Nice and short httpd.conf...
ServerType standalone
ServerRoot "/var/www"
PidFile logs/httpd.pid
ScoreBoardFile logs/apache_runtime_status
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15
MinSpareServers 5
MaxSpareServers 10
StartServers 5
MaxClients 150
MaxRequestsPerChild 0
MaxCPUPerChild 0
MaxDATAPerChild 0
MaxNOFILEPerChild 0
MaxRSSPerChild 0
MaxSTACKPerChild 0
LoadModule rewrite_module /usr/lib/apache/modules/mod_rewrite.so
LoadModule php5_module /usr/local/lib/php-5.3/libphp5.so
AddModule mod_php5.c
Include /var/www/conf/modules/*.conf
Port 80
<IfDefine SSL>
Listen 80
Listen 443
</IfDefine>
User www
Group www
ServerAdmin j...@secusrvr.com
ServerName www.secusrvr.com
DocumentRoot "/var/www/htdocs"
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory "/var/www/htdocs">
Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
</Directory>
UserDir disabled
DirectoryIndex index.php index.html
AccessFileName .htaccess
<Files .htaccess>
Order allow,deny
Deny from all
</Files>
UseCanonicalName On
TypesConfig conf/mime.types
DefaultType text/plain
<IfModule mod_mime_magic.c>
MIMEMagicFile conf/magic
</IfModule>
HostnameLookups Off
ErrorLog logs/error_log
LogLevel warn
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""
combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
CustomLog logs/access_log common
Alias /icons/ "/var/www/icons/"
<Directory "/var/www/icons">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>
ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
<Directory "/var/www/cgi-bin">
AllowOverride None
Options None
Order allow,deny
Allow from all
</Directory>
IndexOptions FancyIndexing
AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
AddIconByType (TXT,/icons/text.gif) text/*
AddIconByType (IMG,/icons/image2.gif) image/*
AddIconByType (SND,/icons/sound2.gif) audio/*
AddIconByType (VID,/icons/movie.gif) video/*
AddIcon /icons/binary.gif .bin .exe
AddIcon /icons/binhex.gif .hqx
AddIcon /icons/tar.gif .tar
AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
AddIcon /icons/a.gif .ps .ai .eps
AddIcon /icons/layout.gif .html .shtml .htm .pdf
AddIcon /icons/text.gif .txt
AddIcon /icons/c.gif .c
AddIcon /icons/p.gif .pl .py
AddIcon /icons/f.gif .for
AddIcon /icons/dvi.gif .dvi
AddIcon /icons/uuencoded.gif .uu
AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
AddIcon /icons/tex.gif .tex
AddIcon /icons/bomb.gif core
AddIcon /icons/back.gif ..
AddIcon /icons/hand.right.gif README
AddIcon /icons/folder.gif ^^DIRECTORY^^
AddIcon /icons/blank.gif ^^BLANKICON^^
DefaultIcon /icons/unknown.gif
ReadmeName README
HeaderName HEADER
IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
AddEncoding x-compress Z
AddEncoding x-gzip gz
AddLanguage en .en
AddLanguage fr .fr
AddLanguage de .de
AddLanguage da .da
AddLanguage el .el
AddLanguage it .it
LanguagePriority en fr de
AddType application/x-httpd-php .php
BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0
<Location /server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from 127.0.0.1
</Location>
<IfDefine SSL>
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
</IfDefine>
<IfModule mod_ssl.c>
SSLPassPhraseDialog builtin
SSLSessionCache dbm:logs/ssl_scache
SSLSessionCacheTimeout 300
SSLMutex sem
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
SSLRandomSeed startup file:/dev/arandom 512
SSLLog logs/ssl_engine_log
SSLLogLevel info
</IfModule>
NameVirtualHost 208.79.92.130:443
NameVirtualHost 127.0.0.1:443
<VirtualHost *:443>
DocumentRoot "/var/www/sites/secusrvr.com"
ServerName secusrvr.com
SSLEngine on
SSLCertificateFile /etc/ssl/private/secusrvr.com.crt
SSLCertificateKeyFile /etc/ssl/private/server.key
SSLCACertificateFile /etc/ssl/private/gd_bundle.crt
CustomLog logs/ssl_request_log \
"%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
<Directory "/var/www/sites/secusrvr.com">
allow from all
Options +Indexes
AllowOverride All
</Directory>
</VirtualHost>
NameVirtualHost 208.79.92.130:80
NameVirtualHost 127.0.0.1:80
<VirtualHost *:80>
DocumentRoot "/var/www/sites/johntate.org"
ServerName johntate.org
<Directory "/var/www/sites/johntate.org">
allow from all
Options +Indexes
AllowOverride All
</Directory>
</VirtualHost>
NameVirtualHost 208.79.92.130:80
NameVirtualHost 127.0.0.1:80
<VirtualHost *:80>
DocumentRoot "/var/www/sites/www.johntate.org"
ServerName www.johntate.org
<Directory "/var/www/sites/www.johntate.org">
allow from all
Options +Indexes
AllowOverride All
</Directory>
</VirtualHost>
NameVirtualHost 208.79.92.130:80
NameVirtualHost 127.0.0.1:80
<VirtualHost *:80>
DocumentRoot "/var/www/sites/www.secusrvr.com"
ServerName www.secusrvr.com
<Directory "/var/www/sites/www.seucsrvr.com">
allow from all
Options +Indexes
AllowOverride All
</Directory>
</VirtualHost>
On Fri, Apr 5, 2013 at 2:18 PM, John Tate <j...@johntate.org> wrote:
> I think I have a problem with my defaults. I used to just have a default a
> secusrvr.com. The default would point to /var/www/htdocs which redirects
> to /var/www/sites/secusrvr.com which is for the virtualhost secusrvr.com.
> I added johntate.org and www.johntate.org both under /var/www/sites/
> www.johntate.org and /var/www/sites/johntate.org but somehow even after
> adding www.secusrvr.com, that domain through a browser redirects to
> johntate.org. I'm getting these warnings:
> # apachectl startssl
> [Thu Apr 4 20:17:56 2013] [warn] module mod_php5.c is already added,
> skipping
> [Thu Apr 4 20:17:56 2013] [warn] module php5_module is already loaded,
> skipping
> [Thu Apr 4 20:17:56 2013] [warn] _default_ VirtualHost overlap on port
> 80, the first has precedence
> [Thu Apr 4 20:17:56 2013] [warn] _default_ VirtualHost overlap on port
> 80, the first has precedence
> [Thu Apr 4 20:17:56 2013] [warn] NameVirtualHost 208.79.92.130:443 has
> no VirtualHosts
> [Thu Apr 4 20:17:56 2013] [warn] NameVirtualHost 208.79.92.130:80 has no
> VirtualHosts
> [Thu Apr 4 20:17:56 2013] [warn] NameVirtualHost 208.79.92.130:80 has no
> VirtualHosts
> [Thu Apr 4 20:17:56 2013] [warn] NameVirtualHost 208.79.92.130:80 has no
> VirtualHosts
> [Thu Apr 4 20:17:56 2013] [warn] NameVirtualHost 127.0.0.1:443 has no
> VirtualHosts
> [Thu Apr 4 20:17:56 2013] [warn] NameVirtualHost 127.0.0.1:80 has no
> VirtualHosts
> [Thu Apr 4 20:17:56 2013] [warn] NameVirtualHost 127.0.0.1:80 has no
> VirtualHosts
> [Thu Apr 4 20:17:56 2013] [warn] NameVirtualHost 127.0.0.1:80 has no
> VirtualHosts
> /usr/sbin/apachectl startssl: httpd started
>
>
>
> Here is my /var/www/conf/httpd.conf
> # $OpenBSD: httpd.conf,v 1.26 2009/06/03 18:28:21 robert Exp $
> #
> # Based upon the NCSA server configuration files originally by Rob McCool.
> #
> # This is the main Apache server configuration file. It contains the
> # configuration directives that give the server its instructions.
> # See <URL:http://www.apache.org/docs/> for detailed information about
> # the directives.
> #
> # Do NOT simply read the instructions in here without understanding
> # what they do. They're here only as hints or reminders. If you are
> unsure
> # consult the online docs. You have been warned.
> #
> # After this file is processed, the server will look for and process
> # /var/www/conf/srm.conf and then /var/www/conf/access.conf
> # unless you have overridden these with ResourceConfig and/or
> # AccessConfig directives here.
> #
> # The configuration directives are grouped into three basic sections:
> # 1. Directives that control the operation of the Apache server process
> as a
> # whole (the 'global environment').
> # 2. Directives that define the parameters of the 'main' or 'default'
> server,
> # which responds to requests that aren't handled by a virtual host.
> # These directives also provide default values for the settings
> # of all virtual hosts.
> # 3. Settings for virtual hosts, which allow Web requests to be sent to
> # different IP addresses or hostnames and have them handled by the
> # same Apache server process.
> #
> # Configuration and logfile names: If the filenames you specify for many
> # of the server's control files begin with "/" (or "drive:/" for Win32),
> the
> # server will use that explicit path. If the filenames do *not* begin
> # with "/", the value of ServerRoot is prepended -- so "logs/foo.log"
> # with ServerRoot set to "/usr/local/apache" will be interpreted by the
> # server as "/usr/local/apache/logs/foo.log".
> #
>
> ### Section 1: Global Environment
> #
> # The directives in this section affect the overall operation of Apache,
> # such as the number of concurrent requests it can handle or where it
> # can find its configuration files.
> #
>
> #
> # ServerType is either inetd, or standalone. Inetd mode is only supported
> on
> # Unix platforms.
> #
> ServerType standalone
>
> #
> # ServerTokens is either Full, OS, Minimal, or ProductOnly.
> # The values define what version information is returned in the
> # Server header in HTTP responses.
> #
> # ServerTokens ProductOnly
>
> #
> # ServerRoot: The top of the directory tree under which the server's
> # configuration, error, and log files are kept.
> #
> # NOTE! If you intend to place this on an NFS (or otherwise network)
> # mounted filesystem then please read the LockFile documentation
> # (available at <URL:http://www.apache.org/docs/mod/core.html#lockfile>);
> # you will save yourself a lot of trouble.
> #
> # Do NOT add a slash at the end of the directory path.
> #
> ServerRoot "/var/www"
>
> #
> # The LockFile directive sets the path to the lockfile used when Apache
> # is compiled with either USE_FCNTL_SERIALIZED_ACCEPT or
> # USE_FLOCK_SERIALIZED_ACCEPT. This directive should normally be left at
> # its default value. The main reason for changing it is if the logs
> # directory is NFS mounted, since the lockfile MUST BE STORED ON A LOCAL
> # DISK. The PID of the main server process is automatically appended to
> # the filename.
> #
> #LockFile logs/accept.lock
>
> #
> # PidFile: The file in which the server should record its process
> # identification number when it starts.
> #
> PidFile logs/httpd.pid
> #
> # ScoreBoardFile: File used to store internal server process information.
> # Not all architectures require this. But if yours does (you'll know
> because
> # this file will be created when you run Apache) then you *must* ensure
> that
> # no two invocations of Apache share the same scoreboard file.
> #
> ScoreBoardFile logs/apache_runtime_status
>
> #
> # In the standard configuration, the server will process httpd.conf,
> # srm.conf, and access.conf in that order. The latter two files are
> # now deprecated and not installed any more, as it is recommended that
> # all directives be kept in a single file for simplicity.
> #
> #ResourceConfig conf/srm.conf
> #AccessConfig conf/access.conf
>
> #
> # Timeout: The number of seconds before receives and sends time out.
> #
> Timeout 300
>
> #
> # KeepAlive: Whether or not to allow persistent connections (more than
> # one request per connection). Set to "Off" to deactivate.
> #
> KeepAlive On
>
> #
> # MaxKeepAliveRequests: The maximum number of requests to allow
> # during a persistent connection. Set to 0 to allow an unlimited amount.
> # We recommend you leave this number high, for maximum performance.
> #
> MaxKeepAliveRequests 100
>
> #
> # KeepAliveTimeout: Number of seconds to wait for the next request from the
> # same client on the same connection.
> #
> KeepAliveTimeout 15
>
> #
> # Server-pool size regulation. Rather than making you guess how many
> # server processes you need, Apache dynamically adapts to the load it
> # sees --- that is, it tries to maintain enough server processes to
> # handle the current load, plus a few spare servers to handle transient
> # load spikes (e.g., multiple simultaneous requests from a single
> # Netscape browser).
> #
> # It does this by periodically checking how many servers are waiting
> # for a request. If there are fewer than MinSpareServers, it creates
> # a new spare. If there are more than MaxSpareServers, some of the
> # spares die off. The default values in httpd.conf-dist are probably OK
> # for most sites.
> #
> MinSpareServers 5
> MaxSpareServers 10
>
> #
> # Number of servers to start initially --- should be a reasonable ballpark
> # figure.
> #
> StartServers 5
>
> #
> # Limit on total number of servers running, i.e., limit on the number
> # of clients who can simultaneously connect --- if this limit is ever
> # reached, clients will be LOCKED OUT, so it should NOT BE SET TOO LOW.
> # It is intended mainly as a brake to keep a runaway server from taking
> # the system with it as it spirals down...
> #
> MaxClients 150
>
> #
> # MaxRequestsPerChild: the number of requests each child process is
> # allowed to process before the child dies. The child will exit so
> # as to avoid problems after prolonged use when Apache (and maybe the
> # libraries it uses) leak memory or other resources. On most systems, this
> # isn't really needed, but a few (such as Solaris) do have notable leaks
> # in the libraries.
> #
> MaxRequestsPerChild 0
>
> #
> # MaxFOOPerChild: these directives set the current and hard rlimits for
> # the child processes. Attempts to exceed them will cause the OS to
> # take appropriate action. See the setrlimit(2) and signal(3).
> #
> MaxCPUPerChild 0
> MaxDATAPerChild 0
> MaxNOFILEPerChild 0
> MaxRSSPerChild 0
> MaxSTACKPerChild 0
>
> #
> # Listen: Allows you to bind Apache to specific IP addresses and/or
> # ports, in addition to the default. See also the <VirtualHost>
> # directive.
> #
> #Listen 3000
> #Listen 12.34.56.78:80
>
> #
> # BindAddress: You can support virtual hosts with this option. This
> directive
> # is used to tell the server which IP address to listen to. It can either
> # contain "*", an IP address, or a fully qualified Internet domain name.
> # See also the <VirtualHost> and Listen directives.
> #
> #BindAddress *
>
> #
> # Dynamic Shared Object (DSO) Support
> #
> # To be able to use the functionality of a module which was built as a DSO
> you
> # have to place corresponding `LoadModule' lines at this location so the
> # directives contained in it are actually available _before_ they are used.
> # Please read the file README.DSO in the Apache 1.3 distribution for more
> # details about the DSO mechanism and run `httpd -l' for the list of
> already
> # built-in (statically linked and thus always available) modules in your
> httpd
> # binary.
> #
> # Note: The order is which modules are loaded is important. Don't change
> # the order below without expert advice.
> #
> # Example:
> # LoadModule foo_module libexec/mod_foo.so
>
> # "anonymous" user access to authenticated areas
> # LoadModule anon_auth_module /usr/lib/apache/modules/mod_auth_anon.so
>
> # user authentication using Berkeley DB files
> # LoadModule db_auth_module /usr/lib/apache/modules/mod_auth_db.so
>
> # user authentication using DBM files
> # LoadModule dbm_auth_module /usr/lib/apache/modules/mod_auth_dbm.so
>
> # authentication using new-style MD5 Digest Authentication (experimental)
> # LoadModule digest_auth_module /usr/lib/apache/modules/mod_auth_digest.so
>
> # CERN httpd metafile semantics
> # LoadModule cern_meta_module /usr/lib/apache/modules/mod_cern_meta.so
>
> # configuration defines ($xxx)
> # LoadModule define_module /usr/lib/apache/modules/mod_define.so
>
> # user authentication using old-style MD5 Digest Authentication
> # LoadModule digest_module /usr/lib/apache/modules/mod_digest.so
>
> # generation of Expires HTTP headers according to user-specified criteria
> # LoadModule expires_module /usr/lib/apache/modules/mod_expires.so
>
> # customization of HTTP response headers
> # LoadModule headers_module /usr/lib/apache/modules/mod_headers.so
>
> # comprehensive overview of the server configuration
> # LoadModule info_module /usr/lib/apache/modules/mod_info.so
>
> # logging of the client user agents (deprecated in favor of mod_log_config)
> # LoadModule agent_log_module /usr/lib/apache/modules/mod_log_agent.so
>
> # logging of referers (deprecated in favor of mod_log_config)
> # LoadModule referer_log_module /usr/lib/apache/modules/mod_log_referer.so
>
> # determining the MIME type of a file by looking at a few bytes of its
> contents
> # LoadModule mime_magic_module /usr/lib/apache/modules/mod_mime_magic.so
>
> # mmap()ing of a statically configured list of frequently requested but
> # not changed files (experimental)
> # LoadModule mmap_static_module /usr/lib/apache/modules/mod_mmap_static.so
>
> # rule-based rewriting engine to rewrite requested URLs on the fly
> LoadModule rewrite_module /usr/lib/apache/modules/mod_rewrite.so
>
> # attempt to correct misspellings of URLs that users might have entered
> # LoadModule speling_module /usr/lib/apache/modules/mod_speling.so
>
> # provides an environment variable with a unique identifier for each
> request
> # LoadModule unique_id_module /usr/lib/apache/modules/mod_unique_id.so
>
> # uses cookies to provide for a clickstream log of user activity on a site
> # LoadModule usertrack_module /usr/lib/apache/modules/mod_usertrack.so
>
> # dynamically configured mass virtual hosting
> # LoadModule vhost_alias_module /usr/lib/apache/modules/mod_vhost_alias.so
>
> # caching proxy
> # LoadModule proxy_module /usr/lib/apache/modules/libproxy.so
>
> LoadModule php5_module /usr/local/lib/php-5.3/libphp5.so
> AddModule mod_php5.c
>
> #
> # Include extra module configuration files
> #
> Include /var/www/conf/modules/*.conf
>
> #
> # ExtendedStatus controls whether Apache will generate "full" status
> # information (ExtendedStatus On) or just basic information (ExtendedStatus
> # Off) when the "server-status" handler is called. The default is Off.
> #
> #ExtendedStatus On
>
> ### Section 2: 'Main' server configuration
> #
> # The directives in this section set up the values used by the 'main'
> # server, which responds to any requests that aren't handled by a
> # <VirtualHost> definition. These values also provide defaults for
> # any <VirtualHost> containers you may define later in the file.
> #
> # All of these directives may appear inside <VirtualHost> containers,
> # in which case these default settings will be overridden for the
> # virtual host being defined.
> #
>
> #
> # If your ServerType directive (set earlier in the 'Global Environment'
> # section) is set to "inetd", the next few directives don't have any
> # effect since their settings are defined by the inetd configuration.
> # Skip ahead to the ServerAdmin directive.
> #
>
> #
> # Port: The port to which the standalone server listens. For
> # ports < 1023, you will need httpd to be run as root initially.
> #
> Port 80
>
> ##
> ## SSL Support
> ##
> ## When we also provide SSL we have to listen to the
> ## standard HTTP port (see above) and to the HTTPS port
> ##
> <IfDefine SSL>
> Listen 80
> Listen 443
> </IfDefine>
>
> #
> # If you wish httpd to run as a different user or group, you must run
> # httpd as root initially and it will switch.
> #
> # User/Group: The name (or #number) of the user/group to run httpd as.
> # . On SCO (ODT 3) use "User nouser" and "Group nogroup".
> # . On HPUX you may not be able to use shared memory as nobody, and the
> # suggested workaround is to create a user www and use that user.
> # NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
> # when the value of (unsigned)Group is above 60000;
> # don't use Group #-1 on these systems!
> # On OpenBSD, use user www, group www.
> #
> User www
> Group www
>
> #
> # ServerAdmin: Your address, where problems with the server should be
> # e-mailed. This address appears on some server-generated pages, such
> # as error documents.
> #
> ServerAdmin j...@secusrvr.com
>
> #
> # ServerName allows you to set a host name which is sent back to clients
> for
> # your server if it's different than the one the program would get (i.e.,
> use
> # "www" instead of the host's real name).
> #
> # Note: You cannot just invent host names and hope they work. The name you
> # define here must be a valid DNS name for your host. If you don't
> understand
> # this, ask your network administrator.
> # If your host doesn't have a registered DNS name, enter its IP address
> here.
> # You will have to access it by its address (e.g., http://123.45.67.89/)
> # anyway, and this will make redirections work in a sensible way.
> #
> #ServerName new.host.name
>
> #
> # DocumentRoot: The directory out of which you will serve your
> # documents. By default, all requests are taken from this directory, but
> # symbolic links and aliases may be used to point to other locations.
> #
> DocumentRoot "/var/www/htdocs"
>
> #
> # Each directory to which Apache has access, can be configured with respect
> # to which services and features are allowed and/or disabled in that
> # directory (and its subdirectories).
> #
> # First, we configure the "default" to be a very restrictive set of
> # permissions.
> #
> <Directory />
> Options FollowSymLinks
> AllowOverride None
> </Directory>
>
> #
> # Note that from this point forward you must specifically allow
> # particular features to be enabled - so if something's not working as
> # you might expect, make sure that you have specifically enabled it
> # below.
> #
>
> #
> # This should be changed to whatever you set DocumentRoot to.
> #
> <Directory "/var/www/htdocs">
>
> #
> # This may also be "None", "All", or any combination of "Indexes",
> # "Includes", "FollowSymLinks", "ExecCGI", or "MultiViews".
> #
> # Note that "MultiViews" must be named *explicitly* --- "Options All"
> # doesn't give it to you.
> #
> Options Indexes FollowSymLinks
>
> #
> # This controls which options the .htaccess files in directories can
> # override. Can also be "All", or any combination of "Options",
> "FileInfo",
> # "AuthConfig", and "Limit"
> #
> AllowOverride None
>
> #
> # Controls who can get stuff from this server.
> #
> Order allow,deny
> Allow from all
> </Directory>
>
> #
> # UserDir: The directory which is prepended onto a users username, within
> # which a users's web pages are looked for if a ~user request is received.
> # Relative paths are relative to the user's home directory.
> #
> # "disabled" turns this feature off.
> #
> # Since httpd will chroot(2) to the ServerRoot path by default,
> # you should use
> # UserDir /var/www/users
> # and create per user directories in /var/www/users/<username>
> #
>
> UserDir disabled
>
> #
> # Control access to UserDir directories. The following is an example
> # for a site where these directories are restricted to read-only and
> # are located under /users/<username>
> # You will need to change this to match your site's home directories.
> #
> #<Directory /users/*>
> # AllowOverride FileInfo AuthConfig Limit
> # Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
> # <Limit GET POST OPTIONS PROPFIND>
> # Order allow,deny
> # Allow from all
> # </Limit>
> # <Limit PUT DELETE PATCH PROPPATCH MKCOL COPY MOVE LOCK UNLOCK>
> # Order deny,allow
> # Deny from all
> # </Limit>
> #</Directory>
>
> #
> # DirectoryIndex: Name of the file or files to use as a pre-written HTML
> # directory index. Separate multiple entries with spaces.
> #
> DirectoryIndex index.php index.html
>
> #
> # AccessFileName: The name of the file to look for in each directory
> # for access control information.
