Last active
April 19, 2016 15:50
-
-
Save watakirin/05731c25cb31d3736f92 to your computer and use it in GitHub Desktop.
Apache 2.4.16 Settings(2)
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Listen 443 https | |
SSLPassPhraseDialog exec:/path/to/pass-phrase.sh | |
SSLSessionCache "shmcb:/var/run/ssl_scache(512000)" | |
SSLSessionCacheTimeout 300 | |
SSLRandomSeed startup file:/dev/urandom 256 | |
SSLRandomSeed connect builtin | |
SSLCryptoDevice builtin | |
#blog.heartprotocol.comへのhttpアクセスはhttpsへリダイレクト | |
<VirtualHost *:80> | |
ServerAdmin webmaster@dummy-host.example.com | |
DocumentRoot "/path/to/blog.heartprotocol.com" | |
ServerName blog.heartprotocol.com | |
ErrorLog "|/path/to/cronolog /path/to/%Y/error-log.%m%d" | |
CustomLog "|/path/to/cronolog /path/to/blog/%Y/access-log.%m%d" common | |
<IfModule mod_rewrite.c> | |
RewriteEngine On | |
RewriteCond %{HTTPS} off | |
RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [R=301,L] | |
</IfModule> | |
</VirtualHost> | |
#blog.heartprotocol.com | |
<VirtualHost *:443> | |
ServerAdmin webmaster@dummy-host.example.com | |
DocumentRoot "/path/to/blog.heartprotocol.com" | |
ServerName blog.heartprotocol.com | |
ErrorLog "|/path/to/cronolog /path/to/%Y/error-log.%m%d" | |
CustomLog "|/path/to/cronolog /path/to/%Y/access-log.%m%d" common | |
SSLEngine on | |
SSLCertificateFile /path/to/server.crt | |
SSLCertificateKeyFile /path/to/server.key | |
SSLCACertificateFile /path/to/cac.crt | |
SSLProtocol all -SSLv2 -SSLv3 | |
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:ECDHE-RSA-DES-CBC3-SHA:ECDHE-ECDSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA | |
SSLHonorCipherOrder on | |
Header always set Strict-Transport-Security "max-age=15768000" | |
<Directory "/path/to/blog.heartprotocol.com"> | |
SSLOptions +StdEnvVars | |
Options FollowSymLinks | |
AllowOverride None | |
AddType application/x-httpd-php .php | |
DirectoryIndex index.php index.html | |
Require all granted | |
# Wordpress Rewrite Settings | |
<IfModule mod_rewrite.c> | |
RewriteEngine On | |
RewriteBase / | |
RewriteRule ^index\.php$ - [L] | |
RewriteCond %{REQUEST_FILENAME} !-f | |
RewriteCond %{REQUEST_FILENAME} !-d | |
RewriteRule . /index.php [L] | |
</IfModule> | |
<Files wp-login.php> | |
Require host example.hostname.com 192.168.0.2 | |
</Files> | |
</Directory> | |
<Location /wp-admin> | |
Require host example.hostname.com 192.168.0.2 | |
</Location> | |
<Location /xmlrpc.php> | |
Require host example.hostname.com 192.168.0.2 | |
</Location> | |
#DeflateFilterNote Input instream | |
#DeflateFilterNote Output outstream | |
#DeflateFilterNote Ratio ratio | |
#LogFormat '"%r" %{outstream}n/%{instream}n (%{ratio}n%%)' deflate | |
#CustomLog /var/log/deflate_log deflate | |
ExpiresActive On | |
ExpiresByType text/css "access plus 14 days" | |
ExpiresByType text/javascript "access plus 1 month" | |
ExpiresByType application/javascript "access plus 1 month" | |
ExpiresByType application/x-javascript "access plus 1 month" | |
ExpiresByType application/x-font-ttf "access plus 30 days" | |
ExpiresByType application/x-font-opentype "access plus 30 days" | |
ExpiresByType application/x-font-woff "access plus 30 days" | |
ExpiresByType image/svg+xml "access plus 24 days" | |
ExpiresByType image/jpeg "access plus 24 days" | |
ExpiresByType image/png "access plus 24 days" | |
ExpiresByType image/gif "access plus 24 days" | |
ExpiresByType image/x-icon "access plus 24 days" | |
</VirtualHost> | |
#heartprotocol.com | |
<VirtualHost *:80> | |
ServerAdmin webmaster@dummy-host.example.com | |
DocumentRoot "/path/to/heartprotocol.com" | |
ServerName heartprotocol.com | |
ErrorLog "/path/to/heartprotocol.com" | |
CustomLog "/path/to/heartprotocol-access_log" common | |
<Directory "/path/to/heartprotocol.com"> | |
Options FollowSymLinks | |
AllowOverride All | |
DirectoryIndex index.php index.html | |
Require all granted | |
</Directory> | |
</VirtualHost> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment