From 29478d386d5ed46884d7e050131581dab2cb8a3c Mon Sep 17 00:00:00 2001 From: thom Date: Wed, 9 Sep 2020 14:15:23 +0200 Subject: [PATCH 1/2] Add changes from install/tpl --- server/conf/apache_ispconfig.conf.master | 142 ++++++++++++++--------- 1 file changed, 84 insertions(+), 58 deletions(-) diff --git a/server/conf/apache_ispconfig.conf.master b/server/conf/apache_ispconfig.conf.master index 040de23625..688283f50e 100644 --- a/server/conf/apache_ispconfig.conf.master +++ b/server/conf/apache_ispconfig.conf.master @@ -15,24 +15,24 @@ CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m AllowOverride None - - Require all denied - - Order Deny,Allow - Deny from all - + + Require all denied + + Order Deny,Allow + Deny from all + # Do not allow access to the root file system of the server for security reasons - Options -Indexes + Options -Indexes AllowOverride None - - Require all denied - - Order Deny,Allow - Deny from all - + + Require all denied + + Order Deny,Allow + Deny from all + @@ -41,103 +41,103 @@ CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m AllowOverride None - - Require all denied - - Order Deny,Allow - Deny from all - + + Require all denied + + Order Deny,Allow + Deny from all + # Except of the following directories that contain website scripts - - Require all granted - + + Require all granted + Order allow,deny Allow from all - + - - Require all granted - + + Require all granted + Order allow,deny Allow from all - + - - Require all granted - + + Require all granted + Order allow,deny Allow from all - + - - Require all granted - + + Require all granted + Order allow,deny Allow from all - + # Allow access to mailman on OpenSuSE - - Require all granted - + + Require all granted + Order allow,deny Allow from all - + - - Require all granted - + + Require all granted + Order allow,deny Allow from all - + Options +FollowSymLinks - - Require all granted - + + Require all granted + Order allow,deny Allow from all - + # allow path to awstats and alias for awstats icons - - Require all granted - + + Require all granted + Order allow,deny Allow from all - + Alias /awstats-icon "/usr/share/awstats/icon" Alias /.well-known/acme-challenge /usr/local/ispconfig/interface/acme/.well-known/acme-challenge - - Require all granted - + + Require all granted + Order allow,deny Allow from all - - - AssignUserId - + + + AssignUserId www-data www-data + NameVirtualHost *:80 @@ -145,3 +145,29 @@ NameVirtualHost *:443 NameVirtualHost {tmpl_var name="ip_address"}:{tmpl_var name="port"} + + + + SSLStaplingCache shmcb:/var/run/ocsp(128000) + + + + + AllowOverride None + + Require all denied + + Order Deny,Allow + Deny from all + + + + + AllowOverride None + + Require all denied + + Order Deny,Allow + Deny from all + + -- GitLab From 9bd65ce93757ccbb273b013abf8d1ba2d01a3e4b Mon Sep 17 00:00:00 2001 From: thom Date: Wed, 9 Sep 2020 20:56:34 +0200 Subject: [PATCH 2/2] Use user and group ispconfig for mpm_itk --- install/tpl/apache_ispconfig.conf.master | 2 +- server/conf/apache_ispconfig.conf.master | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/install/tpl/apache_ispconfig.conf.master b/install/tpl/apache_ispconfig.conf.master index 688283f50e..8c2292d6a3 100644 --- a/install/tpl/apache_ispconfig.conf.master +++ b/install/tpl/apache_ispconfig.conf.master @@ -136,7 +136,7 @@ Alias /.well-known/acme-challenge /usr/local/ispconfig/interface/acme/.well-know Allow from all - AssignUserId www-data www-data + AssignUserId ispconfig ispconfig diff --git a/server/conf/apache_ispconfig.conf.master b/server/conf/apache_ispconfig.conf.master index 688283f50e..8c2292d6a3 100644 --- a/server/conf/apache_ispconfig.conf.master +++ b/server/conf/apache_ispconfig.conf.master @@ -136,7 +136,7 @@ Alias /.well-known/acme-challenge /usr/local/ispconfig/interface/acme/.well-know Allow from all - AssignUserId www-data www-data + AssignUserId ispconfig ispconfig -- GitLab