|
|
@@ -1,62 +1,93 @@
|
|
|
<VirtualHost *:80>
|
|
|
-#php_admin_value sendmail_path "/usr/sbin/sendmail -t -i"
|
|
|
-#php_admin_value mail.force_extra_parameters "-f postmaster@mydomain.com"
|
|
|
-php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f postmaster@mydomain.com"
|
|
|
-php_admin_value open_basedir /tmp/:/home/../htdocs
|
|
|
+ #php_admin_value sendmail_path "/usr/sbin/sendmail -t -i"
|
|
|
+ #php_admin_value mail.force_extra_parameters "-f postmaster@mydomain.com"
|
|
|
+ php_admin_value sendmail_path "/usr/sbin/sendmail -t -i -f postmaster@mydomain.com"
|
|
|
+ php_admin_value open_basedir /tmp/:/home/.../htdocs:/home/.../dolibarr_documents:
|
|
|
+
|
|
|
+ ServerName myvirtualalias
|
|
|
+ ServerAlias myvirtualalias
|
|
|
+
|
|
|
+ UseCanonicalName On
|
|
|
+
|
|
|
+ KeepAlive On
|
|
|
+ KeepAliveTimeout 5
|
|
|
+ MaxKeepAliveRequests 20
|
|
|
+
|
|
|
+ AddDefaultCharset UTF-8
|
|
|
+
|
|
|
+ DocumentRoot "/home/.../htdocs"
|
|
|
+
|
|
|
+ <Directory /home/.../htdocs/>
|
|
|
+ AllowOverride None
|
|
|
+ Options -Indexes -MultiViews +FollowSymLinks -ExecCGI
|
|
|
+ Require all granted
|
|
|
|
|
|
-ServerName myvirtualalias
|
|
|
-ServerAlias myvirtualalias
|
|
|
+ # To restrict access by a HTTP basic auth
|
|
|
+ #AuthType Basic
|
|
|
+ #AuthName "Authenticate to backoffice"
|
|
|
+ #AuthUserFile /etc/apache2/.htpasswd
|
|
|
+ #require valid-user
|
|
|
+ </Directory>
|
|
|
+
|
|
|
+ # Leaving /public and /api, /dav, .well_known but also wrappers for document and viewimage accessible to everyone
|
|
|
+ <Directory /home/admin/wwwroot/dolibarr/htdocs/public/>
|
|
|
+ AuthType None
|
|
|
+ Require all granted
|
|
|
+ Satisfy any
|
|
|
+ </Directory>
|
|
|
+ <Directory /home/admin/wwwroot/dolibarr/htdocs/api/>
|
|
|
+ AuthType None
|
|
|
+ Require all granted
|
|
|
+ Satisfy any
|
|
|
+ </Directory>
|
|
|
+ <Directory /home/admin/wwwroot/dolibarr/htdocs/dav/>
|
|
|
+ AuthType None
|
|
|
+ Require all granted
|
|
|
+ Satisfy any
|
|
|
+ </Directory>
|
|
|
+ <Directory /home/admin/wwwroot/dolibarr/htdocs/.well-known/>
|
|
|
+ AuthType None
|
|
|
+ Require all granted
|
|
|
+ Satisfy any
|
|
|
+ </Directory>
|
|
|
+ <Files ~ "(document\.php|viewimage\.php|\.js\.php|\.json\.php|\.js|\.css\.php|\.css|\.gif|\.png|\.svg|\.woff2|favicon\.ico)$">
|
|
|
+ AuthType None
|
|
|
+ Require all granted
|
|
|
+ Satisfy any
|
|
|
+ </Files>
|
|
|
|
|
|
-UseCanonicalName On
|
|
|
-
|
|
|
-AddDefaultCharset UTF-8
|
|
|
-
|
|
|
-DocumentRoot "/home/.../htdocs"
|
|
|
-
|
|
|
-<Directory /home/.../htdocs/>
|
|
|
- AllowOverride None
|
|
|
- Options -Indexes -MultiViews +FollowSymLinks -ExecCGI
|
|
|
- Require all granted
|
|
|
-</Directory>
|
|
|
-
|
|
|
-<Directory "/home/../htdocs/cache">
|
|
|
- Deny from all
|
|
|
- RemoveHandler .phtml .php .php3 .php4 .php5 .php6 .phps .cgi .exe .pl .asp .aspx .shtml .shtm .fcgi .fpl .jsp .htm .html .wml
|
|
|
- AddType application/x-httpd-php-source .phtml .php .php3 .php4 .php5 .php6 .phps .cgi .exe .pl .asp .aspx .shtml .shtm .fcgi .fpl .jsp .htm .html .wml
