##=========================================================
## 1) Basic apache configuration
##=========================================================
## Include this file in your standard httpd.conf.
## When using SuSE Linux, just copy it to /etc/apache2/vhost.d/myolat.conf
## In other Linuxes you can include it to the main apache config file. In most
## cases you can add the following line to /etc/httpd/httpd.conf:
# Include "@base.dir@/conf/httpd.conf"
## Listen to your @apache.host@ interface on port @apache.host.port@
## In most circumstances you don't need to do anything here. port 80 is default
## Most people install it on port 80, and usually in the default apache configuration there
## is already a Listen on port 80. If you do not have port 80, uncomment the following line
#Listen @server.port@
## Tell apache that all requests on port @apache.host.port@ for any ip address is a
## virtual host request. In most cases you don't have to do anything since port 80
## is the default port.
#NameVirtualHost *:@server.port@
##=========================================================
## 2) Tomcat JK Connector basic configuration for Apache
##=========================================================
## (These settings have to match @base.dir@/conf/workers.properties)
## If you have several webapps that use the connector, this section must be included only once!
##
JkWorkersFile "@base.dir@/conf/workers.properties"
JkRequestLogFormat "%w %V %T %r"
JkLogFile "@log.dir@/mod_jk.log"
JkLogLevel error
JkOptions +ForwardURICompatUnparsed
JkMount @server.contextpath@/* worker1
JkMount @server.contextpath@ worker1
## Deliver raw static files using apache to reduce load on tomcat
JkUnMount @server.contextpath@/raw/* worker1
AllowOverride None
deny from all
##=========================================================
## 3) Apache OLAT configuration as virtual host
##=========================================================
ServerName @server.domainname@
ServerAdmin @adminemail@
## Redirect everything unspecific to the OLAT application
RedirectMatch permanent ^/$ @server.contextpath@/dmz/
RedirectMatch permanent ^@server.contextpath@$ @server.contextpath@/dmz/
## Main server config
DocumentRoot "@base.dir@/htdocs"
AccessFileName .htaccess
## Apache config files
ErrorLog "@log.dir@/apache_error.log"
CustomLog "@log.dir@/apache_access.log" combined
## OLAT monitoring alias
Alias /monitoring "@userdata.dir@/monitoring"
Alias /webalizer "@userdata.dir@/webalizer"
## Security settings
Options Indexes IncludesNoExec
AllowOverride None
Order deny,allow
Allow from all
Options -Indexes IncludesNoExec FollowSymLinks
AllowOverride None
Order deny,allow
Allow from all
Options -Indexes IncludesNoExec FollowSymLinks
AllowOverride None
Order deny,allow
Allow from all
## Static raw content
Options Indexes IncludesNoExec FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
## Use current OLAT version ID
Alias @server.contextpath@/raw/@version.id@ "@base.dir@/webapp/static"
## Special OLAT error pages
ErrorDocument 403 /403error.html
ErrorDocument 404 /403error.html
ErrorDocument 500 /500error.html
## Webapp icon file
AddType text/html .html .htm
AddType image/x-icon .ico
## Compress everything on the fly to reduce bandwith usage
## Be aware that this does increase your CPU usage
## required modules: headers, filter and deflate
# Insert filter
SetOutputFilter DEFLATE
# Netscape 4.x has some problems...
BrowserMatch ^Mozilla/4 gzip-only-text/html
# Netscape 4.06-4.08 have some more problems
BrowserMatch ^Mozilla/4\.0[678] no-gzip
# MSIE masquerades as Netscape, but it is fine
# BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
# NOTE: Due to a bug in mod_setenvif up to Apache 2.0.48
# the above regex won't work. You can use the following
# workaround to get the desired effect:
BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html
# Don't compress images
SetEnvIfNoCase Request_URI \
\.(?:gif|jpe?g|pngi|pdf|swf|fla)$ no-gzip dont-vary
# Make sure proxies don't deliver the wrong content
Header append Vary User-Agent env=!dont-vary
##=========================================================
## 3) Apache OLAT configuration as virtual host using SSL
##=========================================================
ServerName @server.domainname@
ServerAdmin @adminemail@
## Redirect everything unspecific to the OLAT application
RedirectMatch permanent ^/$ @server.contextpath@/dmz/
RedirectMatch permanent ^@server.contextpath@$ @server.contextpath@/dmz/
## Main server config
DocumentRoot "@base.dir@/htdocs"
AccessFileName .htaccess
## Apache config files
ErrorLog "@log.dir@/apache_error_ssl.log"
CustomLog "@log.dir@/apache_access_ssl.log" combined
## OLAT monitoring alias
Alias /monitoring "@userdata.dir@/monitoring"
Alias /webalizer "@userdata.dir@/webalizer"
## Security settings
Options Indexes IncludesNoExec
AllowOverride None
Order deny,allow
Allow from all
Options -Indexes IncludesNoExec FollowSymLinks
AllowOverride None
Order deny,allow
Allow from all
Options -Indexes IncludesNoExec FollowSymLinks
AllowOverride None
Order deny,allow
Allow from all
## Static raw content
SSLRequire %{SSL_CIPHER_USEKEYSIZE} >= 128
Options Indexes IncludesNoExec FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
## Use current OLAT version ID
Alias @server.contextpath@/raw/@version.id@ "@base.dir@/webapp/static"
## Special OLAT error pages
ErrorDocument 403 /403error.html
ErrorDocument 404 /403error.html
ErrorDocument 500 /500error.html
## Webapp icon file
AddType text/html .html .htm
AddType image/x-icon .ico
## SSL configuration
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile @base.dir@/conf/certs/server.crt
SSLCertificateKeyFile @base.dir@/conf/certs/server.key
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
## Compress everything on the fly to reduce bandwith usage
## Be aware that this does increase your CPU usage
## required modules: headers, filter and deflate
# Insert filter
SetOutputFilter DEFLATE
# Netscape 4.x has some problems...
BrowserMatch ^Mozilla/4 gzip-only-text/html
# Netscape 4.06-4.08 have some more problems
BrowserMatch ^Mozilla/4\.0[678] no-gzip
# MSIE masquerades as Netscape, but it is fine
# BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
# NOTE: Due to a bug in mod_setenvif up to Apache 2.0.48
# the above regex won't work. You can use the following
# workaround to get the desired effect:
BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html
# Don't compress images
SetEnvIfNoCase Request_URI \
\.(?:gif|jpe?g|pngi|pdf|swf|fla)$ no-gzip dont-vary
# Make sure proxies don't deliver the wrong content
Header append Vary User-Agent env=!dont-vary