# push changes with: sudo apache2-vhost-update security-master.debian.org BrowserMatch ExtractorPro spammer BrowserMatch EmailSiphon spammer ServerName security-master.debian.org ServerAdmin team@security.debian.org DocumentRoot /srv/security-master.debian.org/htdocs-security-master ErrorLog /var/log/apache2/security-master.debian.org-error.log CustomLog /var/log/apache2/security-master.debian.org-access.log combined LogLevel warn Alias /debian-security /srv/security.debian.org/archive/debian-security/ Alias /debian-security-buildd /srv/security-master.debian.org/buildd/debian-security-buildd/ Alias /buildd/ /srv/security-master.debian.org/buildd/ order deny,allow deny from all Use DebianBuilddHostList # spohr.debian.org - not in list of buildds generated by puppet allow from 192.25.206.33 # whitelisted for Joerg Jaspert allow from 78.46.40.15 allow from 2001:4dd0:ff00:df::2 allow from 213.146.108.162 allow from 2a01:198:5d0:0:21c:c0ff:fead:e3a3 AuthName "security.debian.org" AuthType Basic AuthUserFile /srv/security-master.debian.org/apache.htpasswd require valid-user # either valid IP address or valid user are sufficient satisfy any Use SecurityMasterConfiguration # TODO implement http to https redirection Use SecurityMasterConfiguration Use common-debian-service-ssl security-master.debian.org Use common-ssl-HSTS