Hinzugefuegt:
[people/pmueller/ipfire-2.x.git] / config / httpd / httpd.conf
CommitLineData
e3a8510a
MT
1##\r
2## httpd.conf -- Apache HTTP server configuration file\r
3##\r
4ServerType standalone\r
5ServerRoot /etc/httpd\r
6\r
7LockFile /var/lock/httpd.lock\r
8PidFile /var/run/httpd.pid\r
9ScoreBoardFile /var/run/httpd.scoreboard\r
10Timeout 900\r
11KeepAlive On\r
12MaxKeepAliveRequests 100\r
13KeepAliveTimeout 15\r
14MinSpareServers 1\r
15MaxSpareServers 2\r
16StartServers 2\r
17MaxClients 10\r
18MaxRequestsPerChild 100\r
19Port 81\r
20Listen 81\r
21Listen 444\r
22User nobody\r
23Group nobody\r
24ServerAdmin root@localhost\r
25ServerTokens Prod\r
26DocumentRoot /home/httpd/html\r
27# Limit track/trace requests\r
28RewriteEngine on\r
29RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS)\r
30RewriteRule .* - [F]\r
31\r
32<Directory />\r
33 Options None\r
34 AllowOverride None\r
35</Directory>\r
36<Directory /home/httpd/html>\r
37 Options ExecCGI\r
38 AllowOverride None\r
39 Order allow,deny\r
40 Allow from all\r
41</Directory>\r
42<DirectoryMatch "/home/httpd/html/(graphs|sgraph)">\r
43 AuthName "IPFire - Restricted"\r
44 AuthType Basic\r
45 AuthUserFile /var/ipfire/auth/users\r
46 Require user admin\r
47</DirectoryMatch>\r
48ScriptAlias /cgi-bin/ /home/httpd/cgi-bin/\r
49<Directory /home/httpd/cgi-bin>\r
50 AllowOverride None\r
51 Options None\r
52 AuthName "IPFire - Restricted"\r
53 AuthType Basic\r
54 AuthUserFile /var/ipfire/auth/users\r
55 Require user admin\r
56 <Files chpasswd.cgi>\r
57 Satisfy Any\r
58 Allow from All\r
59 </Files>\r
60 <Files webaccess.cgi>\r
61 Satisfy Any\r
62 Allow from All\r
63 </Files>\r
64 <Files credits.cgi>\r
65 Satisfy Any\r
66 Allow from All\r
67 </Files>\r
68 <Files dial.cgi>\r
69 Require user admin\r
70 </Files>\r
71</Directory>\r
72<Directory /home/httpd/cgi-bin/dial>\r
73 AllowOverride None\r
74 Options None\r
75 AuthName "IPFire - Restricted"\r
76 AuthType Basic\r
77 AuthUserFile /var/ipfire/auth/users\r
78 Require user dial admin\r
79</Directory>\r
80<IfModule mod_dir.c>\r
81 DirectoryIndex index.html index.htm index.shtml index.cgi\r
82</IfModule>\r
83AccessFileName .htaccess\r
84<Files ~ "^\.ht">\r
85 Order allow,deny\r
86 Deny from all\r
87</Files>\r
88<IfModule mod_mime.c>\r
89 TypesConfig /etc/mime.types\r
90</IfModule>\r
91DefaultType text/plain\r
92\r
93HostnameLookups Off\r
94ErrorLog /var/log/httpd/error_log\r
95LogLevel warn\r
96LogFormat "%h %l %u %t \"%r\" %>s %b" common\r
97CustomLog /var/log/httpd/access_log common\r
98ServerSignature Off\r
99AddHandler cgi-script .cgi\r
100<IfModule mod_setenvif.c>\r
101 BrowserMatch "Mozilla/2" nokeepalive\r
102 BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0\r
103 BrowserMatch "RealPlayer 4\.0" force-response-1.0\r
104 BrowserMatch "Java/1\.0" force-response-1.0\r
105 BrowserMatch "JDK/1\.0" force-response-1.0\r
106</IfModule>\r
107\r
108###\r
109### SSL Configuration\r
110###\r
111AddType application/x-x509-ca-cert .crt\r
112AddType application/x-pkcs7-crl .crl\r
113\r
114SSLPassPhraseDialog builtin\r
115SSLSessionCache dbm:/var/log/httpd/ssl_scache\r
116SSLSessionCacheTimeout 900\r
117SSLMutex file:/var/log/httpd/ssl_mutex\r
118SSLRandomSeed startup builtin\r
119SSLRandomSeed connect builtin\r
120SSLLog /var/log/httpd/ssl_engine_log\r
121SSLLogLevel info\r
122\r
123<VirtualHost _default_:444>\r
124 RewriteEngine on\r
125 RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS)\r
126 RewriteRule .* - [F]\r
127 DocumentRoot /home/httpd/html\r
128 ServerAdmin root@localhost\r
129 ErrorLog /var/log/httpd/error_log\r
130 TransferLog /var/log/httpd/access_log\r
131 SSLEngine on\r
132 SSLProtocol all -SSLv2\r
133 SSLCipherSuite ALL:!ADH:!EXPORT56:!eNULL:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP\r
134 SSLCertificateFile /etc/httpd/server.crt\r
135 SSLCertificateKeyFile /etc/httpd/server.key\r
136 <Files ~ "\.(cgi|shtml?)$">\r
137 SSLOptions +StdEnvVars\r
138 </Files>\r
139 <Directory /home/httpd/cgi-bin>\r
140 SSLOptions +StdEnvVars\r
141 </Directory>\r
142 SetEnv HOME /home/nobody\r
143 SetEnvIf User-Agent ".*MSIE.*" \\r
144 nokeepalive ssl-unclean-shutdown \\r
145 downgrade-1.0 force-response-1.0\r
146 CustomLog /var/log/httpd/ssl_request_log \\r
147 "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"\r
148</VirtualHost>\r
149\r
150<Directory /home/httpd/html/backup>\r
151 Options None\r
152 AllowOverride None\r
153 AuthName "IPFire - Restricted"\r
154 AuthType Basic\r
155 AuthUserFile /var/ipfire/auth/users\r
156 require user admin\r
157</Directory>\r
158\r
159include /etc/httpd/conf/hostname.conf\r