apache2

1. #
2. # This is the main Apache HTTP server configuration file. It contains the
3. # configuration directives that give the server its instructions.
4. # See <URL:http://httpd.apache.org/docs/2.4/> for detailed information.
5. # In particular, see
6. # <URL:http://httpd.apache.org/docs/2.4/mod/directives.html>
7. # for a discussion of each configuration directive.
8. #
9. # Do NOT simply read the instructions in here without understanding
10. # what they do. They're here only as hints or reminders. If you are unsure
11. # consult the online docs. You have been warned.
12. #
13. # Configuration and logfile names: If the filenames you specify for many
14. # of the server's control files begin with "/" (or "drive:/" for Win32), the
15. # server will use that explicit path. If the filenames do *not* begin
16. # with "/", the value of ServerRoot is prepended -- so "logs/access_log"
17. # with ServerRoot set to "/usr/local/apache2" will be interpreted by the
18. # server as "/usr/local/apache2/logs/access_log", whereas "/logs/access_log"
19. # will be interpreted as '/logs/access_log'.
20.  
21. #
22. # ServerRoot: The top of the directory tree under which the server's
23. # configuration, error, and log files are kept.
24. #
25. # Do not add a slash at the end of the directory path. If you point
26. # ServerRoot at a non-local disk, be sure to specify a local disk on the
27. # Mutex directive, if file-based mutexes are used. If you wish to share the
28. # same ServerRoot for multiple httpd daemons, you will need to change at
29. # least PidFile.
30. #
31. ServerRoot "/usr"
32.  
33. #
34. # Mutex: Allows you to set the mutex mechanism and mutex file directory
35. # for individual mutexes, or change the global defaults
36. #
37. # Uncomment and change the directory if mutexes are file-based and the default
38. # mutex file directory is not on a local disk or is not appropriate for some
39. # other reason.
40. #
41. # Mutex default:/var/run/apache2
42.  
43. #
44. # Listen: Allows you to bind Apache to specific IP addresses and/or
45. # ports, instead of the default. See also the <VirtualHost>
46. # directive.
47. #
48. # Change this to Listen on specific IP addresses as shown below to
49. # prevent Apache from glomming onto all bound IP addresses.
50. #
51. #Listen 12.34.56.78:80
52. Listen 81
53.  
54. #
55. # Dynamic Shared Object (DSO) Support
56. #
57. # To be able to use the functionality of a module which was built as a DSO you
58. # have to place corresponding `LoadModule' lines at this location so the
59. # directives contained in it are actually available _before_ they are used.
60. # Statically compiled modules (those listed by `httpd -l') do not need
61. # to be loaded here.
62. #
63. # Example:
64. # LoadModule foo_module modules/mod_foo.so
65. #
66. #LoadModule mpm_event_module lib/apache2/mod_mpm_event.so
67. LoadModule mpm_prefork_module lib/apache2/mod_mpm_prefork.so
68. #LoadModule mpm_worker_module lib/apache2/mod_mpm_worker.so
69. LoadModule authn_file_module lib/apache2/mod_authn_file.so
70. #LoadModule authn_dbm_module lib/apache2/mod_authn_dbm.so
71. #LoadModule authn_anon_module lib/apache2/mod_authn_anon.so
72. #LoadModule authn_dbd_module lib/apache2/mod_authn_dbd.so
73. #LoadModule authn_socache_module lib/apache2/mod_authn_socache.so
74. LoadModule authn_core_module lib/apache2/mod_authn_core.so
75. LoadModule authz_host_module lib/apache2/mod_authz_host.so
76. LoadModule authz_groupfile_module lib/apache2/mod_authz_groupfile.so
77. LoadModule authz_user_module lib/apache2/mod_authz_user.so
