source: server/fedora/config/etc/httpd/conf/httpd.conf @ 754

Last change on this file since 754 was 754, checked in by andersk, 16 years ago
Use the scripts private key for *.scripts as well (the previous *.scripts key was compromised by CVE-2008-0166).
File size: 11.8 KB
RevLine 
[39]1ServerRoot /etc/httpd
2PidFile run/httpd.pid
3Timeout 300
[231]4KeepAlive On
[39]5MaxKeepAliveRequests 1000
[734]6KeepAliveTimeout 15
[39]7
[708]8<IfModule mpm_prefork_module>
9    MinSpareServers 5
10    MaxSpareServers 20
11    StartServers 8
12    MaxClients 256
13    MaxRequestsPerChild 4000
14</IfModule>
15
16<IfModule mpm_worker_module>
17    StartServers 3
18    MinSpareThreads 75
19    MaxSpareThreads 250
20    ServerLimit 16
21    ThreadsPerChild 25
22    MaxClients 400
23    MaxRequestsPerChild 10000
24</IfModule>
25
[39]26LoadModule auth_basic_module modules/mod_auth_basic.so
27LoadModule auth_digest_module modules/mod_auth_digest.so
28LoadModule authn_file_module modules/mod_authn_file.so
29LoadModule authn_alias_module modules/mod_authn_alias.so
30LoadModule authn_anon_module modules/mod_authn_anon.so
31#LoadModule authn_dbm_module modules/mod_authn_dbm.so
32LoadModule authn_default_module modules/mod_authn_default.so
33LoadModule authz_host_module modules/mod_authz_host.so
34LoadModule authz_user_module modules/mod_authz_user.so
35LoadModule authz_owner_module modules/mod_authz_owner.so
36LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
37#LoadModule authz_dbm_module modules/mod_authz_dbm.so
38LoadModule authz_default_module modules/mod_authz_default.so
[478]39LoadModule ldap_module modules/mod_ldap.so
[39]40#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
41LoadModule include_module modules/mod_include.so
42LoadModule log_config_module modules/mod_log_config.so
43#LoadModule logio_module modules/mod_logio.so
44LoadModule env_module modules/mod_env.so
45LoadModule ext_filter_module modules/mod_ext_filter.so
46#LoadModule mime_magic_module modules/mod_mime_magic.so
[635]47LoadModule expires_module modules/mod_expires.so
[39]48#LoadModule deflate_module modules/mod_deflate.so
[365]49LoadModule headers_module modules/mod_headers.so
[39]50#LoadModule usertrack_module modules/mod_usertrack.so
51LoadModule setenvif_module modules/mod_setenvif.so
52LoadModule mime_module modules/mod_mime.so
53#LoadModule dav_module modules/mod_dav.so
[151]54LoadModule status_module modules/mod_status.so
[39]55LoadModule autoindex_module modules/mod_autoindex.so
56#LoadModule info_module modules/mod_info.so
57#LoadModule dav_fs_module modules/mod_dav_fs.so
58#LoadModule vhost_alias_module modules/mod_vhost_alias.so
[520]59LoadModule negotiation_module modules/mod_negotiation.so
[39]60LoadModule dir_module modules/mod_dir.so
61LoadModule actions_module modules/mod_actions.so
62#LoadModule speling_module modules/mod_speling.so
63LoadModule userdir_module modules/mod_userdir.so
64LoadModule alias_module modules/mod_alias.so
65LoadModule rewrite_module modules/mod_rewrite.so
66#LoadModule proxy_module modules/mod_proxy.so
67#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
68#LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
69#LoadModule proxy_http_module modules/mod_proxy_http.so
70#LoadModule proxy_connect_module modules/mod_proxy_connect.so
71#LoadModule cache_module modules/mod_cache.so
72LoadModule suexec_module modules/mod_suexec.so
73#LoadModule disk_cache_module modules/mod_disk_cache.so
74#LoadModule file_cache_module modules/mod_file_cache.so
