1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
|
#
# %CopyrightBegin%
#
# Copyright Ericsson AB 1997-2011. All Rights Reserved.
#
# The contents of this file are subject to the Erlang Public License,
# Version 1.1, (the "License"); you may not use this file except in
# compliance with the License. You should have received a copy of the
# Erlang Public License along with this software. If not, it can be
# retrieved online at http://www.erlang.org/.
#
# Software distributed under the License is distributed on an "AS IS"
# basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See
# the License for the specific language governing rights and limitations
# under the License.
#
# %CopyrightEnd%
#
#
# Port: The port the standalone listens to. For ports < 1023, you will
# need httpd to be run as root initially.
Port 8888
# BindAddress: This directive is used to tell the server which IP address
# to listen to. It can either contain "*", an IP address, or a fully
# qualified Internet domain name.
#
# It is also possible to specify the ip-family with the directive.
# There ar three possible value: inet, inet6 and inet6fb4
# inet: Use IpFamily inet when retreiving the address and
# fail if that does not work.
# inet6: Use IpFamily inet6 when retreiving the address and
# fail if that does not work.
# inet6fb4: First IpFamily inet6 is tried and if that does not work,
# inet is used as fallback.
# Default value for ip-family is inet6fb4
#
# The syntax is: <address>[|<ip-family>]
#
#BindAddress *
#BindAddress *|inet
# ServerName allows you to set a host name which is sent back to clients for
# your server if it's different than the one the program would get (i.e. use
# "www" instead of the host's real name).
#
# Note: You cannot just invent host names and hope they work. The name you
# define here must be a valid DNS name for your host. If you don't understand
# this, ask your network administrator.
#ServerName your.server.net
# SocketType is either ip_comm, sockets or ssl.
SocketType ip_comm
# Modules: Server run-time plug-in modules written using the Erlang
# Web Server API (EWSAPI). The server API make it easy to add functionality
# to the server. Read more about EWSAPI in the Reference Manual.
# WARNING! Do not tamper with this directive unless you are familiar with
# EWSAPI.
Modules mod_alias mod_auth mod_esi mod_actions mod_cgi mod_responsecontrol mod_trace mod_range mod_head mod_include mod_dir mod_get mod_log mod_disk_log
# ServerAdmin: Your address, where problems with the server should be
# e-mailed.
ServerAdmin jocke@erix.ericsson.se
# ServerRoot: The directory the server's config, error, and log files
# are kept in
ServerRoot /var/tmp/server_root
# ErrorLog: The location of the error log file. If this does not start
# with /, ServerRoot is prepended to it.
ErrorLog logs/error_log
# TransferLog: The location of the transfer log file. If this does not
# start with /, ServerRoot is prepended to it.
TransferLog logs/access_log
# SecurityLog: The location of the security log file (mod_security required)
#
SecurityLog logs/security_log
# ErrorDiskLog: The location of the error log file. If this does not
# start with /, ServerRoot is prepended to it. This log file is managed
# with the disk_log module [See disk_log(3)]. The ErrorDiskLogSize directive
# takes two argument, i.e. MaxBytes and MaxFiles. The wrap log writes at most
# MaxBytes bytes on each file, and it uses MaxFiles files before it wraps, and
# truncates the first file.
ErrorDiskLog logs/error_disk_log
ErrorDiskLogSize 200000 10
# TransferDiskLog: The location of the transfer log file. If this does not
# start with /, ServerRoot is prepended to it. This log file is managed
# with the disk_log module [See disk_log(3)]. The TransferDiskLogSize directive
# takes two argument, i.e. MaxBytes and MaxFiles. The wrap log writes at most
# MaxBytes bytes on each file, and it uses MaxFiles files before it wraps, and
# truncates the first file.
TransferDiskLog logs/access_disk_log
TransferDiskLogSize 200000 10
# SecurityDiskLog: The location of the security log file. If this does not
# start with /, ServerRoot is prepended to it. This log file is managed
# with the disk_log module [See disk_log(3)]. The SecurityDiskLogSize directive
# takes two argument, i.e. MaxBytes and MaxFiles. The wrap log writes at most
# MaxBytes bytes on each file, and it uses MaxFiles files before it wraps, and
# truncates the first file.
SecurityDiskLog logs/security_disk_log
SecurityDiskLogSize 200000 10
# Limit on total number of servers running, i.e., limit on the number
# of clients who can simultaneously connect --- if this limit is ever
# reached, clients will be LOCKED OUT, so it should NOT BE SET TOO LOW.
# It is intended mainly as a brake to keep a runaway server from taking
# the server with it as it spirals down...
MaxClients 50
# KeepAlive set the flag for persistent connections. For peristent connections
# set KeepAlive to on. To use One request per connection set the flag to off
# Note: The value has changed since previous version of INETS.
KeepAlive on
# KeepAliveTimeout sets the number of seconds before a persistent connection
# times out and closes.
KeepAliveTimeout 10
# MaxKeepAliveRequests sets the number of seconds before a persistent connection
# times out and closes.
MaxKeepAliveRequests 10
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
DocumentRoot /var/tmp/server_root/htdocs
# DirectoryIndex: Name of the file or files to use as a pre-written HTML
# directory index. Separate multiple entries with spaces.
DirectoryIndex index.html welcome.html
# DefaultType is the default MIME type for documents which the server
# cannot find the type of from filename extensions.
DefaultType text/plain
# Aliases: Add here as many aliases as you need (with no limit). The format is
# Alias fakename realname
Alias /icons/ /var/tmp/server_root/icons/
Alias /pics/ /var/tmp/server_root/icons/
# ScriptAlias: This controls which directories contain server scripts.
# Format: ScriptAlias fakename realname
ScriptAlias /cgi-bin/ /var/tmp/server_root/cgi-bin/
ScriptAlias /htbin/ /var/tmp/server_root/cgi-bin/
# This directive adds an action, which will activate cgi-script when a
# file is requested using the method of method, which can be one of
# GET, POST and HEAD. It sends the URL and file path of the requested
# document using the standard CGI PATH_INFO and PATH_TRANSLATED
# environment variables.
#Script HEAD /cgi-bin/printenv.sh
# This directive adds an action, which will activate cgi-script when a
# file of content type mime-type is requested. It sends the URL and
# file path of the requested document using the standard CGI PATH_INFO
# and PATH_TRANSLATED environment variables.
#Action image/gif /cgi-bin/printenv.sh
# ErlScriptAlias: This specifies how "Erl" server scripts are called.
# Format: ErlScriptAlias fakename realname allowed_modules
ErlScriptAlias /down/erl httpd_example io
# EvalScriptAlias: This specifies how "Eval" server scripts are called.
# Format: EvalScriptAlias fakename realname allowed_modules
EvalScriptAlias /eval httpd_example io
# Point SSLCertificateFile at a PEM encoded certificate.
SSLCertificateFile /var/tmp/server_root/ssl/ssl_server.pem
# If the key is not combined with the certificate, use this directive to
# point at the key file.
SSLCertificateKeyFile /var/tmp/server_root/ssl/ssl_server.pem
# Set SSLVerifyClient to:
# 0 if no certicate is required
# 1 if the client may present a valid certificate
# 2 if the client must present a valid certificate
# 3 if the client may present a valid certificate but it is not required to
# have a valid CA
SSLVerifyClient 0
# Each directory to which INETS has access, can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
<Directory /var/tmp/server_root/htdocs/open>
AuthDBType plain
AuthName Open Area
AuthUserFile /var/tmp/server_root/auth/passwd
AuthGroupFile /var/tmp/server_root/auth/group
require user one Aladdin
</Directory>
<Directory /var/tmp/server_root/htdocs/secret>
AuthDBType plain
AuthName Secret Area
AuthUserFile /var/tmp/server_root/auth/passwd
AuthGroupFile /var/tmp/server_root/auth/group
require group group1 group2
</Directory>
<Directory /var/tmp/server_root/htdocs/secret/top_secret>
AuthDBType plain
AuthName Top Secret Area
AuthUserFile /var/tmp/server_root/auth/passwd
AuthGroupFile /var/tmp/server_root/auth/group
require group group3
</Directory>
<Directory /var/tmp/server_root/htdocs/mnesia_open>
AuthDBType mnesia
AuthName Open Area
require user one Aladdin
</Directory>
<Directory /var/tmp/server_root/htdocs/mnesia_secret>
AuthDBType mnesia
AuthName Secret Area
require group group1 group2
</Directory>
<Directory /var/tmp/server_root/htdocs/mnesia_secret/top_secret>
AuthDBType mnesia
AuthName Top Secret Area
require group group3
allow from 130.100.34 130.100.35
deny from 100.234.22.12 194.100.34.1 130.100.34.25
SecurityDataFile logs/security_data
SecurityMaxRetries 3
SecurityBlockTime 10
SecurityFailExpireTime 1
SecurityAuthTimeout 1
SecurityCallbackModule security_callback
</Directory>
|
