b1a67d1a5c
All checks were successful
Ansible Lint |Total|New|Outstanding|Fixed|Trend
|:-:|:-:|:-:|:-:|:-:
|2635|2|2633|3|:+1:
Reference build: <a href="https://jenkins.evolix.org/job/gitea/job/ansible-roles/job/unstable/392//ansiblelint">Evolix » ansible-roles » unstable #392</a>
gitea/ansible-roles/pipeline/head This commit looks good
68 lines
1.4 KiB
Plaintext
68 lines
1.4 KiB
Plaintext
ServerTokens Prod
|
|
Timeout 10
|
|
KeepAliveTimeout 2
|
|
MaxKeepAliveRequests 10
|
|
#MaxClients 250
|
|
|
|
<IfModule mpm_prefork_module>
|
|
MaxRequestWorkers 250
|
|
ServerLimit 250
|
|
StartServers 50
|
|
MinSpareServers 20
|
|
MaxSpareServers 30
|
|
MaxRequestsPerChild 0
|
|
</IfModule>
|
|
|
|
<IfModule mpm_worker_module>
|
|
StartServers 3
|
|
MinSpareThreads 25
|
|
MaxSpareThreads 75
|
|
ThreadLimit 64
|
|
ThreadsPerChild 25
|
|
MaxRequestWorkers 150
|
|
MaxConnectionsPerChild 0
|
|
</IfModule>
|
|
|
|
<IfModule mpm_itk_module>
|
|
LimitUIDRange 0 6000
|
|
LimitGIDRange 0 6000
|
|
</IfModule>
|
|
|
|
<IfModule ssl_module>
|
|
SSLProtocol all -SSLv2 -SSLv3
|
|
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!RC4
|
|
</IfModule>
|
|
|
|
<IfModule status_module>
|
|
ExtendedStatus On
|
|
<IfModule proxy_module>
|
|
ProxyStatus On
|
|
</IfModule>
|
|
</IfModule>
|
|
|
|
# Go away bad bots (define "bad bots" in zzz-evolinux-custom.conf)
|
|
<If "reqenv('GoAway') -eq 1">
|
|
Require all denied
|
|
</If>
|
|
|
|
<DirectoryMatch "/\.git">
|
|
# We don't want to let the client know a file exist on the server,
|
|
# so we return 404 "Not found" instead of 403 "Forbidden".
|
|
Redirect 404
|
|
</DirectoryMatch>
|
|
|
|
# File names starting with
|
|
<FilesMatch "^\.(git|env)">
|
|
Redirect 404
|
|
</FilesMatch>
|
|
|
|
# File names ending with
|
|
<FilesMatch "\.(inc|bak)$">
|
|
Redirect 404
|
|
</FilesMatch>
|
|
|
|
<LocationMatch "^/evolinux_fpm_status-.*">
|
|
Require all denied
|
|
</LocationMatch>
|
|
|