Apache updates.

etc/apache2/apache2.conf

@@ -2,6 +2,7 @@
 # They *must* be loaded to use this configuration with httpd.
 LoadModule	alias_module		/usr/lib/apache2/modules/mod_alias.so
 LoadModule	allowmethods_module	/usr/lib/apache2/modules/mod_allowmethods.so
+LoadModule	auth_basic_module	/usr/lib/apache2/modules/mod_auth_basic.so
 LoadModule	authz_host_module	/usr/lib/apache2/modules/mod_authz_host.so
 LoadModule	dir_module		/usr/lib/apache2/modules/mod_dir.so
 LoadModule	env_module		/usr/lib/apache2/modules/mod_env.so
@@ -44,7 +45,7 @@ Mutex				pthread
 LogFormat	"%h %l %u %t \"%r\" %>s %b"						Common
 LogFormat	"%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""		Combined
 LogFormat	"%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""	VHostCombined
-CustomLog	"|/usr/bin/logger -p local5.info -t httpd"				VHostCombined		env=!no_log
+#CustomLog	"|/usr/bin/logger -p local5.info -t httpd"				VHostCombined		env=!no_log
 LogLevel	warn allowmethods:crit authz_core:crit
 <IfModule include_module>
   LogLevel	include:crit
@@ -52,7 +53,7 @@ LogLevel	warn allowmethods:crit authz_core:crit
 <IfModule ssl_module>
   LogLevel	ssl:crit
 </IfModule>
-ErrorLog	syslog:local4
+ErrorLog	syslog:local7
 
 
 # Resource limits for event MPM.
@@ -78,20 +79,20 @@ GracefulShutDownTimeout		1
 
 
 # Browser handling.
-BrowserMatch			"^Dreamweaver-WebDAV-SCM1"				redirect-carefully
-BrowserMatch			"Java/1\.0"						force-response-1.0
-BrowserMatch			"JDK/1\.0"						force-response-1.0
+BrowserMatch			^Dreamweaver-WebDAV-SCM1				redirect-carefully
+BrowserMatch			Java/1\.0						force-response-1.0
+BrowserMatch			JDK/1\.0						force-response-1.0
 BrowserMatch			"Microsoft Data Access Internet Publishing Provider"	redirect-carefully
-BrowserMatch			"Mozilla/2"						nokeepalive
+BrowserMatch			Mozilla/2						nokeepalive
 BrowserMatch			"MS FrontPage"						redirect-carefully
 BrowserMatch			"MSIE [2-5]"						nokeepalive downgrade-1.0 force-response-1.0
 BrowserMatch			"RealPlayer 4\.0"					force-response-1.0
-BrowserMatch			"^WebDAVFS/1\.[012]"					redirect-carefully
-BrowserMatch			"^WebDrive"						redirect-carefully
+BrowserMatch			^WebDAVFS/1\.[012]					redirect-carefully
+BrowserMatch			^WebDrive						redirect-carefully
 BrowserMatch			"^XML Spy"						redirect-carefully
-BrowserMatch			"^gnome-vfs/1\.0"					redirect-carefully
-BrowserMatch			"^gvfs/1"						redirect-carefully
-BrowserMatch			"Konqueror/4"						redirect-carefully
+BrowserMatch			^gnome-vfs/1\.0						redirect-carefully
+BrowserMatch			^gvfs/1							redirect-carefully
+BrowserMatch			Konqueror/4						redirect-carefully
 
 
 # HTTP2.
@@ -151,6 +152,13 @@ BrowserMatch			"Konqueror/4"						redirect-carefully
 #  AddHandler			cgi-script	.cgi .pl .py .sh
 #</IfModule>
 
+# LDAP caching.
+<IfModule ldap_module>
+  LDAPConnectionTimeout		5
+  LDAPTrustedGlobalCert		CA_BASE64	/etc/ssl/certs/ca-certificates.crt
+  LDAPTrustedMode		TLS
+  LDAPVerifyServerCert		Off
+</IfModule>
 
 # Mime type mappings.
 TypesConfig	/etc/mime.types
@@ -181,12 +189,14 @@ Alias		/.well-known/acme-challenge/		/var/www/dehydrated/
 <Directory />
   Options		SymLinksIfOwnerMatch
   AllowOverride		None
+
   Require		all denied
 </Directory>
 
 <Directory /var/www/dehydrated/>
   Options		None
   AllowOverride		None
+
   Require		all granted
 </Directory>
 
@@ -194,11 +204,10 @@ Alias		/.well-known/acme-challenge/		/var/www/dehydrated/
   Options		Includes MultiViews SymLinksIfOwnerMatch
   AllowOverride		AuthConfig FileInfo Indexes Limit
 
-  Require		all granted
-
   AllowMethods		GET POST OPTIONS
 
   DirectoryIndex	index.html index.xhtml
+
   <IfModule include_module>
     DirectoryIndex	index.shtml
   </IfModule>
@@ -215,8 +224,6 @@ Alias		/.well-known/acme-challenge/		/var/www/dehydrated/
     Options		ExecCGI Includes MultiViews SymLinksIfOwnerMatch
     AllowOverride	AuthConfig FileInfo Limit
 
-    Require		all granted
-
     AllowMethods	GET POST OPTIONS
 
     DirectoryIndex	disabled