Blah
This commit is contained in:
Hans Wurst
@@ -1,131 +0,0 @@
|
||||
# This configuration file reflects default settings for Apache HTTP Server.
|
||||
# You may change these, but chances are that you may not need to.
|
||||
|
||||
# Timeout: The number of seconds before receives and sends time out.
|
||||
Timeout 300
|
||||
|
||||
# KeepAlive: Whether or not to allow persistent connections (more than
|
||||
# one request per connection). Set to "Off" to deactivate.
|
||||
KeepAlive On
|
||||
|
||||
# MaxKeepAliveRequests: The maximum number of requests to allow
|
||||
# during a persistent connection. Set to 0 to allow an unlimited amount.
|
||||
# We recommend you leave this number high, for maximum performance.
|
||||
MaxKeepAliveRequests 100
|
||||
|
||||
# KeepAliveTimeout: Number of seconds to wait for the next request from the
|
||||
# same client on the same connection.
|
||||
KeepAliveTimeout 15
|
||||
|
||||
# UseCanonicalName: Determines how Apache constructs self-referencing
|
||||
# URLs and the SERVER_NAME and SERVER_PORT variables.
|
||||
# When set "Off", Apache will use the Hostname and Port supplied
|
||||
# by the client. When set "On", Apache will use the value of the
|
||||
# ServerName directive.
|
||||
UseCanonicalName Off
|
||||
|
||||
# AccessFileName: The name of the file to look for in each directory
|
||||
# for additional configuration directives. See also the AllowOverride
|
||||
# directive.
|
||||
AccessFileName .htaccess
|
||||
|
||||
# ServerTokens
|
||||
# This directive configures what you return as the Server HTTP response
|
||||
# Header. The default is 'Full' which sends information about the OS-Type
|
||||
# and compiled in modules.
|
||||
# Set to one of: Full | OS | Minor | Minimal | Major | Prod
|
||||
# where Full conveys the most information, and Prod the least.
|
||||
ServerTokens Prod
|
||||
|
||||
# TraceEnable
|
||||
# This directive overrides the behavior of TRACE for both the core server and
|
||||
# mod_proxy. The default TraceEnable on permits TRACE requests per RFC 2616,
|
||||
# which disallows any request body to accompany the request. TraceEnable off
|
||||
# causes the core server and mod_proxy to return a 405 (Method not allowed)
|
||||
# error to the client.
|
||||
# For security reasons this is turned off by default. (bug #240680)
|
||||
TraceEnable off
|
||||
|
||||
# Optionally add a line containing the server version and virtual host
|
||||
# name to server-generated pages (internal error documents, FTP directory
|
||||
# listings, mod_status and mod_info output etc., but not CGI generated
|
||||
# documents or custom error documents).
|
||||
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
|
||||
# Set to one of: On | Off | EMail
|
||||
ServerSignature On
|
||||
|
||||
# HostnameLookups: Log the names of clients or just their IP addresses
|
||||
# e.g., www.apache.org (on) or 204.62.129.132 (off).
|
||||
# The default is off because it'd be overall better for the net if people
|
||||
# had to knowingly turn this feature on, since enabling it means that
|
||||
# each client request will result in AT LEAST one lookup request to the
|
||||
# nameserver.
|
||||
HostnameLookups Off
|
||||
|
||||
# EnableMMAP and EnableSendfile: On systems that support it,
|
||||
# memory-mapping or the sendfile syscall is used to deliver
|
||||
# files. This usually improves server performance, but must
|
||||
# be turned off when serving from networked-mounted
|
||||
# filesystems or if support for these functions is otherwise
|
||||
# broken on your system.
|
||||
EnableMMAP On
|
||||
EnableSendfile Off
|
||||
|
||||
# FileETag: Configures the file attributes that are used to create
|
||||
# the ETag (entity tag) response header field when the document is
|
||||
# based on a static file. (The ETag value is used in cache management
|
||||
# to save network bandwidth.)
|
||||
FileETag MTime Size
|
||||
|
||||
# ContentDigest: This directive enables the generation of Content-MD5
|
||||
# headers as defined in RFC1864 respectively RFC2616.
|
||||
# The Content-MD5 header provides an end-to-end message integrity
|
||||
# check (MIC) of the entity-body. A proxy or client may check this
|
||||
# header for detecting accidental modification of the entity-body
|
||||
# in transit.
|
||||
# Note that this can cause performance problems on your server since
|
||||
# the message digest is computed on every request (the values are
|
||||
# not cached).
|
||||
# Content-MD5 is only sent for documents served by the core, and not
|
||||
# by any module. For example, SSI documents, output from CGI scripts,
|
||||
# and byte range responses do not have this header.
|
||||
ContentDigest Off
|
||||
|
||||
# ErrorLog: The location of the error log file.
|
||||
# If you do not specify an ErrorLog directive within a <VirtualHost>
|
||||
# container, error messages relating to that virtual host will be
|
||||
# logged here. If you *do* define an error logfile for a <VirtualHost>
|
||||
# container, that host's errors will be logged there and not here.
|
||||
ErrorLog /var/log/apache2/error_log
|
||||
|
||||
# LogLevel: Control the number of messages logged to the error_log.
|
||||
# Possible values include: debug, info, notice, warn, error, crit,
|
||||
# alert, emerg.
|
||||
LogLevel warn
|
||||
|
||||
# We configure the "default" to be a very restrictive set of features.
|
||||
<Directory />
|
||||
Options FollowSymLinks
|
||||
AllowOverride None
|
||||
Require all denied
|
||||
</Directory>
|
||||
|
||||
# DirectoryIndex: sets the file that Apache will serve if a directory
|
||||
# is requested.
|
||||
#
|
||||
