-##
-## httpd.conf -- Apache HTTP server configuration file
-##
-## $Id: httpd.conf,v 1.15.2.7 2005/04/16 11:40:15 rkerr Exp $
-##
-ServerType standalone
-ServerRoot /etc/httpd
-
-LockFile /var/lock/httpd.lock
-PidFile /var/run/httpd.pid
-ScoreBoardFile /var/run/httpd.scoreboard
-Timeout 900
-KeepAlive On
-MaxKeepAliveRequests 100
-KeepAliveTimeout 15
-MinSpareServers 1
-MaxSpareServers 2
-StartServers 2
-MaxClients 10
-MaxRequestsPerChild 100
-Port 81
-Listen 81
-Listen 444
-User nobody
-Group nobody
-ServerAdmin root@localhost
-ServerTokens Prod
-DocumentRoot /home/httpd/html
-# Limit track/trace requests
-RewriteEngine on
-RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS)
-RewriteRule .* - [F]
+#
+# /etc/httpd/conf/httpd.conf
+#
+# This is the main Apache2 server configuration file for IPFire.
+# Plese do not change this file!
+
+# Overview of include files, chronologically:
+#
+# httpd.conf
+# |
+# |-- uid.conf . . . . . . . . . . . . . . UserID/GroupID to run under
+# |-- server-tuning.conf . . . . . . . . . sizing of the server (how many processes to start, ...)
+# |-- loadmodule.conf . . . . . . . . . . . load these modules
+# |-- listen.conf . . . . . . . . . . . . . IP adresses / ports to listen on
+# |-- mod_log_config.conf . . . . . . . . . define logging formats
+# |-- sysconfig.d/global.conf . . . . . . . server-wide general settings
+# |-- mod_status.conf . . . . . . . . . . . restrict access to mod_status (server monitoring)
+# |-- mod_info.conf . . . . . . . . . . . . restrict access to mod_info
+# |-- mod_usertrack.conf . . . . . . . . . defaults for cookie-based user tracking
+# |-- mod_autoindex-defaults.conf . . . . . defaults for displaying of server-generated directory listings
+# |-- mod_mime-defaults.conf . . . . . . . defaults for mod_mime configuration
+# |-- errors.conf . . . . . . . . . . . . . customize error responses
+# |-- ssl-global.conf . . . . . . . . . . . SSL conf that applies to default server _and all_ virtual hosts
+# |
+# |-- default-server.conf . . . . . . . . . set up the default server that replies to non-virtual-host requests
+# |
+# `-- vhosts.d/ . . . . . . . . . . . . . . for each virtual host, place one file here
+# `-- *.conf . . . . . . . . . . . . . (*.conf is automatically included)
+#
+
+### Global Environment ######################################################
+#
+# The directives in this section affect the overall operation of Apache,
+# such as the number of concurrent requests.
+
+# run under this user/group id
+Include /etc/httpd/conf/uid.conf
+
+# - how many server processes to start (server pool regulation)
+# - usage of KeepAlive
+Include /etc/httpd/conf/server-tuning.conf
+
+# ErrorLog: The location of the error log file.
+# If you do not specify an ErrorLog directive within a <VirtualHost>
+# container, error messages relating to that virtual host will be
+# logged here. If you *do* define an error logfile for a <VirtualHost>
+# container, that host's errors will be logged there and not here.
