Scribd Logo
Upload

Welcome to Scribd!

  • Configuracion Original Nextcloud TLS

    Uploaded by

    Agustin Sarria
    2 views2 pages

    Original Title

    CONFIGURACION ORIGINAL NEXTCLOUD TLS

    Copyright

    © © All Rights Reserved

    Available Formats

    TXT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    2 views2 pages

    Configuracion Original Nextcloud TLS

    Uploaded by

    Agustin Sarria

    Copyright:

    © All Rights Reserved
    Download as TXT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    # <VirtualHost *:80>

    # RewriteEngine On
    # RewriteRule ^(.*)$ https://%{HTTP_HOST} [R=301,L]
    # </VirtualHost>
    <VirtualHost *:443>
    Header add Strict-Transport-Security: "max-age=15552000;includeSubdomains"
    ### YOUR SERVER ADDRESS ###
    # ServerAdmin admin@example.com
    # ServerName cloud.example.com
    ### SETTINGS ###
    <FilesMatch "\.php$">
    SetHandler "proxy:unix:/run/php/php7.4-fpm.nextcloud.sock|fcgi://localhost"
    </FilesMatch>
    # Intermediate configuration
    SSLEngine on
    SSLCompression off
    SSLProtocol -all +TLSv1.2 +TLSv1.3
    SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-
    SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-
    CHACHA20-POL
    Y1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-
    SHA384
    SSLHonorCipherOrder off
    SSLSessionTickets off
    ServerSignature off
    # Logs
    LogLevel warn
    CustomLog ${APACHE_LOG_DIR}/access.log combined
    ErrorLog ${APACHE_LOG_DIR}/error.log
    DocumentRoot /var/www/nextcloud
    <Directory /var/www/nextcloud>
    Options Indexes FollowSymLinks
    AllowOverride All
    Require all granted
    Satisfy Any
    </Directory>
    <IfModule mod_dav.c>
    Dav off
    </IfModule>
    <Directory "/mnt/ncdata">
    # just in case if .htaccess gets disabled
    Require all denied
    </Directory>
    # The following lines prevent .htaccess and .htpasswd files from being
    # viewed by Web clients.
    <Files ".ht*">
    Require all denied
    </Files>
    # Disable HTTP TRACE method.
    TraceEnable off
    # Disable HTTP TRACK method.
    RewriteEngine On
    RewriteCond %{REQUEST_METHOD} ^TRACK
    RewriteRule .* - [R=405,L]
    SetEnv HOME /var/www/nextcloud
    SetEnv HTTP_HOME /var/www/nextcloud
    # Avoid "Sabre\DAV\Exception\BadRequest: expected filesize XXXX got XXXX"
    <IfModule mod_reqtimeout.c>
    RequestReadTimeout body=0
    </IfModule>
    ### LOCATION OF CERT FILES ###
    SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
    SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
    </VirtualHost>

    You might also like