apt-get install apache2 apache2-doc apache2-utils

Perl

apt-get install libapache2-mod-perl2

Python

apt-get install libapache2-mod-python

PHP

apt-get install libapache2-mod-php5 php5 php-pear php5-xcache

Enable module

a2enmod <module>

Disable module

a2dismod <module>

For SSL, copy the following into “mods-available/ssl.conf”

SSLHonorCipherOrder on
SSLCipherSuite 'EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA:EECDH:EDH+AESGCM:EDH:+3DES:ECDH+AESGCM:ECDH+AES:ECDH:AES:HIGH:MEDIUM:!RC4:!CAMELLIA:!SEED:!aNULL:!MD5:!eNULL:!LOW:!EXP:!DSS:!PSK:!SRP'

ports.conf

Listen 80

<IfModule ssl_module>
        Listen 443
</IfModule>

<IfModule mod_gnutls.c>
        Listen 443
</IfModule>

apache.conf

KeepAlive Off

For SSL, add the follow to your vHost config

Redirect to https: - insert in virtualhost:80 <code> RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] </code> Add virtualhost:433 with the same basic attributes as :80. Add the following <code> SSLEngine On SSLCertificateFile /etc/letsencrypt/live/lunetikk.de/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/lunetikk.de/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/lunetikk.de/fullchain.pem #SSLProtocol TLSv1.2 SSLProtocol All -SSLv2 -SSLv3 -TLSv1 <Location /> SSLRequireSSL On SSLVerifyClient optional SSLVerifyDepth 1 SSLOptions +StdEnvVars +StrictRequire </Location> </code> Enable Site <code>a2ensite lunetikk.de.conf</code> Disable Site <code>a2dissite lunetikk.de.conf</code> === vHost example === <code> <VirtualHost *:80> # The ServerName directive sets the request scheme, hostname and port that # the server uses to identify itself. This is used when creating # redirection URLs. In the context of virtual hosts, the ServerName # specifies what hostname must appear in the request's Host: header to # match this virtual host. For the default virtual host (this file) this # value is not decisive as it is used as a last resort host regardless. # However, you must set it for any further virtual host explicitly. #ServerName www.example.com ServerAdmin [email protected] ServerName lunetikk.de ServerAlias www.lunetikk.de lunetikk.de ServerPath / DocumentRoot /var/www/lunetikk # Available loglevels: trace8, ..., trace1, debug, info, notice, warn, # error, crit, alert, emerg. # It is also possible to configure the loglevel for particular # modules, e.g. #LogLevel info ssl:warn ErrorLog ${APACHE_LOG_DIR}/lunetikk.de_error.log CustomLog ${APACHE_LOG_DIR}/lunetikk.de_access.log combined # For most configuration files from conf-available/, which are # enabled or disabled at a global level, it is possible to # include a line for only one particular virtual host. For example the # following line enables the CGI configuration for this host only # after it has been globally disabled with "a2disconf". #Include conf-available/serve-cgi-bin.conf RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] <Location /> </Location> <Directory /> Options FollowSymLinks AllowOverride none Require all granted DirectoryIndex index.html </Directory> </VirtualHost> <VirtualHost *:443> ServerAdmin [email protected] ServerName lunetikk.de ServerAlias www.lunetikk.de lunetikk.de ServerPath / DocumentRoot /var/www/lunetikk ErrorLog ${APACHE_LOG_DIR}/lunetikk.de_error_ssl.log CustomLog ${APACHE_LOG_DIR}/lunetikk.de_access_ssl.log combined <Directory /> Options FollowSymLinks Indexes Includes ExecCGI AllowOverride none Require all granted DirectoryIndex index.html </Directory> SSLEngine On SSLCertificateFile /etc/letsencrypt/live/lunetikk.de/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/lunetikk.de/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/lunetikk.de/fullchain.pem #SSLProtocol TLSv1.2 SSLProtocol All -SSLv2 -SSLv3 -TLSv1 <Location /> SSLRequireSSL On SSLVerifyClient optional SSLVerifyDepth 1 SSLOptions +StdEnvVars +StrictRequire </Location> </VirtualHost> </code>