|
Editez le
fichier /etc/httpd/conf/commonhttpd.conf :
### Common server configuration
#
# Apache2 fonctionnera sous
l'identité suivante.
User apache
Group apache
#
# ServerAdmin: Your address, where problems with the server should be
# e-mailed. This address appears on some server-generated pages, such
# as error documents.
#
ServerAdmin webmaster@alex.fr
#Restricted
set of options
<Directory />
Options -All -Multiviews
AllowOverride None
<IfModule mod_access.c>
Order deny,allow
Deny from all
</IfModule>
</Directory>
AccessFileName .htaccess
# Also, folks tend to use names such as .htpasswd for password
# files, so this will protect those as well.
#
<IfModule mod_access.c>
<Files ~ "^\.ht">
Order allow,deny
Deny from all
</Files>
</IfModule>
#CacheNegotiatedDocs
#
# UseCanonicalName: With this setting turned on, whenever
# Apache needs to construct a self-referencing URL (a URL that refers
back
# to the server the response is coming from) it will use ServerName and
# Port to form a "canonical" name. With this setting off, Apache will
# use the hostname:port that the client supplied, when possible. This
# also affects SERVER_NAME and SERVER_PORT in CGI scripts.
#
UseCanonicalName On
#
# TypesConfig describes where the mime.types file (or equivalent) is
# to be found.
#
<IfModule mod_mime.c>
TypesConfig conf/apache-mime.types
</IfModule>
#
# DefaultType is the default MIME type the server will use for a
document
# if it cannot otherwise determine one, such as from filename
extensions.
# If your server contains mostly text or HTML documents, "text/plain" is
# a good value. If most of your content is binary, such as applications
# or images, you may want to use "application/octet-stream" instead to
# keep browsers from trying to display binary files as though they are
# text.
#
DefaultType text/plain
<IfModule mod_mime_magic.c>
MIMEMagicFile conf/magic
</IfModule>
#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if
people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off
# EnableMMAP off
# EnableSendfile off
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
#
<IfModule mod_log_config.c>
LogFormat "%"h %"l %"u %"t \"%"r\" %">s %"b \"%"{Referer}i\"
\"%"{User-Agent}i\"" combined
LogFormat "%"h %"l %"u %"t \"%"r\" %">s %"b" common
LogFormat "%"{Referer}i -> %"U" referer
LogFormat "%"{User-agent}i" agent
LogFormat "%"v %"h %"l %"u %"t \"%"r\" %">s %"b %"T" script
LogFormat "%"v %"h %"l %"u %"t \"%"r\" %">s %"b \"%"{Referer}i\"
\"%"{User-Agent}i\" VLOG=%"{VLOG}e" vhost
<IfModule
mod_logio.c>
# You need to enable mod_logio.c to use %"I and %"O
#LogFormat "%"h %"l %"u %"t \"%"r\" %">s %"b \"%"{Referer}i\"
\"%"{User-Agent}i\" %"I %"O" combinedio
</IfModule>
#
# The location and format of the access logfile (Common Logfile Format).
#CustomLog logs/access_log common
#
# If you would like to have agent and referer logfiles, uncomment the
# following directives.
#
#CustomLog logs/referer_log referer
#CustomLog logs/agent_log agent
#
# If you prefer a single logfile with access, agent, and referer
information
# (Combined Logfile Format) you can use the following directive.
#
#CustomLog logs/access_log combined
</IfModule>
#
# ServerTokens
# This directive configures what you return as the Server HTTP response
# Header. The default is 'Full' which sends information about the
OS-Type
# and compiled in modules.
# Set to one of: Full | OS | Minor | Minimal | Major | Prod
# where Full conveys the most information, and Prod the least.
#
ServerTokens Prod
#
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (error documents, FTP directory
listings,
# mod_status and mod_info output etc., but not CGI generated documents).
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
# Set to one of: On | Off | Email
#
ServerSignature On
#
# Aliases: Add here as many aliases as you need (with no limit). The
format is
# Alias fakename realname
#
<IfModule mod_alias.c>
#
# Note that if you include a trailing / on fakename then the server will
# require it to be present in the URL. So "/icons" isn't aliased in this
# example, only "/icons/"..
#
Alias /icons/ /var/www/icons/
Alias /doc /usr/share/doc
#
# ScriptAlias: This controls which directories contain server scripts.
# ScriptAliases are essentially the same as Aliases, except that
# documents in the realname directory are treated as applications and
# run by the server when requested rather than as documents sent to the
client.
# The same rules about trailing "/" apply to ScriptAlias directives as
to
# Alias.
#
ScriptAlias /cgi-bin/ /var/www/cgi-bin/
ScriptAlias /protected-cgi-bin/ /var/www/protected-cgi-bin/
<IfModule mod_perl.c>
#Provide two aliases to the same cgi-bin directory,
#to see the effects of the 2 different mod_perl modes
#for Apache::Registry Mode
Alias /perl/ /var/www/perl/
#for Apache::Perlrun Mode
Alias /cgi-perl/ /var/www/perl/
</IfModule>
</IfModule>
# End of aliases.
#
# Redirect allows you to tell clients about documents which used to
exist in
# your server's namespace, but do not anymore. This allows you to tell
the
# clients where to look for the relocated document.
# Format: Redirect old-URI new-URL
#
#
# Directives controlling the display of server-generated directory
listings.
#
<IfModule mod_autoindex.c>
#
# FancyIndexing is whether you want fancy directory indexing or standard
#
<IfDefine !APACHE2>
IndexOptions FancyIndexing NameWidth=*
</IfDefine>
<IfDefine APACHE2>
IndexOptions FancyIndexing VersionSort NameWidth=*
</IfDefine>
#
# AddIcon* directives tell the server which icon to show for different
# files or filename extensions. These are only displayed for
# FancyIndexed directories.
#
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
...
AddIcon /icons/blank.png ^^BLANKICON^^
#
# DefaultIcon is which icon to show for files which do not have an icon
# explicitly set.
#
DefaultIcon /icons/unknown.png
ReadmeName README.html
HeaderName HEADER.html
#
# IndexIgnore is a set of filenames which directory indexing should
ignore
# and not include in the listing. Shell-style wildcarding is permitted.
#
IndexIgnore .??* *~ *# HEADER* RCS CVS *,v *,t
</IfModule>
# End of indexing directives.
#
# Document types.
#
<IfModule mod_mime.c>
#
# AddEncoding allows you to have certain browsers (Mosaic/X 2.1+)
uncompress
# information on the fly. Note: Not all browsers support this.
#
AddEncoding x-compress Z
AddEncoding x-gzip gz tgz
AddLanguage ca .ca
...
AddLanguage eo .eo
#AddDefaultCharset ISO-8859-1
# JMD 2003/09/15 Change to off, since it overrides the META tags
AddDefaultCharset Off
# LanguagePriority allows you to give precedence to some languages
# in case of a tie during content negotiation.
#
# Just list the languages in decreasing order of preference. We have
# more or less alphabetized them here. You probably want to change this.
#
<IfModule mod_negotiation.c>
LanguagePriority fr en cs de es it da nl
# ForceLanguagePriority Prefer Fallback
</IfModule>
AddCharset ISO-8859-1 .iso8859-1 .latin1
...
AddType application/x-tar .tgz
AddType image/x-icon .ico
#
# If you want to use server side includes, or CGI outside
# ScriptAliased directories, uncomment the following lines.
# To use CGI scripts:
#
AddHandler cgi-script .cgi
#
# For type maps (negotiated resources):
# (This is enabled by default to allow the Apache "It Worked" page
# to be distributed in multiple languages.)
#
AddHandler type-map var
# Filters allow you to process content before it is sent to the client.
#
# To parse .shtml files for server-side includes (SSI):
# (You will also need to add "Includes" to the "Options" directive.)
#
AddType text/html .shtml
<IfDefine APACHE2>
AddOutputFilter INCLUDES .shtml
</IfDefine>
<IfDefine !APACHE2>
AddHandler server-parsed .shtml
</IfDefine>
</IfModule>
# End of document types
<Location /manual>
Options Multiviews
ErrorDocument 404 "The document you requested has not been installed on
your system. Please install either apache-manual or apache2-manual RPMs.
</Location>
<Location /manual-2.0>
Options Multiviews
ErrorDocument 404 "The document you requested has not been installed on
your system. Please install the apache2-manual package.
</Location>
<Location /manual-1.3>
Options Multiviews
ErrorDocument 404 "The document you requested has not been installed on
your system. Please install the apache-manual package.
</Location>
#
# Customize behaviour based on the browser
#
<IfModule mod_setenvif.c>
#
# The following directives modify normal HTTP response behavior to
# handle known problems with browser implementations.
#
BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0
#
# The following directive disables redirects on non-GET requests for
# a directory that does not include the trailing slash. This fixes a
# problem with Microsoft WebFolders which does not appropriately handle
# redirects for folders with DAV methods.
#
BrowserMatch "Microsoft Data Access Internet Publishing Provider"
redirect-carfully
BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^gnome-vfs" redirect-carefully
</IfModule>
# End of browser customization directives
#
# Allow server status reports, with the URL of
http://servername/server-status
# Change the ".your_domain.com" to match your domain to enable.
#
<IfModule mod_status.c>
<Location /server-status>
SetHandler server-status
<IfModule mod_access.c>
Order deny,allow
Deny from all
allow from 127.0.0.1
#Allow from .your_domain.com
</IfModule>
</Location>
#
# ExtendedStatus controls whether Apache will generate "full" status
# information (ExtendedStatus On) or just basic information
(ExtendedStatus
#
Off) when the "server-status" handler is called. The default is Off.
#
#ExtendedStatus On
</IfModule>
#
# Allow remote server configuration reports, with the URL of
# http://servername/server-info (requires that mod_info.c be loaded).
# Change the ".your_domain.com" to match your domain to enable.
#
<IfModule mod_info.c>
<Location /server-info>
SetHandler server-info
<IfModule mod_access.c>
Order deny,allow
Deny from all
allow from 127.0.0.1
# Allow from .your_domain.com
</IfModule>
</Location>
</IfModule>
<IfModule mod_perl.c>
<Location /perl-status>
SetHandler perl-script
<IfDefine !APACHE2>
PerlHandler Apache::Status
</IfDefine>
<IfDefine APACHE2>
PerlResponseHandler Apache::Status
</IfDefine>
<IfModule mod_access.c>
Order deny,allow
Deny from all
Allow from 127.0.0.1
</IfModule>
</Location>
</IfModule>
#
# There have been reports of people trying to abuse an old bug from
pre-1.1
# days. This bug involved a CGI script distributed as a part of Apache.
# By uncommenting these lines you can redirect these attacks to a
logging
# script on phf.apache.org. Or, you can record them yourself, using the
script
# support/phf_abuse_log.cgi.
#
#<Location /cgi-bin/phf*>
# Deny from all
# ErrorDocument 403 http://phf.apache.org/phf_abuse_log.cgi
#</Location>
<IfModule mod_include.c>
# XBitHack on
</IfModule>
#
# This should be changed to whatever you set DocumentRoot to.
#
<Directory /var/www/html>
#
# This may also be "None", "All", or any combination of "Indexes",
# "Includes", "FollowSymLinks", "SymLinksifOwnerMatch", "ExecCGI", or
"MultiViews".
#
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
#
Options -Indexes FollowSymLinks MultiViews
#
# This controls which options the .htaccess files in directories can
# override. Can also be "All", or any combination of "Options",
"FileInfo",
# "AuthConfig", and "Limit"
#
AllowOverride All
#
# Controls who can get stuff from this server.
#
<IfModule mod_access.c>
Order allow,deny
Allow from all
</IfModule>
</Directory>
<Directory
/var/www/perl>
AllowOverride All
Options -Indexes FollowSymLinks MultiViews ExecCGI
<IfModule mod_access.c>
Order allow,deny
Allow from all
</IfModule>
</Directory>
<IfModule mod_cgid.c>
#
# Additional to mod_cgid.c settings, mod_cgid has Scriptsock
<path>
# for setting UNIX socket for communicating with cgid.
#
#Scriptsock /cgisock
</IfModule>
<Directory /var/www/cgi-bin>
AllowOverride All
Options ExecCGI
<IfModule mod_access.c>
Order allow,deny
Allow from all
</IfModule>
</Directory>
<Directory
/var/www/protected-cgi-bin>
AllowOverride All
Options ExecCGI
<IfModule mod_access.c>
Order deny,allow
Deny from all
Allow from 127.0.0.1
#allow from .your_domain.com
</IfModule>
</Directory>
#
# Control access to UserDir directories. The following is an example
# for a site where these directories are restricted to read-only.
#
#<Directory /home/*/public_html>
# AllowOverride FileInfo AuthConfig Limit
# Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
# <Limit GET POST OPTIONS PROPFIND>
# Order allow,deny
# Allow from all
# </Limit>
# <LimitExcept GET POST OPTIONS PROPFIND>
# Order deny,allow
# Deny from all
# </LimitExcept>
#</Directory>
#
These settings are pretty flexible, and allow for Frontpage and XSSI
<Directory /home/*/public_html>
AllowOverride All
Options MultiViews -Indexes Includes FollowSymLinks
<IfModule mod_access.c>
Order allow,deny
Allow from all
</IfModule>
</Directory>
<Directory /home/*/public_html/cgi-bin>
Options +ExecCGI -Includes -Indexes
SetHandler cgi-script
<IfModule mod_access.c>
Order allow,deny
Allow from all
</IfModule>
</Directory>
<IfModule mod_perl.c>
<Directory /home/*/public_html/perl>
SetHandler perl-script
<IfDefine !APACHE2>
PerlHandler Apache::PerlRun
</IfDefine>
<IfDefine APACHE2>
PerlResponseHandler ModPerl::PerlRun
</IfDefine>
Options -Indexes ExecCGI
PerlSendHeader On
<IfModule mod_access.c>
Order allow,deny
Allow from all
</IfModule>
</Directory>
</IfModule>
<Directory
/var/www/icons>
Options -Indexes MultiViews
AllowOverride None
<IfModule mod_access.c>
Order allow,deny
Allow from all
</IfModule>
</Directory>
<Directory
/usr/share/doc>
Options Indexes FollowSymLinks
<IfModule mod_access.c>
Order deny,allow
Deny from all
Allow from 127.0.0.1
#allow from .your_domain.com
</IfModule>
</Directory>
<Directory
/var/www/html/addon-modules>
Options Indexes FollowSymLinks
</Directory>
<Location /index.shtml>
Options +Includes
</Location>
<IfModule mod_perl.c>
<IfDefine !APACHE2>
PerlModule Apache::Registry
</IfDefine>
#set Apache::Registry Mode for /perl Alias
<Location /perl/*.pl>
SetHandler perl-script
<IfDefine !APACHE2>
PerlHandler Apache::Registry
</IfDefine>
<IfDefine APACHE2>
PerlResponseHandler ModPerl::Registry
</IfDefine>
Options -Indexes ExecCGI
PerlSendHeader On
</Location>
#set Apache::PerlRun Mode for /cgi-perl Alias
<Location /cgi-perl/*.pl>
SetHandler perl-script
<IfDefine !APACHE2>
PerlHandler Apache::PerlRun
</IfDefine>
<IfDefine APACHE2>
PerlResponseHandler ModPerl::PerlRun
</IfDefine>
Options -Indexes ExecCGI
PerlSendHeader On
</Location>
</IfModule>
|
