# Autogenerated httpd.conf file for Foswiki.# Generated at https://foswiki.org

1. # Autogenerated httpd.conf file for Foswiki.
2. # Generated at https://foswiki.org/Support/ApacheConfigGenerator?vhost=;port=;dir=/var/www/foswiki;symlink=;pathurl=/foswiki;shorterurls=enabled;engine=mod_perl;fastcgimodule=fcgid;fcgidreqlen=;apver=2;confighost=;configip=;configuser=;loginmanager=Template;htpath=;errordocument=UserRegistration;errorcustom=;disablephp=on;blockpubhtml=;blocktrashpub=;controlattach=;blockspiders=;foswikiversion=2.0;apacheversion=2.4;timeout=;ssl=;sslcert=/etc/ssl/apache2/yourservercert.pem;sslchain=/etc/ssl/apache2/sub.class1.server.ca.pem;sslkey=/etc/ssl/apache2/yourservercertkey.pem
3.  
4. # For Foswiki version 2.0, Apache 2.4
5.  
6. # The Alias defines a url that points to the root of the Foswiki installation.
7. # The first parameter will be part of the URL to your installation e.g.
8. # http://my.co.uk/foswiki/bin/view/...
9. # The second parameter must point to the physical path on your disc.
10.  
11. Alias /foswiki/bin "/var/www/foswiki/bin"
12.  
13. # The following Alias is used to access files in the pub directory (attachments etc)
14. # It must come _after_ the ScriptAlias.
15. # If short URLs are enabled, and any other local directories or files need to be accessed directly, they
16. # must also be specified in an Alias statement, and must not conflict with a web name.
17.  
18. Alias /foswiki/pub "/var/www/foswiki/pub"
19. Alias /robots.txt "/var/www/foswiki/robots.txt"
20. # Add aliases for any other files that must be read at the root level. eg.
21. # Alias /google[somehashkey].html "/var/www/foswiki/google[somehashkey].html"
22.  
23. # Rewriting is required for Short URLs, and Attachment redirecting to viewfile
24. RewriteEngine on
25. #RewriteLog "/var/log/apache/rewrite.log"
26. #RewriteLogLevel 0
27.  
28. # short urls
29. Alias /foswiki "/var/www/foswiki/bin/view"
30. RewriteRule ^/+foswiki/+bin/+view/+(.*) /foswiki/$1 [L,NE,R]
31. RewriteRule ^/+foswiki/+bin/+view$ /foswiki/ [L,NE,R]
32.  
33. # This enables access to the documents in the Foswiki root directory
34.  
35. <Directory "/var/www/foswiki">
36. <RequireAll>
37. Require all granted
38. Require not env blockAccess
39. </RequireAll>
40. </Directory>
41.  
42. <IfModule mod_perl.c>
43. # mod_perl_startup.pl must exist, otherwise Apache will not start.
44. PerlRequire "/var/www/foswiki/tools/mod_perl_startup.pl"
45. </IfModule>
46.  
47. # This specifies the options on the Foswiki scripts directory. The ExecCGI
48. # and SetHandler tell apache that it contains scripts. "Allow from all"
49. # lets any IP address access this URL.
50. # Note: If you use SELinux, you also have to "Allow httpd cgi support" in your SELinux policies
51.  
52. <Directory "/var/www/foswiki/bin">
53. AllowOverride None
54.  
55. <RequireAll>
56. Require all granted
57. Require not env blockAccess
58. </RequireAll>
59.  
60. Options +ExecCGI -FollowSymLinks
61. <IfModule mod_perl.c>
62. SetHandler perl-script
63. PerlResponseHandler Foswiki::Engine::Apache
64. </IfModule>
65. <IfModule !mod_perlc>
66. SetHandler cgi-script
67. </IfModule>
68.  
69. # Password file for Foswiki users
70. AuthUserFile "/var/www/foswiki/data/.htpasswd"
71. AuthName 'Enter your WikiName: (First name and last name, no space, no dots, capitalized, e.g. JohnSmith). Cancel to register if you do not have one.'
72. AuthType Basic
73.  
74. # File to return on access control error (e.g. wrong password)
75. ErrorDocument 401 /foswiki/System/UserRegistration
76.  
77. </Directory>
78.  
79. # This sets the options on the pub directory, which contains attachments and
80. # other files like CSS stylesheets and icons. AllowOverride None stops a
81. # user installing a .htaccess file that overrides these options.
82. # Note that files in pub are *not* protected by Foswiki Access Controls,
83. # so if you want to control access to files attached to topics you need to
84. # block access to the specific directories same way as the ApacheConfigGenerator
85. # blocks access to the pub directory of the Trash web
86. <Directory "/var/www/foswiki/pub">
87. Options None
88. Options -FollowSymLinks
89. AllowOverride None
90.  
91. <RequireAll>
92. Require all granted
93. Require not env blockAccess
94. </RequireAll>
95. ErrorDocument 404 /foswiki/bin/viewfile
96.  
97. # If you have PHP installed as Apache module, one of the below directives will ensure
98. # that it is disabled. The "ifmodule" statements should prevent this from causing
99. # errors if php is not installed.
100.  
101. <ifmodule mod_php3.c>
102. php3_engine off
103. </ifmodule>
104. <ifmodule mod_php4.c>
105. php_admin_flag engine off
106. </ifmodule>
107. <ifmodule mod_php5.c>
108. php_admin_flag engine off
109. </ifmodule>
110.  
111. # This line will redefine the mime type for the most common types of scripts
112. AddType text/plain .shtml .php .php3 .phtml .phtm .pl .py .cgi
113. #
114. # add an Expires header that is sufficiently in the future that the browser does not even ask if its uptodate
115. # reducing the load on the server significantly
116. # IF you can, you should enable this - it _will_ improve your Foswiki experience, even if you set it to under one day.
117. # you may need to enable expires_module in your main apache config
118. #LoadModule expires_module libexec/httpd/mod_expires.so
119. #AddModule mod_expires.c
120. #<ifmodule mod_expires.c>
121. # <filesmatch "\.(jpe?g|gif|png|css(\.gz)?|js(\.gz)?|ico)$">
122. # ExpiresActive on
123. # ExpiresDefault "access plus 11 days"
124. # </filesmatch>
125. #</ifmodule>
126. #
127. # Serve pre-compressed versions of .js and .css files, if they exist
128. # Some browsers do not handle this correctly, which is why it is disabled by default
129. # <FilesMatch "\.(js|css)$">
130. # RewriteEngine on
131. # RewriteCond %{HTTP:Accept-encoding} gzip
132. # RewriteCond %{REQUEST_FILENAME}.gz -f
133. # RewriteRule ^(.*)$ %{REQUEST_URI}.gz [L,QSA]
134. # </FilesMatch>
135. # <FilesMatch "\.(js|css)\?.*$">
136. # RewriteEngine on
137. # RewriteCond %{HTTP:Accept-encoding} gzip
138. # RewriteCond %{REQUEST_FILENAME}.gz -f
139. # RewriteRule ^([^?]*)\?(.*)$ $1.gz?$2 [L]
140. # </FilesMatch>
141. # <FilesMatch "\.js\.gz(\?.*)?$">
142. # AddEncoding x-gzip .gz
143. # AddType application/x-javascript .gz
144. # </FilesMatch>
145. # <FilesMatch "\.css\.gz(\?.*)?$">
146. # AddEncoding x-gzip .gz
147. # AddType text/css .gz
148. # </FilesMatch>
149.  
150. </Directory>
151.  
152. # Security note: All other directories should be set so
153. # that they are *not* visible as URLs, so we set them as =deny from all=.
154. <Directory "/var/www/foswiki/data">
155. Require all denied
156. </Directory>
157.  
158. <Directory "/var/www/foswiki/templates">
159. Require all denied
160. </Directory>
161.  
162. <Directory "/var/www/foswiki/lib">
163. Require all denied
164. </Directory>
165.  
166. <Directory "/var/www/foswiki/locale">
167. Require all denied
168. </Directory>
169.  
170. <Directory "/var/www/foswiki/tools">
171. Require all denied
172. </Directory>
173.  
174. <Directory "/var/www/foswiki/working">
175. Require all denied
176. </Directory>
177.  
178. # We set an environment variable called blockAccess.
179. #
180. # Setting a BrowserMatchNoCase to ^$ is important. It prevents Foswiki from
181. # including its own topics as URLs and also prevents other Foswikis from
182. # doing the same. This is important to prevent the most obvious
183. # Denial of Service attacks.
184. #
185. # You can expand this by adding more BrowserMatchNoCase statements to
186. # block evil browser agents trying to crawl your Foswiki
187. #
188. # Example:
189. # BrowserMatchNoCase ^SiteSucker blockAccess
190. # BrowserMatchNoCase ^$ blockAccess
191.  
192. BrowserMatchNoCase ^$ blockAccess