diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-07 02:04:07 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-07 02:04:07 +0000 |
commit | 1221c736f9a90756d47ea6d28320b6b83602dd2a (patch) | |
tree | b453ba7b1393205258c9b098a773b4330984672f /debian/config-dir/conf-available | |
parent | Adding upstream version 2.4.38. (diff) | |
download | apache2-debian.tar.xz apache2-debian.zip |
Adding debian version 2.4.38-3+deb10u8.debian/2.4.38-3+deb10u8debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/config-dir/conf-available')
5 files changed, 186 insertions, 0 deletions
diff --git a/debian/config-dir/conf-available/charset.conf b/debian/config-dir/conf-available/charset.conf new file mode 100644 index 0000000..8b0f415 --- /dev/null +++ b/debian/config-dir/conf-available/charset.conf @@ -0,0 +1,8 @@ +# Read the documentation before enabling AddDefaultCharset. +# In general, it is only a good idea if you know that all your files +# have this encoding. It will override any encoding given in the files +# in meta http-equiv or xml encoding tags. + +#AddDefaultCharset UTF-8 + +# vim: syntax=apache ts=4 sw=4 sts=4 sr noet diff --git a/debian/config-dir/conf-available/localized-error-pages.conf b/debian/config-dir/conf-available/localized-error-pages.conf new file mode 100644 index 0000000..f188d80 --- /dev/null +++ b/debian/config-dir/conf-available/localized-error-pages.conf @@ -0,0 +1,81 @@ +# Customizable error responses come in three flavors: +# 1) plain text +# 2) local redirects +# 3) external redirects +# +# Some examples: +#ErrorDocument 500 "The server made a boo boo." +#ErrorDocument 404 /missing.html +#ErrorDocument 404 "/cgi-bin/missing_handler.pl" +#ErrorDocument 402 http://www.example.com/subscription_info.html +# + +# +# Putting this all together, we can internationalize error responses. +# +# We use Alias to redirect any /error/HTTP_<error>.html.var response to +# our collection of by-error message multi-language collections. We use +# includes to substitute the appropriate text. +# +# You can modify the messages' appearance without changing any of the +# default HTTP_<error>.html.var files by adding the line: +# +#Alias /error/include/ "/your/include/path/" +# +# which allows you to create your own set of files by starting with the +# /usr/share/apache2/error/include/ files and copying them to /your/include/path/, +# even on a per-VirtualHost basis. If you include the Alias in the global server +# context, is has to come _before_ the 'Alias /error/ ...' line. +# +# The default include files will display your Apache version number and your +# ServerAdmin email address regardless of the setting of ServerSignature. +# +# WARNING: The configuration below will NOT work out of the box if you have a +# SetHandler directive in a <Location /> context somewhere. Adding +# the following three lines AFTER the <Location /> context should +# make it work in most cases: +# <Location /error/> +# SetHandler none +# </Location> +# +# The internationalized error documents require mod_alias, mod_include +# and mod_negotiation. To activate them, uncomment the following 37 lines. + +#<IfModule mod_negotiation.c> +# <IfModule mod_include.c> +# <IfModule mod_alias.c> +# +# Alias /error/ "/usr/share/apache2/error/" +# +# <Directory "/usr/share/apache2/error"> +# Options IncludesNoExec +# AddOutputFilter Includes html +# AddHandler type-map var +# Order allow,deny +# Allow from all +# LanguagePriority en cs de es fr it nl sv pt-br ro +# ForceLanguagePriority Prefer Fallback +# </Directory> +# +# ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var +# ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var +# ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var +# ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var +# ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var +# ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var +# ErrorDocument 410 /error/HTTP_GONE.html.var +# ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var +# ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var +# ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var +# ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var +# ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var +# ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var +# ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var +# ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var +# ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var +# ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var +# </IfModule> +# </IfModule> +#</IfModule> + +# vim: syntax=apache ts=4 sw=4 sts=4 sr noet diff --git a/debian/config-dir/conf-available/other-vhosts-access-log.conf b/debian/config-dir/conf-available/other-vhosts-access-log.conf new file mode 100644 index 0000000..5e9f5e9 --- /dev/null +++ b/debian/config-dir/conf-available/other-vhosts-access-log.conf @@ -0,0 +1,4 @@ +# Define an access log for VirtualHosts that don't define their own logfile +CustomLog ${APACHE_LOG_DIR}/other_vhosts_access.log vhost_combined + +# vim: syntax=apache ts=4 sw=4 sts=4 sr noet diff --git a/debian/config-dir/conf-available/security.conf b/debian/config-dir/conf-available/security.conf new file mode 100644 index 0000000..f9f69d4 --- /dev/null +++ b/debian/config-dir/conf-available/security.conf @@ -0,0 +1,73 @@ +# +# Disable access to the entire file system except for the directories that +# are explicitly allowed later. +# +# This currently breaks the configurations that come with some web application +# Debian packages. +# +#<Directory /> +# AllowOverride None +# Require all denied +#</Directory> + + +# Changing the following options will not really affect the security of the +# server, but might make attacks slightly more difficult in some cases. + +# +# ServerTokens +# This directive configures what you return as the Server HTTP response +# Header. The default is 'Full' which sends information about the OS-Type +# and compiled in modules. +# Set to one of: Full | OS | Minimal | Minor | Major | Prod +# where Full conveys the most information, and Prod the least. +#ServerTokens Minimal +ServerTokens OS +#ServerTokens Full + +# +# Optionally add a line containing the server version and virtual host +# name to server-generated pages (internal error documents, FTP directory +# listings, mod_status and mod_info output etc., but not CGI generated +# documents or custom error documents). +# Set to "EMail" to also include a mailto: link to the ServerAdmin. +# Set to one of: On | Off | EMail +#ServerSignature Off +ServerSignature On + +# +# Allow TRACE method +# +# Set to "extended" to also reflect the request body (only for testing and +# diagnostic purposes). +# +# Set to one of: On | Off | extended +TraceEnable Off +#TraceEnable On + +# +# Forbid access to version control directories +# +# If you use version control systems in your document root, you should +# probably deny access to their directories. For example, for subversion: +# +#<DirectoryMatch "/\.svn"> +# Require all denied +#</DirectoryMatch> + +# +# Setting this header will prevent MSIE from interpreting files as something +# else than declared by the content type in the HTTP headers. +# Requires mod_headers to be enabled. +# +#Header set X-Content-Type-Options: "nosniff" + +# +# Setting this header will prevent other sites from embedding pages from this +# site as frames. This defends against clickjacking attacks. +# Requires mod_headers to be enabled. +# +#Header set X-Frame-Options: "sameorigin" + + +# vim: syntax=apache ts=4 sw=4 sts=4 sr noet diff --git a/debian/config-dir/conf-available/serve-cgi-bin.conf b/debian/config-dir/conf-available/serve-cgi-bin.conf new file mode 100644 index 0000000..b02782d --- /dev/null +++ b/debian/config-dir/conf-available/serve-cgi-bin.conf @@ -0,0 +1,20 @@ +<IfModule mod_alias.c> + <IfModule mod_cgi.c> + Define ENABLE_USR_LIB_CGI_BIN + </IfModule> + + <IfModule mod_cgid.c> + Define ENABLE_USR_LIB_CGI_BIN + </IfModule> + + <IfDefine ENABLE_USR_LIB_CGI_BIN> + ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/ + <Directory "/usr/lib/cgi-bin"> + AllowOverride None + Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch + Require all granted + </Directory> + </IfDefine> +</IfModule> + +# vim: syntax=apache ts=4 sw=4 sts=4 sr noet |