...
Code Block | ||
---|---|---|
| ||
<VirtualHost *:443> ServerName <server name> ServerAdmin <admin e-mail address> DocumentRoot /vol/webmanager/webmanager-webapps/webmanager-static-webapp/target/webmanager-static-webapp-10.x.x ErrorLog /vol/httpd/logs/errors-frontend-ssl CustomLog /vol/httpd/logs/access-frontend-ssl combined ################# # SSL SSLEngine On SSLProxyEngine On SSLProtocol +TLSv1 ## See https://mozilla.github.io/server-side-tls/ssl-config-generator ## for information on other rules you should add here for the version ## of Apache you are using. SSLCipherSuite HIGH:MEDIUM SSLCertificateFile /vol/httpd/ssl/<certificate>.crt SSLCertificateKeyFile /vol/httpd/ssl/<certificate>.key SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0 ### CustomLog /vol/www/server/logs/ssl/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" # Test: Recognize this VirtualHost Alias /systemlogs2 /vol/webmanager/apache-tomcat-8.5.31/logs <Location /systemlogs2> <IfModule mod_deflate.c> SetOutputFilter DEFLATE </IfModule> AuthUserFile /vol/httpd/htpasswd AuthName "" AuthType Basic Options +Indexes IndexOptions FancyIndexing Order Deny,Allow Allow from all Allow from localhost Allow from <IP address> </Location> <Directory /vol/webmanager/webmanager-webapps/webmanager-static-webapp/target/webmanager-static-webapp-10.x.x> Options +FollowSymLinks +includesnoexec AllowOverride All Require all granted </Directory> ProxyPass /web/ajp://localhost:19200/web/ ttl=600 ProxyPassReverse /web/ajp://localhost:19200/web/ <IfModule mod_rewrite.c> RewriteEngine On RewriteLogLevel 0 # Give not found on /web/admin/* on frontend url. RewriteCond %{REQUEST_URI}^/web/admin RewriteRule ^/web/admin - [R=404] RewriteRule ^/(.*)\.htm$ /web/$1.htm [PT,L] //xperiencentral versions r35 and lower RewriteRule ^/(.*)\.htm$ /web/seo/$1.htm [PT,L] //xperiencentral versions r36 and higher </IfModule> </VirtualHost> |
The .htaccess File
The .htaccess file is needed to also set a CSP policy on static assets that are typically served from disk by Apache httpd. Configure the .htaccess file (if your deployment requires it). See https://httpd.apache.org/docs/2.4/howto/htaccess.html for complete information.
...