# Autogenerated httpd.conf file for TWiki.

# Generated at http://twiki.org/cgi-bin/view/TWiki/ApacheConfigGenerator

# IMPORTANT NOTE: Make sure to enable mod_cgid in the primary apache configuration file.

# We set an environment variable called blockAccess.

#

# Setting a BrowserMatchNoCase to ^$ is important. It prevents TWiki from

# including its own topics as URLs and also prevents other TWikis from

# doing the same. This is important to prevent the most obvious

# Denial of Service attacks.

#

# You can expand this by adding more BrowserMatchNoCase statements to

# block evil browser agents trying the impossible task of mirroring a twiki

#

# Example:

# BrowserMatchNoCase ^SiteSucker blockAccess

# BrowserMatchNoCase ^$ blockAccess

BrowserMatchNoCase ^Accoona blockAccess

BrowserMatchNoCase ^ActiveAgent blockAccess

BrowserMatchNoCase ^Attache blockAccess

BrowserMatchNoCase BecomeBot blockAccess

BrowserMatchNoCase ^bot blockAccess

BrowserMatchNoCase Charlotte/ blockAccess

BrowserMatchNoCase ^ConveraCrawler blockAccess

BrowserMatchNoCase ^CrownPeak-HttpAgent blockAccess

BrowserMatchNoCase ^EmailCollector blockAccess

BrowserMatchNoCase ^EmailSiphon blockAccess

BrowserMatchNoCase ^e-SocietyRobot blockAccess

BrowserMatchNoCase ^Exabot blockAccess

BrowserMatchNoCase ^FAST blockAccess

BrowserMatchNoCase ^FDM blockAccess

BrowserMatchNoCase ^GetRight/6.0a blockAccess

BrowserMatchNoCase ^GetWebPics blockAccess

BrowserMatchNoCase ^Gigabot blockAccess

BrowserMatchNoCase ^gonzo1 blockAccess

BrowserMatchNoCase ^Google\sSpider blockAccess

BrowserMatchNoCase ^ichiro blockAccess

BrowserMatchNoCase ^ie_crawler blockAccess

BrowserMatchNoCase ^iGetter blockAccess

BrowserMatchNoCase ^IRLbot blockAccess

BrowserMatchNoCase Jakarta blockAccess

BrowserMatchNoCase ^Java blockAccess

BrowserMatchNoCase ^KrakSpider blockAccess

BrowserMatchNoCase ^larbin blockAccess

BrowserMatchNoCase ^LeechGet blockAccess

BrowserMatchNoCase ^LinkWalker blockAccess

BrowserMatchNoCase ^Lsearch blockAccess

BrowserMatchNoCase ^Microsoft blockAccess

BrowserMatchNoCase ^MJ12bot blockAccess

BrowserMatchNoCase MSIECrawler blockAccess

BrowserMatchNoCase ^MSRBOT blockAccess

BrowserMatchNoCase ^noxtrumbot blockAccess

BrowserMatchNoCase ^NutchCVS blockAccess

BrowserMatchNoCase ^RealDownload blockAccess

BrowserMatchNoCase ^Rome blockAccess

BrowserMatchNoCase ^Roverbot blockAccess

BrowserMatchNoCase ^schibstedsokbot blockAccess

BrowserMatchNoCase ^Seekbot blockAccess

BrowserMatchNoCase ^SiteSnagger blockAccess

BrowserMatchNoCase ^SiteSucker blockAccess

BrowserMatchNoCase ^Snapbot blockAccess

BrowserMatchNoCase ^sogou blockAccess

BrowserMatchNoCase ^SpiderKU blockAccess

BrowserMatchNoCase ^SpiderMan blockAccess

BrowserMatchNoCase ^Squid blockAccess

BrowserMatchNoCase ^Teleport blockAccess

BrowserMatchNoCase ^User-Agent\: blockAccess

BrowserMatchNoCase VoilaBot blockAccess

BrowserMatchNoCase ^voyager blockAccess

BrowserMatchNoCase ^W3C blockAccess

BrowserMatchNoCase ^w3search blockAccess

BrowserMatchNoCase ^Web\sDownloader blockAccess

BrowserMatchNoCase ^WebCopier blockAccess

BrowserMatchNoCase ^WebDevil blockAccess

BrowserMatchNoCase ^WebSec blockAccess

BrowserMatchNoCase ^WebVac blockAccess

BrowserMatchNoCase ^Webwhacker blockAccess

BrowserMatchNoCase ^Webzip blockAccess

BrowserMatchNoCase ^Wells blockAccess

BrowserMatchNoCase ^WhoWhere blockAccess

BrowserMatchNoCase www\.netforex\.org blockAccess

BrowserMatchNoCase ^WX_mail blockAccess

BrowserMatchNoCase ^yacybot blockAccess

BrowserMatchNoCase ^ZIBB blockAccess

BrowserMatchNoCase ^$ blockAccess

