codice:# ============================================================================ # Fancy directory listings # Source : conf/extra/httpd-autoindex.conf # ============================================================================ # # Directives controlling the display of server-generated directory listings. # # Required modules: mod_authz_core, mod_authz_host, # mod_autoindex, mod_alias # # To see the listing of a directory, the Options directive for the # directory must include "Indexes", and the directory must not contain # a file matching those listed in the DirectoryIndex directive. # # # IndexOptions: Controls the appearance of server-generated directory # listings. # IndexOptions FancyIndexing HTMLTable VersionSort # We include the /icons/ alias for FancyIndexed directory listings. If # you do not use FancyIndexing, you may comment this out. # Alias /icons/ "${path}/binaries/apache/icons/" <Directory "${path}/binaries/apache/icons"> Options Indexes MultiViews AllowOverride None Require all granted </Directory> # # AddIcon* directives tell the server which icon to show for different # files or filename extensions. These are only displayed for # FancyIndexed directories. # AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip AddIconByType (TXT,/icons/text.gif) text/* AddIconByType (IMG,/icons/image2.gif) image/* AddIconByType (SND,/icons/sound2.gif) audio/* AddIconByType (VID,/icons/movie.gif) video/* AddIcon /icons/binary.gif .bin .exe AddIcon /icons/binhex.gif .hqx AddIcon /icons/tar.gif .tar AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip AddIcon /icons/a.gif .ps .ai .eps AddIcon /icons/layout.gif .html .shtml .htm .pdf AddIcon /icons/text.gif .txt AddIcon /icons/c.gif .c AddIcon /icons/p.gif .pl .py AddIcon /icons/f.gif .for AddIcon /icons/dvi.gif .dvi AddIcon /icons/uuencoded.gif .uu AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl AddIcon /icons/tex.gif .tex AddIcon /icons/bomb.gif core AddIcon /icons/back.gif .. AddIcon /icons/hand.right.gif README AddIcon /icons/folder.gif ^^DIRECTORY^^ AddIcon /icons/blank.gif ^^BLANKICON^^ # # DefaultIcon is which icon to show for files which do not have an icon # explicitly set. # DefaultIcon /icons/unknown.gif # # AddDescription allows you to place a short description after a file in # server-generated indexes. These are only displayed for FancyIndexed # directories. # Format: AddDescription "description" filename # AddDescription "GZIP compressed document" .gz AddDescription "tar archive" .tar AddDescription "GZIP compressed tar archive" .tgz # # ReadmeName is the name of the README file the server will look for by # default, and append to directory listings. # # HeaderName is the name of a file which should be prepended to # directory indexes. ReadmeName /icons/FancyIndexing/readme.html HeaderName /icons/FancyIndexing/header.html # # IndexIgnore is a set of filenames which directory indexing should ignore # and not include in the listing. Shell-style wildcarding is permitted. # IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t # ============================================================================ # ============================================================================ # Distributed authoring and versioning (WebDAV) # Source : conf/extra/httpd-dav.conf # ============================================================================ # # # # Required modules: mod_alias, mod_auth_digest, mod_authn_core, mod_authn_file, # # mod_authz_core, mod_authz_user, mod_dav, mod_dav_fs, # # mod_setenvif # # # The following example gives DAV write access to a directory called # # "uploads" under the ServerRoot directory. # # # # The User/Group specified in httpd.conf needs to have write permissions # # on the directory where the DavLockDB is placed and on any directory where # # "Dav On" is specified. # # DavLockDB "${path}/binaries/apache/var/DavLock" # # Alias /uploads "${path}/binaries/apache/uploads" # # <Directory "${path}/binaries/apache/uploads"> # Dav On # # AuthType Digest # AuthName DAV-upload # # You can use the htdigest program to create the password database: # # htdigest -c "${path}/binaries/apache/user.passwd" DAV-upload admin # AuthUserFile "${path}/binaries/apache/user.passwd" # AuthDigestProvider file # # # Allow universal read-access, but writes are restricted # # to the admin user. # <RequireAny> # Require method GET POST OPTIONS # Require user admin # </RequireAny> # </Directory> # # # # # The following directives disable redirects on non-GET requests for # # a directory that does not include the trailing slash. This fixes a # # problem with several clients that do not appropriately handle # # redirects for folders with DAV methods. # # # BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully # BrowserMatch "MS FrontPage" redirect-carefully # BrowserMatch "^WebDrive" redirect-carefully # BrowserMatch "^WebDAVFS/1.