diff options
Diffstat (limited to '2.4/conf/sites-available')
-rw-r--r-- | 2.4/conf/sites-available/default-ssl.conf | 18 | ||||
-rw-r--r-- | 2.4/conf/sites-available/default.conf | 11 |
2 files changed, 29 insertions, 0 deletions
diff --git a/2.4/conf/sites-available/default-ssl.conf b/2.4/conf/sites-available/default-ssl.conf new file mode 100644 index 0000000..ef90866 --- /dev/null +++ b/2.4/conf/sites-available/default-ssl.conf @@ -0,0 +1,18 @@ +Listen 443 +<VirtualHost *:443> + Protocols h2 http/1.1 + ServerName localhost + DocumentRoot "/var/www/html/" + <Directory "/var/www/html/"> + Require all denied + </Directory> + CustomLog /proc/self/fd/1 combined + ErrorLog /proc/self/fd/2 + SSLEngine on + SSLCertificateFile /cert.pem + SSLCertificateKeyFile /privkey.pem + SSLProtocol all -SSLv3 + SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS + SSLHonorCipherOrder on + SSLSessionTickets off +</VirtualHost> diff --git a/2.4/conf/sites-available/default.conf b/2.4/conf/sites-available/default.conf new file mode 100644 index 0000000..e309338 --- /dev/null +++ b/2.4/conf/sites-available/default.conf @@ -0,0 +1,11 @@ +<VirtualHost *:80> + ServerName localhost + DocumentRoot "/var/www/html/" + <Directory "/var/www/html/"> + Require all denied + </Directory> + CustomLog /proc/self/fd/1 combined + ErrorLog /proc/self/fd/2 + # This lets certain DAV methods work behind an SSL reverse proxy. + RequestHeader edit Destination ^https http early +</VirtualHost> |