X-Git-Url: https://git.openstreetmap.org./chef.git/blobdiff_plain/1c848471a16f9d1ee1fc8a327af110447ea1ef4c..5d1d6ab7af250de9ceff164e5337a7c8a3319a3e:/cookbooks/dev/templates/default/apache.user.erb
diff --git a/cookbooks/dev/templates/default/apache.user.erb b/cookbooks/dev/templates/default/apache.user.erb
index 9b49158f9..39f1cd60f 100644
--- a/cookbooks/dev/templates/default/apache.user.erb
+++ b/cookbooks/dev/templates/default/apache.user.erb
@@ -7,6 +7,9 @@ WSGIDaemonProcess <%= @user %>.dev.openstreetmap.org user=<%= @user %> inactivit
ServerAdmin webmaster@openstreetmap.org
ServerAlias <%= @user %>.dev.osm.org
+ # Remove Proxy request header to mitigate https://httpoxy.org/
+ RequestHeader unset Proxy early
+
UseCanonicalName Off
DocumentRoot <%= @directory %>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
@@ -14,39 +17,32 @@ WSGIDaemonProcess <%= @user %>.dev.openstreetmap.org user=<%= @user %> inactivit
WSGIProcessGroup <%= @user %>.dev.openstreetmap.org
RewriteEngine on
- #RewriteLog /var/log/apache2/rewrite.log
- #RewriteLogLevel 4
+ #LogLevel rewrite:trace2
CustomLog /var/log/apache2/<%= @user %>.dev.openstreetmap.org-access.log combined
ErrorLog /var/log/apache2/<%= @user %>.dev.openstreetmap.org-error.log
RewriteCond <%= @directory %>%{REQUEST_FILENAME} -f
- RewriteRule ^/cgi-bin/(.*)$ /cgi-bin/cgiwrap/~<%= @user %>/cgi-bin/$1 [PT,L]
+ RewriteRule ^/cgi-bin/(.*)$ /~<%= @user %>/cgi-bin/$1 [PT,L]
RewriteCond <%= @directory %>%{REQUEST_FILENAME} -f
- RewriteRule ^/cgi-bin-d/(.*)$ /cgi-bin/cgiwrapd/~<%= @user %>/cgi-bin/$1 [PT,L]
-
-
-
- SetHandler fcgi:/var/run/php5-fpm-<%= @user %>.sock
-
-
- SetHandler fcgi:/var/run/php5-fpm-<%= @user %>.sock
-
-
-
-
- RewriteCond <%= @directory %>%{REQUEST_FILENAME} -f
- RewriteRule ^(.*\.php)$ /cgi-bin/php-cgiwrap/~<%= @user %>/$1 [PT,L]
-
+ RewriteRule ^/(.*\.ph(p|ps|p3|tml)(/.*)?)$ fcgi://127.0.0.1:<%= @port %><%= @directory %>/$1 [P]
>
AllowOverride AuthConfig FileInfo Indexes Options=RailsBaseURI
Options SymLinksIfOwnerMatch Indexes Includes
+ Require all granted
+
+
+/cgi-bin>
+ SetHandler cgi-script
+ Options ExecCGI SymLinksIfOwnerMatch
+ Require all granted
/wsgi-bin>
SetHandler wsgi-script
Options ExecCGI SymLinksIfOwnerMatch
+ Require all granted