Pick a Free OS

Web server tutorial - Part 3

AuthUserFile /etc/httpd/conf/passwd

EnableDelete Off

umask 007

<Limit PUT>

require valid-user

</Limit>

</Location>

To allow server status reports, use servername/server-status and change the ".your_domain.com" to match your domain to enable.


<Location /server-status>

SetHandler server-status

Order deny,allow

Deny from all

Allow from .your_domain.com

</Location>

To allow remote server configuration reports go to servername/server-info (requires that mod_info.c be loaded), and now change the ".your_domain.com" to match your domain to enable.

<Location /server-info>

SetHandler server-info

Order deny,allow

Deny from all

Allow from .your_domain.com

</Location>

You can allow access to local system documentation from localhost by:

Alias /doc/ /usr/doc/

<Location /doc>

order deny,allow

deny from all

allow from localhost

Options Indexes FollowSymLinks

</Location>

Checking attacks

There have been reports of people trying to abuse an old bug from pre-1.1 days. This bug involved a CGI script distributed as a part of Apache. By uncommenting these lines you can redirect these attacks to a logging script on phf.Apache.org. Or, you can record them yourself, using the script support/phf_abuse_log.cgi.


<Location /cgi-bin/phf*>

Deny from all

ErrorDocument 403 < a href=http://phf.Apache.org/phf_abuse_log.cgi> Apache.org/phf_abuse_log.cgi

</Location>

Proxy Server directives

Uncomment the following lines to enable the proxy server

<IfModule mod_proxy.c>

ProxyRequests On


<Directory proxy:*>

Order deny,allow

Deny from all

Allow froms .your_domain.com

</Directory>

Enable/disable the handling of HTTP/1.1 "Via:" headers.

( "Full" adds the server version; "Block" removes all outgoing Via: headers)

Set to one of: Off | On | Full | Block

ProxyVia On

To enable the cache as well, edit and uncomment the following lines: