-# This is a modification of the default Apache 2.2 configuration file
+# This is a modification of the default Apache 2.4 configuration file
# for Gentoo Linux.
#
# Support:
#
# This is the main Apache HTTP server configuration file. It contains the
# configuration directives that give the server its instructions.
-# See <URL:http://httpd.apache.org/docs/2.2> for detailed information.
+# See <URL:http://httpd.apache.org/docs/2.4> for detailed information.
# In particular, see
-# <URL:http://httpd.apache.org/docs/2.2/mod/directives.html>
+# <URL:http://httpd.apache.org/docs/2.4/mod/directives.html>
# for a discussion of each configuration directive.
#
# Do NOT simply read the instructions in here without understanding
# ServerRoot at a non-local disk, be sure to point the LockFile directive
# at a local disk. If you wish to share the same ServerRoot for multiple
# httpd daemons, you will need to change at least LockFile and PidFile.
+# Comment: The LockFile directive has been replaced by the Mutex directive
ServerRoot "/usr/lib64/apache2"
# Dynamic Shared Object (DSO) Support
#
# Change these at your own risk!
+LoadModule access_compat_module modules/mod_access_compat.so
LoadModule actions_module modules/mod_actions.so
LoadModule alias_module modules/mod_alias.so
LoadModule asis_module modules/mod_asis.so
<IfDefine AUTH_DIGEST>
LoadModule auth_digest_module modules/mod_auth_digest.so
</IfDefine>
-LoadModule authn_alias_module modules/mod_authn_alias.so
LoadModule authn_anon_module modules/mod_authn_anon.so
+LoadModule authn_core_module modules/mod_authn_core.so
LoadModule authn_dbd_module modules/mod_authn_dbd.so
LoadModule authn_dbm_module modules/mod_authn_dbm.so
-LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authn_file_module modules/mod_authn_file.so
<IfDefine AUTHNZ_LDAP>
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
</IfDefine>
+LoadModule authz_core_module modules/mod_authz_core.so
+LoadModule authz_dbd_module modules/mod_authz_dbd.so
LoadModule authz_dbm_module modules/mod_authz_dbm.so
-LoadModule authz_default_module modules/mod_authz_default.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_owner_module modules/mod_authz_owner.so
<IfDefine CACHE>
LoadModule cache_module modules/mod_cache.so
</IfDefine>
+<IfDefine CACHE>
+LoadModule cache_disk_module modules/mod_cache_disk.so
+</IfDefine>
LoadModule cern_meta_module modules/mod_cern_meta.so
LoadModule cgi_module modules/mod_cgi.so
LoadModule cgid_module modules/mod_cgid.so
LoadModule dbd_module modules/mod_dbd.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule dir_module modules/mod_dir.so
-<IfDefine CACHE>
-LoadModule disk_cache_module modules/mod_disk_cache.so
-</IfDefine>
LoadModule dumpio_module modules/mod_dumpio.so
LoadModule env_module modules/mod_env.so
LoadModule expires_module modules/mod_expires.so
</IfDefine>
LoadModule filter_module modules/mod_filter.so
LoadModule headers_module modules/mod_headers.so
+<IfDefine HTTP2>
+LoadModule http2_module modules/mod_http2.so
+</IfDefine>
LoadModule ident_module modules/mod_ident.so
LoadModule imagemap_module modules/mod_imagemap.so
LoadModule include_module modules/mod_include.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule log_forensic_module modules/mod_log_forensic.so
LoadModule logio_module modules/mod_logio.so
-<IfDefine CACHE>
-LoadModule mem_cache_module modules/mod_mem_cache.so
-</IfDefine>
+LoadModule macro_module modules/mod_macro.so
LoadModule mime_module modules/mod_mime.so
LoadModule mime_magic_module modules/mod_mime_magic.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule proxy_connect_module modules/mod_proxy_connect.so
</IfDefine>
<IfDefine PROXY>
+LoadModule proxy_fcgi_module modules/mod_proxy_fcgi.so
+</IfDefine>
+<IfDefine PROXY>
LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
</IfDefine>
<IfDefine PROXY>
+LoadModule proxy_html_module modules/mod_proxy_html.so
+</IfDefine>
+<IfDefine PROXY>
LoadModule proxy_http_module modules/mod_proxy_http.so
