Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # Autogenerated httpd.conf file for Foswiki.
- # Generated at http://foswiki.org/Support/ApacheConfigGenerator?vhost=http://172.30.1.110;port=80;dir=/var/www/foswiki;symlink=;pathurl=/foswiki;shorterurls=enabled;engine=mod_perl;fastcgimodule=fcgid;fcgidreqlen=;apver=2;confighost=;configip=;configuser=;loginmanager=Template;htpath=;errordocument=UserRegistration;errorcustom=;disablephp=on;blockpubhtml=on;blocktrashpub=on;controlattach=;blockspiders=;foswikiversion=2.0;apacheversion=2.4;timeout=;ssl=;sslcert=/etc/ssl/apache2/yourservercert.pem;sslchain=/etc/ssl/apache2/sub.class1.server.ca.pem;sslkey=/etc/ssl/apache2/yourservercertkey.pem
- # For Foswiki version 2.0, Apache 2.4
- <VirtualHost *:80>
- ServerAdmin webmaster@http://172.30.1.110
- DocumentRoot "/var/www/foswiki"
- ServerName 172.30.1.110
- ErrorLog "/var/www/foswiki/logs/error.log"
- # The Alias defines a url that points to the root of the Foswiki installation.
- # The first parameter will be part of the URL to your installation e.g.
- # http://my.co.uk/foswiki/bin/view/...
- # The second parameter must point to the physical path on your disc.
- Alias /foswiki/bin "/var/www/foswiki/bin"
- # The following Alias is used to access files in the pub directory (attachments etc)
- # It must come _after_ the ScriptAlias.
- # If short URLs are enabled, and any other local directories or files need to be accessed directly, they
- # must also be specified in an Alias statement, and must not conflict with a web name.
- Alias /foswiki/pub "/var/www/foswiki/pub"
- Alias /foswiki/robots.txt "/var/www/foswiki/robots.txt"
- # Rewriting is required for Short URLs, and Attachment redirecting to viewfile
- RewriteEngine on
- #RewriteLog "/var/log/apache/rewrite.log"
- #RewriteLogLevel 0
- # short urls
- Alias /foswiki "/var/www/foswiki/bin/view"
- RewriteRule ^/+foswiki/+bin/+view/+(.*) /foswiki/$1 [L,NE,R]
- RewriteRule ^/+foswiki/+bin/+view$ /foswiki/ [L,NE,R]
- # Block access to typical spam related attachments
- # Except the Foswiki directory which is read only and does have attached html files.
- SetEnvIf Request_URI "/foswiki/pub/.*\.[hH][tT][mM][lL]?$" blockAccess
- SetEnvIf Request_URI "/foswiki/pub/System/.*\.[hH][tT][mM][lL]?$" !blockAccess
- # This enables access to the documents in the Foswiki root directory
- <Directory "/var/www/foswiki">
- <RequireAll>
- Require all granted
- Require not env blockAccess
- </RequireAll>
- </Directory>
- <IfModule mod_perl.c>
- # mod_perl_startup.pl must exist, otherwise Apache will not start.
- PerlRequire "/var/www/foswiki/tools/mod_perl_startup.pl"
- </IfModule>
- # This specifies the options on the Foswiki scripts directory. The ExecCGI
- # and SetHandler tell apache that it contains scripts. "Allow from all"
- # lets any IP address access this URL.
- # Note: If you use SELinux, you also have to "Allow httpd cgi support" in your SELinux policies
- <Directory "/var/www/foswiki/bin">
- AllowOverride None
- <RequireAll>
- Require all granted
- Require not env blockAccess
- </RequireAll>
- Options +ExecCGI -FollowSymLinks
- <IfModule mod_perl.c>
- SetHandler perl-script
- PerlResponseHandler Foswiki::Engine::Apache
- </IfModule>
- # Password file for Foswiki users
- AuthUserFile "/var/www/foswiki/data/.htpasswd"
- AuthName 'Enter your WikiName: (First name and last name, no space, no dots, capitalized, e.g. JohnSmith). Cancel to register if you do not have one.'
- AuthType Basic
- # File to return on access control error (e.g. wrong password)
- ErrorDocument 401 /foswiki/System/UserRegistration
- </Directory>
- # This sets the options on the pub directory, which contains attachments and
- # other files like CSS stylesheets and icons. AllowOverride None stops a
- # user installing a .htaccess file that overrides these options.
- # Note that files in pub are *not* protected by Foswiki Access Controls,
- # so if you want to control access to files attached to topics you need to
- # block access to the specific directories same way as the ApacheConfigGenerator
- # blocks access to the pub directory of the Trash web
- <Directory "/var/www/foswiki/pub">
- Options None
- Options -FollowSymLinks
- AllowOverride None
- <RequireAll>
- Require all granted
- Require not env blockAccess
- </RequireAll>
- ErrorDocument 404 /foswiki/bin/viewfile
- # If you have PHP installed as Apache module, one of the below directives will ensure
- # that it is disabled. The "ifmodule" statements should prevent this from causing
- # errors if php is not installed.
- <ifmodule mod_php3.c>
- php3_engine off
- </ifmodule>
- <ifmodule mod_php4.c>
- php_admin_flag engine off
- </ifmodule>
- <ifmodule mod_php5.c>
- php_admin_flag engine off
- </ifmodule>
- # This line will redefine the mime type for the most common types of scripts
- AddType text/plain .shtml .php .php3 .phtml .phtm .pl .py .cgi
- #
- # add an Expires header that is sufficiently in the future that the browser does not even ask if its uptodate
- # reducing the load on the server significantly
- # IF you can, you should enable this - it _will_ improve your Foswiki experience, even if you set it to under one day.
- # you may need to enable expires_module in your main apache config
- #LoadModule expires_module libexec/httpd/mod_expires.so
- #AddModule mod_expires.c
- #<ifmodule mod_expires.c>
- # <filesmatch "\.(jpe?g|gif|png|css(\.gz)?|js(\.gz)?|ico)$">
- # ExpiresActive on
- # ExpiresDefault "access plus 11 days"
- # </filesmatch>
- #</ifmodule>
- #
- # Serve pre-compressed versions of .js and .css files, if they exist
- # Some browsers do not handle this correctly, which is why it is disabled by default
- # <FilesMatch "\.(js|css)$">
- # RewriteEngine on
- # RewriteCond %{HTTP:Accept-encoding} gzip
- # RewriteCond %{REQUEST_FILENAME}.gz -f
- # RewriteRule ^(.*)$ %{REQUEST_URI}.gz [L,QSA]
- # </FilesMatch>
- # <FilesMatch "\.(js|css)\?.*$">
- # RewriteEngine on
- # RewriteCond %{HTTP:Accept-encoding} gzip
- # RewriteCond %{REQUEST_FILENAME}.gz -f
- # RewriteRule ^([^?]*)\?(.*)$ $1.gz?$2 [L]
- # </FilesMatch>
- # <FilesMatch "\.js\.gz(\?.*)?$">
- # AddEncoding x-gzip .gz
- # AddType application/x-javascript .gz
- # </FilesMatch>
- # <FilesMatch "\.css\.gz(\?.*)?$">
- # AddEncoding x-gzip .gz
- # AddType text/css .gz
- # </FilesMatch>
- </Directory>
- # Spammers are known to attach their stuff and then move it to trash where it remains unnoticed.
- # We prevent viewing any attachments directly from pub
- <Directory "/var/www/foswiki/pub/Trash">
- Require all denied
- </Directory>
- # Security note: All other directories should be set so
- # that they are *not* visible as URLs, so we set them as =deny from all=.
- <Directory "/var/www/foswiki/data">
- Require all denied
- </Directory>
- <Directory "/var/www/foswiki/templates">
- Require all denied
- </Directory>
- <Directory "/var/www/foswiki/lib">
- Require all denied
- </Directory>
- <Directory "/var/www/foswiki/locale">
- Require all denied
- </Directory>
- <Directory "/var/www/foswiki/tools">
- Require all denied
- </Directory>
- <Directory "/var/www/foswiki/working">
- Require all denied
- </Directory>
- # We set an environment variable called blockAccess.
- #
- # Setting a BrowserMatchNoCase to ^$ is important. It prevents Foswiki from
- # including its own topics as URLs and also prevents other Foswikis from
- # doing the same. This is important to prevent the most obvious
- # Denial of Service attacks.
- #
- # You can expand this by adding more BrowserMatchNoCase statements to
- # block evil browser agents trying to crawl your Foswiki
- #
- # Example:
- # BrowserMatchNoCase ^SiteSucker blockAccess
- # BrowserMatchNoCase ^$ blockAccess
- BrowserMatchNoCase ^$ blockAccess
- </VirtualHost>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement