<?xml version="1.0" encoding="UTF-8" ?>
- <httpServerConfig>
<serverName>Thixs has been edited by me for security reasons</serverName>
<adminEmails>This also</adminEmails>
<priority>-19</priority>
<autoRestart>1</autoRestart>
<user>nobody</user>
<group>nobody</group>
<enableChroot>0</enableChroot>
<chrootPath>/</chrootPath>
<inMemBufSize>120M</inMemBufSize>
<autoFix503>1</autoFix503>
<loadApacheConf>0</loadApacheConf>
<mime>$SERVER_ROOT/conf/mime.properties</mime>
<showVersionNumber>0</showVersionNumber>
<autoUpdateInterval>86400</autoUpdateInterval>
<autoUpdateDownloadPkg>1</autoUpdateDownloadPkg>
<adminRoot>$SERVER_ROOT/admin/</adminRoot>
<swappingDir>/tmp/lshttpd/swap</swappingDir>
- <listenerList>
- <listener>
<name>Default</name>
<address>*:80</address>
<secure>0</secure>
- <vhostMapList>
- <vhostMap>
<vhost>Example</vhost>
<domain>*</domain>
</vhostMap>
</vhostMapList>
</listener>
</listenerList>
- <virtualHostList>
- <virtualHost>
<name>Example</name>
<vhRoot>$SERVER_ROOT/DEFAULT/</vhRoot>
<configFile>$VH_ROOT/conf/vhconf.xml</configFile>
<allowSymbolLink>1</allowSymbolLink>
<enableScript>1</enableScript>
<restrained>1</restrained>
<setUIDMode>0</setUIDMode>
<chrootMode>0</chrootMode>
</virtualHost>
</virtualHostList>
- <vhTemplateList>
- <vhTemplate>
<name>centralConfigLog</name>
<templateFile>$SERVER_ROOT/conf/templates/ccl.xml</templateFile>
<listeners>Default</listeners>
</vhTemplate>
- <vhTemplate>
<name>PHP_SuEXEC</name>
<templateFile>$SERVER_ROOT/conf/templates/phpsuexec.xml</templateFile>
<listeners>Default</listeners>
</vhTemplate>
- <vhTemplate>
<name>EasyRailsWithSuEXEC</name>
<templateFile>$SERVER_ROOT/conf/templates/rails.xml</templateFile>
<listeners>Default</listeners>
</vhTemplate>
</vhTemplateList>
- <extProcessorList>
- <extProcessor>
<type>lsapi</type>
<name>lsphp5</name>
<address>uds://tmp/lshttpd/lsphp5.sock</address>
<note />
<maxConns>35</maxConns>
<env>PHP_LSAPI_MAX_REQUESTS=500</env>
<env>PHP_LSAPI_CHILDREN=35</env>
<initTimeout>60</initTimeout>
<retryTimeout>0</retryTimeout>
<persistConn>1</persistConn>
<pcKeepAliveTimeout />
<respBuffer>0</respBuffer>
<autoStart>1</autoStart>
<path>$SERVER_ROOT/fcgi-bin/lsphp5</path>
<backlog>100</backlog>
<instances>1</instances>
<runOnStartUp />
<extMaxIdleTime />
<priority>0</priority>
<memSoftLimit>250M</memSoftLimit>
<memHardLimit>300M</memHardLimit>
<procSoftLimit>200</procSoftLimit>
<procHardLimit>200</procHardLimit>
</extProcessor>
- <extProcessor>
<type>lsapi</type>
<name>lsphp4</name>
<address>uds://tmp/lshttpd/lsphp4.sock</address>
<note />
<maxConns>35</maxConns>
<env>PHP_LSAPI_MAX_REQUESTS=500</env>
<env>PHP_LSAPI_CHILDREN=35</env>
<initTimeout>60</initTimeout>
<retryTimeout>0</retryTimeout>
<persistConn>1</persistConn>
<pcKeepAliveTimeout />
<respBuffer>0</respBuffer>
<autoStart>1</autoStart>
<path>$SERVER_ROOT/fcgi-bin/lsphp4</path>
<backlog>100</backlog>
<instances>1</instances>
<runOnStartUp />
<extMaxIdleTime />
<priority>0</priority>
<memSoftLimit>250M</memSoftLimit>
<memHardLimit>300M</memHardLimit>
<procSoftLimit>200</procSoftLimit>
<procHardLimit>200</procHardLimit>
</extProcessor>
</extProcessorList>
- <scriptHandlerList>
- <scriptHandler>
<suffix>php</suffix>
<type>lsapi</type>
<handler>lsphp5</handler>
</scriptHandler>
- <scriptHandler>
<suffix>php4</suffix>
<type>lsapi</type>
<handler>lsphp4</handler>
</scriptHandler>
- <scriptHandler>
<suffix>php5</suffix>
<type>lsapi</type>
<handler>lsphp5</handler>
<note />
</scriptHandler>
</scriptHandlerList>
- <railsDefaults>
<rubyBin />
<railsEnv>1</railsEnv>
<maxConns>5</maxConns>
<env>LSAPI_MAX_REQS=1000</env>
<env>LSAPI_MAX_IDLE=60</env>
<initTimeout>180</initTimeout>
<retryTimeout>0</retryTimeout>
<pcKeepAliveTimeout>60</pcKeepAliveTimeout>
<respBuffer>0</respBuffer>
<backlog>50</backlog>
<runOnStartUp>1</runOnStartUp>
<extMaxIdleTime />
<priority>3</priority>
<memSoftLimit>550M</memSoftLimit>
<memHardLimit>600M</memHardLimit>
<procSoftLimit>200</procSoftLimit>
<procHardLimit>300</procHardLimit>
</railsDefaults>
- <tuning>
<maxConnections>2000</maxConnections>
<maxSSLConnections>200</maxSSLConnections>
<connTimeout>300</connTimeout>
<maxKeepAliveReq>1000</maxKeepAliveReq>
<keepAliveTimeout>5</keepAliveTimeout>
<smartKeepAlive>0</smartKeepAlive>
<sndBufSize>0</sndBufSize>
<rcvBufSize>0</rcvBufSize>
<eventDispatcher>best</eventDispatcher>
<maxCachedFileSize>4096</maxCachedFileSize>
<totalInMemCacheSize>20M</totalInMemCacheSize>
<maxMMapFileSize>256K</maxMMapFileSize>
<totalMMapCacheSize>40M</totalMMapCacheSize>
<useSendfile>1</useSendfile>
<useAIO>1</useAIO>
<AIOBlockSize>4</AIOBlockSize>
<SSLCryptoDevice>null</SSLCryptoDevice>
<maxReqURLLen>8192</maxReqURLLen>
<maxReqHeaderSize>16380</maxReqHeaderSize>
<maxReqBodySize>500M</maxReqBodySize>
<maxDynRespHeaderSize>8K</maxDynRespHeaderSize>
<maxDynRespSize>500M</maxDynRespSize>
<enableDynGzipCompress>1</enableDynGzipCompress>
<gzipCompressLevel>1</gzipCompressLevel>
<enableGzipCompress>1</enableGzipCompress>
<compressibleTypes>text/*,application/x-javascript,application/javascript,application/xml</compressibleTypes>
<gzipAutoUpdateStatic>1</gzipAutoUpdateStatic>
<gzipStaticCompressLevel>6</gzipStaticCompressLevel>
<gzipMaxFileSize>1M</gzipMaxFileSize>
<gzipMinFileSize>300</gzipMinFileSize>
</tuning>
- <logging>
- <log>
<fileName>$SERVER_ROOT/logs/error.log</fileName>
<logLevel>DEBUG</logLevel>
<debugLevel>0</debugLevel>
<rollingSize>10M</rollingSize>
<enableStderrLog>1</enableStderrLog>
</log>
- <accessLog>
<fileName>$SERVER_ROOT/logs/access.log</fileName>
<keepDays>30</keepDays>
<rollingSize>10M</rollingSize>
<logReferer>1</logReferer>
<logUserAgent>1</logUserAgent>
<compressArchive>0</compressArchive>
</accessLog>
</logging>
<indexFiles>index.html, index.php</indexFiles>
- <htAccess>
<allowOverride>0</allowOverride>
<accessFileName>.htaccess</accessFileName>
</htAccess>
- <expires>
<enableExpires>1</enableExpires>
<expiresByType>image/*=A604800, text/css=A604800, application/x-javascript=A604800, application/javascript=A604800</expiresByType>
</expires>
- <security>
- <accessDenyDir>
<dir>/</dir>
<dir>/etc/*</dir>
<dir>/dev/*</dir>
<dir>$SERVER_ROOT/conf/*</dir>
<dir>$SERVER_ROOT/admin/conf/*</dir>
</accessDenyDir>
- <CGIRLimit>
<maxCGIInstances>20</maxCGIInstances>
<minUID>11</minUID>
<minGID>10</minGID>
<priority>0</priority>
<CPUSoftLimit>300</CPUSoftLimit>
<CPUHardLimit>600</CPUHardLimit>
<memSoftLimit>250M</memSoftLimit>
<memHardLimit>300M</memHardLimit>
<procSoftLimit>400</procSoftLimit>
<procHardLimit>450</procHardLimit>
</CGIRLimit>
- <perClientConnLimit>
<staticReqPerSec>0</staticReqPerSec>
<dynReqPerSec>0</dynReqPerSec>
<outBandwidth>0</outBandwidth>
<inBandwidth>0</inBandwidth>
<softLimit>10000</softLimit>
<hardLimit>10000</hardLimit>
<gracePeriod>15</gracePeriod>
<banPeriod>300</banPeriod>
</perClientConnLimit>
- <fileAccessControl>
<followSymbolLink>1</followSymbolLink>
<checkSymbolLink>0</checkSymbolLink>
<requiredPermissionMask>000</requiredPermissionMask>
<restrictedPermissionMask>000</restrictedPermissionMask>
</fileAccessControl>
- <censorshipControl>
<enableCensorship>0</enableCensorship>
<logLevel>0</logLevel>
<defaultAction>deny,log,status:403</defaultAction>
<scanPOST>1</scanPOST>
</censorshipControl>
- <censorshipRuleSet>
<name>XSS attack</name>
<ruleSetAction>log,deny,status:403,msg:'XSS attack'</ruleSetAction>
<enabled>1</enabled>
<ruleSet>SecFilterSelective ARGS "(alert|expression|eval|url)[[:space:]]*\(" SecFilterSelective ARGS "(&\{.+\}|(&#[[0-9a-fA-F]]|\x5cx[0-9a-fA-F]){2})" SecFilterSelective ARGS "((javascript|vbscript):|style[[:space:]]*=)" SecFilterSelective ARGS "(fromCharCode|http-equiv|<.+>|innerHTML|dynsrc|-->)" SecFilterSelective ARGS "document\.(body|cookie|location|write)" SecFilterSelective ARGS_VALUES "jsessionid|phpsessid|onReadyStateChange|xmlHttp" SecFilterSelective ARGS "<(applet|div|embed|iframe|img|meta|object|script|textarea)" # JavaScript event handlers SecFilterSelective ARGS "on(Abort|Blur|Click|DblClick|DragDrop|Error|Focus|KeyUp|KeyDown|KeyPrerss|Load|Mouse(Down|Out|Over|Up)|Move|Reset|Resize|Select|Submit|Unload)"</ruleSet>
</censorshipRuleSet>
- <censorshipRuleSet>
<name>SQL injection</name>
<ruleSetAction>log,pass,msg:'SQL Injection attack'</ruleSetAction>
<enabled>1</enabled>
<ruleSet>#SQL generic SecFilterSelective ARGS "drop[[:space:]]+(database|table|column|procedure)" SecFilterSelective ARGS "delete[[:space:]]+from|create[[:space:]]+table|update.+set.+=|insert[[:space:]]+into.+values" SecFilterSelective ARGS "select.+from|bulk[[:space:]]+insert|union.+select|alter[[:space:]]+table" SecFilterSelective ARGS "or.+1[[:space:]]*=[[:space:]]1|or 1=1--'|'.+--" SecFilterSelective ARGS "into[[:space:]]+outfile|load[[:space:]]+data|/\*.+\*/"</ruleSet>
</censorshipRuleSet>
- <accessControl>
<allow>ALL</allow>
<deny />
</accessControl>
</security>
</httpServerConfig>