httpd.conf.example

Network Administration Visualized 网络管理可视化源码

#
# How your server behaves.  This can be wildly different on
# your system.
#
ServerType standalone
ServerRoot "/etc/httpd"
PidFile /var/run/httpd.pid
ScoreBoardFile /var/log/httpd/httpd.scoreboard
Timeout 60
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15

MinSpareServers 3
MaxSpareServers 5
StartServers 2
MaxClients 256

MaxRequestsPerChild 100000
UseCanonicalName on
ExtendedStatus On

Port 80
Listen 80
User httpd
Group httpd

#
# Load some modules
#
LoadModule cgi_module         libexec/mod_cgi.so
LoadModule mime_magic_module  libexec/mod_mime_magic.so
LoadModule mime_module        libexec/mod_mime.so
LoadModule access_module      libexec/mod_access.so
LoadModule auth_module        libexec/mod_auth.so
LoadModule rewrite_module     libexec/mod_rewrite.so
LoadModule ssl_module         libexec/libssl.so
LoadModule php4_module        libexec/libphp4.so
LoadModule python_module      libexec/mod_python.so

#
# MIME and type related config
#
DefaultType text/plain

AddType application/x-httpd-php .php
AddType application/x-httpd-php-source .phps

#
# Some server specifics
#
ServerName nav.example.com
ServerAdmin webmaster@nav.example.com
DocumentRoot "/usr/local/nav/apache/webroot"


#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
#
LogFormat "%V %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

CustomLog /var/log/httpd/access_log combined
ErrorLog /var/log/httpd/error_log
LogLevel info

ServerSignature On
HostnameLookups Off

#
# Global SSL Configuration
#
<IfModule mod_ssl.c>
    Listen 443
    AddType                 application/x-x509-ca-cert .crt
    AddType                 application/x-pkcs7-crl    .crl
    SSLPassPhraseDialog     builtin
    SSLSessionCache         dbm:/var/log/httpd/ssl_scache
    SSLSessionCacheTimeout  300
    SSLMutex                file:/var/log/httpd/ssl_mutex
    SSLRandomSeed           startup builtin
    SSLRandomSeed           connect builtin
    SSLLog                  /var/log/httpd/ssl_engine_log
    SSLLogLevel             info
</IfModule>

#
# Reasonable Rewrite rules
#
<IfModule mod_rewrite.c>
    #
    # We use this rewrite rule stuff to make sure that the client uses
    # the FQDN for this host when making its requests (among other
    # things, due to cookie access problems under NAV)
    #
    RewriteEngine on
    RewriteLog logs/rewrite.log
    RewriteCond %{HTTP_HOST} !^nav.example.org$
    RewriteRule ^/(.*) https://nav.example.org/$1 [R=301]

    #
    # If the request was not made using SSL, we forcefully redirect
    # the user's requst to an https url
    #
    RewriteCond %{HTTPS} !^on$
    RewriteRule ^/(.*) https://nav.example.org/$1 [R=301]

</IfModule>


#
# Access privileges
#
<Directory />
    Options FollowSymLinks
    AllowOverride None
</Directory>

AccessFileName .htaccess
<Files ~ "^\.ht">
    Order allow,deny
    Deny from all
</Files>

<IfModule mod_setenvif.c>
    BrowserMatch "Mozilla/2" nokeepalive
    BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
    BrowserMatch "RealPlayer 4\.0" force-response-1.0
    BrowserMatch "Java/1\.0" force-response-1.0
    BrowserMatch "JDK/1\.0" force-response-1.0
</IfModule>


<Directory /usr/local/nav/apache/webroot>
    Options Indexes FollowSymLinks MultiViews ExecCGI
    DirectoryIndex index.html index.php index.cgi

    AllowOverride All
</Directory>


##
## SSL Virtual host config
##
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
  SSLEngine on
  SSLCertificateFile conf/cert/nav.cert
  SSLCertificateKeyFile conf/cert/nav.key

  SetEnvIf User-Agent ".*MSIE.*" \
    nokeepalive ssl-unclean-shutdown \
    downgrade-1.0 force-response-1.0

</VirtualHost>
</IfModule>