build:apache
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
build:apache [2008/06/27 16:35] 151.145.238.91 Suggest some ways to filter out nasty HTTP requests. (CMB) |
build:apache [2009/03/03 16:02] (current) 151.145.245.20 Add separate default site. (CMB) |
||
|---|---|---|---|
| Line 99: | Line 99: | ||
| </code> | </code> | ||
| + | |||
| + | ==== Default Site ==== | ||
| + | |||
| + | The default site is a "catch-all" that will serve any site that doesn't have a domain name specified in a site config file. | ||
| + | We've set this up to deny all requests, since we were getting a lot of attacks trying to use the server as a proxy to other sites. | ||
| + | (Some attempts even had "proxy_test_referer" in the Referer field.) | ||
| + | |||
| + | Edit ''/etc/apache2/sites-available/000-default'': | ||
| + | <file> | ||
| + | NameVirtualHost * | ||
| + | <VirtualHost *> | ||
| + | # Minimize logging of this junk. | ||
| + | #CustomLog /dev/null "" | ||
| + | #ErrorLog /dev/null | ||
| + | CustomLog /var/log/apache2/attack.log combined | ||
| + | ErrorLog /var/log/apache2/attack_error.log | ||
| + | LogLevel emerg | ||
| + | |||
| + | # Don't allow access to anything, causing a 403 error message for any request. | ||
| + | ErrorDocument 403 "Site does not exist on this server!" | ||
| + | <Location /> | ||
| + | Order allow,deny | ||
| + | Deny from all | ||
| + | </Location> | ||
| + | </VirtualHost> | ||
| + | </file> | ||
| + | |||
| + | <code rootshell> | ||
| + | a2ensite 000-default | ||
| + | </code> | ||
| ==== Main SLUUG Site ==== | ==== Main SLUUG Site ==== | ||
| Line 108: | Line 138: | ||
| </code> | </code> | ||
| - | Edit ''<nowiki>/etc/apache2/sites-available/000-www.sluug.org</nowiki>'': | + | Edit ''<nowiki>/etc/apache2/sites-available/www.sluug.org</nowiki>'': |
| <file> | <file> | ||
| - | NameVirtualHost * | ||
| <VirtualHost *> | <VirtualHost *> | ||
| ServerName www.sluug.org | ServerName www.sluug.org | ||
| Line 119: | Line 148: | ||
| <Directory /home/web/www.sluug.org/public> | <Directory /home/web/www.sluug.org/public> | ||
| AllowOverride All | AllowOverride All | ||
| - | Options Indexes FollowSymLinks MultiViews IncludesNoExec | + | Options FollowSymLinks MultiViews IncludesNoExec |
| DirectoryIndex index.shtml index.html | DirectoryIndex index.shtml index.html | ||
| Order allow,deny | Order allow,deny | ||
| Line 132: | Line 161: | ||
| <code rootshell> | <code rootshell> | ||
| - | a2ensite 000-www.sluug.org | + | a2ensite www.sluug.org |
| </code> | </code> | ||
| Line 150: | Line 179: | ||
| <Directory /home/web/wiki.sluug.org> | <Directory /home/web/wiki.sluug.org> | ||
| AllowOverride All | AllowOverride All | ||
| - | Options Indexes FollowSymLinks MultiViews | + | Options FollowSymLinks MultiViews |
| Order allow,deny | Order allow,deny | ||
| Allow from all | Allow from all | ||
| Line 184: | Line 213: | ||
| <Directory /home/web/stllug.sluug.org/public> | <Directory /home/web/stllug.sluug.org/public> | ||
| AllowOverride All | AllowOverride All | ||
| - | Options Indexes FollowSymLinks MultiViews | + | Options FollowSymLinks MultiViews |
| Order allow,deny | Order allow,deny | ||
| Allow from all | Allow from all | ||
| Line 216: | Line 245: | ||
| <Directory /home/web/hzwlug.sluug.org> | <Directory /home/web/hzwlug.sluug.org> | ||
| AllowOverride All | AllowOverride All | ||
| - | Options Indexes FollowSymLinks MultiViews | + | Options FollowSymLinks MultiViews |
| Order allow,deny | Order allow,deny | ||
| Allow from all | Allow from all | ||
| Line 245: | Line 274: | ||
