| |
@@ -1,94 +1,80 @@
|
| |
ServerRoot "${HTTPROOT}"
|
| |
ServerName ${NAME}.ipsilon.dev
|
| |
|
| |
- LoadModule access_compat_module modules/mod_access_compat.so
|
| |
- LoadModule actions_module modules/mod_actions.so
|
| |
- LoadModule alias_module modules/mod_alias.so
|
| |
- LoadModule allowmethods_module modules/mod_allowmethods.so
|
| |
- LoadModule auth_basic_module modules/mod_auth_basic.so
|
| |
- #LoadModule auth_digest_module modules/mod_auth_digest.so
|
| |
- LoadModule authn_anon_module modules/mod_authn_anon.so
|
| |
- LoadModule authn_core_module modules/mod_authn_core.so
|
| |
- LoadModule authn_dbd_module modules/mod_authn_dbd.so
|
| |
- LoadModule authn_dbm_module modules/mod_authn_dbm.so
|
| |
LoadModule authn_file_module modules/mod_authn_file.so
|
| |
- LoadModule authn_socache_module modules/mod_authn_socache.so
|
| |
- LoadModule authz_core_module modules/mod_authz_core.so
|
| |
- LoadModule authz_dbd_module modules/mod_authz_dbd.so
|
| |
- LoadModule authz_dbm_module modules/mod_authz_dbm.so
|
| |
- LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
|
| |
- LoadModule authz_host_module modules/mod_authz_host.so
|
| |
- LoadModule authz_owner_module modules/mod_authz_owner.so
|
| |
+ LoadModule authn_anon_module modules/mod_authn_anon.so
|
| |
LoadModule authz_user_module modules/mod_authz_user.so
|
| |
- LoadModule autoindex_module modules/mod_autoindex.so
|
| |
- LoadModule cache_module modules/mod_cache.so
|
| |
- LoadModule cache_disk_module modules/mod_cache_disk.so
|
| |
- LoadModule data_module modules/mod_data.so
|
| |
- LoadModule dbd_module modules/mod_dbd.so
|
| |
- LoadModule deflate_module modules/mod_deflate.so
|
| |
- LoadModule dir_module modules/mod_dir.so
|
| |
- LoadModule dumpio_module modules/mod_dumpio.so
|
| |
- LoadModule echo_module modules/mod_echo.so
|
| |
+ LoadModule authz_host_module modules/mod_authz_host.so
|
| |
+ LoadModule include_module modules/mod_include.so
|
| |
+ LoadModule log_config_module modules/mod_log_config.so
|
| |
LoadModule env_module modules/mod_env.so
|
| |
- LoadModule expires_module modules/mod_expires.so
|
| |
LoadModule ext_filter_module modules/mod_ext_filter.so
|
| |
- LoadModule filter_module modules/mod_filter.so
|
| |
+ LoadModule expires_module modules/mod_expires.so
|
| |
LoadModule headers_module modules/mod_headers.so
|
| |
- LoadModule include_module modules/mod_include.so
|
| |
- LoadModule info_module modules/mod_info.so
|
| |
- LoadModule log_config_module modules/mod_log_config.so
|
| |
- LoadModule logio_module modules/mod_logio.so
|
| |
- LoadModule macro_module modules/mod_macro.so
|
| |
- LoadModule mime_magic_module modules/mod_mime_magic.so
|
| |
LoadModule mime_module modules/mod_mime.so
|
| |
- LoadModule negotiation_module modules/mod_negotiation.so
|
| |
- LoadModule remoteip_module modules/mod_remoteip.so
|
| |
- LoadModule reqtimeout_module modules/mod_reqtimeout.so
|
| |
- LoadModule rewrite_module modules/mod_rewrite.so
|
| |
- LoadModule setenvif_module modules/mod_setenvif.so
|
| |
- LoadModule slotmem_plain_module modules/mod_slotmem_plain.so
|
| |
- LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
|
| |
- LoadModule socache_dbm_module modules/mod_socache_dbm.so
|
| |
- LoadModule socache_memcache_module modules/mod_socache_memcache.so
|
| |
- LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
|
| |
LoadModule status_module modules/mod_status.so
|
| |
