Table of Contents

ArsBuilder server requirements

ArsBuilder Apache server recommended settings

ServerRoot "/etc/httpd"
PidFile run/httpd.pid
Timeout 120

StartServers 10
MinSpareServers 20
MaxSpareServers 30
MaxClients 255 

KeepAlive On
KeepAliveTimeout 5
maxKeepAliveRequests 100

Listen [your data]:80
Listen 443

LoadModule php5_module modules/libphp5.so
LoadModule ssl_module modules/mod_ssl.so
LoadModule rewrite_module modules/mod_rewrite.so
LoadModule dir_module modules/mod_dir.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule mime_module modules/mod_mime.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule deflate_module modules/mod_deflate.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule cache_module modules/mod_cache.so
LoadModule disk_cache_module modules/mod_disk_cache.so
LoadModule file_cache_module modules/mod_file_cache.so

User apache
Group apache

# the default admin is root@localhost
# in server name the dns name should be specified
ServerAdmin [your data]
ServerName [your data]:80
UseCanonicalName Off

DocumentRoot "[your data]"

# enter the same directory as DocumentRoot
<Directory />
    Options Indexes SymLinksIfOwnerMatch
    DirectoryIndex index.php index.html
    AllowOverride All

    Order allow,deny
    Allow from all
</Directory>

AccessFileName .htaccess
<Files ~ "^\.ht">
    Order allow,deny
    Deny from all
</Files>

TypesConfig /etc/mime.types
DefaultType text/plain
<IfModule mod_mime_magic.c>
    MIMEMagicFile conf/magic
</IfModule>

HostnameLookups Off

ErrorLog logs/error_log
LogLevel warn
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
CustomLog logs/access_log combined

ServerSignature Off

AddDefaultCharset UTF-8

AddType text/html .shtml
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
AddHandler php5-script .php
AddType text/html .php
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl
AddOutputFilterByType DEFLATE text/html text/plain text/xml
DeflateCompressionLevel 9

BrowserMatch "Mozilla/2" nokeepalive
BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch "RealPlayer 4\.0" force-response-1.0
BrowserMatch "Java/1\.0" force-response-1.0
BrowserMatch "JDK/1\.0" force-response-1.0

BrowserMatch "Microsoft Data Access Internet Publishing Provider" redirect-carefully
BrowserMatch "MS FrontPage" redirect-carefully
BrowserMatch "^WebDrive" redirect-carefully
BrowserMatch "^WebDAVFS/1.[0123]" redirect-carefully
BrowserMatch "^gnome-vfs/1.0" redirect-carefully
BrowserMatch "^XML Spy" redirect-carefully
BrowserMatch "^Dreamweaver-WebDAV-SCM1" redirect-carefully

<IfModule mod_mem_cache.c>
 CacheEnable mem /
 MCacheSize 4096
 MCacheMaxObjectCount 100
 MCacheMinObjectSize 1
 MCacheMaxObjectSize 2048
</IfModule>

SSLPassPhraseDialog  builtin
SSLSessionCache         shmcb:/var/cache/mod_ssl/scache(512000)
SSLSessionCacheTimeout  300
SSLMutex default
SSLRandomSeed startup file:/dev/urandom  256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin

SSLEngine on
SSLCertificateFile [your data].crt
SSLCertificateKeyFile [your data].pem
SSLOptions +StdEnvVars

SetEnvIf User-Agent ".*MSIE.*" \ 
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP

Include conf.d/virtual.conf

SSL certificate generation

Please replace [server] to the required name.

openssl genrsa -des3 -rand /dev/rand -out [server].key
openssl rsa -in [server].key -out [server].pem
openssl req -new -key [server].key -out [server].csr
openssl x509 -req -days 365 -in [server].csr -signkey [server].key -out [server].crt
chmod 600 [server].csr [server].crt [server].pem

ArsBuilder MySQL server recommended settings

Please remove the code after ”# only if replication is used” if replications are not used on your server (replications are usually used for the mirrors creation).

[client]
port            = 3306
socket          = /var/run/mysqld/mysqld.sock

[mysqld]
user            = mysql
pid-file        = /var/run/mysqld/mysqld.pid
socket          = /var/run/mysqld/mysqld.sock
port            = 3306
language        = /usr/share/mysql/english
skip-external-locking

log-error=/var/log/mysql.log
relay-log = /var/lib/mysql/relay-bin
relay-log-index = /var/lib/mysql/relay-bin.index
relay-log-info-file = /var/lib/mysql/relay-bin.info 

max_allowed_packet  = 16M
key_buffer_size     = 16M
join_buffer_size    = 4M
table_cache         = 2048
open_files_limit    = 6144
record_buffer       = 16M
read_buffer_size    = 8M
sort_buffer_size    = 256M
query_cache_limit   = 16M
query_cache_size    = 64M
query_cache_type    = 1
max_heap_table_size = 32M
tmp_table_size      = 32M

max_connections = 300
wait_timeout = 600

# only if replication is used
server-id = 1
log_bin = /var/log/mysql/mysql-bin.log
log-slave-updates
replicate-same-server-id = 0
binlog-do-db=[database to replicate]
replicate-do-db=[database to replicate]
replicate-ignore-table=[database to replicate].ars_sessions_data
auto_increment_increment = 10
auto_increment_offset = 2
expire_logs_days = 10
max_binlog_size = 100M
slave-skip-errors=all
slave_compressed_protocol=1

[mysqldump]
quick
quote-names
max_allowed_packet = 16M