I finally use this config: <IfModule mod_ssl.c> <VirtualHost *:443> ServerAdmin webmaster@localhost ServerName mail.openmbox.net DocumentRoot /var/www/snappy ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined <Directory /> Options None AllowOverride None Require all denied </Directory> <Directory /var/www/snappy> Options +Indexes Require all granted </Directory> <Directory /var/www/snappy/data> Require all denied </Directory> SSLCertificateFile /etc/letsencrypt/live/mail.openmbox.net/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/mail.openmbox.net/privkey.pem Include /etc/letsencrypt/options-ssl-apache.conf </VirtualHost> </IfModule> And for mod_rewrite it is set up by certbot. consider backward compatibility I won't replace it. Thank you for your kind helps. Henry November 12, 2022 at 12:37 AM, "Frank Gingras" <thumbs@xxxxxxxxxx> wrote: > > That config snippet has no effect on php; that being said, you many two issues so far: > > 1) You don't need to use mod_rewrite to redirect, mod_alias with Redirect suffices > 2) You do not want to mix 2.2 and 2.4 authz directives. Remove the 2.2 directives, and unload the mod_access_compat module > > On Fri, 11 Nov 2022 at 08:32, <support@xxxxxxxxxxxx> wrote: > > > > > I think I need to read httpd's doc carefully. > > Before doing that can you help check my this config (for php primarily) are going without issue? > > Thanks in advance. > > > > root@mail:/etc/apache2/sites-enabled# cat webmail.conf |grep -v '#' > > <VirtualHost *:80> > > > > ServerAdmin webmaster@localhost > > ServerName mail.openmbox.net http://mail.openmbox.net/ > > > > ErrorLog ${APACHE_LOG_DIR}/error.log > > CustomLog ${APACHE_LOG_DIR}/access.log combined > > > > RewriteEngine on > > RewriteCond %{SERVER_NAME} =mail.openmbox.net http://mail.openmbox.net/ > > RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] > > </VirtualHost> > > > > root@mail:/etc/apache2/sites-enabled# cat webmail-le-ssl.conf |grep -v '#' > > <IfModule mod_ssl.c> > > <VirtualHost *:443> > > > > ServerAdmin webmaster@localhost > > ServerName mail.openmbox.net http://mail.openmbox.net/ > > DocumentRoot /var/www/snappy > > > > ErrorLog ${APACHE_LOG_DIR}/error.log > > CustomLog ${APACHE_LOG_DIR}/access.log combined > > > > <Directory /> > > Options None > > AllowOverride None > > Require all denied > > </Directory> > > > > <Directory /var/www/snappy> > > Options +Indexes > > Order deny,allow > > Allow from all > > Require all granted > > </Directory> > > > > <Directory /var/www/snappy/data> > > Require all denied > > </Directory> > > > > SSLCertificateFile /etc/letsencrypt/live/mail.openmbox.net/fullchain.pem http://mail.openmbox.net/fullchain.pem > > SSLCertificateKeyFile /etc/letsencrypt/live/mail.openmbox.net/privkey.pem http://mail.openmbox.net/privkey.pem > > Include /etc/letsencrypt/options-ssl-apache.conf > > </VirtualHost> > > </IfModule> > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx > > For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx > > > --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx