Created
October 17, 2018 13:39
-
-
Save colorfield/a0fb26e65f785ccef9d8d23d33e53014 to your computer and use it in GitHub Desktop.
Virtualmin Apache reverse proxy vhost configuration for a React app, redirected to https by default
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<VirtualHost *:80> | |
SuexecUserGroup "#1000" "#1000" | |
ServerName app.domain.com | |
ServerAlias www.app.domain.be | |
DocumentRoot /home/domain/public_html | |
ErrorLog /var/log/virtualmin/app.domain.com_error_log | |
CustomLog /var/log/virtualmin/app.domain.com_access_log combined | |
DirectoryIndex index.html index.htm | |
# Various rewrite rules. | |
<IfModule mod_rewrite.c> | |
RewriteEngine on | |
# Set "protossl" to "s" if we were accessed via https://. This is used later | |
# if you enable "www." stripping or enforcement, in order to ensure that | |
# you don't bounce between http and https. | |
RewriteRule ^ - [E=protossl] | |
RewriteCond %{HTTPS} on | |
RewriteRule ^ - [E=protossl:s] | |
# Make sure Authorization HTTP header is available to PHP | |
# even when running as CGI or FastCGI. | |
RewriteRule ^ - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] | |
# Rewrite to HTTPS by default | |
RewriteCond %{HTTPS} off | |
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] | |
# Rules to correctly serve gzip compressed CSS and JS files. | |
# Requires both mod_rewrite and mod_headers to be enabled. | |
<IfModule mod_headers.c> | |
# Serve gzip compressed CSS files if they exist and the client accepts gzip. | |
RewriteCond %{HTTP:Accept-encoding} gzip | |
RewriteCond %{REQUEST_FILENAME}\.gz -s | |
RewriteRule ^(.*)\.css $1\.css\.gz [QSA] | |
# Serve gzip compressed JS files if they exist and the client accepts gzip. | |
RewriteCond %{HTTP:Accept-encoding} gzip | |
RewriteCond %{REQUEST_FILENAME}\.gz -s | |
RewriteRule ^(.*)\.js $1\.js\.gz [QSA] | |
# Serve correct content types, and prevent mod_deflate double gzip. | |
RewriteRule \.css\.gz$ - [T=text/css,E=no-gzip:1] | |
RewriteRule \.js\.gz$ - [T=text/javascript,E=no-gzip:1] | |
<FilesMatch "(\.js\.gz|\.css\.gz)$"> | |
# Serve correct encoding type. | |
Header set Content-Encoding gzip | |
# Force proxies to cache gzipped & non-gzipped css/js files separately. | |
Header append Vary Accept-Encoding | |
</FilesMatch> | |
</IfModule> | |
</IfModule> | |
<Proxy *> | |
Order deny,allow | |
Allow from all | |
</Proxy> | |
ProxyPreserveHost On | |
ProxyRequests off | |
ProxyPass / http://localhost:3000/ | |
ProxyPassReverse / localhost:3000/ | |
</VirtualHost> | |
<VirtualHost 123.456.79.10:443> | |
SuexecUserGroup "#1000" "#1000" | |
ServerName app.domain.com | |
ServerAlias www.app.domain.be | |
DocumentRoot /home/domain/public_html | |
ErrorLog /var/log/virtualmin/app.domain.com_error_log | |
CustomLog /var/log/virtualmin/app.domain.com_access_log combined | |
DirectoryIndex index.html index.htm | |
ProxyPreserveHost On | |
ProxyRequests off | |
ProxyPass / http://localhost:3000/ | |
ProxyPassReverse / localhost:3000/ | |
SSLEngine on | |
SSLCertificateFile /home/domain/ssl.cert | |
SSLCertificateKeyFile /home/domain/ssl.key | |
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1 | |
</VirtualHost> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment