blob: 4b05169906a08ec55296ffe11634e2fcfdbe508e (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
|
<VirtualHost *:80>
ServerName <%= domain %>
ServerAlias www.<%= domain %>
RewriteEngine On
RewriteRule ^.*$ https://<%= domain -%>%{REQUEST_URI} [R=permanent,L]
</VirtualHost>
<VirtualHost *:443>
ServerName <%= domain %>
ServerAlias www.<%= domain %>
SSLEngine on
SSLProtocol -all +SSLv3 +TLSv1
SSLCipherSuite HIGH:MEDIUM:!aNULL:!SSLv2:!MD5:@STRENGTH
SSLHonorCipherOrder on
SSLCACertificatePath /etc/ssl/certs
SSLCertificateChainFile /etc/ssl/certs/leap_webapp.pem
SSLCertificateKeyFile /etc/x509/keys/leap_webapp.key
SSLCertificateFile /etc/x509/certs/leap_webapp.crt
RequestHeader set X_FORWARDED_PROTO 'https'
DocumentRoot /srv/leap/webapp/public
RewriteEngine On
# Check for maintenance file and redirect all requests
RewriteCond %{DOCUMENT_ROOT}/system/maintenance.html -f
RewriteCond %{SCRIPT_FILENAME} !maintenance.html
RewriteCond %{REQUEST_URI} !/images/maintenance.jpg
RewriteRule ^.*$ %{DOCUMENT_ROOT}/system/maintenance.html [L]
# http://www.modrails.com/documentation/Users%20guide%20Apache.html#_passengerallowencodedslashes_lt_on_off_gt
AllowEncodedSlashes on
PassengerAllowEncodedSlashes on
PassengerFriendlyErrorPages off
SetEnv TMPDIR /var/tmp
<% if (defined? @services) and (@services.include? 'monitor') -%>
<DirectoryMatch (/usr/share/nagios3/htdocs|/usr/lib/cgi-bin/nagios3|/etc/nagios3/stylesheets)>
PassengerEnabled off
AllowOverride all
</DirectoryMatch>
<% end -%>
</VirtualHost>
|