torisan.de (Toralf Richter) - work in progress - sample httpd.conf with mod_jk, mod_gzip, mod_proxy and some mod

1	##
2	## httpd.conf -- Apache HTTP server configuration file
3	##
4
5	### Section 1: Global Environment
6
7	ServerType standalone
8	ServerRoot "/srv/www"
9	LockFile /var/lock/subsys/httpd/httpd.accept.lock
10	PidFile /var/run/httpd.pid
11	ScoreBoardFile /var/run/httpd.scoreboard
12	Timeout 300
13	KeepAlive On
14
15	# 0=unlimited
16	MaxKeepAliveRequests 0
17
18	# Timeout for keep-alive Connections in seconds
19	KeepAliveTimeout 60
20	MinSpareServers 4
21	MaxSpareServers 4
22	StartServers 4
23	MaxClients 150
24	# NOTE: This value does not include keepalive requests after the initial
25	# request per connection. For example, if a child process handles
26	# an initial request and 10 subsequent "keptalive" requests, it
27	# would only count as 1 request towards this limit.
28	# a setting of 0 means unlimited.
29	MaxRequestsPerChild 0
30	Listen 80
31	# we do not bind a specific address
32	#BindAddress *
33
34	# Modules
35	LoadModule mmap_static_module /usr/lib/apache/mod_mmap_static.so
36	LoadModule vhost_alias_module /usr/lib/apache/mod_vhost_alias.so
37	LoadModule env_module /usr/lib/apache/mod_env.so
38	LoadModule define_module /usr/lib/apache/mod_define.so
39	LoadModule config_log_module /usr/lib/apache/mod_log_config.so
40	LoadModule agent_log_module /usr/lib/apache/mod_log_agent.so
41	LoadModule referer_log_module /usr/lib/apache/mod_log_referer.so
42	LoadModule mime_magic_module /usr/lib/apache/mod_mime_magic.so
43	LoadModule mime_module /usr/lib/apache/mod_mime.so
44	LoadModule negotiation_module /usr/lib/apache/mod_negotiation.so
45	#LoadModule status_module /usr/lib/apache/mod_status.so
46	#LoadModule info_module /usr/lib/apache/mod_info.so
47	LoadModule includes_module /usr/lib/apache/mod_include.so
48	LoadModule autoindex_module /usr/lib/apache/mod_autoindex.so
49	LoadModule dir_module /usr/lib/apache/mod_dir.so
50	LoadModule cgi_module /usr/lib/apache/mod_cgi.so
51	LoadModule asis_module /usr/lib/apache/mod_asis.so
52	LoadModule imap_module /usr/lib/apache/mod_imap.so
53	LoadModule action_module /usr/lib/apache/mod_actions.so
54	LoadModule speling_module /usr/lib/apache/mod_speling.so
55	LoadModule alias_module /usr/lib/apache/mod_alias.so
56	LoadModule rewrite_module /usr/lib/apache/mod_rewrite.so
57	LoadModule access_module /usr/lib/apache/mod_access.so
58	LoadModule auth_module /usr/lib/apache/mod_auth.so
59	LoadModule anon_auth_module /usr/lib/apache/mod_auth_anon.so
60	LoadModule dbm_auth_module /usr/lib/apache/mod_auth_dbm.so
61	LoadModule db_auth_module /usr/lib/apache/mod_auth_db.so
62	LoadModule digest_module /usr/lib/apache/mod_digest.so
63	LoadModule proxy_module /usr/lib/apache/libproxy.so
64	LoadModule cern_meta_module /usr/lib/apache/mod_cern_meta.so
65	LoadModule expires_module /usr/lib/apache/mod_expires.so
66	LoadModule headers_module /usr/lib/apache/mod_headers.so
67	LoadModule usertrack_module /usr/lib/apache/mod_usertrack.so
68	LoadModule setenvif_module /usr/lib/apache/mod_setenvif.so
69	LoadModule backhand_module /usr/lib/apache/mod_backhand.so
70	<IfDefine DUMMYSSL>
71	LoadModule ssl_module /usr/lib/apache/libssl.so
72	</IfDefine>
73	LoadModule jk_module /usr/lib/apache/mod_jk.so
74	LoadModule gzip_module /usr/lib/apache/mod_gzip.so
75
76	# Reconstruction of the complete module list from all available modules
77	# (static and shared ones) to achieve correct module execution order.
78	# [WHENEVER YOU CHANGE THE LOADMODULE SECTION ABOVE UPDATE THIS, TOO]
79	ClearModuleList
80	AddModule mod_mmap_static.c
81	AddModule mod_vhost_alias.c
82	AddModule mod_env.c
83	AddModule mod_define.c
84	AddModule mod_log_config.c
85	AddModule mod_log_agent.c
86	AddModule mod_log_referer.c
87	AddModule mod_mime_magic.c
88	AddModule mod_mime.c
89	AddModule mod_negotiation.c
90	#AddModule mod_status.c
91	#AddModule mod_info.c
92	AddModule mod_include.c
93	AddModule mod_autoindex.c
94	AddModule mod_dir.c
95	AddModule mod_cgi.c
96	AddModule mod_asis.c
97	AddModule mod_imap.c
98	AddModule mod_actions.c
99	AddModule mod_speling.c
100	AddModule mod_alias.c
101	AddModule mod_rewrite.c
102	AddModule mod_access.c
103	AddModule mod_auth.c
104	AddModule mod_auth_anon.c
105	AddModule mod_auth_dbm.c
106	AddModule mod_auth_db.c
107	AddModule mod_digest.c
108	AddModule mod_proxy.c
109	AddModule mod_cern_meta.c
110	AddModule mod_expires.c
111	AddModule mod_headers.c
112	AddModule mod_usertrack.c
113	AddModule mod_so.c
114	AddModule mod_setenvif.c
115	AddModule mod_backhand.c
116	AddModule mod_jk.c
117	# mod_gzip has be the last in this (beause this list is processed from last to first in apache startup)
118	# to achieve compressability for any content that might be handled by any of the other modules
119	AddModule mod_gzip.c
120
121	ExtendedStatus Off
122
123	### Section 2: 'Main' server configuration
124	Port 80
125	User wwwrun
126	Group nogroup
127
128	ServerAdmin webmaster@<host>
129	ServerName <host or IP number>
130
131	#
132	# Protect the php(3) test page, so it cannot be viewed from an outside system.
133	#
134	<Files ~ "test.php(.*)">
135	Order deny,allow
136	deny from all
137	allow from localhost
138	</Files>
139
140	AccessFileName .htaccess
141	<Files ~ "^\.ht">
142	Order allow,deny
143	Deny from all
144	Satisfy All
145	</Files>
146
147	# UseCanonicalName: (new for 1.3) With this setting turned on, whenever
148	# Apache needs to construct a self-referencing URL (a URL that refers back
149	# to the server the response is coming from) it will use ServerName and
150	# Port to form a "canonical" name. With this setting off, Apache will
151	# use the hostname:port that the client supplied, when possible. This
152	# also affects SERVER_NAME and SERVER_PORT in CGI scripts.
153	#
154	UseCanonicalName On
155
156	# TypesConfig describes where the mime.types file (or equivalent) is
157	# to be found.
158	<IfModule mod_mime.c>
159	TypesConfig /etc/httpd/mime.types
160	</IfModule>
161
162	# DefaultType is the default MIME type the server will use for a document
163	# if it cannot otherwise determine one, such as from filename extensions.
164	# If your server contains mostly text or HTML documents, "text/plain" is
165	# a good value. If most of your content is binary, such as applications
166	# or images, you may want to use "application/octet-stream" instead to
167	# keep browsers from trying to display binary files as though they are
168	# text.
169	DefaultType text/plain
170
171	# The mod_mime_magic module allows the server to use various hints from the
172	# contents of the file itself to determine its type. The MIMEMagicFile
173	# directive tells the module where the hint definitions are located.
174	# mod_mime_magic is not part of the default server (you have to add
175	# it yourself with a LoadModule [see the DSO paragraph in the 'Global
176	# Environment' section], or recompile the server and include mod_mime_magic
177	# as part of the configuration), so it's enclosed in an <IfModule> container.
178	# This means that the MIMEMagicFile directive will only be processed if the
179	# module is part of the server.
180	<IfModule mod_mime_magic.c>
181	MIMEMagicFile /etc/httpd/magic
182	</IfModule>
183
184	# a value of "off" speeds up delivery in most cases, because no time consuming DNS lookups are made
185	HostnameLookups Off
186
187	ErrorLog /var/log/httpd/error_log
188
189	# LogLevel for ErrorLog: debug, info, notice, warn, error, crit, alert, emerg
190	LogLevel error
191
192	# The following directives define some format nicknames for use with
193	# a CustomLog directive (see below).
194	LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
195	LogFormat "%h %l %u %t \"%r\" %>s %b" common
196	LogFormat "%{Referer}i -> %U" referer
197	LogFormat "%{User-agent}i" agent
198
199	CustomLog /var/log/httpd/access_log common
200
201	ServerSignature On
202
203
204	# Aliases: Add here as many aliases as you need (with no limit). The format is
205	# Alias fakename realname
206	<IfModule mod_alias.c>
207
208	#
209	# Note that if you include a trailing / on fakename then the server will
210	# require it to be present in the URL. So "/icons" isn't aliased in this
211	# example, only "/icons/". If the fakename is slash-terminated, then the
212	# realname must also be slash terminated, and if the fakename omits the
213	# trailing slash, the realname must also omit it.
214	#
215	Alias /icons/ "/srv/www/icons/"
216
217	<Directory "/srv/www/icons">
218	Options Indexes MultiViews
219	AllowOverride None
220	Order allow,deny
221	Allow from all
222	</Directory>
223
224	# This Alias will project the on-line documentation tree under /manual/
225	# even if you change the DocumentRoot. Comment it if you don't want to
226	# provide access to the on-line documentation.
227	#
228	Alias /manual/ "/srv/www/htdocs/manual/"
229
230	<Directory "/srv/www/htdocs/manual">
231	Options Indexes FollowSymlinks MultiViews
232	AllowOverride None
233	Order allow,deny
234	Allow from all
235	</Directory>
236
237	#
238	# ScriptAlias: This controls which directories contain server scripts.
239	# ScriptAliases are essentially the same as Aliases, except that
240	# documents in the realname directory are treated as applications and
241	# run by the server when requested rather than as documents sent to the client.
242	# The same rules about trailing "/" apply to ScriptAlias directives as to
243	# Alias.
244	#
245	ScriptAlias /cgi-bin/ "/srv/www/cgi-bin/"
246
247	#
248	# "/srv/www/cgi-bin" should be changed to whatever your ScriptAliased
249	# CGI directory exists, if you have that configured.
250	#
251	<Directory "/srv/www/cgi-bin">
252	AllowOverride None
253	Options None
254	Order allow,deny
255	Allow from all
256	</Directory>
257
258	</IfModule>
259	# End of aliases.
260
261
262	#
263	# set /cgi-bin for CGI execution
264	#
265	<Location /cgi-bin>
266	AllowOverride None
267	Options +ExecCGI -Includes
268	SetHandler cgi-script
269	</Location>
270
271
272	# Directives controlling the display of server-generated directory listings.
273	<IfModule mod_autoindex.c>
274
275	#
276	# FancyIndexing is whether you want fancy directory indexing or standard
277	#
278	IndexOptions FancyIndexing
279
280	#
281	# AddIcon* directives tell the server which icon to show for different
282	# files or filename extensions. These are only displayed for
283	# FancyIndexed directories.
284	#
285	AddIconByEncoding (CMP,/icons/compressed.gif) x-compress x-gzip
286
287	AddIconByType (TXT,/icons/text.gif) text/*
288	AddIconByType (IMG,/icons/image2.gif) image/*
289	AddIconByType (SND,/icons/sound2.gif) audio/*
290	AddIconByType (VID,/icons/movie.gif) video/*
291
292	AddIcon /icons/binary.gif .bin .exe
293	AddIcon /icons/binhex.gif .hqx
294	AddIcon /icons/tar.gif .tar
295	AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm .iv
296	AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
297	AddIcon /icons/a.gif .ps .ai .eps
298	AddIcon /icons/layout.gif .html .shtml .htm .pdf
299	AddIcon /icons/text.gif .txt
300	AddIcon /icons/c.gif .c
301	AddIcon /icons/p.gif .pl .py
302	AddIcon /icons/f.gif .for
303	AddIcon /icons/dvi.gif .dvi
304	AddIcon /icons/uuencoded.gif .uu
305	AddIcon /icons/script.gif .conf .sh .shar .csh .ksh .tcl
306	AddIcon /icons/tex.gif .tex
307	AddIcon /icons/bomb.gif core
308
309	AddIcon /icons/back.gif ..
310	AddIcon /icons/hand.right.gif README
311	AddIcon /icons/folder.gif ^^DIRECTORY^^
312	AddIcon /icons/blank.gif ^^BLANKICON^^
313
314	#
315	# DefaultIcon is which icon to show for files which do not have an icon
316	# explicitly set.
317	#
318	DefaultIcon /icons/unknown.gif
319
320	#
321	# AddDescription allows you to place a short description after a file in
322	# server-generated indexes. These are only displayed for FancyIndexed
323	# directories.
