Apache¶

We use Apache as our web server.

Configuration¶

The Webserver can be configured with the .htaccess file in your webroot which in most cases is sufficent. But some directives are not available in the .htaccess context and they therfore must be configured in the ~/cnf/apache.conf file which is included on vhost level.

Hint

The use of .htaccess should be preferred if possible, as incorrect configurations do not result in the web server no longer being able to be started in the event of a server restart.

Hint

After changes in ~/cnf/apache.conf you need to apply the configuration with apache-apply

Examples¶

Warning

The code blocks mentioned here serve as an example. Please check yourself if everything works correctly, especially if you have other configurations in your .htaccess file.

Custom MIME Type¶

AddType text/cache-manifest .appcache

Favicon per Domain¶

RewriteEngine On
RewriteCond %{HTTP_HOST} ^myhost.com$
RewriteRule ^favicon\.ico$ /images/favicon-myhost.ico

Custom Maintenance Page¶

# you can provide a string or a filepath
ErrorDocument 404 "<H1>Page not found</H1>"
ErrorDocument 503 /503.html

IP Protection¶

# Block all connections
Require all denied

# Except explicitly allowed IP's
# Allow single IP
Require ip 192.168.1.12

# Allow multiple IP's
Require ip 192.168.1.12 2001:DB8::12

# Allow IP Range
Require ip 192.168.1.0/24
Require ip 2001:DB8::/32

Custom Webroot¶

By default, the webroot directory is choosen according vendor recommendations, depending on the selected type. Some deployment workflows require other locations, which you can select through the webroot string within the Custom JSON Website Level Configuration:

{
  "webroot": "deploy/current/html"
}

Warning

The directory specified here needs to be a real directory. Symlinks are not allowed. This applies only to the last directory though (in the example above, current can be a symlink but html cannot).

Custom Default Webroot¶

The “Custom Default Webroot” differs from the “Custom Webroot”. The “Custom Default Webroot” is the webroot used when a website on a server is accessed that does not exist or for special features.

The files provided on your Server by default can be copied from the default webroot git repository.

To customize a custom default webroot please add the following to the “Custom JSON” on your Server and customize the values accordingly for your own git repository.

{
  "website::default::webroot::gitsource": "git@work.opsone.ch:open/default-webroot.git",
  "website::default::webroot::gitrevision": "d00433e671d9eec99ba8d56c3a08c4a7921c32b7",
  "website::default::webroot::gitkey": "-----BEGIN OPENSSH PRIVATE KEY-----\zAXktdjEABGAaC1AArZ5v...\n-----END OPENSSH PRIVATE KEY-----"
}

Listen¶

By default, apache will bind to the primary IP address of the eth0 interface and the 80/443 port. You can specify listen options explicitly per website, for example to use in concunction with Varnish.

The following options are available within the Custom JSON Website Level Configuration:

{
  "listen_ipv4_address": "127.0.0.1",
  "listen_ipv4_port": 8080,
  "listen_ipv6_address": "::1",
  "listen_ipv6_port": 8080
}

XSendFile¶

XSendFile is a feature that allows an application to hand over the download of a file to the web server by sending an X-Sendfile header. The file is then read directly from the web server and does not have to be processed by PHP. See mod_xsendfile for more information.

To enable XSendFile you need to enable the module in your .htaccess file:

# enable for all php scripts
XSendFile on

# enable only for download.php
<Files download.php>
  XSendFile on
</Files>

If you want to use a path outside webroot, you must first allow the path in the ~/cnf/apache.conf:

# allow ~/files to be served by XSendFile
XSendFilePath /home/example/files

Hint

After changes in ~/cnf/apache.conf you need to apply the configuration with apache-apply

Cache¶

The cache feature allows to setup a RFC 2616 compliant HTTP content caching. For more information see mod_cache and mod_cache_disk.

To enable caching you need to configure the module in your ~/cnf/apache.conf file:

# enable cache and x-cache header
CacheEnable disk  "/"
CacheHeader on

# disable for a file
CacheDisable "/login.php"

Hint

After changes in ~/cnf/apache.conf you need to apply the configuration with apache-apply