aboutsummaryrefslogtreecommitdiffstats
path: root/doc/install/sample-lighttpd.conf
blob: 213719ac98d5c636e0874d7ff1d45207aa7a895d (plain) (blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
# See http://redmine.lighttpd.net/projects/lighttpd/wiki/Docs:ConfigurationOptions

### LOAD MODULES
server.modules = (
  "mod_access",
  "mod_accesslog",
  "mod_fastcgi",
  "mod_redirect",
  "mod_rewrite"
)

### BASIC STUFF
server.port = 80

server.username = "http"

server.groupname = "http"

server.document-root = "/path/to/your/www/files" #adjust to your setup

server.errorlog = "/var/log/lighttpd/error.log"

accesslog.filename = "/var/log/lighttpd/access.log"

### DISABLE DIR LISTING
dir-listing.activate = "disable"

### DISABLE REJECT EXPECT HEADER
### (needed for curl POST requests - otherwise they fail with error 417)
server.reject-expect-100-with-417 = "disable"

### DEFINE SUPPORTED INDEX FILENAMES
index-file.names = (
  "index.html",
  "index.htm",
  "index.php"
)

### DEFINE SUPPORTED MIME TYPES
mimetype.assign = (
  ".html" => "text/html",
  ".htm" => "text/html",
  ".css" => "text/css",
  ".txt" => "text/plain",
  ".svg" => "image/svg+xml",
  ".jpg" => "image/jpeg",
  ".png" => "image/png"
)

### DONT EVER SERVE FILES WITH EXTENSION
static-file.exclude-extensions = ( ".php" )

### PHP WITH PHP-FPM
### (needs php-fpm installed and running)
fastcgi.server = ( 
  ".php" => (
    "localhost" => (
      "socket" => "/run/php-fpm/php-fpm.sock",
      "broken-scriptfilename" => "enable",
      "allow-x-sendfile" => "enable"
    )                     
  )
)

### ENABLE SSL
$SERVER["socket"] == ":443" {
  ssl.engine = "enable"
  ssl.ca-file = "/etc/lighttpd/certs/ca-certs.crt" #adjust to your needs
  ssl.pemfile = "/etc/lighttpd/certs/red-ssl.crt" #adjust to your needs
}

### RISTRICT ACCESS TO DIRECTORYS AND FILES
$HTTP["url"] =~ "\.(out|log|htaccess)$" {
  url.access-deny = ("")
}

$HTTP["url"] =~ "(^|/)\.git" {
  url.access-deny = ("")
}

### URL REWRITE RULES
url.rewrite-if-not-file = (
  "^\/([^\?]*)\?(.*)$" => "/index.php?q=$1&$2",
  "^\/(.*)$" => "/index.php?q=$1"
)