Apache

From Q
Revision as of 19:28, 20 December 2018 by Tgurr (talk | contribs)
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

This Apache setup explains how to configure Apache 2.4 with the mpm-itk worker so we can have different users for our virtual hosts. Further we want to have a few SSL based virtual hosts on one IP for which we NEED a wildcard certificate if we want to support legacy operating system clients (Windows XP) which don't support SNI and some other SSL sites on different IP adresses, each with their own virtualhost and certificate.

Virtual hosting - HTTP

Virtual hosting - SSL/SNI

First we disable the SSL_DEFAULT_VHOST if it's enabled by removing -D SSL_DEFAULT_VHOST from /etc/conf.d/apache2.

File: /etc/conf.d/apache2
-APACHE2_OPTS="-D DEFAULT_VHOST -D INFO -D SSL -D SSL_DEFAULT_VHOST -D LANGUAGE"
+APACHE2_OPTS="-D DEFAULT_VHOST -D INFO -D SSL -D LANGUAGE"

HTTP2 support

File: /etc/conf.d/apache2
APACHE2_OPTS="[...] -D HTTP2"

PHP Support

via PHP-FPM.

File: /etc/conf.d/apache2
APACHE2_OPTS="[...] -D PROXY -D FCGID"
File: /etc/apache2/vhosts.d/subdomain.example.com.conf
    [...]
    </Directory>

    # PHP-FPM
    <FilesMatch "\.(php|php5|phtml)$">
        SetHandler "proxy:unix:/run/php-fpm-domain.example.com.sock|fcgi://localhost"
    </FilesMatch>

    SSLEngine On
    [...]