Apache

Best Practices

Directives recommended for production systems.

ServerTokens Prod
ServerSignature Off

Tuning for Performance

Here are some helpful links.

• http://www.devside.net/articles/apache-performance-tuning

mod_rewrite

Some mod_rewrite examples.

These directives simply enable rewrite and setup logging

RewriteEngine On
RewriteLogLevel 2
RewriteLog "/var/log/apache2/rewrite\_log"

This example redirects any requests for /nagios to the secure-side. It is useful to use this in a <VirtualHost *:80>

RewriteRule ^/nagios.\* [https://www.example.com/nagios3/](https://www.example.com/nagios3/) \[L,R\]

This example redirects any request to containing www.example.com Host: header to secure-side

RewriteCond %{HTTP\_HOST} ^www.example.com
RewriteRule ^(.\*)$ [https://www.example.com$1](https://www.example.com$1) \[L,R\]

This example redirects request to a homepage (/) to another page -in this case mediawiki main page

RewriteRule   ^/$    [http://www.example.com/wiki/index.php/Main\_Page](http://www.example.com/wiki/index.php/Main_Page) \[L,R\]

This example redirects non-secure requests for /admin to the secure-side

RewriteCond %{HTTPS} !on
RewriteCond ^/admin(.\*) [https://www.example.com/admin(.\*)](https://www.example.com/admin\(.*\)) \[L,R\]