LoadModule ssl_module /usr/lib/apache2/modules/mod_ssl.so LoadModule socache_shmcb_module /usr/lib/apache2/modules/mod_socache_shmcb.so LoadModule headers_module /usr/lib/apache2/modules/mod_headers.so DocumentRoot /usr/share/zabbix/ ServerName zabbix DirectoryIndex index.php AddType application/x-httpd-php .php .php3 .php4 .php5 .phtml AddType application/x-httpd-php-source .phps # Enable/Disable SSL for this virtual host. SSLEngine on # intermediate configuration SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 SSLHonorCipherOrder off SSLSessionTickets off SSLCertificateFile /etc/ssl/apache2/ssl.crt SSLCertificateKeyFile /etc/ssl/apache2/ssl.key # SSLCACertificatePath /etc/ssl/apache2/chain/ # enable HTTP/2, if available Protocols h2 http/1.1 # HTTP Strict Transport Security (mod_headers is required) (63072000 seconds) Header always set Strict-Transport-Security "max-age=63072000" Options FollowSymLinks AllowOverride None Require all granted Require all denied Order deny,allow Deny from all Require all denied Order deny,allow Deny from all Require all denied Order deny,allow Deny from all Require all denied Order deny,allow Deny from all Require all denied Order deny,allow Deny from all