Imported Upstream version 2.3.16-beta

author: Arno Töll <debian@toell.net> 2012-01-08 22:53:17 +0100
committer: Arno Töll <debian@toell.net> 2012-01-08 22:53:17 +0100
commit: e072a2dd866b7cb9f14319b80326a4e7fd16fcdf (patch)
tree: a49dfc56d94a26011fe157835ff6cbe14edbd8a9 /docs/conf/extra
parent: 0890390c00801651d08d3794e13b31a5dabbf5ef (diff)
download: apache2-e072a2dd866b7cb9f14319b80326a4e7fd16fcdf.tar.gz
11 files changed, 228 insertions, 118 deletions
diff --git a/docs/conf/extra/httpd-autoindex.conf.in b/docs/conf/extra/httpd-autoindex.conf.in
index d5bcbb1d..51b02ed9 100644
--- a/docs/conf/extra/httpd-autoindex.conf.in
+++ b/docs/conf/extra/httpd-autoindex.conf.in
@@ -1,7 +1,8 @@
 #
 # Directives controlling the display of server-generated directory listings.
 #
-# Required modules: mod_autoindex, mod_alias
+# Required modules: mod_authz_core, mod_authz_host,
+#                   mod_autoindex, mod_alias
 #
 # To see the listing of a directory, the Options directive for the
 # directory must include "Indexes", and the directory must not contain
@@ -22,8 +23,7 @@ Alias /icons/ "@exp_iconsdir@/"
 <Directory "@exp_iconsdir@">
     Options Indexes MultiViews
     AllowOverride None
-    Order allow,deny
-    Allow from all
+    Require all granted
 </Directory>
 
 #
diff --git a/docs/conf/extra/httpd-dav.conf.in b/docs/conf/extra/httpd-dav.conf.in
index c8d56b49..f1d35e04 100644
--- a/docs/conf/extra/httpd-dav.conf.in
+++ b/docs/conf/extra/httpd-dav.conf.in
@@ -1,9 +1,9 @@
 #
 # Distributed authoring and versioning (WebDAV)
 #
-# Required modules: mod_dav, mod_dav_fs, mod_setenvif, mod_alias
-#                   mod_auth_digest, mod_authn_file
-#
+# Required modules: mod_alias, mod_auth_digest, mod_authn_core, mod_authn_file,
+#                   mod_authz_core, mod_authz_user, mod_dav, mod_dav_fs,
+#                   mod_setenvif
 
 # The following example gives DAV write access to a directory called
 # "uploads" under the ServerRoot directory.
@@ -19,12 +19,8 @@ Alias /uploads "@@ServerRoot@@/uploads"
 <Directory "@@ServerRoot@@/uploads">
     Dav On
 
-    Order Allow,Deny
-    Allow from all
-
     AuthType Digest
     AuthName DAV-upload
-
     # You can use the htdigest program to create the password database:
     #   htdigest -c "@@ServerRoot@@/user.passwd" DAV-upload admin
     AuthUserFile "@@ServerRoot@@/user.passwd"
@@ -32,9 +28,10 @@ Alias /uploads "@@ServerRoot@@/uploads"
 
     # Allow universal read-access, but writes are restricted
     # to the admin user.
-    <LimitExcept GET OPTIONS>
-        require user admin
-    </LimitExcept>
+    <RequireAny>
+        Require method GET POST OPTIONS
+        Require user admin
+    </RequireAny>
 </Directory>
 
