AllowOverride None
Require all denied
Order Deny,Allow
Deny from all
DocumentRoot
DocumentRoot
DocumentRoot
DocumentRoot
DocumentRoot
ServerName
ServerAdmin webmaster@
ErrorLog /var/log/ispconfig/httpd//error.log
Alias /error/ "/error/"
ErrorDocument 400 /error/400.html
ErrorDocument 401 /error/401.html
ErrorDocument 403 /error/403.html
ErrorDocument 404 /error/404.html
ErrorDocument 405 /error/405.html
ErrorDocument 500 /error/500.html
ErrorDocument 502 /error/502.html
ErrorDocument 503 /error/503.html
SSLEngine on
SSLProtocol All -SSLv2 -SSLv3
# SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
SSLHonorCipherOrder on
#
# Header always add Strict-Transport-Security "max-age=15768000"
#
SSLCertificateFile
SSLCertificateKeyFile
SSLCertificateChainFile
SSLUseStapling on
SSLStaplingResponderTimeout 5
SSLStaplingReturnResponderErrors off
# Clear PHP settings of this website
SetHandler None
Options +FollowSymLinks
AllowOverride
Require all granted
Order allow,deny
Allow from all
# ssi enabled
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
Options +Includes
Require all denied
Order allow,deny
Deny from all
Allow from none
# Clear PHP settings of this website
SetHandler None
Options +FollowSymLinks
AllowOverride
Require all granted
Order allow,deny
Allow from all
# ssi enabled
AddType text/html .shtml
AddOutputFilter INCLUDES .shtml
Options +Includes
Require all denied
Order allow,deny
Deny from all
Allow from none
Options +ExecCGI
RubyRequire apache/ruby-run
#RubySafeLevel 0
AddType text/html .rb
AddType text/html .rbx
SetHandler ruby-object
RubyHandler Apache::RubyRun.instance
SetHandler ruby-object
RubyHandler Apache::RubyRun.instance
PerlModule ModPerl::Registry
PerlModule Apache2::Reload
PerlResponseHandler ModPerl::Registry
PerlOptions +ParseHeaders
Options +ExecCGI
PerlResponseHandler ModPerl::Registry
PerlOptions +ParseHeaders
Options +ExecCGI
SetHandler perl-script
SetHandler mod_python
PythonHandler mod_python.publisher
PythonDebug On
# cgi enabled
Require all granted
Order allow,deny
Allow from all
ScriptAlias /cgi-bin/ /cgi-bin/
SetHandler cgi-script
# suexec enabled
SuexecUserGroup
# mod_php enabled
AddType application/x-httpd-php .php .php3 .php4 .php5
SetEnv TMP /tmp
SetEnv TMPDIR /tmp
SetEnv TEMP /tmp
php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -fwebmaster@"
php_admin_value upload_tmp_dir /tmp
php_admin_value session.save_path /tmp
# PHPIniDir
php_admin_value open_basedir
# suphp enabled
suPHP_Engine on
# suPHP_UserGroup
suPHP_ConfigPath
SetHandler x-httpd-suphp
suPHP_AddHandler x-httpd-suphp
# php as cgi enabled
ScriptAlias /php5-cgi
Action php5-cgi /php5-cgi
SetHandler php5-cgi
SetHandler php5-cgi
Require all granted
Order allow,deny
Allow from all
# php as fast-cgi enabled
# For config options see: http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html
FcgidIdleTimeout 300
FcgidProcessLifeTime 3600
# FcgidMaxProcesses 1000
FcgidMaxRequestsPerProcess
FcgidMinProcessesPerClass 0
FcgidMaxProcessesPerClass 10
FcgidConnectTimeout 3
FcgidIOTimeout 600
FcgidBusyTimeout 3600
FcgidMaxRequestLen 1073741824
IdleTimeout 300
ProcessLifeTime 3600
