ServerAdmin moi@mondomaine.org ServerName mm.mondomaine.org # Headers for security Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains; preload" Header set X-XSS-Protection "1; mode=block" Header set X-Frame-Options "sameorigin" Header set X-Content-Type-Options "nosniff" # SSL config SSLEngine on SSLProxyEngine On # ajout suite a default ssl handshake et suite à AH01097: pass request body failed SSLProxyVerify none SSLProxyCheckPeerCN off SSLProxyCheckPeerName off SSLProxyCheckPeerExpire off # SSL certificates SSLCertificateFile /etc/letsencrypt/live/mm.mondomaine.org/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/mm.mondomaine.org/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf # Proxy base parameters ProxyPreserveHost On ProxyRequests Off # Proxy pour cetificat DocumentRoot /var/www/html ProxyPass /.well-known ! # Set web sockets RewriteEngine On RewriteCond %{REQUEST_URI} /api/v[0-9]+/(users/)?websocket [NC,OR] RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC,OR] RewriteCond %{HTTP:CONNECTION} ^Upgrade$ [NC] RewriteRule .* ws://10.0.3.200:8065%{REQUEST_URI} [P,QSA,L] # Proxy to container ProxyPass / http://10.0.3.200:8065/ ProxyPassReverse / http://10.0.3.200:8065/ ProxyPassReverseCookieDomain 10.0.3.200 mm.mondomaine.org # Logs ErrorLog /var/log/apache2/mm.mondomaine.org.error.log LogLevel error CustomLog /var/log/apache2/mm.mondomaine.org.access.log vhost_combined