version 1.210, 2012/02/27 03:06:37
|
version 1.215.2.13, 2014/06/16 05:51:15
|
Line 1
|
Line 1
|
## |
## |
## loncapa_apache.conf -- Apache HTTP LON-CAPA configuration file |
## loncapa_apache.conf -- Apache HTTP LON-CAPA configuration file |
## |
## |
## $Id$ |
|
## |
# $Id$ |
|
|
# |
# |
# LON-CAPA Section (extensions to httpd.conf daemon configuration) |
# LON-CAPA Section (extensions to httpd.conf daemon configuration) |
Line 18 Group www
|
Line 18 Group www
|
|
|
# ======================================================= Shared Object Modules |
# ======================================================= Shared Object Modules |
|
|
LoadModule perl_module modules/libperl.so |
<IfModule !perl_module> |
|
LoadModule perl_module modules/libperl.so |
|
</IfModule> |
<IfDefine !MODPERL2> |
<IfDefine !MODPERL2> |
AddModule mod_perl.c |
AddModule mod_perl.c |
</IfDefine> |
</IfDefine> |
Line 28 PerlSetVar MODPERL2 1
|
Line 30 PerlSetVar MODPERL2 1
|
</IfDefine> |
</IfDefine> |
# =============================================================== Miscellaneous |
# =============================================================== Miscellaneous |
|
|
ServerAdmin korte@lite.msu.edu |
ServerAdmin consortium@loncapa.org |
ExtendedStatus On |
ExtendedStatus On |
# |
# |
# LON-CAPA Section (extensions to srm.conf name space servicing) |
# LON-CAPA Section (extensions to srm.conf name space servicing) |
Line 40 Alias /prtspool/ /home/httpd/prtspool/
|
Line 42 Alias /prtspool/ /home/httpd/prtspool/
|
Alias /captchaspool/ /home/httpd/captchaspool/ |
Alias /captchaspool/ /home/httpd/captchaspool/ |
Alias /webdav/ /home/httpd/html/priv/ |
Alias /webdav/ /home/httpd/html/priv/ |
ScriptAlias /cgi-bin/ "/home/httpd/cgi-bin/" |
ScriptAlias /cgi-bin/ "/home/httpd/cgi-bin/" |
DAVLockDB /home/httpd/webdav/DAVLock |
<IfModule mod_dav_fs.c> |
|
DAVLockDB /home/httpd/webdav/DAVLock |
|
</IfModule> |
|
|
# ================================================================= Directories |
# ================================================================= Directories |
|
|
Line 52 PerlCleanupHandler Apache::lonacc::clean
|
Line 56 PerlCleanupHandler Apache::lonacc::clean
|
PerlAuthenHandler Apache::checkauthen |
PerlAuthenHandler Apache::checkauthen |
PerlSetVar lonOtherAuthen no |
PerlSetVar lonOtherAuthen no |
|
|
|
<IfModule mod_shib> |
|
PerlAuthenHandler Apache::lonshibauth |
|
PerlSetVar lonOtherAuthen yes |
|
PerlSetVar lonOtherAuthenType Shibboleth |
|
</IfModule> |
|
|
#PerlWarn On |
#PerlWarn On |
<LocationMatch "^/+res/adm/pages/[^/]+\.(gif|png)$"> |
<LocationMatch "^/+res/adm/pages/[^/]+\.(gif|png)$"> |
PerlAuthenHandler 'sub { return OK }' |
PerlAuthzHandler 'sub { return OK }' |
</LocationMatch> |
</LocationMatch> |
|
|
# Send proper expires header to avoid unnecessary HTTP request for static content |
# Send proper expires header to avoid unnecessary HTTP request for static content |
<LocationMatch "^(/adm/lonIcons|/adm/jQuery|/adm/jsMath|/res/adm/pages|/ckeditor)"> |
<LocationMatch "^(/adm/lonIcons|/adm/jQuery|/adm/jsMath|/res/adm/pages|/ckeditor|/adm/jpicker|/adm/countdown|/adm/spellchecker|/adm/nicescroll|/adm/MathJax)"> |
ExpiresActive On |
ExpiresActive On |
ExpiresDefault "access plus 12 hours" |
ExpiresDefault "access plus 12 hours" |
Header set Cache-Control "public, no-transform" |
Header set Cache-Control "public, no-transform" |
Line 272 ErrorDocument 500 /adm/errorhandler
|
Line 282 ErrorDocument 500 /adm/errorhandler
|
</LocationMatch> |
</LocationMatch> |
|
|
<LocationMatch "^/+webdav/[\w\-]+/[\w\-]+/"> |
<LocationMatch "^/+webdav/[\w\-]+/[\w\-]+/"> |
AuthType Basic |
<IfModule mod_dav.c> |
AuthName "LONCAPA username,domain" |
<IfModule mod_ssl.c> |
Require valid-user |
AuthType Basic |
SSLRequireSSL |
AuthName "LONCAPA username,domain" |
PerlAuthenHandler Apache::lonwebdavauth |
Require valid-user |
PerlAuthzHandler Apache::lonwebdavacc |
SSLRequireSSL |
Dav On |
PerlAuthenHandler Apache::lonwebdavauth |
DirectoryIndex index.missing |
PerlAuthzHandler Apache::lonwebdavacc |
Options Indexes FollowSymLinks |
Dav On |
ErrorDocument 403 /adm/nowebdav.html |
DirectoryIndex index.missing |
ErrorDocument 404 /adm/notfound.html |
Options Indexes FollowSymLinks |
ErrorDocument 406 /adm/unauthorized |
ErrorDocument 403 /adm/nowebdav.html |
ErrorDocument 500 /adm/errorhandler |
ErrorDocument 404 /adm/notfound.html |
|
ErrorDocument 406 /adm/unauthorized |
|
ErrorDocument 500 /adm/errorhandler |
|
</IfModule> |
|
<IfModule !mod_ssl.c> |
|
<IfModule mod_rewrite.c> |
|
RewriteEngine on |
|
RewriteRule .* http://%{HTTP_HOST}/adm/nowebdav.html [L] |
|
</IfModule> |
|
</IfModule> |
|
</IfModule> |
|
<IfModule !mod_dav.c> |
|
<IfModule mod_rewrite.c> |
|
RewriteEngine on |
|
RewriteRule .* http://%{HTTP_HOST}/adm/nowebdav.html [L] |
|
</IfModule> |
|
</IfModule> |
</LocationMatch> |
</LocationMatch> |
|
|
<LocationMatch "^/+raw.*"> |
<LocationMatch "^/+raw.*"> |
Line 390 ErrorDocument 413 /adm/overloaded.tx
|
Line 416 ErrorDocument 413 /adm/overloaded.tx
|
<LocationMatch "^/adm/bombs/"> |
<LocationMatch "^/adm/bombs/"> |
AuthType LONCAPA |
AuthType LONCAPA |
Require valid-user |
Require valid-user |
SetHandler perl-script |
|
PerlAuthzHandler Apache::lonacc |
PerlAuthzHandler Apache::lonacc |
|
SetHandler perl-script |
PerlHandler Apache::lonmeta |
PerlHandler Apache::lonmeta |
</LocationMatch> |
</LocationMatch> |
|
|
Line 485 ErrorDocument 403 /adm/login
|
Line 511 ErrorDocument 403 /adm/login
|
ErrorDocument 500 /adm/errorhandler |
ErrorDocument 500 /adm/errorhandler |
</Location> |
</Location> |
|
|
<Location /adm/indexcourse> |
|
AuthType LONCAPA |
|
Require valid-user |
|
PerlAuthzHandler Apache::lonacc |
|
SetHandler perl-script |
|
PerlHandler Apache::lonindexcourse |
|
ErrorDocument 403 /adm/login |
|
ErrorDocument 500 /adm/errorhandler |
|
</Location> |
|
|
|
<Location /adm/statistics> |
<Location /adm/statistics> |
AuthType LONCAPA |
AuthType LONCAPA |
Require valid-user |
Require valid-user |
Line 538 ErrorDocument 403 /adm/login
|
Line 554 ErrorDocument 403 /adm/login
|
ErrorDocument 500 /adm/errorhandler |
ErrorDocument 500 /adm/errorhandler |
</Location> |
</Location> |
|
|
<Location /adm/pickresource> |
<Location /adm/remote> |
AuthType LONCAPA |
AuthType LONCAPA |
Require valid-user |
Require valid-user |
PerlAuthzHandler Apache::lonacc |
PerlAuthzHandler Apache::lonacc |
SetHandler perl-script |
SetHandler perl-script |
PerlHandler Apache::lonpickresource |
PerlHandler Apache::lonremote |
ErrorDocument 403 /adm/login |
ErrorDocument 403 /adm/login |
ErrorDocument 500 /adm/errorhandler |
ErrorDocument 500 /adm/errorhandler |
</Location> |
</Location> |
Line 599 ErrorDocument 403 /adm/login
|
Line 615 ErrorDocument 403 /adm/login
|
ErrorDocument 500 /adm/errorhandler |
ErrorDocument 500 /adm/errorhandler |
</Location> |
</Location> |
|
|
|
<Location /adm/dependencies> |
|
AuthType LONCAPA |
|
Require valid-user |
|
PerlAuthzHandler Apache::lonacc |
|
SetHandler perl-script |
|
PerlHandler Apache::londependencies |
|
ErrorDocument 403 /adm/login |
|
ErrorDocument 406 /adm/roles |
|
ErrorDocument 500 /adm/errorhandler |
|
</Location> |
|
|
<Location /adm/login> |
<Location /adm/login> |
SetHandler perl-script |
SetHandler perl-script |
PerlHandler Apache::lonlogin |
PerlHandler Apache::lonlogin |
Line 608 PerlHandler Apache::lonlogin
|
Line 635 PerlHandler Apache::lonlogin
|
PerlAccessHandler Apache::publiccheck |
PerlAccessHandler Apache::publiccheck |
AuthType LONCAPA |
AuthType LONCAPA |
Require valid-user |
Require valid-user |
SetHandler perl-script |
|
PerlAuthzHandler Apache::lonacc |
PerlAuthzHandler Apache::lonacc |
|
SetHandler perl-script |
PerlHandler Apache::restrictedaccess |
PerlHandler Apache::restrictedaccess |
ErrorDocument 500 /adm/errorhandler |
ErrorDocument 500 /adm/errorhandler |
</Location> |
</Location> |
Line 618 ErrorDocument 500 /adm/errorhandler
|
Line 645 ErrorDocument 500 /adm/errorhandler
|
PerlAccessHandler Apache::publiccheck |
PerlAccessHandler Apache::publiccheck |
AuthType LONCAPA |
AuthType LONCAPA |
Require valid-user |
Require valid-user |
SetHandler perl-script |
|
PerlAuthzHandler Apache::lonacc |
PerlAuthzHandler Apache::lonacc |
|
SetHandler perl-script |
PerlHandler Apache::blockedaccess |
PerlHandler Apache::blockedaccess |
ErrorDocument 500 /adm/errorhandler |
ErrorDocument 500 /adm/errorhandler |
</Location> |
</Location> |
Line 655 SetHandler perl-script
|
Line 682 SetHandler perl-script
|
PerlHandler Apache::migrateuser |
PerlHandler Apache::migrateuser |
</Location> |
</Location> |
|
|
|
<Location /adm/sso> |
|
<IfModule mod_shib> |
|
AuthType shibboleth |
|
ShibUseEnvironment On |
|
ShibRequestSetting requireSession 1 |
|
ShibRequestSetting redirectToSSL 443 |
|
require valid-user |
|
PerlAuthzHandler Apache::lonshibacc |
|
PerlAuthzHandler Apache::lonacc |
|
</IfModule> |
|
<IfModule !mod_shib> |
|
PerlTypeHandler Apache::lonnoshib |
|
</IfModule> |
|
</Location> |
|
|
<Location /adm/annotations> |
<Location /adm/annotations> |
AuthType LONCAPA |
AuthType LONCAPA |
Require valid-user |
Require valid-user |
Line 1137 ErrorDocument 403 /adm/login
|
Line 1179 ErrorDocument 403 /adm/login
|
ErrorDocument 500 /adm/errorhandler |
ErrorDocument 500 /adm/errorhandler |
</Location> |
</Location> |
|
|
|
<Location /adm/extresedit> |
|
AuthType LONCAPA |
|
Require valid-user |
|
PerlAuthzHandler Apache::lonacc |
|
SetHandler perl-script |
|
PerlHandler Apache::lonextresedit |
|
ErrorDocument 403 /adm/login |
|
ErrorDocument 500 /adm/errorhandler |
|
</Location> |
|
|
<LocationMatch "^/adm/announcements"> |
<LocationMatch "^/adm/announcements"> |
AuthType LONCAPA |
AuthType LONCAPA |
Require valid-user |
Require valid-user |
Line 1261 SetHandler perl-script
|
Line 1313 SetHandler perl-script
|
PerlHandler Apache::lonwishlistdisplay |
PerlHandler Apache::lonwishlistdisplay |
ErrorDocument 403 /adm/login |
ErrorDocument 403 /adm/login |
ErrorDocument 406 /adm/roles |
ErrorDocument 406 /adm/roles |
ErrorDocument 500 /adm/errorhandler |
ErrorDocument 500 /adm/errorhandler |
</Location> |
</Location> |
|
|
<Location /adm/setblock> |
<Location /adm/setblock> |
Line 1323 PerlHandler Apache::lonsupportreq
|
Line 1375 PerlHandler Apache::lonsupportreq
|
ErrorDocument 500 /adm/errorhandler |
ErrorDocument 500 /adm/errorhandler |
</LocationMatch> |
</LocationMatch> |
|
|
<LocationMatch "^/adm/css"> |
<LocationMatch "^/adm/css/.*\.css$"> |
SetHandler perl-script |
SetHandler perl-script |
PerlHandler Apache::loncss |
PerlHandler Apache::loncss |
ErrorDocument 500 /adm/errorhandler |
ErrorDocument 500 /adm/errorhandler |
Line 1359 PerlHandler Apache::londns
|
Line 1411 PerlHandler Apache::londns
|
ErrorDocument 500 /adm/errorhandler |
ErrorDocument 500 /adm/errorhandler |
</LocationMatch> |
</LocationMatch> |
|
|
|
<LocationMatch "^/ajax/spellcheck"> |
|
SetHandler perl-script |
|
PerlHandler Apache::spellcheck |
|
</LocationMatch> |
|
|
|
|
|
|
# ------------------------------------------------- Backdoor Adm Tests/Programs |
# ------------------------------------------------- Backdoor Adm Tests/Programs |
|
|
<Location /adm/test> |
<Location /adm/test> |
Line 1381 PerlChildExitHandler Apache::lonacc::goo
|
Line 1440 PerlChildExitHandler Apache::lonacc::goo
|
<Directory /> |
<Directory /> |
Options None |
Options None |
AllowOverride None |
AllowOverride None |
order deny,allow |
<IfModule mod_authz_core.c> |
deny from all |
Require all denied |
|
</IfModule> |
|
<IfModule !mod_authz_core.c> |
|
order deny,allow |
|
deny from all |
|
</IfModule> |
</Directory> |
</Directory> |
|
|
# Allow uploaded files to be served |
# Allow uploaded files to be served |
Line 1390 deny from all
|
Line 1454 deny from all
|
<Directory "/home/httpd/lonUsers"> |
<Directory "/home/httpd/lonUsers"> |
Options Includes FollowSymLinks |
Options Includes FollowSymLinks |
AllowOverride None |
AllowOverride None |
order allow,deny |
<IfModule mod_authz_core.c> |
allow from all |
Require all granted |
|
</IfModule> |
|
<IfModule !mod_authz_core.c> |
|
order allow,deny |
|
allow from all |
|
</IfModule> |
</Directory> |
</Directory> |
|
|
# Allow construction space files to be served |
# Allow construction space files to be served |
Line 1399 allow from all
|
Line 1468 allow from all
|
<Directory "/home/*/public_html/" > |
<Directory "/home/*/public_html/" > |
Options Includes FollowSymLinks |
Options Includes FollowSymLinks |
AllowOverride |
AllowOverride |
order allow,deny |
<IfModule mod_authz_core.c> |
allow from all |
Require all granted |
|
</IfModule> |
|
<IfModule !mod_authz_core.c> |
|
order allow,deny |
|
allow from all |
|
</IfModule> |
</Directory> |
</Directory> |
|
|
# Yes to symbolic links and server-side includes |
# Yes to symbolic links and server-side includes |
Line 1408 allow from all
|
Line 1482 allow from all
|
<Directory /home/httpd/html> |
<Directory /home/httpd/html> |
Options Includes FollowSymLinks |
Options Includes FollowSymLinks |
AllowOverride None |
AllowOverride None |
order allow,deny |
<IfModule mod_authz_core.c> |
allow from all |
Require all granted |
|
</IfModule> |
|
<IfModule !mod_authz_core.c> |
|
order allow,deny |
|
allow from all |
|
</IfModule> |
</Directory> |
</Directory> |
|
|
# If it is in cgi-bin, then it can be executed as a CGI script. |
# If it is in cgi-bin, then it can be executed as a CGI script. |
Line 1417 allow from all
|
Line 1496 allow from all
|
<Directory /home/httpd/cgi-bin> |
<Directory /home/httpd/cgi-bin> |
AllowOverride None |
AllowOverride None |
Options ExecCGI FollowSymLinks |
Options ExecCGI FollowSymLinks |
order allow,deny |
<IfModule mod_authz_core.c> |
allow from all |
Require all granted |
|
</IfModule> |
|
<IfModule !mod_authz_core.c> |
|
order allow,deny |
|
allow from all |
|
</IfModule> |
</Directory> |
</Directory> |
|
|
# Allow serving of files in prtspool |
# Allow serving of files in prtspool |
Line 1426 allow from all
|
Line 1510 allow from all
|
<Directory "/home/httpd/prtspool/"> |
<Directory "/home/httpd/prtspool/"> |
Options Includes FollowSymLinks |
Options Includes FollowSymLinks |
AllowOverride None |
AllowOverride None |
order allow,deny |
<IfModule mod_authz_core.c> |
allow from all |
Require all granted |
|
</IfModule> |
|
<IfModule !mod_authz_core.c> |
|
order allow,deny |
|
allow from all |
|
</IfModule> |
</Directory> |
</Directory> |
|
|
# Allow serving of files in zipspool |
# Allow serving of files in zipspool |
Line 1435 allow from all
|
Line 1524 allow from all
|
<Directory "/home/httpd/zipspool/"> |
<Directory "/home/httpd/zipspool/"> |
Options Includes FollowSymLinks |
Options Includes FollowSymLinks |
AllowOverride None |
AllowOverride None |
order allow,deny |
<IfModule mod_authz_core.c> |
allow from all |
Require all granted |
|
</IfModule> |
|
<IfModule !mod_authz_core.c> |
|
order allow,deny |
|
allow from all |
|
</IfModule> |
</Directory> |
</Directory> |
|
|
# Allow serving of files in captchaspool |
# Allow serving of files in captchaspool |
Line 1444 allow from all
|
Line 1538 allow from all
|
<Directory "/home/httpd/captchaspool/"> |
<Directory "/home/httpd/captchaspool/"> |
Options Includes FollowSymLinks |
Options Includes FollowSymLinks |
AllowOverride None |
AllowOverride None |
order allow,deny |
<IfModule mod_authz_core.c> |
allow from all |
Require all granted |
|
</IfModule> |
|
<IfModule !mod_authz_core.c> |
|
order allow,deny |
|
allow from all |
|
</IfModule> |
</Directory> |
</Directory> |
|
|
|
<DirectoryMatch "^/home/httpd/html/priv/.+/"> |
|
DirectoryIndex disabled |
|
</DirectoryMatch> |
|
|
# ============================================================= Access Handlers |
# ============================================================= Access Handlers |
|
|
# ------------------------------------------------- Allow server-status reports |
# ------------------------------------------------- Allow server-status reports |
Line 1466 ErrorDocument 500 /adm/errorhandler
|
Line 1569 ErrorDocument 500 /adm/errorhandler
|
# ------------------- Allow access to local system documentation from localhost |
# ------------------- Allow access to local system documentation from localhost |
Alias /doc /usr/doc |
Alias /doc /usr/doc |
<Directory /usr/doc> |
<Directory /usr/doc> |
order deny,allow |
|
deny from all |
|
allow from localhost |
|
Options Indexes FollowSymLinks |
Options Indexes FollowSymLinks |
|
<IfModule mod_authz_host.c> |
|
Require local |
|
</IfModule> |
|
<IfModule !mod_authz_host.c> |
|
order deny,allow |
|
deny from all |
|
allow from localhost |
|
</IfModule> |
</Directory> |
</Directory> |
|
|
# ******** THESE "SHOULD" NEVER BE ALTERED BY THE USER ************************ |
# ******** THESE "SHOULD" NEVER BE ALTERED BY THE USER ************************ |
Line 1482 PerlSetVar lonTabDir /home/http
|
Line 1590 PerlSetVar lonTabDir /home/http
|
PerlSetVar lonUsersDir /home/httpd/lonUsers |
PerlSetVar lonUsersDir /home/httpd/lonUsers |
PerlSetVar lonIconsURL /adm/lonIcons |
PerlSetVar lonIconsURL /adm/lonIcons |
PerlSetVar londPort 5663 |
PerlSetVar londPort 5663 |
PerlSetVar lonSysEMail korte@lite.msu.edu |
PerlSetVar lonSysEMail techsupport@loncapa.org |
PerlSetVar lonDaemons /home/httpd/perl |
PerlSetVar lonDaemons /home/httpd/perl |
PerlSetVar lonLib /home/httpd/lib |
PerlSetVar lonLib /home/httpd/lib |
PerlSetVar lonSockDir /home/httpd/sockets |
PerlSetVar lonSockDir /home/httpd/sockets |
Line 1494 PerlSetVar lonZipDir /home/http
|
Line 1602 PerlSetVar lonZipDir /home/http
|
PerlSetVar lonCaptchaDir /home/httpd/captchaspool |
PerlSetVar lonCaptchaDir /home/httpd/captchaspool |
PerlSetVar lonCaptchaDb /home/httpd/captchadb |
PerlSetVar lonCaptchaDb /home/httpd/captchadb |
PerlSetVar lonFontsDir /home/httpd/html/adm/fonts |
PerlSetVar lonFontsDir /home/httpd/html/adm/fonts |
# & separated list of : separated fields in order of |
# & separated list of % separated fields in order of |
# - internal name to call it, |
# - internal name to call it, |
# - regexp that it should match (done case-insensitively) |
# - regexp that it should match (done case-insensitively) |
# - regexp that is should not match (done case-insensitively) |
# - regexp that is should not match (done case-insensitively) |
Line 1502 PerlSetVar lonFontsDir /home/h
|
Line 1610 PerlSetVar lonFontsDir /home/h
|
# - a number that describes the minimum version that has mathml support |
# - a number that describes the minimum version that has mathml support |
# - a number that describes the minimum number version that has unicode support |
# - a number that describes the minimum number version that has unicode support |
|
|
PerlSetVar lonBrowsDet explorer:msie:netscape:msie\s(\d+\.\d+)\;:9999:5&mozilla:mozilla\/[5-9]:msie:mozilla\/(\d+\.\d+)\s:9999:1&netscape:netscape:msie:netscape\/(\d+\.\d+):9999:7&netscape:netscape\/[7-9]:shouldnotmatch:netscape\/(\d+\.\d+):9999:7&amaya:amaya:mozilla:V(\d+\.\d+)\s:1:1&safari:safari:msie:safari\/([\d\.]+):9999:84 |
PerlSetVar lonBrowsDet explorer%msie%netscape%msie\s(\d+\.\d+)\;%9999%5&mozilla%mozilla\/[5-9]%msie%mozilla\/(\d+\.\d+)\s%9999%1&netscape%netscape%msie%netscape\/(\d+\.\d+)%9999%7&netscape%netscape\/[7-9]%shouldnotmatch%netscape\/(\d+\.\d+)%9999%7&amaya%amaya%mozilla%V(\d+\.\d+)\s%1%1&safari%safari%msie%safari\/([\d\.]+)%9999%84&chrome%chrome%chromeframe%\s+chrome\/(\d+\.\d+)%9999%1&explorer%\s+rv\:\d+\.\d+%firefox%\s+rv\:(\d+\.\d+)%9999%5 |
|
|
PerlSetVar lonTextBrowsers windows\s+ce:lynx |
PerlSetVar lonTextBrowsers windows\s+ce:lynx |
PerlSetVar lonScansDir /home/httpd/scantron |
PerlSetVar lonScansDir /home/httpd/scantron |