summaryrefslogtreecommitdiffstats
path: root/2.4/conf
diff options
context:
space:
mode:
Diffstat (limited to '2.4/conf')
-rw-r--r--2.4/conf/conf-available/dav.conf25
-rw-r--r--2.4/conf/sites-available/default-ssl.conf18
-rw-r--r--2.4/conf/sites-available/default.conf11
3 files changed, 54 insertions, 0 deletions
diff --git a/2.4/conf/conf-available/dav.conf b/2.4/conf/conf-available/dav.conf
new file mode 100644
index 0000000..caacd03
--- /dev/null
+++ b/2.4/conf/conf-available/dav.conf
@@ -0,0 +1,25 @@
+DavLockDB "/var/lib/dav/DavLock"
+Alias / "/var/lib/dav/data/"
+<Directory "/var/lib/dav/data/">
+ Dav On
+ Options Indexes FollowSymLinks
+
+ AuthType Basic
+ AuthName "WebDAV"
+ AuthUserFile "/user.passwd"
+ <RequireAny>
+ Require valid-user
+ </RequireAny>
+</Directory>
+
+# These disable redirects on non-GET requests for directories that
+# don't include the trailing slash (for misbehaving clients).
+BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
+BrowserMatch "MS FrontPage" redirect-carefully
+BrowserMatch "^WebDrive" redirect-carefully
+BrowserMatch "^WebDAVFS/1.[01234]" redirect-carefully
+BrowserMatch "^gnome-vfs/1.0" redirect-carefully
+BrowserMatch "^XML Spy" redirect-carefully
+BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
+BrowserMatch " Konqueror/4" redirect-carefully
+BrowserMatch "^gvfs" redirect-carefully
diff --git a/2.4/conf/sites-available/default-ssl.conf b/2.4/conf/sites-available/default-ssl.conf
new file mode 100644
index 0000000..ef90866
--- /dev/null
+++ b/2.4/conf/sites-available/default-ssl.conf
@@ -0,0 +1,18 @@
+Listen 443
+<VirtualHost *:443>
+ Protocols h2 http/1.1
+ ServerName localhost
+ DocumentRoot "/var/www/html/"
+ <Directory "/var/www/html/">
+ Require all denied
+ </Directory>
+ CustomLog /proc/self/fd/1 combined
+ ErrorLog /proc/self/fd/2
+ SSLEngine on
+ SSLCertificateFile /cert.pem
+ SSLCertificateKeyFile /privkey.pem
+ SSLProtocol all -SSLv3
+ SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
+ SSLHonorCipherOrder on
+ SSLSessionTickets off
+</VirtualHost>
diff --git a/2.4/conf/sites-available/default.conf b/2.4/conf/sites-available/default.conf
new file mode 100644
index 0000000..e309338
--- /dev/null
+++ b/2.4/conf/sites-available/default.conf
@@ -0,0 +1,11 @@
+<VirtualHost *:80>
+ ServerName localhost
+ DocumentRoot "/var/www/html/"
+ <Directory "/var/www/html/">
+ Require all denied
+ </Directory>
+ CustomLog /proc/self/fd/1 combined
+ ErrorLog /proc/self/fd/2
+ # This lets certain DAV methods work behind an SSL reverse proxy.
+ RequestHeader edit Destination ^https http early
+</VirtualHost>