Jump to content
The Uniform Server Community

jdk

Member
  • Posts

    19
  • Joined

  • Last visited

Posts posted by jdk

  1. Hello,

     

    I am working on some new sites and would like to do this:

    1. Public site (Joomla) in WWW root. I would like to enable SSL so that I can set the Joomla global config to run the admin side over ssl.
    2. A separate, private site (Joomla) completely over ssl.

    It seems to me that I should, rather than having a separate SSL directory, use WWW as the SSL root, which would allow me to host both site in WWW, and choose the admin over ssl option for the first and front and backend over ssl for the second.

     

    Has anyone input or advice regarding this?

     

    Many thanks,

     

    Jeff

  2.  

     

    Edit: I've partially solved this. I also needed to enable soap. I've done this, removed the ldap and intl dll files that I added, and commented the php_ldap and php_intl lines in php.ini.

     

    After restarting services, Apache starts properly, but I need to enable the intl and ldap extensions. I downloaded the windows binaries from php.net for version 5.3.5. This is the version shown in phpinfo() I extracted the downloaded file and copied the 2 .dll files from the \ext directory.

     

    However, when I uncomment php_ldap and php_intl in phph.ini, apache fails to start. Have I done something incorrectly?

     

    Thanks,

     

    Jeff

    I have worked out the ldap issue - it was caused by downloading and copying the wrong binaries. I am now using VC6 Thread safe binaries. LDAp loads properly now, but the intl extension continues to crash Apache. The error log simply says ":/Content/TestServers/UniServer5_7_4/UniServer/usr/local/apache2/logs/httpd.pid overwritten -- Unclean shutdown of previous Apache run".

  3. Hello,

    I am using version 5.7.4 to test Moodle 2.0. The pre-installation check tells me that I need to enable the soap and intl extensions. In addition, I need to enable ldap. When I enable them, Apache service fails to start. Only when I comment out the appropriate lines in php.ini, does Apache start properly.

     

    Has anyone advice as to how to solve this problem?

    Many thanks,

    Jeff

     

    Edit: I've partially solved this. I also needed to enable soap. I've done this, removed the ldap and intl dll files that I added, and commented the php_ldap and php_intl lines in php.ini.

     

    After restarting services, Apache starts properly, but I need to enable the intl and ldap extensions. I downloaded the windows binaries from php.net for version 5.3.5. This is the version shown in phpinfo() I extracted the downloaded file and copied the 2 .dll files from the \ext directory.

     

    However, when I uncomment php_ldap and php_intl in phph.ini, apache fails to start. Have I done something incorrectly?

     

    Thanks,

     

    Jeff

  4. Hello,

    I'm using US 5.6.4 to host a number of Joomla sites. My problem is that PHP notices are being written to the log files, generating gargantuan file sizes (4 errors per hit on each site). I realize that yhe best thing to do would be to clean up the code, on which I am working. However, in the meantime, I'd like to suppress notices. As I understand it, I need to edit php.ini to read:

    E_ALL & ~E_NOTICE

    Is this correct?

    Thanks for the help,

    Jeff

  5. In order to use US while PC is logged off you can install US as a Service. This means it is on 24/7 for as long as the PC is on. Starting/Stopping server is not required when installed as a service.

    Thanks for the replies. So, if I use DannyH's solution, then I'll have to restart US in the event of power loss or machine reboot, but if I run US as a service, US would automatically startshould either of these things happen, correct?

    Thanks again,

    Jeff

  6. Hello,

    I have a number of Joomla sites running on US 3.5. I use virtualhost settings to run the sites as a subdomain. Further, within each site, I have set up the admin folder within each site to run over ssl by editing ssl.conf. I'd like to upgrade and use US 5.6, but I am struggling to achieve the same type of setup. It 's set up to run a separate folder for ssl, which is great if I want entire directories to run over ssl, but I would like to house all sites in the www folder, serve them using vhosts, and force the admin subdirectories within each to run over ssl. Can anyone help me to think about this?

    Many thanks,

    Jeff

  7. Thank you for the very clear explanation. All is well now.

    Cheers,

    Jeff ;)

    There is nothing special about CLI once you have extracted Uniform server to a folder you already have it.

