|
######################################################
|
# This virtual host contains the configuration
|
# for the ISPConfig controlpanel
|
######################################################
|
|
<tmpl_var name="vhost_port_listen"> Listen <tmpl_var name="vhost_port">
|
NameVirtualHost *:<tmpl_var name="vhost_port">
|
|
<VirtualHost _default_:<tmpl_var name="vhost_port">>
|
ServerAdmin webmaster@localhost
|
|
<FilesMatch "\.ph(p3?|tml)$">
|
SetHandler None
|
</FilesMatch>
|
|
<IfModule mod_fcgid.c>
|
DocumentRoot /var/www/ispconfig/
|
SuexecUserGroup ispconfig ispconfig
|
<Directory /var/www/ispconfig/>
|
Options -Indexes +FollowSymLinks +MultiViews +ExecCGI
|
AllowOverride AuthConfig Indexes Limit Options FileInfo
|
<FilesMatch "\.php$">
|
SetHandler fcgid-script
|
</FilesMatch>
|
FCGIWrapper /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter .php
|
<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
|
Require all granted
|
<tmpl_else>
|
Order allow,deny
|
Allow from all
|
</tmpl_if>
|
</Directory>
|
IPCCommTimeout 7200
|
MaxRequestLen 15728640
|
</IfModule>
|
|
<IfModule mpm_itk_module>
|
DocumentRoot /usr/local/ispconfig/interface/web/
|
AssignUserId ispconfig ispconfig
|
AddType application/x-httpd-php .php
|
<Directory /usr/local/ispconfig/interface/web>
|
# php_admin_value open_basedir "/usr/local/ispconfig/interface:/usr/share:/tmp"
|
Options +FollowSymLinks
|
AllowOverride None
|
<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
|
Require all granted
|
<tmpl_else>
|
Order allow,deny
|
Allow from all
|
</tmpl_if>
|
php_value magic_quotes_gpc 0
|
</Directory>
|
</IfModule>
|
|
# ErrorLog /var/log/apache2/error.log
|
# CustomLog /var/log/apache2/access.log combined
|
ServerSignature Off
|
|
<IfModule mod_security2.c>
|
SecRuleEngine Off
|
</IfModule>
|
|
# SSL Configuration
|
<tmpl_var name="ssl_comment">SSLEngine On
|
<tmpl_var name="ssl_comment">SSLProtocol All -SSLv2 -SSLv3
|
<tmpl_var name="ssl_comment">SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt
|
<tmpl_var name="ssl_comment">SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/ispserver.key
|
<tmpl_var name="ssl_bundle_comment">SSLCACertificateFile /usr/local/ispconfig/interface/ssl/ispserver.bundle
|
|
<tmpl_var name="ssl_comment">SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:E$
|
<tmpl_var name="ssl_comment">SSLHonorCipherOrder On
|
|
<IfModule mod_headers.c>
|
Header always add Strict-Transport-Security "max-age=15768000"
|
</IfModule>
|
|
<tmpl_if name='apache_version' op='>=' value='2.4' format='version'>
|
<tmpl_var name="ssl_comment">SSLUseStapling on
|
<tmpl_var name="ssl_comment">SSLStaplingResponderTimeout 5
|
<tmpl_var name="ssl_comment">SSLStaplingReturnResponderErrors off
|
</tmpl_if>
|
</VirtualHost>
|
|
<tmpl_if name='apache_version' op='>=' value='2.4' format='version'>
|
<IfModule mod_ssl.c>
|
<tmpl_var name="ssl_comment">SSLStaplingCache shmcb:/var/run/ocsp(128000)
|
</IfModule>
|
</tmpl_if>
|
|
<Directory /var/www/php-cgi-scripts>
|
AllowOverride None
|
<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
|
Require all denied
|
<tmpl_else>
|
Order Deny,Allow
|
Deny from all
|
</tmpl_if>
|
</Directory>
|
|
<Directory /var/www/php-fcgi-scripts>
|
AllowOverride None
|
<tmpl_if name='apache_version' op='>' value='2.2' format='version'>
|
Require all denied
|
<tmpl_else>
|
Order Deny,Allow
|
Deny from all
|
</tmpl_if>
|
</Directory>
|