SecBSD/ports
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
ports/net/eduvpn/vpn-user-portal/files/vpn.host.conf

46 lines
1.3 KiB
Text
Raw Blame History

<VirtualHost _default_:80>
ServerName http://vpn.example:80
UseCanonicalName on
LogLevel warn
ErrorLog /var/www/logs/vpn.error_log
# Do not log (valid) web browser requests
TransferLog /dev/null
#TransferLog /var/www/logs/vpn.access_log
RedirectMatch 301 ^(?!/\.well-known/acme-challenge/).* https://vpn.example$0
</VirtualHost>
<VirtualHost _default_:443>
ServerName https://vpn.example:443
UseCanonicalName on
LogLevel warn
ErrorLog /var/www/logs/vpn.error_log
# Do not log (valid) web browser requests
TransferLog /dev/null
#TransferLog /var/www/logs/vpn.access_log
SSLEngine on
SSLCertificateFile /etc/ssl/vpn.example.crt
SSLCertificateKeyFile /etc/ssl/private/vpn.example.key
SSLCertificateChainFile /etc/ssl/vpn.example.chain.pem
# Security Headers
Header always set Strict-Transport-Security "max-age=15768000"
Header always set Permissions-Policy "interest-cohort=()"
# Redirect requests to the portal (302)
RewriteEngine on
RewriteRule "^/$" "/vpn-user-portal/" [R]
DirectoryIndex index.php
<FilesMatch \.php$>
SetHandler "proxy:fcgi://127.0.0.1:32184"
CGIPassAuth on
SSLOptions +StdEnvVars
</FilesMatch>
</VirtualHost>
Reference in a new issue View git blame Copy permalink