHonorCipherOrder on
18 SSLCertificateFile /etc/httpd/server.crt
19 SSLCertificateKeyFile /etc/httpd/server.key
20 SSLCertificateFile /etc/httpd/server-ecdsa.crt
21 SSLCertificateKeyFile /etc/httpd/server-ecdsa.key
23 Header always set X-Content-Type-Options nosniff
25 <Directory /srv/web/ipfire/html>
30 <DirectoryMatch "/srv/web/ipfire/html/(graphs|sgraph)">
31 AuthName "IPFire - Restricted"
33 AuthUserFile /var/ipfire/auth/users
39 ScriptAlias /cgi-bin/ /srv/web/ipfire/cgi-bin/
40 <Directory /srv/web/ipfire/cgi-bin>
43 AuthName "IPFire - Restricted"
45 AuthUserFile /var/ipfire/auth/users
57 <Files ~ "\.(cgi|shtml?)$">
58 SSLOptions +StdEnvVars
60 <Directory /srv/web/ipfire/cgi-bin>
61 SSLOptions +StdEnvVars
63 SetEnv HOME /home/nobody
64 SetEnvIf User-Agent ".*MSIE.*" \
65 nokeepalive ssl-unclean-shutdown \
66 downgrade-1.0 force-response-1.0
67 CustomLog /var/log/httpd/ssl_request_log \
68 "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
70 Alias /updatecache/ /var/updatecache/
71 <Directory /var/updatecache>
77 Alias /repository/ /var/urlrepo/
78 <Directory /var/urlrepo>
84 Alias /proxy-reports/ /var/log/sarg/
85 <Directory /var/log/sarg>
88 AuthName "IPFire - Restricted"
90 AuthUserFile /var/ipfire/auth/users