     

    The error message from KalturaCE means it cannot find the executable.

    If you are not going to move the servers set the Windows path as follows:

     

    I will assume the path to php5ts.dll is C:\Nano_5_5\UniServer\usr\local\php

    (Substitute your real path) also assume you are using XP

     

    1] Click Start > Click Control Panel double click on System (icon)

    This opens the System Properties window

     

    2] Click on Advanced tab

    3] Click 'Environment Variables' button

    Opens 'Environment Variables' window

     

    4] In the 'System Variables' text box (bottom of window)

    5] Scroll to Variable “Path”

    6] Highlight it (Left mouse click) then click Edit button

    Opens the Edit system variables pop-up

     

    7] Click in the “Variables Values” text box

    8] Using right arrow key navigate to end of this text box

    9] Enter ';' followed by your PHP directory for example:

    ;C:\Nano_5_5\UniServer\usr\local\php

    10] Click OK and restart your computer

     

    All the best

    Ric :)

  8. Greetings,

    I am trying to set up KalturaCE, which requires php-cli. I've looked at the US wiki, but I don't understand how to solve this error:

    You must have php-cli. This is required in order to run batch jobs, etc.

    Please install php-cli and make sure that php executable is in PATH

    WINDOWS users - after adding php executable to the PATH, you will need to restart

    your computer in order for the changes to take effect.

    I realize that I have limited skill and understanding, which is the root of my issue, but if anyone would be so kind as to offer explanation, I would be most appreciative.

    Thanks,

    J

  9. I have just checked this out on a clean install of Mona

     

    Enabled line (576) in UniServer\udrive\usr\local\php\php.ini as shown (removed the semi-colon):

    extension=php_ldap.dll

     

    Ran the servers! I was surprised, they did not fall over, just get a warning in Apache’s log file.

     

    Copied the following file: php-5.2.8-Win32\ext\php_ldap.dll

     

    To folder: UniServer\udrive\usr\local\php\extensions

     

    Restarted the servers, from Apanel selected phpinfo()

    About halfway down the page you will see a section for ldap, this confirms it is enabled.

     

    Does not guarantee that it is working. I have no access to a ldap server hence use an on-line service using this code:

     

    <?php
    $conn = ldap_connect("root.openldap.org","389") or die("Could not connect to server");  // specify LDAP server
    ldap_set_option($conn, LDAP_OPT_PROTOCOL_VERSION, 3);
    $r = ldap_bind($conn) or die("Could not bind to server");   // bind to the LDAP server specified above   
    $result = ldap_search($conn,"dc=openldap,dc=org", "(cn=*)") or die ("Error in search query");  
    ldap_close($conn);
    print "No errors displayed connection was OK";
    ?>

     

    Save it as test.php in folder: UniServer\udrive\www

    Restart the servers and type: http://localhost/test.php into your browser.

     

    All you should see is the line: No errors displayed connection was OK

     

    Any errors then it failed.

     

    All the best

    Ric :)

    Hi,

    I am running US 3.5. I have added the correct.dll file, uncommented in php.ini, but when I run the above script, I receive the Failed to bind message. I can see LDAP in phpinfo. How can I troubleshoot this?

    Many thanks,

    Jeff

  10. might be helpfull, thought im no expert concerning ssl.

     

    see usr\local\apache2\conf\ssl.conf

     

    this looks to me like a template

    <Directory "/ssl"> 
     AllowOverride All
     Order allow,deny 
     Allow from all
     SSLRequireSSL
    </Directory>
    

    SSLRequireSSL is the directive to activate the SSL part

     

    in httpd.conf append that code with your directory defined

    Thanks. I understand that ssl.conf must be set up to point to the site for access via ssl, and that httpd.conf must point to the site via port 80.

     

    I suppose that I am really asking about directories. Are /ssl and /www simply directories with no special attributes? Further, I am wondering in which directory I should set up the site for public access via http and admin access via https, or does it matter?

    Thanks,

    Jeff

  11. Hi,

    I am experimenting with Mona 4.1. Currently, I have a number of Joomla sites set up using ViryualHosts on 3.5 to serve public pages over http, but the admin back end over https. It is very easy to set up an entire site to use ssl on Mona, but I am wondering what is the best way to serve part of a directory over ssl, while serving the remainder over http. Any suggestions?

    Thanks,

    Jeff

  12. Hi Jeff, Thanks for the feedback.

    Originally I thought your scripts were failing hence the request for a small test script, obviously not the problem since it was a loading issue.

     

    What I do not understand are the missing files. I downloaded both zip and exe files from Sourceforge both contain the appropriate files in Apache bin. Have no idea why these are missing from your download.

     

    Assuming the files are missing I can explain why the server runs on your laptop and not on the desktop. When the server starts it looks in Apache bin for the files if not found looks along the Windows paths for them. Note the first ones found are used. I conclude your desktop is a clean machine while the laptop has run either another server or some software that has placed these files in the Windows path.

     

    Uniform Server does not copy any files to the Windows path (prevents any conflicts) this I use to great advantage when testing. For example I know on my Windows path there are “g” versions of these files while Mona uses “j” versions. From Apanel select phpinfo(), scan down the pages to the “curl” section, should show its enables and what version of of OpenSSL is being used for Mona it’s OpenSSL/0.9.8j

     

    Thought the above information may be of use.

     

    All the best

    Ric :)

    Thanks Ric. My download of Mona was not missing the files, I just didn't know where to look. However, they may not be the correct version. The ones in the download are 0.9.8.10 When I replaced them with 0.9.8.9, CURL loaded.

     

    Anyway, thanks for the help andf for sharing this great server!

     

    Jeff :)

  13. I am at home now and do not have remote access to the server. I plan to work on this tomorrow. What script would be useful for you to see?

     

    It's odd, I downloaded a clean version of Mona. Curl loads fine on my laptop, but when I move the server to my desktop, curl does not load. I will post more tomorrow.

    Thanks,

    Jeff

     

    This has been solved by placing the two dll files as described by Ric above. Because these files were not there, CURL and LDAP did not load correctly. Now they do.

     

    I was working on my installation of Moodle 1.9.4, setting it up for self-registration via email. including re-captcha. These would not work without CURL. Now it is working beautifully. Many thanks!

     

    Jeff:)

  14. They should be placed in folder UniServer\udrive\usr\local\apache2\bin

     

    I would be interested in the code that failed can you post a small test script?

     

    All the best

    Ric :)

     

    I am at home now and do not have remote access to the server. I plan to work on this tomorrow. What script would be useful for you to see?

     

    It's odd, I downloaded a clean version of Mona. Curl loads fine on my laptop, but when I move the server to my desktop, curl does not load. I will post more tomorrow.

    Thanks,

    Jeff

  15. Where can I get 5.2.8 binary or these.dll files?

    Thanks,

    Jeff

    I found it here. But.....where should these two dll files go? I have curl and ldap working on my test setup, but I can't get it to work on my production server. These two dll files are in my Windows/System32 directory. Is this the proper place for them?

    Thanks,

    Jeff

  16. Problem solved. I inserted a virtualhost directive first in the list for default_secure. Now, I am running my Joomla sites over port 80 with users and administrators l9ogging in ssl port 443. If you took the time to read this - please accept my apology for taking up your time. I am bumbling through this and slowly learning.

     

    Cheers!!

     

    J

     

    First, thank you for sharing Uniform Server. It is great!

     

    I have used Uniform Server to set up 5 Joomla powered sites on one IP address using name based virtualhosts. I am attempting to set it up so that the sites are served via port 80, but allow login and administrator (backend) access via ssl port 443. I have read and followed the example on the wiki. I installed mod_ssl using the file posted. I edited httpd.conf to specify that the virtualhosts use port 80 by appending ":80" to each virtualhost. I edited ssl.conf using the examples provided, removing the default_secure virtualhost, and adding virtualhosts for each of my sites. I comented out Require valid-user for each.

     

    My problem: When I try to access the first virtualhost site via ssl, I am taken to the login for the second site's login page.

     

    I would be most appreciative for any input.

     

    Thanks,

     

    J

    My ssl.conf looks like this:

     

    =====================================================================

     

    #################### Global SSL ##########################

    Listen 443

    #== Some MIME-types for downloading Certificates and CRLs

    AddType application/x-x509-ca-cert .crt

    AddType application/x-pkcs7-crl .crl

     

    #== Pass Phrase Dialog:(`builtin' is a internal terminal dialog)

    SSLPassPhraseDialog builtin

     

    #== Inter-Process Session Cache:

     

    ##SSLSessionCache none

    ##SSLSessionCacheTimeout 300

     

    SSLSessionCache shmcb:logs/ssl_scache(512000)

    SSLSessionCacheTimeout 300

     

    #== SSL engine uses internally for inter-process synchronization.

    SSLMutex default

     

    #== Pseudo Random Number Generator (PRNG):

     

    SSLRandomSeed startup builtin

    SSLRandomSeed connect builtin

    ########### SSL Virtual Host ############################

     

    NameVirtualHost domain:443

     

    <VirtualHost domain:443>

     

    ServerName domain

    DocumentRoot /www/folder1

    ServerAdmin you@example.com

     

    ErrorLog logs/error_ssl.log

    TransferLog logs/access_ssl.log

     

    #== SSL Engine Switch:

    SSLEngine on

     

    #== SSL Cipher Suite:

    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

    SSLProtocol all -SSLv2

     

    #== Server Certificate:

    SSLCertificateFile conf/ssl.crt/server.crt

     

    #== Server Private Key:

    SSLCertificateKeyFile conf/ssl.key/server.key

     

    # This enables optimized SSL connection renegotiation handling when SSL

    # directives are used in per-directory context.

     

    #== SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire

    <FilesMatch "\.(cgi|shtml|phtml|php3?)$">

    SSLOptions +StdEnvVars

    </FilesMatch>

     

    <Directory "/home/admin/www/cgi-bin/">

    SSLOptions +StdEnvVars

    </Directory>

     

    #== Basic authentication

     

    <Directory "/www/folder1">

    AuthName "Uniform Server - Unicenter Demo Server Access"

    AuthType Basic

    AuthUserFile /htpasswd/modsslpass/.htpasswd

    #Require valid-user

    </Directory>

    #== Most problems of broken clients are related to the HTTP

    # keep-alive facility. Disable keep-alive for those clients.

    SetEnvIf User-Agent ".*MSIE.*" \

    nokeepalive ssl-unclean-shutdown \

    downgrade-1.0 force-response-1.0

     

    #== Per-Server Logging:

    # The home of a custom SSL log file. Use this when you want a

    # compact non-error SSL logfile on a virtual host basis.

    CustomLog logs/ssl_request.log \

    "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

    </VirtualHost>

    ##############################################################

     

    NameVirtualHost site2.domain:443

     

    <VirtualHost site2.domain:443>

     

    ServerName site2.domain

    DocumentRoot /www/folder1

    ServerAdmin you@example.com

     

    ErrorLog logs/error_ssl.log

    TransferLog logs/access_ssl.log

     

    #== SSL Engine Switch:

    SSLEngine on

     

    #== SSL Cipher Suite:

    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

    SSLProtocol all -SSLv2

     

    #== Server Certificate:

    SSLCertificateFile conf/ssl.crt/server.crt

     

    #== Server Private Key:

    SSLCertificateKeyFile conf/ssl.key/server.key

     

    # This enables optimized SSL connection renegotiation handling when SSL

    # directives are used in per-directory context.

     

    #== SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire

    <FilesMatch "\.(cgi|shtml|phtml|php3?)$">

    SSLOptions +StdEnvVars

    </FilesMatch>

     

    <Directory "/home/admin/www/cgi-bin/">

    SSLOptions +StdEnvVars

    </Directory>

     

    #== Basic authentication

     

    <Directory "/www/folder2">

    AuthName "Uniform Server - Unicenter Demo Server Access"

    AuthType Basic

    AuthUserFile /htpasswd/modsslpass/.htpasswd

    #Require valid-user

    </Directory>

    #== Most problems of broken clients are related to the HTTP

    # keep-alive facility. Disable keep-alive for those clients.

    SetEnvIf User-Agent ".*MSIE.*" \

    nokeepalive ssl-unclean-shutdown \

    downgrade-1.0 force-response-1.0

     

    #== Per-Server Logging:

