summaryrefslogtreecommitdiffstats
path: root/2.4/conf/sites-available
diff options
context:
space:
mode:
Diffstat (limited to '2.4/conf/sites-available')
-rw-r--r--2.4/conf/sites-available/default-ssl.conf18
-rw-r--r--2.4/conf/sites-available/default.conf11
2 files changed, 29 insertions, 0 deletions
diff --git a/2.4/conf/sites-available/default-ssl.conf b/2.4/conf/sites-available/default-ssl.conf
new file mode 100644
index 0000000..ef90866
--- /dev/null
+++ b/2.4/conf/sites-available/default-ssl.conf
@@ -0,0 +1,18 @@
+Listen 443
+<VirtualHost *:443>
+ Protocols h2 http/1.1
+ ServerName localhost
+ DocumentRoot "/var/www/html/"
+ <Directory "/var/www/html/">
+ Require all denied
+ </Directory>
+ CustomLog /proc/self/fd/1 combined
+ ErrorLog /proc/self/fd/2
+ SSLEngine on
+ SSLCertificateFile /cert.pem
+ SSLCertificateKeyFile /privkey.pem
+ SSLProtocol all -SSLv3
+ SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
+ SSLHonorCipherOrder on
+ SSLSessionTickets off
+</VirtualHost>
diff --git a/2.4/conf/sites-available/default.conf b/2.4/conf/sites-available/default.conf
new file mode 100644
index 0000000..e309338
--- /dev/null
+++ b/2.4/conf/sites-available/default.conf
@@ -0,0 +1,11 @@
+<VirtualHost *:80>
+ ServerName localhost
+ DocumentRoot "/var/www/html/"
+ <Directory "/var/www/html/">
+ Require all denied
+ </Directory>
+ CustomLog /proc/self/fd/1 combined
+ ErrorLog /proc/self/fd/2
+ # This lets certain DAV methods work behind an SSL reverse proxy.
+ RequestHeader edit Destination ^https http early
+</VirtualHost>