<IfModule mod_perl.c>

	# Mod_perl preloading

	PerlSwitches -T

</IfModule>

# The ScriptAlias defines the bin directory as a directory where CGI

# scripts are allowed.

# The first parameter will be part of the URL to your installation e.g.

# http://example.com/do/view/...

# The second parameter must point to the physical path on your disc.

ScriptAlias /twiki/do "/home/bien/svn/web/.twiki/bin"

# The Alias defines a url that points to the twiki pub directory, which

# is the root of file attachments.

Alias /twiki/pub "/home/bien/svn/web/.twiki/pub"

Alias /twiki "/home/bien/svn/web/.twiki"

# Block access to typical spam related attachments

# Except the TWiki directory which is read only and does have attached html files.

SetEnvIf Request_URI "/twiki/pub/.*\.[hH][tT][mM][lL]?$" blockAccess

SetEnvIf Request_URI "/twiki/pub/TWiki/.*\.[hH][tT][mM][lL]?$" !blockAccess

# This specifies the options on the TWiki scripts directory. The ExecCGI

# and SetHandler tell apache that it contains scripts. "Require all granted"

# lets any IP address access this URL.

<Directory "/home/bien/svn/web/.twiki/bin">

	AllowOverride None

	Require all granted

	Deny from env=blockAccess

	Options ExecCGI FollowSymLinks

	SetHandler cgi-script

	# Password file for TWiki users

	#AuthUserFile /home/bien/svn/web/.twiki/data/.htpasswd

	#AuthName 'Enter your WikiName: (First name and last name, no space, no dots, capitalized, e.g. JohnSmith)'

	#AuthType Basic

	# File to return on access control error (e.g. wrong password)

	ErrorDocument 401 /twiki/do/view/TWiki/ResetPassword

</Directory>

<Directory "/home/bien/svn/web/.twiki">

	Require all granted

	Deny from env=blockAccess

	RedirectMatch ^/twiki/([A-Z0-9].*)?$ /twiki/do/view/Main/$1

	# File to return on access control error (e.g. wrong password)

	ErrorDocument 401 /twiki/do/view/TWiki/ResetPassword

</Directory>

# This sets the options on the pub directory, which contains attachments and

# other files like CSS stylesheets and icons. AllowOverride None stops a

# user installing a .htaccess file that overrides these options.

# Note that files in pub are *not* protected by TWiki Access Controls,

# so if you want to control access to files attached to topics you need to

# block access to the specific directories same way as the ApacheConfigGenerator

# blocks access to the pub directory of the Trash web

<Directory "/home/bien/svn/web/.twiki/pub">

	#Options None

	Options FollowSymLinks

	AllowOverride None

	Require all granted

	Deny from env=blockAccess

	# Disable execusion of PHP scripts

	php_admin_flag engine off

	# This line will redefine the mime type for the most common types of scripts

	AddType text/plain .shtml .php .php3 .phtml .phtm .pl .py .cgi

#add an Expires header that is sufficiently in the future that the browser does not even ask if its uptodate

# reducing the load on the server significantly

#IF you can, you should enable this - it _will_ improve your twiki experience, even if you set it to under one day.

# you may need to enable expires_module in your main apache config

#LoadModule expires_module libexec/httpd/mod_expires.so

#AddModule mod_expires.c

#<ifmodule mod_expires.c>

#  <filesmatch "\.(jpg|gif|png|css|js)$">

#		ExpiresActive on

#		ExpiresDefault "access plus 11 days"

#	</filesmatch>

#</ifmodule>

</Directory>

# Spammers are known to attach their stuff and then move it to trash where it remains unnoticed.

# We prevent viewing any attachments directly from pub

<Directory "/home/bien/svn/web/.twiki/pub/Trash">

   deny from all

</Directory>