non_ssl.template.erb 3.58 KB
Newer Older
1
2
3
4
####
##
#
#  This file is automatically generated from the template located at
5
#  /etc/sympl/apache.d/non_ssl.template.erb.
6
#
7
8
#  Feel free to make changes to this file.  However, If changes are made,
#  then this file will NOT be updated automatically when the template changes.
9
10
11
12
13
14
#
##
###

<VirtualHost <%= ips.collect{|ip| ip+":80"}.join(" ") %>>

15
16
17
18
19
        #
        # Put our server name
        #
        ServerName  <%= domain %>

20
21
22
23
        #
        # This is the testing alias.
        #
        ServerAlias <%= domain %>.testing.<%= hostname() %>
24

25
26
27
        #
        # And server alias in place
        #
28
29
        <%= server_aliases %>

30
31
32
33
        #
        # This is the directory people are redirected to if their site is
        # empty.
        #
34
35
        Alias /__sympl/ "/usr/share/sympl/static/"
        <Directory "/usr/share/sympl/static/">
36
                DirectoryIndex index.html
37
                AllowOverride none
38
39
40
41
42
43
44
45
                Require all granted
        </Directory>

        #
        # And this makes that redirection happen.
        #
        <LocationMatch "^/+$">
                Options -Indexes
46
                ErrorDocument 403 /__sympl/index.html
47
48
        </LocationMatch>

49
	#
50
        #  Allow users to override settings via .htaccess
51
        #    and enables PHP in htdocs/.
52
        #
53
        <Directory <%= htdocs_directory %>/ >
54
                AllowOverride all
55
                Require all granted
56
                php_flag engine on
57
58
        </Directory>

59
60
61
62
% if php_security_disabled?
        #
        # Set unique tmp/ and sessions/ directories
        #
Paul Cammish's avatar
Paul Cammish committed
63
64
        php_admin_value upload_tmp_dir <%=domain_directory%>/php_tmp/
        php_admin_value session.safe_path <%=domain_directory%>/php_sessions/
65
66
67
68
69
70
71
% else
        #
        # Restrict PHP directories
        # Restricts PHP from leaving the public directory.
        # Also sets a unique tmp directory and sessions directory.
        #

72
        php_admin_value open_basedir <%=domain_directory%>/public/
Paul Cammish's avatar
Paul Cammish committed
73
74
        php_admin_value upload_tmp_dir <%=domain_directory%>/php_tmp/
        php_admin_value session.safe_path <%=domain_directory%>/php_sessions/
75
76
77
78
79
80
81
82
83
84
85
86
87
88

        #
        # Prevent executing anything from a WordPress uploads directory,
        # And block access to any PHP files in that directory.
        #
        <LocationMatch "wp-content/uploads/">
            php_admin_flag engine off
        </LocationMatch>

        <LocationMatch "wp-content/uploads/.*\.php">
            deny from all
        </LocationMatch>
% end

89
90
91
        #
        #  The document root
        #
92
        DocumentRoot     <%= htdocs_directory %>/
93

94
        <IfModule cgi_module>
95
96
97
98
                #
                # General CGI Handling
                #
                ScriptAlias /cgi-bin/ <%= cgibin_directory %>/
99

100
101
102
103
                <Location /cgi-bin>
                        Options +ExecCGI
                </Location>
        </IfModule>
104

105
106
107
108
109
110
        #
        # Disable indexes by default on the top-level.
        #
        <LocationMatch "^/+$">
                Options -Indexes
        </LocationMatch>
Paul Cammish's avatar
Paul Cammish committed
111
112
113
114
115
116
117
118
119
120
121
        
        #
        # Disable any restrictions or rewrites to /.well-known/acme-challenge
        # This ensures Let's Encrypt can validate domain ownership.
        #
        <Directory <%= htdocs_directory %>/.well-known/acme-challenge/ >
                Require all granted
                <IfModule rewrite_module>
                        RewriteEngine off
                </IfModule>
        </Directory>
122

123
        #
124
        # Write logs
125
        #
126
127
        ErrorLog   "<%= domain.log_dir %>/error.log"
        CustomLog  "<%= domain.log_dir %>/access.log" combined
128
129
</VirtualHost>