Update to apache 2.4 access controls

[chef.git] / cookbooks / wordpress / templates / default / apache.erb

diff --git a/cookbooks/wordpress/templates/default/apache.erb b/cookbooks/wordpress/templates/default/apache.erb
index 1af8f3bb32d0732d3bc13b304b76abf4e82b9e92..3695fc2b7ead29c975a23ad467dfe9447883f60b 100644 (file)
--- a/cookbooks/wordpress/templates/default/apache.erb
+++ b/cookbooks/wordpress/templates/default/apache.erb
@@ -11,6 +11,27 @@
   CustomLog /var/log/apache2/<%= @name %>-access.log combined
   ErrorLog /var/log/apache2/<%= @name %>-error.log
 
+<% if @ssl_enabled -%>
+  RedirectPermanent / https://<%= @name %>/
+</VirtualHost>
+
+<VirtualHost *:443>
+  ServerName <%= @name %>
+<% @aliases.each do |alias_name| -%>
+  ServerAlias <%= alias_name %>
+<% end -%>
+
+  ServerAdmin webmaster@openstreetmap.org
+
+  #
+  # Enable SSL
+  #
+  SSLEngine on
+
+  CustomLog /var/log/apache2/<%= @name %>-access.log combined
+  ErrorLog /var/log/apache2/<%= @name %>-error.log
+<% end -%>
+
   DocumentRoot <%= @directory %>
 <% @urls.each do |url,directory| -%>
   Alias <%= url %> <%= directory %>
@@ -32,12 +53,14 @@
     RewriteCond %{REQUEST_FILENAME} !-f
     RewriteCond %{REQUEST_FILENAME} !-d
     RewriteRule . /index.php [L]
+
     Options -Indexes
+
+    Require all granted
   </Directory>
 
   <Files <%= @directory %>/wp-config.php>
-    Order allow,deny
-    Deny from all
+    Require all denied
   </Files>
 
   <Directory <%= @directory %>/uploads>
@@ -47,17 +70,14 @@
   </Directory>
 
   <Directory ~ "\.svn">
-    Order allow,deny
-    Deny from all
+    Require all denied
   </Directory>
 
   <Directory ~ "\.git">
-    Order allow,deny
-    Deny from all
+    Require all denied
   </Directory>
 
   <Files ~ "~$">
-    Order allow,deny
-    Deny from all
+    Require all denied
   </Files>
 </VirtualHost>