IdentifiantMot de passe
Loading...
Mot de passe oublié ?Je m'inscris ! (gratuit)

Installation et sécurisation d'une station Debian 3.0 stable


Installation et sécurisation d'une station Debian 3.0 stable

15/05/2004




ANNEXE 6. Fichier de configuration Apache minimal


ANNEXE 6. Fichier de configuration Apache minimal


# # Debian-secinst v0.1.2 : ANNEXE 6 - Fichier de configuration Apache minimal # Simon Castro # #################################### # Section 1 : Environnement Global # #################################### ServerType standalone ServerRoot /etc/apache LockFile /var/lock/apache.lock PidFile /var/run/apache.pid ScoreBoardFile /var/run/apache.scoreboard MinSpareServers 2 MaxSpareServers 5 StartServers 2 User www-data Group www-data Timeout 60 KeepAlive On MaxKeepAliveRequests 100 KeepAliveTimeout 15 MaxClients 15 MaxRequestsPerChild 100 # # Support des modules # LoadModule config_log_module /usr/lib/apache/1.3/mod_log_config.so LoadModule mime_module /usr/lib/apache/1.3/mod_mime.so LoadModule negotiation_module /usr/lib/apache/1.3/mod_negotiation.so LoadModule autoindex_module /usr/lib/apache/1.3/mod_autoindex.so LoadModule dir_module /usr/lib/apache/1.3/mod_dir.so LoadModule alias_module /usr/lib/apache/1.3/mod_alias.so LoadModule access_module /usr/lib/apache/1.3/mod_access.so LoadModule auth_module /usr/lib/apache/1.3/mod_auth.so LoadModule expires_module /usr/lib/apache/1.3/mod_expires.so LoadModule unique_id_module /usr/lib/apache/1.3/mod_unique_id.so LoadModule setenvif_module /usr/lib/apache/1.3/mod_setenvif.so LoadModule ssl_module /usr/lib/apache/1.3/mod_ssl.so # # Configuration générale du serveur # Port 80 Listen 80 Listen 443 # # Repertoires et permissions # DocumentRoot /var/www/htdocs <Directory /> Options SymLinksIfOwnerMatch AllowOverride None </Directory> <Directory "/var/www/htdocs"> Options SymLinksIfOwnerMatch AllowOverride None Order allow,deny Allow from all </Directory> Alias /icons/ /usr/share/apache/icons/ <Directory /usr/share/apache/icons> Options Indexes MultiViews AllowOverride None Order allow,deny Allow from all </Directory> # # Configurations specifiques aux modules # <IfModule mod_dir.c> DirectoryIndex index.html index.htm index.shtml index.cgi </IfModule> <IfModule mod_autoindex.c> IndexOptions FancyIndexing NameWidth=* AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip AddIconByType (TXT,/icons/text.gif) text/* AddIconByType (IMG,/icons/image2.gif) image/* AddIconByType (SND,/icons/sound2.gif) audio/* AddIconByType (VID,/icons/movie.gif) video/* AddIcon /icons/binary.gif .bin .exe AddIcon /icons/binhex.gif .hqx AddIcon /icons/tar.gif .tar AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip AddIcon /icons/a.gif .ps .ai .eps AddIcon /icons/layout.gif .html .shtml .htm .pdf AddIcon /icons/text.gif .txt AddIcon /icons/c.gif .c AddIcon /icons/p.gif .pl .py AddIcon /icons/f.gif .for AddIcon /icons/dvi.gif .dvi AddIcon /icons/uuencoded.gif .uu AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl AddIcon /icons/tex.gif .tex AddIcon /icons/bomb.gif core AddIcon /icons/deb.gif .deb AddIcon /icons/back.gif .. AddIcon /icons/hand.right.gif README AddIcon /icons/folder.gif ^^DIRECTORY^^ AddIcon /icons/blank.gif ^^BLANKICON^^ DefaultIcon /icons/unknown.gif ReadmeName README HeaderName HEADER IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t </IfModule> TypesConfig /etc/mime.types DefaultType text/plain AddDefaultCharset on <IfModule mod_mime.c> AddEncoding x-compress Z AddEncoding x-gzip gz tgz AddLanguage da .dk AddLanguage nl .nl AddLanguage en .en AddLanguage et .ee AddLanguage fr .fr AddLanguage de .de AddLanguage el .el AddLanguage it .it AddLanguage ja .ja AddCharset ISO-2022-JP .jis AddLanguage pl .po AddCharset ISO-8859-2 .iso-pl AddLanguage pt .pt AddLanguage pt-br .pt-br AddLanguage ltz .lu AddLanguage ca .ca AddLanguage es .es AddLanguage sv .se AddLanguage cz .cz <IfModule mod_negotiation.c> LanguagePriority en da nl et fr de el it ja pl pt pt-br ltz ca es sv </IfModule> AddType application/x-tar .tgz AddType image/bmp .bmp AddType text/x-hdml .hdml </IfModule> <IfModule mod_setenvif.c> BrowserMatch "Mozilla/2" nokeepalive BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0 BrowserMatch "RealPlayer 4\.0" force-response-1.0 BrowserMatch "Java/1\.0" force-response-1.0 BrowserMatch "JDK/1\.0" force-response-1.0 </IfModule> ############################################## ### Securite : Protection .htaccess etc... ### ############################################## UseCanonicalName Off ServerSignature Off ServerAdmin nobody@noone.com AccessFileName .htaccess <Files ~ "^\.ht"> Order allow,deny Deny from all </Files> ############################################# ### Gestion des logs : Format et fichiers ### ############################################# HostnameLookups Off LogLevel warn SSLLogLevel warn LogFormat "%h %l %u %v %A:%p %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" common LogFormat "%h %l %u %v %A:%p %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %{SSL_PROTOCOL}x %{SSL_CIPHER}x %{SSL_CIPHER_USEKEYSIZE}x/%{SSL_CIPHER_ALGKEYSIZE}x" commonssl CustomLog /var/log/apache/access.log common ErrorLog /var/log/apache/error.log SSLLog /var/log/apache/ssl.log ################### ### Gestion SSL ### ################### SSLSessionCache none SSLMutex sem SSLRandomSeed startup builtin ######################## ### Plugin WebSphere ### ######################## LoadModule app_server_http_module /usr/local/websphere500/appserver/bin/mod_app_server_http.so WebSpherePluginConfig /usr/local/websphere500/appserver/config/cells/plugin-cfg.xml #################### ### VirtualHosts ### #################### <VirtualHost {@IP}> DocumentRoot /var/www/htdocs ServerName {@IP} CustomLog /var/log/apache/access.log common ErrorLog /var/log/apache/error.log </VirtualHost> <VirtualHost {@IP ou HOSTNAME}:443> DocumentRoot /var/www/htdocs ServerName {@IP ou HOSTNAME} SSLEngine On SSLCertificateFile /etc/apache/ssl/{HOSTNAME}.crt SSLCertificateKeyFile /etc/apache/ssl/{HOSTNAME}.key CustomLog /var/log/apache/access_ssl.log commonssl ErrorLog /var/log/apache/error.log </VirtualHost>


Copyright (c) 2003 Simon Castro, scastro [ at ] entreelibre.com.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST.
You must have received a copy of the license with this document and it should be présent in the fdl.txt file.
If you did not receive this file or if you don't think this fdl.txt license is correct, have a look on the official http://www.fsf.org/licenses/fdl.txt licence file.
Copyright (c) 2003 Simon Castro, scastro [ at ] entreelibre.com.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.2 or any later version published by the Free Software Foundation; with the Invariant Sections being LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the Back-Cover Texts being LIST.
You must have received a copy of the license with this document and it should be présent in the fdl.txt file.
If you did not receive this file or if you don't think this fdl.txt license is correct, have a look on the official http://www.fsf.org/licenses/fdl.txt licence file.