This is my httpd.conf
# -------------------------------------------
# Apache2.4 config file
# (c) 28.11.2020 J. Kallup - paule32
# -------------------------------------------
Define XAMPP_DRV "X:"
Define XAMPP_WIN "${XAMPP_DRV}/Y"
Define XAMPP_WRC "${XAMPP_DRV}/Z"
Define APACHE_OS "${XAMPP_WIN}"
Define APACHE_MOD "${XAMPP_WIN}/apache"
Define APACHE_SRC "${XAMPP_WRC}"
Define APACHE_WEB "${XAMPP_WRC}/html"
Define APACHE_LOG "${XAMPP_WRC}/data"
Define APACHE_DIR "${APACHE_OS}/apache"
Define MYSQL_HOME "${APACHE_OS}/mysql/bin"
Define SSL_CONF "${APACHE_OS}/apache/bin/openssl.cnf"
Define PHP_DIR "${APACHE_OS}/php7"
Define TMP_DIR "${APACHE_OS}/tmp"
# -------------------------------------------
# different sites, for differnt things ...
# actual localhost/lan ipv6 addresses fd00:
# 01 - main page
# 80 - out of office time page
# -------------------------------------------
#Define BOF_OFFICE_IOP "fd00:0:0:0:0:0:0:01"
#Define EOF_OFFICE_IOP "fd00:0:0:0:0:0:0:80"
#Define EOF_OFFICE_URL "https://[${EOF_OFFICE_IOP}]";
#Define BOF_OFFICE_URL "https://[${BOF_OFFICE_IOP}]";
Define BOF_OFFICE_URL "https://www.kallup.net";
Define EOF_OFFICE_URL "https://out.kallup.net";
Define DOCUMENT_ROOT "${APACHE_WEB}"
Define SRVROOT "${APACHE_OS}"
ServerRoot "${APACHE_OS}"
#
ServerName www.kallup.net
ServerAdmin kallup.j...@web.de
#
DocumentRoot "${APACHE_SRC}/html/80"
TypesConfig "${APACHE_DIR}/conf/mime.types"
#
ErrorLog "${APACHE_LOG}/error.log"
CustomLog "${APACHE_LOG}/access.log" combined
#
LogLevel warn
Listen 80
Listen 443
PidFile "${TMP_DIR}/httpd.pid"
DirectoryIndex index.php index.html
#IndexIgnore *.jpg *.png *.gif *.mov *.mp3 *.mp4
TraceEnable off
ServerSignature Off
ServerTokens Prod
# -----------------------------------------------
# paule32: to beware the sight, i splitt off the
# file(s) ...
# -----------------------------------------------
Include "${APACHE_DIR}/conf/modules.load"
#SetEnvIf Request_URI \.gif image-request
#SetEnvIf Request_URI \.jpg image-request
#SetEnvIf Request_URI \.png image-request
#CustomLog "${APACHE_SRC}/data/access_log" common env=!image-request
# -------------------------------------------
# PHP-7 Windows .DLL ...
# -------------------------------------------
LoadFile "${PHP_DIR}/php7ts.dll"
LoadFile "${PHP_DIR}/libpq.dll"
LoadFile "${PHP_DIR}/libsqlite3.dll"
ScriptAlias /local-bin ${PHP_DIR}
AddHandler application/x-httpd-php .php
Action application/x-httpd-php "/local-bin/php-cgi.exe"
AddType text/html .php
# -------------------------------------------------
# we have only own server here, so global is ok.
# -------------------------------------------------
#ErrorDocument 401 /tools/web/error/404.html
#ErrorDocument 403 /tools/web/error/404.html
#ErrorDocument 404 /tools/web/error/404.html
#ErrorDocument 500 /tools/web/error/404.html
DeflateCompressionLevel 9
DeflateInflateLimitRequestBody 2048
Timeout 300
KeepAliveTimeout 5
HostnameLookups On
KeepAlive On
MaxKeepAliveRequests 100
PHPINIDir "${PHP_DIR}"
<Directory "${PHP_DIR}">
AllowMethods POST GET
AllowOverride AuthConfig
Options None
Require all denied
<Files "php-cgi.exe">
Require all granted
</Files>
</Directory>
# -----------------------------------------------------------------------
# The following lines prevent .htaccess and .htpasswd files from being
# viewed by Web clients.
# -----------------------------------------------------------------------
<FilesMatch "^\.ht">
Require all denied
</FilesMatch>
LogFormat "%v:%p %h %l %u %t \"%r\" %>s \"%{Referer}i\"
\"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s \"%{Referer}i\" \"%{User-Agent}i\""
combined
LogFormat "%h %l %u %t \"%r\" %>s " common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
Header set X-Content-Type-Options "nosniff"
Header set X-XSS-Protection "1; mode=block"
Header append X-Frame-Options "SAMEORIGIN"
Header unset X-Powered-By
Header set Vary *
Header set Access-Control-Allow-Origin *
Header set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header set Access-Control-Allow-Headers "x-requested-with, Content-Type,
origin, authorization, accept, client-security-token"
Header set Access-Control-Expose-Headers "Content-Security-Policy, Location"
Header set Access-Control-Max-Age "120"
Header always edit Set-Cookie "^((?!;\s?[Ss]ecure).)+$" "$0; Secure"
Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure
# Audio
AddType audio/mp4 .m4a .f4a .f4b
AddType audio/ogg .oga .ogg
# JavaScript
# Normalize to standard type (it's sniffed in IE anyways):
# http://tools.ietf.org/html/rfc4329#section-7.2
AddType text/html html
AddType text/javascript js
AddType application/javascript js
AddType application/json json
# Video
AddType video/mp4 .mp4 .m4v .f4v .f4p
AddType video/ogg .ogv
AddType video/webm .webm
AddType video/x-flv .flv
# Web fonts
AddType application/font-woff .woff
AddType application/vnd.ms-fontobject .eot
# Browsers usually ignore the font MIME types and sniff the content,
# however, Chrome shows a warning if other MIME types are used for the
# following fonts.
AddType application/x-font-ttf .ttc .ttf
AddType font/opentype .otf
# Make SVGZ fonts work on iPad:
# https://twitter.com/FontSquirrel/status/14855840545
AddType image/svg+xml .svg .svgz
AddEncoding application/gzip .svgz
#SetOutputFilter DEFLATE
#SetEnvIfNoCase Request_URI "\.(?:gif|jpe?g|png)$" no-gzip
<FilesMatch "(\.js\.gz|\.css\.gz)$">
# Serve correct encoding type.
Header append Content-Encoding gzip
# --------------------------------------
# Force proxies to cache gzipped &
# non-gzipped css/js files separately.
# --------------------------------------
Header append Vary Accept-Encoding
</FilesMatch>
<VirtualHost *:80>
ServerName www.kallup.net
ServerAlias kallup.net *.kallup.net
ServerAdmin kallup.j...@web.de
DocumentRoot "${APACHE_WEB}/80"
ErrorLog "${APACHE_LOG}/error.log"
CustomLog "${APACHE_LOG}/access.log" combined
<Directory />
Options FollowSymLinks
AllowOverride none
</Directory>
</VirtualHost>
# ------------------------------------------------------
# 01 - main page (with master login) ...
# ------------------------------------------------------
<VirtualHost *:443>
ServerName www.kallup.net
ServerAlias www.kallup.net *.kallup.net
ServerAdmin kallup.j...@web.de
DocumentRoot "${APACHE_WEB}/443"
ErrorLog "${APACHE_LOG}/error.log"
CustomLog "${APACHE_LOG}/access.log" combined
SSLEngine on
SSLCertificateFile "${APACHE_SRC}/ssl/www.kallup.net.crt"
SSLCertificateKeyFile "${APACHE_SRC}/ssl/www.kallup.net.key"
SSLOptions +StdEnvVars
# enable HTTP/2, if available
Protocols h2 http/1.1
#
RewriteEngine On
LogLevel warn rewrite:trace3
# ---------------------------------------------------------
# compress file(.ext) on server side, beofre delivery ...
# on MS-Windows; you should have the GNU-Tools installed !
# ---------------------------------------------------------
#RewriteCond %{HTTP:Accept-encoding} gzip
#RewriteCond %{REQUEST_FILENAME}\.gz -s
#RewriteRule ^(.*)\.(css|js|txt) $1\.$2\.gz [QSA]
# ---------------------------------------------------------
# out of office time rule ...
# from 07:00 - 20:00
# ---------------------------------------------------------
#RewriteCond %{TIME_HOUR} >=23 [OR]
#RewriteCond %{TIME_HOUR} <=08
#RewriteRule ^$ ${EOF_OFFICE_URL} [R=301,L]
#Set-Cookie: promo_shown=1; SameSite=Lax
# -------------------------------------------------------------------
# safe folders a little bit ,.. :-)
# -------------------------------------------------------------------
<Directory "${APACHE_WEB}/443/index">
AllowMethods GET POST HEAD OPTIONS
IndexOptions -ShowForbidden
AllowOverride FileInfo AuthConfig
AuthType form
AuthName "Restricted Resource"
AuthFormUsername bw_username
AuthFormPassword bw_password
ErrorDocument 401 "/login.html"
AuthFormProvider file
AuthUserFile "apache/conf/ApacheAuthUser.passwd"
Session on
SessionCryptoPassphrase secret
SessionCookieName session path=/
SessionMaxAge 0
SetEnv Authorization "Group: Developer"
#
RewriteCond %{HTTP:Authorization} ^.*
AuthFormLoginRequiredLocation "/index.php"
AuthFormLoginSuccessLocation "/index/index.php"
AuthFormLogoutLocation "/logout/index.php"
<RequireAny>
Require valid-user
</RequireAny>
</Directory>
# --------------------------------------
# logout needs log:out (htpasswd) ...
# --------------------------------------
#<Directory "${APACHE_WEB}/443/logout">
<Location /logout>
IndexOptions -ShowForbidden
AllowOverride FileInfo AuthConfig
UnsetEnv Authorization
AuthType form
AuthName "Restricted Resource"
AuthFormUsername bw_username
AuthFormPassword bw_password
AuthFormProvider file
AuthUserFile "apache/conf/ApacheAuthUser.passwd"
SetHandler form-logout-handler
AuthFormLogoutLocation "/"
#ErrorDocument 401 "${APACHE_WEB}/443/index.php"
Session on
SessionCryptoPassphrase secret
SessionCookieName session path=/
SessionMaxAge 1
<RequireAny>
Require valid-user
Require user log
</RequireAny>
</Location>
</VirtualHost>
Am 04.01.2021 um 03:01 schrieb @lbutlr:
On 03 Jan 2021, at 16:23, Jens Kallup <kallup.j...@web.de> wrote:
I would inform you, that all is done, and working well.
Now, I have a simple two-factor authz.
How did you fix it?
