-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathvhost.conf
205 lines (152 loc) · 7.51 KB
/
vhost.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
ServerName www.example.com:8080
# Suppress warning
<VirtualHost *:443>
ServerName %BASE_URL%
SSLEngine on
SSLCertificateFile "/etc/ssl/certs/generated.co.crt"
SSLCertificateKeyFile "/etc/ssl/private/generated.co.key"
ServerAdmin webmaster@localhost
DocumentRoot %DOCUMENT_ROOT%/pub
SetEnv MAGE_MODE developer
SetEnv HTTPS On
LogLevel info
ErrorLog /var/log/apache2/error.log
CustomLog /var/log/apache2/access.log combined
RewriteEngine On
<IfModule mod_fastcgi.c>
AddHandler php7-fcgi .php
Action php7-fcgi /php7-fcgi-ampersand
Alias /php7-fcgi-ampersand /usr/lib/cgi-bin/php7-fcgi-ampersand
FastCgiExternalServer /usr/lib/cgi-bin/php7-fcgi-ampersand -host 127.0.0.1:9000 -pass-header Authorization
<Directory /usr/lib/cgi-bin>
Require all granted
</Directory>
</IfModule>
<Directory %DOCUMENT_ROOT%/>
AllowOverride None
Options +FollowSymLinks
DirectoryIndex index.php
AddDefaultCharset Off
AddType 'text/html; charset=UTF-8' html
ExpiresDefault "access plus 1 year"
ExpiresByType text/html A0
ExpiresByType text/plain A0
ErrorDocument 404 /pub/errors/404.php
ErrorDocument 403 /pub/errors/404.php
Header set X-UA-Compatible "IE=edge"
<FilesMatch "\.(appcache|atom|bbaw|bmp|crx|css|cur|eot|f4[abpv]|flv|geojson|gif|htc|ico|jpe?g|js|json(ld)?|m4[av]|manifest|map|mp4|oex|og[agv]|opus|otf|pdf|png|rdf|rss|safariextz|svgz?|swf|topojson|tt[cf]|txt|vcard|vcf|vtt|webapp|web[mp]|webmanifest|woff2?|xloc|xml|xpi)$">
Header unset X-UA-Compatible
</FilesMatch>
RedirectMatch 403 /\.git
<FilesMatch "composer\.json|composer\.lock|\.gitignore|\.htaccess|\.htaccess\.sample|\.php_cs|\.travis\.yml|CHANGELOG\.md|CONTRIBUTING\.md|COPYING\.txt|Gruntfile\.js|LICENSE\.txt|LICENSE_AFL\.txt|nginx\.conf\.sample|package\.json|php\.ini\.sample|README\.md|magento_umask">
Order allow,deny
Deny from all
</FilesMatch>
</Directory>
<Directory %DOCUMENT_ROOT%/pub/>
DirectoryIndex index.php
Require all granted
AllowOverride None
Options FollowSymLinks
Options +FollowSymLinks
RewriteEngine on
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteCond %{REQUEST_METHOD} ^TRAC[EK]
RewriteRule .* - [L,R=405]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-l
RewriteRule .* index.php [L]
AddDefaultCharset Off
ExpiresDefault "access plus 1 year"
ExpiresByType text/html A0
ExpiresByType text/plain A0
ErrorDocument 404 /errors/404.php
ErrorDocument 403 /errors/404.php
Header set X-Frame-Options SAMEORIGIN
<FilesMatch "cron\.php|RELEASE_NOTES.txt">
order allow,deny
deny from all
</FilesMatch>
</Directory>
<Directory %DOCUMENT_ROOT%/pub/static/>
AllowOverride None
Options FollowSymLinks
#php_flag engine 0
Options -MultiViews
RewriteEngine On
# Remove signature of the static files that is used to overcomethe browser cache
RewriteRule ^version.+?/(.+)$ $1 [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-l
RewriteRule .* ../static.php?resource=$0 [L]
AddType application/javascript js jsonp
AddType application/json json
AddType text/css css
AddType image/x-icon ico
AddType image/gif gif
AddType image/png png
AddType image/jpeg jpg
AddType image/jpeg jpeg
AddType image/svg+xml svg
AddType application/vnd.ms-fontobject eot
AddType application/x-font-ttf ttf
AddType application/x-font-otf otf
AddType application/x-font-woff woff
AddType application/font-woff2 woff2
AddType application/x-shockwave-flash swf
AddType application/zip gzip
AddType application/x-gzip gz gzip
AddType application/x-bzip2 bz2
AddType text/csv csv
AddType application/xml xml
<FilesMatch .*\.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$>
Header append Cache-Control public
</FilesMatch>
<FilesMatch .*\.(zip|gz|gzip|bz2|csv|xml)$>
Header append Cache-Control no-store
</FilesMatch>
ExpiresActive On
<FilesMatch \.(zip|gz|gzip|bz2|csv|xml)$>
ExpiresDefault "access plus 0 seconds"
</FilesMatch>
ExpiresByType text/xml "access plus 0 seconds"
ExpiresByType text/csv "access plus 0 seconds"
ExpiresByType application/json "access plus 0 seconds"
ExpiresByType application/zip "access plus 0 seconds"
ExpiresByType application/x-gzip "access plus 0 seconds"
ExpiresByType application/x-bzip2 "access plus 0 seconds"
<FilesMatch \.(css|js)$>
ExpiresDefault "access plus 1 year"
</FilesMatch>
ExpiresByType text/css "access plus 1 year"
ExpiresByType application/javascript "access plus 1 year"
<FilesMatch \.(ico|gif|png|jpg|jpeg|swf|svg)$>
ExpiresDefault "access plus 1 year"
</FilesMatch>
ExpiresByType image/gif "access plus 1 year"
ExpiresByType image/png "access plus 1 year"
ExpiresByType image/jpg "access plus 1 year"
ExpiresByType image/jpeg "access plus 1 year"
ExpiresByType image/svg+xml "access plus 1 year"
<FilesMatch \.(eot|ttf|otf|svg|woff|woff2)$>
ExpiresDefault "access plus 1 year"
</FilesMatch>
ExpiresByType application/vnd.ms-fontobject "access plus 1 year"
ExpiresByType application/x-font-ttf "access plus 1 year"
ExpiresByType application/x-font-otf "access plus 1 year"
ExpiresByType application/x-font-woff "access plus 1 year"
ExpiresByType application/font-woff2 "access plus 1 year"
</Directory>
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
</VirtualHost>