Отпечатай - леко затруднени с proftpd

Титла: леко затруднени с proftpd
Публикувано от: erest в Jun 04, 2007, 18:11

та инсталирах си proftpd и работи си уш

ама не схаванах с каква парола да се логна :/ и как мога да му променя работната деректория да е в /var/www

ако може и да ми кажете как мога да добавам и други потребители

... ето така ми исглежда
/etc/proftpd/proftpd.conf

Примерен код

#
# /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file.
# To really apply changes reload proftpd after modifications.
#

# Includes DSO modules
Include /etc/proftpd/modules.conf

# Set off to disable IPv6 support which is annoying on IPv4 only boxes.
UseIPv6            on

ServerName         "Debian"
ServerType         standalone
DeferWelcome         off

MultilineRFC2228      on
DefaultServer         on
ShowSymlinks         on

TimeoutNoTransfer      600
TimeoutStalled         600
TimeoutIdle         1200

DisplayLogin welcome.msg
DisplayFirstChdir .message
ListOptions     "-l"

DenyFilter         \*.*/

# Use this to jail all users in their homes
# DefaultRoot         ~

# Users require a valid shell listed in /etc/shells to login.
# Use this directive to release that constrain.
# RequireValidShells      off

# Port 21 is the standard FTP port.
Port            21

# In some cases you have to specify passive ports range to by-pass
# firewall limitations. Ephemeral ports can be used for that, but
# feel free to use a more narrow range.
# PassivePorts 49152 65534

# If your host was NATted, this option is useful in order to
# allow passive tranfers to work. You have to use your public
# address and opening the passive ports used on your firewall as well.
# MasqueradeAddress      1.2.3.4

# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances         30

# Set the user and group that the server normally runs at.
User            proftpd
Group            nogroup

# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask            022 022
# Normally, we want files to be overwriteable.
AllowOverwrite         on

# Uncomment this if you are using NIS or LDAP to retrieve passwords:
# PersistentPasswd      off

# Be warned: use of this directive impacts CPU average load!
# Uncomment this if you like to see progress and transfer rate with ftpwho
# in downloads. That is not needed for uploads rates.
#
# UseSendFile         off

# Choose a SQL backend among MySQL or PostgreSQL.
# Both modules are loaded in default configuration, so you have to specify the backend
# or comment out the unused module in /etc/proftpd/modules.conf.
# Use 'mysql' or 'postgres' as possible values.
#
#<IfModule mod_sql.c>
# SQLBackend         mysql
#</IfModule>

TransferLog /var/log/proftpd/xferlog
SystemLog /var/log/proftpd/proftpd.log

<IfModule mod_tls.c>
TLSEngine off
</IfModule>

<IfModule mod_quota.c>
QuotaEngine on
</IfModule>

<IfModule mod_ratio.c>
Ratios on
</IfModule>

# Delay engine reduces impact of the so-called Timing Attack described in
# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
# It is on by default.
<IfModule mod_delay.c>
DelayEngine on
</IfModule>

<IfModule mod_ctrls.c>
ControlsEngine on
ControlsMaxClients 2
ControlsLog /var/log/proftpd/controls.log
ControlsInterval 5
ControlsSocket /var/run/proftpd/proftpd.sock
</IfModule>

<IfModule mod_ctrls_admin.c>
AdminControlsEngine on
</IfModule>

# A basic anonymous configuration, no upload directories.

# <Anonymous ~ftp>
# User            ftp
# Group            nogroup
# # We want clients to be able to login with "anonymous" as well as "ftp"
# UserAlias         anonymous ftp
# # Cosmetic changes, all files belongs to ftp user
# DirFakeUser   on ftp
# DirFakeGroup on ftp
#
# RequireValidShell      off
#
# # Limit the maximum number of anonymous logins
# MaxClients         10
#
# # We want 'welcome.msg' displayed at login, and '.message' displayed
# # in each newly chdired directory.
# DisplayLogin         welcome.msg
# DisplayFirstChdir      .message
#
# # Limit WRITE everywhere in the anonymous chroot
# <Directory *>
# <Limit WRITE>
# DenyAll
# </Limit>
# </Directory>
#
# # Uncomment this if you're brave.
# # <Directory incoming>
# # # Umask 022 is a good standard umask to prevent new files and dirs
# # # (second parm) from being group and world writable.
# # Umask            022 022
# # <Limit READ WRITE>
# # DenyAll
# # </Limit>
# # <Limit STOR>
# # AllowAll
# # </Limit>
# # </Directory>
#
# </Anonymous>

ам аз съм с кубунту
аз съм още много "зелен" с линикситеи ако може по разбираемо да ми обясните

Благодаря

Титла: леко затруднени с proftpd
Публикувано от: neter в Jun 04, 2007, 21:02

Така, както ти е настроен ProFTPd, ще използва реални потребители (какъвто е твоя потребител, с който влизаш в системата). Други възможности откъм настройка са използване на *SQL и LDAP потребители, но щом още си зелен, трябва да почетеш преди това, за да мога да ти ги обясня. Реални потребители можеш да добавяш по няколко начина. Можеш да използваш графичния инструмент сред настройките на Kubuntu (него няма да ти го обяснявам, ще си го разцъкаш, следва. Можеш да използваш и конзолния инструмент adduser във формат

Примерен код

adduser --home /еди/коя/си/папка --ingroup група потребител

Тъй като в настройките си описал група nogroup, хубаво е потребителя да бъде в същата група nogroup. Домашната му папка може да бъде където и да е из системата, но трябва да я направиш с права за четене и писане от съответния потребител или група, а може и двете. Ето един пример (превключи на root):
1. Създаваме папка /potrebiteli/pesho
mkdir /potrebiteli/pesho
2. Създаваме потребителя pesho
adduser --home /potrebiteli/pesho --ingroup nogroup pesho
3. Задаваме съответните собственици и права за папката
chown pesho:nogroup /potrebiteli/pesho
chmod 664 /potrebiteli/pesho
При така зададени права, потребител pesho и група nogroup ще притежават папката, а чрез втората команда задаваме pesho и потребителите от nogroup да могат да четат и пишат от папката, а други да могат само да четат.
Готов си с единия потребител. Вече можеш да влезеш през ftp в неговата папка като използваш зададените потребител и парола. Добави ред
DefaultRoot ~
в proftpd.conf, за да ограничиш потребителите да могат да ползват само собствените си папки. Ако е нужно, можеш да зададеш и един анонимен потребител, чрез който да могат да се разглеждат файловете. Добави подобно нещо в proftpd.conf

Примерен код

<Anonymous /var/www>
   User ftp
   Group ftp
   UserAlias anonymous ftp
   MaxClients 10
   <Limit WRITE>
   DenyAll
   </Limit>
</Anonymous>

Създай потребителя и групата ftp с последователни команди в конзола като root:
addgroup ftp
adduser --no-create-home --ingroup --disabled-password ftp ftp

Общо взето за това се сещам сега да те упътя. Ако имаш още някакви неясноти или съм пропуснал нещо, пиши пак

Титла: леко затруднени с proftpd
Публикувано от: erest в Jun 04, 2007, 22:06

та сега по ми е важно да се логна там основни, роот или както там е потребител за да мога да да кашам в /var/www къде съм си сложел сайт, форуми ...

не разбрах с кои потребител да се логна :/ с тоя дето влизам в phpmyadmin ?

Титла: леко затруднени с proftpd
Публикувано от: neter в Jun 04, 2007, 23:12

Не. Потребителят, с който влизаш в phpmyadmin си е mysql потребител. Ако системния ти потребител е erest, то тогава можеш да влезеш с потребител erest и неговата си парола, но това ще те отведе в /home/erest. Ето защо трябва да направиш нов потребител, домашната папка на който е /var/www с командата

Примерен код

adduser --home /var/www --ingroup nogroup pesho

В този ред промени само "pesho", ако се налага

Това ще е потребителя, който ще създадеш. След тази команда, отговаряш на зададените въпроси и ето, че вече имаш потребител, с който да влезеш във /var/www. Не забравяй да сложиш реда

Примерен код

DefaultRoot ~

нищо че за момента не е чак толкова важен.
Не е препоръчително да се използва root за директно влизане по какъвто и да е начин в системата. Имай го впредвид, когато в бъдеще настройваш системата си.

Титла: леко затруднени с proftpd
Публикувано от: erest в Jun 05, 2007, 18:42

направих си потребител за в /var/www но не мога да трия нито за създавам директории :/ изкара ми такова съобщение

Цитат

Could not delete file /var/www/forum/avatars/blank.gif.

Цитат

Could not make folder /var/www/forum/New Folder.

Титла: леко затруднени с proftpd
Публикувано от: neter в Jun 05, 2007, 19:10

Явно правата на папката /var/www не са подходящо зададени. Изпълни

Примерен код

chmod 664 /var/www -R

пък да се надяваме, че apache също ти е настроен с група nogroup. Всъщност, я ми покажи и твоя apache.conf файл.

Титла: леко затруднени с proftpd
Публикувано от: erest в Jun 06, 2007, 11:10

ето така ми изглежда /etc/apache2/apache2.conf

Примерен код

Титла: леко затруднени с proftpd
Публикувано от: erest в Jun 07, 2007, 00:31

азм оравих се с това

с риск да стана прекалено нагал, само да пипитам
как мога да речем в директорията /home/erest/ftp имам потребители, как мога да направя анонимос или как е там кото само да може да гледа без да променя съдржанието ?
и как може да премахвам потребите или да им променям прарилите ?

neter благодаря ти много за помоща

Титла: леко затруднени с proftpd
Публикувано от: edmon в Jun 07, 2007, 00:50

абе тва е дебиан бре

сложи парола на www-data
и влизаш с него

елеметарно нали ...

Титла: леко затруднени с proftpd
Публикувано от: neter в Jun 07, 2007, 02:04

За анонимния потребител - погледни първия ми пост, в края съм описал как. Потребители се премахват с

Примерен код

userdel user

Ако искаш да изтриеш и папката му, едновременно с премахването на потребителя

Примерен код

userdel -r user

За промяна паролата на даден потребител използвай командата

Примерен код

passwd user

P.S.: Замени user с потребителя, за който става дума. Командите се изпълняват под root.

Титла: леко затруднени с proftpd
Публикувано от: erest в Jun 22, 2007, 09:32

а как мога да огранича upload-a на даден потребител ? примерно да не мойе да кача повече 1гб ?

Титла: леко затруднени с proftpd
Публикувано от: neter в Jun 22, 2007, 13:28

Прочети това ръководство. Но сериозно помисли по въпроса за ProFTPd с MySQL автентикация. Този вариант е много по-гъвкав и много по-удобен

Титла: леко затруднени с proftpd
Публикувано от: angelinoff в Jun 22, 2007, 16:57

Благодаря , neter !
Много полезни неща си написал . Много ми помогнаха

Титла: леко затруднени с proftpd
Публикувано от: nov25 в Oct 06, 2007, 13:58

Здравейте

имам и аз едно леко затруднение :/
използвам мандрива 2008
как мога да добавя потребител ?
като пробвам с

Примерен код

adduser --home /var/www --ingroup nogroup име

ми излиза

Примерен код

adduser --home /var/www --ingroup nogroup admin
adduser: unrecognized option `--ingroup'
Usage: useradd [options] LOGIN

Options:
  -b, --base-dir BASE_DIR base directory for the new user account
   home directory
  -c, --comment COMMENT set the GECOS field for the new user account
  -d, --home-dir HOME_DIR home directory for the new user account
  -D, --defaults print or save modified default useradd
   configuration
  -e, --expiredate EXPIRE_DATE set account expiration date to EXPIRE_DATE
  -f, --inactive INACTIVE set password inactive after expiration
   to INACTIVE
  -g, --gid GROUP force use GROUP for the new user account
  -G, --groups GROUPS list of supplementary groups for the new
   user account
  -h, --help display this help message and exit
  -k, --skel SKEL_DIR specify an alternative skel directory
  -K, --key KEY=VALUE overrides /etc/login.defs defaults
  -m, --create-home create home directory for the new user
   account
  -M, do not create home directory for the new user
  -n, do NOT create a group with the same name
   as the user
  -o, --non-unique allow create user with duplicate
   (non-unique) UID
  -p, --password PASSWORD use encrypted password for the new user
   account
  -r create a system account
  -s, --shell SHELL the login shell for the new user account
  -u, --uid UID force use the UID for the new user account

... как да процедираме ?

...
rto taka mi izglejda /etc/proftpd.conf

Примерен код

#
# /etc/proftpd/proftpd.conf -- This is a basic ProFTPD configuration file.
# To really apply changes reload proftpd after modifications.
#

# Includes DSO modules
Include /etc/proftpd.d/*.conf

# This is the directory where DSO modules resides

ModulePath /usr/lib/proftpd

# Allow only user root to load and unload modules, but allow everyone
# to see which modules have been loaded

ModuleControlsACLs insmod,rmmod allow user root
ModuleControlsACLs lsmod allow user *

ServerName         "ProFTPD Default Installation"
ServerType         standalone
DeferWelcome         off

MultilineRFC2228      on
DefaultServer         on
ShowSymlinks         on

TimeoutNoTransfer      600
TimeoutStalled         600
TimeoutIdle         1200

DisplayLogin welcome.msg
DisplayChdir .message
ListOptions     "-l"
DenyFilter         \*.*/
UseIPv6 Off

# Allow FTP resuming.
# Remember to set to off if you have an incoming ftp for upload.
AllowStoreRestart      on

# Port 21 is the standard FTP port.
Port            21

# In some cases you have to specify passive ports range to by-pass
# firewall limitations. Ephemeral ports can be used for that, but
# feel free to use a more narrow range.
#PassivePorts 49152 65534

# To prevent DoS attacks, set the maximum number of child processes
# to 30. If you need to allow more than 30 concurrent connections
# at once, simply increase this value. Note that this ONLY works
# in standalone mode, in inetd mode you should use an inetd server
# that allows you to limit maximum number of processes per service
# (such as xinetd)
MaxInstances         30

# Set the user and group under which the server will run.
User            nobody
Group            nogroup

# Umask 022 is a good standard umask to prevent new files and dirs
# (second parm) from being group and world writable.
Umask            022 022

# To cause every FTP user to be "jailed" (chrooted) into their home
# directory, uncomment this line.
#DefaultRoot ~

# Normally, we want files to be overwriteable.
AllowOverwrite         on

# Uncomment this if you are using NIS or LDAP to retrieve passwords:
PersistentPasswd      off

# Be warned: use of this directive impacts CPU average load!
#
# Uncomment this if you like to see progress and transfer rate with ftpwho
# in downloads. That is not needed for uploads rates.
#UseSendFile         off

TransferLog /var/log/proftpd/proftpd.log
SystemLog /var/log/proftpd/proftpd.log

<IfModule mod_tls.c>
   TLSEngine off
</IfModule>

<IfModule mod_quota.c>
   QuotaEngine on
</IfModule>

<IfModule mod_ratio.c>
   Ratios on
</IfModule>

# Delay engine reduces impact of the so-called Timing Attack described in
# http://security.lss.hr/index.php?page=details&ID=LSS-2004-10-02
# It is on by default.
<IfModule mod_delay.c>
   DelayEngine on
</IfModule>

<IfModule mod_ctrls.c>
   ControlsEngine on
   ControlsMaxClients 2
   ControlsLog /var/log/proftpd/controls.log
   ControlsInterval 5
   ControlsSocket /var/run/proftpd/proftpd.sock
</IfModule>

<IfModule mod_ctrls_admin.c>
   AdminControlsEngine on
</IfModule>

# Bar use of SITE CHMOD by default
<Limit SITE_CHMOD>
   DenyAll
</Limit>

Титла: леко затруднени с proftpd
Публикувано от: nov25 в Oct 12, 2007, 16:54

Титла: леко затруднени с proftpd
Публикувано от: nov25 в Oct 12, 2007, 17:42

имам и още едно "проблемче" но с апаче
като направя някаква папка втв работната директория на апачето
и като се опитам да вляза във нея ми исписва

Примерен код

Access forbidden!

You don't have permission to access the requested directory. There is either no index document or the directory is read-protected.

If you think this is a server error, please contact the webmaster.
Error 403

но иначе ако сложа някоя снимка примерно, се отваря но трябва да намиша точни път http://моя_домейн/1.png
:/

Титла: леко затруднени с proftpd
Публикувано от: nov25 в Oct 12, 2007, 21:29

моля

Титла: леко затруднени с proftpd
Публикувано от: neter в Oct 13, 2007, 02:55

Здрасти

Значи, проблемът с adduser идва от това, че явно синтаксисът на командата в Mandriva 2008 е по-различен. При изпълнението й с грешен синтаксис, системата ти казва какво е различното и ти показва възможните опции на тази команда. Хубаво е да се зачиташ какво приказва системата. Почти винаги е от значение. Правилният синтаксис на командата в твоя случай е

Примерен код

adduser --home-dir /var/www --gid nogroup име

Имай предвид, че тези папка и група са примерни и трябва да ги замениш със съответните твои желания

За конфигурационния файл на proftpd ти препоръчвам да махнеш знакът # пред реда

Цитат

DefaultRoot ~

Така ще затвориш потребителите в собствената им папка и няма да имат възможност да се качват на по-горно ниво от своята папка и да разглеждат останалите папки и файлове из системата. Забелязал съм, че Windows потребителите и без това не могат да се качат по-нагоре, но Linux, *BSD и Solaris потребителите могат.
Проблемът ти с apache се корени в това, че си забранил списъчното показване на съдържанието на папки, в които няма индексен файл и в папката, която се опитваш да достъпиш, няма индексен файл. Ако сложиш индексен файл, то при зареждане на тази папка, ще се зарежда индексният файл. За да позволиш показването на съдържанието при липса на индексен файл, трябва да добавиш следното в областта <Directory /папка/на/сайта> на съответния VirtualHost или в apache2.conf файла, ако не използваш VirtualHost

Цитат

Options Indexes

Ако вече имаш ред с Options, то просто добави думата Indexes след останалите думички на реда, като ги разделиш с интервал и рестартирай apache. Какви файлове да се считат за индексни, се описва в apache2.conf на реда DirectoryIndex.
Ако нещо е останало недоизяснено - свиркай

Титла: леко затруднени с proftpd
Публикувано от: nov25 в Oct 13, 2007, 12:20

за proftpd

Примерен код

dduser --home-dir /var/www --gid nogroup pe6o
adduser: user pe6o exists
[root@localhost]# adduser --home-dir /var/www --gid nogroup oit
adduser: warning: the home directory already exists.
Not copying any file from skel directory into it.
[root@localhost]#

нещо пак не хванах, уж всякаш се създават такива потребители, ama kak se slagat pariloli за новия потреител
... видях това

Цитат

-p, --password PASSWORD use encrypted password for the new user
account

ама ...... :/

а, за апачето, е , че не виждам директорийте в кото има някакви файлове различни от index.html/htm/php ..
eto primer v taq директория не се вижда дъдържанието

ето така ми изглежда /etc/httpd/conf/httpd.conf

Примерен код

#
# Based upon the NCSA server configuration files originally by Rob McCool.
#
# This is the main Apache server configuration file. It contains the
# configuration directives that give the server its instructions.
# See <URL:http://httpd.apache.org/docs-2.0/> for detailed information about
# the directives.
#
# Do NOT simply read the instructions in here without understanding
# what they do. They're here only as hints or reminders. If you are unsure
# consult the online docs. You have been warned.
#
# The configuration directives are grouped into three basic sections:
# 1. Directives that control the operation of the Apache server process as a
# whole (the 'global environment').
# 2. Directives that define the parameters of the 'main' or 'default' server,
# which responds to requests that aren't handled by a virtual host.
# These directives also provide default values for the settings
# of all virtual hosts.
# 3. Settings for virtual hosts, which allow Web requests to be sent to
# different IP addresses or hostnames and have them handled by the
# same Apache server process.
#
# Configuration and logfile names: If the filenames you specify for many
# of the server's control files begin with "/" (or "drive:/" for Win32), the
# server will use that explicit path. If the filenames do *not* begin
# with "/", the value of ServerRoot is prepended -- so "/var/log/httpd/foo.log"
# with ServerRoot set to "/etc/httpd" will be interpreted by the
# server as "/etc/httpd/logs/httpd/foo.log".
#

### Section 1: Global Environment
#
# The directives in this section affect the overall operation of Apache,
# such as the number of concurrent requests it can handle or where it
# can find its configuration files.
#

#
# ServerRoot: The top of the directory tree under which the server's
# configuration, error, and log files are kept.
#
# NOTE! If you intend to place this on an NFS (or otherwise network)
# mounted filesystem then please read the LockFile documentation (available
# at <URL:http://httpd.apache.org/docs-2.0/mod/mpm_common.html#lockfile>);
# you will save yourself a lot of trouble.
#
# Do NOT add a slash at the end of the directory path.
#
ServerRoot "/etc/httpd"

# GracefulShutDownTimeout: Specify a timeout after which a gracefully shutdown server will exit.
GracefulShutDownTimeout 120

##
## Server-Pool Size Regulation (MPM specific)
##

# AcceptMutex: Method that Apache uses to serialize multiple children accepting requests
# on network sockets. fcntl is default on Mandriva Linux
# CoreDumpDirectory: Directory where Apache attempts to switch before dumping core
# EnableExceptionHook: Enables a hook that runs exception handlers after a crash
# ListenBackLog: Maximum length of the queue of pending connections
# LockFile: Location of the accept serialization lock file
# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
# MaxClients: Maximum number of child processes that will be created to serve requests
# MaxMemFree: Maximum amount of memory that the main allocator is allowed to hold without calling free()
# MaxRequestsPerChild: Limit on the number of requests that an individual child server will handle during its life
# PidFile: File where the server records the process ID of the daemon
# ReceiveBufferSize: TCP receive buffer size
# ScoreBoardFile: Location of the file used to store coordination data for the child processes
# SendBufferSize: TCP buffer size
# ServerLimit: Upper limit on configurable number of processes
# StartServers: Number of child server processes created at startup
# MinSpareServers: Minimum number of idle children, to handle request spikes
# MaxSpareServers: Maximum number of idle children

# prefork MPM [THIS IS THE DEFAULT]
<IfModule mpm_prefork_module>
   AcceptMutex fcntl
   CoreDumpDirectory /tmp
   EnableExceptionHook Off
   ListenBacklog 511
   LockFile logs/accept.lock
   MaxClients 256
   MaxMemFree 0
   MaxRequestsPerChild 4000
   PidFile /var/run/httpd.pid
   ReceiveBufferSize 0
# ScoreBoardFile logs/apache_runtime_status
   SendBufferSize 0
   ServerLimit 256
   StartServers 8
   MinSpareServers 5
   MaxSpareServers 20
</IfModule>

