# =================================================
# Basic settings
# =================================================
ServerType standalone
ServerRoot "/usr/local/apache"
PidFile /usr/local/apache/logs/httpd.pid
ScoreBoardFile /usr/local/apache/logs/httpd.scoreboard
ResourceConfig /dev/null
AccessConfig /dev/null

# =================================================
# Performance settings
# =================================================
Timeout 300
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15
MinSpareServers 5
MaxSpareServers 10
StartServers 5
MaxClients 150
MaxRequestsPerChild 0

# =================================================
# Apache modules
# =================================================
ClearModuleList
AddModule mod_log_config.c
AddModule mod_mime.c
AddModule mod_dir.c
AddModule mod_access.c
AddModule mod_auth.c
AddModule mod_php4.c
AddModule mod_security.c

# =================================================
# General settings
# =================================================
Port 80
User apache
Group apache
ServerAdmin webmaster@www.ebank.lab
UseCanonicalName Off
ServerSignature Off
HostnameLookups Off
ServerTokens Prod
<IfModule mod_dir.c>
    DirectoryIndex index.html
</IfModule>
DocumentRoot "/www/vhosts"

# =================================================
# Access control
# =================================================
<Directory />
    Options None
    AllowOverride None
    Order deny,allow
    Deny from all
</Directory>
<Directory "/www/vhosts/www.ebank.lab">
    Order allow,deny
    Allow from all
</Directory>
<Directory "/www/vhosts/www.test.lab">
    Order allow,deny
    Allow from all
</Directory>

# =================================================
# MIME encoding
# =================================================
<IfModule mod_mime.c>
    TypesConfig /usr/local/apache/conf/mime.types
</IfModule>
DefaultType text/plain
<IfModule mod_mime.c>
    AddEncoding x-compress Z
    AddEncoding x-gzip gz tgz
    AddType application/x-tar .tgz
    AddType application/x-httpd-php .php
    AddType application/x-httpd-php .inc
    AddType application/x-httpd-php .class
</IfModule>

# =================================================
# Logs
# =================================================
LogLevel warn
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
ErrorLog /usr/local/apache/logs/error_log
CustomLog /usr/local/apache/logs/access_log combined

# =================================================
# Virtual hosts
# =================================================
NameVirtualHost *
<VirtualHost *>
	DocumentRoot "/www/vhosts/www.ebank.lab"
	ServerName "www.ebank.lab"
	ServerAlias "www.e-bank.lab"
	ErrorLog logs/www.ebank.lab/error_log
	CustomLog logs/www.ebank.lab/access_log combined
</VirtualHost>
<VirtualHost *>
	DocumentRoot "/www/vhosts/www.test.lab"
	ServerName "www.test.lab"
	ErrorLog logs/www.test.lab/error_log
	CustomLog logs/www.test.lab/access_log combined
</VirtualHost>

# ================================================
# Logging GET/POST requests, defending against
# Cross-Site-Scripting and SQL Injection attacks
# ================================================
<IfModule mod_security.c>
	AddHandler application/x-httpd-php .php

	SecAuditEngine On
	SecAuditLog logs/audit_log
	SecFilterScanPOST On
	SecFilterEngine On

	SecFilterDefaultAction "deny,log,status:500"

	SecFilter "<(.|\n)+>"
	SecFilter "'"
	SecFilter "\""
</IfModule>