Giters

ojullien / Apache2.4

Apache2.4 configuration and site templates

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

sslvhost-configurationvirtual-hostsapache24reverse-proxyproxyremoteipevasivereferrer-policystrict-transport-securityhttp2content-security-policyhstscspproxy-http2site-templateconfigurationdebian-linux-distribution

Apache2.4 configuration and templates

Apache2.4 personnal configuration and website templates on Debian linux distribution.

Note: I use those templates for my own projects, they contain the features I need.

Table of Contents

Requirements | Configuration | Templates | Documentation | Contributing | License

Requirements

  • Debian linux distribution: ~9.1
  • apache: ~2.4.25
    • Modules: alias, deflate, dir, env, evasive, expires, filter, headers, http2, include, rewrite, unique_id, ssl_module, proxy_module, proxy_http_module / proxy_http2_module, remoteip_module
  • openssl: ~1.1.0f

Configuration

I do not modify any Apache2.4 configuration files. I just add new configuration files to override the default Apache2.4 configuration.

When it starts, Apache2.4 includes the module configuration files (/etc/apache2/mods-enabled/*) and, then, the particular configuration snippets (/etc/apache2/conf-enabled/*.conf) which manage global configuration fragments.

Files

  • zzz-apache2.conf: overrides the main Apache server configuration.
  • zzz-deflate.conf: overrides the DEFLATE configuration that allows output from your server to be compressed before being sent to the client over the network.
  • zzz-dir.conf: overrides the default serving directory index files configuration.
  • zzz-evasive.conf: overrides the default EVASIVE module configuration.
  • zzz-expires.conf: overrides and extends the default expirations time by type.
  • zzz-expires-cdn.conf: modern version for caching while using CDN.
  • zzz-expires-fingerprint.conf: modern version for caching while using fingerprinted URLs.
  • zzz-headers.conf: adds few HTTP request and response headers customizations.
  • zzz-log.conf: overrides log configuration.
  • zzz-mime.conf: adds more mime types.
  • zzz-mpm_event.conf: overrides the event worker MPM default configuration.
  • zzz-php7.x-fpm.conf: configure the local php-fpm using proxy.
  • zzz-proxy.conf: overrides the multi-protocol proxy/gateway server default configuration.
  • zzz-remoteip.conf: overides remoteip configuration.
  • zzz-security.conf: overrides and adds more security configuration snippets for the server.
  • zzz-ssl.conf: SSL configuration.
  • zzz-status.conf: overrides the status and info modules configurations.

How to setup the Apache2.4 personnal configuration

  1. Copy the configuration files into /etc/apache2/conf-available
  2. Edit the named like zzz-***.conf files and make changes as you need.
  3. Enable the configuration you need using a2enconf zzz-***
  4. Test the configuration using apache2ctl -t
  5. When test is OK, activate the new configuration using systemctl reload apache2

Templates

I wrote theses templates to ease the process of creating named-based virtualhosts.

I do not use the module mod_macro, I only use the built-in Include and Define directives.

Each domain.tld directory contains configuration for HTTP and HTTPS. The domain.tld/include contains the common snippets for HTTP and HTTPS.

The Content Security Policy (CSP) snippets depends on your site and must be tested.

Module mod_http2 must be enable to provides HTTP/2 support in SSL.

Features

  • _common.conf: contains many files with common snippets.
    • access_control directory contains Access control directives for application and static website.
    • security directory contains security directives for HSTS and WordPress.
  • 000-default: contains the default virtualhost configuration.
  • static.tld: contains the name-based vhost configuration for a static website.
  • app.tld: contains the name-based vhost configuration for a PHP application.
  • api.tld: contains the name-based vhost configuration for a mixed static website and PHP application.
  • redirect.tld: contains the configuration for a redirection.
  • reverseproxy.tld: configuration sample for a reverse proxy.
    • remoteip_module, proxy_module and proxy_http_module or/and proxy_http2_module are required.
    • conf-available/zzz-expires.conf and conf-available/zzz-headers.conf should not be enabled.
  • loader.conf: one file to rule them all.

How to setup the site templates

  1. Copy the templates into /etc/apache2/sites-available
  2. Edit the files and make changes as you need.
  3. Edit and update the loader.conf file.
  4. Enable the sites using a2ensite loader
  5. restarts the Apache daemon using apache2ctl graceful

Documentation

I wrote and I use this package for my own projects. And, unfortunately, I do not provide exhaustive documentation. Please read the code and the comments ;)

For instructions on how to use, best practices, templates and other usage information, please visit the Apache2.4 documentation.

Contributing

Thanks you for taking the time to contribute. Please fork the repository and make changes as you'd like.

As I use these configuration and templates for my own projects, it contains only the features I need. But If you have any ideas, just open an issue and tell me what you think. Pull requests are also warmly welcome.

If you encounter any bugs in the configuration or templates, please open an issue.

Be sure to include a title and clear description,as much relevant information as possible, and a code sample or an executable test case demonstrating the expected behavior that is not occurring.

License

Apache2.4 configuration and templates are open-source and are licensed under the Apache-2.0 License.

About

Apache2.4 configuration and site templates

sslvhost-configurationvirtual-hostsapache24reverse-proxyproxyremoteipevasivereferrer-policystrict-transport-securityhttp2content-security-policyhstscspproxy-http2site-templateconfigurationdebian-linux-distribution

License:Apache License 2.0