summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2011-02-22try to fix a variable problemmh
2011-02-22fix template pathsmh
2011-02-22fix typomh
2011-02-22add missing parammh
2011-02-22add missing parammh
2011-02-22add STS header in default ssl configmh
2011-02-22first way to a unified partial based vhost templatemh
2011-01-30adding htpasswd for proxymh
2010-12-12update to latest secure ssl directivesmh
2010-12-12enable HTS everywheremh
2010-12-06add STS header for enforced SSL sitesmh
* http://en.wikipedia.org/wiki/Strict_Transport_Security This will tell browsers to interact with that site only per HTTPS.
2010-11-04allow setting of additional options for proxy vhostsmh
2010-11-01add htpasswd optionmh
2010-11-01introduce mod security for proxymh
2010-11-01correct namemh
2010-11-01add possibility to proxy vhostsmh
2010-10-25unify namingmh
2010-10-25improve redirect, so we don't stick on the servernamemh
2010-10-09fix typomh
2010-10-09only manage file parts if the file should actually be presentmh
2010-10-09pass run modemh
2010-10-06remove cgi-bin dir if we are removing the vhostmh
2010-09-03this selector doesn't work that waymh
2010-09-03fix php dir modes for new itk modesmh
2010-08-18add missing directive for ssl proxy vhostsmh
2010-08-17all itk modes need the userdir set to 755mh
2010-08-17correct statementmh
2010-08-17set correct domain, if domain is absent, what it is most of the timemh
2010-08-17fix cronjob domainmh
2010-08-17remove includes in defines that are called a lot, it looks like compile time ↵mh
goes up with such includes
2010-08-16use modules urlmh
2010-08-16correctly fix problemmh
2010-08-16override instead of redefinemh
2010-08-16correctly fix problemmh
2010-08-16fix include bugmh
2010-08-16improve vhosts stuffmh
- move various inclusion to the file define, as this is the last define for all in the chain - only include if our vhost is not set to absent
2010-08-16automatically include php for php vhostsmh
2010-08-16fix various missing things for itk_plus modemh
2010-08-16only set source or content when we actually manage the filemh
2010-08-16fix wrong param namingmh
2010-08-16impelement itk plus modemh
itk plus mode is an additional mode to deploy itk based hostings which should be a bit more performant. The idea is that we have two apache-instances running: A) prefork based, listening on the external interface B) itk based, listening on the loopback interface A) will serve all static webpages, as well as possibly serve all static content of dynamic websites. All requests to dynamic content will be redirected to B). The idea is that A) doesn't load any modules to server dynamic content at all. B) will serve all the dynamic scripts of a vhost. This will mean that for vhosts (static ones) as well as static content (all none dynamic scripts) we can benefit from the fast prefork model, while we can use itk's security model for all the dynamic scripts. There are two new additional run_modes: - proxy-itk: this just passes all requests to apache instance B). This one is similar to plain itk based mode and should be used for vhosts that shouldn't (yet) changed to the mixed mode. - static-itk: this passes only requests to dynamic scripts to B) while all static content is served by A). Beware that the user with which A) is running should be member of the run group of B) and all static files need to readable by the group. This reduces the security model you have with plain itk, as the prefork apache user will be able to read php (config-) files of any vhost that runs in static-itk mode. If you want to keep the level of security for a certain vhost, you need to run the specific vhost in proxy-itk mode. Note 1: you cannot run vhosts in itk mode and others in proxy or static itk mode. There is a duplicate file resource definition that blocks that possibility. Note 2: This mode works currently only on CentOS based systems, as no work have been done so far to implement an init.d script that's able to run 2 apache instances.
2010-08-11use default logpath as redirects usually don't have a root pathmh
2010-08-11remove unnecessary fileserver variable (#2460) round IImh
2010-08-11only manage source or content if file should be presentmh
2010-08-11only include noip logging if we actually need itmh
2010-08-11introduce logmode featuremh
We are now able to select how apache should log accesses. These modes are: * default: as you would use it * semianonym: no ips are logged for CustomLog, ErrorLog still logs ips * anonym: no ips are logged for CustomLog, ErrorLog is sent to /dev/null * nologs: all logs are sent to /dev/null
2010-08-07remove unnecessary fileserver variable (#2460)mh
2010-07-20clean up some possible loopsmh
2010-07-20fix wrong statementmh
2010-07-05remove duplicate source entrymh