Skip to content

Instantly share code, notes, and snippets.

@rbnor
Created October 22, 2019 14:53
Show Gist options
  • Save rbnor/e800fa05baa05d0991374f75292d74de to your computer and use it in GitHub Desktop.
Save rbnor/e800fa05baa05d0991374f75292d74de to your computer and use it in GitHub Desktop.
<VirtualHost *:80>
ServerAdmin serveradmin@misp.local
ServerName myservernameformydomain
# In theory not needed, left for debug purposes
# LogLevel warn
# ErrorLog /var/log/apache2/misp.local_p80_error.log
# CustomLog /var/log/apache2/misp.local_p80_access.log combined
Header always unset "X-Powered-By"
Redirect permanent / https://serverurl
LogLevel warn
ErrorLog /var/log/apache2/misp.local_error.log
CustomLog /var/log/apache2/misp.local_access.log combined
ServerSignature Off
</VirtualHost>
<VirtualHost *:443>
ServerAdmin serveradmin@misp.local
ServerName servername
DocumentRoot /var/www/MISP/app/webroot
<Directory /var/www/MISP/app/webroot>
Options -Indexes
AllowOverride all
</Directory>
<Location /users/login>
AuthType Basic
AuthBasicProvider ldap
AuthName "LDAP Authentication"
AuthUserFile /dev/null
AuthLDAPURL "ldap://URL/dc=,dc=?sAMAccountName"
AuthLDAPBindDN "CN=USERWITHREADRIGHTS,OU=,OU=,DC=,DC="
AuthLDAPBindPassword ""
Require valid-user
RewriteEngine On
RewriteCond %{REMOTE_USER} ^(.*)$
RewriteRule ^(.*)$ - [E=R_U:%1]
RequestHeader set X-Remote-User %{R_U}e
SetEnv REMOTE_USER user
</Location>
SSLEngine On
# The line below disable unsecure Ciphers, might be enabled by default
# SSLCipherSuite HIGH:!aNULL:!MD5
SSLCertificateFile /etc/ssl/private/misp.local.crt
SSLCertificateKeyFile /etc/ssl/private/misp.local.key
# SSLCertificateChainFile /etc/ssl/private/misp-chain.crt
LogLevel debug
ErrorLog /var/log/apache2/misp.local_error.log
CustomLog /var/log/apache2/misp.local_access.log combined
ServerSignature Off
#Header always set Strict-Transport-Security "max-age=31536000; includeSubdomains;"
#Header always set X-Content-Type-Options nosniff
#Header always set X-Frame-Options SAMEORIGIN
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment