aboutsummaryrefslogtreecommitdiffstats
path: root/config/apache_mod_security-dev
diff options
context:
space:
mode:
Diffstat (limited to 'config/apache_mod_security-dev')
-rw-r--r--config/apache_mod_security-dev/apache.template8
-rw-r--r--config/apache_mod_security-dev/apache_mod_security.inc19
-rw-r--r--config/apache_mod_security-dev/apache_settings.xml26
-rw-r--r--config/apache_mod_security-dev/apache_virtualhost.xml10
4 files changed, 27 insertions, 36 deletions
diff --git a/config/apache_mod_security-dev/apache.template b/config/apache_mod_security-dev/apache.template
index 362e28a4..12a36b69 100644
--- a/config/apache_mod_security-dev/apache.template
+++ b/config/apache_mod_security-dev/apache.template
@@ -197,8 +197,6 @@ DocumentRoot "{$apache_dir}/www/apache22"
Deny from all
</Directory>
-{$mod_status}
-
#
# Note that from this point forward you must specifically allow
# particular features to be enabled - so if something's not working as
@@ -506,9 +504,13 @@ AcceptFilter https none
# Proxysettings
{$mod_proxy}
+# Mod status
+{$mod_status}
+
+
# Include anything else
Include etc/apache22/Includes/*.conf
EOF;
-?>
+?> \ No newline at end of file
diff --git a/config/apache_mod_security-dev/apache_mod_security.inc b/config/apache_mod_security-dev/apache_mod_security.inc
index 615a7fc4..f21dcbdc 100644
--- a/config/apache_mod_security-dev/apache_mod_security.inc
+++ b/config/apache_mod_security-dev/apache_mod_security.inc
@@ -548,31 +548,18 @@ EOF;
}
// Process Status Page
$mod_status = "";
- if ($setting('statuspage') == "on") {
+ if ($settings['statuspage'] == "on") {
$mod_status .= <<<EOF
<Location /server-status>
SetHandler server-status
Order Deny,Allow
Deny from all
+
EOF;
- $mod_status .= "Allow from ".($settings['netaccessstatus'] ? $settings['netaccessstatus'] : "All")."\n";
+ $mod_status .= "Allow from ".($settings['netaccessstatus'] ? $settings['netaccessstatus'] : "All")."\n";
$mod_status .= "</Location>\n";
}
-//** Uncomment to allow adding ip/ports not used by any site proxies
-//** Otherwise unused addresses/ports will be automatically deleted from the configuration
-// foreach ($configuredaliases as $ams) {
-// $local_ip_port = "{$ams['ipaddress']}:{$ams['ipport']}";
-// if(!in_array($local_ip_port, $processed)) {
-// // explicit bind if not global ip:port
-// if ($local_ip_port != $global_listen) {
-// $aliases .= "Listen $local_ip_port\n";
-// // Automatically add this to configuration
-// $config['installedpackages']['apachesettings']['config'][0]['row'][] = array('ipaddress' => $ams['ipaddress'], 'ipport' => $ams['ipport']);
-// }
-// }
-// }
-
// update configuration with actual ip bindings
write_config($pkg['addedit_string']);
diff --git a/config/apache_mod_security-dev/apache_settings.xml b/config/apache_mod_security-dev/apache_settings.xml
index de350cf1..2f089616 100644
--- a/config/apache_mod_security-dev/apache_settings.xml
+++ b/config/apache_mod_security-dev/apache_settings.xml
@@ -278,23 +278,23 @@
<type>listtopic</type>
</field>
<field>
- <fielddescr>Status Page</fielddescr>
- <fieldname>statuspage</fieldname>
- <description>
- <![CDATA[Enable a status page for Apache and Mod_proxy. Access http://DefaultBindIP:DefaultBindPort/status-server]]>
- </description>
- <type>select</type>
- <options>
- <option><name>On</name><value>on</value></option>
- <option><name>Off</name><value>off</value></option>
- </options>
- </field>
+ <fielddescr>Status Page</fielddescr>
+ <fieldname>statuspage</fieldname>
+ <description>
+ <![CDATA[Enable a status page for Apache and Mod_proxy. Access http://DefaultBindIP:DefaultBindPort/status-server]]>
+ </description>
+ <type>select</type>
+ <options>
+ <option><name>Disabled (Default)</name><value>off</value></option>
+ <option><name>Enabled</name><value>on</value></option>
+ </options>
+ </field>
<field>
<fielddescr>Network Access Status Page</fielddescr>
<fieldname>netaccessstatus</fieldname>
<description>
- <![CDATA[Network can access a status page. Ex: 172.16.1.0/24<br/>
- NOTE: Leave blank define all networks]]>
+ <![CDATA[Networks that can access apache status page. Ex: 172.16.1.0/24<br/>
+ NOTE: Leave blank to allow access from any ip.(Not recommended for security reasons)]]>
</description>
<type>input</type>
</field>
diff --git a/config/apache_mod_security-dev/apache_virtualhost.xml b/config/apache_mod_security-dev/apache_virtualhost.xml
index 7a3737cd..b3653bdf 100644
--- a/config/apache_mod_security-dev/apache_virtualhost.xml
+++ b/config/apache_mod_security-dev/apache_virtualhost.xml
@@ -303,7 +303,7 @@
<fieldname>sitepath</fieldname>
<description><![CDATA[Site path to publish.<br>leave blank to use /]]></description>
<type>input</type>
- <size>13</size>
+ <size>12</size>
</rowhelperfield>
<rowhelperfield>
<fielddescr><![CDATA[Balancer]]></fielddescr>
@@ -332,7 +332,7 @@
<fieldname>backendpath</fieldname>
<description><![CDATA[Backend redirect path.<br>Leave blank to use /]]></description>
<type>input</type>
- <size>13</size>
+ <size>12</size>
</rowhelperfield>
<rowhelperfield>
<fielddescr><![CDATA[ModSecurity]]></fielddescr>
@@ -359,7 +359,7 @@
<fieldname>options</fieldname>
<description><![CDATA[Additional proxypass options for this path.<br>ex: ttl=60 stickysession='JSESSIONID']]></description>
<type>input</type>
- <size>12</size>
+ <size>11</size>
</rowhelperfield>
</rowhelper>
</field>
@@ -399,9 +399,11 @@
<fieldname>custom</fieldname>
<description>Paste extra apache config for this virtualhost. This is usefull for rewrite rules for example.</description>
<type>textarea</type>
- <cols>65</cols>
+ <cols>90</cols>
<rows>10</rows>
<encoding>base64</encoding>
+ <dontdisplayname/>
+ <usecolspan2/>
</field>
</fields>
<service>