> #
> AccessFileName .htaccess
>
> #
> # The following lines prevent .htaccess files from being viewed by
> # Web clients. Since .htaccess files often contain authorization
> # information, access is disallowed for security reasons. Comment
> # these lines out if you want Web visitors to see the contents of
> # .htaccess files. If you change the AccessFileName directive above,
> # be sure to make the corresponding changes here.
> #
> <Files .htaccess>
> Order allow,deny
> Deny from all
> </Files>
>
> #
> # CacheNegotiatedDocs: By default, Apache sends "Pragma: no-cache" with
> each
> # document that was negotiated on the basis of content. This asks proxy
> # servers not to cache the document. Uncommenting the following line
> disables
> # this behavior, and proxies will be allowed to cache the documents.
> #
> #CacheNegotiatedDocs
>
> #
> # UseCanonicalName: (new for 1.3) With this setting turned on, whenever
> # Apache needs to construct a self-referencing URL (a URL that refers back
> # to the server the response is coming from) it will use ServerName and
> # Port to form a "canonical" name. With this setting off, Apache will
> # use the hostname:port that the client supplied, when possible. This
> # also affects SERVER_NAME and SERVER_PORT in CGI scripts.
> #
> UseCanonicalName On
>
> #
> # TypesConfig describes where the mime.types file (or equivalent) is
> # to be found.
> #
> TypesConfig conf/mime.types
>
> #
> # DefaultType is the default MIME type the server will use for a document
> # if it cannot otherwise determine one, such as from filename extensions.
> # If your server contains mostly text or HTML documents, "text/plain" is
> # a good value. If most of your content is binary, such as applications
> # or images, you may want to use "application/octet-stream" instead to
> # keep browsers from trying to display binary files as though they are
> # text.
> #
> DefaultType text/plain
>
> #
> # The mod_mime_magic module allows the server to use various hints from the
> # contents of the file itself to determine its type. The MIMEMagicFile
> # directive tells the module where the hint definitions are located.
> # mod_mime_magic is not part of the default server (you have to add
> # it yourself with a LoadModule [see the DSO paragraph in the 'Global
> # Environment' section], or recompile the server and include mod_mime_magic
> # as part of the configuration), so it's enclosed in an <IfModule>
> container.
> # This means that the MIMEMagicFile directive will only be processed if the
> # module is part of the server.
> #
> <IfModule mod_mime_magic.c>
> MIMEMagicFile conf/magic
> </IfModule>
>
> #
> # HostnameLookups: Log the names of clients or just their IP addresses
> # e.g., www.apache.org (on) or 204.62.129.132 (off).
> # The default is off because it'd be overall better for the net if people
> # had to knowingly turn this feature on, since enabling it means that
> # each client request will result in AT LEAST one lookup request to the
> # nameserver.
> #
> HostnameLookups Off
>
> #
> # ErrorLog: The location of the error log file.
> # If you do not specify an ErrorLog directive within a <VirtualHost>
> # container, error messages relating to that virtual host will be
> # logged here. If you *do* define an error logfile for a <VirtualHost>
> # container, that host's errors will be logged there and not here.
> # Either a filename or the text "syslog:" followed by a facility
> # name may be specified here.
> #
> #ErrorLog syslog:daemon
> ErrorLog logs/error_log
>
> #
> # LogLevel: Control the number of messages logged to the error_log.
> # Possible values include: debug, info, notice, warn, error, crit,
> # alert, emerg.
> #
> LogLevel warn
>
> #
> # The following directives define some format nicknames for use with
> # a CustomLog directive (see below).
> #
> LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""
> combined
> LogFormat "%h %l %u %t \"%r\" %>s %b" common
> LogFormat "%{Referer}i -> %U" referer
> LogFormat "%{User-agent}i" agent
>
> #
> # The location and format of the access logfile (Common Logfile Format).
> # If you do not define any access logfiles within a <VirtualHost>
> # container, they will be logged here. Contrariwise, if you *do*
> # define per-<VirtualHost> access logfiles, transactions will be
> # logged therein and *not* in this file.
> #
> CustomLog logs/access_log common
>
> #
> # If you would like to have agent and referer logfiles, uncomment the
> # following directives.
> #
> #CustomLog logs/referer_log referer
> #CustomLog logs/agent_log agent
>
> #
> # If you prefer a single logfile with access, agent, and referer
> information
> # (Combined Logfile Format) you can use the following directive.
> #
> #CustomLog logs/access_log combined
>
> #
> # Optionally add a line containing the server version and virtual host
> # name to server-generated pages (error documents, FTP directory listings,
> # mod_status and mod_info output etc., but not CGI generated documents).
> # Set to "EMail" to also include a mailto: link to the ServerAdmin.
> # Set to one of: On | Off | EMail
> #
> # ServerSignature Off
>
> #
> # Aliases: Add here as many aliases as you need (with no limit). The
> format is
> # Alias fakename realname
> #
> # Note that if you include a trailing / on fakename then the server will
> # require it to be present in the URL. So "/icons" isn't aliased in this
> # example, only "/icons/"..
> #
> Alias /icons/ "/var/www/icons/"
>
> <Directory "/var/www/icons">
> Options Indexes MultiViews
> AllowOverride None
> Order allow,deny
> Allow from all
> </Directory>
>
> #
> # ScriptAlias: This controls which directories contain server scripts.
> # ScriptAliases are essentially the same as Aliases, except that
> # documents in the realname directory are treated as applications and
> # run by the server when requested rather than as documents sent to the
> client.
> # The same rules about trailing "/" apply to ScriptAlias directives as to
> # Alias.
> #
> ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
>
> #
> # "/var/www/cgi-bin" should be changed to whatever your ScriptAliased
> # CGI directory exists, if you have that configured.
> #
> <Directory "/var/www/cgi-bin">
> AllowOverride None
> Options None
> Order allow,deny
> Allow from all
> </Directory>
>
> #
> # Redirect allows you to tell clients about documents which used to exist
> in
> # your server's namespace, but do not anymore. This allows you to tell the
> # clients where to look for the relocated document.
