You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Shashidhar Rampally <sh...@gmail.com> on 2008/04/12 09:26:24 UTC
Re: 301 permanent redirects in Apache + Tomcat using mod_jk (solved partly)
Francis,
I have followed your suggestion of using a <VirtualHost> but also made
use of a suggestion I found on a website which talked about putting
mod_rewrite rules inside the VirtualHost element along with the
JkMount command inside. And wow! it works great. :)) Thank you!
The only thing that's still unsolved is how do I redirect aboutus.html
permanently to aboutus.jsp (and 9 more such pages). I can follow the
same concept and put all those rules inside the VirtualHost, but I was
wondering if that would have performance implications? Is there anyway
I can .htaccess into play?
Thanks,
Shashi
<VirtualHost *:80>
JkMount /* ajp13
RewriteEngine on
Options +FollowSymlinks
RewriteCond %{http_host} ^xyz.com [nc]
RewriteRule ^(.*)$ http://www.xyz.com$1 [r=301,nc,L]
</VirtualHost>
>
> On Fri, Apr 11, 2008 at 3:53 PM, Shashidhar Rampally
> <sh...@gmail.com> wrote:
> > Francis,
> >
> > Sorry if I offended you.
> > Those links are
> > www.xyz.com/specsheets.html -> www.xyz.com/specsheet.jsp
> > www.xyz.com/aboutus.html -> www.xyz.com/aboutus.jsp
> > www.xyz.com/mission/mission.html moved to www.xyz.com/mission.jsp
> > etc.
> >
> > No, I do know anything about mod_proxy. I will look into it right away.
> >
> > Thanks,
> > Shashi
> >
> >
> >
> >
> >
> >
> >
> > On Fri, Apr 11, 2008 at 3:28 PM, Francis Galiegue <fg...@gmail.com> wrote:
> > > 2008/4/11, Shashidhar Rampally <sh...@gmail.com>:
> > >
> > > > Francis,
> > > >
> > > > I placed the following in httpd.conf. However, the next time I visited
> > > > xyz.com, it took me to Tomcat home page.
> > > > <VirtualHost xyz.com:80>
> > > > DocumentRoot /not/a/valid/folder
> > > > ServerName xyz.com
> > > >
> > > > RedirectMatch Permanent /(.*) http://www.xyz.com/$1
> > > >
> > > > </VirtualHost>
> > > > <VirtualHost www.xyz.com:80>
> > > > DocumentRoot /usr/lib/apache-tomcat/webapps/xyz/
> > > > ServerName www.xyz.com
> > > > </VirtualHost>
> > > >
> > > >
> > > > Your's is not a comprehensive/clean solution. We also moved about 10
> > > > links. So I also wish to permanently redirect these HTML pages too.
> > > >
> > > > So what would really help me is a URL rewriting module/plug-in like
> > > > mod_rewrite.
> > > >
> > >
> > > Please clarify. What are these "10 links"? Individual files or whole
> > > directories/webapps?
> > >
> > > Also, have you considered mod_proxy (ProxyPass and ProxyPassReverse)?
> > >
> > > --
> > >
> > >
> > > Francis Galiegue, fgaliegue@gmail.com
> > > "When it comes to performance, weight is everything" - Tiff Needell
> > >
> > > ---------------------------------------------------------------------
> > > To start a new topic, e-mail: users@tomcat.apache.org
> > > To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> > > For additional commands, e-mail: users-help@tomcat.apache.org
> > >
> > >
> >
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: 301 permanent redirects in Apache + Tomcat using mod_jk (solved partly)
Posted by Shashidhar Rampally <sh...@gmail.com>.
Finally I figured it out! I had to read about VirtualHost and
NameVirtualHost in the Apache manual, which I was trying to avoid. :)
Here's my final configuration. I have used both RewriteMatch and
mod_rewrite (just to to remind myself it can also be done both ways).
For now, I have chosen not to worry about serving static content
through Apache.
Thanks for all the help Francis! :)
Regards,
Shashi
/*httpd.conf (only relevant portion) */
Listen 80
Listen 443
LoadModule ssl_module modules/mod_ssl.so
NameVirtualHost *:80
NameVirtualHost *:443
<VirtualHost *:80>
JkMount /* ajp13
RewriteEngine on
Options +FollowSymlinks
RewriteCond %{http_host} ^xyz.com [nc]
RewriteRule ^(.*)$ http://www.xyz.com$1 [r=301,nc,L]
RewriteCond %{http_host} ^abc.com [nc]
RewriteRule ^(.*)$ http://www.abc.com$1 [r=301,nc,L]
</VirtualHost>
<VirtualHost *:80>
JkMount /* ajp13
ServerName www.xyz.com
RedirectMatch permanent ./*specsheets.html$ http://www.xyz.com/specsheets.jsp
RedirectMatch permanent ./*locations.html$ http://www.xyz.com/contactus.jsp
RedirectMatch permanent ./*mission.html$ http://www.xyz.com/aboutus.jsp
</VirtualHost>
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl .crl
SSLPassPhraseDialog builtin
SSLSessionCache shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout 300
SSLMutex default
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
<VirtualHost *:443>
ServerName *.xyz.com
JkMount /* ajp13
ErrorLog logs/ssl_error_log
TransferLog logs/ssl_access_log
LogLevel warn
SSLEngine on
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
SSLCertificateFile /etc/httpd/conf/ssl.crt/_.xyz.com.crt
SSLCertificateKeyFile /etc/httpd/conf/ssl.key/xyz.key
SSLCertificateChainFile /etc/httpd/conf/ssl.crt/gd_intermediate_bundle.crt
</VirtualHost>
On Sun, Apr 13, 2008 at 11:38 AM, Francis Galiegue <fg...@gmail.com> wrote:
> 2008/4/13, Shashidhar Rampally <sh...@gmail.com>:
> [...]
>
> > Also when I tried to replace one VirtualHost with multiple
> > VirtualHosts (and hence not needing mod_rewrite), I am getting the
> > following error message:
> > [warn] VirtualHost xyz.com:80 overlaps with VirtualHost
> > www.xyz.com:80, the first has precedence, perhaps you need a
> > NameVirtualHost directive
> >
>
> Have you put a NameVirtualHost your.ip.add.ress:{443,80} before
> defining your virtual hosts?
>
> --
>
>
> Francis Galiegue, fgaliegue@gmail.com
> "When it comes to performance, weight is everything" - Tiff Needell
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: 301 permanent redirects in Apache + Tomcat using mod_jk (solved partly)
Posted by Francis Galiegue <fg...@gmail.com>.
2008/4/13, Shashidhar Rampally <sh...@gmail.com>:
[...]
> Also when I tried to replace one VirtualHost with multiple
> VirtualHosts (and hence not needing mod_rewrite), I am getting the
> following error message:
> [warn] VirtualHost xyz.com:80 overlaps with VirtualHost
> www.xyz.com:80, the first has precedence, perhaps you need a
> NameVirtualHost directive
>
Have you put a NameVirtualHost your.ip.add.ress:{443,80} before
defining your virtual hosts?
--
Francis Galiegue, fgaliegue@gmail.com
"When it comes to performance, weight is everything" - Tiff Needell
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: 301 permanent redirects in Apache + Tomcat using mod_jk (solved partly)
Posted by Shashidhar Rampally <sh...@gmail.com>.
My troubles are not yet over! :)
With my configuration, I am having problems with HTTPS pages. I am
getting a 404 error. I get that error even though I replaced
<VirtualHost *:80> with <VirtualHost *:*>
Also when I tried to replace one VirtualHost with multiple
VirtualHosts (and hence not needing mod_rewrite), I am getting the
following error message:
[warn] VirtualHost xyz.com:80 overlaps with VirtualHost
www.xyz.com:80, the first has precedence, perhaps you need a
NameVirtualHost directive
Please help!
Thanks,
Shashi
On Sat, Apr 12, 2008 at 4:55 AM, Francis Galiegue <fg...@gmail.com> wrote:
> 2008/4/12, Shashidhar Rampally <sh...@gmail.com>:
> > Francis,
> >
>
> > I have followed your suggestion of using a <VirtualHost> but also made
> > use of a suggestion I found on a website which talked about putting
> > mod_rewrite rules inside the VirtualHost element along with the
> > JkMount command inside. And wow! it works great. :)) Thank you!
> >
>
> No problem :) But see below.
>
>
> > The only thing that's still unsolved is how do I redirect aboutus.html
> > permanently to aboutus.jsp (and 9 more such pages). I can follow the
> > same concept and put all those rules inside the VirtualHost, but I was
> > wondering if that would have performance implications? Is there anyway
> > I can .htaccess into play?
> >
> > Thanks,
> > Shashi
> >
> > <VirtualHost *:80>
> > JkMount /* ajp13
>
> Why /*? Why not only /*.jsp? Apache is much better at serving static content...
>
> Here is the Apache configuration file I use, from a server at home
> (hence the RFC 1918 address and nonsensical domain name), you'll
> notice that I don't use mod_rewrite at all and that one URL
> (/favicon.ico) is redirected using RedirectMatch. You can use this
> trick for your yet unredirected pages.
>
> Before the end of the file, you'll see how I manage to redirect
> another server name to the main one, it's dead simple. Again, no
> mod_rewrite needed ;)
>
> ---- CUT ----
> ##########
> # TOMCAT #
> ##########
> #
> # We use mod_jk for talking with Tomcat. Note that this module does NOT come
> # from RHEL, but from JPackage.
> #
> LoadModule jk_module modules/mod_jk.so
>
> #
> # The JkWorkersFile is the location (starting from the ServerRoot) of the
> # configuration file for mod_jk.
> #
> # In a traditional One2team setup, only one worker, of type AJP 1.3 and with
> # name "ajp13" (see below), will be
> # configured, and the Tomcat server will be on the same machine as Apache. In
> # case you want load balancing at Tomcat level, this will be the file to modify.
> #
> # See the workers.properties file for details.
> #
> JkWorkersFile conf.d/workers.properties
> JkLogFile logs/jk.log
> JkLogLevel info
>
> #
> # This is what we want to handle to Tomcat. The rest is handled by Apache itself
> # (Apache knows about KeepAlive, not Tomcat).
> #
> JkMount /*.jsp ajp13
> JkMount /servlet/* ajp13
>
> #
> # We want minimal "Server" headers in HTTP responses.
> #
> ServerTokens Prod
> ServerSignature off
>
> #
> # We have no user accounts. Just in case though, we don't want any ~user.
> #
> UserDir disabled
>
> ##############
> # MAIN VHOST #
> ##############
>
> #
> # Our main vhost is SSL. Always.
> #
> NameVirtualHost 10.142.81.12:443
>
> <VirtualHost frontend.kitchen.eel:443>
>
> ServerAdmin webmaster@kitchen.eel
> DocumentRoot /var/lib/tomcat5/webapps/one2team
> ServerName frontend.kitchen.eel
>
> #
> # We want our logs in separate files. We also want a log format that is
> # actually useful!
> #
> ErrorLog logs/one2team-error_log
> LogFormat "%{%Y%m%d,%H:%M:%S}t %h (%>s/%c; %B bytes/%D usecs)
> \"%r\"" one2team
> CustomLog logs/one2team-access_log one2team
>
> RedirectMatch permanent .*/favicon\.ico$
> https://frontend.kitchen.eel/images/one2team.ico
>
> #
> # The SSL part... First, the directives for the SSL engine itself.
> #
> SSLEngine on
> SSLProtocol all -SSLv2
> SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:-MEDIUM:-SSLv2:-LOW:-eNULL
> SSLOptions +StdEnvVars +ExportCertData
>
> #
> # Now the SSL certificate.
> #
> # IMPORTANT: the default installation provides the server with a
> # SELF-SIGNED CERTIFICATE. You may want to put a CA trusted certificate
> # instead. In this case, you should also provide a trust chain in
> # SSLCertificateChainFile.
> #
> # See the mod_ssl documentation for details.
> #
> SSLCertificateKeyFile conf/ssl.key/one2team.key
> SSLCertificateFile conf/ssl.crt/one2team.crt
>
> #
> # Expiry policy
> #
> ExpiresActive On
> ExpiresDefault "access plus 1 hour"
> AddDefaultCharset UTF-8
>
> #
> # Mod deflate: on the server side as well as on the client side...
