Apache configuration.

2025-12-19 14:46:02 +00:00 · 2025-12-19 14:46:02 +00:00 · 4349aabc6b
commit 4349aabc6b
parent 069d99da13
28 changed files with 295 additions and 240 deletions
--- a/.gitattributesdb
+++ b/.gitattributesdb
@ -8,9 +8,32 @@ LmdpdGhvb2tzL3ByZS1jb21taXQ= 1757519106.000000000 1757519106.000000000 root:root
 LmdpdGlnbm9yZQ== 1762025173.020942279 1757593248.000000000 root:root 0644 - -
 LmdpdG1vZHVsZXM= 1757607701.000000000 1757607701.000000000 root:root 0644 - -
 ZXRjLy5naXRpZ25vcmU= 1762626742.156358716 1757611781.000000000 root:root 0644 - -
-ZXRjL2FwYWNoZTIvLmdpdGlnbm9yZQ==  - -
-ZXRjL2FwYWNoZTIvaHR0cGQuY29uZg==  - -
-ZXRjL2FwYWNoZTIvc2l0ZXMuZC9jb3JlLnNsYWNrd2FyZS51ay5uZXQuY29uZg==  - -
+ZXRjL2FwYWNoZTIvLmdpdGlnbm9yZQ== 1766069108.043264156 1757775932.000000000 root:root 0644 - -
+ZXRjL2FwYWNoZTIvYXBhY2hlMi5jb25m 1766155394.332589865 1757785514.000000000 root:root 0644 - -
+ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2FsaWFzLmxvYWQ= 1762021735.493652772 1762021735.493652772 root:root 0777 - -
+ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2FsbG93bWV0aG9kcy5sb2Fk 1766073519.503025374 1766073519.503025374 root:root 0777 - -
+ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2F1dGhuX2NvcmUubG9hZA== 1762021735.381654619 1762021735.381654619 root:root 0777 - -
+ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2F1dGhuX2ZpbGUubG9hZA== 1762021735.437653696 1762021735.437653696 root:root 0777 - -
+ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2F1dGh6X2NvcmUubG9hZA== 1762021735.349655147 1762021735.349655147 root:root 0777 - -
+ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2F1dGh6X2hvc3QubG9hZA== 1766070527.231989855 1766070527.231989855 root:root 0777 - -
+ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2F1dGh6X3VzZXIubG9hZA== 1762021735.469653168 1762021735.469653168 root:root 0777 - -
+ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2NnaWQubG9hZA== 1766080747.085077197 1766080747.085077197 root:root 0777 - -
+ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2RlZmxhdGUubG9hZA== 1762021735.721649011 1762021735.721649011 root:root 0777 - -
+ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2Rpci5sb2Fk 1762021735.525652244 1762021735.525652244 root:root 0777 - -
+ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2Vudi5sb2Fk 1762021735.577651386 1762021735.577651386 root:root 0777 - -
+ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2ZpbHRlci5sb2Fk 1762021735.689649539 1762021735.689649539 root:root 0777 - -
+ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2h0dHAyLmxvYWQ= 1766079814.224337175 1766079814.224337175 root:root 0777 - -
+ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL2luY2x1ZGUubG9hZA== 1766070423.145696881 1766070423.145696881 root:root 0777 - -
+ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL21pbWUubG9hZA== 1762021735.609650859 1762021735.609650859 root:root 0777 - -
+ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL21pbWVfbWFnaWMubG9hZA== 1766077359.436502219 1766077359.436502219 root:root 0777 - -
+ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL21wbV9ldmVudC5sb2Fk 1766077495.230282186 1766077495.230282186 root:root 0777 - -
+ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL3Byb3h5LmxvYWQ= 1766080867.035115479 1766080867.035115479 root:root 0777 - -
+ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL3Byb3h5X2ZjZ2kubG9hZA== 1766080921.386226594 1766080921.386226594 root:root 0777 - -
+ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL3Jld3JpdGUubG9hZA== 1766081010.864763229 1766081010.864763229 root:root 0777 - -
+ZXRjL2FwYWNoZTIvbW9kcy1lbmFibGVkL3NldGVudmlmLmxvYWQ= 1762021735.661650000 1762021735.661650000 root:root 0777 - -
+ZXRjL2FwYWNoZTIvc2l0ZXMtYXZhaWxhYmxlLy5naXRpZ25vcmU= 1766069274.068541443 1766069263.648712326 root:root 0644 - -
+ZXRjL2FwYWNoZTIvc2l0ZXMtYXZhaWxhYmxlL2NvcmUuc2xhY2t3YXJlLnVrLm5ldC5jb25m 1758817141.000000000 1757785113.000000000 root:root 0644 - -
+ZXRjL2FwYWNoZTIvc2l0ZXMtZW5hYmxlZC8wMDAtY29yZS5zbGFja3dhcmUudWsubmV0LmNvbmY= 1762529451.292078041 1762529451.292078041 root:root 0777 - -
 ZXRjL2Nyb24uMTVtaW4vLmdpdGlnbm9yZQ== 1762535468.567176697 1762535289.358058790 root:root 0644 - -
 ZXRjL2Nyb24uZC8uZ2l0aWdub3Jl 1762535453.203423781 1762535289.358058790 root:root 0644 - -
 ZXRjL2Nyb24uZGFpbHkvLmdpdGlnbm9yZQ== 1762538383.748288196 1762535499.146684944 root:root 0644 - -
@ -60,7 +83,7 @@ ZXRjL25ldHdvcmsvaW50ZXJmYWNlcy5kL2V0aDE= 1762449602.376084790 1762449560.3127780
 ZXRjL3Bhc3N3ZA== 1762449439.234773795 1762449439.234773795 root:root 0644 - -
 ZXRjL3BocGxkYXBhZG1pbi8uZ2l0aWdub3Jl 1762628720.800299329 1762628701.308615289 root:root 0644 - -
 ZXRjL3BocGxkYXBhZG1pbi9jb25maWcucGhwLmdwZw== 1761052640.000000000 1758539944.000000000 root:root 0644 - -
-ZXRjL3BrZ2xpc3Q= 1762627766.947758261 1762560002.068536774 root:root 0644 - -
+ZXRjL3BrZ2xpc3Q= 1766102401.840579350 1762560002.068536774 root:root 0644 - -
 ZXRjL3BsYS9jb25maWcucGhwLmdwZw==  - -
 ZXRjL3B1c2hvdmVyLWNsaWVudC8uZ2l0aWdub3Jl 1762628624.365862525 1762448145.464092595 root:root 0644 - -
 ZXRjL3B1c2hvdmVyLWNsaWVudC9kZWZhdWx0LmdwZw== 1762448163.991787320 1762448163.979787518 root:root 0644 - -
@ -110,8 +133,8 @@ cm9vdC9kdW1teS1kZWZhdWx0LW10YV8wLjAuMV9hbGwuZGVi 1762020499.466056182 1762020499
 dmFyLy5naXRpZ25vcmU= 1762537544.845782317 1758288560.000000000 root:root 0644 - -
 dmFyL2xpYi8uZ2l0aWdub3Jl 1762025492.611669032 1758288764.000000000 root:root 0644 - -
 dmFyL2xpYi90ZXJyYWZvcm0taHR0cC1iYWNrZW5kLy5naXRrZWVwZGly 1762024627.173956151 1762024627.173956151 root:root 0644 - -
-dmFyL3RtcC8uZ2l0aWdub3Jl 1762537822.501316051 1762537581.557191777 root:root 0644 - -
-dmFyL3RtcC9waHAtdXBsb2Fkcy8uZ2l0aWdub3Jl 1762537844.600960562 1762537602.776850446 root:root 0644 - -
+dmFyL3RtcC8uZ2l0aWdub3Jl  - -
+dmFyL3RtcC9waHAtdXBsb2Fkcy8uZ2l0aWdub3Jl  - -
 ZXRjL3NoYWRvdw== 1762449439.206774257 1762449439.206774257 root:shadow 0640 - -
 ZXRjL3NoYWRvdy0= 1762023813.000000000 1762023813.000000000 root:shadow 0640 - -
 ZXRjL3N1ZG9lcnM= 1751262933.000000000 1751262933.000000000 root:root 0440 - -
--- a/etc/apache2/.gitignore
+++ b/etc/apache2/.gitignore
@ -1,3 +1,5 @@
-/conf.d/
+/conf-*/
+/envvars
 /magic
-/mime.types
+/mods-available/
+/ports.conf
--- a/etc/apache2/apache2.conf
+++ b/etc/apache2/apache2.conf
@ -0,0 +1,238 @@
+# These modules are required for the basic configuration directives used in this file.
+# They *must* be loaded to use this configuration with httpd.
+LoadModule	alias_module		/usr/lib/apache2/modules/mod_alias.so
+LoadModule	allowmethods_module	/usr/lib/apache2/modules/mod_allowmethods.so
+LoadModule	authz_host_module	/usr/lib/apache2/modules/mod_authz_host.so
+LoadModule	dir_module		/usr/lib/apache2/modules/mod_dir.so
+LoadModule	env_module		/usr/lib/apache2/modules/mod_env.so
+#LoadModule	log_config_module	/usr/lib/apache2/mod_log_config.so
+LoadModule	mime_module		/usr/lib/apache2/modules/mod_mime.so
+LoadModule	mime_magic_module	/usr/lib/apache2/modules/mod_mime_magic.so
+LoadModule	mpm_event_module	/usr/lib/apache2/modules/mod_mpm_event.so
+LoadModule	setenvif_module		/usr/lib/apache2/modules/mod_setenvif.so
+#LoadModule	unixd_module		/usr/lib/apache2/mod_unixd.so
+
+# Load extra modules.
+IncludeOptional	/etc/apache2/mods-enabled/*.load
+
+
+# IP addresses and ports to listen on.
+Listen				5.101.171.215:80
+Listen				[2a01:a500:2981:1::d7]:80
+<IfModule ssl_module>
+  Listen			5.101.171.215:25443
+  Listen			[2a01:a500:2981:1::d7]:25443
+</IfModule>
+
+
+# Main server configuration.
+# Note: A DocumentRoot (and a Directory block granting access) is required in order for RedirectMatch to work in VirtualHosts.
+DocumentRoot			/var/www/html
+ServerAdmin			"sysadmin(at)slackware.uk"
+ServerName			core.slackware.uk.net
+ServerSignature			Email
+ServerTokens			Major
+User				www-data
+Group				www-data
+DefaultRuntimeDir		/var/run/apache2
+PidFile				/var/run/apache2/apache2.pid
+ScriptSock			/var/run/apache2/cgid.sock
+Mutex				pthread
+
+
+# Logging.
+LogFormat	"%h %l %u %t \"%r\" %>s %b"						Common
+LogFormat	"%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""		Combined
+LogFormat	"%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""	VHostCombined
+CustomLog	"|/usr/bin/logger -p local1.info -t httpd"				VHostCombined		env=!no_log
+LogLevel	warn allowmethods:crit authz_core:crit
+<IfModule include_module>
+  LogLevel	include:crit
+</IfModule>
+<IfModule ssl_module>
+  LogLevel	ssl:crit
+</IfModule>
+ErrorLog	syslog:local0
+
+
+# Resource limits for event MPM.
+#  MaxConnectionsPerChild: maximum number of requests a server process serves
+#  MaxRequestWorkers: maximum number of worker threads
+#  MaxSpareThreads: maximum number of worker threads which are kept spare
+#  MinSpareThreads: minimum number of worker threads which are kept spare
+#  StartServers: initial number of server processes to start
+#  ThreadLimit: maximum limit of threads for ThreadsPerChild setting
+#  ThreadsPerChild: constant number of worker threads in each server process
+MaxConnectionsPerChild		10240
+MaxRequestWorkers		128
+MaxSpareThreads			16
+MinSpareThreads			2
+StartServers			1
+ThreadLimit			64
+ThreadsPerChild			32
+
+
+# Timeouts.
+TimeOut				30
+GracefulShutDownTimeout		1
+
+
+# Browser handling.
+BrowserMatch			"^Dreamweaver-WebDAV-SCM1"				redirect-carefully
+BrowserMatch			"Java/1\.0"						force-response-1.0
+BrowserMatch			"JDK/1\.0"						force-response-1.0
+BrowserMatch			"Microsoft Data Access Internet Publishing Provider"	redirect-carefully
+BrowserMatch			"Mozilla/2"						nokeepalive
+BrowserMatch			"MS FrontPage"						redirect-carefully
+BrowserMatch			"MSIE [2-5]"						nokeepalive downgrade-1.0 force-response-1.0
+BrowserMatch			"RealPlayer 4\.0"					force-response-1.0
+BrowserMatch			"^WebDAVFS/1\.[012]"					redirect-carefully
+BrowserMatch			"^WebDrive"						redirect-carefully
+BrowserMatch			"^XML Spy"						redirect-carefully
+BrowserMatch			"^gnome-vfs/1\.0"					redirect-carefully
+BrowserMatch			"^gvfs/1"						redirect-carefully
+BrowserMatch			"Konqueror/4"						redirect-carefully
+
+
+# HTTP2.
+<IfModule http2_module>
+  Protocols			h2 h2c http/1.1
+  H2Push			On
+  H2PushPriority		application/javascript		interleaved
+  H2PushPriority		image/jpeg			after		32
+  H2PushPriority		image/png			after		32
+  H2PushPriority		text/css			before
+  H2PushPriority		*				after
+</IfModule>
+
+
+# SSL configuration.
+<IfModule ssl_module>
+  SSLCipherSuite		HIGH:!SSLv3:!TLS1:!aNULL:!MD5
+  SSLHonorCipherOrder		On
+  SSLOptions			+FakeBasicAuth
+  SSLProtocol			all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
+  SSLRandomSeed			startup		builtin
+  SSLRandomSeed			startup		file:/dev/urandom	512
+  SSLRandomSeed			connect		builtin
+  SSLRandomSeed			connect		file:/dev/urandom	512
+  SSLSessionCache		shmcb:${APACHE_RUN_DIR}/ssl_session_cache(512000)
+  SSLSessionCacheTimeout	300
+  SSLSessionTickets		Off
+  BrowserMatch			"MSIE [2-5]"	ssl-unclean-shutdown
+</IfModule>
+
+
+# PHP.
+<IfModule proxy_fcgi_module>
+  DirectoryIndex	index.php index.phtml
+
+  <If "-f %{REQUEST_FILENAME} && %{REQUEST_URI} =~ /.+\.ph(ar|p|tml)$/">
+    SetHandler		proxy:unix:/run/php-fpm83/php-fpm.sock|fcgi://localhost/
+  </If>
+</IfModule>
+
+
+# Filters and Handlers.
+<IfModule filter_module>
+  <IfModule deflate_module>
+    AddOutputFilterByType	DEFLATE		text/html text/plain text/xml text/css text/javascript
+    AddOutputFilterByType	DEFLATE		application/x-javascript application/javascript application/ecmascript
+    AddOutputFilterByType	DEFLATE		application/rss+xml
+    AddOutputFilterByType	DEFLATE		application/wasm
+    AddOutputFilterByType	DEFLATE		application/xml
+  </IfModule>
+  <IfModule include_module>
+    AddOutputFilter		INCLUDES	.shtml .html
+  </IfModule>
+</IfModule>
+#This isn't needed except where CGI scripts are placed outside of ScriptAlias dirs.  ExecCGI is required in Options for the dir.
+#<IfModule cgid_module>
+#  AddHandler			cgi-script	.cgi .pl .py .sh
+#</IfModule>
+
+
+# Mime type mappings.
+TypesConfig	/etc/mime.types
+AddEncoding	x-compress				.tz .z .Z
+AddEncoding	x-gzip					.gz .tgz
+AddEncoding	x-bzip2					.bz2 .tbz
+AddType		application/octet-stream		.deb .dpkg .flac .flp .img .lz .lzma .mkv .rpm .run .srpm .tlz .txz .vob .xz
+AddType		application/pkcs8			.key
+AddType		application/pkcs10			.csr
+AddType		application/pkix-crl			.crl
+AddType		application/x-pem-file			.pem
+AddType		application/x-x509-user-cert		.crt
+AddType		text/html				.shtml
+AddType		text/markdown				.md
+AddType		text/plain				.csh .diff .ksh .md5 .md5sum .meta .patch .pl .pm .py .rb .sh .sha .shasum .sha1 .sha1sum .sha256 .sha256sum .sha512 .sha512sum .slackbuild .tcl .url
+MIMEMagicFile	/etc/apache2/magic
+
+
+# Lets Encrypt validation.
+Alias		/.well-known/acme-challenge/		/srv/dehydrated/
+
+
+# Access control.
+<FilesMatch ^\.(ht.*|ph(?:ar|p|ps|tml))$>
+  Require		all denied
+</FilesMatch>
+
+<Directory />
+  Options		SymLinksIfOwnerMatch
+  AllowOverride		None
+  Require		all denied
+</Directory>
+
+<Directory /var/empty/>
+  Options		None
+  AllowOverride		None
+  Require		all granted
+</Directory>
+
+<Directory /srv/dehydrated/>
+  Options		None
+  AllowOverride		None
+  Require		all granted
+</Directory>
+
+<Directory /data/sites/*/html/>
+  Options		Includes MultiViews SymLinksIfOwnerMatch
+  AllowOverride		AuthConfig FileInfo Indexes Limit
+
+  Require		all granted
+
+  AllowMethods		GET POST OPTIONS
+
+  DirectoryIndex	index.html index.xhtml
+  <IfModule include_module>
+    DirectoryIndex	index.shtml
+  </IfModule>
+
+  <IfModule ssl_module>
+    <FilesMatch "\.(shtml|php)$">
+      SSLOptions	+StdEnvVars
+    </FilesMatch>
+  </IfModule>
+</Directory>
+
+<IfModule cgid_module>
+  <Directory /data/sites/*/cgi-bin/>
+    Options		ExecCGI Includes MultiViews SymLinksIfOwnerMatch
+    AllowOverride	AuthConfig FileInfo Limit
+
+    Require		all granted
+
+    AllowMethods	GET POST OPTIONS
+
+    DirectoryIndex	disabled
+
+    <IfModule ssl_module>
+      SSLOptions	+StdEnvVars
+    </IfModule>
+  </Directory>
+</IfModule>
+
+
+# Include extra configurations.
+IncludeOptional		/etc/apache2/sites-enabled/*.conf
--- a/etc/apache2/httpd.conf
+++ b/etc/apache2/httpd.conf
@ -1,232 +0,0 @@
-# These modules are required for the basic configuration directives used in this file.
-# They *must* be loaded to use this configuration with httpd.
-LoadModule	alias_module		/usr/lib/apache2/mod_alias.so
-LoadModule	allowmethods_module	/usr/lib/apache2/mod_allowmethods.so
-LoadModule	authz_host_module	/usr/lib/apache2/mod_authz_host.so
-LoadModule	dir_module		/usr/lib/apache2/mod_dir.so
-LoadModule	log_config_module	/usr/lib/apache2/mod_log_config.so
-LoadModule	mime_module		/usr/lib/apache2/mod_mime.so
-LoadModule	mime_magic_module	/usr/lib/apache2/mod_mime_magic.so
-LoadModule	mpm_event_module	/usr/lib/apache2/mod_mpm_event.so
-LoadModule	setenvif_module		/usr/lib/apache2/mod_setenvif.so
-LoadModule	unixd_module		/usr/lib/apache2/mod_unixd.so
-
-# HTTP2.
-LoadModule	http2_module		/usr/lib/apache2/mod_http2.so
-
-# SSL.
-LoadModule	ssl_module		/usr/lib/apache2/mod_ssl.so
-LoadModule	socache_shmcb_module	/usr/lib/apache2/mod_socache_shmcb.so
-
-# SSI.
-LoadModule	include_module		/usr/lib/apache2/mod_include.so
-
-# CGI.
-LoadModule	cgid_module		/usr/lib/apache2/mod_cgid.so
-
-# FastCGI access to php-fpm.
