source: branches/fc19-dev/server/fedora/config/etc/httpd/conf/httpd.conf @ 2527

Last change on this file since 2527 was 2527, checked in by achernya, 10 years ago
Uncommitted httpd changes to get Apache 2.4 to start on c-w
File size: 13.7 KB
RevLine 
[39]1ServerRoot /etc/httpd
2PidFile run/httpd.pid
[1164]3Timeout 300
[231]4KeepAlive On
[39]5MaxKeepAliveRequests 1000
[734]6KeepAliveTimeout 15
[39]7
[2527]8LoadModule mpm_worker_module modules/mod_mpm_worker.so
9
[708]10<IfModule mpm_prefork_module>
11    MinSpareServers 5
[759]12    MaxSpareServers 50
[708]13    StartServers 8
[759]14    ServerLimit 512
15    MaxClients 512
[831]16    MaxRequestsPerChild 10000
[708]17</IfModule>
18
19<IfModule mpm_worker_module>
20    StartServers 3
21    MinSpareThreads 75
22    MaxSpareThreads 250
[972]23    ServerLimit 64
[759]24    ThreadsPerChild 32
25    MaxClients 1024
[831]26    MaxRequestsPerChild 10000
[708]27</IfModule>
28
[972]29<IfModule mpm_event_module>
30    StartServers 3
31    MinSpareThreads 75
32    MaxSpareThreads 250
33    ServerLimit 64
34    ThreadsPerChild 32
35    MaxClients 2048
36    MaxRequestsPerChild 10000
37</IfModule>
38
[2527]39# This file configures systemd module:
40LoadModule systemd_module modules/mod_systemd.so
41
[39]42LoadModule auth_basic_module modules/mod_auth_basic.so
43LoadModule auth_digest_module modules/mod_auth_digest.so
[2527]44LoadModule authn_core_module modules/mod_authn_core.so
[39]45LoadModule authn_file_module modules/mod_authn_file.so
46LoadModule authn_anon_module modules/mod_authn_anon.so
47#LoadModule authn_dbm_module modules/mod_authn_dbm.so
[2527]48LoadModule authz_core_module modules/mod_authz_core.so
[39]49LoadModule authz_host_module modules/mod_authz_host.so
50LoadModule authz_user_module modules/mod_authz_user.so
51LoadModule authz_owner_module modules/mod_authz_owner.so
52LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
53#LoadModule authz_dbm_module modules/mod_authz_dbm.so
[478]54LoadModule ldap_module modules/mod_ldap.so
[39]55#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
56LoadModule include_module modules/mod_include.so
57LoadModule log_config_module modules/mod_log_config.so
58#LoadModule logio_module modules/mod_logio.so
59LoadModule env_module modules/mod_env.so
60LoadModule ext_filter_module modules/mod_ext_filter.so
61#LoadModule mime_magic_module modules/mod_mime_magic.so
[635]62LoadModule expires_module modules/mod_expires.so
[1454]63LoadModule deflate_module modules/mod_deflate.so
[365]64LoadModule headers_module modules/mod_headers.so
[39]65#LoadModule usertrack_module modules/mod_usertrack.so
66LoadModule setenvif_module modules/mod_setenvif.so
67LoadModule mime_module modules/mod_mime.so
68#LoadModule dav_module modules/mod_dav.so
[972]69LoadModule status_module modules/mod_status.so
[39]70LoadModule autoindex_module modules/mod_autoindex.so
71#LoadModule info_module modules/mod_info.so
72#LoadModule dav_fs_module modules/mod_dav_fs.so
73#LoadModule vhost_alias_module modules/mod_vhost_alias.so
[520]74LoadModule negotiation_module modules/mod_negotiation.so
[39]75LoadModule dir_module modules/mod_dir.so
76LoadModule actions_module modules/mod_actions.so
77#LoadModule speling_module modules/mod_speling.so
78LoadModule userdir_module modules/mod_userdir.so
79LoadModule alias_module modules/mod_alias.so
80LoadModule rewrite_module modules/mod_rewrite.so
[1089]81LoadModule proxy_module modules/mod_proxy.so
82LoadModule proxy_http_module modules/mod_proxy_http.so
[39]83#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
84#LoadModule proxy_connect_module modules/mod_proxy_connect.so
85#LoadModule cache_module modules/mod_cache.so
86LoadModule suexec_module modules/mod_suexec.so
87#LoadModule disk_cache_module modules/mod_disk_cache.so
88#LoadModule file_cache_module modules/mod_file_cache.so
89#LoadModule mem_cache_module modules/mod_mem_cache.so
90LoadModule cgi_module modules/mod_cgi.so
91LoadModule ssl_module modules/mod_ssl.so
[2527]92LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
[478]93LoadModule vhost_ldap_module modules/mod_vhost_ldap.so
[2527]94LoadModule unixd_module modules/mod_unixd.so
[39]95
96User apache
97Group apache
98
99#ErrorDocument  403  /403-404.html
100#ErrorDocument  404  /403-404.html
101#ErrorDocument  500  /script_error.html
102
[247]103UserDir disabled
[39]104
105<Directory />
[642]106    AllowOverride None
[39]107    Options FollowSymLinks IncludesNoExec
108</Directory>
109
[642]110<Directory /afs/*/*/web_scripts>
111    AllowOverride All
112</Directory>
113<Directory /afs/*/*/*/web_scripts>
114    AllowOverride All
115</Directory>
116<Directory /afs/*/*/*/*/web_scripts>
117    AllowOverride All
118</Directory>
119<Directory /afs/*/*/*/*/*/web_scripts>
120    AllowOverride All
121</Directory>
122<Directory /afs/*/*/*/*/*/*/web_scripts>
123    AllowOverride All
124</Directory>
125<Directory /afs/*/*/*/*/*/*/*/web_scripts>
126    AllowOverride All
127</Directory>
128<Directory /afs/*/*/*/*/*/*/*/*/web_scripts>
129    AllowOverride All
130</Directory>
131
[39]132<IfModule mod_dir.c>
[1412]133    DirectoryIndex index index.html index.htm index.cgi index.pl index.php index.py index.shtml index.exe index.fcgi
[39]134</IfModule>
135
136AccessFileName .htaccess
137
138<Files ~ "^\.ht">
[2527]139    Require all denied
[39]140</Files>
141
142UseCanonicalName Off
143TypesConfig /etc/mime.types
144#MIMEMagicFile conf/magic
145
146HostnameLookups Off
[149]147ErrorLog "/home/logview/error_log"
[39]148LogLevel warn
149LogFormat "%V %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
150LogFormat "%h %l %u %t \"%r\" %>s %b" common
[1316]151LogFormat "%a %V %U" statistics
[39]152#CustomLog /var/log/httpd/access_log combined
[1341]153#CustomLog "|/etc/httpd/statistics_log_mitonly.sh" statistics
[39]154ServerSignature Off
155ServerAdmin scripts@mit.edu
156ServerTokens Prod
[2270]157Header add Scripts-IP "%{SERVER_ADDR}e"
[39]158
[257]159<IfModule mod_autoindex.c>
[602]160    Alias /__scripts/icons /var/www/icons
[257]161    <Directory /var/www/icons>
[802]162        Options Indexes
[257]163        AllowOverride None
164        <Files ~ "\.(gif|png)$">
165            SetHandler default-handler
166        </Files>
167    </Directory>
[39]168
169    IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable
170
[602]171    AddIconByEncoding (CMP,/__scripts/icons/compressed.gif) x-compress x-gzip
[39]172
[602]173    AddIconByType (TXT,/__scripts/icons/text.gif) text/*
174    AddIconByType (IMG,/__scripts/icons/image2.gif) image/*
175    AddIconByType (SND,/__scripts/icons/sound2.gif) audio/*
176    AddIconByType (VID,/__scripts/icons/movie.gif) video/*
[39]177
[602]178    AddIcon /__scripts/icons/binary.gif .bin .exe
179    AddIcon /__scripts/icons/binhex.gif .hqx
180    AddIcon /__scripts/icons/tar.gif .tar
181    AddIcon /__scripts/icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
182    AddIcon /__scripts/icons/compressed.gif .Z .z .tgz .gz .zip
183    AddIcon /__scripts/icons/a.gif .ps .ai .eps
184    AddIcon /__scripts/icons/layout.gif .html .shtml .htm .pdf
185    AddIcon /__scripts/icons/text.gif .txt
186    AddIcon /__scripts/icons/c.gif .c
187    AddIcon /__scripts/icons/p.gif .pl .py
188    AddIcon /__scripts/icons/f.gif .for
189    AddIcon /__scripts/icons/dvi.gif .dvi
190    AddIcon /__scripts/icons/uuencoded.gif .uu
191    AddIcon /__scripts/icons/script.gif .conf .sh .shar .csh .ksh .tcl
192    AddIcon /__scripts/icons/tex.gif .tex
193    AddIcon /__scripts/icons/bomb.gif core
[39]194
[602]195    AddIcon /__scripts/icons/back.gif ..
