Skip to content

GitLab

Commit 47cca9bb authored by tbrehm's avatar tbrehm
Browse files

Fixed: FS#767 - Make sure ServerAlias directive never exceeds 8192 bytes

parent 0e1c2323
Hide whitespace changes
Inline Side-by-side
Showing with 319 additions and 301 deletions
server/conf/vhost.conf.master
View file @ 47cca9bb
<Directory {tmpl_var name='web_basedir'}/{tmpl_var name='domain'}>
AllowOverride None
Order Deny,Allow
Deny from all
</Directory>
<VirtualHost <tmpl_var name='ip_address'>:80>
<tmpl_if name='php' op='==' value='suphp'>
DocumentRoot <tmpl_var name='web_document_root'>
</tmpl_else>
<tmpl_if name='php' op='==' value='cgi'>
DocumentRoot <tmpl_var name='web_document_root'>
</tmpl_else>
DocumentRoot <tmpl_var name='web_document_root_www'>
</tmpl_if>
</tmpl_if>
ServerName <tmpl_var name='domain'>
<tmpl_if name='alias'>
ServerAlias <tmpl_var name='alias'>
</tmpl_if>
ServerAdmin webmaster@<tmpl_var name='domain'>
ErrorLog /var/log/ispconfig/httpd/<tmpl_var name='domain'>/error.log
<tmpl_if name='errordocs'>
ErrorDocument 400 /error/400.html
ErrorDocument 401 /error/401.html
ErrorDocument 403 /error/403.html
ErrorDocument 404 /error/404.html
ErrorDocument 405 /error/405.html
ErrorDocument 500 /error/500.html
ErrorDocument 503 /error/503.html
</tmpl_if>
<Directory {tmpl_var name='web_document_root_www'}>
Options FollowSymLinks
AllowOverride Indexes AuthConfig Limit FileInfo
Order allow,deny
Allow from all
<tmpl_if name='ssi' op='==' value='y'>
# ssi enabled
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
Options +Includes
</tmpl_if>
<tmpl_if name='php' op='==' value='no'>
<Files ~ '.php[s3-6]{0,1}$'>
Order allow,deny
Deny from all
Allow from none
</Files>
</tmpl_if>
</Directory>
<Directory {tmpl_var name='web_document_root'}>
Options FollowSymLinks
AllowOverride Indexes AuthConfig Limit FileInfo
Order allow,deny
Allow from all
<tmpl_if name='ssi' op='==' value='y'>
# ssi enabled
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
Options +Includes
</tmpl_if>
<tmpl_if name='php' op='==' value='no'>
<Files ~ '.php[s3-6]{0,1}$'>
Order allow,deny
Deny from all
Allow from none
</Files>
</tmpl_if>
</Directory>
<tmpl_if name='cgi' op='==' value='y'>
# cgi enabled
<Directory {tmpl_var name='document_root'}/cgi-bin>
Order allow,deny
Allow from all
</Directory>
ScriptAlias /cgi-bin/ <tmpl_var name='document_root'>/cgi-bin/
AddHandler cgi-script .cgi
AddHandler cgi-script .pl
</tmpl_if>
<tmpl_if name='suexec' op='==' value='y'>
# suexec enabled
SuexecUserGroup <tmpl_var name='system_user'> <tmpl_var name='system_group'>
</tmpl_if>
<tmpl_if name='php' op='==' value='mod'>
# mod_php enabled
AddType application/x-httpd-php .php .php3 .php4 .php5
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -fwebmaster@<tmpl_var name='domain'>"
php_admin_value upload_tmp_dir <tmpl_var name='document_root'>/tmp
php_admin_value session.save_path <tmpl_var name='document_root'>/tmp
#php_admin_value open_basedir <tmpl_var name='document_root'>:/usr/share/php5
</tmpl_if>
<tmpl_if name='php' op='==' value='suphp'>
