#==================================================================== # Apache configuration for LemonLDAP::NG Portal #==================================================================== # Uncomment this if no previous NameVirtualHost declaration #NameVirtualHost __VHOSTLISTEN__ # Portal Virtual Host (auth.__DNSDOMAIN__) ServerName auth.__DNSDOMAIN__ # DocumentRoot (FCGI scripts) DocumentRoot __PORTALDIR__ Order allow,deny Allow from all Options +ExecCGI +FollowSymLinks RewriteEngine On # For performances, you can put static html files: simply put the HTML # result (example: /oauth2/checksession.html) as static file. Then # uncomment the following line. # RewriteCond "%{REQUEST_FILENAME}" "!\.html$" RewriteCond "%{REQUEST_FILENAME}" "!^/(?:(?:static|javascript|favicon).*|.*\.fcgi)$" RewriteRule "^/(.+)$" "/index.fcgi/$1" [PT] # Note that Content-Security-Policy header is generated by portal itself SetHandler fcgid-script Options +ExecCGI # Static files Alias /static/ __PORTALSTATICDIR__/ Order allow,deny Allow from all Options +FollowSymLinks ExpiresActive On ExpiresDefault "access plus 1 month" DirectoryIndex index.fcgi index.html # SOAP functions for sessions management (disabled by default) Order deny,allow Deny from all # SOAP functions for sessions access (disabled by default) Order deny,allow Deny from all # SOAP functions for configuration access (disabled by default) Order deny,allow Deny from all # SOAP functions for notification insertion (disabled by default) Order deny,allow Deny from all # Enabe compression AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript text/css SetOutputFilter DEFLATE BrowserMatch ^Mozilla/4 gzip-only-text/html BrowserMatch ^Mozilla/4\.0[678] no-gzip BrowserMatch \bMSIE !no-gzip !gzip-only-text/html SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary Header append Vary User-Agent env=!dont-vary # Uncomment this if site if you use SSL only #Header set Strict-Transport-Security 15768000