License

Copyright (C) 2008-2017 Oliver Bohlen.

Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts.

A copy of the license is included in the section entitled "GNU Free Documentation License".

Introduction

This documentation comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law.

Howto: Webserver for Gentoo Linux

I use name based virtual hosts for multiple domains under the same IP. Here is my Webserver and PHP configuration.
Before installing (emergeing) apache, change the /etc/make.conf as shown below.

If you want to use this solution you need the following howto(s) finished:

Required software

The required software has to be installed with the following command(s):
emerge www-servers/apache

Changes in /etc/apache2/modules.d/00_mod_log_config.conf

File permissions:
Owner: root
Group: root
Permissions: -rw-r--r--

Click here for a download of the complete file: /etc/apache2/modules.d/00_mod_log_config.conf

Changed on 13.01.09
Issued by olli
Beginning line 23

This activates apache logging for with vhost names in the log file


Before change
CustomLog /var/log/apache2/access_log common
After change
CustomLog /var/log/apache2/access_log vhost

Changes in /etc/apache2/vhosts.d/01_vhosts.conf

File permissions:
Owner: root
Group: root
Permissions: -rw-r--r--

Click here for a download of the complete file: /etc/apache2/vhosts.d/01_vhosts.conf

Changed on 13.01.09
Issued by olli
Beginning line 1

Here are some settings for name based virtual hosts and some security settings before.


# Some default settings
Listen 80
Listen 443
#NameVirtualHost *:80
#NameVirtualHost *:443
# ServerName
ServerName silent-gabosh.example.com
# Directory Index
DirectoryIndex index.html

# Some security settings
Timeout 60
# Allow a maximum of 100MB for upload.
LimitRequestBody 104857600
# Mallow a maximum of 50 headersites
LimitRequestFields 50
# Sets maximum length of the from client sent HTTP-Request-Headers
LimitRequestFieldsize 4094
# Maximum leght of HTTP request line
LimitRequestLine 8190
# Allow a maximum of 100MB for upload. per webdav
LimitXMLRequestBody 104857600

# Deactvate SSL compression
SSLCompression off
# deactivate SSLv2+3 (Poodle Attack)
SSLProtocol All -SSLv2 -SSLv3
# Ciphers recommended by Mozilla https://wiki.mozilla.org/Security/Server_Side_TLS
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!3DES:!MD5:!PSK
SSLHonorCipherOrder on
#SSLCipherSuite EECDH+AES:EDH+AES:EECDH+RC4:EDH+RC4:RC4-SHA:EECDH+AES256:EDH+AES256:AES256-SHA:!aNULL:!eNULL:!EXP:!LOW:!MD5
SSLCertificateFile /etc/ssl/example.com/example.com.crt
SSLCertificateKeyFile /etc/ssl/example.com/example.com.key
SSLCertificateChainFile /etc/ssl/example.com/letsencryptchain.pem
# OCSP Stapling
#SSLUseStapling on
#SSLStaplingResponderTimeout 5
#SSLStaplingReturnResponderErrors off
#SSLStaplingCache shmcb:/var/run/ocsp(128000)
# Secure cookies
Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure
# Enable HTTP Strict Transport Security
Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"

# Load LDAP Auth modules
LoadModule ldap_module /usr/lib/apache2/modules/mod_ldap.so
LoadModule authnz_ldap_module /usr/lib/apache2/modules/mod_authnz_ldap.so

# Security
<Directory />
 Require all denied
 Options None
 AllowOverride None
</Directory>
<Directory /var/www>
 Require all granted
 Options None
 AllowOverride None
</Directory>
<Directory /srv/www>
 Require all granted
 Options None
 AllowOverride None
</Directory>

ServerSignature Off
TraceEnable off

# Disables massive http 206
RequestHeader unset Range

# Server-status
LoadModule status_module /usr/lib/apache2/modules/mod_status.so
ExtendedStatus On
<Location /server-status>
 SetHandler server-status
 Require all denied
 Require host 127.0.0.1
 Require host my.lan.network.ip/16
 Require host XXX.XXX.XXX.XXX/16
</Location>

# VHost Templade Macro
<Macro VHost $vhost>
# HTTP
<VirtualHost *:80>
  ServerName $vhost
  DocumentRoot /var/www/$vhost/htdocs
  # letsencrypt noproxy
  ProxyPass /.well-known/acme-challenge !
  # Additional Config
  Include /etc/apache2/vhosts.d/vhosts/$vhost.vhost
  # letsencrypt auth
  Include /etc/apache2/vhosts.d/letsencrypt.include
 </VirtualHost>
# HTTPS
 <VirtualHost *:443>
  ServerName $vhost
  DocumentRoot /var/www/$vhost/htdocs
  # Activate SSL for VHost
  SSLEngine on
  # letsencrypt noproxy
  ProxyPass /.well-known/acme-challenge !
  # Additional Config
  Include /etc/apache2/vhosts.d/vhosts/$vhost.sslvhost
  # letsencrypt auth
  Include /etc/apache2/vhosts.d/letsencrypt.include
 </VirtualHost>
</Macro>

# Generate VHosts from Macro
Use VHost default
Use VHost www.example.com
Use VHost olgreenspirit.de
Use VHost fb.example.com
Use VHost fbofl.example.com
Use VHost horde-test.example.com
Use VHost horde.example.com
Use VHost getolli.example.com
Use VHost get.example.com
Use VHost mailman.example.com
Use VHost doc.example.com
Use VHost gtc.example.com
Use VHost mdforms.example.com
Use VHost offlimits.example.com
Use VHost olmusic.example.com

<Location />
 AuthType Basic
 AuthName "Restricted Access"
 AuthBasicProvider file ldap
 AuthBasicAuthoritative Off
 AuthUserFile "/dev/null"
 AuthLDAPURL "ldap://127.0.0.1/ou=People,dc=example,dc=com?uid?sub"
 Require valid-user
</Location>

# backup-gabosh.example.com
<Directory /var/www/gtc.example.com/htdocs/local/backup-gabosh.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.backup-gabosh.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# butters.example.com
<Directory /var/www/gtc.example.com/htdocs/local/butters.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.butters.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# ddgabosh.example.com
<Directory /var/www/gtc.example.com/htdocs/local/ddgabosh.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.ddgabosh.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# dgabosh.example.com
<Directory /var/www/gtc.example.com/htdocs/local/dgabosh.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.dgabosh.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# drood.example.com
<Directory /var/www/gtc.example.com/htdocs/local/drood.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.drood.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# flos.example.com
<Directory /var/www/gtc.example.com/htdocs/local/flos.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.flos.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# gandor.example.com
<Directory /var/www/gtc.example.com/htdocs/local/gandor.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.gandor.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# groot.example.com
<Directory /var/www/gtc.example.com/htdocs/local/groot.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.groot.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# ion-gabosh.example.com
<Directory /var/www/gtc.example.com/htdocs/local/ion-gabosh.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.ion-gabosh.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# janos.example.com
<Directory /var/www/gtc.example.com/htdocs/local/janos.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.janos.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# jimla.example.com
<Directory /var/www/gtc.example.com/htdocs/local/jimla.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.jimla.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# kyle.example.com
<Directory /var/www/gtc.example.com/htdocs/local/kyle.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.kyle.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# louie.example.com
<Directory /var/www/gtc.example.com/htdocs/local/louie.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.louie.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# luettje.example.com
<Directory /var/www/gtc.example.com/htdocs/local/luettje.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.luettje.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# mackay.example.com
<Directory /var/www/gtc.example.com/htdocs/local/mackay.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.mackay.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# marie.example.com
<Directory /var/www/gtc.example.com/htdocs/local/marie.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.marie.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# molly.example.com
<Directory /var/www/gtc.example.com/htdocs/local/molly.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.molly.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# paddy.example.com
<Directory /var/www/gtc.example.com/htdocs/local/paddy.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.paddy.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# proll-gabosh.example.com
<Directory /var/www/gtc.example.com/htdocs/local/proll-gabosh.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.proll-gabosh.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# regis.example.com
<Directory /var/www/gtc.example.com/htdocs/local/regis.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.regis.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# silent-gabosh.example.com
<Directory /var/www/gtc.example.com/htdocs/local/silent-gabosh.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.silent-gabosh.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# small-gabosh.example.com
<Directory /var/www/gtc.example.com/htdocs/local/small-gabosh.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.small-gabosh.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# tailwind.example.com
<Directory /var/www/gtc.example.com/htdocs/local/tailwind.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.tailwind.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# think-gabosh.example.com
<Directory /var/www/gtc.example.com/htdocs/local/think-gabosh.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.think-gabosh.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# thinkstation.example.com
<Directory /var/www/gtc.example.com/htdocs/local/thinkstation.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.thinkstation.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# tweek.example.com
<Directory /var/www/gtc.example.com/htdocs/local/tweek.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.tweek.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# usbgabosh.example.com
<Directory /var/www/gtc.example.com/htdocs/local/usbgabosh.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.usbgabosh.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# vboxgabosh.example.com
<Directory /var/www/gtc.example.com/htdocs/local/vboxgabosh.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.vboxgabosh.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>


# zottel.example.com
<Directory /var/www/gtc.example.com/htdocs/local/zottel.example.com>
 AuthName "GTC-Profile"
 AuthType Basic
 AuthUserFile "/var/www/gtc.example.com/.zottel.example.com.htaccess"
 Require valid-user
# Options Indexes
</Directory>

Alias /.well-known/acme-challenge/ /var/www/letsencrypt/.well-known/acme-challenge/
<Location /.well-known/acme-challenge/>
  Options None
  AllowOverride None
  ForceType text/plain
  RedirectMatch 404 "^(?!/\.well-known/acme-challenge/[\w-]{43}$)"
  Require all granted
</Location>
Redirect / http://www.example.com/
Redirect / http://www.example.com/
ErrorDocument 404 https://doc.example.com/
php_flag engine off
ScriptAlias /cgi-bin/ /var/www/doc.example.com/cgi-bin/
<Location /cgi-bin>
 AuthType Basic
 AuthName "LDAP Auth"
 AuthBasicProvider file ldap
 AuthBasicAuthoritative Off
 AuthUserFile "/dev/null"
 AuthLDAPURL "ldap://127.0.0.1/ou=People,dc=example,dc=com?uid?sub"
 Require valid-user
</Location>
Alias /edit/ /var/www/doc.example.com/edit/
<Location /edit>
 AuthType Basic
 AuthName "LDAP Auth"
 AuthBasicProvider file ldap
 AuthBasicAuthoritative Off
 AuthUserFile "/dev/null"
 AuthLDAPURL "ldap://127.0.0.1/ou=People,dc=example,dc=com?uid?sub"
 Require valid-user
</Location>
ErrorDocument 404 http://doc.example.com
php_flag engine off
Include /etc/apache2/vhosts.d/auth-ldap-valid-user.include
ProxyPass / http://XXX.XXX.XXX.XXX/
ProxyPassReverse / http://XXX.XXX.XXX.XXX/
Redirect / https://fb.example.com/
Include /etc/apache2/vhosts.d/auth-ldap-valid-user.include
ProxyPass / http://shcizhcimxjev4mc.myfritz.net:81/
ProxyPassReverse / http://shcizhcimxjev4mc.myfritz.net:81
Redirect / https://fbofl.example.com/
SSLProxyEngine On
Include /etc/apache2/vhosts.d/auth-ldap-valid-user.include
ProxyPass /websockify ws://127.0.0.1:8081/ retry=3
ProxyPassReverse /websockify ws://127.0.0.1:8081/ retry=3
ProxyPass / http://127.0.0.1:8081/
ProxyPassReverse / http://127.0.0.1:8081/
Redirect / https://get.example.com/
SSLProxyEngine On
Include /etc/apache2/vhosts.d/auth-ldap-valid-user.include
ProxyPass /websockify ws://127.0.0.1:8080/ retry=3
ProxyPassReverse /websockify ws://127.0.0.1:8080/ retry=3
ProxyPass / http://127.0.0.1:8080/
ProxyPassReverse / http://127.0.0.1:8080/
Redirect / https://getolli.example.com/
Alias /release-notes /gtc/stable/etc/thinclient/gtc-release-notes
Alias /release-notes-test /gtc/test/etc/thinclient/gtc-release-notes
<Directory /gtc>
 Require all denied
 Options None
 AllowOverride None
 <Files gtc-release-notes>
  Require all granted
 </Files>
</Directory>
ScriptAlias /cgi-bin/ /var/www/gtc.example.com/cgi-bin/
<Directory /var/www/gtc.example.com/cgi-bin/>
 AllowOverride None
 Options ExecCGI
 Require all granted
</Directory>
Redirect /vpnusers/ https://gtc.example.com/vpnusers/
Alias /release-notes /gtc/stable/etc/thinclient/gtc-release-notes
Alias /release-notes-test /gtc/test/etc/thinclient/gtc-release-notes
<Directory /gtc>
 Require all denied
 Options None
 AllowOverride None
 <Files gtc-release-notes>
 Require all granted
 </Files>
</Directory>
ScriptAlias /cgi-bin/ /var/www/gtc.example.com/cgi-bin/
<Directory /var/www/gtc.example.com/htdocs/cgi-bin/>
 AllowOverride None
 Options ExecCGI
 Require all granted
</Directory>
<Directory /var/www/horde.example.com/htdocs>
 Options FollowSymLinks
 AllowOverride All
</Directory>
php_value include_path /var/www/horde.example.com/pear/pear/php
SetEnv PHP_PEAR_SYSCONF_DIR /var/www/horde.example.com/pear
Alias /Microsoft-Server-ActiveSync /var/www/horde.example.com/htdocs/rpc.php
Alias /autodiscover/autodiscover.xml /var/www/horde.example.com/htdocs/rpc.php
Alias /Autodiscover/Autodiscover.xml /var/www/horde.example.com/htdocs/rpc.php
Alias /AutoDiscover/AutoDiscover.xml /var/www/horde.example.com/htdocs/rpc.php
Redirect / https://horde.example.com/
<Directory /var/www/horde-test.example.com/htdocs>
 AllowOverride All
 Options FollowSymLinks
</Directory>
  
