1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
|
%%
%% %CopyrightBegin%
%%
%% Copyright Ericsson AB 1997-2023. All Rights Reserved.
%%
%% Licensed under the Apache License, Version 2.0 (the "License");
%% you may not use this file except in compliance with the License.
%% You may obtain a copy of the License at
%%
%% http://www.apache.org/licenses/LICENSE-2.0
%%
%% Unless required by applicable law or agreed to in writing, software
%% distributed under the License is distributed on an "AS IS" BASIS,
%% WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
%% See the License for the specific language governing permissions and
%% limitations under the License.
%%
%% %CopyrightEnd%
%%
%%
%%
%% Port: The port the standalone listens to. For ports < 1023, you will
%% need httpd to be run as root initially.
[{port, 8888},
%% BindAddress: This directive is used to tell the server which IP address
%% to listen to. It can either contain "*", an IP address, or a fully
%% qualified Internet domain name.
%%
%% It is also possible to specify the ip-family with the directive.
%% There ar three possible value: inet, inet6 and inet6fb4
%% inet: Use IpFamily inet when retrieving the address and
%% fail if that does not work.
%% inet6: Use IpFamily inet6 when retrieving the address and
%% fail if that does not work.
%% inet6fb4: First IpFamily inet6 is tried and if that does not work,
%% inet is used as fallback.
%% Default value for ip-family is inet6fb4
%%
%% The syntax is: <address>[|<ip-family>]
%%
%%BindAddress *
%%BindAddress *|inet
%% ServerName allows you to set a host name which is sent back to clients for
%% your server if it's different than the one the program would get (i.e. use
%% "www" instead of the host's real name).
%%
%% Note: You cannot just invent host names and hope they work. The name you
%% define here must be a valid DNS name for your host. If you don't understand
%% this, ask your network administrator.
{server_name, "your.server.net"},
%% SocketType is either ip_comm, sockets or ssl.
{socket_type, ip_comm},
%% Point certfile to a PEM encoded certificate. If the key is not combined
%% with the certificate, use keyfile directive to point to the key file.
%{socket_type, {ssl, [{certfile, "/var/tmp/server_root/ssl/ssl_server.pem"},
% {keyfile, "/var/tmp/server_root/ssl/ssl_server.pem"},
% {verify, verify_none}]}},
%% Modules: Server run-time plug-in modules written using the Erlang
%% Web Server API (EWSAPI). The server API make it easy to add functionality
%% to the server. Read more about EWSAPI in the Reference Manual.
%% WARNING! Do not tamper with this directive unless you are familiar with
%% EWSAPI.
{modules, [mod_alias,mod_auth,mod_esi,mod_actions,mod_cgi,mod_responsecontrol,
mod_trace,mod_range,mod_head,mod_dir,mod_get,mod_log,mod_disk_log]},
%% ServerAdmin: Your address, where problems with the server should be
%% e-mailed.
{server_admin, "jocke@erix.ericsson.se"},
%% ServerRoot: The directory the server's config, error, and log files
%% are kept in
{server_root, "/var/tmp/server_root"},
%% ErrorLog: The location of the error log file. If this does not start
%% with /, ServerRoot is prepended to it.
{error_log, "logs/error_log"},
%% TransferLog: The location of the transfer log file. If this does not
%% start with /, ServerRoot is prepended to it.
{transfer_log, "logs/access_log"}
%% SecurityLog: The location of the security log file (mod_security required)
{security_log, "logs/security_log"},
%% ErrorDiskLog: The location of the error log file. If this does not
%% start with /, ServerRoot is prepended to it. This log file is managed
%% with the disk_log module [See disk_log(3)]. The ErrorDiskLogSize directive
%% takes two argument, i.e. MaxBytes and MaxFiles. The wrap log writes at most
%% MaxBytes bytes on each file, and it uses MaxFiles files before it wraps, and
%% truncates the first file.
{error_disk_log, "logs/error_disk_log"},
{error_disk_log_size, {200000,10}},
%% TransferDiskLog: The location of the transfer log file. If this does not
%% start with /, ServerRoot is prepended to it. This log file is managed
%% with the disk_log module [See disk_log(3)]. The TransferDiskLogSize directive
%% takes two argument, i.e. MaxBytes and MaxFiles. The wrap log writes at most
%% MaxBytes bytes on each file, and it uses MaxFiles files before it wraps, and
%% truncates the first file.
{transfer_disk_log, "logs/access_disk_log"},
{transfer_disk_log_size, {200000,10}},
%% SecurityDiskLog: The location of the security log file. If this does not
%% start with /, ServerRoot is prepended to it. This log file is managed
%% with the disk_log module [See disk_log(3)]. The SecurityDiskLogSize directive
%% takes two argument, i.e. MaxBytes and MaxFiles. The wrap log writes at most
%% MaxBytes bytes on each file, and it uses MaxFiles files before it wraps, and
%% truncates the first file.
{security_disk_log, "logs/security_disk_log"},
{security_disk_log_size, {200000,10}},
%% Limit on total number of servers running, i.e., limit on the number
%% of clients who can simultaneously connect --- if this limit is ever
%% reached, clients will be LOCKED OUT, so it should NOT BE SET TOO LOW.
%% It is intended mainly as a brake to keep a runaway server from taking
%% the server with it as it spirals down...
{max_clients, 50},
%% KeepAlive set the flag for persistent connections. For persistent connections
%% set KeepAlive to on. To use One request per connection set the flag to off
%% Note: The value has changed since previous version of INETS.
{keep_alive, false},
%% KeepAliveTimeout sets the number of seconds before a persistent connection
%% times out and closes.
{keep_alive_timeout, 10},
%% MaxKeepAliveRequests sets the number of seconds before a persistent connection
%% times out and closes.
{max_keep_alive_requests, "10"},
%% DocumentRoot: The directory out of which you will serve your
%% documents. By default, all requests are taken from this directory, but
%% symbolic links and aliases may be used to point to other locations.
{document_root, "/var/tmp/server_root/htdocs"},
%% DirectoryIndex: Name of the file or files to use as a pre-written HTML
%% directory index. Separate multiple entries with spaces.
{directory_index, ["index.html","welcome.html"]},
%% DefaultType is the default MIME type for documents which the server
%% cannot find the type of from filename extensions.
{default_type, "text/plain"},
%% Aliases: Add here as many aliases as you need (with no limit). The format is
%% Alias fakename realname
{alias, {"/icons/", "/var/tmp/server_root/icons/"}},
{alias, {"/pics/", "/var/tmp/server_root/icons/"}},
%% ScriptAlias: This controls which directories contain server scripts.
%% Format: ScriptAlias fakename realname
{script_alias, {"/cgi-bin/", "/var/tmp/server_root/cgi-bin/"}},
{script_alias, {"/htbin/", "/var/tmp/server_root/cgi-bin/"}},
%% This directive adds an action, which will activate cgi-script when a
%% file is requested using the method of method, which can be one of
%% GET, POST and HEAD. It sends the URL and file path of the requested
%% document using the standard CGI PATH_INFO and PATH_TRANSLATED
%% environment variables.
%%{script, {"HEAD", "/cgi-bin/printenv.sh"}}
%% This directive adds an action, which will activate cgi-script when a
%% file of content type mime-type is requested. It sends the URL and
%% file path of the requested document using the standard CGI PATH_INFO
%% and PATH_TRANSLATED environment variables.
%%{action, {"image/gif", "/cgi-bin/printenv.sh"}},
%% ErlScriptAlias: This specifies how "Erl" server scripts are called.
%% Format: ErlScriptAlias fakename realname allowed_modules
{erl_script_alias, {"/down/erl", [httpd_example]}},
%% Each directory to which INETS has access, can be configured with respect
%% to which services and features are allowed and/or disabled in that
%% directory (and its subdirectories).
{directory, {"/var/tmp/server_root/htdocs/open",
[{require,["user","one","Aladdin"]},
{auth_group_file,"/var/tmp/server_root/auth/group"},
{auth_user_file,"/var/tmp/server_root/auth/passwd"},
{auth_name,"Open Area"},
{auth_type,"plain"}]}},
{directory, {"/var/tmp/server_root/htdocs/secret",
[{require,["group","group1","group2"]},
{auth_group_file,"/var/tmp/server_root/auth/group"},
{auth_user_file,"/var/tmp/server_root/auth/passwd"},
{auth_name,"Secret Area"},
{auth_type,"plain"}]}},
{directory, {"/var/tmp/server_root/htdocs/secret/top_secret",
[{require,["group","group3"]},
{auth_group_file,"/var/tmp/server_root/auth/group"},
{auth_user_file,"/var/tmp/server_root/auth/passwd"},
{auth_name,"Top Secret Area"},
{auth_type,"plain"}]}},
{directory, {"/var/tmp/server_root/htdocs/mnesia_open",
[{require,["user","one","Aladdin"]},
{auth_name,"Open Area"},
{auth_type,"mnesia"}]}},
{directory, {"/var/tmp/server_root/htdocs/mnesia_secret",
[{require,["group","group1","group2"]},
{auth_name,"Secret Area"},
{auth_type,"mnesia"}]}},
{directory, {"/var/tmp/server_root/htdocs/mnesia_secret/top_secret",
[{security_callback_module,"security_callback"},
{security_auth_timeout,1},
{security_fail_expire_time,1},
{security_block_time,10},
{security_max_retries,3},
{security_data_file,"logs/security_data"},
{deny_from,["100.234.22.12","194.100.34.1","130.100.34.25"]},
{allow_from,["130.100.34","130.100.35"]},
{require,["group","group3"]},
{auth_name,"Top Secret Area"},
{auth_type,"mnesia"}]}}].
|
