Update apache2.conf
This commit is contained in:
parent
ac110932a4
commit
73763acdaa
|
@ -1,14 +1,16 @@
|
||||||
|
# Please make sure that you have the modules mod_ssl, mod_headers,
|
||||||
|
# mod_proxy and mod_proxy_http enabled. If not, you can use following
|
||||||
|
# command:
|
||||||
|
# $ sudo a2enmod ssl headers proxy proxy_http
|
||||||
|
|
||||||
<VirtualHost *:443>
|
<VirtualHost *:443>
|
||||||
ServerAdmin XXXXXXXXXX
|
ServerName localhost
|
||||||
ServerName XXXXXXXXXX
|
|
||||||
ServerAlias XXXXXXXXXX
|
|
||||||
DocumentRoot XXXXXXXXXX
|
|
||||||
|
|
||||||
# Enable secure communication using HTTPS
|
# Enable secure communication using HTTPS
|
||||||
|
# Adjust the paths to the certificates files to your environment
|
||||||
SSLEngine on
|
SSLEngine on
|
||||||
SSLCertificateFile XXXXXXXXXX
|
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
|
||||||
SSLCertificateKeyFile XXXXXXXXXX
|
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
|
||||||
SSLCACertificateFile XXXXXXXXXX
|
|
||||||
|
|
||||||
# Tell tusd that the HTTPS protocol is used, in order to
|
# Tell tusd that the HTTPS protocol is used, in order to
|
||||||
# allow constructing correct upload URLs.
|
# allow constructing correct upload URLs.
|
||||||
|
@ -18,3 +20,16 @@
|
||||||
ProxyPass /files http://localhost:1080/files
|
ProxyPass /files http://localhost:1080/files
|
||||||
ProxyPassReverse /files http://localhost:1080/files
|
ProxyPassReverse /files http://localhost:1080/files
|
||||||
</VirtualHost>
|
</VirtualHost>
|
||||||
|
|
||||||
|
# This SSL configuration has been taken from Mozilla SSL Generator:
|
||||||
|
# https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=nginx-1.10.1&openssl=1.0.1e&hsts=no&profile=intermediate
|
||||||
|
SSLProtocol all -SSLv3
|
||||||
|
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-$
|
||||||
|
SSLHonorCipherOrder on
|
||||||
|
SSLCompression off
|
||||||
|
|
||||||
|
# OCSP Stapling, only in httpd 2.3.3 and later
|
||||||
|
SSLUseStapling on
|
||||||
|
SSLStaplingResponderTimeout 5
|
||||||
|
SSLStaplingReturnResponderErrors off
|
||||||
|
SSLStaplingCache shmcb:/var/run/ocsp(128000)
|
||||||
|
|
Loading…
Reference in New Issue