home
***
CD-ROM
|
disk
|
FTP
|
other
***
search
/
OS/2 Shareware BBS: 35 Internet
/
35-Internet.zip
/
webtraps.zip
/
ibmproxy.conf2
< prev
next >
Wrap
Text File
|
2001-04-18
|
111KB
|
2,977 lines
# (C) COPYRIGHT International Business Machines Corp. 1997, 2000
# All Rights Reserved
# Licensed Materials - Property of IBM
#
# US Government Users Restricted Rights - Use, duplication or
# disclosure restricted by GSA ADP Schedule Contract with IBM Corp.
#
# ===================================================================== #
#
# This is the default configuration file for the
# IBM WebSphere Performance Pack Web Traffic Express
# proxy server.
#
# TABLE OF CONTENTS
# =================
# - Basic directives
# - Process control
# - Logging directives
# * log file directives
# * log archive directives
# * log filtering directives
# - Method directives
# - Content presentation directives
# * Welcome pages directives
# * Directory browsing directives
# * CGI program directives
# * Content type directives
# - Error Message directives
# - API directives
# - User authentication and document protection
# - Mapping rules
# - Performance directives
# - Timeout directives
# - Proxy directives
# - Proxy caching directives
# - Proxy cache garbage collection directives
# - Advanced proxy and caching directives
# - Remote Cache Access (RCA) directives
# - SNMP directives
# - Icon directives
# - Cache agent directives
# - PICS Filtering directives
# - Miscellaneous directives
#
# ===================================================================== #
# ===================================================================== #
#
# Basic directives
#
# ===================================================================== #
# ServerRoot directive:
#
# Set this to point to the directory where you unpacked this
# distribution, or wherever you want ibmproxy to have its "home".
#
# Default: opt/IBMWTE/usr/internet/server_root
# Syntax: ServerRoot <path>
ServerRoot /opt/IBMWTE/usr/internet/server_root
# This ServerRoot entry usually points to where the WTE install
# is, you sure can change it, at least to get a WTE log file
# in a different location
# Hostname directive:
#
# Specify the fully-qualified hostname, including the domain. You can
# use an alias (if you have one set up) instead of the machine's real
# host name so that clients will not be able to see the real host name.
#
# Default: <host name default defined in DNS>
# Syntax: Hostname <fully-qualified host name>
#
# BindSpecific directive:
#
# Allows a multi-homed system to run a different server on
# each IP address.
#
# Default: off
# Syntax: BindSpecific <on | off>
BindSpecific off
# Port directive:
#
# Port used by the server.
# NOTE: If the server is not started by root, you have to use a port
# above 1024; good choices are 8000, 8001, 8080.
#
# Default: 80
# Syntax: Port <num>
Port 8081
# Multiple ports are possible
# AdminPort directive:
#
# This port may be used by the administrator for access to the
# server status pages or configuration forms. Requests to this
# port will not be queued with all other incoming requests on the
# standard port(s) defined with the Port directive. However, they
# will go through the normal access control and request-mapping
# rules (Pass, Exec, Protect, etc).
#
# The administration port must not be the same as the standard
# port(s) defined with the Port directive.
#
# Default: none
# Syntax: AdminPort <num>
AdminPort 8007
# ===================================================================== #
#
# Process control directives
#
# ===================================================================== #
# UserId directive:
#
# Specify the user name/number to which the server changes
# before accessing files, if the server was started as root.
#
# Default: nobody
# Syntax: UserId <user name/number>
#
UserID wesadmin
# GroupId directive:
#
# Specify the group name/number the server changes to
# before accessing files, if the server was started as root.
#
# Default: nobody
# Syntax: GroupId <group name/number>
GroupId wesadmin
# Both UserID and GroupId will be the values you enter during
# WES install
# NoBG directive:
#
# Normally, when the server is started, the process forks to go
# into the background, and the first process exits. If you turn on
# NoBG, the main process will not go to the background. If you're
# using init to start the server, it may be useful to set this
# to ON (and then init can respawn the server if it fails).
#
# Note that this directive will be ignored if the server is started
# through SRC.
#
# Default: off
# Syntax: NoBG <on | off>
NoBG off
# PidFile directive:
#
# When the server process starts, it will record its process id
# ("pid") in a file, for use by the "ibmproxy -restart" command. This
# directive specifies the location for that file. If you are
# running multiple instances of the server on a single system, each
# should have its own PidFile.
#
# Default: <server-root>/ibmproxy-pid
# If no ServerRoot directive is given, then the default for
# the PidFile is /tmp/ibmproxy-pid
# Syntax: PidFile <path-to-pid-file-into>
# ===================================================================== #
#
# Logging directives
#
# ===================================================================== #
# ==============================
# *** log file directives ***
# ==============================
# If you want logging, specify locations for your logs:
#
# AccessLog - used for logging local document requests
# ProxyAccessLog - used for logging proxy requests
# CacheAccessLog - used for logging hits on proxy cache
# ErrorLog - used for logging any errors
# EventLog - used for logging initialization events
#
# NOTE: To enable logging of requests to the proxy cache, the
# following must be defined:
#
# Caching MUST be turned ON (default is OFF)
# CacheAccessLog MUST be defined
#
# Defaults: AccessLog /opt/IBMWTE/usr/internet/server_root/logs/local
# ProxyAccessLog /opt/IBMWTE/usr/internet/server_root/logs/proxy
# CacheAccessLog /opt/IBMWTE/usr/internet/server_root/logs/cache
# ErrorLog /opt/IBMWTE/usr/internet/server_root/logs/error
# EventLog /opt/IBMWTE/usr/internet/server_root/logs/event
# Syntax: <directive> <fullpath-filename>
AccessLog /opt/IBMWTE/usr/internet/server_root/logs/ap_local
ProxyAccessLog /opt/IBMWTE/usr/internet/server_root/logs/ap_proxy
CacheAccessLog /opt/IBMWTE/usr/internet/server_root/logs/ap_cache
ErrorLog /opt/IBMWTE/usr/internet/server_root/logs/ap_error
EventLog /opt/IBMWTE/usr/internet/server_root/logs/ap_event
TraceLog /opt/IBMWTE/usr/internet/server_root/logs/ap_tracelog
# LogFileFormat:
#
# Specify the format of the access log files.
# By default, logs are displayed in the NCSA Common Log Format.
# Specify "combined" to get the NCSA Combined Log Format instead.
# Entries in the combined format are the same as those in the
# common format with the addition of fields for the referring URL,
# User Agent, and Cookie (if present in the request). Certain site
# analysis tools, such as IBM's Site Analyzer, require proxy logs
# to be in Combined format.
#
# Default: common
# Syntax LogFileFormat <common | combined>
#
# LogFileFormat common
# LogToSyslog directive:
#
# In addition to logging access request information to the server logs,
# you can send log entries to the UNIX syslog daemon.
#
# Default: off
# Syntax: LogToSyslog <on | off>
#
# NOTE: Please reference online documentation/help for a more extensive
# explanation of how to use this function.
#
LogToSyslog off
# NoLog directive:
#
# Suppress access log entries for host matching a given IP address
# or hostname. Wild cards "*" may be used. This directive may be used
# multiple times within the configuration file.
#
# Default: <none>
# Syntax: NoLog <hostnames and IP addresses>
#
# NOTE: DNS-Lookup may need to be turned ON.
#
# Example:
# NoLog 128.141.*.*
# NoLog *.location.company.com
# Nolog *.*.*.com
# ==============================
# *** log archive directives ***
# ==============================
# LogArchive directive
#
# Specify the type of archive processing to use.
#
# Default: Purge
# Syntax: LogArchive <Compress | Purge | none>
#
LogArchive Purge
# Compress directives
#
# If you specified "Compress" for LogArchive, specify:
# - the age at which the log files should be compressed
# - the age at which the log files should be deleted
# - the compress command you want executed against the
# log archive files
#
# Default: 0
# Syntax: CompressAge <num>
# Syntax: CompressDeleteAge <num>
#
# Default: <none>
# Syntax: CompressCommand <commpress-command>
#
CompressAge 1
CompressDeleteAge 7
# CompressCommand tar -cf /logarchs/log%%DATE%%.tar %%LOGFILES%% ; gzip /logarchs/log%%DATE%%.tar
# CompressCommand tar -cf /logarchs/log%%DATE%%.tar %%LOGFILES%% ; compress /logarchs/log%%DATE%%.tar
# CompressCommand zip -q /logarchs/log%%DATE%%.tar %%LOGFILES%%
# Purge directives
#
# If you specified "Purge" for LogArchive,
# specify the age and size(in Megabytes) limits
# at which time the files should be purged.
#
# Syntax: PurgeAge <num>
# Default: PurgeAge 7
# Syntax: PurgeSize <num>
# Default: PurgeSize 0
#
PurgeAge 7
PurgeSize 0
# ====================================
# *** log filtering directives ***
# ====================================
# AccessLogExcludeUserAgent directive
#
# A filter to exclude request URLs from user-agents that match a
# given template.
#
# Default: Requests from Network Dispatcher's HTTP and WTE advisors
# will not be logged
# Syntax: AccessLogExcludeUserAgent <User-Agent template>
#
AccessLogExcludeUserAgent IBM_Network_Dispatcher_HTTP_Advisor
AccessLogExcludeUserAgent IBM_Network_Dispatcher_WTE_Advisor
# AccessLogExcludeURL, AccessLogExcludeMethod,
# AccessLogExcludeReturnCode and AccessLogExcludeMimeType directive:
#
# Access log entries may be filtered to exclude requests by:
# * requests matching a given URL template
# * requests of a given method
# * requests with a given return code range (200s, 300s, 400s, 500s)
# * requests for files of a given mime type
#
# Default: <none>
# Syntax: AccessLogExcludeURL <URL template>
# AccessLogExcludeMethod <GET | PUT | POST | DELETE>
# AccessLogExcludeReturnCode <200 | 300 | 400 | 500>
# AccessLogExcludeMimeType <text/html | text/plain |
# text/other | image/gif |
# image/jpeg | image/(other) |
# application/* |
# audio/* | video/* |
# (other)/(other)>
#
# Example:
# AccessLogExcludeURL *.gif
# AccessLogExcludeURL /Freebies/*
# AccessLogExcludeMethod PUT
# AccessLogExcludeMethod POST
# AccessLogExcludeReturnCode 300
# AccessLogExcludeReturnCode 400
# AccessLogExcludeMimeType text/html
# AccessLogExcludeMimeType text/plain
# ===================================================================== #
#
# Method directives
#
# ===================================================================== #
#
# HTTP Methods that you do or don't want your server to accept.
#
# NOTE: Please reference online documentation/help to specify or
# create other methods.
#
# Default: Enable GET
# Enable HEAD
# Enable POST
# Enable TRACE
# Enable OPTIONS
# Enable CONNECT
# Disable PUT
# Disable DELETE
# Syntax: Enable <method>
# Disable <method>
#
Enable GET
Enable HEAD
Enable POST
Enable TRACE
Enable OPTIONS
Enable CONNECT
Disable PUT
Disable DELETE
# ===================================================================== #
#
# Content presentation directives
#
# ===================================================================== #
# ==============================
# *** Welcome pages ***
# ==============================
# Welcome directive:
#
# Specifies the default file name to use when only a directory name is
# specified in the URL. Many Welcome directives may be defined, with the
# one defined earliest having precedence.
#
# Multi-homed servers can use the IP-address_template parameter to
# specify an address template which restricts the server to displaying
# a specific welcome page based on which address template matches.
#
# NOTE: the address of the servers network connection is compared
# to the template, not the address of the requesting client.
#
# Defaults: Welcome.html, welcome.html, index.html, Frntpage.html
# Syntax: Welcome file-name [IP-address-template]
#
# Example:
# Welcome letsgo.html
# Welcome CustomerA.html 9.67.106.79
Welcome Welcome.html
Welcome welcome.html
Welcome index.html
Welcome Frntpage.html
# =====================================
# *** Directory browsing directives ***
# =====================================
# These directives control directory listings as follows:
# * Enable/disable or selective directory browsing
# * Configure/disable readme feature for directory browsing
# * Control the appearance of the directory listing
# * Define the maximum width of the description text
# * Define the maximum & minimum width of the filename field
#
# Default: DirShowIcons on
# DirShowDate on
# DirShowSize on
# DirShowDescription on
# DirShowCase on
# DirShowHidden on
# DirShowBytes off
# Syntax: <directive> <on | off>
#
# Default: DirShowMaxDescrLength 25
# DirShowMaxLength 25
# DirShowMinLength 15
# Syntax: <directive> <num>
DirShowIcons on
DirShowDate on
DirShowSize on
DirShowDescription on
DirShowCase on
DirShowHidden on
DirShowBytes off
DirShowMaxDescrLength 25
DirShowMaxLength 25
DirShowMinLength 15
# FTPDirInfo directive:
#
# FTP servers may generate a welcome or description message for
# a directory. This can optionally be displayed as part of FTP
# directory listings; in addition, you can control where it will
# be displayed. The following options are available:
#
# FTPDirInfo top - display welcome message at the top of the page,
# before the listing of files in the directory.
# FTPDirInfo bottom - display welcome message at the bottom of the page,
# after the listing of files in the directory.
# FTPDirInfo off - do not display the welcome message from the
# FTP server.
#
# Note that this directive gives no control over the content of the
# message itself; that message will be generated by the FTP server
# being contacted.
#
# Default: FTPDirInfo top
# Syntax: FTPDirInfo <top | bottom | off>
#
# Example: don't display welcome messages from FTP servers
# FTPDirInfo off
FTPDirInfo top
# DirBackgroundImage
#
# This directive allows applying a background image to directory
# listings generated by the proxy. Directory listings are generated
# when browsing FTP sites through the proxy.
#
# The background image should be given as an absolute path. If the
# image is located at another server, the background image must
# be specified as a full URL.
#
# If no background image is specified, a plain white background will
# be used.
#
# Default: no background image specified
# Syntax: DirBackgroundImage /some/image.jpg
#
# Example: use /images/corplogo.png as background graphic
# DirBackgroundImage /images/corplogo.png
#
# Example: use /graphics/embossed.gif on Web server www.somehost.com as
# background graphic
# DirBackgroundImage http://www.somehost.com/graphics/embossed.gif
# =====================================
# *** CGI program directives ***
# =====================================
# InheritEnv and DisInheritEnv directives:
#
# InheritEnv - Specify which environment variables are
# inherited by CGI programs.
#
# DisInheritEnv - Specify which environment variables are
# disinherited by CGI programs.
#
# By default, all environment variables are inherited by
# CGI programs. If you include any InheritEnv directive,
# only those environment variables specified on InheritEnv
# directives will be inherited. You can exclude individual
# environment variables from being inherited with the
# DisInheritEnv directive.
#
# NOTE: Refer to the Web Programming Guide for a list
# of the CGI-specific environment variables.
#
# Default: <none>
# Syntax: InheritEnv <variable>
# Syntax: DisInheritEnv <variable>
# Example:
# InheritEnv PATH
# InheritEnv LANG=ENUS
# DisInheritEnv PATH
# DisInheritEnv LANG
# =====================================
# *** Content type directives ***
# =====================================
# imbeds directive:
#
# Controls Server Side Include processing for output that has
# Content-type: text/x-ssi-html.
#
# NOTE: Please reference online documentation/help for a more extensive
# explanation of how to use this function.
#
# Default: off SSIOnly
# Syntax: imbeds <on/off/files/cgi/noexec> <html/SSIOnly>
# parm1: on process files, CGIs and SSI #exec CGI
# off never use SSI
# files process files and SSI #exec CGI
# cgi process CGIs and SSI #exec CGI
# noexec process files, CGIs but not SSI #exec CGI
#
# parm2: html also process Content-type: text/html
# SSIOnly process Content-type: text/x-ssi-html only
#
#
imbeds on SSIOnly
# SuffixCaseSense directive:
#
# Specify whether case sensitivity for suffixes is on or off.
#
# Default: off
# Syntax: SuffixCaseSense <on | off>
#
# NOTE: This directive should be BEFORE any AddType or AddEncoding
# directives.
#
SuffixCaseSense off
# AcceptAnything directive:
#
# If this is set to ON, documents will be served to the client even
# if the MIME type of the document does not match an Accept:
# header sent by the client. If this is OFF, documents with a MIME type
# which the client doesn't not state that they understand will cause
# the client to see an error page instead.
#
# Default: ON
# Syntax: AcceptAnything <on | off>
#
#
AcceptAnything on
# Map suffixes to the content-type of a file.
#
# Defaults: see list below
# Syntax: Addtype <.suffix><representation><encoding><quality>
# where <quality> is optional
#
# Application-specific types
AddType .bcpio application/x-bcpio binary 1.0 # Old binary CPIO
AddType .cpio application/x-cpio binary 1.0 # POSIX CPIO
AddType .gtar application/x-gtar binary 1.0 # Gnu tar
AddType .bin application/octet-stream binary 1.0 # Uninterpreted binary
AddType .class application/octet-stream binary 1.0 # Java applet or application
AddType .dms application/octet-stream binary 1.0 #
AddType .exe application/octet-stream binary 0.8 # MSDOS/OS2/WIN executables
AddType .dll application/octet-stream binary 0.8 # OS2/WIN executables
AddType .lha application/octet-stream binary 0.8 # LHArc
AddType .lzh application/octet-stream binary 0.8 # Compressed data
AddType .oda application/oda binary 1.0
AddType .pdf application/pdf binary 1.0
AddType .ai application/postscript 8bit 0.5 # Adobe Illustrator
AddType .PS application/postscript 8bit 0.8 # PostScript
AddType .eps application/postscript 8bit 0.8
AddType .ps application/postscript 8bit 0.8
AddType .rtf application/rtf 7bit 1.0 # RTF
AddType .sit application/stuffit binary 1.0 # Mac StuffIt compressor
AddType .csh application/x-csh 7bit 0.5 # C-shell script
AddType .dvi application/x-dvi binary 1.0 # TeX DVI
AddType .hdf application/x-hdf binary 1.0 # NCSA HDF data file
AddType .latex application/x-latex 8bit 1.0 # LaTeX source
AddType .nc application/x-netcdf binary 1.0 # Unidata netCDF data
AddType .cdf application/x-netcdf binary 1.0
AddType .js application/x-javascript binary 1.0 # Java script
AddType .sh application/x-sh 7bit 0.5 # Shell-script
AddType .shar application/x-shar 8bit 1.0 # Shell archive
AddType .sv4cpio application/x-sv4cpio binary 1.0 # SVR4 CPIO
AddType .sv4crc application/x-sv4crc binary 1.0 # SVR4 CPIO with CRC
AddType .tcl application/x-tcl 7bit 0.5 # TCL-script
AddType .tex application/x-tex 8bit 1.0 # TeX source
AddType .texi application/x-texinfo 7bit 1.0 # Texinfo
AddType .texinfo application/x-texinfo 7bit 1.0
AddType .t application/x-troff 7bit 0.5 # Troff
AddType .roff application/x-troff 7bit 0.5
AddType .tr application/x-troff 7bit 0.5
AddType .man application/x-troff-man 7bit 0.5 # Troff with man macros
AddType .me application/x-troff-me 7bit 0.5 # Troff with me macros
AddType .ms application/x-troff-ms 7bit 0.5 # Troff with ms macros
AddType .src application/x-wais-source 7bit 1.0 # WAIS source
AddType .prs application/x-freelance binary 1.0 # Lotus Freelance
AddType .pre application/vnd.lotus-freelance binary 1.0 # Lotus Freelance
AddType .prz application/vnd.lotus-freelance binary 1.0 # Lotus Freelance
AddType .lwp application/vnd.lotus-wordpro binary 1.0 # Lotus Word Pro
AddType .sam application/vnd.lotus-wordpro binary 1.0 # Lotus Word Pro
AddType .apr application/vnd.lotus-approach binary 1.0 # Lotus Approach
AddType .vew application/vnd.lotus-approach binary 1.0 # Lotus Approach
AddType .123 application/vnd.lotus-1-2-3 binary 1.0 # Lotus 1-2-3
AddType .wk1 application/vnd.lotus-1-2-3 binary 1.0 # Lotus 1-2-3
AddType .wk3 application/vnd.lotus-1-2-3 binary 1.0 # Lotus 1-2-3
AddType .wk4 application/vnd.lotus-1-2-3 binary 1.0 # Lotus 1-2-3
AddType .org application/vnd.lotus-organizer binary 1.0 # Lotus Organizer
AddType .or2 application/vnd.lotus-organizer binary 1.0 # Lotus Organizer
AddType .or3 application/vnd.lotus-organizer binary 1.0 # Lotus Organizer
AddType .scm application/vnd.lotus-screencam binary 1.0 # Lotus Screencam
AddType .ppt application/vnd.microsoft-powerpoint binary 1.0 # MS PowerPoint
AddType .pac application/x-ns-proxy-autoconfig binary 1.0 # Netscape proxy Autoconfig files
AddType .hqx application/mac-binhex40 binary 1.0 # Macintosh BinHex format
AddType .bsh application/x-sh 7bit 0.5 # Bourne shell script
AddType .ksh application/x-ksh 7bit 0.5 # K-shell script
AddType .pcl application/x-pcl 7bit 0.5 #
AddType .wk1 application/x-123 binary 1.0 #
# Audio files
AddType .snd audio/basic binary 1.0 # Audio
AddType .au audio/basic binary 1.0
AddType .mid audio/midi binary 1.0
AddType .midi audio/midi binary 1.0
AddType .kar audio/midi binary 1.0
AddType .mpga audio/mpeg binary 1.0
AddType .mp2 audio/mpeg binary 1.0
AddType .mp3 audio/mpeg binary 1.0
AddType .aiff audio/x-aiff binary 1.0
AddType .aifc audio/x-aiff binary 1.0
AddType .aif audio/x-aiff binary 1.0
AddType .ra audio/x-realaudio binary 1.0
AddType .ram audio/x-pn-realaudio binary 1.0
AddType .rpm audio/x-pn-realaudio-plugin binary 1.0
AddType .wav audio/x-wav binary 1.0 # Windows+ WAVE format
AddType .pdb chemical/x-pdb binary 0.8
AddType .xyz chemical/x-pdb binary 0.8
# Graphic (image) types
AddType .bmp image/bmp binary 1.0 # OS/2 bitmap format
AddType .ras image/x-cmu-raster binary 1.0
AddType .gif image/gif binary 1.0 # GIF
AddType .ief image/ief binary 1.0 # Image Exchange fmt
AddType .jpg image/jpeg binary 1.0 # JPEG
AddType .JPG image/jpeg binary 1.0
AddType .JPE image/jpeg binary 1.0
AddType .jpe image/jpeg binary 1.0
AddType .JPEG image/jpeg binary 1.0
AddType .jpeg image/jpeg binary 1.0
AddType .png image/png binary 1.0 # Portable Network Graphics
AddType .tif image/tiff binary 1.0 # TIFF
AddType .tiff image/tiff binary 1.0
AddType .pnm image/x-portable-anymap binary 1.0 # PBM Anymap format
AddType .pbm image/x-portable-bitmap binary 1.0 # PBM Bitmap format
AddType .pgm image/x-portable-graymap binary 1.0 # PBM Graymap format
AddType .ppm image/x-portable-pixmap binary 1.0 # PBM Pixmap format
AddType .rgb image/x-rgb binary 1.0
AddType .xbm image/x-xbitmap binary 1.0 # X bitmap
AddType .xpm image/x-xpixmap binary 1.0 # X pixmap format
AddType .xwd image/x-xwindowdump binary 1.0 # X window dump (xwd)
# "Multipart" (containers)
AddType .tar multipart/x-tar binary 1.0 # 4. 3BSD tar
AddType .ustar multipart/x-ustar binary 1.0 # POSIX tar
AddType .zip multipart/x-zip binary 1.0 # PKZIP
# Text file types
AddType .css text/css 8bit 1.0 # W3C Cascading Style Sheets
AddType .html text/html 8bit 1.0 # HTML
AddType .htm text/html 8bit 1.0 # HTML on PCs
AddType .c text/plain 7bit 0.5 # C source
AddType .h text/plain 7bit 0.5 # C headers
AddType .C text/plain 7bit 0.5 # C++ source
AddType .cc text/plain 7bit 0.5 # C++ source
AddType .hh text/plain 7bit 0.5 # C++ headers
AddType .java text/plain 7bit 0.5 # Java source
AddType .m text/plain 7bit 0.5 # Objective-C source
AddType .f90 text/plain 7bit 0.5 # Fortran 90 source
AddType .txt text/plain 7bit 0.5 # Plain text
AddType .cxx text/plain 7bit 0.5 # C++
AddType .for text/plain 7bit 0.5 # Fortran
AddType .mar text/plain 7bit 0.5 # MACRO
AddType .log text/plain 7bit 0.5 # logfiles
AddType .com text/plain 7bit 0.5 # scripts
AddType .sdml text/plain 7bit 0.5 # SDML
AddType .list text/plain 7bit 0.5 # listfiles
AddType .lst text/plain 7bit 0.5 # listfiles
AddType .def text/plain 7bit 0.5 # definition files
AddType .conf text/plain 7bit 0.5 # definition files
AddType . text/plain 7bit 0.5 # files with no extension
AddType .rtx text/richtext 7bit 1.0 # MIME Richtext format
AddType .tsv text/tab-separated-values 7bit 1.0 # Tab-separated values
AddType .etx text/x-setext 7bit 0.9 # Struct Enchanced Txt
AddType .asm text/x-asm 7bit 1.0 # ASM source
AddType .sgm text/x-sgml 8bit 1.0 # SGML source
AddType .sgml text/x-sgml 8bit 1.0 # SGML source
AddType .htmls text/x-ssi-html 8bit 1.0 # Server-side includes
AddType .shtml text/x-ssi-html 8bit 1.0 # Server-side includes
AddType .uil text/x-uil 8bit 1.0 #
AddType .uu text/x-uuencode 8bit 1.0 #
# Video formats
AddType .mpg video/mpeg binary 1.0
AddType .mpe video/mpeg binary 1.0
AddType .mpeg video/mpeg binary 1.0
AddType .qt video/quicktime binary 1.0 # QuickTime
AddType .mov video/quicktime binary 1.0
AddType .avi video/x-msvideo binary 1.0 # MS Video for Windows
AddType .movie video/x-sgi-movie binary 1.0 # SGI movieplayer
AddType .mjpg video/x-motion-jpeg binary 1.0 #
# "WWW" - internal - types
AddType .mime www/mime binary 1.0 # Internal -- MIME is not recursive
# Extension types
AddType .ice x-conference/x-cooltalk binary 1.0
AddType .wrl x-world/x-vrml binary 1.0 # VRML
# When all else fails...
AddType *.* application/octet-stream binary 0.1 # Try to guess
AddType * application/octet-stream binary 0.1 # Try to guess
# Map suffixes to MIME content-encodings.
# These are usually extra suffixes that modify the base file.
#
# Defaults: <none>
# Syntax: AddEncoding <.suffix><encoding>
AddEncoding .Z x-compress 1.0 # Compressed data
AddEncoding .gz x-gzip 1.0 # Compressed data
# ===================================================================== #
#
# Error Message directives
#
# ===================================================================== #
# ErrorPage directive:
#
# Specifies the html file name to be returned by the server to the
# client when a specific error occurs.
#
# NOTE: Please see "Error Conditions, Causes, and Default Messages"
# in the online documentation for a list keywords.
#
# Default: <none>
# Syntax: ErrorPage <keyword> </path/filename.html>
#
# Example:
# ErrorPage scriptstart /errorpages/scriptstart.html
#
ErrorPage badrange /errorpages/badrange.htmls
ErrorPage badredirect /errorpages/badredirect.htmls
ErrorPage badrequest /errorpages/badrequest.htmls
ErrorPage badscript /errorpages/badscript.htmls
ErrorPage baduser /errorpages/baduser.htmls
ErrorPage blocked /errorpages/blocked.htmls
ErrorPage byrule /errorpages/byrule.htmls
ErrorPage cacheexp /errorpages/cacheexp.htmls
ErrorPage cachenoconn /errorpages/cachenoconn.htmls
ErrorPage cachenotopened /errorpages/cachenotopened.htmls
ErrorPage cacheonly /errorpages/cacheonly.htmls
ErrorPage connectfail /errorpages/connectfail.htmls
ErrorPage deletefailed /errorpages/deletefailed.htmls
ErrorPage dirbrowse /errorpages/dirbrowse.htmls
ErrorPage dirnobrowse /errorpages/dirnobrowse.htmls
ErrorPage dotdot /errorpages/dotdot.htmls
ErrorPage expectfailed /errorpages/expectfailed.htmls
ErrorPage ftpanonloginrej /errorpages/ftpanonloginrej.htmls
ErrorPage ftpauth /errorpages/ftpauth.htmls
ErrorPage ftpbad220 /errorpages/ftpbad220.htmls
ErrorPage ftphpanonloginrej /errorpages/ftphpanonloginrej.htmls
ErrorPage ftphpbad220 /errorpages/ftphpbad220.htmls
ErrorPage ftphploginrej /errorpages/ftphploginrej.htmls
ErrorPage ftphpnoconnect /errorpages/ftphpnoconnect.htmls
ErrorPage ftphpnoresponse /errorpages/ftphpnoresponse.htmls
ErrorPage ftphpnosocket /errorpages/ftphpnosocket.htmls
ErrorPage ftphpunreshost /errorpages/ftphpunreshost.htmls
ErrorPage ftploginrej /errorpages/ftploginrej.htmls
ErrorPage ftploginreq /errorpages/ftploginreq.htmls
ErrorPage ftpnoconnect /errorpages/ftpnoconnect.htmls
ErrorPage ftpnodata /errorpages/ftpnodata.htmls
ErrorPage ftpnoresponse /errorpages/ftpnoresponse.htmls
ErrorPage ftpnosocket /errorpages/ftpnosocket.htmls
ErrorPage ftpunrechost /errorpages/ftpunrechost.htmls
ErrorPage ftpunreshost /errorpages/ftpunreshost.htmls
ErrorPage hpforbidden /errorpages/hpforbidden.htmls
ErrorPage httpnodata /errorpages/httpnodata.htmls
ErrorPage httpnoforward /errorpages/httpnoforward.htmls
ErrorPage httpnosend /errorpages/httpnosend.htmls
ErrorPage httpunreshost /errorpages/httpunreshost.htmls
ErrorPage ipmask /errorpages/ipmask.htmls
ErrorPage ipmaskproxy /errorpages/ipmaskproxy.htmls
ErrorPage methoddisabled /errorpages/methoddisabled.htmls
ErrorPage multifail /errorpages/multifail.htmls
ErrorPage noaccess /errorpages/noaccess.htmls
ErrorPage noacl /errorpages/noacl.htmls
ErrorPage nocachenoconn /errorpages/nocachenoconn.htmls
ErrorPage noentry /errorpages/noentry.htmls
ErrorPage noformat /errorpages/noformat.htmls
ErrorPage nohostheader /errorpages/nohostheader.htmls
ErrorPage noopen /errorpages/noopen.htmls
ErrorPage nopartner /errorpages/nopartner.htmls
ErrorPage norep /errorpages/norep.htmls
ErrorPage notallowed /errorpages/notallowed.htmls
ErrorPage notauthorized /errorpages/notauthorized.htmls
ErrorPage notfound /errorpages/notfound.htmls
ErrorPage notmember /errorpages/notmember.htmls
ErrorPage olproxnocontact /errorpages/olproxnocontact.htmls
ErrorPage openfailed /errorpages/openfailed.htmls
ErrorPage originbadresp /errorpages/originbadresp.htmls
ErrorPage preconfail /errorpages/preconfail.htmls
ErrorPage proxybadurl /errorpages/proxybadurl.htmls
ErrorPage proxyfail /errorpages/proxyfail.htmls
ErrorPage proxynotauth /errorpages/proxynotauth.htmls
ErrorPage proxynotmember /errorpages/proxynotmember.htmls
ErrorPage putfailed /errorpages/putfailed.htmls
ErrorPage rchunkerror /errorpages/rchunkerror.htmls
ErrorPage rchunkmemory /errorpages/rchunkmemory.htmls
ErrorPage scriptinterr /errorpages/scriptinterr.htmls
ErrorPage scriptio /errorpages/scriptio.htmls
ErrorPage scriptnocomm /errorpages/scriptnocomm.htmls
ErrorPage scriptnotfound /errorpages/scriptnotfound.htmls
ErrorPage scriptnovari /errorpages/scriptnovari.htmls
ErrorPage scriptstart /errorpages/scriptstart.htmls
ErrorPage servermaperror /errorpages/servermaperror.htmls
ErrorPage setuperror /errorpages/setuperror.htmls
ErrorPage throttled /errorpages/throttled.htmls
ErrorPage unknownmethod /errorpages/unknownmethod.htmls
# ===================================================================== #
#
# API directives:
#
# ===================================================================== #
# ServerInit directive:
#
# Specify a customized application function you want the server
# to call during the server's initialization routines. This code
# will be executed before any client requests are read.
#
# Default: <none>
# Syntax: ServerInit </path/file:function_name>
#
# Example:
# ServerInit /www/api/bin/icsext05.so:svr_init
#
#
#WES
# ********R E A D T H I S**********************************
# The Everyplace Suite installer program should create the following file.
# If you are running in a SecureWay Directory environment, the values from this file
# will be overridden by the values in the SecureWay Directory table.
ServerInit /usr/bin/wesauth.so:InitAS /usr/lpp/IBMEPS.Auth/ibmwesas.conf
# PreExit directive:
#
# Specify a customized application function you want the server to
# call during the User PreExit step. This code will be executed after
# a client request has been read but before any other processing
# occurs. You can call the goserve module during this step.
#
# Default: <none>
# Syntax: PreExit </path/file:function_name>
#
# Example:
# PreExit /www/api/bin/icsext05.so:pre_exit
# Authentication directive:
#
# Specify a customized application function you want the server to
# call during the Authentication step. This code will be executed based
# on the authentication scheme. Currently, only Basic authentication
# is supported.
#
# Default: <none>
# Syntax: Authentication <type> </path/file:function_name>
#
# Example:
# Authentication BASIC /www/api/bin/icsextpgm.so:basic_authen
# NameTrans directive:
#
# Specify a customized application function you want the server
# to call during the Name Translation step. This code would supply
# the mechanism for translating the virtual path in the request to
# the physical path on the server, mapping URLs to specific objects.
#
# Default: <none>
# Syntax: NameTrans </URL> </path/file:function_name> <IP_address_template>
#
# Example:
# NameTrans /index.html /www/api/bin/icsextpgm.so:trans_url
# Authorization directive:
#
# Specify a customized application function you want the server
# to call during the Authorization step. This code would verify
# that the requested object can be served to the client.
#
# Default: <none>
# Syntax: Authorization </URL> </path/file:function_name>
#
# Example:
# Authorization /index.html /www/api/bin/icsextpgm.so:trans_url
#
#WES
# The following line requires authorization for every page, including http and https:
#Authorization * /usr/bin/wesauth.so:AuthAS
Authorization http://servicewes1:15080/* /usr/bin/wesauth.so:AuthAS
######################################
#
# UNPROTECTED ALIASES
#
######################################
Proxy /tsm-enroll/* http://servicewes1:18080/*
Proxy /enroll/* http://servicewes1:18080/enroll/*
Proxy /art/* http://servicewes1:18080/art/*
# ObjectType directive:
#
# Specify a customized application function you want the server
# to call during the Object Type step. This code would locate the
# requested object in the file system and identify its MIME type.
#
# Default: <none>
# Syntax: ObjectType </URL> </path/file:function_name>
#
# Example:
# ObjectType /index.html /www/api/bin/icsextpgm.so:obj_type
# Service directive:
#
# Specify a customized application function you want the server
# to call during the Service step. This code would service the client
# request. For example, it sends the file or runs the CGI program.
#
# Default: <none>
# Syntax: Service </URL> </path/file:function_name> <IP_address_template>
#
# Example:
# Service /index.html /www/api/bin/icsext05.so:serve_req
# Transmogrifier directive:
#
# Specify a customized application function you want the server
# to call during the Transmogrifier step. This code would provide four
# application functions: an open function, a write function, a close
# function, and an error function.
#
# Default: <none>
# Syntax: Transmogrifier </path/file:open_function_name:write_function_name:close_function_name:error_function_name>
#
# Example:
# Transmogrifier /www/api/bin/icsext05.so:my_open:my_write:my_close:my_error
# Log directive:
#
# Specify a customized application function you want the server
# to call during the Log step. This code would supply logging and
# other processing you want performed after the connection has
# been closed.
#
# Default: <none>
# Syntax: Log </URL> </path/file:function_name>
#
# Example:
# Log /index.html /www/api/bin/icsextpgm.so:trans_url
# Error directive:
#
# Specify a customized application function you want the server
# to call during the Error step. This code would execute only when
# an error is encountered to provide customized error routines.
#
# Default: <none>
# Syntax: Error </URL> </path/file:function_name>
#
# Example:
# Error /index.html /www/api/bin/icsext05.so:error_rtns
# PostExit directive:
#
# Specify a customized application function you want the server
# to call during the Post-exit step. This code will be executed
# regardless of the return codes from previous steps. It allows
# you to clean up any resources allocated to process the request.
#
# Default: <none>
# Syntax: PostExit </path/file:function_name>
#
# Example:
# PostExit /www/api/bin/icsext05.so:post_exit
# ServerTerm directive:
#
# Specify a customized application function you want the server
# to call during the Server Termination step. This code would
# execute when an orderly shutdown occurs and allows you to
# release resources allocated by a PreExit application function.
#
# Default: <none>
# Syntax: ServerTerm </path/file:function_name>
#
# Example:
# ServerTerm /www/api/bin/icsext05.so:shut_down
ServerTerm /usr/bin/wesauth.so:TermAS
# Midnight directive:
#
# Specify a customized application function you want the server
# to call at midnight.
#
# Default: Midnight /usr/lib/archive.so:begin
# Syntax: Midnight </path/file:function_name>
Midnight /usr/lib/archive.so:begin
# See also the 'Service' directive, which is an API directive, but
# comes after the document protection directives.
# ===================================================================== #
#
# User authentication and document protection
#
# ===================================================================== #
# Within the configuration file, there are three directives that
# define file access protection:
# Protect, DefProt, and Protection.
#
# A Protection setup contains subdirectives that define how a set
# of resources is to be protected. The protection setup is used on
# a DefProt or Protect directive. The subdirectives can be coded
# * on a preceding Protection directive
# * in-line on the DefProt or Protect directive
# * in a separate protection file
#
# The Protect and DefProt directives define the association of a
# Protection setup with a set of resources to be protected.
# * The DefProt statement associates a Protection setup with a URL
# template but does not activate protection.
# * The Protect statement associates a Protection setup with a URL
# template and activates the protection.
#
# If your server has multiple network connections, you can optionally
# specify an address template on either the DefProt or Protect directive
# to restrict the server to using the directive only for requests that
# come to the server on a connection with an address matching the
# template.
#
# NOTE: The address of the server's network connection is compared to
# the template, NOT the address of the requesting client.
#
# You can specify a complete IP address (for example, FOR 9.67.106.79),
# or you can use a wildcard(*) character and specify a template
# (for example, FOR 9.83.*).
#
#
# Protection directive:
#
# Default: <none>
# Syntax: Protection setup-name { directives }
#
# Within the braces, any combination of twelve(12) possible
# protection subdirectives can be defined:
# UserID, GroupID, ServerID, AuthType,
# GetMask, PutMask, PostMask, DeleteMask, Mask,
# PasswdFile, GroupFile
#
#
# Protect directive:
#
# Default: <none>
# Syntax for a Protect directive pointing to a Protection directive:
# Protect request-template setup-name [FOR IP-address-label]
#
# Syntax for a Protect directive with protection settings defined
# inline:
# Protect request-template [IP-address-label] {
# protection setting
# protection setting
# .
# .
# .
# }
# Example:
# Protect /secret/* CustomerA-PROT
# Protect /secret/* {
# ServerID ServerName
# AuthType Basic
# PasswdFile /docs/www/restricted.pwd
# GroupFile /docs/www/restricted.grp
# GetMask authors
# }
# Protect /secret/* CustomerA-PROT FOR 9.67.106.79
# Protect /secret/* 9.83.* {
# ServerID ServerName
# AuthType Basic
# PasswdFile /docs/www/restricted.pwd
# GroupFile /docs/www/restricted.grp
# GetMask authors
# }
#
#
# DefProt directive:
#
# Syntax for a DefProt directive pointing to a Protection directive:
# DefProt request-template setup-name [FOR IP-address-label]
#
# Syntax for a Protect directive with protection settings defined
# inline:
# DefProt request-template [IP-address-label] {
# protection setting
# protection setting
# .
# .
# .
# }
#
# Example:
# DefProt /secret/* CustomerA-PROT
# DefProt /secret/* {
# ServerID ServerName
# AuthType Basic
# PasswdFile /docs/www/restricted.pwd
# GroupFile /docs/www/restricted.grp
# GetMask authors
# }
# DefProt /secret/* CustomerA-PROT FOR 9.67.106.79
# DefProt /secret/* 9.83.* {
# ServerID ServerName
# AuthType Basic
# PasswdFile /docs/www/restricted.pwd
# GroupFile /docs/www/restricted.grp
# GetMask authors
# }
#
#
# Example DefProt and Protect and Protection directives:
#
# Protection setup by usernames; specify groups in the group
# file, if you need groups; create and maintain password files
# with the htadm program.
#
# Protection PROT-SETUP-USERS {
# ServerId YourServersFancyName
# AuthType Basic
# PasswdFile /where/ever/passwd
# GroupFile /where/ever/group
# GET-Mask user, user, group, group, user
# }
#
#
# Protection setup by hosts; you can use both domain name
# templates and IP number templates
#
# Protection PROT-SETUP-HOSTS {
# ServerId YourServersFancyName
# AuthType Basic
# PasswdFile /where/ever/passwd
# GroupFile /where/ever/group
# GET-Mask @(*.cern.ch, 128.141.*.*, *.ncsa.uiuc.edu)
# }
# DefProt /very/secret/URL/*
# Protect /very/secret/URL/* PROT-SETUP-USERS
# Protect /another/secret/URL/* PROT-SETUP-HOSTS
#
Protection PROT-ADMIN {
ServerId Private_Authorization
AuthType Basic
GetMask All@(*)
PutMask All@(*)
PostMask All@(*)
Mask All@(*)
PasswdFile /opt/IBMWTE/usr/internet/server_root/protect/webadmin.passwd
}
#WES
#********You can change the ServerID line to suit your needs**********
# The ServerID line determines what name will be shown in the authentication dialog box
# on the client machine.
Protection PROT-AS {
ServerId WES_Support
AuthType Basic
Mask All@(*)
