# Apache configuration highlighting unit test # comment with alters TODO FIXME ### DAVLockDB /var/lock/apache/DAVLock Include something_else.inc SSLEngine on # exclude insecure protocols SSLProtocol all -SSLv2 -SSLv3 SSLHonorCipherOrder on # exclude insecure ciphers SSLCipherSuite "HIGH !EXP !eNULL !aNULL !LOW !RC4 !3DES !MD5 !EXP !PSK !SRP !DSS !DES !aECDH" SSLCertificateFile /etc/letsencrypt/live/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/chain.pem CustomLog /var/log/apache2/ssl_request_log ssl_combined SSLRequireSSL Options -Indexes -FollowSymLinks DirectoryIndex index.php AllowOverride None Order allow,deny Allow from all Options FollowSymLinks AllowOverride FileInfo Options All Require valid-user ForceType text/plain Alias /foo/ "/srv/www/htdocs/foo/" AuthType Basic AuthName "KDE" AuthUserFile /srv/www/htpasswd.db Require user konqui ServerName www.kde.org ServerAlias kde.org RewriteEngine On RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [L,QSA,R=permanent] AuthBasicProvider ldap AuthLDAPBindDN uid=ldapproxy,ou=people,dc=kde,dc=org AuthLDAPBindPassword top_secret AuthLDAPURL ldap://localhost:389/ou=people,dc=kde,dc=org?uid?sub?(objectClass=posixAccount) AuthLDAPGroupAttributeIsDN on AuthLDAPGroupAttribute member Require ldap-group cn=sysadmin,ou=Group,dc=kde,dc=org