78. #LoadModule authz_dbm_module lib/apache2/mod_authz_dbm.so
79. #LoadModule authz_owner_module lib/apache2/mod_authz_owner.so
80. #LoadModule authz_dbd_module lib/apache2/mod_authz_dbd.so
81. LoadModule authz_core_module lib/apache2/mod_authz_core.so
82. #LoadModule authnz_ldap_module lib/apache2/mod_authnz_ldap.so
83. LoadModule access_compat_module lib/apache2/mod_access_compat.so
84. LoadModule auth_basic_module lib/apache2/mod_auth_basic.so
85. #LoadModule auth_form_module lib/apache2/mod_auth_form.so
86. #LoadModule auth_digest_module lib/apache2/mod_auth_digest.so
87. #LoadModule allowmethods_module lib/apache2/mod_allowmethods.so
88. #LoadModule file_cache_module lib/apache2/mod_file_cache.so
89. #LoadModule cache_module lib/apache2/mod_cache.so
90. #LoadModule cache_disk_module lib/apache2/mod_cache_disk.so
91. #LoadModule cache_socache_module lib/apache2/mod_cache_socache.so
92. #LoadModule socache_shmcb_module lib/apache2/mod_socache_shmcb.so
93. #LoadModule socache_dbm_module lib/apache2/mod_socache_dbm.so
94. #LoadModule socache_memcache_module lib/apache2/mod_socache_memcache.so
95. #LoadModule socache_redis_module lib/apache2/mod_socache_redis.so
96. #LoadModule watchdog_module lib/apache2/mod_watchdog.so
97. #LoadModule macro_module lib/apache2/mod_macro.so
98. #LoadModule dbd_module lib/apache2/mod_dbd.so
99. #LoadModule dumpio_module lib/apache2/mod_dumpio.so
100. #LoadModule echo_module lib/apache2/mod_echo.so
101. #LoadModule buffer_module lib/apache2/mod_buffer.so
102. #LoadModule data_module lib/apache2/mod_data.so
103. #LoadModule ratelimit_module lib/apache2/mod_ratelimit.so
104. LoadModule reqtimeout_module lib/apache2/mod_reqtimeout.so
105. #LoadModule ext_filter_module lib/apache2/mod_ext_filter.so
106. #LoadModule request_module lib/apache2/mod_request.so
107. #LoadModule include_module lib/apache2/mod_include.so
108. LoadModule filter_module lib/apache2/mod_filter.so
109. #LoadModule reflector_module lib/apache2/mod_reflector.so
110. #LoadModule substitute_module lib/apache2/mod_substitute.so
111. #LoadModule sed_module lib/apache2/mod_sed.so
112. #LoadModule charset_lite_module lib/apache2/mod_charset_lite.so
113. #LoadModule deflate_module lib/apache2/mod_deflate.so
114. #LoadModule xml2enc_module lib/apache2/mod_xml2enc.so
115. #LoadModule proxy_html_module lib/apache2/mod_proxy_html.so
116. LoadModule mime_module lib/apache2/mod_mime.so
117. #LoadModule ldap_module lib/apache2/mod_ldap.so
118. LoadModule log_config_module lib/apache2/mod_log_config.so
119. LoadModule log_debug_module lib/apache2/mod_log_debug.so
120. LoadModule log_forensic_module lib/apache2/mod_log_forensic.so
121. #LoadModule logio_module lib/apache2/mod_logio.so
122. #LoadModule lua_module lib/apache2/mod_lua.so
123. LoadModule env_module lib/apache2/mod_env.so
124. #LoadModule mime_magic_module lib/apache2/mod_mime_magic.so
125. #LoadModule expires_module lib/apache2/mod_expires.so
126. LoadModule headers_module lib/apache2/mod_headers.so
127. #LoadModule usertrack_module lib/apache2/mod_usertrack.so
128. #LoadModule unique_id_module lib/apache2/mod_unique_id.so
129. LoadModule setenvif_module lib/apache2/mod_setenvif.so
130. LoadModule version_module lib/apache2/mod_version.so
131. #LoadModule remoteip_module lib/apache2/mod_remoteip.so
132. #LoadModule proxy_module lib/apache2/mod_proxy.so
133. #LoadModule proxy_connect_module lib/apache2/mod_proxy_connect.so
134. #LoadModule proxy_ftp_module lib/apache2/mod_proxy_ftp.so
135. #LoadModule proxy_http_module lib/apache2/mod_proxy_http.so
136. #LoadModule proxy_fcgi_module lib/apache2/mod_proxy_fcgi.so
137. #LoadModule proxy_scgi_module lib/apache2/mod_proxy_scgi.so
138. #LoadModule proxy_uwsgi_module lib/apache2/mod_proxy_uwsgi.so
139. #LoadModule proxy_fdpass_module lib/apache2/mod_proxy_fdpass.so
140. #LoadModule proxy_wstunnel_module lib/apache2/mod_proxy_wstunnel.so
141. #LoadModule proxy_ajp_module lib/apache2/mod_proxy_ajp.so
142. #LoadModule proxy_balancer_module lib/apache2/mod_proxy_balancer.so
143. #LoadModule proxy_express_module lib/apache2/mod_proxy_express.so
144. #LoadModule proxy_hcheck_module lib/apache2/mod_proxy_hcheck.so
145. #LoadModule session_module lib/apache2/mod_session.so
146. #LoadModule session_cookie_module lib/apache2/mod_session_cookie.so
147. #LoadModule session_crypto_module lib/apache2/mod_session_crypto.so
148. #LoadModule session_dbd_module lib/apache2/mod_session_dbd.so
149. #LoadModule slotmem_shm_module lib/apache2/mod_slotmem_shm.so
150. #LoadModule slotmem_plain_module lib/apache2/mod_slotmem_plain.so
151. #LoadModule ssl_module lib/apache2/mod_ssl.so
152. #LoadModule dialup_module lib/apache2/mod_dialup.so
153. #LoadModule http2_module lib/apache2/mod_http2.so
154. #LoadModule md_module lib/apache2/mod_md.so
155. #LoadModule lbmethod_byrequests_module lib/apache2/mod_lbmethod_byrequests.so
156. #LoadModule lbmethod_bytraffic_module lib/apache2/mod_lbmethod_bytraffic.so
157. #LoadModule lbmethod_bybusyness_module lib/apache2/mod_lbmethod_bybusyness.so
158. #LoadModule lbmethod_heartbeat_module lib/apache2/mod_lbmethod_heartbeat.so
159. LoadModule unixd_module lib/apache2/mod_unixd.so
160. #LoadModule heartbeat_module lib/apache2/mod_heartbeat.so
161. #LoadModule heartmonitor_module lib/apache2/mod_heartmonitor.so
162. #LoadModule dav_module lib/apache2/mod_dav.so
163. LoadModule status_module lib/apache2/mod_status.so
164. LoadModule autoindex_module lib/apache2/mod_autoindex.so
165. #LoadModule asis_module lib/apache2/mod_asis.so
166. #LoadModule info_module lib/apache2/mod_info.so
167. #LoadModule suexec_module lib/apache2/mod_suexec.so
168. <IfModule !mpm_prefork_module>
169. #LoadModule cgid_module lib/apache2/mod_cgid.so
170. </IfModule>
171. <IfModule mpm_prefork_module>
172. #LoadModule cgi_module lib/apache2/mod_cgi.so
173. </IfModule>
174. #LoadModule dav_fs_module lib/apache2/mod_dav_fs.so
175. #LoadModule dav_lock_module lib/apache2/mod_dav_lock.so
176. #LoadModule vhost_alias_module lib/apache2/mod_vhost_alias.so
177. #LoadModule negotiation_module lib/apache2/mod_negotiation.so
178. LoadModule dir_module lib/apache2/mod_dir.so
179. LoadModule actions_module lib/apache2/mod_actions.so
180. #LoadModule speling_module lib/apache2/mod_speling.so
181. #LoadModule userdir_module lib/apache2/mod_userdir.so
182. LoadModule alias_module lib/apache2/mod_alias.so
183. #LoadModule rewrite_module lib/apache2/mod_rewrite.so
184.  
185. <IfModule unixd_module>
186. #
187. # If you wish httpd to run as a different user or group, you must run
188. # httpd as root initially and it will switch.
189. #
190. # User/Group: The name (or #number) of the user/group to run httpd as.
191. # It is usually good practice to create a dedicated user and group for
192. # running httpd, as with most system services.
193. #
194. User apache
195. Group apache
196.  
197. </IfModule>
198.  
199. # 'Main' server configuration
200. #
201. # The directives in this section set up the values used by the 'main'
202. # server, which responds to any requests that aren't handled by a
203. # <VirtualHost> definition. These values also provide defaults for
204. # any <VirtualHost> containers you may define later in the file.
205. #
206. # All of these directives may appear inside <VirtualHost> containers,
207. # in which case these default settings will be overridden for the
208. # virtual host being defined.
209. #
210.  
211. #
212. # ServerAdmin: Your address, where problems with the server should be
213. # e-mailed. This address appears on some server-generated pages, such
214. # as error documents. e.g. admin@your-domain.com
215. #
216. ServerAdmin you@example.com
217.  
218. #
219. # ServerName gives the name and port that the server uses to identify itself.
220. # This can often be determined automatically, but we recommend you specify
221. # it explicitly to prevent problems during startup.
222. #
223. # If your host doesn't have a registered DNS name, enter its IP address here.
224. #
225. ServerName 192.168.0.169:81
226.  
227. #
228. # Deny access to the entirety of your server's filesystem. You must
229. # explicitly permit access to web content directories in other
230. # <Directory> blocks below.
231. #
232. <Directory />
233. AllowOverride none
234. Require all denied
235. </Directory>
236.  
237. #
238. # Note that from this point forward you must specifically allow
239. # particular features to be enabled - so if something's not working as
240. # you might expect, make sure that you have specifically enabled it
241. # below.
242. #
243.  
244. #
245. # DocumentRoot: The directory out of which you will serve your
246. # documents. By default, all requests are taken from this directory, but
247. # symbolic links and aliases may be used to point to other locations.
248. #
249. DocumentRoot "/srv/www"
250. <Directory "/srv/www">
251. #
252. # Possible values for the Options directive are "None", "All",
253. # or any combination of:
254. # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
255. #
256. # Note that "MultiViews" must be named *explicitly* --- "Options All"
257. # doesn't give it to you.
258. #
259. # The Options directive is both complicated and important. Please see
260. # http://httpd.apache.org/docs/2.4/mod/core.html#options
261. # for more information.
262. #
263. Options All
264.  
265. #
266. # AllowOverride controls what directives may be placed in .htaccess files.
267. # It can be "All", "None", or any combination of the keywords:
268. # AllowOverride FileInfo AuthConfig Limit
269. #
270. AllowOverride All
271.  
272. #
273. # Controls who can get stuff from this server.
274. #
275. Require all granted
276. </Directory>
277.  
278.  
279.  
280. #
281. # DirectoryIndex: sets the file that Apache will serve if a directory
282. # is requested.
283. #
284. <IfModule dir_module>
285. DirectoryIndex index.php index.html
286. </IfModule>
287.  
288. #
289. # The following lines prevent .htaccess and .htpasswd files from being
290. # viewed by Web clients.
291. #
292. <Files ".ht*">
293. Require all denied
294. </Files>
295.  
296. #
297. # ErrorLog: The location of the error log file.
298. # If you do not specify an ErrorLog directive within a <VirtualHost>
299. # container, error messages relating to that virtual host will be
300. # logged here. If you *do* define an error logfile for a <VirtualHost>
301. # container, that host's errors will be logged there and not here.
302. #
303. ErrorLog "/var/log/apache2/error_log"
304.  
305. #
306. # LogLevel: Control the number of messages logged to the error_log.
307. # Possible values include: debug, info, notice, warn, error, crit,
308. # alert, emerg.
309. #
310. LogLevel warn
311.  
312. <IfModule log_config_module>
313. #
314. # The following directives define some format nicknames for use with
315. # a CustomLog directive (see below).
316. #
317. LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
318. LogFormat "%h %l %u %t \"%r\" %>s %b" common
319.  
320. <IfModule logio_module>
321. # You need to enable mod_logio.c to use %I and %O
322. LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
323. </IfModule>
324.  
325. #
326. # The location and format of the access logfile (Common Logfile Format).
327. # If you do not define any access logfiles within a <VirtualHost>
328. # container, they will be logged here. Contrariwise, if you *do*
329. # define per-<VirtualHost> access logfiles, transactions will be
330. # logged therein and *not* in this file.
331. #
332. CustomLog "/var/log/apache2/access_log" common
333.  
334. #
335. # If you prefer a logfile with access, agent, and referer information
336. # (Combined Logfile Format) you can use the following directive.
337. #
338. #CustomLog "/var/log/apache2/access_log" combined
339. </IfModule>
340.  
341. <IfModule alias_module>
342. #
343. # Redirect: Allows you to tell clients about documents that used to
344. # exist in your server's namespace, but do not anymore. The client
345. # will make a new request for the document at its new location.
346. # Example:
347. # Redirect permanent /foo http://www.example.com/bar
348.  
349. #
350. # Alias: Maps web paths into filesystem paths and is used to
351. # access content that does not live under the DocumentRoot.
352. # Example:
353. # Alias /webpath /full/filesystem/path
354. #
355. # If you include a trailing / on /webpath then the server will
356. # require it to be present in the URL. You will also likely
357. # need to provide a <Directory> section to allow access to
358. # the filesystem path.
359.  
360. #
361. # ScriptAlias: This controls which directories contain server scripts.
362. # ScriptAliases are essentially the same as Aliases, except that
363. # documents in the target directory are treated as applications and
364. # run by the server when requested rather than as documents sent to the
365. # client. The same rules about trailing "/" apply to ScriptAlias
366. # directives as to Alias.
367. #
368.  
369. ScriptAlias /cgi-bin/ "/usr/share/apache2/cgi-bin/"
370. ScriptAlias /local-bin/php-cgi /usr/bin/php-cgi
371. ScriptAlias /php/ "usr/bin/"
372.  
373. AddHandler application/x-httpd-php .php
374. Action application/x-httpd-php /local-bin/php-cgi
375.  
376.  
377.  
378. </IfModule>
379.  
380. <Directory "/usr/bin/php-cgi">
381. Order allow,deny
382. Allow from all
383. Require all granted
384.  
385. </Directory>
386.  
387. <IfModule cgid_module>
388. #
389. # ScriptSock: On threaded servers, designate the path to the UNIX
390. # socket used to communicate with the CGI daemon of mod_cgid.
391. #
392. #Scriptsock cgisock
393. </IfModule>
394.  
395. #
396. # "/usr/share/apache2/cgi-bin" should be changed to whatever your ScriptAliased
397. # CGI directory exists, if you have that configured.
398. #
399. <Directory "/">
400. Options FollowSymLinks
401. AllowOverride None
402. Require all denied
403. </Directory>
404.  
405. <Directory "/usr/share">
406. AllowOverride None
407. Require all granted
408. </Directory>
409.  
410. <Directory "/usr/share/apache2/cgi-bin">
411. AllowOverride None
412. Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
413. Require all granted
414. </Directory>
415.  
416.  
417. <Directory "/usr/bin">
418. AllowOverride None
419. Options Indexes FollowSymLinks
420. Order allow,deny
421. Require all granted
422. </Directory>
423.  
424. <Directory "/srv/www">
425. Options Indexes FollowSymLinks
426. AllowOverride None
427. Require all granted
428.  
429. </Directory>
430.  
431.  
432. <IfModule headers_module>
433. #
434. # Avoid passing HTTP_PROXY environment to CGI's on this or any proxied
435. # backend servers which have lingering "httpoxy" defects.
436. # 'Proxy' request header is undefined by the IETF, not listed by IANA
437. #
438. RequestHeader unset Proxy early
439. </IfModule>
440.  
441. <IfModule mime_module>
442. #
443. # TypesConfig points to the file containing the list of mappings from
444. # filename extension to MIME-type.
445. #
446. TypesConfig /etc/apache2/mime.types
447.  
448. #
449. # AddType allows you to add to or override the MIME configuration
450. # file specified in TypesConfig for specific file types.
451. #
452. #AddType application/x-gzip .tgz
453. #
454. # AddEncoding allows you to have certain browsers uncompress
455. # information on the fly. Note: Not all browsers support this.
456. #
457. #AddEncoding x-compress .Z
458. #AddEncoding x-gzip .gz .tgz
459. #
460. # If the AddEncoding directives above are commented-out, then you
461. # probably should define those extensions to indicate media types:
462. #
463. AddType application/x-compress .Z
464. AddType application/x-gzip .gz .tgz
465.  
466. #
467. # AddHandler allows you to map certain file extensions to "handlers":
468. # actions unrelated to filetype. These can be either built into the server
469. # or added with the Action directive (see below)
470. #
471. # To use CGI scripts outside of ScriptAliased directories:
472. # (You will also need to add "ExecCGI" to the "Options" directive.)
473. #
474. #AddHandler cgi-script .cgi
475.  
476. # For type maps (negotiated resources):
477. #AddHandler type-map var
478.  
479. #
480. # Filters allow you to process content before it is sent to the client.
481. #
482. # To parse .shtml files for server-side includes (SSI):
483. # (You will also need to add "Includes" to the "Options" directive.)
484. #
485. #AddType text/html .shtml
486. #AddOutputFilter INCLUDES .shtml
487. </IfModule>
488.  
489. #
490. # The mod_mime_magic module allows the server to use various hints from the
491. # contents of the file itself to determine its type. The MIMEMagicFile
492. # directive tells the module where the hint definitions are located.
493. #
494. #MIMEMagicFile /etc/apache2/magic
495.  
496. #
497. # Customizable error responses come in three flavors:
498. # 1) plain text 2) local redirects 3) external redirects
499. #
500. # Some examples:
501. #ErrorDocument 500 "The server made a boo boo."
502. #ErrorDocument 404 /missing.html
503. #ErrorDocument 404 "/cgi-bin/missing_handler.pl"
504. #ErrorDocument 402 http://www.example.com/subscription_info.html
505. #
506.  
507. #
508. # MaxRanges: Maximum number of Ranges in a request before
509. # returning the entire resource, or one of the special
510. # values 'default', 'none' or 'unlimited'.
511. # Default setting is to accept 200 Ranges.
512. #MaxRanges unlimited
513.  
514. #
515. # EnableMMAP and EnableSendfile: On systems that support it,
516. # memory-mapping or the sendfile syscall may be used to deliver
517. # files. This usually improves server performance, but must
518. # be turned off when serving from networked-mounted
519. # filesystems or if support for these functions is otherwise
520. # broken on your system.
521. # Defaults: EnableMMAP On, EnableSendfile Off
522. #
523. #EnableMMAP off
524. #EnableSendfile on
525.  
526. # Supplemental configuration
527. #
528. # The configuration files in the /etc/apache2/extra/ directory can be
529. # included to add extra features or to modify the default configuration of
530. # the server, or you may simply copy their contents here and change as
531. # necessary.
532.  
533. # Server-pool management (MPM specific)
534. #Include /etc/apache2/extra/httpd-mpm.conf
535.  
536. # Multi-language error messages
537. #Include /etc/apache2/extra/httpd-multilang-errordoc.conf
538.  
539. # Fancy directory listings
540. #Include /etc/apache2/extra/httpd-autoindex.conf
541.  
542. # Language settings
543. #Include /etc/apache2/extra/httpd-languages.conf
544.  
545. # User home directories
546. #Include /etc/apache2/extra/httpd-userdir.conf
547.  
548. # Real-time info on requests and configuration
549. #Include /etc/apache2/extra/httpd-info.conf
550.  
551. # Virtual hosts
552. #Include /etc/apache2/extra/httpd-vhosts.conf
553.  
554. # Local access to the Apache HTTP Server Manual
555. #Include /etc/apache2/extra/httpd-manual.conf
556.  
557. # Distributed authoring and versioning (WebDAV)
558. #Include /etc/apache2/extra/httpd-dav.conf
559.  
560. # Various default settings
561. #Include /etc/apache2/extra/httpd-default.conf
562.  
563. # Configure mod_proxy_html to understand HTML4/XHTML1
564. <IfModule proxy_html_module>
565. Include /etc/apache2/extra/proxy-html.conf
566. </IfModule>
567.  
568. # Secure (SSL/TLS) connections
569. #Include /etc/apache2/extra/httpd-ssl.conf
570. #
571. # Note: The following must must be present to support
572. # starting without SSL on platforms with no /dev/random equivalent
573. # but a statically compiled-in mod_ssl.
574. #
575. <IfModule ssl_module>
576. SSLRandomSeed startup builtin
577. SSLRandomSeed connect builtin
578. </IfModule>