| commit | author | age | ||
| b4c750 | 1 | ###################################################### |
| T | 2 | # This virtual host contains the configuration |
| 3 | # for the ISPConfig controlpanel | |
| 4 | ###################################################### | |
| 5 | ||
| ccbf14 | 6 | <tmpl_var name="vhost_port_listen"> Listen <tmpl_var name="vhost_port"> |
| TB | 7 | NameVirtualHost *:<tmpl_var name="vhost_port"> |
| b4c750 | 8 | |
| ccbf14 | 9 | <VirtualHost _default_:<tmpl_var name="vhost_port">> |
| 2fe2c7 | 10 | ServerAdmin webmaster@localhost |
| R | 11 | |
| bfcdef | 12 | <FilesMatch "\.ph(p3?|tml)$"> |
| T | 13 | SetHandler None |
| 14 | </FilesMatch> | |
| 15 | ||
| 9787a0 | 16 | <IfModule mod_fcgid.c> |
| 0731a3 | 17 | DocumentRoot /var/www/ispconfig/ |
| 2fe2c7 | 18 | SuexecUserGroup ispconfig ispconfig |
| 0731a3 | 19 | <Directory /var/www/ispconfig/> |
| 5545f1 | 20 | Options -Indexes +FollowSymLinks +MultiViews +ExecCGI |
| 2fe2c7 | 21 | AllowOverride AuthConfig Indexes Limit Options FileInfo |
| 3bc1e1 | 22 | <FilesMatch "\.php$"> |
| MC | 23 | SetHandler fcgid-script |
| 24 | </FilesMatch> | |
| 0731a3 | 25 | FCGIWrapper /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter .php |
| ccbf14 | 26 | <tmpl_if name='apache_version' op='>' value='2.2' format='version'> |
| TB | 27 | Require all granted |
| 28 | <tmpl_else> | |
| 2fe2c7 | 29 | Order allow,deny |
| R | 30 | Allow from all |
| ccbf14 | 31 | </tmpl_if> |
| 2fe2c7 | 32 | </Directory> |
| 10b4c8 | 33 | IPCCommTimeout 7200 |
| 3f478f | 34 | MaxRequestLen 15728640 |
| 2fe2c7 | 35 | </IfModule> |
| R | 36 | |
| cc6568 | 37 | <IfModule mpm_itk_module> |
| H | 38 | DocumentRoot /usr/local/ispconfig/interface/web/ |
| 39 | AssignUserId ispconfig ispconfig | |
| 40 | AddType application/x-httpd-php .php | |
| 41 | <Directory /usr/local/ispconfig/interface/web> | |
| 42 | # php_admin_value open_basedir "/usr/local/ispconfig/interface:/usr/share:/tmp" | |
| 5545f1 | 43 | Options +FollowSymLinks |
| cc6568 | 44 | AllowOverride None |
| ccbf14 | 45 | <tmpl_if name='apache_version' op='>' value='2.2' format='version'> |
| TB | 46 | Require all granted |
| 47 | <tmpl_else> | |
| cc6568 | 48 | Order allow,deny |
| H | 49 | Allow from all |
| ccbf14 | 50 | </tmpl_if> |
| cc6568 | 51 | php_value magic_quotes_gpc 0 |
| H | 52 | </Directory> |
| 53 | </IfModule> | |
| 2fe2c7 | 54 | |
| R | 55 | # ErrorLog /var/log/apache2/error.log |
| 56 | # CustomLog /var/log/apache2/access.log combined | |
| 57 | ServerSignature Off | |
| cab924 | 58 | |
| T | 59 | <IfModule mod_security2.c> |
| 60 | SecRuleEngine Off | |
| 61 | </IfModule> | |
| 62 | ||
| 4ae2a0 | 63 | # SSL Configuration |
| ccbf14 | 64 | <tmpl_var name="ssl_comment">SSLEngine On |
| 53124e | 65 | <tmpl_var name="ssl_comment">SSLProtocol All -SSLv2 -SSLv3 |
| ccbf14 | 66 | <tmpl_var name="ssl_comment">SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt |
| TB | 67 | <tmpl_var name="ssl_comment">SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/ispserver.key |
| 68 | <tmpl_var name="ssl_bundle_comment">SSLCACertificateFile /usr/local/ispconfig/interface/ssl/ispserver.bundle | |
| a014c2 | 69 | |
| 982cb6 | 70 | <tmpl_var name="ssl_comment">SSLCipherSuite ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4 |
| d85994 | 71 | <tmpl_var name="ssl_comment">SSLHonorCipherOrder On |
| C | 72 | |
| 73 | <IfModule mod_headers.c> | |
| 74 | Header always add Strict-Transport-Security "max-age=15768000" | |
| 75 | </IfModule> | |
| 76 | ||
| 77 | <tmpl_if name='apache_version' op='>=' value='2.4' format='version'> | |
| 78 | <tmpl_var name="ssl_comment">SSLUseStapling on | |
| 79 | <tmpl_var name="ssl_comment">SSLStaplingResponderTimeout 5 | |
| 80 | <tmpl_var name="ssl_comment">SSLStaplingReturnResponderErrors off | |
| 81 | </tmpl_if> | |
| 313e33 | 82 | </VirtualHost> |
| T | 83 | |
| d85994 | 84 | <tmpl_if name='apache_version' op='>=' value='2.4' format='version'> |
| C | 85 | <IfModule mod_ssl.c> |
| 86 | <tmpl_var name="ssl_comment">SSLStaplingCache shmcb:/var/run/ocsp(128000) | |
| 87 | </IfModule> | |
| 88 | </tmpl_if> | |
| 89 | ||
| e9a25c | 90 | <Directory /var/www/php-cgi-scripts> |
| T | 91 | AllowOverride None |
| ccbf14 | 92 | <tmpl_if name='apache_version' op='>' value='2.2' format='version'> |
| TB | 93 | Require all denied |
| 94 | <tmpl_else> | |
| e9a25c | 95 | Order Deny,Allow |
| T | 96 | Deny from all |
| ccbf14 | 97 | </tmpl_if> |
| e9a25c | 98 | </Directory> |
| T | 99 | |
| 100 | <Directory /var/www/php-fcgi-scripts> | |
| 101 | AllowOverride None | |
| ccbf14 | 102 | <tmpl_if name='apache_version' op='>' value='2.2' format='version'> |
| TB | 103 | Require all denied |
| 104 | <tmpl_else> | |
| e9a25c | 105 | Order Deny,Allow |
| T | 106 | Deny from all |
| ccbf14 | 107 | </tmpl_if> |
| 982cb6 | 108 | </Directory> |
