From 02117f7ea35d719351a99cd4f1c339b2ad4ef266 Mon Sep 17 00:00:00 2001 From: nodiscc Date: Sat, 15 Aug 2020 20:03:43 +0200 Subject: doc: reverse proxy: update HTTP->HTTPS redirect configuration, remove logging options --- doc/md/Reverse-proxy.md | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) (limited to 'doc/md/Reverse-proxy.md') diff --git a/doc/md/Reverse-proxy.md b/doc/md/Reverse-proxy.md index 2c1c601e..77e4a04d 100644 --- a/doc/md/Reverse-proxy.md +++ b/doc/md/Reverse-proxy.md @@ -17,8 +17,17 @@ See also [proxy-related](https://github.com/shaarli/Shaarli/issues?utf8=%E2%9C%9 ```apache ServerName shaarli.mydomain.org - # Redirect HTTP to HTTPS - Redirect permanent / https://shaarli.mydomain.org + DocumentRoot /var/www/shaarli.mydomain.org/ + + # Redirect HTTP requests to HTTPS, except Let's Encrypt ACME challenge requests + RewriteEngine on + RewriteRule ^.well-known/acme-challenge/ - [L] + RewriteCond %{HTTP_HOST} =shaarli.mydomain.org + RewriteRule ^ https://shaarli.mydomain.org%{REQUEST_URI} [END,NE,R=permanent] + # If you are using mod_md, use this instead + #MDCertificateAgreement accepted + #MDContactEmail admin@shaarli.mydomain.org + #MDPrivateKeys RSA 4096 @@ -28,10 +37,6 @@ See also [proxy-related](https://github.com/shaarli/Shaarli/issues?utf8=%E2%9C%9 SSLCertificateFile /path/to/certificate SSLCertificateKeyFile /path/to/private/key - LogLevel warn - ErrorLog /var/log/apache2/error.log - CustomLog /var/log/apache2/access.log combined - # let the proxied shaarli server/container know HTTPS URLs should be served RequestHeader set X-Forwarded-Proto "https" -- cgit v1.2.3