aboutsummaryrefslogtreecommitdiffstats
path: root/config/apache_mod_security
diff options
context:
space:
mode:
authorScott Ullrich <sullrich@pfsense.org>2009-06-22 23:15:48 -0400
committerScott Ullrich <sullrich@pfsense.org>2009-06-22 23:15:48 -0400
commit20b4a9a944fc2e3c75ce40c41a1fb026dcaa98cb (patch)
treea2385d7e3d1dd6c7b0cd7e5e58e60f851d408f74 /config/apache_mod_security
parent2efe75fde128d83662a5657d10d6b6126342517b (diff)
downloadpfsense-packages-20b4a9a944fc2e3c75ce40c41a1fb026dcaa98cb.tar.gz
pfsense-packages-20b4a9a944fc2e3c75ce40c41a1fb026dcaa98cb.tar.bz2
pfsense-packages-20b4a9a944fc2e3c75ce40c41a1fb026dcaa98cb.zip
add <virtualhost> items
Diffstat (limited to 'config/apache_mod_security')
-rw-r--r--config/apache_mod_security/apache_mod_security.inc82
1 files changed, 46 insertions, 36 deletions
diff --git a/config/apache_mod_security/apache_mod_security.inc b/config/apache_mod_security/apache_mod_security.inc
index f37fc301..c1b345b1 100644
--- a/config/apache_mod_security/apache_mod_security.inc
+++ b/config/apache_mod_security/apache_mod_security.inc
@@ -23,6 +23,36 @@ function apache_mod_security_resync() {
function generate_apache_configuration() {
global $config, $g;
+ // Set global site e-mail
+ if($config['installedpackages']['apachemodsecuritysettings']['config'][0]['globalsiteadminemail']) {
+ $global_site_email = $config['installedpackages']['apachemodsecuritysettings']['config'][0]['globalsiteadminemail'];
+ } else {
+ $global_site_email = "admin@admin.comn";
+ log_error("WARNING! Global site Administrator E-Mail address has not been set. Defaulting to bogus e-mail address.");
+ }
+
+ // Set ServerName
+ if($config['installedpackages']['apachemodsecuritysettings']['config']['hostname']) {
+ $servername = "ServerName {$config['installedpackages']['apachemodsecuritysettings']['config'][0]['hostname']}\n";
+ } else {
+ $servername = `ServerName hostname`;
+ }
+
+ // Set global listening directive
+ if($config['installedpackages']['apachemodsecuritysettings']['config'][0]['globalbindtoipaddr']) {
+ $global_listen = $config['installedpackages']['apachemodsecuritysettings']['config'][0]['globalbindtoipaddr'];
+ if($config['installedpackages']['apachemodsecuritysettings']['config'][0]['globalbindtoport'])
+ $global_listen .= ":" . $config['installedpackages']['apachemodsecuritysettings']['config'][0]['globalbindtoport'];
+ else
+ $global_listen .= ":80";
+ } else {
+ $global_listen = "{$config['system']['hostname']}.{$config['system']['domain']}";
+ if($config['installedpackages']['apachemodsecuritysettings']['config'][0]['globalbindtoport'])
+ $global_listen .= ":" . $config['installedpackages']['apachemodsecuritysettings']['config'][0]['globalbindtoport'];
+ else
+ $global_listen .= ":80";
+ }
+
// Syntax:ProxyPreserveHost On|Off ?
$mod_proxy = "ProxyRequests on\n";
@@ -67,19 +97,27 @@ EOF;
#####################################################
*/
- // Setup mod_proxy entries
+ // Setup mod_proxy entries $mod_proxy
if($config['installedpackages']['apachemodsecurity']) {
foreach($config['installedpackages']['apachemodsecurity']['config'] as $ams) {
$backend_sites = "";
+ // Set rowhelper used variables
foreach($ams['row'] as $row)
$additionalsitehostnames .= "{$row['additionalsitehostnames']} ";
foreach($ams['row'] as $row)
$backend_sites .= "{$row['webserveripaddr']} ";
+ // Set general items
$serveradmin = $ams['siteemail'];
$primarysitehostname = $ams['primarysitehostname'];
$additionalsitehostnames = $ams['primarysitehostname'];
- $sitename = str_replace(" ", "", $ams['sitename']);
- $mod_proxy .= "\n";
+ $sitename = str_replace(" ", "", $ams['sitename']);
+ // Set local listening directive
+ if($ams['ipaddress'] && $ams['port'])
+ $local_ip_port = "{$ams['ipaddress']}:{$ams['port']}";
+ else
+ $local_ip_port = $global_listen;
+ // Begin VirtualHost
+ $mod_proxy .= "<VirtualHost {$local_ip_port}>\n";
// Is this item a load balancer
if(count($ams['row'])>1) {
$balancer = true;
@@ -91,48 +129,20 @@ EOF;
$sitename = ""; // we are not using sitename in this case
}
if($additionalsitehostnames)
- $mod_proxy .= " ServerAlias $additionalsitehostnames\n";
+ $mod_proxy .= " ServerAlias $additionalsitehostnames";
if($serveradmin)
- $mod_proxy .= " ServerAdmin $serveradmin \n";
+ $mod_proxy .= " ServerAdmin $serveradmin\n";
if($primarysitehostname)
$mod_proxy .= " ServerName $primarysitehostname \n";
if($backend_sites) {
$mod_proxy .= "ProxyPassReverse /{$sitename} {$backend_sites}\n";
$mod_proxy .= "ProxyPass / {$backend_sites}\n";
}
+ $mod_proxy .= "</VirtualHost>\n";
+ // End VirtualHost
}
}
- // Set global site e-mail
- if($config['installedpackages']['apachemodsecuritysettings']['config'][0]['globalsiteadminemail']) {
- $global_site_email = $config['installedpackages']['apachemodsecuritysettings']['config'][0]['globalsiteadminemail'];
- } else {
- $global_site_email = "admin@admin.comn";
- log_error("WARNING! Global site Administrator E-Mail address has not been set. Defaulting to bogus e-mail address.");
- }
-
- // Set ServerName
- if($config['installedpackages']['apachemodsecuritysettings']['config']['hostname']) {
- $servername = "ServerName {$config['installedpackages']['apachemodsecuritysettings']['config'][0]['hostname']}\n";
- } else {
- $servername = `ServerName hostname`;
- }
-
- // Set global listening directive
- if($config['installedpackages']['apachemodsecuritysettings']['config'][0]['globalbindtoipaddr']) {
- $global_listen = "Listen " . $config['installedpackages']['apachemodsecuritysettings']['config'][0]['globalbindtoipaddr'];
- if($config['installedpackages']['apachemodsecuritysettings']['config'][0]['globalbindtoport'])
- $global_listen .= ":" . $config['installedpackages']['apachemodsecuritysettings']['config'][0]['globalbindtoport'];
- else
- $global_listen .= ":80";
- } else {
- $global_listen = "Listen {$config['system']['hostname']}.{$config['system']['domain']}";
- if($config['installedpackages']['apachemodsecuritysettings']['config'][0]['globalbindtoport'])
- $global_listen .= ":" . $config['installedpackages']['apachemodsecuritysettings']['config'][0]['globalbindtoport'];
- else
- $global_listen .= ":80";
- }
-
// Mod_security enabled?
if($config['installedpackages']['apachemodsecuritysettings']['config']['enablemodsecurity']) {
$enable_mod_security = true;
@@ -215,7 +225,7 @@ ServerRoot "/usr/local"
# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses.
#
-{$global_listen}
+Listen {$global_listen}
#
# Dynamic Shared Object (DSO) Support