summaryrefslogtreecommitdiff
blob: 75db42af6a1b73ddd2956ac9e4daf99728fe3d54 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
<IfDefine SSL>

# SSL virtual host
#
# SSL virtual hosts are a special form of the IP-based virtual host.
# Every virtual host that you want to run HTTPS for MUST have it's own
# IP address.


# Set the IP address of this SSL server here.
<VirtualHost 1.2.3.4:443>

	# Used for creating URLs back to itself
	# This should also match the name on the SSL certificate
	ServerName example.com
	
	# DocumentRoot is the location where your files will be stored
	#
	# For gentoo, the suggested structure is:
	#
	# /var/www/
	#   domain.com/
	#     htdocs/        Files for the website itself
	#     htdocs-secure/ Files available via HTTPS
	#     cgi-bin/       Site-specific executable scripts (optional)
	#     error/         Custom error pages for the website (optional)
	#     icons/         Custom icons for the website (optional)
	#     
	# You should also set the vhost USE-flag so that you can install webapps
	# easily to multiple virtual hosts
	#
	# Note that if you put the directory anywhere other then under /var/www
	# you may run into problems with suexec and cgi scripts.
	#
	DocumentRoot "/var/www/example.com/htdocs-secure"

	# This should match the DocumentRoot above
	<Directory "/var/www/example.com/htdocs-secure">
		# Some sane defaults - see httpd.conf for details
		Options Indexes FollowSymLinks
		AllowOverride None

		Require all granted
	</Directory>

	# By default cgi-bin points to the global cgi-bin in /var/www/localhost
	# If you want site specific executable scripts, then uncomment this section
	#
	# If you have enabled suexec, you will want to make sure that the cgi-bin 
	# directory is owned by the user and group specified with SuexecUserGroup
	
	#ScriptAlias /cgi-bin/ "/var/www/example.com/cgi-bin/"
	#<Directory "/var/www/example.com/cgi-bin">
	#	AllowOverride None
	#	Options None
	#	Require all granted
	#</Directory>

	# If you have multiple users on this system, each with their own vhost,
	# then it's a good idea to use suexec to seperate them.
	#
	# Set the user and group that scripts in this virtual host will run as.
	<IfDefine SUEXEC>
		SuexecUserGroup billybob users
	</IfDefine>

	# If you want custom error documents uncomment this section
	# See /etc/apache2/modules.d/00_error_documents.conf for the file
	# name to use for the various error types

	#<IfDefine ERRORDOCS>
	#	Alias /error/ "/var/www/example.com/error/"
	#	<Directory "/var/www/example.com/error/">
	#		AllowOverride None
	#		Options IncludesNoExec
	#		AddOutputFilter Includes html
	#		AddHandler type-map var
	#		Require all granted
	#	</Directory>
	#</IfDefine ERRORDOCS>


	
	# If you want to use custom icons for the website autoindexes,
	# then uncomment this section.

	#Alias /icons/ "/var/www/example.com/icons/"
	#<Directory "/var/www/example.com/icons/">
	#	Options Indexes MultiViews
	#	AllowOverride None
	#	Require all granted
	#</Directory>

	# Create a logfile for this vhost
	CustomLog /var/log/apache2/example.com.ssl_log combined
	
	# Turn on SSL
	SSLEngine on

	# You will need a seperate key and certificate for every vhost
	SSLCertificateFile /etc/apache2/ssl/example.com.crt
	SSLCertificateKeyFile /etc/apache2/ssl/example.com.key
</VirtualHost>

# If you want to force SSL for a virtualhost, you can uncomment this section

# You can optionally use the IP address here instead, if you want every
# connection to this IP address to be forced to SSL
#<VirtualHost *:80>
	# Match the ServerName from above
#	ServerName example.com

	# Add any necessary aliases if you are using name-based vhosts
#	ServerAlias www.example.com

#	Redirect permanent / https://example.com/
#</Virtualhost>

# vim: ts=4 filetype=apache