Skip to content
Permalink
6bb982f099
Go to file
 
 
Cannot retrieve contributors at this time
154 lines (118 sloc) 3.94 KB
ServerRoot "/etc/httpd"
Include conf.modules.d/*.conf
User apache
Group apache
UseCanonicalName On
ServerAdmin tier-api@lists.internet2.edu
ServerSignature Off
ServerTokens ProductOnly
<Directory />
AllowOverride none
Require all denied
</Directory>
DocumentRoot "/var/www/html"
<Directory "/var/www">
AllowOverride None
# Allow open access:
Require all granted
</Directory>
# Further relax access to the default document root:
<Directory "/var/www/html">
Options Indexes FollowSymLinks
AllowOverride None
Require all granted
</Directory>
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
<Files ".ht*">
Require all denied
</Files>
# ErrorLog "logs/error_log"
ErrorLog "|/usr/sbin/rotatelogs /var/log/error_log.%Y-%m-%d-%H_%M_%S 5M"
CustomLog "|/usr/sbin/rotatelogs /var/log/httpd/access_log.%Y-%m-%d.log 86400" combined
LogLevel warn
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
</IfModule>
</IfModule>
<IfModule alias_module>
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
</IfModule>
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Require all granted
</Directory>
<IfModule mime_module>
TypesConfig /etc/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
</IfModule>
AddDefaultCharset UTF-8
<IfModule mime_magic_module>
MIMEMagicFile conf/magic
</IfModule>
<IfModule mod_ssl.c>
SSLProtocol +ALL -SSLv3 -SSLv2
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
SSLHonorCipherOrder On
SSLCompression Off
SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
SSLSessionCache shmcb:/run/httpd/sslcache(512000)
SSLSessionCacheTimeout 300
SSLRandomSeed startup file:/dev/urandom 1024
SSLRandomSeed connect file:/dev/urandom 1024
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
</IfModule>
# Worker configurations
<IfModule prefork.c>
StartServers 50
MinSpareServers 15
MaxSpareServers 50
ServerLimit 400
MaxClients 350
MaxRequestsPerChild 6000
</IfModule>
<IfModule worker.c>
StartServers 2
ServerLimit 16
MaxClients 1024
MinSpareThreads 64
MaxSpareThreads 128
ThreadsPerChild 64
MaxRequestsPerChild 100
</IfModule>
<IfModule event.c>
StartServers 2
ServerLimit 16
MaxClients 1024
MinSpareThreads 64
MaxSpareThreads 128
ThreadsPerChild 64
MaxRequestsPerChild 100
</IfModule>
<Location "/server-status">
SetHandler server-status
</Location>
#
# Customizable error responses come in three flavors:
# 1) plain text 2) local redirects 3) external redirects
#
# Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
#
EnableMMAP off
EnableSendfile off
# Remove Proxy header, resolves CVE-2016-5387
RequestHeader unset Proxy early
IncludeOptional conf.d/*.conf
You can’t perform that action at this time.