From ebf4b836be4aa842d3fea9632b6e66f8b897a181 Mon Sep 17 00:00:00 2001
From: epd <epd@sib.swiss>
Date: Fri, 19 Jul 2024 15:47:18 +0200
Subject: [PATCH] Add miniEPD Apache conf
---
conf/sib.swiss--miniEPD.apache.conf | 111 ++++++++++++++++++++++++++++
1 file changed, 111 insertions(+)
create mode 100644 conf/sib.swiss--miniEPD.apache.conf
diff --git a/conf/sib.swiss--miniEPD.apache.conf b/conf/sib.swiss--miniEPD.apache.conf
new file mode 100644
index 0000000000..bf75461542
--- /dev/null
+++ b/conf/sib.swiss--miniEPD.apache.conf
@@ -0,0 +1,111 @@
+#
+# Example config for FULL-VirtualHost SSL
+#
+# Goal: OnlyRedirect to SSL VirtualHost
+#
+<VirtualHost *:8093>
+ ServerAdmin Sebastien.Moretti@sib.swiss
+ DocumentRoot /var/vhosts/sib.swiss/MINIEPD/htdocs
+ ServerName epdnew.vital-it.ch
+
+ ErrorLog /var/vhosts/sib.swiss/MINIEPD/log/MINIEPD-error_log
+ CustomLog /var/vhosts/sib.swiss/MINIEPD/log/MINIEPD-access_log combined
+
+# # Redirect all access to the corresponding HTTPS site
+# RewriteEngine On
+# RewriteCond %{HTTPS} !=on
+# RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L,NE]
+#</VirtualHost>
+#
+##
+## Example config for SSL-VirtualHost
+##
+## SSL config will only be used if 'mod_ssl' has been activated (see '/etc/httpd/conf.modules.d/00-ssl.conf')
+##
+#<IfModule mod_ssl.c>
+#<VirtualHost *:443>
+# ServerAdmin Sebastien.Moretti@sib.swiss
+# ServerName epdnew.vital-it.ch
+#
+# DocumentRoot /var/vhosts/sib.swiss/MINIEPD/htdocs
+#
+# ErrorLog /var/vhosts/sib.swiss/MINIEPD/log/MINIEPD-ssl-error_log
+# CustomLog /var/vhosts/sib.swiss/MINIEPD/log/MINIEPD-ssl-access_log combined
+#
+# # SSL-specific options:
+# SSLUseStapling off
+#
+# SSLEngine on
+# # Let's Encrypt certificates and chain (for Apache < 2.4.8)
+# SSLCertificateFile /var/vhosts/cert-store/sib.swiss/cert.pem
+# SSLCertificateKeyFile /var/vhosts/cert-store/sib.swiss/privkey.pem
+# SSLCertificateChainFile /var/vhosts/cert-store/sib.swiss/chain.pem
+## SSLCertificateFile /var/vhosts/sib.swiss/MINIEPD/ssl/certificate/UCNEbase.crt
+## SSLCertificateFile /etc/pki/tls/certs/localhost.crt
+# # Key-file should be readable by 'root' only
+## SSLCertificateKeyFile /var/vhosts/sib.swiss/MINIEPD/ssl/certificate/UCNEbase.key
+## SSLCertificateKeyFile /etc/pki/tls/private/localhost.key
+# # For QuoVadis SSL certificates please uncomment:
+## SSLCertificateChainFile /etc/pki/tls/certs/qvsslg2.crt.pem
+
+ # Activate HTTP2 protocol
+ Protocols h2 http/1.1
+
+ #SEB: Improvements according to webhint feedbacks
+ AddCharset utf-8 .css \
+ .svg \
+ .js \
+ .json \
+ .map \
+ .xml
+
+ #Add missing X-Content-Type-Options Header
+ Header set X-Content-Type-Options nosniff
+
+ #Security: hide PHP
+ Header unset X-Powered-By
+
+# # If completely SSL VirtualHost (!! http VHost redirects to https !!)
+# Header set Strict-Transport-Security "max-age=15768000"
+#
+## # Optional SSL-specific options, needed to pass SSL_* variables to scripts
+## <Files ~ "\.(cgi|shtml|phtml|php3?)$">
+## SSLOptions +StdEnvVars
+## </Files>
+ ScriptAlias /cgi-bin/ "/var/vhosts/sib.swiss/MINIEPD/cgi-bin/"
+ <Directory "/var/vhosts/sib.swiss/MINIEPD/cgi-bin">
+# SSLOptions +StdEnvVars
+ AllowOverride None
+ Options FollowSymLinks
+ Require all granted
+ </Directory>
+
+ <Directory "/var/vhosts/sib.swiss/MINIEPD/htdocs">
+ # Changed to 'none', please activate only in sub-directories were htaccess files will be used.
+ AllowOverride None
+ Options FollowSymLinks
+ Require all granted
+ </Directory>
+
+ <Directory "/var/vhosts/sib.swiss/MINIEPD/htdocs/data">
+ AllowOverride None
+ Options +FollowSymLinks +Indexes
+ Require all granted
+ </Directory>
+
+ #
+ # mod_security: Disable some rules
+ #
+ <IfModule mod_security2.c>
+ # Put mod_security into "Log-only" mode (VF, 2015.01.16)
+ # See also below...
+ SecRuleEngine DetectionOnly
+
+ #SecRuleRemoveById 958291 960020
+ # OR disable mod_security specifically for this site:
+ #SecRuleEngine Off
+ </IfModule>
+
+</VirtualHost>
+
+#</IfModule>
--
GitLab