--- loncom/loncapa_apache.conf 2014/01/08 18:56:25 1.215.2.11 +++ loncom/loncapa_apache.conf 2023/07/07 03:52:39 1.281 @@ -2,7 +2,7 @@ ## loncapa_apache.conf -- Apache HTTP LON-CAPA configuration file ## -# $Id: loncapa_apache.conf,v 1.215.2.11 2014/01/08 18:56:25 raeburn Exp $ +# $Id: loncapa_apache.conf,v 1.281 2023/07/07 03:52:39 raeburn Exp $ # # LON-CAPA Section (extensions to httpd.conf daemon configuration) @@ -68,7 +68,7 @@ PerlAuthzHandler 'sub { return OK }' # Send proper expires header to avoid unnecessary HTTP request for static content - + ExpiresActive On ExpiresDefault "access plus 12 hours" Header set Cache-Control "public, no-transform" @@ -131,6 +131,7 @@ ErrorDocument 500 /adm/errorhandler +Options +FollowSymLinks -Includes PerlAccessHandler Apache::lontokacc PerlCleanupHandler Apache::lontokacc::removefile PerlCleanupHandler Apache::lonacc::cleanup @@ -149,6 +150,10 @@ ErrorDocument 406 /adm/roles ErrorDocument 500 /adm/errorhandler + + Options +FollowSymLinks -Includes + + AuthType LONCAPA Require valid-user @@ -270,6 +275,43 @@ ErrorDocument 406 /adm/notinit.html ErrorDocument 500 /adm/errorhandler + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lonslotcheck +PerlHandler Apache::londatecheck +PerlHandler Apache::lonipcheck +PerlHandler Apache::lonexttool +ErrorDocument 404 /adm/notfound.html +ErrorDocument 406 /adm/notinit.html +ErrorDocument 500 /adm/errorhandler + + + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lonplacementtest +ErrorDocument 404 /adm/notfound.html +ErrorDocument 406 /adm/notinit.html +ErrorDocument 500 /adm/errorhandler + + + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lonexturlcheck +ErrorDocument 403 /adm/login +ErrorDocument 404 /adm/notfound.html +ErrorDocument 406 /adm/unauthorized +ErrorDocument 500 /adm/errorhandler + + AuthType LONCAPA Require valid-user @@ -281,7 +323,7 @@ ErrorDocument 406 /adm/unauthorized ErrorDocument 500 /adm/errorhandler - + AuthType Basic @@ -445,6 +487,94 @@ SetHandler perl-script PerlHandler Apache::lonxml + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::loncacc +ErrorDocument 403 /adm/login +ErrorDocument 404 /adm/notfound.html +ErrorDocument 406 /adm/unauthorized +ErrorDocument 500 /adm/errorhandler + + + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc + + + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +ErrorDocument 403 /adm/login +ErrorDocument 404 /adm/notfound.html +ErrorDocument 406 /adm/unauthorized +ErrorDocument 500 /adm/errorhandler + + + +SetHandler perl-script +PerlHandler Apache::daxepage + + + +SetHandler perl-script +PerlHandler Apache::daxepage + + + +SetHandler perl-script +PerlHandler Apache::daxeopen + + + +SetHandler perl-script +PerlHandler Apache::daxeopen + + + +SetHandler perl-script +PerlHandler Apache::daxeopen + + + +SetHandler perl-script +PerlHandler Apache::daxeopen + + + + + RewriteEngine on + RewriteRule /daxeopen/(.*) /$1 + + + + + + RewriteEngine on + RewriteRule /daxeopen/(.*) /$1 + + + + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::daxesave + + + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::loncoursepub +ErrorDocument 404 /adm/notfound.html +ErrorDocument 500 /adm/errorhandler + + AuthType LONCAPA Require valid-user @@ -511,6 +641,16 @@ ErrorDocument 403 /adm/login ErrorDocument 500 /adm/errorhandler + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lonindexcourse +ErrorDocument 403 /adm/login +ErrorDocument 500 /adm/errorhandler + + AuthType LONCAPA Require valid-user @@ -554,12 +694,12 @@ ErrorDocument 403 /adm/login ErrorDocument 500 /adm/errorhandler - + AuthType LONCAPA Require valid-user PerlAuthzHandler Apache::lonacc SetHandler perl-script -PerlHandler Apache::lonremote +PerlHandler Apache::lonpickresource ErrorDocument 403 /adm/login ErrorDocument 500 /adm/errorhandler @@ -626,11 +766,63 @@ ErrorDocument 406 /adm/roles ErrorDocument 500 /adm/errorhandler + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::loncourseauthor +ErrorDocument 403 /adm/login +ErrorDocument 406 /adm/roles +ErrorDocument 500 /adm/errorhandler + + + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::loncourseuser +ErrorDocument 403 /adm/login +ErrorDocument 406 /adm/roles +ErrorDocument 500 /adm/errorhandler + + SetHandler perl-script PerlHandler Apache::lonlogin + +SetHandler perl-script +PerlHandler Apache::ltiauth + + + +SetHandler perl-script +PerlHandler Apache::lonrelaunch + + + +SetHandler perl-script +PerlHandler Apache::ltiauth + + + +SetHandler perl-script +PerlHandler Apache::ltipassback + + + +SetHandler perl-script +PerlHandler Apache::ltiroster + + + +SetHandler perl-script +PerlHandler Apache::ltilogout + + PerlAccessHandler Apache::publiccheck AuthType LONCAPA @@ -651,6 +843,17 @@ PerlHandler Apache::blockedaccess ErrorDocument 500 /adm/errorhandler + +PerlAccessHandler Apache::publiccheck +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lonprotected +ErrorDocument 403 /adm/login +ErrorDocument 500 /adm/errorhandler + + AuthType LONCAPA Require valid-user @@ -683,6 +886,7 @@ PerlHandler Apache::migrateuser + Header set Cache-Control "private,no-store,no-cache,max-age=0" AuthType shibboleth ShibUseEnvironment On @@ -691,12 +895,25 @@ PerlHandler Apache::migrateuser require valid-user PerlAuthzHandler Apache::lonshibacc PerlAuthzHandler Apache::lonacc + ErrorDocument 403 /adm/login + ErrorDocument 500 /adm/errorhandler PerlTypeHandler Apache::lonnoshib + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lonlinkexit +ErrorDocument 403 /adm/login +ErrorDocument 409 /adm/preferences?action=lockwarning +ErrorDocument 500 /adm/errorhandler + + AuthType LONCAPA Require valid-user @@ -707,6 +924,16 @@ ErrorDocument 403 /adm/login ErrorDocument 500 /adm/errorhandler + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::admannotations +ErrorDocument 403 /adm/login +ErrorDocument 500 /adm/errorhandler + + AuthType LONCAPA Require valid-user @@ -1302,6 +1529,7 @@ PerlHandler Apache::groupsort PerlCleanupHandler Apache::groupsort::cleanup PerlCleanupHandler Apache::lonacc::cleanup ErrorDocument 403 /adm/login +ErrorDocument 406 /adm/roles ErrorDocument 500 /adm/errorhandler @@ -1313,7 +1541,7 @@ SetHandler perl-script PerlHandler Apache::lonwishlistdisplay ErrorDocument 403 /adm/login ErrorDocument 406 /adm/roles -ErrorDocument 500 /adm/errorhandler +ErrorDocument 500 /adm/errorhandler @@ -1336,6 +1564,17 @@ SetHandler perl-script PerlHandler Apache::lonblockingstatus + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lonaccesstimes +ErrorDocument 403 /adm/login +ErrorDocument 406 /adm/roles +ErrorDocument 500 /adm/errorhandler + + SetHandler perl-script PerlHandler Apache::lonerrorhandler @@ -1416,7 +1655,16 @@ SetHandler perl-script PerlHandler Apache::spellcheck - + +AuthType LONCAPA +Require valid-user +PerlAuthzHandler Apache::lonacc +SetHandler perl-script +PerlHandler Apache::lontiny +ErrorDocument 403 /adm/login +ErrorDocument 406 /adm/roles +ErrorDocument 500 /adm/errorhandler + # ------------------------------------------------- Backdoor Adm Tests/Programs @@ -1452,7 +1700,7 @@ AllowOverride None # Allow uploaded files to be served -Options Includes FollowSymLinks +Options FollowSymLinks AllowOverride None Require all granted @@ -1463,24 +1711,10 @@ AllowOverride None -# Allow construction space files to be served - - -Options Includes FollowSymLinks -AllowOverride - - Require all granted - - - order allow,deny - allow from all - - - # Yes to symbolic links and server-side includes -Options Includes FollowSymLinks +Options FollowSymLinks AllowOverride None Require all granted @@ -1508,7 +1742,7 @@ Options ExecCGI FollowSymLinks # Allow serving of files in prtspool -Options Includes FollowSymLinks +Options FollowSymLinks AllowOverride None Require all granted @@ -1522,7 +1756,7 @@ AllowOverride None # Allow serving of files in zipspool -Options Includes FollowSymLinks +Options FollowSymLinks AllowOverride None Require all granted @@ -1536,7 +1770,7 @@ AllowOverride None # Allow serving of files in captchaspool -Options Includes FollowSymLinks +Options FollowSymLinks AllowOverride None Require all granted @@ -1551,6 +1785,10 @@ AllowOverride None DirectoryIndex disabled + + DirectoryIndex disabled + + # ============================================================= Access Handlers # ------------------------------------------------- Allow server-status reports @@ -1583,8 +1821,9 @@ Options Indexes FollowSymLinks # ******** THESE "SHOULD" NEVER BE ALTERED BY THE USER ************************ # ====================================== Internal Settings / Perl Configuration -PerlSetVar lonVersion '' +PerlSetVar lonVersion '' PerlSetVar lonIDsDir /home/httpd/lonIDs +PerlSetVar lonBalanceDir /home/httpd/balanceIDs PerlSetVar lonDAVsessDir /home/httpd/webdav/sessionIDs PerlSetVar lonTabDir /home/httpd/lonTabs PerlSetVar lonUsersDir /home/httpd/lonUsers @@ -1601,8 +1840,10 @@ PerlSetVar lonIncludes /home/http PerlSetVar lonZipDir /home/httpd/zipspool PerlSetVar lonCaptchaDir /home/httpd/captchaspool PerlSetVar lonCaptchaDb /home/httpd/captchadb +PerlSetVar lonLTIDir /home/httpd/lonLTItmp +PerlSetVar ltiIDsDir /home/httpd/ltiIDs PerlSetVar lonFontsDir /home/httpd/html/adm/fonts -# & separated list of : separated fields in order of +# & separated list of % separated fields in order of # - internal name to call it, # - regexp that it should match (done case-insensitively) # - regexp that is should not match (done case-insensitively) @@ -1610,12 +1851,12 @@ PerlSetVar lonFontsDir /home/h # - a number that describes the minimum version that has mathml support # - a number that describes the minimum number version that has unicode support -PerlSetVar lonBrowsDet explorer:msie:netscape:msie\s(\d+\.\d+)\;:9999:5&mozilla:mozilla\/[5-9]:msie:mozilla\/(\d+\.\d+)\s:9999:1&netscape:netscape:msie:netscape\/(\d+\.\d+):9999:7&netscape:netscape\/[7-9]:shouldnotmatch:netscape\/(\d+\.\d+):9999:7&amaya:amaya:mozilla:V(\d+\.\d+)\s:1:1&safari:safari:msie:safari\/([\d\.]+):9999:84&chrome:chrome:chromeframe:\s+chrome\/(\d+\.\d+):9999:1 +PerlSetVar lonBrowsDet explorer%msie%netscape%msie\s(\d+\.\d+)\;%9999%5&mozilla%mozilla\/[5-9]%msie%mozilla\/(\d+\.\d+)\s%9999%1&netscape%netscape%msie%netscape\/(\d+\.\d+)%9999%7&netscape%netscape\/[7-9]%shouldnotmatch%netscape\/(\d+\.\d+)%9999%7&amaya%amaya%mozilla%V(\d+\.\d+)\s%1%1&safari%safari%msie%safari\/([\d\.]+)%9999%84&chrome%chrome%chromeframe%\s+chrome\/(\d+\.\d+)%9999%1&explorer%\s+rv\:\d+\.\d+%firefox%\s+rv\:(\d+\.\d+)%9999%5&opera%\sOPR\/\d+\.\d+%shouldnotmatch%\sOPR\/(\d+\.\d+)%9999%6&opera%^Opera\/9.80\s.+Version\/\d+\.\d+$%shouldnotmatch%Version\/(\d+\.\d+)$%9999%6&opera%^Opera\/\d+\.\d+\s%Version\/\d+\.\d+$%^Opera\/(\d+\.\d+)\s%9999%6 PerlSetVar lonTextBrowsers windows\s+ce:lynx PerlSetVar lonScansDir /home/httpd/scantron PerlSetVar lonScriptTimeout 10 -PerlSetVar BugzillaHost http://bugs.lon-capa.org/ +PerlSetVar BugzillaHost https://bugs.loncapa.org/ PerlSetVar FAQHost http://help.lon-capa.org/ # ----------------------------------------------------------------------------- # NOTE: lonSqlAccess key is the password for the MySQL user @@ -1655,6 +1896,8 @@ PerlSetVar lonCertificateDirectory /home PerlSetVar lonnetCertificateAuthority loncapaCA.pem PerlSetVar lonnetCertificate lonhostcert.pem +PerlSetVar lonnetHostnameCertificate lonhostnamecert.pem +PerlSetVar lonnetCertRevocationList loncapaCAcrl.pem # # To generate the request for a certificate, and to negotiate the