AllowOverride None
Require all denied
DocumentRoot /var/www/clients/client1/web9/web
ServerName DOMAIN.TLD
ServerAlias www.DOMAIN.TLD
ServerAdmin webmaster@DOMAIN.TLD
ErrorLog /var/log/ispconfig/httpd/DOMAIN.TLD/error.log
# Clear PHP settings of this website
SetHandler None
Options +SymlinksIfOwnerMatch
AllowOverride All
Require all granted
# Clear PHP settings of this website
SetHandler None
Options +SymlinksIfOwnerMatch
AllowOverride All
Require all granted
# suexec enabled
SuexecUserGroup web9 client1
Require all granted
SetHandler php-fcgi
SetHandler php-fcgi
Action php-fcgi /php-fcgi virtual
Alias /php-fcgi /var/www/clients/client1/web9/cgi-bin/php-fcgi-138.201.190.45-80-DOMAIN.TLD
FastCgiExternalServer /var/www/clients/client1/web9/cgi-bin/php-fcgi-138.201.190.45-80-DOMAIN.TLD -idle-timeout 300 -host 127.0.0.1:9018 -pass-header Authorization -pass-header Content-Type
= 2.4.26>
ProxyFCGISetEnvIf "true" DOCUMENT_ROOT "/web"
ProxyFCGISetEnvIf "true" CONTEXT_DOCUMENT_ROOT "%{reqenv:DOCUMENT_ROOT}"
ProxyFCGISetEnvIf "true" HOME "%{reqenv:DOCUMENT_ROOT}"
ProxyFCGISetEnvIf "true" SCRIPT_FILENAME "%{reqenv:DOCUMENT_ROOT}%{reqenv:SCRIPT_NAME}"
#ProxyPassMatch ^/(.*\.php[345]?(/.*)?)$ fcgi://127.0.0.1:9018/var/www/clients/client1/web9/web/$1
SetHandler "proxy:fcgi://127.0.0.1:9018"
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/\.well-known/acme-challenge/
RewriteRule ^ - [END]
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L,NE]
# add support for apache mpm_itk
AssignUserId web9 client1
# Do not execute PHP files in webdav directory
SecRuleRemoveById 960015
SecRuleRemoveById 960032
SetHandler None
DavLockDB /var/www/clients/client1/web9/tmp/DavLock
# DO NOT REMOVE THE COMMENTS!
# IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
# WEBDAV BEGIN
# WEBDAV END
# skipping apache_directives, as that will be handled by the ssl vhost
DocumentRoot /var/www/clients/client1/web9/web
ServerName DOMAIN.TLD
ServerAlias www.DOMAIN.TLD
ServerAdmin webmaster@DOMAIN.TLD
Protocols h2 http/1.1
AddOutputFilterByType BROTLI_COMPRESS text/html text/plain text/xml text/css text/javascript application/x-javascript application/javascript application/xml application/xml+rss application/atom+xml application/json application/x-font-ttf application/vnd.ms-fontobject image/x-icon
ErrorLog /var/log/ispconfig/httpd/DOMAIN.TLD/error.log
SSLEngine on
SSLProtocol All -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
# SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
SSLHonorCipherOrder on
#
# Header always add Strict-Transport-Security "max-age=15768000"
#
SSLCertificateFile /var/www/clients/client1/web9/ssl/DOMAIN.TLD-le.crt
SSLCertificateKeyFile /var/www/clients/client1/web9/ssl/DOMAIN.TLD-le.key
SSLUseStapling on
SSLStaplingResponderTimeout 5
SSLStaplingReturnResponderErrors off
# Clear PHP settings of this website
SetHandler None
Options +SymlinksIfOwnerMatch
AllowOverride All
Require all granted
# Clear PHP settings of this website
SetHandler None
Options +SymlinksIfOwnerMatch
AllowOverride All
Require all granted
# suexec enabled
SuexecUserGroup web9 client1
Require all granted
SetHandler php-fcgi
SetHandler php-fcgi
Action php-fcgi /php-fcgi virtual
Alias /php-fcgi /var/www/clients/client1/web9/cgi-bin/php-fcgi-138.201.190.45-443-DOMAIN.TLD
FastCgiExternalServer /var/www/clients/client1/web9/cgi-bin/php-fcgi-138.201.190.45-443-DOMAIN.TLD -idle-timeout 300 -host 127.0.0.1:9018 -pass-header Authorization -pass-header Content-Type
= 2.4.26>
ProxyFCGISetEnvIf "true" DOCUMENT_ROOT "/web"
ProxyFCGISetEnvIf "true" CONTEXT_DOCUMENT_ROOT "%{reqenv:DOCUMENT_ROOT}"
ProxyFCGISetEnvIf "true" HOME "%{reqenv:DOCUMENT_ROOT}"
ProxyFCGISetEnvIf "true" SCRIPT_FILENAME "%{reqenv:DOCUMENT_ROOT}%{reqenv:SCRIPT_NAME}"
#ProxyPassMatch ^/(.*\.php[345]?(/.*)?)$ fcgi://127.0.0.1:9018/var/www/clients/client1/web9/web/$1
SetHandler "proxy:fcgi://127.0.0.1:9018"
RewriteEngine on
RewriteCond %{REQUEST_URI} ^/\.well-known/acme-challenge/
RewriteRule ^ - [END]
# add support for apache mpm_itk
AssignUserId web9 client1
# Do not execute PHP files in webdav directory
SecRuleRemoveById 960015
SecRuleRemoveById 960032
SetHandler None
DavLockDB /var/www/clients/client1/web9/tmp/DavLock
# DO NOT REMOVE THE COMMENTS!
# IF YOU REMOVE THEM, WEBDAV WILL NOT WORK ANYMORE!
# WEBDAV BEGIN
# WEBDAV END
DocumentRoot /var/www/clients/client1/web9/web/public
SSLStaplingCache shmcb:/var/run/ocsp(128000)