I finally use this config:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerAdmin webmaster@localhost
ServerName mail.openmbox.net
DocumentRoot /var/www/snappy
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
<Directory />
Options None
AllowOverride None
Require all denied
</Directory>
<Directory /var/www/snappy>
Options +Indexes
Require all granted
</Directory>
<Directory /var/www/snappy/data>
Require all denied
</Directory>
SSLCertificateFile /etc/letsencrypt/live/mail.openmbox.net/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/mail.openmbox.net/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
And for mod_rewrite it is set up by certbot. consider backward compatibility I won't replace it.
Thank you for your kind helps.
Henry
November 12, 2022 at 12:37 AM, "Frank Gingras" <thumbs@xxxxxxxxxx> wrote:
>
> That config snippet has no effect on php; that being said, you many two issues so far:
>
> 1) You don't need to use mod_rewrite to redirect, mod_alias with Redirect suffices
> 2) You do not want to mix 2.2 and 2.4 authz directives. Remove the 2.2 directives, and unload the mod_access_compat module
>
> On Fri, 11 Nov 2022 at 08:32, <support@xxxxxxxxxxxx> wrote:
>
> >
> > I think I need to read httpd's doc carefully.
> > Before doing that can you help check my this config (for php primarily) are going without issue?
> > Thanks in advance.
> >
> > root@mail:/etc/apache2/sites-enabled# cat webmail.conf |grep -v '#'
> > <VirtualHost *:80>
> >
> > ServerAdmin webmaster@localhost
> > ServerName mail.openmbox.net http://mail.openmbox.net/
> >
> > ErrorLog ${APACHE_LOG_DIR}/error.log
> > CustomLog ${APACHE_LOG_DIR}/access.log combined
> >
> > RewriteEngine on
> > RewriteCond %{SERVER_NAME} =mail.openmbox.net http://mail.openmbox.net/
> > RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
> > </VirtualHost>
> >
> > root@mail:/etc/apache2/sites-enabled# cat webmail-le-ssl.conf |grep -v '#'
> > <IfModule mod_ssl.c>
> > <VirtualHost *:443>
> >
> > ServerAdmin webmaster@localhost
> > ServerName mail.openmbox.net http://mail.openmbox.net/
> > DocumentRoot /var/www/snappy
> >
> > ErrorLog ${APACHE_LOG_DIR}/error.log
> > CustomLog ${APACHE_LOG_DIR}/access.log combined
> >
> > <Directory />
> > Options None
> > AllowOverride None
> > Require all denied
> > </Directory>
> >
> > <Directory /var/www/snappy>
> > Options +Indexes
> > Order deny,allow
> > Allow from all
> > Require all granted
> > </Directory>
> >
> > <Directory /var/www/snappy/data>
> > Require all denied
> > </Directory>
> >
> > SSLCertificateFile /etc/letsencrypt/live/mail.openmbox.net/fullchain.pem http://mail.openmbox.net/fullchain.pem
> > SSLCertificateKeyFile /etc/letsencrypt/live/mail.openmbox.net/privkey.pem http://mail.openmbox.net/privkey.pem
> > Include /etc/letsencrypt/options-ssl-apache.conf
> > </VirtualHost>
> > </IfModule>
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
> > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
> >
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|