Add miniEPD Apache conf

ebf4b836 · epd · e1862a08 · ebf4b836
Commit ebf4b836 authored 9 months ago by epd
--- a/conf/sib.swiss--miniEPD.apache.conf
+++ b/conf/sib.swiss--miniEPD.apache.conf
+#
+# Example config for FULL-VirtualHost SSL
+#
+# Goal: OnlyRedirect to SSL VirtualHost
+#
+<VirtualHost *:8093>
+	ServerAdmin  Sebastien.Moretti@sib.swiss
+	DocumentRoot /var/vhosts/sib.swiss/MINIEPD/htdocs
+	ServerName   epdnew.vital-it.ch
+
+	ErrorLog     /var/vhosts/sib.swiss/MINIEPD/log/MINIEPD-error_log
+	CustomLog    /var/vhosts/sib.swiss/MINIEPD/log/MINIEPD-access_log combined
+
+#	# Redirect all access to the corresponding HTTPS site
+#	RewriteEngine On
+#	RewriteCond %{HTTPS} !=on
+#	RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L,NE]
+#</VirtualHost>
+#
+##
+## Example config for SSL-VirtualHost
+##
+## SSL config will only be used if 'mod_ssl' has been activated (see '/etc/httpd/conf.modules.d/00-ssl.conf')
+##
+#<IfModule mod_ssl.c>
+#<VirtualHost *:443>
+#	ServerAdmin Sebastien.Moretti@sib.swiss
+#	ServerName  epdnew.vital-it.ch
+#
+#	DocumentRoot /var/vhosts/sib.swiss/MINIEPD/htdocs
+#
+#	ErrorLog     /var/vhosts/sib.swiss/MINIEPD/log/MINIEPD-ssl-error_log
+#	CustomLog    /var/vhosts/sib.swiss/MINIEPD/log/MINIEPD-ssl-access_log combined
+#
+#	# SSL-specific options:
+#	SSLUseStapling off
+#
+#	SSLEngine on
+#	# Let's Encrypt certificates and chain (for Apache < 2.4.8)
+#	SSLCertificateFile      /var/vhosts/cert-store/sib.swiss/cert.pem
+#	SSLCertificateKeyFile   /var/vhosts/cert-store/sib.swiss/privkey.pem
+#	SSLCertificateChainFile /var/vhosts/cert-store/sib.swiss/chain.pem
+##	SSLCertificateFile    /var/vhosts/sib.swiss/MINIEPD/ssl/certificate/UCNEbase.crt
+##	SSLCertificateFile     /etc/pki/tls/certs/localhost.crt
+#	# Key-file should be readable by 'root' only
+##	SSLCertificateKeyFile /var/vhosts/sib.swiss/MINIEPD/ssl/certificate/UCNEbase.key
+##	SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
+#	# For QuoVadis SSL certificates please uncomment:
+##	SSLCertificateChainFile /etc/pki/tls/certs/qvsslg2.crt.pem
+
+	# Activate HTTP2 protocol
+	Protocols h2 http/1.1
+
+	#SEB: Improvements according to webhint feedbacks
+	AddCharset utf-8 .css \
+	                 .svg \
+	                 .js \
+	                 .json \
+	                 .map \
+	                 .xml
+
+	#Add missing X-Content-Type-Options Header
+	Header set X-Content-Type-Options nosniff
+
+	#Security: hide PHP
+	Header unset X-Powered-By
+
+#	# If completely SSL VirtualHost (!! http VHost redirects to https !!)
+#	Header set Strict-Transport-Security "max-age=15768000"
+#
+##	# Optional SSL-specific options, needed to pass SSL_* variables to scripts
+##	<Files ~ "\.(cgi|shtml|phtml|php3?)$">
+##		SSLOptions +StdEnvVars
+##	</Files>
+	ScriptAlias /cgi-bin/ "/var/vhosts/sib.swiss/MINIEPD/cgi-bin/"
+	<Directory "/var/vhosts/sib.swiss/MINIEPD/cgi-bin">
+#		SSLOptions +StdEnvVars
+		AllowOverride None
+		Options FollowSymLinks
+		Require all granted
+	</Directory>
+
+	<Directory "/var/vhosts/sib.swiss/MINIEPD/htdocs">
+		# Changed to 'none', please activate only in sub-directories were htaccess files will be used.
+		AllowOverride None
+		Options FollowSymLinks
+		Require all granted
+	</Directory>
+
+	<Directory "/var/vhosts/sib.swiss/MINIEPD/htdocs/data">
+		AllowOverride None
+		Options +FollowSymLinks +Indexes
+		Require all granted
+	</Directory>
+
+	#
+	# mod_security: Disable some rules
+	#
+	<IfModule mod_security2.c>
+		# Put mod_security into "Log-only" mode (VF, 2015.01.16)
+		# See also below...
+		SecRuleEngine DetectionOnly
+
+		#SecRuleRemoveById 958291 960020
+		# OR disable mod_security specifically for this site:
+		#SecRuleEngine Off
+	</IfModule>
+
+</VirtualHost>
+
+#</IfModule>