vHost SSL

1. <IfModule mod_ssl.c>
2.  
3. SSLStaplingCache shmcb:/tmp/stapling_cache(128000)
4.  
5. <VirtualHost *:443>
6.  
7. ServerAdmin webmaster@localhost
8. DocumentRoot /var/www/html
9.  
10. ###
11. Header always set Referrer-Policy "same-origin"
12. Header set Strict-Transport-Security "max-age=15768000; includeSubdomains;"
13. Header set X-Frame-Options: DENY
14. Header set X-XSS-Protection "1; mode=block"
15. Header set X-Content-Type-Options: nosniff
16. Header set Content-Security-Policy "default-src 'self';"
17. Header always set Public-Key-Pins "pin-sha256=\"YLh1dUR9y6Kja30RrAn7JKnbQG/uEtLMkBgFF2Fuihg=\"; pin-sha256=\"C5+lpZ7tcVwmwQIMcRtPbsQtWLABXhQzejna0wHFr8M=\"; pin-sha256=\"sRHdihwgkaib1P1gxX8HFszlD+7/gTfNvuAybgLPNis=\"; pin-sha256=\"za7Ua9rgoG4hdw2IRNSGzHldSpDLUQLGyNLEvhofpD8=\"; pin-sha256=\"2mwKohR7EVlZtxlB9lNcneNZCWkwopiiUHwygomeoVc=\"; max-age=864000; includeSubdomains"
18. ###
19.  
20. ErrorLog ${APACHE_LOG_DIR}/error.log
21. CustomLog ${APACHE_LOG_DIR}/access.log combined
22.  
23. #Include conf-available/serve-cgi-bin.conf
24.  
25. SSLCertificateFile /etc/letsencrypt/live/rurdos.link-0001/fullchain.pem
26. SSLCertificateKeyFile /etc/letsencrypt/live/rurdos.link-0001/privkey.pem
27.  
28. SSLCACertificateFile /etc/letsencrypt/live/rurdos.link-0001/cabundle.pem
29. SSLUseStapling on
30.  
31. Include /etc/letsencrypt/options-ssl-apache.conf
32.  
33. ServerName rurdos.link
34.  
35. </VirtualHost>
36.  
37. # vim: syntax=apache ts=4 sw=4 sts=4 sr noet
38.  
39. </IfModule>