# suphp enabled
<Directory {tmpl_var name='web_document_root'}>
suPHP_Engine on
# suPHP_UserGroup <tmpl_var name='system_user'> <tmpl_var name='system_group'>
AddHandler x-httpd-suphp .php .php3 .php4 .php5
suPHP_AddHandler x-httpd-suphp
</Directory>
</tmpl_if>
<tmpl_if name='php' op='==' value='cgi'>
# php as cgi enabled
ScriptAlias /php5-cgi <tmpl_var name='cgi_starter_path'><tmpl_var name='cgi_starter_script'>
Action php5-cgi /php5-cgi
AddHandler php5-cgi .php .php3 .php4 .php5
<Directory {tmpl_var name='cgi_starter_path'}>
Order allow,deny
Allow from all
</Directory>
</tmpl_if>
<tmpl_if name='php' op='==' value='fast-cgi'>
# php as fast-cgi enabled
<Directory {tmpl_var name='web_document_root_www'}>
AddHandler fcgid-script .php .php3 .php4 .php5
FCGIWrapper <tmpl_var name='fastcgi_starter_path'><tmpl_var name='fastcgi_starter_script'> .php
Options +ExecCGI
AllowOverride all
Order allow,deny
Allow from all
</Directory>
</tmpl_if>
<tmpl_if name="rewrite_enabled">
RewriteEngine on
<tmpl_loop name="redirects">
RewriteCond %{HTTP_HOST} ^<tmpl_var name='rewrite_domain'> [NC]
RewriteRule ^/(.*)$ <tmpl_var name='rewrite_target'>$1 <tmpl_var name='rewrite_type'>
</tmpl_loop>
</tmpl_if>
<tmpl_var name='apache_directives'>
</VirtualHost>
<tmpl_if name='ssl_enabled'>
<IfModule mod_ssl.c>
###########################################################
# SSL Vhost
###########################################################
<VirtualHost <tmpl_var name='ip_address'>:443>
<tmpl_if name='php' op='==' value='suphp'>
DocumentRoot <tmpl_var name='web_document_root'>
</tmpl_else>
<tmpl_if name='php' op='==' value='cgi'>
DocumentRoot <tmpl_var name='web_document_root'>
</tmpl_else>
DocumentRoot <tmpl_var name='web_document_root_www'>
</tmpl_if>
</tmpl_if>
ServerName <tmpl_var name='domain'>
<tmpl_if name='alias'>
ServerAlias <tmpl_var name='alias'>
</tmpl_if>
ServerAdmin webmaster@<tmpl_var name='domain'>
ErrorLog /var/log/ispconfig/httpd/<tmpl_var name='domain'>/error.log
<tmpl_if name='errordocs'>
ErrorDocument 400 /error/400.html
ErrorDocument 401 /error/401.html
ErrorDocument 403 /error/403.html
ErrorDocument 404 /error/404.html
ErrorDocument 405 /error/405.html
ErrorDocument 500 /error/500.html
ErrorDocument 503 /error/503.html
</tmpl_if>
SSLEngine on
SSLCertificateFile <tmpl_var name='document_root'>/ssl/<tmpl_var name='domain'>.crt
SSLCertificateKeyFile <tmpl_var name='document_root'>/ssl/<tmpl_var name='domain'>.key
<tmpl_if name='has_bundle_cert'>
SSLCACertificateFile <tmpl_var name='document_root'>/ssl/<tmpl_var name='domain'>.bundle
</tmpl_if>
<Directory {tmpl_var name='web_document_root_www'}>
Options FollowSymLinks
AllowOverride Indexes AuthConfig Limit FileInfo
Order allow,deny
Allow from all
<tmpl_if name='ssi' op='==' value='y'>
# ssi enabled
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
Options +Includes
</tmpl_if>
<tmpl_if name='php' op='==' value='no'>
<Files ~ '.php[s3-6]{0,1}$'>
Order allow,deny
Deny from all
Allow from none
</Files>
</tmpl_if>
</Directory>
<Directory {tmpl_var name='web_document_root'}>
Options FollowSymLinks
AllowOverride Indexes AuthConfig Limit FileInfo
Order allow,deny
Allow from all
<tmpl_if name='ssi' op='==' value='y'>
# ssi enabled
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
Options +Includes
</tmpl_if>
<tmpl_if name='php' op='==' value='no'>
<Files ~ '.php[s3-6]{0,1}$'>
Order allow,deny
Deny from all
Allow from none
</Files>
</tmpl_if>
</Directory>
<tmpl_if name='cgi' op='==' value='y'>
# cgi enabled
<Directory {tmpl_var name='document_root'}/cgi-bin>
Order allow,deny
Allow from all
</Directory>
ScriptAlias /cgi-bin/ <tmpl_var name='document_root'>/cgi-bin/
AddHandler cgi-script .cgi
AddHandler cgi-script .pl
</tmpl_if>
<tmpl_if name='ssi'op='==' value='y'>
# ssi enabled
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
</tmpl_if>
<tmpl_if name='suexec'op='==' value='y'>
# suexec enabled
SuexecUserGroup <tmpl_var name='system_user'> <tmpl_var name='system_group'>
</tmpl_if>
<tmpl_if name='php' op='==' value='mod'>
# mod_php enabled
AddType application/x-httpd-php .php .php3 .php4 .php5
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -fwebmaster@<tmpl_var name='domain'>"
php_admin_value upload_tmp_dir <tmpl_var name='document_root'>/tmp
php_admin_value session.save_path <tmpl_var name='document_root'>/tmp
#php_admin_value open_basedir <tmpl_var name='document_root'>:/usr/share/php5
</tmpl_if>
<tmpl_if name='php' op='==' value='suphp'>
# suphp enabled
suPHP_Engine on
# suPHP_UserGroup <tmpl_var name='system_user'> <tmpl_var name='system_group'>
AddHandler x-httpd-php .php .php3 .php4 .php5
suPHP_AddHandler x-httpd-php
</tmpl_if>
<tmpl_if name='php' op='==' value='cgi'>
# php as cgi enabled
ScriptAlias /php5-cgi <tmpl_var name='cgi_starter_path'><tmpl_var name='cgi_starter_script'>
Action php5-cgi /php5-cgi
AddHandler php5-cgi .php .php3 .php4 .php5
<Directory {tmpl_var name='cgi_starter_path'}>
Order allow,deny
Allow from all
</Directory>
</tmpl_if>
<tmpl_if name='php' op='==' value='fast-cgi'>
# php as fast-cgi enabled
<Directory {tmpl_var name='web_document_root_www'}>
AddHandler fcgid-script .php .php3 .php4 .php5
FCGIWrapper <tmpl_var name='fastcgi_starter_path'><tmpl_var name='fastcgi_starter_script'> .php
Options +ExecCGI
AllowOverride all
Order allow,deny
Allow from all
</Directory>
</tmpl_if>
<tmpl_if name="rewrite_enabled">
RewriteEngine on
<tmpl_loop name="redirects">
RewriteCond %{HTTP_HOST} ^<tmpl_var name='rewrite_domain'> [NC]
RewriteRule ^/(.*)$ <tmpl_var name='rewrite_target'>$1 <tmpl_var name='rewrite_type'>
</tmpl_loop>
</tmpl_if>
<tmpl_var name='apache_directives'>
</VirtualHost>
</IfModule>
<Directory {tmpl_var name='web_basedir'}/{tmpl_var name='domain'}>
AllowOverride None
Order Deny,Allow
Deny from all
</Directory>
<VirtualHost <tmpl_var name='ip_address'>:80>
<tmpl_if name='php' op='==' value='suphp'>
DocumentRoot <tmpl_var name='web_document_root'>
</tmpl_else>
<tmpl_if name='php' op='==' value='cgi'>
DocumentRoot <tmpl_var name='web_document_root'>
</tmpl_else>
DocumentRoot <tmpl_var name='web_document_root_www'>
</tmpl_if>
</tmpl_if>
ServerName <tmpl_var name='domain'>
