source: branches/fc19-dev/server/fedora/config/etc/httpd/conf/httpd.conf @ 2527

Last change on this file since 2527 was 2527, checked in by achernya, 8 years ago
Uncommitted httpd changes to get Apache 2.4 to start on c-w
File size: 13.7 KB
Line 
1ServerRoot /etc/httpd
2PidFile run/httpd.pid
3Timeout 300
4KeepAlive On
5MaxKeepAliveRequests 1000
6KeepAliveTimeout 15
7
8LoadModule mpm_worker_module modules/mod_mpm_worker.so
9
10<IfModule mpm_prefork_module>
11    MinSpareServers 5
12    MaxSpareServers 50
13    StartServers 8
14    ServerLimit 512
15    MaxClients 512
16    MaxRequestsPerChild 10000
17</IfModule>
18
19<IfModule mpm_worker_module>
20    StartServers 3
21    MinSpareThreads 75
22    MaxSpareThreads 250
23    ServerLimit 64
24    ThreadsPerChild 32
25    MaxClients 1024
26    MaxRequestsPerChild 10000
27</IfModule>
28
29<IfModule mpm_event_module>
30    StartServers 3
31    MinSpareThreads 75
32    MaxSpareThreads 250
33    ServerLimit 64
34    ThreadsPerChild 32
35    MaxClients 2048
36    MaxRequestsPerChild 10000
37</IfModule>
38
39# This file configures systemd module:
40LoadModule systemd_module modules/mod_systemd.so
41
42LoadModule auth_basic_module modules/mod_auth_basic.so
43LoadModule auth_digest_module modules/mod_auth_digest.so
44LoadModule authn_core_module modules/mod_authn_core.so
45LoadModule authn_file_module modules/mod_authn_file.so
46LoadModule authn_anon_module modules/mod_authn_anon.so
47#LoadModule authn_dbm_module modules/mod_authn_dbm.so
48LoadModule authz_core_module modules/mod_authz_core.so
49LoadModule authz_host_module modules/mod_authz_host.so
50LoadModule authz_user_module modules/mod_authz_user.so
51LoadModule authz_owner_module modules/mod_authz_owner.so
52LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
53#LoadModule authz_dbm_module modules/mod_authz_dbm.so
54LoadModule ldap_module modules/mod_ldap.so
55#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
56LoadModule include_module modules/mod_include.so
57LoadModule log_config_module modules/mod_log_config.so
58#LoadModule logio_module modules/mod_logio.so
59LoadModule env_module modules/mod_env.so
60LoadModule ext_filter_module modules/mod_ext_filter.so
61#LoadModule mime_magic_module modules/mod_mime_magic.so
62LoadModule expires_module modules/mod_expires.so
63LoadModule deflate_module modules/mod_deflate.so
64LoadModule headers_module modules/mod_headers.so
65#LoadModule usertrack_module modules/mod_usertrack.so
66LoadModule setenvif_module modules/mod_setenvif.so
67LoadModule mime_module modules/mod_mime.so
68#LoadModule dav_module modules/mod_dav.so
69LoadModule status_module modules/mod_status.so
70LoadModule autoindex_module modules/mod_autoindex.so
71#LoadModule info_module modules/mod_info.so
72#LoadModule dav_fs_module modules/mod_dav_fs.so
73#LoadModule vhost_alias_module modules/mod_vhost_alias.so
74LoadModule negotiation_module modules/mod_negotiation.so
75LoadModule dir_module modules/mod_dir.so
76LoadModule actions_module modules/mod_actions.so
77#LoadModule speling_module modules/mod_speling.so
78LoadModule userdir_module modules/mod_userdir.so
79LoadModule alias_module modules/mod_alias.so
80LoadModule rewrite_module modules/mod_rewrite.so
81LoadModule proxy_module modules/mod_proxy.so
82LoadModule proxy_http_module modules/mod_proxy_http.so
83#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
84#LoadModule proxy_connect_module modules/mod_proxy_connect.so
85#LoadModule cache_module modules/mod_cache.so
86LoadModule suexec_module modules/mod_suexec.so
87#LoadModule disk_cache_module modules/mod_disk_cache.so
88#LoadModule file_cache_module modules/mod_file_cache.so
89#LoadModule mem_cache_module modules/mod_mem_cache.so
90LoadModule cgi_module modules/mod_cgi.so
91LoadModule ssl_module modules/mod_ssl.so
92LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
93LoadModule vhost_ldap_module modules/mod_vhost_ldap.so
94LoadModule unixd_module modules/mod_unixd.so
95
96User apache
97Group apache
98
99#ErrorDocument  403  /403-404.html
100#ErrorDocument  404  /403-404.html
101#ErrorDocument  500  /script_error.html
102
103UserDir disabled
104
105<Directory />
106    AllowOverride None
107    Options FollowSymLinks IncludesNoExec
108</Directory>
109
110<Directory /afs/*/*/web_scripts>
111    AllowOverride All
112</Directory>
113<Directory /afs/*/*/*/web_scripts>
114    AllowOverride All
115</Directory>
116<Directory /afs/*/*/*/*/web_scripts>
117    AllowOverride All
118</Directory>
119<Directory /afs/*/*/*/*/*/web_scripts>
120    AllowOverride All
121</Directory>
122<Directory /afs/*/*/*/*/*/*/web_scripts>
123    AllowOverride All
124</Directory>
125<Directory /afs/*/*/*/*/*/*/*/web_scripts>
126    AllowOverride All
127</Directory>
128<Directory /afs/*/*/*/*/*/*/*/*/web_scripts>
129    AllowOverride All
130</Directory>
131
132<IfModule mod_dir.c>
133    DirectoryIndex index index.html index.htm index.cgi index.pl index.php index.py index.shtml index.exe index.fcgi
134</IfModule>
135
136AccessFileName .htaccess
137
138<Files ~ "^\.ht">
139    Require all denied
140</Files>
141
142UseCanonicalName Off
143TypesConfig /etc/mime.types
144#MIMEMagicFile conf/magic
145
146HostnameLookups Off
147ErrorLog "/home/logview/error_log"
148LogLevel warn
149LogFormat "%V %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
150LogFormat "%h %l %u %t \"%r\" %>s %b" common
151LogFormat "%a %V %U" statistics
152#CustomLog /var/log/httpd/access_log combined
153#CustomLog "|/etc/httpd/statistics_log_mitonly.sh" statistics
154ServerSignature Off
155ServerAdmin scripts@mit.edu
156ServerTokens Prod
157Header add Scripts-IP "%{SERVER_ADDR}e"
158
159<IfModule mod_autoindex.c>
160    Alias /__scripts/icons /var/www/icons
161    <Directory /var/www/icons>
162        Options Indexes
163        AllowOverride None
164        <Files ~ "\.(gif|png)$">
165            SetHandler default-handler
166        </Files>
167    </Directory>
168
169    IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable
170
171    AddIconByEncoding (CMP,/__scripts/icons/compressed.gif) x-compress x-gzip
172
173    AddIconByType (TXT,/__scripts/icons/text.gif) text/*
174    AddIconByType (IMG,/__scripts/icons/image2.gif) image/*
175    AddIconByType (SND,/__scripts/icons/sound2.gif) audio/*
176    AddIconByType (VID,/__scripts/icons/movie.gif) video/*
177
178    AddIcon /__scripts/icons/binary.gif .bin .exe
179    AddIcon /__scripts/icons/binhex.gif .hqx
180    AddIcon /__scripts/icons/tar.gif .tar
181    AddIcon /__scripts/icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
182    AddIcon /__scripts/icons/compressed.gif .Z .z .tgz .gz .zip
183    AddIcon /__scripts/icons/a.gif .ps .ai .eps
184    AddIcon /__scripts/icons/layout.gif .html .shtml .htm .pdf
185    AddIcon /__scripts/icons/text.gif .txt
186    AddIcon /__scripts/icons/c.gif .c
187    AddIcon /__scripts/icons/p.gif .pl .py
188    AddIcon /__scripts/icons/f.gif .for
189    AddIcon /__scripts/icons/dvi.gif .dvi
190    AddIcon /__scripts/icons/uuencoded.gif .uu
191    AddIcon /__scripts/icons/script.gif .conf .sh .shar .csh .ksh .tcl
192    AddIcon /__scripts/icons/tex.gif .tex
193    AddIcon /__scripts/icons/bomb.gif core
194
195    AddIcon /__scripts/icons/back.gif ..
196    AddIcon /__scripts/icons/hand.right.gif README
197    AddIcon /__scripts/icons/folder.gif ^^DIRECTORY^^
198    AddIcon /__scripts/icons/blank.gif ^^BLANKICON^^
199
200    DefaultIcon /__scripts/icons/unknown.gif
201
202    ReadmeName README
203    HeaderName HEADER
204   
205    IndexIgnore .??* *~ *# RCS CVS *,v *,t
206</IfModule>
207
208<IfModule mod_mime.c>
209    AddType application/xhtml+xml         .xhtml
210    AddType application/http-index-format .hti
211    AddType text/html                     .html
212    AddType text/css                      .css
213    AddType text/xsl                      .xslt
214    AddType application/x-javascript      .js
215    AddType application/xml               .xml
216    AddType image/svg+xml                 .svg
217    AddType application/vnd.mozilla.xul+xml .xul
218    AddType application/rdf+xml             .rdf
219    AddType application/x-xpinstall         .xpi
220    AddType text/xml .xsl
221    AddType text/html .shtml
222    AddHandler server-parsed .shtml
223
224    AddEncoding x-compress Z
225    AddEncoding x-gzip gz tgz
226
227    AddLanguage da .dk
228    AddLanguage nl .nl
229    AddLanguage en .en
230    AddLanguage et .ee
231    AddLanguage fr .fr
232    AddLanguage de .de
233    AddLanguage el .el
234    AddLanguage it .it
235    AddLanguage ja .ja
236    AddCharset ISO-2022-JP .jis
237    AddLanguage pl .po
238    AddCharset ISO-8859-2 .iso-pl
239    AddLanguage pt .pt
240    AddLanguage pt-br .pt-br
241    AddLanguage ltz .lu
242    AddLanguage ca .ca
243    AddLanguage es .es
244    AddLanguage sv .se
245    AddLanguage cz .cz
246
247    <IfModule mod_negotiation.c>
248        LanguagePriority en da nl et fr de el it ja pl pt pt-br ltz ca es sv
249    </IfModule>
250
251    AddType application/x-tar .tgz
252    AddType image/bmp .bmp
253
254    AddType text/x-hdml .hdml
255</IfModule>
256
257<IfModule mod_setenvif.c>
258    BrowserMatch "Mozilla/2" nokeepalive
259    BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
260    BrowserMatch "RealPlayer 4\.0" force-response-1.0
261    BrowserMatch "Java/1\.0" force-response-1.0
262    BrowserMatch "JDK/1\.0" force-response-1.0
263    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
264</IfModule>
265
266Listen 80
267
268RLimitCPU 300 300
269RLimitMEM 1610612736 1610612736
270RLimitNPROC 4096 4096
271
272NameVirtualHost *:80
273NameVirtualHost *:443
274NameVirtualHost *:444
275NameVirtualHost 18.181.0.50:80
276NameVirtualHost 18.181.0.50:443
277NameVirtualHost 18.181.0.50:444
278
279ServerName localhost
280DocumentRoot /afs/athena.mit.edu/contrib/scripts/www
281
282ExtendedStatus On
283RewriteEngine Off
284
285ProxyRequests Off
286
287<Location /robots.txt>
288    ErrorDocument 404 "No robots.txt.
289</Location>
290<Location /favicon.ico>
291    ErrorDocument 404 "No favicon.ico.
292</Location>
293
294<VirtualHost 18.181.0.50:80>
295    ServerName scripts-cert.mit.edu
296    ServerAlias scripts-cert
297    Include conf.d/scripts-vhost.conf
298    Include conf.d/vhosts-common.conf
299</VirtualHost>
300
301# LDAP vhost, w00t w00t
302<VirtualHost *:80>
303    Include conf.d/vhost_ldap.conf
304    Include conf.d/vhosts-common.conf
305</VirtualHost>
306
307<VirtualHost *:80>
308    Include conf.d/scripts-vhost-names.conf
309    Include conf.d/scripts-vhost.conf
310    Include conf.d/vhosts-common.conf
311</VirtualHost>
312
313<IfModule ssl_module>
314    Listen 443
315    Listen 444
316
317    AddType application/x-x509-ca-cert .crt
318    AddType application/x-pkcs7-crl    .crl
319
320    # This directive allows insecure renegotiations to succeed for browsers
321    # that do not yet support RFC 5746.  It should be removed when enough
322    # of the world has caught up.
323    SSLInsecureRenegotiation on
324
325    # Temporary fix for presumed CRIME attack against SSL
326    SSLCompression off
327
328    SSLPassPhraseDialog  builtin
329    SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
330    SSLSessionCacheTimeout 28800
331    SSLRandomSeed startup file:/dev/urandom 256
332    SSLRandomSeed connect builtin
333    SSLCryptoDevice builtin
334    SSLCertificateFile /etc/pki/tls/certs/star.scripts.pem
335    SSLCertificateChainFile /etc/pki/tls/certs/star.scripts.pem
336    SSLCertificateKeyFile /etc/pki/tls/private/scripts.key
337    SSLCACertificateFile /etc/pki/tls/certs/ca.pem
338    SSLVerifyClient none
339    SSLOptions +StdEnvVars
340    SSLProtocol all -SSLv2
341    SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
342    <VirtualHost 18.181.0.50:443 18.181.0.50:444>
343        ServerName scripts-cert.mit.edu
344        ServerAlias scripts-cert
345        Include conf.d/scripts-vhost.conf
346        Include conf.d/vhosts-common-ssl.conf
347        SSLCertificateFile /etc/pki/tls/certs/scripts-cert.pem
348        SSLCertificateChainFile /etc/pki/tls/certs/scripts-cert.pem
349        SSLCertificateKeyFile /etc/pki/tls/private/scripts.key
350        Include conf.d/vhosts-common-ssl-cert.conf
351    </VirtualHost>
352    <VirtualHost 18.181.0.43:443>
353        Include conf.d/scripts-vhost-names.conf
354        Include conf.d/scripts-vhost.conf
355        Include conf.d/vhosts-common-ssl.conf
356        SSLCertificateFile /etc/pki/tls/certs/scripts.pem
357        SSLCertificateKeyFile /etc/pki/tls/private/scripts.key
358        SSLCertificateChainFile /etc/pki/tls/certs/scripts.pem
359    </VirtualHost>
360    <VirtualHost 18.181.0.43:444>
361        Include conf.d/scripts-vhost-names.conf
362        Include conf.d/scripts-vhost.conf
363        Include conf.d/vhosts-common-ssl.conf
364        Include conf.d/vhosts-common-ssl-cert.conf
365        SSLCertificateFile /etc/pki/tls/certs/scripts.pem
366        SSLCertificateKeyFile /etc/pki/tls/private/scripts.key
367        SSLCertificateChainFile /etc/pki/tls/certs/scripts.pem
368    </VirtualHost>
369    # LDAP vhost, w00t w00t
370    <VirtualHost *:443>
371        ServerName localhost
372        Include conf.d/vhost_ldap.conf
373        Include conf.d/vhosts-common-ssl.conf
374    </VirtualHost>
375    # LDAP vhost, w00t w00t
376    <VirtualHost *:444>
377        ServerName localhost
378        Include conf.d/vhost_ldap.conf
379        Include conf.d/vhosts-common-ssl.conf
380        Include conf.d/vhosts-common-ssl-cert.conf
381    </VirtualHost>
382</IfModule>
383Include vhosts.d/*.conf
384<IfModule ssl_module>
385    <VirtualHost *:443>
386        ServerName scripts.scripts.mit.edu
387        ServerAlias *.scripts.mit.edu *.scripts
388        SSLCertificateFile /etc/pki/tls/certs/star.scripts.pem
389        SSLCertificateChainFile /etc/pki/tls/certs/star.scripts.pem
390        Include conf.d/vhost_ldap.conf
391        Include conf.d/vhosts-common-ssl.conf
392    </VirtualHost>
393    <VirtualHost *:443>
394        Include conf.d/scripts-vhost-names.conf
395        Include conf.d/scripts-vhost.conf
396        Include conf.d/vhosts-common-ssl.conf
397    </VirtualHost>
398    <VirtualHost *:444>
399        ServerName scripts.scripts.mit.edu
400        ServerAlias *.scripts.mit.edu *.scripts
401        SSLCertificateFile /etc/pki/tls/certs/star.scripts.pem
402        SSLCertificateChainFile /etc/pki/tls/certs/star.scripts.pem
403        Include conf.d/vhost_ldap.conf
404        Include conf.d/vhosts-common-ssl.conf
405        Include conf.d/vhosts-common-ssl-cert.conf
406    </VirtualHost>
407    <VirtualHost *:444>
408        Include conf.d/scripts-vhost-names.conf
409        Include conf.d/scripts-vhost.conf
410        Include conf.d/vhosts-common-ssl.conf
411        Include conf.d/vhosts-common-ssl-cert.conf
412    </VirtualHost>
413</IfModule>
414
415LoadModule fcgid_module modules/mod_fcgid.so
416AddHandler fcgid-script fcgi
417<Files *.fcgi>
418        Options +ExecCGI
419</Files>
420SocketPath /var/run/mod_fcgid
421SharememPath /var/run/mod_fcgid/fcgid_shm
422IPCCommTimeout 300
423FcgidMaxRequestLen 209715200
424FcgidIdleTimeout 600
425FcgidMaxProcessesPerClass 10
426FcgidMinProcessesPerClass 0
427FcgidMaxRequestsPerProcess 10000
428
429Include conf.d/auth_sslcert.conf
430Include conf.d/execsys.conf
431Include conf.d/scripts-special.conf
Note: See TracBrowser for help on using the repository browser.