ServerName {{ ansible_fqdn }}
#ServerAlias {{ ansible_fqdn }}
DocumentRoot /var/www/
Include /etc/apache2/ipaddr_whitelist.conf
Options -Indexes
Require all denied
Include /etc/apache2/ipaddr_whitelist.conf
# Munin. We need to set Directory directive as Alias take precedence.
Alias /munin /var/cache/munin/www
Require all denied
Include /etc/apache2/ipaddr_whitelist.conf
# munin-cgi-graph, used for zooming on graphs.
ScriptAlias /munin-cgi/munin-cgi-graph /usr/lib/munin/cgi/munin-cgi-graph
Options +ExecCGI
Require all denied
Include /etc/apache2/ipaddr_whitelist.conf
# For CGI Scripts. We need to set Directory directive as ScriptAlias take precedence.
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Require all denied
Include /etc/apache2/ipaddr_whitelist.conf
CustomLog /var/log/apache2/access.log vhost_combined
ErrorLog /var/log/apache2/error.log
LogLevel warn
RewriteEngine on
# Redirect to HTTPS, execpt for munin, because some plugins
# can't handle HTTPS! :(
RewriteCond %{REQUEST_URI} !^/server-status.*$ [NC] [OR]
RewriteCond %{REQUEST_URI} !^/munin_opcache.php$ [NC]
RewriteRule ^/(.*) https://{{ ansible_fqdn }}/$1 [L,R=permanent]
Require local
SetHandler server-status
include /etc/apache2/ipaddr_whitelist.conf
Require local
SecRuleEngine Off
ServerName {{ ansible_fqdn }}
#ServerAlias {{ ansible_fqdn }}
DocumentRoot /var/www/
# We override these 2 Directory directives setted in apache2.conf.
# We want no access except from allowed IP address.
Include /etc/apache2/ipaddr_whitelist.conf
Options -Indexes
Require all denied
Include /etc/apache2/ipaddr_whitelist.conf
SSLEngine on
SSLCertificateFile {{ apache_evolinux_default_ssl_cert }}
SSLCertificateKeyFile {{ apache_evolinux_default_ssl_key }}
# Munin. We need to set Directory directive as Alias take precedence.
Alias /munin /var/cache/munin/www
Require all denied
Include /etc/apache2/ipaddr_whitelist.conf
Options -Indexes
Require all denied
Include /etc/apache2/ipaddr_whitelist.conf
# For CGI Scripts. We need to set Directory directive as ScriptAlias take precedence.
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Require all denied
Include /etc/apache2/ipaddr_whitelist.conf
ScriptAlias /munin-cgi/munin-cgi-graph /usr/lib/munin/cgi/munin-cgi-graph
Options +ExecCGI
SetHandler fcgid-script
Require all denied
Include /etc/apache2/ipaddr_whitelist.conf
# BEGIN phpMyAdmin section
# END phpMyAdmin section
CustomLog /var/log/apache2/access.log vhost_combined
ErrorLog /var/log/apache2/error.log
LogLevel warn
SetHandler server-status
include /etc/apache2/ipaddr_whitelist.conf
Require local
SecRuleEngine Off