gitlabFork/ISPConfig3.git - Solinfo Gitblit

<tmpl_hook name='apache2_vhost:header'>
 
<Directory {tmpl_var name='web_basedir'}/{tmpl_var name='domain'}>
        AllowOverride None
        <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
        Require all denied
        <tmpl_else>
        Order Deny,Allow
        Deny from all
        </tmpl_if>
</Directory>
 
<tmpl_loop name='vhosts'>
<VirtualHost {tmpl_var name='ip_address'}:{tmpl_var name='port'}>
<tmpl_hook name='apache2_vhost:vhost_header'>
<tmpl_if name='php' op='==' value='suphp'>
        DocumentRoot <tmpl_var name='web_document_root'>
</tmpl_else>
    <tmpl_if name='php' op='==' value='cgi'>
        DocumentRoot <tmpl_var name='web_document_root'>
    </tmpl_else>
        <tmpl_if name='php' op='==' value='php-fpm'>
        DocumentRoot <tmpl_var name='web_document_root'>
        </tmpl_else>
            <tmpl_if name='php' op='==' value='hhvm'>
            DocumentRoot <tmpl_var name='web_document_root'>
            </tmpl_else>
            DocumentRoot <tmpl_var name='web_document_root_www'>
            </tmpl_if>
        </tmpl_if>
    </tmpl_if>
</tmpl_if>
 
        ServerName <tmpl_var name='domain'>
<tmpl_if name='alias'>
        <tmpl_var name='alias'>
</tmpl_if>
        ServerAdmin webmaster@<tmpl_var name='domain'>
 
        ErrorLog /var/log/ispconfig/httpd/<tmpl_var name='domain'>/error.log
 
<tmpl_if name='errordocs'>
        Alias /error/ "<tmpl_var name='web_document_root_www'>/error/"
        ErrorDocument 400 /error/400.html
        ErrorDocument 401 /error/401.html
        ErrorDocument 403 /error/403.html
        ErrorDocument 404 /error/404.html
        ErrorDocument 405 /error/405.html
        ErrorDocument 500 /error/500.html
        ErrorDocument 502 /error/502.html
        ErrorDocument 503 /error/503.html
</tmpl_if>
 
        <IfModule mod_ssl.c>
<tmpl_if name='ssl_enabled'>
        SSLEngine on
        SSLProtocol All -SSLv2 -SSLv3
        SSLCipherSuite          ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
        SSLHonorCipherOrder     on
        # <IfModule mod_headers.c>
        # Header always add Strict-Transport-Security "max-age=15768000"
        # </IfModule>
        SSLCertificateFile <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.crt
        SSLCertificateKeyFile <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.key
<tmpl_if name='has_bundle_cert'>
        <tmpl_if name='apache_version' op='<' value='2.4.8' format='version'>
        SSLCertificateChainFile <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.bundle
        </tmpl_if>
        <tmpl_if name='apache_version' op='>=' value='2.4' format='version'>
        SSLUseStapling on
        SSLStaplingResponderTimeout 5
        SSLStaplingReturnResponderErrors off
        </tmpl_if>
</tmpl_if>
</tmpl_if>
        </IfModule>
 
        <Directory {tmpl_var name='web_document_root_www'}>
                # Clear PHP settings of this website
                <FilesMatch ".+\.ph(p[345]?|t|tml)$">
                        SetHandler None
                </FilesMatch>
                Options +FollowSymLinks
                AllowOverride <tmpl_var name='allow_override'>
                <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
                Require all granted
                <tmpl_else>
                Order allow,deny
                Allow from all
                </tmpl_if>
<tmpl_if name='ssi' op='==' value='y'>
 
                # ssi enabled
                AddType text/html .shtml
                AddOutputFilter INCLUDES .shtml
                Options +Includes
</tmpl_if>
<tmpl_if name='php' op='==' value='no'>
                <Files ~ '.php[s3-6]{0,1}$'>
                        <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
                        Require all denied
                        <tmpl_else>
                        Order allow,deny
                        Deny from all
                        Allow from none
                        </tmpl_if>
                </Files>
</tmpl_if>
        </Directory>
        <Directory {tmpl_var name='web_document_root'}>
                # Clear PHP settings of this website
                <FilesMatch ".+\.ph(p[345]?|t|tml)$">
                        SetHandler None
                </FilesMatch>
                Options +FollowSymLinks
                AllowOverride <tmpl_var name='allow_override'>
                <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
                Require all granted
                <tmpl_else>
                Order allow,deny
                Allow from all
                </tmpl_if>
<tmpl_if name='ssi' op='==' value='y'>
 
