diff --git a/conf/bchub.epfl.ch.conf b/conf/bchub.epfl.ch.conf new file mode 100644 index 0000000000000000000000000000000000000000..c9482e431eb5093ce2d77c3339b54cc338306174 --- /dev/null +++ b/conf/bchub.epfl.ch.conf @@ -0,0 +1,28 @@ +#OnlyRedirect to SSL VirtualHost +<VirtualHost *:80> + ServerName bchub.epfl.ch + ServerAdmin giovanna.ambrosini@epfl.ch + + ErrorLog logs/bchub-error_log + CustomLog logs/bchub-access_log common + + RewriteEngine On + RewriteCond %{HTTPS} !on + RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} +</VirtualHost> + +<VirtualHost *:443> + ServerName bchub.epfl.ch + ServerAdmin giovanna.ambrosini@epfl.ch + + SSLEngine on + Redirect permanent / https://ccg.epfl.ch/bchub/ + SSLProtocol All -SSLv2 -SSLv3 + SSLHonorCipherOrder on + SSLCipherSuite HIGH:!aNULL:!MD5 + SSLCertificateFile /etc/pki/tls/certs/bchub.epfl.ch.pem + SSLCertificateKeyFile /etc/pki/tls/private/bchub.epfl.ch.key + SSLCertificateChainFile /etc/pki/tls/certs/bchub.epfl.ch.pem + + Header add Strict-Transport-Security "max-age=15768000" +</VirtualHost> diff --git a/conf/ccg.vital-it.ch.conf.xz b/conf/ccg.vital-it.ch.conf.xz new file mode 100644 index 0000000000000000000000000000000000000000..b62ef4d4c29ab42280493695c61a11fb0ab89ddd Binary files /dev/null and b/conf/ccg.vital-it.ch.conf.xz differ diff --git a/conf/ccg2.conf.disabled.xz b/conf/ccg2.conf.disabled.xz new file mode 100644 index 0000000000000000000000000000000000000000..fb7545494ebc3d10ebaea48d81b50b99596f2eeb Binary files /dev/null and b/conf/ccg2.conf.disabled.xz differ diff --git a/conf/cleanex.epfl.ch.conf.old.xz b/conf/cleanex.epfl.ch.conf.old.xz new file mode 100644 index 0000000000000000000000000000000000000000..67f6a4c9eddd7be7ce5e66a8e2e5236388c75639 Binary files /dev/null and b/conf/cleanex.epfl.ch.conf.old.xz differ diff --git a/conf/cleanex.vital-it.ch.conf.xz b/conf/cleanex.vital-it.ch.conf.xz new file mode 100644 index 0000000000000000000000000000000000000000..9eff3c443fed5141355e7b414d86d36d25306fa4 Binary files /dev/null and b/conf/cleanex.vital-it.ch.conf.xz differ diff --git a/conf/cleanex2.conf.disabled.xz b/conf/cleanex2.conf.disabled.xz new file mode 100644 index 0000000000000000000000000000000000000000..01ee2aca5460baf12ee997b3daf8a0c8dd4afe5a Binary files /dev/null and b/conf/cleanex2.conf.disabled.xz differ diff --git a/conf/epd.epfl.ch.conf b/conf/epd.epfl.ch.conf new file mode 100644 index 0000000000000000000000000000000000000000..4f06b4261ab66ca63285964303643544809da150 --- /dev/null +++ b/conf/epd.epfl.ch.conf @@ -0,0 +1,104 @@ +#OnlyRedirect to SSL VirtualHost +<VirtualHost *:80> + ServerAdmin giovanna.ambrosini@epfl.ch + DocumentRoot /home/local/epd/htdocs + ServerName epd.epfl.ch + #ServerAlias epd2.vital-it.ch + # ServerAlias www.epd.isb-sib.ch epd.isb-sib.ch epdtest.vital-it.ch + ErrorLog logs/epd2-error_log + CustomLog logs/epd2-access_log common + + # Redirect all access to the corresponding HTTPS site + + RewriteEngine On + RewriteCond %{HTTPS} !on + RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} +</VirtualHost> + +# +# Example config for SSL-VirtualHost +# +# SSL config will only be used if 'mod_ssl' has been activated (see '/etc/httpd/conf.modules.d/00-ssl.conf') +# +<IfModule mod_ssl.c> +<VirtualHost *:443> + ServerAdmin giovanna.ambrosini@epfl.ch + DocumentRoot /home/local/epd/htdocs + ServerName epd.epfl.ch + #ServerAlias epd2.vital-it.ch + # ServerAlias www.epd.isb-sib.ch epd.isb-sib.ch epdtest.vital-it.ch + + ScriptAlias /cgi-bin/ "/home/local/epd/cgi-bin/" + Alias /icons/ "/home/local/ccgweb/htdocs/icons/" + + ErrorLog logs/epd2-ssl_error_log + CustomLog logs/epd2-ssl_access_log common + + + SSLEngine on + SSLProtocol All -SSLv2 -SSLv3 + SSLHonorCipherOrder on + SSLCipherSuite HIGH:!aNULL:!MD5 + SSLCertificateFile /etc/pki/tls/certs/epd.epfl.ch.crt.pem + SSLCertificateKeyFile /etc/pki/tls/private/epd.epfl.ch.key + SSLCertificateChainFile /etc/pki/tls/certs/epd.epfl.ch.crt.pem + + + # If completely SSL VirtualHost (!! http VHost redirects to https !!) + Header add Strict-Transport-Security "max-age=15768000" + +# # Optional SSL-specific options, needed to pass SSL_* variables to scripts +# <Files ~ "\.(cgi|shtml|phtml|php3?)$"> +# SSLOptions +StdEnvVars +# </Files> +# <Directory "/var/vhosts/.../cgi-bin"> +# SSLOptions +StdEnvVars +# </Directory> + +# Optional SSL-protocol adjustment +# BrowserMatch "MSIE [2-5]" \ +# nokeepalive ssl-unclean-shutdown \ +# downgrade-1.0 force-response-1.0 +# Optional Per-Server Logging: +# CustomLog /var/vhosts/.../sslhost1/log/sslhost1-ssl-request_log \ +# "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" + + <Directory "/home/local/epd/cgi-bin"> + AllowOverride None + DirectoryIndex disabled + Options FollowSymLinks + DirectoryIndex index.html index.php + # Apache 2.4 style: + Require all granted + </Directory> + <Directory "/home/local/epd/htdocs"> + AllowOverride None + DirectoryIndex disabled + Options FollowSymLinks + DirectoryIndex index.html index.php + # Apache 2.4 style: + Require all granted + </Directory> + + # Example of how to use the 'tools/' directory to include an external + # framework into your URL tree: + # + # Alias /exttool /var/vhosts/.../sslhost1/tools/exttool/htdocs + + + # + # mod_security: Disable some rules + # + <IfModule mod_security2.c> + # Put mod_security into "Log-only" mode (VF, 2015.01.16) + # See also below... + SecRuleEngine DetectionOnly + + #SecRuleRemoveById 958291 960020 + # OR disable mod_security specifically for this site: + #SecRuleEngine Off + </IfModule> + +</VirtualHost> + +</IfModule> diff --git a/conf/epd.vital-it.ch.conf.xz b/conf/epd.vital-it.ch.conf.xz new file mode 100644 index 0000000000000000000000000000000000000000..5b5edcff06e6082ae79a0c7fdf2cba673fa59ed7 Binary files /dev/null and b/conf/epd.vital-it.ch.conf.xz differ diff --git a/conf/epd2.conf.disabled.xz b/conf/epd2.conf.disabled.xz new file mode 100644 index 0000000000000000000000000000000000000000..b2adeba061face5ab13bfdf80e0a3b11fa9fbe36 Binary files /dev/null and b/conf/epd2.conf.disabled.xz differ