 #
@@ -46,7 +43,8 @@ Alias /uploads "@@ServerRoot@@/uploads"
 BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
 BrowserMatch "MS FrontPage" redirect-carefully
 BrowserMatch "^WebDrive" redirect-carefully
-BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
+BrowserMatch "^WebDAVFS/1.[01234]" redirect-carefully
 BrowserMatch "^gnome-vfs/1.0" redirect-carefully
 BrowserMatch "^XML Spy" redirect-carefully
 BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully
+BrowserMatch " Konqueror/4" redirect-carefully
diff --git a/docs/conf/extra/httpd-default.conf.in b/docs/conf/extra/httpd-default.conf.in
index efeca052..f1e7bc82 100644
--- a/docs/conf/extra/httpd-default.conf.in
+++ b/docs/conf/extra/httpd-default.conf.in
@@ -62,7 +62,7 @@ ServerTokens Full
 # Set to "EMail" to also include a mailto: link to the ServerAdmin.
 # Set to one of:  On | Off | EMail
 #
-ServerSignature On
+ServerSignature Off
 
 #
 # HostnameLookups: Log the names of clients or just their IP addresses
@@ -73,3 +73,18 @@ ServerSignature On
 # nameserver.
 #
 HostnameLookups Off
+
+#
+# Set a timeout for how long the client may take to send the request header
+# and body.
+# The default for the headers is header=20-40,MinRate=500, which means wait
+# for the first byte of headers for 20 seconds. If some data arrives,
+# increase the timeout corresponding to a data rate of 500 bytes/s, but not
+# above 40 seconds.
+# The default for the request body is body=20,MinRate=500, which is the same
+# but has no upper limit for the timeout.
+# To disable, set to header=0 body=0
+#
+<IfModule reqtimeout_module>
+  RequestReadTimeout header=20-40,MinRate=500 body=20,MinRate=500
+</IfModule>
diff --git a/docs/conf/extra/httpd-info.conf.in b/docs/conf/extra/httpd-info.conf.in
index db316c03..5cfdf69b 100644
--- a/docs/conf/extra/httpd-info.conf.in
+++ b/docs/conf/extra/httpd-info.conf.in
@@ -2,8 +2,9 @@
 # Get information about the requests being processed by the server
 # and the configuration of the server.
 #
-# Required modules: mod_status (for the server-status handler),
-#                   mod_info (for the server-info handler)
+# Required modules: mod_authz_core, mod_authz_host,
+#                   mod_info (for the server-info handler),
+#                   mod_status (for the server-status handler)
 
 #
 # Allow server status reports generated by mod_status,
@@ -12,9 +13,8 @@
 
 <Location /server-status>
     SetHandler server-status
-    Order deny,allow
-    Deny from all
-    Allow from .example.com
+    Require host .example.com
+    Require ip 127
 </Location>
 
 #
@@ -31,7 +31,6 @@
 #
 <Location /server-info>
     SetHandler server-info
-    Order deny,allow
-    Deny from all
-    Allow from .example.com
+    Require host .example.com
+    Require ip 127
 </Location>
diff --git a/docs/conf/extra/httpd-manual.conf.in b/docs/conf/extra/httpd-manual.conf.in
index 34115ff5..29b1094c 100644
--- a/docs/conf/extra/httpd-manual.conf.in
+++ b/docs/conf/extra/httpd-manual.conf.in
@@ -2,18 +2,18 @@
 # Provide access to the documentation on your server as
 #  http://yourserver.example.com/manual/
 # The documentation is always available at
-#  http://httpd.apache.org/docs/2.2/
+#  http://httpd.apache.org/docs/trunk/
 #
-# Required modules: mod_alias, mod_setenvif, mod_negotiation
+# Required modules: mod_alias, mod_authz_core, mod_authz_host,
+#                   mod_setenvif, mod_negotiation
 #
 
-AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br|ru|tr))?(/.*)?$ "@exp_manualdir@$1"
+AliasMatch ^/manual(?:/(?:da|de|en|es|fr|ja|ko|pt-br|ru|tr|zh-cn))?(/.*)?$ "@exp_manualdir@$1"
 
 <Directory "@exp_manualdir@">
     Options Indexes
     AllowOverride None
-    Order allow,deny
-    Allow from all
+    Require all granted
 
     <Files *.html>
         SetHandler type-map
@@ -23,9 +23,11 @@ AliasMatch ^/manual(?:/(?:de|en|es|fr|ja|ko|pt-br|ru|tr))?(/.*)?$ "@exp_manualdi
         ForceType text/html
     </Files>
 
-    SetEnvIf Request_URI ^/manual/(de|en|es|fr|ja|ko|pt-br|ru|tr)/ prefer-language=$1
-    RedirectMatch 301 ^/manual(?:/(de|en|es|fr|ja|ko|pt-br|ru|tr)){2,}(/.*)?$ /manual/$1$2
+    AddLanguage da .da
 
-    LanguagePriority en de es fr ja ko pt-br ru tr
+    SetEnvIf Request_URI ^/manual/(da|de|en|es|fr|ja|ko|pt-br|ru|tr|zh-cn)/ prefer-language=$1
+    RedirectMatch 301 ^/manual(?:/(da|de|en|es|fr|ja|ko|pt-br|ru|tr|zh-cn)){2,}(/.*)?$ /manual/$1$2
+
+    LanguagePriority en da de es fr ja ko pt-br ru tr
     ForceLanguagePriority Prefer Fallback
 </Directory>
diff --git a/docs/conf/extra/httpd-mpm.conf.in b/docs/conf/extra/httpd-mpm.conf.in
index ab8408ad..b64da4ef 100644
--- a/docs/conf/extra/httpd-mpm.conf.in
+++ b/docs/conf/extra/httpd-mpm.conf.in
@@ -13,15 +13,6 @@
 </IfModule>
 
 #
-# The accept serialization lock file MUST BE STORED ON A LOCAL DISK.
-#
-<IfModule !mpm_winnt_module>
-<IfModule !mpm_netware_module>
-LockFile "@rel_logfiledir@/accept.lock"
-</IfModule>
-</IfModule>
-
-#
 # Only one of the below sections will be relevant on your
 # installed httpd.  Use "apachectl -l" to find out the
 # active mpm.
@@ -31,40 +22,49 @@ LockFile "@rel_logfiledir@/accept.lock"
 # StartServers: number of server processes to start
 # MinSpareServers: minimum number of server processes which are kept spare
 # MaxSpareServers: maximum number of server processes which are kept spare
-# MaxClients: maximum number of server processes allowed to start
-# MaxRequestsPerChild: maximum number of requests a server process serves
+# MaxRequestWorkers: maximum number of server processes allowed to start
+# MaxConnectionsPerChild: maximum number of connections a server process serves
+#                         before terminating
 <IfModule mpm_prefork_module>
-    StartServers          5
-    MinSpareServers       5
-    MaxSpareServers      10
-    MaxClients          150
-    MaxRequestsPerChild   0
+    StartServers             5
+    MinSpareServers          5
+    MaxSpareServers         10
+    MaxRequestWorkers      150
+    MaxConnectionsPerChild   0
 </IfModule>
 
 # worker MPM
 # StartServers: initial number of server processes to start
-# MaxClients: maximum number of simultaneous client connections
 # MinSpareThreads: minimum number of worker threads which are kept spare
 # MaxSpareThreads: maximum number of worker threads which are kept spare
 # ThreadsPerChild: constant number of worker threads in each server process
-# MaxRequestsPerChild: maximum number of requests a server process serves
+# MaxRequestWorkers: maximum number of worker threads
+# MaxConnectionsPerChild: maximum number of connections a server process serves
+#                         before terminating
 <IfModule mpm_worker_module>
-    StartServers          2
-    MaxClients          150
-    MinSpareThreads      25
-    MaxSpareThreads      75 
-    ThreadsPerChild      25
-    MaxRequestsPerChild   0
+    StartServers             2
+    MinSpareThreads         25
+    MaxSpareThreads         75 
+    ThreadsPerChild         25
+    MaxRequestWorkers      150
+    MaxConnectionsPerChild   0
 </IfModule>
 
-# BeOS MPM
-# StartThreads: how many threads do we initially spawn?
-# MaxClients:   max number of threads we can have (1 thread == 1 client)
-# MaxRequestsPerThread: maximum number of requests each thread will process
-<IfModule mpm_beos_module>
-    StartThreads            10
-    MaxClients              50
-    MaxRequestsPerThread 10000
+# event MPM
+# StartServers: initial number of server processes to start
+# MinSpareThreads: minimum number of worker threads which are kept spare
+# MaxSpareThreads: maximum number of worker threads which are kept spare
+# ThreadsPerChild: constant number of worker threads in each server process
+# MaxRequestWorkers: maximum number of worker threads
+# MaxConnectionsPerChild: maximum number of connections a server process serves
+#                         before terminating
+<IfModule mpm_event_module>
+    StartServers             2
+    MinSpareThreads         25
+    MaxSpareThreads         75
+    ThreadsPerChild         25
+    MaxRequestWorkers      150
+    MaxConnectionsPerChild   0
 </IfModule>
 
 # NetWare MPM
@@ -73,18 +73,17 @@ LockFile "@rel_logfiledir@/accept.lock"
 # MinSpareThreads: Minimum number of idle threads, to handle request spikes
 # MaxSpareThreads: Maximum number of idle threads
 # MaxThreads: Maximum number of worker threads alive at the same time
-# MaxRequestsPerChild: Maximum  number of requests a thread serves. It is 
-#                      recommended that the default value of 0 be set for this
-#                      directive on NetWare.  This will allow the thread to 
-#                      continue to service requests indefinitely.                          
+# MaxConnectionsPerChild: Maximum  number of connections a thread serves. It
+#                         is recommended that the default value of 0 be set
+#                         for this directive on NetWare.  This will allow the
+#                         thread to continue to service requests indefinitely.
 <IfModule mpm_netware_module>
     ThreadStackSize      65536
     StartThreads           250
     MinSpareThreads         25
     MaxSpareThreads        250
     MaxThreads            1000
-    MaxRequestsPerChild      0
-    MaxMemFree             100
+    MaxConnectionsPerChild   0
 </IfModule>
 
 # OS/2 MPM
@@ -92,19 +91,29 @@ LockFile "@rel_logfiledir@/accept.lock"
 # MinSpareThreads: Minimum number of idle threads per process, 
 #                  to handle request spikes
 # MaxSpareThreads: Maximum number of idle threads per process
-# MaxRequestsPerChild: Maximum number of connections per server process
+# MaxConnectionsPerChild: Maximum number of connections per server process
 <IfModule mpm_mpmt_os2_module>
-    StartServers           2
-    MinSpareThreads        5
-    MaxSpareThreads       10
-    MaxRequestsPerChild    0
+    StartServers             2
+    MinSpareThreads          5
+    MaxSpareThreads         10
+    MaxConnectionsPerChild   0
 </IfModule>
 
 # WinNT MPM
 # ThreadsPerChild: constant number of worker threads in the server process
-# MaxRequestsPerChild: maximum  number of requests a server process serves
+# MaxConnectionsPerChild: maximum number of connections a server process serves
 <IfModule mpm_winnt_module>
-    ThreadsPerChild      150
-    MaxRequestsPerChild    0
+    ThreadsPerChild        150
+    MaxConnectionsPerChild   0
 </IfModule>
 
+# The maximum number of free Kbytes that every allocator is allowed
+# to hold without calling free(). In threaded MPMs, every thread has its own
+# allocator. When not set, or when set to zero, the threshold will be set to
+# unlimited.
+<IfModule !mpm_netware_module>
+    MaxMemFree            2048
+</IfModule>
+<IfModule mpm_netware_module>
+    MaxMemFree             100
+</IfModule>
diff --git a/docs/conf/extra/httpd-multilang-errordoc.conf.in b/docs/conf/extra/httpd-multilang-errordoc.conf.in
index d3192508..3da3bf22 100644
--- a/docs/conf/extra/httpd-multilang-errordoc.conf.in
+++ b/docs/conf/extra/httpd-multilang-errordoc.conf.in
@@ -2,7 +2,8 @@
 # The configuration below implements multi-language error documents through
 # content-negotiation.
 #
-# Required modules: mod_alias, mod_include, mod_negotiation
+# Required modules: mod_alias, mod_authz_core, mod_authz_host,
+#                   mod_include, mod_negotiation
 #
 # We use Alias to redirect any /error/HTTP_<error>.html.var response to
 # our collection of by-error message multi-language collections.  We use 
@@ -26,8 +27,7 @@ Alias /error/ "@exp_errordir@/"
     Options IncludesNoExec
     AddOutputFilter Includes html
     AddHandler type-map var
-    Order allow,deny
-    Allow from all
+    Require all granted
     LanguagePriority en cs de es fr it ja ko nl pl pt-br ro sv tr
     ForceLanguagePriority Prefer Fallback
 </Directory>
diff --git a/docs/conf/extra/httpd-ssl.conf.in b/docs/conf/extra/httpd-ssl.conf.in
index b9f12834..1e822a31 100644
--- a/docs/conf/extra/httpd-ssl.conf.in
+++ b/docs/conf/extra/httpd-ssl.conf.in
@@ -1,13 +1,15 @@
 #
 # This is the Apache server configuration file providing SSL support.
 # It contains the configuration directives to instruct the server how to
-# serve pages over an https connection. For detailing information about these 
-# directives see <URL:http://httpd.apache.org/docs/2.2/mod/mod_ssl.html>
+# serve pages over an https connection. For detailed information about these 
+# directives see <URL:http://httpd.apache.org/docs/trunk/mod/mod_ssl.html>
 # 
 # Do NOT simply read the instructions in here without understanding
 # what they do.  They're here only as hints or reminders.  If you are unsure
 # consult the online docs. You have been warned.  
 #
+# Required modules: mod_log_config, mod_setenvif, mod_ssl,
+#          socache_shmcb_module (for default value of SSLSessionCache)
 
 #
 # Pseudo Random Number Generator (PRNG):
@@ -43,15 +45,27 @@ Listen @@SSLPort@@
 ##  the main server and all SSL-enabled virtual hosts.
 ##
 
-#
-#   Some MIME-types for downloading Certificates and CRLs
-#
-AddType application/x-x509-ca-cert .crt
-AddType application/x-pkcs7-crl    .crl
+#   SSL Cipher Suite:
+#   List the ciphers that the client is permitted to negotiate.
+#   See the mod_ssl documentation for a complete list.
+SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5
+
+#   Speed-optimized SSL Cipher configuration:
+#   If speed is your main concern (on busy HTTPS servers e.g.),
+#   you might want to force clients to specific, performance
+#   optimized ciphers. In this case, prepend those ciphers
+#   to the SSLCipherSuite list, and enable SSLHonorCipherOrder.
+#   Caveat: by giving precedence to RC4-SHA and AES128-SHA
+#   (as in the example below), most connections will no longer
+#   have perfect forward secrecy - if the server's key is
+#   compromised, captures of past or future traffic must be
+#   considered compromised, too.
+#SSLCipherSuite RC4-SHA:AES128-SHA:HIGH:MEDIUM:!aNULL:!MD5
+#SSLHonorCipherOrder on 
 
 #   Pass Phrase Dialog:
 #   Configure the pass phrase gathering process.
-#   The filtering dialog program (`builtin' is a internal
+#   The filtering dialog program (`builtin' is an internal
 #   terminal dialog) has to provide the pass phrase on stdout.
 SSLPassPhraseDialog  builtin
 
