1 |
nmav |
1.1 |
# Boa v0.94 configuration file |
2 |
|
|
# File format has not changed from 0.93 |
3 |
|
|
# File format has changed little from 0.92 |
4 |
|
|
# version changes are noted in the comments |
5 |
|
|
# |
6 |
|
|
# The Boa configuration file is parsed with a lex/yacc or flex/bison |
7 |
|
|
# generated parser. If it reports an error, the line number will be |
8 |
|
|
# provided; it should be easy to spot. The syntax of each of these |
9 |
|
|
# rules is very simple, and they can occur in any order. Where possible |
10 |
|
|
# these directives mimic those of NCSA httpd 1.3; I saw no reason to |
11 |
|
|
# introduce gratuitous differences. |
12 |
|
|
|
13 |
nmav |
1.7 |
# $Id: boa.conf,v 1.6 2002/09/25 06:42:34 nmav Exp $ |
14 |
nmav |
1.1 |
|
15 |
|
|
# The "ServerRoot" is not in this configuration file. It can be compiled |
16 |
|
|
# into the server (see defines.h) or specified on the command line with |
17 |
|
|
# the -c option, for example: |
18 |
|
|
# |
19 |
|
|
# boa -c /usr/local/boa |
20 |
|
|
|
21 |
|
|
# number of threads to spawn |
22 |
nmav |
1.5 |
Threads 5 |
23 |
nmav |
1.1 |
|
24 |
|
|
# maximum connections (per thread) |
25 |
|
|
#MaxConnections 0 |
26 |
|
|
|
27 |
|
|
|
28 |
|
|
# Port: The port Boa runs on. The default port for http servers is 80. |
29 |
|
|
# If it is less than 1024, the server must be started as root. |
30 |
|
|
|
31 |
|
|
Port 80 |
32 |
|
|
|
33 |
|
|
# Listen: the Internet address to bind(2) to. If you leave it out, |
34 |
|
|
# it takes the behavior before 0.93.17.2, which is to bind to all |
35 |
|
|
# addresses (INADDR_ANY). You only get one "Listen" directive, |
36 |
|
|
# if you want service on multiple IP addresses, you have three choices: |
37 |
|
|
# 1. Run boa without a "Listen" directive |
38 |
|
|
# a. All addresses are treated the same; makes sense if the addresses |
39 |
|
|
# are localhost, ppp, and eth0. |
40 |
|
|
# b. Use the VirtualHost directive below to point requests to different |
41 |
|
|
# files. Should be good for a very large number of addresses (web |
42 |
|
|
# hosting clients). |
43 |
|
|
# 2. Run one copy of boa per IP address, each has its own configuration |
44 |
|
|
# with a "Listen" directive. No big deal up to a few tens of addresses. |
45 |
|
|
# Nice separation between clients. |
46 |
|
|
# The name you provide gets run through inet_aton(3), so you have to use dotted |
47 |
|
|
# quad notation. This configuration is too important to trust some DNS. |
48 |
|
|
|
49 |
|
|
#Listen 192.68.0.5 |
50 |
|
|
|
51 |
|
|
# User: The name or UID the server should run as. |
52 |
|
|
# Group: The group name or GID the server should run as. |
53 |
|
|
|
54 |
|
|
User nobody |
55 |
|
|
Group nogroup |
56 |
|
|
|
57 |
|
|
# ServerAdmin: The email address where server problems should be sent. |
58 |
|
|
# Note: this is not currently used, except as an environment variable |
59 |
|
|
# for CGIs. |
60 |
|
|
|
61 |
|
|
#ServerAdmin root@localhost |
62 |
|
|
|
63 |
|
|
# ErrorLog: The location of the error log file. If this does not start |
64 |
|
|
# with /, it is considered relative to the server root. |
65 |
|
|
# Set to /dev/null if you don't want errors logged. |
66 |
|
|
# If unset, defaults to /dev/stderr |
67 |
|
|
|
68 |
|
|
ErrorLog /var/log/boa/error_log |
69 |
|
|
# Please NOTE: Sending the logs to a pipe ('|'), as shown below, |
70 |
|
|
# is somewhat experimental and might fail under heavy load. |
71 |
|
|
# "Usual libc implementations of printf will stall the whole |
72 |
|
|
# process if the receiving end of a pipe stops reading." |
73 |
|
|
#ErrorLog "|/usr/sbin/cronolog --symlink=/var/log/boa/error_log /var/log/boa/error-%Y%m%d.log" |
74 |
|
|
|
75 |
|
|
# AccessLog: The location of the access log file. If this does not |
76 |
|
|
# start with /, it is considered relative to the server root. |
77 |
|
|
# Comment out or set to /dev/null (less effective) to disable |
78 |
|
|
# Access logging. |
79 |
|
|
|
80 |
|
|
AccessLog /var/log/boa/access_log |
81 |
|
|
# Please NOTE: Sending the logs to a pipe ('|'), as shown below, |
82 |
|
|
# is somewhat experimental and might fail under heavy load. |
83 |
|
|
# "Usual libc implementations of printf will stall the whole |
84 |
|
|
# process if the receiving end of a pipe stops reading." |
85 |
|
|
#AccessLog "|/usr/sbin/cronolog --symlink=/var/log/boa/access_log /var/log/boa/access-%Y%m%d.log" |
86 |
|
|
|
87 |
|
|
# UseLocaltime: Logical switch. Uncomment to use localtime |
88 |
|
|
# instead of UTC time |
89 |
|
|
#UseLocaltime |
90 |
|
|
|
91 |
|
|
# VerboseCGILogs: this is just a logical switch. |
92 |
|
|
# It simply notes the start and stop times of cgis in the error log |
93 |
|
|
# Comment out to disable. |
94 |
|
|
|
95 |
|
|
#VerboseCGILogs |
96 |
|
|
|
97 |
|
|
# ServerName: the name of this server that should be sent back to |
98 |
|
|
# clients if different than that returned by gethostname + gethostbyname |
99 |
|
|
|
100 |
|
|
#ServerName www.your.org.here |
101 |
|
|
|
102 |
nmav |
1.3 |
# VirtualHost: Setup any virtual hosts (host based) |
103 |
nmav |
1.1 |
# Comment out to disable. |
104 |
nmav |
1.3 |
# It needs to specify the HostName, the IP (use '*' if all), |
105 |
|
|
# the DocumentRoot and the UserDir (if any). |
106 |
|
|
# UserDir ist he name of the directory which is appended onto a user's home |
107 |
|
|
# directory if a ~user request is recieved. |
108 |
|
|
# |
109 |
|
|
# Example: |
110 |
|
|
# VirtualHost www.dot.com * /var/www public_html |
111 |
|
|
# VirtualHost www.dot.com 127.0.0.1 /var/www "" |
112 |
nmav |
1.1 |
# |
113 |
|
|
|
114 |
nmav |
1.3 |
#VirtualHost www.dot.com * /var/www "" |
115 |
nmav |
1.1 |
|
116 |
|
|
# DocumentRoot: The root directory of the HTML documents. |
117 |
|
|
# Comment out to disable server non user files. |
118 |
nmav |
1.4 |
# |
119 |
|
|
# Note that if VirtualHost is enabled, this will be the fallback |
120 |
|
|
# for the clients that did not supply any host. |
121 |
nmav |
1.1 |
|
122 |
|
|
DocumentRoot /var/www |
123 |
|
|
|
124 |
|
|
# DirectoryIndex: Name of the file to use as a pre-written HTML |
125 |
|
|
# directory index. Please MAKE AND USE THESE FILES. On the |
126 |
|
|
# fly creation of directory indexes can be _slow_. |
127 |
|
|
# Comment out to always use DirectoryMaker |
128 |
|
|
|
129 |
|
|
DirectoryIndex index.html |
130 |
|
|
|
131 |
|
|
# DirectoryMaker: Name of program used to create a directory listing. |
132 |
|
|
# Comment out to disable directory listings. If both this and |
133 |
|
|
# DirectoryIndex are commented out, accessing a directory will give |
134 |
|
|
# an error (though accessing files in the directory are still ok). |
135 |
|
|
|
136 |
|
|
DirectoryMaker /usr/lib/boa/boa_indexer |
137 |
|
|
|
138 |
|
|
# DirectoryCache: If DirectoryIndex doesn't exist, and DirectoryMaker |
139 |
|
|
# has been commented out, the the on-the-fly indexing of Boa can be used |
140 |
|
|
# to generate indexes of directories. Be warned that the output is |
141 |
|
|
# extremely minimal and can cause delays when slow disks are used. |
142 |
|
|
# Note: The DirectoryCache must be writable by the same user/group that |
143 |
|
|
# Boa runs as. |
144 |
|
|
|
145 |
|
|
# DirectoryCache /var/spool/boa/dircache |
146 |
|
|
|
147 |
|
|
# KeepAliveMax: Number of KeepAlive requests to allow per connection |
148 |
|
|
# Comment out, or set to 0 to disable keepalive processing |
149 |
|
|
|
150 |
|
|
KeepAliveMax 1000 |
151 |
|
|
|
152 |
|
|
# KeepAliveTimeout: seconds to wait before keepalive connection times out |
153 |
|
|
|
154 |
|
|
KeepAliveTimeout 10 |
155 |
|
|
|
156 |
|
|
# MimeTypes: This is the file that is used to generate mime type pairs |
157 |
|
|
# and Content-Type fields for boa. |
158 |
|
|
# Set to /dev/null if you do not want to load a mime types file. |
159 |
|
|
# Do *not* comment out (better use AddType!) |
160 |
|
|
|
161 |
|
|
MimeTypes /etc/mime.types |
162 |
|
|
|
163 |
|
|
# DefaultType: MIME type used if the file extension is unknown, or there |
164 |
|
|
# is no file extension. |
165 |
|
|
|
166 |
|
|
DefaultType text/plain |
167 |
|
|
|
168 |
|
|
# CGIPath: The value of the $PATH environment variable given to CGI progs. |
169 |
|
|
|
170 |
|
|
CGIPath /bin:/usr/bin:/usr/local/bin |
171 |
|
|
|
172 |
|
|
# SinglePostLimit: The maximum allowable number of bytes in |
173 |
|
|
# a single POST. Default is normally 1MB. |
174 |
|
|
|
175 |
|
|
# AddType: adds types without editing mime.types |
176 |
|
|
# Example: AddType type extension [extension ...] |
177 |
|
|
|
178 |
|
|
# Uncomment the next line if you want .cgi files to execute from anywhere |
179 |
|
|
#AddType application/x-httpd-cgi cgi |
180 |
|
|
|
181 |
|
|
# Redirect, Alias, and ScriptAlias all have the same semantics -- they |
182 |
|
|
# match the beginning of a request and take appropriate action. Use |
183 |
|
|
# Redirect for other servers, Alias for the same server, and ScriptAlias |
184 |
|
|
# to enable directories for script execution. |
185 |
|
|
|
186 |
|
|
# Redirect allows you to tell clients about documents which used to exist in |
187 |
|
|
# your server's namespace, but do not anymore. This allows you to tell the |
188 |
|
|
# clients where to look for the relocated document. |
189 |
nmav |
1.6 |
# Example: Redirect www.ourhost.com /bar http://elsewhere/feh/bar |
190 |
nmav |
1.1 |
|
191 |
|
|
# Aliases: Aliases one path to another. |
192 |
nmav |
1.6 |
# Example: Alias www.ourhost.com /path1/bar /absolute/path2/foo |
193 |
nmav |
1.1 |
|
194 |
nmav |
1.6 |
#Alias www.localhost.com /doc /usr/doc |
195 |
nmav |
1.1 |
|
196 |
|
|
# ScriptAlias: Maps a virtual path to a directory for serving scripts |
197 |
nmav |
1.6 |
# Example: ScriptAlias www.ourhost.com /htbin/ /www/htbin/ |
198 |
nmav |
1.1 |
|
199 |
nmav |
1.6 |
#ScriptAlias www.localhost.com /cgi-bin/ /usr/lib/cgi-bin/ |
200 |
nmav |
1.1 |
|
201 |
nmav |
1.2 |
# non zero enables SSL support |
202 |
|
|
# 1: only SSL support |
203 |
|
|
# 2: both SSL and non SSL ports |
204 |
|
|
SSL 2 |
205 |
|
|
|
206 |
|
|
# The port where the SSL server will listen on |
207 |
|
|
SSLPort 4443 |
208 |
|
|
|
209 |
|
|
# read the certificate from |
210 |
|
|
SSLCertificate cert.pem |
211 |
|
|
|
212 |
|
|
# read the private key from |
213 |
|
|
SSLKey key.pem |
214 |
|
|
|
215 |
|
|
# Number of sessions to cache. This is to support session resuming. |
216 |
|
|
# Set to 0 to disable. |
217 |
|
|
SSLSessionCache 40 |
218 |
|
|
|
219 |
|
|
# After this time (in seconds) has passed, the stored SSL sessions |
220 |
|
|
# will be expired, and will not be resumed. |
221 |
|
|
SSLSessionTimeout 3600 #one hour |
222 |
|
|
|
223 |
|
|
# Set the prime bits used in Diffie Hellman authentication. The parameters |
224 |
|
|
# are only generated if the DHE ciphersuites are enabled. |
225 |
|
|
# Value should be one of 768, 1024, 2048, 4096 |
226 |
|
|
SSLDHBits 768 |
227 |
|
|
|
228 |
|
|
# The period when the generated parameters are valid. After that period |
229 |
|
|
# boa will regenerate parameters. |
230 |
|
|
SSLParamsRefresh 172800 #two days |
231 |
|
|
|
232 |
|
|
# A comma separated list of the SSL ciphers. Valid selections are: |
233 |
|
|
# ARCFOUR-128, ARCFOUR-40, 3DES, AES |
234 |
|
|
# Note that ARCFOUR-40 is a weak algorithm. |
235 |
|
|
SSLCiphers "AES, 3DES, ARCFOUR-128, ARCFOUR-40" |
236 |
|
|
|
237 |
|
|
# A comma separated list of the SSL key exchange methods. Valid selections |
238 |
|
|
# are: RSA, DHE-RSA, DHE-DSS, RSA-EXPORT |
239 |
|
|
# Note that RSA-EXPORT is a weak algorithm. |
240 |
|
|
SSLKeyExchangeAlgorithms "RSA, RSA-EXPORT" |
241 |
|
|
|
242 |
|
|
# A comma separated list of the SSL MAC algorithms. Valid selections |
243 |
|
|
# are: MD5, SHA1 |
244 |
|
|
SSLMACAlgorithms "SHA1, MD5" |
245 |
|
|
|
246 |
|
|
# A comma separated list of the SSL compression methods. Valid selections |
247 |
|
|
# are: NULL |
248 |
|
|
SSLCompressionMethods "NULL" |
249 |
|
|
|
250 |
|
|
# A comma separated list of the SSL protocol versions. Valid selections |
251 |
|
|
# are: TLS1.0 and SSL3.0 |
252 |
|
|
SSLProtocols "TLS1.0, SSL3.0" |