# Autogenerated httpd.conf file for Foswiki. # Generated at http://foswiki.org/Support/ApacheConfigGenerator?vhost=foswiki.local;port=;dir=/var/www/foswiki;symlink=on;pathurl=/;shorterurls=enabled;engine=FastCGI;fastcgimodule=fcgid;fcgidreqlen=10000000;apver=2;allowconf=127.0.0.1;requireconf=admin;loginmanager=Template;htpath=;errordocument=UserRegistration;errorcustom=;phpinstalled=PHP4;blockpubhtml=;blocktrashpub=;controlattach=;blockspiders=;foswikiversion=1.1;timeout=30 # For Foswiki version 1.1 ServerAdmin webmaster@foswiki.local DocumentRoot "/var/www/foswiki" ServerName foswiki.local ServerAlias www.foswiki.local # Optional. Add to list of redirect hosts in bin/configure TimeOut 30 # The Alias defines a url that points to the root of the Foswiki installation. # The first parameter will be part of the URL to your installation e.g. # http://my.co.uk/foswiki/bin/view/... # The second parameter must point to the physical path on your disc. Alias /bin/configure "/var/www/foswiki/bin/configure" Alias /bin "/var/www/foswiki/bin/foswiki.fcgi" # The following Alias is used to access files in the pub directory (attachments etc) # It must come _after_ the ScriptAlias. # If short URLs are enabled, and any other local directories or files need to be accessed directly, they # must also be specified in an Alias statement, and must not conflict with a web name. Alias /pub "/var/www/foswiki/pub" Alias /robots.txt "/var/www/foswiki/robots.txt" # Rewriting is required for Short URLs, and Attachment redirecting to viewfile RewriteEngine on #RewriteLog "/var/log/apache/rewrite.log" #RewriteLogLevel 0 # short urls Alias / "/var/www/foswiki/bin/foswiki.fcgi/" RewriteRule ^/+bin/+view/+(.*) /$1 [L,NE,R] RewriteRule ^/+bin/+view$ / [L,NE,R] # This enables access to the documents in the Foswiki root directory Order Allow,Deny Allow from all Deny from env=blockAccess DefaultMaxClassProcessCount 3 # Set Busy and IO Timeout long enough to prevent server errors for long # searches and other complex wiki applications. FcgidBusyTimeout 30 FcgidIOTimeout 30 FcgidMaxRequestLen 10000000 # Refer to details at http://fastcgi.coremail.cn/doc.htm # This specifies the options on the Foswiki scripts directory. The ExecCGI # and SetHandler tell apache that it contains scripts. "Allow from all" # lets any IP address access this URL. # Note: If you use SELinux, you also have to "Allow httpd cgi support" in your SELinux policies AllowOverride None Order Allow,Deny Allow from all Deny from env=blockAccess Options +ExecCGI +FollowSymLinks SetHandler cgi-script SetHandler fcgid-script # Password file for Foswiki users AuthUserFile "/var/www/foswiki/data/.htpasswd" AuthName 'Enter your WikiName: (First name and last name, no space, no dots, capitalized, e.g. JohnSmith). Cancel to register if you do not have one.' AuthType Basic # File to return on access control error (e.g. wrong password) ErrorDocument 401 /System/UserRegistration # Limit access to configure to specific IP address(es) or user(s). # Make sure configure is not open to the general public. # It exposes system details that can help attackers. # cf. http://foswiki.org/Support/ProtectingYourConfiguration for details. SetHandler cgi-script Order Deny,Allow Deny from all Allow from 127.0.0.1 Require user admin Satisfy Any ErrorDocument 401 default # This sets the options on the pub directory, which contains attachments and # other files like CSS stylesheets and icons. AllowOverride None stops a # user installing a .htaccess file that overrides these options. # Note that files in pub are *not* protected by Foswiki Access Controls, # so if you want to control access to files attached to topics you need to # block access to the specific directories same way as the ApacheConfigGenerator # blocks access to the pub directory of the Trash web Options None Options +FollowSymLinks AllowOverride None Order Allow,Deny Allow from all Deny from env=blockAccess ErrorDocument 404 /bin/viewfile # Disable execution of PHP scripts php3_engine off php_admin_flag engine off php_admin_flag engine off # This line will redefine the mime type for the most common types of scripts AddType text/plain .shtml .php .php3 .phtml .phtm .pl .py .cgi # # add an Expires header that is sufficiently in the future that the browser does not even ask if its uptodate # reducing the load on the server significantly # IF you can, you should enable this - it _will_ improve your Foswiki experience, even if you set it to under one day. # you may need to enable expires_module in your main apache config #LoadModule expires_module libexec/httpd/mod_expires.so ExpiresActive on ExpiresDefault "access plus 11 days" # # Serve pre-compressed versions of .js and .css files, if they exist # Some browsers do not handle this correctly, which is why it is disabled by default RewriteEngine on RewriteCond %{HTTP:Accept-encoding} gzip RewriteCond %{REQUEST_FILENAME}.gz -f RewriteRule ^(.*)$ %{REQUEST_URI}.gz [L,QSA] RewriteEngine on RewriteCond %{HTTP:Accept-encoding} gzip RewriteCond %{REQUEST_FILENAME}.gz -f RewriteRule ^([^?]*)\?(.*)$ $1.gz?$2 [L] AddEncoding x-gzip .gz AddType application/x-javascript .gz AddEncoding x-gzip .gz AddType text/css .gz # Security note: All other directories should be set so # that they are *not* visible as URLs, so we set them as =deny from all=. deny from all deny from all deny from all deny from all deny from all deny from all # We set an environment variable called blockAccess. # # Setting a BrowserMatchNoCase to ^$ is important. It prevents Foswiki from # including its own topics as URLs and also prevents other Foswikis from # doing the same. This is important to prevent the most obvious # Denial of Service attacks. # # You can expand this by adding more BrowserMatchNoCase statements to # block evil browser agents trying to crawl your Foswiki # # Example: # BrowserMatchNoCase ^SiteSucker blockAccess # BrowserMatchNoCase ^$ blockAccess BrowserMatchNoCase ^$ blockAccess