vim /etc/apache2/sites-enabled/default-ssl.conf

- August 06, 2024

Apache base virtual host file, default ssl conf file.

Vim /etc/apache2/sites-enabled/default-ssl.conf:

ServerName jobsite.com

ServerAlias *.jobsite.com

LogLevel debug

ErrorLog /var/log/apache2/jobsite_com_error.log

CustomLog /var/log/apache2/jobsite_com_custom.log combined

SSLEngine on

SSLCertificateFile /etc/ssl/jobsite_com/jobsite_com.crt

SSLCertificateKeyFile /etc/ssl/jobsite_com/jobsite_com.key

# SSLCertificateChainFile /etc/ssl/jobsite_com/intermediate.crt

RewriteEngine On

RewriteCond %{HTTPS} off [OR]

RewriteCond %{HTTP_HOST} ^jobsite\.com [NC,OR]

RewriteCond %{SERVER_NAME} xxx.xx.xxx.xxx

RewriteRule /(.*) https://www.jobsite.com/$1 [R=301,L]

RewriteCond %{HTTPS} off

RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

LimitRequestBody 31457280

# WSGIDaemonProcess www.jobsite.com python-home=/root/.virtualenvs/jobsite_com \

# python-path=/home/admin/production/hnj:/root/.virtualenvs/jobsite_com/lib/python2.7/site-packages \

# processes=10 threads=100 maximum-requests=1000 display-name=%{GROUP}

# /usr/local/venvs/jobsite_com/bin/python

WSGIDaemonProcess www.jobsite.com \

python-home=/usr/local/venvs/jobsite_com/lib/python2.7/site-packages \

python-path=/home/admin/production/hnj

WSGIScriptAlias / /home/admin/production/hnj/hnj/wsgi.py

WSGIProcessGroup www.jobsite.com

# WSGIDaemonProcess www.jobsite.com processes=10 threads=100 maximum-requests=1000 display-name=%{GROUP}

# WSGIProcessGroup www.jobsite.com

# WSGIScriptAlias / /home/admin/production/hnj/hnj/wsgi.py

# SetEnvIfNoCase Host "^[^_]+\.heeft-nieuwe-jobs\.website" VALID_HOST

# <RequireAll>

# Require all granted

# Require env VALID_HOST

# </RequireAll>

Require expr %{HTTP_HOST} =~ m#^[^_]+\.jobsite\.com#

</Files>

Alias /media/uploads/ /var/www/jobsite_com/media/uploads/

SetHandler None

Options -Indexes

AddType text/html php

Require expr %{HTTP_HOST} =~ m#^[^_]+\.jobsite\.com#

</Location>

Alias /static/ /var/www/jobsite_com/static/

SetHandler None

Options -Indexes

AddType text/html php

Require expr %{HTTP_HOST} =~ m#^[^_]+\.jobsite\.com#

</Location>

ExpiresActive On

ExpiresDefault A0

# Set up caching on media files for 1 week

ExpiresDefault A604800

Header append Cache-Control "public"

</FilesMatch>

# Set up caching on media files for 1 month

ExpiresDefault A2592000

Header append Cache-Control "public"

</FilesMatch>

# Set up 1 Day caching on commonly updated files

ExpiresDefault A86400

Header append Cache-Control "proxy-revalidate"

</FilesMatch>

# Set up 2 Hour caching on commonly updated files

ExpiresDefault A7200

Header append Cache-Control "proxy-revalidate"

</FilesMatch>

SSLOptions +StdEnvVars

</FilesMatch>

SSLOptions +StdEnvVars

</Directory>

# Guarantee HTTPS for 1 Year including Sub Domains

Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"

BrowserMatch "MSIE [2-6]" \

nokeepalive ssl-unclean-shutdown \

downgrade-1.0 force-response-1.0

# MSIE 7 and newer should be able to use keepalive

BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown

SSLCipherSUite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 \

EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH EDH+aRSA \

!CAMELLIA !SEED !3DES !RC4 !aNULL !eNULL !LOW !MD5 !EXP !PSK !SRP !DSS"

</VirtualHost>

</IfModule>

Search This Blog

Web Development Notes

vim /etc/apache2/sites-enabled/default-ssl.conf

Apache base virtual host file, default ssl conf file.

Comments

Post a Comment

Popular posts from this blog

Installing the Certbot Let’s Encrypt Client for NGINX on Amazon Linux 2

psql: error: connection to server at "localhost" (127.0.0.1), port 5433 failed: ERROR: failed to authenticate with backend using SCRAM DETAIL: valid password not found

Deploy Nuxt.js app using Apache 2