httpd

Contents
      1. File Types / Handlers
      2. mod_rewrite
        1. Site-Wide Configuration (Apache2)
              1. Allow .htaccess:
              2. Detailed Logging:
        2. .htaccess
              1. Disabling MultiViews
              2. RewriteRule
              3. Auth Order
      3. SSL

File Types / Handlers

Make browsers open .txt-Files as download:
 <FilesMatch ".txt$">
    ForceType application/octet-stream
 </FilesMatch>
Turn off script execution
 <FilesMatch ".pl$">
	SetHandler default-handler
 </FilesMatch>

mod_rewrite

Site-Wide Configuration (Apache2)

Allow .htaccess:
In /etc/apache2/sites-enabled/000-default:
 <Directory /var/www/>
    ...
    AllowOverride All
 </Directory>
Detailed Logging:
In mods-enabled/rewrite.conf:
 RewriteEngine on
 RewriteLog /var/log/apache2/rewrite.log
 RewriteLogLevel 9

.htaccess

Disabling MultiViews
Tun off automatic addition of file-extensions, as it might interfere with URL rewriting:
 Options -MultiViews
RewriteRule
 RewriteRule outerURLpattern innerURLpattern [last,QSA]
Options: [last] end applying rules after match; [QSA] append query string
Auth Order
Order Deny,Allow: If a Deny line matches, a Allow line has to match, too. Order Allow,Deny: Require both: A matching Allow line and the absence of a matching deny line.

SSL

Generate private key and self-signed test-certificate:
    openssl genrsa -out privkey.pem 4096
    openssl req -new -x509 -key privkey.pem -out cacert.pem -days 2922
Choose Server domain name as "Common Name" (see /usr/share/doc/openssl/HOWTO/keys.txt). Host configuration:
    <VirtualHost *:443>
        SSLEngine on
        SSLCertificateFile /etc/apache2/whereYouPutIt/cacert.pem
        SSLCertificateKeyFile /etc/apache2/whereYouPutIt/privkey.pem
        ...
    </VirtualHost>
(see mod_ssl Documentation)

EditContents