php_value include_path /var/www/horde-test.example.com/pear/pear/php
SetEnv PHP_PEAR_SYSCONF_DIR /var/www/horde-test.example.com/pear
Alias /Microsoft-Server-ActiveSync /var/www/horde-test.example.com/htdocs/rpc.php
Alias /autodiscover/autodiscover.xml /var/www/horde-test.example.com/htdocs/rpc.php
Alias /Autodiscover/Autodiscover.xml /var/www/horde-test.example.com/htdocs/rpc.php
Alias /AutoDiscover/AutoDiscover.xml /var/www/horde-test.example.com/htdocs/rpc.php
Redirect / https://horde-test.example.com/
<Directory /usr/lib/mailman/cgi-bin/>
 AllowOverride None
 Options ExecCGI
 Require all granted
</Directory>
<Directory /usr/lib/mailman/icons/>
 AllowOverride None
 Require all granted
</Directory>
<Directory /var/lib/mailman/archives/public/>
 AllowOverride None
 Options ExecCGI FollowSymLinks
 Require all granted
</Directory>
RedirectMatch ^/mailman$ https://mailman.example.com/mailman/listinfo
ScriptAlias /mailman/ /usr/lib/mailman/cgi-bin/
Alias /pipermail/ /var/lib/mailman/archives/public/
Alias /mailman-icons/ /usr/lib/mailman/icons/
Redirect / https://mailman.example.com/
ScriptAlias /cgi-bin/ /var/www/mdforms.example.com/cgi-bin/
<Directory /var/www/mdforms.example.com/cgi-bin/>
 AllowOverride None
 Options ExecCGI
 AddHandler cgi-script .cgi .pl
Require all granted
</Directory>
<Location />
 AuthName "Internal area"
 AuthType Basic
 AuthUserFile "/etc/apache2/test.htpasswd"
 Require valid-user
 Options Indexes
</Location>
<Directory /var/www/mdforms.example.com/cgi-bin/>
 AllowOverride None
 Options ExecCGI
 AddHandler cgi-script .cgi .pl
 Require all granted
</Directory>
<Location />
 AuthName "Internal area"
 AuthType Basic
 AuthUserFile "/etc/apache2/test.htpasswd"
 Require valid-user
 Options Indexes
</Location>
DocumentRoot /srv/www/offlimits/htdocs
AssignUserID marcus users
DavLockDB /tmp/DavLock-offlimits
<Directory "/srv/www/offlimits/htdocs/">
 DAV on
 Options +Indexes
 AuthType Basic
 AuthName "OffLimits"
 AuthBasicProvider file ldap
 AuthBasicAuthoritative Off
 AuthUserFile "/dev/null"
 AuthLDAPURL "ldap://127.0.0.1/ou=People,dc=example,dc=com?uid?sub"
 Require user marcus
</Directory>
DocumentRoot /srv/www/offlimits/htdocs
AssignUserID marcus users
ServerAlias *.olgreenspirit.de
ServerAlias *.olgreenspirit.de
DocumentRoot /var/www/olmusic.example.com/htdocs
AssignUserID marco apache

