# Autogenerated httpd.conf file for Foswiki. # Generated at https://foswiki.org/Support/ApacheConfigGenerator?vhost=10.13.24.12;port=;dir=/extrnapps;symlink=;pathurl=http:/10.13.24.12/foswiki;shorterurls=enabled;engine=CGI;fastcgimodule=fcgid;fcgidreqlen=;apver=2;confighost=;configip=;configuser=;loginmanager=None;htpath=;errordocument=UserRegistration;errorcustom=;disablephp=on;blockpubhtml=;blocktrashpub=;controlattach=;blockspiders=;foswikiversion=2.x;apacheversion=2.4;timeout=;ssl=;sslcert=/etc/ssl/apache2/yourservercert.pem;sslchain=/etc/ssl/apache2/sub.class1.server.ca.pem;sslkey=/etc/ssl/apache2/yourservercertkey.pem # Configuration generated for Foswiki 2.x, Apache 2.4 Define foswikiroot "/extrnapps" ServerAdmin webmaster@10.13.24.12 DocumentRoot "${foswikiroot}" ServerName 10.13.24.12 # The Alias defines a url that points to the root of the Foswiki installation. # The first parameter will be part of the URL to your installation e.g. # http://my.co.uk/foswiki/bin/view/... # The second parameter must point to the physical path on your disc. ScriptAlias http:/10.13.24.12/foswiki/bin "${foswikiroot}/bin" # The following Alias is used to access files in the pub directory (attachments etc) # It must come _after_ the ScriptAlias. # If short URLs are enabled, and any other local directories or files need to be accessed directly, they # must also be specified in an Alias statement, and must not conflict with a web name. Alias http:/10.13.24.12/foswiki/pub "${foswikiroot}/pub" Alias /robots.txt "${foswikiroot}/robots.txt" # Add aliases for any other files that must be read at the root level. eg. # Alias /google[somehashkey].html "${foswikiroot}/google[somehashkey].html" # Rewriting is required for Short URLs, and Attachment redirecting to viewfile RewriteEngine on #LogLevel alert rewrite:trace3 # short urls Alias http:/10.13.24.12/foswiki "${foswikiroot}/bin/view" RewriteRule ^http:/+10.13.24.12/+foswiki/+bin/+view/+(.*) http:/10.13.24.12/foswiki/$1 [L,NE,R] RewriteRule ^http:/+10.13.24.12/+foswiki/+bin/+view$ http:/10.13.24.12/foswiki/ [L,NE,R] # This enables access to the documents in the Foswiki root directory Require all granted Require not env blockAccess # This specifies the options on the Foswiki scripts directory. The ExecCGI # and SetHandler tell apache that it contains scripts. "Allow from all" # lets any IP address access this URL. # Note: If you use SELinux, you also have to "Allow httpd cgi support" in your SELinux policies AllowOverride None Require all granted Require not env blockAccess Options +ExecCGI -FollowSymLinks SetHandler cgi-script # Password file for Foswiki users AuthUserFile "${foswikiroot}/data/.htpasswd" AuthName 'Enter your WikiName: (First name and last name, no space, no dots, capitalized, e.g. JohnSmith). Cancel to register if you do not have one.' AuthType Basic # File to return on access control error (e.g. wrong password) ErrorDocument 401 http:/10.13.24.12/foswiki/System/UserRegistration # This sets the options on the pub directory, which contains attachments and # other files like CSS stylesheets and icons. AllowOverride None stops a # user installing a .htaccess file that overrides these options. # Note that files in pub are *not* protected by Foswiki Access Controls, # so if you want to control access to files attached to topics you need to # block access to the specific directories same way as the ApacheConfigGenerator # blocks access to the pub directory of the Trash web Options None Options -FollowSymLinks AllowOverride None Require all granted Require not env blockAccess ErrorDocument 404 http:/10.13.24.12/foswiki/bin/viewfile # If you have PHP installed as Apache module, one of the below directives will ensure # that it is disabled. The "ifmodule" statements should prevent this from causing # errors if php is not installed. php3_engine off php_admin_flag engine off php_admin_flag engine off # This line will redefine the mime type for the most common types of scripts AddType text/plain .shtml .php .php3 .phtml .phtm .pl .py .cgi # add an Expires header that is sufficiently in the future that the browser does not even ask if its uptodate # reducing the load on the server significantly # IF you can, you should enable this - it _will_ improve your Foswiki experience, even if you set it to under one day. # you may need to enable expires_module in your main apache config # # # ExpiresActive on # ExpiresDefault "access plus 11 days" # # # # Serve pre-compressed versions of .js and .css files, if they exist # Some browsers do not handle this correctly, which is why it is disabled by default # # RewriteCond %{HTTP:Accept-encoding} gzip # RewriteCond %{REQUEST_FILENAME}.gz -f # RewriteRule ^(.*)$ %{REQUEST_URI}.gz [L,QSA] # # # RewriteCond %{HTTP:Accept-encoding} gzip # RewriteCond %{REQUEST_FILENAME}.gz -f # RewriteRule ^([^?]*)\?(.*)$ $1.gz?$2 [L] # # # AddEncoding x-gzip .gz # AddType application/x-javascript .gz # # # AddEncoding x-gzip .gz # AddType text/css .gz # # Security note: All other directories should be set so # that they are *not* visible as URLs, so we set them as =deny from all=. Require all denied Require all denied Require all denied Require all denied Require all denied Require all denied # We set an environment variable called blockAccess. # # Setting a BrowserMatchNoCase to ^$ is important. It prevents Foswiki from # including its own topics as URLs and also prevents other Foswikis from # doing the same. This is important to prevent the most obvious # Denial of Service attacks. # # You can expand this by adding more BrowserMatchNoCase statements to # block evil browser agents trying to crawl your Foswiki # # Example: # BrowserMatchNoCase ^SiteSucker blockAccess # BrowserMatchNoCase ^$ blockAccess BrowserMatchNoCase ^$ blockAccess