Skip to content

Instantly share code, notes, and snippets.

@NicolasRannou

NicolasRannou/httpd.conf

Created September 14, 2016 12:40
Show Gist options
  • Save NicolasRannou/1b6c2c22b3b8e5179d16683ab026238a to your computer and use it in GitHub Desktop.
Save NicolasRannou/1b6c2c22b3b8e5179d16683ab026238a to your computer and use it in GitHub Desktop.
Download ZIP
Django REST WGSI client denied by server configuration
Raw
httpd.conf
<IfModule !version_module>
LoadModule version_module '${MOD_WSGI_MODULES_DIRECTORY}/mod_version.so'
</IfModule>
ServerName 0.0.0.0
ServerRoot '/tmp/mod_wsgi-0.0.0.0:8001:1000'
PidFile '/tmp/mod_wsgi-0.0.0.0:8001:1000/httpd.pid'
<IfVersion >= 2.4>
DefaultRuntimeDir '/tmp/mod_wsgi-0.0.0.0:8001:1000'
</IfVersion>
ServerTokens ProductOnly
ServerSignature Off
User ${MOD_WSGI_USER}
Group ${MOD_WSGI_GROUP}
<IfDefine MOD_WSGI_WITH_LISTENER_HOST>
Listen 0.0.0.0:8001
</IfDefine>
<IfDefine !MOD_WSGI_WITH_LISTENER_HOST>
Listen 8001
</IfDefine>
<IfVersion < 2.4>
LockFile '/tmp/mod_wsgi-0.0.0.0:8001:1000/accept.lock'
</IfVersion>
<IfVersion >= 2.4>
<IfDefine MOD_WSGI_WITH_PHP5>
<IfModule !mpm_event_module>
<IfModule !mpm_worker_module>
<IfModule !mpm_prefork_module>
<IfDefine MOD_WSGI_MPM_EXISTS_PREFORK_MODULE>
LoadModule mpm_prefork_module '${MOD_WSGI_MODULES_DIRECTORY}/mod_mpm_prefork.so'
</IfDefine>
</IfModule>
</IfModule>
</IfModule>
</IfDefine>
</IfVersion>
<IfVersion >= 2.4>
<IfModule !mpm_event_module>
<IfModule !mpm_worker_module>
<IfModule !mpm_prefork_module>
<IfDefine MOD_WSGI_MPM_ENABLE_EVENT_MODULE>
LoadModule mpm_event_module '${MOD_WSGI_MODULES_DIRECTORY}/mod_mpm_event.so'
</IfDefine>
<IfDefine MOD_WSGI_MPM_ENABLE_WORKER_MODULE>
LoadModule mpm_worker_module '${MOD_WSGI_MODULES_DIRECTORY}/mod_mpm_worker.so'
</IfDefine>
<IfDefine MOD_WSGI_MPM_ENABLE_PREFORK_MODULE>
LoadModule mpm_prefork_module '${MOD_WSGI_MODULES_DIRECTORY}/mod_mpm_prefork.so'
</IfDefine>
</IfModule>
</IfModule>
</IfModule>
</IfVersion>
<IfVersion >= 2.4>
<IfModule !access_compat_module>
LoadModule access_compat_module '${MOD_WSGI_MODULES_DIRECTORY}/mod_access_compat.so'
</IfModule>
<IfModule !unixd_module>
LoadModule unixd_module '${MOD_WSGI_MODULES_DIRECTORY}/mod_unixd.so'
</IfModule>
<IfModule !authn_core_module>
LoadModule authn_core_module '${MOD_WSGI_MODULES_DIRECTORY}/mod_authn_core.so'
</IfModule>
<IfModule !authz_core_module>
LoadModule authz_core_module '${MOD_WSGI_MODULES_DIRECTORY}/mod_authz_core.so'
</IfModule>
</IfVersion>
<IfModule !authz_host_module>
LoadModule authz_host_module '${MOD_WSGI_MODULES_DIRECTORY}/mod_authz_host.so'
</IfModule>
<IfModule !mime_module>
LoadModule mime_module '${MOD_WSGI_MODULES_DIRECTORY}/mod_mime.so'
</IfModule>
<IfModule !rewrite_module>
LoadModule rewrite_module '${MOD_WSGI_MODULES_DIRECTORY}/mod_rewrite.so'
</IfModule>
<IfModule !alias_module>
LoadModule alias_module '${MOD_WSGI_MODULES_DIRECTORY}/mod_alias.so'
</IfModule>
<IfModule !dir_module>
LoadModule dir_module '${MOD_WSGI_MODULES_DIRECTORY}/mod_dir.so'
</IfModule>
<IfModule !env_module>
LoadModule env_module '${MOD_WSGI_MODULES_DIRECTORY}/mod_env.so'
</IfModule>
<IfModule !headers_module>
LoadModule headers_module '${MOD_WSGI_MODULES_DIRECTORY}/mod_headers.so'
</IfModule>
<IfModule !filter_module>
LoadModule filter_module '${MOD_WSGI_MODULES_DIRECTORY}/mod_filter.so'
</IfModule>
<IfDefine MOD_WSGI_DIRECTORY_LISTING>
<IfModule !autoindex_module>
LoadModule autoindex_module '${MOD_WSGI_MODULES_DIRECTORY}/mod_autoindex.so'
</IfModule>
</IfDefine>
<IfVersion >= 2.2.15>
<IfModule !reqtimeout_module>
LoadModule reqtimeout_module '${MOD_WSGI_MODULES_DIRECTORY}/mod_reqtimeout.so'
</IfModule>
</IfVersion>
<IfDefine MOD_WSGI_COMPRESS_RESPONSES>
<IfModule !deflate_module>
LoadModule deflate_module '${MOD_WSGI_MODULES_DIRECTORY}/mod_deflate.so'
</IfModule>
</IfDefine>
<IfDefine MOD_WSGI_AUTH_USER>
<IfModule !auth_basic_module>
LoadModule auth_basic_module '${MOD_WSGI_MODULES_DIRECTORY}/mod_auth_basic.so'
</IfModule>
<IfModule !auth_digest_module>
LoadModule auth_digest_module '${MOD_WSGI_MODULES_DIRECTORY}/mod_auth_digest.so'
</IfModule>
<IfModule !authz_user_module>
LoadModule authz_user_module '${MOD_WSGI_MODULES_DIRECTORY}/mod_authz_user.so'
</IfModule>
</IfDefine>
<IfDefine MOD_WSGI_WITH_PROXY>
<IfModule !proxy_module>
LoadModule proxy_module ${MOD_WSGI_MODULES_DIRECTORY}/mod_proxy.so
</IfModule>
<IfModule !proxy_http_module>
LoadModule proxy_http_module ${MOD_WSGI_MODULES_DIRECTORY}/mod_proxy_http.so
</IfModule>
</IfDefine>
<IfModule mpm_prefork_module>
<IfDefine MOD_WSGI_WITH_PHP5>
<IfModule !php5_module>
Loadmodule php5_module '${MOD_WSGI_MODULES_DIRECTORY}/libphp5.so'
</IfModule>
AddHandler application/x-httpd-php .php
</IfDefine>
</IfModule>
LoadModule wsgi_module '/home/ubuntu/python-envs/chris-ultron/lib/python3.5/site-packages/mod_wsgi/server/mod_wsgi-py35.cpython-35m-x86_64-linux-gnu.so'
<IfDefine MOD_WSGI_SERVER_METRICS>
<IfModule !status_module>
LoadModule status_module '${MOD_WSGI_MODULES_DIRECTORY}/mod_status.so'
</IfModule>
</IfDefine>
<IfDefine MOD_WSGI_CGID_SCRIPT>
<IfModule !cgid_module>
LoadModule cgid_module '${MOD_WSGI_MODULES_DIRECTORY}/mod_cgid.so'
</IfModule>
</IfDefine>
<IfDefine MOD_WSGI_CGI_SCRIPT>
<IfModule !cgi_module>
LoadModule cgi_module '${MOD_WSGI_MODULES_DIRECTORY}/mod_cgi.so'
</IfModule>
</IfDefine>
<IfVersion < 2.4>
DefaultType text/plain
</IfVersion>
TypesConfig '/etc/mime.types'
HostnameLookups Off