> # Format: Redirect old-URI new-URL
> #
>
> #
> # Directives controlling the display of server-generated directory
> listings.
> #
>
> #
> # FancyIndexing is whether you want fancy directory indexing or standard
> #
> IndexOptions FancyIndexing
>
> #
> # AddIcon* directives tell the server which icon to show for different
> # files or filename extensions. These are only displayed for
> # FancyIndexed directories.
> #
> AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
>
> AddIconByType (TXT,/icons/text.gif) text/*
> AddIconByType (IMG,/icons/image2.gif) image/*
> AddIconByType (SND,/icons/sound2.gif) audio/*
> AddIconByType (VID,/icons/movie.gif) video/*
>
> AddIcon /icons/binary.gif .bin .exe
> AddIcon /icons/binhex.gif .hqx
> AddIcon /icons/tar.gif .tar
> AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
> AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
> AddIcon /icons/a.gif .ps .ai .eps
> AddIcon /icons/layout.gif .html .shtml .htm .pdf
> AddIcon /icons/text.gif .txt
> AddIcon /icons/c.gif .c
> AddIcon /icons/p.gif .pl .py
> AddIcon /icons/f.gif .for
> AddIcon /icons/dvi.gif .dvi
> AddIcon /icons/uuencoded.gif .uu
> AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
> AddIcon /icons/tex.gif .tex
> AddIcon /icons/bomb.gif core
>
> AddIcon /icons/back.gif ..
> AddIcon /icons/hand.right.gif README
> AddIcon /icons/folder.gif ^^DIRECTORY^^
> AddIcon /icons/blank.gif ^^BLANKICON^^
>
> #
> # DefaultIcon is which icon to show for files which do not have an icon
> # explicitly set.
> #
> DefaultIcon /icons/unknown.gif
>
> #
> # AddDescription allows you to place a short description after a file in
> # server-generated indexes. These are only displayed for FancyIndexed
> # directories.
> # Format: AddDescription "description" filename
> #
> #AddDescription "GZIP compressed document" .gz
> #AddDescription "tar archive" .tar
> #AddDescription "GZIP compressed tar archive" .tgz
>
> #
> # ReadmeName is the name of the README file the server will look for by
> # default, and append to directory listings.
> #
> # HeaderName is the name of a file which should be prepended to
> # directory indexes.
> #
> # The server will first look for name.html and include it if found.
> # If name.html doesn't exist, the server will then look for name.txt
> # and include it as plaintext if found.
> #
> ReadmeName README
> HeaderName HEADER
>
> #
> # IndexIgnore is a set of filenames which directory indexing should ignore
> # and not include in the listing. Shell-style wildcarding is permitted.
> #
> IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
>
> #
> # AddEncoding allows you to have certain browsers (Mosaic/X 2.1+)
> uncompress
> # information on the fly. Note: Not all browsers support this.
> # Despite the name similarity, the following Add* directives have nothing
> # to do with the FancyIndexing customization directives above.
> #
> AddEncoding x-compress Z
> AddEncoding x-gzip gz
>
> #
> # AddLanguage allows you to specify the language of a document. You can
> # then use content negotiation to give a browser a file in a language
> # it can understand. Note that the suffix does not have to be the same
> # as the language keyword --- those with documents in Polish (whose
> # net-standard language code is pl) may wish to use "AddLanguage pl .po"
> # to avoid the ambiguity with the common suffix for perl scripts.
> #
> AddLanguage en .en
> AddLanguage fr .fr
> AddLanguage de .de
> AddLanguage da .da
> AddLanguage el .el
> AddLanguage it .it
>
> #
> # LanguagePriority allows you to give precedence to some languages
> # in case of a tie during content negotiation.
> # Just list the languages in decreasing order of preference.
> #
> LanguagePriority en fr de
>
> #
> # AddType allows you to tweak mime.types without actually editing it, or to
> # make certain files to be certain types.
> #
> # For example, the PHP module (not part of the Apache distribution)
> # will typically use:
> #
> AddType application/x-httpd-php .php
>
> #
> # AddHandler allows you to map certain file extensions to "handlers",
> # actions unrelated to filetype. These can be either built into the server
> # or added with the Action command (see below)
> #
> # If you want to use server side includes, or CGI outside
> # ScriptAliased directories, uncomment the following lines.
> #
> # To use CGI scripts:
> #
> #AddHandler cgi-script .cgi
>
> #
> # To use server-parsed HTML files
> #
> #AddType text/html .shtml
> #AddHandler server-parsed .shtml
>
> #
> # Uncomment the following line to enable Apache's send-asis HTTP file
> # feature
> #
> #AddHandler send-as-is asis
>
> #
> # If you wish to use server-parsed imagemap files, use
> #
> #AddHandler imap-file map
>
> #
> # To enable type maps, you might want to use
> #
> #AddHandler type-map var
>
> #
> # Action lets you define media types that will execute a script whenever
> # a matching file is called. This eliminates the need for repeated URL
> # pathnames for oft-used CGI file processors.
> # Format: Action media/type /cgi-script/location
> # Format: Action handler-name /cgi-script/location
> #
>
> #
> # MetaDir: specifies the name of the directory in which Apache can find
> # meta information files. These files contain additional HTTP headers
> # to include when sending the document
> #
> #MetaDir .web
>
> #
> # MetaSuffix: specifies the file name suffix for the file containing the
> # meta information.
> #
> #MetaSuffix .meta
>
> #
> # Customizable error response (Apache style)
> # these come in three flavors
> #
> # 1) plain text
> #ErrorDocument 500 "The server made a boo boo.
> # n.b. the (") marks it as text, it does not get output
> #
> # 2) local redirects
> #ErrorDocument 404 /missing.html
> # to redirect to local URL /missing.html
> #ErrorDocument 404 /cgi-bin/missing_handler.pl
> # N.B.: You can redirect to a script or a document using
> server-side-includes.
> #
> # 3) external redirects
> #ErrorDocument 402 http://some.other_server.com/subscription_info.html
> # N.B.: Many of the environment variables associated with the original
> # request will *not* be available to such a script.
