summaryrefslogtreecommitdiffstats
path: root/debian/config-dir/conf-available
diff options
context:
space:
mode:
Diffstat (limited to 'debian/config-dir/conf-available')
-rw-r--r--debian/config-dir/conf-available/charset.conf6
-rw-r--r--debian/config-dir/conf-available/localized-error-pages.conf79
-rw-r--r--debian/config-dir/conf-available/other-vhosts-access-log.conf2
-rw-r--r--debian/config-dir/conf-available/security.conf58
-rw-r--r--debian/config-dir/conf-available/serve-cgi-bin.conf18
5 files changed, 163 insertions, 0 deletions
diff --git a/debian/config-dir/conf-available/charset.conf b/debian/config-dir/conf-available/charset.conf
new file mode 100644
index 0000000..40d7198
--- /dev/null
+++ b/debian/config-dir/conf-available/charset.conf
@@ -0,0 +1,6 @@
+# Read the documentation before enabling AddDefaultCharset.
+# In general, it is only a good idea if you know that all your files
+# have this encoding. It will override any encoding given in the files
+# in meta http-equiv or xml encoding tags.
+
+#AddDefaultCharset UTF-8
diff --git a/debian/config-dir/conf-available/localized-error-pages.conf b/debian/config-dir/conf-available/localized-error-pages.conf
new file mode 100644
index 0000000..a3a198a
--- /dev/null
+++ b/debian/config-dir/conf-available/localized-error-pages.conf
@@ -0,0 +1,79 @@
+# Customizable error responses come in three flavors:
+# 1) plain text
+# 2) local redirects
+# 3) external redirects
+#
+# Some examples:
+#ErrorDocument 500 "The server made a boo boo."
+#ErrorDocument 404 /missing.html
+#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
+#ErrorDocument 402 http://www.example.com/subscription_info.html
+#
+
+#
+# Putting this all together, we can internationalize error responses.
+#
+# We use Alias to redirect any /error/HTTP_<error>.html.var response to
+# our collection of by-error message multi-language collections. We use
+# includes to substitute the appropriate text.
+#
+# You can modify the messages' appearance without changing any of the
+# default HTTP_<error>.html.var files by adding the line:
+#
+#Alias /error/include/ "/your/include/path/"
+#
+# which allows you to create your own set of files by starting with the
+# /usr/share/apache2/error/include/ files and copying them to /your/include/path/,
+# even on a per-VirtualHost basis. If you include the Alias in the global server
+# context, is has to come _before_ the 'Alias /error/ ...' line.
+#
+# The default include files will display your Apache version number and your
+# ServerAdmin email address regardless of the setting of ServerSignature.
+#
+# WARNING: The configuration below will NOT work out of the box if you have a
+# SetHandler directive in a <Location /> context somewhere. Adding
+# the following three lines AFTER the <Location /> context should
+# make it work in most cases:
+# <Location /error/>
+# SetHandler none
+# </Location>
+#
+# The internationalized error documents require mod_alias, mod_include
+# and mod_negotiation. To activate them, uncomment the following 37 lines.
+
+#<IfModule mod_negotiation.c>
+# <IfModule mod_include.c>
+# <IfModule mod_alias.c>
+#
+# Alias /error/ "/usr/share/apache2/error/"
+#
+# <Directory "/usr/share/apache2/error">
+# Options IncludesNoExec
+# AddOutputFilter Includes html
+# AddHandler type-map var
+# Order allow,deny
+# Allow from all
+# LanguagePriority en cs de es fr it nl sv pt-br ro
+# ForceLanguagePriority Prefer Fallback
+# </Directory>
+#
+# ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
+# ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
+# ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
+# ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
+# ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
+# ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
+# ErrorDocument 410 /error/HTTP_GONE.html.var
+# ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
+# ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
+# ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
+# ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
+# ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
+# ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
+# ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
+# ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
+# ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
+# ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var
+# </IfModule>
+# </IfModule>
+#</IfModule>
diff --git a/debian/config-dir/conf-available/other-vhosts-access-log.conf b/debian/config-dir/conf-available/other-vhosts-access-log.conf
new file mode 100644
index 0000000..9f7aecd
--- /dev/null
+++ b/debian/config-dir/conf-available/other-vhosts-access-log.conf
@@ -0,0 +1,2 @@
+# Define an access log for VirtualHosts that don't define their own logfile
+CustomLog ${APACHE_LOG_DIR}/other_vhosts_access.log vhost_combined
diff --git a/debian/config-dir/conf-available/security.conf b/debian/config-dir/conf-available/security.conf
new file mode 100644
index 0000000..cad7dc1
--- /dev/null
+++ b/debian/config-dir/conf-available/security.conf
@@ -0,0 +1,58 @@
+# Changing the following options will not really affect the security of the
+# server, but might make attacks slightly more difficult in some cases.
+
+#
+# ServerTokens
+# This directive configures what you return as the Server HTTP response
+# Header. The default is 'Full' which sends information about the OS-Type
+# and compiled in modules.
+# Set to one of: Full | OS | Minimal | Minor | Major | Prod
+# where Full conveys the most information, and Prod the least.
+#ServerTokens Minimal
+ServerTokens OS
+#ServerTokens Full
+
+#
+# Optionally add a line containing the server version and virtual host
+# name to server-generated pages (internal error documents, FTP directory
+# listings, mod_status and mod_info output etc., but not CGI generated
+# documents or custom error documents).
+# Set to "EMail" to also include a mailto: link to the ServerAdmin.
+# Set to one of: On | Off | EMail
+#ServerSignature Off
+ServerSignature On
+
+#
+# Allow TRACE method
+#
+# Set to "extended" to also reflect the request body (only for testing and
+# diagnostic purposes).
+#
+# Set to one of: On | Off | extended
+TraceEnable Off
+#TraceEnable On
+
+#
+# Forbid access to version control directories
+#
+# If you use version control systems in your document root, you should
+# probably deny access to their directories.
+#
+# Examples:
+#
+#RedirectMatch 404 /\.git
+#RedirectMatch 404 /\.svn
+
+#
+# Setting this header will prevent MSIE from interpreting files as something
+# else than declared by the content type in the HTTP headers.
+# Requires mod_headers to be enabled.
+#
+#Header set X-Content-Type-Options: "nosniff"
+
+#
+# Setting this header will prevent other sites from embedding pages from this
+# site as frames. This defends against clickjacking attacks.
+# Requires mod_headers to be enabled.
+#
+#Header set Content-Security-Policy "frame-ancestors 'self';"
diff --git a/debian/config-dir/conf-available/serve-cgi-bin.conf b/debian/config-dir/conf-available/serve-cgi-bin.conf
new file mode 100644
index 0000000..ae660b1
--- /dev/null
+++ b/debian/config-dir/conf-available/serve-cgi-bin.conf
@@ -0,0 +1,18 @@
+<IfModule mod_alias.c>
+ <IfModule mod_cgi.c>
+ Define ENABLE_USR_LIB_CGI_BIN
+ </IfModule>
+
+ <IfModule mod_cgid.c>
+ Define ENABLE_USR_LIB_CGI_BIN
+ </IfModule>
+
+ <IfDefine ENABLE_USR_LIB_CGI_BIN>
+ ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
+ <Directory "/usr/lib/cgi-bin">
+ AllowOverride None
+ Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
+ Require all granted
+ </Directory>
+ </IfDefine>
+</IfModule>