#
# %CopyrightBegin%
#
# Copyright Ericsson AB 1997-2016. All Rights Reserved.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# %CopyrightEnd%
#
#
# Port: The port the standalone listens to. For ports < 1023, you will
# need httpd to be run as root initially.
Port 8888
# BindAddress: This directive is used to tell the server which IP address
# to listen to. It can either contain "*", an IP address, or a fully
# qualified Internet domain name.
#
# It is also possible to specify the ip-family with the directive.
# There ar three possible value: inet, inet6 and inet6fb4
# inet: Use IpFamily inet when retreiving the address and
# fail if that does not work.
# inet6: Use IpFamily inet6 when retreiving the address and
# fail if that does not work.
# inet6fb4: First IpFamily inet6 is tried and if that does not work,
# inet is used as fallback.
# Default value for ip-family is inet6fb4
#
# The syntax is: <address>[|<ip-family>]
#
#BindAddress *
#BindAddress *|inet
# ServerName allows you to set a host name which is sent back to clients for
# your server if it's different than the one the program would get (i.e. use
# "www" instead of the host's real name).
#
# Note: You cannot just invent host names and hope they work. The name you
# define here must be a valid DNS name for your host. If you don't understand
# this, ask your network administrator.
#ServerName your.server.net
# SocketType is either ip_comm, sockets or ssl.
SocketType ip_comm
# Modules: Server run-time plug-in modules written using the Erlang
# Web Server API (EWSAPI). The server API make it easy to add functionality
# to the server. Read more about EWSAPI in the Reference Manual.
# WARNING! Do not tamper with this directive unless you are familiar with
# EWSAPI.
Modules mod_alias mod_auth mod_esi mod_actions mod_cgi mod_responsecontrol mod_trace mod_range mod_head mod_dir mod_get mod_log mod_disk_log
# ServerAdmin: Your address, where problems with the server should be
# e-mailed.
ServerAdmin [email protected]
