# # This is the Apache server configuration file providing SSL support. # It contains the configuration directives to instruct the server how to # serve pages over an https connection. For detailed information about these # directives see # # Do NOT simply read the instructions in here without understanding # what they do. They're here only as hints or reminders. If you are unsure # consult the online docs. You have been warned. # # Required modules: mod_log_config, mod_setenvif, mod_ssl, # socache_shmcb_module (for default value of SSLSessionCache) # # Pseudo Random Number Generator (PRNG): # #SSLRandomSeed startup file:/dev/random 512 #SSLRandomSeed startup file:/dev/urandom 512 #SSLRandomSeed connect file:/dev/random 512 #SSLRandomSeed connect file:/dev/urandom 512 Listen 443 ## SSL Global Context # SSL Cipher Suite: SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES # SSLCipherSuite HIGH:MEDIUM:!SSLv3:!kRSA # SSLProxyCipherSuite HIGH:MEDIUM:!SSLv3:!kRSA SSLHonorCipherOrder on # SSL Protocol support: SSLProtocol all -SSLv3 SSLProxyProtocol all -SSLv3 # Pass Phrase Dialog: SSLPassPhraseDialog builtin # Inter-Process Session Cache: #SSLSessionCache "dbm:/var/run/ssl_scache" SSLSessionCache "shmcb:/var/run/ssl_scache(512000)" SSLSessionCacheTimeout 300 # OCSP Stapling (requires OpenSSL 0.9.8h or later) #SSLUseStapling On #SSLStaplingCache "shmcb:/var/run/ssl_stapling(32768)" # Seconds before valid OCSP responses are expired from the cache #SSLStaplingStandardCacheTimeout 3600 # Seconds before invalid OCSP responses are expired from the cache #SSLStaplingErrorCacheTimeout 600 ## ## SSL Virtual Host Context ## Options None AllowOverride Limit Require all granted Options None AllowOverride Limit Require all granted # General setup for the virtual host DocumentRoot "/usr/local/www/apache24/data" ServerName www.unix-scripts.org:443 ServerAdmin root@unix-scripts.org ErrorLog "/var/log/httpd-error.log" TransferLog "/var/log/httpd-access.log" Alias /zabbix/ "/usr/local/www/zabbix54/" Alias /myadm/ "/usr/local/www/phpMyAdmin/" Alias /Domo/ "/home/algalord/www/domotique/" # SSL Engine Switch: SSLEngine on SSLCertificateFile "/usr/local/etc/letsencrypt/live/unix-scripts.org/cert.pem" # Server Private Key: SSLCertificateKeyFile "/usr/local/etc/letsencrypt/live/unix-scripts.org/privkey.pem" # Server Certificate Chain: SSLCertificateChainFile "/usr/local/etc/letsencrypt/live/unix-scripts.org/fullchain.pem" #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire SSLOptions +StdEnvVars SSLOptions +StdEnvVars CustomLog "/var/log/httpd-ssl_request.log" \ "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" Alias /.well-known/ /usr/local/www/apache24/data/.well-known/ ProxyPass "/bw/" "http://192.168.1.5:4567/" ProxyPreserveHost On ProxyPassReverse "/bw/" "http://192.168.1.5:4567/" # Force la sortie à être compressée par mod_deflate SetOutputFilter DEFLATE # Ajout de types MIME à compresser AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/json # Vous pouvez affiner le niveau de compression si besoin # (disponible sur certaines versions d'Apache) : # DeflateCompressionLevel 6 # Éventuellement, pour éviter de double-comprimer si le backend compresse déjà : # RequestHeader unset Accept-Encoding # General setup for the virtual host DocumentRoot "/usr/local/www/rainloop" ServerName mail.unix-scripts.org:443 ServerAdmin root@unix-scripts.org ErrorLog "/var/log/httpd-error.log" TransferLog "/var/log/httpd-access.log" SSLEngine on SSLCertificateFile "/usr/local/etc/letsencrypt/live/unix-scripts.org/cert.pem" # Server Private Key: SSLCertificateKeyFile "/usr/local/etc/letsencrypt/live/unix-scripts.org/privkey.pem" # Server Certificate Chain: SSLCertificateChainFile "/usr/local/etc/letsencrypt/live/unix-scripts.org/fullchain.pem" #SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire SSLOptions +StdEnvVars Options Indexes FollowSymLinks AllowOverride All Require all granted Alias /.well-known/ /usr/local/www/apache24/data/.well-known/