ich habe auf einem Apache 2.4.10 die Mailserver-Suite https://mailcow.email/ installiert. Jetzt möchte ich das Webportal mit .htaccess absichern. Dazu habe ich in die Mailcow-Configurationsdatei unter /etc/apache2/sites-available
Code: Alles auswählen
# mailcow site configuration
# ! Do not remove this header !
SSLStaplingCache "shmcb:logs/stapling-cache(150000)"
<VirtualHost *:80>
ServerSignature off
TraceEnable off
AddDefaultCharset utf-8
ServerName "mail.example.com"
DocumentRoot /var/www/mail
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{HTTP_HOST}/$1 [L,R,NE]
<Directory "/var/www/mail">
AllowOverride All
</Directory>
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerSignature off
TraceEnable off
AddDefaultCharset utf-8
ServerName "mail.example.com"
DocumentRoot /var/www/mail
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/mail/mail.crt
SSLCertificateKeyFile /etc/ssl/mail/mail.key
ErrorDocument 503 /admin.php
php_value upload_max_filesize 25M
php_value post_max_size 26M
ErrorDocument 500 /admin.php
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder On
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniff
SSLCompression off
SSLUseStapling on
</VirtualHost>
<VirtualHost *:443>
ServerSignature off
TraceEnable off
AddDefaultCharset utf-8
ServerName "dav.example.com"
DocumentRoot /var/www/dav
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
RewriteEngine on
RewriteRule ^/(.*)$ /server.php [L]
php_flag output_buffering off
php_flag always_populate_raw_post_data off
php_flag magic_quotes_gpc off
php_flag mbstring.func_overload off
php_value date.timezone Europe/Berlin
DirectoryIndex server.php
SSLEngine on
SSLCertificateFile /etc/ssl/mail/mail.crt
SSLCertificateKeyFile /etc/ssl/mail/mail.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder On
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniff
SSLCompression off
SSLUseStapling on
</VirtualHost>
<VirtualHost *:443>
ServerSignature off
TraceEnable off
AddDefaultCharset utf-8
ServerName "autodiscover.example.com"
DocumentRoot /var/www/zpush
<Directory /var/www/zpush>
Options -Indexes +FollowSymLinks
php_value register_globals off
php_value magic_quotes_gpc off
php_value magic_quotes_runtime off
php_value short_open_tag on
php_value allow_call_time_pass_reference on
php_value date.timezone Europe/Berlin
php_value max_execution_time 650
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
AliasMatch "(?i)^/Autodiscover/Autodiscover.xml" "/var/www/zpush/autodiscover/autodiscover.php"
AliasMatch "(?i)^/Microsoft-Server-ActiveSync" "/var/www/zpush/index.php"
Alias /autodiscover/autodiscover.xml "/var/www/zpush/autodiscover/autodiscover.php"
DirectoryIndex index.php
SSLEngine on
SSLCertificateFile /etc/ssl/mail/mail.crt
SSLCertificateKeyFile /etc/ssl/mail/mail.key
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder On
Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniff
SSLCompression off
SSLUseStapling on
</VirtualHost>
</IfModule>
Code: Alles auswählen
<Directory "/var/www/mail">
AllowOverride All
</Directory>
Die beiden Dateien .htaccess und htpasswd sehen so aus
Code: Alles auswählen
AuthName "Mailsysystem"
AuthType Basic
AuthUserFile /var/www/mail/.htpasswd
require valid-user
Code: Alles auswählen
Secret:asp6yZrrSk1JM
mit
Code: Alles auswählen
-rw-r--r-- 1 www-data www-data 95 Jun 3 14:23 .htaccess
-rw-r--r-- 1 www-data www-data 25 Feb 12 15:50 .htpasswd
Was mache ich hier falsch?
Grüße und vielen Dank
Wambui