httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Nina Pham <n...@gibbons.com>
Subject Re: [users@httpd] https config
Date Fri, 06 Aug 2004 19:09:53 GMT
I checked the ssl_error_log, it said "Direcotry index forbidden by rule: 
/var/www/html/"
What does that mean?

joon yang wrote:

>Normal port for https is 443 not 4443.
>
>JoOn
>--- Nina Pham <nina@gibbons.com> wrote:
>
>  
>
>>I uncomment the include /conf.d/ssl.conf, then
>>restart apache.  It 
>>complained about no NameVirtualHost for
>>myserver:4443. I put in the 
>>NameVirtualHost and restart apache, it gave me a
>>warning 
>>NameVirtualHost  myserver:4443 has no
>>VirtualHost(however, it's arlready 
>>there in ssl.conf). But it still start apache. Using
>>browser, I still 
>>can access www.gibbons.com:80, but went i tried to 
>>https://www.gibbons.com, this time it doesn't
>>display the FedoraCore 
>>apache test page (my system is FC2), but instead,
>>gave me error message 
>>"The connection was refused when attempting to
>>contact 
>>www.gibbons.com:4443. I attached ssl.conf, hand
>>httpd.conf files.
>>
>>
>>joon yang wrote:
>>
>>    
>>
>>>You need to add LoadModule in the httpd.conf and
>>>uncomment the following.
>>><IfModule mod_ssl.c>
>>>Include conf.d/ssl.conf
>>></IfModule>
>>>
>>>This tells apache to load ssl.conf if mod_ssl.so
>>>      
>>>
>>have
>>    
>>
>>>been loaded.
>>>
>>>Also, in you ssl.conf, you've got port 4443 rather
>>>than 443.
>>>
>>>JoOn
>>>
>>>
>>>--- Nina Pham <nina@gibbons.com> wrote:
>>>
>>> 
>>>
>>>      
>>>
>>>>Hi, I have a standard web server, now I want to
>>>>        
>>>>
>>run
>>    
>>
>>>>it with mod_ssl at 
>>>>port 4443 ( port 443 has already been used).
>>>>Attachment is the 
>>>>httpd.conf, and ssl.conf. When I type
>>>>http://www.gibbons.com, it display 
>>>>our company webpage, and i expect the same for 
>>>>https://www.gibbons.com:4443. However, when I
>>>>        
>>>>
>>tried
>>    
>>
>>>>to https, it just 
>>>>displayed the test page of apache. What did I do
>>>>wrong here?
>>>>   
>>>>
>>>>        
>>>>
>>>>>#
>>>>>     
>>>>>
>>>>>          
>>>>>
>>>># This is the Apache server configuration file
>>>>providing SSL support.
>>>># It contains the configuration directives to
>>>>instruct the server how to
>>>># serve pages over an https connection. For
>>>>detailing information about these 
>>>># directives see
>>>>
>>>>   
>>>>
>>>>        
>>>>
>><URL:http://httpd.apache.org/docs-2.0/mod/mod_ssl.html>
>>    
>>
>>> 
>>>
>>>      
>>>
>>>># 
>>>># Do NOT simply read the instructions in here
>>>>without understanding
>>>># what they do.  They're here only as hints or
>>>>reminders.  If you are unsure
>>>># consult the online docs. You have been warned.  
>>>>#
>>>>
>>>>LoadModule ssl_module modules/mod_ssl.so
>>>>
>>>>#   Until documentation is completed, please check
>>>>http://www.modssl.org/
>>>>#   for additional config examples and module
>>>>docmentation.  Directives
>>>>#   and features of mod_ssl are largely unchanged
>>>>        
>>>>
>>>>from the mod_ssl project
>>>      
>>>
>>>>#   for Apache 1.3.
>>>>
>>>>#
>>>># When we also provide SSL we have to listen to
>>>>        
>>>>
>>the 
>>    
>>
>>>># standard HTTP port (see above) and to the HTTPS
>>>>port
>>>>#
>>>>Listen 4443
>>>>
>>>>##
>>>>##  SSL Global Context
>>>>##
>>>>##  All SSL configuration in this context applies
>>>>both to
>>>>##  the main server and all SSL-enabled virtual
>>>>hosts.
>>>>##
>>>>
>>>>#
>>>>#   Some MIME-types for downloading Certificates
>>>>        
>>>>
>>and
>>    
>>
>>>>CRLs
>>>>#
>>>>AddType application/x-x509-ca-cert .crt
>>>>AddType application/x-pkcs7-crl    .crl
>>>>
>>>>#   Pass Phrase Dialog:
>>>>#   Configure the pass phrase gathering process.
>>>>#   The filtering dialog program (`builtin' is a
>>>>internal
>>>>#   terminal dialog) has to provide the pass
>>>>        
>>>>
>>phrase
>>    
>>
>>>>on stdout.
>>>>SSLPassPhraseDialog  builtin
>>>>
>>>>#   Inter-Process Session Cache:
>>>>#   Configure the SSL Session Cache: First the
>>>>mechanism 
>>>>#   to use and second the expiring timeout (in
>>>>seconds).
>>>>#SSLSessionCache        none
>>>>#SSLSessionCache       
>>>>dbm:/var/cache/mod_ssl/scache(512000)
>>>>#SSLSessionCache       
>>>>dc:UNIX/var/cache/mod_ssl/distcache
>>>>SSLSessionCache        
>>>>shmcb:/var/cache/mod_ssl/scache(512000)
>>>>SSLSessionCacheTimeout  300
>>>>
>>>>#   Semaphore:
>>>>#   Configure the path to the mutual exclusion
>>>>semaphore the
>>>>#   SSL engine uses internally for inter-process
>>>>synchronization. 
>>>>SSLMutex default
>>>>
>>>>#   Pseudo Random Number Generator (PRNG):
>>>>#   Configure one or more sources to seed the PRNG
>>>>of the 
>>>>#   SSL library. The seed data should be of good
>>>>random quality.
>>>>#   WARNING! On some platforms /dev/random blocks
>>>>        
>>>>
>>if
>>    
>>
>>>>not enough entropy
>>>>#   is available. This means you then cannot use
>>>>        
>>>>
>>the
>>    
>>
>>>>/dev/random device
>>>>#   because it would lead to very long connection
>>>>times (as long as
>>>>#   it requires to make more entropy available).
>>>>        
>>>>
>>But
>>    
>>
>>>>usually those
>>>>#   platforms additionally provide a /dev/urandom
>>>>device which doesn't
>>>>#   block. So, if available, use this one instead.
>>>>Read the mod_ssl User
>>>>#   Manual for more details.
>>>>SSLRandomSeed startup file:/dev/urandom  256
>>>>SSLRandomSeed connect builtin
>>>>#SSLRandomSeed startup file:/dev/random  512
>>>>#SSLRandomSeed connect file:/dev/random  512
>>>>#SSLRandomSeed connect file:/dev/urandom 512
>>>>
>>>>#
>>>># Use "SSLCryptoDevice" to enable any supported
>>>>hardware
>>>># accelerators. Use "openssl engine -v" to list
>>>>supported
>>>># engine names.  NOTE: If you enable an
>>>>        
>>>>
>>accelerator
>>    
>>
>>>>and the
>>>># server does not start, consult the error logs
>>>>        
>>>>
>>and
>>    
>>
>>>>ensure
>>>># your accelerator is functioning properly. 
>>>>#
>>>>SSLCryptoDevice builtin
>>>>#SSLCryptoDevice ubsec
>>>>
>>>>##
>>>>## SSL Virtual Host Context
>>>>##
>>>>
>>>><VirtualHost _default_:4443>
>>>>
>>>># General setup for the virtual host, inherited
>>>>        
>>>>
>>from
>>    
>>
>>>>global configuration
>>>>DocumentRoot "/var/www/html"
>>>>ServerName gibbons.com:4443
>>>>
>>>># Use separate log files for the SSL virtual host;
>>>>note that LogLevel
>>>># is not inherited from httpd.conf.
>>>>ErrorLog logs/ssl_error_log
>>>>TransferLog logs/ssl_access_log
>>>>LogLevel warn
>>>>
>>>>#   SSL Engine Switch:
>>>>#   Enable/Disable SSL for this virtual host.
>>>>SSLEngine on
>>>>
>>>>#   SSL Cipher Suite:
>>>>#   List the ciphers that the client is permitted
>>>>        
>>>>
>>to
>>    
>>
>>>>negotiate.
>>>>#   See the mod_ssl documentation for a complete
>>>>list.
>>>>SSLCipherSuite
>>>>
>>>>   
>>>>
>>>>        
>>>>
>>ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
>>    
>>
>>> 
>>>
>>>      
>>>
>>>>#   Server Certificate:
>>>>#   Point SSLCertificateFile at a PEM encoded
>>>>certificate.  If
>>>>#   the certificate is encrypted, then you will be
>>>>prompted for a
>>>>#   pass phrase.  Note that a kill -HUP will
>>>>        
>>>>
>>prompt
>>    
>>
>>>>again. A test
>>>>#   certificate can be generated with `make
>>>>certificate' under
>>>>#   built time. Keep in mind that if you've both a
>>>>RSA and a DSA
>>>>#   certificate you can configure both in parallel
>>>>(to also allow
>>>>#   the use of DSA ciphers, etc.)
>>>>SSLCertificateFile
>>>>/etc/httpd/conf/ssl.crt/server.crt
>>>>#SSLCertificateFile
>>>>/etc/httpd/conf/ssl.crt/server-dsa.crt
>>>>
>>>>#   Server Private Key:
>>>>#   If the key is not combined with the
>>>>        
>>>>
>>certificate,
>>    
>>
>>>>use this
>>>>#   directive to point at the key file.  Keep in
>>>>mind that if
>>>>#   you've both a RSA and a DSA private key you
>>>>        
>>>>
>>can
>>    
>>
>>>>configure
>>>>#   both in parallel (to also allow the use of DSA
>>>>ciphers, etc.)
>>>>SSLCertificateKeyFile
>>>>/etc/httpd/conf/ssl.key/server.key
>>>>#SSLCertificateKeyFile
>>>>/etc/httpd/conf/ssl.key/server-dsa.key
>>>>
>>>>#   Server Certificate Chain:
>>>>#   Point SSLCertificateChainFile at a file
>>>>containing the
>>>>#   concatenation of PEM encoded CA certificates
>>>>which form the
>>>>#   certificate chain for the server certificate.
>>>>Alternatively
>>>>#   the referenced file can be the same as
>>>>SSLCertificateFile
>>>>#   when the CA certificates are directly appended
>>>>to the server
>>>>#   certificate for convinience.
>>>>#SSLCertificateChainFile
>>>>/etc/httpd/conf/ssl.crt/ca.crt
>>>>
>>>>#   Certificate Authority (CA):
>>>>#   Set the CA certificate verification path where
>>>>to find CA
>>>>#   certificates for client authentication or
>>>>alternatively one
>>>>#   huge file containing all of them (file must be
>>>>PEM encoded)
>>>>#   Note: Inside SSLCACertificatePath you need
>>>>        
>>>>
>>hash
>>    
>>
>>>>symlinks
>>>>#         to point to the certificate files. Use
>>>>        
>>>>
>>the
>>    
>>
>>>>provided
>>>>#         Makefile to update the hash symlinks
>>>>        
>>>>
>>after
>>    
>>
>>>>changes.
>>>>#SSLCACertificatePath /etc/httpd/conf/ssl.crt
>>>>#SSLCACertificateFile
>>>>/usr/share/ssl/certs/ca-bundle.crt
>>>>
>>>>#   Certificate Revocation Lists (CRL):
>>>>#   Set the CA revocation path where to find CA
>>>>        
>>>>
>>CRLs
>>    
>>
>>>>for client
>>>>#   authentication or alternatively one huge file
>>>>containing all
>>>>#   of them (file must be PEM encoded)
>>>>#   Note: Inside SSLCARevocationPath you need hash
>>>>symlinks
>>>>#         to point to the certificate files. Use
>>>>        
>>>>
>>the
>>    
>>
>>>>provided
>>>>#         Makefile to update the hash symlinks
>>>>        
>>>>
>>after
>>    
>>
>>>>changes.
>>>>#SSLCARevocationPath /etc/httpd/conf/ssl.crl
>>>>#SSLCARevocationFile
>>>>/etc/httpd/conf/ssl.crl/ca-bundle.crl
>>>>
>>>>#   Client Authentication (Type):
>>>>#   Client certificate verification type and
>>>>        
>>>>
>>depth. 
>>    
>>
>>>>Types are
>>>>#   none, optional, require and optional_no_ca. 
>>>>Depth is a
>>>>#   number which specifies how deeply to verify
>>>>        
>>>>
>>the
>>    
>>
>>>>certificate
>>>>#   issuer chain before deciding the certificate
>>>>        
>>>>
>>is
>>    
>>
>>>>not valid.
>>>>#SSLVerifyClient require
>>>>#SSLVerifyDepth  10
>>>>
>>>>#   Access Control:
>>>>#   With SSLRequire you can do per-directory
>>>>        
>>>>
>>access
>>    
>>
>>>>control based
>>>>#   on arbitrary complex boolean expressions
>>>>containing server
>>>>#   variable checks and other lookup directives. 
>>>>The syntax is a
>>>>#   mixture between C and Perl.  See the mod_ssl
>>>>documentation
>>>>#   for more details.
>>>>#<Location />
>>>>#SSLRequire (    %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
>>>>#            and %{SSL_CLIENT_S_DN_O} eq "Snake
>>>>        
>>>>
>>Oil,
>>    
>>
>>>>Ltd." \
>>>>#            and %{SSL_CLIENT_S_DN_OU} in
>>>>        
>>>>
>>{"Staff",
>>    
>>
>>>>"CA", "Dev"} \
>>>>#            and %{TIME_WDAY} >= 1 and
>>>>        
>>>>
>>%{TIME_WDAY}
>>    
>>
>>>><= 5 \
>>>>#            and %{TIME_HOUR} >= 8 and
>>>>        
>>>>
>>%{TIME_HOUR}
>>    
>>
>>>><= 20       ) \
>>>>#           or %{REMOTE_ADDR} =~
>>>>m/^192\.76\.162\.[0-9]+$/
>>>>#</Location>
>>>>
>>>>#   SSL Engine Options:
>>>>#   Set various options for the SSL engine.
>>>>#   o FakeBasicAuth:
>>>>#     Translate the client X.509 into a Basic
>>>>Authorisation.  This means that
>>>>#     the standard Auth/DBMAuth methods can be
>>>>        
>>>>
>>used
>>    
>>
>>>>for access control.  The
>>>>#     user name is the `one line' version of the
>>>>client's X.509 certificate.
>>>>#     Note that no password is obtained from the
>>>>user. Every entry in the user
>>>>#     file needs this password: `xxj31ZMTZzkVA'.
>>>>#   o ExportCertData:
>>>>#     This exports two additional environment
>>>>variables: SSL_CLIENT_CERT and
>>>>#     SSL_SERVER_CERT. These contain the
>>>>        
>>>>
>>PEM-encoded
>>    
>>
>>>>certificates of the
>>>>#     server (always existing) and the client
>>>>        
>>>>
>>(only
>>    
>>
>>>>existing when client
>>>>#     authentication is used). This can be used to
>>>>import the certificates
>>>>#     into CGI scripts.
>>>>#   o StdEnvVars:
>>>>#     This exports the standard SSL/TLS related
>>>>`SSL_*' environment variables.
>>>>#     Per default this exportation is switched off
>>>>for performance reasons,
>>>>#     because the extraction step is an expensive
>>>>operation and is usually
>>>>#     useless for serving static content. So one
>>>>usually enables the
>>>>#     exportation for CGI and SSI requests only.
>>>>#   o StrictRequire:
>>>>#     This denies access when "SSLRequireSSL" or
>>>>"SSLRequire" applied even
>>>>#     under a "Satisfy any" situation, i.e. when
>>>>        
>>>>
>>it
>>    
>>
>>>>applies access is denied
>>>>#     and no other module can change it.
>>>>#   o OptRenegotiate:
>>>>#     This enables optimized SSL connection
>>>>renegotiation handling when SSL
>>>>#     directives are used in per-directory
>>>>        
>>>>
>>context. 
>>    
>>
>>>>#SSLOptions +FakeBasicAuth +ExportCertData
>>>>+CompatEnvVars +StrictRequire
>>>><Files ~ "\.(cgi|shtml|phtml|php3?)$">
>>>>   SSLOptions +StdEnvVars
>>>></Files>
>>>><Directory "/var/www/cgi-bin">
>>>>   SSLOptions +StdEnvVars
>>>></Directory>
>>>>
>>>>#   SSL Protocol Adjustments:
>>>>#   The safe and default but still SSL/TLS
>>>>        
>>>>
>>standard
>>    
>>
>>>>compliant shutdown
>>>>#   approach is that mod_ssl sends the close
>>>>        
>>>>
>>notify
>>    
>>
>>>>alert but doesn't wait for
>>>>#   the close notify alert from client. When you
>>>>need a different shutdown
>>>>#   approach you can use one of the following
>>>>variables:
>>>>#   o ssl-unclean-shutdown:
>>>>#     This forces an unclean shutdown when the
>>>>connection is closed, i.e. no
>>>>#     SSL close notify alert is send or allowed to
>>>>received.  This violates
>>>>#     the SSL/TLS standard but is needed for some
>>>>brain-dead browsers. Use
>>>>#     this when you receive I/O errors because of
>>>>the standard approach where
>>>>#     mod_ssl sends the close notify alert.
>>>>#   o ssl-accurate-shutdown:
>>>>#     This forces an accurate shutdown when the
>>>>connection is closed, i.e. a
>>>>#     SSL close notify alert is send and mod_ssl
>>>>waits for the close notify
>>>>#     alert of the client. This is 100% SSL/TLS
>>>>standard compliant, but in
>>>>#     practice often causes hanging connections
>>>>        
>>>>
>>with
>>    
>>
>>>>brain-dead browsers. Use
>>>>#     this only for browsers where you know that
>>>>their SSL implementation
>>>>#     works correctly. 
>>>>#   Notice: Most problems of broken clients are
>>>>        
>>>>
>>also
>>    
>>
>>>>related to the HTTP
>>>>#   keep-alive facility, so you usually
>>>>        
>>>>
>>additionally
>>    
>>
>>>>want to disable
>>>>#   keep-alive for those clients, too. Use
>>>>        
>>>>
>>variable
>>    
>>
>>>>"nokeepalive" for this.
>>>>#   Similarly, one has to force some clients to
>>>>        
>>>>
>>use
>>    
>>
>>>>HTTP/1.0 to workaround
>>>>#   their broken HTTP/1.1 implementation. Use
>>>>variables "downgrade-1.0" and
>>>>#   "force-response-1.0" for this.
>>>>SetEnvIf User-Agent ".*MSIE.*" \
>>>>        nokeepalive ssl-unclean-shutdown \
>>>>        downgrade-1.0 force-response-1.0
>>>>
>>>>#   Per-Server Logging:
>>>>#   The home of a custom SSL log file. Use this
>>>>        
>>>>
>>when
>>    
>>
>>>>you want a
>>>>#   compact non-error SSL logfile on a virtual
>>>>        
>>>>
>>host
>>    
>>
>>>>basis.
>>>>CustomLog logs/ssl_request_log \
>>>>         "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x
>>>>\"%r\" %b"
>>>>
>>>></VirtualHost>                                  
>>>>
>>>>   
>>>>
>>>>        
>>>>
>>>>>#
>>>>>     
>>>>>
>>>>>          
>>>>>
>>>># Based upon the NCSA server configuration files
>>>>originally by Rob McCool.
>>>>#
>>>># This is the main Apache server configuration
>>>>        
>>>>
>>file.
>>    
>>
>>>>It contains the
>>>># configuration directives that give the server
>>>>        
>>>>
>>its
>>    
>>
>>>>instructions.
>>>># See URL:http://httpd.apache.org/docs-2.0/ for
>>>>detailed information about
>>>># the directives.
>>>>#
>>>># Do NOT simply read the instructions in here
>>>>without understanding
>>>># what they do.  They're here only as hints or
>>>>reminders.  If you are unsure
>>>># consult the online docs. You have been warned.  
>>>>#
>>>># The configuration directives are grouped into
>>>>three basic sections:
>>>>#  1. Directives that control the operation of the
>>>>Apache server process as a
>>>>#     whole (the 'global environment').
>>>>#  2. Directives that define the parameters of the
>>>>'main' or 'default' server,
>>>>#     which responds to requests that aren't
>>>>        
>>>>
>>handled
>>    
>>
>>>>by a virtual host.
>>>>#     These directives also provide default values
>>>>for the settings
>>>>#     of all virtual hosts.
>>>>#  3. Settings for virtual hosts, which allow Web
>>>>requests to be sent to
>>>>#     different IP addresses or hostnames and have
>>>>them handled by the
>>>>#     same Apache server process.
>>>>#
>>>># Configuration and logfile names: If the
>>>>        
>>>>
>>filenames
>>    
>>
>>>>you specify for many
>>>># of the server's control files begin with "/" (or
>>>>"drive:/" for Win32), the
>>>># server will use that explicit path.  If the
>>>>filenames do *not* begin
>>>># with "/", the value of ServerRoot is prepended
>>>>        
>>>>
>>--
>>    
>>
>>>>so "logs/foo.log"
>>>># with ServerRoot set to "/etc/httpd" will be
>>>>interpreted by the
>>>># server as "/etc/httpd/logs/foo.log".
>>>>#
>>>>
>>>>### Section 1: Global Environment
>>>>#
>>>># The directives in this section affect the
>>>>        
>>>>
>>overall
>>    
>>
>>>>operation of Apache,
>>>># such as the number of concurrent requests it can
>>>>handle or where it
>>>># can find its configuration files.
>>>>#
>>>>
>>>>#
>>>># Don't give away too much information about all
>>>>        
>>>>
>>the
>>    
>>
>>>>subcomponents
>>>># we are running.  Comment out this line if you
>>>>don't mind remote sites
>>>># finding out what major optional modules you are
>>>>running
>>>>ServerTokens OS
>>>>
>>>>#
>>>># ServerRoot: The top of the directory tree under
>>>>which the server's
>>>># configuration, error, and log files are kept.
>>>>#
>>>># NOTE!  If you intend to place this on an NFS (or
>>>>otherwise network)
>>>># mounted filesystem then please read the LockFile
>>>>documentation
>>>># (available at
>>>>
>>>>   
>>>>
>>>>        
>>>>
>><URL:http://httpd.apache.org/docs-2.0/mod/core.html#lockfile>);
>>    
>>
>>> 
>>>
>>>      
>>>
>>>># you will save yourself a lot of trouble.
>>>>#
>>>># Do NOT add a slash at the end of the directory
>>>>path.
>>>>#
>>>>ServerRoot "/etc/httpd"
>>>>
>>>>#
>>>># ScoreBoardFile: File used to store internal
>>>>        
>>>>
>>server
>>    
>>
>>>>process information.
>>>># If unspecified (the default), the scoreboard
>>>>        
>>>>
>>will
>>    
>>
>>>>be stored in an
>>>># anonymous shared memory segment, and will be
>>>>unavailable to third-party
>>>># applications.
>>>># If specified, ensure that no two invocations of
>>>>Apache share the same
>>>># scoreboard file. The scoreboard file MUST BE
>>>>STORED ON A LOCAL DISK.
>>>>#
>>>>#ScoreBoardFile run/httpd.scoreboard
>>>>
>>>>#
>>>># PidFile: The file in which the server should
>>>>record its process
>>>># identification number when it starts.
>>>>#
>>>>PidFile "/var/run/httpd.pid"
>>>>
>>>>#
>>>># Timeout: The number of seconds before receives
>>>>        
>>>>
>>and
>>    
>>
>>>>sends time out.
>>>>#
>>>>TimeOut 300
>>>>
>>>>#
>>>># KeepAlive: Whether or not to allow persistent
>>>>connections (more than
>>>># one request per connection). Set to "Off" to
>>>>deactivate.
>>>>#
>>>>KeepAlive true
>>>>
>>>>#
>>>># MaxKeepAliveRequests: The maximum number of
>>>>requests to allow
>>>># during a persistent connection. Set to 0 to
>>>>        
>>>>
>>allow
>>    
>>
>>>>an unlimited amount.
>>>># We recommend you leave this number high, for
>>>>maximum performance.
>>>>#
>>>>MaxKeepAliveRequests 100
>>>>
>>>>#
>>>># KeepAliveTimeout: Number of seconds to wait for
>>>>the next request from the
>>>># same client on the same connection.
>>>>#
>>>>KeepAliveTimeout 15
>>>>
>>>>##
>>>>## Server-Pool Size Regulation (MPM specific)
>>>>## 
>>>>
>>>># prefork MPM
>>>># StartServers: number of server processes to
>>>>        
>>>>
>>start
>>    
>>
>>>># MinSpareServers: minimum number of server
>>>>processes which are kept spare
>>>># MaxSpareServers: maximum number of server
>>>>processes which are kept spare
>>>># MaxClients: maximum number of server processes
>>>>allowed to start
>>>># MaxRequestsPerChild: maximum number of requests
>>>>        
>>>>
>>a
>>    
>>
>>>>server process serves
>>>><IfModule prefork.c>
>>>>StartServers 8
>>>>MinSpareServers 5
>>>>MaxSpareServers 20
>>>>MaxClients 150
>>>>MaxRequestsPerChild 100
>>>></IfModule>
>>>>
>>>># worker MPM
>>>># StartServers: initial number of server processes
>>>>to start
>>>># MaxClients: maximum number of simultaneous
>>>>        
>>>>
>>client
>>    
>>
>>>>connections
>>>># MinSpareThreads: minimum number of worker
>>>>        
>>>>
>>threads
>>    
>>
>>>>which are kept spare
>>>># MaxSpareThreads: maximum number of worker
>>>>        
>>>>
>>threads
>>    
>>
>>>>which are kept spare
>>>># ThreadsPerChild: constant number of worker
>>>>        
>>>>
>>threads
>>    
>>
>>>>in each server process
>>>># MaxRequestsPerChild: maximum number of requests
>>>>        
>>>>
>>a
>>    
>>
>>>>server process serves
>>>><IfModule worker.c>
>>>>StartServers         2
>>>>MaxClients         150
>>>>MinSpareThreads     25
>>>>MaxSpareThreads     75
>>>>ThreadsPerChild     25 
>>>>MaxRequestsPerChild  0
>>>></IfModule>
>>>>
>>>>#
>>>># Listen: Allows you to bind Apache to specific IP
>>>>addresses and/or
>>>># ports, in addition to the default. See also the
>>>><VirtualHost>
>>>># directive.
>>>>#
>>>># Change this to Listen on specific IP addresses
>>>>        
>>>>
>>as
>>    
>>
>>>>shown below to 
>>>># prevent Apache from glomming onto all bound IP
>>>>addresses (0.0.0.0)
>>>>#
>>>>#Listen 12.34.56.78:80
>>>>Listen *:80
>>>>
>>>>
>>>>#
>>>># Dynamic Shared Object (DSO) Support
>>>>#
>>>># To be able to use the functionality of a module
>>>>which was built as a DSO you
>>>># have to place corresponding `LoadModule' lines
>>>>        
>>>>
>>at
>>    
>>
>>>>this location so the
>>>># directives contained in it are actually
>>>>        
>>>>
>>available
>>    
>>
>>>>_before_ they are used.
>>>># Statically compiled modules (those listed by
>>>>`httpd -l') do not need
>>>># to be loaded here.
>>>>#
>>>># Example:
>>>># LoadModule foo_module modules/mod_foo.so
>>>>#
>>>>LoadModule access_module modules/mod_access.so
>>>>LoadModule auth_module modules/mod_auth.so
>>>>LoadModule auth_anon_module
>>>>        
>>>>
>>modules/mod_auth_anon.so
>>    
>>
>>>>LoadModule auth_dbm_module modules/mod_auth_dbm.so
>>>>LoadModule auth_digest_module
>>>>modules/mod_auth_digest.so
>>>>LoadModule ldap_module modules/mod_ldap.so
>>>>LoadModule auth_ldap_module
>>>>        
>>>>
>>modules/mod_auth_ldap.so
>>    
>>
>>>>LoadModule include_module modules/mod_include.so
>>>>LoadModule log_config_module
>>>>modules/mod_log_config.so
>>>>LoadModule env_module modules/mod_env.so
>>>>LoadModule mime_magic_module
>>>>modules/mod_mime_magic.so
>>>>LoadModule cern_meta_module
>>>>        
>>>>
>>modules/mod_cern_meta.so
>>    
>>
>>>>LoadModule expires_module modules/mod_expires.so
>>>>LoadModule deflate_module modules/mod_deflate.so
>>>>LoadModule headers_module modules/mod_headers.so
>>>>LoadModule usertrack_module
>>>>        
>>>>
>>modules/mod_usertrack.so
>>    
>>
>>>>LoadModule unique_id_module
>>>>        
>>>>
>>modules/mod_unique_id.so
>>    
>>
>>>>LoadModule setenvif_module modules/mod_setenvif.so
>>>>LoadModule mime_module modules/mod_mime.so
>>>>LoadModule dav_module modules/mod_dav.so
>>>>#Nina added these in for svn server
>>>>#
>>>>LoadModule dav_svn_module modules/mod_dav_svn.so
>>>>LoadModule authz_svn_module
>>>>        
>>>>
>>modules/mod_authz_svn.so
>>    
>>
>>>>#
>>>>LoadModule status_module modules/mod_status.so
>>>>LoadModule autoindex_module
>>>>        
>>>>
>>modules/mod_autoindex.so
>>    
>>
>>>>LoadModule asis_module modules/mod_asis.so
>>>>LoadModule info_module modules/mod_info.so
>>>>LoadModule dav_fs_module modules/mod_dav_fs.so
>>>>LoadModule vhost_alias_module
>>>>modules/mod_vhost_alias.so
>>>>LoadModule negotiation_module
>>>>modules/mod_negotiation.so
>>>>LoadModule dir_module modules/mod_dir.so
>>>>LoadModule imap_module modules/mod_imap.so
>>>>LoadModule actions_module modules/mod_actions.so
>>>>LoadModule speling_module modules/mod_speling.so
>>>>LoadModule userdir_module modules/mod_userdir.so
>>>>LoadModule alias_module modules/mod_alias.so
>>>>LoadModule rewrite_module modules/mod_rewrite.so
>>>>LoadModule proxy_module modules/mod_proxy.so
>>>>LoadModule proxy_ftp_module
>>>>        
>>>>
>>modules/mod_proxy_ftp.so
>>    
>>
>>>>LoadModule proxy_http_module
>>>>modules/mod_proxy_http.so
>>>>LoadModule proxy_connect_module
>>>>modules/mod_proxy_connect.so
>>>>LoadModule cache_module modules/mod_cache.so
>>>>LoadModule suexec_module modules/mod_suexec.so
>>>>LoadModule disk_cache_module
>>>>modules/mod_disk_cache.so
>>>>LoadModule file_cache_module
>>>>modules/mod_file_cache.so
>>>>LoadModule mem_cache_module
>>>>        
>>>>
>>modules/mod_mem_cache.so
>>    
>>
>>>>LoadModule cgi_module modules/mod_cgi.so
>>>>
>>>>#
>>>># Load config files from the config directory
>>>>"/etc/httpd/conf.d".
>>>>#
>>>>Include conf.d/*.conf
>>>>
>>>>#
>>>># ExtendedStatus controls whether Apache will
>>>>generate "full" status
>>>># information (ExtendedStatus On) or just basic
>>>>information (ExtendedStatus
>>>># Off) when the "server-status" handler is called.
>>>>The default is Off.
>>>>#
>>>>#ExtendedStatus On
>>>>
>>>>### Section 2: 'Main' server configuration
>>>>#
>>>># The directives in this section set up the values
>>>>used by the 'main'
>>>># server, which responds to any requests that
>>>>        
>>>>
>>aren't
>>    
>>
>>>>handled by a
>>>># <VirtualHost> definition.  These values also
>>>>provide defaults for
>>>># any <VirtualHost> containers you may define
>>>>        
>>>>
>>later
>>    
>>
>>>>in the file.
>>>>#
>>>># All of these directives may appear inside
>>>><VirtualHost> containers,
>>>># in which case these default settings will be
>>>>overridden for the
>>>># virtual host being defined.
>>>>#
>>>>
>>>>#
>>>># If you wish httpd to run as a different user or
>>>>group, you must run
>>>># httpd as root initially and it will switch.  
>>>>#
>>>># User/Group: The name (or #number) of the
>>>>user/group to run httpd as.
>>>>#  . On SCO (ODT 3) use "User nouser" and "Group
>>>>nogroup".
>>>>#  . On HPUX you may not be able to use shared
>>>>memory as nobody, and the
>>>>#    suggested workaround is to create a user www
>>>>and use that user.
>>>>#  NOTE that some kernels refuse to setgid(Group)
>>>>        
>>>>
>>or
>>    
>>
>>>>semctl(IPC_SET)
>>>>#  when the value of (unsigned)Group is above
>>>>        
>>>>
>>60000;
>>    
>>
>>>>#  don't use Group #-1 on these systems!
>>>>#
>>>>User apache
>>>>Group apache
>>>>
>>>>#
>>>># ServerAdmin: Your address, where problems with
>>>>        
>>>>
>>the
>>    
>>
>>>>server should be
>>>># e-mailed.  This address appears on some
>>>>server-generated pages, such
>>>># as error documents.  e.g. admin@your-domain.com
>>>>#
>>>>ServerAdmin root@gibbons.com
>>>>
>>>>#
>>>># ServerName gives the name and port that the
>>>>        
>>>>
>>server
>>    
>>
>>>>uses to identify itself.
>>>># This can often be determined automatically, but
>>>>        
>>>>
>>we
>>    
>>
>>>>recommend you specify
>>>># it explicitly to prevent problems during
>>>>        
>>>>
>>startup.
>>    
>>
>>>>#
>>>># If this is not set to valid DNS name for your
>>>>host, server-generated
>>>># redirections will not work.  See also the
>>>>UseCanonicalName directive.
>>>>#
>>>># If your host doesn't have a registered DNS name,
>>>>enter its IP address here.
>>>># You will have to access it by its address
>>>>        
>>>>
>>anyway,
>>    
>>
>>>>and this will make 
>>>># redirections work in a sensible way.
>>>>#
>>>>ServerName gibbons.com:80
>>>>
>>>>#
>>>># UseCanonicalName: Determines how Apache
>>>>        
>>>>
>>constructs
>>    
>>
>>>>self-referencing 
>>>># URLs and the SERVER_NAME and SERVER_PORT
>>>>variables.
>>>># When set "Off", Apache will use the Hostname and
>>>>Port supplied
>>>># by the client.  When set "On", Apache will use
>>>>        
>>>>
>>the
>>    
>>
>>>>value of the
>>>># ServerName directive.
>>>>#
>>>>UseCanonicalName on
>>>>
>>>>#
>>>># DocumentRoot: The directory out of which you
>>>>        
>>>>
>>will
>>    
>>
>>>>serve your
>>>># documents. By default, all requests are taken
>>>>        
>>>>
>>from
>>    
>>
>>>>this directory, but
>>>># symbolic links and aliases may be used to point
>>>>        
>>>>
>>to
>>    
>>
>>>>other locations.
>>>>#
>>>>DocumentRoot "/var/www/html"
>>>>
>>>># 
>>>># Disable autoindex for the root directory, and
>>>>present a
>>>># default Welcome page if no other index page is
>>>>present.
>>>>#
>>>><LocationMatch "^/$">
>>>>   Options -Indexes
>>>>   ErrorDocument 403 /error/noindex.html
>>>></LocationMatch>
>>>>
>>>>#
>>>># UserDir: The name of the directory that is
>>>>appended onto a user's home
>>>># directory if a ~user request is received.
>>>>#
>>>># The path to the end user account 'public_html'
>>>>directory must be
>>>># accessible to the webserver userid.  This
>>>>        
>>>>
>>usually
>>    
>>
>>>>means that ~userid
>>>># must have permissions of 711,
>>>>        
>>>>
>>~userid/public_html
>>    
>>
>>>>must have permissions
>>>># of 755, and documents contained therein must be
>>>>world-readable.
>>>># Otherwise, the client will only receive a "403
>>>>Forbidden" message.
>>>>#
>>>># See also:
>>>>        
>>>>
>>>http://httpd.apache.org/docs/misc/FAQ.html#forbidden
>>>      
>>>
>>>>#
>>>><IfModule mod_userdir.c>
>>>>   #
>>>>   # UserDir is disabled by default since it can
>>>>confirm the presence
>>>>   # of a username on the system (depending on
>>>>        
>>>>
>>home
>>    
>>
>>>>directory
>>>>   # permissions).
>>>>   #
>>>>   UserDir "disable"
>>>>
>>>>   #
>>>>   # To enable requests to /~user/ to serve the
>>>>user's public_html
>>>>   # directory, use this directive instead of
>>>>"UserDir disable":
>>>>   # 
>>>>   #UserDir public_html
>>>>
>>>></IfModule>
>>>>
>>>>#
>>>># DirectoryIndex: sets the file that Apache will
>>>>serve if a directory
>>>># is requested.
>>>>#
>>>># The index.html.var file (a type-map) is used to
>>>>deliver content-
>>>># negotiated documents.  The MultiViews Option can
>>>>be used for the 
>>>># same purpose, but it is much slower.
>>>>#
>>>>DirectoryIndex 
>>>>
>>>>#
>>>># AccessFileName: The name of the file to look for
>>>>in each directory
>>>># for access control information.  See also the
>>>>AllowOverride directive.
>>>>#
>>>>AccessFileName .htaccess
>>>>
>>>>#
>>>># The following lines prevent .htaccess and
>>>>.htpasswd files from being 
>>>># viewed by Web clients. 
>>>>#
>>>><Files ~ "^\.ht">
>>>>   Order allow,deny
>>>>   Deny from all
>>>></Files>
>>>>
>>>>#
>>>># TypesConfig describes where the mime.types file
>>>>(or equivalent) is
>>>># to be found.
>>>>#
>>>>TypesConfig "/etc/mime.types"
>>>>
>>>>#
>>>># DefaultType is the default MIME type the server
>>>>will use for a document
>>>># if it cannot otherwise determine one, such as
>>>>        
>>>>
>>from
>>    
>>
>>>>filename extensions.
>>>># If your server contains mostly text or HTML
>>>>documents, "text/plain" is
>>>># a good value.  If most of your content is
>>>>        
>>>>
>>binary,
>>    
>>
>>>>such as applications
>>>># or images, you may want to use
>>>>"application/octet-stream" instead to
>>>># keep browsers from trying to display binary
>>>>        
>>>>
>>files
>>    
>>
>>>>as though they are
>>>># text.
>>>>#
>>>>DefaultType text/plain
>>>>
>>>>#
>>>># The mod_mime_magic module allows the server to
>>>>        
>>>>
>>use
>>    
>>
>>>>various hints from the
>>>># contents of the file itself to determine its
>>>>        
>>>>
>>type.
>>    
>>
>>>>The MIMEMagicFile
>>>># directive tells the module where the hint
>>>>definitions are located.
>>>>#
>>>><IfModule mod_mime_magic.c>
>>>>#   MIMEMagicFile /usr/share/magic.mime
>>>>   MIMEMagicFile conf/magic
>>>></IfModule>
>>>>
>>>>#
>>>># HostnameLookups: Log the names of clients or
>>>>        
>>>>
>>just
>>    
>>
>>>>their IP addresses
>>>># e.g., www.apache.org (on) or 204.62.129.132
>>>>        
>>>>
>>(off).
>>    
>>
>>>># The default is off because it'd be overall
>>>>        
>>>>
>>better
>>    
>>
>>>>for the net if people
>>>># had to knowingly turn this feature on, since
>>>>enabling it means that
>>>># each client request will result in AT LEAST one
>>>>lookup request to the
>>>># nameserver.
>>>>#
>>>>HostNameLookups Off
>>>>
>>>>#
>>>># EnableMMAP: Control whether memory-mapping is
>>>>        
>>>>
>>used
>>    
>>
>>>>to deliver
>>>># files (assuming that the underlying OS supports
>>>>it).
>>>># The default is on; turn this off if you serve
>>>>        
>>>>
>>from
>>    
>>
>>>>NFS-mounted 
>>>># filesystems.  On some systems, turning it off
>>>>(regardless of
>>>># filesystem) can improve performance; for
>>>>        
>>>>
>>details,
>>    
>>
>>>>please see
>>>>#
>>>>
>>>>   
>>>>
>>>>        
>>>>
>>http://httpd.apache.org/docs-2.0/mod/core.html#enablemmap
>>    
>>
>>> 
>>>
>>>      
>>>
>>>>#
>>>>#EnableMMAP off
>>>>
>>>>#
>>>># EnableSendfile: Control whether the sendfile
>>>>kernel support is 
>>>># used to deliver files (assuming that the OS
>>>>supports it). 
>>>># The default is on; turn this off if you serve
>>>>        
>>>>
>>from
>>    
>>
>>>>NFS-mounted 
>>>># filesystems.  Please see
>>>>#
>>>>
>>>>   
>>>>
>>>>        
>>>>
>>http://httpd.apache.org/docs-2.0/mod/core.html#enablesendfile
>>    
>>
>>> 
>>>
>>>      
>>>
>>>>#
>>>>#EnableSendfile off
>>>>
>>>>#
>>>># ErrorLog: The location of the error log file.
>>>># If you do not specify an ErrorLog directive
>>>>        
>>>>
>>within
>>    
>>
>>>>a <VirtualHost>
>>>># container, error messages relating to that
>>>>        
>>>>
>>virtual
>>    
>>
>>>>host will be
>>>># logged here.  If you *do* define an error
>>>>        
>>>>
>>logfile
>>    
>>
>>>>for a <VirtualHost>
>>>># container, that host's errors will be logged
>>>>        
>>>>
>>there
>>    
>>
>>>>and not here.
>>>>#
>>>>ErrorLog "/var/log/httpd/error_log"
>>>>
>>>>#
>>>># LogLevel: Control the number of messages logged
>>>>        
>>>>
>>to
>>    
>>
>>>>the error_log.
>>>># Possible values include: debug, info, notice,
>>>>warn, error, crit,
>>>># alert, emerg.
>>>>#
>>>>LogLevel warn
>>>>
>>>>#
>>>># The following directives define some format
>>>>nicknames for use with
>>>># a CustomLog directive (see below).
>>>>#
>>>>LogFormat "%h %l %u %t \"%r\" %>s %b
>>>>        
>>>>
>>\"%{Referer}i\"
>>    
>>
>>>>\"%{User-Agent}i\"" combined
>>>>LogFormat "%h %l %u %t \"%r\" %>s %b" common
>>>>LogFormat "%{Referer}i -> %U" referer
>>>>LogFormat "%{User-agent}i" agent
>>>>
>>>>
>>>>#
>>>># The location and format of the access logfile
>>>>(Common Logfile Format).
>>>># If you do not define any access logfiles within
>>>>        
>>>>
>>a
>>    
>>
>>>><VirtualHost>
>>>># container, they will be logged here. 
>>>>Contrariwise, if you *do*
>>>># define per-<VirtualHost> access logfiles,
>>>>transactions will be
>>>># logged therein and *not* in this file.
>>>>#
>>>># CustomLog logs/access_log common
>>>>CustomLog logs/access_log combined
>>>>
>>>>#
>>>># If you would like to have agent and referer
>>>>logfiles, uncomment the
>>>># following directives.
>>>>#
>>>>#CustomLog logs/referer_log referer
>>>>#CustomLog logs/agent_log agent
>>>>
>>>>#
>>>># If you prefer a single logfile with access,
>>>>        
>>>>
>>agent,
>>    
>>
>>>>and referer information
>>>># (Combined Logfile Format) you can use the
>>>>following directive.
>>>>#
>>>>#CustomLog logs/access_log combined
>>>>
>>>>#
>>>># Optionally add a line containing the server
>>>>version and virtual host
>>>># name to server-generated pages (error documents,
>>>>FTP directory listings,
>>>># mod_status and mod_info output etc., but not CGI
>>>>generated documents).
>>>># Set to "EMail" to also include a mailto: link to
>>>>the ServerAdmin.
>>>># Set to one of:  On | Off | EMail
>>>>#
>>>>ServerSignature on
>>>>
>>>>#
>>>># Aliases: Add here as many aliases as you need
>>>>(with no limit). The format is 
>>>># Alias fakename realname
>>>>#
>>>># Note that if you include a trailing / on
>>>>        
>>>>
>>fakename
>>    
>>
>>>>then the server will
>>>># require it to be present in the URL.  So
>>>>        
>>>>
>>"/icons"
>>    
>>
>>>>isn't aliased in this
>>>># example, only "/icons/".  If the fakename is
>>>>slash-terminated, then the 
>>>># realname must also be slash terminated, and if
>>>>        
>>>>
>>the
>>    
>>
>>>>fakename omits the 
>>>># trailing slash, the realname must also omit it.
>>>>#
>>>># We include the /icons/ alias for FancyIndexed
>>>>directory listings.  If you
>>>># do not use FancyIndexing, you may comment this
>>>>out.
>>>>#
>>>>Alias /icons/ "/var/www/icons/"
>>>>
>>>>#
>>>># This should be changed to the
>>>>        
>>>>
>>ServerRoot/manual/. 
>>    
>>
>>>>The alias provides
>>>># the manual, even if you choose to move your
>>>>DocumentRoot.  You may comment
>>>># this out if you do not care for the
>>>>        
>>>>
>>documentation.
>>    
>>
>>>>#
>>>>Alias /manual "/var/www/manual"
>>>>
>>>><IfModule mod_dav_fs.c>
>>>>   # Location of the WebDAV lock database.
>>>>   DAVLockDB /var/lib/dav/lockdb
>>>></IfModule>
>>>>
>>>>#
>>>># ScriptAlias: This controls which directories
>>>>contain server scripts.
>>>># ScriptAliases are essentially the same as
>>>>        
>>>>
>>Aliases,
>>    
>>
>>>>except that
>>>># documents in the realname directory are treated
>>>>        
>>>>
>>as
>>    
>>
>>>>applications and
>>>># run by the server when requested rather than as
>>>>documents sent to the client.
>>>># The same rules about trailing "/" apply to
>>>>ScriptAlias directives as to
>>>># Alias.
>>>>#
>>>>ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
>>>>
>>>><IfModule mod_cgid.c>
>>>>#
>>>># Additional to mod_cgid.c settings, mod_cgid has
>>>>Scriptsock <path>
>>>># for setting UNIX socket for communicating with
>>>>cgid.
>>>>#
>>>>#Scriptsock            logs/cgisock
>>>></IfModule>
>>>>
>>>>#Nina added
>>>>
>>>>   
>>>>
>>>>        
>>>>
>>######################################################################
>>    
>>
>>> 
>>>
>>>      
>>>
>>>>#<IfModule mod_ssl.c>
>>>>#Include conf.d/ssl.conf
>>>>#</IfModule>
>>>>
>>>>   
>>>>
>>>>        
>>>>
>>######################################################################
>>    
>>
>>> 
>>>
>>>      
>>>
>>>>#
>>>># Redirect allows you to tell clients about
>>>>documents which used to exist in
>>>># your server's namespace, but do not anymore.
>>>>        
>>>>
>>This
>>    
>>
>>>>allows you to tell the
>>>># clients where to look for the relocated
>>>>        
>>>>
>>document.
>>    
>>
>>>># Example:
>>>># Redirect permanent /foo
>>>>        
>>>>
>>http://www.example.com/bar
>>    
>>
>>>>#
>>>># Directives controlling the display of
>>>>server-generated directory listings.
>>>>#
>>>>
>>>>#
>>>># FancyIndexing is whether you want fancy
>>>>        
>>>>
>>directory
>>    
>>
>>>>indexing or standard.
>>>># VersionSort is whether files containing version
>>>>numbers should be 
>>>># compared in the natural way, so that
>>>>`apache-1.3.9.tar' is placed before
>>>># `apache-1.3.12.tar'.
>>>>#
>>>>IndexOptions FancyIndexing VersionSort NameWidth=*
>>>>
>>>>#
>>>># AddIcon* directives tell the server which icon
>>>>        
>>>>
>>to
>>    
>>
>>>>show for different
>>>># files or filename extensions.  These are only
>>>>displayed for
>>>># FancyIndexed directories.
>>>>#
>>>>AddIconByEncoding (CMP,/icons/compressed.gif)
>>>>x-compress x-gzip
>>>>
>>>>AddIconByType (TXT,/icons/text.gif) text/*
>>>>AddIconByType (IMG,/icons/image2.gif) image/*
>>>>AddIconByType (SND,/icons/sound2.gif) audio/*
>>>>AddIconByType (VID,/icons/movie.gif) video/*
>>>>
>>>>AddIcon /icons/binary.gif .bin .exe
>>>>AddIcon /icons/binhex.gif .hqx
>>>>AddIcon /icons/tar.gif .tar
>>>>AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm
>>>>.iv
>>>>AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
>>>>AddIcon /icons/a.gif .ps .ai .eps
>>>>AddIcon /icons/layout.gif .html .shtml .htm .pdf
>>>>AddIcon /icons/text.gif .txt
>>>>AddIcon /icons/c.gif .c
>>>>AddIcon /icons/p.gif .pl .py
>>>>AddIcon /icons/f.gif .for
>>>>AddIcon /icons/dvi.gif .dvi
>>>>AddIcon /icons/uuencoded.gif .uu
>>>>AddIcon /icons/script.gif .conf .sh .shar .csh
>>>>        
>>>>
>>.ksh
>>    
>>
>>>>.tcl
>>>>AddIcon /icons/tex.gif .tex
>>>>AddIcon /icons/bomb.gif core
>>>>
>>>>AddIcon /icons/back.gif ..
>>>>AddIcon /icons/hand.right.gif README
>>>>AddIcon /icons/folder.gif ^^DIRECTORY^^
>>>>AddIcon /icons/blank.gif ^^BLANKICON^^
>>>>
>>>>#
>>>># DefaultIcon is which icon to show for files
>>>>        
>>>>
>>which
>>    
>>
>>>>do not have an icon
>>>># explicitly set.
>>>>#
>>>>DefaultIcon /icons/unknown.gif
>>>>
>>>>#
>>>># AddDescription allows you to place a short
>>>>description after a file in
>>>># server-generated indexes.  These are only
>>>>displayed for FancyIndexed
>>>># directories.
>>>># Format: AddDescription "description" filename
>>>>#
>>>>#AddDescription "GZIP compressed document" .gz
>>>>#AddDescription "tar archive" .tar
>>>>#AddDescription "GZIP compressed tar archive" .tgz
>>>>
>>>>#
>>>># ReadmeName is the name of the README file the
>>>>server will look for by
>>>># default, and append to directory listings.
>>>>#
>>>># HeaderName is the name of a file which should be
>>>>prepended to
>>>># directory indexes. 
>>>>ReadmeName README.html
>>>>HeaderName HEADER.html
>>>>
>>>>#
>>>># IndexIgnore is a set of filenames which
>>>>        
>>>>
>>directory
>>    
>>
>>>>indexing should ignore
>>>># and not include in the listing.  Shell-style
>>>>wildcarding is permitted.
>>>>#
>>>>IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v
>>>>*,t
>>>>
>>>>#
>>>># AddEncoding allows you to have certain browsers
>>>>(Mosaic/X 2.1+) uncompress
>>>># information on the fly. Note: Not all browsers
>>>>support this.
>>>># Despite the name similarity, the following Add*
>>>>directives have nothing
>>>># to do with the FancyIndexing customization
>>>>directives above.
>>>>#
>>>>AddEncoding x-compress Z
>>>>AddEncoding x-gzip gz tgz
>>>>
>>>>#
>>>># DefaultLanguage and AddLanguage allows you to
>>>>specify the language of 
>>>># a document. You can then use content negotiation
>>>>to give a browser a 
>>>># file in a language the user can understand.
>>>>#
>>>># Specify a default language. This means that all
>>>>data
>>>># going out without a specific language tag (see
>>>>below) will 
>>>># be marked with this one. You probably do NOT
>>>>        
>>>>
>>want
>>    
>>
>>>>to set
>>>># this unless you are sure it is correct for all
>>>>cases.
>>>>#
>>>># * It is generally better to not mark a page as 
>>>># * being a certain language than marking it with
>>>>the wrong
>>>># * language!
>>>>#
>>>># DefaultLanguage nl
>>>>#
>>>># Note 1: The suffix does not have to be the same
>>>>        
>>>>
>>as
>>    
>>
>>>>the language
>>>># keyword --- those with documents in Polish
>>>>        
>>>>
>>(whose
>>    
>>
>>>>net-standard
>>>># language code is pl) may wish to use
>>>>        
>>>>
>>"AddLanguage
>>    
>>
>>>>pl .po" to
>>>># avoid the ambiguity with the common suffix for
>>>>perl scripts.
>>>>#
>>>># Note 2: The example entries below illustrate
>>>>        
>>>>
>>that
>>    
>>
>>>>in some cases 
>>>># the two character 'Language' abbreviation is not
>>>>identical to 
>>>># the two character 'Country' code for its
>>>>        
>>>>
>>country,
>>    
>>
>>>># E.g. 'Danmark/dk' versus 'Danish/da'.
>>>>#
>>>># Note 3: In the case of 'ltz' we violate the RFC
>>>>        
>>>>
>>by
>>    
>>
>>>>using a three char
>>>># specifier. There is 'work in progress' to fix
>>>>        
>>>>
>>this
>>    
>>
>>>>and get
>>>># the reference data for rfc1766 cleaned up.
>>>>#
>>>># Danish (da) - Dutch (nl) - English (en) -
>>>>        
>>>>
>>Estonian
>>    
>>
>>>>(et)
>>>># French (fr) - German (de) - Greek-Modern (el)
>>>># Italian (it) - Norwegian (no) - Norwegian
>>>>        
>>>>
>>Nynorsk
>>    
>>
>>>>(nn) - Korean (kr) 
>>>># Portugese (pt) - Luxembourgeois* (ltz)
>>>># Spanish (es) - Swedish (sv) - Catalan (ca) -
>>>>Czech(cz)
>>>># Polish (pl) - Brazilian Portuguese (pt-br) -
>>>>Japanese (ja)
>>>># Russian (ru) - Croatian (hr)
>>>>#
>>>>AddLanguage da .dk
>>>>AddLanguage nl .nl
>>>>AddLanguage en .en
>>>>AddLanguage et .et
>>>>AddLanguage fr .fr
>>>>AddLanguage de .de
>>>>AddLanguage he .he
>>>>AddLanguage el .el
>>>>AddLanguage it .it
>>>>AddLanguage ja .ja
>>>>AddLanguage pl .po
>>>>AddLanguage kr .kr
>>>>AddLanguage pt .pt
>>>>AddLanguage nn .nn
>>>>AddLanguage no .no
>>>>AddLanguage pt-br .pt-br
>>>>AddLanguage ltz .ltz
>>>>AddLanguage ca .ca
>>>>AddLanguage es .es
>>>>AddLanguage sv .se
>>>>AddLanguage cz .cz
>>>>AddLanguage ru .ru
>>>>AddLanguage tw .tw
>>>>AddLanguage zh-tw .tw
>>>>AddLanguage hr .hr
>>>>
>>>>#
>>>># LanguagePriority allows you to give precedence
>>>>        
>>>>
>>to
>>    
>>
>>>>some languages
>>>># in case of a tie during content negotiation.
>>>>#
>>>># Just list the languages in decreasing order of
>>>>preference. We have
>>>># more or less alphabetized them here. You
>>>>        
>>>>
>>probably
>>    
>>
>>>>want to change this.
>>>>#
>>>>LanguagePriority en da nl et fr de el it ja kr no
>>>>        
>>>>
>>pl
>>    
>>
>>>>pt pt-br ltz ca es sv tw
>>>>
>>>>#
>>>># ForceLanguagePriority allows you to serve a
>>>>        
>>>>
>>result
>>    
>>
>>>>page rather than
>>>># MULTIPLE CHOICES (Prefer) [in case of a tie] or
>>>>NOT ACCEPTABLE (Fallback)
>>>># [in case no accepted languages matched the
>>>>available variants]
>>>>#
>>>>ForceLanguagePriority Prefer Fallback
>>>>
>>>>#
>>>># Specify a default charset for all pages sent
>>>>        
>>>>
>>out.
>>    
>>
>>>>This is
>>>># always a good idea and opens the door for future
>>>>internationalisation
>>>># of your web site, should you ever want it.
>>>>Specifying it as
>>>># a default does little harm; as the standard
>>>>dictates that a page
>>>># is in iso-8859-1 (latin1) unless specified
>>>>otherwise i.e. you
>>>># are merely stating the obvious. There are also
>>>>some security
>>>># reasons in browsers, related to javascript and
>>>>        
>>>>
>>URL
>>    
>>
>>>>parsing
>>>># which encourage you to always set a default char
>>>>set.
>>>>#
>>>>AddDefaultCharset ISO-8859-1
>>>>
>>>>#
>>>># Commonly used filename extensions to character
>>>>sets. You probably
>>>># want to avoid clashes with the language
>>>>extensions, unless you
>>>># are good at carefully testing your setup after
>>>>each change.
>>>># See
>>>>
>>>>   
>>>>
>>>>        
>>>>
>>ftp://ftp.isi.edu/in-notes/iana/assignments/character-sets
>>    
>>
>>> 
>>>
>>>      
>>>
>>>>for
>>>># the official list of charset names and their
>>>>respective RFCs
>>>>#
>>>>AddCharset ISO-8859-1  .iso8859-1  .latin1
>>>>AddCharset ISO-8859-2  .iso8859-2  .latin2 .cen
>>>>AddCharset ISO-8859-3  .iso8859-3  .latin3
>>>>AddCharset ISO-8859-4  .iso8859-4  .latin4
>>>>AddCharset ISO-8859-5  .iso8859-5  .latin5 .cyr
>>>>.iso-ru
>>>>AddCharset ISO-8859-6  .iso8859-6  .latin6 .arb
>>>>AddCharset ISO-8859-7  .iso8859-7  .latin7 .grk
>>>>AddCharset ISO-8859-8  .iso8859-8  .latin8 .heb
>>>>AddCharset ISO-8859-9  .iso8859-9  .latin9 .trk
>>>>AddCharset ISO-2022-JP .iso2022-jp .jis
>>>>AddCharset ISO-2022-KR .iso2022-kr .kis
>>>>AddCharset ISO-2022-CN .iso2022-cn .cis
>>>>AddCharset Big5        .Big5       .big5
>>>># For russian, more than one charset is used
>>>>(depends on client, mostly):
>>>>AddCharset WINDOWS-1251 .cp-1251   .win-1251
>>>>AddCharset CP866       .cp866
>>>>AddCharset KOI8-r      .koi8-r .koi8-ru
>>>>AddCharset KOI8-ru     .koi8-uk .ua
>>>>AddCharset ISO-10646-UCS-2 .ucs2
>>>>AddCharset ISO-10646-UCS-4 .ucs4
>>>>AddCharset UTF-8       .utf8
>>>>
>>>># The set below does not map to a specific (iso)
>>>>standard
>>>># but works on a fairly wide range of browsers.
>>>>        
>>>>
>>Note
>>    
>>
>>>>that
>>>># capitalization actually matters (it should not,
>>>>but it
>>>># does for some browsers).
>>>>#
>>>># See
>>>>
>>>>   
>>>>
>>>>        
>>>>
>>ftp://ftp.isi.edu/in-notes/iana/assignments/character-sets
>>    
>>
>>> 
>>>
>>>      
>>>
>>>># for a list of sorts. But browsers support few.
>>>>#
>>>>AddCharset GB2312      .gb2312 .gb
>>>>AddCharset utf-7       .utf7
>>>>AddCharset utf-8       .utf8
>>>>AddCharset big5        .big5 .b5
>>>>AddCharset EUC-TW      .euc-tw
>>>>AddCharset EUC-JP      .euc-jp
>>>>AddCharset EUC-KR      .euc-kr
>>>>AddCharset shift_jis   .sjis
>>>>
>>>>#
>>>># AddType allows you to add to or override the
>>>>        
>>>>
>>MIME
>>    
>>
>>>>configuration
>>>># file mime.types for specific file types.
>>>>#
>>>>AddType application/x-tar .tgz
>>>>#Nina added this line
>>>>AddType text/html .shtml
>>>>
>>>>#
>>>># AddHandler allows you to map certain file
>>>>extensions to "handlers":
>>>># actions unrelated to filetype. These can be
>>>>        
>>>>
>>either
>>    
>>
>>>>built into the server
>>>># or added with the Action directive (see below)
>>>>#
>>>># To use CGI scripts outside of ScriptAliased
>>>>directories:
>>>># (You will also need to add "ExecCGI" to the
>>>>"Options" directive.)
>>>>#
>>>>#AddHandler cgi-script .cgi
>>>>
>>>>#
>>>># For files that include their own HTTP headers:
>>>>#
>>>>#AddHandler send-as-is asis
>>>>
>>>>#
>>>># For server-parsed imagemap files:
>>>>#
>>>>AddHandler imap-file map
>>>>
>>>>#
>>>># For type maps (negotiated resources):
>>>># (This is enabled by default to allow the Apache
>>>>"It Worked" page
>>>>#  to be distributed in multiple languages.)
>>>>#
>>>>AddHandler type-map var
>>>>
>>>># Filters allow you to process content before it
>>>>        
>>>>
>>is
>>    
>>
>>>>sent to the client.
>>>>#
>>>># To parse .shtml files for server-side includes
>>>>(SSI):
>>>># (You will also need to add "Includes" to the
>>>>"Options" directive.)
>>>>#
>>>>AddOutputFilter INCLUDES .shtml
>>>>
>>>>#
>>>># Action lets you define media types that will
>>>>execute a script whenever
>>>># a matching file is called. This eliminates the
>>>>need for repeated URL
>>>># pathnames for oft-used CGI file processors.
>>>># Format: Action media/type /cgi-script/location
>>>># Format: Action handler-name /cgi-script/location
>>>>#
>>>>
>>>>#
>>>># Customizable error responses come in three
>>>>flavors:
>>>># 1) plain text 2) local redirects 3) external
>>>>redirects
>>>>#
>>>># Some examples:
>>>>#ErrorDocument 500 "The server made a boo boo."