}
Protect /admin-bin/* PROT-ADMIN
Protect /reports/* PROT-ADMIN
Protect /Usage* PROT-ADMIN
# Added for Authentication server
#Protect /* PROT-AS
Protect /tsm_sc/* PROT-AS
Protect /selfcare/* PROT-AS
#
# Service directive:
#
# Default: <none>
# Syntax: service <URL> <program>
#
Service /ndadvisor INTERNAL:NDAdvisor
service /Usage* INTERNAL:UsageFn
service /admin-bin/trace* INTERNAL:TraceFn
# ===================================================================== #
#
# Mapping rules
#
# ===================================================================== #
# The Pass, Fail, Exec, Map, Redirect, and Proxy rules are used for
# mapping a request URL to another URL or a physical file.
#
# The rules specify templates and a file directory or new URL to replace
# the template in the request. If a request comes in and the URL of the
# request matches one of the mapping rules, the rule is applied. Asterisks
# are used as wild cards and must appear in both the request template and
# the replacement template. The Fail rule does not have a replacement template.
#
# The Pass, Fail, and Exec rules are used for mapping from a request URL
# to a physical file. The Map rule is used for mapping from one url to
# another. The Proxy rule is used for mapping from a request URL to a URL
# which will be passed on to another server and requires a full URL in the
# replacement template. Redirect will direct the client to pass the request
# on to another server and requires a full URL in the replacement template.
#
# The rules are applied in the order they appear in the configuration file
# until a request template has been matched or until there are no more rules
# to apply. The Map rule will modify the request as defined by the replacement
# template and then will continue processing the remaining rules against the
# mapped request. All other rules will stop applying rules once one of the
# rules has been matched.
#
# If your server has multiple network connections, you can optionally
# specify an address template to restrict the server to using the
# directive only for requests that come to the server on a connection
# with an address matching the template.
#
# NOTE: the address of the servers network connection is compared
# to the template, not the address of the requesting client.
#
# You can specify a complete IP address (for example, 9.67.106.79).
#
# Default: <none>
# Syntax: rule request-template result [IP-address-template]
#
#
# Example:
# Exec /cgi-bin/* /CGI-BIN/CustomerA/* 9.67.109.79
# Map /data/* /www/data/*
# Map /mess/* /www/junk/*
# Map /books/stuff/* /www/docs/*
# Fail /bogus/* 9.67.105.79
# Fail /ddd/eee/*
# Redirect /old/server/* http://new.server.loc/newpath/*
# Proxy /hosta/* http://hosta/*
# Pass /buck/* /diskx/bin/*
#
# Added for Authentication Server TPSM enrollment
# The enrollment server config is only for Auth Servre testing
# as this server should be out the WES domain. Change to the
# correct TPSM machine. The http request is
# http://wesaix04:8001/tsm-enroll/enroll.html
# You should change the machine names in the example to match those
# of your TPSM machine.
#
#WES
# An example of how to use a proxy statement is as follows:
# Proxy /ibm/* http://www.ibm.com/*
# From the client browser, you would access the URL
# http://server:port/ibm/
# This statement makes it appear that the remote page is actually contained on the
# local machine. Remember that proxy statements work best on pages that you maintain
# because absolute links will not work.
# If a link references www.ibm.com/images/logo.gif, it will not access the image
# correctly. In this situation, you should create a relative link to the
# image. An example would be /images/logo.gif.
# For this example, you need to add another proxy line in order to correctly proxy
# the images directory. Example: Proxy /images/* http://www.ibm.com/images/*
# The correct way to access the image is as follows: http://server:port/images/logo.gif.
# Here are some examples we have added for Tivoli Personalized Services Manager.
#Proxy /tsm-enroll/* http://servicewes1:18080/*
#Proxy /enroll/* http://servicewes1:18080/enroll/*
#Proxy /art/* http://servicewes1:18080/art/*
# Tivoli Personalized Services Manager Personal (Personal has links to the selfcare appls)
# It shoud be accessed by
# http://wteserver:port/perso/samples/welcome.jsp
# However, the welcome.jsp in /usr/TivTSM/personal/content/samples contains some gif
# files that reside on www.tivoli.com, which results in blank image under AP
#
Proxy /perso/* http://servicewes1:16080/perso/*
Proxy /images/* http://servicewes1:16080/images/*
#
# Tivoli Personalized Services Manager Selfcare
# For selfcare access, use
# http://wteserver:port/tsm_sc/selfcare
#
Proxy /tsm_sc/* http://servicewes1:15080/*
Proxy /selfcare/* http://servicewes1:15080/selfcare/*
# If there is any back-end original server, say backserver-1, other than the TPSM
# machine, that you don't want the request be transformed by WTP, in which case,
# you still a Proxy directive for this specific server
Proxy /bs-1/* http://backserver-1:port/*
#
# and the request would be
# http://wte-server:port/*
# and later on, the no_proxy line need to be specified--see "no_proxy" for details
#WES
# For testing purposes, you may choose to add the following line at the
# bottom of your proxy statements. Adding this line will map everything that
# does not match another proxy statement to the specified site. Again, this is
# for testing and should probably not be used in the real world.
# For example http://wteserver:port/www.yahoo.com
# is mapped to http://www.yahoo.com
#
#Proxy /* http://*
#
# Scripts; URLs starting with /cgi-bin/ will be understood as
# script calls in the directory /opt/IBMWTE/usr/internet/server_root/cgi-bin/
#
# URLs starting with /admin-bin/ will be understood as
# script calls in the directory /opt/IBMWTE/usr/internet/server_root/admin-bin/
#
Pass /admin-bin/webexec/*.style /opt/IBMWTE/usr/internet/server_root/admin-bin/webexec/*.style
Pass /admin-bin/webexec/*.NLS /opt/IBMWTE/usr/internet/server_root/admin-bin/webexec/*.NLS
Pass /admin-bin/webexec/*.props /opt/IBMWTE/usr/internet/server_root/admin-bin/webexec/*.props
Pass /admin-bin/webexec/*.class /opt/IBMWTE/usr/internet/server_root/admin-bin/webexec/*.class
Pass /admin-bin/webexec/*.gif /opt/IBMWTE/usr/internet/server_root/admin-bin/webexec/*.gif
Pass /admin-bin/webexec/*.jar /opt/IBMWTE/usr/internet/server_root/admin-bin/webexec/*.jar
Pass /admin-bin/webexec/*.html /opt/IBMWTE/usr/internet/server_root/admin-bin/webexec/*.html
Pass /Docs/arrow*.gif /opt/IBMWTE/usr/internet/server_root/Docs/arrow*.gif
Pass /Docs/up-arrow.gif /opt/IBMWTE/usr/internet/server_root/Docs/up-arrow.gif
Pass /Docs/*.jar /opt/IBMWTE/usr/internet/server_root/Docs/*.jar
Pass /Docs/*.class /opt/IBMWTE/usr/internet/server_root/Docs/*.jar
#Pass /admin-bin/webexec/images/* /opt/IBMWTE/usr/internet/server_root/admin-bin/webexec/images*
Pass /admin-bin/webexec/* /opt/IBMWTE/usr/internet/server_root/admin-bin/webexec/*
Exec /cgi-bin/* /opt/IBMWTE/usr/internet/server_root/cgi-bin/*
Exec /admin-bin/* /opt/IBMWTE/usr/internet/server_root/admin-bin/*
Exec /Docs/admin-bin/* /opt/IBMWTE/usr/internet/server_root/admin-bin/*
#
# URL translation rules; If your documents are under
# /opt/IBMWTE/usr/internet/server_root/pub/ then this single rule does the job:
#
Pass /icons/statusSB.gif /opt/IBMWTE/usr/internet/server_root/icons/statusSB.gif
Pass /icons/* /opt/IBMWTE/usr/internet/server_root/icons/*
Pass /Admin/* /opt/IBMWTE/usr/internet/server_root/Admin/*
Pass /Docs/* /opt/IBMWTE/usr/internet/server_root/Docs/*
Pass /htmldocs/* /opt/IBMWTE/usr/internet/server_root/Docs/htmldocs/*
Pass /wsApplet/* /opt/IBMWTE/usr/internet/server_root/Applets/*
Pass /errorpages/* /opt/IBMWTE/usr/internet/server_root/pub/errorpages/*
# *** ADD NEW MAPPING RULES HERE ***
Pass /* /opt/IBMWTE/usr/internet/server_root/pub/*
# ===================================================================== #
#
# Performance directives
#
# ===================================================================== #
# MaxActiveThreads directive:
#
# Defines the number of threads in system thread pool.
#
# Default: 100
# Syntax: MaxActiveThreads <num>
MaxActiveThreads 100
# MaxPersistRequest directive:
#
# Maximum number of request to receive on a persistent connection.
#
# Default: 5
# Syntax: MaxPersistRequest <num>
MaxPersistRequest 5
# DNS-Lookup directive:
#
# Instruct the server to look up hostnames of clients by
# setting DNS-Lookup to "on".
# NOTE: Turning DNS-Lookup "on" decreases server performance.
#
# Default: off
# Syntax: DNS-Lookup <on | off>
DNS-Lookup off
# PureProxy directive:
#
# Specifies if the server is to be run purely as a proxy server.
#
# Default: on
# Syntax: PureProxy <on | off>
PureProxy on
# MaxContentLengthBuffer directive:
#
# The server normally gives a content-length header line for every
# document it returns. For dynamically-generated documents, the server
# must buffer the document to compute the content length. This directive
# can be used to set the size of this buffer. If it is exceeded the
# document will be returned without a content-length header field (and
# the connection will be forced closed: persistent connections cannot
# be used unless the response has a content length).
#
# Default: 100 K
# Syntax: MaxContentLengthBuffer <size> <K|M>
# (Only one keyword/value pair allowed.)
#
MaxContentLengthBuffer 100 K
# ProxyPersistence directive:
#
# Allows persistent connections, which will significantly reduce
# latency for users and reduce CPU load on the proxy server.
#
# NOTE: Supporting persistent connections requires more threads,
# and thus more memory, on the proxy server. In addition,
# if you have a multi-level proxy server setup, and you
# have any old (HTTP/1.0) proxies in the network, then you
# MUST NOT use persistent connections at the proxy.
#
# Default: on
# Syntax: ProxyPersistence <on | off>
ProxyPersistence on
# ===================================================================== #
#
# Timeout directives
#
# ===================================================================== #
# Use these directives to:
# * limit the time to wait for the client to send a request
# after connecting to the server before cancelling the connection.
# * limit the time allowed without network activity before
# cancelling the connection.
# * limit the time to allow for sending output to the client.
# * limit the time to allow for CGI programs to finish.
# (If the program does not finish within allotted time, the server
# will kill the CGI program.)
# * limit the time to wait for the client to send a request
# after establishing a persistent connection to the server
# before cancelling the connection.
#
# Default: InputTimeout 2 minutes
# Default: ReadTimeout 5 minutes
# Default: OutputTimeout 12 hours
# Default: ScriptTimeout 5 minutes
# Default: PersistTimeout 4 seconds
#
# Syntax: <directive> <time-spec>
#
InputTimeout 2 minutes
ReadTimeout 5 minutes
OutputTimeout 12 hours
ScriptTimeout 5 minutes
PersistTimeout 4 seconds
# ===================================================================== #
#
# Proxy directives
#
# ===================================================================== #
# Proxy server protection and caching directives
#
# Proxy protections; if you want only certain domains to
# use your proxy, uncomment these lines and specify the Mask
# with hostname templates or IP number templates:
#
# Protection PROXY-PROT {
# ServerId YourProxyName
# Mask @(*.cern.ch, 128.141.*.*, *.ncsa.uiuc.edu)
# }
# Protect * PROXY-PROT
#
# Protect http:* PROXY-PROT
# Protect ftp:* PROXY-PROT
# Protect gopher:* PROXY-PROT
# Specify the protocols that this proxy server will forward:
#
Proxy http:*
Proxy ftp:*
Proxy gopher:*
# SSLTunneling directive:
#
# Enable SSL Tunneling to any port. You must also make sure that
# the CONNECT method is enabled; use the directive "Enable" to
# do this.
#
# Default: on
# Syntax: SSLTunneling <on | off>
SSLTunneling on
# Proxy-to-Proxy directives:
# Also known as Proxy Chaining
#
# ftp_proxy directive:
#
# Use this directive to specify the name of another proxy web server
# this server should contact for FTP requests rather than contacting
# the FTP Server named in the request URL directly.
#
# Default: <none>
# Syntax: ftp_proxy <outer_proxy_server_URL>
#
# Example:
# ftp_proxy http://outer.proxy.name/
# gopher_proxy directive:
#
# Use this directive to specify the name of another proxy web server
# this server should contact for Gopher requests rather than contacting
# the Gopher Server named in the request URL directly.
#
# Default: <none>
# Syntax: gopher_proxy <outer_proxy_server_URL>
#
# Example:
# gopher_proxy http://outer.proxy.name/
# http_proxy directive:
#
# Use this directive to specify the name of another proxy web server
# this server should contact for HTTP requests rather than contacting
# the HTTP Server named in the request URL directly.
#
# Default: <none>
# Syntax: http_proxy <outer_proxy_server_URL>
#
# Example:
# http_proxy http://outer.proxy.name/
#
# Added for Authentication Server, this will be the WTP
#http_proxy http://brooktrout.raleigh.ibm.com:8088/
# no_proxy directive:
#
# Specify the domains to which the server should directly connect.
# This is ONLY used when doing proxy chaining (i.e., when an
# http_proxy, ftp_proxy, and/or gopher_proxy is defined). This
# directive does NOT apply when the proxy goes through a SOCKS server;
# use socks.conf for that purpose. Also, if you are using neither
# proxy chaining nor SOCKS, then this directive is not needed.
#
# Specify the value as a string of domain names or domain name
# templates. Separate each entry in the string with a comma.
#
# Do NOT put any spaces in the string.
# You CANNOT use the wildcard character (*).
# You CAN specify a template by including only the last part of a domain
# name.
#
# Default: <none>
# Syntax: no_proxy <non-proxy domain specification>
#
# Example:
# no_proxy www.someco.com,.raleigh.ibm.com,.some.host.org:8080
#
# this is to send traffic around the WTP to go to backserver-1 directly
no_proxy raleigh.ibm.com
# ===================================================================== #
#
# Proxy caching directives
#
# ===================================================================== #
# Caching directive:
#
# Turn on proxy caching here. To enable proxy caching, you must:
# 1) set the Caching directive to ON, and
# 2) specify at least one CacheDev (raw partition or file), or
# specify CacheMemory (if no CacheDev, then memory cache is used)
#
# There are three different types of caches:
# - memory cache - fastest, but limited by amount of RAM
# - raw disk cache - fast, only limited by disk space
# - file cache - slowest, but convenient
#
# For raw disk and file caches, the htcformat utility must be used
# to set up the devices and/or files. The CacheDev and BlockSize
# directives need to be specified. Multiple CacheDev directives can be
# specified, mixing both file caches and raw disk caches if needed,
# and the total space from those devices will be used as single
# cache. For disk (rather than memory) caches, the CacheMemory
# directive can still be used to tell the proxy how much memory it
# can use to efficiently manage the disk cache. CacheMemory should
# be set to at least 1% of the total size of the disk cache.
#
# For a memory cache, simply specify the CacheMemory directive for the
# desired cache size, and do not specified any CacheDev directives.
#
# The minimum cache size allowed is 16392 K (16 M + 1 block), which
# can be either 16392 K of a memory cache, or a single cache device
# of 16392 K. This value is also the minimum size for a single cache
# device, so you cannot specify two devices that add up to only
# 16392 K.
#
# Default: OFF
# Syntax: Caching <ON | on | OFF | off>
#WES
#************R E A D T H I S**********************
#For our testing purposes, caching has been turned off. For real world
#applications, you will probably want to utilize caching.
Caching OFF
# CacheDev directive:
#
# Specify the cache device(s) to be used for the cache. The minimum
# size for an individual cache device is 16392 K.
#
# Default: none
# Syntax: CacheDev <raw disk partition | file>
#
# Examples: CacheDev /dev/rwtecache
# CacheDev /wtecache/filecache1
#CacheDev /dev/rwtecache
# CacheMemory directive:
#
# Specify the amount of RAM associated with the cache. See the
# explanations in the Caching section above for more information
# about the use of this directive. If the proxy needs more memory
# than is specified for this directive, it will use what it needs
# and send a warning message indicating this to the EventLog when
# the proxy starts up and initializes the cache. There is more
# memory overhead per cache device, so memory utilization is more
# efficient for fewer cache devices. As a guideline, memory
# utilization is also better for larger caches (1 G and up) than
# for smaller caches. With a cache device over 1 G in size, the
# amount of memory used will be approximately 1% of the total cache
# size. Each cache device uses a minimum of about 8.5 M of memory.
#
# The unit specified can be B (bytes), K (kilobytes), M (megabytes),
# or G (gigabytes). If you do not specify a unit, it assumes M.
#
# Minimum for a memory cache: 16392 K
# Minimum for a non-memory cache: 1 K
# Default: there is no default value, this must be specified
# Syntax: CacheMemory <size> B | K | M | G
CacheMemory 16392 K
# BlockSize directive:
#
# Specify the size (in bytes) of the blocks within the cache.
# The same BlockSize value will be used for all devices specified
# via the CacheDev directives.
#
# Default: 8192 (the only supported BlockSize is 8192 bytes)
# Syntax: BlockSize <size>
#BlockSize 8192
# CacheDefaultExpiry directive:
#
# Specify the expiry date for files which do not include an explicit
# expiry date and do not have a last-modified date that would allow us
# to compute an expiry based on the CacheLastModifiedFactor. This is
# most useful for protocols that do not have any way to transmit this
# information, such as FTP or Gopher.
#
# NOTE: The default expiration for HTTP is 0. HTTP should be kept at 0
# because many script programs don't give an expiration date, yet
# their output expires immediately. A value other than zero may
# cause problems.
#
# Defaults: http:* 0 days
# ftp:* 1 day
# gopher:* 2 days
# Syntax: CacheDefaultExpiry <URL pattern> <time period>
#
# Example: set default expiration for all FTP files to 14 days
# CacheDefaultExpiry ftp:* 1 fortnight
CacheDefaultExpiry http:* 0 days
CacheDefaultExpiry ftp:* 1 day
CacheDefaultExpiry gopher:* 2 days
# CacheRefreshInterval directive:
#
# This directive specifies when to revalidate - check with the
# origin to see if they've changed - documents. The difference
# between this directive and CacheClean (below) is that CacheClean
# will cause documents to be removed from the cache after a
# given period of time, while CacheRefreshInterval will just
# force the proxy to revalidate them before using them.
#
# Defaults: 2 weeks for all documents
# Syntax: CacheRefreshInterval <URL pattern> <time period>
# - This form specifies the refresh interval for
# and URLs matching <URL pattern>
# CacheRefreshInterval pattern> <time period>
# - This specifies the refresh interval for any
# documents NOT matching a <URL pattern> in
# another CacheRefreshInterval directive - in
# other words, the default refresh interval.
#
# Example: refresh all .gif images after 8 hours, and all other documents
# after a week.
# CacheRefreshInterval *.gif 8 hours
# CacheRefreshInterval 1 week
CacheRefreshInterval 2 weeks
# CacheUnused directive:
#
# Specify how long the proxy cache should keep files which have not
# been used (requested by a client). Unused files which have been in
# the cache longer than this will be removed during garbage collection.
#
# Default: 2 days for http:*
# 3 days for ftp:*
# 12 hours for gopher:*
# Syntax: CacheUnused <URL pattern> <time period>
CacheUnused http:* 2 days
CacheUnused ftp:* 3 days
CacheUnused gopher:* 12 hours
# CacheExpiryCheck directive:
#
# Normally, a caching proxy will check that the files in its cache
# have not expired. In special circumstances (such as a network outage)
# you may want to disable this check; the proxy will then serve files
# from its cache even if they're out of date.
#
# Default: on
# Syntax: CacheExpiryCheck <on | off>
CacheExpiryCheck on
# CacheNoConnect directive:
#
# In normal situations, the proxy server will contact the content
# server to fetch pages. However, in special situations (such as
# a demonstration at a trade show), you may not want the proxy server
# to try to contact the origin server. Setting CacheNoConnect "on"
# prevents the proxy from contacting the origin server.
#
# Default: off
# Syntax: CacheNoConnect <on | off>
CacheNoConnect off
# CacheTimeMargin directive:
#
# The proxy server will not cache documents which are due to expire
# 'soon'. This directive defines what 'soon' is. In other words, a
# document's expiry date must be further in the future than the
# CacheTimeMargin when WTE receives it in order for it to be cached.
#
# Default: 10 minutes
# Syntax: CacheTimeMargin <time period>
CacheTimeMargin 10 minutes
# CacheLastModifiedFactor directive:
#
# Use this directive to have the server set expirations for files which
# have a Last-Modified date, but no Expires date. The server uses the
# Last-Modified date to determine how long it has been since the file
# was modified, then multiplies that time by the fraction specified by
# the value on this directive to determine the proportion of a file's
# age (LastModified) to be used as the expiry time. The assumption
# is that files that have changed recently are probably changing
# frequently, while files that have not been modified in some time have
# stablizied and do not need to be refreshed as frequently.
#
# The higher this value is set, the longer these files will reside in
# the cache without being checked for freshness. Setting this value too
# high may cause stale (out-of-date) files to be served from cache.
#
# For example, if a file was last modified 1 month ago and
# CacheLastModifiedFactor was set to 0.5, the file would expire in
# approximately 15 days (half a month). If the file was changed 4 days
# ago, and CacheLastModifiedFactor was set to 0.25, the file would
# expire in 1 day.
#
# If a CacheLastModifiedFactor of -1 is specified, the file
# last-modified date will not be used to calculate the file expiry time.
# This setting is not suggested for normal operation, as it will result
# in very few files being cached.
#
# Default: Numerous factors, based on file extensions. The defaults
# reflect the fact that certain types of files - like
# graphics - tend to have longer lifetimes.
# Syntax: CacheLastModifiedFactor <URL pattern> <fraction>
#
# Example:
# CacheLastModifiedFactor http://* 0.14
# CacheLastModifiedFactor ftp://* 0.25
CacheLastModifiedFactor http://*/ 0.10
CacheLastModifiedFactor http://*.htm* 0.20
CacheLastModifiedFactor http://*.gif 1.00
CacheLastModifiedFactor http://*.jpg 1.00
CacheLastModifiedFactor http://*.jpeg 1.00
CacheLastModifiedFactor http://*.png 1.00
CacheLastModifiedFactor http://*.tar 1.00
CacheLastModifiedFactor http://*.zip 1.00
CacheLastModifiedFactor http:* 0.15
CacheLastModifiedFactor ftp:* 0.50
CacheLastModifiedFactor * 0.10
# CacheMaxExpiry directive:
#
# Specify the maximum lifetime allowed for objects matching a given
# request template. An object may still be kept longer than its
# maximum lifetime, but it must be revalidated with the origin
# server when its lifetime has been reached. A maximum lifetime
# of 0 is interpreted as no maximum - the lifetime will not have
# an upper limit.
#
# Note that it doesn't make much sense to set this higher than
# CacheClean, as CacheClean specifies the maximum time an object can
# remain in the cache before it is deleted.
#
# Default: 1 month for all objects
# Syntax: CacheMaxExpiry <URL request template> <time spec>
#
# Example: .gif files may not have a lifetime longer than 2 weeks.
# CacheMaxExpiry http://*.gif 2 weeks
CacheMaxExpiry 1 month
# CacheClean directive:
#
# Specify how long you want the server to keep cached files with URLs
# matching a given request template. The server deletes cached files
# whose URLs match a given request template after they have been cached
# for the specified time, regardless of their expiration date.
#
# Default: 1 month for all objects
# Syntax: CacheClean <URL request template> <time spec>
# Example:
# CacheClean http:* 2 weeks
CacheClean 1 month
# CacheFileSizeLimit directive:
#
# CacheFileSizeLimit specifies the maximum size for any file that will
# be cached. The value can be specified in bytes (B), kilobytes (K),
# megabytes (M), or gigabytes (G).
#
# Note that in previous releases, this directive was called
# CacheLimit_2. The syntax of the directive remains unchanged.
#
# Default: CacheFileSizeLimit 4000 K
# Syntax: CacheFileSizeLimit <bytes> <B|K|M|G>
#
# Example: Don't cache any files larger than 512 K.
# CacheFileSizeLimit 512 K
CacheFileSizeLimit 4000 K
# CacheOnly and NoCaching directives:
#
# The server allows control over the files to be cached in two ways.
#
# CacheOnly - specifies a set of URLs which will be considered for
# caching (URLs not in that list will never be cached)
# NoCaching - specifies a set of URLs which must never be cached,
# (all other URLs are candidates for caching)
#
# Default: <none> (for both CacheOnly and NoCaching)
# Syntax: CacheOnly <URL pattern>
# NoCaching <URL pattern>
#
# Example:
# CacheOnly http://www.ibm.com/*
# NoCaching http://never.cache.me.net/*
# ContinueCaching directive:
#
# Specifies the point at which a file being received from a content
# server will continue to be received from the content server and
# stored in the cache even if the connection to the client which
# requested the file has been terminated. The value specified
# represents a percentage of the size of the file being transferred.
# If less than this percentage of the file has been transferred from
# the content server at the time the client connection is terminated,
# file transfer from the content server will be terminated and the cache
# file containing the partial file will be removed from the cache.
#
# Default: 75
#
# Syntax: ContinueCaching <percent of file already transferred>
#
# Example:
# ContinueCaching 75
# ===================================================================== #
#
# Proxy cache garbage collection directives
#
# ===================================================================== #
# Gc (Garbage Collection) directive:
#
# In order for a caching proxy server to function efficiently, it
# needs to sweep through the cache and remove out-of-date files on a
# regular basis. This is called 'garbage collection'. It should only
# be turned "off" in special circumstances, such as during an extended
# network outage.
#
# Default: on
# Syntax: Gc <on | off>
Gc on
# CacheAlgorithm directive:
#
# Specifies which cache algorithm the server will use. Choices
# include: bandwidth, responsetime, and blend. Specifying
# bandwidth will rate cache files to minimize network bandwidth.
# Choosing responsetime will rank cached files to minimize response
# time. The blend option will do a combination of the two.
#
# Default: bandwidth
# Syntax: CacheAlgorithm <string>
# where string is "bandwidth" | "responsetime" | "blend"
#
CacheAlgorithm bandwidth
# GcHighWater directive:
#
# When the cache fills up to the high-water mark, garbage collection
# will begin. The high-water mark is specified as a percentage of the
# total cache capacity. Garbage collection will continue until the
# low-water mark has been reached - see GcLowWater to set this.
# The high-water mark must not be set above 95%, and normally should
# not be set below 50%.
#
# Default: 90 (percent)
# Syntax: GcHighWater <percentage>
#
# Example: Start garbage collection when cache utilization reaches 85%
# GcHighWater 85
GcHighWater 90
# GcLowWater directive:
#
# Once cache garbage collection has begun, it will continue until
# cache utilization reaches the low-water mark. The low-water mark is
# specified as a percentage of the total cache capacity. The low-water
# mark must be below the high-water mark; see the GcHighWater directive
# for setting the high-water mark.
#
# Default: 60 (percent)
# Syntax: GcLowWater <percentage>
#
# Example: End garbage collection when the cache reaches 75% full.
# GcLowWater 75
GcLowWater 60
# ===================================================================== #
#
# Advanced proxy and caching directives
#
# ===================================================================== #
# ProxyIgnoreNoCache directive:
#
# Allows the proxy server to ignore the "Pragma: no-cache" header
# (usually sent by browsers when the user hits the "Reload" button)
# and serve the content from cache (if available) in defiance of
# the client's request.
#
# NOTE: This should ONLY be used in unusual circumstances.
#
# Default: off
# Syntax: ProxyIgnoreNoCache <on | off>
ProxyIgnoreNoCache off
# AggressiveCaching directive:
#
# Allows the proxy server to cache responses which might not
# ordinarily be cached, for example responses which contain
# the "cache-control: no-cache" header.
#
# Default: <none>
# Syntax: AggressiveCaching <URL pattern>
# Example:
# AggressiveCaching http://www.hosta.com/*
# ProxySendClientAddress directive:
#
# Instructs the proxy to forward an HTTP header containing the
# client's IP address. If ProxySendClientAddress is not defined,
# client IP addresses are NOT forwarded.
#
# Default: <none>
# Syntax: ProxySendClientAddress <HTTP header name>
#
# NOTE: The Remote Configuration forms only support 2 options:
# (1) client IP addresses NOT forwarded
# ProxySendClientAddress directive is removed
# (2) client IP addresses ARE forwarded with Client-IP: header
# ProxySendClientAddress Client-IP:
#
# Example:
# ProxySendClientAddress Client-IP:
# ProxyUserAgent directive:
#
# Substitute a different User-agent string for the one that the client
# sends. This helps make the clients more anonymous when surfing the web.
# User-agent strings may include spaces.
#
# NOTE: Some Web sites automatically generate different pages
# for certain Web browsers (by looking at the User-Agent header),
# so if you mask the identity of the browser, you won't be able
# to see the pages that are customized for certain browsers.
#
# Default: <none>
# Syntax: ProxyUserAgent <string> (in the form "ProductName/Version")
#
# Example:
# ProxyUserAgent Mozilla/4.0 (emulation; Javelin/2.0)
# ProxyFrom directive:
#
# Specifies the "From:" header to send on all requests that
# go through this proxy.
#
# NOTE: Replaces the "From:" header sent by the client
#
# Default: <none>
# Syntax: ProxyFrom <string>
#
# Example:
# ProxyFrom webmaster@www.ibm.com
# NoProxyHeader directive:
#
# Allows the proxy to block certain headers that clients send.
#
# NOTE: Any HTTP header (even required headers) can be blocked
# with this directive, so extreme care should be used.
#
# Default: <none>
# Syntax: NoProxyHeader <header>
#
# Example:
# NoProxyHeader Referer:
# CacheMinHold directive:
#
# Overrides the "Expires" tag on documents from certain sites.
# These sites routinely force documents to expire immediately
# even when they have a longer lifetime.
#
# Default: <none>
# Syntax: CacheMinHold <URL pattern> <time spec>
#
# Example:
# CacheMinHold http://www.cachebusters.com/* 1 hour
# CacheLocalDomain directive:
#
# Allows local domain sites to be cached, when set "on".
#
# NOTE: Assumes hostnames without a domain name are local.
#
# Default: on
# Syntax: CacheLocalDomain <on | off>
CacheLocalDomain on
# appendCRLFtoPost directive:
#
# Some Origin servers require a Carriage Return and Line Feed to
# be appended at the end of the content body on a POST request.
# Use the appendCRLFtoPost directive to specify sites which should
# have the CRLF appended at the end of the content body when sending
# a POST request to the site.
#
# Default: <none>
# Syntax: appendCRLFtoPost <URL pattern>
#
# Example:
# appendCRLFtoPost http://www.hosta.com/*
# SendHTTP10outbound directive:
#
# Specifies the HTTP version to be used on requests sent outbound
# to the origin server or to the next proxy in a chain of proxies.
# SendHTTP10outbound should only be used if the origin server
# or next downstream proxy have known problems handling HTTP/1.1 requests.
#
# Default: <none>
# Syntax: SendHTTP10outbound <URL pattern>
#
#SendHTTP10outbound http://www.hosta.com/*
#SendHTTP10Outbound http://*.mail.yahoo.com/*
# CacheQueries directive:
#
# Specifies whether or not responses to queries should be cached.
# If ALWAYS is specified, responses to queries will be cached as
# long as the response is otherwise cacheable.
# If PUBLIC is specified, responses to queries will be cached if
# the response is marked as "public" by containing a
# "cache-control: public header, or if the response contains
# cache-control headers which will force re-validation on every request, and the
# response is otherwise cacheable.
#
# Default: <none>
# Syntax: CacheQueries <ALWAYS | PUBLIC> <URL Pattern>
#
# Example:
# CacheQueries ALWAYS http://www.hosta.com/*
# CacheQueries PUBLIC http://www.hostb.com/*
# CacheByIncomingUrl directive:
#
# Specifies whether to use the incoming URL or the outgoing URL as
# the basis for generating cache file names.
# If ON is specified, the incoming URL will be used to generate the
# cache file name. If OFF is specified, All applicable Name Translation
# plug-ins and Map and Proxy rules will be applied to the incoming URL and
# the resulting URL will be used to generate the cache name.
#
# Default: OFF
# Syntax: CacheByIncomingUrl <on | off>
CacheByIncomingUrl off
# ===================================================================== #
#
# RCA (Remote Cache Access) directives
#
# ===================================================================== #
# Version directive:
#
# Specify the protocol name and version.
#
# Default: <RCA/1.0>
# Syntax: Version <protocol/major.minor>
Version RCA/1.0
# ArrayName directive:
#
# Specify the name of this array.
#
# NOTE: This is an administrative aid.
# Spaces are not allowed in the array name.
# This directive is required.
#
# Default: <none>
# Syntax: ArrayName <array name>
# Example:
# ArrayName mastiff
# Member directive:
#
# Specify a member this array.
#
# Default: <none>
# Syntax: Member Name { subdirectives }
#
# Name required; the hostname this member is known to
# clients by
#
# subdirectives are one of:
# RCAAddr required; IP address or hostname for RCA
# communication
# RCAPort required; port for RCA communication
# Timeout ( milliseconds )
# optional; how long to wait for this member
# before deciding rigor mortis has occured;
# must be positive; default is 1000 ms
# BindSpecific ( On | Off )
# optional; allows communications to occur on a
# private subnet, providing a measure of security;
# default is ON
# ReuseAddr ( On | Off )
# optional; allows faster rejoining of the array;
# "on" would allow other processes to steal the
# port, causing undefined behaviour;
# default is OFF
#
# Example:
# Member bittersweet.chocolate.ibm.com {
# RCAAddr 127.0.0.1
# RCAPort 6294
# Timeout 1000 milliseconds
# BindSpecific On
# ReuseAddr Off
# }
# ===================================================================== #
#
# SNMP directives
#
# ===================================================================== #
# SNMP directive:
#
# Set SNMP communication on or off.
#
# Default: off
# Syntax: SNMP <on | off>
SNMP off
# SNMPCommunity directive:
#
# The community name which is used by the server to communicate
# with the SNMP agent.
#
# Default: public
# Syntax: SNMPCommunity <public | community name>
SNMPCommunity public
# WebMasterEMail directive:
#
# The E-mail address of the person who should get communications
# about this server
#
# Default: webmaster
# Syntax: WebMasterEMail bigguy@mybox.com
WebMasterEMail webmaster
# ===================================================================== #
#
# Icon directives
#
# ===================================================================== #
# AddIcon, AddDirIcon, AddBlankIcon, AddUnknownIcon and AddParentIcon
# directives:
#
# AddIcon - Bind icon URL to a MIME content-type or
# content-encoding.
# AddDirIcon - Specify directory icon URL for directory listing
# AddBlankIcon - Specify blank icon URL for directory listing
# AddParentIcon - Specify parent directory icon URL for directory
# listing
# AddUnknownIcon - Specify unknown icon URL for directory listing
#
# Default: <default set of icons shown below>
# Syntax: AddIcon <icon URL> <ALT text> <MIME-type template>
# Syntax: AddDirIcon <icon URL> <ALT text>
# Syntax: AddBlankIcon <icon URL> <ALT text>
# Syntax: AddParentIcon <icon URL> <ALT text>
# Syntax: AddUnknownIcon <icon URL> <ALT text>
#
# If the <icon URL> does not include a path, the server will prepend
# the directory /icons/ to the icon filename. Note that the icon URL
# is a virtual path; it will be sent through the mapping rules
# (Map, Pass, etc) to find the real path in the filesystem.
AddIcon app-123.gif 123 application/x-123
AddIcon app-compress.gif Z x-compress
AddIcon app-compress.gif gz x-gzip
AddIcon app-fl.gif FL application/x-freelance
AddIcon app-pcl.gif PCL application/x-pcl
AddIcon app-pdf.gif PDF application/pdf
AddIcon app-ps.gif PS application/postscript
AddIcon app-shar.gif shar application/x-shar
AddIcon app-bsh.gif sh application/x-bsh
AddIcon app-csh.gif csh application/x-csh
AddIcon app-ksh.gif ksh application/x-ksh
AddIcon mp-tar.gif tar multipart/x-tar
AddIcon mp-tar.gif tar multipart/x-ustar
AddIcon mp-zip.gif zip multipart/x-zip
AddIcon audio.gif au audio/basic
AddIcon audio.gif aiff audio/x-aiff
AddIcon audio.gif wav audio/x-wav
AddIcon audio.gif audio audio/*
AddIcon image-gif.gif GIF image/gif
AddIcon image-jpeg.gif JPEG image/jpeg
AddIcon image-pixmap.gif pixmap image/x-xpixmap
AddIcon image-tif.gif TIFF image/tiff
AddIcon image.gif img image/*
AddIcon text-assem.gif asm text/x-asm
AddIcon text-c.gif c text/x-c
AddIcon text-html.gif HTML text/html
AddIcon text-html.gif HTML text/x-ssi-html
AddIcon text-uu.gif UU text/x-uuencode
AddIcon text.gif text text/*
AddIcon video-avi.gif avi video/x-msvideo
AddIcon video-avi.gif qt video/quicktime
AddIcon video-jpeg.gif mjpg video/x-motion-jpeg
AddIcon video-mpeg.gif mpeg video/mpeg
AddIcon video.gif video video/*
AddIcon binary.gif bin application/octet-stream
AddIcon binary.gif bin binary
AddBlankIcon blank.gif
AddParentIcon dir-up.gif UP
AddDirIcon dir.gif DIR
AddUnknownIcon unknown.gif ???
# ===================================================================== #
#
# Cache agent directives
#
# ===================================================================== #
# UpdateProxy directive:
#
# Specify which proxy server the cache agent should update.
#
# NOTE: This directive is required for the cache agent to function on
# on AIX, Solaris, and Linux systems. This directive is also
# required when the cache agent needs to update a proxy server
# other than the local proxy server on which it is running.
#
# Default: <host on which the cache agent is running>
# Syntax: UpdateProxy <fully-qualified host name of the proxy server>
# Example:
# UpdateProxy www.raleigh.ibm.com
# LoadURL directive:
#
# Specify URLs to be loaded into the cache.
#
# NOTE: These URLs are placed at the top of the cache agent's queue.
#
# Default: <none>
# Syntax: LoadURL <URL to load>
# Example:
# LoadURL http://www.ibm.com/
# LoadTopCached directive:
#
# Specify that the cache agent should load the specified number of
# most popular URLs to the cache.
#
# NOTE: These URLs are queued below the URLs loaded by the
# LoadURL directive
#
# Default: 100
# Syntax: LoadTopCached <num to load>
#
# NOTE: In order to use this directive, the server configuration
# file MUST specify Caching "on" and have a valid values
# for the cache location and size
#
LoadTopCached 100
# IgnoreURL directive:
#
# Specify URLs that are NOT to be retrieved by the cache agent.
# This directive applies only to delving performed by the cache
# agent. If you wish for the proxy server not to cache certain
# URLs, then see the NoCache directive.
# This directive may be specified multiple times.
#
# NOTE: Wild cards "*" may be used.
#
# Default: */cgi-bin/* (Ignore URLs containing /cgi-bin/)
# Syntax: IgnoreURL <URL to ignore>
# Example:
# IgnoreURL http://www.yahoo.com/*
# IgnoreURL http://www.yahoo.com/*.html
#
IgnoreURL */cgi-bin/*
# DelveInto directive:
#
# Specify whether or not the cache agent should load pages
# linked off of cached URLs.
#
# Default: always
# Syntax: DelveInto <always | never | admin | topn>
#
# always - the cache agent will parse the HTML of cached
# URLs and retrieve linked pages.
# never - the cache agent will not parse the HTML of
# cached URLs.
# admin - the cache agent will only parse HTML documents that
# originated from one of the LoadURL directives.
# topn - the cache agent will only parse HTML documents that
# were chosen from the server's cache.
DelveInto always
# DelveDepth directive:
#
# Specify the number of link levels to follow when searching
# for pages to load into the cache.
#
# NOTE: Applicable when DelveInto "always" is specified.
#
# Default: 1
# Syntax: DelveDepth <num>
DelveDepth 1
# DelveAcrossHosts directive:
#
# Specify whether the cache agent will only retrieve pages
# found on this server, or if the cache agent will retrieve
# pages from other hosts.
#
# NOTE: Applicable when DelveInto "never" is NOT specified.
#
# Default: off
# Syntax: DelveAcrossHosts <on | off>
DelveAcrossHosts off
# DelayPeriod directive:
#
# Specify whether the cache agent should wait between sending
# requests to destination servers.
#
# Default: on
# Syntax: DelayPeriod <on | off>
#
# on - reduces the load on the proxy machine and your
# network link, as well as being kinder to the
# destination servers.
# off - allows the cache agent to run at maximum speed.
#
# NOTE: When DelayPeriod off, certain sites will be
# accessed very often in rapid succession.
DelayPeriod on
#
# LoadInlineImages directive:
#
# Indicate whether inline images should be retrieved by the
# cache agent.
#
# Default: on
# Syntax: LoadInlineImages <on | off>
LoadInlineImages on
# NumClients directive:
#
# Specify the number of worker threads to use to request pages.
#
# NOTE: Increase this number for a fast machine and a fast
# Internet link. Use a smaller number for a slow
# machine or a slow Internet link.
#
# Default: 4
# Syntax: NumClients <num> (maximum of 100)
NumClients 4
# MaxQueueDepth directive:
#
# Specify the maximum depth of the cache agent's queue of
# outstanding page retrieval requests. Specifying a larger
# number creates a larger queue.
#
# NOTE: Only applicable when DelveInto "always" is specified,
# otherwise, MaxQueueDepth will be set equal to the
# value specified on the MaxUrls directive.
#
# Default: 250
# Syntax: MaxQueueDepth <num of queue entries>
# Example:
# MaxQueueDepth 500
MaxQueueDepth 250
# MaxUrls directive:
#
# Specify the maximum number of URLs the cache agent will
# request during a particular run.
#
# Default: 2000
# Syntax: MaxUrls <num>
MaxUrls 2000
# MaxRuntime directive:
#
# Specify the maximum amount of time that the cache agent
# will continue requesting URLs.
#
# NOTE: A value of 0 means "no limit" - the request runs
# until completion.
#
# Default: 2 hours
# Syntax: MaxRuntime 0 | [<num> hours [<num> minutes]]
# Example:
# MaxRuntime 4 hours
# MaxRuntime 4 hours 10 minutes
MaxRuntime 2 hours
# AutoCacheRefresh directive:
#
# Specify whether or not cache content will be refreshed
# automatically. If this is set to OFF, the cache agent
# will not be invoked (and all its settings will be ignored).
#
# Default: on
# Syntax: AutoCacheRefresh <on | off>
AutoCacheRefresh on
# CacheRefreshTime directive:
#
# Specify when the cache agent should be started.
#
# Default: 3:00 AM
# Syntax: CacheRefreshTime <HH:MM>
#
# Example: Begin cache refresh at 3:50 AM
# CacheRefreshTime 03:50
CacheRefreshTime 03:00
# ===================================================================== #
#
# PICS Filtering directives
#
# ===================================================================== #
# PICS Filtering using PICSRules
#
# For a complete specification of PICSRules, see the URL
# http://www1.raleigh.ibm.com/pics/PICSRules_1.0.html.
#
# Default: "See Example below"
# Syntax: DefinePicsRule "filterName" {
# (PicsRule-1.0
# (
# ...subdirectives...(not required)
# serviceinfo (name "serviceURL"
# shortname "shortName"
# bureau "bureauURL"
# ratfile "ratFile"
# available-with-content "NO"
# )
# passURL ()
# failURL ()
# )
# )
# }
#
# NOTE: Be sure to specify only one rule per DefinePicsRule {...}
# Each rule should begin with a DefinePicsRule "filterName" {
# and end with a closing "}".
#
# Example:
DefinePicsRule "RSAC Example" {
(PicsRule-1.0
(
serviceinfo (
name "http://www.rsac.org/ratingsv01.html"
shortname "RSAC"
available-with-content "YES"
)
name (
rulename "RSAC Example"
description "Example rule using the RSAC system to block naughty pictures."
)
passURL ("http://www.ibm.com/*")
optextension (extension-name "http://www1.raleigh.ibm.com/pics/PICSRules_1.0.html")
ibm-javelin-extensions (
active "no"
)
Filter ( Pass '((RSAC.v < 3) && (RSAC.s < 3) && (RSAC.n < 3) && (RSAC.l < 3))' )
)
)
}
# HTTPSCheckRoot directive:
#
# Whether or not to check the unsecure homepage for self-labels and
# apply them to a secure request for the same host.
#
# Default: on
# Syntax: HTTPSCheckRoot <on | off>
HTTPSCheckRoot on
# ===================================================================== #
#
# SSL Directives
#
# ===================================================================== #
#WES
#******** R E A D T H I S F O R S S L***********************
#For an explanation of how to set up the Reverse Proxy for use with SSL, please refer to
#the SSL documentation located at
#http://www.ibm.com/software/webservers/perfpack/doc2/wtewg/wtewgssl.htm
#
#To setup SSL with reverse proxy (AP mode) you need to check for the following:
# SSL Enable is on
# KeyRing is set to the .kdb file containing your certificates
# KeyRingStash is set to the keystash
# Enable CONNECT line is present
#
# To access an SSL page when using reverse proxy (AP mode)
# refer to the page as follows:
# https://proxyserver/secure/page.html
# This example assumes that you have a proxy statement set to point
# /secure/* to the real secure page.
#
# From the client browser, accessing an outside secure page, you should see
# the certificate from the Reverse Proxy machine, not the certificate from the remote site.
# The Reverse Proxy machine must trust the certificate of the remote site. This is
# done in the gsk4ikm program and is addressed in the documentation referenced
# above.
# SSLEnabled directive:
#
# Specifies to listen on Port 443 for secure requests.
#
# Default: OFF
# Syntax: SSLEnable <ON | on | OFF | off>
SSLEnable OFF
#SSLEnable ON
# SSLCaching directive:
#
# In a reverse proxy scenario, attempt to cache content on
# a secure request. Caching must be enabled for this
# directive to be effective.
#
# Default: off
# Syntax: SSLCaching <on | off>
SSLCaching off
# SSL Version Specification
#
# Specifies the SSL Version to use - Either SSLV3 or SSLV2.
# Syntax: SSLVersion <SSLV2> | <SSLV3> | <ALL>
# Default: <ALL>
#
SSLVersion SSLV3
# SSLV3Timeout
#
# The time in seconds allowed before an SSL V3 session will expire.
#
# Default: 100
# Valid range: 1 - 86400 seconds (1 day)
# Syntax: SSLV3Timeout <seconds>
SSLV3Timeout 100
# SSLV2Timeout
#
# The time in seconds allowed before an SSL V2 session will expire.
#
# Default: 100
# Valid range: 1 - 100 seconds
# Syntax: SSLV2Timeout <seconds>
#SSLV2Timeout 100
# KeyRing directive:
#
# Specifies the file path to the Key Ring Database the server will
# use for SSL requests. Key Ring Files are generated via the
# IKeyman utility.
#
# Default: none
# Syntax: KeyRing <filename>
#
# Example:
# KeyRing /etc/key.kdb
# KeyRingStash directive:
#
# Specifies the file path to the Key Ring Database's password file.
# The password file is generated via the IKeyman utility when building
# a Key Ring Database File.
#
# Default: none
# Syntax: KeyRingStash <filename>
#
# Example:
# KeyRingStash /etc/key.sth
# SSL V3 Cipherspecs
# The Cipherspecs allowed for SSL V3
#
# Syntax:
# V3CipherSpecs <cipherspec string>
# Default: US: "0A09060564620403020100" Export: "0906646203020100"
#
#V3CipherSpecs 0A0605
# SSL V2 Cipherspecs
# The Cipherspecs allowed for SSL V2
#
# Syntax:
# V2CipherSpecs <cipherspec string>
# Default: US: "137624" Export: "246"
#
#V2CipherSpecs 176
# ===================================================================== #
#
# Miscellaneous directives
#
# ===================================================================== #
# ConfigFile directive:
#
# Specifies the name of an additional configuration file. Directives
# found in the specified configuration file will be processed after
# processing the current configuration file.
#
# For backwards compatability, the directive 'RCAConfigFile' is
# supported as an alias for ConfigFile.
#
# Default: none
# Syntax: ConfigFile <filename>
#
# Example:
# ConfigFile /etc/rca.conf
# FTPUrlPath directive:
#
# Specifies whether FTP url paths should be treated as absolute
# paths (specified in relation to the root directory) or as
# relative paths (specified in relation to the home directory)
#
# Default: absolute
#
# Syntax: FTPUrlPath <absolute | relative>
#
# Example:
# FTPUrlPath absolute
# flexibleSocks directive:
#
# Whether or not to use a socks conifiguration file to specify
# hosts for direct connections or connections to a socks server.
#
# Default: on
# Syntax: flexibleSocks <on | off>
flexibleSocks on
# TransparentProxy directive:
#
# Specifies if the server is to be run as a transparent proxy server.
#
# Default: off
# Syntax: TransparentProxy <on | off>
TransparentProxy off
# ListenBacklog directive:
#
# Specifies the size of the listen backlog to use for the socket
# the proxy server listens with.
#
# Default: 128
# Syntax: ListenBacklog <value>
ListenBacklog 128
# PacFilePath directive:
#
# Specifies the directory containing the PAC files
# generated using the remote config PAC file form.
#
# Default: /opt/IBMWTE/usr/internet/server_root/pub/pacfiles
# Syntax: PacFilePath <filepath>
PacFilePath /opt/IBMWTE/usr/internet/server_root/pub/pacfiles