@@ -62,11 +76,6 @@ SSLPassPhraseDialog  builtin
 SSLSessionCache        "shmcb:@exp_runtimedir@/ssl_scache(512000)"
 SSLSessionCacheTimeout  300
 
-#   Semaphore:
-#   Configure the path to the mutual exclusion semaphore the
-#   SSL engine uses internally for inter-process synchronization. 
-SSLMutex  "file:@exp_runtimedir@/ssl_mutex"
-
 ##
 ## SSL Virtual Host Context
 ##
@@ -84,11 +93,6 @@ TransferLog "@exp_logfiledir@/access_log"
 #   Enable/Disable SSL for this virtual host.
 SSLEngine on
 
-#   SSL Cipher Suite:
-#   List the ciphers that the client is permitted to negotiate.
-#   See the mod_ssl documentation for a complete list.
-SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
-
 #   Server Certificate:
 #   Point SSLCertificateFile at a PEM encoded certificate.  If
 #   the certificate is encrypted, then you will be prompted for a
@@ -96,16 +100,22 @@ SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL
 #   in mind that if you have both an RSA and a DSA certificate you
 #   can configure both in parallel (to also allow the use of DSA
 #   ciphers, etc.)
+#   Some ECC cipher suites (http://www.ietf.org/rfc/rfc4492.txt)
+#   require an ECC certificate which can also be configured in
+#   parallel.
 SSLCertificateFile "@exp_sysconfdir@/server.crt"
 #SSLCertificateFile "@exp_sysconfdir@/server-dsa.crt"
+#SSLCertificateFile "@exp_sysconfdir@/server-ecc.crt"
 
 #   Server Private Key:
 #   If the key is not combined with the certificate, use this
 #   directive to point at the key file.  Keep in mind that if
 #   you've both a RSA and a DSA private key you can configure
 #   both in parallel (to also allow the use of DSA ciphers, etc.)
+#   ECC keys, when in use, can also be configured in parallel
 SSLCertificateKeyFile "@exp_sysconfdir@/server.key"
 #SSLCertificateKeyFile "@exp_sysconfdir@/server-dsa.key"
+#SSLCertificateKeyFile "@exp_sysconfdir@/server-ecc.key"
 
 #   Server Certificate Chain:
 #   Point SSLCertificateChainFile at a file containing the
@@ -113,7 +123,7 @@ SSLCertificateKeyFile "@exp_sysconfdir@/server.key"
 #   certificate chain for the server certificate. Alternatively
 #   the referenced file can be the same as SSLCertificateFile
 #   when the CA certificates are directly appended to the server
-#   certificate for convinience.
+#   certificate for convenience.
 #SSLCertificateChainFile "@exp_sysconfdir@/server-ca.crt"
 
 #   Certificate Authority (CA):
@@ -129,12 +139,15 @@ SSLCertificateKeyFile "@exp_sysconfdir@/server.key"
 #   Certificate Revocation Lists (CRL):
 #   Set the CA revocation path where to find CA CRLs for client
 #   authentication or alternatively one huge file containing all
-#   of them (file must be PEM encoded)
+#   of them (file must be PEM encoded).
+#   The CRL checking mode needs to be configured explicitly
+#   through SSLCARevocationCheck (defaults to "none" otherwise).
 #   Note: Inside SSLCARevocationPath you need hash symlinks
 #         to point to the certificate files. Use the provided
 #         Makefile to update the hash symlinks after changes.
 #SSLCARevocationPath "@exp_sysconfdir@/ssl.crl"
 #SSLCARevocationFile "@exp_sysconfdir@/ssl.crl/ca-bundle.crl"
+#SSLCARevocationCheck chain
 
