##=========================================================
## 1) Basic apache configuration
##=========================================================
## Include this file in your standard httpd.conf.
## When using SuSE Linux, just copy it to /etc/apache2/vhost.d/myolat.conf
## In other Linuxes you can include it to the main apache config file. In most
## cases you can add the following line to /etc/httpd/httpd.conf:
# Include "${base.dir}/conf/httpd.conf"
## Listen to your ${apache.host} interface on port ${apache.host.port}
## In most circumstances you don't need to do anything here. port 80 is default
## Most people install it on port 80, and usually in the default apache configuration there
## is already a Listen on port 80. If you do not have port 80, uncomment the following line
#Listen ${server.port}
## Tell apache that all requests on port ${apache.host.port} for any ip address is a
## virtual host request. In most cases you don't have to do anything since port 80
## is the default port.
#NameVirtualHost *:${server.port}
##=========================================================
## 2) Tomcat JK Connector basic configuration for Apache
##=========================================================
## (These settings have to match ${base.dir}/conf/workers.properties)
## If you have several webapps that use the connector, this section must be included only once!
##
JkWorkersFile "${base.dir}/conf/workers.properties"
JkRequestLogFormat "%w %V %T %r"
JkLogFile "${log.dir}/mod_jk.log"
JkLogLevel error
JkOptions +ForwardURICompatUnparsed
JkMount ${server.contextpath}/* worker1
JkMount ${server.contextpath} worker1
## Deliver raw static files using apache to reduce load on tomcat
JkUnMount ${server.contextpath}/raw/* worker1
AllowOverride None
deny from all
##=========================================================
## 3) Apache OLAT configuration as virtual host
##=========================================================
ServerName ${server.domainname}
ServerAdmin ${adminemail}
## Redirect everything unspecific to the OLAT application
RedirectMatch permanent ^/$ ${server.contextpath}/dmz/
RedirectMatch permanent ^${server.contextpath}$ ${server.contextpath}/dmz/
## Main server config
DocumentRoot "${base.dir}/htdocs"
AccessFileName .htaccess
## Apache config files
ErrorLog "${log.dir}/apache_error.log"
CustomLog "${log.dir}/apache_access.log" combined
## OLAT monitoring alias
Alias /monitoring "${userdata.dir}/monitoring"
Alias /webalizer "${userdata.dir}/webalizer"
## Security settings
Options Indexes IncludesNoExec
AllowOverride None
Order deny,allow
Allow from all
Options -Indexes IncludesNoExec FollowSymLinks
AllowOverride None
Order deny,allow
Allow from all
Options -Indexes IncludesNoExec FollowSymLinks
AllowOverride None
Order deny,allow
Allow from all
## Static raw content
Options Indexes IncludesNoExec FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
## mapp all raw requests to the static dir. First the ones with a
## version ID, then the ones with the _noversion_ tag
AliasMatch ^${server.contextpath}/raw/[0-9x]*/(.*) ${base.dir}/webapp/static/$1
Alias ${server.contextpath}/raw/_noversion_ ${base.dir}/webapp/static
## Special OLAT error pages
ErrorDocument 403 /403error.html
ErrorDocument 404 /403error.html
ErrorDocument 500 /500error.html
## Webapp icon file
AddType text/html .html .htm
AddType image/x-icon .ico
## Compress everything on the fly to reduce bandwith usage
## Be aware that this does increase your CPU usage
## required modules: headers, filter and deflate
# Insert filter
SetOutputFilter DEFLATE
# Netscape 4.x has some problems...
BrowserMatch ^Mozilla/4 gzip-only-text/html
# Netscape 4.06-4.08 have some more problems
BrowserMatch ^Mozilla/4\.0[678] no-gzip
# MSIE masquerades as Netscape, but it is fine
# BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
# NOTE: Due to a bug in mod_setenvif up to Apache 2.0.48
# the above regex won't work. You can use the following
# workaround to get the desired effect:
BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html
# Don't compress images
SetEnvIfNoCase Request_URI \
\.(?:gif|jpe?g|pngi|pdf|swf|fla|zip)$ no-gzip dont-vary
# Make sure proxies don't deliver the wrong content
Header append Vary User-Agent env=!dont-vary
##=========================================================
## 3) Apache OLAT configuration as virtual host using SSL
##=========================================================
ServerName ${server.domainname}
ServerAdmin ${adminemail}
## Redirect everything unspecific to the OLAT application
RedirectMatch permanent ^/$ ${server.contextpath}/dmz/
RedirectMatch permanent ^${server.contextpath}$ ${server.contextpath}/dmz/
## Main server config
DocumentRoot "${base.dir}/htdocs"
AccessFileName .htaccess
## Apache config files
ErrorLog "${log.dir}/apache_error_ssl.log"
CustomLog "${log.dir}/apache_access_ssl.log" combined
## OLAT monitoring alias
Alias /monitoring "${userdata.dir}/monitoring"
Alias /webalizer "${userdata.dir}/webalizer"
## Security settings
Options Indexes IncludesNoExec
AllowOverride None
Order deny,allow
Allow from all
Options -Indexes IncludesNoExec FollowSymLinks
AllowOverride None
Order deny,allow
Allow from all
Options -Indexes IncludesNoExec FollowSymLinks
AllowOverride None
Order deny,allow
Allow from all
## Static raw content
SSLRequire %{SSL_CIPHER_USEKEYSIZE} >= 128
Options Indexes IncludesNoExec FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all
## mapp all raw requests to the static dir. First the ones with a
## version ID, then the ones with the _noversion_ tag
AliasMatch ^${server.contextpath}/raw/[0-9x]*/(.*) ${base.dir}/webapp/static/$1
Alias ${server.contextpath}/raw/_noversion_ ${base.dir}/webapp/static
## Special OLAT error pages
ErrorDocument 403 /403error.html
ErrorDocument 404 /403error.html
ErrorDocument 500 /500error.html
## Webapp icon file
AddType text/html .html .htm
AddType image/x-icon .ico
## SSL configuration
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
SSLCertificateFile ${base.dir}/conf/certs/server.crt
SSLCertificateKeyFile ${base.dir}/conf/certs/server.key
SetEnvIf User-Agent ".*MSIE.*" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
## Compress everything on the fly to reduce bandwith usage
## Be aware that this does increase your CPU usage
## required modules: headers, filter and deflate
# Insert filter
SetOutputFilter DEFLATE
# Netscape 4.x has some problems...
BrowserMatch ^Mozilla/4 gzip-only-text/html
# Netscape 4.06-4.08 have some more problems
BrowserMatch ^Mozilla/4\.0[678] no-gzip
# MSIE masquerades as Netscape, but it is fine
# BrowserMatch \bMSIE !no-gzip !gzip-only-text/html
# NOTE: Due to a bug in mod_setenvif up to Apache 2.0.48
# the above regex won't work. You can use the following
# workaround to get the desired effect:
BrowserMatch \bMSI[E] !no-gzip !gzip-only-text/html
# Don't compress images
SetEnvIfNoCase Request_URI \
\.(?:gif|jpe?g|pngi|pdf|swf|fla|zip)$ no-gzip dont-vary
# Make sure proxies don't deliver the wrong content
Header append Vary User-Agent env=!dont-vary