ServerName <%= api_domain %>
RewriteEngine On
RewriteRule ^.*$ https://<%= api_domain -%>:<%= api_port -%>%{REQUEST_URI} [R=permanent,L]
Listen 0.0.0.0:<%= api_port %>
>
ServerName <%= api_domain %>
SSLEngine on
SSLProtocol -all +SSLv3 +TLSv1
SSLCipherSuite HIGH:MEDIUM:!aNULL:!SSLv2:!MD5:@STRENGTH
SSLHonorCipherOrder on
SSLCACertificatePath /etc/ssl/certs
SSLCertificateChainFile /etc/ssl/certs/leap_api.pem
SSLCertificateKeyFile /etc/x509/keys/leap_api.key
SSLCertificateFile /etc/x509/certs/leap_api.crt
RequestHeader set X_FORWARDED_PROTO 'https'
<% if @webapp['secure'] -%>
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
<% end -%>
Header always unset X-Powered-By
Header always unset X-Runtime
DocumentRoot /srv/leap/webapp/public
# Check for maintenance file and redirect all requests
RewriteEngine On
RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f
RewriteCond %{SCRIPT_FILENAME} !maintenance.html
RewriteCond %{REQUEST_URI} !/images/maintenance.jpg
RewriteRule ^.*$ %{DOCUMENT_ROOT}/system/maintenance.html [L]
# http://www.modrails.com/documentation/Users%20guide%20Apache.html#_passengerallowencodedslashes_lt_on_off_gt
AllowEncodedSlashes on
PassengerAllowEncodedSlashes on
PassengerFriendlyErrorPages off
SetEnv TMPDIR /var/tmp