ServerRoot /etc/httpd PidFile run/httpd.pid Timeout 300 KeepAlive On MaxKeepAliveRequests 1000 KeepAliveTimeout 15 LoadModule mpm_worker_module modules/mod_mpm_worker.so MinSpareServers 5 MaxSpareServers 50 StartServers 8 ServerLimit 512 MaxClients 512 MaxRequestsPerChild 10000 StartServers 3 MinSpareThreads 75 MaxSpareThreads 250 ServerLimit 64 ThreadsPerChild 32 MaxClients 1024 MaxRequestsPerChild 10000 StartServers 3 MinSpareThreads 75 MaxSpareThreads 250 ServerLimit 64 ThreadsPerChild 32 MaxClients 2048 MaxRequestsPerChild 10000 # This file configures systemd module: LoadModule systemd_module modules/mod_systemd.so # Enable .htaccess files to use the legacy Order By syntax LoadModule access_compat_module modules/mod_access_compat.so LoadModule auth_basic_module modules/mod_auth_basic.so LoadModule auth_digest_module modules/mod_auth_digest.so LoadModule authn_core_module modules/mod_authn_core.so LoadModule authn_file_module modules/mod_authn_file.so LoadModule authn_anon_module modules/mod_authn_anon.so LoadModule allowmethods_module modules/mod_allowmethods.so #LoadModule authn_dbm_module modules/mod_authn_dbm.so LoadModule authz_core_module modules/mod_authz_core.so LoadModule authz_host_module modules/mod_authz_host.so LoadModule authz_user_module modules/mod_authz_user.so LoadModule authz_owner_module modules/mod_authz_owner.so LoadModule authz_groupfile_module modules/mod_authz_groupfile.so #LoadModule authz_dbm_module modules/mod_authz_dbm.so LoadModule ldap_module modules/mod_ldap.so #LoadModule authnz_ldap_module modules/mod_authnz_ldap.so LoadModule include_module modules/mod_include.so LoadModule log_config_module modules/mod_log_config.so #LoadModule logio_module modules/mod_logio.so LoadModule env_module modules/mod_env.so LoadModule ext_filter_module modules/mod_ext_filter.so #LoadModule mime_magic_module modules/mod_mime_magic.so LoadModule expires_module modules/mod_expires.so LoadModule deflate_module modules/mod_deflate.so LoadModule headers_module modules/mod_headers.so #LoadModule usertrack_module modules/mod_usertrack.so LoadModule setenvif_module modules/mod_setenvif.so LoadModule mime_module modules/mod_mime.so #LoadModule dav_module modules/mod_dav.so LoadModule status_module modules/mod_status.so LoadModule autoindex_module modules/mod_autoindex.so #LoadModule info_module modules/mod_info.so #LoadModule dav_fs_module modules/mod_dav_fs.so #LoadModule vhost_alias_module modules/mod_vhost_alias.so LoadModule negotiation_module modules/mod_negotiation.so LoadModule dir_module modules/mod_dir.so LoadModule actions_module modules/mod_actions.so #LoadModule speling_module modules/mod_speling.so LoadModule userdir_module modules/mod_userdir.so LoadModule alias_module modules/mod_alias.so LoadModule rewrite_module modules/mod_rewrite.so LoadModule proxy_module modules/mod_proxy.so LoadModule proxy_http_module modules/mod_proxy_http.so #LoadModule proxy_balancer_module modules/mod_proxy_balancer.so #LoadModule proxy_connect_module modules/mod_proxy_connect.so #LoadModule cache_module modules/mod_cache.so LoadModule suexec_module modules/mod_suexec.so #LoadModule disk_cache_module modules/mod_disk_cache.so #LoadModule file_cache_module modules/mod_file_cache.so #LoadModule mem_cache_module modules/mod_mem_cache.so LoadModule cgi_module modules/mod_cgi.so LoadModule ssl_module modules/mod_ssl.so LoadModule socache_shmcb_module modules/mod_socache_shmcb.so LoadModule vhost_ldap_module modules/mod_vhost_ldap.so LoadModule unixd_module modules/mod_unixd.so LoadModule filter_module modules/mod_filter.so User apache Group apache #ErrorDocument 403 /403-404.html #ErrorDocument 404 /403-404.html #ErrorDocument 500 /script_error.html UserDir disabled AllowOverride None Options FollowSymLinks IncludesNoExec # The new syntax wasn't added until 2.4, # so there's simply no way any deployed sites # are already using the new syntax. SSILegacyExprParser on AllowOverride All AllowOverride All AllowOverride All AllowOverride All AllowOverride All AllowOverride All AllowOverride All DirectoryIndex index index.html index.htm index.cgi index.pl index.php index.py index.shtml index.exe index.fcgi AccessFileName .htaccess Require all denied UseCanonicalName Off TypesConfig /etc/mime.types #MIMEMagicFile conf/magic HostnameLookups Off ErrorLog "/home/logview/error_log" LogLevel warn LogFormat "%V %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%h %l %u %t \"%r\" %>s %b" common LogFormat "%a %V %U" statistics #CustomLog /var/log/httpd/access_log combined #CustomLog "|/etc/httpd/statistics_log_mitonly.sh" statistics ServerSignature Off ServerAdmin scripts@mit.edu ServerTokens Prod Header add Scripts-IP "%{SERVER_ADDR}e" Alias /__scripts/icons /usr/share/httpd/icons/ Options Indexes AllowOverride None SetHandler default-handler IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable AddIconByEncoding (CMP,/__scripts/icons/compressed.gif) x-compress x-gzip AddIconByType (TXT,/__scripts/icons/text.gif) text/* AddIconByType (IMG,/__scripts/icons/image2.gif) image/* AddIconByType (SND,/__scripts/icons/sound2.gif) audio/* AddIconByType (VID,/__scripts/icons/movie.gif) video/* AddIcon /__scripts/icons/binary.gif .bin .exe AddIcon /__scripts/icons/binhex.gif .hqx AddIcon /__scripts/icons/tar.gif .tar AddIcon /__scripts/icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv AddIcon /__scripts/icons/compressed.gif .Z .z .tgz .gz .zip AddIcon /__scripts/icons/a.gif .ps .ai .eps AddIcon /__scripts/icons/layout.gif .html .shtml .htm .pdf AddIcon /__scripts/icons/text.gif .txt AddIcon /__scripts/icons/c.gif .c AddIcon /__scripts/icons/p.gif .pl .py AddIcon /__scripts/icons/f.gif .for AddIcon /__scripts/icons/dvi.gif .dvi AddIcon /__scripts/icons/uuencoded.gif .uu AddIcon /__scripts/icons/script.gif .conf .sh .shar .csh .ksh .tcl AddIcon /__scripts/icons/tex.gif .tex AddIcon /__scripts/icons/bomb.gif core AddIcon /__scripts/icons/back.gif .. AddIcon /__scripts/icons/hand.right.gif README AddIcon /__scripts/icons/folder.gif ^^DIRECTORY^^ AddIcon /__scripts/icons/blank.gif ^^BLANKICON^^ DefaultIcon /__scripts/icons/unknown.gif ReadmeName README HeaderName HEADER IndexIgnore .??* *~ *# RCS CVS *,v *,t AddType application/xhtml+xml .xhtml AddType application/http-index-format .hti AddType text/html .html AddType text/css .css AddType text/xsl .xslt AddType application/x-javascript .js AddType application/xml .xml AddType image/svg+xml .svg AddType application/vnd.mozilla.xul+xml .xul AddType application/rdf+xml .rdf AddType application/x-xpinstall .xpi AddType text/xml .xsl AddType text/html .shtml AddHandler server-parsed .shtml AddEncoding x-compress Z AddEncoding x-gzip gz tgz AddLanguage da .dk AddLanguage nl .nl AddLanguage en .en AddLanguage et .ee AddLanguage fr .fr AddLanguage de .de AddLanguage el .el AddLanguage it .it AddLanguage ja .ja AddCharset ISO-2022-JP .jis AddLanguage pl .po AddCharset ISO-8859-2 .iso-pl AddLanguage pt .pt AddLanguage pt-br .pt-br AddLanguage ltz .lu AddLanguage ca .ca AddLanguage es .es AddLanguage sv .se AddLanguage cz .cz LanguagePriority en da nl et fr de el it ja pl pt pt-br ltz ca es sv AddType application/x-tar .tgz AddType image/bmp .bmp AddType text/x-hdml .hdml BrowserMatch "Mozilla/2" nokeepalive BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0 BrowserMatch "RealPlayer 4\.0" force-response-1.0 BrowserMatch "Java/1\.0" force-response-1.0 BrowserMatch "JDK/1\.0" force-response-1.0 SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown Listen 80 RLimitCPU 300 300 RLimitMEM 1610612736 1610612736 RLimitNPROC 4096 4096 ServerName localhost DocumentRoot /afs/athena.mit.edu/contrib/scripts/www ExtendedStatus On RewriteEngine Off ProxyRequests Off ErrorDocument 404 "No robots.txt. ErrorDocument 404 "No favicon.ico. ServerName scripts-cert.mit.edu ServerAlias scripts-cert Include conf.d/scripts-vhost.conf Include conf.d/vhosts-common.conf # LDAP vhost, w00t w00t Include conf.d/vhost_ldap.conf Include conf.d/vhosts-common.conf Include conf.d/scripts-vhost-names.conf Include conf.d/scripts-vhost.conf Include conf.d/vhosts-common.conf Listen 443 Listen 444 AddType application/x-x509-ca-cert .crt AddType application/x-pkcs7-crl .crl # This directive allows insecure renegotiations to succeed for browsers # that do not yet support RFC 5746. It should be removed when enough # of the world has caught up. SSLInsecureRenegotiation on SSLPassPhraseDialog builtin SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000) SSLSessionCacheTimeout 28800 SSLStaplingCache shmcb:/var/cache/mod_ssl/ocspcache(512000) SSLUseStapling on SSLRandomSeed startup file:/dev/urandom 256 SSLRandomSeed connect builtin SSLCryptoDevice builtin SSLCACertificateFile /etc/pki/tls/certs/ca.pem SSLVerifyClient none SSLOptions +StdEnvVars # Copied from https://wiki.mozilla.org/Security/Server_Side_TLS # (backward compatibility configuration minus SSL 3.0; equivalently, # intermediate compatibility configuration plus 3DES) SSLProtocol all -SSLv2 -SSLv3 SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA SSLHonorCipherOrder on SSLCompression off ServerName scripts-cert.mit.edu ServerAlias scripts-cert Include conf.d/scripts-vhost.conf Include conf.d/vhosts-common-ssl.conf SSLCertificateFile /etc/pki/tls/certs/scripts-cert.pem SSLCertificateKeyFile /etc/pki/tls/private/scripts-2048.key Include conf.d/vhosts-common-ssl-cert.conf Include conf.d/scripts-vhost-names.conf Include conf.d/scripts-vhost.conf Include conf.d/vhosts-common-ssl.conf SSLCertificateFile /etc/pki/tls/certs/scripts.pem SSLCertificateKeyFile /etc/pki/tls/private/scripts-2048.key Include conf.d/scripts-vhost-names.conf Include conf.d/scripts-vhost.conf Include conf.d/vhosts-common-ssl.conf Include conf.d/vhosts-common-ssl-cert.conf SSLCertificateFile /etc/pki/tls/certs/scripts.pem SSLCertificateKeyFile /etc/pki/tls/private/scripts-2048.key # LDAP vhost, w00t w00t ServerName localhost SSLCertificateFile /etc/pki/tls/certs/star.scripts.pem SSLCertificateKeyFile /etc/pki/tls/private/scripts-2048.key Include conf.d/vhost_ldap.conf Include conf.d/vhosts-common-ssl.conf # LDAP vhost, w00t w00t ServerName localhost SSLCertificateFile /etc/pki/tls/certs/star.scripts.pem SSLCertificateKeyFile /etc/pki/tls/private/scripts-2048.key Include conf.d/vhost_ldap.conf Include conf.d/vhosts-common-ssl.conf Include conf.d/vhosts-common-ssl-cert.conf Include vhosts.d/*.conf SSLCertificateFile /etc/pki/tls/certs/scripts.pem SSLCertificateKeyFile /etc/pki/tls/private/scripts-2048.key Include conf.d/scripts-vhost-names.conf Include conf.d/scripts-vhost.conf Include conf.d/vhosts-common-ssl.conf SSLCertificateFile /etc/pki/tls/certs/scripts.pem SSLCertificateKeyFile /etc/pki/tls/private/scripts-2048.key Include conf.d/scripts-vhost-names.conf Include conf.d/scripts-vhost.conf Include conf.d/vhosts-common-ssl.conf Include conf.d/vhosts-common-ssl-cert.conf LoadModule fcgid_module modules/mod_fcgid.so AddHandler fcgid-script fcgi Options +ExecCGI SocketPath /var/run/mod_fcgid SharememPath /var/run/mod_fcgid/fcgid_shm IPCCommTimeout 300 FcgidMaxRequestLen 209715200 FcgidIdleTimeout 600 FcgidMaxProcessesPerClass 10 FcgidMinProcessesPerClass 0 FcgidMaxRequestsPerProcess 10000 Include conf.d/auth_sslcert.conf Include conf.d/execsys.conf Include conf.d/scripts-special.conf