                # ssi enabled
                AddType text/html .shtml
                AddOutputFilter INCLUDES .shtml
                Options +Includes
</tmpl_if>
<tmpl_if name='php' op='==' value='no'>
                <Files ~ '.php[s3-6]{0,1}$'>
                    <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
                    Require all denied
                    <tmpl_else>
                    Order allow,deny
                    Deny from all
                    Allow from none
                    </tmpl_if>
                </Files>
</tmpl_if>
        </Directory>
 
<tmpl_if name='ruby' op='==' value='y'>
        <IfModule mod_ruby.c>
            <Directory {tmpl_var name='web_document_root_www'}>
                Options +ExecCGI
            </Directory>
            RubyRequire apache/ruby-run
            #RubySafeLevel 0
            AddType text/html .rb
            AddType text/html .rbx
            <Files *.rb>
                SetHandler ruby-object
                RubyHandler Apache::RubyRun.instance
            </Files>
            <Files *.rbx>
                SetHandler ruby-object
                RubyHandler Apache::RubyRun.instance
            </Files>
        </IfModule>
</tmpl_if>
 
<tmpl_if name='perl' op='==' value='y'>
        <IfModule mod_perl.c>
            PerlModule ModPerl::Registry
            PerlModule Apache2::Reload
            <Directory {tmpl_var name='web_document_root_www'}>
                PerlResponseHandler ModPerl::Registry
                PerlOptions +ParseHeaders
                Options +ExecCGI
            </Directory>
            <Directory {tmpl_var name='web_document_root'}>
                PerlResponseHandler ModPerl::Registry
                PerlOptions +ParseHeaders
                Options +ExecCGI
            </Directory>
            <Files *.pl>
                SetHandler perl-script
            </Files>
        </IfModule>
</tmpl_if>
 
<tmpl_if name='python' op='==' value='y'>
        <IfModule mod_python.c>
            <Directory {tmpl_var name='web_document_root_www'}>
                <FilesMatch "\.py$">
                    SetHandler mod_python
                </FilesMatch>
                PythonHandler mod_python.publisher
                PythonDebug On
            </Directory>
        </IfModule>
</tmpl_if>
 
