]> git.openstreetmap.org Git - rails.git/blobdiff - config/lighttpd.conf
Don't allow STARTTLS to be used when sending mail
[rails.git] / config / lighttpd.conf
index e07a9c295dfadcf8d281fc77e96316e64c58134d..e728c6716218c1b07093ce1290a470b184f4d2fb 100644 (file)
@@ -26,42 +26,48 @@ server.reject-expect-100-with-417 = "disable"
 # Setup logging
 #
 accesslog.filename = "/var/log/lighttpd/access.log"
+accesslog.format = "%h %V %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" \"%{Accept-Language}i\""
 server.errorlog = "/var/log/lighttpd/error.log"
 
 #
 # Allow munin to monitor the server's status
 #
-$HTTP["remoteip"] == "128.40.168.98" { 
+$HTTP["remoteip"] == "128.40.168.98" {
   status.config-url = "/server-config"
   status.status-url = "/server-status"
   status.statistics-url = "/server-statistics"
 }
 
 #
-# IP blocked at SteveC's request as it was trying to download the
-# history of every object in the database one at a time
+# Pull in host blocks
 #
-$HTTP["remoteip"] == "143.210.16.160" { url.access-deny = ("") }
+include_shell "lighttpd-host-blocks.sh"
 
 #
-# Rule to block tilesAtHome when somebody decides to queue vast 
-# number of tiles for rerendering
+# Block some troublesome robots
 #
-#$HTTP["useragent"] == "tilesAtHome" { url.access-deny = ("") }
+#$HTTP["useragent"] =~ "msnbot" { url.access-deny = ("") }
+$HTTP["useragent"] =~ "Twiceler" { url.access-deny = ("") }
+$HTTP["useragent"] =~ "Baiduspider" { url.access-deny = ("") }
+$HTTP["useragent"] =~ "Sosospider+" { url.access-deny = ("") }
+#$HTTP["useragent"] =~ "Yahoo! Slurp" { url.access-deny = ("") }
+$HTTP["useragent"] =~ "Yeti" { url.access-deny = ("") }
+#$HTTP["useragent"] =~ "Googlebot" { url.access-deny = ("") }
+$HTTP["useragent"] =~ "The Hare and the Hedgeho" { url.access-deny = ("") }
+
+#
+# Block tilesAtHome
+#
+$HTTP["useragent"] =~ "tilesAtHome" { url.access-deny = ("") }
 
 #
 # Block JOSM revisions  1722-1727 as they have a serious bug that causes
 # lat/lon to be swapped (http://josm.openstreetmap.de/ticket/2804)
 #
-$HTTP["useragent"] =~ "^JOSM/[0-9]+\.[0-9]+ \(172[234567] .*\)$" {
+$HTTP["useragent"] =~ "^JOSM/[0-9]+\.[0-9]+ \(172[234567] " {
   url.access-deny = ("")
 }
 
