X-Git-Url: https://git.openstreetmap.org/chef.git/blobdiff_plain/01e4f572782563692eb2628d322cc6eb3eb19c59..bd1414026d382a930aa60f7303c3c6a8b7ec8543:/cookbooks/tile/templates/default/apache.erb?ds=sidebyside
diff --git a/cookbooks/tile/templates/default/apache.erb b/cookbooks/tile/templates/default/apache.erb
index 24b87902b..fbc781c90 100644
--- a/cookbooks/tile/templates/default/apache.erb
+++ b/cookbooks/tile/templates/default/apache.erb
@@ -22,7 +22,8 @@
<% end -%>
# Setup logging
- CustomLog /var/log/apache2/access.log combined
+ LogFormat "%a %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined_with_remoteip
+ CustomLog /var/log/apache2/access.log combined_with_remoteip
ErrorLog /var/log/apache2/error.log
BufferedLogs on
@@ -30,6 +31,9 @@
# will always work and can be cached
Header set Access-Control-Allow-Origin "*"
+ # Remove Proxy request header to mitigate https://httpoxy.org/
+ RequestHeader unset Proxy early
+
# Enable the rewrite engine
RewriteEngine on
@@ -47,21 +51,19 @@
Options None
AllowOverride None
-<% if node[:lsb][:release].to_f >= 14.04 -%>
Require all granted
-<% else -%>
- Order allow,deny
- Allow from all
-<% end -%>
Options ExecCGI
AllowOverride None
-<% if node[:lsb][:release].to_f >= 14.04 -%>
Require all granted
-<% else -%>
- Order allow,deny
- Allow from all
-<% end -%>
+
+
+<% @caches.each do |cache| -%>
+<% cache.ipaddresses(:role => :external).sort.each do |address| -%>
+ Require ip <%= address %>
+<% end -%>
+<% end -%>
+