<VirtualHost *:80>
ServerName examplesite.com
ServerAlias www.examplesite.com
DocumentRoot /home/myuser1/www
<Directory /home/myuser1/www>
Options FollowSymLinks MultiViews
AllowOverride All
require all granted
php_value upload_max_filesize 10M
php_value post_max_size 10M
php_value session.cookie_httponly 1
php_value session.use_strict_mode 1
# php_value memory_limit 128M
# php_value max_execution_time 30
# php_value max_input_time 60
</Directory>
AssignUserID myuser1 myuser1
ErrorLog ${APACHE_LOG_DIR}/examplesite.com-error.log
CustomLog ${APACHE_LOG_DIR}/examplesite.com-access.log combined
</VirtualHost>
<VirtualHost *:80>
ServerName examplesite.com
ServerAlias www.examplesite.com
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule ^ - [E=protossl]
RewriteCond %{HTTPS} on
RewriteRule ^ - [E=protossl:s]
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>
</VirtualHost>
# Specify the SSL cache directory. If possible, use shmcb, otherwise use the provided path.
SSLStaplingCache shmcb:/var/run/ocsp(128000)
<VirtualHost *:443>
ServerName examplesite.com
ServerAlias www.examplesite.com
DocumentRoot /home/myuser1/www
<Directory /home/myuser1/www>
Options FollowSymLinks MultiViews
AllowOverride All
require all granted
php_value upload_max_filesize 10M
php_value post_max_size 10M
php_value session.cookie_httponly 1
php_value session.use_strict_mode 1
# php_value memory_limit 128M
# php_value max_execution_time 30
# php_value max_input_time 60
</Directory>
AssignUserID myuser1 myuser1
ErrorLog ${APACHE_LOG_DIR}/examplesite.com-error.log
CustomLog ${APACHE_LOG_DIR}/examplesite.com-access.log combined
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
SSLHonorCipherOrder on
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
# Turn on OCSP stapling
SSLUseStapling on
SSLStaplingResponderTimeout 5
SSLStaplingReturnResponderErrors off
</VirtualHost>
<VirtualHost *:80>
ServerName examplesite.com
ServerAlias www.examplesite.com
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteRule ^ - [E=protossl]
RewriteCond %{HTTPS} on
RewriteRule ^ - [E=protossl:s]
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</IfModule>
</VirtualHost>
# Specify the SSL cache directory. If possible, use shmcb, otherwise use the provided path.
SSLStaplingCache shmcb:/var/run/ocsp(128000)
<VirtualHost *:443>
ServerName examplesite.com
ServerAlias www.examplesite.com
DocumentRoot /home/myuser1/www
<Directory /home/myuser1/www>
Options FollowSymLinks MultiViews
AllowOverride All
require all granted
# upload_max_filesize and post_max_size must have the same value.
php_value upload_max_filesize 10M
php_value post_max_size 10M
# Enhance session security.
php_value session.cookie_httponly 1
php_value session.use_strict_mode 1
# php_value memory_limit 128M
# php_value max_execution_time 30
# php_value max_input_time 60
</Directory>
AssignUserID myuser1 myuser1
ErrorLog ${APACHE_LOG_DIR}/examplesite.com-error.log
CustomLog ${APACHE_LOG_DIR}/examplesite.com-access.log combined
Header always set Strict-Transport-Security "max-age=31536000"
SSLEngine on
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA
SSLHonorCipherOrder on
SSLCertificateFile "/etc/letsencrypt/live/examplesite.com/cert.pem"
SSLCertificateKeyFile "/etc/letsencrypt/live/examplesite.com/privkey.pem"
SSLCertificateChainFile "/etc/letsencrypt/live/examplesite.com/chain.pem"
# Turn on OCSP stapling
SSLUseStapling on
SSLStaplingResponderTimeout 5
SSLStaplingReturnResponderErrors off
</VirtualHost>