Created
October 22, 2019 14:53
-
-
Save rbnor/e800fa05baa05d0991374f75292d74de to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<VirtualHost *:80> | |
ServerAdmin serveradmin@misp.local | |
ServerName myservernameformydomain | |
# In theory not needed, left for debug purposes | |
# LogLevel warn | |
# ErrorLog /var/log/apache2/misp.local_p80_error.log | |
# CustomLog /var/log/apache2/misp.local_p80_access.log combined | |
Header always unset "X-Powered-By" | |
Redirect permanent / https://serverurl | |
LogLevel warn | |
ErrorLog /var/log/apache2/misp.local_error.log | |
CustomLog /var/log/apache2/misp.local_access.log combined | |
ServerSignature Off | |
</VirtualHost> | |
<VirtualHost *:443> | |
ServerAdmin serveradmin@misp.local | |
ServerName servername | |
DocumentRoot /var/www/MISP/app/webroot | |
<Directory /var/www/MISP/app/webroot> | |
Options -Indexes | |
AllowOverride all | |
</Directory> | |
<Location /users/login> | |
AuthType Basic | |
AuthBasicProvider ldap | |
AuthName "LDAP Authentication" | |
AuthUserFile /dev/null | |
AuthLDAPURL "ldap://URL/dc=,dc=?sAMAccountName" | |
AuthLDAPBindDN "CN=USERWITHREADRIGHTS,OU=,OU=,DC=,DC=" | |
AuthLDAPBindPassword "" | |
Require valid-user | |
RewriteEngine On | |
RewriteCond %{REMOTE_USER} ^(.*)$ | |
RewriteRule ^(.*)$ - [E=R_U:%1] | |
RequestHeader set X-Remote-User %{R_U}e | |
SetEnv REMOTE_USER user | |
</Location> | |
SSLEngine On | |
# The line below disable unsecure Ciphers, might be enabled by default | |
# SSLCipherSuite HIGH:!aNULL:!MD5 | |
SSLCertificateFile /etc/ssl/private/misp.local.crt | |
SSLCertificateKeyFile /etc/ssl/private/misp.local.key | |
# SSLCertificateChainFile /etc/ssl/private/misp-chain.crt | |
LogLevel debug | |
ErrorLog /var/log/apache2/misp.local_error.log | |
CustomLog /var/log/apache2/misp.local_access.log combined | |
ServerSignature Off | |
#Header always set Strict-Transport-Security "max-age=31536000; includeSubdomains;" | |
#Header always set X-Content-Type-Options nosniff | |
#Header always set X-Frame-Options SAMEORIGIN |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment