-
Restriction d’accès (e.g. dans des .htaccess) :
# Simple identification par fichiers d'utilisateurs
AuthType Basic
AuthName "Squid statistics"
AuthUserFile "/etc/passwd.web"
AuthGroupFile "/etc/group.web"
<Limit GET POST>
require valid-user
</Limit>
# Identification par LDAP
AuthType Basic
AuthName "Site SE"
AuthBasicProvider ldap
AuthzLDAPAuthoritative off
AuthLDAPURL ldap://auth.plil.info:389/ou=People,dc=plil.fr?uid
<Files "*">
require valid-user
</Files>
- Ports TCP d’écoute :
artois:/etc/apache2# cat ports.conf
Listen 80
<IfModule ssl_module>
Listen 443
</IfModule>
\item Les modules activés (utilitaires {\tt a2enmod} ou {\tt a2dismod}) :
\begin{verbatim}
root@webhub:/etc/apache2/mods-enabled# ls -l ssl*
lrwxrwxrwx 1 root root 26 oct. 11 2011 ssl.conf -> ../mods-available/ssl.conf
lrwxrwxrwx 1 root root 26 oct. 11 2011 ssl.load -> ../mods-available/ssl.load
root@webhub:/etc/apache2/mods-enabled# ls -l proxy*
lrwxrwxrwx 1 root root 28 oct. 3 2015 proxy.conf -> ../mods-available/proxy.conf
lrwxrwxrwx 1 root root 33 oct. 3 2015 proxy_http.load -> ../mods-available/proxy_http.load
- Les serveurs virtuels activés (utilitaires a2ensite ou a2dissite) :
root@webhub:/etc/apache2/sites-enabled# ls -l
lrwxrwxrwx 1 root root 28 avril 21 2023 auth.conf -> ../sites-available/auth.conf
lrwxrwxrwx 1 root root 34 sept. 17 2018 cambraisis.conf -> ../sites-available/cambraisis.conf
lrwxrwxrwx 1 root root 28 mars 11 2020 chat.conf -> ../sites-available/chat.conf
lrwxrwxrwx 1 root root 32 sept. 17 2018 clubinfo.conf -> ../sites-available/clubinfo.conf
lrwxrwxrwx 1 root root 27 nov. 22 2019 ctf.conf -> ../sites-available/ctf.conf
lrwxrwxrwx 1 root root 27 nov. 20 2017 rex.conf -> ../sites-available/rex.conf
lrwxrwxrwx 1 root root 33 sept. 17 2018 tvantroys.conf -> ../sites-available/tvantroys.conf
lrwxrwxrwx 1 root root 33 juin 26 2023 wiki-PEIP.conf -> ../sites-available/wiki-PEIP.conf
lrwxrwxrwx 1 root root 33 juin 7 2017 wiki-PLIL.conf -> ../sites-available/wiki-PLIL.conf
lrwxrwxrwx 1 root root 31 févr. 5 2023 wiki-SE.conf -> ../sites-available/wiki-SE.conf
...
- Configuration d’un serveur virtuel (HTTP obsolète) :
root@webhub:/etc/apache2/sites-enabled# cat ninja.conf
<VirtualHost *:80>
ServerName ninja.bzh
ServerAlias www.ninja.bzh
ServerAdmin Xavier.Redon@polytech-lille.fr
ErrorLog /var/log/apache2/ninja-error.log
LogLevel warn
CustomLog /var/log/apache2/ninja-access.log combined
Header set X-DS-Systeme "Question 3.2 : réponse 42"
DocumentRoot /var/www/html/ninja
</VirtualHost>
- Configuration d’un serveur virtuel (HTTPS) :
root@webhub:/etc/apache2/sites-enabled# cat ninja-ssl.conf
<VirtualHost *:443>
ServerName ninja.bzh
ServerAlias www.ninja.bzh
ServerAdmin Xavier.Redon@polytech-lille.fr
ErrorLog /var/log/apache2/ninja-error.log
LogLevel warn
CustomLog /var/log/apache2/ninja-access.log combined
Header set X-DS-Systeme "Question 3.2 : réponse 42"
DocumentRoot /var/www/html/ninja
SSLEngine On
SSLCertificateFile /etc/letsencrypt/live/ninja.bzh/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/ninja.bzh/privkey.pem
</VirtualHost>
- Configuration d’un serveur virtuel (HTTPS et mandataire inverse HTTP) :
root@webhub:/etc/apache2/sites-enabled# cat rex.conf
<VirtualHost *:80>
ServerName rex.plil.fr
ServerAlias rex.plil.net
Redirect permanent / https://rex.plil.fr/
</VirtualHost>
<VirtualHost *:443>
ServerName rex.plil.fr
ServerAdmin Xavier.Redon@polytech-lille.fr
ErrorLog /var/log/apache2/rex-error.log
LogLevel warn
CustomLog /var/log/apache2/rex-access.log combined
SSLEngine On
SSLCertificateFile /etc/letsencrypt/live/rex.plil.fr/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/rex.plil.fr/privkey.pem
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / http://172.26.189.7/
ProxyPassReverse / http://172.26.189.7/
</VirtualHost>
- Configuration d’un serveur virtuel (HTTPS et mandataire inverse HTTPS) :
<VirtualHost *:443>
ServerName rex.plil.fr
ServerAdmin Xavier.Redon@polytech-lille.fr
ErrorLog /var/log/apache2/rex-error.log
LogLevel warn
CustomLog /var/log/apache2/rex-access.log combined
SSLProxyEngine On
SSLCertificateFile /etc/letsencrypt/live/rex.plil.fr/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/rex.plil.fr/privkey.pem
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / https://www.rex.plil.fr/
ProxyPassReverse / https://www.rex.plil.fr/
</VirtualHost>