196    AddIcon /__scripts/icons/hand.right.gif README
197    AddIcon /__scripts/icons/folder.gif ^^DIRECTORY^^
198    AddIcon /__scripts/icons/blank.gif ^^BLANKICON^^
[39]199
[602]200    DefaultIcon /__scripts/icons/unknown.gif
[39]201
202    ReadmeName README
203    HeaderName HEADER
204   
[477]205    IndexIgnore .??* *~ *# RCS CVS *,v *,t
[39]206</IfModule>
207
208<IfModule mod_mime.c>
[257]209    AddType application/xhtml+xml         .xhtml
210    AddType application/http-index-format .hti
211    AddType text/html                     .html
212    AddType text/css                      .css
213    AddType text/xsl                      .xslt
214    AddType application/x-javascript      .js
215    AddType application/xml               .xml
216    AddType image/svg+xml                 .svg
217    AddType application/vnd.mozilla.xul+xml .xul
218    AddType application/rdf+xml             .rdf
219    AddType application/x-xpinstall         .xpi
220    AddType text/xml .xsl
221    AddType text/html .shtml
222    AddHandler server-parsed .shtml
[39]223
224    AddEncoding x-compress Z
225    AddEncoding x-gzip gz tgz
226
227    AddLanguage da .dk
228    AddLanguage nl .nl
229    AddLanguage en .en
230    AddLanguage et .ee
231    AddLanguage fr .fr
232    AddLanguage de .de
233    AddLanguage el .el
234    AddLanguage it .it
235    AddLanguage ja .ja
236    AddCharset ISO-2022-JP .jis
237    AddLanguage pl .po
238    AddCharset ISO-8859-2 .iso-pl
239    AddLanguage pt .pt
240    AddLanguage pt-br .pt-br
241    AddLanguage ltz .lu
242    AddLanguage ca .ca
243    AddLanguage es .es
244    AddLanguage sv .se
245    AddLanguage cz .cz
246
247    <IfModule mod_negotiation.c>
248        LanguagePriority en da nl et fr de el it ja pl pt pt-br ltz ca es sv
249    </IfModule>
250
251    AddType application/x-tar .tgz
252    AddType image/bmp .bmp
253
254    AddType text/x-hdml .hdml
255</IfModule>
256
257<IfModule mod_setenvif.c>
258    BrowserMatch "Mozilla/2" nokeepalive
259    BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
260    BrowserMatch "RealPlayer 4\.0" force-response-1.0
261    BrowserMatch "Java/1\.0" force-response-1.0
262    BrowserMatch "JDK/1\.0" force-response-1.0
263    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
264</IfModule>
265
266Listen 80
267
[1032]268RLimitCPU 300 300
[1772]269RLimitMEM 1610612736 1610612736
[972]270RLimitNPROC 4096 4096
[39]271
272NameVirtualHost *:80
273NameVirtualHost *:443
[332]274NameVirtualHost *:444
[151]275NameVirtualHost 18.181.0.50:80
276NameVirtualHost 18.181.0.50:443
[332]277NameVirtualHost 18.181.0.50:444
[39]278
279ServerName localhost
280DocumentRoot /afs/athena.mit.edu/contrib/scripts/www
[151]281
[972]282ExtendedStatus On
[151]283RewriteEngine Off
284
[1089]285ProxyRequests Off
286
[330]287<Location /robots.txt>
288    ErrorDocument 404 "No robots.txt.
[151]289</Location>
[330]290<Location /favicon.ico>
291    ErrorDocument 404 "No favicon.ico.
292</Location>
[151]293
294<VirtualHost 18.181.0.50:80>
[257]295    ServerName scripts-cert.mit.edu
296    ServerAlias scripts-cert
[330]297    Include conf.d/scripts-vhost.conf
[257]298    Include conf.d/vhosts-common.conf
[151]299</VirtualHost>
300
[454]301# LDAP vhost, w00t w00t
[478]302<VirtualHost *:80>
303    Include conf.d/vhost_ldap.conf
304    Include conf.d/vhosts-common.conf
305</VirtualHost>
[454]306
[151]307<VirtualHost *:80>
[332]308    Include conf.d/scripts-vhost-names.conf
[330]309    Include conf.d/scripts-vhost.conf
[257]310    Include conf.d/vhosts-common.conf
[151]311</VirtualHost>
312
[244]313<IfModule ssl_module>
[257]314    Listen 443
[332]315    Listen 444
[233]316
[257]317    AddType application/x-x509-ca-cert .crt
318    AddType application/x-pkcs7-crl    .crl
[233]319
[1540]320    # This directive allows insecure renegotiations to succeed for browsers
321    # that do not yet support RFC 5746.  It should be removed when enough
322    # of the world has caught up.
323    SSLInsecureRenegotiation on
324
[2321]325    # Temporary fix for presumed CRIME attack against SSL
326    SSLCompression off
327
[257]328    SSLPassPhraseDialog  builtin
[740]329    SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
[734]330    SSLSessionCacheTimeout 28800
[740]331    SSLRandomSeed startup file:/dev/urandom 256
[257]332    SSLRandomSeed connect builtin
[740]333    SSLCryptoDevice builtin
[973]334    SSLCertificateFile /etc/pki/tls/certs/star.scripts.pem
[2487]335    SSLCertificateChainFile /etc/pki/tls/certs/star.scripts.pem
336    SSLCertificateKeyFile /etc/pki/tls/private/scripts.key
[257]337    SSLCACertificateFile /etc/pki/tls/certs/ca.pem
338    SSLVerifyClient none
339    SSLOptions +StdEnvVars
[740]340    SSLProtocol all -SSLv2
[2527]341    SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
[332]342    <VirtualHost 18.181.0.50:443 18.181.0.50:444>
[257]343        ServerName scripts-cert.mit.edu
344        ServerAlias scripts-cert
[330]345        Include conf.d/scripts-vhost.conf
[257]346        Include conf.d/vhosts-common-ssl.conf
[369]347        SSLCertificateFile /etc/pki/tls/certs/scripts-cert.pem
[2229]348        SSLCertificateChainFile /etc/pki/tls/certs/scripts-cert.pem
[1887]349        SSLCertificateKeyFile /etc/pki/tls/private/scripts.key
[270]350        Include conf.d/vhosts-common-ssl-cert.conf
[257]351    </VirtualHost>
[973]352    <VirtualHost 18.181.0.43:443>
353        Include conf.d/scripts-vhost-names.conf
354        Include conf.d/scripts-vhost.conf
355        Include conf.d/vhosts-common-ssl.conf
356        SSLCertificateFile /etc/pki/tls/certs/scripts.pem
[1867]357        SSLCertificateKeyFile /etc/pki/tls/private/scripts.key
358        SSLCertificateChainFile /etc/pki/tls/certs/scripts.pem
[973]359    </VirtualHost>
360    <VirtualHost 18.181.0.43:444>
361        Include conf.d/scripts-vhost-names.conf
362        Include conf.d/scripts-vhost.conf
363        Include conf.d/vhosts-common-ssl.conf
364        Include conf.d/vhosts-common-ssl-cert.conf
365        SSLCertificateFile /etc/pki/tls/certs/scripts.pem
[1867]366        SSLCertificateKeyFile /etc/pki/tls/private/scripts.key
367        SSLCertificateChainFile /etc/pki/tls/certs/scripts.pem
[973]368    </VirtualHost>
[478]369    # LDAP vhost, w00t w00t
[257]370    <VirtualHost *:443>
[648]371        ServerName localhost
[478]372        Include conf.d/vhost_ldap.conf
373        Include conf.d/vhosts-common-ssl.conf
374    </VirtualHost>
[1086]375    # LDAP vhost, w00t w00t
376    <VirtualHost *:444>
377        ServerName localhost
378        Include conf.d/vhost_ldap.conf
379        Include conf.d/vhosts-common-ssl.conf
380        Include conf.d/vhosts-common-ssl-cert.conf
381    </VirtualHost>
[1082]382</IfModule>
383Include vhosts.d/*.conf
384<IfModule ssl_module>
[478]385    <VirtualHost *:443>
[648]386        ServerName scripts.scripts.mit.edu
[687]387        ServerAlias *.scripts.mit.edu *.scripts
[648]388        SSLCertificateFile /etc/pki/tls/certs/star.scripts.pem
[2487]389        SSLCertificateChainFile /etc/pki/tls/certs/star.scripts.pem
[648]390        Include conf.d/vhost_ldap.conf
391        Include conf.d/vhosts-common-ssl.conf
392    </VirtualHost>
393    <VirtualHost *:443>
[332]394        Include conf.d/scripts-vhost-names.conf
[330]395        Include conf.d/scripts-vhost.conf
[257]396        Include conf.d/vhosts-common-ssl.conf
397    </VirtualHost>
[332]398    <VirtualHost *:444>
[649]399        ServerName scripts.scripts.mit.edu
[687]400        ServerAlias *.scripts.mit.edu *.scripts
[649]401        SSLCertificateFile /etc/pki/tls/certs/star.scripts.pem
[2487]402        SSLCertificateChainFile /etc/pki/tls/certs/star.scripts.pem
[649]403        Include conf.d/vhost_ldap.conf
404        Include conf.d/vhosts-common-ssl.conf
405        Include conf.d/vhosts-common-ssl-cert.conf
406    </VirtualHost>
407    <VirtualHost *:444>
[332]408        Include conf.d/scripts-vhost-names.conf
409        Include conf.d/scripts-vhost.conf
410        Include conf.d/vhosts-common-ssl.conf
411        Include conf.d/vhosts-common-ssl-cert.conf
412    </VirtualHost>
[151]413</IfModule>
414
415LoadModule fcgid_module modules/mod_fcgid.so
416AddHandler fcgid-script fcgi
417<Files *.fcgi>
418        Options +ExecCGI
419</Files>
[1482]420SocketPath /var/run/mod_fcgid
421SharememPath /var/run/mod_fcgid/fcgid_shm
[1016]422IPCCommTimeout 300
[1732]423FcgidMaxRequestLen 209715200
[2020]424FcgidIdleTimeout 600
425FcgidMaxProcessesPerClass 10
426FcgidMinProcessesPerClass 0
427FcgidMaxRequestsPerProcess 10000
[151]428
[70]429Include conf.d/auth_sslcert.conf
[40]430Include conf.d/execsys.conf
[603]431Include conf.d/scripts-special.conf
Note: See TracBrowser for help on using the repository browser.