Listen 80
Listen 443
SSLStaplingCache "shmcb:/var/log/apache2/stapling-cache(32768)"
ServerName ruleqa.spamassassin.org
ServerAlias ruleqa-trunk.spamassassin.org
ServerAlias ruleqa-stable.spamassassin.org
ErrorLog ${APACHE_LOG_DIR}/ruleqa.spamassassin.org-error.log
CustomLog ${APACHE_LOG_DIR}/ruleqa.spamassassin.org-access.log combined
DocumentRoot /var/www/ruleqa.spamassassin.org
ServerAdmin webmaster@spamassassin.org
RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteCond %{REMOTE_ADDR} !^(?:127\.0\.0\.1|10\..*)$
RewriteCond %{REQUEST_URI} !=/robots.txt
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
ServerName ruleqa.spamassassin.org
ServerAlias ruleqa-trunk.spamassassin.org
ServerAlias ruleqa-stable.spamassassin.org
ErrorLog ${APACHE_LOG_DIR}/ruleqa.spamassassin.org-ssl-error.log
CustomLog ${APACHE_LOG_DIR}/ruleqa.spamassassin.org-ssl-access.log combined
DocumentRoot /var/www/ruleqa.spamassassin.org
ServerAdmin webmaster@spamassassin.org
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/spamassassin.org/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/spamassassin.org/privkey.pem
# https://ssl-config.mozilla.org/#server=apache&version=2.4.41&config=intermediate&openssl=1.1.1f&hsts=false&guideline=5.4
# intermediate configuration
#SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
#SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
#SSLHonorCipherOrder off
#SSLSessionTickets off
#SSLUseStapling On
# old configuration
SSLProtocol all -SSLv3
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA
SSLHonorCipherOrder on
SSLSessionTickets off
SSLUseStapling On
Options Indexes FollowSymLinks ExecCGI
AllowOverride Indexes
Require all granted
AllowOverride None
Options ExecCGI SymLinksIfOwnerMatch
Require all granted
ScriptAlias /ruleqa.cgi /usr/local/spamassassin/automc/svn/masses/rule-qa/automc/ruleqa.cgi
RewriteEngine On
# debugging:
# RewriteLogLevel 9
# RewriteLog /var/apache2/logs/rewrite_log
# "%2F" is used to grep rule subsets, allow it
AllowEncodedSlashes On
# Redirect nagios to simple ok page
RewriteCond %{HTTP_USER_AGENT} ^check_http
RewriteRule .* /ok.html [L]
# Disallow some pesky robots
RewriteCond %{REMOTE_ADDR} !^(?:127\.0\.0\.1|10\..*)$
RewriteCond %{REQUEST_URI} !=/robots.txt
RewriteCond %{HTTP_USER_AGENT} "(?:Bot|Spider|Crawl)" [NC,OR]
RewriteCond %{HTTP_USER_AGENT} "(?:Chrome/4|Firefox/4)"
RewriteRule ^ - [F]
# Serve cached index for all except ourselves (/usr/local/bin/updateRuleqaIndex.sh)
RewriteCond %{REQUEST_URI} ^/$
RewriteCond %{QUERY_STRING} ^$
RewriteCond %{REMOTE_ADDR} !^(?:127\.0\.0\.1|10\..*)$
RewriteRule .* /index_cached.html [L]
# Index: straight through
RewriteRule ^/$ /ruleqa.cgi [PT,L]
# Aliases
RewriteRule ^/ruleqa\.css$ /usr/local/spamassassin/automc/svn/masses/rule-qa/automc/ruleqa.css [L]
RewriteRule ^/sorttable\.js$ /usr/local/spamassassin/automc/svn/masses/rule-qa/automc/sorttable.js [L]
# Satisfy local files
RewriteCond /var/www/ruleqa.spamassassin.org/%{REQUEST_FILENAME} !-d
RewriteCond /var/www/ruleqa.spamassassin.org/%{REQUEST_FILENAME} !-f
# Otherwise the CGI, only send known urls
RewriteCond %{REQUEST_URI} !^/ruleqa\.cgi$
RewriteRule ^/((?:20\d\d|last-|\d+-days-ago|today).*) /ruleqa.cgi/$1 [PT,L]
#
# spamassassin.org -> spamassassin.apache.org redirects
#
ServerName spamassassin.org
ServerAlias www.spamassassin.org
ErrorLog ${APACHE_LOG_DIR}/spamassassin.org-error.log
CustomLog ${APACHE_LOG_DIR}/spamassassin.org-access.log combined
RewriteEngine On
RewriteRule ^ https://spamassassin.apache.org/ [R,L]
ServerName spamassassin.org
ServerAlias www.spamassassin.org
ErrorLog ${APACHE_LOG_DIR}/spamassassin.org-error.log
CustomLog ${APACHE_LOG_DIR}/spamassassin.org-access.log combined
RewriteEngine On
RewriteRule ^ https://spamassassin.apache.org/ [R,L]
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/spamassassin.org/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/spamassassin.org/privkey.pem
# https://ssl-config.mozilla.org/#server=apache&version=2.4.41&config=intermediate&openssl=1.1.1f&hsts=false&guideline=5.4
# intermediate configuration
#SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
#SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
#SSLHonorCipherOrder off
#SSLSessionTickets off
#SSLUseStapling On
# old configuration
SSLProtocol all -SSLv3
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA
SSLHonorCipherOrder on
SSLSessionTickets off
SSLUseStapling On
#
# wiki.spamassassin.org -> https://cwiki.apache.org/confluence/display/SPAMASSASSIN/
#
ServerName wiki.spamassassin.org
ErrorLog ${APACHE_LOG_DIR}/wiki.spamassassin.org-error.log
CustomLog ${APACHE_LOG_DIR}/wiki.spamassassin.org-access.log combined
RewriteEngine On
RewriteRule ^ https://cwiki.apache.org/confluence/display/SPAMASSASSIN/ [R,L]
ServerName wiki.spamassassin.org
ErrorLog ${APACHE_LOG_DIR}/wiki.spamassassin.org-error.log
CustomLog ${APACHE_LOG_DIR}/wiki.spamassassin.org-access.log combined
RewriteEngine On
RewriteRule ^ https://cwiki.apache.org/confluence/display/SPAMASSASSIN/ [R,L]
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/spamassassin.org/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/spamassassin.org/privkey.pem
# https://ssl-config.mozilla.org/#server=apache&version=2.4.41&config=intermediate&openssl=1.1.1f&hsts=false&guideline=5.4
# intermediate configuration
#SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
#SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
#SSLHonorCipherOrder off
#SSLSessionTickets off
#SSLUseStapling On
# old configuration
SSLProtocol all -SSLv3
SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA
SSLHonorCipherOrder on
SSLSessionTickets off
SSLUseStapling On