-#
-# Limit connections to 20 per IP address
-#
-evasive.max-conns-per-ip = 20
-
 #
 # Setup MIME type mapping
 #
@@ -145,13 +151,16 @@ server.document-root = "/home/rails/public"
 #
 # Send everything else to the appropriate FastCGI server
 #
-$HTTP["useragent"] =~ "^tilesAtHome" {
-  server.error-handler-404 = "/dispatch.tah"
+$HTTP["url"] =~ "^/trace/[0-9]+/data$" {
+  server.error-handler-404 = "/dispatch.bulkapi"
+}
+else $HTTP["url"] =~ "^/api/0\.6/map$" {
+  server.error-handler-404 = "/dispatch.map"
 }
-else $HTTP["url"] =~ "^/api/0\.6/(map|trackpoints|amf|amf/read|swf/trackpoints|changeset/[0-9]+/upload)$" {
+else $HTTP["url"] =~ "^/api/0\.6/(trackpoints|amf|amf/read|swf/trackpoints|changeset/[0-9]+/(upload|download))$" {
   server.error-handler-404 = "/dispatch.bulkapi"
 }
-else $HTTP["url"] =~ "^/api/0\.6/.*/(full|search)$" {
+else $HTTP["url"] =~ "^/api/0\.6/.*/(full|history|search|ways)$" {
   server.error-handler-404 = "/dispatch.bulkapi"
 }
 else $HTTP["url"] =~ "^/api/0\.6/" {
@@ -160,9 +169,6 @@ else $HTTP["url"] =~ "^/api/0\.6/" {
 else $HTTP["url"] =~ "^/api/0\.[0-9]+/" {
   url.access-deny = ("")
 }
-else $HTTP["url"] =~ "^/geocoder/(search|description)_osm_namefinder$" {
-  server.error-handler-404 = "/dispatch.namefinder"
-}
 else $HTTP["url"] =~ "^/geocoder/(search|description)_geonames$" {
   server.error-handler-404 = "/dispatch.geonames"
 }
@@ -200,9 +206,7 @@ fastcgi.server = (
     ( "host" => "127.0.0.1", "port" => 8022, "check-local" => "disable" ),
     ( "host" => "127.0.0.1", "port" => 8023, "check-local" => "disable" ),
     ( "host" => "127.0.0.1", "port" => 8024, "check-local" => "disable" ),
-    ( "host" => "127.0.0.1", "port" => 8025, "check-local" => "disable" )
-  ),
-  ".namefinder" => (
+    ( "host" => "127.0.0.1", "port" => 8025, "check-local" => "disable" ),
     ( "host" => "127.0.0.1", "port" => 8026, "check-local" => "disable" ),
     ( "host" => "127.0.0.1", "port" => 8027, "check-local" => "disable" ),
     ( "host" => "127.0.0.1", "port" => 8028, "check-local" => "disable" ),
@@ -215,10 +219,6 @@ fastcgi.server = (
     ( "host" => "127.0.0.1", "port" => 8033, "check-local" => "disable" )
   ),
   ".api" => (
-    ( "host" => "127.0.0.1", "port" => 8030, "check-local" => "disable" ),
-    ( "host" => "127.0.0.1", "port" => 8031, "check-local" => "disable" ),
-    ( "host" => "127.0.0.1", "port" => 8032, "check-local" => "disable" ),
-    ( "host" => "127.0.0.1", "port" => 8033, "check-local" => "disable" ),
     ( "host" => "127.0.0.1", "port" => 8034, "check-local" => "disable" ),
     ( "host" => "127.0.0.1", "port" => 8035, "check-local" => "disable" ),
     ( "host" => "127.0.0.1", "port" => 8036, "check-local" => "disable" ),
@@ -229,7 +229,11 @@ fastcgi.server = (
     ( "host" => "127.0.0.1", "port" => 8041, "check-local" => "disable" ),
     ( "host" => "127.0.0.1", "port" => 8042, "check-local" => "disable" ),
     ( "host" => "127.0.0.1", "port" => 8043, "check-local" => "disable" ),
-    ( "host" => "127.0.0.1", "port" => 8044, "check-local" => "disable" )
+    ( "host" => "127.0.0.1", "port" => 8044, "check-local" => "disable" ),
+    ( "host" => "127.0.0.1", "port" => 8045, "check-local" => "disable" ),
+    ( "host" => "127.0.0.1", "port" => 8046, "check-local" => "disable" ),
+    ( "host" => "127.0.0.1", "port" => 8047, "check-local" => "disable" ),
+    ( "host" => "127.0.0.1", "port" => 8048, "check-local" => "disable" )
   ),
   ".bulkapi" => (
     ( "host" => "10.0.0.10", "port" => 8000, "check-local" => "disable" ),
@@ -265,10 +269,13 @@ fastcgi.server = (
     ( "host" => "10.0.0.10", "port" => 8010, "check-local" => "disable" ),
     ( "host" => "10.0.0.11", "port" => 8010, "check-local" => "disable" ),
     ( "host" => "10.0.0.12", "port" => 8010, "check-local" => "disable" ),
-  ),
-  ".tah" => (
     ( "host" => "10.0.0.10", "port" => 8011, "check-local" => "disable" ),
     ( "host" => "10.0.0.11", "port" => 8011, "check-local" => "disable" ),
     ( "host" => "10.0.0.12", "port" => 8011, "check-local" => "disable" )
+  ),
+  ".map" => (
+    ( "host" => "10.0.0.10", "port" => 9000, "check-local" => "disable" ),
+    ( "host" => "10.0.0.11", "port" => 9000, "check-local" => "disable" ),
+    ( "host" => "10.0.0.12", "port" => 9000, "check-local" => "disable" )
   )
 )