Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- in apache2 sites enabled:
- root@myserver:~# ls -al /etc/apache2/sites-enabled
- totaal 20
- drwxr-xr-x 2 root root 4096 nov 16 13:18 .
- drwxr-xr-x 8 root root 4096 nov 16 16:40 ..
- -rw-r--r-- 1 root root 967 nov 16 13:18 443-MenesMooiste-vhost.conf
- -rw-r--r-- 1 root root 481 nov 15 11:05 MenesMooiste-vhost.conf
- -rw-r--r-- 1 root root 1237 nov 15 11:08 MenesServer-default.conf
- in the MenesServer-default.conf file I have:
- <VirtualHost *:80>
- ServerAdmin webmaster@localhost
- DocumentRoot /var/www/
- <Directory />
- Options +FollowSymLinks +MultiViews
- AllowOverride all
- </Directory>
- <Directory /var/www/>
- Options +Indexes +FollowSymLinks +MultiViews
- AllowOverride all
- #Order allow,deny
- #allow from all
- Require all granted
- </Directory>
- #### error-log instellingen
- ErrorLog /var/log/apache2/error.log
- # Possible values include: debug, info, notice, warn, error, crit,
- # alert, emerg.
- LogLevel warn
- CustomLog /var/log/apache2/access.log combined
- ServerSignature On
- Alias /doc/ "/usr/share/doc/"
- <Directory "/usr/share/doc/">
- Options +Indexes +MultiViews +FollowSymLinks
- AllowOverride all
- Order deny,allow
- Deny from all
- Allow from 127.0.0.0/255.0.0.0 ::1/128
- </Directory>
- </VirtualHost>
- in the MenesMooiste-vhost.conf I have:
- <VirtualHost *:80>
- DocumentRoot "/var/www/www.menesmooiste.nl/www/html"
- ServerName www.menesmooiste.nl
- ServerAlias menesmooiste.nl www.menesmooiste.nl
- <Directory "/var/www/www.menesmooiste.nl/www/html">
- Options -Indexes +FollowSymLinks +MultiViews
- AllowOverride all
- </Directory>
- </VirtualHost>
- in the 443-MenesMooiste-vhost.conf I have:
- <VirtualHost *:443>
- DocumentRoot "/var/www/www.menesmooiste.nl/www/html"
- ServerName www.menesmooiste.nl
- ServerAlias menesmooiste.nl www.menesmooiste.nl
- #instellingen voor ssl (secure toegang)
- SSLEngine on
- SSLCertificateFile /etc/letsencrypt/live/www.menesmooiste.nl/fullchain.pem
- SSLCertificateKeyFile /etc/letsencrypt/live/www.menesmooiste.nl/privkey.pem
- <Directory "/var/www/www.menesmooiste.nl/www/html">
- Options -Indexes +FollowSymLinks +MultiViews
- AllowOverride all
- </Directory>
- </VirtualHost>
- The apache2/sites-available/default-ssl.conf the default one from the install nothing changed there
- <IfModule mod_ssl.c>
- <VirtualHost _default_:443>
- ServerAdmin webmaster@localhost
- DocumentRoot /var/www/html
- # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
- # error, crit, alert, emerg.
- # It is also possible to configure the loglevel for particular
- # modules, e.g.
- #LogLevel info ssl:warn
- ErrorLog ${APACHE_LOG_DIR}/error.log
- CustomLog ${APACHE_LOG_DIR}/access.log combined
- # For most configuration files from conf-available/, which are
- # enabled or disabled at a global level, it is possible to
- # include a line for only one particular virtual host. For example the
- # following line enables the CGI configuration for this host only
- # after it has been globally disabled with "a2disconf".
- #Include conf-available/serve-cgi-bin.conf
- # SSL Engine Switch:
- # Enable/Disable SSL for this virtual host.
- SSLEngine on
- # A self-signed (snakeoil) certificate can be created by installing
- # the ssl-cert package. See
- # /usr/share/doc/apache2/README.Debian.gz for more info.
- # If both key and certificate are stored in the same file, only the
- # SSLCertificateFile directive is needed.
- SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
- SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
- # Server Certificate Chain:
- # Point SSLCertificateChainFile at a file containing the
- # concatenation of PEM encoded CA certificates which form the
- # after it has been globally disabled with "a2disconf".
- #Include conf-available/serve-cgi-bin.conf
- # SSL Engine Switch:
- # Enable/Disable SSL for this virtual host.
- SSLEngine on
- # A self-signed (snakeoil) certificate can be created by installing
- # the ssl-cert package. See
- # /usr/share/doc/apache2/README.Debian.gz for more info.
- # If both key and certificate are stored in the same file, only the
- # SSLCertificateFile directive is needed.
- SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
- SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
- # Server Certificate Chain:
- # Point SSLCertificateChainFile at a file containing the
- # concatenation of PEM encoded CA certificates which form the
- # certificate chain for the server certificate. Alternatively
- # the referenced file can be the same as SSLCertificateFile
- # when the CA certificates are directly appended to the server
- # certificate for convinience.
- #SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt
- # Certificate Authority (CA):
- # Set the CA certificate verification path where to find CA
- # certificates for client authentication or alternatively one
- # huge file containing all of them (file must be PEM encoded)
- # Note: Inside SSLCACertificatePath you need hash symlinks
- # to point to the certificate files. Use the provided
- # Makefile to update the hash symlinks after changes.
- #SSLCACertificatePath /etc/ssl/certs/
- #SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt
- # Certificate Revocation Lists (CRL):
- # Set the CA revocation path where to find CA CRLs for client
- # authentication or alternatively one huge file containing all
- #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
- <FilesMatch "\.(cgi|shtml|phtml|php)$">
- SSLOptions +StdEnvVars
- </FilesMatch>
- <Directory /usr/lib/cgi-bin>
- SSLOptions +StdEnvVars
- </Directory>
- # "force-response-1.0" for this.
- BrowserMatch "MSIE [2-6]" \
- nokeepalive ssl-unclean-shutdown \
- downgrade-1.0 force-response-1.0
- # MSIE 7 and newer should be able to use keepalive
- BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
- </VirtualHost>
- </IfModule>
- # vim: syntax=apache ts=4 sw=4 sts=4 sr noet
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement