I see But we already have a handy directive to avoid repetition when necessary, a directive that btw many distros abuse, "Include". You define the common parts in a single file and Include the appropiate file.
2017-09-18 19:18 GMT+02:00 Reindl Harald <[email protected]>: > > Am 18.09.2017 um 17:56 schrieb Daniel: >> >> I tried to read and understand the whole thread and what we are trying >> to solve here, but I can't help to think this is an attempt at a new >> ".htaccess" wildcard thing for SSL that will end in greater confusion. >> >> in Freenode #httpd we generally try to teach people to not be afraid >> of defining the necessary virtualhosts. Everyone seems inclined, due >> to the amount of trash they have found through google, to define a >> single .htaccess files that will solve all their cases, redirections, >> and whatnot, and 90% are frustrated on how complicated it is. >> >> The generic solution we give is, (the iconic simplest way), one >> virtualhost for each: >> >> <Virtualhost *:80> >> ServerName whatever.example.com >> Redirect / https://whatever.example.com/ >> </Virtualhost> >> >> <Virtualhost *:443> >> ServerName whatever.example.com >> SSLEngine on >> etc.. >> </Virtualhost> >> >> Isn't this much better than any other attempt at reducing it to >> "another minimum expression" in a complicated kind of way? > > > no it is not - have fun define two hosts with all options and i would have > much more samples with much more php-options which needs to be included in > both in doubt > > yes, the software fetching lyrics likely had a problem with self-signed > certificates which was the case until short ago but that don't make the > config unreasonable exclude specific locations from enforced https > > the only problem cuurently is that $_SERVER['HTTP_PORT'] is wrong for such a > vhost with 80 while it should be 443 in case of a https-connection > > <VirtualHost *:80 *:443> > DocumentRoot "/mnt/data/www/example.rhsoft.net" > ServerName example.rhsoft.net > ServerAlias example.test.rh example example.rh.thelounge.net > Alias "/usage" "/var/www/usage/example" > CustomLog "/var/log/apache_example.log" combined > <Directory "/mnt/data/www/example.rhsoft.net"> > php_admin_value open_basedir > "/mnt/data/www/example.rhsoft.net:/Volumes/dune/www-servers/phpincludes:/usr/share/php:/usr/share/pear:/mnt/data/audio:/media/WALKMAN/music" > php_admin_value upload_tmp_dir > "/mnt/data/www/example.rhsoft.net/uploadtemp" > php_admin_value soap.wsdl_cache_dir > "/mnt/data/www/example.rhsoft.net/uploadtemp" > php_flag session.cookie_secure "1" > Require all granted > </Directory> > <Directory "/mnt/data/www/example.rhsoft.net/modules/pchart"> > Require all denied > </Directory> > <IfModule mod_rewrite.c> > RewriteEngine On > RewriteCond %{REQUEST_FILENAME} !lyrics.php > RewriteCond %{HTTPS} off > RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} > </IfModule> > <IfModule mod_ratelimit.c> > SetOutputFilter RATE_LIMIT > SetEnv rate-limit 2800 > </IfModule> > RedirectMatch 404 ^/modules/karaoke\-download\.php$ > RedirectMatch 404 ^/modules/music/copy\-cli\.php$ > RedirectMatch 404 ^/modules/music/validate\-all\-id3\-tags\.php$ > SSLEngine Optional > SSLUseStapling On > SSLCertificateFile "/var/lib/letsencrypt/certs/rhsoft-example.conf_rsa.pem" > SSLCertificateFile > "/var/lib/letsencrypt/certs/rhsoft-example.conf_ecdsa.pem" > </VirtualHost> -- Daniel Ferradal IT Specialist email dferradal at gmail.com linkedin es.linkedin.com/in/danielferradal