# MaxProcessCount 1000
DefaultMinClassProcessCount 0
DefaultMaxClassProcessCount 10
IPCConnectTimeout 3
IPCCommTimeout 600
BusyTimeout 3600
SetHandler fcgid-script
FCGIWrapper .php
FCGIWrapper .php3
FCGIWrapper .php4
FCGIWrapper .php5
Options +ExecCGI
AllowOverride
Require all granted
Order allow,deny
Allow from all
SetHandler fcgid-script
FCGIWrapper .php
FCGIWrapper .php3
FCGIWrapper .php4
FCGIWrapper .php5
Options +ExecCGI
AllowOverride
Require all granted
Order allow,deny
Allow from all
Require all granted
Order allow,deny
Allow from all
SetHandler php5-fcgi
SetHandler php5-fcgi
SetHandler php5-fcgi
SetHandler php5-fcgi
Action php5-fcgi /php5-fcgi virtual
Alias /php5-fcgi {tmpl_var name='document_root'}/cgi-bin/php5-fcgi-{tmpl_var name='ip_address'}-{tmpl_var name='port'}-{tmpl_var name='domain'}
FastCgiExternalServer {tmpl_var name='document_root'}/cgi-bin/php5-fcgi-{tmpl_var name='ip_address'}-{tmpl_var name='port'}-{tmpl_var name='domain'} -idle-timeout 300 -host 127.0.0.1: -pass-header Authorization
FastCgiExternalServer {tmpl_var name='document_root'}/cgi-bin/php5-fcgi-{tmpl_var name='ip_address'}-{tmpl_var name='port'}-{tmpl_var name='domain'} -idle-timeout 300 -socket -pass-header Authorization
#ProxyPassMatch ^/(.*\.php[345]?(/.*)?)$ fcgi://127.0.0.1:/$1
SetHandler "proxy:fcgi://127.0.0.1:"
SetHandler "proxy:fcgi://127.0.0.1:"
#ProxyPassMatch ^/(.*\.php[345]?(/.*)?)$ unix://|fcgi://localhost//$1
SetHandler "proxy:unix:|fcgi://localhost"
SetHandler "proxy:unix:|fcgi://localhost"
Require all granted
Order allow,deny
Allow from all
SetHandler hhvm-fcgi
SetHandler hhvm-fcgi
SetHandler hhvm-fcgi
SetHandler hhvm-fcgi
Action hhvm-fcgi /hhvm-fcgi virtual
Alias /hhvm-fcgi {tmpl_var name='document_root'}/cgi-bin/hhvm-fcgi-{tmpl_var name='ip_address'}-{tmpl_var name='port'}-{tmpl_var name='domain'}
FastCgiExternalServer {tmpl_var name='document_root'}/cgi-bin/hhvm-fcgi-{tmpl_var name='ip_address'}-{tmpl_var name='port'}-{tmpl_var name='domain'} -idle-timeout 300 -socket /var/run/hhvm/hhvm..sock -pass-header Authorization
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/\.well-known/acme-challenge/
RewriteRule ^ - [END]
RewriteCond %{HTTP_HOST} ^$ [NC]
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/
RewriteRule ^(.*)$ https://$1 [R=301,NE,L]
RewriteCond %{HTTP_HOST} ^$ [NC]
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/
RewriteRule ^(.*)$ https://$1 [R=301,NE,L]
RewriteCond %{HTTP_HOST} $ [NC]
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/
RewriteCond %{REQUEST_URI} !^/webdav/
RewriteCond %{REQUEST_URI} !^/php5-fcgi/
RewriteCond %{REQUEST_URI} !^
RewriteRule ^/(.*)$ $1
RewriteCond %{HTTPS} off
RewriteCond %{REQUEST_URI} !^/\.well-known/acme-challenge/
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
# add support for apache mpm_itk
AssignUserId
# Do not execute PHP files in webdav directory
SecRuleRemoveById 960015
SecRuleRemoveById 960032
SetHandler None
DavLockDB {tmpl_var name='document_root'}/tmp/DavLock
# DO NOT REMOVE THE COMMENTS!
# IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
# WEBDAV BEGIN
# WEBDAV END
SSLStaplingCache shmcb:/var/run/ocsp(128000)