Imported mod_perl by xpapa.
[people/teissler/ipfire-2.x.git] / config / httpd / vhosts.d / ipfire-interface-ssl.conf
1 <VirtualHost *:444>
2
3 RewriteEngine on
4 RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK|OPTIONS)
5 RewriteRule .* - [F]
6 DocumentRoot /srv/web/ipfire/html
7 ServerAdmin root@localhost
8 ErrorLog /var/log/httpd/error_log
9 TransferLog /var/log/httpd/access_log
10 SSLEngine on
11 SSLProtocol all -SSLv2
12 SSLCipherSuite ALL:!ADH:!EXPORT56:!eNULL:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW:+EXP
13 SSLCertificateFile /etc/httpd/server.crt
14 SSLCertificateKeyFile /etc/httpd/server.key
15
16 PerlRequire /usr/lib/apache/startup.pl
17 PerlWarn On
18
19 <Directory /srv/web/ipfire/html>
20 Options ExecCGI
21 AllowOverride None
22 Order allow,deny
23 Allow from all
24 </Directory>
25 <DirectoryMatch "/srv/web/ipfire/html/(graphs|sgraph)">
26 AuthName "IPFire - Restricted"
27 AuthType Basic
28 AuthUserFile /var/ipfire/auth/users
29 Require user admin
30 </DirectoryMatch>
31 ScriptAlias /cgi-bin/ /srv/web/ipfire/cgi-bin/
32 <Directory /srv/web/ipfire/cgi-bin>
33 AllowOverride None
34 Options ExecCGI
35 SetHandler perl-script
36 PerlSendHeader On
37 PerlHandler ModPerl::Registry
38 AuthName "IPFire - Restricted"
39 AuthType Basic
40 AuthUserFile /var/ipfire/auth/users
41 Require user admin
42 <Files chpasswd.cgi>
43 Satisfy Any
44 Allow from All
45 </Files>
46 <Files webaccess.cgi>
47 Satisfy Any
48 Allow from All
49 </Files>
50 <Files credits.cgi>
51 Satisfy Any
52 Allow from All
53 </Files>
54 <Files dial.cgi>
55 Require user admin
56 </Files>
57 </Directory>
58 <Directory /srv/web/ipfire/cgi-bin/dial>
59 AllowOverride None
60 Options None
61 AuthName "IPFire - Restricted"
62 AuthType Basic
63 AuthUserFile /var/ipfire/auth/users
64 Require user dial admin
65 </Directory>
66 <Files ~ "\.(cgi|shtml?)$">
67 SSLOptions +StdEnvVars
68 </Files>
69 <Directory /srv/web/ipfire/cgi-bin>
70 SSLOptions +StdEnvVars
71 </Directory>
72 SetEnv HOME /home/nobody
73 SetEnvIf User-Agent ".*MSIE.*" \
74 nokeepalive ssl-unclean-shutdown \
75 downgrade-1.0 force-response-1.0
76 CustomLog /var/log/httpd/ssl_request_log \
77 "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
78 </VirtualHost>