DocumentRoot /var/www/olmusic.example.com/htdocs
Redirect /administrator https://olmusic.example.com/administrator
AssignUserID marco apache
Include /etc/apache2/vhosts.d/auth-ldap-valid-user.include
Alias /intern/awstats/icon/ /var/www/www.example.com/awstats-icon/
<Location /intern>
  Options Indexes
  DirectoryIndex awstats.example.com.html awstats.www.example.com.html awstats.doc.example.com.html awstats.mailserver.html awstats.horde.example.com.html awstats.gtc.example.com.html awstats.olgreenspirit.de.html index.php
</Location>
Redirect /intern/ https://www.example.com/intern/
<Directory /var/www/gtc.example.com/htdocs/vpnconfig>
 AuthType Basic
 AuthName 'Data'
 AuthBasicProvider file ldap
 AuthBasicAuthoritative Off
 AuthUserFile '/dev/null'
 AuthLDAPURL 'ldap://127.0.0.1/ou=People,dc=example,dc=com?uid?sub'
 Require valid-user
</Directory>

<Directory /var/www/gtc.example.com/htdocs/vpnusers/bohlen>
 AuthType Basic
 AuthName 'Data'
 AuthBasicProvider file ldap
 AuthBasicAuthoritative Off
 AuthUserFile '/dev/null'
 AuthLDAPURL 'ldap://127.0.0.1/ou=People,dc=example,dc=com?uid?sub'
 Require user bohlen
</Directory>

<Directory /var/www/gtc.example.com/htdocs/vpnusers/flo>
 AuthType Basic
 AuthName 'Data'
 AuthBasicProvider file ldap
 AuthBasicAuthoritative Off
 AuthUserFile '/dev/null'
 AuthLDAPURL 'ldap://127.0.0.1/ou=People,dc=example,dc=com?uid?sub'
 Require user flo
</Directory>

<Directory /var/www/gtc.example.com/htdocs/vpnusers/harry>
 AuthType Basic
 AuthName 'Data'
 AuthBasicProvider file ldap
 AuthBasicAuthoritative Off
 AuthUserFile '/dev/null'
 AuthLDAPURL 'ldap://127.0.0.1/ou=People,dc=example,dc=com?uid?sub'
 Require user harry
</Directory>

<Directory /var/www/gtc.example.com/htdocs/vpnusers/heiko>
 AuthType Basic
 AuthName 'Data'
 AuthBasicProvider file ldap
 AuthBasicAuthoritative Off
 AuthUserFile '/dev/null'
 AuthLDAPURL 'ldap://127.0.0.1/ou=People,dc=example,dc=com?uid?sub'
 Require user heiko
</Directory>

<Directory /var/www/gtc.example.com/htdocs/vpnusers/ingo>
 AuthType Basic
 AuthName 'Data'
 AuthBasicProvider file ldap
 AuthBasicAuthoritative Off
 AuthUserFile '/dev/null'
 AuthLDAPURL 'ldap://127.0.0.1/ou=People,dc=example,dc=com?uid?sub'
 Require user ingo
</Directory>

<Directory /var/www/gtc.example.com/htdocs/vpnusers/krey>
 AuthType Basic
 AuthName 'Data'
 AuthBasicProvider file ldap
 AuthBasicAuthoritative Off
 AuthUserFile '/dev/null'
 AuthLDAPURL 'ldap://127.0.0.1/ou=People,dc=example,dc=com?uid?sub'
 Require user krey
</Directory>

<Directory /var/www/gtc.example.com/htdocs/vpnusers/olli>
 AuthType Basic
 AuthName 'Data'
 AuthBasicProvider file ldap
 AuthBasicAuthoritative Off
 AuthUserFile '/dev/null'
 AuthLDAPURL 'ldap://127.0.0.1/ou=People,dc=example,dc=com?uid?sub'
 Require user olli
</Directory>

<Directory /var/www/gtc.example.com/htdocs/vpnusers/rebecca>
 AuthType Basic
 AuthName 'Data'
 AuthBasicProvider file ldap
 AuthBasicAuthoritative Off
 AuthUserFile '/dev/null'
 AuthLDAPURL 'ldap://127.0.0.1/ou=People,dc=example,dc=com?uid?sub'
 Require user rebecca
</Directory>

<Directory /var/www/gtc.example.com/htdocs/vpnusers/werner>
 AuthType Basic
 AuthName 'Data'
 AuthBasicProvider file ldap
 AuthBasicAuthoritative Off
 AuthUserFile '/dev/null'
 AuthLDAPURL 'ldap://127.0.0.1/ou=People,dc=example,dc=com?uid?sub'
 Require user werner
</Directory>

;
; Named Access Control Lists (ACLs)
;
; A convenient way to share acl definitions
;
; This configuration file is read on startup
;
; CLI Commands

Changes in /etc/conf.d/apache2

File permissions:
Owner: root
Group: root
Permissions: -rw-r--r--

Click here for a download of the complete file: /etc/conf.d/apache2

Changed on 09.09.08
Issued by olli
Beginning line 36

Apache startoptions for enabling PHP5 and SSL


Before change
APACHE2_OPTS="-D DEFAULT_VHOST -D INFO -D SSL -D SSL_DEFAULT_VHOST -D LANGUAGE"
After change
APACHE2_OPTS="-D DAV -D DAV_FS -D PHP5 -D SSL -D LANGUAGE -D PROXY -D MPM_ITK"

Changes in /etc/make.conf

File permissions:
Owner: root
Group: root
Permissions: -rw-r--r--

Click here for a download of the complete file: /etc/make.conf

Changed on 13.01.09
Issued by olli
Beginning line 26

The Apache MPM which should be compiled in

APACHE2_MPMS="prefork"
APACHE2_MODULES="$APACHE2_MODULES cgid proxy proxy_http proxy_wstunnel macro"

Changes in /etc/php/gabosh-php.ini

File permissions:
Owner: root
Group: root
Permissions: -rw-r--r--

Click here for a download of the complete file: /etc/php/gabosh-php.ini

Changed on 23.02.11
Issued by olli
Beginning line 1

PHP-Configuration

; Don't log deprecated errors
error_reporting = E_ALL & ~E_NOTICE & ~E_DEPRECATED & ~E_STRICT
; Don't display errors
display_errors = Off
display_startup_errors = Off
track_errors = Off
html_errors = Off
; Log errors to file
error_log = /var/log/apache2/php_errors.log
; Maximum post size of 20MB
post_max_size = 20M
; Maximum of 20MB upload
upload_max_filesize = 20M
; Default timezone for PHP
date.timezone = "Europe/Berlin"
; Maximum of 200 MySQL active connections at the same time
mysql.max_persistent = 200
; Maximum of 300 MySQL connections at the same time
mysql.max_links = 300
; Set the session path (for security reasons) to /var/www/php_sessions
session.save_path = "/var/www/php_sessions"
session.gc_divisor = 10000
; Set max memory
memory_limit = 256M

Setting up services

For starting the new service after system reboot you should add it to a runlevel with the following command(s):

rc-update add apache2 default

Please send a feedback to: doc<at>gabosh.net

Howto listing
File Index

Here you can find the official Gentoo Linux Forums where you can find a lot of answers.

Here a link to the official Gentoo Linux Homepage.

Edit Howto

About / Impressum

Click here for About / Impressum

Wishlist

If you want to support my work you can find my Amazon whishlist here