# <%= servername %>
<%- if run_mode.to_s =~ /(proxy\-|static\-)itk/ -%>
<%- end -%>
<%- unless ssl_mode.to_s == 'only' then -%>
<%= scope.function_template('apache/vhosts/partials/header_default.erb') %>
<%= scope.function_template('apache/vhosts/partials/logs.erb') %>
<%- if ssl_mode.to_s == 'force' then -%>
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule (.*) https://%{SERVER_NAME}$1 [R=permanent,L]
<%- end -%>
# silverstripe
RedirectMatch /admin(.*) https://<%= servername %>/admin$1
RedirectMatch /Security(.*) https://<%= servername %>/Security$1
<%- if run_mode.to_s =~ /(proxy\-|static\-)?itk/ -%>
AssignUserId <%= run_uid+" "+run_gid %>
<%- end -%>
<%- if not ssl_mode.to_s == 'force' then -%>
/">
AllowOverride <%= allow_override %>
<%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
<%- end -%>
<%= scope.function_template('apache/vhosts/partials/authentication.erb') %>
php_admin_flag engine on
<%- unless php_default_charset.to_s == 'absent' then -%>
php_admin_value default_charset <%= php_default_charset %>
<%- end -%>
php_admin_value open_basedir <%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %>
php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %>
php_admin_value session.save_path <%= real_php_session_save_path %>
<%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%>
php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %>
<%- end -%>
# silverstripe .htaccess
Order deny,allow
Deny from all
#Allow from 127.0.0.1
RewriteEngine On
#RewriteBase /
RewriteCond %{REQUEST_URI} !(\.gif$)|(\.jpg$)|(\.png$)|(\.css$)|(\.js$)
RewriteCond %{REQUEST_URI} ^(.*)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .* sapphire/main.php?url=%1&%{QUERY_STRING} [L]
<%- end -%>
<%- unless run_mode.to_s =~ /(proxy\-|static\-)itk/ -%>
<%= scope.function_template('apache/vhosts/partials/mod_security.erb') %>
<%- end -%>
<%- unless additional_options.to_s == 'absent' then -%>
<%= additional_options %>
<%- end -%>
<%- end -%>
<%- unless ssl_mode.to_s == 'false' then -%>
Include include.d/defaults.inc
<% scope.unsetvar('vhost_part')
scope.setvar('vhost_part',:ssl) -%>
<%= scope.function_template('apache/vhosts/partials/header_default.erb') %>
<% scope.unsetvar('vhost_part') -%>
<%= scope.function_template('apache/vhosts/partials/logs.erb') %>
<%- if run_mode.to_s =~ /(proxy\-|static\-)?itk/ -%>
AssignUserId <%= run_uid+" "+run_gid %>
<%- end -%>
/">
AllowOverride <%= allow_override %>
<%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
<%- end -%>
<%= scope.function_template('apache/vhosts/partials/authentication.erb') %>
php_admin_flag engine on
<%- unless php_default_charset.to_s == 'absent' then -%>
php_admin_value default_charset <%= php_default_charset %>
<%- end -%>
php_admin_value open_basedir <%= documentroot %>:<%= real_php_upload_tmp_dir %>:<%= real_php_session_save_path %>
php_admin_value upload_tmp_dir <%= real_php_upload_tmp_dir %>
php_admin_value session.save_path <%= real_php_session_save_path %>
<%- unless php_safe_mode_exec_bins.to_s == 'absent' then -%>
php_admin_value safe_mode_exec_dir <%= real_php_safe_mode_exec_bin_dir %>
<%- end -%>
# turn allow_url_fopen on for the extension manager fetch
php_admin_value allow_url_fopen On
# silverstripe .htaccess
Order deny,allow
Deny from all
#Allow from 127.0.0.1
RewriteEngine On
#RewriteBase /
RewriteCond %{REQUEST_URI} !(\.gif$)|(\.jpg$)|(\.png$)|(\.css$)|(\.js$)
RewriteCond %{REQUEST_URI} ^(.*)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .* sapphire/main.php?url=%1&%{QUERY_STRING} [L]
<%- unless run_mode.to_s =~ /(proxy\-|static\-)itk/ -%>
<%= scope.function_template('apache/vhosts/partials/mod_security.erb') %>
<%- end -%>
<%- unless additional_options.to_s == 'absent' then -%>
<%= additional_options %>
<%- end -%>
<%- end -%>
<%- if run_mode.to_s =~ /(proxy\-|static\-)itk/ -%>
<%- unless ssl_mode.to_s == 'only' then -%>
<%= scope.function_template('apache/vhosts/partials/header_default.erb') %>
DirectoryIndex index.htm index.html index.php
<%= scope.function_template('apache/vhosts/partials/logs.erb') %>
ProxyPreserveHost On
ProxyRequests off
<%- if run_mode.to_s == 'static-itk' -%>
ProxyPassMatch ^/(.*\.php/?.*)$ http://127.0.0.1/$1
<%- else -%>
ProxyPass / http://127.0.0.1/
<%- end -%>
ProxyPassReverse / http://127.0.0.1/
<%- if ssl_mode.to_s == 'force' then -%>
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule (.*) https://%{SERVER_NAME}$1 [R=permanent,L]
<%- end -%>
# silverstripe
RedirectMatch /admin(.*) https://<%= servername %>/admin$1
RedirectMatch /Security(.*) https://<%= servername %>/Security$1
<%- if run_mode.to_s == 'static-itk' then -%>
<%- if not ssl_mode.to_s == 'force' then -%>
/">
AllowOverride <%= allow_override %>
<%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
<%- end -%>
<%= scope.function_template('apache/vhosts/partials/authentication.erb') %>
# silverstripe .htaccess
Order deny,allow
Deny from all
#Allow from 127.0.0.1
RewriteEngine On
#RewriteBase /
RewriteCond %{REQUEST_URI} !(\.gif$)|(\.jpg$)|(\.png$)|(\.css$)|(\.js$)
RewriteCond %{REQUEST_URI} ^(.*)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .* sapphire/main.php?url=%1&%{QUERY_STRING} [L]
<%- end -%>
<%- end -%>
<%= scope.function_template('apache/vhosts/partials/mod_security.erb') %>
<%- unless additional_options.to_s == 'absent' then -%>
<%= additional_options %>
<%- end -%>
<%- end -%>
<%- unless ssl_mode.to_s == 'false' then -%>
<% scope.unsetvar('vhost_part')
scope.setvar('vhost_part',:ssl) -%>
<%= scope.function_template('apache/vhosts/partials/header_default.erb') %>
<% scope.unsetvar('vhost_part') -%>
DirectoryIndex index.htm index.html index.php
<%= scope.function_template('apache/vhosts/partials/logs.erb') %>
ProxyPreserveHost On
ProxyRequests off
SSLProxyEngine On
<%- if run_mode.to_s == 'static-itk' -%>
ProxyPassMatch ^/(.*\.php/?.*)$ https://127.0.0.1/$1
<%- else -%>
ProxyPass / https://127.0.0.1/
<%- end -%>
ProxyPassReverse / https://127.0.0.1/
<%- if run_mode.to_s == 'static-itk' -%>
/">
AllowOverride <%= allow_override %>
<%- if options.to_s != 'absent' or do_includes.to_s == 'true' then -%>
Options <%- unless options.to_s == 'absent' then -%><%= options %><%- end -%><%- if do_includes.to_s == 'true' and not options.include?('+Includes') then -%> +Includes<%- end -%>
<%- end -%>
<%= scope.function_template('apache/vhosts/partials/authentication.erb') %>
# silverstripe .htaccess
Order deny,allow
Deny from all
#Allow from 127.0.0.1
RewriteEngine On
#RewriteBase /
RewriteCond %{REQUEST_URI} !(\.gif$)|(\.jpg$)|(\.png$)|(\.css$)|(\.js$)
RewriteCond %{REQUEST_URI} ^(.*)$
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule .* sapphire/main.php?url=%1&%{QUERY_STRING} [L]
<%- end -%>
<%= scope.function_template('apache/vhosts/partials/mod_security.erb') %>
<%- unless additional_options.to_s == 'absent' then -%>
<%= additional_options %>
<%- end -%>
<%- end -%>
<%- end -%>