# vhost-proxy-http-backend.template # # Apache vhost configuration template for a straightforward, http based # backend behind a reverse proxy. All public security matters as SSL # connection or certificates are dealt with by the proxy server. # It is currently configured to serve from a htdocs directory. You may # have to modify this to integrate one of the various web applications. # Version 2.0 # To adjust in vi/vim: # :%s/SHORT_DESCR/real_short_descr/g e.g. my-domain.org production server # :%s/FQN_NAME/your_domain/g e.g. my-domain.org # :%s/BASE_NAME/your_shortname/g e.g. my-domain.org # :%s/OPTIONAL_ALIAS/your_alias/g e.g. www.my-domain.org # afterwards delete these lines # Backend host configuration for # SHORT_DESCR # This is a dedicated backend configuration behind a public facing proxy! # Don't use it for any public facing server! ServerName FQN_NAME ServerAlias OPTIONAL_ALIAS ServerAdmin root@localhost # ==================================================================== # Proxy handling, the log file will contain the origin request data RemoteIPHeader X-Forwarded-For RemoteIPInternalProxy 192.168.122.1/24 # Overwriting the default combined Format is no longer required. # ==================================================================== # =============================================================== # Directory Locations # =============================================================== DirectoryIndex index.html DocumentRoot /srv/BASE_NAME/htdocs # Specific to default 2.4 configuration: # Enable access to server-specific base file location AllowOverride None # Allow open access: Require all granted # Further relax access to the default document root # # Possible values for the Options directive are "None", "All", # or any combination of: # Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews # # Note that "MultiViews" must be named *explicitly* --- "Options All" # doesn't give it to you. # # The Options directive is both complicated and important. Please see # http://httpd.apache.org/docs/2.4/mod/core.html#options # for more information. # Options Indexes FollowSymLinks # # AllowOverride controls what directives may be placed in .htaccess files. # It can be "All", "None", or any combination of the keywords: # Options FileInfo AuthConfig Limit # AllowOverride None # # Controls who can get stuff from this server: # Allow open access: Require all granted # =============================================================== # Logging configuration # =============================================================== # NOTE: fail2ban searches for ~/logs/*acccess_log and ~/logs/*error_log # to access log files to watch and analyze! ErrorLog logs/BASE_NAME_error_log CustomLog logs/BASE_NAME_access_log combined LogLevel warn