-
Notifications
You must be signed in to change notification settings - Fork 0
/
vhconf.conf
143 lines (119 loc) · 2.43 KB
/
vhconf.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
docRoot $VH_ROOT/htmlDOCUMENT_ROOT
enableGzip 1
context / {
allowBrowse 1
location $DOC_ROOT/
rewrite {
RewriteFile .htaccess
}
}
context /docs/{
allowBrowse 1
location $SERVER_ROOT/docs/
}
context /protected/{
required user test
authName Protected
allowBrowse 1
location protected/
realm SampleProtectedArea
accessControl {
deny
allow *
}
}
context /blocked/{
allowBrowse 0
}
context /cgi-bin/{
allowBrowse 1
location $VH_ROOT/cgi-bin/
type cgi
}
expires {
enableExpires 1
}
index {
autoIndexURI /_autoindex/default.php
indexFiles index.php, index.html
autoIndex 0
useServer 0
}
errorPage 404{
url /error404.html
}
errorlog $VH_ROOT/logs/error.log{
logLevel DEBUG
rollingSize 10M
useServer 1
}
accessLog $VH_ROOT/logs/access.log{
compressArchive 0
logReferer 1
keepDays 30
rollingSize 10M
logUserAgent 1
useServer 0
}
awstats {
updateInterval 86400
workingDir $VH_ROOT/awstats
updateOffset 0
siteDomain localhost
siteAliases 127.0.0.1 localhost
updateMode 0
awstatsURI /awstats/
}
hotlinkCtrl {
suffixes gif, jpeg, jpg
allowedHosts
allowDirectAccess 1
enableHotlinkCtrl 0
onlySelf 1
}
accessControl {
deny
allow *
}
realm SampleProtectedArea {
userDB {
cacheTimeout 60
maxCacheSize 200
location conf/vhosts/$VH_NAME/htpasswd
}
groupDB {
cacheTimeout 60
maxCacheSize 200
location conf/vhosts/$VH_NAME/htgroup
}
}
general {
enableContextAC 0
}
context /.well-known/acme-challenge {
location /usr/local/lsws/Example/html/.well-known/acme-challenge
allowBrowse 1
addDefaultCharset off
}
rewrite {
enable 1
autoLoadHtaccess 1
#ENFORCE REDIRECT TO HTTPS
rewriteRule ^/(.*)$ https://%{SERVER_NAME}/$1 [R=301,L]
}
vhssl {
keyFile /usr/local/lsws/Example.key
certFile /usr/local/lsws/Example.crt
ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256
certChain 0
enableECDHE 1
enableDHE 1
renegProtection 1
sslSessionCache 1
enableSpdy 15
enableStapling 1
ocspRespMaxAge 86400
}
module cache {
storagePath /home/$VH_NAME/lscache
}