112 lines
3 KiB
ApacheConf
112 lines
3 KiB
ApacheConf
|
|
ServerRoot "/usr/local/apache2"
|
|
|
|
Listen 0.0.0.0:80
|
|
Listen 0.0.0.0:443
|
|
|
|
LoadModule mpm_event_module modules/mod_mpm_event.so
|
|
LoadModule authn_core_module modules/mod_authn_core.so
|
|
LoadModule authz_core_module modules/mod_authz_core.so
|
|
#LoadModule brotli_module modules/mod_brotli.so
|
|
LoadModule mime_module modules/mod_mime.so
|
|
LoadModule log_config_module modules/mod_log_config.so
|
|
#LoadModule log_debug_module modules/mod_log_debug.so
|
|
#LoadModule log_forensic_module modules/mod_log_forensic.so
|
|
LoadModule env_module modules/mod_env.so
|
|
LoadModule proxy_module modules/mod_proxy.so
|
|
LoadModule proxy_uwsgi_module modules/mod_proxy_uwsgi.so
|
|
LoadModule unixd_module modules/mod_unixd.so
|
|
LoadModule access_compat_module modules/mod_access_compat.so
|
|
LoadModule security2_module /usr/lib/apache2/modules/mod_security2.so
|
|
LoadModule evasive20_module /usr/lib/apache2/modules/mod_evasive20.so
|
|
LoadModule alias_module modules/mod_alias.so
|
|
LoadModule ssl_module modules/mod_ssl.so
|
|
|
|
|
|
<IfModule unixd_module>
|
|
User www-data
|
|
Group www-data
|
|
</IfModule>
|
|
|
|
ServerAdmin you@example.com
|
|
ServerSignature Off
|
|
ServerTokens Prod
|
|
|
|
<IfModule security2_module>
|
|
Include crs/owasp-modsecurity-crs-3.2.0/crs-setup.conf
|
|
Include crs/owasp-modsecurity-crs-3.2.0/rules/*.conf
|
|
</IfModule>
|
|
|
|
<IfModule mod_evasive24.c>
|
|
DOSHashTableSize 3097
|
|
DOSPageCount 3
|
|
DOSSiteCount 10
|
|
DOSPageInterval 1
|
|
DOSSiteInterval 1
|
|
DOSBlockingPeriod 10
|
|
DOSCloseSocket On
|
|
</IfModule>
|
|
|
|
ErrorLog /proc/self/fd/2
|
|
|
|
LogLevel warn
|
|
|
|
<IfModule log_config_module>
|
|
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
|
|
LogFormat "%h %l %u %t \"%r\" %>s %b" common
|
|
|
|
<IfModule logio_module>
|
|
# You need to enable mod_logio.c to use %I and %O
|
|
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
|
|
</IfModule>
|
|
|
|
CustomLog /proc/self/fd/1 common
|
|
</IfModule>
|
|
|
|
<IfModule ssl_module>
|
|
SSLRandomSeed startup builtin
|
|
SSLRandomSeed connect builtin
|
|
</IfModule>
|
|
|
|
ServerName 127.0.0.1
|
|
|
|
<VirtualHost *:80>
|
|
<Location />
|
|
Deny from all
|
|
Allow from none
|
|
</Location>
|
|
</VirtualHost>
|
|
|
|
<VirtualHost 0.0.0.0:80>
|
|
#ProxyPreserveHost On
|
|
ServerName httpaste.it
|
|
ServerAlias localhost
|
|
SetEnv proxy-sendchunks
|
|
ProxyPass /.well-known !
|
|
ProxyPass "/" "unix:/shared/uwsgi.sock|uwsgi://localhost/"
|
|
Alias /.well-known /var/www/.well-known
|
|
</VirtualHost>
|
|
|
|
<VirtualHost 0.0.0.0:80>
|
|
#ProxyPreserveHost On
|
|
ServerAlias *.onion
|
|
SetEnv proxy-sendchunks
|
|
ProxyPass "/" "unix:/shared/uwsgi.sock|uwsgi://localhost/"
|
|
</VirtualHost>
|
|
|
|
|
|
|
|
<VirtualHost 0.0.0.0:443>
|
|
|
|
<IfFile 'ssl/httpaste.it/privkey.pem'>
|
|
SSLEngine on
|
|
SSLCertificateChainFile "ssl/httpaste.it/fullchain.pem"
|
|
SSLCertificateKeyFile "/ssl/httpaste.it/privkey.pem"
|
|
</IfFile>
|
|
|
|
ServerName httpaste.it
|
|
ServerAlias localhost
|
|
SetEnv proxy-sendchunks
|
|
ProxyPass "/" "unix:/shared/uwsgi.sock|uwsgi://localhost/"
|
|
</VirtualHost>
|
|
|