# The index.html.var file (a type-map) is used to deliver content-
|
||||
# negotiated documents. The MultiViews Options can be used for the
|
||||
# same purpose, but it is much slower.
|
||||
#
|
||||
# Do not change this entry unless you know what you are doing.
|
||||
<IfModule dir_module>
|
||||
DirectoryIndex index.html index.html.var
|
||||
</IfModule>
|
||||
|
||||
# The following lines prevent .htaccess and .htpasswd files from being
|
||||
# viewed by Web clients.
|
||||
<FilesMatch "^\.ht">
|
||||
Require all denied
|
||||
</FilesMatch>
|
||||
|
||||
# vim: ts=4 filetype=apache
|
||||
@@ -1,57 +0,0 @@
|
||||
# The configuration below implements multi-language error documents through
|
||||
# content-negotiation.
|
||||
|
||||
# Customizable error responses come in three flavors:
|
||||
# 1) plain text 2) local redirects 3) external redirects
|
||||
# Some examples:
|
||||
#ErrorDocument 500 "The server made a boo boo."
|
||||
#ErrorDocument 404 /missing.html
|
||||
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
|
||||
#ErrorDocument 402 http://www.example.com/subscription_info.html
|
||||
|
||||
# Required modules: mod_alias, mod_include, mod_negotiation
|
||||
# We use Alias to redirect any /error/HTTP_<error>.html.var response to
|
||||
# our collection of by-error message multi-language collections. We use
|
||||
# includes to substitute the appropriate text.
|
||||
# You can modify the messages' appearance without changing any of the
|
||||
# default HTTP_<error>.html.var files by adding the line:
|
||||
# Alias /error/include/ "/your/include/path/"
|
||||
# which allows you to create your own set of files by starting with the
|
||||
# /var/www/localhost/error/include/ files and copying them to /your/include/path/,
|
||||
# even on a per-VirtualHost basis. The default include files will display
|
||||
# your Apache version number and your ServerAdmin email address regardless
|
||||
# of the setting of ServerSignature.
|
||||
|
||||
<IfDefine ERRORDOCS>
|
||||
Alias /error/ "/usr/share/apache2/error/"
|
||||
|
||||
<Directory "/usr/share/apache2/error">
|
||||
AllowOverride None
|
||||
Options IncludesNoExec
|
||||
AddOutputFilter Includes html
|
||||
AddHandler type-map var
|
||||
Require all granted
|
||||
LanguagePriority en cs de es fr it ja ko nl pl pt-br ro sv tr
|
||||
ForceLanguagePriority Prefer Fallback
|
||||
</Directory>
|
||||
|
||||
ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
|
||||
ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
|
||||
ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
|
||||
ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
|
||||
ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
|
||||
ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
|
||||
ErrorDocument 410 /error/HTTP_GONE.html.var
|
||||
ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
|
||||
ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
|
||||
ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
|
||||
ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
|
||||
ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
|
||||
ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
|
||||
ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
|
||||
ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
|
||||
ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
|
||||
ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
|
||||
</IfDefine>
|
||||
|
||||
# vim: ts=4 filetype=apache
|
||||
@@ -1,86 +0,0 @@
|
||||
<IfModule autoindex_module>
|
||||
<IfDefine !NO_AUTOINDEX_CONF>
|
||||
|
||||
<IfModule alias_module>
|
||||
# We include the /icons/ alias for FancyIndexed directory listings. If
|
||||
# you do not use FancyIndexing, you may comment this out.
|
||||
Alias /icons/ "/usr/share/apache2/icons/"
|
||||
|
||||
<Directory "/usr/share/apache2/icons">
|
||||
Options Indexes MultiViews
|
||||
AllowOverride None
|
||||
Order allow,deny
|
||||
Allow from all
|
||||
</Directory>
|
||||
</IfModule>
|
||||
|
||||
# Directives controlling the display of server-generated directory listings.
|
||||
#
|
||||
# To see the listing of a directory, the Options directive for the
|
||||
# directory must include "Indexes", and the directory must not contain
|
||||
# a file matching those listed in the DirectoryIndex directive.
|
||||
|
||||
# IndexOptions: Controls the appearance of server-generated directory
|
||||
# listings.
|
||||
IndexOptions FancyIndexing VersionSort
|
||||
|
||||
# AddIcon* directives tell the server which icon to show for different
|
||||
# files or filename extensions. These are only displayed for
|
||||
# FancyIndexed directories.
|
||||
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
|
||||
|
||||
AddIconByType (TXT,/icons/text.gif) text/*
|
||||
AddIconByType (IMG,/icons/image2.gif) image/*
|
||||
AddIconByType (SND,/icons/sound2.gif) audio/*
|
||||
AddIconByType (VID,/icons/movie.gif) video/*
|
||||
|
||||
AddIcon /icons/binary.gif .bin .exe
|
||||
AddIcon /icons/binhex.gif .hqx
|
||||
AddIcon /icons/tar.gif .tar
|
||||
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
|
||||
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
|
||||
AddIcon /icons/a.gif .ps .ai .eps
|
||||
AddIcon /icons/layout.gif .html .shtml .htm .pdf
|
||||
AddIcon /icons/text.gif .txt
|
||||
AddIcon /icons/c.gif .c
|
||||
AddIcon /icons/p.gif .pl .py
|
||||
AddIcon /icons/f.gif .for
|
||||
AddIcon /icons/dvi.gif .dvi
|
||||
AddIcon /icons/uuencoded.gif .uu
|
||||
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
|
||||
AddIcon /icons/tex.gif .tex
|
||||
AddIcon /icons/bomb.gif core
|
||||
|
||||
AddIcon /icons/back.gif ..
