vhost.conf.master 11.9 KB
Newer Older
1 2

<Directory {tmpl_var name='web_basedir'}/{tmpl_var name='domain'}>
3
		AllowOverride None
4
		<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
5
		Require all deny
6
		<tmpl_else>
7 8
		Order Deny,Allow
		Deny from all
9
		</tmpl_if>
10 11
</Directory>

tbrehm's avatar
tbrehm committed
12 13
<tmpl_loop name="vhosts">
<VirtualHost {tmpl_var name='ip_address'}:{tmpl_var name='port'}>
14
<tmpl_if name='php' op='==' value='suphp'>
15
		DocumentRoot <tmpl_var name='web_document_root'>
16
</tmpl_else>
17 18 19
	<tmpl_if name='php' op='==' value='cgi'>
		DocumentRoot <tmpl_var name='web_document_root'>
	</tmpl_else>
20 21 22
		<tmpl_if name='php' op='==' value='php-fpm'>
		DocumentRoot <tmpl_var name='web_document_root'>
		</tmpl_else>
23
		DocumentRoot <tmpl_var name='web_document_root_www'>
24
		</tmpl_if>
25
	</tmpl_if>
26 27
</tmpl_if>

28
		ServerName <tmpl_var name='domain'>
29
<tmpl_if name='alias'>
30
		<tmpl_var name='alias'>
31
</tmpl_if>
32
		ServerAdmin webmaster@<tmpl_var name='domain'>
33

34
		ErrorLog /var/log/ispconfig/httpd/<tmpl_var name='domain'>/error.log
35

36
<tmpl_if name='errordocs'>
37 38 39 40 41 42 43 44 45
		Alias /error/ "<tmpl_var name='web_document_root_www'>/error/"
		ErrorDocument 400 /error/400.html
		ErrorDocument 401 /error/401.html
		ErrorDocument 403 /error/403.html
		ErrorDocument 404 /error/404.html
		ErrorDocument 405 /error/405.html
		ErrorDocument 500 /error/500.html
		ErrorDocument 502 /error/502.html
		ErrorDocument 503 /error/503.html
46
</tmpl_if>
tbrehm's avatar
tbrehm committed
47

48
		<IfModule mod_ssl.c>
tbrehm's avatar
tbrehm committed
49 50
<tmpl_if name='ssl_enabled'>
	SSLEngine on
51 52
		SSLCertificateFile <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.crt
		SSLCertificateKeyFile <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.key
tbrehm's avatar
tbrehm committed
53
<tmpl_if name='has_bundle_cert'>
54
		SSLCACertificateFile <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.bundle
55
</tmpl_if>
tbrehm's avatar
tbrehm committed
56
</tmpl_if>
57
		</IfModule>
58

59
		<Directory {tmpl_var name='web_document_root_www'}>
60
				Options +FollowSymLinks
61
				AllowOverride <tmpl_var name='allow_override'>
62
				<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
63
				Require all granted
64
				<tmpl_else>
65 66
				Order allow,deny
				Allow from all
67
				</tmpl_if>
68
<tmpl_if name='ssi' op='==' value='y'>
69 70 71 72 73

				# ssi enabled
				AddType text/html .shtml
				AddOutputFilter INCLUDES .shtml
				Options +Includes
74 75
</tmpl_if>
<tmpl_if name='php' op='==' value='no'>
76
				<Files ~ '.php[s3-6]{0,1}$'>
77
						<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
78
						Require all denied
79
						<tmpl_else>
80 81 82
						Order allow,deny
						Deny from all
						Allow from none
83
						</tmpl_if>
84
				</Files>
85
</tmpl_if>
86 87
		</Directory>
		<Directory {tmpl_var name='web_document_root'}>
88
				Options +FollowSymLinks
89
				AllowOverride <tmpl_var name='allow_override'>
90
				<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
91
				Require all granted
92
				<tmpl_else>
93 94
				Order allow,deny
				Allow from all
95
				</tmpl_if>
96
<tmpl_if name='ssi' op='==' value='y'>
97 98 99 100 101

				# ssi enabled
				AddType text/html .shtml
				AddOutputFilter INCLUDES .shtml
				Options +Includes
102
</tmpl_if>
tbrehm's avatar
tbrehm committed
103
<tmpl_if name='php' op='==' value='no'>
104
				<Files ~ '.php[s3-6]{0,1}$'>
105
					<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
106
					Require all denied
107
					<tmpl_else>
108 109 110
					Order allow,deny
					Deny from all
					Allow from none
111
					</tmpl_if>
112
				</Files>
tbrehm's avatar
tbrehm committed
113
</tmpl_if>
114
		</Directory>
tbrehm's avatar
tbrehm committed
115