324	# Format: AddDescription "description" filename
325	#
326	AddDescription "GZIP compressed document" .gz
327	AddDescription "tar archive" .tar
328	AddDescription "GZIP compressed tar archive" .tgz
329
330	#
331	# ReadmeName is the name of the README file the server will look for by
332	# default, and append to directory listings.
333	#
334	# HeaderName is the name of a file which should be prepended to
335	# directory indexes.
336	#
337	# If MultiViews are amongst the Options in effect, the server will
338	# first look for name.html and include it if found. If name.html
339	# doesn't exist, the server will then look for name.txt and include
340	# it as plaintext if found.
341	#
342	ReadmeName README
343	HeaderName HEADER
344
345	#
346	# IndexIgnore is a set of filenames which directory indexing should ignore
347	# and not include in the listing. Shell-style wildcarding is permitted.
348	#
349	IndexIgnore .??* ~ # RCS CVS ,v ,t
350
351	</IfModule>
352	# End of indexing directives.
353
354	#
355	# Document types.
356	#
357	<IfModule mod_mime.c>
358
359	#
360	# AddEncoding allows you to have certain browsers (Mosaic/X 2.1+) uncompress
361	# information on the fly. Note: Not all browsers support this.
362	# Despite the name similarity, the following Add* directives have nothing
363	# to do with the FancyIndexing customization directives above.
364	#
365	AddEncoding x-compress Z
366	AddEncoding x-gzip gz tgz
367
368	#
369	# AddLanguage allows you to specify the language of a document. You can
370	# then use content negotiation to give a browser a file in a language
371	# it can understand.
372	#
373	# Note 1: The suffix does not have to be the same as the language
374	# keyword --- those with documents in Polish (whose net-standard
375	# language code is pl) may wish to use "AddLanguage pl .po" to
376	# avoid the ambiguity with the common suffix for perl scripts.
377	#
378	# Note 2: The example entries below illustrate that in quite
379	# some cases the two character 'Language' abbreviation is not
380	# identical to the two character 'Country' code for its country,
381	# E.g. 'Danmark/dk' versus 'Danish/da'.
382	#
383	# Note 3: In the case of 'ltz' we violate the RFC by using a three char
384	# specifier. But there is 'work in progress' to fix this and get
385	# the reference data for rfc1766 cleaned up.
386	#
387	# Danish (da) - Dutch (nl) - English (en) - Estonian (ee)
388	# French (fr) - German (de) - Greek-Modern (el)
389	# Italian (it) - Korean (kr) - Norwegian (no) - Norwegian Nynorsk (nn)
390	# Portugese (pt) - Luxembourgeois* (ltz)
391	# Spanish (es) - Swedish (sv) - Catalan (ca) - Czech(cz)
392	# Polish (pl) - Brazilian Portuguese (pt-br) - Japanese (ja)
393	# Russian (ru)
394	#
395	AddLanguage da .dk
396	AddLanguage nl .nl
397	AddLanguage en .en
398	AddLanguage et .ee
399	AddLanguage fr .fr
400	AddLanguage de .de
401	AddLanguage el .el
402	AddLanguage he .he
403	AddCharset ISO-8859-8 .iso8859-8
404	AddLanguage it .it
405	AddLanguage ja .ja
406	AddCharset ISO-2022-JP .jis
407	AddLanguage kr .kr
408	AddCharset ISO-2022-KR .iso-kr
409	AddLanguage nn .nn
410	AddLanguage no .no
411	AddLanguage pl .po
412	AddCharset ISO-8859-2 .iso-pl
413	AddLanguage pt .pt
414	AddLanguage pt-br .pt-br
415	AddLanguage ltz .lu
416	AddLanguage ca .ca
417	AddLanguage es .es
418	AddLanguage sv .sv
419	AddLanguage cz .cz
420	AddLanguage ru .ru
421	AddLanguage zh-tw .tw
422	AddLanguage tw .tw
423	AddCharset Big5 .Big5 .big5
424	AddCharset WINDOWS-1251 .cp-1251
425	AddCharset CP866 .cp866
426	AddCharset ISO-8859-5 .iso-ru
427	AddCharset KOI8-R .koi8-r
428	AddCharset UCS-2 .ucs2
429	AddCharset UCS-4 .ucs4
430	AddCharset UTF-8 .utf8
431
432	# LanguagePriority allows you to give precedence to some languages
433	# in case of a tie during content negotiation.
434	#
435	# Just list the languages in decreasing order of preference. We have
436	# more or less alphabetized them here. You probably want to change this.
437	#
438	<IfModule mod_negotiation.c>
439	LanguagePriority en da nl et fr de el it ja kr no pl pt pt-br ru ltz ca es sv tw
440	</IfModule>
441
442	#
443	# AddType allows you to tweak mime.types without actually editing it, or to
444	# make certain files to be certain types.
445	#
446	AddType application/x-tar .tgz
447	AddType image/x-icon .ico
448
449	# Some more types:
450
451	#
452	# PHP 3.x:
453	#
454	<IfModule mod_php3.c>
455	AddType application/x-httpd-php3 .php3
456	AddType application/x-httpd-php3-source .phps
457	AddType application/x-httpd-php3 .phtml
458	</IfModule>
459
460	#
461	# PHP 4.x:
462	#
463	<IfModule mod_php4.c>
464	AddType application/x-httpd-php .php
465	AddType application/x-httpd-php .php4
466	AddType application/x-httpd-php-source .phps
467	</IfModule>
468
469	#
470	# mod_dtcl can execute tcl scripts
471	#
472	<IfModule mod_dtcl.c>
473	AddType application/x-httpd-tcl .ttml
474	AddType application/x-dtcl-tcl .tcl
475	</IfModule>
476
477	AddType text/vnd.wap.wml wml
478	AddType text/vnd.wap.wmlscript wmls
479	AddType application/vnd.wap.wmlc wmlc
480	AddType application/vnd.wap.wmlscriptc wmlsc
481	Addtype image/vnd.wap.wbmp wbmp
482	#
483	# AddHandler allows you to map certain file extensions to "handlers",
484	# actions unrelated to filetype. These can be either built into the server
485	# or added with the Action command (see below)
486	#
487	# If you want to use server side includes, or CGI outside
488	# ScriptAliased directories, uncomment the following lines.
489	#
490	# To use CGI scripts:
491	#
492	AddHandler cgi-script .cgi
493
494	#
495	# To use server-parsed HTML files
496	#
497	AddType text/html .shtml
498	AddHandler server-parsed .shtml
499
500	</IfModule>
501	# End of document types.
502
503	#
504	# Customize behaviour based on the browser
505	#
506	<IfModule mod_setenvif.c>
507
508	#
509	# The following directives modify normal HTTP response behavior.
510	# The first directive disables keepalive for Netscape 2.x and browsers that
511	# spoof it. There are known problems with these browser implementations.
512	# The second directive is for Microsoft Internet Explorer 4.0b2
513	# which has a broken HTTP/1.1 implementation and does not properly
514	# support keepalive when it is used on 301 or 302 (redirect) responses.
515	#
516	BrowserMatch "Mozilla/2" nokeepalive
517	BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
518
519	#
520	# The following directive disables HTTP/1.1 responses to browsers which
521	# are in violation of the HTTP/1.0 spec by not being able to grok a
522	# basic 1.1 response.
523	#
524	BrowserMatch "RealPlayer 4\.0" force-response-1.0
525	BrowserMatch "Java/1\.0" force-response-1.0
526	BrowserMatch "JDK/1\.0" force-response-1.0
527
528	</IfModule>
529	# End of browser customization directives
530
531
532	### Alright, this is the interesting part ###
533	### Custom Settings for a project using a combination of mod_gzip, mod_jk, mod_proxy (and partially mod_rewrite)
534	### to configure this Apache webserver as a frontend and entry point to a set of web applications
535	### running in a Tomcat 5.0.18 Java Container ###
536
537	### At first since we have only configured a main server instance
538	### we do configuration for this webserver instacne regarding Location and Directory direrectives
539	### also global mod_rewrite and mod_proxy configuration
540
541	# mod_rewrite, log definitons (log level should be 0 or 1 in production to decrease overhead
542	# it can be set higher if problems occur
543	RewriteLogLevel 5
544	RewriteLog "/var/log/httpd/rewrite.log"
545
546	# mod_proxy: general proxy request are off, since we do not need them and they might pose a security / abuse risk
547	# ProxyIOBufferSize ist set to 128k (default is 8k) because some pages delivered by the Tomcat behind this
548	# Apache server can be fairly large
549	# A proxy pass an a reverse pass (which is good to resolve redirects that occur in the remote proxied system
550	# to the local namespace
551	ProxyRequests Off
552	ProxyIOBufferSize 131072
553	ProxyPass /coremedia/generator/ http://10.112.235.91/coremedia/generator/
554	ProxyPassreverse /coremedia/generator/ http://10.112.235.91/coremedia/generator/
555
556	# Document root for this server is the webapps Base of a local Tomcat instance
557	DocumentRoot "/opt/cap4/ls-deliveryserver/jakarta-tomcat-5.0.18/webapps"
558
559	# At first with this Directory directive a very restrictive set of access permissions is defined
560	# (which later will be loosened to provide some functionality to users)
561	<Directory />
562	AuthUserFile /etc/httpd/passwd
563	AuthGroupFile /etc/httpd/group
564	Options -FollowSymLinks -Multiviews
565	AllowOverride None
566	</Directory>
567
568	# This is the document root being configured
569	<Directory /opt/cap4/ls-deliveryserver/jakarta-tomcat-5.0.18/webapps>
570	Options All -MultiViews
571	AllowOverride All
572	Order allow,deny
573	Allow from all
574	</Directory>
575
576	<Location />
577	# This is the root location on this webserver. Below this locaton will be mapped to
578	# to the ROOT context of the Tomcat Servelte Container using mod_jk.
