This commit is contained in:
18
conf/sites-available/default-ssl.conf
Normal file
18
conf/sites-available/default-ssl.conf
Normal file
@ -0,0 +1,18 @@
|
||||
Listen 443
|
||||
<VirtualHost *:443>
|
||||
Protocols h2 http/1.1
|
||||
ServerName localhost
|
||||
DocumentRoot "/var/www/html/"
|
||||
<Directory "/var/www/html/">
|
||||
Require all denied
|
||||
</Directory>
|
||||
CustomLog /proc/self/fd/1 combined
|
||||
ErrorLog /proc/self/fd/2
|
||||
SSLEngine on
|
||||
SSLCertificateFile /cert.pem
|
||||
SSLCertificateKeyFile /privkey.pem
|
||||
SSLProtocol all -SSLv3
|
||||
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
|
||||
SSLHonorCipherOrder on
|
||||
SSLSessionTickets off
|
||||
</VirtualHost>
|
||||
11
conf/sites-available/default.conf
Normal file
11
conf/sites-available/default.conf
Normal file
@ -0,0 +1,11 @@
|
||||
<VirtualHost *:80>
|
||||
ServerName localhost
|
||||
DocumentRoot "/var/www/html/"
|
||||
<Directory "/var/www/html/">
|
||||
Require all denied
|
||||
</Directory>
|
||||
CustomLog /proc/self/fd/1 combined
|
||||
ErrorLog /proc/self/fd/2
|
||||
# This lets certain DAV methods work behind an SSL reverse proxy.
|
||||
RequestHeader edit Destination ^https http early
|
||||
</VirtualHost>
|
||||
Reference in New Issue
Block a user