X-Git-Url: http://git.ipfire.org/?p=people%2Fpmueller%2Fipfire-2.x.git;a=blobdiff_plain;f=config%2Fhttpd%2Fhttpd.conf;h=7e00b88268105ebb93fa14f707143825a7b78cc7;hp=585fcbc4160db7c53d6f2745483218fc2210a12a;hb=231048413ceb290dacedb62a38063e7079d9ef56;hpb=ed38f89d27b0cabfb6b2f708ced49da1399671df diff --git a/config/httpd/httpd.conf b/config/httpd/httpd.conf index 585fcbc416..7e00b88268 100644 --- a/config/httpd/httpd.conf +++ b/config/httpd/httpd.conf @@ -1,153 +1,120 @@ -## -## httpd.conf -- Apache HTTP server configuration file -## -## $Id: httpd.conf,v 1.15.2.7 2005/04/16 11:40:15 rkerr Exp $ -## -ServerType standalone -ServerRoot /etc/httpd - -LockFile /var/lock/httpd.lock -PidFile /var/run/httpd.pid -ScoreBoardFile /var/run/httpd.scoreboard -Timeout 900 -KeepAlive On -MaxKeepAliveRequests 100 -KeepAliveTimeout 15 -MinSpareServers 1 -MaxSpareServers 2 -StartServers 2 -MaxClients 10 -MaxRequestsPerChild 100 -Port 81 -Listen 81 -Listen 444 -User nobody -Group nobody -ServerAdmin root@localhost -ServerTokens Prod -DocumentRoot /home/httpd/html -# Limit track/trace requests -RewriteEngine on -RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS) -RewriteRule .* - [F] +# +# /etc/httpd/conf/httpd.conf +# +# This is the main Apache2 server configuration file for IPFire. +# Plese do not change this file! + +# Overview of include files, chronologically: +# +# httpd.conf +# | +# |-- uid.conf . . . . . . . . . . . . . . UserID/GroupID to run under +# |-- server-tuning.conf . . . . . . . . . sizing of the server (how many processes to start, ...) +# |-- loadmodule.conf . . . . . . . . . . . load these modules +# |-- listen.conf . . . . . . . . . . . . . IP adresses / ports to listen on +# |-- mod_log_config.conf . . . . . . . . . define logging formats +# |-- sysconfig.d/global.conf . . . . . . . server-wide general settings +# |-- mod_status.conf . . . . . . . . . . . restrict access to mod_status (server monitoring) +# |-- mod_info.conf . . . . . . . . . . . . restrict access to mod_info +# |-- mod_usertrack.conf . . . . . . . . . defaults for cookie-based user tracking +# |-- mod_autoindex-defaults.conf . . . . . defaults for displaying of server-generated directory listings +# |-- mod_mime-defaults.conf . . . . . . . defaults for mod_mime configuration +# |-- errors.conf . . . . . . . . . . . . . customize error responses +# |-- ssl-global.conf . . . . . . . . . . . SSL conf that applies to default server _and all_ virtual hosts +# | +# |-- default-server.conf . . . . . . . . . set up the default server that replies to non-virtual-host requests +# | +# `-- vhosts.d/ . . . . . . . . . . . . . . for each virtual host, place one file here +# `-- *.conf . . . . . . . . . . . . . (*.conf is automatically included) +# + +### Global Environment ###################################################### +# +# The directives in this section affect the overall operation of Apache, +# such as the number of concurrent requests. + +# run under this user/group id +Include /etc/httpd/conf/uid.conf + +# - how many server processes to start (server pool regulation) +# - usage of KeepAlive +Include /etc/httpd/conf/server-tuning.conf + +# ErrorLog: The location of the error log file. +# If you do not specify an ErrorLog directive within a +# container, error messages relating to that virtual host will be +# logged here. If you *do* define an error logfile for a +# container, that host's errors will be logged there and not here. +ErrorLog /var/log/httpd/error_log + +# Load Modules here +Include /etc/httpd/conf/loadmodule.conf + +# IP addresses / ports to listen on +Include /etc/httpd/conf/listen.conf + +# predefined logging formats +Include /etc/httpd/conf/mod_log_config.conf + +# global settings +Include /etc/httpd/conf/global.conf + +# optional mod_status, mod_info +#Include /etc/httpd/conf/mod_status.conf +#Include /etc/httpd/conf/mod_info.conf + +# associate MIME types with filename extensions +TypesConfig /etc/mime.types +DefaultType text/plain + +# global (server-wide) SSL configuration, that is not specific to +# any virtual host +Include /etc/httpd/conf/ssl-global.conf Options None AllowOverride None - - Options ExecCGI - AllowOverride None - Order allow,deny - Allow from all - - - AuthName "Restricted" - AuthType Basic - AuthUserFile CONFIG_ROOT/auth/users - require user admin - -ScriptAlias /cgi-bin/ /home/httpd/cgi-bin/ - - AllowOverride None - Options None - AuthName "Restricted" - AuthType Basic - AuthUserFile /var/ipfire/auth/users - Require user admin - - Satisfy Any - Allow from All - - - Satisfy Any - Allow from All - - - Satisfy Any - Allow from All - - - Require user admin dial - - - - DirectoryIndex index.html index.htm index.shtml index.cgi - + +# use .htaccess files for overriding, AccessFileName .htaccess +# and never show them Order allow,deny Deny from all - - TypesConfig /etc/mime.types - -DefaultType text/plain -HostnameLookups Off -ErrorLog /var/log/httpd/error_log -LogLevel warn -LogFormat "%h %l %u %t \"%r\" %>s %b" common -CustomLog /var/log/httpd/access_log common -ServerSignature Off -AddHandler cgi-script .cgi - - BrowserMatch "Mozilla/2" nokeepalive - BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0 - BrowserMatch "RealPlayer 4\.0" force-response-1.0 - BrowserMatch "Java/1\.0" force-response-1.0 - BrowserMatch "JDK/1\.0" force-response-1.0 - - -### -### SSL Configuration -### -AddType application/x-x509-ca-cert .crt -AddType application/x-pkcs7-crl .crl - -SSLPassPhraseDialog builtin -SSLSessionCache dbm:/var/log/httpd/ssl_scache -SSLSessionCacheTimeout 900 -SSLMutex file:/var/log/httpd/ssl_mutex -SSLRandomSeed startup builtin -SSLRandomSeed connect builtin -SSLLog /var/log/httpd/ssl_engine_log -SSLLogLevel info - - - RewriteEngine on - RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS) - RewriteRule .* - [F] - DocumentRoot /home/httpd/html - ServerAdmin root@localhost - ErrorLog /var/log/httpd/error_log - TransferLog /var/log/httpd/access_log - SSLEngine on - SSLProtocol all -SSLv2 - SSLCipherSuite ALL:!ADH:!EXPORT56:!eNULL:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP - SSLCertificateFile /etc/httpd/server.crt - SSLCertificateKeyFile /etc/httpd/server.key - - SSLOptions +StdEnvVars - - - SSLOptions +StdEnvVars - - SetEnv HOME /home/nobody - SetEnvIf User-Agent ".*MSIE.*" \ - nokeepalive ssl-unclean-shutdown \ - downgrade-1.0 force-response-1.0 - CustomLog /var/log/httpd/ssl_request_log \ - "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" - - - - Options None - AllowOverride None - AuthName "Restricted" - AuthType Basic - AuthUserFile /var/ipfire/auth/users - require user admin - +# List of resources to look for when the client requests a directory +DirectoryIndex index.html index.htm index.shtml index.cgi + +### 'Main' server configuration ############################################# +# +# The directives in this section set up the values used by the 'main' +# server, which responds to any requests that aren't handled by a +# definition. These values also provide defaults for +# any containers you may define later in the file. +# +# All of these directives may appear inside containers, +# in which case these default settings will be overridden for the +# virtual host being defined. +# +Include /etc/httpd/conf/default-server.conf + + +### Virtual server configuration ############################################ +# +# VirtualHost: If you want to maintain multiple domains/hostnames on your +# machine you can setup VirtualHost containers for them. Most configurations +# use only name-based virtual hosts so the server doesn't need to worry about +# IP addresses. This is indicated by the asterisks in the directives below. +# +# Please see the documentation at +# +# for further details before you try to setup virtual hosts. +# +# You may use the command line option '-S' to verify your virtual host +# configuration. +# +Include /etc/httpd/conf/vhosts.d/*.conf + -include /etc/httpd/conf/hostname.conf