]>
Commit | Line | Data |
---|---|---|
1 | <VirtualHost *:444> | |
2 | ||
3 | RewriteEngine on | |
4 | RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS) | |
5 | RewriteRule .* - [F] | |
6 | DocumentRoot /srv/web/ipfire/html | |
7 | ServerAdmin root@localhost | |
8 | ErrorLog /var/log/httpd/error_log | |
9 | TransferLog /var/log/httpd/access_log | |
10 | SSLEngine on | |
11 | SSLProtocol all -SSLv2 | |
12 | SSLCipherSuite ALL:!ADH:!EXPORT56:!eNULL:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP | |
13 | SSLCertificateFile /etc/httpd/server.crt | |
14 | SSLCertificateKeyFile /etc/httpd/server.key | |
15 | ||
16 | <Directory /srv/web/ipfire/html> | |
17 | Options ExecCGI | |
18 | AllowOverride None | |
19 | Order allow,deny | |
20 | Allow from all | |
21 | </Directory> | |
22 | <DirectoryMatch "/srv/web/ipfire/html/(graphs|sgraph)"> | |
23 | AuthName "IPFire - Restricted" | |
24 | AuthType Basic | |
25 | AuthUserFile /var/ipfire/auth/users | |
26 | Require user admin | |
27 | </DirectoryMatch> | |
28 | ScriptAlias /cgi-bin/ /srv/web/ipfire/cgi-bin/ | |
29 | <Directory /srv/web/ipfire/cgi-bin> | |
30 | AllowOverride None | |
31 | Options ExecCGI | |
32 | AuthName "IPFire - Restricted" | |
33 | AuthType Basic | |
34 | AuthUserFile /var/ipfire/auth/users | |
35 | Require user admin | |
36 | <Files chpasswd.cgi> | |
37 | Satisfy Any | |
38 | Allow from All | |
39 | </Files> | |
40 | <Files webaccess.cgi> | |
41 | Satisfy Any | |
42 | Allow from All | |
43 | </Files> | |
44 | <Files credits.cgi> | |
45 | Satisfy Any | |
46 | Allow from All | |
47 | </Files> | |
48 | <Files dial.cgi> | |
49 | Require user admin | |
50 | </Files> | |
51 | </Directory> | |
52 | <Directory /srv/web/ipfire/cgi-bin/dial> | |
53 | AllowOverride None | |
54 | Options None | |
55 | AuthName "IPFire - Restricted" | |
56 | AuthType Basic | |
57 | AuthUserFile /var/ipfire/auth/users | |
58 | Require user dial admin | |
59 | </Directory> | |
60 | <Files ~ "\.(cgi|shtml?)$"> | |
61 | SSLOptions +StdEnvVars | |
62 | </Files> | |
63 | <Directory /srv/web/ipfire/cgi-bin> | |
64 | SSLOptions +StdEnvVars | |
65 | </Directory> | |
66 | SetEnv HOME /home/nobody | |
67 | SetEnvIf User-Agent ".*MSIE.*" \ | |
68 | nokeepalive ssl-unclean-shutdown \ | |
69 | downgrade-1.0 force-response-1.0 | |
70 | CustomLog /var/log/httpd/ssl_request_log \ | |
71 | "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" | |
72 | ||
73 | Alias /updatecache/ /var/updatecache/ | |
74 | <Directory /var/updatecache> | |
75 | Options ExecCGI | |
76 | AllowOverride None | |
77 | Order deny,allow | |
78 | Allow from all | |
79 | </Directory> | |
80 | </VirtualHost> |