ServerName zuul-ci.org ServerAlias www.zuul-ci.org ServerAlias zuulci.org ServerAlias www.zuulci.org RewriteEngine on RewriteRule ^/(.*) https://zuul-ci.org/$1 [last,redirect=permanent] ErrorLog /var/log/apache2/zuul-ci.org_error.log LogLevel warn CustomLog /var/log/apache2/zuul-ci.org_access.log combined ServerSignature Off ServerName zuul-ci.org ServerAlias www.zuul-ci.org ServerAlias zuulci.org ServerAlias www.zuulci.org RewriteEngine on SSLEngine on SSLProtocol All -SSLv2 -SSLv3 # Once the machine is using something to terminate TLS that supports ECDHE # then this should be edited to remove the RSA+AESGCM:RSA+AES so that PFS # only is guarenteed. SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!AES256:!aNULL:!eNULL:!MD5:!DSS:!PSK:!SRP SSLHonorCipherOrder on SSLCertificateFile /etc/letsencrypt-certs/zuul-ci.org/zuul-ci.org.cer SSLCertificateKeyFile /etc/letsencrypt-certs/zuul-ci.org/zuul-ci.org.key SSLCertificateChainFile /etc/letsencrypt-certs/zuul-ci.org/ca.cer DocumentRoot /afs/openstack.org/project/zuul-ci.org/www Options Indexes FollowSymLinks MultiViews Require all granted AllowOverride None # Allow mod_rewrite rules AllowOverrideList Redirect RedirectMatch ErrorDocument 404 /errorpage.html ErrorLog /var/log/apache2/zuul-ci.org_error.log LogLevel warn CustomLog /var/log/apache2/zuul-ci.org_access.log combined ServerSignature Off