[01234]" redirect-carefully # BrowserMatch "^gnome-vfs/1.0" redirect-carefully # BrowserMatch "^XML Spy" redirect-carefully # BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully # BrowserMatch " Konqueror/4" redirect-carefully # ============================================================================ # ============================================================================ # Virtual hosts # Source : conf/extra/httpd-vhosts.conf # ============================================================================ # # # # If you want to maintain multiple domains/hostnames on your # # machine you can setup VirtualHost containers for them. Most configurations # # use only name-based virtual hosts so the server doesn't need to worry about # # IP addresses. This is indicated by the asterisks in the directives below. # # # # Please see the documentation at # # <URL:http://httpd.apache.org/docs/2.4/vhosts/> # # for further details before you try to setup virtual hosts. # # # # You may use the command line option '-S' to verify your virtual host # # configuration. # # # # # VirtualHost example: # # Almost any Apache directive may go into a VirtualHost container. # # The first VirtualHost section is used for all requests that do not # # match a ServerName or ServerAlias in any <VirtualHost> block. # # # <VirtualHost *:80> # ServerAdmin webmaster@dummy-host.127.0.0.1 # DocumentRoot "${path}/binaries/apache/docs/dummy-host.127.0.0.1" # ServerName dummy-host.127.0.0.1 # ServerAlias www.dummy-host.127.0.0.1 # ErrorLog "logs/dummy-host.127.0.0.1-error.log" # CustomLog "logs/dummy-host.127.0.0.1-access.log" common # </VirtualHost> # # <VirtualHost *:80> # ServerAdmin webmaster@dummy-host2.127.0.0.1 # DocumentRoot "${path}/binaries/apache/docs/dummy-host2.127.0.0.1" # ServerName dummy-host2.127.0.0.1 # ErrorLog "logs/dummy-host2.127.0.0.1-error.log" # CustomLog "logs/dummy-host2.127.0.0.1-access.log" common # </VirtualHost> # ============================================================================ # ============================================================================ # Secure (SSL/TLS) connections # Source : conf/extra/httpd-ssl.conf # ============================================================================ # # # # This is the Apache server configuration file providing SSL support. # # It contains the configuration directives to instruct the server how to # # serve pages over an https connection. For detailed information about these # # directives see <URL:http://httpd.apache.org/docs/2.4/mod/mod_ssl.html> # # # # Do NOT simply read the instructions in here without understanding # # what they do. They're here only as hints or reminders. If you are unsure # # consult the online docs. You have been warned. # # # # Required modules: mod_log_config, mod_setenvif, mod_ssl, # # socache_shmcb_module (for default value of SSLSessionCache) # # # # # Pseudo Random Number Generator (PRNG): # # Configure one or more sources to seed the PRNG of the SSL library. # # The seed data should be of good random quality. # # WARNING! On some platforms /dev/random blocks if not enough entropy # # is available. This means you then cannot use the /dev/random device # # because it would lead to very long connection times (as long as # # it requires to make more entropy available). But usually those # # platforms additionally provide a /dev/urandom device which doesn't # # block. So, if available, use this one instead. Read the mod_ssl User # # Manual for more details. # # # #SSLRandomSeed startup file:/dev/random 512 # #SSLRandomSeed startup file:/dev/urandom 512 # #SSLRandomSeed connect file:/dev/random 512 # #SSLRandomSeed connect file:/dev/urandom 512 # # # # # # When we also provide SSL we have to listen to the # # standard HTTP port (see above) and to the HTTPS port # # # # Note: Configurations that use IPv6 but not IPv4-mapped addresses need two # # Listen directives: "Listen [::]:443" and "Listen 0.0.0.0:443" # # # Listen 443 # # ## # ## SSL Global Context # ## # ## All SSL configuration in this context applies both to # ## the main server and all SSL-enabled virtual hosts. # ## # # # SSL Cipher Suite: # # List the ciphers that the client is permitted to negotiate. # # See the mod_ssl documentation for a complete list. # SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5 # # # Speed-optimized SSL Cipher configuration: # # If speed is your main concern (on busy HTTPS servers e.g.), # # you might want to force clients to specific, performance # # optimized ciphers. In this case, prepend those ciphers # # to the SSLCipherSuite list, and enable SSLHonorCipherOrder. # # Caveat: by giving precedence to RC4-SHA and AES128-SHA # # (as in the example below), most connections will no longer # # have perfect forward secrecy - if the server's key is # # compromised, captures of past or future traffic must be # # considered compromised, too. # #SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:MEDIUM:!aNULL:!MD5 # #SSLHonorCipherOrder on # # # Pass Phrase Dialog: # # Configure the pass phrase gathering process. # # The filtering dialog program (`builtin' is an internal # # terminal dialog) has to provide the pass phrase on stdout. # SSLPassPhraseDialog builtin # # # Inter-Process Session Cache: # # Configure the SSL Session Cache: First the mechanism # # to use and second the expiring timeout (in seconds). # #SSLSessionCache "dbm:${path}/binaries/apache/logs/ssl_scache" # SSLSessionCache "shmcb:${path}/binaries/apache/logs/ssl_scache(512000)" # SSLSessionCacheTimeout 300 # # ## # ## SSL Virtual Host Context # ## # # <VirtualHost _default_:443> # # # General setup for the virtual host # DocumentRoot "${path}/data/documentroot" # ServerName 127.0.0.1:443 # ServerAdmin admin@127.0.0.1 # ErrorLog "${path}/binaries/apache/logs/error.log" # TransferLog "${path}/binaries/apache/logs/access.log" # # # SSL Engine Switch: # # Enable/Disable SSL for this virtual host. # SSLEngine on