<tmpl_if name='alias'>
<tmpl_var name='alias'>
</tmpl_if>
ServerAdmin webmaster@<tmpl_var name='domain'>
ErrorLog /var/log/ispconfig/httpd/<tmpl_var name='domain'>/error.log
<tmpl_if name='errordocs'>
ErrorDocument 400 /error/400.html
ErrorDocument 401 /error/401.html
ErrorDocument 403 /error/403.html
ErrorDocument 404 /error/404.html
ErrorDocument 405 /error/405.html
ErrorDocument 500 /error/500.html
ErrorDocument 503 /error/503.html
</tmpl_if>
<Directory {tmpl_var name='web_document_root_www'}>
Options FollowSymLinks
AllowOverride Indexes AuthConfig Limit FileInfo
Order allow,deny
Allow from all
<tmpl_if name='ssi' op='==' value='y'>
# ssi enabled
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
Options +Includes
</tmpl_if>
<tmpl_if name='php' op='==' value='no'>
<Files ~ '.php[s3-6]{0,1}$'>
Order allow,deny
Deny from all
Allow from none
</Files>
</tmpl_if>
</Directory>
<Directory {tmpl_var name='web_document_root'}>
Options FollowSymLinks
AllowOverride Indexes AuthConfig Limit FileInfo
Order allow,deny
Allow from all
<tmpl_if name='ssi' op='==' value='y'>
# ssi enabled
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
Options +Includes
</tmpl_if>
<tmpl_if name='php' op='==' value='no'>
<Files ~ '.php[s3-6]{0,1}$'>
Order allow,deny
Deny from all
Allow from none
</Files>
</tmpl_if>
</Directory>
<tmpl_if name='cgi' op='==' value='y'>
# cgi enabled
<Directory {tmpl_var name='document_root'}/cgi-bin>
Order allow,deny
Allow from all
</Directory>
ScriptAlias /cgi-bin/ <tmpl_var name='document_root'>/cgi-bin/
AddHandler cgi-script .cgi
AddHandler cgi-script .pl
</tmpl_if>
<tmpl_if name='suexec' op='==' value='y'>
# suexec enabled
SuexecUserGroup <tmpl_var name='system_user'> <tmpl_var name='system_group'>
</tmpl_if>
<tmpl_if name='php' op='==' value='mod'>
# mod_php enabled
AddType application/x-httpd-php .php .php3 .php4 .php5
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -fwebmaster@<tmpl_var name='domain'>"
php_admin_value upload_tmp_dir <tmpl_var name='document_root'>/tmp
php_admin_value session.save_path <tmpl_var name='document_root'>/tmp
#php_admin_value open_basedir <tmpl_var name='document_root'>:/usr/share/php5
</tmpl_if>
<tmpl_if name='php' op='==' value='suphp'>
# suphp enabled
<Directory {tmpl_var name='web_document_root'}>
suPHP_Engine on
# suPHP_UserGroup <tmpl_var name='system_user'> <tmpl_var name='system_group'>
AddHandler x-httpd-suphp .php .php3 .php4 .php5
suPHP_AddHandler x-httpd-suphp
</Directory>
</tmpl_if>
<tmpl_if name='php' op='==' value='cgi'>
# php as cgi enabled
ScriptAlias /php5-cgi <tmpl_var name='cgi_starter_path'><tmpl_var name='cgi_starter_script'>
Action php5-cgi /php5-cgi
AddHandler php5-cgi .php .php3 .php4 .php5
<Directory {tmpl_var name='cgi_starter_path'}>
Order allow,deny
Allow from all
</Directory>
</tmpl_if>
<tmpl_if name='php' op='==' value='fast-cgi'>
# php as fast-cgi enabled
<Directory {tmpl_var name='web_document_root_www'}>
AddHandler fcgid-script .php .php3 .php4 .php5
FCGIWrapper <tmpl_var name='fastcgi_starter_path'><tmpl_var name='fastcgi_starter_script'> .php
Options +ExecCGI
AllowOverride all
Order allow,deny
Allow from all
</Directory>
</tmpl_if>
<tmpl_if name="rewrite_enabled">
RewriteEngine on
<tmpl_loop name="redirects">
RewriteCond %{HTTP_HOST} ^<tmpl_var name='rewrite_domain'> [NC]
RewriteRule ^/(.*)$ <tmpl_var name='rewrite_target'>$1 <tmpl_var name='rewrite_type'>
</tmpl_loop>
</tmpl_if>
<tmpl_var name='apache_directives'>
</VirtualHost>
<tmpl_if name='ssl_enabled'>
<IfModule mod_ssl.c>
###########################################################
# SSL Vhost
###########################################################
<VirtualHost <tmpl_var name='ip_address'>:443>
<tmpl_if name='php' op='==' value='suphp'>
DocumentRoot <tmpl_var name='web_document_root'>
</tmpl_else>
<tmpl_if name='php' op='==' value='cgi'>
DocumentRoot <tmpl_var name='web_document_root'>
</tmpl_else>
DocumentRoot <tmpl_var name='web_document_root_www'>
</tmpl_if>
</tmpl_if>
ServerName <tmpl_var name='domain'>
<tmpl_if name='alias'>
<tmpl_var name='alias'>
</tmpl_if>
ServerAdmin webmaster@<tmpl_var name='domain'>
ErrorLog /var/log/ispconfig/httpd/<tmpl_var name='domain'>/error.log
<tmpl_if name='errordocs'>
ErrorDocument 400 /error/400.html
ErrorDocument 401 /error/401.html
ErrorDocument 403 /error/403.html
ErrorDocument 404 /error/404.html
ErrorDocument 405 /error/405.html
ErrorDocument 500 /error/500.html
ErrorDocument 503 /error/503.html
</tmpl_if>
SSLEngine on
SSLCertificateFile <tmpl_var name='document_root'>/ssl/<tmpl_var name='domain'>.crt
SSLCertificateKeyFile <tmpl_var name='document_root'>/ssl/<tmpl_var name='domain'>.key
<tmpl_if name='has_bundle_cert'>
SSLCACertificateFile <tmpl_var name='document_root'>/ssl/<tmpl_var name='domain'>.bundle
</tmpl_if>
<Directory {tmpl_var name='web_document_root_www'}>
Options FollowSymLinks
AllowOverride Indexes AuthConfig Limit FileInfo
Order allow,deny
Allow from all
<tmpl_if name='ssi' op='==' value='y'>
# ssi enabled
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
Options +Includes
</tmpl_if>
<tmpl_if name='php' op='==' value='no'>
<Files ~ '.php[s3-6]{0,1}$'>
Order allow,deny
Deny from all
Allow from none
</Files>
</tmpl_if>
</Directory>
<Directory {tmpl_var name='web_document_root'}>
Options FollowSymLinks
AllowOverride Indexes AuthConfig Limit FileInfo
Order allow,deny
Allow from all
<tmpl_if name='ssi' op='==' value='y'>
# ssi enabled
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
Options +Includes
</tmpl_if>
<tmpl_if name='php' op='==' value='no'>
<Files ~ '.php[s3-6]{0,1}$'>
Order allow,deny
Deny from all
Allow from none
</Files>
</tmpl_if>
</Directory>
<tmpl_if name='cgi' op='==' value='y'>
# cgi enabled
<Directory {tmpl_var name='document_root'}/cgi-bin>
Order allow,deny
Allow from all
</Directory>
ScriptAlias /cgi-bin/ <tmpl_var name='document_root'>/cgi-bin/
AddHandler cgi-script .cgi
AddHandler cgi-script .pl
</tmpl_if>
<tmpl_if name='ssi'op='==' value='y'>
# ssi enabled
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
</tmpl_if>
<tmpl_if name='suexec'op='==' value='y'>
