Hinzugefuegt:
[ipfire-2.x.git] / config / httpd / httpd.conf
1 ##
2 ## httpd.conf -- Apache HTTP server configuration file
3 ##
4 ServerType standalone
5 ServerRoot /etc/httpd
6
7 LockFile /var/lock/httpd.lock
8 PidFile /var/run/httpd.pid
9 ScoreBoardFile /var/run/httpd.scoreboard
10 Timeout 900
11 KeepAlive On
12 MaxKeepAliveRequests 100
13 KeepAliveTimeout 15
14 MinSpareServers 1
15 MaxSpareServers 2
16 StartServers 2
17 MaxClients 10
18 MaxRequestsPerChild 100
19 Port 81
20 Listen 81
21 Listen 444
22 User nobody
23 Group nobody
24 ServerAdmin root@localhost
25 ServerTokens Prod
26 DocumentRoot /home/httpd/html
27 # Limit track/trace requests
28 RewriteEngine on
29 RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS)
30 RewriteRule .* - [F]
31
32 <Directory />
33 Options None
34 AllowOverride None
35 </Directory>
36 <Directory /home/httpd/html>
37 Options ExecCGI
38 AllowOverride None
39 Order allow,deny
40 Allow from all
41 </Directory>
42 <DirectoryMatch "/home/httpd/html/(graphs|sgraph)">
43 AuthName "IPFire - Restricted"
44 AuthType Basic
45 AuthUserFile /var/ipfire/auth/users
46 Require user admin
47 </DirectoryMatch>
48 ScriptAlias /cgi-bin/ /home/httpd/cgi-bin/
49 <Directory /home/httpd/cgi-bin>
50 AllowOverride None
51 Options None
52 AuthName "IPFire - Restricted"
53 AuthType Basic
54 AuthUserFile /var/ipfire/auth/users
55 Require user admin
56 <Files chpasswd.cgi>
57 Satisfy Any
58 Allow from All
59 </Files>
60 <Files webaccess.cgi>
61 Satisfy Any
62 Allow from All
63 </Files>
64 <Files credits.cgi>
65 Satisfy Any
66 Allow from All
67 </Files>
68 <Files dial.cgi>
69 Require user admin
70 </Files>
71 </Directory>
72 <Directory /home/httpd/cgi-bin/dial>
73 AllowOverride None
74 Options None
75 AuthName "IPFire - Restricted"
76 AuthType Basic
77 AuthUserFile /var/ipfire/auth/users
78 Require user dial admin
79 </Directory>
80 <IfModule mod_dir.c>
81 DirectoryIndex index.html index.htm index.shtml index.cgi
82 </IfModule>
83 AccessFileName .htaccess
84 <Files ~ "^\.ht">
85 Order allow,deny
86 Deny from all
87 </Files>
88 <IfModule mod_mime.c>
89 TypesConfig /etc/mime.types
90 </IfModule>
91 DefaultType text/plain
92
93 HostnameLookups Off
94 ErrorLog /var/log/httpd/error_log
95 LogLevel warn
96 LogFormat "%h %l %u %t \"%r\" %>s %b" common
97 CustomLog /var/log/httpd/access_log common
98 ServerSignature Off
99 AddHandler cgi-script .cgi
100 <IfModule mod_setenvif.c>
101 BrowserMatch "Mozilla/2" nokeepalive
102 BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
103 BrowserMatch "RealPlayer 4\.0" force-response-1.0
104 BrowserMatch "Java/1\.0" force-response-1.0
105 BrowserMatch "JDK/1\.0" force-response-1.0
106 </IfModule>
107
108 ###
109 ### SSL Configuration
110 ###
111 AddType application/x-x509-ca-cert .crt
112 AddType application/x-pkcs7-crl .crl
113
114 SSLPassPhraseDialog builtin
115 SSLSessionCache dbm:/var/log/httpd/ssl_scache
116 SSLSessionCacheTimeout 900
117 SSLMutex file:/var/log/httpd/ssl_mutex
118 SSLRandomSeed startup builtin
119 SSLRandomSeed connect builtin
120 SSLLog /var/log/httpd/ssl_engine_log
121 SSLLogLevel info
122
123 <VirtualHost _default_:444>
124 RewriteEngine on
125 RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS)
126 RewriteRule .* - [F]
127 DocumentRoot /home/httpd/html
128 ServerAdmin root@localhost
129 ErrorLog /var/log/httpd/error_log
130 TransferLog /var/log/httpd/access_log
131 SSLEngine on
132 SSLProtocol all -SSLv2
133 SSLCipherSuite ALL:!ADH:!EXPORT56:!eNULL:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP
134 SSLCertificateFile /etc/httpd/server.crt
135 SSLCertificateKeyFile /etc/httpd/server.key
136 <Files ~ "\.(cgi|shtml?)$">
137 SSLOptions +StdEnvVars
138 </Files>
139 <Directory /home/httpd/cgi-bin>
140 SSLOptions +StdEnvVars
141 </Directory>
142 SetEnv HOME /home/nobody
143 SetEnvIf User-Agent ".*MSIE.*" \
144 nokeepalive ssl-unclean-shutdown \
145 downgrade-1.0 force-response-1.0
146 CustomLog /var/log/httpd/ssl_request_log \
147 "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
148 </VirtualHost>
149
150 <Directory /home/httpd/html/backup>
151 Options None
152 AllowOverride None
153 AuthName "IPFire - Restricted"
154 AuthType Basic
155 AuthUserFile /var/ipfire/auth/users
156 require user admin
157 </Directory>
158
159 include /etc/httpd/conf/hostname.conf