GeƤndert:
[people/pmueller/ipfire-2.x.git] / config / httpd / httpd.conf
1 ##
2 ## httpd.conf -- Apache HTTP server configuration file
3 ##
4 ## $Id: httpd.conf,v 1.15.2.7 2005/04/16 11:40:15 rkerr Exp $
5 ##
6 ServerType standalone
7 ServerRoot /etc/httpd
8
9 LockFile /var/lock/httpd.lock
10 PidFile /var/run/httpd.pid
11 ScoreBoardFile /var/run/httpd.scoreboard
12 Timeout 900
13 KeepAlive On
14 MaxKeepAliveRequests 100
15 KeepAliveTimeout 15
16 MinSpareServers 1
17 MaxSpareServers 2
18 StartServers 2
19 MaxClients 10
20 MaxRequestsPerChild 100
21 Port 444
22 Listen 444
23 User nobody
24 Group nobody
25 ServerAdmin root@localhost
26 ServerTokens Prod
27 DocumentRoot /home/httpd/html
28 # Limit track/trace requests
29 RewriteEngine on
30 RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS)
31 RewriteRule .* - [F]
32
33 <Directory />
34     Options None
35     AllowOverride None
36 </Directory>
37 <Directory /home/httpd/html>
38     Options ExecCGI
39     AllowOverride None
40     Order allow,deny
41     Allow from all
42 </Directory>
43 <DirectoryMatch "/home/httpd/html/(graphs|sgraph)">
44     AuthName "Restricted"
45     AuthType Basic
46     AuthUserFile /var/ipfire/auth/users
47     require user admin
48 </DirectoryMatch>
49 ScriptAlias /cgi-bin/ /home/httpd/cgi-bin/
50 <Directory /home/httpd/cgi-bin>
51     AllowOverride None
52     Options None
53     AuthName "IPFire - Restricted"
54     AuthType Basic
55     AuthUserFile /var/ipfire/auth/users
56     Require user admin
57     <Files chpasswd.cgi>
58         Satisfy Any
59         Allow from All
60     </Files>
61     <Files webaccess.cgi>
62         Satisfy Any
63         Allow from All
64     </Files>
65     <Files credits.cgi>
66         Satisfy Any
67         Allow from All
68     </Files>
69     <Files dial.cgi>
70         Require user admin dial
71     </Files>
72 </Directory>
73 <IfModule mod_dir.c>
74     DirectoryIndex index.html index.htm index.shtml index.cgi
75 </IfModule>
76 AccessFileName .htaccess
77 <Files ~ "^\.ht">
78     Order allow,deny
79     Deny from all
80 </Files>
81 <IfModule mod_mime.c>
82     TypesConfig /etc/mime.types
83 </IfModule>
84 DefaultType text/plain
85
86 HostnameLookups Off
87 ErrorLog /var/log/httpd/error_log
88 LogLevel warn
89 LogFormat "%h %l %u %t \"%r\" %>s %b" common
90 CustomLog /var/log/httpd/access_log common
91 ServerSignature Off
92 AddHandler cgi-script .cgi
93 <IfModule mod_setenvif.c>
94     BrowserMatch "Mozilla/2" nokeepalive
95     BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
96     BrowserMatch "RealPlayer 4\.0" force-response-1.0
97     BrowserMatch "Java/1\.0" force-response-1.0
98     BrowserMatch "JDK/1\.0" force-response-1.0
99 </IfModule>
100
101 ###
102 ### SSL Configuration
103 ###
104 AddType application/x-x509-ca-cert .crt
105 AddType application/x-pkcs7-crl    .crl
106
107 SSLPassPhraseDialog  builtin
108 SSLSessionCache         dbm:/var/log/httpd/ssl_scache
109 SSLSessionCacheTimeout  900
110 SSLMutex  file:/var/log/httpd/ssl_mutex
111 SSLRandomSeed startup builtin
112 SSLRandomSeed connect builtin
113 SSLLog      /var/log/httpd/ssl_engine_log
114 SSLLogLevel info
115
116 <VirtualHost _default_:444>
117     RewriteEngine on
118     RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS)
119     RewriteRule .* - [F]
120     DocumentRoot /home/httpd/html
121     ServerAdmin root@localhost
122     ErrorLog /var/log/httpd/error_log
123     TransferLog /var/log/httpd/access_log
124     SSLEngine on
125     SSLProtocol all -SSLv2
126     SSLCipherSuite ALL:!ADH:!EXPORT56:!eNULL:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP
127     SSLCertificateFile /etc/httpd/server.crt
128     SSLCertificateKeyFile /etc/httpd/server.key
129     <Files ~ "\.(cgi|shtml?)$">
130         SSLOptions +StdEnvVars
131     </Files>
132     <Directory /home/httpd/cgi-bin>
133         SSLOptions +StdEnvVars
134     </Directory>
135     SetEnv HOME /home/nobody
136     SetEnvIf User-Agent ".*MSIE.*" \
137         nokeepalive ssl-unclean-shutdown \
138         downgrade-1.0 force-response-1.0
139     CustomLog /var/log/httpd/ssl_request_log \
140         "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
141 </VirtualHost>
142
143 <Directory /home/httpd/html/backup>
144     Options None
145     AllowOverride None
146     AuthName "Restricted"
147     AuthType Basic
148     AuthUserFile /var/ipfire/auth/users
149     require user admin
150 </Directory>
151
152 include /etc/httpd/conf/hostname.conf