### Common server configuration
#
User apache
Group apache
#
# ServerAdmin: Your address, where problems with the server should be
# e-mailed. This address appears on some server-generated pages, such
# as error documents.
#
ServerAdmin
c4v3m4n@imapmail.org
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
# DO NOT MODIFY THIS ONE, USE httpd.conf and httpd-perl.conf
#DocumentRoot /var/www/html
#
# Each directory to which Apache has access, can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
#
# First, we configure the "default" to be a very restrictive set of
# permissions.
#
# Also, for security, we disable indexes globally
#
#<Directory />
# Options -Indexes FollowSymLinks
# AllowOverride None
#</Directory>
#Restricted set of options
<Directory />
Options -All -Multiviews
AllowOverride None
<IfModule mod_access.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
#
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
#
#
# UserDir: The name of the directory which is appended onto a user's home
# directory if a ~user request is received.
#
<IfModule mod_userdir.c>
UserDir public_html
UserDir enabled caveman carly
UserDir disabled root
</IfModule>
#
# DirectoryIndex: Name of the file or files to use as a pre-written HTML
# directory index. Separate multiple entries with spaces.
#
<IfModule mod_dir.c>
DirectoryIndex index.html index.html.var index.php index.php3 index.shtml index.cgi index.pl index.htm Default.htm default.htm index.xml
