Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # mailcow site configuration
- # ! Do not remove this header !
- SSLStaplingCache "shmcb:logs/stapling-cache(150000)"
- <VirtualHost *:80>
- ServerSignature off
- TraceEnable off
- AddDefaultCharset utf-8
- ServerName "mail.domain.tld"
- DocumentRoot /var/www/mail
- RewriteEngine On
- RewriteCond %{HTTPS} !=on
- RewriteRule ^/?(.*) https://%{HTTP_HOST}/$1 [L,R,NE]
- </VirtualHost>
- <IfModule mod_ssl.c>
- <VirtualHost *:443>
- ServerSignature off
- TraceEnable off
- AddDefaultCharset utf-8
- ServerName "mail.domain.tld"
- DocumentRoot /var/www/mail
- ErrorLog ${APACHE_LOG_DIR}/error.log
- CustomLog ${APACHE_LOG_DIR}/access.log combined
- SSLEngine on
- SSLCertificateFile /etc/letsencrypt/live/mail.domain.tld/fullchain.pem
- SSLCertificateKeyFile /etc/letsencrypt/live/mail.domain.tld/privkey.pem
- ErrorDocument 503 /admin.php
- php_value upload_max_filesize 25M
- php_value post_max_size 26M
- ErrorDocument 500 /admin.php
- <FilesMatch "\.(cgi|shtml|phtml|php)$">
- SSLOptions +StdEnvVars
- </FilesMatch>
- BrowserMatch "MSIE [2-6]" \
- nokeepalive ssl-unclean-shutdown \
- downgrade-1.0 force-response-1.0
- BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
- SSLProtocol All -SSLv2 -SSLv3
- SSLHonorCipherOrder On
- Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
- Header always set X-Frame-Options DENY
- Header always set X-Content-Type-Options nosniff
- SSLCompression off
- SSLUseStapling on
- </VirtualHost>
- <VirtualHost *:443>
- ServerSignature off
- TraceEnable off
- AddDefaultCharset utf-8
- ServerName "dav.domain.tld"
- DocumentRoot /var/www/dav
- ErrorLog ${APACHE_LOG_DIR}/error.log
- CustomLog ${APACHE_LOG_DIR}/access.log combined
- RewriteEngine on
- RewriteRule ^/(.*)$ /server.php [L]
- php_flag output_buffering off
- php_flag always_populate_raw_post_data off
- php_flag magic_quotes_gpc off
- php_flag mbstring.func_overload off
- php_value date.timezone Europe/Berlin
- DirectoryIndex server.php
- SSLEngine on
- SSLCertificateFile /etc/ssl/mail/mail.crt
- SSLCertificateKeyFile /etc/ssl/mail/mail.key
- <FilesMatch "\.(cgi|shtml|phtml|php)$">
- SSLOptions +StdEnvVars
- </FilesMatch>
- BrowserMatch "MSIE [2-6]" \
- nokeepalive ssl-unclean-shutdown \
- downgrade-1.0 force-response-1.0
- BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
- SSLProtocol All -SSLv2 -SSLv3
- SSLHonorCipherOrder On
- Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
- Header always set X-Frame-Options DENY
- Header always set X-Content-Type-Options nosniff
- SSLCompression off
- SSLUseStapling on
- </VirtualHost>
- <VirtualHost *:443>
- ServerSignature off
- TraceEnable off
- AddDefaultCharset utf-8
- ServerName "autodiscover.domain.tld"
- DocumentRoot /var/www/zpush
- <Directory /var/www/zpush>
- Options -Indexes +FollowSymLinks
- php_value register_globals off
- php_value magic_quotes_gpc off
- php_value magic_quotes_runtime off
- php_value short_open_tag on
- php_value allow_call_time_pass_reference on
- php_value date.timezone Europe/Berlin
- php_value max_execution_time 650
- </Directory>
- ErrorLog ${APACHE_LOG_DIR}/error.log
- CustomLog ${APACHE_LOG_DIR}/access.log combined
- AliasMatch "(?i)^/Autodiscover/Autodiscover.xml" "/var/www/zpush/autodiscover/autodiscover.php"
- AliasMatch "(?i)^/Microsoft-Server-ActiveSync" "/var/www/zpush/index.php"
- Alias /autodiscover/autodiscover.xml "/var/www/zpush/autodiscover/autodiscover.php"
- DirectoryIndex index.php
- SSLEngine on
- SSLCertificateFile /etc/ssl/mail/mail.crt
- SSLCertificateKeyFile /etc/ssl/mail/mail.key
- <FilesMatch "\.(cgi|shtml|phtml|php)$">
- SSLOptions +StdEnvVars
- </FilesMatch>
- BrowserMatch "MSIE [2-6]" \
- nokeepalive ssl-unclean-shutdown \
- downgrade-1.0 force-response-1.0
- BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
- SSLProtocol All -SSLv2 -SSLv3
- SSLHonorCipherOrder On
- Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload"
- Header always set X-Frame-Options DENY
- Header always set X-Content-Type-Options nosniff
- SSLCompression off
- SSLUseStapling on
- </VirtualHost>
- </IfModule>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement