Server Installation/Apache: Unterschied zwischen den Versionen
Aus Opennet
(→Ablauf) |
(→Default Config) |
||
Zeile 75: | Zeile 75: | ||
ServerSignature Off | ServerSignature Off | ||
TraceEnable Off | TraceEnable Off | ||
+ | |||
+ | * /etc/apache2/sites-enabled/000-default | ||
+ | <VirtualHost *:80> | ||
+ | ServerAdmin admin@opennet-initiative.de | ||
+ | DocumentRoot /var/www | ||
+ | <Directory /> | ||
+ | Options FollowSymLinks | ||
+ | AllowOverride None | ||
+ | </Directory> | ||
+ | <Directory /var/www/> | ||
+ | Options Indexes FollowSymLinks MultiViews | ||
+ | AllowOverride None | ||
+ | Order allow,deny | ||
+ | allow from all | ||
+ | </Directory> | ||
+ | ErrorLog ${APACHE_LOG_DIR}/error.log | ||
+ | # Possible values include: debug, info, notice, warn, error, crit, | ||
+ | # alert, emerg. | ||
+ | LogLevel warn | ||
+ | CustomLog ${APACHE_LOG_DIR}/access.log combined | ||
+ | </VirtualHost> | ||
+ | |||
+ | * /etc/apache2/sites-enabled/001-default-ssl | ||
+ | <IfModule mod_ssl.c> | ||
+ | <VirtualHost _default_:443> | ||
+ | ServerAdmin admin@opennet-initiative.de | ||
+ | DocumentRoot /var/www | ||
+ | <Directory /> | ||
+ | Options FollowSymLinks | ||
+ | AllowOverride None | ||
+ | </Directory> | ||
+ | <Directory /var/www/> | ||
+ | Options Indexes FollowSymLinks MultiViews | ||
+ | AllowOverride None | ||
+ | Order allow,deny | ||
+ | allow from all | ||
+ | </Directory> | ||
+ | ErrorLog ${APACHE_LOG_DIR}/error.log | ||
+ | # Possible values include: debug, info, notice, warn, error, crit, | ||
+ | # alert, emerg. | ||
+ | LogLevel warn | ||
+ | CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined | ||
+ | SSLEngine on | ||
+ | SSLCertificateFile /etc/ssl/aqua.opennet-initiative.de_certchain.crt | ||
+ | SSLCertificateKeyFile /etc/ssl/private/aqua.opennet-initiative.de.key | ||
+ | SSLCertificateChainFile /etc/ssl/certs/opennet-server_certchain.pem | ||
+ | <FilesMatch "\.(cgi|shtml|phtml|php)$"> | ||
+ | SSLOptions +StdEnvVars | ||
+ | </FilesMatch> | ||
+ | <Directory /usr/lib/cgi-bin> | ||
+ | SSLOptions +StdEnvVars | ||
+ | </Directory> | ||
+ | BrowserMatch "MSIE [2-6]" \ | ||
+ | nokeepalive ssl-unclean-shutdown \ | ||
+ | downgrade-1.0 force-response-1.0 | ||
+ | BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown | ||
+ | </VirtualHost> | ||
+ | </IfModule> | ||
+ | |||
[[Kategorie:Server]] | [[Kategorie:Server]] |
Version vom 5. April 2014, 16:49 Uhr
Protokoll | Host | VHost/Path | Service | Bemerkung |
---|---|---|---|---|
HTTPS | www | *opennet-initiative.de/transfer | WebDAV | Umziehen? Ehem. transfer., webdav. existiert |
HTTP(S) | www | www.opennet-initiative.de/ | Redirect -> wiki | |
HTTP(S) | www | www.opennet-initiative.de/download | Download | OK. |
HTTP(S) | www | www.opennet-initiative.de/gallery/ | Gallery Rewrite | |
HTTP(S) | www | www.opennet-initiative.de/graphen/ | Graph Rewrite | |
HTTP(S) | www | list.opennet-initiative.de | Mailman Rewrite | |
HTTP(S) | www | mail.opennet-initiative.de/mail | ?? | |
HTTP(S) | www | mail.opennet-initiative.de/service | ?? | |
HTTP(S) | www | olsr.opennet-initiative.de | SSID Rewrite | Löschen? |
HTTP(S) | www | www.opennet-initiative.de/forum | Forum Rewrite | Löschen |
HTTP(S) | wiki | wiki.opennet-initiative.de/wiki/ | MediaWiki Rewrite |
Default Config
- /etc/apache2/conf.d/security
ServerTokens Prod ServerSignature Off TraceEnable Off
- /etc/apache2/sites-enabled/000-default
<VirtualHost *:80> ServerAdmin admin@opennet-initiative.de
DocumentRoot /var/www <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
- /etc/apache2/sites-enabled/001-default-ssl
<IfModule mod_ssl.c> <VirtualHost _default_:443>
ServerAdmin admin@opennet-initiative.de DocumentRoot /var/www <Directory /> Options FollowSymLinks AllowOverride None </Directory> <Directory /var/www/> Options Indexes FollowSymLinks MultiViews AllowOverride None Order allow,deny allow from all </Directory> ErrorLog ${APACHE_LOG_DIR}/error.log # Possible values include: debug, info, notice, warn, error, crit, # alert, emerg. LogLevel warn CustomLog ${APACHE_LOG_DIR}/ssl_access.log combined SSLEngine on SSLCertificateFile /etc/ssl/aqua.opennet-initiative.de_certchain.crt SSLCertificateKeyFile /etc/ssl/private/aqua.opennet-initiative.de.key SSLCertificateChainFile /etc/ssl/certs/opennet-server_certchain.pem <FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars </FilesMatch> <Directory /usr/lib/cgi-bin> SSLOptions +StdEnvVars </Directory> BrowserMatch "MSIE [2-6]" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown </VirtualHost>
</IfModule>