</IfModule>
#
# AccessFileName: The name of the file to look for in each directory
# for access control information.
#
AccessFileName .htaccess
#
# The following lines prevent .htaccess files from being viewed by
# Web clients. Since .htaccess files often contain authorization
# information, access is disallowed for security reasons. Comment
# these lines out if you want Web visitors to see the contents of
# .htaccess files. If you change the AccessFileName directive above,
# be sure to make the corresponding changes here.
#
# Also, folks tend to use names such as .htpasswd for password
# files, so this will protect those as well.
#
<IfModule mod_access.c>
<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>
</IfModule>
#
# CacheNegotiatedDocs: By default, Apache sends "Pragma: no-cache" with each
# document that was negotiated on the basis of content. This asks proxy
# servers not to cache the document. Uncommenting the following line disables
# this behavior, and proxies will be allowed to cache the documents.
#
#CacheNegotiatedDocs
#
# UseCanonicalName: (new for 1.3) With this setting turned on, whenever
# Apache needs to construct a self-referencing URL (a URL that refers back
# to the server the response is coming from) it will use ServerName and
# Port to form a "canonical" name. With this setting off, Apache will
# use the hostname
ort that the client supplied, when possible. This
# also affects SERVER_NAME and SERVER_PORT in CGI scripts.
#
UseCanonicalName On
#
# TypesConfig describes where the mime.types file (or equivalent) is
# to be found.
#
<IfModule mod_mime.c>
TypesConfig conf/apache-mime.types
</IfModule>
#
# DefaultType is the default MIME type the server will use for a document
# if it cannot otherwise determine one, such as from filename extensions.
# If your server contains mostly text or HTML documents, "text/plain" is
# a good value. If most of your content is binary, such as applications
# or images, you may want to use "application/octet-stream" instead to
# keep browsers from trying to display binary files as though they are
# text.
#
DefaultType text/plain
#
# The mod_mime_magic module allows the server to use various hints from the
# contents of the file itself to determine its type. The MIMEMagicFile
# directive tells the module where the hint definitions are located.
# mod_mime_magic is not part of the default server (you have to add
# it yourself with a LoadModule [see the DSO paragraph in the 'Global
# Environment' section], or recompile the server and include mod_mime_magic
# as part of the configuration), so it's enclosed in an <IfModule> container.
# This means that the MIMEMagicFile directive will only be processed if the
# module is part of the server.
#
<IfModule mod_mime_magic.c>
MIMEMagicFile conf/magic
</IfModule>
#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g.,
www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off
# EnableMMAP: Control whether memory-mapping is used to deliver
# files (assuming that the underlying OS supports it).
# The default is on; turn this off if you serve from NFS-mounted
# filesystems. On some systems, turning it off (regardless of
# filesystem) can improve performance; for details, please see
#
http://httpd.apache.org/docs-2.0/mod...tml#enablemmap
#
# EnableMMAP off
#
# EnableSendfile: Control whether the sendfile kernel support is
# used to deliver files (assuming that the OS supports it).
# The default is on; turn this off if you serve from NFS-mounted
# filesystems. Please see
#
http://httpd.apache.org/docs-2.0/mod...enablesendfile
#
#EnableSendfile off
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
#
<IfModule mod_log_config.c>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
LogFormat "%v %h %l %u %t \"%r\" %>s %b %T" script
LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" VLOG=%{VLOG}e" vhost
<IfModule mod_logio.c>
# You need to enable mod_logio.c to use %I and %O
#LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
#
# The location and format of the access logfile (Common Logfile Format).
#CustomLog logs/access_log common
#
# If you would like to have agent and referer logfiles, uncomment the
# following directives.
#
#CustomLog logs/referer_log referer
#CustomLog logs/agent_log agent
#
# If you prefer a single logfile with access, agent, and referer information
# (Combined Logfile Format) you can use the following directive.
#
#CustomLog logs/access_log combined
</IfModule>
#
# ServerTokens
# This directive configures what you return as the Server HTTP response
# Header. The default is 'Full' which sends information about the OS-Type
# and compiled in modules.
# Set to one of: Full | OS | Minor | Minimal | Major | Prod
# where Full conveys the most information, and Prod the least.
#
ServerTokens Full
#
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (error documents, FTP directory listings,
# mod_status and mod_info output etc., but not CGI generated documents).
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
# Set to one of: On | Off | EMail
#
ServerSignature On
#
# Aliases: Add here as many aliases as you need (with no limit). The format is
# Alias fakename realname
#
<IfModule mod_alias.c>
#
# Note that if you include a trailing / on fakename then the server will
# require it to be present in the URL. So "/icons" isn't aliased in this
# example, only "/icons/"..
#
Alias /icons/ /var/www/icons/
Alias /doc /usr/share/doc
#
# ScriptAlias: This controls which directories contain server scripts.
# ScriptAliases are essentially the same as Aliases, except that
# documents in the realname directory are treated as applications and
# run by the server when requested rather than as documents sent to the client.
# The same rules about trailing "/" apply to ScriptAlias directives as to
# Alias.
#
ScriptAlias /cgi-bin/ /var/www/cgi-bin/
ScriptAlias /protected-cgi-bin/ /var/www/protected-cgi-bin/
<IfModule mod_perl.c>
#Provide two aliases to the same cgi-bin directory,
#to see the effects of the 2 different mod_perl modes
#for Apache::Registry Mode
Alias /perl/ /var/www/perl/
#for Apache::Perlrun Mode
Alias /cgi-perl/ /var/www/perl/
</IfModule>
</IfModule>
# End of aliases.
#
# Redirect allows you to tell clients about documents which used to exist in
# your server's namespace, but do not anymore. This allows you to tell the
# clients where to look for the relocated document.
# Format: Redirect old-URI new-URL
#
#
# Directives controlling the display of server-generated directory listings.
.... - this section deleted for posting this message
# End of document types.
#
# Action lets you define media types that will execute a script whenever
# a matching file is called. This eliminates the need for repeated URL
# pathnames for oft-used CGI file processors.
# Format: Action media/type /cgi-script/location
# Format: Action handler-name /cgi-script/location
#
#
# Putting this all together, we can internationalize error responses.
#
# We use Alias to redirect any /error/HTTP_<error>.html.var response to
# our collection of by-error message multi-language collections. We use
# includes to substitute the appropriate text.
#
# You can modify the messages' appearance without changing any of the
# default HTTP_<error>.html.var files by adding the line:
#
# Alias /error/include/ "/your/include/path/"
#
# which allows you to create your own set of files by starting with the
# /include/ files and copying them to /your/include/path/,
# even on a per-VirtualHost basis. The default include files will display
# your Apache version number and your ServerAdmin email address regardless
# of the setting of ServerSignature.
#
# The internationalized error documents require mod_alias, mod_include
# and mod_negotiation. To activate them, uncomment the following 30 lines.
# Alias /error/ "/var/www/error"
#
# <Directory "/var/www/error">
# AllowOverride None
# Options IncludesNoExec
# AddOutputFilter Includes html
# AddHandler type-map var
# Order allow,deny
# Allow from all
# LanguagePriority en es de fr sv
# ForceLanguagePriority Prefer Fallback
# </Directory>
#
# ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
# ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
# ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
# ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
# ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
# ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
# ErrorDocument 410 /error/HTTP_GONE.html.var
# ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
# ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
# ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
# ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
# ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
# ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
# ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
# ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
# ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
# ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
# Customizable error responses come in three flavors:
#
# 1) plain text
#ErrorDocument 500 "The server made a boo boo."
