-
Notifications
You must be signed in to change notification settings - Fork 0
/
httpd.conf
212 lines (173 loc) · 5.19 KB
/
httpd.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
# Root directories
#Define _ROOT "c:/Apache24"
#Define _DOCS "c:/Apache24"
#Define _LOGS "c:/Apache24"
Define _ROOT "/etc/httpd"
Define _DOCS "/srv/http"
Define _LOGS "/srv/http/logs"
ServerRoot "${_ROOT}"
# Default port
Listen 80
# MODULES #
LoadModule mpm_event_module modules/mod_mpm_event.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_core_module modules/mod_authz_core.so
LoadModule access_compat_module modules/mod_access_compat.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule reqtimeout_module modules/mod_reqtimeout.so
LoadModule include_module modules/mod_include.so
LoadModule filter_module modules/mod_filter.so
LoadModule mime_module modules/mod_mime.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule env_module modules/mod_env.so
LoadModule headers_module modules/mod_headers.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
LoadModule unixd_module modules/mod_unixd.so
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
<IfModule !mpm_prefork_module>
#LoadModule cgid_module modules/mod_cgid.so
</IfModule>
<IfModule mpm_prefork_module>
#LoadModule cgi_module modules/mod_cgi.so
</IfModule>
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule userdir_module modules/mod_userdir.so
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so
# DEFAULTS #
# Server user for Linux
<IfModule unixd_module>
User _USERNAME_
#User http
#Group http
</IfModule>
<Directory />
AllowOverride none
Require all denied
</Directory>
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
<Files ".ht*">
Require all denied
</Files>
ErrorLog "${_LOGS}/error.log"
LogLevel warn
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog "${_LOGS}/access.log" common
</IfModule>
<IfModule alias_module>
ScriptAlias /cgi-bin/ "${_DOCS}/cgi-bin/"
</IfModule>
<IfModule cgid_module>
#Scriptsock cgisock
</IfModule>
<Directory "${_DOCS}/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule headers_module>
RequestHeader unset Proxy early
</IfModule>
<IfModule mime_module>
TypesConfig conf/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
#AddHandler cgi-script .cgi
#AddHandler type-map var
#AddType text/html .shtml
#AddOutputFilter INCLUDES .shtml
</IfModule>
#MIMEMagicFile conf/magic
# Server-pool management (MPM specific)
#Include conf/extra/httpd-mpm.conf
# Multi-language error messages
#Include conf/extra/httpd-multilang-errordoc.conf
# Fancy directory listings
#Include conf/extra/httpd-autoindex.conf
# Language settings
#Include conf/extra/httpd-languages.conf
# User home directories
#Include conf/extra/httpd-userdir.conf
# Real-time info on requests and configuration
#Include conf/extra/httpd-info.conf
# Virtual hosts
#Include conf/extra/httpd-vhosts.conf
# Local access to the Apache HTTP Server Manual
#Include conf/extra/httpd-manual.conf
# Distributed authoring and versioning (WebDAV)
#Include conf/extra/httpd-dav.conf
# Various default settings
#Include conf/extra/httpd-default.conf
# Configure mod_proxy_html to understand HTML4/XHTML1
<IfModule proxy_html_module>
Include conf/extra/proxy-html.conf
</IfModule>
# Secure (SSL/TLS) connections
#Include conf/extra/httpd-ssl.conf
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
# VANILLA PROJECT CONF BELOW #
# https://github.com/reineimi/va2 #
# Basic info
ServerAdmin [email protected]
ServerName va2.reineimi
# Security measures
ServerTokens Prod
ServerSignature Off
FileETag None
TraceEnable Off
Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure
Header always append X-Frame-Options SAMEORIGIN
Header set X-XSS-Protection "1; mode=block"
RewriteEngine On
RewriteCond %{THE_REQUEST} !HTTP/1.1$
RewriteRule .* - [F]
Timeout 60
# Limit ram to 1GB
# (old(2GB): 2147483648)
RLimitMEM 1073741824
# Max POST size: 10 MiB
LimitRequestBody 10240000
# Max URL size: 1 MiB
LimitRequestLine 1048576
# Max form field size: 1 MiB
LimitRequestFieldSize 1048576
# Migrate to new directory
DocumentRoot "${_DOCS}"
<Directory "${_DOCS}">
Options -Indexes -Includes -ExecCGI
Order allow,deny
Allow from all
AllowOverride None
Require all granted
<LimitExcept GET POST HEAD>
deny from all
</LimitExcept>
</Directory>
# Load Lua scripts
LoadModule lua_module modules/mod_lua.so
AddHandler lua-script .lua
LuaRoot "${_DOCS}/va2.reineimi"
LuaScope server
# Enable CORs
<IfModule headers_module>
RequestHeader unset Proxy early
Header add Access-Control-Allow-Origin "*"
</IfModule>