> #
> SetOutputFilter DEFLATE
> SetInputFilter DEFLATE
> DeflateMemLevel 9
> DeflateCompressionLevel 3
> DeflateFilterNote Input instream
> DeflateFilterNote Output outstream
> DeflateFilterNote Ratio ratio
> #
> # But not for these types of files
> #
> SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
> SetEnvIfNoCase Request_URI \.mp3$ no-gzip dont-vary
> SetEnvIfNoCase Request_URI \.(?:exe|com)$ no-gzip dont-vary
> SetEnvIfNoCase Request_URI
> \.(?:t?gz|zip|bz2|sit|rar|lha|Z|arc|jar|war)$ no-gzip dont-vary
> SetEnvIfNoCase Request_URI
> \.(?:pdf|stc|std|sti|stw|sxc|sxd|sxg|sxi|sxm|sxw)$ no-gzip dont-vary
>
> #
> # Dynamic content: handle specially
> #
> <Location "/jsp">
> Header append Pragma "no-cache"
> #
> # We WANT the JSP content to expire immediately (it's dynamic
> # after all)
> #
> ExpiresDefault "now"
> Header set Cache-Control "no-store, private, no-cache,
> must-revalidate, proxy-revalidate"
> Header unset Vary
> </Location>
>
> <LocationMatch "/servlet">
> Header append Pragma "no-cache"
> ExpiresDefault "now"
> Header set Cache-Control "no-store, private, no-cache,
> must-revalidate, proxy-revalidate"
> Header unset Vary
> </LocationMatch>
>
> <LocationMatch
> "/servlet/(ShowDocumentContent|ShowBinary|DownloadServlet|ChartServlet)">
> Header set Cache-Control "private, must-revalidate,
> proxy-revalidate, max-age=0"
> Header unset Pragma
> Header unset Vary
> </LocationMatch>
>
> #
> # Directories within the webapp root that we DO NOT want to be accessed
> # directly
> #
> <Location "/WEB-INF">
> AllowOverride None
> Order allow,deny
> Deny from all
> </Location>
>
> <Directory "/var/lib/tomcat5/webapps/one2team/WEB-INF">
> AllowOverride None
> Order allow,deny
> Deny from all
> </Directory>
>
> #
> # And finally, the webapp root directory
> #
> <Directory "/var/lib/tomcat5/webapps/one2team/">
> Options FollowSymLinks
> </Directory>
>
> </VirtualHost>
>
> #
> # Redirect-only VHost
> #
>
> <VirtualHost cookiejar.kitchen.eel:80>
> ServerName cookiejar.kitchen.eel
> RedirectMatch permanent ^/(.*)$ https://frontend.kitchen.eel/$1
> </VirtualHost>
> ---- CUT ----
>
> I don't use mod_rewrite, as you can see.
>
> --
>
>
> Francis Galiegue, fgaliegue@gmail.com
> "When it comes to performance, weight is everything" - Tiff Needell
>
> ---------------------------------------------------------------------
> To start a new topic, e-mail: users@tomcat.apache.org
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
>
>
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: 301 permanent redirects in Apache + Tomcat using mod_jk (solved
partly)
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Francis,
Francis Galiegue wrote:
| 2008/4/12, Christopher Schultz <ch...@christopherschultz.net>:
|> Sorry to pick nits, but the fallacy that Tomcat sucks as a static
|> content server just needs to die.
|
| Well, the performance tests we did (Tomcat 5.0.x/Coyote vs Apache
| 2.0.x/AJP13/Tomcat 5.0.x) surely didn't account for it being a
| "fallacy". I don't know whether this has changed in 5.5.x/6.x, but
| Coyote doesn't know about mod_expires and keepalive, for one. And that
| makes a huge difference.
Could you please send a link to the data and those findings? I'm sure
everyone on the list would love to ask questions. If you wouldn't mind,
please post it under a new heading so folks will actually read it.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkgDeY8ACgkQ9CaO5/Lv0PB1jwCfcygWJuaGtND3lZQZOwq0+mYK
kZYAoLuyEfbOjf0k5y9tLrx4WYzDy5Kd
=Y16Z
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: 301 permanent redirects in Apache + Tomcat using mod_jk (solved partly)
Posted by Francis Galiegue <fg...@gmail.com>.
2008/4/12, Christopher Schultz <ch...@christopherschultz.net>:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Francis,
>
> Francis Galiegue wrote:
> | Apache is much better at serving static content...
