- added example for REST api

Marius Burkard

2016-05-23 9376d70f0ccba49ead95ef47f0ecba568ea2d6e1

 install/tpl/apache_ispconfig.vhost.master

@@ -1,4 +1,3 @@

######################################################
# This virtual host contains the configuration
# for the ISPConfig controlpanel
@@ -9,102 +8,111 @@

<VirtualHost _default_:<tmpl_var name="vhost_port">>
  ServerAdmin webmaster@localhost
  

  <FilesMatch "\.ph(p3?|tml)$">
    SetHandler None
  </FilesMatch>
  

  <IfModule mod_fcgid.c>
    DocumentRoot /var/www/ispconfig/
    SuexecUserGroup ispconfig ispconfig
    <Directory /var/www/ispconfig/>
      Options -Indexes +FollowSymLinks +MultiViews +ExecCGI
      AllowOverride AuthConfig Indexes Limit Options FileInfo
     <FilesMatch "\.php$">
        SetHandler fcgid-script
     </FilesMatch>
      <FilesMatch "\.php$">
        SetHandler fcgid-script
      </FilesMatch>
      FCGIWrapper /var/www/php-fcgi-scripts/ispconfig/.php-fcgi-starter .php
      <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
     Require all granted
     <tmpl_else>
      Require all granted
      <tmpl_else>
      Order allow,deny
      Allow from all
     </tmpl_if>
      </tmpl_if>
    </Directory>
    IPCCommTimeout  7200
   MaxRequestLen 15728640
    MaxRequestLen 15728640
  </IfModule>
  

  <IfModule mpm_itk_module>
    DocumentRoot /usr/local/ispconfig/interface/web/
   AssignUserId ispconfig ispconfig
    AssignUserId ispconfig ispconfig
    AddType application/x-httpd-php .php
    <Directory /usr/local/ispconfig/interface/web>
      # php_admin_value open_basedir "/usr/local/ispconfig/interface:/usr/share:/tmp"
      Options +FollowSymLinks
      AllowOverride None
      <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
     Require all granted
     <tmpl_else>
      Require all granted
      <tmpl_else>
      Order allow,deny
      Allow from all
     </tmpl_if>
     php_value magic_quotes_gpc        0
      </tmpl_if>
      php_value magic_quotes_gpc        0
    </Directory>
  </IfModule>
  

  # ErrorLog /var/log/apache2/error.log
  # CustomLog /var/log/apache2/access.log combined
  ServerSignature Off
  

  <IfModule mod_security2.c>
    SecRuleEngine Off
  </IfModule>

  # SSL Configuration
  <tmpl_var name="ssl_comment">SSLEngine On
  <tmpl_if name='apache_version' op='>=' value='2.3.16' format='version'>
  <tmpl_var name="ssl_comment">SSLProtocol All -SSLv3
  <tmpl_else>
  <tmpl_var name="ssl_comment">SSLProtocol All -SSLv2 -SSLv3
  </tmpl_if>
  <tmpl_var name="ssl_comment">SSLCertificateFile /usr/local/ispconfig/interface/ssl/ispserver.crt
  <tmpl_var name="ssl_comment">SSLCertificateKeyFile /usr/local/ispconfig/interface/ssl/ispserver.key
  <tmpl_var name="ssl_bundle_comment">SSLCACertificateFile /usr/local/ispconfig/interface/ssl/ispserver.bundle

  <tmpl_var name="ssl_comment">SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:E$
  <tmpl_var name="ssl_comment">SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
  <tmpl_var name="ssl_comment">SSLHonorCipherOrder On
  <tmpl_if name='apache_version' op='>=' value='2.4.3' format='version'>
  <tmpl_var name="ssl_comment">SSLCompression Off
  </tmpl_if>
  <tmpl_if name='apache_version' op='>=' value='2.4.11' format='version'>
  <tmpl_var name="ssl_comment">SSLSessionTickets Off
  </tmpl_if>

  <IfModule mod_headers.c>
    Header always add Strict-Transport-Security "max-age=15768000"
  </IfModule>

<tmpl_if name='apache_version' op='>=' value='2.4' format='version'>
  <tmpl_var name="ssl_comment">SSLUseStapling on
  <tmpl_if name='apache_version' op='>=' value='2.3.3' format='version'>
  <tmpl_var name="ssl_comment">SSLUseStapling On
  <tmpl_var name="ssl_comment">SSLStaplingResponderTimeout 5
  <tmpl_var name="ssl_comment">SSLStaplingReturnResponderErrors off
</tmpl_if>
  <tmpl_var name="ssl_comment">SSLStaplingReturnResponderErrors Off
  </tmpl_if>
</VirtualHost>

<tmpl_if name='apache_version' op='>=' value='2.4' format='version'>
<tmpl_if name='apache_version' op='>=' value='2.3.3' format='version'>
<IfModule mod_ssl.c>
  <tmpl_var name="ssl_comment">SSLStaplingCache shmcb:/var/run/ocsp(128000)
</IfModule>
</tmpl_if>

<Directory /var/www/php-cgi-scripts>
    AllowOverride None
   <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
   Require all denied
   <tmpl_else>
    Order Deny,Allow
    Deny from all
   </tmpl_if>
  AllowOverride None
  <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
  Require all denied
  <tmpl_else>
  Order Deny,Allow
  Deny from all
  </tmpl_if>
</Directory>

<Directory /var/www/php-fcgi-scripts>
    AllowOverride None
    <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
   Require all denied
   <tmpl_else>
    Order Deny,Allow
    Deny from all
   </tmpl_if>
  AllowOverride None
  <tmpl_if name='apache_version' op='>' value='2.2' format='version'>
  Require all denied
  <tmpl_else>
  Order Deny,Allow
  Deny from all
  </tmpl_if>
</Directory>