| commit | author | age | ||
| b4c750 | 1 | ###################################################### |
| T | 2 | # This virtual host contains the configuration |
| 3 | # for the ISPConfig controlpanel | |
| 4 | ###################################################### | |
| 5 | ||
| ccbf14 | 6 | <tmpl_var name="vhost_port_listen"> Listen <tmpl_var name="vhost_port"> |
| TB | 7 | NameVirtualHost *:<tmpl_var name="vhost_port"> |
| b4c750 | 8 | |
| ccbf14 | 9 | <VirtualHost _default_:<tmpl_var name="vhost_port">> |
| 2fe2c7 | 10 | ServerAdmin webmaster@localhost |
| 6e0b35 | 11 | |
| bfcdef | 12 | <FilesMatch "\.ph(p3?|tml)$"> |
| T | 13 | SetHandler None |
| 14 | </FilesMatch> | |
| 6e0b35 | 15 | |
| 9787a0 | 16 | <IfModule mod_fcgid.c> |
| 0731a3 | 17 | DocumentRoot /var/www/ispconfig/ |
| 2fe2c7 | 18 | SuexecUserGroup ispconfig ispconfig |
| 0731a3 | 19 | <Directory /var/www/ispconfig/> |
| 5545f1 | 20 | Options -Indexes +FollowSymLinks +MultiViews +ExecCGI |
| 2fe2c7 | 21 | AllowOverride AuthConfig Indexes Limit Options FileInfo |
| 6e0b35 | 22 | <FilesMatch "\.php$"> |
| C | 23 | SetHandler fcgid-script |
| 24 | </FilesMatch> | |
| 0731a3 | 25 | FCGIWrapper /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter .php |
| ccbf14 | 26 | <tmpl_if name='apache_version' op='>' value='2.2' format='version'> |
| 6e0b35 | 27 | Require all granted |
| C | 28 | <tmpl_else> |
| 2fe2c7 | 29 | Order allow,deny |
| R | 30 | Allow from all |
| 6e0b35 | 31 | </tmpl_if> |
| 2fe2c7 | 32 | </Directory> |
| 10b4c8 | 33 | IPCCommTimeout 7200 |
| 6e0b35 | 34 | MaxRequestLen 15728640 |
| 2fe2c7 | 35 | </IfModule> |
| 6e0b35 | 36 | |
| cc6568 | 37 | <IfModule mpm_itk_module> |
| H | 38 | DocumentRoot /usr/local/ispconfig/interface/web/ |
| 6e0b35 | 39 | AssignUserId ispconfig ispconfig |
| cc6568 | 40 | AddType application/x-httpd-php .php |
| H | 41 | <Directory /usr/local/ispconfig/interface/web> |
| 42 | # php_admin_value open_basedir "/usr/local/ispconfig/interface:/usr/share:/tmp" | |
| 5545f1 | 43 | Options +FollowSymLinks |
| cc6568 | 44 | AllowOverride None |
| ccbf14 | 45 | <tmpl_if name='apache_version' op='>' value='2.2' format='version'> |
| 6e0b35 | 46 | Require all granted |
| C | 47 | <tmpl_else> |
| cc6568 | 48 | Order allow,deny |
| H | 49 | Allow from all |
| 6e0b35 | 50 | </tmpl_if> |
| C | 51 | php_value magic_quotes_gpc 0 |
| cc6568 | 52 | </Directory> |
| H | 53 | </IfModule> |
| 6e0b35 | 54 | |
| 2fe2c7 | 55 | # ErrorLog /var/log/apache2/error.log |
| R | 56 | # CustomLog /var/log/apache2/access.log combined |
| 57 | ServerSignature Off | |
| 6e0b35 | 58 | |
| cab924 | 59 | <IfModule mod_security2.c> |
| T | 60 | SecRuleEngine Off |
| 61 | </IfModule> | |
| 62 | ||
| 4ae2a0 | 63 | # SSL Configuration |
| ccbf14 | 64 | <tmpl_var name="ssl_comment">SSLEngine On |
| 473f06 | 65 | <tmpl_if name='apache_version' op='>=' value='2.3.16' format='version'> |
| C | 66 | <tmpl_var name="ssl_comment">SSLProtocol All -SSLv3 |
| 67 | <tmpl_else> | |
| 53124e | 68 | <tmpl_var name="ssl_comment">SSLProtocol All -SSLv2 -SSLv3 |
| 473f06 | 69 | </tmpl_if> |
| ccbf14 | 70 | <tmpl_var name="ssl_comment">SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt |
| TB | 71 | <tmpl_var name="ssl_comment">SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/ispserver.key |
| 72 | <tmpl_var name="ssl_bundle_comment">SSLCACertificateFile /usr/local/ispconfig/interface/ssl/ispserver.bundle | |
| a014c2 | 73 | |
| 473f06 | 74 | <tmpl_var name="ssl_comment">SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS |
| d85994 | 75 | <tmpl_var name="ssl_comment">SSLHonorCipherOrder On |
| 473f06 | 76 | <tmpl_if name='apache_version' op='>=' value='2.4.3' format='version'> |
| C | 77 | <tmpl_var name="ssl_comment">SSLCompression Off |
| 78 | </tmpl_if> | |
| 79 | <tmpl_if name='apache_version' op='>=' value='2.4.11' format='version'> | |
| 80 | <tmpl_var name="ssl_comment">SSLSessionTickets Off | |
| 81 | </tmpl_if> | |
| d85994 | 82 | |
| C | 83 | <IfModule mod_headers.c> |
| 84 | Header always add Strict-Transport-Security "max-age=15768000" | |
| 85 | </IfModule> | |
| 86 | ||
| 473f06 | 87 | <tmpl_if name='apache_version' op='>=' value='2.3.3' format='version'> |
| C | 88 | <tmpl_var name="ssl_comment">SSLUseStapling On |
| 89 | <tmpl_var name="ssl_comment">SSLStaplingResponderTimeout 5 | |
| 90 | <tmpl_var name="ssl_comment">SSLStaplingReturnResponderErrors Off | |
| 91 | </tmpl_if> | |
| 313e33 | 92 | </VirtualHost> |
| T | 93 | |
| 473f06 | 94 | <tmpl_if name='apache_version' op='>=' value='2.3.3' format='version'> |
| d85994 | 95 | <IfModule mod_ssl.c> |
| C | 96 | <tmpl_var name="ssl_comment">SSLStaplingCache shmcb:/var/run/ocsp(128000) |
| 97 | </IfModule> | |
| 98 | </tmpl_if> | |
| 99 | ||
| e9a25c | 100 | <Directory /var/www/php-cgi-scripts> |
| 6e0b35 | 101 | AllowOverride None |
| C | 102 | <tmpl_if name='apache_version' op='>' value='2.2' format='version'> |
| 103 | Require all denied | |
| 104 | <tmpl_else> | |
| 105 | Order Deny,Allow | |
| 106 | Deny from all | |
| 107 | </tmpl_if> | |
| e9a25c | 108 | </Directory> |
| T | 109 | |
| 110 | <Directory /var/www/php-fcgi-scripts> | |
| 6e0b35 | 111 | AllowOverride None |
| C | 112 | <tmpl_if name='apache_version' op='>' value='2.2' format='version'> |
| 113 | Require all denied | |
| 114 | <tmpl_else> | |
| 115 | Order Deny,Allow | |
| 116 | Deny from all | |
| 117 | </tmpl_if> | |
| 118 | </Directory> | |
