source: trunk/server/fedora/config/etc/httpd/conf/httpd.conf @ 1164

Last change on this file since 1164 was 1164, checked in by quentin, 13 years ago
Revert r1162 (DDoS over?)
File size: 12.5 KB
RevLine 
[39]1ServerRoot /etc/httpd
2PidFile run/httpd.pid
[1164]3Timeout 300
[231]4KeepAlive On
[39]5MaxKeepAliveRequests 1000
[734]6KeepAliveTimeout 15
[39]7
[708]8<IfModule mpm_prefork_module>
9    MinSpareServers 5
[759]10    MaxSpareServers 50
[708]11    StartServers 8
[759]12    ServerLimit 512
13    MaxClients 512
[831]14    MaxRequestsPerChild 10000
[708]15</IfModule>
16
17<IfModule mpm_worker_module>
18    StartServers 3
19    MinSpareThreads 75
20    MaxSpareThreads 250
[972]21    ServerLimit 64
[759]22    ThreadsPerChild 32
23    MaxClients 1024
[831]24    MaxRequestsPerChild 10000
[708]25</IfModule>
26
[972]27<IfModule mpm_event_module>
28    StartServers 3
29    MinSpareThreads 75
30    MaxSpareThreads 250
31    ServerLimit 64
32    ThreadsPerChild 32
33    MaxClients 2048
34    MaxRequestsPerChild 10000
35</IfModule>
36
[39]37LoadModule auth_basic_module modules/mod_auth_basic.so
38LoadModule auth_digest_module modules/mod_auth_digest.so
39LoadModule authn_file_module modules/mod_authn_file.so
40LoadModule authn_alias_module modules/mod_authn_alias.so
41LoadModule authn_anon_module modules/mod_authn_anon.so
42#LoadModule authn_dbm_module modules/mod_authn_dbm.so
43LoadModule authn_default_module modules/mod_authn_default.so
44LoadModule authz_host_module modules/mod_authz_host.so
45LoadModule authz_user_module modules/mod_authz_user.so
46LoadModule authz_owner_module modules/mod_authz_owner.so
47LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
48#LoadModule authz_dbm_module modules/mod_authz_dbm.so
49LoadModule authz_default_module modules/mod_authz_default.so
[478]50LoadModule ldap_module modules/mod_ldap.so
[39]51#LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
52LoadModule include_module modules/mod_include.so
53LoadModule log_config_module modules/mod_log_config.so
54#LoadModule logio_module modules/mod_logio.so
55LoadModule env_module modules/mod_env.so
56LoadModule ext_filter_module modules/mod_ext_filter.so
57#LoadModule mime_magic_module modules/mod_mime_magic.so
[635]58LoadModule expires_module modules/mod_expires.so
[39]59#LoadModule deflate_module modules/mod_deflate.so
[365]60LoadModule headers_module modules/mod_headers.so
[39]61#LoadModule usertrack_module modules/mod_usertrack.so
62LoadModule setenvif_module modules/mod_setenvif.so
63LoadModule mime_module modules/mod_mime.so
64#LoadModule dav_module modules/mod_dav.so
[972]65LoadModule status_module modules/mod_status.so
[39]66LoadModule autoindex_module modules/mod_autoindex.so
67#LoadModule info_module modules/mod_info.so
68#LoadModule dav_fs_module modules/mod_dav_fs.so
69#LoadModule vhost_alias_module modules/mod_vhost_alias.so
[520]70LoadModule negotiation_module modules/mod_negotiation.so
[39]71LoadModule dir_module modules/mod_dir.so
72LoadModule actions_module modules/mod_actions.so
73#LoadModule speling_module modules/mod_speling.so
74LoadModule userdir_module modules/mod_userdir.so
75LoadModule alias_module modules/mod_alias.so
76LoadModule rewrite_module modules/mod_rewrite.so
[1089]77LoadModule proxy_module modules/mod_proxy.so
78LoadModule proxy_http_module modules/mod_proxy_http.so
[39]79#LoadModule proxy_balancer_module modules/mod_proxy_balancer.so
80#LoadModule proxy_connect_module modules/mod_proxy_connect.so
81#LoadModule cache_module modules/mod_cache.so
82LoadModule suexec_module modules/mod_suexec.so
83#LoadModule disk_cache_module modules/mod_disk_cache.so
84#LoadModule file_cache_module modules/mod_file_cache.so
85#LoadModule mem_cache_module modules/mod_mem_cache.so
86LoadModule cgi_module modules/mod_cgi.so
87LoadModule ssl_module modules/mod_ssl.so
[478]88LoadModule vhost_ldap_module modules/mod_vhost_ldap.so
[39]89
90User apache
91Group apache
92
93#ErrorDocument  403  /403-404.html
94#ErrorDocument  404  /403-404.html
95#ErrorDocument  500  /script_error.html
96
[247]97UserDir disabled
[39]98
99<Directory />
[642]100    AllowOverride None
[39]101    Options FollowSymLinks IncludesNoExec
102</Directory>
103
[642]104<Directory /afs/*/*/web_scripts>
105    AllowOverride All
106</Directory>
107<Directory /afs/*/*/*/web_scripts>
108    AllowOverride All
109</Directory>
110<Directory /afs/*/*/*/*/web_scripts>
111    AllowOverride All
112</Directory>
113<Directory /afs/*/*/*/*/*/web_scripts>
114    AllowOverride All
115</Directory>
116<Directory /afs/*/*/*/*/*/*/web_scripts>
117    AllowOverride All
118</Directory>
119<Directory /afs/*/*/*/*/*/*/*/web_scripts>
120    AllowOverride All
121</Directory>
122<Directory /afs/*/*/*/*/*/*/*/*/web_scripts>
123    AllowOverride All
124</Directory>
125
[39]126<IfModule mod_dir.c>
[520]127    DirectoryIndex index index.html index.htm index.cgi index.pl index.php index.py index.shtml index.exe
[39]128</IfModule>
129
130AccessFileName .htaccess
131
132<Files ~ "^\.ht">
[257]133    Order Allow,Deny
134    Deny from all
[39]135</Files>
136
137UseCanonicalName Off
138TypesConfig /etc/mime.types
139DefaultType text/plain
140#MIMEMagicFile conf/magic
141
142HostnameLookups Off
[149]143ErrorLog "/home/logview/error_log"
[39]144LogLevel warn
145LogFormat "%V %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
146LogFormat "%h %l %u %t \"%r\" %>s %b" common
147#CustomLog /var/log/httpd/access_log combined
148ServerSignature Off
149ServerAdmin scripts@mit.edu
150ServerTokens Prod
151
[257]152<IfModule mod_autoindex.c>
[602]153    Alias /__scripts/icons /var/www/icons
[257]154    <Directory /var/www/icons>
[802]155        Options Indexes
[257]156        AllowOverride None
157        <Files ~ "\.(gif|png)$">
158            SetHandler default-handler
159        </Files>
160    </Directory>
[39]161
162    IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable
163
[602]164    AddIconByEncoding (CMP,/__scripts/icons/compressed.gif) x-compress x-gzip
[39]165
[602]166    AddIconByType (TXT,/__scripts/icons/text.gif) text/*
167    AddIconByType (IMG,/__scripts/icons/image2.gif) image/*
168    AddIconByType (SND,/__scripts/icons/sound2.gif) audio/*
169    AddIconByType (VID,/__scripts/icons/movie.gif) video/*
[39]170
[602]171    AddIcon /__scripts/icons/binary.gif .bin .exe
172    AddIcon /__scripts/icons/binhex.gif .hqx
173    AddIcon /__scripts/icons/tar.gif .tar
174    AddIcon /__scripts/icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
175    AddIcon /__scripts/icons/compressed.gif .Z .z .tgz .gz .zip
176    AddIcon /__scripts/icons/a.gif .ps .ai .eps
177    AddIcon /__scripts/icons/layout.gif .html .shtml .htm .pdf
178    AddIcon /__scripts/icons/text.gif .txt
179    AddIcon /__scripts/icons/c.gif .c
180    AddIcon /__scripts/icons/p.gif .pl .py
181    AddIcon /__scripts/icons/f.gif .for
182    AddIcon /__scripts/icons/dvi.gif .dvi
183    AddIcon /__scripts/icons/uuencoded.gif .uu
184    AddIcon /__scripts/icons/script.gif .conf .sh .shar .csh .ksh .tcl
185    AddIcon /__scripts/icons/tex.gif .tex
186    AddIcon /__scripts/icons/bomb.gif core
[39]187
[602]188    AddIcon /__scripts/icons/back.gif ..
189    AddIcon /__scripts/icons/hand.right.gif README
190    AddIcon /__scripts/icons/folder.gif ^^DIRECTORY^^
191    AddIcon /__scripts/icons/blank.gif ^^BLANKICON^^
[39]192
[602]193    DefaultIcon /__scripts/icons/unknown.gif
[39]194
195    ReadmeName README
196    HeaderName HEADER
197   
[477]198    IndexIgnore .??* *~ *# RCS CVS *,v *,t
[39]199</IfModule>
200
201<IfModule mod_mime.c>
[257]202    AddType application/xhtml+xml         .xhtml
203    AddType application/http-index-format .hti
204    AddType text/html                     .html
205    AddType text/css                      .css
206    AddType text/xsl                      .xslt
207    AddType application/x-javascript      .js
208    AddType application/xml               .xml
209    AddType image/svg+xml                 .svg
210    AddType application/vnd.mozilla.xul+xml .xul
211    AddType application/rdf+xml             .rdf
212    AddType application/x-xpinstall         .xpi
213    AddType text/xml .xsl
214    AddType text/html .shtml
215    AddHandler server-parsed .shtml
[39]216
217    AddEncoding x-compress Z
218    AddEncoding x-gzip gz tgz
219
220    AddLanguage da .dk
221    AddLanguage nl .nl
222    AddLanguage en .en
223    AddLanguage et .ee
224    AddLanguage fr .fr
225    AddLanguage de .de
226    AddLanguage el .el
227    AddLanguage it .it
228    AddLanguage ja .ja
229    AddCharset ISO-2022-JP .jis
230    AddLanguage pl .po
231    AddCharset ISO-8859-2 .iso-pl
232    AddLanguage pt .pt
233    AddLanguage pt-br .pt-br
234    AddLanguage ltz .lu
235    AddLanguage ca .ca
236    AddLanguage es .es
237    AddLanguage sv .se
238    AddLanguage cz .cz
239
240    <IfModule mod_negotiation.c>
241        LanguagePriority en da nl et fr de el it ja pl pt pt-br ltz ca es sv
242    </IfModule>
243
244    AddType application/x-tar .tgz
245    AddType image/bmp .bmp
246
247    AddType text/x-hdml .hdml
248</IfModule>
249
250<IfModule mod_setenvif.c>
251    BrowserMatch "Mozilla/2" nokeepalive
252    BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
253    BrowserMatch "RealPlayer 4\.0" force-response-1.0
254    BrowserMatch "Java/1\.0" force-response-1.0
255    BrowserMatch "JDK/1\.0" force-response-1.0
256    SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
257</IfModule>
258
259Listen 80
260
[1032]261RLimitCPU 300 300
[301]262RLimitMEM 536870912 536870912
[972]263RLimitNPROC 4096 4096
[39]264
265SetEnv REDIRECT_STATUS CGI
266
267NameVirtualHost *:80
268NameVirtualHost *:443
[332]269NameVirtualHost *:444
[151]270NameVirtualHost 18.181.0.50:80
271NameVirtualHost 18.181.0.50:443
[332]272NameVirtualHost 18.181.0.50:444
[39]273
274ServerName localhost
275DocumentRoot /afs/athena.mit.edu/contrib/scripts/www
[151]276
[972]277ExtendedStatus On
[151]278RewriteEngine Off
279
[1089]280ProxyRequests Off
281
[330]282<Location /robots.txt>
283    ErrorDocument 404 "No robots.txt.
[151]284</Location>
[330]285<Location /favicon.ico>
286    ErrorDocument 404 "No favicon.ico.
287</Location>
[151]288
289<VirtualHost 18.181.0.50:80>
[257]290    ServerName scripts-cert.mit.edu
291    ServerAlias scripts-cert
[330]292    Include conf.d/scripts-vhost.conf
[257]293    Include conf.d/vhosts-common.conf
[151]294</VirtualHost>
295
[454]296# LDAP vhost, w00t w00t
[478]297<VirtualHost *:80>
298    Include conf.d/vhost_ldap.conf
299    Include conf.d/vhosts-common.conf
300</VirtualHost>
[454]301
[151]302<VirtualHost *:80>
[332]303    Include conf.d/scripts-vhost-names.conf
[330]304    Include conf.d/scripts-vhost.conf
[257]305    Include conf.d/vhosts-common.conf
[151]306</VirtualHost>
307
[244]308<IfModule ssl_module>
[257]309    Listen 443
[332]310    Listen 444
[233]311
[257]312    AddType application/x-x509-ca-cert .crt
313    AddType application/x-pkcs7-crl    .crl
[233]314
[257]315    SSLPassPhraseDialog  builtin
[740]316    SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
[734]317    SSLSessionCacheTimeout 28800
[740]318    SSLMutex default
319    SSLRandomSeed startup file:/dev/urandom 256
[257]320    SSLRandomSeed connect builtin
[740]321    SSLCryptoDevice builtin
[973]322    SSLCertificateFile /etc/pki/tls/certs/star.scripts.pem
[370]323    SSLCertificateKeyFile /etc/pki/tls/private/scripts.key
[257]324    SSLCACertificateFile /etc/pki/tls/certs/ca.pem
325    SSLVerifyClient none
326    SSLOptions +StdEnvVars
[740]327    SSLProtocol all -SSLv2
328    SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
[332]329    <VirtualHost 18.181.0.50:443 18.181.0.50:444>
[257]330        ServerName scripts-cert.mit.edu
331        ServerAlias scripts-cert
[330]332        Include conf.d/scripts-vhost.conf
[257]333        Include conf.d/vhosts-common-ssl.conf
[369]334        SSLCertificateFile /etc/pki/tls/certs/scripts-cert.pem
[270]335        Include conf.d/vhosts-common-ssl-cert.conf
[257]336    </VirtualHost>
[973]337    <VirtualHost 18.181.0.43:443>
338        Include conf.d/scripts-vhost-names.conf
339        Include conf.d/scripts-vhost.conf
340        Include conf.d/vhosts-common-ssl.conf
341        SSLCertificateFile /etc/pki/tls/certs/scripts.pem
342    </VirtualHost>
343    <VirtualHost 18.181.0.43:444>
344        Include conf.d/scripts-vhost-names.conf
345        Include conf.d/scripts-vhost.conf
346        Include conf.d/vhosts-common-ssl.conf
347        Include conf.d/vhosts-common-ssl-cert.conf
348        SSLCertificateFile /etc/pki/tls/certs/scripts.pem
349    </VirtualHost>
[478]350    # LDAP vhost, w00t w00t
[257]351    <VirtualHost *:443>
[648]352        ServerName localhost
[478]353        Include conf.d/vhost_ldap.conf
354        Include conf.d/vhosts-common-ssl.conf
355    </VirtualHost>
[1086]356    # LDAP vhost, w00t w00t
357    <VirtualHost *:444>
358        ServerName localhost
359        Include conf.d/vhost_ldap.conf
360        Include conf.d/vhosts-common-ssl.conf
361        Include conf.d/vhosts-common-ssl-cert.conf
362    </VirtualHost>
[1082]363</IfModule>
364Include vhosts.d/*.conf
365<IfModule ssl_module>
[478]366    <VirtualHost *:443>
[648]367        ServerName scripts.scripts.mit.edu
[687]368        ServerAlias *.scripts.mit.edu *.scripts
[648]369        SSLCertificateFile /etc/pki/tls/certs/star.scripts.pem
370        Include conf.d/vhost_ldap.conf
371        Include conf.d/vhosts-common-ssl.conf
372    </VirtualHost>
373    <VirtualHost *:443>
[332]374        Include conf.d/scripts-vhost-names.conf
[330]375        Include conf.d/scripts-vhost.conf
[257]376        Include conf.d/vhosts-common-ssl.conf
377    </VirtualHost>
[332]378    <VirtualHost *:444>
[649]379        ServerName scripts.scripts.mit.edu
[687]380        ServerAlias *.scripts.mit.edu *.scripts
[649]381        SSLCertificateFile /etc/pki/tls/certs/star.scripts.pem
382        Include conf.d/vhost_ldap.conf
383        Include conf.d/vhosts-common-ssl.conf
384        Include conf.d/vhosts-common-ssl-cert.conf
385    </VirtualHost>
386    <VirtualHost *:444>
[332]387        Include conf.d/scripts-vhost-names.conf
388        Include conf.d/scripts-vhost.conf
389        Include conf.d/vhosts-common-ssl.conf
390        Include conf.d/vhosts-common-ssl-cert.conf
391    </VirtualHost>
[151]392</IfModule>
393
394LoadModule fcgid_module modules/mod_fcgid.so
395AddHandler fcgid-script fcgi
396<Files *.fcgi>
397        Options +ExecCGI
398</Files>
399SocketPath run/mod_fcgid
[1016]400IPCCommTimeout 300
[151]401
[70]402Include conf.d/auth_sslcert.conf
[40]403Include conf.d/execsys.conf
[603]404Include conf.d/scripts-special.conf
Note: See TracBrowser for help on using the repository browser.