</IfDefine>
+<IfDefine PROXY>
+LoadModule proxy_scgi_module modules/mod_proxy_scgi.so
+</IfDefine>
+<IfDefine PROXY>
+LoadModule proxy_wstunnel_module modules/mod_proxy_wstunnel.so
+</IfDefine>
+LoadModule ratelimit_module modules/mod_ratelimit.so
+LoadModule remoteip_module modules/mod_remoteip.so
+LoadModule reqtimeout_module modules/mod_reqtimeout.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule setenvif_module modules/mod_setenvif.so
+LoadModule slotmem_shm_module modules/mod_slotmem_shm.so
+<IfDefine SSL>
+LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
+</IfDefine>
LoadModule speling_module modules/mod_speling.so
<IfDefine SSL>
LoadModule ssl_module modules/mod_ssl.so
LoadModule suexec_module modules/mod_suexec.so
</IfDefine>
LoadModule unique_id_module modules/mod_unique_id.so
+LoadModule unixd_module modules/mod_unixd.so
<IfDefine USERDIR>
LoadModule userdir_module modules/mod_userdir.so
</IfDefine>
#0 string CP color pointer
#0 string BA bitmap array
+0 string \x89PNG image/png
+0 string FWS application/x-shockwave-flash
+0 string CWS application/x-shockwave-flash
#------------------------------------------------------------------------------
# lisp: file(1) magic for lisp programs
# Provide access to the documentation on your server as
# http://yourserver.example.com/manual/
# The documentation is always available at
-# http://httpd.apache.org/docs/2.2/
+# http://httpd.apache.org/docs/2.4/
<IfModule negotiation_module>
<IfModule setenvif_module>
<IfDefine MANUAL>
-AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.2.31/manual$1"
+AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br))?(/.*)?$ "/usr/share/doc/apache-2.4.18/manual$1"
-<Directory "/usr/share/doc/apache-2.2.31/manual">
+<Directory "/usr/share/doc/apache-2.4.18/manual">
Options Indexes
AllowOverride None
- Order allow,deny
- Allow from all
+ Require all granted
<Files *.html>
SetHandler type-map
# filesystems or if support for these functions is otherwise
# broken on your system.
EnableMMAP On
-EnableSendfile On
+EnableSendfile Off
-# FileEtag: Configures the file attributes that are used to create
+# FileETag: Configures the file attributes that are used to create
# the ETag (entity tag) response header field when the document is
# based on a static file. (The ETag value is used in cache management
# to save network bandwidth.)
-FileEtag INode MTime Size
+FileETag MTime Size
# ContentDigest: This directive enables the generation of Content-MD5
# headers as defined in RFC1864 respectively RFC2616.
<Directory />
Options FollowSymLinks
AllowOverride None
- Order deny,allow
- Deny from all
+ Require all denied
</Directory>
# DirectoryIndex: sets the file that Apache will serve if a directory
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
<FilesMatch "^\.ht">
- Order allow,deny
- Deny from all
+ Require all denied
</FilesMatch>
# vim: ts=4 filetype=apache
Options IncludesNoExec
AddOutputFilter Includes html
AddHandler type-map var
- Order allow,deny
- Allow from all
+ Require all granted
LanguagePriority en cs de es fr it ja ko nl pl pt-br ro sv tr
ForceLanguagePriority Prefer Fallback
</Directory>
<Directory "/usr/share/apache2/icons">
Options Indexes MultiViews
AllowOverride None
- Order allow,deny
- Allow from all
+ Require all granted
</Directory>
</IfModule>
# http://servername/server-info
<Location /server-info>
SetHandler server-info
- Order deny,allow
- Deny from all
- Allow from 127.0.0.1
+ Require local
</Location>
</IfDefine>
-# DefaultType: the default MIME type the server will use for a document
-# if it cannot otherwise determine one, such as from filename extensions.
-# If your server contains mostly text or HTML documents, "text/plain" is
-# a good value. If most of your content is binary, such as applications
-# or images, you may want to use "application/octet-stream" instead to
-# keep browsers from trying to display binary files as though they are
-# text.
-DefaultType text/plain
-
<IfModule mime_module>
# TypesConfig points to the file containing the list of mappings from
# filename extension to MIME-type.
# with the URL of http://servername/server-status
<Location /server-status>
SetHandler server-status
- Order deny,allow
- Deny from all
- Allow from 127.0.0.1
+ Require local
</Location>
# ExtendedStatus controls whether Apache will generate "full" status
AllowOverride FileInfo AuthConfig Limit Indexes
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
<Limit GET POST OPTIONS>
- Order allow,deny
- Allow from all
+ Require all granted
</Limit>
<LimitExcept GET POST OPTIONS>
- Order deny,allow
- Deny from all
+ Require all denied
</LimitExcept>
</Directory>
# identification number when it starts.
#
# DO NOT CHANGE UNLESS YOU KNOW WHAT YOU ARE DOING
-PidFile /var/run/apache2.pid
+PidFile /run/apache2.pid
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
-#LockFile /var/run/apache2.lock
+# Mutex file:/run/apache_mpm_mutex
# Only one of the below sections will be relevant on your
# installed httpd. Use "/usr/sbin/apache2 -l" to find out the
# These configuration directives apply to all MPMs
#
# StartServers: Number of child server processes created at startup
-# MaxClients: Maximum number of child processes to serve requests
-# MaxRequestsPerChild: Limit on the number of requests that an individual child
-# server will handle during its life
+# MaxRequestWorkers: Maximum number of child processes to serve requests
+# MaxConnectionsPerChild: Limit on the number of connections that an individual
+# child server will handle during its life
# prefork MPM
StartServers 5
MinSpareServers 5
MaxSpareServers 10
- MaxClients 150
- MaxRequestsPerChild 10000
+ MaxRequestWorkers 150
+ MaxConnectionsPerChild 10000
</IfModule>
# worker MPM
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
- MaxClients 150
- MaxRequestsPerChild 10000
+ MaxRequestWorkers 150
+ MaxConnectionsPerChild 10000
</IfModule>
# event MPM
MinSpareThreads 25
MaxSpareThreads 75
ThreadsPerChild 25
- MaxClients 150
- MaxRequestsPerChild 10000
+ MaxRequestWorkers 150
+ MaxConnectionsPerChild 10000
</IfModule>
# peruser MPM
MinSpareProcessors 2
MinProcessors 2
MaxProcessors 10
- MaxClients 150
- MaxRequestsPerChild 1000
+ MaxRequestWorkers 150
+ MaxConnectionsPerChild 1000
ExpireTimeout 1800
Multiplexer nobody nobody
StartServers 5
MinSpareServers 5
MaxSpareServers 10
- MaxClients 150
- MaxRequestsPerChild 10000
+ MaxRequestWorkers 150
+ MaxConnectionsPerChild 10000
</IfModule>
# vim: ts=4 filetype=apache
# This is the Apache server configuration file providing SSL support.
# It contains the configuration directives to instruct the server how to
# serve pages over an https connection. For detailing information about these
-# directives see <URL:http://httpd.apache.org/docs/2.2/mod/mod_ssl.html>
+# directives see <URL:http://httpd.apache.org/docs/2.4/mod/mod_ssl.html>
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
## Inter-Process Session Cache:
# Configure the SSL Session Cache: First the mechanism to use and second the
# expiring timeout (in seconds).
-#SSLSessionCache dbm:/var/run/ssl_scache
-SSLSessionCache shmcb:/var/run/ssl_scache(512000)
+#SSLSessionCache dbm:/run/ssl_scache
+SSLSessionCache shmcb:/run/ssl_scache(512000)
SSLSessionCacheTimeout 300
## Semaphore:
# Configure the path to the mutual exclusion semaphore the SSL engine uses
# internally for inter-process synchronization.
-SSLMutex file:/var/run/ssl_mutex
+Mutex file:/run/apache_ssl_mutex ssl-cache
## SSL Compression:
# Known to be vulnerable thus disabled by default (bug #507324).
<Location /ldap-status>
SetHandler ldap-status
- Order deny,allow
- Deny from all
- Allow from 127.0.0.1
+ Require local
</Location>
</IfDefine>
# IP addresses. This is indicated by the asterisks in the directives below.
#
# Please see the documentation at
-# <URL:http://httpd.apache.org/docs/2.2/vhosts/>
+# <URL:http://httpd.apache.org/docs/2.4/vhosts/>
# for further details before you try to setup virtual hosts.
#
# You may use the command line option '-S' to verify your virtual host
#Listen 12.34.56.78:80
Listen 80
-# Use name-based virtual hosting.
-NameVirtualHost *:80
-
# When virtual hosts are enabled, the main host defined in the default
# httpd.conf configuration will go away. We redefine it here so that it is
# still available.
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
- # http://httpd.apache.org/docs/2.2/mod/core.html#options
+ # http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
Options Indexes FollowSymLinks
AllowOverride All
# Controls who can get stuff from this server.
- Order allow,deny
- Allow from all
+ Require all granted
</Directory>
<IfModule alias_module>
<Directory "/var/www/localhost/cgi-bin">
AllowOverride None
Options None
- Order allow,deny
- Allow from all
+ Require all granted
</Directory>
# vim: ts=4 filetype=apache
}
checkconfig() {
+ checkpath --directory /run/apache_ssl_mutex
checkconfd || return 1
${APACHE2} ${APACHE2_OPTS} -t 1>/dev/null 2>&1