#
# 2) local redirects
#ErrorDocument 404 /missing.html
# to redirect to local URL /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
# N.B.: You can redirect to a script or a document using server-side-includes.
#
# 3) external redirects
#ErrorDocument 402
http://www.example.com/subscription_info.html
# N.B.: Many of the environment variables associated with the original
# request will *not* be available to such a script.
## This should be changed to the ServerRoot/manual/. The alias provides
## the manual, even if you choose to move your DocumentRoot. You may comment
## this out if you do not care for the documentation.
##
#AliasMatch ^/manual(?:/(?:de|en|fr|ja|ko|ru))?(/.*)?$ "/var/www/manual$1"
#
#<Directory "/var/www/manual">
# Options Indexes
# AllowOverride None
# Order allow,deny
# Allow from all
#
# <Files *.html>
# SetHandler type-map
# </Files>
#
# SetEnvIf Request_URI ^/manual/de/ prefer-language=de
# SetEnvIf Request_URI ^/manual/en/ prefer-language=en
# SetEnvIf Request_URI ^/manual/fr/ prefer-language=fr
# SetEnvIf Request_URI ^/manual/ja/ prefer-language=ja
# SetEnvIf Request_URI ^/manual/ko/ prefer-language=ko
# SetEnvIf Request_URI ^/manual/ru/ prefer-language=ru
# RedirectMatch 301 ^/manual(?:/(de|en|fr|ja|ko|ru)){2,}(/.*)?$ /manual/$1$2
#</Directory>
#
# ScriptAlias: This controls which directories contain server scripts.
<Location /manual>
Options Multiviews
ErrorDocument 404 "The document you requested has not been installed on your system. Please install either apache-manual or apache2-manual RPMs.
</Location>
<Location /manual-2.0>
Options Multiviews
ErrorDocument 404 "The document you requested has not been installed on your system. Please install the apache2-manual package.
</Location>
<Location /manual-1.3>
Options Multiviews
ErrorDocument 404 "The document you requested has not been installed on your system. Please install the apache-manual package.
</Location>
#
# Customize behaviour based on the browser
#
<IfModule mod_setenvif.c>
#
# The following directives modify normal HTTP response behavior to
# handle known problems with browser implementations.
#
BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0
#
# The following directive disables redirects on non-GET requests for
# a directory that does not include the trailing slash. This fixes a
# problem with Microsoft WebFolders which does not appropriately handle
# redirects for folders with DAV methods.
#
BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carfully
BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^gnome-vfs" redirect-carefully
</IfModule>
# End of browser customization directives
#
# Allow server status reports, with the URL of
http://servername/server-status
# Change the ".your_domain.com" to match your domain to enable.
#
<IfModule mod_status.c>
<Location /server-status>
SetHandler server-status
<IfModule mod_access.c>
Order deny,allow
Deny from all
allow from 127.0.0.1
#Allow from .your_domain.com
</IfModule>
</Location>
#
# ExtendedStatus controls whether Apache will generate "full" status
# information (ExtendedStatus On) or just basic information (ExtendedStatus
# Off) when the "server-status" handler is called. The default is Off.
#
#ExtendedStatus On
</IfModule>
#
# Allow remote server configuration reports, with the URL of
#
http://servername/server-info (requires that mod_info.c be loaded).
# Change the ".your_domain.com" to match your domain to enable.
#
<IfModule mod_info.c>
<Location /server-info>
SetHandler server-info
<IfModule mod_access.c>
Order deny,allow
Deny from all
allow from 127.0.0.1
# Allow from .your_domain.com
</IfModule>
</Location>
</IfModule>
<IfModule mod_perl.c>
<Location /perl-status>
SetHandler perl-script
<IfDefine !APACHE2>
PerlHandler Apache::Status
</IfDefine>
<IfDefine APACHE2>
PerlResponseHandler Apache::Status
</IfDefine>
<IfModule mod_access.c>
Order deny,allow
Deny from all
Allow from 127.0.0.1
</IfModule>
</Location>
</IfModule>
#
# There have been reports of people trying to abuse an old bug from pre-1.1
# days. This bug involved a CGI script distributed as a part of Apache.
# By uncommenting these lines you can redirect these attacks to a logging
# script on phf.apache.org. Or, you can record them yourself, using the script
# support/phf_abuse_log.cgi.
#
#<Location /cgi-bin/phf*>
# Deny from all
# ErrorDocument 403
http://phf.apache.org/phf_abuse_log.cgi
#</Location>
<IfModule mod_include.c>
# XBitHack on
</IfModule>
#
# This should be changed to whatever you set DocumentRoot to.
#
<Directory /var/www/html>
#
# This may also be "None", "All", or any combination of "Indexes",
# "Includes", "FollowSymLinks", "SymLinksifOwnerMatch", "ExecCGI", or "MultiViews".
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
Options -Indexes MultiViews
#
# This controls which options the .htaccess files in directories can
# override. Can also be "All", or any combination of "Options", "FileInfo",
# "AuthConfig", and "Limit"
#
AllowOverride All
#
# Controls who can get stuff from this server.
#
<IfModule mod_access.c>
order deny,allow
allow from all
</IfModule>
</Directory>
<Directory /var/www/perl>
AllowOverride All
Options -Indexes FollowSymLinks MultiViews ExecCGI
<IfModule mod_access.c>
Order allow,deny
Allow from all
</IfModule>
</Directory>
<IfModule mod_cgid.c>
#
# Additional to mod_cgid.c settings, mod_cgid has Scriptsock <path>
# for setting UNIX socket for communicating with cgid.
#
#Scriptsock /cgisock
</IfModule>
<Directory /var/www/cgi-bin>
AllowOverride All
Options ExecCGI
<IfModule mod_access.c>
Order allow,deny
Allow from all
</IfModule>
</Directory>
<Directory /var/www/protected-cgi-bin>
AllowOverride All
Options ExecCGI
<IfModule mod_access.c>
Order deny,allow
Deny from all
Allow from 127.0.0.1
#allow from .your_domain.com
</IfModule>
</Directory>
#
# Control access to UserDir directories. The following is an example
# for a site where these directories are restricted to read-only.
#
#<Directory /home/*/public_html>
# AllowOverride FileInfo AuthConfig Limit
# Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
# <Limit GET POST OPTIONS PROPFIND>
# Order allow,deny
# Allow from all
# </Limit>
# <LimitExcept GET POST OPTIONS PROPFIND>
# Order deny,allow
# Deny from all
# </LimitExcept>
#</Directory>
# These settings are pretty flexible, and allow for Frontpage and XSSI
<Directory /home/*/public_html>
AllowOverride None
Options MultiViews -Indexes Includes FollowSymLinks
<IfModule mod_access.c>
order allow,deny
allow from all
</IfModule>
</Directory>
<Directory /home/*/public_html/cgi-bin>
Options +ExecCGI -Includes -Indexes
SetHandler cgi-script
<IfModule mod_access.c>
Order allow,deny
Allow from all
</IfModule>
</Directory>
<IfModule mod_perl.c>
<Directory /home/*/public_html/perl>
SetHandler perl-script
<IfDefine !APACHE2>
PerlHandler Apache::PerlRun
</IfDefine>
<IfDefine APACHE2>
PerlResponseHandler ModPerl::PerlRun
</IfDefine>
Options -Indexes ExecCGI
PerlSendHeader On
<IfModule mod_access.c>
Order allow,deny
Allow from all
</IfModule>
</Directory>
</IfModule>
<Directory /var/www/icons>
Options -Indexes MultiViews
AllowOverride None
<IfModule mod_access.c>
Order allow,deny
Allow from all
</IfModule>
</Directory>
<Directory /usr/share/doc>
Options Indexes FollowSymLinks
<IfModule mod_access.c>
Order deny,allow
Deny from all
Allow from 127.0.0.1
#allow from .your_domain.com
</IfModule>
</Directory>
<Directory /var/www/html/addon-modules>
Options Indexes FollowSymLinks
</Directory>
<Location /index.shtml>
Options +Includes
</Location>
<IfModule mod_perl.c>
<IfDefine !APACHE2>
PerlModule Apache::Registry
</IfDefine>
#set Apache::Registry Mode for /perl Alias
<Location /perl/*.pl>
SetHandler perl-script
<IfDefine !APACHE2>
PerlHandler Apache::Registry
</IfDefine>
<IfDefine APACHE2>
PerlResponseHandler ModPerl::Registry
</IfDefine>
Options -Indexes ExecCGI
PerlSendHeader On
</Location>
#set Apache::PerlRun Mode for /cgi-perl Alias
<Location /cgi-perl/*.pl>
SetHandler perl-script
<IfDefine !APACHE2>
PerlHandler Apache::PerlRun
</IfDefine>
<IfDefine APACHE2>
PerlResponseHandler ModPerl::PerlRun
</IfDefine>
Options -Indexes ExecCGI
PerlSendHeader On
</Location>
</IfModule>