# suexec enabled
SuexecUserGroup <tmpl_var name='system_user'> <tmpl_var name='system_group'>
</tmpl_if>
<tmpl_if name='php' op='==' value='mod'>
# mod_php enabled
AddType application/x-httpd-php .php .php3 .php4 .php5
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -fwebmaster@<tmpl_var name='domain'>"
php_admin_value upload_tmp_dir <tmpl_var name='document_root'>/tmp
php_admin_value session.save_path <tmpl_var name='document_root'>/tmp
#php_admin_value open_basedir <tmpl_var name='document_root'>:/usr/share/php5
</tmpl_if>
<tmpl_if name='php' op='==' value='suphp'>
# suphp enabled
suPHP_Engine on
# suPHP_UserGroup <tmpl_var name='system_user'> <tmpl_var name='system_group'>
AddHandler x-httpd-php .php .php3 .php4 .php5
suPHP_AddHandler x-httpd-php
</tmpl_if>
<tmpl_if name='php' op='==' value='cgi'>
# php as cgi enabled
ScriptAlias /php5-cgi <tmpl_var name='cgi_starter_path'><tmpl_var name='cgi_starter_script'>
Action php5-cgi /php5-cgi
AddHandler php5-cgi .php .php3 .php4 .php5
<Directory {tmpl_var name='cgi_starter_path'}>
Order allow,deny
Allow from all
</Directory>
</tmpl_if>
<tmpl_if name='php' op='==' value='fast-cgi'>
# php as fast-cgi enabled
<Directory {tmpl_var name='web_document_root_www'}>
AddHandler fcgid-script .php .php3 .php4 .php5
FCGIWrapper <tmpl_var name='fastcgi_starter_path'><tmpl_var name='fastcgi_starter_script'> .php
Options +ExecCGI
AllowOverride all
Order allow,deny
Allow from all
</Directory>
</tmpl_if>
<tmpl_if name="rewrite_enabled">
RewriteEngine on
<tmpl_loop name="redirects">
RewriteCond %{HTTP_HOST} ^<tmpl_var name='rewrite_domain'> [NC]
RewriteRule ^/(.*)$ <tmpl_var name='rewrite_target'>$1 <tmpl_var name='rewrite_type'>
</tmpl_loop>
</tmpl_if>
<tmpl_var name='apache_directives'>
</VirtualHost>
</IfModule>
</tmpl_if>
server/plugins-available/apache2_plugin.inc.php
View file @ 47cca9bb
......@@ -527,25 +527,26 @@ class apache2_plugin {
// get alias domains (co-domains and subdomains)
$aliases = $app->db->queryAllRecords("SELECT * FROM web_domain WHERE parent_domain_id = ".$data["new"]["domain_id"]." AND active = 'y'");
switch($data["new"]["subdomain"]) {
$server_alias = array();
switch($data["new"]["subdomain"]) {
case 'www':
$server_alias .= 'www.'.$data["new"]["domain"].' ';
$server_alias[] .= 'www.'.$data["new"]["domain"].' ';
break;
case '*':
$server_alias .= '*.'.$data["new"]["domain"].' ';
$server_alias[] .= '*.'.$data["new"]["domain"].' ';
break;
}
if(is_array($aliases)) {
foreach($aliases as $alias) {
switch($alias["subdomain"]) {
case 'www':
$server_alias .= 'www.'.$alias["domain"].' '.$alias["domain"].' ';
$server_alias[] .= 'www.'.$alias["domain"].' '.$alias["domain"].' ';
break;
case '*':
$server_alias .= '*.'.$alias["domain"].' '.$alias["domain"].' ';
$server_alias[] .= '*.'.$alias["domain"].' '.$alias["domain"].' ';
break;
default:
$server_alias .= $alias["domain"].' ';
$server_alias[] .= $alias["domain"].' ';
break;
}
$app->log("Add server alias: $alias[domain]",LOGLEVEL_DEBUG);
......@@ -570,7 +571,24 @@ class apache2_plugin {
}
}
}
$tpl->setVar('alias',trim($server_alias));