 #   Client Authentication (Type):
 #   Client certificate verification type and depth.  Types are
@@ -201,7 +214,7 @@ SSLCertificateKeyFile "@exp_sysconfdir@/server.key"
 #   approach you can use one of the following variables:
 #   o ssl-unclean-shutdown:
 #     This forces an unclean shutdown when the connection is closed, i.e. no
-#     SSL close notify alert is send or allowed to received.  This violates
+#     SSL close notify alert is sent or allowed to be received.  This violates
 #     the SSL/TLS standard but is needed for some brain-dead browsers. Use
 #     this when you receive I/O errors because of the standard approach where
 #     mod_ssl sends the close notify alert.
@@ -218,7 +231,7 @@ SSLCertificateKeyFile "@exp_sysconfdir@/server.key"
 #   Similarly, one has to force some clients to use HTTP/1.0 to workaround
 #   their broken HTTP/1.1 implementation. Use variables "downgrade-1.0" and
 #   "force-response-1.0" for this.
-BrowserMatch ".*MSIE.*" \
+BrowserMatch "MSIE [2-5]" \
          nokeepalive ssl-unclean-shutdown \
          downgrade-1.0 force-response-1.0
 
diff --git a/docs/conf/extra/httpd-userdir.conf.in b/docs/conf/extra/httpd-userdir.conf.in
index 567bd6da..a744322c 100644
--- a/docs/conf/extra/httpd-userdir.conf.in
+++ b/docs/conf/extra/httpd-userdir.conf.in
@@ -1,6 +1,6 @@
 # Settings for user home directories
 #
-# Required module: mod_userdir
+# Required module: mod_authz_core, mod_authz_host, mod_userdir
 
 #
 # UserDir: The name of the directory that is appended onto a user's home
@@ -16,13 +16,6 @@ UserDir public_html
 <Directory "/home/*/public_html">
     AllowOverride FileInfo AuthConfig Limit Indexes
     Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
-    <Limit GET POST OPTIONS>
-        Order allow,deny
-        Allow from all
-    </Limit>
-    <LimitExcept GET POST OPTIONS>
-        Order deny,allow
-        Deny from all
-    </LimitExcept>
+    Require method GET POST OPTIONS
 </Directory>
 
diff --git a/docs/conf/extra/httpd-vhosts.conf.in b/docs/conf/extra/httpd-vhosts.conf.in
index fb44a167..5b3d946a 100644
--- a/docs/conf/extra/httpd-vhosts.conf.in
+++ b/docs/conf/extra/httpd-vhosts.conf.in
@@ -1,24 +1,20 @@
-#
 # Virtual Hosts
 #
+# Required modules: mod_log_config
+
 # If you want to maintain multiple domains/hostnames on your
 # machine you can setup VirtualHost containers for them. Most configurations
 # use only name-based virtual hosts so the server doesn't need to worry about
 # IP addresses. This is indicated by the asterisks in the directives below.
 #
 # Please see the documentation at 
-# <URL:http://httpd.apache.org/docs/2.2/vhosts/>
+# <URL:http://httpd.apache.org/docs/trunk/vhosts/>
 # for further details before you try to setup virtual hosts.
 #
 # You may use the command line option '-S' to verify your virtual host
 # configuration.
 
