commit | author | age
|
b4c750
|
1 |
###################################################### |
T |
2 |
# This virtual host contains the configuration |
|
3 |
# for the ISPConfig controlpanel |
|
4 |
###################################################### |
|
5 |
|
ccbf14
|
6 |
<tmpl_var name="vhost_port_listen"> Listen <tmpl_var name="vhost_port"> |
TB |
7 |
NameVirtualHost *:<tmpl_var name="vhost_port"> |
b4c750
|
8 |
|
ccbf14
|
9 |
<VirtualHost _default_:<tmpl_var name="vhost_port">> |
2fe2c7
|
10 |
ServerAdmin webmaster@localhost |
6e0b35
|
11 |
|
bfcdef
|
12 |
<FilesMatch "\.ph(p3?|tml)$"> |
T |
13 |
SetHandler None |
|
14 |
</FilesMatch> |
6e0b35
|
15 |
|
9787a0
|
16 |
<IfModule mod_fcgid.c> |
0731a3
|
17 |
DocumentRoot /var/www/ispconfig/ |
2fe2c7
|
18 |
SuexecUserGroup ispconfig ispconfig |
0731a3
|
19 |
<Directory /var/www/ispconfig/> |
5545f1
|
20 |
Options -Indexes +FollowSymLinks +MultiViews +ExecCGI |
2fe2c7
|
21 |
AllowOverride AuthConfig Indexes Limit Options FileInfo |
6e0b35
|
22 |
<FilesMatch "\.php$"> |
C |
23 |
SetHandler fcgid-script |
|
24 |
</FilesMatch> |
0731a3
|
25 |
FCGIWrapper /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter .php |
ccbf14
|
26 |
<tmpl_if name='apache_version' op='>' value='2.2' format='version'> |
6e0b35
|
27 |
Require all granted |
C |
28 |
<tmpl_else> |
2fe2c7
|
29 |
Order allow,deny |
R |
30 |
Allow from all |
6e0b35
|
31 |
</tmpl_if> |
2fe2c7
|
32 |
</Directory> |
10b4c8
|
33 |
IPCCommTimeout 7200 |
6e0b35
|
34 |
MaxRequestLen 15728640 |
2fe2c7
|
35 |
</IfModule> |
6e0b35
|
36 |
|
cc6568
|
37 |
<IfModule mpm_itk_module> |
H |
38 |
DocumentRoot /usr/local/ispconfig/interface/web/ |
6e0b35
|
39 |
AssignUserId ispconfig ispconfig |
cc6568
|
40 |
AddType application/x-httpd-php .php |
H |
41 |
<Directory /usr/local/ispconfig/interface/web> |
|
42 |
# php_admin_value open_basedir "/usr/local/ispconfig/interface:/usr/share:/tmp" |
5545f1
|
43 |
Options +FollowSymLinks |
cc6568
|
44 |
AllowOverride None |
ccbf14
|
45 |
<tmpl_if name='apache_version' op='>' value='2.2' format='version'> |
6e0b35
|
46 |
Require all granted |
C |
47 |
<tmpl_else> |
cc6568
|
48 |
Order allow,deny |
H |
49 |
Allow from all |
6e0b35
|
50 |
</tmpl_if> |
C |
51 |
php_value magic_quotes_gpc 0 |
cc6568
|
52 |
</Directory> |
H |
53 |
</IfModule> |
6e0b35
|
54 |
|
2fe2c7
|
55 |
# ErrorLog /var/log/apache2/error.log |
R |
56 |
# CustomLog /var/log/apache2/access.log combined |
|
57 |
ServerSignature Off |
6e0b35
|
58 |
|
cab924
|
59 |
<IfModule mod_security2.c> |
T |
60 |
SecRuleEngine Off |
|
61 |
</IfModule> |
|
62 |
|
4ae2a0
|
63 |
# SSL Configuration |
ccbf14
|
64 |
<tmpl_var name="ssl_comment">SSLEngine On |
473f06
|
65 |
<tmpl_if name='apache_version' op='>=' value='2.3.16' format='version'> |
C |
66 |
<tmpl_var name="ssl_comment">SSLProtocol All -SSLv3 |
|
67 |
<tmpl_else> |
53124e
|
68 |
<tmpl_var name="ssl_comment">SSLProtocol All -SSLv2 -SSLv3 |
473f06
|
69 |
</tmpl_if> |
ccbf14
|
70 |
<tmpl_var name="ssl_comment">SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt |
TB |
71 |
<tmpl_var name="ssl_comment">SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/ispserver.key |
|
72 |
<tmpl_var name="ssl_bundle_comment">SSLCACertificateFile /usr/local/ispconfig/interface/ssl/ispserver.bundle |
a014c2
|
73 |
|
473f06
|
74 |
<tmpl_var name="ssl_comment">SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS |
d85994
|
75 |
<tmpl_var name="ssl_comment">SSLHonorCipherOrder On |
473f06
|
76 |
<tmpl_if name='apache_version' op='>=' value='2.4.3' format='version'> |
C |
77 |
<tmpl_var name="ssl_comment">SSLCompression Off |
|
78 |
</tmpl_if> |
|
79 |
<tmpl_if name='apache_version' op='>=' value='2.4.11' format='version'> |
|
80 |
<tmpl_var name="ssl_comment">SSLSessionTickets Off |
|
81 |
</tmpl_if> |
d85994
|
82 |
|
C |
83 |
<IfModule mod_headers.c> |
|
84 |
Header always add Strict-Transport-Security "max-age=15768000" |
|
85 |
</IfModule> |
|
86 |
|
473f06
|
87 |
<tmpl_if name='apache_version' op='>=' value='2.3.3' format='version'> |
C |
88 |
<tmpl_var name="ssl_comment">SSLUseStapling On |
|
89 |
<tmpl_var name="ssl_comment">SSLStaplingResponderTimeout 5 |
|
90 |
<tmpl_var name="ssl_comment">SSLStaplingReturnResponderErrors Off |
|
91 |
</tmpl_if> |
313e33
|
92 |
</VirtualHost> |
T |
93 |
|
473f06
|
94 |
<tmpl_if name='apache_version' op='>=' value='2.3.3' format='version'> |
d85994
|
95 |
<IfModule mod_ssl.c> |
C |
96 |
<tmpl_var name="ssl_comment">SSLStaplingCache shmcb:/var/run/ocsp(128000) |
|
97 |
</IfModule> |
|
98 |
</tmpl_if> |
|
99 |
|
e9a25c
|
100 |
<Directory /var/www/php-cgi-scripts> |
6e0b35
|
101 |
AllowOverride None |
C |
102 |
<tmpl_if name='apache_version' op='>' value='2.2' format='version'> |
|
103 |
Require all denied |
|
104 |
<tmpl_else> |
|
105 |
Order Deny,Allow |
|
106 |
Deny from all |
|
107 |
</tmpl_if> |
e9a25c
|
108 |
</Directory> |
T |
109 |
|
|
110 |
<Directory /var/www/php-fcgi-scripts> |
6e0b35
|
111 |
AllowOverride None |
C |
112 |
<tmpl_if name='apache_version' op='>' value='2.2' format='version'> |
|
113 |
Require all denied |
|
114 |
<tmpl_else> |
|
115 |
Order Deny,Allow |
|
116 |
Deny from all |
|
117 |
</tmpl_if> |
|
118 |
</Directory> |