579	# The mapping will be to the "/" location only (if someone typed "/x" this would
580	# not map into the Tomcat ROOT context.
581	# Therefore at this point here a RewriteRule ist defined, that redirect any requests going to "/x", "/y" ...
582	# to "/", from where these request are put through to the Servlet Container
583	# This RewriteRule will then be suspended for the other locations defined below.
584	order deny,allow
585	allow from all
586	Options FollowSymLinks
587	RewriteEngine on
588	RewriteCond %{REQUEST_URI} !^/$
589	RewriteRule . / [R,L]
590	</Location>
591
592	<Location /sso>
593	# This is the location that maps via mod_jk to the login webapp. The RewirteRule defined above in
594	# location "/" is disabled by switching off the entire rewriteEngine
595	order deny,allow
596	allow from all
597	Options FollowSymLinks
598	RewriteEngine off
599	</Location>
600
601	<Location /coremedia>
602	# This is the defintion of the "/coremedia" location which which equals to a context called coremedia in the
603	# Tomcat Servlet Container which contains a Coremedia Generator Servlet.
604	# All access is forbidden for this location, apart from the sub-locations that are enabled below.
605	# URL rewriting with mod_rewrite ist turned off. MultiViews should be turned off to avoid
606	# having outdated and recent variants of a content resource (which might change anytime through the
607	# CAP content management system to which the Coremedia Generator Servlet belongs)
608	Options FollowSymLinks -MultiViews
609	AllowOverride Limit Options
610	order deny,allow
611	deny from all
612	RewriteEngine off
613	</Location>
614
615	<Location /coremedia/siteIMAGES>
616	# Delivery of static layout images from underneath /coremedia is allowed
617	order deny,allow
618	allow from all
619	</Location>
620
621	<Location /coremedia/siteCSS>
622	# Delivery of static CSS styleshee files from underneath /coremedia is allowed
623	order allow,deny
624	allow from all
625	</Location>
626
627	<Location /coremedia/siteJS>
628	# Delivery of static JavaScript files from underneath /coremedia is allowed
629	order deny,allow
630	allow from all
631	</Location>
632
633	<Location /coremedia/generator>
634	# -MultiViews is set again, just for safety
635	# The RewriteEngine has already been turned off in /coremedia. No need to do it again
636	order deny,allow
637	allow from all
638	Options -MultiViews
639	</Location>
640
641
642	###### module configurations ######
643
644	### mod_jk - JK configuration connecting to a Tomcat 5 on AJP/1.3 Port 50000
645	### and mapping the locations "/sso" and "/" on the webserver to the
646	### respective servlet contexts (namely /sso and /).
647
648	# Before mod_jk can work, this workers file will have to be set up properly
649	JkWorkersFile /etc/httpd/workers.properties
650	# Where to put jk logs
651	JkLogFile /var/log/httpd/mod_jk.log
652	# Set the jk log level [debug/error/info]
653	JkLogLevel error
654	# Select the log format
655	JkLogStampFormat "[%a %b %d %H:%M:%S %Y] "
656	# JkOptions: SSL KEY SIZE is not forwared since there no use of SSL
657	# URICompat is on, because this is mod_rewrite compatible (just in case mod_rewrite will be used later after
658	# a configuration change). Note: using URICompat is not very Servlet 2.3 spec compliant
659	# forwarding of entire directories is switched off
660	JkOptions -ForwardKeySize +ForwardURICompat -ForwardDirectories
661	# JkRequestLogFormat set the request format
662	JkRequestLogFormat "%w %V %T"
663	# The following Apache locations are mapped or mounted to the respective servlet contexts (Note: "worker1" is
664	# the servlet worker which is to do the real work. It is defined in the workers file)
665	# /sso/* an worker1 (ajp13)
666	# / an worker1 (ajp13)
667	JkMount /sso/* worker1
668	JkMount / worker1
669
670
671	### mod_gzip configuration ###
672	### Note: This Apache webserver serves (among others) as an entry point to the /coremedia webapp in the Tomcat behind.
673	### The manufacturer of the Coremedia Generator Servlet strongly advises on using mod_rewrite (reasons are special and too long to explain).
674	### Unfortunately the project from which this config was taken was an extranet project with many users acessing information
675	### via 64KBit ISDN lines. Therefore it seemed stingly advised to compress the content delivered, since most of the pages were
676	### per request generated on the fly (no browser caching) and some of them about 80-100k in size.
677	### And unfortunately mod_gzip in the present state does not compress contents delivered through a mod_rewrite [P] rule.
678	### A (second, the reasons for second best are special and too long to explain) best solution seemed to be using mod_proxy
679	### to forward requests to the backend Tomcat and have good compression with mod_gzip.
680
681	<IfModule mod_gzip.c>
682	mod_gzip_on Yes
683	# The next three to four directives (negotiate, update static, static suffix) only make sense when content is deliverd directly
684	# from the webservers document root which here is rarely the case, but they have been left on, just in case.
685	mod_gzip_can_negotiate Yes
686	mod_gzip_static_suffix .gz
687	AddEncoding gzip .gz
688	mod_gzip_update_static No
689	# Web based status display is disabled
690	#mod_gzip_command_version '/mod_gzip_status'
691	# temp files go to /tmp. For better performance the temp directory can be put into a RAM disk
692	mod_gzip_temp_dir /tmp
693	mod_gzip_keep_workfiles No
694	# All file ssized in the following section are in bytes
695	mod_gzip_minimum_file_size 500
696	mod_gzip_maximum_file_size 5000000
697	# Files up to 2.5 MB size will be compressed directly in memory. The more gets compressed in memory the faster. Unless one runs out of memory!
698	mod_gzip_maximum_inmem_size 2500000
699	mod_gzip_min_http 1000
700	# Only GET requests/responses will be compressed. Compressing POST method originated output may cause problems (at least in some versions of mod_gzip)
701	mod_gzip_handle_methods GET
702
703	## Now, what is going to be compressed ##
704
705	# Phase 1: reqheader, uri, file, handler #
706	# =========================== #
707	mod_gzip_item_include file \.html$
708	mod_gzip_item_include file \.htm$
709	# for testing only - if it generates to much load for too litte compression this sould be turned off again
710	mod_gzip_item_include file \.pdf$
711	mod_gzip_item_include file \.doc$
712	mod_gzip_item_include file \.rtf$
713
714
715	# explicit inclusion of proxied requests
716	mod_gzip_item_include handler proxy-server
717	# include files / JavaScript & CSS (Note: this will cause problems in Netscape4 due to bugs in that browser
718	mod_gzip_item_include file \.js$
719	mod_gzip_item_include file \.css$
720
721	# CGI scripts
722	mod_gzip_item_include file \.pl$
723	mod_gzip_item_include handler ^cgi-script$
724
725	# exclusion of file type GIF in this phase from compression (see mime image/.* directive below, which enables general
726	# image compression. From this general image compression GIFs shall be excluded because in the project
727	# here they are only small files file used for layout purposes. Instead of compressing it is better to rely
728	# on he browser cache for them.
