ServerName <%= node[:fqdn] %>
ServerAlias nominatim.openstreetmap.org
ServerAlias nominatim.osm.org
- ServerAlias nominatim.openstreetmap.org
+ ServerAlias nominatim.openstreetmap.com
ServerAlias nominatim.openstreetmap.net
ServerAlias nominatim.openstreetmaps.org
ServerAlias nominatim.openmaps.org
ServerAdmin webmaster@openstreetmap.org
<% if port == 443 -%>
- #
# Enable SSL
- #
SSLEngine on
SSLProxyEngine on
+ SSLCertificateFile /etc/ssl/certs/nominatim.openstreetmap.org.pem
+ SSLCertificateKeyFile /etc/ssl/private/nominatim.openstreetmap.org.key
+<% else -%>
+ # Redirect ACME challenges for certificate issuance
+ RedirectPermanent /.well-known/acme-challenge/ http://acme.openstreetmap.org/.well-known/acme-challenge/
<% end -%>
+ # Remove Proxy request header to mitigate https://httpoxy.org/
+ RequestHeader unset Proxy early
+
+ RequestReadTimeout header=15-30,MinRate=500 body=15-30,MinRate=500
+
CustomLog /var/log/apache2/nominatim.openstreetmap.org-access.log combined
ErrorLog /var/log/apache2/nominatim.openstreetmap.org-error.log
# regular requests and autoblocks
RewriteMap bulklist txt:<%= @directory %>/settings/ip_blocks.map
- RewriteRule ^/(search|reverse|details|lookup)(\.php)?(/.*)? /pool-${bulklist:%{REMOTE_ADDR}|www}/$1.php$3 [PT]
+ RewriteRule ^/(search|reverse|lookup)(\.php)?(/.*)? /pool-${bulklist:%{REMOTE_ADDR}|www}/$1.php$3 [PT]
+ RewriteRule ^/details(\.php)?(/.*)? /pool-${bulklist:%{REMOTE_ADDR}|details}/details.php$2 [PT]
</VirtualHost>