 #
-# Use name-based virtual hosting.
-#
-NameVirtualHost *:@@Port@@
-
-#
 # VirtualHost example:
 # Almost any Apache directive may go into a VirtualHost container.
 # The first VirtualHost section is used for all requests that do not
diff --git a/docs/conf/extra/proxy-html.conf.in b/docs/conf/extra/proxy-html.conf.in
new file mode 100644
index 00000000..49afe98a
--- /dev/null
+++ b/docs/conf/extra/proxy-html.conf.in
@@ -0,0 +1,85 @@
+# Configuration example.
+#
+# First, to load the module with its prerequisites.  Note: mod_xml2enc
+# is not always necessary, but without it mod_proxy_html is likely to
+# mangle pages in encodings other than ASCII or Unicode (utf-8).
+#
+# For Unix-family systems:
+# LoadFile	/usr/lib/libxml2.so
+# LoadModule	proxy_html_module	modules/mod_proxy_html.so
+# LoadModule	xml2enc_module		modules/mod_xml2enc.so
+#
+# For Windows (I don't know if there's a standard path for the libraries)
+# LoadFile	C:/path/zlib.dll
+# LoadFile	C:/path/iconv.dll
+# LoadFile	C:/path/libxml2.dll
+# LoadModule	proxy_html_module	modules/mod_proxy_html.so
+# LoadModule	xml2enc_module		modules/mod_xml2enc.so
+# 
+# All knowledge of HTML links has been removed from the mod_proxy_html
+# code itself, and is instead read from httpd.conf (or included file)
+# at server startup.  So you MUST declare it.  This will normally be
+# at top level, but can also be used in a <Location>.
+#
+# Here's the declaration for W3C HTML 4.01 and XHTML 1.0
+
+ProxyHTMLLinks	a		href
+ProxyHTMLLinks	area		href
+ProxyHTMLLinks	link		href
+ProxyHTMLLinks	img		src longdesc usemap
+ProxyHTMLLinks	object		classid codebase data usemap
+ProxyHTMLLinks	q		cite
+ProxyHTMLLinks	blockquote	cite
+ProxyHTMLLinks	ins		cite
+ProxyHTMLLinks	del		cite
+ProxyHTMLLinks	form		action
+ProxyHTMLLinks	input		src usemap
+ProxyHTMLLinks	head		profile
+ProxyHTMLLinks	base		href
+ProxyHTMLLinks	script		src for
+
+# To support scripting events (with ProxyHTMLExtended On),
+# you'll need to declare them too.
+
+ProxyHTMLEvents	onclick ondblclick onmousedown onmouseup \
+		onmouseover onmousemove onmouseout onkeypress \
+		onkeydown onkeyup onfocus onblur onload \
+		onunload onsubmit onreset onselect onchange
+
+# If you need to support legacy (pre-1998, aka "transitional") HTML or XHTML,
+# you'll need to uncomment the following deprecated link attributes.
+# Note that these are enabled in earlier mod_proxy_html versions
+#
+# ProxyHTMLLinks	frame		src longdesc
+# ProxyHTMLLinks	iframe		src longdesc
+# ProxyHTMLLinks	body		background
+# ProxyHTMLLinks	applet		codebase
+#
+# If you're dealing with proprietary HTML variants,
+# declare your own URL attributes here as required.
+#
+# ProxyHTMLLinks	myelement	myattr otherattr
+#
+###########
+# EXAMPLE #
+###########
+#
+# To define the URL /my-gateway/ as a gateway to an appserver with address
+# http://some.app.intranet/ on a private network, after loading the
+# modules and including this configuration file:
+#
+# ProxyRequests Off  <-- this is an important security setting
+# ProxyPass /my-gateway/ http://some.app.intranet/
+# <Location /my-gateway/>
+#	ProxyPassReverse /
+#	ProxyHTMLEnable On
+#	ProxyHTMLURLMap http://some.app.intranet/ /my-gateway/
+#	ProxyHTMLURLMap / /my-gateway/
+# </Location>
+#
+# Many (though not all) real-life setups are more complex.
+#
+# See the documentation at
+# http://apache.webthing.com/mod_proxy_html/
+# and the tutorial at
+# http://www.apachetutor.org/admin/reverseproxies
author	Arno Töll <debian@toell.net>	2012-01-08 22:53:17 +0100
committer	Arno Töll <debian@toell.net>	2012-01-08 22:53:17 +0100
commit	e072a2dd866b7cb9f14319b80326a4e7fd16fcdf (patch)
tree	a49dfc56d94a26011fe157835ff6cbe14edbd8a9 /docs/conf/extra
parent	0890390c00801651d08d3794e13b31a5dabbf5ef (diff)
download	apache2-e072a2dd866b7cb9f14319b80326a4e7fd16fcdf.tar.gz