wiki-archive/twiki/twiki_httpd_conf.txt

# Example httpd.conf file for TWiki.
#
# You are recommended to take a copy of this file and edit
# the paths to match your installation. Then add:
# include "/home/httpd/twiki/twiki_httpd.conf"
# to the end of your main httpd.conf file.
#

# The first parameter will be part of the URL to your installation e.g.
# http://my.co.uk/twiki/bin/view/...
# The second parameter must point to the physical path on your disk. Be
# careful not to lose any trailing /'s.

#### Change the _second_ path to match your local installation
ScriptAlias /twiki/bin/ "/home/httpd/twiki/bin/"

# This defines a url that points to the root of the twiki installation. It is
# used to access files in the pub directory (attachments etc)
# It must come _after_ the ScriptAlias.

#### Change the path to match your local installation
Alias /twiki/ "/home/httpd/twiki/"


# We set an environment variable called anonymous_spider
# Setting a BrowserMatchNoCase to ^$ is important. It prevents TWiki from
# including its own topics as URLs and also prevents other TWikis from
# doing the same. This is important to prevent the most obvious
# Denial of Service attacks.
# You can expand this by adding more BrowserMatchNoCase statements to
# block evil browser agents trying the impossible task of mirroring a twiki
# Example:
# BrowserMatchNoCase ^SiteSucker anonymous_spider
BrowserMatchNoCase ^$ anonymous_spider


# This specifies the options on the TWiki scripts directory. The ExecCGI
# and SetHandler tell apache that it contains scripts. "Allow from all"
# lets any IP address access this URL.

#### Change the path to match your local installation
<Directory "/home/httpd/twiki/bin">
	AllowOverride None
	Order Allow,Deny
	Allow from all
	Deny from env=anonymous_spider

	Options ExecCGI FollowSymLinks
	SetHandler cgi-script

	# Password file for TWiki users
	AuthUserFile /var/www/twiki/data/.htpasswd
	AuthName 'Enter your WikiName: (First name and last name, no space, no dots, capitalized, e.g. JohnSmith). Cancel to register if you do not have one.'
	AuthType Basic
	
	# File to return on access control error (e.g. wrong password)
	# By convention this is the TWikiRegistration page, that allows users
	# to register with the TWiki. Apache requires this to be a *local* path.
	ErrorDocument 401 /twiki/bin/view/TWiki/TWikiRegistration

# Limit access to configure to specific IP addresses and or users.
# Make sure configure is not open to the general public.
# The configure script is designed for administrators only.
# The script itself and the information it reveals can be abused by
# attackers if not properly protected against public access.
# Replace JohnDoe with the login name of the administrator
<FilesMatch "^configure.*">
	SetHandler cgi-script
	Order Deny,Allow
	Deny from all
	Allow from 127.0.0.1, 192.168.1.10
	Require user JohnDoe
	Satisfy Any
</FilesMatch>

# When using Apache type login the following defines the TWiki scripts
# that makes Apache ask the browser to authenticate. It is correct that
# scripts such as view are not authenticated. (un-comment to activate)
#<FilesMatch "(attach|edit|manage|rename|save|upload|mail|logon|.*auth).*">
#	require valid-user
#</FilesMatch>

</Directory>


# This sets the options on the pub directory, which contains attachments and
# other files like CSS stylesheets and icons. AllowOverride None stops a
# user installing a .htaccess file that overrides these options.
# Finally all execution of PHP and other scripts is disabled.

# Note that files in pub are *not* protected by TWiki Access Controls,
# so if you want to control access to files attached to topics, you may
# need to add your own .htaccess files to subdirectories of pub. See the
# Apache documentation on .htaccess for more info.

#### Change the path to match your local installation
<Directory "/home/httpd/twiki/pub">
	Options None
	AllowOverride Limit
	Allow from all
	
	# If you have PHP4 or PHP5 installed make sure the directive below is enabled
	# If you do not have PHP installed you will need to comment out the directory below
	# to avoid errors.
	php_admin_flag engine off
	
	#If you have PHP3 installed make sure the directive below is enabled
	#php3_engine off

	# This line will redefine the mime type for the most common types of scripts
	# It will also deliver HTML files as if they are text files
	AddType text/plain .html .htm .shtml .php .php3 .phtml .phtm .pl .py .cgi
</Directory>

# Security note: All other directories should be set so
# that they are *not* visible as URLs, so we set them as =deny from all=.

#### Change the paths to match your local installation
<Directory "/home/httpd/twiki/data">
	deny from all
</Directory>

<Directory "/home/httpd/twiki/templates">
	deny from all
</Directory>

<Directory "/home/httpd/twiki/lib">
	deny from all
</Directory>

<Directory "/home/httpd/twiki/tools">
	deny from all
</Directory>

<Directory "/home/httpd/twiki/locale">
	deny from all
</Directory>
Archive entire twiki setup from owl as of today 2016-02-24 10:46:01 +00:00			`# Example httpd.conf file for TWiki.`
			`#`
			`# You are recommended to take a copy of this file and edit`
			`# the paths to match your installation. Then add:`
			`# include "/home/httpd/twiki/twiki_httpd.conf"`
			`# to the end of your main httpd.conf file.`
			`#`

			`# The first parameter will be part of the URL to your installation e.g.`
			`# http://my.co.uk/twiki/bin/view/...`
			`# The second parameter must point to the physical path on your disk. Be`
			`# careful not to lose any trailing /'s.`

			`#### Change the _second_ path to match your local installation`
			`ScriptAlias /twiki/bin/ "/home/httpd/twiki/bin/"`

			`# This defines a url that points to the root of the twiki installation. It is`
			`# used to access files in the pub directory (attachments etc)`
			`# It must come _after_ the ScriptAlias.`

			`#### Change the path to match your local installation`
			`Alias /twiki/ "/home/httpd/twiki/"`


			`# We set an environment variable called anonymous_spider`
			`# Setting a BrowserMatchNoCase to ^$ is important. It prevents TWiki from`
			`# including its own topics as URLs and also prevents other TWikis from`
			`# doing the same. This is important to prevent the most obvious`
			`# Denial of Service attacks.`
			`# You can expand this by adding more BrowserMatchNoCase statements to`
			`# block evil browser agents trying the impossible task of mirroring a twiki`
			`# Example:`
			`# BrowserMatchNoCase ^SiteSucker anonymous_spider`
			`BrowserMatchNoCase ^$ anonymous_spider`


			`# This specifies the options on the TWiki scripts directory. The ExecCGI`
			`# and SetHandler tell apache that it contains scripts. "Allow from all"`
			`# lets any IP address access this URL.`

			`#### Change the path to match your local installation`
			`<Directory "/home/httpd/twiki/bin">`
			`AllowOverride None`
			`Order Allow,Deny`
			`Allow from all`
			`Deny from env=anonymous_spider`

			`Options ExecCGI FollowSymLinks`
			`SetHandler cgi-script`

			`# Password file for TWiki users`
			`AuthUserFile /var/www/twiki/data/.htpasswd`
			`AuthName 'Enter your WikiName: (First name and last name, no space, no dots, capitalized, e.g. JohnSmith). Cancel to register if you do not have one.'`
			`AuthType Basic`

			`# File to return on access control error (e.g. wrong password)`
			`# By convention this is the TWikiRegistration page, that allows users`
			`# to register with the TWiki. Apache requires this to be a local path.`
			`ErrorDocument 401 /twiki/bin/view/TWiki/TWikiRegistration`

			`# Limit access to configure to specific IP addresses and or users.`
			`# Make sure configure is not open to the general public.`
			`# The configure script is designed for administrators only.`
			`# The script itself and the information it reveals can be abused by`
			`# attackers if not properly protected against public access.`
			`# Replace JohnDoe with the login name of the administrator`
			`<FilesMatch "^configure.*">`
			`SetHandler cgi-script`
			`Order Deny,Allow`
			`Deny from all`
			`Allow from 127.0.0.1, 192.168.1.10`
			`Require user JohnDoe`
			`Satisfy Any`
			`</FilesMatch>`

			`# When using Apache type login the following defines the TWiki scripts`
			`# that makes Apache ask the browser to authenticate. It is correct that`
			`# scripts such as view are not authenticated. (un-comment to activate)`
			`#<FilesMatch "(attach\|edit\|manage\|rename\|save\|upload\|mail\|logon\|.auth).">`
			`# require valid-user`
			`#</FilesMatch>`

			`</Directory>`


			`# This sets the options on the pub directory, which contains attachments and`
			`# other files like CSS stylesheets and icons. AllowOverride None stops a`
			`# user installing a .htaccess file that overrides these options.`
			`# Finally all execution of PHP and other scripts is disabled.`

			`# Note that files in pub are not protected by TWiki Access Controls,`
			`# so if you want to control access to files attached to topics, you may`
			`# need to add your own .htaccess files to subdirectories of pub. See the`
			`# Apache documentation on .htaccess for more info.`

			`#### Change the path to match your local installation`
			`<Directory "/home/httpd/twiki/pub">`
			`Options None`
			`AllowOverride Limit`
			`Allow from all`

			`# If you have PHP4 or PHP5 installed make sure the directive below is enabled`
			`# If you do not have PHP installed you will need to comment out the directory below`
			`# to avoid errors.`
			`php_admin_flag engine off`

			`#If you have PHP3 installed make sure the directive below is enabled`
			`#php3_engine off`

			`# This line will redefine the mime type for the most common types of scripts`
			`# It will also deliver HTML files as if they are text files`
			`AddType text/plain .html .htm .shtml .php .php3 .phtml .phtm .pl .py .cgi`
			`</Directory>`

			`# Security note: All other directories should be set so`
			`# that they are not visible as URLs, so we set them as =deny from all=.`

			`#### Change the paths to match your local installation`
			`<Directory "/home/httpd/twiki/data">`
			`deny from all`
			`</Directory>`

			`<Directory "/home/httpd/twiki/templates">`
			`deny from all`
			`</Directory>`

			`<Directory "/home/httpd/twiki/lib">`
			`deny from all`
			`</Directory>`

			`<Directory "/home/httpd/twiki/tools">`
			`deny from all`
			`</Directory>`

			`<Directory "/home/httpd/twiki/locale">`
			`deny from all`
			`</Directory>`