MaxMemFree 64
Timeout 60
ListenBacklog 500
<IfVersion >= 2.2.15>
RequestReadTimeout header=15-30,MinRate=500 body=15,MinRate=500
</IfVersion>
LimitRequestBody 10485760
<Directory />
AllowOverride None
<IfVersion < 2.4>
Order deny,allow
Deny from all
</IfVersion>
<IfVersion >= 2.4>
Require all denied
</IfVersion>
</Directory>
WSGIPythonHome '/home/ubuntu/python-envs/chris-ultron'
WSGIVerboseDebugging 'Off'
<IfDefine !ONE_PROCESS>
WSGIRestrictEmbedded On
WSGISocketPrefix /tmp/mod_wsgi-0.0.0.0:8001:1000/wsgi
<IfDefine MOD_WSGI_MULTIPROCESS>
WSGIDaemonProcess 0.0.0.0:8001 \
display-name='(wsgi:0.0.0.0:8001:1000)' \
home='/home/ubuntu/chris-ultron-backend/chris_backend/config' \
processes=8 \
threads=5 \
maximum-requests=0 \
python-path='' \
python-eggs='/tmp/mod_wsgi-0.0.0.0:8001:1000/python-eggs' \
lang='en_US.UTF-8' \
locale='en_US.UTF-8' \
listen-backlog=100 \
queue-timeout=45 \
socket-timeout=60 \
connect-timeout=15 \
request-timeout=60 \
inactivity-timeout=0 \
startup-timeout=15 \
deadlock-timeout=60 \
graceful-timeout=15 \
eviction-timeout=0 \
shutdown-timeout=5 \
send-buffer-size=0 \
receive-buffer-size=0 \
header-buffer-size=0 \
response-buffer-size=0 \
server-metrics=Off
</IfDefine>
<IfDefine !MOD_WSGI_MULTIPROCESS>
WSGIDaemonProcess 0.0.0.0:8001 \
display-name='(wsgi:0.0.0.0:8001:1000)' \
home='/home/ubuntu/chris-ultron-backend/chris_backend/config' \
threads=5 \
maximum-requests=0 \
python-path='' \
python-eggs='/tmp/mod_wsgi-0.0.0.0:8001:1000/python-eggs' \
lang='en_US.UTF-8' \
locale='en_US.UTF-8' \
listen-backlog=100 \
queue-timeout=45 \
socket-timeout=60 \
connect-timeout=15 \
request-timeout=60 \
inactivity-timeout=0 \
startup-timeout=15 \
deadlock-timeout=60 \
graceful-timeout=15 \
eviction-timeout=0 \
shutdown-timeout=5 \
send-buffer-size=0 \
receive-buffer-size=0 \
response-buffer-size=0 \
server-metrics=Off
</IfDefine>
</IfDefine>
WSGICallableObject 'application'
WSGIPassAuthorization On
WSGIMapHEADToGET Auto
<IfDefine ONE_PROCESS>
WSGIRestrictStdin Off
<IfDefine MOD_WSGI_WITH_PYTHON_PATH>
WSGIPythonPath ''
</IfDefine>
</IfDefine>
<IfDefine MOD_WSGI_SERVER_METRICS>
ExtendedStatus On
</IfDefine>
WSGIServerMetrics Off
<IfDefine MOD_WSGI_SERVER_STATUS>
<Location /server-status>
SetHandler server-status
<IfVersion < 2.4>
Order deny,allow
Deny from all
Allow from localhost
</IfVersion>
<IfVersion >= 2.4>
Require all denied
Require host localhost
</IfVersion>
</Location>
</IfDefine>
<IfDefine MOD_WSGI_KEEP_ALIVE>
KeepAlive On
KeepAliveTimeout 0
</IfDefine>
<IfDefine !MOD_WSGI_KEEP_ALIVE>
KeepAlive Off
</IfDefine>
<IfDefine MOD_WSGI_COMPRESS_RESPONSES>
AddOutputFilterByType DEFLATE text/plain
AddOutputFilterByType DEFLATE text/html
AddOutputFilterByType DEFLATE text/xml
AddOutputFilterByType DEFLATE text/css
AddOutputFilterByType DEFLATE text/javascript
AddOutputFilterByType DEFLATE application/xhtml+xml
AddOutputFilterByType DEFLATE application/javascript
</IfDefine>
<IfDefine MOD_WSGI_ROTATE_LOGS>
ErrorLog "|/usr/bin/rotatelogs \
/tmp/mod_wsgi-0.0.0.0:8001:1000/error_log.%Y-%m-%d-%H_%M_%S 5M"
</IfDefine>
<IfDefine !MOD_WSGI_ROTATE_LOGS>
ErrorLog "/tmp/mod_wsgi-0.0.0.0:8001:1000/error_log"
</IfDefine>
LogLevel warn
<IfDefine MOD_WSGI_ERROR_LOG_FORMAT>
ErrorLogFormat "None"
</IfDefine>
<IfDefine MOD_WSGI_ACCESS_LOG>
<IfModule !log_config_module>
LoadModule log_config_module ${MOD_WSGI_MODULES_DIRECTORY}/mod_log_config.so
</IfModule>
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combined
LogFormat "undefined" custom
<IfDefine MOD_WSGI_ROTATE_LOGS>
CustomLog "|/usr/bin/rotatelogs \
/tmp/mod_wsgi-0.0.0.0:8001:1000/access_log.%Y-%m-%d-%H_%M_%S 5M" common
</IfDefine>
<IfDefine !MOD_WSGI_ROTATE_LOGS>
CustomLog "/tmp/mod_wsgi-0.0.0.0:8001:1000/access_log" common
</IfDefine>
</IfDefine>
<IfDefine MOD_WSGI_CHUNKED_REQUEST>
WSGIChunkedRequest On
</IfDefine>
<IfDefine MOD_WSGI_WITH_PROXY_HEADERS>
WSGITrustedProxyHeaders
</IfDefine>
<IfDefine MOD_WSGI_WITH_TRUSTED_PROXIES>
WSGITrustedProxies
</IfDefine>
<IfDefine MOD_WSGI_WITH_HTTPS>
<IfModule !ssl_module>
LoadModule ssl_module ${MOD_WSGI_MODULES_DIRECTORY}/mod_ssl.so
</IfModule>
</IfDefine>
<IfModule mpm_prefork_module>
<IfDefine !ONE_PROCESS>
ServerLimit 70
StartServers 3
MaxClients 70
MinSpareServers 3
MaxSpareServers 7
</IfDefine>
<IfDefine ONE_PROCESS>
ServerLimit 1
StartServers 1
MaxClients 1
MinSpareServers 1
MaxSpareServers 1
</IfDefine>
MaxRequestsPerChild 0
</IfModule>
<IfModule mpm_worker_module>
<IfDefine !ONE_PROCESS>
ServerLimit 5
ThreadLimit 17
StartServers 1
MaxClients 85
MinSpareThreads 17
MaxSpareThreads 51
ThreadsPerChild 17
</IfDefine>
<IfDefine ONE_PROCESS>
ServerLimit 1
ThreadLimit 1
StartServers 1
MaxClients 1
MinSpareThreads 1
MaxSpareThreads 1
ThreadsPerChild 1
</IfDefine>
MaxRequestsPerChild 0
ThreadStackSize 262144
</IfModule>
<IfModule mpm_event_module>
<IfDefine !ONE_PROCESS>
ServerLimit 5
ThreadLimit 17
StartServers 1
MaxClients 85
MinSpareThreads 17
MaxSpareThreads 51
ThreadsPerChild 17
</IfDefine>
<IfDefine ONE_PROCESS>
ServerLimit 1
ThreadLimit 1
StartServers 1
MaxClients 1
MinSpareThreads 1
MaxSpareThreads 1
ThreadsPerChild 1
</IfDefine>
MaxRequestsPerChild 0
ThreadStackSize 262144
</IfModule>
<IfDefine !MOD_WSGI_VIRTUAL_HOST>
<IfVersion < 2.4>
NameVirtualHost *:8001
</IfVersion>
<VirtualHost _default_:8001>
</VirtualHost>
</IfDefine>
<IfDefine MOD_WSGI_VIRTUAL_HOST>
<IfVersion < 2.4>
NameVirtualHost *:8001
</IfVersion>
<VirtualHost _default_:8001>
<Location />
<IfVersion < 2.4>
Order deny,allow
Deny from all
</IfVersion>
<IfVersion >= 2.4>
Require all denied
</IfVersion>
<IfDefine MOD_WSGI_ALLOW_LOCALHOST>
Allow from localhost
</IfDefine>
</Location>
</VirtualHost>
<IfDefine !MOD_WSGI_HTTPS_ONLY>
<VirtualHost *:8001>
ServerName localhost
<IfDefine MOD_WSGI_SERVER_ALIAS>
ServerAlias None
</IfDefine>
</VirtualHost>
<IfDefine MOD_WSGI_REDIRECT_WWW>
<VirtualHost *:8001>
ServerName unspecified
Redirect permanent / http://localhost:8001/
</VirtualHost>
</IfDefine>
</IfDefine>
<IfDefine MOD_WSGI_HTTPS_ONLY>
<VirtualHost *:8001>
ServerName localhost
<IfDefine MOD_WSGI_SERVER_ALIAS>
ServerAlias None
</IfDefine>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://localhost:8000%{REQUEST_URI}
</VirtualHost>
<IfDefine MOD_WSGI_REDIRECT_WWW>
<VirtualHost *:8001>
ServerName unspecified
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://localhost:8000%{REQUEST_URI}
</VirtualHost>
</IfDefine>
</IfDefine>
</IfDefine>
<IfDefine MOD_WSGI_VIRTUAL_HOST>
<IfDefine MOD_WSGI_WITH_HTTPS>
<IfDefine MOD_WSGI_WITH_LISTENER_HOST>
Listen 0.0.0.0:8000
</IfDefine>
<IfDefine !MOD_WSGI_WITH_LISTENER_HOST>
Listen 8000
</IfDefine>
<IfVersion < 2.4>
NameVirtualHost *:8000
</IfVersion>
<VirtualHost _default_:8000>
<Location />
<IfVersion < 2.4>
Order deny,allow
Deny from all
</IfVersion>
<IfVersion >= 2.4>
Require all denied
</IfVersion>
<IfDefine MOD_WSGI_ALLOW_LOCALHOST>
Allow from localhost
</IfDefine>
</Location>
SSLEngine On
SSLCertificateFile /home/ubuntu/chris-ultron-backend/utils/ssl_cert/local.crt
SSLCertificateKeyFile /home/ubuntu/chris-ultron-backend/utils/ssl_cert/local.key
<IfDefine MOD_WSGI_VERIFY_CLIENT>
SSLCACertificateFile None
SSLVerifyClient none
</IfDefine>
<IfDefine MOD_WSGI_CERTIFICATE_CHAIN>
SSLCertificateChainFile None
</IfDefine>
</VirtualHost>
<VirtualHost *:8000>
ServerName localhost
<IfDefine MOD_WSGI_SERVER_ALIAS>
ServerAlias None
</IfDefine>
SSLEngine On
SSLCertificateFile /home/ubuntu/chris-ultron-backend/utils/ssl_cert/local.crt
SSLCertificateKeyFile /home/ubuntu/chris-ultron-backend/utils/ssl_cert/local.key
<IfDefine MOD_WSGI_VERIFY_CLIENT>
SSLCACertificateFile None
SSLVerifyClient none
</IfDefine>
<IfDefine MOD_WSGI_CERTIFICATE_CHAIN>
SSLCertificateChainFile None
</IfDefine>
<IfDefine MOD_WSGI_HTTPS_ONLY>
<IfDefine MOD_WSGI_HSTS_POLICY>
Header set Strict-Transport-Security None
</IfDefine>
</IfDefine>
<IfDefine MOD_WSGI_SSL_ENVIRONMENT>
SSLOptions +StdEnvVars
</IfDefine>
</VirtualHost>
<IfDefine MOD_WSGI_REDIRECT_WWW>
<VirtualHost *:8000>
ServerName unspecified
Redirect permanent / https://localhost:8000/
SSLEngine On
SSLCertificateFile /home/ubuntu/chris-ultron-backend/utils/ssl_cert/local.crt
