config/httpd/httpd.conf

   1 ##
   2 ## httpd.conf -- Apache HTTP server configuration file
   3 ##
   4 ServerType standalone
   5 ServerRoot /etc/httpd
   6
   7 LockFile /var/lock/httpd.lock
   8 PidFile /var/run/httpd.pid
   9 ScoreBoardFile /var/run/httpd.scoreboard
  10 Timeout 900
  11 KeepAlive On
  12 MaxKeepAliveRequests 100
  13 KeepAliveTimeout 15
  14 MinSpareServers 1
  15 MaxSpareServers 2
  16 StartServers 2
  17 MaxClients 10
  18 MaxRequestsPerChild 100
  19 Port 81
  20 Listen 81
  21 Listen 444
  22 User nobody
  23 Group nobody
  24 ServerAdmin root@localhost
  25 ServerTokens Prod
  26 DocumentRoot /home/httpd/html
  27 # Limit track/trace requests
  28 RewriteEngine on
  29 RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS)
  30 RewriteRule .* - [F]
  31
  32 <Directory />
  33     Options None
  34     AllowOverride None
  35 </Directory>
  36 <Directory /home/httpd/html>
  37     Options ExecCGI
  38     AllowOverride None
  39     Order allow,deny
  40     Allow from all
  41 </Directory>
  42 <DirectoryMatch "/home/httpd/html/(graphs|sgraph)">
  43     AuthName "IPFire - Restricted"
  44     AuthType Basic
  45     AuthUserFile /var/ipfire/auth/users
  46     Require user admin
  47 </DirectoryMatch>
  48 ScriptAlias /cgi-bin/ /home/httpd/cgi-bin/
  49 <Directory /home/httpd/cgi-bin>
  50     AllowOverride None
  51     Options None
  52     AuthName "IPFire - Restricted"
  53     AuthType Basic
  54     AuthUserFile /var/ipfire/auth/users
  55     Require user admin
  56     <Files chpasswd.cgi>
  57         Satisfy Any
  58         Allow from All
  59     </Files>
  60     <Files webaccess.cgi>
  61         Satisfy Any
  62         Allow from All
  63     </Files>
  64     <Files credits.cgi>
  65         Satisfy Any
  66         Allow from All
  67     </Files>
  68     <Files dial.cgi>
  69         Require user admin
  70     </Files>
  71 </Directory>
  72 <Directory /home/httpd/cgi-bin/dial>
  73     AllowOverride None
  74     Options None
  75     AuthName "IPFire - Restricted"
  76     AuthType Basic
  77     AuthUserFile /var/ipfire/auth/users
  78     Require user dial admin
  79 </Directory>
  80 <IfModule mod_dir.c>
  81     DirectoryIndex index.html index.htm index.shtml index.cgi
  82 </IfModule>
  83 AccessFileName .htaccess
  84 <Files ~ "^\.ht">
  85     Order allow,deny
  86     Deny from all
  87 </Files>
  88 <IfModule mod_mime.c>
  89     TypesConfig /etc/mime.types
  90 </IfModule>
  91 DefaultType text/plain
  92
  93 HostnameLookups Off
  94 ErrorLog /var/log/httpd/error_log
  95 LogLevel warn
  96 LogFormat "%h %l %u %t \"%r\" %>s %b" common
  97 CustomLog /var/log/httpd/access_log common
  98 ServerSignature Off
  99 AddHandler cgi-script .cgi
 100 <IfModule mod_setenvif.c>
 101     BrowserMatch "Mozilla/2" nokeepalive
 102     BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
 103     BrowserMatch "RealPlayer 4\.0" force-response-1.0
 104     BrowserMatch "Java/1\.0" force-response-1.0
 105     BrowserMatch "JDK/1\.0" force-response-1.0
 106 </IfModule>
 107
 108 ###
 109 ### SSL Configuration
 110 ###
 111 AddType application/x-x509-ca-cert .crt
 112 AddType application/x-pkcs7-crl    .crl
 113
 114 SSLPassPhraseDialog  builtin
 115 SSLSessionCache         dbm:/var/log/httpd/ssl_scache
 116 SSLSessionCacheTimeout  900
 117 SSLMutex  file:/var/log/httpd/ssl_mutex
 118 SSLRandomSeed startup builtin
 119 SSLRandomSeed connect builtin
 120 SSLLog      /var/log/httpd/ssl_engine_log
 121 SSLLogLevel info
 122
 123 <VirtualHost _default_:444>
 124     RewriteEngine on
 125     RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS)
 126     RewriteRule .* - [F]
 127     DocumentRoot /home/httpd/html
 128     ServerAdmin root@localhost
 129     ErrorLog /var/log/httpd/error_log
 130     TransferLog /var/log/httpd/access_log
 131     SSLEngine on
 132     SSLProtocol all -SSLv2
 133     SSLCipherSuite ALL:!ADH:!EXPORT56:!eNULL:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP
 134     SSLCertificateFile /etc/httpd/server.crt
 135     SSLCertificateKeyFile /etc/httpd/server.key
 136     <Files ~ "\.(cgi|shtml?)$">
 137         SSLOptions +StdEnvVars
 138     </Files>
 139     <Directory /home/httpd/cgi-bin>
 140         SSLOptions +StdEnvVars
 141     </Directory>
 142     SetEnv HOME /home/nobody
 143     SetEnvIf User-Agent ".*MSIE.*" \
 144         nokeepalive ssl-unclean-shutdown \
 145         downgrade-1.0 force-response-1.0
 146     CustomLog /var/log/httpd/ssl_request_log \
 147         "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
 148 </VirtualHost>
 149
 150 <Directory /home/httpd/html/backup>
 151     Options None
 152     AllowOverride None
 153     AuthName "IPFire - Restricted"
 154     AuthType Basic
 155     AuthUserFile /var/ipfire/auth/users
 156     require user admin
 157 </Directory>
 158
 159 include /etc/httpd/conf/hostname.conf