LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Server (https://www.linuxquestions.org/questions/linux-server-73/)
-   -   Am I being redundant in my Apache config (https://www.linuxquestions.org/questions/linux-server-73/am-i-being-redundant-in-my-apache-config-673366/)

richinsc 09-30-2008 02:27 PM
Am I being redundant in my Apache config
 
I have several name-based virtual hosts on my system and I am beginning to wonder if I am being to redundant in my configuration and give myself more work then I really need. But I am also asking this from a security perspective. In each of my virtual hosts I have put the following.

Code:
<VirtualHost *:80>
        ServerAdmin email@server.com
        ServerAlias server.domain.com
        DocumentRoot /path/to/site/
        <Directory />
                Options FollowSymLinks
                AllowOverride None
        </Directory>
        <Directory /path/to/site>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order deny,allow
                deny from all
                allow from xxx.xxx.xxx.xxx/XX # Only if needed for sites with local access only.
        </Directory>

        ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
        <Directory "/usr/lib/cgi-bin">
                AllowOverride None
                Options ExecCGI -MultiViews +SymLinksIfOwnerMatch
                Order allow,deny
                Allow from all
        </Directory>

        ErrorLog /var/log/apache2/error.log

        # Possible values include: debug, info, notice, warn, error, crit,
        # alert, emerg.
        LogLevel warn

        CustomLog /var/log/apache2/access.log combined
        ServerSignature On

    Alias /doc/ "/usr/share/doc/"
    <Directory "/usr/share/doc/">
        Options Indexes MultiViews FollowSymLinks
        AllowOverride None
        Order deny,allow
        Deny from all
        Allow from 127.0.0.0/255.0.0.0 ::1/128
    </Directory>

</VirtualHost>
I don't think I need all of that but for logging, having logs for each site is useful, but I haven't got around to configuring it like I want, it's on my to do list this weekend.

From what i can tell I don't really need the Alias /doc/ for each virtual host but do I neeed the ScriptAlias portion and other sections or would it just be best to put the following only for each of my virtual hosts. Thus saving myself less work.

Code:
<VirtualHost *:80>
        ServerAdmin email@server.com
        ServerAlias server.domain.com
        DocumentRoot /path/to/site/
        <Directory /path/to/site>
                Options Indexes FollowSymLinks MultiViews
                AllowOverride None
                Order deny,allow
                deny from all
                allow from xxx.xxx.xxx.xxx/XX # Only if needed for sites with local access only.
        </Directory>
</VirtualHost>
Suggestions for the best possible VirtualHost configuration are welecome. :) :D


All times are GMT -5. The time now is 04:49 PM.