+ LoadModule negotiation_module modules/mod_negotiation.so
|
| |
+ LoadModule dir_module modules/mod_dir.so
|
| |
LoadModule ssl_module modules/mod_ssl.so
|
| |
- LoadModule substitute_module modules/mod_substitute.so
|
| |
- LoadModule suexec_module modules/mod_suexec.so
|
| |
- LoadModule unique_id_module modules/mod_unique_id.so
|
| |
- LoadModule unixd_module modules/mod_unixd.so
|
| |
- LoadModule userdir_module modules/mod_userdir.so
|
| |
+ LoadModule alias_module modules/mod_alias.so
|
| |
+ LoadModule rewrite_module modules/mod_rewrite.so
|
| |
LoadModule version_module modules/mod_version.so
|
| |
- LoadModule vhost_alias_module modules/mod_vhost_alias.so
|
| |
-
|
| |
- LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
|
| |
LoadModule wsgi_module modules/mod_wsgi.so
|
| |
- LoadModule auth_gssapi_module modules/mod_auth_gssapi.so
|
| |
# openidc needs to be before mellon: https://bugzilla.redhat.com/show_bug.cgi?id=1332729
|
| |
LoadModule auth_openidc_module modules/mod_auth_openidc.so
|
| |
- LoadModule auth_mellon_module modules/mod_auth_mellon.so
|
| |
|
| |
Listen ${HTTPADDR}:${HTTPPORT} https
|
| |
SSLCertificateFile "${CERTROOT}/${NAME}.pem"
|
| |
SSLCertificateKeyFile "${CERTROOT}/${NAME}.key"
|
| |
SSLEngine on
|
| |
|
| |
+ <IfVersion < 2.4>
|
| |
+ LoadModule auth_kerb_module modules/mod_auth_kerb.so
|
| |
+ </IfVersion>
|
| |
+ <IfVersion >= 2.4>
|
| |
+ LoadModule authn_core_module modules/mod_authn_core.so
|
| |
+ LoadModule authz_core_module modules/mod_authz_core.so
|
| |
+ LoadModule unixd_module modules/mod_unixd.so
|
| |
+ LoadModule mpm_prefork_module modules/mod_mpm_prefork.so
|
| |
+ LoadModule auth_gssapi_module modules/mod_auth_gssapi.so
|
| |
+ </IfVersion>
|
| |
+
|
| |
+ # This needs to be loaded last
|
| |
+ LoadModule auth_mellon_module modules/mod_auth_mellon.so
|
| |
|
| |
<Directory />
|
| |
AllowOverride none
|
| |
- Require all denied
|
| |
+ <IfModule mod_authz_core.c>
|
| |
+ Require all denied
|
| |
+ </IfModule>
|
| |
+ <IfModule !mod_authz_core.c>
|
| |
+ Order Allow,Deny
|
| |
+ Deny from All
|
| |
+ </IfModule>
|
| |
</Directory>
|
| |
|
| |
DocumentRoot "${HTTPROOT}/html"
|
| |
<Directory "${HTTPROOT}">
|
| |
AllowOverride None
|
| |
# Allow open access:
|
| |
- Require all granted
|
| |
+ <IfModule mod_authz_core.c>
|
| |
+ Require all granted
|
| |
+ </IfModule>
|
| |
+ <IfModule !mod_authz_core.c>
|
| |
+ Order Allow,Deny
|
| |
+ Allow from All
|
| |
+ </IfModule>
|
| |
</Directory>
|
| |
<Directory "${HTTPROOT}/html">
|
| |
Options Indexes FollowSymLinks
|
| |
AllowOverride None
|
| |
- Require all granted
|
| |
+ <IfModule mod_authz_core.c>
|
| |
+ Require all granted
|
| |
+ </IfModule>
|
| |
+ <IfModule !mod_authz_core.c>
|
| |
+ Order Allow,Deny
|
| |
+ Allow from All
|
| |
+ </IfModule>
|
| |
</Directory>
|
| |
|
| |
<IfModule dir_module>
|
| |
@@ -96,7 +82,13 @@
|
| |
</IfModule>
|
| |
|
| |
<Files ".ht*">
|
| |
- Require all denied
|
| |
+ <IfModule mod_authz_core.c>
|
| |
+ Require all denied
|
| |
+ </IfModule>
|
| |
+ <IfModule !mod_authz_core.c>
|
| |
+ Order Allow,Deny
|
| |
+ Deny from All
|
| |
+ </IfModule>
|
| |
</Files>
|
| |
|
| |
PidFile "${HTTPROOT}/logs/httpd.pid"
|
| |
@@ -119,6 +111,6 @@
|
| |
|
| |
AddDefaultCharset UTF-8
|
| |
|
| |
- IncludeOptional conf.d/*.conf
|
| |
+ Include conf.d/*.conf
|
| |
|
| |
CoreDumpDirectory /tmp
|
| |
This is needed on Apache 2.2. I checked and confirmed that this is the default on Apache 2.4.