|
||||
AddIcon /icons/hand.right.gif README
|
||||
AddIcon /icons/folder.gif ^^DIRECTORY^^
|
||||
AddIcon /icons/blank.gif ^^BLANKICON^^
|
||||
|
||||
# DefaultIcon is which icon to show for files which do not have an icon
|
||||
# explicitly set.
|
||||
DefaultIcon /icons/unknown.gif
|
||||
|
||||
# AddDescription allows you to place a short description after a file in
|
||||
# server-generated indexes. These are only displayed for FancyIndexed
|
||||
# directories.
|
||||
# Format: AddDescription "description" filename
|
||||
|
||||
#AddDescription "GZIP compressed document" .gz
|
||||
#AddDescription "tar archive" .tar
|
||||
#AddDescription "GZIP compressed tar archive" .tgz
|
||||
|
||||
# ReadmeName is the name of the README file the server will look for by
|
||||
# default, and append to directory listings.
|
||||
|
||||
# HeaderName is the name of a file which should be prepended to
|
||||
# directory indexes.
|
||||
ReadmeName README.html
|
||||
HeaderName HEADER.html
|
||||
|
||||
# IndexIgnore is a set of filenames which directory indexing should ignore
|
||||
# and not include in the listing. Shell-style wildcarding is permitted.
|
||||
IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
|
||||
</IfDefine>
|
||||
</IfModule>
|
||||
|
||||
# vim: ts=4 filetype=apache
|
||||
@@ -1,10 +0,0 @@
|
||||
<IfDefine INFO>
|
||||
# Allow remote server configuration reports, with the URL of
|
||||
# http://servername/server-info
|
||||
<Location /server-info>
|
||||
SetHandler server-info
|
||||
Require local
|
||||
</Location>
|
||||
</IfDefine>
|
||||
|
||||
# vim: ts=4 filetype=apache
|
||||
@@ -1,46 +0,0 @@
|
||||
<IfModule mime_module>
|
||||
# TypesConfig points to the file containing the list of mappings from
|
||||
# filename extension to MIME-type.
|
||||
TypesConfig /etc/mime.types
|
||||
|
||||
# AddType allows you to add to or override the MIME configuration
|
||||
# file specified in TypesConfig for specific file types.
|
||||
#AddType application/x-gzip .tgz
|
||||
|
||||
# AddEncoding allows you to have certain browsers uncompress
|
||||
# information on the fly. Note: Not all browsers support this.
|
||||
#AddEncoding x-compress .Z
|
||||
#AddEncoding x-gzip .gz .tgz
|
||||
|
||||
# If the AddEncoding directives above are commented-out, then you
|
||||
# probably should define those extensions to indicate media types:
|
||||
AddType application/x-compress .Z
|
||||
AddType application/x-gzip .gz .tgz
|
||||
|
||||
# AddHandler allows you to map certain file extensions to "handlers":
|
||||
# actions unrelated to filetype. These can be either built into the server
|
||||
# or added with the Action directive (see below)
|
||||
|
||||
# To use CGI scripts outside of ScriptAliased directories:
|
||||
# (You will also need to add "ExecCGI" to the "Options" directive.)
|
||||
#AddHandler cgi-script .cgi
|
||||
|
||||
# For type maps (negotiated resources):
|
||||
#AddHandler type-map var
|
||||
|
||||
# Filters allow you to process content before it is sent to the client.
|
||||
#
|
||||
# To parse .shtml files for server-side includes (SSI):
|
||||
# (You will also need to add "Includes" to the "Options" directive.)
|
||||
#AddType text/html .shtml
|
||||
#AddOutputFilter INCLUDES .shtml
|
||||
</IfModule>
|
||||
|
||||
<IfModule mime_magic_module>
|
||||
# The mod_mime_magic module allows the server to use various hints from the
|
||||
# contents of the file itself to determine its type. The MIMEMagicFile
|
||||
# directive tells the module where the hint definitions are located.
|
||||
MIMEMagicFile /etc/apache2/magic
|
||||
</IfModule>
|
||||
|
||||
# vim: ts=4 filetype=apache
|
||||
@@ -1,15 +0,0 @@
|
||||
<IfDefine STATUS>
|
||||
# Allow server status reports generated by mod_status,
|
||||
# with the URL of http://servername/server-status
|
||||
<Location /server-status>
|
||||
SetHandler server-status
|
||||
Require local
|
||||
</Location>
|
||||
|
||||
# ExtendedStatus controls whether Apache will generate "full" status
|
||||
# information (ExtendedStatus On) or just basic information (ExtendedStatus
|
||||
# Off) when the "server-status" handler is called.
|
||||
ExtendedStatus On
|
||||
</IfDefine>
|
||||
|
||||
# vim: ts=4 filetype=apache
|
||||
@@ -1,32 +0,0 @@
|
||||
# Settings for user home directories
|
||||
<IfDefine USERDIR>
|
||||
# UserDir: The name of the directory that is appended onto a user's home
|
||||
# directory if a ~user request is received. Note that you must also set
|
||||
# the default access control for these directories, as in the example below.
|
||||
UserDir public_html
|
||||
|
||||
# Control access to UserDir directories. The following is an example
|
||||
# for a site where these directories are restricted to read-only.
|
||||
<Directory /home/*/public_html>
|
||||
AllowOverride FileInfo AuthConfig Limit Indexes
|
||||
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
|
||||
<Limit GET POST OPTIONS>
|
||||
Require all granted
|
||||
</Limit>
|
||||
<LimitExcept GET POST OPTIONS>
|
||||
Require all denied
|
||||
</LimitExcept>
|
||||
</Directory>
|
||||
|
||||
# Suexec isn't really required to run cgi-scripts, but it's a really good
|
||||
# idea if you have multiple users serving websites...
|
||||
<IfDefine SUEXEC>
|
||||
<Directory /home/*/public_html/cgi-bin>
|
||||
Options ExecCGI
|
||||
SetHandler cgi-script
|
||||
</Directory>
|
||||
</IfDefine>
|
||||
|
||||
</IfDefine>
|
||||
|
||||
# vim: ts=4 filetype=apache
|
||||
@@ -1,99 +0,0 @@
|
||||
# Server-Pool Management (MPM specific)
|
||||
|
||||
# PidFile: The file in which the server should record its process
|
||||
# identification number when it starts.
|
||||
#
|
||||
# DO NOT CHANGE UNLESS YOU KNOW WHAT YOU ARE DOING
|
||||
PidFile /run/apache2.pid
|
||||
|
||||
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
|
||||
# Mutex file:/run/apache_mpm_mutex
|
||||
|
||||
# Only one of the below sections will be relevant on your
|
||||
# installed httpd. Use "/usr/sbin/apache2 -l" to find out the
|
||||
# active mpm.
|
||||
|
||||
# common MPM configuration
|
||||
# These configuration directives apply to all MPMs
|
||||
#
|
||||
# StartServers: Number of child server processes created at startup
|
||||
# MaxRequestWorkers: Maximum number of child processes to serve requests
|
||||
# MaxConnectionsPerChild: Limit on the number of connections that an individual
|
||||
# child server will handle during its life
|
||||
|
||||
|
||||
# prefork MPM
|
||||
# This is the default MPM if USE=-threads
|
||||
#
|
||||
# MinSpareServers: Minimum number of idle child server processes
|
||||
# MaxSpareServers: Maximum number of idle child server processes
|
||||
<IfModule mpm_prefork_module>
|
||||
StartServers 5
|
||||
MinSpareServers 5
|
||||
MaxSpareServers 10
|
||||
MaxRequestWorkers 150
|
||||
MaxConnectionsPerChild 10000
|
||||
</IfModule>
|
||||
|
||||
# worker MPM
|
||||
# This is the default MPM if USE=threads
|
||||
#
|
||||
# MinSpareThreads: Minimum number of idle threads available to handle request spikes
|
||||
# MaxSpareThreads: Maximum number of idle threads
|
||||
# ThreadsPerChild: Number of threads created by each child process
|
||||
<IfModule mpm_worker_module>
|
||||
StartServers 2
|
||||
MinSpareThreads 25
|
||||
MaxSpareThreads 75
|
||||
ThreadsPerChild 25
|
||||
MaxRequestWorkers 150
|
||||
MaxConnectionsPerChild 10000
|
||||
</IfModule>
|
||||
|
||||
# event MPM
|
||||
#
|
||||
# MinSpareThreads: Minimum number of idle threads available to handle request spikes
|
||||
# MaxSpareThreads: Maximum number of idle threads
|
||||
# ThreadsPerChild: Number of threads created by each child process
|
||||
<IfModule mpm_event_module>
|
||||
StartServers 2
|
||||
MinSpareThreads 25
|
||||
MaxSpareThreads 75
|
||||
ThreadsPerChild 25
|
||||
MaxRequestWorkers 150
|
||||
MaxConnectionsPerChild 10000
|
||||
</IfModule>
|
||||
|
||||
# peruser MPM
|
||||
#
|
||||
# MinSpareProcessors: Minimum number of idle child server processes
|
||||
# MinProcessors: Minimum number of processors per virtual host
|
||||
# MaxProcessors: Maximum number of processors per virtual host
|
||||
# ExpireTimeout: Maximum idle time before a child is killed, 0 to disable
|
||||
# Multiplexer: Specify a Multiplexer child configuration.
|
||||
# Processor: Specify a user and group for a specific child process
|
||||
<IfModule mpm_peruser_module>
|
||||
MinSpareProcessors 2
|
||||
MinProcessors 2
|
||||
MaxProcessors 10
|
||||
MaxRequestWorkers 150
|
||||
MaxConnectionsPerChild 1000
|
||||
ExpireTimeout 1800
|
||||
|
||||
Multiplexer nobody nobody
|
||||
Processor apache apache
|
||||
</IfModule>
|
||||
|
||||
# itk MPM
|
||||
#
|
||||
# MinSpareServers: Minimum number of idle child server processes
|
||||
# MaxSpareServers: Maximum number of idle child server processes
|
||||
<IfModule mpm_itk_module>
|
||||
StartServers 5
|
||||
MinSpareServers 5
|
||||
MaxSpareServers 10
|
||||
MaxRequestWorkers 150
|
||||
MaxConnectionsPerChild 10000
|
||||
</IfModule>
|
||||
|
||||
# vim: ts=4 filetype=apache
|
||||
@@ -1,67 +0,0 @@
|
||||
# Note: The following must must be present to support
|
||||
# starting without SSL on platforms with no /dev/random equivalent
|
||||
# but a statically compiled-in mod_ssl.
|
||||
<IfModule ssl_module>
|
||||
SSLRandomSeed startup builtin
|
||||
SSLRandomSeed connect builtin
|
||||
</IfModule>
|
||||
|
||||
<IfDefine SSL>
|
||||
# This is the Apache server configuration file providing SSL support.
|
||||
# It contains the configuration directives to instruct the server how to
|
||||
# serve pages over an https connection. For detailing information about these
|
||||
# directives see <URL:http://httpd.apache.org/docs/2.2/mod/mod_ssl.html>
|
||||
|
||||
# Do NOT simply read the instructions in here without understanding
|
||||
# what they do. They're here only as hints or reminders. If you are unsure
|
||||
# consult the online docs. You have been warned.
|
||||
|
||||
## Pseudo Random Number Generator (PRNG):
|
||||
# Configure one or more sources to seed the PRNG of the SSL library.
|
||||
# The seed data should be of good random quality.
|
||||
# WARNING! On some platforms /dev/random blocks if not enough entropy
|
||||
# is available. This means you then cannot use the /dev/random device
|
||||
# because it would lead to very long connection times (as long as
|
||||
# it requires to make more entropy available). But usually those
|
||||
# platforms additionally provide a /dev/urandom device which doesn't
|
||||
# block. So, if available, use this one instead. Read the mod_ssl User
|
||||
# Manual for more details.
|
||||
#SSLRandomSeed startup file:/dev/random 512
|
||||
#SSLRandomSeed startup file:/dev/urandom 512
|
||||
#SSLRandomSeed connect file:/dev/random 512
|
||||
#SSLRandomSeed connect file:/dev/urandom 512
|
||||
|
||||
## SSL Global Context:
|
||||
# All SSL configuration in this context applies both to the main server and
|
||||
# all SSL-enabled virtual hosts.
|
||||
|
||||
# Some MIME-types for downloading Certificates and CRLs
|
||||
<IfModule mime_module>
|
||||
AddType application/x-x509-ca-cert .crt
|
||||
AddType application/x-pkcs7-crl .crl
|
||||
</IfModule>
|
||||
|
||||
## Pass Phrase Dialog:
|
||||
# Configure the pass phrase gathering process. The filtering dialog program
|
||||
# (`builtin' is a internal terminal dialog) has to provide the pass phrase on
|
||||
# stdout.
|
||||
SSLPassPhraseDialog builtin
|
||||
|
||||
## Inter-Process Session Cache:
|
||||
# Configure the SSL Session Cache: First the mechanism to use and second the
|
||||
# expiring timeout (in seconds).
|
||||
#SSLSessionCache dbm:/var/run/ssl_scache
|
||||
SSLSessionCache shmcb:/var/run/ssl_scache(512000)
|
||||
SSLSessionCacheTimeout 300
|
||||
|
||||
## Semaphore:
|
||||
# Configure the path to the mutual exclusion semaphore the SSL engine uses
|
||||
# internally for inter-process synchronization.
|
||||
SSLMutex file:/var/run/ssl_mutex
|
||||
|
||||
## SSL Compression:
|
||||
# Known to be vulnerable thus disabled by default (bug #507324).
|
||||
SSLCompression off
|
||||
</IfDefine>
|
||||
|
||||
# vim: ts=4 filetype=apache
|
||||
@@ -1,18 +0,0 @@
|
||||
# Examples below are taken from the online documentation
|
||||
# Refer to:
|
||||
# http://localhost/manual/mod/mod_ldap.html
|
||||
# http://localhost/manual/mod/mod_auth_ldap.html
|
||||
<IfDefine LDAP>
|
||||
LDAPSharedCacheSize 200000
|
||||
LDAPCacheEntries 1024
|
||||
LDAPCacheTTL 600
|
||||
LDAPOpCacheEntries 1024
|
||||
LDAPOpCacheTTL 600
|
||||
|
||||
<Location /ldap-status>
|
||||
SetHandler ldap-status
|
||||
Require local
|
||||
</Location>
|
||||
</IfDefine>
|
||||
|
||||
# vim: ts=4 filetype=apache
|
||||
@@ -1,18 +0,0 @@
|
||||
<IfDefine PHP5>
|
||||
# Load the module first
|
||||
<IfModule !mod_php5.c>
|
||||
LoadModule php5_module modules/libphp5.so
|
||||
</IfModule>
|
||||
|
||||
# Set it to handle the files
|
||||
# NOTE: Avoiding AddHandler/AddType for security (bug #538822)
|
||||
# NOTE: Please read the related news item!
|
||||
<FilesMatch "\.(php|php5|phtml)$">
|
||||
SetHandler application/x-httpd-php
|
||||
</FilesMatch>
|
||||
<FilesMatch "\.phps$">
|
||||
SetHandler application/x-httpd-php-source
|
||||
</FilesMatch>
|
||||
|
||||
DirectoryIndex index.php index.phtml
|
||||
</IfDefine>
|
||||
@@ -1,85 +0,0 @@
|
||||
<IfModule autoindex_module>
|
||||
<IfDefine !NO_AUTOINDEX_CONF>
|
||||
|
||||
<IfModule alias_module>
|
||||
# We include the /icons/ alias for FancyIndexed directory listings. If
|
||||
# you do not use FancyIndexing, you may comment this out.
|
||||
Alias /icons/ "/usr/share/apache2/icons/"
|
||||
|
||||
<Directory "/usr/share/apache2/icons">
|
||||
Options Indexes MultiViews
|
||||
AllowOverride None
|
||||
Require all granted
|
||||
</Directory>
|
||||
</IfModule>
|
||||
|
||||
# Directives controlling the display of server-generated directory listings.
|
||||
#
|
||||
# To see the listing of a directory, the Options directive for the
|
||||
# directory must include "Indexes", and the directory must not contain
|
||||
# a file matching those listed in the DirectoryIndex directive.
|
||||
|
||||
# IndexOptions: Controls the appearance of server-generated directory
|
||||
# listings.
|
||||
IndexOptions FancyIndexing VersionSort
|
||||
|
||||
# AddIcon* directives tell the server which icon to show for different
|
||||
# files or filename extensions. These are only displayed for
|
||||
# FancyIndexed directories.
|
||||
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
|
||||
|
||||
AddIconByType (TXT,/icons/text.gif) text/*
|
||||
AddIconByType (IMG,/icons/image2.gif) image/*
|
||||
AddIconByType (SND,/icons/sound2.gif) audio/*
|
||||
AddIconByType (VID,/icons/movie.gif) video/*
|
||||
|
||||
AddIcon /icons/binary.gif .bin .exe
|
||||
AddIcon /icons/binhex.gif .hqx
|
||||
AddIcon /icons/tar.gif .tar
|
||||
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
|
||||
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
|
||||
AddIcon /icons/a.gif .ps .ai .eps
|
||||
AddIcon /icons/layout.gif .html .shtml .htm .pdf
|
||||
AddIcon /icons/text.gif .txt
|
||||
AddIcon /icons/c.gif .c
|
||||
AddIcon /icons/p.gif .pl .py
|
||||
AddIcon /icons/f.gif .for
|
||||
AddIcon /icons/dvi.gif .dvi
|
||||
AddIcon /icons/uuencoded.gif .uu
|
||||
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
|
||||
AddIcon /icons/tex.gif .tex
|
||||
AddIcon /icons/bomb.gif core
|
||||
|
||||
AddIcon /icons/back.gif ..
|
||||
AddIcon /icons/hand.right.gif README
|
||||
AddIcon /icons/folder.gif ^^DIRECTORY^^
|
||||
AddIcon /icons/blank.gif ^^BLANKICON^^
|
||||
|
||||
# DefaultIcon is which icon to show for files which do not have an icon
|
||||
# explicitly set.
|
||||
DefaultIcon /icons/unknown.gif
|
||||
|
||||
# AddDescription allows you to place a short description after a file in
|
||||
# server-generated indexes. These are only displayed for FancyIndexed
|
||||
# directories.
|
||||
# Format: AddDescription "description" filename
|
||||
|
||||
#AddDescription "GZIP compressed document" .gz
|
||||
#AddDescription "tar archive" .tar
|
||||
#AddDescription "GZIP compressed tar archive" .tgz
|
||||
|
||||
# ReadmeName is the name of the README file the server will look for by
|
||||
# default, and append to directory listings.
|
||||
|
||||
# HeaderName is the name of a file which should be prepended to
|
||||
# directory indexes.
|
||||
ReadmeName README.html
|
||||
HeaderName HEADER.html
|
||||
|
||||
# IndexIgnore is a set of filenames which directory indexing should ignore
|
||||
# and not include in the listing. Shell-style wildcarding is permitted.
|
||||
IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
|
||||
</IfDefine>
|
||||
</IfModule>
|
||||
|
||||
# vim: ts=4 filetype=apache
|
||||
@@ -1,67 +0,0 @@
|
||||
# Note: The following must must be present to support
|
||||
# starting without SSL on platforms with no /dev/random equivalent
|
||||
# but a statically compiled-in mod_ssl.
|
||||
<IfModule ssl_module>
|
||||
SSLRandomSeed startup builtin
|
||||
SSLRandomSeed connect builtin
|
||||
</IfModule>
|
||||
|
||||
<IfDefine SSL>
|
||||
# This is the Apache server configuration file providing SSL support.
|
||||
# It contains the configuration directives to instruct the server how to
|
||||
# serve pages over an https connection. For detailing information about these
|
||||
# directives see <URL:http://httpd.apache.org/docs/2.4/mod/mod_ssl.html>
|
||||
|
||||
# Do NOT simply read the instructions in here without understanding
|
||||
# what they do. They're here only as hints or reminders. If you are unsure
|
||||
# consult the online docs. You have been warned.
|
||||
|
||||
## Pseudo Random Number Generator (PRNG):
|
||||
# Configure one or more sources to seed the PRNG of the SSL library.
|
||||
# The seed data should be of good random quality.
|
||||
# WARNING! On some platforms /dev/random blocks if not enough entropy
|
||||
# is available. This means you then cannot use the /dev/random device
|
||||
# because it would lead to very long connection times (as long as
|
||||
# it requires to make more entropy available). But usually those
|
||||
# platforms additionally provide a /dev/urandom device which doesn't
|
||||
# block. So, if available, use this one instead. Read the mod_ssl User
|
||||
# Manual for more details.
|
||||
#SSLRandomSeed startup file:/dev/random 512
|
||||
#SSLRandomSeed startup file:/dev/urandom 512
|
||||
#SSLRandomSeed connect file:/dev/random 512
|
||||
#SSLRandomSeed connect file:/dev/urandom 512
|
||||
|
||||
## SSL Global Context:
|
||||
# All SSL configuration in this context applies both to the main server and
|
||||
# all SSL-enabled virtual hosts.
|
||||
|
||||
# Some MIME-types for downloading Certificates and CRLs
|
||||
<IfModule mime_module>
|
||||
AddType application/x-x509-ca-cert .crt
|
||||
AddType application/x-pkcs7-crl .crl
|
||||
</IfModule>
|
||||
|
||||
## Pass Phrase Dialog:
|
||||
# Configure the pass phrase gathering process. The filtering dialog program
|
||||
# (`builtin' is a internal terminal dialog) has to provide the pass phrase on
|
||||
# stdout.
|
||||
SSLPassPhraseDialog builtin
|
||||
|
||||
## Inter-Process Session Cache:
|
||||
# Configure the SSL Session Cache: First the mechanism to use and second the
|
||||
# expiring timeout (in seconds).
|
||||
#SSLSessionCache dbm:/run/ssl_scache
|
||||
SSLSessionCache shmcb:/run/ssl_scache(512000)
|
||||
SSLSessionCacheTimeout 300
|
||||
|
||||
## Semaphore:
|
||||
# Configure the path to the mutual exclusion semaphore the SSL engine uses
|
||||
# internally for inter-process synchronization.
|
||||
Mutex file:/run/apache_ssl_mutex ssl-cache
|
||||
|
||||
## SSL Compression:
|
||||
# Known to be vulnerable thus disabled by default (bug #507324).
|
||||
SSLCompression off
|
||||
</IfDefine>
|
||||
|
||||
# vim: ts=4 filetype=apache
|
||||
@@ -69,13 +69,13 @@ HostnameLookups Off
|
||||
# filesystems or if support for these functions is otherwise
|
||||
# broken on your system.
|
||||
EnableMMAP On
|
||||
EnableSendfile On
|
||||
EnableSendfile Off
|
||||
|
||||
# FileEtag: Configures the file attributes that are used to create
|
||||
# FileETag: Configures the file attributes that are used to create
|
||||
# the ETag (entity tag) response header field when the document is
|
||||
# based on a static file. (The ETag value is used in cache management
|
||||
# to save network bandwidth.)
|
||||
FileEtag INode MTime Size
|
||||
FileETag MTime Size
|
||||
|
||||
# ContentDigest: This directive enables the generation of Content-MD5
|
||||
# headers as defined in RFC1864 respectively RFC2616.
|
||||
@@ -107,8 +107,7 @@ LogLevel warn
|
||||
<Directory />
|
||||
Options FollowSymLinks
|
||||
AllowOverride None
|
||||
Order deny,allow
|
||||
Deny from all
|
||||
Require all denied
|
||||
</Directory>
|
||||
|
||||
# DirectoryIndex: sets the file that Apache will serve if a directory
|
||||
@@ -126,8 +125,7 @@ LogLevel warn
|
||||
# The following lines prevent .htaccess and .htpasswd files from being
|
||||
# viewed by Web clients.
|
||||
<FilesMatch "^\.ht">
|
||||
Order allow,deny
|
||||
Deny from all
|
||||
Require all denied
|
||||
</FilesMatch>
|
||||
|
||||
# vim: ts=4 filetype=apache
|
||||
|
||||
@@ -30,8 +30,7 @@ Alias /error/ "/usr/share/apache2/error/"
|
||||
Options IncludesNoExec
|
||||
AddOutputFilter Includes html
|
||||
AddHandler type-map var
|
||||
Order allow,deny
|
||||
Allow from all
|
||||
Require all granted
|
||||
LanguagePriority en cs de es fr it ja ko nl pl pt-br ro sv tr
|
||||
ForceLanguagePriority Prefer Fallback
|
||||
</Directory>
|
||||
|
||||
@@ -1,4 +1,6 @@
|
||||
<IfModule autoindex_module>
|
||||
<IfDefine !NO_AUTOINDEX_CONF>
|
||||
|
||||
<IfModule alias_module>
|
||||
# We include the /icons/ alias for FancyIndexed directory listings. If
|
||||
# you do not use FancyIndexing, you may comment this out.
|
||||
@@ -7,8 +9,7 @@ Alias /icons/ "/usr/share/apache2/icons/"
|
||||
<Directory "/usr/share/apache2/icons">
|
||||
Options Indexes MultiViews
|
||||
AllowOverride None
|
||||
Order allow,deny
|
||||
Allow from all
|
||||
Require all granted
|
||||
</Directory>
|
||||
</IfModule>
|
||||
|
||||
@@ -78,6 +79,7 @@ HeaderName HEADER.html
|
||||
# IndexIgnore is a set of filenames which directory indexing should ignore
|
||||
# and not include in the listing. Shell-style wildcarding is permitted.
|
||||
IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
|
||||
</IfDefine>
|
||||
</IfModule>
|
||||
|
||||
# vim: ts=4 filetype=apache
|
||||
|
||||
@@ -3,9 +3,7 @@
|
||||
# http://servername/server-info
|
||||
<Location /server-info>
|
||||
SetHandler server-info
|
||||
Order deny,allow
|
||||
Deny from all
|
||||
Allow from 127.0.0.1
|
||||
Require local
|
||||
</Location>
|
||||
</IfDefine>
|
||||
|
||||
|
||||
@@ -1,12 +1,3 @@
|
||||
# DefaultType: the default MIME type the server will use for a document
|
||||
# if it cannot otherwise determine one, such as from filename extensions.
|
||||
# If your server contains mostly text or HTML documents, "text/plain" is
|
||||
# a good value. If most of your content is binary, such as applications
|
||||
# or images, you may want to use "application/octet-stream" instead to
|
||||
# keep browsers from trying to display binary files as though they are
|
||||
# text.
|
||||
DefaultType text/plain
|
||||
|
||||
<IfModule mime_module>
|
||||
# TypesConfig points to the file containing the list of mappings from
|
||||
# filename extension to MIME-type.
|
||||
|
||||
@@ -3,9 +3,7 @@
|
||||
# with the URL of http://servername/server-status
|
||||
<Location /server-status>
|
||||
SetHandler server-status
|
||||
Order deny,allow
|
||||
Deny from all
|
||||
Allow from 127.0.0.1
|
||||
Require local
|
||||
</Location>
|
||||
|
||||
# ExtendedStatus controls whether Apache will generate "full" status
|
||||
|
||||
@@ -11,12 +11,10 @@ UserDir public_html
|
||||
AllowOverride FileInfo AuthConfig Limit Indexes
|
||||
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
|
||||
<Limit GET POST OPTIONS>
|
||||
Order allow,deny
|
||||
Allow from all
|
||||
Require all granted
|
||||
</Limit>
|
||||
<LimitExcept GET POST OPTIONS>
|
||||
Order deny,allow
|
||||
Deny from all
|
||||
Require all denied
|
||||
</LimitExcept>
|
||||
</Directory>
|
||||
|
||||
|
||||
@@ -4,10 +4,10 @@
|
||||
# identification number when it starts.
|
||||
#
|
||||
# DO NOT CHANGE UNLESS YOU KNOW WHAT YOU ARE DOING
|
||||
PidFile /var/run/apache2.pid
|
||||
PidFile /run/apache2.pid
|
||||
|
||||
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
|
||||
#LockFile /var/run/apache2.lock
|
||||
# Mutex file:/run/apache_mpm_mutex
|
||||
|
||||
# Only one of the below sections will be relevant on your
|
||||
# installed httpd. Use "/usr/sbin/apache2 -l" to find out the
|
||||
@@ -17,9 +17,9 @@ PidFile /var/run/apache2.pid
|
||||
# These configuration directives apply to all MPMs
|
||||
#
|
||||
# StartServers: Number of child server processes created at startup
|
||||
# MaxClients: Maximum number of child processes to serve requests
|
||||
# MaxRequestsPerChild: Limit on the number of requests that an individual child
|
||||
# server will handle during its life
|
||||
# MaxRequestWorkers: Maximum number of child processes to serve requests
|
||||
# MaxConnectionsPerChild: Limit on the number of connections that an individual
|
||||
# child server will handle during its life
|
||||
|
||||
|
||||
# prefork MPM
|
||||
@@ -31,8 +31,8 @@ PidFile /var/run/apache2.pid
|
||||
StartServers 5
|
||||
MinSpareServers 5
|
||||
MaxSpareServers 10
|
||||
MaxClients 150
|
||||
MaxRequestsPerChild 10000
|
||||
MaxRequestWorkers 150
|
||||
MaxConnectionsPerChild 10000
|
||||
</IfModule>
|
||||
|
||||
# worker MPM
|
||||
@@ -46,8 +46,8 @@ PidFile /var/run/apache2.pid
|
||||
MinSpareThreads 25
|
||||
MaxSpareThreads 75
|
||||
ThreadsPerChild 25
|
||||
MaxClients 150
|
||||
MaxRequestsPerChild 10000
|
||||
MaxRequestWorkers 150
|
||||
MaxConnectionsPerChild 10000
|
||||
</IfModule>
|
||||
|
||||
# event MPM
|
||||
@@ -60,8 +60,8 @@ PidFile /var/run/apache2.pid
|
||||
MinSpareThreads 25
|
||||
MaxSpareThreads 75
|
||||
ThreadsPerChild 25
|
||||
MaxClients 150
|
||||
MaxRequestsPerChild 10000
|
||||
MaxRequestWorkers 150
|
||||
MaxConnectionsPerChild 10000
|
||||
</IfModule>
|
||||
|
||||
# peruser MPM
|
||||
@@ -76,8 +76,8 @@ PidFile /var/run/apache2.pid
|
||||
MinSpareProcessors 2
|
||||
MinProcessors 2
|
||||
MaxProcessors 10
|
||||
MaxClients 150
|
||||
MaxRequestsPerChild 1000
|
||||
MaxRequestWorkers 150
|
||||
MaxConnectionsPerChild 1000
|
||||
ExpireTimeout 1800
|
||||
|
||||
Multiplexer nobody nobody
|
||||
@@ -92,8 +92,8 @@ PidFile /var/run/apache2.pid
|
||||
StartServers 5
|
||||
MinSpareServers 5
|
||||
MaxSpareServers 10
|
||||
MaxClients 150
|
||||
MaxRequestsPerChild 10000
|
||||
MaxRequestWorkers 150
|
||||
MaxConnectionsPerChild 10000
|
||||
</IfModule>
|
||||
|
||||
# vim: ts=4 filetype=apache
|
||||
|
||||
@@ -10,7 +10,7 @@ SSLRandomSeed connect builtin
|
||||
# This is the Apache server configuration file providing SSL support.
|
||||
# It contains the configuration directives to instruct the server how to
|
||||
# serve pages over an https connection. For detailing information about these
|
||||
# directives see <URL:http://httpd.apache.org/docs/2.2/mod/mod_ssl.html>
|
||||
# directives see <URL:http://httpd.apache.org/docs/2.4/mod/mod_ssl.html>
|
||||
|
||||
# Do NOT simply read the instructions in here without understanding
|
||||
# what they do. They're here only as hints or reminders. If you are unsure
|
||||
@@ -50,14 +50,18 @@ SSLPassPhraseDialog builtin
|
||||
## Inter-Process Session Cache:
|
||||
# Configure the SSL Session Cache: First the mechanism to use and second the
|
||||
# expiring timeout (in seconds).
|
||||
#SSLSessionCache dbm:/var/run/ssl_scache
|
||||
SSLSessionCache shmcb:/var/run/ssl_scache(512000)
|
||||
#SSLSessionCache dbm:/run/ssl_scache
|
||||
SSLSessionCache shmcb:/run/ssl_scache(512000)
|
||||
SSLSessionCacheTimeout 300
|
||||
|
||||
## Semaphore:
|
||||
# Configure the path to the mutual exclusion semaphore the SSL engine uses
|
||||
# internally for inter-process synchronization.
|
||||
SSLMutex file:/var/run/ssl_mutex
|
||||
Mutex file:/run/apache_ssl_mutex ssl-cache
|
||||
|
||||
## SSL Compression:
|
||||
# Known to be vulnerable thus disabled by default (bug #507324).
|
||||
SSLCompression off
|
||||
</IfDefine>
|
||||
|
||||
# vim: ts=4 filetype=apache
|
||||
|
||||
@@ -11,9 +11,7 @@ LDAPOpCacheTTL 600
|
||||
|
||||
<Location /ldap-status>
|
||||
SetHandler ldap-status
|
||||
Order deny,allow
|
||||
Deny from all
|
||||
Allow from 127.0.0.1
|
||||
Require local
|
||||
</Location>
|
||||
</IfDefine>
|
||||
|
||||
|
||||
@@ -5,10 +5,14 @@
|
||||
</IfModule>
|
||||
|
||||
# Set it to handle the files
|
||||
<IfModule mod_mime.c>
|
||||
AddHandler application/x-httpd-php .php .php5 .phtml
|
||||
AddHandler application/x-httpd-php-source .phps
|
||||
</IfModule>
|
||||
# NOTE: Avoiding AddHandler/AddType for security (bug #538822)
|
||||
# NOTE: Please read the related news item!
|
||||
<FilesMatch "\.(php|php5|phtml)$">
|
||||
SetHandler application/x-httpd-php
|
||||
</FilesMatch>
|
||||
<FilesMatch "\.phps$">
|
||||
SetHandler application/x-httpd-php-source
|
||||
</FilesMatch>
|
||||
|
||||
DirectoryIndex index.php index.phtml
|
||||
</IfDefine>
|
||||
|
||||
Reference in New Issue
Block a user