Главная Обзор Помощь
Вход
iimt
/
MAth-Cloud-3.0.0
1
0
Ответвить 0
Файлы Задачи 1 Запросы на слияние 0 Вики
Ветка: master
Ветки Метки
MAth-Cloud-3...
/
debian
/
Math-Cloud-server
/
etc
/
apache2
/
sites-available
/
ipsocloud.conf

ipsocloud.conf 4.3 KB
Постоянная ссылка История Исходник

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153 
  1. # Redirige HTTP vers HTTPS (port 80)
    2. 

  2. <VirtualHost *:80>
    3. 

  3. 	ServerName monrisquearteriel.com
    4. 

  4. 	ServerAlias www.monrisquearteriel.com api.monrisquearteriel.com cro.monrisquearteriel.com
    5. 

  5. 

  6. 	RewriteEngine On
    7. 

  7. 	RewriteRule ^(.*) https://%{HTTP_HOST}$1 [R=301,L]
    8. 

  8. </VirtualHost>
    9. 

  9. 

  10. # Redirige le domaine.com vers www.domaine.com
    11. 

  11. <VirtualHost _default_:443>
    12. 

  12. 	ServerName monrisquearteriel.com
    13. 

  13. 

  14. 	# Active SSL
    15. 

  15. 	SSLEngine on
    16. 

  16. 	SSLCertificateFile      /etc/letsencrypt/live/monrisquearteriel.com/fullchain.pem
    17. 

  17. 	SSLCertificateKeyFile   /etc/letsencrypt/live/monrisquearteriel.com/privkey.pem
    18. 

  18. 

  19. 	Redirect permanent / https://www.monrisquearteriel.com/
    20. 

  20. </VirtualHost>
    21. 

  21. 

  22. # Site principal
    23. 

  23. <VirtualHost _default_:443>
    24. 

  24. 	ServerAdmin webmaster@localhost
    25. 

  25. 	ServerName www.monrisquearteriel.com
    26. 

  26. 

  27. 	# Active SSL
    28. 

  28. 	SSLEngine on
    29. 

  29. 	SSLCertificateFile      /etc/letsencrypt/live/monrisquearteriel.com/fullchain.pem
    30. 

  30. 	SSLCertificateKeyFile   /etc/letsencrypt/live/monrisquearteriel.com/privkey.pem
    31. 

  31. 

  32. 	# Paramètres de sécurité supplémentaires
    33. 

  33. 	SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
    34. 

  34. 	SSLCipherSuite HIGH:!aNULL:!MD5
    35. 

  35. 	SSLHonorCipherOrder on
    36. 

  36. 

  37. 	DocumentRoot /var/www/www
    38. 

  38. 

  39. 	<FilesMatch "\.(cgi|shtml|phtml|php)$">
    40. 

  40. 		SSLOptions +StdEnvVars
    41. 

  41. 	</FilesMatch>
    42. 

  42. 

  43. 	<Directory /usr/lib/cgi-bin>
    44. 

  44. 		SSLOptions +StdEnvVars
    45. 

  45. 	</Directory>
    46. 

  46.         
    47. 

  47. 	<Directory /var/www/www>
    48. 

  48. 		Options Indexes FollowSymLinks
    49. 

  49. 		AllowOverride All
    50. 

  50. 		Require all granted
    51. 

  51. 	</Directory>
    52. 

  52. 

  53. 	# Headers sécurité
    54. 

  54. 	Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
    55. 

  55. 	Header always set X-Content-Type-Options "nosniff"
    56. 

  56. 	Header always set X-Frame-Options "SAMEORIGIN"
    57. 

  57. 	Header always set Referrer-Policy "strict-origin-when-cross-origin"
    58. 

  58. 	Header always set Permissions-Policy "geolocation=(), microphone=(), camera=()"
    59. 

  59. 

  60. 	ErrorLog ${APACHE_LOG_DIR}/error.log
    61. 

  61. 	CustomLog ${APACHE_LOG_DIR}/access.log combined
    62. 

  62. </VirtualHost>
    63. 

  63. 

  64. # API avec CORS controle
    65. 

  65. <VirtualHost _default_:443>
    66. 

  66. 	ServerAdmin webmaster@localhost
    67. 

  67. 	ServerName api.monrisquearteriel.com
    68. 

  68. 

  69. 	# Active SSL
    70. 

  70. 	SSLEngine on
    71. 

  71. 	SSLCertificateFile      /etc/letsencrypt/live/monrisquearteriel.com/fullchain.pem
    72. 

  72. 	SSLCertificateKeyFile   /etc/letsencrypt/live/monrisquearteriel.com/privkey.pem
    73. 

  73. 

  74. 	# Paramètres de sécurité supplémentaires
    75. 

  75. 	SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
    76. 

  76. 	SSLCipherSuite HIGH:!aNULL:!MD5
    77. 

  77. 	SSLHonorCipherOrder on
    78. 

  78. 	
    79. 

  79. 	DocumentRoot /var/www/api
    80. 

  80. 

  81. 	<FilesMatch "\.(cgi|shtml|phtml|php)$">
    82. 

  82. 		SSLOptions +StdEnvVars
    83. 

  83. 	</FilesMatch>
    84. 

  84. 

  85. 	<Directory /usr/lib/cgi-bin>
    86. 

  86. 		SSLOptions +StdEnvVars
    87. 

  87. 	</Directory>
    88. 

  88. 

  89. 	<Directory /var/www/api/>
    90. 

  90. 		Options Indexes FollowSymLinks
    91. 

  91. 		AllowOverride All
    92. 

  92. 		SSLOptions +StdEnvVars
    93. 

  93. 		Require all granted
    94. 

  94. 		Header set Access-Control-Allow-Origin "*"
    95. 

  95. 	</Directory>
    96. 

  96. 

  97. 	# Sécurité
    98. 

  98. 	Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
    99. 

  99. 	Header always set X-Content-Type-Options "nosniff"
    100. 

  100. 

  101. 	# CORS autorisé uniquement pour www
    102. 

  102. 	#Header set Access-Control-Allow-Origin "https://www.monrisquearteriel.com"
    103. 

  103. 	#Header set Access-Control-Allow-Methods "GET, POST, PUT, DELETE, OPTIONS"
    104. 

  104. 	#Header set Access-Control-Allow-Headers "Content-Type, Authorization"
    105. 

  105. 	#Header set Access-Control-Allow-Credentials "true"
    106. 

  106. 

  107. 	#RewriteEngine On
    108. 

  108. 	#RewriteCond %{REQUEST_METHOD} OPTIONS
    109. 

  109. 	#RewriteRule ^(.*)$ $1 [R=200,L]
    110. 

  110. 

  111. 	ErrorLog ${APACHE_LOG_DIR}/error.log
    112. 

  112. 	CustomLog ${APACHE_LOG_DIR}/access.log combined
    113. 

  113. </VirtualHost>
    114. 

  114. 

  115. # Site cro
    116. 

  116. <VirtualHost _default_:443>
    117. 

  117. 	ServerAdmin webmaster@localhost
    118. 

  118. 	ServerName cro.monrisquearteriel.com
    119. 

  119. 

  120. 	# Active SSL
    121. 

  121. 	SSLEngine on
    122. 

  122. 	SSLCertificateFile      /etc/letsencrypt/live/monrisquearteriel.com/fullchain.pem
    123. 

  123. 	SSLCertificateKeyFile   /etc/letsencrypt/live/monrisquearteriel.com/privkey.pem
    124. 

  124. 

  125. 	# Paramètres de sécurité supplémentaires
    126. 

  126. 	SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
    127. 

  127. 	SSLCipherSuite HIGH:!aNULL:!MD5
    128. 

  128. 	SSLHonorCipherOrder on
    129. 

  129. 	
    130. 

  130. 	DocumentRoot /var/www/cro
    131. 

  131. 

  132. 	<FilesMatch "\.(cgi|shtml|phtml|php)$">
    133. 

  133. 		SSLOptions +StdEnvVars
    134. 

  134. 	</FilesMatch>
    135. 

  135. 

  136. 	<Directory /usr/lib/cgi-bin>
    137. 

  137. 		SSLOptions +StdEnvVars
    138. 

  138. 	</Directory>
    139. 

  139. 

  140. 	<Directory /var/www/cro>
    141. 

  141. 		Options Indexes FollowSymLinks
    142. 

  142. 		AllowOverride All
    143. 

  143. 		SSLOptions +StdEnvVars
    144. 

  144. 		Require all granted
    145. 

  145. 	</Directory>
    146. 

  146. 

  147. 	Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload"
    148. 

  148. 	Header always set X-Content-Type-Options "nosniff"
    149. 

  149. 

  150. 	ErrorLog ${APACHE_LOG_DIR}/error.log
    151. 

  151. 	CustomLog ${APACHE_LOG_DIR}/access.log combined
    152. 

  152. </VirtualHost>
    153. 

  153.