|
|
|
-</Directory>
|
|
|
-
|
|
|
-
|
|
|
-ErrorLog /var/log/apache2/myvirtualalias_error_log
|
|
|
-TransferLog /var/log/apache2/myvirtualalias_access_log
|
|
|
-
|
|
|
-# Compress returned resources of type php pages, text file export, css and javascript
|
|
|
-AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/x-javascript
|
|
|
-
|
|
|
-AddType text/javascript .jgz
|
|
|
-AddEncoding gzip .jgz
|
|
|
-ExpiresActive On
|
|
|
-ExpiresByType image/x-icon A2592000
|
|
|
-ExpiresByType image/gif A2592000
|
|
|
-ExpiresByType image/png A2592000
|
|
|
-ExpiresByType image/jpeg A2592000
|
|
|
-ExpiresByType text/css A2592000
|
|
|
-ExpiresByType text/javascript A2592000
|
|
|
-ExpiresByType application/x-javascript A2592000
|
|
|
-ExpiresByType application/javascript A2592000
|
|
|
-
|
|
|
-SSLEngine On
|
|
|
-
|
|
|
-# A self-signed (snakeoil) certificate can be created by installing
|
|
|
-# the ssl-cert package. See
|
|
|
-# /usr/share/doc/apache2.2-common/README.Debian.gz for more info.
|
|
|
-# If both key and certificate are stored in the same file, only the
|
|
|
-# SSLCertificateFile directive is needed.
|
|
|
-SSLCertificateFile /etc/letsencrypt/live/www.mydomain.com/cert.pem
|
|
|
-SSLCertificateKeyFile /etc/letsencrypt/live/www.mydomain.com/privkey.pem
|
|
|
-SSLCertificateChainFile /etc/letsencrypt/live/www.mydomain.com/chain.pem
|
|
|
-
|
|
|
-#RewriteEngine on
|
|
|
-#RewriteCond %{SERVER_PORT} ^80$
|
|
|
-#RewriteRule ^(.*)$ https://%{SERVER_NAME}$1 [L,R]
|
|
|
+
|
|
|
+ ErrorLog /var/log/apache2/myvirtualalias_error_log
|
|
|
+ TransferLog /var/log/apache2/myvirtualalias_access_log
|
|
|
+
|
|
|
+ # Compress returned resources of type php pages, text file export, css and javascript
|
|
|
+ AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/x-javascript
|
|
|
+
|
|
|
+ AddType text/javascript .jgz
|
|
|
+ AddEncoding gzip .jgz
|
|
|
+ ExpiresActive On
|
|
|
+ ExpiresByType image/x-icon A2592000
|
|
|
+ ExpiresByType image/gif A2592000
|
|
|
+ ExpiresByType image/png A2592000
|
|
|
+ ExpiresByType image/jpeg A2592000
|
|
|
+ ExpiresByType text/css A2592000
|
|
|
+ ExpiresByType text/javascript A2592000
|
|
|
+ ExpiresByType application/x-javascript A2592000
|
|
|
+ ExpiresByType application/javascript A2592000
|
|
|
+
|
|
|
+ SSLEngine On
|
|
|
+
|
|
|
+ # A self-signed (snakeoil) certificate can be created by installing
|
|
|
+ # the ssl-cert package. See
|
|
|
+ # /usr/share/doc/apache2.2-common/README.Debian.gz for more info.
|
|
|
+ # If both key and certificate are stored in the same file, only the
|
|
|
+ # SSLCertificateFile directive is needed.
|
|
|
+ SSLCertificateFile /etc/letsencrypt/live/www.mydomain.com/cert.pem
|
|
|
+ SSLCertificateKeyFile /etc/letsencrypt/live/www.mydomain.com/privkey.pem
|
|
|
+ SSLCertificateChainFile /etc/letsencrypt/live/www.mydomain.com/chain.pem
|
|
|
+
|
|
|
+ #RewriteEngine on
|
|
|
+ #RewriteCond %{SERVER_PORT} ^80$
|
|
|
+ #RewriteRule ^(.*)$ https://%{SERVER_NAME}$1 [L,R]
|
|
|
|
|
|
</VirtualHost>
|
Laurent Destailleur