-LoadModule	proxy_module		/usr/lib/apache2/mod_proxy.so
-LoadModule	proxy_fcgi_module	/usr/lib/apache2/mod_proxy_fcgi.so
-
-# Re-writing.
-LoadModule	rewrite_module		/usr/lib/apache2/mod_rewrite.so
-
-# Authenticated access to locations.
-LoadModule	auth_basic_module	/usr/lib/apache2/mod_auth_basic.so
-LoadModule	authn_core_module	/usr/lib/apache2/mod_authn_core.so
-LoadModule	authn_file_module	/usr/lib/apache2/mod_authn_file.so
-LoadModule	authz_core_module	/usr/lib/apache2/mod_authz_core.so
-LoadModule	authz_user_module	/usr/lib/apache2/mod_authz_user.so
-
-# Custom headers.
-LoadModule	headers_module		/usr/lib/apache2/mod_headers.so
-
-# Proxying.
-#<IfModule !proxy_module>
-#  LoadModule	proxy_module		/usr/lib/apache2/mod_proxy.so
-#</IfModule>
-#LoadModule	proxy_http_module	/usr/lib/apache2/mod_proxy_http.so
-
-# Server status.
-#LoadModule	status_module		/usr/lib/apache2/mod_status.so
-
-
-# IP addresses and ports to listen on.
-Listen				5.101.171.215:80
-Listen				[2a01:a500:2981:1::d7]:80
-<IfModule ssl_module>
-  Listen			5.101.171.215:25443
-  Listen			[2a01:a500:2981:1::d7]:25443
-</IfModule>
-
-
-# Main server configuration.
-# Note: A DocumentRoot (and a Directory block granting access) is required in order for RedirectMatch to work in VirtualHosts.
-DocumentRoot			/var/empty
-ServerAdmin			"sysadmin(at)slackware.uk"
-ServerName			core.slackware.uk.net
-ServerSignature			Email
-ServerTokens			Major
-User				apache
-Group				apache
-DefaultRuntimeDir		/run
-Mutex				pthread
-ScriptSock			cgid.sock
-
-
-# Logging.
-LogFormat	"%h %l %u %t \"%r\" %>s %b"						Common
-LogFormat	"%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""		Combined
-LogFormat	"%v %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""	VHostCombined
-CustomLog	"|/usr/bin/logger -p local1.info -t httpd"				VHostCombined		env=!no_log
-#LogLevel	warn allowmethods:crit authz_core:crit include:crit ssl:crit
-LogLevel	warn allowmethods:crit authz_core:crit include:crit
-ErrorLog	syslog:local0
-
-
-# Resource limits for event MPM.
-ThreadLimit			50
-ThreadsPerChild			10
-MaxRequestWorkers		20
-MinSpareThreads			2
-MaxSpareThreads			10
-MaxConnectionsPerChild		10000
-
-
-# Timeouts.
-TimeOut				30
-GracefulShutDownTimeout		1
-
-
-# Browser handling.
-BrowserMatch			"MSIE [2-5]"	nokeepalive downgrade-1.0 force-response-1.0
-
-
-# HTTP2.
-<IfModule http2_module>
-  Protocols			h2 h2c http/1.1
-</IfModule>
-
-
-# SSL configuration.
-<IfModule ssl_module>
-  SSLCipherSuite		HIGH:!SSLv3:!TLS1:!aNULL:!MD5
-  SSLHonorCipherOrder		On
-  SSLOptions			+FakeBasicAuth
-  SSLProtocol			all -SSLv3 -TLSv1 -TLSv1.1
-  SSLRandomSeed			startup		file:/dev/urandom	512
-  SSLRandomSeed			connect		builtin
-  SSLSessionCache		"shmcb:/run/apache2/ssl_session_cache(512000)"
-  SSLSessionTickets		Off
-  BrowserMatch			"MSIE [2-5]"	ssl-unclean-shutdown
-</IfModule>
-
-
-# PHP.
-<IfModule proxy_fcgi_module>
-  DirectoryIndex	index.php index.phtml
-
-  <If "-f %{REQUEST_FILENAME} && %{REQUEST_URI} =~ /.+\.ph(ar|p|tml)$/">
-    SetHandler		proxy:unix:/run/php-fpm83/php-fpm.sock|fcgi://localhost/
-  </If>
-</IfModule>
-
-
-# Filters and Handlers.
-<IfModule include_module>
-  AddOutputFilter	INCLUDES	.shtml .html
-</IfModule>
-#This isn't needed except where CGI scripts are placed outside of ScriptAlias dirs.  ExecCGI is required in Options for the dir.
-#<IfModule cgid_module>
-#  AddHandler	cgi-script		.cgi .pl .py .sh
-#</IfModule>
-#For type maps (negotiated resources).
-#<IfModule negotiation_module>
-#  AddHandler	type-map		.var
-#</IfModule>
-
-
-# Mime type mappings.
-TypesConfig	/etc/apache2/mime.types
-AddType		application/x-bzip2			.bz2 .tbz
-AddType		application/x-compress			.z .tz
-AddType		application/x-gzip			.gz .tgz
-AddType		text/html				.shtml
-AddType		text/plain				.bld .csh .diff .ksh .md5 .meta .patch .pl .pm .py .rb .sh .sha1 .slackbuild .tcl .tm .url
-AddType		application/octet-stream		.deb .dpkg .flac .flp .img .lz .lzma .mkv .rpm .run .srpm .tlz .txz .vob .xz
-AddType		application/x-x509-user-cert		.crt
-AddType		application/pkcs8			.key
-AddType		application/pkcs10			.csr
-AddType		application/pkix-crl			.crl
-AddType		application/x-pem-file			.pem
-AddType		application/x-atari-8bit-executable	.xex
-MimeMagicFile	/etc/apache2/magic
-
-
-# Lets Encrypt validation.
-Alias		/.well-known/acme-challenge/		/srv/dehydrated/
-
-
-# Access control.
-<FilesMatch ^\.ht.*>
-  Require		all denied
-</FilesMatch>
-
-<Directory />
-  Options		SymLinksIfOwnerMatch
-  AllowOverride		None
-  Require		all denied
-</Directory>
-
-<Directory /var/empty/>
-  Options		None
-  AllowOverride		None
-  Require		all granted
-</Directory>
-
-<Directory /srv/dehydrated/>
-  Options		None
-  AllowOverride		None
-  Require		all granted
-</Directory>
-
-<Directory /data/sites/*/html/>
-  Options		Includes MultiViews SymLinksIfOwnerMatch
-  AllowOverride		AuthConfig FileInfo Indexes Limit
-
-  Require		all granted
-
-  AllowMethods		GET POST OPTIONS
-
-  DirectoryIndex	index.html
-  <IfModule include_module>
-    DirectoryIndex	index.shtml
-  </IfModule>
-
-  <IfModule ssl_module>
-    <FilesMatch "\.(shtml|php)$">
-      SSLOptions	+StdEnvVars
-    </FilesMatch>
-  </IfModule>
-</Directory>
-
-<IfModule cgid_module>
-  <Directory /data/sites/*/cgi-bin/>
-    Options		ExecCGI Includes MultiViews SymLinksIfOwnerMatch
-    AllowOverride	AuthConfig FileInfo Limit
-
-    Require		all granted
-
-    AllowMethods	GET POST OPTIONS
-
-    DirectoryIndex	disabled
-
-    <IfModule ssl_module>
-      SSLOptions	+StdEnvVars
-    </IfModule>
-  </Directory>
-</IfModule>
-
-
-# Include extra configurations.
