vhost.conf.master 8.82 KB
Newer Older
1
2

<Directory {tmpl_var name='web_basedir'}/{tmpl_var name='domain'}>
3
4
5
		AllowOverride None
		Order Deny,Allow
		Deny from all
6
7
</Directory>

tbrehm's avatar
tbrehm committed
8
9
<tmpl_loop name="vhosts">
<VirtualHost {tmpl_var name='ip_address'}:{tmpl_var name='port'}>
10
<tmpl_if name='php' op='==' value='suphp'>
11
		DocumentRoot <tmpl_var name='web_document_root'>
12
</tmpl_else>
13
14
15
16
17
	<tmpl_if name='php' op='==' value='cgi'>
		DocumentRoot <tmpl_var name='web_document_root'>
	</tmpl_else>
		DocumentRoot <tmpl_var name='web_document_root_www'>
	</tmpl_if>
18
19
</tmpl_if>

20
		ServerName <tmpl_var name='domain'>
21
<tmpl_if name='alias'>
22
		<tmpl_var name='alias'>
23
</tmpl_if>
24
		ServerAdmin webmaster@<tmpl_var name='domain'>
25

26
		ErrorLog /var/log/ispconfig/httpd/<tmpl_var name='domain'>/error.log
27

28
<tmpl_if name='errordocs'>
29
30
31
32
33
34
35
36
37
		Alias /error/ "<tmpl_var name='web_document_root_www'>/error/"
		ErrorDocument 400 /error/400.html
		ErrorDocument 401 /error/401.html
		ErrorDocument 403 /error/403.html
		ErrorDocument 404 /error/404.html
		ErrorDocument 405 /error/405.html
		ErrorDocument 500 /error/500.html
		ErrorDocument 502 /error/502.html
		ErrorDocument 503 /error/503.html
38
</tmpl_if>
tbrehm's avatar
tbrehm committed
39

40
		<IfModule mod_ssl.c>
tbrehm's avatar
tbrehm committed
41
42
<tmpl_if name='ssl_enabled'>
	SSLEngine on
43
44
		SSLCertificateFile <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.crt
		SSLCertificateKeyFile <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.key
tbrehm's avatar
tbrehm committed
45
<tmpl_if name='has_bundle_cert'>
46
		SSLCACertificateFile <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.bundle
47
</tmpl_if>
tbrehm's avatar
tbrehm committed
48
</tmpl_if>
49
		</IfModule>
50

51
52
53
54
55
		<Directory {tmpl_var name='web_document_root_www'}>
				Options FollowSymLinks
				AllowOverride <tmpl_var name='allow_override'>
				Order allow,deny
				Allow from all
56
<tmpl_if name='ssi' op='==' value='y'>
57
58
59
60
61

				# ssi enabled
				AddType text/html .shtml
				AddOutputFilter INCLUDES .shtml
				Options +Includes
62
63
</tmpl_if>
<tmpl_if name='php' op='==' value='no'>
64
65
66
67
68
				<Files ~ '.php[s3-6]{0,1}$'>
						Order allow,deny
						Deny from all
						Allow from none
				</Files>
69
</tmpl_if>
70
71
72
73
74
75
		</Directory>
		<Directory {tmpl_var name='web_document_root'}>
				Options FollowSymLinks
				AllowOverride <tmpl_var name='allow_override'>
				Order allow,deny
				Allow from all
76
<tmpl_if name='ssi' op='==' value='y'>
77
78
79
80
81

				# ssi enabled
				AddType text/html .shtml
				AddOutputFilter INCLUDES .shtml
				Options +Includes
82
</tmpl_if>
tbrehm's avatar
tbrehm committed
83
<tmpl_if name='php' op='==' value='no'>
84
85
86
87
88
				<Files ~ '.php[s3-6]{0,1}$'>
						Order allow,deny
						Deny from all
						Allow from none
				</Files>
tbrehm's avatar
tbrehm committed
89
</tmpl_if>
90
		</Directory>
tbrehm's avatar
tbrehm committed
91

92
<tmpl_if name='ruby' op='==' value='y'>
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
		<IfModule mod_ruby.c>
			<Directory {tmpl_var name='web_document_root_www'}>
				Options +ExecCGI
			</Directory>
			RubyRequire apache/ruby-run
			#RubySafeLevel 0
			AddType text/html .rb
			AddType text/html .rbx
			<Files *.rb>
				SetHandler ruby-object
				RubyHandler Apache::RubyRun.instance
			</Files>
			<Files *.rbx>
				SetHandler ruby-object
				RubyHandler Apache::RubyRun.instance
			</Files>
		</IfModule>
110
111
</tmpl_if>

112
113
114
115
116
117
118
119
120
<tmpl_if name='perl' op='==' value='y'>
		<IfModule mod_perl.c>
			PerlModule ModPerl::Registry
			PerlModule Apache2::Reload
			<Directory {tmpl_var name='web_document_root_www'}>
				PerlResponseHandler ModPerl::Registry
				PerlOptions +ParseHeaders
				Options +ExecCGI
			</Directory>
121
122
123
            <Files *.pl>
				SetHandler perl-script
            </Files>
124
125
126
		</IfModule>
</tmpl_if>

127
<tmpl_if name='python' op='==' value='y'>
128
129
130
131
132
133
134
		<IfModule mod_python.c>
			<Directory {tmpl_var name='web_document_root_www'}>
				AddHandler mod_python .py
				PythonHandler mod_python.publisher
				PythonDebug On
			</Directory>
		</IfModule>
135
136
</tmpl_if>

137
<tmpl_if name='cgi' op='==' value='y'>
138
		# cgi enabled
139
	<Directory {tmpl_var name='document_root'}/cgi-bin>
140
141
142
143
144
145
			Order allow,deny
			Allow from all
		</Directory>
		ScriptAlias  /cgi-bin/ <tmpl_var name='document_root'>/cgi-bin/
		AddHandler cgi-script .cgi
		AddHandler cgi-script .pl
146
147
</tmpl_if>
<tmpl_if name='suexec' op='==' value='y'>
148
149
150
151
		# suexec enabled
		<IfModule mod_suexec.c>
			SuexecUserGroup <tmpl_var name='system_user'> <tmpl_var name='system_group'>
		</IfModule>
152
</tmpl_if>
153
154
155
156
		# Clear PHP settings of this website
		<FilesMatch "\.ph(p3?|tml)$">
				SetHandler None
		</FilesMatch>
157
<tmpl_if name='php' op='==' value='mod'>
158
159
160
161
162
		# mod_php enabled
		AddType application/x-httpd-php .php .php3 .php4 .php5
		php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -fwebmaster@<tmpl_var name='domain'>"
		php_admin_value upload_tmp_dir <tmpl_var name='document_root'>/tmp
		php_admin_value session.save_path <tmpl_var name='document_root'>/tmp
163
	# PHPIniDir <tmpl_var name='custom_php_ini_dir'>
tbrehm's avatar
tbrehm committed
164
<tmpl_if name='security_level' op='==' value='20'>
165
		php_admin_value open_basedir <tmpl_var name='php_open_basedir'>
tbrehm's avatar
tbrehm committed
166
</tmpl_if>
167
168
</tmpl_if>
<tmpl_if name='php' op='==' value='suphp'>
169
170
		# suphp enabled
		<Directory {tmpl_var name='web_document_root'}>
171
		<IfModule mod_suphp.c>
172
173
				suPHP_Engine on
				# suPHP_UserGroup <tmpl_var name='system_user'> <tmpl_var name='system_group'>
174
175
176
<tmpl_if name='has_custom_php_ini'>
	suPHP_ConfigPath <tmpl_var name='custom_php_ini_dir'>
</tmpl_if>
177
178
				AddHandler x-httpd-suphp .php .php3 .php4 .php5
				suPHP_AddHandler x-httpd-suphp
179
		</IfModule>
180
		</Directory>
181
182
</tmpl_if>
<tmpl_if name='php' op='==' value='cgi'>
183
184
185
186
187
188
189
190
		# php as cgi enabled
		ScriptAlias /php5-cgi <tmpl_var name='cgi_starter_path'><tmpl_var name='cgi_starter_script'>
		Action php5-cgi /php5-cgi
		AddHandler php5-cgi .php .php3 .php4 .php5
		<Directory {tmpl_var name='cgi_starter_path'}>
				Order allow,deny
				Allow from all
		</Directory>
191
192
</tmpl_if>
<tmpl_if name='php' op='==' value='fast-cgi'>
193
		# php as fast-cgi enabled
tbrehm's avatar
tbrehm committed
194
	# For config options see: http://httpd.apache.org/mod_fcgid/mod/mod_fcgid.html
195
		<IfModule mod_fcgid.c>
tbrehm's avatar
tbrehm committed
196
<tmpl_if name='fastcgi_config_syntax' op='==' value='2'>
197
198
199
200
201
202
203
204
				FcgidIdleTimeout 300
				FcgidProcessLifeTime 3600
				# FcgidMaxProcesses 1000
				FcgidMinProcessesPerClass 0
				FcgidMaxProcessesPerClass 100
				FcgidConnectTimeout 3
				FcgidIOTimeout 360
				FcgidBusyTimeout 300
205
		FcgidMaxRequestLen 1073741824
tbrehm's avatar
tbrehm committed
206
<tmpl_else>
207
208
209
210
211
212
213
214
				IdleTimeout 300
				ProcessLifeTime 3600
				# MaxProcessCount 1000
				DefaultMinClassProcessCount 0
				DefaultMaxClassProcessCount 100
				IPCConnectTimeout 3
				IPCCommTimeout 360
				BusyTimeout 300
tbrehm's avatar
tbrehm committed
215
</tmpl_if>
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
		</IfModule>
		<Directory {tmpl_var name='web_document_root_www'}>
				AddHandler fcgid-script .php .php3 .php4 .php5
				FCGIWrapper <tmpl_var name='fastcgi_starter_path'><tmpl_var name='fastcgi_starter_script'> .php
				Options +ExecCGI
				AllowOverride <tmpl_var name='allow_override'>
				Order allow,deny
				Allow from all
		</Directory>
		<Directory {tmpl_var name='web_document_root'}>
				AddHandler fcgid-script .php .php3 .php4 .php5
				FCGIWrapper <tmpl_var name='fastcgi_starter_path'><tmpl_var name='fastcgi_starter_script'> .php
				Options +ExecCGI
				AllowOverride <tmpl_var name='allow_override'>
				Order allow,deny
				Allow from all
		</Directory>
233
</tmpl_if>
234
<tmpl_if name='php' op='==' value='php-fpm'>
235
236
237
238
239
240
241
242
		<IfModule mod_fastcgi.c>
				<Directory /usr/lib/cgi-bin>
						Order allow,deny
						Allow from all
				</Directory>
				AddHandler php5-fcgi .php
				Action php5-fcgi /php5-fcgi
				Alias /php5-fcgi /usr/lib/cgi-bin/php5-fcgi
243
<tmpl_if name='use_tcp'>
244
				FastCgiExternalServer /usr/lib/cgi-bin/php5-fcgi -host 127.0.0.1:<tmpl_var name='fpm_port'> -pass-header Authorization
245
246
</tmpl_if>
<tmpl_if name='use_socket'>
247
				FastCgiExternalServer /usr/lib/cgi-bin/php5-fcgi -socket <tmpl_var name='fpm_socket'> -pass-header Authorization
248
</tmpl_if>
249
		</IfModule>
250
</tmpl_if>
251

252
<tmpl_if name="rewrite_enabled">
253
		RewriteEngine on
Falko Timme's avatar
Falko Timme committed
254
<tmpl_if name='seo_redirect_enabled'>
255
256
		RewriteCond %{HTTP_HOST} ^<tmpl_var name='seo_redirect_origin_domain'>$ [NC]
		RewriteRule ^(.*)$ http://<tmpl_var name='seo_redirect_target_domain'>$1 [R=301,L]
Falko Timme's avatar
Falko Timme committed
257
</tmpl_if>
258
<tmpl_loop name="redirects">
259
		RewriteCond %{HTTP_HOST}   <tmpl_var name='rewrite_domain'>$ [NC]
260
261
262
263
<tmpl_if name="rewrite_is_url" op="==" value="n">
		RewriteCond %{REQUEST_URI} !^/webdav/
		RewriteCond %{REQUEST_URI} !^<tmpl_var name='rewrite_target'>
</tmpl_if>
264
		RewriteRule   ^/(.*)$ <tmpl_var name='rewrite_target'>$1  <tmpl_var name='rewrite_type'>
265
266
267
</tmpl_loop>
</tmpl_if>

268
269
270
271
		# add support for apache mpm_itk
		<IfModule mpm_itk_module>
			AssignUserId <tmpl_var name='system_user'> <tmpl_var name='system_group'>
		</IfModule>
272

273
274
275
		<IfModule mod_dav_fs.c>
		# Do not execute PHP files in webdav directory
			<Directory {tmpl_var name='document_root'}/webdav>
276
277
278
279
280
				<ifModule mod_security2.c>
					SecRuleRemoveById 960015
					SecRuleRemoveById 960032
				</ifModule>
				<FilesMatch "\.ph(p3?|tml)$">
281
282
283
284
285
286
287
288
289
					SetHandler None
				</FilesMatch>
			</Directory>
			DavLockDB {tmpl_var name='document_root'}/tmp/DavLock
			# DO NOT REMOVE THE COMMENTS!
			# IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
			# WEBDAV BEGIN
			# WEBDAV END
		</IfModule>
290

291
292
<tmpl_var name='apache_directives'>
</VirtualHost>
tbrehm's avatar
tbrehm committed
293
</tmpl_loop>