| <Directory /home/web/stclug.sluug.org> | <Directory /home/web/stclug.sluug.org> | ||
| AllowOverride All | AllowOverride All | ||
| - | Options Indexes FollowSymLinks MultiViews | + | Options FollowSymLinks MultiViews |
| Order allow,deny | Order allow,deny | ||
| Allow from all | Allow from all | ||
| Line 274: | Line 303: | ||
| <Directory /home/web/security.sluug.org> | <Directory /home/web/security.sluug.org> | ||
| AllowOverride All | AllowOverride All | ||
| - | Options Indexes FollowSymLinks MultiViews | + | Options FollowSymLinks MultiViews |
| Order allow,deny | Order allow,deny | ||
| Allow from all | Allow from all | ||
| Line 302: | Line 331: | ||
| <Directory /home/web/solaris.sluug.org> | <Directory /home/web/solaris.sluug.org> | ||
| AllowOverride All | AllowOverride All | ||
| - | Options Indexes FollowSymLinks MultiViews | + | Options FollowSymLinks MultiViews |
| Order allow,deny | Order allow,deny | ||
| Allow from all | Allow from all | ||
| Line 312: | Line 341: | ||
| a2ensite solaris.sluug.org | a2ensite solaris.sluug.org | ||
| </code> | </code> | ||
| + | |||
| Line 332: | Line 362: | ||
| <Directory /home/web/slacc.sluug.org> | <Directory /home/web/slacc.sluug.org> | ||
| AllowOverride All | AllowOverride All | ||
| - | Options Indexes FollowSymLinks MultiViews | + | Options FollowSymLinks MultiViews |
| Order allow,deny | Order allow,deny | ||
| Allow from all | Allow from all | ||
| Line 363: | Line 393: | ||
| <Directory /home/web/snug.sluug.org> | <Directory /home/web/snug.sluug.org> | ||
| AllowOverride All | AllowOverride All | ||
| - | Options Indexes FollowSymLinks MultiViews | + | Options FollowSymLinks MultiViews |
| Order allow,deny | Order allow,deny | ||
| Allow from all | Allow from all | ||
| Line 372: | Line 402: | ||
| <code rootshell> | <code rootshell> | ||
| a2ensite snug.sluug.org | a2ensite snug.sluug.org | ||
| + | </code> | ||
| + | |||
| + | |||
| + | ==== Webmail Site ==== | ||
| + | |||
| + | <code rootshell> | ||
| + | mkdir /var/www/webmail.sluug.org | ||
| + | chown -R www-data:www-data /var/www/webmail.sluug.org | ||
| + | chmod g+s /var/www/webmail.sluug.org | ||
| + | </code> | ||
| + | |||
| + | Edit ''/etc/apache2/sites-available/webmail.sluug.org'': | ||
| + | <file> | ||
| + | <VirtualHost *> | ||
| + | ServerName webmail.sluug.org | ||
| + | ServerAlias mail.sluug.org | ||
| + | UseCanonicalName On | ||
| + | DocumentRoot /var/www/webmail.sluug.org/public | ||
| + | <Directory /var/www/webmail.sluug.org/public> | ||
| + | AllowOverride All | ||
| + | Options FollowSymLinks MultiViews | ||
| + | Order allow,deny | ||
| + | Allow from all | ||
| + | </Directory> | ||
| + | </VirtualHost> | ||
| + | </file> | ||
| + | |||
| + | <code rootshell> | ||
| + | a2ensite webmail.sluug.org | ||
| </code> | </code> | ||
| Line 391: | Line 450: | ||
| <Directory /home/web/test.sluug.org/public> | <Directory /home/web/test.sluug.org/public> | ||
| AllowOverride All | AllowOverride All | ||
| - | Options Indexes FollowSymLinks MultiViews | + | Options FollowSymLinks MultiViews |
| Order allow,deny | Order allow,deny | ||
| Allow from all | Allow from all | ||
| Line 449: | Line 508: | ||
| <Directory /home/booch/web/blog.craigbuchek.com> | <Directory /home/booch/web/blog.craigbuchek.com> | ||
| AllowOverride All | AllowOverride All | ||
| - | Options Indexes FollowSymLinks MultiViews | + | Options FollowSymLinks MultiViews |
| Order allow,deny | Order allow,deny | ||
| Allow from all | Allow from all | ||
build/apache.1214602544.txt.gz ยท Last modified: 2008/06/27 16:35 (external edit)
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
