virtuellen Host konfigurieren
Beispiel fuer einen NamedVirtualHost (HTTP + HTTPS):
NameVirtualHost *:80
NameVirtualHost *:443
<VirtualHost _default_:80>
ServerAdmin webmaster@example.com
ServerName www.example.com
ServerAlias example.com
DocumentRoot /var/www/html/example.com
ScriptAlias /cgi-bin/ /var/www/html/example.com/cgi-bin/
ErrorLog logs/example.com-error_log
CustomLog logs/example.com-access_log combined
RewriteEngine On
# Umleitung auf komplette URL www.example.com
RewriteCond %{HTTP_HOST} !^www\.example\.com [NC]
RewriteCond %{HTTP_HOST} !^$
RewriteRule ^/(.*) http://www.example.com/$1 [L,R]
# TRACK und TRACE deaktivieren - http://www.heise.de/security/news/meldung/43354
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F,L]
</VirtualHost>
<VirtualHost _default_:443>
ServerAdmin webmaster@example.com
ServerName www.example.com
ServerAlias example.com
DocumentRoot /var/www/html/example.com
ScriptAlias /cgi-bin/ /var/www/html/example.com/cgi-bin/
ErrorLog logs/example.com-error_log
TransferLog logs/example.com-access_log
CustomLog logs/example.com-ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
LogLevel warn
SSLEngine on
#SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP
SSLCipherSuite SSLv3
SSLCertificateFile /etc/pki/tls/certs/www.example.com.crt
SSLCertificateKeyFile /etc/pki/tls/private/www.example.com.key
SSLCACertificateFile /etc/pki/tls/certs/cacert.pem
<Files ~ "\.(cgi|shtml|phtml|php3?)$">
SSLOptions +StdEnvVars
</Files>
<Directory "/var/www/html/example.com/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
RewriteEngine On
RewriteCond %{HTTP_HOST} !^www\.example\.com [NC]
RewriteCond %{HTTP_HOST} !^$
RewriteRule ^/(.*) https://www.example.com/$1 [L,R]
RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
RewriteRule .* - [F,L]
</VirtualHost>
No Comments