>
> To be fair, Apache httpd and Tomcat are about equal. But, if you are
> already using Apache httpd, you may as well have it serve the static
> content instead of forwarding such requests to Tomcat.
>
> Sorry to pick nits, but the fallacy that Tomcat sucks as a static
> content server just needs to die.
>
Well, the performance tests we did (Tomcat 5.0.x/Coyote vs Apache
2.0.x/AJP13/Tomcat 5.0.x) surely didn't account for it being a
"fallacy". I don't know whether this has changed in 5.5.x/6.x, but
Coyote doesn't know about mod_expires and keepalive, for one. And that
makes a huge difference.
--
Francis Galiegue, fgaliegue@gmail.com
"When it comes to performance, weight is everything" - Tiff Needell
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: 301 permanent redirects in Apache + Tomcat using mod_jk (solved
partly)
Posted by Christopher Schultz <ch...@christopherschultz.net>.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Francis,
Francis Galiegue wrote:
| Apache is much better at serving static content...
To be fair, Apache httpd and Tomcat are about equal. But, if you are
already using Apache httpd, you may as well have it serve the static
content instead of forwarding such requests to Tomcat.
Sorry to pick nits, but the fallacy that Tomcat sucks as a static
content server just needs to die.
- -chris
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkgA7LkACgkQ9CaO5/Lv0PBK8QCgvoAeRt4TdZQUZtruDvHh9FOf
xLEAn3/IYhjciwmaoeKIRpLxa3d6Zpk5
=IXnt
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
Re: 301 permanent redirects in Apache + Tomcat using mod_jk (solved partly)
Posted by Francis Galiegue <fg...@gmail.com>.
2008/4/12, Shashidhar Rampally <sh...@gmail.com>:
> Francis,
>
> I have followed your suggestion of using a <VirtualHost> but also made
> use of a suggestion I found on a website which talked about putting
> mod_rewrite rules inside the VirtualHost element along with the
> JkMount command inside. And wow! it works great. :)) Thank you!
>
No problem :) But see below.
> The only thing that's still unsolved is how do I redirect aboutus.html
> permanently to aboutus.jsp (and 9 more such pages). I can follow the
> same concept and put all those rules inside the VirtualHost, but I was
> wondering if that would have performance implications? Is there anyway
> I can .htaccess into play?
>
> Thanks,
> Shashi
>
> <VirtualHost *:80>
> JkMount /* ajp13
Why /*? Why not only /*.jsp? Apache is much better at serving static content...
Here is the Apache configuration file I use, from a server at home
(hence the RFC 1918 address and nonsensical domain name), you'll
notice that I don't use mod_rewrite at all and that one URL
(/favicon.ico) is redirected using RedirectMatch. You can use this
trick for your yet unredirected pages.
Before the end of the file, you'll see how I manage to redirect
another server name to the main one, it's dead simple. Again, no
mod_rewrite needed ;)
---- CUT ----
##########
# TOMCAT #
##########
#
# We use mod_jk for talking with Tomcat. Note that this module does NOT come
# from RHEL, but from JPackage.
#
LoadModule jk_module modules/mod_jk.so
#
# The JkWorkersFile is the location (starting from the ServerRoot) of the
# configuration file for mod_jk.
#
# In a traditional One2team setup, only one worker, of type AJP 1.3 and with
# name "ajp13" (see below), will be
# configured, and the Tomcat server will be on the same machine as Apache. In
# case you want load balancing at Tomcat level, this will be the file to modify.
#
# See the workers.properties file for details.
#
JkWorkersFile conf.d/workers.properties
JkLogFile logs/jk.log
JkLogLevel info
#
# This is what we want to handle to Tomcat. The rest is handled by Apache itself
# (Apache knows about KeepAlive, not Tomcat).
#
JkMount /*.jsp ajp13
JkMount /servlet/* ajp13
#
# We want minimal "Server" headers in HTTP responses.
#
ServerTokens Prod
ServerSignature off
#
# We have no user accounts. Just in case though, we don't want any ~user.
#
UserDir disabled
##############
# MAIN VHOST #
##############
#
# Our main vhost is SSL. Always.
#
NameVirtualHost 10.142.81.12:443
<VirtualHost frontend.kitchen.eel:443>
ServerAdmin webmaster@kitchen.eel
DocumentRoot /var/lib/tomcat5/webapps/one2team
ServerName frontend.kitchen.eel
#
# We want our logs in separate files. We also want a log format that is
# actually useful!
#
ErrorLog logs/one2team-error_log
LogFormat "%{%Y%m%d,%H:%M:%S}t %h (%>s/%c; %B bytes/%D usecs)
\"%r\"" one2team
CustomLog logs/one2team-access_log one2team
RedirectMatch permanent .*/favicon\.ico$
https://frontend.kitchen.eel/images/one2team.ico
#
# The SSL part... First, the directives for the SSL engine itself.
#
SSLEngine on
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:RC4+RSA:+HIGH:-MEDIUM:-SSLv2:-LOW:-eNULL
SSLOptions +StdEnvVars +ExportCertData
#
# Now the SSL certificate.
#
# IMPORTANT: the default installation provides the server with a
# SELF-SIGNED CERTIFICATE. You may want to put a CA trusted certificate
# instead. In this case, you should also provide a trust chain in
# SSLCertificateChainFile.
#
# See the mod_ssl documentation for details.
#
SSLCertificateKeyFile conf/ssl.key/one2team.key
SSLCertificateFile conf/ssl.crt/one2team.crt
#
# Expiry policy
#
ExpiresActive On
ExpiresDefault "access plus 1 hour"
AddDefaultCharset UTF-8
#
# Mod deflate: on the server side as well as on the client side...
#
SetOutputFilter DEFLATE
SetInputFilter DEFLATE
DeflateMemLevel 9
DeflateCompressionLevel 3
DeflateFilterNote Input instream
DeflateFilterNote Output outstream
DeflateFilterNote Ratio ratio
#
# But not for these types of files
#
SetEnvIfNoCase Request_URI \.(?:gif|jpe?g|png)$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \.mp3$ no-gzip dont-vary
SetEnvIfNoCase Request_URI \.(?:exe|com)$ no-gzip dont-vary
SetEnvIfNoCase Request_URI
\.(?:t?gz|zip|bz2|sit|rar|lha|Z|arc|jar|war)$ no-gzip dont-vary
SetEnvIfNoCase Request_URI
\.(?:pdf|stc|std|sti|stw|sxc|sxd|sxg|sxi|sxm|sxw)$ no-gzip dont-vary
#
# Dynamic content: handle specially
#
<Location "/jsp">
Header append Pragma "no-cache"
#
# We WANT the JSP content to expire immediately (it's dynamic
# after all)
#
ExpiresDefault "now"
Header set Cache-Control "no-store, private, no-cache,
must-revalidate, proxy-revalidate"
Header unset Vary
</Location>
<LocationMatch "/servlet">
Header append Pragma "no-cache"
ExpiresDefault "now"
Header set Cache-Control "no-store, private, no-cache,
must-revalidate, proxy-revalidate"
Header unset Vary
</LocationMatch>
<LocationMatch
"/servlet/(ShowDocumentContent|ShowBinary|DownloadServlet|ChartServlet)">
Header set Cache-Control "private, must-revalidate,
proxy-revalidate, max-age=0"
Header unset Pragma
Header unset Vary
</LocationMatch>
#
# Directories within the webapp root that we DO NOT want to be accessed
# directly
#
<Location "/WEB-INF">
AllowOverride None
Order allow,deny
Deny from all
</Location>
<Directory "/var/lib/tomcat5/webapps/one2team/WEB-INF">
AllowOverride None
Order allow,deny
Deny from all
</Directory>
#
# And finally, the webapp root directory
#
<Directory "/var/lib/tomcat5/webapps/one2team/">
Options FollowSymLinks
</Directory>
</VirtualHost>
#
# Redirect-only VHost
#
<VirtualHost cookiejar.kitchen.eel:80>
ServerName cookiejar.kitchen.eel
RedirectMatch permanent ^/(.*)$ https://frontend.kitchen.eel/$1
</VirtualHost>
---- CUT ----
I don't use mod_rewrite, as you can see.
--
Francis Galiegue, fgaliegue@gmail.com
"When it comes to performance, weight is everything" - Tiff Needell
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org