#
# horde.nausch.org - Horde Groupware
#
<VirtualHost *:443>
        ServerAdmin webmaster@nausch.org
        ServerName horde.nausch.org
        ServerPath /

        # SSL-stuff
        SSLEngine on
        SSLProtocol -ALL +SSLv3 +TLSv1
        SSLCipherSuite ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
        SSLCertificateFile /etc/pki/tls/private/CAcert-class3-certificat.crt
        SSLCertificateKeyFile /etc/pki/tls/private/server.key
        SSLCertificateChainFile /etc/pki/tls/private/CAcert_chain.crt

        AddType application/x-httpd-php .php

        # ActivSync aliases
        Alias /Microsoft-Server-ActiveSync /var/www/horde/rpc.php
        Alias /autodiscover/autodiscover.xml /var/www/horde/rpc.php

        DocumentRoot "/var/www/horde"
        <Directory "/var/www/horde">
                Options Indexes FollowSymLinks
                AllowOverride None

                # Exclude file from password protection
                SetEnvIf Request_URI "(rpc.php)$"  allow
                SetEnvIf Request_URI "(sapi/profile/client)$"  allow
                SetEnvIf Request_URI "(devinfo)$"  allow
                SetEnvIf Request_URI "(Microsoft-Server-ActiveSync)$"  allow

                # Access-stuff
                Order allow,deny
                Allow from all

                # Set exclude all files with env=allow
                Allow from env=allow
                Satisfy any

                # ActiveSync
                RewriteEngine On
                RewriteRule ^/Microsoft-Server-ActiveSync /rpc.php [PT,L,QSA]
                RewriteRule .* - [E=HTTP_MS_ASPROTOCOLVERSION:%{HTTP:Ms-Asprotocolversion}]
                RewriteRule .* - [E=HTTP_X_MS_POLICYKEY:%{HTTP:X-Ms-Policykey}]
                RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

                # If horde dies while trying to handle large email file attachments, you are probably
                # hitting PHP's memory limit. Raise that limit here, but use caution
                # Set to your preference - memory_limit should be at least 32M and be greater than the
                # value set for post_max_size
                # php_value memory_limit 32M
                # php_value post_max_size 20M
                # php_value upload_max_filesize 10M

                # horde.org's recommended PHP settings:
                php_admin_flag safe_mode off
                php_admin_flag magic_quotes_runtime off
                php_flag session.use_trans_sid off
                php_flag session.auto_start off
                php_admin_flag file_uploads on
                # Optional - required for weather block in Horde to function
                php_admin_flag allow_url_fopen on
        </Directory>

        # Deny access to files that are not served directly by the webserver
        <DirectoryMatch "^var/www/horde/(.*/)?(config|lib|locale|po|scripts|templates)/(.*)?">
                Order deny,allow
                Deny from all
        </DirectoryMatch>

        # Deny access to the test.php files except from localhost
        <LocationMatch "^/horde/(.*/)?test.php">
                Order deny,allow
                Deny from all
        </LocationMatch>

        DirectoryIndex index.php

        ErrorLog logs/horde_error.log
        CustomLog logs/horde_access.log combined 
</VirtualHost>