Skip to content

Instantly share code, notes, and snippets.

@samsulmaarif
Created January 12, 2021 14:37
Show Gist options
  • Save samsulmaarif/afaf57af9e677aa1dceac5079793658a to your computer and use it in GitHub Desktop.
Save samsulmaarif/afaf57af9e677aa1dceac5079793658a to your computer and use it in GitHub Desktop.
<VirtualHost *:80>
DocumentRoot "/var/www/wordpress"
ServerName kampus.ac.id
ServerAlias www.kampus.ac.id
DirectoryIndex index.php index.html
Redirect / https://kampus.ac.id
<Directory "/var/www/wordpress">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
<FilesMatch "\.php$">
SetHandler "proxy:fcgi://127.0.0.1:9000/"
</FilesMatch>
ErrorLog "${APACHE_LOG_DIR}/kampus.ac.id-error.log"
CustomLog "${APACHE_LOG_DIR}/kampus.ac.id-access.log" vhost_combined
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin samsul@dot-indonesia.com
DocumentRoot "/var/www/wordpress"
ServerName kampus.ac.id
ServerAlias www.kampus.ac.id
DirectoryIndex index.php index.html
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory "/var/www/wordpress">
Options -Indexes +FollowSymlinks +MultiViews
AllowOverride All
</Directory>
<FilesMatch "\.php$">
SetHandler "proxy:fcgi://127.0.0.1:9000/"
</FilesMatch>
LogLevel info ssl:warn
Include /etc/apache2/ssl-kampus.conf
ErrorLog ${APACHE_LOG_DIR}/kampus.ac.id-error.log
CustomLog ${APACHE_LOG_DIR}/kampus.ac.id-access.log vhost_combined
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
</VirtualHost>
</IfModule>
<VirtualHost *:80>
DocumentRoot "/var/www/ci"
ServerName ptma.kampus.ac.id
ServerAlias www.ptma.kampus.ac.id
DirectoryIndex index.php index.html
Redirect / https://ptma.kampus.ac.id
<Directory "/var/www/ci">
Options Indexes FollowSymLinks
AllowOverride All
Require all granted
</Directory>
<FilesMatch "\.php$">
SetHandler "proxy:fcgi://127.0.0.1:9000/"
</FilesMatch>
ErrorLog "${APACHE_LOG_DIR}/ptma.kampus.ac.id-error.log"
CustomLog "${APACHE_LOG_DIR}/ptma.kampus.ac.id-access.log" vhost_combined
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin samsul@dot-indonesia.com
DocumentRoot "/var/www/ci"
ServerName ptma.kampus.ac.id
ServerAlias www.ptma.kampus.ac.id
DirectoryIndex index.php index.html
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory "/var/www/ci">
Options -Indexes +FollowSymlinks +MultiViews
AllowOverride All
</Directory>
<FilesMatch "\.php$">
SetHandler "proxy:fcgi://127.0.0.1:9000/"
</FilesMatch>
LogLevel info ssl:warn
Include /etc/apache2/ssl-kampus.conf
ErrorLog ${APACHE_LOG_DIR}/ptma.kampus.ac.id-error.log
CustomLog ${APACHE_LOG_DIR}/ptma.kampus.ac.id-access.log vhost_combined
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
</VirtualHost>
</IfModule>
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/ptma.kampus.ac.id/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/ptma.kampus.ac.id/privkey.pem
SSLProtocol TLSv1.2
SSLCompression off
SSLProtocol All -SSLv2 -SSLv3
SSLHonorCipherOrder on
SSLCipherSUite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH EDH+aRSA !CAMELLIA !SEED !3DES !RC4 !aNULL !eNULL !LOW !MD5 !EXP !PSK !SRP !DSS"
#SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4
SSLOpenSSLConfCmd Curves secp384r1
SSLOpenSSLConfCmd DHParameters "/etc/ssl/certs/dhparam.pem"
#SSLUseStapling on
#SSLStaplingResponderTimeout 5
#SSLStaplingReturnResponderErrors off
#SSLStaplingCache shmcb:/var/run/ocsp(128000)
#SSLCertificateChainFile /etc/apache2/ssl.crt/server-ca.crt
#SSLCACertificatePath /etc/ssl/certs/
#SSLCACertificateFile /etc/apache2/ssl.crt/ca-bundle.crt
#SSLVerifyClient require
#SSLVerifyDepth 10
SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment