Files from my blog
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

006-gitea.warbel.net.conf 1.9KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657
  1. <VirtualHost gitea.warbel.net:80>
  2. ServerName gitea.warbel.net
  3. ServerAdmin webmaster@warbel.net
  4. ServerAlias gitea.warbel.net
  5. ErrorLog ${APACHE_LOG_DIR}/error.log
  6. CustomLog ${APACHE_LOG_DIR}/access.log combined
  7. RewriteEngine on
  8. RewriteCond %{SERVER_NAME} =gitea.warbel.net
  9. RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
  10. # HSTS (mod_headers is required) (15768000 seconds = 6 months)
  11. Header always set Strict-Transport-Security "max-age=15768000"
  12. Header always set Referrer-Policy "no-referrer"
  13. </VirtualHost>
  14. <IfModule mod_ssl.c>
  15. <VirtualHost gitea.warbel.net:443>
  16. ServerAdmin webmaster@warbel.net
  17. ErrorLog ${APACHE_LOG_DIR}/error.log
  18. CustomLog ${APACHE_LOG_DIR}/access.log combined
  19. SSLCertificateFile /etc/letsencrypt/live/warbel.net/fullchain.pem
  20. SSLCertificateKeyFile /etc/letsencrypt/live/warbel.net/privkey.pem
  21. Include /etc/letsencrypt/options-ssl-apache.conf
  22. ServerName gitea.warbel.net
  23. # HSTS (mod_headers is required) (15768000 seconds = 6 months)
  24. Header always set Strict-Transport-Security "max-age=15768000; includeSubdomains;"
  25. #Header always set Referrer-Policy "no-referrer"
  26. Header set Referrer-Policy "no-referrer"
  27. #Protect against clickjacking
  28. #https://scotthelme.co.uk/hardening-your-http-response-headers/
  29. Header always set X-Frame-Options "SAMEORIGIN"
  30. # X-Xss-Protection:
  31. Header always set X-Xss-Protection "1; mode=block"
  32. #Protect against X-Content-type attacks
  33. Header always set X-Content-Type-Options "nosniff"
  34. Header always set Server "Web Server ;)"
  35. <Proxy gitea.warbel.net>
  36. Order allow,deny
  37. Allow from all
  38. </Proxy>
  39. ProxyPreserveHost on
  40. ProxyPass / http://10.60.204.168:3000/
  41. ProxyPassReverse / http://10.60.204.168:3000/
  42. </VirtualHost>
  43. </IfModule>