宝塔面板apache主机配置文件 · 多云平台/运维手册

apahce 新老证书的替换

#    #SSL公钥
#    SSLCertificateFile "/opt/lampp/etc/ssl/admin.fjsysydzswyxgs.com.public.pem"
#    #SSL私钥
#    SSLCertificateKeyFile "/opt/lampp/etc/ssl/admin.fjsysydzswyxgs.com.key"
#    #SSL证书链
#    SSLCertificateChainFile "/opt/lampp/etc/ssl/admin.fjsysydzswyxgs.com.chain.pem"

    #SSL公钥
    SSLCertificateFile "/opt/lampp/etc/ssl/2682057_admin.fjsysydzswyxgs.com_public.crt"
    #SSL私钥
    SSLCertificateKeyFile "/opt/lampp/etc/ssl/2682057_admin.fjsysydzswyxgs.com.key"
    #SSL证书链
    SSLCertificateChainFile "/opt/lampp/etc/ssl/2682057_admin.fjsysydzswyxgs.com_chain.crt"

<VirtualHost *:80>
    ServerAdmin webmaster@example.com
    DocumentRoot “/www/wwwroot/www.xiayitian.ren”
    ServerName e8a7e537.www.xiayitian.ren
    ServerAlias www.xiayitian.ren xiayitian.ren
    errorDocument 404 /404.html
    ErrorLog “/www/wwwlogs/www.xiayitian.ren-error_log”
    CustomLog “/www/wwwlogs/www.xiayitian.ren-access_log” combined
    #HTTP_TO_HTTPS_START
    <IfModule mod_rewrite.c>
        RewriteEngine on
        RewriteCond %{SERVER_PORT} !^443$
        RewriteRule (.*) https://%{SERVER_NAME}$1 [L,R=301]
    </IfModule>
    #HTTP_TO_HTTPS_END
    #SECURITY-START 防盗链配置
    RewriteEngine on
    RewriteCond %{HTTP_REFERER} !^$ [NC]
    RewriteCond %{HTTP_REFERER} !xiayitian.ren [NC]
    RewriteCond %{HTTP_REFERER} !www.xiayitian.ren [NC]
    RewriteRule .(jpg|jpeg|gif|png|js|css) /404.html [R=404,NC,L]
    #SECURITY-END
#301-START
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^xiayitian.ren [NC]
RewriteRule ^(.*) https://www.xiayitian.ren/ [L,R=301]
</IfModule>
#301-END
    #DENY FILES
     <Files ~ (\.user.ini|\.htaccess|\.git|\.svn|\.project|LICENSE|README.md)$>
       Order allow,deny
       Deny from all
    </Files>
    #PHP
    <FilesMatch \.php$>
            SetHandler “proxy:unix:/tmp/php-cgi-55.sock|fcgi://localhost”
    </FilesMatch>
    #PATH
    <Directory “/www/wwwroot/www.xiayitian.ren”>
        SetOutputFilter DEFLATE
        Options FollowSymLinks
        AllowOverride All
        Require all granted
        DirectoryIndex index.php index.html index.htm default.php default.html default.htm
    </Directory>
</VirtualHost>
<VirtualHost *:443>
    ServerAdmin webmasterexample.com
    DocumentRoot “/www/wwwroot/www.xiayitian.ren/”
    ServerName SSL.www.xiayitian.ren
    ServerAlias xiayitian.ren www.xiayitian.ren
    errorDocument 404 /404.html
    ErrorLog “/www/wwwlogs/www.xiayitian.ren-error_log”
    CustomLog “/www/wwwlogs/www.xiayitian.ren-access_log” combined
    #SECURITY-START 防盗链配置
    RewriteEngine on
    RewriteCond %{HTTP_REFERER} !^$ [NC]
    RewriteCond %{HTTP_REFERER} !xiayitian.ren [NC]
    RewriteCond %{HTTP_REFERER} !www.xiayitian.ren [NC]
    RewriteRule .(jpg|jpeg|gif|png|js|css) /404.html [R=404,NC,L]
    #SECURITY-END
#301-START
<IfModule mod_rewrite.c>
RewriteEngine on
RewriteCond %{HTTP_HOST} ^xiayitian.ren [NC]
RewriteRule ^(.*) https://www.xiayitian.ren/ [L,R=301]
</IfModule>
#301-END
    #SSL
    SSLEngine On
    SSLCertificateFile /etc/letsencrypt/live/www.xiayitian.ren/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/www.xiayitian.ren/privkey.pem
    SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
    SSLProtocol All -SSLv2 -SSLv3
    SSLHonorCipherOrder On
    #PHP
    <FilesMatch \.php$>
            SetHandler “proxy:unix:/tmp/php-cgi-55.sock|fcgi://localhost”
    </FilesMatch>
    #DENY FILES
     <Files ~ (\.user.ini|\.htaccess|\.git|\.svn|\.project|LICENSE|README.md)$>
       Order allow,deny
       Deny from all
    </Files>
    #PATH
    <Directory “/www/wwwroot/www.xiayitian.ren/”>
        SetOutputFilter DEFLATE
        Options FollowSymLinks
        AllowOverride All
        Require all granted
        DirectoryIndex index.php index.html index.htm default.php default.html default.htm
    </Directory>
</VirtualHost>
#BINDING-wap.xiayitian.ren-START
<VirtualHost *:80>
    ServerAdmin webmaster@example.com
    DocumentRoot “/www/wwwroot/www.xiayitian.ren/wap”
    ServerName wap.xiayitian.ren
    errorDocument 404 /404.html
    ErrorLog “/www/wwwlogs/www.xiayitian.ren-error_log”
    CustomLog “/www/wwwlogs/www.xiayitian.ren-access_log” combined
    #PHP
    <FilesMatch \.php>
        SetHandler “proxy:unix:/tmp/php-cgi-55.sock|fcgi://localhost”
    </FilesMatch>
    #DENY FILES
     <Files ~ (\.user.ini|\.htaccess|\.git|\.svn|\.project|LICENSE|README.md)$>
       Order allow,deny
       Deny from all
    </Files>
    #PATH
    <Directory “/www/wwwroot/www.xiayitian.ren/wap”>
        SetOutputFilter DEFLATE
        Options FollowSymLinks
        AllowOverride All
        Require all granted
        DirectoryIndex index.php index.html index.htm default.php default.html default.htm
    </Directory>
</VirtualHost>
#BINDING-wap.xiayitian.ren-END