>
> #
> # The following directives modify normal HTTP response behavior.
> # The first directive disables keepalive for Netscape 2.x and browsers that
> # spoof it. There are known problems with these browser implementations.
> # The second directive is for Microsoft Internet Explorer 4.0b2
> # which has a broken HTTP/1.1 implementation and does not properly
> # support keepalive when it is used on 301 or 302 (redirect) responses.
> #
> BrowserMatch "Mozilla/2" nokeepalive
> BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
>
> #
> # The following directive disables HTTP/1.1 responses to browsers which
> # are in violation of the HTTP/1.0 spec by not being able to grok a
> # basic 1.1 response.
> #
> BrowserMatch "RealPlayer 4\.0" force-response-1.0
> BrowserMatch "Java/1\.0" force-response-1.0
> BrowserMatch "JDK/1\.0" force-response-1.0
>
> #
> # Allow server status reports, with the URL of
> http://servername/server-status
> # Change the ".your_domain.com" to match your domain to enable. By
> default we
> # allow server-status requests from 127.0.0.1 to make apachectl's status
> and
> # fullstatus commands work.
> #
> <Location /server-status>
> SetHandler server-status
> Order deny,allow
> Deny from all
> Allow from 127.0.0.1
> # Allow from .your_domain.com
> </Location>
>
> #
> # Allow remote server configuration reports, with the URL of
> # http://servername/server-info (requires that mod_info.c be loaded).
> # Change the ".your_domain.com" to match your domain to enable.
> #
> #<Location /server-info>
> # SetHandler server-info
> # Order deny,allow
> # Deny from all
> # Allow from .your_domain.com
> #</Location>
>
> #
> # There have been reports of people trying to abuse an old bug from pre-1.1
> # days. This bug involved a CGI script distributed as a part of Apache.
> # By uncommenting these lines you can redirect these attacks to a logging
> # script on phf.apache.org. Or, you can record them yourself, using the
> script
> # support/phf_abuse_log.cgi.
> #
> #<Location /cgi-bin/phf*>
> # Deny from all
> # ErrorDocument 403 http://phf.apache.org/phf_abuse_log.cgi
> #</Location>
>
> #
> # Proxy Server directives. Uncomment the following lines to
> # enable the proxy server:
> #
> #<IfModule mod_proxy.c>
> #ProxyRequests On
> #
> #<Directory proxy:*>
> # Order deny,allow
> # Deny from all
> # Allow from .your_domain.com
> #</Directory>
>
> #
> # Enable/disable the handling of HTTP/1.1 "Via:" headers.
> # ("Full" adds the server version; "Block" removes all outgoing Via:
> headers)
> # Set to one of: Off | On | Full | Block
> #
> #ProxyVia On
>
> #
> # To enable the cache as well, edit and uncomment the following lines:
> # (no cacheing without CacheRoot)
> #
> #CacheRoot "/var/www/proxy"
> #CacheSize 5
> #CacheGcInterval 4
> #CacheMaxExpire 24
> #CacheLastModifiedFactor 0.1
> #CacheDefaultExpire 1
> #NoCache a_domain.com another_domain.edu joes.garage_sale.com
>
> #</IfModule>
> # End of proxy directives.
>
> ### Section 3: Virtual Hosts
> #
> # VirtualHost: If you want to maintain multiple domains/hostnames on your
> # machine you can setup VirtualHost containers for them.
> # Please see the documentation at <URL:http://www.apache.org/docs/vhosts/>
> # for further details before you try to setup virtual hosts.
> # You may use the command line option '-S' to verify your virtual host
> # configuration.
>
> #
> # If you want to use name-based virtual hosts you need to define at
> # least one IP address (and port number) for them.
> #
> #NameVirtualHost 12.34.56.78:80
> #NameVirtualHost 12.34.56.78
>
> #
> # VirtualHost example:
> # Almost any Apache directive may go into a VirtualHost container.
> #
> #<VirtualHost ip.address.of.host.some_domain.com>
> # ServerAdmin webmaster@host.some_domain.com
> # DocumentRoot /www/docs/host.some_domain.com
> # ServerName host.some_domain.com
> # ErrorLog logs/host.some_domain.com-error_log
> # CustomLog logs/host.some_domain.com-access_log common
> #</VirtualHost>
>
> #<VirtualHost _default_:*>
> #</VirtualHost>
>
>
> ##
> ## SSL Global Context
> ##
> ## All SSL configuration in this context applies both to
> ## the main server and all SSL-enabled virtual hosts.
> ##
>
> #
> # Some MIME-types for downloading Certificates and CRLs
> #
> <IfDefine SSL>
> AddType application/x-x509-ca-cert .crt
> AddType application/x-pkcs7-crl .crl
> </IfDefine>
>
> <IfModule mod_ssl.c>
>
> # Pass Phrase Dialog:
> # Configure the pass phrase gathering process.
> # The filtering dialog program (`builtin' is a internal
> # terminal dialog) has to provide the pass phrase on stdout.
> SSLPassPhraseDialog builtin
>
> # Inter-Process Session Cache:
> # Configure the SSL Session Cache: First either `none'
> # or `dbm:/path/to/file' for the mechanism to use and
> # second the expiring timeout (in seconds).
> SSLSessionCache dbm:logs/ssl_scache
> SSLSessionCacheTimeout 300
>
> # Semaphore:
> # Configure the path to the mutual exclusion semaphore the
> # SSL engine uses internally for inter-process synchronization.
> SSLMutex sem
>
> # Pseudo Random Number Generator (PRNG):
> # Configure one or more sources to seed the PRNG of the
> # SSL library. The seed data should be of good random quality.
> SSLRandomSeed startup builtin
> SSLRandomSeed connect builtin
> #SSLRandomSeed startup file:/dev/random 512
> #SSLRandomSeed startup file:/dev/urandom 512
> #SSLRandomSeed connect file:/dev/random 512
> #SSLRandomSeed connect file:/dev/urandom 512
> SSLRandomSeed startup file:/dev/arandom 512
>
> # Logging:
> # The home of the dedicated SSL protocol logfile. Errors are
> # additionally duplicated in the general error log file. Put
> # this somewhere where it cannot be used for symlink attacks on
> # a real server (i.e. somewhere where only root can write).
> # Log levels are (ascending order: higher ones include lower ones):
> # none, error, warn, info, trace, debug.
> SSLLog logs/ssl_engine_log
> SSLLogLevel info
>
> </IfModule>
>
> NameVirtualHost 208.79.92.130:443
> NameVirtualHost 127.0.0.1:443
> <VirtualHost *:443>
> DocumentRoot "/var/www/sites/secusrvr.com"
> ServerName secusrvr.com
> # SSL Engine Switch:
> # Enable/Disable SSL for this virtual host.
> SSLEngine on
>
> # SSL Cipher Suite:
> # List the ciphers that the client is permitted to negotiate.
> # See the mod_ssl documentation for a complete list.
> #SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
>
> # Server Certificate:
> # Point SSLCertificateFile at a PEM encoded certificate. If
> # the certificate is encrypted, then you will be prompted for a
> # pass phrase. Note that a kill -HUP will prompt again. A test
> # certificate can be generated with `make certificate' under
> # built time.
> SSLCertificateFile /etc/ssl/private/secusrvr.com.crt
>
> # Server Private Key:
> # If the key is not combined with the certificate, use this
> # directive to point at the key file.
> SSLCertificateKeyFile /etc/ssl/private/server.key
>
> # Certificate Authority (CA):
> # Set the CA certificate verification path where to find CA
> # certificates for client authentication or alternatively one
> # huge file containing all of them (file must be PEM encoded)
> # Note: Inside SSLCACertificatePath you need hash symlinks
> # to point to the certificate files. Use the provided
> # Makefile to update the hash symlinks after changes.
> #SSLCACertificatePath /var/www/conf/ssl.crt
> #SSLCACertificateFile /var/www/conf/ssl.crt/ca-bundle.crt
> SSLCACertificateFile /etc/ssl/private/gd_bundle.crt
> # Client Authentication (Type):
> # Client certificate verification type and depth. Types are
> # none, optional, require and optional_no_ca. Depth is a
> # number which specifies how deeply to verify the certificate
> # issuer chain before deciding the certificate is not valid.
> #SSLVerifyClient require
> #SSLVerifyDepth 10
>
> # Access Control:
> # With SSLRequire you can do per-directory access control based
> # on arbitrary complex boolean expressions containing server
> # variable checks and other lookup directives. The syntax is a
> # mixture between C and Perl. See the mod_ssl documentation
> # for more details.
> #<Location />
> #SSLRequire ( %{SSL_CIPHER} !~ m/^(EXP|NULL)-/ \
> # and %{SSL_CLIENT_S_DN_O} eq "Snake Oil, Ltd." \
> # and %{SSL_CLIENT_S_DN_OU} in {"Staff", "CA", "Dev"} \
> # and %{TIME_WDAY} >= 1 and %{TIME_WDAY} <= 5 \
> # and %{TIME_HOUR} >= 8 and %{TIME_HOUR} <= 20 ) \
> # or %{REMOTE_ADDR} =~ m/^192\.76\.162\.[0-9]+$/
> #</Location>
>
> # SSL Engine Options:
> # Set various options for the SSL engine.
> # FakeBasicAuth:
> # Translate the client X.509 into a Basic Authorisation. This means
> that
> # the standard Auth/DBMAuth methods can be used for access control.
> The
> # user name is the `one line' version of the client's X.509
> certificate.
> # Note that no password is obtained from the user. Every entry in the
> user
> # file needs this password: `xxj31ZMTZzkVA'.
> # ExportCertData:
> # This exports two additional environment variables: SSL_CLIENT_CERT
> and
> # SSL_SERVER_CERT. These contain the PEM-encoded certificates of the
> # server (always existing) and the client (only existing when client
> # authentication is used). This can be used to import the certificates
> # into CGI scripts.
> # CompatEnvVars:
> # This exports obsolete environment variables for backward
> compatibility
> # to Apache-SSL 1.x, mod_ssl 2.0.x, Sioux 1.0 and Stronghold 2.x. Use
> this
> # to provide compatibility to existing CGI scripts.
> #SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars
>
> # Per-Server Logging:
> # The home of a custom SSL log file. Use this when you want a
> # compact non-error SSL logfile on a virtual host basis.
> CustomLog logs/ssl_request_log \
> "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
>
> <Directory "/var/www/sites/secusrvr.com">
> allow from all
> Options +Indexes
> AllowOverride All
> </Directory>
>
>
> </VirtualHost>
>
> NameVirtualHost 208.79.92.130:80
> NameVirtualHost 127.0.0.1:80
> <VirtualHost *:80>
> DocumentRoot "/var/www/sites/johntate.org"
> ServerName johntate.org
>
> <Directory "/var/www/sites/johntate.org">
> allow from all
> Options +Indexes
> AllowOverride All
> </Directory>
> </VirtualHost>
>
> NameVirtualHost 208.79.92.130:80
> NameVirtualHost 127.0.0.1:80
> <VirtualHost *:80>
> DocumentRoot "/var/www/sites/www.johntate.org"
> ServerName www.johntate.org
>
> <Directory "/var/www/sites/www.johntate.org">
> allow from all
> Options +Indexes
> AllowOverride All
> </Directory>
> </VirtualHost>
>
> NameVirtualHost 208.79.92.130:80
> NameVirtualHost 127.0.0.1:80
> <VirtualHost *:80>
> DocumentRoot "/var/www/sites/www.secusrvr.com"
> ServerName www.secusrvr.com
>
> <Directory "/var/www/sites/www.seucsrvr.com">
> allow from all
> Options +Indexes
> AllowOverride All
> </Directory>
> </VirtualHost>
>
>
> --
> www.johntate.org
>
--
www.johntate.org