# ServerRoot: The directory the server's config, error, and log files
# are kept in
ServerRoot /var/tmp/server_root
# ErrorLog: The location of the error log file. If this does not start
# with /, ServerRoot is prepended to it.
ErrorLog logs/error_log
# TransferLog: The location of the transfer log file. If this does not
# start with /, ServerRoot is prepended to it.
TransferLog logs/access_log
# SecurityLog: The location of the security log file (mod_security required)
#
SecurityLog logs/security_log
# ErrorDiskLog: The location of the error log file. If this does not
# start with /, ServerRoot is prepended to it. This log file is managed
# with the disk_log module [See disk_log(3)]. The ErrorDiskLogSize directive
# takes two argument, i.e. MaxBytes and MaxFiles. The wrap log writes at most
# MaxBytes bytes on each file, and it uses MaxFiles files before it wraps, and
# truncates the first file.
ErrorDiskLog logs/error_disk_log
ErrorDiskLogSize 200000 10
# TransferDiskLog: The location of the transfer log file. If this does not
# start with /, ServerRoot is prepended to it. This log file is managed
# with the disk_log module [See disk_log(3)]. The TransferDiskLogSize directive
# takes two argument, i.e. MaxBytes and MaxFiles. The wrap log writes at most
# MaxBytes bytes on each file, and it uses MaxFiles files before it wraps, and
# truncates the first file.
TransferDiskLog logs/access_disk_log
TransferDiskLogSize 200000 10
# SecurityDiskLog: The location of the security log file. If this does not
# start with /, ServerRoot is prepended to it. This log file is managed
# with the disk_log module [See disk_log(3)]. The SecurityDiskLogSize directive
# takes two argument, i.e. MaxBytes and MaxFiles. The wrap log writes at most
# MaxBytes bytes on each file, and it uses MaxFiles files before it wraps, and
# truncates the first file.
SecurityDiskLog logs/security_disk_log
SecurityDiskLogSize 200000 10
# Limit on total number of servers running, i.e., limit on the number
# of clients who can simultaneously connect --- if this limit is ever
# reached, clients will be LOCKED OUT, so it should NOT BE SET TOO LOW.
# It is intended mainly as a brake to keep a runaway server from taking
# the server with it as it spirals down...
MaxClients 50
# KeepAlive set the flag for persistent connections. For peristent connections
# set KeepAlive to on. To use One request per connection set the flag to off
# Note: The value has changed since previous version of INETS.
KeepAlive on
# KeepAliveTimeout sets the number of seconds before a persistent connection
# times out and closes.
KeepAliveTimeout 10
# MaxKeepAliveRequests sets the number of seconds before a persistent connection
# times out and closes.
MaxKeepAliveRequests 10
# DocumentRoot: The directory out of which you will serve your
# documents. By default, all requests are taken from this directory, but
# symbolic links and aliases may be used to point to other locations.
DocumentRoot /var/tmp/server_root/htdocs
# DirectoryIndex: Name of the file or files to use as a pre-written HTML
# directory index. Separate multiple entries with spaces.
DirectoryIndex index.html welcome.html
# DefaultType is the default MIME type for documents which the server
# cannot find the type of from filename extensions.
DefaultType text/plain
# Aliases: Add here as many aliases as you need (with no limit). The format is
# Alias fakename realname
Alias /icons/ /var/tmp/server_root/icons/
Alias /pics/ /var/tmp/server_root/icons/
# ScriptAlias: This controls which directories contain server scripts.
# Format: ScriptAlias fakename realname
ScriptAlias /cgi-bin/ /var/tmp/server_root/cgi-bin/
ScriptAlias /htbin/ /var/tmp/server_root/cgi-bin/
# This directive adds an action, which will activate cgi-script when a
# file is requested using the method of method, which can be one of
# GET, POST and HEAD. It sends the URL and file path of the requested
# document using the standard CGI PATH_INFO and PATH_TRANSLATED
# environment variables.
#Script HEAD /cgi-bin/printenv.sh
# This directive adds an action, which will activate cgi-script when a
# file of content type mime-type is requested. It sends the URL and
# file path of the requested document using the standard CGI PATH_INFO
# and PATH_TRANSLATED environment variables.
#Action image/gif /cgi-bin/printenv.sh
# ErlScriptAlias: This specifies how "Erl" server scripts are called.
# Format: ErlScriptAlias fakename realname allowed_modules
ErlScriptAlias /down/erl httpd_example io
# EvalScriptAlias: This specifies how "Eval" server scripts are called.
# Format: EvalScriptAlias fakename realname allowed_modules
EvalScriptAlias /eval httpd_example io
# Point SSLCertificateFile at a PEM encoded certificate.
SSLCertificateFile /var/tmp/server_root/ssl/ssl_server.pem
# If the key is not combined with the certificate, use this directive to
# point at the key file.
SSLCertificateKeyFile /var/tmp/server_root/ssl/ssl_server.pem
# Set SSLVerifyClient to:
# 0 if no certicate is required
# 1 if the client may present a valid certificate
# 2 if the client must present a valid certificate
# 3 if the client may present a valid certificate but it is not required to
# have a valid CA
SSLVerifyClient 0
# Each directory to which INETS has access, can be configured with respect
# to which services and features are allowed and/or disabled in that
# directory (and its subdirectories).
<Directory /var/tmp/server_root/htdocs/open>
AuthDBType plain
AuthName Open Area
AuthUserFile /var/tmp/server_root/auth/passwd
AuthGroupFile /var/tmp/server_root/auth/group
require user one Aladdin
</Directory>
<Directory /var/tmp/server_root/htdocs/secret>
AuthDBType plain
AuthName Secret Area
AuthUserFile /var/tmp/server_root/auth/passwd
AuthGroupFile /var/tmp/server_root/auth/group
require group group1 group2
</Directory>
<Directory /var/tmp/server_root/htdocs/secret/top_secret>
AuthDBType plain
AuthName Top Secret Area
AuthUserFile /var/tmp/server_root/auth/passwd
AuthGroupFile /var/tmp/server_root/auth/group
require group group3
</Directory>
<Directory /var/tmp/server_root/htdocs/mnesia_open>
AuthDBType mnesia
AuthName Open Area
require user one Aladdin
</Directory>
<Directory /var/tmp/server_root/htdocs/mnesia_secret>
AuthDBType mnesia
AuthName Secret Area
require group group1 group2
</Directory>
<Directory /var/tmp/server_root/htdocs/mnesia_secret/top_secret>
AuthDBType mnesia
AuthName Top Secret Area
require group group3
allow from 130.100.34 130.100.35
deny from 100.234.22.12 194.100.34.1 130.100.34.25
SecurityDataFile logs/security_data
SecurityMaxRetries 3
SecurityBlockTime 10
SecurityFailExpireTime 1
SecurityAuthTimeout 1
SecurityCallbackModule security_callback
</Directory>