116
<tmpl_if name='ruby' op='==' value='y'>
117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133
		<IfModule mod_ruby.c>
			<Directory {tmpl_var name='web_document_root_www'}>
				Options +ExecCGI
			</Directory>
			RubyRequire apache/ruby-run
			#RubySafeLevel 0
			AddType text/html .rb
			AddType text/html .rbx
			<Files *.rb>
				SetHandler ruby-object
				RubyHandler Apache::RubyRun.instance
			</Files>
			<Files *.rbx>
				SetHandler ruby-object
				RubyHandler Apache::RubyRun.instance
			</Files>
		</IfModule>
134 135
</tmpl_if>

136 137 138 139 140 141 142 143 144
<tmpl_if name='perl' op='==' value='y'>
		<IfModule mod_perl.c>
			PerlModule ModPerl::Registry
			PerlModule Apache2::Reload
			<Directory {tmpl_var name='web_document_root_www'}>
				PerlResponseHandler ModPerl::Registry
				PerlOptions +ParseHeaders
				Options +ExecCGI
			</Directory>
145 146 147 148 149
			<Directory {tmpl_var name='web_document_root'}>
				PerlResponseHandler ModPerl::Registry
				PerlOptions +ParseHeaders
				Options +ExecCGI
			</Directory>
150 151 152
            <Files *.pl>
				SetHandler perl-script
            </Files>
153 154 155
		</IfModule>
</tmpl_if>

156
<tmpl_if name='python' op='==' value='y'>
157 158 159 160 161 162 163
		<IfModule mod_python.c>
			<Directory {tmpl_var name='web_document_root_www'}>
				AddHandler mod_python .py
				PythonHandler mod_python.publisher
				PythonDebug On
			</Directory>
		</IfModule>
164 165
</tmpl_if>

166
<tmpl_if name='cgi' op='==' value='y'>
167
		# cgi enabled
168
	<Directory {tmpl_var name='document_root'}/cgi-bin>
169
			<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
170
			Require all granted
171
			<tmpl_else>
172 173
			Order allow,deny
			Allow from all
174
			</tmpl_if>
175 176 177 178
		</Directory>
		ScriptAlias  /cgi-bin/ <tmpl_var name='document_root'>/cgi-bin/
		AddHandler cgi-script .cgi
		AddHandler cgi-script .pl
179 180
</tmpl_if>
<tmpl_if name='suexec' op='==' value='y'>
181 182 183 184
		# suexec enabled
		<IfModule mod_suexec.c>
			SuexecUserGroup <tmpl_var name='system_user'> <tmpl_var name='system_group'>
		</IfModule>
185
</tmpl_if>
186
		# Clear PHP settings of this website
187
		<FilesMatch ".+\.ph(p[345]?|t|tml)$">
188 189
				SetHandler None
		</FilesMatch>
190
<tmpl_if name='php' op='==' value='mod'>
191 192 193 194 195
		# mod_php enabled
		AddType application/x-httpd-php .php .php3 .php4 .php5
		php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -fwebmaster@<tmpl_var name='domain'>"
		php_admin_value upload_tmp_dir <tmpl_var name='document_root'>/tmp
		php_admin_value session.save_path <tmpl_var name='document_root'>/tmp
196
	# PHPIniDir <tmpl_var name='custom_php_ini_dir'>
tbrehm's avatar
tbrehm committed
197
<tmpl_if name='security_level' op='==' value='20'>
198
		php_admin_value open_basedir <tmpl_var name='php_open_basedir'>
tbrehm's avatar
tbrehm committed
199
</tmpl_if>
200 201
</tmpl_if>
<tmpl_if name='php' op='==' value='suphp'>
202 203
		# suphp enabled
		<Directory {tmpl_var name='web_document_root'}>
204
		<IfModule mod_suphp.c>
205 206
				suPHP_Engine on
				# suPHP_UserGroup <tmpl_var name='system_user'> <tmpl_var name='system_group'>
207 208 209
<tmpl_if name='has_custom_php_ini'>
	suPHP_ConfigPath <tmpl_var name='custom_php_ini_dir'>
</tmpl_if>
210 211
				AddHandler x-httpd-suphp .php .php3 .php4 .php5
				suPHP_AddHandler x-httpd-suphp
212
		</IfModule>
213
		</Directory>
214 215
</tmpl_if>
<tmpl_if name='php' op='==' value='cgi'>
216 217 218 219 220
		# php as cgi enabled
		ScriptAlias /php5-cgi <tmpl_var name='cgi_starter_path'><tmpl_var name='cgi_starter_script'>
		Action php5-cgi /php5-cgi
		AddHandler php5-cgi .php .php3 .php4 .php5
		<Directory {tmpl_var name='cgi_starter_path'}>
221
			<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
222
			Require all granted
223
			<tmpl_else>
224 225
			Order allow,deny
			Allow from all
226
			</tmpl_if>
227
		</Directory>
228 229
</tmpl_if>
<tmpl_if name='php' op='==' value='fast-cgi'>
230
		# php as fast-cgi enabled
tbrehm's avatar
tbrehm committed
231
	# For config options see: http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html
232
		<IfModule mod_fcgid.c>
tbrehm's avatar
tbrehm committed
233
<tmpl_if name='fastcgi_config_syntax' op='==' value='2'>
234 235 236
				FcgidIdleTimeout 300
				FcgidProcessLifeTime 3600
				# FcgidMaxProcesses 1000
237
				FcgidMaxRequestsPerProcess <tmpl_var name='fastcgi_max_requests'>
238
				FcgidMinProcessesPerClass 0
239
				FcgidMaxProcessesPerClass 10
240
				FcgidConnectTimeout 3
241 242
				FcgidIOTimeout 600
				FcgidBusyTimeout 3600
243
				FcgidMaxRequestLen 1073741824
tbrehm's avatar
tbrehm committed
244
<tmpl_else>
245 246 247 248 249 250
				IdleTimeout 300
				ProcessLifeTime 3600
				# MaxProcessCount 1000
				DefaultMinClassProcessCount 0
				DefaultMaxClassProcessCount 100
				IPCConnectTimeout 3
251 252
				IPCCommTimeout 600
				BusyTimeout 3600
tbrehm's avatar
tbrehm committed
253
</tmpl_if>
254 255 256 257
		</IfModule>
		<Directory {tmpl_var name='web_document_root_www'}>
				AddHandler fcgid-script .php .php3 .php4 .php5
				FCGIWrapper <tmpl_var name='fastcgi_starter_path'><tmpl_var name='fastcgi_starter_script'> .php
258 259 260
				FCGIWrapper <tmpl_var name='fastcgi_starter_path'><tmpl_var name='fastcgi_starter_script'> .php3
				FCGIWrapper <tmpl_var name='fastcgi_starter_path'><tmpl_var name='fastcgi_starter_script'> .php4
				FCGIWrapper <tmpl_var name='fastcgi_starter_path'><tmpl_var name='fastcgi_starter_script'> .php5
261 262
				Options +ExecCGI
				AllowOverride <tmpl_var name='allow_override'>
263
				<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
264
				Require all granted
265
				<tmpl_else>
266 267
				Order allow,deny
				Allow from all
268
				</tmpl_if>
269 270 271 272
		</Directory>
		<Directory {tmpl_var name='web_document_root'}>
				AddHandler fcgid-script .php .php3 .php4 .php5
				FCGIWrapper <tmpl_var name='fastcgi_starter_path'><tmpl_var name='fastcgi_starter_script'> .php
273 274 275
				FCGIWrapper <tmpl_var name='fastcgi_starter_path'><tmpl_var name='fastcgi_starter_script'> .php3
				FCGIWrapper <tmpl_var name='fastcgi_starter_path'><tmpl_var name='fastcgi_starter_script'> .php4
				FCGIWrapper <tmpl_var name='fastcgi_starter_path'><tmpl_var name='fastcgi_starter_script'> .php5
276 277
				Options +ExecCGI
				AllowOverride <tmpl_var name='allow_override'>
278
				<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
279
				Require all granted
280
				<tmpl_else>
281 282
				Order allow,deny
				Allow from all
283
				</tmpl_if>
284
		</Directory>
285
</tmpl_if>
286
<tmpl_if name='php' op='==' value='php-fpm'>
287
		<IfModule mod_fastcgi.c>
288
				<Directory {tmpl_var name='document_root'}/cgi-bin>
289
					<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
290
					Require all granted
291
					<tmpl_else>
292 293
					Order allow,deny
					Allow from all
294
					</tmpl_if>
295
			    </Directory>
296
                AddHandler php5-fcgi .php .php3 .php4 .php5
297
                Action php5-fcgi /php5-fcgi
298
				Alias /php5-fcgi {tmpl_var name='document_root'}/cgi-bin/php5-fcgi-{tmpl_var name='ip_address'}-{tmpl_var name='port'}-{tmpl_var name='domain'}
299
<tmpl_if name='use_tcp'>
300
                FastCgiExternalServer {tmpl_var name='document_root'}/cgi-bin/php5-fcgi-{tmpl_var name='ip_address'}-{tmpl_var name='port'}-{tmpl_var name='domain'} -idle-timeout 300 -host 127.0.0.1:<tmpl_var name='fpm_port'> -pass-header Authorization
301 302
</tmpl_if>
<tmpl_if name='use_socket'>
303
                FastCgiExternalServer {tmpl_var name='document_root'}/cgi-bin/php5-fcgi-{tmpl_var name='ip_address'}-{tmpl_var name='port'}-{tmpl_var name='domain'} -idle-timeout 300 -socket <tmpl_var name='fpm_socket'> -pass-header Authorization
304
</tmpl_if>
305
		</IfModule>
306
</tmpl_if>
307

308
<tmpl_if name="rewrite_enabled">
309
		RewriteEngine on
Falko Timme's avatar
Falko Timme committed
310
<tmpl_if name='seo_redirect_enabled'>
311
		RewriteCond %{HTTP_HOST} <tmpl_var name='seo_redirect_operator'>^<tmpl_var name='seo_redirect_origin_domain'>$ [NC]
312
		RewriteRule ^(.*)$ http<tmpl_if name='ssl_enabled'>s</tmpl_if>://<tmpl_var name='seo_redirect_target_domain'>$1 [R=301,L]
Falko Timme's avatar
Falko Timme committed
313
</tmpl_if>
314 315
<tmpl_loop name="alias_seo_redirects">
		RewriteCond %{HTTP_HOST} <tmpl_var name='alias_seo_redirect_operator'>^<tmpl_var name='alias_seo_redirect_origin_domain'>$ [NC]
316
		RewriteRule ^(.*)$ http<tmpl_if name='ssl_enabled'>s</tmpl_if>://<tmpl_var name='alias_seo_redirect_target_domain'>$1 [R=301,L]
317
</tmpl_loop>
318
<tmpl_loop name="redirects">
319
		RewriteCond %{HTTP_HOST}   <tmpl_var name='rewrite_domain'>$ [NC]
320 321
<tmpl_if name="rewrite_is_url" op="==" value="n">
		RewriteCond %{REQUEST_URI} !^/webdav/
322
		RewriteCond %{REQUEST_URI} !^/php5-fcgi/
323 324
		RewriteCond %{REQUEST_URI} !^<tmpl_var name='rewrite_target'>
</tmpl_if>
325
		RewriteRule   ^/(.*)$ <tmpl_var name='rewrite_target'><tmpl_if name="rewrite_add_path" op="==" value="y">$1</tmpl_if>  <tmpl_var name='rewrite_type'>
326 327 328
</tmpl_loop>
</tmpl_if>

329 330 331 332
		# add support for apache mpm_itk
		<IfModule mpm_itk_module>
			AssignUserId <tmpl_var name='system_user'> <tmpl_var name='system_group'>
		</IfModule>
tbrehm's avatar
tbrehm committed
333

334 335 336
		<IfModule mod_dav_fs.c>
		# Do not execute PHP files in webdav directory
			<Directory {tmpl_var name='document_root'}/webdav>
337 338 339 340 341
				<ifModule mod_security2.c>
					SecRuleRemoveById 960015
					SecRuleRemoveById 960032
				</ifModule>
				<FilesMatch "\.ph(p3?|tml)$">
342 343 344 345 346 347 348 349 350
					SetHandler None
				</FilesMatch>
			</Directory>
			DavLockDB {tmpl_var name='document_root'}/tmp/DavLock
			# DO NOT REMOVE THE COMMENTS!
			# IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
			# WEBDAV BEGIN
			# WEBDAV END
		</IfModule>
351

352 353
<tmpl_var name='apache_directives'>
</VirtualHost>
tbrehm's avatar
tbrehm committed
354
</tmpl_loop>