# worker MPM
# MaxSpareThreads: Maximum number of idle threads
# MinSpareThreads: Minimum number of idle threads available to handle request spikes
# ThreadLimit: Sets the upper limit on the configurable number of threads per child process
# ThreadsPerChild: Number of threads created by each child process
# ThreadStackSize: The size in bytes of the stack used by threads handling client connections
<IfModule mpm_worker_module>
   AcceptMutex fcntl
   CoreDumpDirectory /tmp
   EnableExceptionHook Off
   ListenBacklog 511
   LockFile logs/accept.lock
   MaxClients 150
   MaxMemFree 0
   MaxRequestsPerChild 0
   MaxSpareThreads 75
   MinSpareThreads 25
   PidFile /var/run/httpd.pid
   ReceiveBufferSize 0
# ScoreBoardFile logs/apache_runtime_status
   SendBufferSize 0
   ServerLimit 256
   StartServers 2
   ThreadLimit 64
   ThreadsPerChild 25
   ThreadStackSize 65536
</IfModule>

# event MPM
<IfModule mpm_event_module>
   AcceptMutex fcntl
   CoreDumpDirectory /tmp
   EnableExceptionHook Off
   ListenBacklog 511
   LockFile logs/accept.lock
   MaxClients 150
   MaxMemFree 0
   MaxRequestsPerChild 0
   MaxSpareThreads 75
   MinSpareThreads 25
   PidFile /var/run/httpd.pid
   ReceiveBufferSize 0
# ScoreBoardFile logs/apache_runtime_status
   SendBufferSize 0
   ServerLimit 256
   StartServers 2
   ThreadLimit 64
   ThreadsPerChild 25
   ThreadStackSize 65536
</IfModule>

# itk MPM
# AssignUserID - Tie a virtual host to a specific child process.
# MaxClientsVHost - Maximum number of children alive at the same time for this virtual host.
# NiceValue - Set nice value for the given vhost, from -20 (highest priority) to 19 (lowest priority).
<IfModule itk.c>
   AcceptMutex fcntl
   CoreDumpDirectory /tmp
   AssignUserID apache apache
   StartServers 8
   MinSpareServers 5
   MaxSpareServers 20
   ServerLimit 256
   MaxClients 256
   MaxRequestsPerChild 4000
</IfModule>

#
# Listen: Allows you to bind Apache to specific IP addresses and/or
# ports, instead of the default. See also the <VirtualHost>
# directive.
#
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses (0.0.0.0)
#
#Listen 12.34.56.78:80
Listen 0.0.0.0:80

#
# Dynamic Shared Object (DSO) Support
#
# To be able to use the functionality of a module which was built as a DSO you
# have to place corresponding `LoadModule' lines at this location so the
# directives contained in it are actually available _before_ they are used.
# Statically compiled modules (those listed by `httpd -l') do not need
# to be loaded here.
#
# Example:
# LoadModule foo_module modules/mod_foo.so
#
LoadModule authn_file_module modules/mod_authn_file.so
#LoadModule authn_dbm_module modules/mod_authn_dbm.so
LoadModule authn_anon_module modules/mod_authn_anon.so
## LoadModule authn_dbd_module modules/mod_authn_dbd.so            -> available in the apache-mod_authn_dbd package
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authn_alias_module modules/mod_authn_alias.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_owner_module modules/mod_authz_owner.so
## LoadModule authnz_ldap_module modules/mod_authnz_ldap.so         -> available in the apache-mod_ldap package
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule auth_digest_module modules/mod_auth_digest.so
## LoadModule cache_module modules/mod_cache.so               -> available in the apache-mod_cache package
## LoadModule disk_cache_module modules/mod_disk_cache.so         -> available in the apache-mod_disk_cache package
## LoadModule mem_cache_module modules/mod_mem_cache.so            -> available in the apache-mod_mem_cache package
## LoadModule dbd_module modules/mod_dbd.so               -> available in the apache-mod_dbd package
## LoadModule bucketeer_module modules/mod_bucketeer.so            <- only used for tests and debugging
## LoadModule dumpio_module modules/mod_dumpio.so            <- only used for tests and debugging
#LoadModule echo_module modules/mod_echo.so
#LoadModule example_module modules/mod_example.so
#LoadModule case_filter_module modules/mod_case_filter.so
#LoadModule case_filter_in_module modules/mod_case_filter_in.so
#LoadModule ext_filter_module modules/mod_ext_filter.so
LoadModule include_module modules/mod_include.so
LoadModule filter_module modules/mod_filter.so
#LoadModule charset_lite_module modules/mod_charset_lite.so
## LoadModule deflate_module modules/mod_deflate.so            -> available in the apache-mod_deflate package
## LoadModule ldap_module modules/mod_ldap.so               -> available in the apache-mod_ldap package
LoadModule log_config_module modules/mod_log_config.so
#LoadModule log_forensic_module modules/mod_log_forensic.so
#LoadModule logio_module modules/mod_logio.so
LoadModule env_module modules/mod_env.so
LoadModule mime_magic_module modules/mod_mime_magic.so
#LoadModule cern_meta_module modules/mod_cern_meta.so
LoadModule expires_module modules/mod_expires.so
LoadModule headers_module modules/mod_headers.so
#LoadModule ident_module modules/mod_ident.so
LoadModule usertrack_module modules/mod_usertrack.so
LoadModule unique_id_module modules/mod_unique_id.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule version_module modules/mod_version.so
## LoadModule proxy_module modules/mod_proxy.so               -> available in the apache-mod_proxy package
## LoadModule proxy_connect_module modules/mod_proxy_connect.so         -> available in the apache-mod_proxy package
## LoadModule proxy_ftp_module modules/mod_proxy_ftp.so            -> available in the apache-mod_proxy package
## LoadModule proxy_http_module modules/mod_proxy_http.so         -> available in the apache-mod_proxy package
## LoadModule proxy_ajp_module modules/mod_proxy_ajp.so            -> available in the apache-mod_proxy_ajp package
## LoadModule proxy_balancer_module modules/mod_proxy_balancer.so      -> available in the apache-mod_proxy package
## LoadModule ssl_module modules/mod_ssl.so               -> available in the apache-mod_ssl package
## LoadModule optional_hook_export_module modules/mod_optional_hook_export.so   <- only used for tests
## LoadModule optional_hook_import_module modules/mod_optional_hook_import.so   <- only used for tests
## LoadModule optional_fn_import_module modules/mod_optional_fn_import.so   <- only used for tests
## LoadModule optional_fn_export_module modules/mod_optional_fn_export.so   <- only used for tests
LoadModule mime_module modules/mod_mime.so
## LoadModule dav_module modules/mod_dav.so               -> available in the apache-mod_dav package
LoadModule status_module modules/mod_status.so
LoadModule autoindex_module modules/mod_autoindex.so
#LoadModule asis_module modules/mod_asis.so
LoadModule info_module modules/mod_info.so
## LoadModule suexec_module modules/mod_suexec.so            -> available in the apache-mod_suexec package
LoadModule cgi_module modules/mod_cgi.so
#LoadModule cgid_module modules/mod_cgid.so               <- use this with the worker MPM
## LoadModule dav_fs_module modules/mod_dav_fs.so            -> available in the apache-mod_dav package
## LoadModule dav_lock_module modules/mod_dav_lock.so            -> available in the apache-mod_dav package
LoadModule vhost_alias_module modules/mod_vhost_alias.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule dir_module modules/mod_dir.so
LoadModule imagemap_module modules/mod_imagemap.so
LoadModule actions_module modules/mod_actions.so
#LoadModule speling_module modules/mod_speling.so
## LoadModule userdir_module modules/mod_userdir.so            -> available in the apache-mod_userdir package
LoadModule alias_module modules/mod_alias.so
LoadModule rewrite_module modules/mod_rewrite.so

# Bring in additional module-specific configurations
#
Include modules.d/*.conf

# include legacy conf.d during a transition period
Include conf.d/*.conf

### Section 2: 'Main' server configuration
#
# The directives in this section set up the values used by the 'main'
# server, which responds to any requests that aren't handled by a
# <VirtualHost> definition. These values also provide defaults for
# any <VirtualHost> containers you may define later in the file.
#
# All of these directives may appear inside <VirtualHost> containers,
# in which case these default settings will be overridden for the
# virtual host being defined.
#

#
# If you wish httpd to run as a different user or group, you must run
# httpd as root initially and it will switch.
#
# User/Group: The name (or #number) of the user/group to run httpd as.
# . On SCO (ODT 3) use "User nouser" and "Group nogroup".
# . On HPUX you may not be able to use shared memory as nobody, and the
# suggested workaround is to create a user www and use that user.
# NOTE that some kernels refuse to setgid(Group) or semctl(IPC_SET)
# when the value of (unsigned)Group is above 60000;
# don't use Group #-1 on these systems!
#
User apache
Group apache

#
# ServerAdmin: Your address, where problems with the server should be
# e-mailed. This address appears on some server-generated pages, such
# as error documents. e.g. [EMAIL=admin@your-domain.com]admin@your-domain.com[/EMAIL]
#
ServerAdmin [EMAIL=mymail@gmail.com]mymail@gmail.com[/EMAIL]

#
# ServerName gives the name and port that the server uses to identify itself.
# This can often be determined automatically, but we recommend you specify
# it explicitly to prevent problems during startup.
#
# If this is not set to valid DNS name for your host, server-generated
# redirections will not work. See also the UseCanonicalName directive.
#
# If your host doesn't have a registered DNS name, enter its IP address here.
# You will have to access it by its address anyway, and this will make
# redirections work in a sensible way.
#
#ServerName www.example.com:80

#
# Timeout: The number of seconds before receives and sends time out.
#
Timeout 300

#
# KeepAlive: Whether or not to allow persistent connections (more than
# one request per connection). Set to "Off" to deactivate.
#
KeepAlive On

#
# MaxKeepAliveRequests: The maximum number of requests to allow
# during a persistent connection. Set to 0 to allow an unlimited amount.
# We recommend you leave this number high, for maximum performance.
#
MaxKeepAliveRequests 100

#
# KeepAliveTimeout: Number of seconds to wait for the next request from the
# same client on the same connection.
#
KeepAliveTimeout 5

#
# UseCanonicalName: Determines how Apache constructs self-referencing
# URLs and the SERVER_NAME and SERVER_PORT variables.
# When set "Off", Apache will use the Hostname and Port supplied
# by the client. When set "On", Apache will use the value of the
# ServerName directive.
#
UseCanonicalName Off

#
# ServerTokens
# This directive configures what you return as the Server HTTP response
# Header. The default is 'Full' which sends information about the OS-Type
# and compiled in modules.
# Set to one of: Full | OS | Minor | Minimal | Major | Prod
# where Full conveys the most information, and Prod the least.
#
ServerTokens OS

#
# Optionally add a line containing the server version and virtual host
# name to server-generated pages (internal error documents, FTP directory
# listings, mod_status and mod_info output etc., but not CGI generated
# documents or custom error documents).
# Set to "EMail" to also include a mailto: link to the ServerAdmin.
# Set to one of: On | Off | EMail
#
ServerSignature Off

#
# HostnameLookups: Log the names of clients or just their IP addresses
# e.g., www.apache.org (on) or 204.62.129.132 (off).
# The default is off because it'd be overall better for the net if people
# had to knowingly turn this feature on, since enabling it means that
# each client request will result in AT LEAST one lookup request to the
# nameserver.
#
HostnameLookups Off

#
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
#
DocumentRoot "/var/www/html"

#
# Each directory to which Apache has access can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
#
# First, we configure the "default" to be a very restrictive set of
# features.
#

<Directory />
   Options -All -Multiviews
   AllowOverride None
   Order deny,allow
   Deny from all
</Directory>

#
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
# you might expect, make sure that you have specifically enabled it
# below.
#

#
# This should be changed to whatever you set DocumentRoot to.
#
<Directory "/var/www/html">

# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
# Note that "MultiViews" must be named *explicitly* --- "Options All"
# doesn't give it to you.
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs-2.0/mod/core.html#options
# for more information.

   Options -Indexes FollowSymLinks MultiViews

#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
# Options FileInfo AuthConfig Limit Indexes

   AllowOverride None

# Controls who can get stuff from this server.
   Order allow,deny
   Allow from all

</Directory>

#
# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
#
# The index.html.var file (a type-map) is used to deliver content-
# negotiated documents. The MultiViews Option can be used for the
# same purpose, but it is much slower.
#

<IfModule mod_include.c>
   <IfModule mod_dir.c>
   DirectoryIndex index.shtml
   </IfModule>
</IfModule>

<IfModule mod_dir.c>
   DirectoryIndex index.html index.html.var index.cgi index.pl index.htm Default.htm default.htm index.xml
</IfModule>

#
# AccessFileName: The name of the file to look for in each directory
# for additional configuration directives. See also the AllowOverride
# directive.
#
AccessFileName .htaccess

#
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
#
<IfModule mod_authz_host.c>
   <FilesMatch "^\.ht">
   Order allow,deny
   Deny from all
   </FilesMatch>
</IfModule>

#
# TypesConfig describes where the mime.types file (or equivalent) is
# to be found.
#
<IfModule mod_mime.c>
   TypesConfig conf/mime.types
</IfModule>

#
# DefaultType is the default MIME type the server will use for a document
# if it cannot otherwise determine one, such as from filename extensions.
# If your server contains mostly text or HTML documents, "text/plain" is
# a good value. If most of your content is binary, such as applications
# or images, you may want to use "application/octet-stream" instead to
# keep browsers from trying to display binary files as though they are
# text.
#
DefaultType text/plain

#
# The mod_mime_magic module allows the server to use various hints from the
# contents of the file itself to determine its type. The MIMEMagicFile
# directive tells the module where the hint definitions are located.
#
<IfModule mod_mime_magic.c>
   MIMEMagicFile conf/magic
</IfModule>

#
# EnableMMAP: Control whether memory-mapping is used to deliver
# files (assuming that the underlying OS supports it).
# The default is on; turn this off if you serve from NFS-mounted
# filesystems. On some systems, turning it off (regardless of
# filesystem) can improve performance; for details, please see
# http://httpd.apache.org/docs-2.0/mod/core.html#enablemmap
#
#EnableMMAP off

#
# EnableSendfile: Control whether the sendfile kernel support is
# used to deliver files (assuming that the OS supports it).
# The default is on; turn this off if you serve from NFS-mounted
# filesystems. Please see
# http://httpd.apache.org/docs-2.0/mod/core.html#enablesendfile
#
#EnableSendfile off

#
# ErrorLog: The location of the error log file.
# If you do not specify an ErrorLog directive within a <VirtualHost>
# container, error messages relating to that virtual host will be
# logged here. If you *do* define an error logfile for a <VirtualHost>
# container, that host's errors will be logged there and not here.
#
ErrorLog logs/error_log

#
# LogLevel: Control the number of messages logged to the error_log.
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
#
LogLevel warn

#
# The following directives define some format nicknames for use with
# a CustomLog directive (see below).
#
<IfModule mod_log_config.c>
   LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
   LogFormat "%h %l %u %t \"%r\" %>s %b" common
   LogFormat "%{Referer}i -> %U" referer
   LogFormat "%{User-agent}i" agent
   LogFormat "%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" VLOG=%{VLOG}e" vhost

   <IfModule mod_logio.c>
   # You need to enable mod_logio.c to use %I and %O
   #LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
   </IfModule>

   #
   # The location and format of the access logfile (Common Logfile Format).
   # If you do not define any access logfiles within a <VirtualHost>
   # container, they will be logged here. Contrariwise, if you *do*
   # define per-<VirtualHost> access logfiles, transactions will be
   # logged therein and *not* in this file.
   #
   #CustomLog logs/access_log common

   #
   # If you would like to have agent and referer logfiles, uncomment the
   # following directives.
   #
   #CustomLog logs/referer_log referer
   #CustomLog logs/agent_log agent

   #
   # If you prefer a single logfile with access, agent, and referer information
   # (Combined Logfile Format) you can use the following directive.
   #
   CustomLog logs/access_log combined

   #Single logfile with access, agent and referer information
   #This is the default, if vlogs are not defined for the main server
   #CustomLog logs/access_log combined env=!VLOG
   #If VLOG is defined in a conf/vhosts.d/*.conf, we use this entry
   #CustomLog "|/usr/sbin/advxsplitlogfile" vhost env=VLOG

</IfModule>

#
# Aliases: Add here as many aliases as you need (with no limit). The format is
# Alias fakename realname
#
<IfModule mod_alias.c>
   # Note that if you include a trailing / on fakename then the server will
   # require it to be present in the URL. So "/icons" isn't aliased in this
   # example, only "/icons/". If the fakename is slash-terminated, then the
   # realname must also be slash terminated, and if the fakename omits the
   # trailing slash, the realname must also omit it.
   # We include the /icons/ alias for FancyIndexed directory listings. If you
   # do not use FancyIndexing, you may comment this out.
   Alias /icons/ "/var/www/icons/"
   Alias /error/ "/var/www/error/"

   # ScriptAlias: This controls which directories contain server scripts.
   # ScriptAliases are essentially the same as Aliases, except that
   # documents in the realname directory are treated as applications and
   # run by the server when requested rather than as documents sent to the client.
   # The same rules about trailing "/" apply to ScriptAlias directives as to
   # Alias.
   ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
   ScriptAlias /protected-cgi-bin/ "/var/www/protected-cgi-bin/"
</IfModule>

<Directory "/var/www/icons">
   Options -Indexes MultiViews
   AllowOverride None
   Order allow,deny
   Allow from all
</Directory>

<IfModule mod_cgid.c>
   # Additional to mod_cgid.c settings, mod_cgid has Scriptsock <path>
   # for setting UNIX socket for communicating with cgid.
   #Scriptsock /var/run/cgisock
</IfModule>

#
# "/var/www/cgi-bin" should be changed to whatever your ScriptAliased
# CGI directory exists, if you have that configured.
#
<Directory "/var/www/cgi-bin">
   AllowOverride All
   Options ExecCGI
   Order allow,deny
   Allow from all
</Directory>

<Directory "/var/www/protected-cgi-bin">
   AllowOverride All
   Options ExecCGI
   Order deny,allow
   Deny from all
   Allow from 127.0.0.1
   #allow from .your_domain.com
</Directory>

#
# Redirect allows you to tell clients about documents which used to exist in
# your server's namespace, but do not anymore. This allows you to tell the
# clients where to look for the relocated document.
# Example:
# Redirect permanent /foo http://www.example.com/bar

#
# Directives controlling the display of server-generated directory listings.
#
#
# IndexOptions: Controls the appearance of server-generated directory
# listings.
#
<IfModule mod_autoindex.c>
   # FancyIndexing is whether you want fancy directory indexing or standard
   IndexOptions FancyIndexing VersionSort NameWidth=* HTMLTable

   # AddIcon* directives tell the server which icon to show for different
   # files or filename extensions. These are only displayed for
   # FancyIndexed directories.
   AddIconByEncoding (CMP,/icons/compressed.png) x-compress x-gzip

   AddIconByType (TXT,/icons/text.png) text/*
   AddIconByType (IMG,/icons/image2.png) image/*
   AddIconByType (SND,/icons/sound2.png) audio/*
   AddIconByType (VID,/icons/movie.png) video/*

   AddIcon /icons/binary.png .bin .exe
   AddIcon /icons/binhex.png .hqx
   AddIcon /icons/tar.png .tar
   AddIcon /icons/world2.png .wrl .wrl.gz .vrml .vrm .iv
   AddIcon /icons/compressed.png .Z .z .tgz .gz .zip
   AddIcon /icons/a.png .ps .ai .eps
   AddIcon /icons/layout.png .html .shtml .htm .pdf
   AddIcon /icons/text.png .txt
   AddIcon /icons/c.png .c
   AddIcon /icons/p.png .pl .py
   AddIcon /icons/f.png .for
   AddIcon /icons/dvi.png .dvi
   AddIcon /icons/uuencoded.png .uu
   AddIcon /icons/script.png .conf .sh .shar .csh .ksh .tcl
   AddIcon /icons/tex.png .tex
   AddIcon /icons/bomb.png core

   AddIcon /icons/back.png ..
   AddIcon /icons/hand.right.png README
   AddIcon /icons/folder.png ^^DIRECTORY^^
   AddIcon /icons/blank.png ^^BLANKICON^^

   # DefaultIcon is which icon to show for files which do not have an icon
   # explicitly set.
   DefaultIcon /icons/unknown.png

   # AddDescription allows you to place a short description after a file in
   # server-generated indexes. These are only displayed for FancyIndexed
   # directories.
   # Format: AddDescription "description" filename
   #AddDescription "GZIP compressed document" .gz
   #AddDescription "tar archive" .tar
   #AddDescription "GZIP compressed tar archive" .tgz

   # ReadmeName is the name of the README file the server will look for by
   # default, and append to directory listings.
   # HeaderName is the name of a file which should be prepended to
   # directory indexes.
   ReadmeName README.html
   HeaderName HEADER.html

   # IndexIgnore is a set of filenames which directory indexing should ignore
   # and not include in the listing. Shell-style wildcarding is permitted.
   IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v *,t
</IfModule>
# End of indexing directives.

#
# DefaultLanguage and AddLanguage allows you to specify the language of
# a document. You can then use content negotiation to give a browser a
# file in a language the user can understand.
#
# Specify a default language. This means that all data
# going out without a specific language tag (see below) will
# be marked with this one. You probably do NOT want to set
# this unless you are sure it is correct for all cases.
#
# * It is generally better to not mark a page as
# * being a certain language than marking it with the wrong
# * language!
#
# DefaultLanguage nl
#
# Note 1: The suffix does not have to be the same as the language
# keyword --- those with documents in Polish (whose net-standard
# language code is pl) may wish to use "AddLanguage pl .po" to
# avoid the ambiguity with the common suffix for perl scripts.
#
# Note 2: The example entries below illustrate that in some cases
# the two character 'Language' abbreviation is not identical to
# the two character 'Country' code for its country,
# E.g. 'Danmark/dk' versus 'Danish/da'.
#
# Note 3: In the case of 'ltz' we violate the RFC by using a three char
# specifier. There is 'work in progress' to fix this and get
# the reference data for rfc1766 cleaned up.
#
# Catalan (ca) - Croatian (hr) - Czech (cs) - Danish (da) - Dutch (nl)
# English (en) - Esperanto (eo) - Estonian (et) - French (fr) - German (de)
# Greek-Modern (el) - Hebrew (he) - Italian (it) - Japanese (ja)
# Korean (ko) - Luxembourgeois* (ltz) - Norwegian Nynorsk (nn)
# Norwegian (no) - Polish (pl) - Portugese (pt)
# Brazilian Portuguese (pt-BR) - Russian (ru) - Swedish (sv)
# Simplified Chinese (zh-CN) - Spanish (es) - Traditional Chinese (zh-TW)
#

<IfModule mod_mime.c>
   AddLanguage ca .ca
   AddLanguage cs .cz .cs
   AddLanguage da .dk
   AddLanguage de .de
   AddLanguage el .el
   AddLanguage en .en
   AddLanguage eo .eo
   AddLanguage es .es
   AddLanguage et .et
   AddLanguage fr .fr
   AddLanguage he .he
   AddLanguage hr .hr
   AddLanguage it .it
   AddLanguage ja .ja
   AddLanguage ko .ko
   AddLanguage ltz .ltz
   AddLanguage nl .nl
   AddLanguage nn .nn
   AddLanguage no .no
   AddLanguage pl .po
   AddLanguage pt .pt
   AddLanguage pt-BR .pt-br
   AddLanguage ru .ru
   AddLanguage sv .sv
   AddLanguage zh-CN .zh-cn
   AddLanguage zh-TW .zh-tw

   # LanguagePriority allows you to give precedence to some languages
   # in case of a tie during content negotiation.
   # Just list the languages in decreasing order of preference. We have
   # more or less alphabetized them here. You probably want to change this.
   <IfModule mod_negotiation.c>
   LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW
   </IfModule>

   # ForceLanguagePriority allows you to serve a result page rather than
   # MULTIPLE CHOICES (Prefer) [in case of a tie] or NOT ACCEPTABLE (Fallback)
   # [in case no accepted languages matched the available variants]
   <IfModule mod_negotiation.c>
   ForceLanguagePriority Prefer Fallback
   </IfModule>

   # Commonly used filename extensions to character sets. You probably
   # want to avoid clashes with the language extensions, unless you
   # are good at carefully testing your setup after each change.
   # See http://www.iana.org/assignments/character-sets for the
   # official list of charset names and their respective RFCs.
   AddCharset us-ascii.ascii .us-ascii
   AddCharset ISO-8859-1 .iso8859-1 .latin1
   AddCharset ISO-8859-2 .iso8859-2 .latin2 .cen
   AddCharset ISO-8859-3 .iso8859-3 .latin3
   AddCharset ISO-8859-4 .iso8859-4 .latin4
   AddCharset ISO-8859-5 .iso8859-5 .latin5 .cyr .iso-ru
   AddCharset ISO-8859-6 .iso8859-6 .latin6 .arb
   AddCharset ISO-8859-7 .iso8859-7 .latin7 .grk
   AddCharset ISO-8859-8 .iso8859-8 .latin8 .heb
   AddCharset ISO-8859-9 .iso8859-9 .latin9 .trk
   AddCharset ISO-8859-10 .iso8859-10 .latin6
   AddCharset ISO-8859-13 .iso8859-13
   AddCharset ISO-8859-14 .iso8859-14 .latin8
   AddCharset ISO-8859-15 .iso8859-15 .latin9
   AddCharset ISO-8859-16 .iso8859-16 .latin10
   AddCharset ISO-2022-JP .iso2022-jp .jis
   AddCharset ISO-2022-KR .iso2022-kr .kis
   AddCharset ISO-2022-CN .iso2022-cn .cis
   AddCharset Big5 .Big5 .big5

   # For russian, more than one charset is used (depends on client, mostly):
   AddCharset WINDOWS-1251 .cp-1251 .win-1251
   AddCharset CP866 .cp866
   AddCharset KOI8 .koi8
   AddCharset KOI8-E .koi8-e
   AddCharset KOI8-r .koi8-r .koi8-ru
   AddCharset KOI8-U .koi8-u
   AddCharset KOI8-ru .koi8-uk .ua
   AddCharset ISO-10646-UCS-2 .ucs2
   AddCharset ISO-10646-UCS-4 .ucs4
   AddCharset UTF-7 .utf7
   AddCharset UTF-8 .utf8
   AddCharset UTF-16 .utf16
   AddCharset UTF-16BE .utf16be
   AddCharset UTF-16LE .utf16le
   AddCharset UTF-32 .utf32
   AddCharset UTF-32BE .utf32be
   AddCharset UTF-32LE .utf32le

   # The set below does not map to a specific (iso) standard
   # but works on a fairly wide range of browsers. Note that
   # capitalization actually matters (it should not, but it
   # does for some browsers).
   #
   # See http://www.iana.org/assignments/character-sets
   # for a list of sorts. But browsers support few.
   AddCharset GB2312 .gb2312 .gb
   AddCharset utf-7 .utf7
   AddCharset utf-8 .utf8
   AddCharset big5 .big5 .b5
   AddCharset EUC-TW .euc-tw
   AddCharset EUC-JP .euc-jp
   AddCharset EUC-KR .euc-kr
   AddCharset shift_jis .sjis

   # Specify a default charset for all pages sent out. This is
   # always a good idea and opens the door for future internationalisation
   # of your web site, should you ever want it. Specifying it as
   # a default does little harm; as the standard dictates that a page
   # is in iso-8859-1 (latin1) unless specified otherwise i.e. you
   # are merely stating the obvious. There are also some security
   # reasons in browsers, related to javascript and URL parsing
   # which encourage you to always set a default char set.
   #AddDefaultCharset ISO-8859-1
   # JMD 2003/09/15 Change to off, since it overrides the META tags
   AddDefaultCharset Off

   # AddType allows you to add to or override the MIME configuration
   # file mime.types for specific file types.
   #AddType application/x-tar .tgz

   # AddEncoding allows you to have certain browsers uncompress
   # information on the fly. Note: Not all browsers support this.
   # Despite the name similarity, the following Add* directives have nothing
   # to do with the FancyIndexing customization directives above.
   #AddEncoding x-compress .Z
   #AddEncoding x-gzip .gz .tgz
   # If the AddEncoding directives above are commented-out, then you
   # probably should define those extensions to indicate media types:
   AddType application/x-compress .Z
   AddType application/x-gzip .gz .tgz
   AddType image/x-icon .ico

   # AddHandler allows you to map certain file extensions to "handlers":
   # actions unrelated to filetype. These can be either built into the server
   # or added with the Action directive (see below)
   # To use CGI scripts outside of ScriptAliased directories:
   # (You will also need to add "ExecCGI" to the "Options" directive.)
   AddHandler cgi-script .cgi

   # For files that include their own HTTP headers:
   #AddHandler send-as-is asis

   # For server-parsed imagemap files:
   AddHandler imap-file map

   # For type maps (negotiated resources):
   # (This is enabled by default to allow the Apache "It Worked" page
   # to be distributed in multiple languages.)
   AddHandler type-map var

   # Filters allow you to process content before it is sent to the client.
   # To parse .shtml files for server-side includes (SSI):
   # (You will also need to add "Includes" to the "Options" directive.)
   <IfModule mod_include.c>
   AddType text/html .shtml
   AddOutputFilter INCLUDES .shtml
   </IfModule>
</IfModule>

#
# Action lets you define media types that will execute a script whenever
# a matching file is called. This eliminates the need for repeated URL
# pathnames for oft-used CGI file processors.
# Format: Action media/type /cgi-script/location
# Format: Action handler-name /cgi-script/location
#

#
# Customizable error responses come in three flavors:
# 1) plain text 2) local redirects 3) external redirects
#
# Some examples:
#ErrorDocument 500 "The server made a boo boo."
#ErrorDocument 404 /missing.html
#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
#ErrorDocument 402 http://www.example.com/subscription_info.html
#

#
# Putting this all together, we can internationalize error responses.
#
# We use Alias to redirect any /error/HTTP_<error>.html.var response to
# our collection of by-error message multi-language collections. We use
# includes to substitute the appropriate text.
#
# You can modify the messages' appearance without changing any of the
# default HTTP_<error>.html.var files by adding the line:
#
# Alias /error/include/ "/your/include/path/"
#
# which allows you to create your own set of files by starting with the
# /var/www/error/include/ files and copying them to /your/include/path/,
# even on a per-VirtualHost basis. The default include files will display
# your Apache version number and your ServerAdmin email address regardless
# of the setting of ServerSignature.
#
# The internationalized error documents require mod_alias, mod_include
# and mod_negotiation. To activate them, uncomment the following 30 lines.