>>>>#ErrorDocument 404 /missing.html
>>>>#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
>>>>#ErrorDocument 402
>>>>http://www.example.com/subscription_info.html
>>>>#
>>>>
>>>>
>>>>Alias /error/ "/var/www/error/"
>>>>
>>>>#
>>>># The following directives modify normal HTTP
>>>>response behavior to
>>>># handle known problems with browser
>>>>implementations.
>>>>#
>>>>BrowserMatch "Mozilla/2" nokeepalive
>>>>BrowserMatch "MSIE 4\.0b2;" nokeepalive
>>>>downgrade-1.0 force-response-1.0
>>>>BrowserMatch "RealPlayer 4\.0" force-response-1.0
>>>>BrowserMatch "Java/1\.0" force-response-1.0
>>>>BrowserMatch "JDK/1\.0" force-response-1.0
>>>>
>>>>#
>>>># The following directive disables redirects on
>>>>non-GET requests for
>>>># a directory that does not include the trailing
>>>>slash.  This fixes a 
>>>># problem with Microsoft WebFolders which does not
>>>>appropriately handle 
>>>># redirects for folders with DAV methods.
>>>>#
>>>>BrowserMatch "Microsoft Data Access Internet
>>>>Publishing Provider" redirect-carefully
>>>>BrowserMatch "^WebDrive" redirect-carefully
>>>>BrowserMatch "^WebDAVFS/1.[012]"
>>>>        
>>>>
>>redirect-carefully
>>    
>>
>>>>BrowserMatch "^gnome-vfs" redirect-carefully
>>>>
>>>>#
>>>># Allow server status reports, with the URL of
>>>>http://servername/server-status
>>>># Change the ".your-domain.com" to match your
>>>>        
>>>>
>>domain
>>    
>>
>>>>to enable.
>>>>#
>>>>#<Location /server-status>
>>>>#    SetHandler server-status
>>>>#    Order deny,allow
>>>>#    Deny from all
>>>>#    Allow from .your-domain.com
>>>>#</Location>
>>>>
>>>>#
>>>># Allow remote server configuration reports, with
>>>>the URL of
>>>>#  http://servername/server-info (requires that
>>>>mod_info.c be loaded).
>>>># Change the ".your-domain.com" to match your
>>>>        
>>>>
>>domain
>>    
>>
>>>>to enable.
>>>>#
>>>>#<Location /server-info>
>>>>#    SetHandler server-info
>>>>#    Order deny,allow
>>>>#    Deny from all
>>>>#    Allow from .your-domain.com
>>>>#</Location>
>>>>
>>>># Nina added this in for svn server
>>>># Repository location
>>>><Location /svn1>
>>>>	DAV svn
>>>>	SVNParentPath /svn1
>>>>	
>>>>	# access control policy
>>>>	AuthzSVNAccessFile /etc/svn-access-file
>>>>	# how to authenticate a user
>>>>	AuthType Basic
>>>>	AuthName "Subversion repository"
>>>>	AuthUserFile /etc/svn-auth-file
>>>>	
>>>>	# only authenticated users may access the
>>>>repository
>>>>	Require valid-user
>>>></Location>
>>>>
>>>># Proxy Server directives. Uncomment the following
>>>>lines to
>>>># enable the proxy server:
>>>>#
>>>>#<IfModule mod_proxy.c>
>>>>#ProxyRequests On
>>>>#
>>>>#<Proxy *>
>>>>#    Order deny,allow
>>>>#    Deny from all
>>>>#    Allow from .your-domain.com
>>>>#</Proxy>
>>>>
>>>>#
>>>># Enable/disable the handling of HTTP/1.1 "Via:"
>>>>headers.
>>>># ("Full" adds the server version; "Block" removes
>>>>all outgoing Via: headers)
>>>># Set to one of: Off | On | Full | Block
>>>>#
>>>>#ProxyVia On
>>>>
>>>>#
>>>># To enable the cache as well, edit and uncomment
>>>>the following lines:
>>>># (no cacheing without CacheRoot)
>>>>#
>>>>#CacheRoot "/etc/httpd/proxy"
>>>>#CacheSize 5
>>>>#CacheGcInterval 4
>>>>#CacheMaxExpire 24
>>>>#CacheLastModifiedFactor 0.1
>>>>#CacheDefaultExpire 1
>>>>#NoCache a-domain.com another-domain.edu
>>>>joes.garage-sale.com
>>>>
>>>>#</IfModule>
>>>># End of proxy directives.
>>>>
>>>>### Section 3: Virtual Hosts
>>>>#
>>>># VirtualHost: If you want to maintain multiple
>>>>domains/hostnames on your
>>>># machine you can setup VirtualHost containers for
>>>>them. Most configurations
>>>># use only name-based virtual hosts so the server
>>>>doesn't need to worry about
>>>># IP addresses. This is indicated by the asterisks
>>>>in the directives below.
>>>>#
>>>># Please see the documentation at 
>>>># <URL:http://httpd.apache.org/docs-2.0/vhosts/>
>>>># for further details before you try to setup
>>>>virtual hosts.
>>>>#
>>>># You may use the command line option '-S' to
>>>>        
>>>>
>>verify
>>    
>>
>>>>your virtual host
>>>># configuration.
>>>>
>>>>#
>>>># Use name-based virtual hosting.
>>>>#
>>>>
>>>>
>>>># Where do we put the lock and pif files?
>>>>LockFile "/var/lock/httpd.lock"
>>>>CoreDumpDirectory "/etc/httpd"
>>>>
>>>># Defaults for virtual hosts
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>># Logs
>>>>
>>>>
>>>>
>>>>     
>>>>       
>>>>       
>>>>       
>>>>       
>>>>       
>>>>       
>>>>       
>>>>       
>>>>       
>>>>       
>>>>       
>>>>       
>>>>       
>>>>       
>>>>       
>>>>       
>>>>       
>>>>       
>>>>       
>>>>       
>>>>       
>>>>       
>>>>       
>>>>         
>>>>           
>>>>           
>>>>           
>>>>         
>>>>       
>>>>         
>>>>       
>>>>      
>>>>#
>>>># Virtual hosts
>>>>#
>>>>
>>>># Virtual host Default Virtual Host
>>>><VirtualHost *>
>>>>	
>>>>	
>>>>	
>>>>	
>>>>	
>>>>
>>>>	
>>>>	
>>>>	DirectoryIndex index.php index.html index.htm
>>>>index.shtml 
>>>>	
>>>>	
>>>>
>>>>	
>>>>	
>>>>	
>>>>	LogLevel debug
>>>>	HostNameLookups off
>>>>	
>>>>	
>>>>	
>>>>
>>>></VirtualHost>
>>>>
>>>>
>>>>     
>>>>#
>>>># Each directory to which Apache has access can be
>>>>configured with respect
>>>># to which services and features are allowed
>>>>        
>>>>
>>and/or
>>    
>>
>>>>disabled in that
>>>># directory (and its subdirectories). 
>>>>#
>>>># Note that from this point forward you must
>>>>specifically allow
>>>># particular features to be enabled - so if
>>>>something's not working as
>>>># you might expect, make sure that you have
>>>>specifically enabled it
>>>># below.
>>>>#
>>>>
>>>><Directory "/">
>>>>       Options FollowSymLinks
>>>>       
>>>>       AllowOverride None
>>>>       
>>>>       
>>>>       
>>>></Directory>
>>>>
>>>><Directory "/var/www/html">
>>>>       Options Indexes Includes FollowSymLinks 
>>>>       
>>>>       AllowOverride None
>>>>       Allow from all
>>>>
>>>>       
>>>>       Order allow,deny
>>>></Directory>
>>>>
>>>><Directory "/var/www/icons">
>>>>       Options Indexes MultiViews
>>>>       
>>>>       AllowOverride None
>>>>       Allow from all
>>>>
>>>>       
>>>>       Order allow,deny
>>>></Directory>
>>>>
>>>><Directory "/var/www/cgi-bin">
>>>>       Options ExecCGI
>>>>       
>>>>       AllowOverride None
>>>>       Allow from all
>>>>
>>>>       
>>>>       Order allow,deny
>>>></Directory>
>>>>
>>>>
>>>>     
>>>>   
>>>> 
>>>>
>>>>   
>>>>
>>>>        
>>>>
>>---------------------------------------------------------------------
>>    
>>
>>> 
>>>
>>>      
>>>
>>>>The official User-To-User support forum of the
>>>>Apache HTTP Server Project.
>>>>See <URL:http://httpd.apache.org/userslist.html>
>>>>        
>>>>
>>for
>>    
>>
>>>>more info.
>>>>To unsubscribe, e-mail:
>>>>users-unsubscribe@httpd.apache.org
>>>>  "   from the digest:
>>>>users-digest-unsubscribe@httpd.apache.org
>>>>For additional commands, e-mail:
>>>>   
>>>>
>>>>        
>>>>
>>>users-help@httpd.apache.org
>>>
>>>
>>>
>>>		
>>>__________________________________
>>>Do you Yahoo!?
>>>Yahoo! Mail Address AutoComplete - You start. We
>>>      
>>>
>>finish.
>>    
>>
>>>http://promotions.yahoo.com/new_mail 
>>>
>>>      
>>>
>>---------------------------------------------------------------------
>>    
>>
>>>The official User-To-User support forum of the
>>>      
>>>
>>Apache HTTP Server Project.
>>    
>>
>>>See <URL:http://httpd.apache.org/userslist.html>
>>>      
>>>
>>for more info.
>>    
>>
>>>To unsubscribe, e-mail:
>>>      
>>>
>>users-unsubscribe@httpd.apache.org
>>    
>>
>>>  "   from the digest:
>>>      
>>>
>>users-digest-unsubscribe@httpd.apache.org
>>    
>>
>>>For additional commands, e-mail:
>>>      
>>>
>>users-help@httpd.apache.org
>>    
>>
>>> 
>>>
>>>#
>>>      
>>>
>># This is the Apache server configuration file
>>providing SSL support.
>># It contains the configuration directives to
>>instruct the server how to
>># serve pages over an https connection. For
>>detailing information about these 
>># directives see
>>
>>    
>>
><URL:http://httpd.apache.org/docs-2.0/mod/mod_ssl.html>
>  
>
>># 
>># Do NOT simply read the instructions in here
>>without understanding
>># what they do.  They're here only as hints or
>>reminders.  If you are unsure
>># consult the online docs. You have been warned.  
>>#
>>
>>LoadModule ssl_module modules/mod_ssl.so
>>
>>#   Until documentation is completed, please check
>>http://www.modssl.org/
>>#   for additional config examples and module
>>docmentation.  Directives
>>#   and features of mod_ssl are largely unchanged
>>from the mod_ssl project
>>#   for Apache 1.3.
>>
>>#
>># When we also provide SSL we have to listen to the 
>># standard HTTP port (see above) and to the HTTPS
>>port
>>#
>>#Nina commented this line out
>>#Listen 4443
>>
>>##
>>##  SSL Global Context
>>##
>>##  All SSL configuration in this context applies
>>both to
>>##  the main server and all SSL-enabled virtual
>>hosts.
>>##
>>
>>#
>>#   Some MIME-types for downloading Certificates and
>>CRLs
>>#
>>AddType application/x-x509-ca-cert .crt
>>AddType application/x-pkcs7-crl    .crl
>>
>>#   Pass Phrase Dialog:
>>#   Configure the pass phrase gathering process.
>>#   The filtering dialog program (`builtin' is a
>>internal
>>#   terminal dialog) has to provide the pass phrase
>>on stdout.
>>SSLPassPhraseDialog  builtin
>>
>>#   Inter-Process Session Cache:
>>#   Configure the SSL Session Cache: First the
>>mechanism 
>>#   to use and second the expiring timeout (in
>>seconds).
>>#SSLSessionCache        none
>>#SSLSessionCache       
>>dbm:/var/cache/mod_ssl/scache(512000)
>>#SSLSessionCache       
>>dc:UNIX/var/cache/mod_ssl/distcache
>>SSLSessionCache        
>>shmcb:/var/cache/mod_ssl/scache(512000)
>>SSLSessionCacheTimeout  300
>>
>>#   Semaphore:
>>#   Configure the path to the mutual exclusion
>>semaphore the
>>#   SSL engine uses internally for inter-process
>>synchronization. 
>>SSLMutex default
>>
>>#   Pseudo Random Number Generator (PRNG):
>>#   Configure one or more sources to seed the PRNG
>>of the 
>>#   SSL library. The seed data should be of good
>>random quality.
>>#   WARNING! On some platforms /dev/random blocks if
>>not enough entropy
>>#   is available. This means you then cannot use the
>>/dev/random device
>>#   because it would lead to very long connection
>>times (as long as
>>#   it requires to make more entropy available). But
>>usually those
>>#   platforms additionally provide a /dev/urandom
>>device which doesn't
>>#   block. So, if available, use this one instead.
>>Read the mod_ssl User
>>#   Manual for more details.
>>SSLRandomSeed startup file:/dev/urandom  256
>>SSLRandomSeed connect builtin
>>#SSLRandomSeed startup file:/dev/random  512
>>#SSLRandomSeed connect file:/dev/random  512
>>#SSLRandomSeed connect file:/dev/urandom 512
>>
>>#
>># Use "SSLCryptoDevice" to enable any supported
>>hardware
>># accelerators. Use "openssl engine -v" to list
>>supported
>># engine names.  NOTE: If you enable an accelerator
>>and the
>># server does not start, consult the error logs and
>>ensure
>># your accelerator is functioning properly. 
>>#
>>SSLCryptoDevice builtin
>>#SSLCryptoDevice ubsec
>>
>>##
>>## SSL Virtual Host Context
>>##
>>
>>NameVirtualHost 66.80.7.162:4443
>>
>>#<VirtualHost _default_:4443>
>><VirtualHost 66.80.7.162:4443>
>>
>># General setup for the virtual host, inherited from
>>global configuration
>>DocumentRoot "/var/www/html"
>>ServerName gibbons.com
>>
>># Use separate log files for the SSL virtual host;
>>note that LogLevel
>># is not inherited from httpd.conf.
>>ErrorLog logs/ssl_error_log
>>TransferLog logs/ssl_access_log
>>LogLevel warn
>>
>>#   SSL Engine Switch:
>>#   Enable/Disable SSL for this virtual host.
>>SSLEngine on
>>
>>#   SSL Cipher Suite:
>>#   List the ciphers that the client is permitted to
>>negotiate.
>>#   See the mod_ssl documentation for a complete
>>list.
>>SSLCipherSuite
>>
>>    
>>
>ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
>  
>
>>#   Server Certificate:
>>#   Point SSLCertificateFile at a PEM encoded
>>certificate.  If
>>#   the certificate is encrypted, then you will be
>>prompted for a
>>#   pass phrase.  Note that a kill -HUP will prompt
>>again. A test
>>#   certificate can be generated with `make
>>certificate' under
>>#   built time. Keep in mind that if you've both a
>>RSA and a DSA
>>#   certificate you can configure both in parallel
>>(to also allow
>>#   the use of DSA ciphers, etc.)
>>SSLCertificateFile
>>/etc/httpd/conf/ssl.crt/server.crt
>>#SSLCertificateFile
>>/etc/httpd/conf/ssl.crt/server-dsa.crt
>>
>>#   Server Private Key:
>>#   If the key is not combined with the certificate,
>>use this
>>#   directive to point at the key file.  Keep in
>>mind that if
>>#   you've both a RSA and a DSA private key you can
>>configure
>>#   both in parallel (to also allow the use of DSA
>>ciphers, etc.)
>>SSLCertificateKeyFile
>>/etc/httpd/conf/ssl.key/server.key
>>#SSLCertificateKeyFile
>>/etc/httpd/conf/ssl.key/server-dsa.key
>>
>>#   Server Certificate Chain:
>>#   Point SSLCertificateChainFile at a file
>>containing the
>>#   concatenation of PEM encoded CA certificates
>>which form the
>>#   certificate chain for the server certificate.
>>Alternatively
>>#   the referenced file can be the same as
>>SSLCertificateFile
>>#   when the CA certificates are directly appended
>>to the server
>>#   certificate for convinience.
>>#SSLCertificateChainFile
>>/etc/httpd/conf/ssl.crt/ca.crt
>>
>>#   Certificate Authority (CA):
>>#   Set the CA certificate verification path where
>>to find CA
>>#   certificates for client authentication or
>>alternatively one
>>#   huge file containing all of them (file must be
>>PEM encoded)
>>#   Note: Inside SSLCACertificatePath you need hash
>>symlinks
>>#         to point to the certificate files. Use the
>>provided
>>#         Makefile to update the hash symlinks after
>>changes.
>>#SSLCACertificatePath /etc/httpd/conf/ssl.crt
>>#SSLCACertificateFile
>>/usr/share/ssl/certs/ca-bundle.crt
>>
>>#   Certificate Revocation Lists (CRL):
>>#   Set the CA revocation path where to find CA CRLs
>>for client
>>#   authentication or alternatively one huge file
>>containing all
>>#   of them (file must be PEM encoded)
>>#   Note: Inside SSLCARevocationPath you need hash
>>symlinks
>>#         to point to the certificate files. Use the
>>provided
>>#         Makefile to update the hash symlinks after
>>changes.
>>#SSLCARevocationPath /etc/httpd/conf/ssl.crl
>>#SSLCARevocationFile
>>/etc/httpd/conf/ssl.crl/ca-bundle.crl
>>
>>#   Client Authentication (Type):
>>#   Client certificate verification type and depth. 
>>Types are
>>#   none, optional, require and optional_no_ca. 
>>Depth is a
>>#   number which specifies how deeply to verify the
>>certificate
>>#   issuer chain before deciding the certificate is
>>not valid.
>>#SSLVerifyClient require
>>#SSLVerifyDepth  10
>>
>>#   Access Control:
>>#   With SSLRequire you can do per-directory access
>>control based
>>#   on arbitrary complex boolean expressions
>>containing server
>>#   variable checks and other lookup directives. 
>>The syntax is a
>>#   mixture between C and Perl.  See the mod_ssl
>>documentation
>>#   for more details.
>>#<Location />
>>#SSLRequire (    %{SSL_CIPHER} !~ m/^(EXP|NULL)/ \
>>#            and %{SSL_CLIENT_S_DN_O} eq "Snake Oil,
>>Ltd." \
>>#            and %{SSL_CLIENT_S_DN_OU} in {"Staff",
>>"CA", "Dev"} \
>>#            and %{TIME_WDAY} >= 1 and %{TIME_WDAY}
>><= 5 \
>>#            and %{TIME_HOUR} >= 8 and %{TIME_HOUR}
>><= 20       ) \
>>#           or %{REMOTE_ADDR} =~
>>m/^192\.76\.162\.[0-9]+$/
>>#</Location>
>>
>>#   SSL Engine Options:
>>#   Set various options for the SSL engine.
>>#   o FakeBasicAuth:
>>#     Translate the client X.509 into a Basic
>>Authorisation.  This means that
>>#     the standard Auth/DBMAuth methods can be used
>>for access control.  The
>>#     user name is the `one line' version of the
>>client's X.509 certificate.
>>#     Note that no password is obtained from the
>>user. Every entry in the user
>>#     file needs this password: `xxj31ZMTZzkVA'.
>>#   o ExportCertData:
>>#     This exports two additional environment
>>variables: SSL_CLIENT_CERT and
>>#     SSL_SERVER_CERT. These contain the PEM-encoded
>>certificates of the
>>#     server (always existing) and the client (only
>>existing when client
>>#     authentication is used). This can be used to
>>import the certificates
>>#     into CGI scripts.
>>#   o StdEnvVars:
>>#     This exports the standard SSL/TLS related
>>`SSL_*' environment variables.
>>#     Per default this exportation is switched off
>>for performance reasons,
>>#     because the extraction step is an expensive
>>operation and is usually
>>#     useless for serving static content. So one
>>usually enables the
>>#     exportation for CGI and SSI requests only.
>>#   o StrictRequire:
>>#     This denies access when "SSLRequireSSL" or
>>"SSLRequire" applied even
>>#     under a "Satisfy any" situation, i.e. when it
>>applies access is denied
>>#     and no other module can change it.
>>#   o OptRenegotiate:
>>#     This enables optimized SSL connection
>>renegotiation handling when SSL
>>#     directives are used in per-directory context. 
>>#SSLOptions +FakeBasicAuth +ExportCertData
>>+CompatEnvVars +StrictRequire
>><Files ~ "\.(cgi|shtml|phtml|php3?)$">
>>    SSLOptions +StdEnvVars
>></Files>
>><Directory "/var/www/cgi-bin">
>>    SSLOptions +StdEnvVars
>></Directory>
>>
>>#   SSL Protocol Adjustments:
>>#   The safe and default but still SSL/TLS standard
>>compliant shutdown
>>#   approach is that mod_ssl sends the close notify
>>alert but doesn't wait for
>>#   the close notify alert from client. When you
>>need a different shutdown
>>#   approach you can use one of the following
>>variables:
>>#   o ssl-unclean-shutdown:
>>#     This forces an unclean shutdown when the
>>connection is closed, i.e. no
>>#     SSL close notify alert is send or allowed to
>>received.  This violates
>>#     the SSL/TLS standard but is needed for some
>>brain-dead browsers. Use
>>#     this when you receive I/O errors because of
>>the standard approach where
>>#     mod_ssl sends the close notify alert.
>>#   o ssl-accurate-shutdown:
>>#     This forces an accurate shutdown when the
>>connection is closed, i.e. a
>>#     SSL close notify alert is send and mod_ssl
>>waits for the close notify
>>#     alert of the client. This is 100% SSL/TLS
>>standard compliant, but in
>>#     practice often causes hanging connections with
>>brain-dead browsers. Use
>>#     this only for browsers where you know that
>>their SSL implementation
>>#     works correctly. 
>>#   Notice: Most problems of broken clients are also
>>related to the HTTP
>>#   keep-alive facility, so you usually additionally
>>want to disable
>>#   keep-alive for those clients, too. Use variable
>>"nokeepalive" for this.
>>#   Similarly, one has to force some clients to use
>>HTTP/1.0 to workaround
>>#   their broken HTTP/1.1 implementation. Use
>>variables "downgrade-1.0" and
>>#   "force-response-1.0" for this.
>>SetEnvIf User-Agent ".*MSIE.*" \
>>         nokeepalive ssl-unclean-shutdown \
>>         downgrade-1.0 force-response-1.0
>>
>>#   Per-Server Logging:
>>#   The home of a custom SSL log file. Use this when
>>you want a
>>#   compact non-error SSL logfile on a virtual host
>>basis.
>>CustomLog logs/ssl_request_log \
>>          "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x
>>\"%r\" %b"
>>
>></VirtualHost>                                  
>>
>>    
>>
>>>#
>>>      
>>>
>># Based upon the NCSA server configuration files
>>originally by Rob McCool.
>>#
>># This is the main Apache server configuration file.
>> It contains the
>># configuration directives that give the server its
>>instructions.
>># See URL:http://httpd.apache.org/docs-2.0/ for
>>detailed information about
>># the directives.
>>#
>># Do NOT simply read the instructions in here
>>without understanding
>># what they do.  They're here only as hints or
>>reminders.  If you are unsure
>># consult the online docs. You have been warned.  
>>#
>># The configuration directives are grouped into
>>three basic sections:
>>#  1. Directives that control the operation of the
>>Apache server process as a
>>#     whole (the 'global environment').
>>#  2. Directives that define the parameters of the
>>'main' or 'default' server,
>>#     which responds to requests that aren't handled
>>by a virtual host.
>>#     These directives also provide default values
>>for the settings
>>#     of all virtual hosts.
>>#  3. Settings for virtual hosts, which allow Web
>>requests to be sent to
>>#     different IP addresses or hostnames and have
>>them handled by the
>>#     same Apache server process.
>>#
>># Configuration and logfile names: If the filenames
>>you specify for many
>># of the server's control files begin with "/" (or
>>"drive:/" for Win32), the
>># server will use that explicit path.  If the
>>filenames do *not* begin
>># with "/", the value of ServerRoot is prepended --
>>so "logs/foo.log"
>># with ServerRoot set to "/etc/httpd" will be
>>interpreted by the
>># server as "/etc/httpd/logs/foo.log".
>>#
>>
>>### Section 1: Global Environment
>>#
>># The directives in this section affect the overall
>>operation of Apache,
>># such as the number of concurrent requests it can
>>handle or where it
>># can find its configuration files.
>>#
>>
>>#
>># Don't give away too much information about all the
>>subcomponents
>># we are running.  Comment out this line if you
>>don't mind remote sites
>># finding out what major optional modules you are
>>running
>>ServerTokens OS
>>
>>#
>># ServerRoot: The top of the directory tree under
>>which the server's
>># configuration, error, and log files are kept.
>>#
>># NOTE!  If you intend to place this on an NFS (or
>>otherwise network)
>># mounted filesystem then please read the LockFile
>>documentation
>># (available at
>>
>>    
>>
><URL:http://httpd.apache.org/docs-2.0/mod/core.html#lockfile>);
>  
>
>># you will save yourself a lot of trouble.
>>#
>># Do NOT add a slash at the end of the directory
>>path.
>>#
>>ServerRoot "/etc/httpd"
>>
>>#
>># ScoreBoardFile: File used to store internal server
>>process information.
>># If unspecified (the default), the scoreboard will
>>be stored in an
>># anonymous shared memory segment, and will be
>>unavailable to third-party
>># applications.
>># If specified, ensure that no two invocations of
>>Apache share the same
>># scoreboard file. The scoreboard file MUST BE
>>STORED ON A LOCAL DISK.
>>#
>>#ScoreBoardFile run/httpd.scoreboard
>>
>>#
>># PidFile: The file in which the server should
>>record its process
>># identification number when it starts.
>>#
>>PidFile "/var/run/httpd.pid"
>>
>>#
>># Timeout: The number of seconds before receives and
>>sends time out.
>>#
>>TimeOut 300
>>
>>#
>># KeepAlive: Whether or not to allow persistent
>>connections (more than
>># one request per connection). Set to "Off" to
>>deactivate.
>>#
>>KeepAlive true
>>
>>#
>># MaxKeepAliveRequests: The maximum number of
>>requests to allow
>># during a persistent connection. Set to 0 to allow
>>an unlimited amount.
>># We recommend you leave this number high, for
>>maximum performance.
>>#
>>MaxKeepAliveRequests 100
>>
>>#
>># KeepAliveTimeout: Number of seconds to wait for
>>the next request from the
>># same client on the same connection.
>>#
>>KeepAliveTimeout 15
>>
>>##
>>## Server-Pool Size Regulation (MPM specific)
>>## 
>>
>># prefork MPM
>># StartServers: number of server processes to start
>># MinSpareServers: minimum number of server
>>processes which are kept spare
>># MaxSpareServers: maximum number of server
>>processes which are kept spare
>># MaxClients: maximum number of server processes
>>allowed to start
>># MaxRequestsPerChild: maximum number of requests a
>>server process serves
>><IfModule prefork.c>
>>StartServers 8
>>MinSpareServers 5
>>MaxSpareServers 20
>>MaxClients 150
>>MaxRequestsPerChild 100
>></IfModule>
>>
>># worker MPM
>># StartServers: initial number of server processes
>>to start
>># MaxClients: maximum number of simultaneous client
>>connections
>># MinSpareThreads: minimum number of worker threads
>>which are kept spare
>># MaxSpareThreads: maximum number of worker threads
>>which are kept spare
>># ThreadsPerChild: constant number of worker threads
>>in each server process
>># MaxRequestsPerChild: maximum number of requests a
>>server process serves
>><IfModule worker.c>
>>StartServers         2
>>MaxClients         150
>>MinSpareThreads     25
>>MaxSpareThreads     75
>>ThreadsPerChild     25 
>>MaxRequestsPerChild  0
>></IfModule>
>>
>>#
>># Listen: Allows you to bind Apache to specific IP
>>addresses and/or
>># ports, in addition to the default. See also the
>><VirtualHost>
>># directive.
>>#
>># Change this to Listen on specific IP addresses as
>>shown below to 
>># prevent Apache from glomming onto all bound IP
>>addresses (0.0.0.0)
>>#
>>#Listen 12.34.56.78:80
>>Listen *:80
>>
>>
>>#
>># Dynamic Shared Object (DSO) Support
>>#
>># To be able to use the functionality of a module
>>which was built as a DSO you
>># have to place corresponding `LoadModule' lines at
>>this location so the
>># directives contained in it are actually available
>>_before_ they are used.
>># Statically compiled modules (those listed by
>>`httpd -l') do not need
>># to be loaded here.
>>#
>># Example:
>># LoadModule foo_module modules/mod_foo.so
>>#
>>LoadModule access_module modules/mod_access.so
>>LoadModule auth_module modules/mod_auth.so
>>LoadModule auth_anon_module modules/mod_auth_anon.so
>>LoadModule auth_dbm_module modules/mod_auth_dbm.so
>>LoadModule auth_digest_module
>>modules/mod_auth_digest.so
>>LoadModule ldap_module modules/mod_ldap.so
>>LoadModule auth_ldap_module modules/mod_auth_ldap.so
>>LoadModule include_module modules/mod_include.so
>>LoadModule log_config_module
>>modules/mod_log_config.so
>>LoadModule env_module modules/mod_env.so
>>LoadModule mime_magic_module
>>modules/mod_mime_magic.so
>>LoadModule cern_meta_module modules/mod_cern_meta.so
>>LoadModule expires_module modules/mod_expires.so
>>LoadModule deflate_module modules/mod_deflate.so
>>LoadModule headers_module modules/mod_headers.so
>>LoadModule usertrack_module modules/mod_usertrack.so
>>LoadModule unique_id_module modules/mod_unique_id.so
>>LoadModule setenvif_module modules/mod_setenvif.so
>>LoadModule mime_module modules/mod_mime.so
>>LoadModule dav_module modules/mod_dav.so
>>#Nina added these in for svn server
>>#
>>LoadModule dav_svn_module modules/mod_dav_svn.so
>>LoadModule authz_svn_module modules/mod_authz_svn.so
>>#
>>LoadModule status_module modules/mod_status.so
>>LoadModule autoindex_module modules/mod_autoindex.so
>>LoadModule asis_module modules/mod_asis.so
>>LoadModule info_module modules/mod_info.so
>>LoadModule dav_fs_module modules/mod_dav_fs.so
>>LoadModule vhost_alias_module
>>modules/mod_vhost_alias.so
>>LoadModule negotiation_module
>>modules/mod_negotiation.so
>>LoadModule dir_module modules/mod_dir.so
>>LoadModule imap_module modules/mod_imap.so
>>LoadModule actions_module modules/mod_actions.so
>>LoadModule speling_module modules/mod_speling.so
>>LoadModule userdir_module modules/mod_userdir.so
>>LoadModule alias_module modules/mod_alias.so
>>LoadModule rewrite_module modules/mod_rewrite.so
>>LoadModule proxy_module modules/mod_proxy.so
>>LoadModule proxy_ftp_module modules/mod_proxy_ftp.so
>>LoadModule proxy_http_module
>>modules/mod_proxy_http.so
>>LoadModule proxy_connect_module
>>modules/mod_proxy_connect.so
>>LoadModule cache_module modules/mod_cache.so
>>LoadModule suexec_module modules/mod_suexec.so
>>LoadModule disk_cache_module
>>modules/mod_disk_cache.so
>>LoadModule file_cache_module
>>modules/mod_file_cache.so
>>LoadModule mem_cache_module modules/mod_mem_cache.so
>>LoadModule cgi_module modules/mod_cgi.so
>>
>>#
>># Load config files from the config directory
>>"/etc/httpd/conf.d".
>>#
>>Include conf.d/*.conf
>>
>>#
>># ExtendedStatus controls whether Apache will
>>generate "full" status
>># information (ExtendedStatus On) or just basic
>>information (ExtendedStatus
>># Off) when the "server-status" handler is called.
>>The default is Off.
>>#
>>#ExtendedStatus On
>>
>>### Section 2: 'Main' server configuration
>>#
>># The directives in this section set up the values
>>used by the 'main'
>># server, which responds to any requests that aren't
>>handled by a
>># <VirtualHost> definition.  These values also
>>provide defaults for
>># any <VirtualHost> containers you may define later
>>in the file.
>>#
>># All of these directives may appear inside
>><VirtualHost> containers,
>># in which case these default settings will be
>>overridden for the
>># virtual host being defined.
>>#
>>
>>#
>># If you wish httpd to run as a different user or
>>group, you must run
>># httpd as root initially and it will switch.  
>>#
>># User/Group: The name (or #number) of the
>>user/group to run httpd as.
>>#  . On SCO (ODT 3) use "User nouser" and "Group
>>nogroup".
>>#  . On HPUX you may not be able to use shared
>>memory as nobody, and the
>>#    suggested workaround is to create a user www
>>and use that user.
>>#  NOTE that some kernels refuse to setgid(Group) or
>>semctl(IPC_SET)
>>#  when the value of (unsigned)Group is above 60000;
>>
>>#  don't use Group #-1 on these systems!
>>#
>>User apache
>>Group apache
>>
>>#
>># ServerAdmin: Your address, where problems with the
>>server should be
>># e-mailed.  This address appears on some
>>server-generated pages, such
>># as error documents.  e.g. admin@your-domain.com
>>#
>>ServerAdmin root@gibbons.com
>>
>>#
>># ServerName gives the name and port that the server
>>uses to identify itself.
>># This can often be determined automatically, but we
>>recommend you specify
>># it explicitly to prevent problems during startup.
>>#
>># If this is not set to valid DNS name for your
>>host, server-generated
>># redirections will not work.  See also the
>>UseCanonicalName directive.
>>#
>># If your host doesn't have a registered DNS name,
>>enter its IP address here.
>># You will have to access it by its address anyway,
>>and this will make 
>># redirections work in a sensible way.
>>#
>>ServerName gibbons.com:80
>>
>>#
>># UseCanonicalName: Determines how Apache constructs
>>self-referencing 
>># URLs and the SERVER_NAME and SERVER_PORT
>>variables.
>># When set "Off", Apache will use the Hostname and
>>Port supplied
>># by the client.  When set "On", Apache will use the
>>value of the
>># ServerName directive.
>>#
>>UseCanonicalName on
>>
>>#
>># DocumentRoot: The directory out of which you will
>>serve your
>># documents. By default, all requests are taken from
>>this directory, but
>># symbolic links and aliases may be used to point to
>>other locations.
>>#
>>DocumentRoot "/var/www/html"
>>
>># 
>># Disable autoindex for the root directory, and
>>present a
>># default Welcome page if no other index page is
>>present.
>>#
>><LocationMatch "^/$">
>>    Options -Indexes
>>    ErrorDocument 403 /error/noindex.html
>></LocationMatch>
>>
>>#
>># UserDir: The name of the directory that is
>>appended onto a user's home
>># directory if a ~user request is received.
>>#
>># The path to the end user account 'public_html'
>>directory must be
>># accessible to the webserver userid.  This usually
>>means that ~userid
>># must have permissions of 711, ~userid/public_html
>>must have permissions
>># of 755, and documents contained therein must be
>>world-readable.
>># Otherwise, the client will only receive a "403
>>Forbidden" message.
>>#
>># See also:
>>http://httpd.apache.org/docs/misc/FAQ.html#forbidden
>>#
>><IfModule mod_userdir.c>
>>    #
>>    # UserDir is disabled by default since it can
>>confirm the presence
>>    # of a username on the system (depending on home
>>directory
>>    # permissions).
>>    #
>>    UserDir "disable"
>>
>>    #
>>    # To enable requests to /~user/ to serve the
>>user's public_html
>>    # directory, use this directive instead of
>>"UserDir disable":
>>    # 
>>    #UserDir public_html
>>
>></IfModule>
>>
>>#
>># DirectoryIndex: sets the file that Apache will
>>serve if a directory
>># is requested.
>>#
>># The index.html.var file (a type-map) is used to
>>deliver content-
>># negotiated documents.  The MultiViews Option can
>>be used for the 
>># same purpose, but it is much slower.
>>#
>>DirectoryIndex 
>>
>>#
>># AccessFileName: The name of the file to look for
>>in each directory
>># for access control information.  See also the
>>AllowOverride directive.
>>#
>>AccessFileName .htaccess
>>
>>#
>># The following lines prevent .htaccess and
>>.htpasswd files from being 
>># viewed by Web clients. 
>>#
>><Files ~ "^\.ht">
>>    Order allow,deny
>>    Deny from all
>></Files>
>>
>>#
>># TypesConfig describes where the mime.types file
>>(or equivalent) is
>># to be found.
>>#
>>TypesConfig "/etc/mime.types"
>>
>>#
>># DefaultType is the default MIME type the server
>>will use for a document
>># if it cannot otherwise determine one, such as from
>>filename extensions.
>># If your server contains mostly text or HTML
>>documents, "text/plain" is
>># a good value.  If most of your content is binary,
>>such as applications
>># or images, you may want to use
>>"application/octet-stream" instead to
>># keep browsers from trying to display binary files
>>as though they are
>># text.
>>#
>>DefaultType text/plain
>>
>>#
>># The mod_mime_magic module allows the server to use
>>various hints from the
>># contents of the file itself to determine its type.
>> The MIMEMagicFile
>># directive tells the module where the hint
>>definitions are located.
>>#
>><IfModule mod_mime_magic.c>
>>#   MIMEMagicFile /usr/share/magic.mime
>>    MIMEMagicFile conf/magic
>></IfModule>
>>
>>#
>># HostnameLookups: Log the names of clients or just
>>their IP addresses
>># e.g., www.apache.org (on) or 204.62.129.132 (off).
>># The default is off because it'd be overall better
>>for the net if people
>># had to knowingly turn this feature on, since
>>enabling it means that
>># each client request will result in AT LEAST one
>>lookup request to the
>># nameserver.
>>#
>>HostNameLookups Off
>>
>>#
>># EnableMMAP: Control whether memory-mapping is used
>>to deliver
>># files (assuming that the underlying OS supports
>>it).
>># The default is on; turn this off if you serve from
>>NFS-mounted 
>># filesystems.  On some systems, turning it off
>>(regardless of
>># filesystem) can improve performance; for details,
>>please see
>>#
>>
>>    
>>
>http://httpd.apache.org/docs-2.0/mod/core.html#enablemmap
>  
>
>>#
>>#EnableMMAP off
>>
>>#
>># EnableSendfile: Control whether the sendfile
>>kernel support is 
>># used to deliver files (assuming that the OS
>>supports it). 
>># The default is on; turn this off if you serve from
>>NFS-mounted 
>># filesystems.  Please see
>>#
>>
>>    
>>
>http://httpd.apache.org/docs-2.0/mod/core.html#enablesendfile
>  
>
>>#
>>#EnableSendfile off
>>
>>#
>># ErrorLog: The location of the error log file.
>># If you do not specify an ErrorLog directive within
>>a <VirtualHost>
>># container, error messages relating to that virtual
>>host will be
>># logged here.  If you *do* define an error logfile
>>for a <VirtualHost>
>># container, that host's errors will be logged there
>>and not here.
>>#
>>ErrorLog "/var/log/httpd/error_log"
>>
>>#
>># LogLevel: Control the number of messages logged to
>>the error_log.
>># Possible values include: debug, info, notice,
>>warn, error, crit,
>># alert, emerg.
>>#
>>LogLevel warn
>>
>>#
>># The following directives define some format
>>nicknames for use with
>># a CustomLog directive (see below).
>>#
>>LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\"
>>\"%{User-Agent}i\"" combined
>>LogFormat "%h %l %u %t \"%r\" %>s %b" common
>>LogFormat "%{Referer}i -> %U" referer
>>LogFormat "%{User-agent}i" agent
>>
>>
>>#
>># The location and format of the access logfile
>>(Common Logfile Format).
>># If you do not define any access logfiles within a
>><VirtualHost>
>># container, they will be logged here. 
>>Contrariwise, if you *do*
>># define per-<VirtualHost> access logfiles,
>>transactions will be
>># logged therein and *not* in this file.
>>#
>># CustomLog logs/access_log common
>>CustomLog logs/access_log combined
>>
>>#
>># If you would like to have agent and referer
>>logfiles, uncomment the
>># following directives.
>>#
>>#CustomLog logs/referer_log referer
>>#CustomLog logs/agent_log agent
>>
>>#
>># If you prefer a single logfile with access, agent,
>>and referer information
>># (Combined Logfile Format) you can use the
>>following directive.
>>#
>>#CustomLog logs/access_log combined
>>
>>#
>># Optionally add a line containing the server
>>version and virtual host
>># name to server-generated pages (error documents,
>>FTP directory listings,
>># mod_status and mod_info output etc., but not CGI
>>generated documents).
>># Set to "EMail" to also include a mailto: link to
>>the ServerAdmin.
>># Set to one of:  On | Off | EMail
>>#
>>ServerSignature on
>>
>>#
>># Aliases: Add here as many aliases as you need
>>(with no limit). The format is 
>># Alias fakename realname
>>#
>># Note that if you include a trailing / on fakename
>>then the server will
>># require it to be present in the URL.  So "/icons"
>>isn't aliased in this
>># example, only "/icons/".  If the fakename is
>>slash-terminated, then the 
>># realname must also be slash terminated, and if the
>>fakename omits the 
>># trailing slash, the realname must also omit it.
>>#
>># We include the /icons/ alias for FancyIndexed
>>directory listings.  If you
>># do not use FancyIndexing, you may comment this
>>out.
>>#
>>Alias /icons/ "/var/www/icons/"
>>
>>#
>># This should be changed to the ServerRoot/manual/. 
>>The alias provides
>># the manual, even if you choose to move your
>>DocumentRoot.  You may comment
>># this out if you do not care for the documentation.
>>#
>>Alias /manual "/var/www/manual"
>>
>><IfModule mod_dav_fs.c>
>>    # Location of the WebDAV lock database.
>>    DAVLockDB /var/lib/dav/lockdb
>></IfModule>
>>
>>#
>># ScriptAlias: This controls which directories
>>contain server scripts.
>># ScriptAliases are essentially the same as Aliases,
>>except that
>># documents in the realname directory are treated as
>>applications and
>># run by the server when requested rather than as
>>documents sent to the client.
>># The same rules about trailing "/" apply to
>>ScriptAlias directives as to
>># Alias.
>>#
>>ScriptAlias /cgi-bin/ "/var/www/cgi-bin/"
>>
>><IfModule mod_cgid.c>
>>#
>># Additional to mod_cgid.c settings, mod_cgid has
>>Scriptsock <path>
>># for setting UNIX socket for communicating with
>>cgid.
>>#
>>#Scriptsock            logs/cgisock
>></IfModule>
>>
>>#Nina added
>>
>>    
>>
>######################################################################
>  
>
>><IfModule mod_ssl.c>
>>Include conf.d/ssl.conf
>></IfModule>
>>
>>    
>>
>######################################################################
>  
>
>>#
>># Redirect allows you to tell clients about
>>documents which used to exist in
>># your server's namespace, but do not anymore. This
>>allows you to tell the
>># clients where to look for the relocated document.
>># Example:
>># Redirect permanent /foo http://www.example.com/bar
>>
>>#
>># Directives controlling the display of
>>server-generated directory listings.
>>#
>>
>>#
>># FancyIndexing is whether you want fancy directory
>>indexing or standard.
>># VersionSort is whether files containing version
>>numbers should be 
>># compared in the natural way, so that
>>`apache-1.3.9.tar' is placed before
>># `apache-1.3.12.tar'.
>>#
>>IndexOptions FancyIndexing VersionSort NameWidth=*
>>
>>#
>># AddIcon* directives tell the server which icon to
>>show for different
>># files or filename extensions.  These are only
>>displayed for
>># FancyIndexed directories.
>>#
>>AddIconByEncoding (CMP,/icons/compressed.gif)
>>x-compress x-gzip
>>
>>AddIconByType (TXT,/icons/text.gif) text/*
>>AddIconByType (IMG,/icons/image2.gif) image/*
>>AddIconByType (SND,/icons/sound2.gif) audio/*
>>AddIconByType (VID,/icons/movie.gif) video/*
>>
>>AddIcon /icons/binary.gif .bin .exe
>>AddIcon /icons/binhex.gif .hqx
>>AddIcon /icons/tar.gif .tar
>>AddIcon /icons/world2.gif .wrl .wrl.gz .vrml .vrm
>>.iv
>>AddIcon /icons/compressed.gif .Z .z .tgz .gz .zip
>>AddIcon /icons/a.gif .ps .ai .eps
>>AddIcon /icons/layout.gif .html .shtml .htm .pdf
>>AddIcon /icons/text.gif .txt
>>AddIcon /icons/c.gif .c
>>AddIcon /icons/p.gif .pl .py
>>AddIcon /icons/f.gif .for
>>AddIcon /icons/dvi.gif .dvi
>>AddIcon /icons/uuencoded.gif .uu
>>AddIcon /icons/script.gif .conf .sh .shar .csh .ksh
>>.tcl
>>AddIcon /icons/tex.gif .tex
>>AddIcon /icons/bomb.gif core
>>
>>AddIcon /icons/back.gif ..
>>AddIcon /icons/hand.right.gif README
>>AddIcon /icons/folder.gif ^^DIRECTORY^^
>>AddIcon /icons/blank.gif ^^BLANKICON^^
>>
>>#
>># DefaultIcon is which icon to show for files which
>>do not have an icon
>># explicitly set.
>>#
>>DefaultIcon /icons/unknown.gif
>>
>>#
>># AddDescription allows you to place a short
>>description after a file in
>># server-generated indexes.  These are only
>>displayed for FancyIndexed
>># directories.
>># Format: AddDescription "description" filename
>>#
>>#AddDescription "GZIP compressed document" .gz
>>#AddDescription "tar archive" .tar
>>#AddDescription "GZIP compressed tar archive" .tgz
>>
>>#
>># ReadmeName is the name of the README file the
>>server will look for by
>># default, and append to directory listings.
>>#
>># HeaderName is the name of a file which should be
>>prepended to
>># directory indexes. 
>>ReadmeName README.html
>>HeaderName HEADER.html
>>
>>#
>># IndexIgnore is a set of filenames which directory
>>indexing should ignore
>># and not include in the listing.  Shell-style
>>wildcarding is permitted.
>>#
>>IndexIgnore .??* *~ *# HEADER* README* RCS CVS *,v
>>*,t
>>
>>#
>># AddEncoding allows you to have certain browsers
>>(Mosaic/X 2.1+) uncompress
>># information on the fly. Note: Not all browsers
>>support this.
>># Despite the name similarity, the following Add*
>>directives have nothing
>># to do with the FancyIndexing customization
>>directives above.
