# customized settings for CAcert webserver
MaxRequestsPerChild 100
ServerAdmin support@cacert.org
ServerName cacert.org
Header always set X-Frame-Options "DENY"
Header always set X-XSS-Protection "1; mode=block"
Header always set X-Content-Type-Options "nosniff"
DocumentRoot /www/www
Options -Indexes +Includes +FollowSymLinks
AllowOverride None
Options -Indexes +Includes +FollowSymLinks
AllowOverride All
Require all granted
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride None
Options -Indexes +Includes +FollowSymLinks
AllowOverride All
Require all granted
UseCanonicalName off
HostnameLookups on
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" mod_gzip: %{mod_gzip_compression_ratio}npct. %T %v" full
CustomLog /var/log/apache2/access.log full
ServerSignature off
AddDefaultCharset on
# OCSP Stapling, only in httpd 2.3.3 and later
SSLUseStapling on
SSLStaplingResponderTimeout 5
SSLStaplingReturnResponderErrors off
SSLStaplingCache shmcb:${APACHE_RUN_DIR}/ocsp(1280000)
SSLStaplingFakeTryLater off
SSLStaplingStandardCacheTimeout 86400