This repository was archived by the owner on Feb 24, 2026. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathhttp.conf
More file actions
executable file
·96 lines (74 loc) · 3.33 KB
/
http.conf
File metadata and controls
executable file
·96 lines (74 loc) · 3.33 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
ServerTokens Prod
ServerSignature Off
WSGIPythonHome /code/myenv_linux
WSGIPythonPath /code/portfolio_manager
AddDefaultCharset UTF-8
EnableSendfile on
FileETag None
TraceEnable off
Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure
Header always append X-Frame-Options SAMEORIGIN
Header set X-XSS-Protection "1; mode=block"
RewriteEngine On
RewriteCond %{THE_REQUEST} !HTTP/1.1$
RewriteRule .* - [F]
Timeout 60
<Files ".ht*">
Require all denied
</Files>
ErrorLog /dev/stderr
LogLevel info
<VirtualHost *:80>
ServerAdmin kuba1095@gmail.com
ServerName jakubk.pl
ServerAlias www.jakubk.pl
#for extra logging status server
# <Location /status >
# SetHandler server-status
# </Location>
<Location / >
Redirect / https://jakubk.pl/
</Location>
</VirtualHost>
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin kuba1095@gmail.com
ServerName jakubk.pl
ServerAlias www.jakubk.pl
#path where should script by enabled
WSGIScriptAlias / /code/portfolio_manager/portfolio_manager/wsgi.py
WSGIDaemonProcess portfolio_manager python-home=/code/myenv_linux python-path=/code/portfolio_manager
#home is the place where we have the venv. Path is the place, where the project is located, the first name is name of project
WSGIProcessGroup portfolio_manager
WSGIPassAuthorization On
#for static files
Alias /static/ /code/portfolio_manager/portfolio_manager/static/
<Directory /code/portfolio_manager/portfolio_manager/static>
Require all granted
</Directory>
#for running wsgi.py
<Directory /code/portfolio_manager/portfolio_manager/>
<Files wsgi.py>
Require all granted
</Files>
</Directory>
<FilesMatch "\.(ico|pdf|flv|jpg|jpeg|png|gif|js|css|swf|svg|webp)$">
Header set Cache-Control "max-age=31536000, public"
</FilesMatch>
# for extra logging status server
# <Location /status >
# Deny from all
# Allow from 192.168.1.30
# SetHandler server-status
# </Location>
#cert options
SSLEngine On
SSLProtocol all -SSLv2 -SSLv3
SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS
SSLHonorCipherOrder on
SSLOptions +StrictRequire
SSLCertificateFile /etc/letsencrypt/live/jakubk.pl/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/jakubk.pl/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/jakubk.pl/fullchain.pem
</VirtualHost>
</IfModule>