    # The home of a custom SSL log file. Use this when you want a

    # compact non-error SSL logfile on a virtual host basis.

    CustomLog logs/ssl_request.log \

    "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

    </VirtualHost>

     

    ##############################################################

     

    NameVirtualHost site3.domain:443

     

    <VirtualHost site3.domain:443>

     

    ServerName site3.domain

    DocumentRoot /www/folder3

    ServerAdmin you@example.com

     

    ErrorLog logs/error_ssl.log

    TransferLog logs/access_ssl.log

     

    #== SSL Engine Switch:

    SSLEngine on

     

    #== SSL Cipher Suite:

    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

    SSLProtocol all -SSLv2

     

    #== Server Certificate:

    SSLCertificateFile conf/ssl.crt/server.crt

     

    #== Server Private Key:

    SSLCertificateKeyFile conf/ssl.key/server.key

     

    # This enables optimized SSL connection renegotiation handling when SSL

    # directives are used in per-directory context.

     

    #== SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire

    <FilesMatch "\.(cgi|shtml|phtml|php3?)$">

    SSLOptions +StdEnvVars

    </FilesMatch>

     

    <Directory "/home/admin/www/cgi-bin/">

    SSLOptions +StdEnvVars

    </Directory>

     

    #== Basic authentication

     

    <Directory "/www/folder3">

    AuthName "Uniform Server - Unicenter Demo Server Access"

    AuthType Basic

    AuthUserFile /htpasswd/modsslpass/.htpasswd

    #Require valid-user

    </Directory>

    #== Most problems of broken clients are related to the HTTP

    # keep-alive facility. Disable keep-alive for those clients.

    SetEnvIf User-Agent ".*MSIE.*" \

    nokeepalive ssl-unclean-shutdown \

    downgrade-1.0 force-response-1.0

     

    #== Per-Server Logging:

    # The home of a custom SSL log file. Use this when you want a

    # compact non-error SSL logfile on a virtual host basis.

    CustomLog logs/ssl_request.log \

    "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

    </VirtualHost>

    ==========================================================================================

    ##############################################################

     

    NameVirtualHost site4.domain:443

     

    <VirtualHost site4.domain:443>

     

    ServerName site4.domain

    DocumentRoot /www/folder4

    ServerAdmin you@example.com

     

    ErrorLog logs/error_ssl.log

    TransferLog logs/access_ssl.log

     

    #== SSL Engine Switch:

    SSLEngine on

     

    #== SSL Cipher Suite:

    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

    SSLProtocol all -SSLv2

     

    #== Server Certificate:

    SSLCertificateFile conf/ssl.crt/server.crt

     

    #== Server Private Key:

    SSLCertificateKeyFile conf/ssl.key/server.key

     

    # This enables optimized SSL connection renegotiation handling when SSL

    # directives are used in per-directory context.

     

    #== SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire

    <FilesMatch "\.(cgi|shtml|phtml|php3?)$">

    SSLOptions +StdEnvVars

    </FilesMatch>

     

    <Directory "/home/admin/www/cgi-bin/">

    SSLOptions +StdEnvVars

    </Directory>

     

    #== Basic authentication

     

    <Directory "/www/folder4">

    AuthName "Uniform Server - Unicenter Demo Server Access"

    AuthType Basic

    AuthUserFile /htpasswd/modsslpass/.htpasswd

    #Require valid-user

    </Directory>

    #== Most problems of broken clients are related to the HTTP

    # keep-alive facility. Disable keep-alive for those clients.

    SetEnvIf User-Agent ".*MSIE.*" \

    nokeepalive ssl-unclean-shutdown \

    downgrade-1.0 force-response-1.0

     

    #== Per-Server Logging:

    # The home of a custom SSL log file. Use this when you want a

    # compact non-error SSL logfile on a virtual host basis.

    CustomLog logs/ssl_request.log \

    "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

    </VirtualHost>

    ==============================================================================

    ##############################################################

     

    NameVirtualHost site5.domain:443

     

    <VirtualHost site5.domain:443>

     

    ServerName site5.domain

    DocumentRoot /www/folder5

    ServerAdmin you@example.com

     

    ErrorLog logs/error_ssl.log

    TransferLog logs/access_ssl.log

     

    #== SSL Engine Switch:

    SSLEngine on

     

    #== SSL Cipher Suite:

    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

    SSLProtocol all -SSLv2

     

    #== Server Certificate:

    SSLCertificateFile conf/ssl.crt/server.crt

     

    #== Server Private Key:

    SSLCertificateKeyFile conf/ssl.key/server.key

     

    # This enables optimized SSL connection renegotiation handling when SSL

    # directives are used in per-directory context.

     

    #== SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire

    <FilesMatch "\.(cgi|shtml|phtml|php3?)$">

    SSLOptions +StdEnvVars

    </FilesMatch>

     

    <Directory "/home/admin/www/cgi-bin/">

    SSLOptions +StdEnvVars

    </Directory>

     

    #== Basic authentication

     

    <Directory "/www/folder5">

    AuthName "Uniform Server - Unicenter Demo Server Access"

    AuthType Basic

    AuthUserFile /htpasswd/modsslpass/.htpasswd

    #Require valid-user

    </Directory>

    #== Most problems of broken clients are related to the HTTP

    # keep-alive facility. Disable keep-alive for those clients.

    SetEnvIf User-Agent ".*MSIE.*" \

    nokeepalive ssl-unclean-shutdown \

    downgrade-1.0 force-response-1.0

     

    #== Per-Server Logging:

    # The home of a custom SSL log file. Use this when you want a

    # compact non-error SSL logfile on a virtual host basis.

    CustomLog logs/ssl_request.log \

    "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

    </VirtualHost>

     

    =======================================================

  17. First, thank you for sharing Uniform Server. It is great!

     

    I have used Uniform Server to set up 5 Joomla powered sites on one IP address using name based virtualhosts. I am attempting to set it up so that the sites are served via port 80, but allow login and administrator (backend) access via ssl port 443. I have read and followed the example on the wiki. I installed mod_ssl using the file posted. I edited httpd.conf to specify that the virtualhosts use port 80 by appending ":80" to each virtualhost. I edited ssl.conf using the examples provided, removing the default_secure virtualhost, and adding virtualhosts for each of my sites. I comented out Require valid-user for each.

     

    My problem: When I try to access the first virtualhost site via ssl, I am taken to the login for the second site's login page.

     

    I would be most appreciative for any input.

     

    Thanks,

     

    J

    My ssl.conf looks like this:

     

    =====================================================================

     

    #################### Global SSL ##########################

    Listen 443

    #== Some MIME-types for downloading Certificates and CRLs

    AddType application/x-x509-ca-cert .crt

    AddType application/x-pkcs7-crl .crl

     

    #== Pass Phrase Dialog:(`builtin' is a internal terminal dialog)

    SSLPassPhraseDialog builtin

     

    #== Inter-Process Session Cache:

     

    ##SSLSessionCache none

    ##SSLSessionCacheTimeout 300

     

    SSLSessionCache shmcb:logs/ssl_scache(512000)

    SSLSessionCacheTimeout 300

     

    #== SSL engine uses internally for inter-process synchronization.

    SSLMutex default

     

    #== Pseudo Random Number Generator (PRNG):

     

    SSLRandomSeed startup builtin

    SSLRandomSeed connect builtin

     

     

     

    ########### SSL Virtual Host ############################

     

    NameVirtualHost domain:443

     

    <VirtualHost domain:443>

     

    ServerName domain

    DocumentRoot /www/folder1

    ServerAdmin you@example.com

     

    ErrorLog logs/error_ssl.log

    TransferLog logs/access_ssl.log

     

    #== SSL Engine Switch:

    SSLEngine on

     

    #== SSL Cipher Suite:

    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

    SSLProtocol all -SSLv2

     

    #== Server Certificate:

    SSLCertificateFile conf/ssl.crt/server.crt

     

    #== Server Private Key:

    SSLCertificateKeyFile conf/ssl.key/server.key

     

    # This enables optimized SSL connection renegotiation handling when SSL

    # directives are used in per-directory context.

     

    #== SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire

    <FilesMatch "\.(cgi|shtml|phtml|php3?)$">

    SSLOptions +StdEnvVars

    </FilesMatch>

     

    <Directory "/home/admin/www/cgi-bin/">

    SSLOptions +StdEnvVars

    </Directory>

     

    #== Basic authentication

     

    <Directory "/www/folder1">

    AuthName "Uniform Server - Unicenter Demo Server Access"

    AuthType Basic

    AuthUserFile /htpasswd/modsslpass/.htpasswd

    #Require valid-user

    </Directory>

     

     

    #== Most problems of broken clients are related to the HTTP

    # keep-alive facility. Disable keep-alive for those clients.

    SetEnvIf User-Agent ".*MSIE.*" \

    nokeepalive ssl-unclean-shutdown \

    downgrade-1.0 force-response-1.0

     

    #== Per-Server Logging:

    # The home of a custom SSL log file. Use this when you want a

    # compact non-error SSL logfile on a virtual host basis.

    CustomLog logs/ssl_request.log \

    "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

     

     

    </VirtualHost>

     

     

    ##############################################################

     

    NameVirtualHost site2.domain:443

     

    <VirtualHost site2.domain:443>

     

    ServerName site2.domain

    DocumentRoot /www/folder1

    ServerAdmin you@example.com

     

    ErrorLog logs/error_ssl.log

    TransferLog logs/access_ssl.log

     

    #== SSL Engine Switch:

    SSLEngine on

     

    #== SSL Cipher Suite:

    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

    SSLProtocol all -SSLv2

     

    #== Server Certificate:

    SSLCertificateFile conf/ssl.crt/server.crt

     

    #== Server Private Key:

    SSLCertificateKeyFile conf/ssl.key/server.key

     

    # This enables optimized SSL connection renegotiation handling when SSL

    # directives are used in per-directory context.

     

    #== SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire

    <FilesMatch "\.(cgi|shtml|phtml|php3?)$">

    SSLOptions +StdEnvVars

    </FilesMatch>

     

    <Directory "/home/admin/www/cgi-bin/">

    SSLOptions +StdEnvVars

    </Directory>

     

    #== Basic authentication

     

    <Directory "/www/folder2">

    AuthName "Uniform Server - Unicenter Demo Server Access"

    AuthType Basic

    AuthUserFile /htpasswd/modsslpass/.htpasswd

    #Require valid-user

    </Directory>

     

     

    #== Most problems of broken clients are related to the HTTP

    # keep-alive facility. Disable keep-alive for those clients.

    SetEnvIf User-Agent ".*MSIE.*" \

    nokeepalive ssl-unclean-shutdown \

    downgrade-1.0 force-response-1.0

     

    #== Per-Server Logging:

    # The home of a custom SSL log file. Use this when you want a

    # compact non-error SSL logfile on a virtual host basis.

    CustomLog logs/ssl_request.log \

    "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

     

     

    </VirtualHost>

     

    ##############################################################

     

    NameVirtualHost site3.domain:443

     

    <VirtualHost site3.domain:443>

     

    ServerName site3.domain

    DocumentRoot /www/folder3

    ServerAdmin you@example.com

     

    ErrorLog logs/error_ssl.log

    TransferLog logs/access_ssl.log

     

    #== SSL Engine Switch:

    SSLEngine on

     

    #== SSL Cipher Suite:

    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

    SSLProtocol all -SSLv2

     

    #== Server Certificate:

    SSLCertificateFile conf/ssl.crt/server.crt

     

    #== Server Private Key:

    SSLCertificateKeyFile conf/ssl.key/server.key

     

    # This enables optimized SSL connection renegotiation handling when SSL

    # directives are used in per-directory context.

     

    #== SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire

    <FilesMatch "\.(cgi|shtml|phtml|php3?)$">

    SSLOptions +StdEnvVars

    </FilesMatch>

     

    <Directory "/home/admin/www/cgi-bin/">

    SSLOptions +StdEnvVars

    </Directory>

     

    #== Basic authentication

     

    <Directory "/www/folder3">

    AuthName "Uniform Server - Unicenter Demo Server Access"

    AuthType Basic

    AuthUserFile /htpasswd/modsslpass/.htpasswd

    #Require valid-user

    </Directory>

     

     

    #== Most problems of broken clients are related to the HTTP

    # keep-alive facility. Disable keep-alive for those clients.

    SetEnvIf User-Agent ".*MSIE.*" \

    nokeepalive ssl-unclean-shutdown \

    downgrade-1.0 force-response-1.0

     

    #== Per-Server Logging:

    # The home of a custom SSL log file. Use this when you want a

    # compact non-error SSL logfile on a virtual host basis.

    CustomLog logs/ssl_request.log \

    "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

     

     

    </VirtualHost>

    ==========================================================================================

    ##############################################################

     

    NameVirtualHost site4.domain:443

     

    <VirtualHost site4.domain:443>

     

    ServerName site4.domain

    DocumentRoot /www/folder4

    ServerAdmin you@example.com

     

    ErrorLog logs/error_ssl.log

    TransferLog logs/access_ssl.log

     

    #== SSL Engine Switch:

    SSLEngine on

     

    #== SSL Cipher Suite:

    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

    SSLProtocol all -SSLv2

     

    #== Server Certificate:

    SSLCertificateFile conf/ssl.crt/server.crt

     

    #== Server Private Key:

    SSLCertificateKeyFile conf/ssl.key/server.key

     

    # This enables optimized SSL connection renegotiation handling when SSL

    # directives are used in per-directory context.

     

    #== SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire

    <FilesMatch "\.(cgi|shtml|phtml|php3?)$">

    SSLOptions +StdEnvVars

    </FilesMatch>

     

    <Directory "/home/admin/www/cgi-bin/">

    SSLOptions +StdEnvVars

    </Directory>

     

    #== Basic authentication

     

    <Directory "/www/folder4">

    AuthName "Uniform Server - Unicenter Demo Server Access"

    AuthType Basic

    AuthUserFile /htpasswd/modsslpass/.htpasswd

    #Require valid-user

    </Directory>

     

     

    #== Most problems of broken clients are related to the HTTP

    # keep-alive facility. Disable keep-alive for those clients.

    SetEnvIf User-Agent ".*MSIE.*" \

    nokeepalive ssl-unclean-shutdown \

    downgrade-1.0 force-response-1.0

     

    #== Per-Server Logging:

    # The home of a custom SSL log file. Use this when you want a

    # compact non-error SSL logfile on a virtual host basis.

    CustomLog logs/ssl_request.log \

    "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

     

     

    </VirtualHost>

    ==============================================================================

    ##############################################################

     

    NameVirtualHost site5.domain:443

     

    <VirtualHost site5.domain:443>

     

    ServerName site5.domain

    DocumentRoot /www/folder5

    ServerAdmin you@example.com

     

    ErrorLog logs/error_ssl.log

    TransferLog logs/access_ssl.log

     

    #== SSL Engine Switch:

    SSLEngine on

     

    #== SSL Cipher Suite:

    SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

    SSLProtocol all -SSLv2

     

    #== Server Certificate:

    SSLCertificateFile conf/ssl.crt/server.crt

     

    #== Server Private Key:

    SSLCertificateKeyFile conf/ssl.key/server.key

     

    # This enables optimized SSL connection renegotiation handling when SSL

    # directives are used in per-directory context.

     

    #== SSLOptions +FakeBasicAuth +ExportCertData +CompatEnvVars +StrictRequire

    <FilesMatch "\.(cgi|shtml|phtml|php3?)$">

    SSLOptions +StdEnvVars

    </FilesMatch>

     

    <Directory "/home/admin/www/cgi-bin/">

    SSLOptions +StdEnvVars

    </Directory>

     

    #== Basic authentication

     

    <Directory "/www/folder5">

    AuthName "Uniform Server - Unicenter Demo Server Access"

    AuthType Basic

    AuthUserFile /htpasswd/modsslpass/.htpasswd

    #Require valid-user

    </Directory>

     

     

    #== Most problems of broken clients are related to the HTTP

    # keep-alive facility. Disable keep-alive for those clients.

    SetEnvIf User-Agent ".*MSIE.*" \

    nokeepalive ssl-unclean-shutdown \

    downgrade-1.0 force-response-1.0

     

    #== Per-Server Logging:

    # The home of a custom SSL log file. Use this when you want a

    # compact non-error SSL logfile on a virtual host basis.

    CustomLog logs/ssl_request.log \

    "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"

     

     

    </VirtualHost>

     

    =======================================================

×
×
  • Create New...