729	mod_gzip_item_exclude file \.gif$
730
731
732	# Phase 2: (mime, rspheader)
733	# ===========================#
734	# Text und HTML mimes, Javascript, Apache directory listings
735	mod_gzip_item_include mime ^text/.*
736	mod_gzip_item_include mime ^text/css$
737	mod_gzip_item_include mime ^text/plain$
738	mod_gzip_item_include mime ^httpd/unix-directory$
739	mod_gzip_item_include mime ^application/x-javascript$
740	# for testing only - if it generates to much load for too litte compression this sould be turned off again
741	mod_gzip_item_include mime ^application/pdf$
742	mod_gzip_item_include mime ^application/msword$
743	mod_gzip_item_include mime ^application/rtf$
744	# for testing all image mimes types are included, since there might be large (high quality) JPGs and even BMPs
745	mod_gzip_item_include mime ^image/.*
746	# exclusion of mime type GIF fro image compression
747	mod_gzip_item_exclude mime ^image/gif$
748
749
750	# Allow mod_gzip to eliminate the HTTP header
751	# 'Transfer-encoding: chunked'
752	# and join the chunks to one (compressable) packet
753	mod_gzip_dechunk Yes
754
755
756	# ---------------------------------------------------------------------
757	# Extended log format (for testing the compression effect)
758	LogFormat "%h %l %u %t \"%V %r\" %<s %b mod_gzip: %{mod_gzip_result}n In:%{mod_gzip_input_size}n -< Out:%{mod_gzip_output_size}n = %{mod_gzip_compression_ratio}n pct." common_with_mod_gzip_info2
759	# ---------------------------------------------------------------------
760	# Create additional log file
761	CustomLog /var/log/httpd/mod_gzip.log common_with_mod_gzip_info2
762	# (surely you can redefine your normal log file format, but you mal well
763	# keep its format standard compatible for evaluation by standard web
764	# analysis tools. So we just create another log file.)
765	# ---------------------------------------------------------------------
766	# Volume computation of the delivered files inside the Apache access_log:
767	# count HTTP header size (in bytes) as part of total output size
768	mod_gzip_add_header_count Yes
769	# (This will be more than the pure document content, but it will more
770	# realistically describe the total output traffic of the HTTP request)
771	# ---------------------------------------------------------------------
772
773
774	# sending a 'Vary' HTTP header is generally enabled and will be only disabled for specific types below
775	# This is an issue that might prove tricky, since Vary causes proxy caches or even very compliant browser caches
776	# to fetch a resource each time it is requested.
777	# The vary header is sent for some very specific reason which can be read up in the mod_gzip documentation
778	mod_gzip_send_vary On
779
780	# For all files or resources that are not dynamically created per request by the Coremedia Generator Servlet
781	# the Vary header is turned off (improves cachebility in proxies or browser cache)
782	<Files ~ "\.(jpg\|gif\|png\|js\|css\|pdf\|doc\|rtf)$">
783	mod_gzip_send_vary Off
784	</Files>
785
786	</IfModule>
787
788
789	### using mod_backhand to distribute load is planned but not yet ready for production ###
790
791	<IfModule mod_backhand.c>
792	#per Verzeichnis Direktiven werden angeschlatet, wenn das genaue Szenario klar ist
793	# Backhand byAge
794	# Backhand byRandom
795	# Backhand byLogWindow
796	# Backhand byCPU
797
798	# UnixSocketDir is were the mod_backhand-Arriba file is stored
799	# (ho w fast your machine is). This directory must be readable and writable
800	# by euid of apache (wwwrun) because the children have dropped privileges
801	# before they connect to a UNIX domain socket in this directory.
802	# This directive is singular.
803	#
804	# MulticastStats of the form [<IP ADDR>] <BROADCAST ADDR>:<PORT> will set
805	# mod_backhand to broadcast server statistics on that address advertising
806	# for a server on <IP ADDR> or gethostbyname(gethostname())
807	# MulticastStats of the form [<IP ADDR>] <MULTICAST ADDR>:<PORT>,<ttl> will
808	# set mod_backhand to multicast server statistics on that address
809	# advertising for a server on <IP ADDR> or gethostbyname(gethostname())
810	# This directive is singular.
811	#
812	# AcceptStats <a.b.c.d>[/<mask>] (like 10.0.0.4 or 10.0.0.0/24) will accept
813	# statistics originating from that IP or IP network.
814	# This option can be cascaded.
815
816	UnixSocketDir /var/lib/backhand
817	# Broadcasting and accepting cluster synchronisation information to a 26 network mask
818	MulticastStats xx.xx.xx.127:4445
819	AcceptStats xx.xx.xx.64/26
820
821	# Note that you _must_ configure the MulticastStats/AcceptStats directives,
822	# otherwise apache will segfault!
823
824	# This is a status of sorts. Visit it and see how valuable it is to you.
825	# Testweise wird der Status belassen, soll aber beim Uebergang zur produktion abgeschaltet werden
826
827	# for testing we have the backhand status on for easier monitoring
828	<Location /backhand/>
829	SetHandler backhand-handler
830	order deny,allow
831	allow from <host>
832	Options None
833	</Location>
834
835	</IfModule>