<tmpl_if name='cgi' op='==' value='y'>
        # cgi enabled
    <Directory {tmpl_var name='document_root'}/cgi-bin>
            <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
            Require all granted
            <tmpl_else>
            Order allow,deny
            Allow from all
            </tmpl_if>
        </Directory>
        ScriptAlias  /cgi-bin/ <tmpl_var name='document_root'>/cgi-bin/
        <FilesMatch "\.(cgi|pl)$">
            SetHandler cgi-script
        </FilesMatch>
</tmpl_if>
<tmpl_if name='suexec' op='==' value='y'>
        # suexec enabled
        <IfModule mod_suexec.c>
            SuexecUserGroup <tmpl_var name='system_user'> <tmpl_var name='system_group'>
        </IfModule>
</tmpl_if>
<tmpl_if name='php' op='==' value='mod'>
        # mod_php enabled
        AddType application/x-httpd-php .php .php3 .php4 .php5
        SetEnv TMP <tmpl_var name='document_root'>/tmp
        SetEnv TMPDIR <tmpl_var name='document_root'>/tmp
        SetEnv TEMP <tmpl_var name='document_root'>/tmp
        php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -fwebmaster@<tmpl_var name='domain'>"
        php_admin_value upload_tmp_dir <tmpl_var name='document_root'>/tmp
        php_admin_value session.save_path <tmpl_var name='document_root'>/tmp
    # PHPIniDir <tmpl_var name='custom_php_ini_dir'>
<tmpl_if name='security_level' op='==' value='20'>
        php_admin_value open_basedir <tmpl_var name='php_open_basedir'>
</tmpl_if>
</tmpl_if>
<tmpl_if name='php' op='==' value='suphp'>
        # suphp enabled
        <Directory {tmpl_var name='web_document_root'}>
        <IfModule mod_suphp.c>
            suPHP_Engine on
            # suPHP_UserGroup <tmpl_var name='system_user'> <tmpl_var name='system_group'>
<tmpl_if name='has_custom_php_ini'>
    suPHP_ConfigPath <tmpl_var name='custom_php_ini_dir'>
</tmpl_if>
            <FilesMatch "\.php[345]?$">
                SetHandler x-httpd-suphp
            </FilesMatch>
            suPHP_AddHandler x-httpd-suphp
        </IfModule>
        </Directory>
</tmpl_if>
<tmpl_if name='php' op='==' value='cgi'>
        # php as cgi enabled
        ScriptAlias /php5-cgi <tmpl_var name='cgi_starter_path'><tmpl_var name='cgi_starter_script'>
        Action php5-cgi /php5-cgi
        <Directory {tmpl_var name='web_document_root_www'}>
            <FilesMatch "\.php[345]?$">
                SetHandler php5-cgi
            </FilesMatch>
        </Directory>
        <Directory {tmpl_var name='web_document_root'}>
            <FilesMatch "\.php[345]?$">
                SetHandler php5-cgi
            </FilesMatch>
        </Directory>
        <Directory {tmpl_var name='cgi_starter_path'}>
            <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
            Require all granted
            <tmpl_else>
            Order allow,deny
            Allow from all
            </tmpl_if>
        </Directory>
</tmpl_if>
<tmpl_if name='php' op='==' value='fast-cgi'>
        # php as fast-cgi enabled
    # For config options see: http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html
        <IfModule mod_fcgid.c>
<tmpl_if name='fastcgi_config_syntax' op='==' value='2'>
                FcgidIdleTimeout 300
                FcgidProcessLifeTime 3600
                # FcgidMaxProcesses 1000
                FcgidMaxRequestsPerProcess <tmpl_var name='fastcgi_max_requests'>
                FcgidMinProcessesPerClass 0
                FcgidMaxProcessesPerClass 10
                FcgidConnectTimeout 3
                FcgidIOTimeout 600
                FcgidBusyTimeout 3600
                FcgidMaxRequestLen 1073741824
<tmpl_else>
                IdleTimeout 300
                ProcessLifeTime 3600
                # MaxProcessCount 1000
                DefaultMinClassProcessCount 0
                DefaultMaxClassProcessCount 10
                IPCConnectTimeout 3
                IPCCommTimeout 600
                BusyTimeout 3600
</tmpl_if>
        </IfModule>
        <Directory {tmpl_var name='web_document_root_www'}>
                <FilesMatch "\.php[345]?$">
                    SetHandler fcgid-script
                </FilesMatch>
                FCGIWrapper <tmpl_var name='fastcgi_starter_path'><tmpl_var name='fastcgi_starter_script'> .php
                FCGIWrapper <tmpl_var name='fastcgi_starter_path'><tmpl_var name='fastcgi_starter_script'> .php3
                FCGIWrapper <tmpl_var name='fastcgi_starter_path'><tmpl_var name='fastcgi_starter_script'> .php4
                FCGIWrapper <tmpl_var name='fastcgi_starter_path'><tmpl_var name='fastcgi_starter_script'> .php5
                Options +ExecCGI
                AllowOverride <tmpl_var name='allow_override'>
                <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
                Require all granted
                <tmpl_else>
                Order allow,deny
                Allow from all
                </tmpl_if>
        </Directory>
        <Directory {tmpl_var name='web_document_root'}>
                <FilesMatch "\.php[345]?$">
                    SetHandler fcgid-script
                </FilesMatch>
                FCGIWrapper <tmpl_var name='fastcgi_starter_path'><tmpl_var name='fastcgi_starter_script'> .php
                FCGIWrapper <tmpl_var name='fastcgi_starter_path'><tmpl_var name='fastcgi_starter_script'> .php3
                FCGIWrapper <tmpl_var name='fastcgi_starter_path'><tmpl_var name='fastcgi_starter_script'> .php4
                FCGIWrapper <tmpl_var name='fastcgi_starter_path'><tmpl_var name='fastcgi_starter_script'> .php5
                Options +ExecCGI
                AllowOverride <tmpl_var name='allow_override'>
                <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
                Require all granted
                <tmpl_else>
                Order allow,deny
                Allow from all
                </tmpl_if>
        </Directory>
</tmpl_if>
<tmpl_if name='php' op='==' value='php-fpm'>
        <IfModule mod_fastcgi.c>
                <Directory {tmpl_var name='document_root'}/cgi-bin>
                    <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
                    Require all granted
                    <tmpl_else>
                    Order allow,deny
                    Allow from all
                    </tmpl_if>
                </Directory>
                <Directory {tmpl_var name='web_document_root_www'}>
                    <FilesMatch "\.php[345]?$">
                        SetHandler php5-fcgi
                    </FilesMatch>
                </Directory>
                <Directory {tmpl_var name='web_document_root'}>
                    <FilesMatch "\.php[345]?$">
                        SetHandler php5-fcgi
                    </FilesMatch>
                </Directory>
                Action php5-fcgi /php5-fcgi virtual
                Alias /php5-fcgi {tmpl_var name='document_root'}/cgi-bin/php5-fcgi-{tmpl_var name='ip_address'}-{tmpl_var name='port'}-{tmpl_var name='domain'}
<tmpl_if name='use_tcp'>
                FastCgiExternalServer {tmpl_var name='document_root'}/cgi-bin/php5-fcgi-{tmpl_var name='ip_address'}-{tmpl_var name='port'}-{tmpl_var name='domain'} -idle-timeout 300 -host 127.0.0.1:<tmpl_var name='fpm_port'> -pass-header Authorization             
</tmpl_if>
<tmpl_if name='use_socket'>
                FastCgiExternalServer {tmpl_var name='document_root'}/cgi-bin/php5-fcgi-{tmpl_var name='ip_address'}-{tmpl_var name='port'}-{tmpl_var name='domain'} -idle-timeout 300 -socket <tmpl_var name='fpm_socket'> -pass-header Authorization
</tmpl_if>
        </IfModule>
        <IfModule mod_proxy_fcgi.c>
<tmpl_if name='use_tcp'>
            ProxyPassMatch ^/(.*\.php[345]?(/.*)?)$ fcgi://127.0.0.1:<tmpl_var name='fpm_port'><tmpl_var name='web_document_root'>/$1
</tmpl_if>
<tmpl_if name='use_socket'>
            ProxyPassMatch ^/(.*\.php[345]?(/.*)?)$ unix://<tmpl_var name='fpm_socket'>|fcgi://localhost/<tmpl_var name='web_document_root'>/$1
</tmpl_if>
            </IfModule>
</tmpl_if>
 
<tmpl_if name='php' op='==' value='hhvm'>
        <IfModule mod_fastcgi.c>
                <Directory {tmpl_var name='document_root'}/cgi-bin>
                    <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
                    Require all granted
                    <tmpl_else>
                    Order allow,deny
                    Allow from all
                    </tmpl_if>
                </Directory>
                <Directory {tmpl_var name='web_document_root_www'}>
                    <FilesMatch "\.php[345]?$">
                        SetHandler hhvm-fcgi
                    </FilesMatch>
                    <FilesMatch "\.hh$">
                        SetHandler hhvm-fcgi
                    </FilesMatch>
                </Directory>
                <Directory {tmpl_var name='web_document_root'}>
                    <FilesMatch "\.php[345]?$">
                        SetHandler hhvm-fcgi
                    </FilesMatch>
                    <FilesMatch "\.hh$">
                        SetHandler hhvm-fcgi
                    </FilesMatch>
                </Directory>
                Action hhvm-fcgi /hhvm-fcgi virtual
                Alias /hhvm-fcgi {tmpl_var name='document_root'}/cgi-bin/hhvm-fcgi-{tmpl_var name='ip_address'}-{tmpl_var name='port'}-{tmpl_var name='domain'}
                FastCgiExternalServer {tmpl_var name='document_root'}/cgi-bin/hhvm-fcgi-{tmpl_var name='ip_address'}-{tmpl_var name='port'}-{tmpl_var name='domain'} -idle-timeout 300 -socket /var/run/hhvm/hhvm.<tmpl_var name='system_user'>.sock -pass-header Authorization
        </IfModule>
</tmpl_if>
 
<tmpl_if name="rewrite_enabled">
        RewriteEngine on
<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
        RewriteCond %{REQUEST_URI} ^/\.well-known/acme-challenge/
        RewriteRule ^ - [END]
</tmpl_if>
<tmpl_if name='seo_redirect_enabled'>
        RewriteCond %{HTTP_HOST} <tmpl_var name='seo_redirect_operator'>^<tmpl_var name='seo_redirect_origin_domain'>$ [NC]
        <tmpl_if name='apache_version' op='<' value='2.4' format='version'>RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/</tmpl_if>
        RewriteRule ^(.*)$ http<tmpl_if name='ssl_enabled'>s</tmpl_if>://<tmpl_var name='seo_redirect_target_domain'>$1 [R=301,NE,L]
</tmpl_if>
<tmpl_loop name="alias_seo_redirects">
        RewriteCond %{HTTP_HOST} <tmpl_var name='alias_seo_redirect_operator'>^<tmpl_var name='alias_seo_redirect_origin_domain'>$ [NC]
        <tmpl_if name='apache_version' op='<' value='2.4' format='version'>RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/</tmpl_if>
        RewriteRule ^(.*)$ http<tmpl_if name='ssl_enabled'>s</tmpl_if>://<tmpl_var name='alias_seo_redirect_target_domain'>$1 [R=301,NE,L]
</tmpl_loop>
<tmpl_loop name="redirects">
        RewriteCond %{HTTP_HOST}   <tmpl_var name='rewrite_domain'>$ [NC]
        <tmpl_if name='apache_version' op='<' value='2.4' format='version'>RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/</tmpl_if>
<tmpl_if name="rewrite_is_url" op="==" value="n">
        RewriteCond %{REQUEST_URI} !^/webdav/
        RewriteCond %{REQUEST_URI} !^/php5-fcgi/
        RewriteCond %{REQUEST_URI} !^<tmpl_var name='rewrite_target'>
</tmpl_if>
        
        RewriteRule   ^/(.*)$ <tmpl_var name='rewrite_target'><tmpl_if name="rewrite_add_path" op="==" value="y">$1</tmpl_if>  <tmpl_var name='rewrite_type'>
    
</tmpl_loop>
<tmpl_if name='ssl_enabled'>
<tmpl_else>
<tmpl_if name='rewrite_to_https' op='==' value='y'>
        RewriteCond %{HTTPS} off
        <tmpl_if name='apache_version' op='<' value='2.4' format='version'>RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/</tmpl_if>
        RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
</tmpl_if>
</tmpl_if>
</tmpl_if>
 
        # add support for apache mpm_itk
        <IfModule mpm_itk_module>
            AssignUserId <tmpl_var name='system_user'> <tmpl_var name='system_group'>
        </IfModule>
 
        <IfModule mod_dav_fs.c>
        # Do not execute PHP files in webdav directory
            <Directory {tmpl_var name='document_root'}/webdav>
                <ifModule mod_security2.c>
                    SecRuleRemoveById 960015
                    SecRuleRemoveById 960032
                </ifModule>
                <FilesMatch "\.ph(p3?|tml)$">
                    SetHandler None
                </FilesMatch>
            </Directory>
            DavLockDB {tmpl_var name='document_root'}/tmp/DavLock
            # DO NOT REMOVE THE COMMENTS!
            # IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
            # WEBDAV BEGIN
            # WEBDAV END
        </IfModule>
 
<tmpl_var name='apache_directives'>
<tmpl_hook name='apache2_vhost:vhost_footer'>
</VirtualHost>
 
<tmpl_if name='apache_version' op='>=' value='2.4' format='version'>
<tmpl_if name='ssl_enabled'>
<IfModule mod_ssl.c>
        SSLStaplingCache shmcb:/var/run/ocsp(128000)
</IfModule>
</tmpl_if>
</tmpl_if>
 
</tmpl_loop>
 
<tmpl_hook name='apache2_vhost:footer'>