-IncludeOptional		/etc/apache2/sites.d/*.conf
--- a/etc/apache2/mods-enabled/alias.load
+++ b/etc/apache2/mods-enabled/alias.load
@ -0,0 +1 @@
+../mods-available/alias.load
--- a/etc/apache2/mods-enabled/allowmethods.load
+++ b/etc/apache2/mods-enabled/allowmethods.load
@ -0,0 +1 @@
+../mods-available/allowmethods.load
--- a/etc/apache2/mods-enabled/authn_core.load
+++ b/etc/apache2/mods-enabled/authn_core.load
@ -0,0 +1 @@
+../mods-available/authn_core.load
--- a/etc/apache2/mods-enabled/authn_file.load
+++ b/etc/apache2/mods-enabled/authn_file.load
@ -0,0 +1 @@
+../mods-available/authn_file.load
--- a/etc/apache2/mods-enabled/authz_core.load
+++ b/etc/apache2/mods-enabled/authz_core.load
@ -0,0 +1 @@
+../mods-available/authz_core.load
--- a/etc/apache2/mods-enabled/authz_host.load
+++ b/etc/apache2/mods-enabled/authz_host.load
@ -0,0 +1 @@
+../mods-available/authz_host.load
--- a/etc/apache2/mods-enabled/authz_user.load
+++ b/etc/apache2/mods-enabled/authz_user.load
@ -0,0 +1 @@
+../mods-available/authz_user.load
--- a/etc/apache2/mods-enabled/cgid.load
+++ b/etc/apache2/mods-enabled/cgid.load
@ -0,0 +1 @@
+../mods-available/cgid.load
--- a/etc/apache2/mods-enabled/deflate.load
+++ b/etc/apache2/mods-enabled/deflate.load
@ -0,0 +1 @@
+../mods-available/deflate.load
--- a/etc/apache2/mods-enabled/dir.load
+++ b/etc/apache2/mods-enabled/dir.load
@ -0,0 +1 @@
+../mods-available/dir.load
--- a/etc/apache2/mods-enabled/env.load
+++ b/etc/apache2/mods-enabled/env.load
@ -0,0 +1 @@
+../mods-available/env.load
--- a/etc/apache2/mods-enabled/filter.load
+++ b/etc/apache2/mods-enabled/filter.load
@ -0,0 +1 @@
+../mods-available/filter.load
--- a/etc/apache2/mods-enabled/http2.load
+++ b/etc/apache2/mods-enabled/http2.load
@ -0,0 +1 @@
+../mods-available/http2.load
--- a/etc/apache2/mods-enabled/include.load
+++ b/etc/apache2/mods-enabled/include.load
@ -0,0 +1 @@
+../mods-available/include.load
--- a/etc/apache2/mods-enabled/mime.load
+++ b/etc/apache2/mods-enabled/mime.load
@ -0,0 +1 @@
+../mods-available/mime.load
--- a/etc/apache2/mods-enabled/mime_magic.load
+++ b/etc/apache2/mods-enabled/mime_magic.load
@ -0,0 +1 @@
+../mods-available/mime_magic.load
--- a/etc/apache2/mods-enabled/mpm_event.load
+++ b/etc/apache2/mods-enabled/mpm_event.load
@ -0,0 +1 @@
+../mods-available/mpm_event.load
--- a/etc/apache2/mods-enabled/proxy.load
+++ b/etc/apache2/mods-enabled/proxy.load
@ -0,0 +1 @@
+../mods-available/proxy.load
--- a/etc/apache2/mods-enabled/proxy_fcgi.load
+++ b/etc/apache2/mods-enabled/proxy_fcgi.load
@ -0,0 +1 @@
+../mods-available/proxy_fcgi.load
--- a/etc/apache2/mods-enabled/rewrite.load
+++ b/etc/apache2/mods-enabled/rewrite.load
@ -0,0 +1 @@
+../mods-available/rewrite.load
--- a/etc/apache2/mods-enabled/setenvif.load
+++ b/etc/apache2/mods-enabled/setenvif.load
@ -0,0 +1 @@
+../mods-available/setenvif.load
--- a/etc/apache2/sites-available/.gitignore
+++ b/etc/apache2/sites-available/.gitignore
@ -0,0 +1,2 @@
+/000-default.conf
+/default-ssl.conf
--- a/etc/apache2/sites-available/core.slackware.uk.net.conf
+++ b/etc/apache2/sites-available/core.slackware.uk.net.conf
--- a/etc/apache2/sites-enabled/000-core.slackware.uk.net.conf
+++ b/etc/apache2/sites-enabled/000-core.slackware.uk.net.conf
@ -0,0 +1 @@
+../sites-available/core.slackware.uk.net.conf
				`@ -0,0 +1 @@`
				`../sites-available/core.slackware.uk.net.conf`