####################################################### ### Calomel.org lighttpd.conf BEGIN ####################################################### # #### modules to load server.modules = ( "mod_expire", "mod_auth", "mod_access", "mod_evasive", "mod_compress", "mod_status", "mod_redirect", "mod_accesslog" ) #### performance options (aggressive timeouts) server.max-keep-alive-requests = 6 server.max-keep-alive-idle = 15 server.max-read-idle = 15 server.max-write-idle = 15 ## number of child worker processes to spawn (0 for lightly loaded sites) # server.max-worker = 0 ## number of file descriptors (leave off for lighty loaded sites) # server.max-fds = 512 ## maximum concurrent connections the server will accept (1/2 of server.max-fds) # server.max-connections = 256 ## single client connection bandwidth limit in kilobytes (0=unlimited) connection.kbytes-per-second = 0 ## global server bandwidth limit in kilobytes (0=unlimited) server.kbytes-per-second = 0 #### bind to interface (default: all interfaces) server.bind = "127.0.0.1" #### bind to port (default: 80) server.port = 80 #### run daemon as uid (default: don't care) server.username = "lighttpd" #### run daemon as gid (default: don't care) server.groupname = "lighttpd" #### set the pid file (newsyslog) server.pid-file = "/var/run/lighttpd.pid" #### name the server daemon publicly displays server.tag = "lighttpd" #### static document-root server.document-root = "/var/www/htdocs/" #### chroot() to directory (default: no chroot() ) server.chroot = "/" #### files to check for if .../ is requested index-file.names = ( "index.html" ) #### disable auto index directory listings dir-listing.activate = "disable" #### disable ssl if not needed ssl.engine = "disable" #### compress module compress.cache-dir = "/tmp/lighttpd_tmp/" compress.filetype = ("text/plain", "text/html", "text/css", "image/png") #### expire module expire.url = ( "" => "access plus 6 hours") #### accesslog format (enable for using a proxy, like Pound, in front of Lighttpd) # accesslog.format = "%{X-Forwarded-For}i %V %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" #### accesslog module accesslog.filename = "/var/log/lighttpd/access.log" #### error log server.errorlog = "/var/log/lighttpd/error.log" #### error pages server.errorfile-prefix = "/var/www/htdocs/errors/errorcode-" #### enable debugging (un-comment to debug server problems) # debug.log-request-header = "enable" # debug.log-response-header = "enable" # debug.log-request-handling = "enable" # debug.log-file-not-found = "enable" #### mod_evasive evasive.max-conns-per-ip = 250 #### limit request method "POST" size in kilobytes (KB) server.max-request-size = 1 #### disable multi range requests server.range-requests = "disable" #### disable symlinks server.follow-symlink = "disable" #### ONLY serve files with all lowercase file names server.force-lowercase-filenames = "disable" #### server status status.status-url = "/hidden_dir/server-status" #### password protected area # auth.backend = "htdigest" # auth.backend.htdigest.userfile = "/var/www/htdocs/hidden_dir/passwd_file" # auth.require = ( "/hidden_dir" => # ( # "method" => "digest", # "realm" => "REALM_NAME", # "require" => "user=USER_NAME" # ) # ) ## #### Blocks Section: The order is important. #### Test all block rules before going live. ## #### request method restrictions (v1.5.x ONLY) # $HTTP["request-method"] !~ "^(GET|HEAD)" { # url.access-deny = ( "" ) # } #### deny access to unwanted bots or bad clients # $HTTP["useragent"] =~ "(Google|BadGuy)" { # url.access-deny = ( "" ) # } #### access control list for hidden_dir (not for use behind proxies) # $HTTP["remoteip"] !~ "127.0.0.1|10.10.10.2|20.10.20.30" { # $HTTP["url"] =~ "^/hidden_dir/" { # url.access-deny = ( "" ) # } # } #### url redirect requests for calomel.org to www.calomel.org # $HTTP["host"] =~ "^(calomel.org)$" { # url.redirect = ( "/(.*)" => "http://www.%1/$1") # } #### stop image hijacking (anti-hotlinking) # $HTTP["referer"] !~ "^(http://calomel\.org|http://www\.calomel\.org)" { # url.access-deny = ( ".jpg", ".jpeg", ".png", ".avi", ".mov" ) # } #### virtual host limits # $HTTP["host"] !~ "^(calomel\.org|www\.calomel\.org)" { # url.access-deny = ( "" ) # } #### stop referer spam # $HTTP["referer"] =~ "(tarotathome|casinospam)" { # url.access-deny = ( "" ) # } #### mimetype mapping mimetype.assign = ( ".pdf" => "application/pdf", ".sig" => "application/pgp-signature", ".spl" => "application/futuresplash", ".class" => "application/octet-stream", ".ps" => "application/postscript", ".torrent" => "application/x-bittorrent", ".dvi" => "application/x-dvi", ".gz" => "application/x-gzip", ".pac" => "application/x-ns-proxy-autoconfig", ".swf" => "application/x-shockwave-flash", ".tar.gz" => "application/x-tgz", ".tgz" => "application/x-tgz", ".tar" => "application/x-tar", ".zip" => "application/zip", ".mp3" => "audio/mpeg", ".m3u" => "audio/x-mpegurl", ".wma" => "audio/x-ms-wma", ".wax" => "audio/x-ms-wax", ".ogg" => "application/ogg", ".wav" => "audio/x-wav", ".gif" => "image/gif", ".jpg" => "image/jpeg", ".jpeg" => "image/jpeg", ".png" => "image/png", ".xbm" => "image/x-xbitmap", ".xpm" => "image/x-xpixmap", ".xwd" => "image/x-xwindowdump", ".css" => "text/css", ".html" => "text/html", ".htm" => "text/html", ".js" => "text/javascript", ".asc" => "text/plain", ".c" => "text/plain", ".cpp" => "text/plain", ".log" => "text/plain", ".conf" => "text/plain", ".text" => "text/plain", ".txt" => "text/plain", ".dtd" => "text/xml", ".xml" => "text/xml", ".mpeg" => "video/mpeg", ".mpg" => "video/mpeg", ".mov" => "video/quicktime", ".qt" => "video/quicktime", ".avi" => "video/x-msvideo", ".asf" => "video/x-ms-asf", ".asx" => "video/x-ms-asf", ".wmv" => "video/x-ms-wmv", ".bz2" => "application/x-bzip", ".tbz" => "application/x-bzip-compressed-tar", ".tar.bz2" => "application/x-bzip-compressed-tar" ) # ####################################################### ### Calomel.org lighttpd.conf END #######################################################