# push changes with: sudo apache2-vhost-update security-master.debian.org
BrowserMatch ExtractorPro spammer
BrowserMatch EmailSiphon spammer
ServerName security-master.debian.org
ServerAdmin team@security.debian.org
DocumentRoot /srv/security-master.debian.org/htdocs-security-master
ErrorLog /var/log/apache2/security-master.debian.org-error.log
CustomLog /var/log/apache2/security-master.debian.org-access.log combined
LogLevel warn
Alias /debian-security /srv/security.debian.org/archive/debian-security/
Alias /debian-security-buildd /srv/security-master.debian.org/buildd/debian-security-buildd/
Alias /buildd/ /srv/security-master.debian.org/buildd/
order deny,allow
deny from all
Use DebianBuilddHostList
# spohr.debian.org - not in list of buildds generated by puppet
allow from 192.25.206.33
# whitelisted for Joerg Jaspert
allow from 78.46.40.15
allow from 2001:4dd0:ff00:df::2
allow from 213.146.108.162
allow from 2a01:198:5d0:0:21c:c0ff:fead:e3a3
AuthName "security.debian.org"
AuthType Basic
AuthUserFile /srv/security-master.debian.org/apache.htpasswd
require valid-user
# either valid IP address or valid user are sufficient
satisfy any
Use SecurityMasterConfiguration
# TODO implement http to https redirection
Use SecurityMasterConfiguration
Use common-debian-service-ssl security-master.debian.org
Use common-ssl-HSTS