+ErrorLog /var/log/httpd/error_log
+
+# Load Modules here
+Include /etc/httpd/conf/loadmodule.conf
+
+# IP addresses / ports to listen on
+Include /etc/httpd/conf/listen.conf
+
+# predefined logging formats
+Include /etc/httpd/conf/mod_log_config.conf
+
+# global settings
+Include /etc/httpd/conf/global.conf
+
+# optional mod_status, mod_info
+#Include /etc/httpd/conf/mod_status.conf
+#Include /etc/httpd/conf/mod_info.conf
+
+# associate MIME types with filename extensions
+TypesConfig /etc/mime.types
+DefaultType text/plain
+
+# global (server-wide) SSL configuration, that is not specific to
+# any virtual host
+Include /etc/httpd/conf/ssl-global.conf
<Directory />
Options None
AllowOverride None
</Directory>
-<Directory /home/httpd/html>
- Options ExecCGI
- AllowOverride None
- Order allow,deny
- Allow from all
-</Directory>
-<DirectoryMatch "/home/httpd/html/(graphs|sgraph)">
- AuthName "Restricted"
- AuthType Basic
- AuthUserFile CONFIG_ROOT/auth/users
- require user admin
-</DirectoryMatch>
-ScriptAlias /cgi-bin/ /home/httpd/cgi-bin/
-<Directory /home/httpd/cgi-bin>
- AllowOverride None
- Options None
- AuthName "Restricted"
- AuthType Basic
- AuthUserFile /var/ipfire/auth/users
- Require user admin
- <Files chpasswd.cgi>
- Satisfy Any
- Allow from All
- </Files>
- <Files webaccess.cgi>
- Satisfy Any
- Allow from All
- </Files>
- <Files credits.cgi>
- Satisfy Any
- Allow from All
- </Files>
- <Files dial.cgi>
- Require user admin dial
- </Files>
-</Directory>
-<IfModule mod_dir.c>
- DirectoryIndex index.html index.htm index.shtml index.cgi
-</IfModule>
+
+# use .htaccess files for overriding,
AccessFileName .htaccess
+# and never show them
<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>
-<IfModule mod_mime.c>
- TypesConfig /etc/mime.types
-</IfModule>
-DefaultType text/plain
-HostnameLookups Off
-ErrorLog /var/log/httpd/error_log
-LogLevel warn
-LogFormat "%h %l %u %t \"%r\" %>s %b" common
-CustomLog /var/log/httpd/access_log common
-ServerSignature Off
-AddHandler cgi-script .cgi
-<IfModule mod_setenvif.c>
- BrowserMatch "Mozilla/2" nokeepalive
- BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
- BrowserMatch "RealPlayer 4\.0" force-response-1.0
- BrowserMatch "Java/1\.0" force-response-1.0
- BrowserMatch "JDK/1\.0" force-response-1.0
-</IfModule>
-
-###
-### SSL Configuration
-###
-AddType application/x-x509-ca-cert .crt
-AddType application/x-pkcs7-crl .crl
-
-SSLPassPhraseDialog builtin
-SSLSessionCache dbm:/var/log/httpd/ssl_scache
-SSLSessionCacheTimeout 900
-SSLMutex file:/var/log/httpd/ssl_mutex
-SSLRandomSeed startup builtin
-SSLRandomSeed connect builtin
-SSLLog /var/log/httpd/ssl_engine_log
-SSLLogLevel info
-
-<VirtualHost _default_:444>
- RewriteEngine on
- RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS)
- RewriteRule .* - [F]
- DocumentRoot /home/httpd/html
- ServerAdmin root@localhost
- ErrorLog /var/log/httpd/error_log
- TransferLog /var/log/httpd/access_log
- SSLEngine on
- SSLProtocol all -SSLv2
- SSLCipherSuite ALL:!ADH:!EXPORT56:!eNULL:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP
- SSLCertificateFile /etc/httpd/server.crt
- SSLCertificateKeyFile /etc/httpd/server.key
- <Files ~ "\.(cgi|shtml?)$">
- SSLOptions +StdEnvVars
- </Files>
- <Directory /home/httpd/cgi-bin>
- SSLOptions +StdEnvVars
- </Directory>
- SetEnv HOME /home/nobody
- SetEnvIf User-Agent ".*MSIE.*" \
- nokeepalive ssl-unclean-shutdown \
- downgrade-1.0 force-response-1.0
- CustomLog /var/log/httpd/ssl_request_log \
- "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
-</VirtualHost>
-
-<Directory /home/httpd/html/backup>
- Options None
- AllowOverride None
- AuthName "Restricted"
- AuthType Basic
- AuthUserFile /var/ipfire/auth/users
- require user admin
-</Directory>
+# List of resources to look for when the client requests a directory
+DirectoryIndex index.html index.htm index.shtml index.cgi
+
+### 'Main' server configuration #############################################
+#
+# The directives in this section set up the values used by the 'main'
+# server, which responds to any requests that aren't handled by a
+# <VirtualHost> definition. These values also provide defaults for
+# any <VirtualHost> containers you may define later in the file.
+#
+# All of these directives may appear inside <VirtualHost> containers,
+# in which case these default settings will be overridden for the
+# virtual host being defined.
+#
+Include /etc/httpd/conf/default-server.conf
+
+
+### Virtual server configuration ############################################
+#
+# VirtualHost: If you want to maintain multiple domains/hostnames on your
+# machine you can setup VirtualHost containers for them. Most configurations
+# use only name-based virtual hosts so the server doesn't need to worry about
+# IP addresses. This is indicated by the asterisks in the directives below.
+#
+# Please see the documentation at
+# <URL:http://httpd.apache.org/docs-2.0/vhosts/>
+# for further details before you try to setup virtual hosts.
+#
+# You may use the command line option '-S' to verify your virtual host
+# configuration.
+#
+Include /etc/httpd/conf/vhosts.d/*.conf
+
-include /etc/httpd/conf/hostname.conf