Skip to content

Instantly share code, notes, and snippets.

Created Jun 8, 2021
What would you like to do?
Apache 命令和配置

Apache 安装及使用

反向代理 https

<VirtualHost *:80>
    Redirect /

<VirtualHost *:443>
    DocumentRoot /var/www/html

    ProxyPass "/"  ""
    ProxyPassReverse "/"  ""

    SSLEngine on

    SSLCertificateFile /etc/httpd/ssl/certificate.crt
    SSLCertificateKeyFile /etc/httpd/ssl/secret-key.key
    SSLCACertificateFile /etc/httpd/ssl/ca.crt

    SSLProtocol -ALL +TLSv1.2
    SSLHonorCipherOrder on
    SSLCompression off

    ProxyPreserveHost On
    RequestHeader set X-Forwarded-Proto: "https"

    # If the proxy listens on other port than 443
    # RequestHeader set X-Forwarded-Port: <your-custom-port>

    Header always set Strict-Transport-Security "max-age=63072000;"
    Header set X-Content-Type-Options "nosniff"
    Header always append X-Frame-Options "SAMEORIGIN"
    Header set Cache-Control "no-cache, no-store, no-transform"
    Header set Pragma "no-cache"
    Header set X-XSS-Protection "1;  mode=block"
    Header set Referrer-Policy: "strict-origin-when-cross-origin"
    Header set Content-Security-Policy: "default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval';"
    Header set Feature-Policy: "fullscreen 'self'"
    Header set x-permitted-cross-domain-policies "none"

    FileETag None

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment