42 lines
1.4 KiB
Text
42 lines
1.4 KiB
Text
# Apache httpd config for vpn-user-portal
|
|
|
|
Define VPN_APP_ROOT /vpn-user-portal
|
|
SetEnv VPN_APP_ROOT ${VPN_APP_ROOT}
|
|
|
|
# fancy URLs for the OAuth/API calls
|
|
Alias ${VPN_APP_ROOT}/oauth/authorize /var/www/vpn-user-portal/web/index.php
|
|
Alias ${VPN_APP_ROOT}/oauth/token /var/www/vpn-user-portal/web/oauth.php
|
|
Alias ${VPN_APP_ROOT}/api /var/www/vpn-user-portal/web/api.php
|
|
|
|
Alias ${VPN_APP_ROOT} /var/www/vpn-user-portal/web
|
|
Alias /.well-known/vpn-user-portal /var/www/vpn-user-portal/web/well-known.php
|
|
|
|
<Directory /var/www/vpn-user-portal/web>
|
|
Require all granted
|
|
#Require local
|
|
|
|
RewriteEngine on
|
|
RewriteBase ${VPN_APP_ROOT}
|
|
RewriteCond %{REQUEST_FILENAME} !-f
|
|
RewriteCond %{REQUEST_FILENAME} !-d
|
|
RewriteRule ^ index.php [L,QSA]
|
|
|
|
<Files index.php>
|
|
# Security Headers
|
|
Header always set Content-Security-Policy "default-src 'self'"
|
|
Header always set X-Frame-Options "DENY"
|
|
Header always set X-Content-Type-Options "nosniff"
|
|
Header always set X-XSS-Protection "1; mode=block"
|
|
Header always set Referrer-Policy "same-origin"
|
|
</Files>
|
|
|
|
<Files node-api.php>
|
|
<RequireAny>
|
|
Require local
|
|
# When using separate VPN node(s) running (vpn-server-node),
|
|
# add the IP address(es) of the node(s) here
|
|
#Require ip 192.0.2.0/24
|
|
#Require ip 2001:db::/32
|
|
</RequireAny>
|
|
</Files>
|
|
</Directory>
|