Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <IfModule mod_fastcgi.c>
- AddHandler php7-fcgi-www.domaine.com .php
- Action php7-fcgi-www.domaine.com /php7-fcgi-www.domaine.com
- Alias /php7-fcgi-www.domaine.com /usr/lib/cgi-bin/php7-fcgi-www.domaine.com
- FastCgiExternalServer /usr/lib/cgi-bin/php7-fcgi-www.domaine.com -socket /run/php/php7.1-fpm.www.domaine.com.sock -pass-header Authorization
- <Directory "/usr/lib/cgi-bin">
- Require all granted
- </Directory>
- </IfModule>
- <VirtualHost 139.48.174.35:80 [2001:21d0:0908:4500:0000:0000:0000:4641]:80>
- ServerAdmin contact@domaine.com
- ServerName domaine.com
- ServerAlias www.domaine.com
- RewriteEngine on
- RewriteCond %{HTTPS} !on
- RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
- </VirtualHost>
- <IfModule mod_ssl.c>
- <VirtualHost 139.48.174.35:443 [2001:21d0:0908:4500:0000:0000:0000:4641]:443>
- SSLEngine on
- SSLCertificateFile /etc/letsencrypt/live/www.domaine.com/cert.pem
- SSLCertificateKeyFile /etc/letsencrypt/live/www.domaine.com/privkey.pem
- SSLCertificateChainFile /etc/letsencrypt/live/www.domaine.com/chain.pem
- SSLProtocol all -SSLv2 -SSLv3
- SSLHonorCipherOrder on
- SSLCompression off
- SSLOptions +StrictRequire
- SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
- Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
- Header always set X-Content-Type-Options "nosniff"
- Header always set X-XSS-Protection "1; mode=block"
- Header always set X-Frame-Options "SAMEORIGIN"
- Header always set X-Download-Options "noopen"
- Header always set X-Permitted-Cross-Domain-Policies "none"
- Header always set Content-Security-Policy "default-src https: data: 'unsafe-inline' 'unsafe-eval'"
- Header set Set-Cookie HttpOnly;Secure
- ServerAdmin contact@domaine.com
- ServerName domaine.com
- ServerAlias www.domaine.com
- DocumentRoot /var/www/www.domaine.com/public_html/web/
- <Directory /var/www/www.domaine.com/public_html/web>
- Options FollowSymLinks MultiViews
- AllowOverride All
- Require all granted
- </Directory>
- <IfModule mod_fastcgi.c>
- <FilesMatch ".+.ph(p[345]?|t|tml)$">
- SetHandler php7-fcgi-www.domaine.com
- </FilesMatch>
- </IfModule>
- ErrorLog /var/www/www.domaine.com/logs/error.log
- CustomLog /var/www/www.domaine.com/logs/access.log combined
- </VirtualHost>
- </IfModule>
- /**
- * The settings hash defines configuration settings for server.js, the server
- * code executed by node. The available settings and their defaults are listed
- * below.
- *
- * scheme: 'http' or 'https'. This defines whether the node server should
- * contact the Drupal site using http or https. If https is used, the key and
- * cert must be set to valid files. Defaults to 'http'.
- *
- * port: Specify the TCP port that the node server should listen on. Defaults
- * to '8080'.
- *
- * host: Specify the host name or IP address that the node server should listen
- * on. Leave blank to listen for any host name. Otherwise, the server will only
- * respond to names that match the IP address given (or resolved from the given
- * name). Defaults to 'localhost'.
- *
- * resource: http path that the node server should respond to. This value needs
- * to match the Drupal node.js configuration. Defaults to '/socket.io'.
- *
- * serviceKey: An arbitrary string used as a secret between the node.js server
- * and the Drupal site.
- *
- * debug: Whether to write a bunch of debug information to the console. false
- * by default.
- *
- * baseAuthPath: base path for all requests from the backend. This is used to
- * set the authentication call for all requests from the backend. Defaults to
- * '/nodejs/'.
- *
- * sslKeyPath: File system path to a key used for https communication with
- * the server and clients.
- *
- * sslCertPath: File system path to a certificate used for https communication
- * with the server and clients.
- *
- * sslCAPath: File system path to a file containing trusted certificates.
- *
- * sslPassPhrase: SSL passphrase, will be passed in the passphrase key to the
- * https server if set.
- *
- * backend: An object with the following properties:
- *
- * -- port: TCP port of the server running the Drupal site. Defaults to '80'.
- *
- * -- host: Host name of the Drupal site. Defaults to 'localhost'.
- *
- * -- messagePath: http path on which the Drupal node.js module listens for
- * messages from the Node.js server process. Defaults to 'nodejs/message'.
- *
- * -- basePath: the base path of your backend site, defaults to '/'.
- *
- * -- scheme: either 'http' or 'https', defaults to 'http'.
- *
- * -- httpAuth: a username and password in the form 'username:password'
- *
- * -- strictSSL: boolean, whether to be strict with SSL cert, default false.
- *
- * extensions: An array of names of node.js modules that should be loaded as
- * extensions to the node.js server.
- *
- * clientsCanWriteToClients: global flag that allows all clients to be written
- * to by client sockets without going via the backend. Defaults to false. Be
- * careful when enabling this, it can be a security issue.
- *
- * transports: a list of transports to be used by Socket.Io, defaults to
- * ['websocket', 'polling'].
- *
- * jsMinification: whether to call io.enable('browser client minification'),
- * defaults to 'true'.
- *
- * jsEtag: whether to call io.enable('browser client etag').
- *
- * logLevel: the log level to be used by Socket.Io, defaults to '1'.
- */
- settings = {
- scheme: 'http',
- port: 8080,
- host: 'localhost',
- resource: '/socket.io',
- serviceKey: '',
- backend: {
- port: 80,
- host: 'drupalhost',
- scheme: 'http',
- basePath: '',
- messagePath: '/nodejs/message'
- },
- debug: false,
- sslKeyPath: '',
- sslCertPath: '',
- sslCAPath: '',
- baseAuthPath: '/nodejs/',
- extensions: [],
- clientsCanWriteToChannels: false,
- clientsCanWriteToClients: false,
- transports: ['websocket', 'polling'],
- jsMinification: true,
- jsEtag: true,
- logLevel: 1
- };
Add Comment
Please, Sign In to add comment