# Apache configuration highlighting unit test
# comment with alters TODO FIXME ###

<IfModule mod_dav_fs.c>
    DAVLockDB /var/lock/apache/DAVLock
</IfModule>

<VirtualHost *:443>
    Include something_else.inc

    SSLEngine on
    # exclude insecure protocols
    SSLProtocol all -SSLv2 -SSLv3
    SSLHonorCipherOrder on
    # exclude insecure ciphers
    SSLCipherSuite "HIGH !EXP !eNULL !aNULL !LOW !RC4 !3DES !MD5 !EXP !PSK !SRP !DSS !DES !aECDH"

    SSLCertificateFile /etc/letsencrypt/live/cert.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/privkey.pem
    SSLCertificateChainFile /etc/letsencrypt/live/chain.pem
    CustomLog /var/log/apache2/ssl_request_log   ssl_combined
</VirtualHost>

<Proxy "http://localhost:10000/">
    SSLRequireSSL
</Proxy>

<Directory "/some/quoted/path">
    Options -Indexes -FollowSymLinks
    DirectoryIndex index.php
    AllowOverride None
    Order allow,deny
    Allow from all

    Options FollowSymLinks
    AllowOverride FileInfo Options All
    <LimitExcept GET>
        Require valid-user
    </LimitExcept>

    <Files ~ "\.(cgi|shtml|phtml|php3?)$">
        ForceType text/plain
    </Files>
</Directory>

Alias /foo/ "/srv/www/htdocs/foo/"

AuthType Basic
AuthName "KDE"
AuthUserFile /srv/www/htpasswd.db
Require user konqui

<VirtualHost _default_:80>
    ServerName www.kde.org
    ServerAlias kde.org

    RewriteEngine On
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [L,QSA,R=permanent]
</VirtualHost>

AuthBasicProvider ldap
AuthLDAPBindDN uid=ldapproxy,ou=people,dc=kde,dc=org
AuthLDAPBindPassword  top_secret
AuthLDAPURL ldap://localhost:389/ou=people,dc=kde,dc=org?uid?sub?(objectClass=posixAccount)
AuthLDAPGroupAttributeIsDN on
AuthLDAPGroupAttribute member
Require ldap-group cn=sysadmin,ou=Group,dc=kde,dc=org