View Attach Info
This is version . It is not the current version, and thus it cannot be edited.
[Back to current version]   [Restore this version]

Apache#

Configurazione#

apache2.conf aggiungere/modificare : 
# forbid access to the entire filesystem by default
<Directory />
    Options None
    AllowOverride None
    Order deny,allow
    Deny from all
</Directory>

# List of resources to look for when the client requests a directory
DirectoryIndex index.htm index.html index.jsp Index.jsp home.jsp Home.jsp index.php Index.php Wiki.jsp wiki.jsp

Accesso sicuro SSL#

Modulo ssl#

abilitare modulo ssl con il comando 
# a2enmod ssl
in apache2.conf impostare 
NameVirtualHost qui:80
NameVirtualHost qui:443
per ulterioni info sull'etichetta qui clicca qui

Virtualhost#

i file virtualhost devono includere le chiamate al servizio ssl.

Esempio 1 : sito intermanete SSL 

<VirtualHost qui:80>
    ServerAdmin log@telnext.it
    ServerName www.nostrosito.it
    DocumentRoot /home/www/www.nostrosito.it/htdocs
    # Per tomcat
    JkMount /*.jsp     wrkr
    JkMount /servlet/* wrkr
    JkMount /manager/* wrkr
    ErrorLog /home/www/www.nostrosito.it/logs/error_log
    CustomLog /home/www/www.nostrosito.it/logs/access_log combined
    HostnameLookups Off
    UseCanonicalName Off
    ServerSignature On
    #   Force clients from the Internet to use HTTPS
    RewriteEngine on
    RewriteRule ^/$ https://www.nostrosito.it/ [R]    
</VirtualHost>
<VirtualHost qui:443>
    ServerAdmin log@telnext.it
    ServerName www.nostrosito.it 
    DocumentRoot /home/www/www.nostrosito.it/htdocs/protected
    # Per tomcat
    JkMount /*.jsp     wrkr
    JkMount /servlet/* wrkr
    JkMount /manager/* wrkr
    ErrorLog /home/www/www.nostrosito.it/logs/error_log
    CustomLog /home/www/www.nostrosito.it/logs/access_log combined
    HostnameLookups Off
    UseCanonicalName Off
    ServerSignature On
    <Directory "/home/www/www.nostrosito.it/htdocs/protected/">
        Options Indexes FollowSymLinks
        AllowOverride None
        Order allow,deny
        Allow from all
    </Directory>
    SSLEngine on
    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
    SSLCertificateFile /root/sec/selfsigned-cert.pem
    SSLCertificateKeyFile /root/sec/rsa-private-key.pem
</VirtualHost>

Esempio 2 : sito solo in parte SSL 

<VirtualHost qui:80>
    ServerAdmin log@telnext.it
    ServerName www.nostrosito.it
    DocumentRoot /home/www/www.nostrosito.it/htdocs
    # Per tomcat
    JkMount /*.jsp     wrkr
    JkMount /servlet/* wrkr
    JkMount /manager/* wrkr
    ErrorLog /home/www/www.nostrosito.it/logs/error_log
    CustomLog /home/www/www.nostrosito.it/logs/access_log combined
    HostnameLookups Off
    UseCanonicalName Off
    ServerSignature On
<Directory "/home/www/www.nostrosito.it/htdocs/protected">
        #   Force clients from the Internet to use HTTPS
        RewriteEngine on
        RewriteRule ^/$ https://www.nostrosito.it/ [R]
        
</Directory>
<Directory "/home/www/www.nostrosito.it/htdocs/">
    Options Indexes FollowSymLinks
    AllowOverride All
    Order allow,deny
    Allow from all
</Directory>
</VirtualHost>
<VirtualHost qui:443>
    ServerAdmin log@telnext.it
    ServerName www.nostrosito.it 
    DocumentRoot /home/www/www.nostrosito.it/htdocs/protected
    # Per tomcat
    JkMount /*.jsp     wrkr
    JkMount /servlet/* wrkr
    JkMount /manager/* wrkr
    ErrorLog /home/www/www.nostrosito.it/logs/error_log
    CustomLog /home/www/www.nostrosito.it/logs/access_log combined
    HostnameLookups Off
    UseCanonicalName Off
    ServerSignature On
    <Directory "/home/www/www.nostrosito.it/htdocs/protected/">
        Options Indexes FollowSymLinks
        AllowOverride None
        Order allow,deny
        Allow from all
    </Directory>
    SSLEngine on
    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
    SSLCertificateFile /root/sec/selfsigned-cert.pem
    SSLCertificateKeyFile /root/sec/rsa-private-key.pem
</VirtualHost>

Add new attachment

Only authorized users are allowed to upload new attachments.
« This particular version was published on 14-Apr-2010 14:30 by Raschetti.