SSLCertificateKeyFile /home/ubuntu/chris-ultron-backend/utils/ssl_cert/local.key
<IfDefine MOD_WSGI_VERIFY_CLIENT>
SSLCACertificateFile None
SSLVerifyClient none
</IfDefine>
<IfDefine MOD_WSGI_CERTIFICATE_CHAIN>
SSLCertificateChainFile None
</IfDefine>
</VirtualHost>
</IfDefine>
</IfDefine>
</IfDefine>
DocumentRoot '/tmp/mod_wsgi-0.0.0.0:8001:1000/htdocs'
<Directory '/tmp/mod_wsgi-0.0.0.0:8001:1000'>
<Files handler.wsgi>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
</Files>
</Directory>
<Directory '/tmp/mod_wsgi-0.0.0.0:8001:1000/htdocs/'>
<IfDefine MOD_WSGI_DIRECTORY_INDEX>
DirectoryIndex None
</IfDefine>
<IfDefine MOD_WSGI_DIRECTORY_LISTING>
Options +Indexes
</IfDefine>
<IfDefine MOD_WSGI_CGI_SCRIPT>
Options +ExecCGI
</IfDefine>
<IfDefine MOD_WSGI_CGID_SCRIPT>
Options +ExecCGI
</IfDefine>
RewriteEngine On
Include /tmp/mod_wsgi-0.0.0.0:8001:1000/rewrite.conf
<IfDefine !MOD_WSGI_STATIC_ONLY>
RewriteCond %{REQUEST_FILENAME} !-f
<IfDefine MOD_WSGI_DIRECTORY_INDEX>
RewriteCond %{REQUEST_FILENAME} !-d
</IfDefine>
<IfDefine MOD_WSGI_SERVER_STATUS>
RewriteCond %{REQUEST_URI} !/server-status
</IfDefine>
RewriteRule .* - [H=wsgi-handler]
</IfDefine>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
</Directory>
<IfDefine MOD_WSGI_ERROR_OVERRIDE>
WSGIErrorOverride On
</IfDefine>
<IfDefine MOD_WSGI_HOST_ACCESS>
<Location />
WSGIAccessScript 'None'
</Location>
</IfDefine>
<IfDefine MOD_WSGI_AUTH_USER>
<Location />
AuthType Basic
AuthName '0.0.0.0:8001'
AuthBasicProvider wsgi
WSGIAuthUserScript 'None'
<IfDefine MOD_WSGI_AUTH_GROUP>
WSGIAuthGroupScript 'None'
</IfDefine>
<IfVersion < 2.4>
Require valid-user
<IfDefine MOD_WSGI_AUTH_GROUP>
Require wsgi-group 'wsgi'
</IfDefine>
</IfVersion>
<IfVersion >= 2.4>
<RequireAll>
Require valid-user
<IfDefine MOD_WSGI_AUTH_GROUP>
Require wsgi-group 'wsgi'
</IfDefine>
</RequireAll>
</IfVersion>
</Location>
</IfDefine>
<IfDefine !ONE_PROCESS>
WSGIHandlerScript wsgi-handler '/tmp/mod_wsgi-0.0.0.0:8001:1000/handler.wsgi' \
process-group='0.0.0.0:8001' application-group=%{GLOBAL}
WSGIImportScript '/tmp/mod_wsgi-0.0.0.0:8001:1000/handler.wsgi' \
process-group='0.0.0.0:8001' application-group=%{GLOBAL}
</IfDefine>
<IfDefine ONE_PROCESS>
WSGIHandlerScript wsgi-handler '/tmp/mod_wsgi-0.0.0.0:8001:1000/handler.wsgi' \
process-group='%{GLOBAL}' application-group=%{GLOBAL}
WSGIImportScript '/tmp/mod_wsgi-0.0.0.0:8001:1000/handler.wsgi' \
process-group='%{GLOBAL}' application-group=%{GLOBAL}
</IfDefine>
<IfDefine MOD_WSGI_VERIFY_CLIENT>
<Location '/'>
SSLVerifyClient require
SSLVerifyDepth 1
</Location>
</IfDefine>
Include '/home/ubuntu/chris-ultron-backend/chris_backend/extra.conf'
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment