From 1932206c4696333cd2723083b65b92d36d5188fc Mon Sep 17 00:00:00 2001 From: Joerg Jaspert Date: Sat, 19 Feb 2011 13:58:32 +0100 Subject: [PATCH] add security apache.conf Signed-off-by: Joerg Jaspert --- config/debian-security/apache.conf | 135 +++++++++++++++++++++++++++++ 1 file changed, 135 insertions(+) create mode 100644 config/debian-security/apache.conf diff --git a/config/debian-security/apache.conf b/config/debian-security/apache.conf new file mode 100644 index 00000000..b2ae925a --- /dev/null +++ b/config/debian-security/apache.conf @@ -0,0 +1,135 @@ +# pretend this is in a vhost + ServerAdmin team@security.debian.org + DocumentRoot /srv/security-master.debian.org/htdocs-security-master + ServerName security-master.debian.org + + ErrorLog /var/log/apache2/security-master.debian.org-error.log + LogLevel warn + CustomLog /var/log/apache2/security-master.debian.org-access.log combined + + + Alias /debian-security /org/security.debian.org/archive/debian-security/ + Alias /buildd/ /org/security-master.debian.org/buildd/ + + #RewriteEngine on + #RewriteRule ^/$ http://www.debian.org/security/ + + # New suite aliases + Alias /buildd-lenny /srv/security-master.debian.org/buildd/lenny/ + Alias /buildd-squeeze /srv/security-master.debian.org/buildd/squeeze/ + + # BuildD access list + + order deny,allow + deny from all + + # i386 + # brahms + allow from 206.12.19.115 + allow from 2607:f8f0:610:4000:216:36ff:fe40:3802 + # murphy + allow from 70.103.162.31 + # biber + allow from 194.177.211.204 + allow from 2001:648:2ffc:deb:214:22ff:feb2:1268 + + # amd64 + # barber + allow from 194.177.211.203 + allow from 2001:648:2ffc:deb:214:22ff:feb2:2370 + + # armel + # ancina + allow from 157.193.39.13 + # arnold + allow from 217.140.96.57 + # alain + allow from 217.140.96.58 + # alwyn + allow from 217.140.96.59 + # antheil + allow from 217.140.96.60 + + # alpha + # goetz + allow from 193.62.202.26 + + # samosa + allow from 192.25.206.57 + # spohr + allow from 192.25.206.33 + + # mipsel + # rem + allow from 82.195.75.68 + allow from 2001:41b8:202:deb:202:4cff:fefe:d06 + # mayer + allow from 140.211.166.78 + allow from 2001:6f8:1173:2:202:4cff:fefe:d06 + + # sparc + # lebrun + allow from 193.198.184.10 + # schroeder + allow from 193.198.184.11 + # spontini + allow from 206.12.19.14 + allow from 2607:f8f0:610:4000:a00:20ff:fea0:918b + + # mips + # corelli + allow from 206.12.19.16 + allow from 2607:f8f0:610:4000:2e0:98ff:fe00:4489 + # lucatelli + allow from 206.12.19.15 + allow from 2607:f8f0:610:4000:2e0:98ff:fe00:4141 + # ball + allow from 2001:41b8:202:deb:202:4cff:fefe:d09 + allow from 82.195.75.70 + + # s390 + allow from 80.245.147.46 + + # kfreebsd, i386 + # finzi + allow from 206.12.19.111 + # field + allow from 194.177.211.210 + + # kfreebsd, amd64 + # fasch + allow from 194.177.211.201 + # fano + allow from 206.12.19.110 + + # ia64 + # alkman + allow from 192.25.206.63 + # mundy + allow from 192.25.206.62 + + # powerpc + # praetorius + allow from 130.239.18.121 + allow from 2001:6b0:e:2a18:204:acff:fede:459f + # poulenc + allow from 144.32.168.77 + # porpora + allow from 144.32.168.78 + + # Ganneff, test + allow from 78.46.40.15 + allow from 2001:4dd0:ff00:df::2 + allow from 213.146.108.162 + allow from 2a01:198:5d0:0:21c:c0ff:fead:e3a3 + + AuthName "security.debian.org" + AuthType Basic + AuthUserFile /org/security-master.debian.org/apache.htpasswd + require valid-user + + # Either good IP address or good user/pass is sufficient + satisfy any + + +# end -- 2.39.2