zabbix-docker/Dockerfiles/web-apache-mysql/centos/conf/etc/zabbix/apache_ssl.conf

98 lines
3.0 KiB
Plaintext
Raw Normal View History

2018-02-18 21:45:33 +01:00
LoadModule ssl_module modules/mod_ssl.so
LoadModule socache_shmcb_module modules/mod_socache_shmcb.so
2020-04-26 18:45:42 +02:00
Listen 8443
2018-02-18 21:45:33 +01:00
2020-04-26 18:45:42 +02:00
<VirtualHost *:8443>
2018-02-18 21:45:33 +01:00
DocumentRoot /usr/share/zabbix/
ServerName zabbix
DirectoryIndex {HTTP_INDEX_FILE}
2018-09-28 12:44:57 +02:00
2018-02-18 21:45:33 +01:00
AddType application/x-httpd-php .php .php3 .php4 .php5 .phtml
AddType application/x-httpd-php-source .phps
# Enable/Disable SSL for this virtual host.
SSLEngine on
2021-06-09 01:10:03 +02:00
# intermediate configuration
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
SSLHonorCipherOrder off
SSLSessionTickets off
2018-02-18 21:45:33 +01:00
SSLCertificateFile /etc/ssl/apache2/ssl.crt
SSLCertificateKeyFile /etc/ssl/apache2/ssl.key
# SSLCACertificatePath /etc/ssl/apache2/chain/
2018-09-28 12:44:57 +02:00
2021-06-09 01:48:27 +02:00
# enable HTTP/2, if available
Protocols h2 http/1.1
2021-06-09 01:10:03 +02:00
# HTTP Strict Transport Security (mod_headers is required) (63072000 seconds)
Header always set Strict-Transport-Security "max-age=63072000"
2018-09-28 12:44:57 +02:00
<LocationMatch "/(ping|status)">
Order Allow,Deny
Allow from all
SetHandler "proxy:unix:/tmp/php-fpm.sock|fcgi://localhost"
</LocationMatch>
2018-09-28 12:44:57 +02:00
<Directory "/usr/share/zabbix">
Options FollowSymLinks
AllowOverride None
Require all granted
<FilesMatch \.(php|phar)$>
SetHandler "proxy:unix:/tmp/php-fpm.sock|fcgi://localhost"
</FilesMatch>
2018-09-28 12:44:57 +02:00
</Directory>
<Directory "/usr/share/zabbix/conf">
Require all denied
<files *.php>
Order deny,allow
Deny from all
</files>
</Directory>
<Directory "/usr/share/zabbix/app">
Require all denied
<files *.php>
Order deny,allow
Deny from all
</files>
</Directory>
<Directory "/usr/share/zabbix/include">
Require all denied
<files *.php>
Order deny,allow
Deny from all
</files>
</Directory>
<Directory "/usr/share/zabbix/local">
Require all denied
<files *.php>
Order deny,allow
Deny from all
</files>
</Directory>
2021-06-07 13:24:08 +02:00
2021-06-09 00:09:00 +02:00
<Directory "/usr/share/zabbix/locale">
Require all denied
<files *.php>
Order deny,allow
Deny from all
</files>
</Directory>
2021-06-09 01:48:27 +02:00
2021-06-07 13:24:08 +02:00
<Directory "/usr/share/zabbix/vendor">
Require all denied
<files *.php>
Order deny,allow
Deny from all
</files>
</Directory>
2018-02-18 21:45:33 +01:00
</VirtualHost>