<IfModule mod_negotiation.c>
   <IfModule mod_include.c>

   <Directory "/var/www/error">
   AllowOverride None
   Options IncludesNoExec
   AddOutputFilter Includes html
   AddHandler type-map var
   Order allow,deny
   Allow from all
   LanguagePriority en cs de es fr it ja ko nl pl pt-br ro sv tr
   ForceLanguagePriority Prefer Fallback
   </Directory>

   ErrorDocument 400 /error/HTTP_BAD_REQUEST.html.var
   ErrorDocument 401 /error/HTTP_UNAUTHORIZED.html.var
   ErrorDocument 403 /error/HTTP_FORBIDDEN.html.var
   ErrorDocument 404 /error/HTTP_NOT_FOUND.html.var
   ErrorDocument 405 /error/HTTP_METHOD_NOT_ALLOWED.html.var
   ErrorDocument 408 /error/HTTP_REQUEST_TIME_OUT.html.var
   ErrorDocument 410 /error/HTTP_GONE.html.var
   ErrorDocument 411 /error/HTTP_LENGTH_REQUIRED.html.var
   ErrorDocument 412 /error/HTTP_PRECONDITION_FAILED.html.var
   ErrorDocument 413 /error/HTTP_REQUEST_ENTITY_TOO_LARGE.html.var
   ErrorDocument 414 /error/HTTP_REQUEST_URI_TOO_LARGE.html.var
   ErrorDocument 415 /error/HTTP_UNSUPPORTED_MEDIA_TYPE.html.var
   ErrorDocument 500 /error/HTTP_INTERNAL_SERVER_ERROR.html.var
   ErrorDocument 501 /error/HTTP_NOT_IMPLEMENTED.html.var
   ErrorDocument 502 /error/HTTP_BAD_GATEWAY.html.var
   ErrorDocument 503 /error/HTTP_SERVICE_UNAVAILABLE.html.var
   ErrorDocument 506 /error/HTTP_VARIANT_ALSO_VARIES.html.var

   </IfModule>
</IfModule>

<IfModule mod_setenvif.c>
   # The following directives modify normal HTTP response behavior to
   # handle known problems with browser implementations.
   BrowserMatch "Mozilla/2" nokeepalive
   BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
   BrowserMatch "RealPlayer 4\.0" force-response-1.0
   BrowserMatch "Java/1\.0" force-response-1.0
   BrowserMatch "JDK/1\.0" force-response-1.0

   # The following directive disables redirects on non-GET requests for
   # a directory that does not include the trailing slash. This fixes a
   # problem with Microsoft WebFolders which does not appropriately handle
   # redirects for folders with DAV methods.
   # Same deal with Apple's DAV filesystem and Gnome VFS support for DAV.
   BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
   BrowserMatch "MS FrontPage" redirect-carefully
   BrowserMatch "^WebDrive" redirect-carefully
   BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
   BrowserMatch "^gnome-vfs" redirect-carefully
   BrowserMatch "^XML Spy" redirect-carefully
   BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
</IfModule>

#
# Get information about the requests being processed by the server
# and the configuration of the server.
#
# Required modules: mod_status (for the server-status handler),
# mod_info (for the server-info handler)

#
# Allow server status reports generated by mod_status,
# with the URL of http://servername/server-status
# Change the ".example.com" to match your domain to enable.
<IfModule mod_status.c>
   <Location /server-status>
   SetHandler server-status
   Order deny,allow
   Deny from all
   allow from 127.0.0.1
   #Allow from .your_domain.com
   </Location>

   # ExtendedStatus controls whether Apache will generate "full" status
   # information (ExtendedStatus On) or just basic information (ExtendedStatus
   # Off) when the "server-status" handler is called. The default is Off.
   ExtendedStatus On
</IfModule>

#
# Allow remote server configuration reports, with the URL of
# http://servername/server-info (requires that mod_info.c be loaded).
# Change the ".example.com" to match your domain to enable.
#
<IfModule mod_info.c>
   <Location /server-info>
   SetHandler server-info
   Order deny,allow
   Deny from all
   allow from 127.0.0.1
   #Allow from .your_domain.com
   </Location>
</IfModule>

<IfModule mod_usertrack.c>
   # This is the default.
   CookieName Apache
</IfModule>

<Directory /var/www/html/addon-modules>
   Options Indexes FollowSymLinks
</Directory>

<Location /index.shtml>
   Options +Includes
</Location>

<IfModule mod_speling.c>
   CheckSpelling On
   AcceptPathInfo On
</IfModule>

Include conf/fileprotector.conf

# webapps configuration section
# Web applications should be activated _after_ apache has been
# configured properly.
Include conf/webapps.d/*.conf

### Section 3: Virtual Hosts
#
# VirtualHost: If you want to maintain multiple domains/hostnames on your
# machine you can setup VirtualHost containers for them. Most configurations
# use only name-based virtual hosts so the server doesn't need to worry about
# IP addresses. This is indicated by the asterisks in the directives below.
#
# Please see the documentation at
# <URL:http://httpd.apache.org/docs-2.0/vhosts/>
# for further details before you try to setup virtual hosts.
#
# You may use the command line option '-S' to verify your virtual host
# configuration.

#
# Use name-based virtual hosting.
#
#NameVirtualHost *:80
#Setenv VLOG

#
# VirtualHost example:
# Almost any Apache directive may go into a VirtualHost container.
# The first VirtualHost section is used for requests without a known
# server name.
#
#<VirtualHost *:80>
# ServerAdmin [EMAIL=webmaster@dummy-host.example.com]webmaster@dummy-host.example.com[/EMAIL]
# DocumentRoot /www/docs/dummy-host.example.com
# ServerName dummy-host.example.com
# ErrorLog /var/log/httpd/dummy-host.example.com-error_log
# CustomLog /var/log/httpd/dummy-host.example.com-access_log common
#</VirtualHost>

################################################################################
# virtual hosts configuration section
# Include virtual hosts, if any
Include conf/vhosts.d/*.conf

и какво правим сега, тоя ред кото спомена

Примерен код

Options Indexes

трябва да го махна ли ?

Титла: леко затруднени с proftpd
Публикувано от: neter в Oct 13, 2007, 13:10

Не трябва да махаш реда

Цитат

Options Indexes

от httpd.conf. Този ред трябва да присъства, за да виждаш съдържанието на папки без индексен файл. Това, което трябва да направиш, е да махнеш тирето пред Indexes (интересно откъде се е взело това тире). Проблемът ти с apache е изцяло в това тире

За добавянето на потребителя. Командата adduser е успяла да се изпълни успешно при теб, като те информира, че папката /var/www е съществувала още преди създаването на потребителя, затова не са копирани системните файлове за потребителя в нея (с цел да не се засегнат някакви данни при копирането). Потребителят е създаден. Интересно защо след изпълнението на командата не иска да въведеш и останалите данни за потребителя (вкл. и парола), но парола за новия потребител можеш да зададеш и с команда като root

Примерен код

passwd юзер

Това е командата за задаване/смяна на пароли на потребители. Даден потребител може да задава/сменя паролите само на себе си и на нисшестоящите потребители (root, както се сещаш, може да задава/сменя паролите на всички). Когато искаш да смениш root паролата, можеш да изпълниш и само passwd, но като root.
Ако си ентусиаст, разгледай подробно ръководството за adduser и експериментирай, за да се научиш да използваш командата. Можеш да разгледаш как стои въпросът и с командите deluser, useradd, userdel

Титла: леко затруднени с proftpd
Публикувано от: nov25 в Oct 13, 2007, 14:01

не знам от къде са се взели тези терета, сно след като ги махнах се оправи

и със профтп-то се оправих

@neter, БЛАГОДАРЯ ТИ ОТНОВО ЗА ПОМОЩА

Титла: леко затруднени с proftpd
Публикувано от: k4BIG в Oct 13, 2007, 15:23

Цитат

angelinoff

Благодаря , neter !
Много полезни неща си написал . Много ми помогнаха

И аз така

Linux за българи: Форуми

Linux секция за начинаещи => Настройка на програми => Темата е започната от: erest в Jun 04, 2007, 18:11