>>#
>>AddEncoding x-compress Z
>>AddEncoding x-gzip gz tgz
>>
>>#
>># DefaultLanguage and AddLanguage allows you to
>>specify the language of 
>># a document. You can then use content negotiation
>>to give a browser a 
>># file in a language the user can understand.
>>#
>># Specify a default language. This means that all
>>data
>># going out without a specific language tag (see
>>below) will 
>># be marked with this one. You probably do NOT want
>>to set
>># this unless you are sure it is correct for all
>>cases.
>>#
>># * It is generally better to not mark a page as 
>># * being a certain language than marking it with
>>the wrong
>># * language!
>>#
>># DefaultLanguage nl
>>#
>># Note 1: The suffix does not have to be the same as
>>the language
>># keyword --- those with documents in Polish (whose
>>net-standard
>># language code is pl) may wish to use "AddLanguage
>>pl .po" to
>># avoid the ambiguity with the common suffix for
>>perl scripts.
>>#
>># Note 2: The example entries below illustrate that
>>in some cases 
>># the two character 'Language' abbreviation is not
>>identical to 
>># the two character 'Country' code for its country,
>># E.g. 'Danmark/dk' versus 'Danish/da'.
>>#
>># Note 3: In the case of 'ltz' we violate the RFC by
>>using a three char
>># specifier. There is 'work in progress' to fix this
>>and get
>># the reference data for rfc1766 cleaned up.
>>#
>># Danish (da) - Dutch (nl) - English (en) - Estonian
>>(et)
>># French (fr) - German (de) - Greek-Modern (el)
>># Italian (it) - Norwegian (no) - Norwegian Nynorsk
>>(nn) - Korean (kr) 
>># Portugese (pt) - Luxembourgeois* (ltz)
>># Spanish (es) - Swedish (sv) - Catalan (ca) -
>>Czech(cz)
>># Polish (pl) - Brazilian Portuguese (pt-br) -
>>Japanese (ja)
>># Russian (ru) - Croatian (hr)
>>#
>>AddLanguage da .dk
>>AddLanguage nl .nl
>>AddLanguage en .en
>>AddLanguage et .et
>>AddLanguage fr .fr
>>AddLanguage de .de
>>AddLanguage he .he
>>AddLanguage el .el
>>AddLanguage it .it
>>AddLanguage ja .ja
>>AddLanguage pl .po
>>AddLanguage kr .kr
>>AddLanguage pt .pt
>>AddLanguage nn .nn
>>AddLanguage no .no
>>AddLanguage pt-br .pt-br
>>AddLanguage ltz .ltz
>>AddLanguage ca .ca
>>AddLanguage es .es
>>AddLanguage sv .se
>>AddLanguage cz .cz
>>AddLanguage ru .ru
>>AddLanguage tw .tw
>>AddLanguage zh-tw .tw
>>AddLanguage hr .hr
>>
>>#
>># LanguagePriority allows you to give precedence to
>>some languages
>># in case of a tie during content negotiation.
>>#
>># Just list the languages in decreasing order of
>>preference. We have
>># more or less alphabetized them here. You probably
>>want to change this.
>>#
>>LanguagePriority en da nl et fr de el it ja kr no pl
>>pt pt-br ltz ca es sv tw
>>
>>#
>># ForceLanguagePriority allows you to serve a result
>>page rather than
>># MULTIPLE CHOICES (Prefer) [in case of a tie] or
>>NOT ACCEPTABLE (Fallback)
>># [in case no accepted languages matched the
>>available variants]
>>#
>>ForceLanguagePriority Prefer Fallback
>>
>>#
>># Specify a default charset for all pages sent out.
>>This is
>># always a good idea and opens the door for future
>>internationalisation
>># of your web site, should you ever want it.
>>Specifying it as
>># a default does little harm; as the standard
>>dictates that a page
>># is in iso-8859-1 (latin1) unless specified
>>otherwise i.e. you
>># are merely stating the obvious. There are also
>>some security
>># reasons in browsers, related to javascript and URL
>>parsing
>># which encourage you to always set a default char
>>set.
>>#
>>AddDefaultCharset ISO-8859-1
>>
>>#
>># Commonly used filename extensions to character
>>sets. You probably
>># want to avoid clashes with the language
>>extensions, unless you
>># are good at carefully testing your setup after
>>each change.
>># See
>>
>>    
>>
>ftp://ftp.isi.edu/in-notes/iana/assignments/character-sets
>  
>
>>for
>># the official list of charset names and their
>>respective RFCs
>>#
>>AddCharset ISO-8859-1  .iso8859-1  .latin1
>>AddCharset ISO-8859-2  .iso8859-2  .latin2 .cen
>>AddCharset ISO-8859-3  .iso8859-3  .latin3
>>AddCharset ISO-8859-4  .iso8859-4  .latin4
>>AddCharset ISO-8859-5  .iso8859-5  .latin5 .cyr
>>.iso-ru
>>AddCharset ISO-8859-6  .iso8859-6  .latin6 .arb
>>AddCharset ISO-8859-7  .iso8859-7  .latin7 .grk
>>AddCharset ISO-8859-8  .iso8859-8  .latin8 .heb
>>AddCharset ISO-8859-9  .iso8859-9  .latin9 .trk
>>AddCharset ISO-2022-JP .iso2022-jp .jis
>>AddCharset ISO-2022-KR .iso2022-kr .kis
>>AddCharset ISO-2022-CN .iso2022-cn .cis
>>AddCharset Big5        .Big5       .big5
>># For russian, more than one charset is used
>>(depends on client, mostly):
>>AddCharset WINDOWS-1251 .cp-1251   .win-1251
>>AddCharset CP866       .cp866
>>AddCharset KOI8-r      .koi8-r .koi8-ru
>>AddCharset KOI8-ru     .koi8-uk .ua
>>AddCharset ISO-10646-UCS-2 .ucs2
>>AddCharset ISO-10646-UCS-4 .ucs4
>>AddCharset UTF-8       .utf8
>>
>># The set below does not map to a specific (iso)
>>standard
>># but works on a fairly wide range of browsers. Note
>>that
>># capitalization actually matters (it should not,
>>but it
>># does for some browsers).
>>#
>># See
>>
>>    
>>
>ftp://ftp.isi.edu/in-notes/iana/assignments/character-sets
>  
>
>># for a list of sorts. But browsers support few.
>>#
>>AddCharset GB2312      .gb2312 .gb
>>AddCharset utf-7       .utf7
>>AddCharset utf-8       .utf8
>>AddCharset big5        .big5 .b5
>>AddCharset EUC-TW      .euc-tw
>>AddCharset EUC-JP      .euc-jp
>>AddCharset EUC-KR      .euc-kr
>>AddCharset shift_jis   .sjis
>>
>>#
>># AddType allows you to add to or override the MIME
>>configuration
>># file mime.types for specific file types.
>>#
>>AddType application/x-tar .tgz
>>#Nina added this line
>>AddType text/html .shtml
>>
>>#
>># AddHandler allows you to map certain file
>>extensions to "handlers":
>># actions unrelated to filetype. These can be either
>>built into the server
>># or added with the Action directive (see below)
>>#
>># To use CGI scripts outside of ScriptAliased
>>directories:
>># (You will also need to add "ExecCGI" to the
>>"Options" directive.)
>>#
>>#AddHandler cgi-script .cgi
>>
>>#
>># For files that include their own HTTP headers:
>>#
>>#AddHandler send-as-is asis
>>
>>#
>># For server-parsed imagemap files:
>>#
>>AddHandler imap-file map
>>
>>#
>># For type maps (negotiated resources):
>># (This is enabled by default to allow the Apache
>>"It Worked" page
>>#  to be distributed in multiple languages.)
>>#
>>AddHandler type-map var
>>
>># Filters allow you to process content before it is
>>sent to the client.
>>#
>># To parse .shtml files for server-side includes
>>(SSI):
>># (You will also need to add "Includes" to the
>>"Options" directive.)
>>#
>>AddOutputFilter INCLUDES .shtml
>>
>>#
>># Action lets you define media types that will
>>execute a script whenever
>># a matching file is called. This eliminates the
>>need for repeated URL
>># pathnames for oft-used CGI file processors.
>># Format: Action media/type /cgi-script/location
>># Format: Action handler-name /cgi-script/location
>>#
>>
>>#
>># Customizable error responses come in three
>>flavors:
>># 1) plain text 2) local redirects 3) external
>>redirects
>>#
>># Some examples:
>>#ErrorDocument 500 "The server made a boo boo."
>>#ErrorDocument 404 /missing.html
>>#ErrorDocument 404 "/cgi-bin/missing_handler.pl"
>>#ErrorDocument 402
>>http://www.example.com/subscription_info.html
>>#
>>
>>
>>Alias /error/ "/var/www/error/"
>>
>>#
>># The following directives modify normal HTTP
>>response behavior to
>># handle known problems with browser
>>implementations.
>>#
>>BrowserMatch "Mozilla/2" nokeepalive
>>BrowserMatch "MSIE 4\.0b2;" nokeepalive
>>downgrade-1.0 force-response-1.0
>>BrowserMatch "RealPlayer 4\.0" force-response-1.0
>>BrowserMatch "Java/1\.0" force-response-1.0
>>BrowserMatch "JDK/1\.0" force-response-1.0
>>
>>#
>># The following directive disables redirects on
>>non-GET requests for
>># a directory that does not include the trailing
>>slash.  This fixes a 
>># problem with Microsoft WebFolders which does not
>>appropriately handle 
>># redirects for folders with DAV methods.
>>#
>>BrowserMatch "Microsoft Data Access Internet
>>Publishing Provider" redirect-carefully
>>BrowserMatch "^WebDrive" redirect-carefully
>>BrowserMatch "^WebDAVFS/1.[012]" redirect-carefully
>>BrowserMatch "^gnome-vfs" redirect-carefully
>>
>>#
>># Allow server status reports, with the URL of
>>http://servername/server-status
>># Change the ".your-domain.com" to match your domain
>>to enable.
>>#
>>#<Location /server-status>
>>#    SetHandler server-status
>>#    Order deny,allow
>>#    Deny from all
>>#    Allow from .your-domain.com
>>#</Location>
>>
>>#
>># Allow remote server configuration reports, with
>>the URL of
>>#  http://servername/server-info (requires that
>>mod_info.c be loaded).
>># Change the ".your-domain.com" to match your domain
>>to enable.
>>#
>>#<Location /server-info>
>>#    SetHandler server-info
>>#    Order deny,allow
>>#    Deny from all
>>#    Allow from .your-domain.com
>>#</Location>
>>
>># Nina added this in for svn server
>># Repository location
>><Location /svn1>
>>	DAV svn
>>	SVNParentPath /svn1
>>	
>>	# access control policy
>>	AuthzSVNAccessFile /etc/svn-access-file
>>	# how to authenticate a user
>>	AuthType Basic
>>	AuthName "Subversion repository"
>>	AuthUserFile /etc/svn-auth-file
>>	
>>	# only authenticated users may access the
>>repository
>>	Require valid-user
>></Location>
>>
>># Proxy Server directives. Uncomment the following
>>lines to
>># enable the proxy server:
>>#
>>#<IfModule mod_proxy.c>
>>#ProxyRequests On
>>#
>>#<Proxy *>
>>#    Order deny,allow
>>#    Deny from all
>>#    Allow from .your-domain.com
>>#</Proxy>
>>
>>#
>># Enable/disable the handling of HTTP/1.1 "Via:"
>>headers.
>># ("Full" adds the server version; "Block" removes
>>all outgoing Via: headers)
>># Set to one of: Off | On | Full | Block
>>#
>>#ProxyVia On
>>
>>#
>># To enable the cache as well, edit and uncomment
>>the following lines:
>># (no cacheing without CacheRoot)
>>#
>>#CacheRoot "/etc/httpd/proxy"
>>#CacheSize 5
>>#CacheGcInterval 4
>>#CacheMaxExpire 24
>>#CacheLastModifiedFactor 0.1
>>#CacheDefaultExpire 1
>>#NoCache a-domain.com another-domain.edu
>>joes.garage-sale.com
>>
>>#</IfModule>
>># End of proxy directives.
>>
>>### Section 3: Virtual Hosts
>>#
>># VirtualHost: If you want to maintain multiple
>>domains/hostnames on your
>># machine you can setup VirtualHost containers for
>>them. Most configurations
>># use only name-based virtual hosts so the server
>>doesn't need to worry about
>># IP addresses. This is indicated by the asterisks
>>in the directives below.
>>#
>># Please see the documentation at 
>># <URL:http://httpd.apache.org/docs-2.0/vhosts/>
>># for further details before you try to setup
>>virtual hosts.
>>#
>># You may use the command line option '-S' to verify
>>your virtual host
>># configuration.
>>
>>#
>># Use name-based virtual hosting.
>>#
>>
>>
>># Where do we put the lock and pif files?
>>LockFile "/var/lock/httpd.lock"
>>CoreDumpDirectory "/etc/httpd"
>>
>># Defaults for virtual hosts
>>
>>
>>
>>
>>
>>
>>
>># Logs
>>
>>
>>
>>      
>>        
>>        
>>        
>>        
>>        
>>        
>>        
>>        
>>        
>>        
>>        
>>        
>>        
>>        
>>        
>>        
>>        
>>        
>>        
>>        
>>        
>>        
>>        
>>          
>>            
>>            
>>            
>>          
>>        
>>          
>>        
>>       
>>#
>># Virtual hosts
>>#
>>
>># Virtual host Default Virtual Host
>><VirtualHost *>
>> 	
>> 	
>> 	
>> 	
>>	
>>
>> 	
>> 	
>>	DirectoryIndex index.php index.html index.htm
>>index.shtml 
>>	
>>	
>>
>> 	
>> 	
>> 	
>> 	LogLevel debug
>> 	HostNameLookups off
>>	
>>	
>>	
>>
>></VirtualHost>
>>
>>
>>      
>>#
>># Each directory to which Apache has access can be
>>configured with respect
>># to which services and features are allowed and/or
>>disabled in that
>># directory (and its subdirectories). 
>>#
>># Note that from this point forward you must
>>specifically allow
>># particular features to be enabled - so if
>>something's not working as
>># you might expect, make sure that you have
>>specifically enabled it
>># below.
>>#
>>
>><Directory "/">
>>        Options FollowSymLinks
>>        
>>        AllowOverride None
>>        
>>        
>>        
>></Directory>
>>
>><Directory "/var/www/html">
>>        Options Indexes Includes FollowSymLinks 
>>        
>>        AllowOverride None
>>        Allow from all
>>
>>        
>>        Order allow,deny
>></Directory>
>>
>><Directory "/var/www/icons">
>>        Options Indexes MultiViews
>>        
>>        AllowOverride None
>>        Allow from all
>>
>>        
>>        Order allow,deny
>></Directory>
>>
>><Directory "/var/www/cgi-bin">
>>        Options ExecCGI
>>        
>>        AllowOverride None
>>        Allow from all
>>
>>        
>>        Order allow,deny
>></Directory>
>>
>>
>>      
>>    
>>  
>>
>>    
>>
>---------------------------------------------------------------------
>  
>
>>The official User-To-User support forum of the
>>Apache HTTP Server Project.
>>See <URL:http://httpd.apache.org/userslist.html> for
>>more info.
>>To unsubscribe, e-mail:
>>users-unsubscribe@httpd.apache.org
>>   "   from the digest:
>>users-digest-unsubscribe@httpd.apache.org
>>For additional commands, e-mail:
>>    
>>
>users-help@httpd.apache.org
>
>
>
>		
>__________________________________
>Do you Yahoo!?
>Yahoo! Mail is new and improved - Check it out!
>http://promotions.yahoo.com/new_mail
>
>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org
>
>  
>


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message