Apache redirect http to https on centOS
Apabila kita ingin melakukan redirect apache http ke https, maka kita hanya perlu membuat 2 file vhost.
file pertama yaitu domain.conf :
<virtualhost>
ServerName www.domain.com
ServerAlias andalasmedia.com
DocumentRoot /var/www/html
ErrorLog /var/log/httpd/error.log
CustomLog /var/log/httpd/access.log combined
RedirectMatch permanent /(.*) https://www.domain.com/$1
</virtualhost>
File kedua yaitu domain-ssl.conf :
SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
SSLSessionCache shmcb:/run/httpd/sslcache(512000)
SSLSessionCacheTimeout 300
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
<virtualhost>
ServerName www.domain.com
DocumentRoot "/var/www/html"
ErrorLog /var/log/httpd/error.log
CustomLog /var/log/httpd/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/ssl.crt/commercial.crt
SSLCertificateKeyFile /etc/ssl/ssl.crt/commercial.key
SSLCertificateChainFile /etc/ssl/ssl.crt/ca_bundle.crt
SSLCACertificateFile /etc/ssl/ssl.crt/ca_bundle.crt
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder On
SSLCipherSuite "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHERSA-RC4-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-GCM-SHA384:DHERSA-AES256-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:RC4-SHA:AES256-GCMSHA384:AES256-SHA256:CAMELLIA256-SHA:ECDHE-RSA-AES128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:CAMELLIA128-SHA !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4"
</virtualhost>
file pertama yaitu domain.conf :
<virtualhost>
ServerName www.domain.com
ServerAlias andalasmedia.com
DocumentRoot /var/www/html
ErrorLog /var/log/httpd/error.log
CustomLog /var/log/httpd/access.log combined
RedirectMatch permanent /(.*) https://www.domain.com/$1
</virtualhost>
File kedua yaitu domain-ssl.conf :
SSLPassPhraseDialog exec:/usr/libexec/httpd-ssl-pass-dialog
SSLSessionCache shmcb:/run/httpd/sslcache(512000)
SSLSessionCacheTimeout 300
SSLRandomSeed startup file:/dev/urandom 256
SSLRandomSeed connect builtin
SSLCryptoDevice builtin
<virtualhost>
ServerName www.domain.com
DocumentRoot "/var/www/html"
ErrorLog /var/log/httpd/error.log
CustomLog /var/log/httpd/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/ssl.crt/commercial.crt
SSLCertificateKeyFile /etc/ssl/ssl.crt/commercial.key
SSLCertificateChainFile /etc/ssl/ssl.crt/ca_bundle.crt
SSLCACertificateFile /etc/ssl/ssl.crt/ca_bundle.crt
SSLProtocol all -SSLv2 -SSLv3
SSLHonorCipherOrder On
SSLCipherSuite "ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-SHA256:ECDHERSA-RC4-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES256-GCM-SHA384:DHERSA-AES256-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:RC4-SHA:AES256-GCMSHA384:AES256-SHA256:CAMELLIA256-SHA:ECDHE-RSA-AES128-SHA:AES128-GCM-SHA256:AES128-SHA256:AES128-SHA:CAMELLIA128-SHA !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4"
</virtualhost>
Comments
Post a Comment