75#LoadModule mem_cache_module modules/mod_mem_cache.so
76LoadModule cgi_module modules/mod_cgi.so
77LoadModule ssl_module modules/mod_ssl.so
[478]78LoadModule vhost_ldap_module modules/mod_vhost_ldap.so
[39]79
80User apache
81Group apache
82
83#ErrorDocument  403  /403-404.html
84#ErrorDocument  404  /403-404.html
85#ErrorDocument  500  /script_error.html
86
[247]87UserDir disabled
[39]88
89<Directory />
[642]90    AllowOverride None
[39]91    Options FollowSymLinks IncludesNoExec
92</Directory>
93
[642]94<Directory /afs/*/*/web_scripts>
95    AllowOverride All
96</Directory>
97<Directory /afs/*/*/*/web_scripts>
98    AllowOverride All
99</Directory>
100<Directory /afs/*/*/*/*/web_scripts>
101    AllowOverride All
102</Directory>
103<Directory /afs/*/*/*/*/*/web_scripts>
104    AllowOverride All
105</Directory>
106<Directory /afs/*/*/*/*/*/*/web_scripts>
107    AllowOverride All
108</Directory>
109<Directory /afs/*/*/*/*/*/*/*/web_scripts>
110    AllowOverride All
111</Directory>
112<Directory /afs/*/*/*/*/*/*/*/*/web_scripts>
113    AllowOverride All
114</Directory>
115
[39]116<IfModule mod_dir.c>
[520]117    DirectoryIndex index index.html index.htm index.cgi index.pl index.php index.py index.shtml index.exe
[39]118</IfModule>
119
120AccessFileName .htaccess
121
122<Files ~ "^\.ht">
[257]123    Order Allow,Deny
124    Deny from all
[39]125</Files>
126
127UseCanonicalName Off
128TypesConfig /etc/mime.types
129DefaultType text/plain
130#MIMEMagicFile conf/magic
131
132HostnameLookups Off
[149]133ErrorLog "/home/logview/error_log"
[39]134LogLevel warn
135LogFormat "%V %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
136LogFormat "%h %l %u %t \"%r\" %>s %b" common
137#CustomLog /var/log/httpd/access_log combined
138ServerSignature Off
139ServerAdmin scripts@mit.edu
140ServerTokens Prod
141
[257]142<IfModule mod_autoindex.c>
[602]143    Alias /__scripts/icons /var/www/icons
[257]144    <Directory /var/www/icons>
145        Options None
146        AllowOverride None
147        <Files ~ "\.(gif|png)$">
148            SetHandler default-handler
149        </Files>
150    </Directory>
[39]151
152    IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable
153
[602]154    AddIconByEncoding (CMP,/__scripts/icons/compressed.gif) x-compress x-gzip
[39]155
[602]156    AddIconByType (TXT,/__scripts/icons/text.gif) text/*
157    AddIconByType (IMG,/__scripts/icons/image2.gif) image/*
158    AddIconByType (SND,/__scripts/icons/sound2.gif) audio/*
159    AddIconByType (VID,/__scripts/icons/movie.gif) video/*
[39]160
[602]161    AddIcon /__scripts/icons/binary.gif .bin .exe
162    AddIcon /__scripts/icons/binhex.gif .hqx
163    AddIcon /__scripts/icons/tar.gif .tar
164    AddIcon /__scripts/icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
165    AddIcon /__scripts/icons/compressed.gif .Z .z .tgz .gz .zip
166    AddIcon /__scripts/icons/a.gif .ps .ai .eps
167    AddIcon /__scripts/icons/layout.gif .html .shtml .htm .pdf
168    AddIcon /__scripts/icons/text.gif .txt
169    AddIcon /__scripts/icons/c.gif .c
170    AddIcon /__scripts/icons/p.gif .pl .py
171    AddIcon /__scripts/icons/f.gif .for
172    AddIcon /__scripts/icons/dvi.gif .dvi
173    AddIcon /__scripts/icons/uuencoded.gif .uu
174    AddIcon /__scripts/icons/script.gif .conf .sh .shar .csh .ksh .tcl
175    AddIcon /__scripts/icons/tex.gif .tex
176    AddIcon /__scripts/icons/bomb.gif core
177    AddIcon /__scripts/icons/deb.gif .deb
[39]178
[602]179    AddIcon /__scripts/icons/back.gif ..
180    AddIcon /__scripts/icons/hand.right.gif README
181    AddIcon /__scripts/icons/folder.gif ^^DIRECTORY^^
182    AddIcon /__scripts/icons/blank.gif ^^BLANKICON^^
[39]183
[602]184    DefaultIcon /__scripts/icons/unknown.gif
[39]185
186    ReadmeName README
187    HeaderName HEADER
188   
[477]189    IndexIgnore .??* *~ *# RCS CVS *,v *,t
[39]190</IfModule>
191
192<IfModule mod_mime.c>
[257]193    AddType application/xhtml+xml         .xhtml
194    AddType application/http-index-format .hti
195    AddType text/html                     .html
196    AddType text/css                      .css
197    AddType text/xsl                      .xslt
198    AddType application/x-javascript      .js
199    AddType application/xml               .xml
200    AddType image/svg+xml                 .svg
201    AddType application/vnd.mozilla.xul+xml .xul
202    AddType application/rdf+xml             .rdf
203    AddType application/x-xpinstall         .xpi
204    AddType text/xml .xsl
205    AddType text/html .shtml
206    AddHandler server-parsed .shtml
[39]207
208    AddEncoding x-compress Z
209    AddEncoding x-gzip gz tgz
210
211    AddLanguage da .dk
212    AddLanguage nl .nl
213    AddLanguage en .en
214    AddLanguage et .ee
215    AddLanguage fr .fr
216    AddLanguage de .de
217    AddLanguage el .el
218    AddLanguage it .it
219    AddLanguage ja .ja
220    AddCharset ISO-2022-JP .jis
221    AddLanguage pl .po
222    AddCharset ISO-8859-2 .iso-pl
223    AddLanguage pt .pt
224    AddLanguage pt-br .pt-br
225    AddLanguage ltz .lu
226    AddLanguage ca .ca
227    AddLanguage es .es
228    AddLanguage sv .se
229    AddLanguage cz .cz
230
231    <IfModule mod_negotiation.c>
232        LanguagePriority en da nl et fr de el it ja pl pt pt-br ltz ca es sv
233    </IfModule>
234
235    AddType application/x-tar .tgz
236    AddType image/bmp .bmp
237
238    AddType text/x-hdml .hdml
239</IfModule>
240
241<IfModule mod_setenvif.c>
242    BrowserMatch "Mozilla/2" nokeepalive
243    BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
244    BrowserMatch "RealPlayer 4\.0" force-response-1.0
245    BrowserMatch "Java/1\.0" force-response-1.0
246    BrowserMatch "JDK/1\.0" force-response-1.0
247    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
248</IfModule>
249
250Listen 80
251
252RLimitCPU 60 60
[301]253RLimitMEM 536870912 536870912
[39]254RLimitNPROC 1024 1024
255
256SetEnv REDIRECT_STATUS CGI
257SetEnv PHPRC .
258
259NameVirtualHost *:80
260NameVirtualHost *:443
[332]261NameVirtualHost *:444
[151]262NameVirtualHost 18.181.0.50:80
263NameVirtualHost 18.181.0.50:443
[332]264NameVirtualHost 18.181.0.50:444
[39]265
266ServerName localhost
267DocumentRoot /afs/athena.mit.edu/contrib/scripts/www
[151]268
269ExtendedStatus On
270RewriteEngine Off
271
[330]272<Location /robots.txt>
273    ErrorDocument 404 "No robots.txt.
[151]274</Location>
[330]275<Location /favicon.ico>
276    ErrorDocument 404 "No favicon.ico.
277</Location>
[151]278
279<VirtualHost 18.181.0.50:80>
[257]280    ServerName scripts-cert.mit.edu
281    ServerAlias scripts-cert
[330]282    Include conf.d/scripts-vhost.conf
[257]283    Include conf.d/vhosts-common.conf
[151]284</VirtualHost>
285
[454]286# LDAP vhost, w00t w00t
[478]287<VirtualHost *:80>
288    Include conf.d/vhost_ldap.conf
289    Include conf.d/vhosts-common.conf
290</VirtualHost>
[454]291
[151]292<VirtualHost *:80>
[332]293    Include conf.d/scripts-vhost-names.conf
[330]294    Include conf.d/scripts-vhost.conf
[257]295    Include conf.d/vhosts-common.conf
[151]296</VirtualHost>
297
[244]298<IfModule ssl_module>
[257]299    Listen 443
[332]300    Listen 444
[233]301
[257]302    AddType application/x-x509-ca-cert .crt
303    AddType application/x-pkcs7-crl    .crl
[233]304
[257]305    SSLPassPhraseDialog  builtin
[740]306    SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
[734]307    SSLSessionCacheTimeout 28800
[740]308    SSLMutex default
309    SSLRandomSeed startup file:/dev/urandom 256
[257]310    SSLRandomSeed connect builtin
[740]311    SSLCryptoDevice builtin
[369]312    SSLCertificateFile /etc/pki/tls/certs/scripts.pem
[370]313    SSLCertificateKeyFile /etc/pki/tls/private/scripts.key
[257]314    SSLCACertificateFile /etc/pki/tls/certs/ca.pem
315    SSLVerifyClient none
316    SSLOptions +StdEnvVars
[740]317    SSLProtocol all -SSLv2
318    SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
[332]319    <VirtualHost 18.181.0.50:443 18.181.0.50:444>
[257]320        ServerName scripts-cert.mit.edu
321        ServerAlias scripts-cert
[330]322        Include conf.d/scripts-vhost.conf
[257]323        Include conf.d/vhosts-common-ssl.conf
[369]324        SSLCertificateFile /etc/pki/tls/certs/scripts-cert.pem
[270]325        Include conf.d/vhosts-common-ssl-cert.conf
[257]326    </VirtualHost>
[478]327    # LDAP vhost, w00t w00t
[257]328    <VirtualHost *:443>
[648]329        ServerName localhost
[478]330        Include conf.d/vhost_ldap.conf
331        Include conf.d/vhosts-common-ssl.conf
332    </VirtualHost>
333    <VirtualHost *:443>
[648]334        ServerName scripts.scripts.mit.edu
[687]335        ServerAlias *.scripts.mit.edu *.scripts
[648]336        SSLCertificateFile /etc/pki/tls/certs/star.scripts.pem
337        Include conf.d/vhost_ldap.conf
338        Include conf.d/vhosts-common-ssl.conf
339    </VirtualHost>
340    <VirtualHost *:443>
[332]341        Include conf.d/scripts-vhost-names.conf
[330]342        Include conf.d/scripts-vhost.conf
[257]343        Include conf.d/vhosts-common-ssl.conf
344    </VirtualHost>
[478]345    # LDAP vhost, w00t w00t
[332]346    <VirtualHost *:444>
[649]347        ServerName localhost
[478]348        Include conf.d/vhost_ldap.conf
[648]349        Include conf.d/vhosts-common-ssl.conf
350        Include conf.d/vhosts-common-ssl-cert.conf
[478]351    </VirtualHost>
352    <VirtualHost *:444>
[649]353        ServerName scripts.scripts.mit.edu
[687]354        ServerAlias *.scripts.mit.edu *.scripts
[649]355        SSLCertificateFile /etc/pki/tls/certs/star.scripts.pem
356        SSLCertificateKeyFile /etc/pki/tls/private/star.scripts.key
357        Include conf.d/vhost_ldap.conf
358        Include conf.d/vhosts-common-ssl.conf
359        Include conf.d/vhosts-common-ssl-cert.conf
360    </VirtualHost>
361    <VirtualHost *:444>
[332]362        Include conf.d/scripts-vhost-names.conf
363        Include conf.d/scripts-vhost.conf
364        Include conf.d/vhosts-common-ssl.conf
365        Include conf.d/vhosts-common-ssl-cert.conf
366    </VirtualHost>
[151]367</IfModule>
368
369LoadModule fcgid_module modules/mod_fcgid.so
370AddHandler fcgid-script fcgi
371<Files *.fcgi>
372        Options +ExecCGI
373</Files>
374SocketPath run/mod_fcgid
375
[70]376Include conf.d/auth_sslcert.conf
[40]377Include conf.d/execsys.conf
[603]378Include conf.d/scripts-special.conf
Note: See TracBrowser for help on using the repository browser.