Permalink
Cannot retrieve contributors at this time
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
canvas-demo-techex17/test-app/httpd/conf/httpd.conf
Go to fileThis commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
154 lines (118 sloc)
3.94 KB
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ServerRoot "/etc/httpd" | |
Include conf.modules.d/*.conf | |
User apache | |
Group apache | |
UseCanonicalName On | |
ServerAdmin tier-api@lists.internet2.edu | |
ServerSignature Off | |
ServerTokens ProductOnly | |
<Directory /> | |
AllowOverride none | |
Require all denied | |
</Directory> | |
DocumentRoot "/var/www/html" | |
<Directory "/var/www"> | |
AllowOverride None | |
# Allow open access: | |
Require all granted | |
</Directory> | |
# Further relax access to the default document root: | |
<Directory "/var/www/html"> | |
Options Indexes FollowSymLinks | |
AllowOverride None | |
Require all granted | |
</Directory> | |
<IfModule dir_module> | |
DirectoryIndex index.html | |
</IfModule> | |
<Files ".ht*"> | |
Require all denied | |
</Files> | |
# ErrorLog "logs/error_log" | |
ErrorLog "|/usr/sbin/rotatelogs /var/log/error_log.%Y-%m-%d-%H_%M_%S 5M" | |
CustomLog "|/usr/sbin/rotatelogs /var/log/httpd/access_log.%Y-%m-%d.log 86400" combined | |
LogLevel warn | |
<IfModule log_config_module> | |
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined | |
LogFormat "%h %l %u %t \"%r\" %>s %b" common | |
<IfModule logio_module> | |
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio | |
</IfModule> | |
</IfModule> | |
<IfModule alias_module> | |
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/" | |
</IfModule> | |
<Directory "/var/www/cgi-bin"> | |
AllowOverride None | |
Options None | |
Require all granted | |
</Directory> | |
<IfModule mime_module> | |
TypesConfig /etc/mime.types | |
AddType application/x-compress .Z | |
AddType application/x-gzip .gz .tgz | |
AddType text/html .shtml | |
AddOutputFilter INCLUDES .shtml | |
</IfModule> | |
AddDefaultCharset UTF-8 | |
<IfModule mime_magic_module> | |
MIMEMagicFile conf/magic | |
</IfModule> | |
<IfModule mod_ssl.c> | |
SSLProtocol +ALL -SSLv3 -SSLv2 | |
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS | |
SSLHonorCipherOrder On | |
SSLCompression Off | |
SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog | |
SSLSessionCache shmcb:/run/httpd/sslcache(512000) | |
SSLSessionCacheTimeout 300 | |
SSLRandomSeed startup file:/dev/urandom 1024 | |
SSLRandomSeed connect file:/dev/urandom 1024 | |
SSLRandomSeed connect builtin | |
SSLCryptoDevice builtin | |
</IfModule> | |
# Worker configurations | |
<IfModule prefork.c> | |
StartServers 50 | |
MinSpareServers 15 | |
MaxSpareServers 50 | |
ServerLimit 400 | |
MaxClients 350 | |
MaxRequestsPerChild 6000 | |
</IfModule> | |
<IfModule worker.c> | |
StartServers 2 | |
ServerLimit 16 | |
MaxClients 1024 | |
MinSpareThreads 64 | |
MaxSpareThreads 128 | |
ThreadsPerChild 64 | |
MaxRequestsPerChild 100 | |
</IfModule> | |
<IfModule event.c> | |
StartServers 2 | |
ServerLimit 16 | |
MaxClients 1024 | |
MinSpareThreads 64 | |
MaxSpareThreads 128 | |
ThreadsPerChild 64 | |
MaxRequestsPerChild 100 | |
</IfModule> | |
<Location "/server-status"> | |
SetHandler server-status | |
</Location> | |
# | |
# Customizable error responses come in three flavors: | |
# 1) plain text 2) local redirects 3) external redirects | |
# | |
# Some examples: | |
#ErrorDocument 500 "The server made a boo boo." | |
#ErrorDocument 404 /missing.html | |
#ErrorDocument 404 "/cgi-bin/missing_handler.pl" | |
#ErrorDocument 402 http://www.example.com/subscription_info.html | |
# | |
EnableMMAP off | |
EnableSendfile off | |
# Remove Proxy header, resolves CVE-2016-5387 | |
RequestHeader unset Proxy early | |
IncludeOptional conf.d/*.conf |