From 1a1e8bc7d4297ea64d0ba627134aa98a7c258b0d Mon Sep 17 00:00:00 2001 From: torn Date: Wed, 25 Jan 2017 00:25:16 +0100 Subject: [PATCH] File di configurazione Apache --- cable.conf | 55 +++++++++++++++++++++++------------------------------- 1 file changed, 23 insertions(+), 32 deletions(-) diff --git a/cable.conf b/cable.conf index 8378391..2977c67 100644 --- a/cable.conf +++ b/cable.conf @@ -1,8 +1,21 @@ -### -### Apache configuration file for Signal-Server -### + + ServerName cable-service-ca.cable.im + SSLEngine On -### VirtualHost for the main service: + # Su cable-service-ca.cable.im serve un certificato valido (letsencrypt). + # È l'hostname a cui si connette Twilio per ottenere le informazioni + # necessarie a fare la verifica del numero tramite chiamata vocale. + + SSLCertificateFile /etc/letsencrypt/live/cable-service-ca.cable.im/cert.pem + SSLCertificateKeyFile /etc/letsencrypt/live/cable-service-ca.cable.im/privkey.pem + Include /etc/letsencrypt/options-ssl-apache.conf + SSLCertificateChainFile /etc/letsencrypt/live/cable-service-ca.cable.im/chain.pem + + ProxyVia On + ProxyPreserveHost On + ProxyPass / http://127.0.0.1:4242/ + ProxyPassReverse / http://127.0.0.1:4242/ + ServerName cable-service.cable.im @@ -27,31 +40,6 @@ ProxyPassReverse / ws://127.0.0.1:4242/ - -### VirtualHost for letting Twilio call back: - - - ServerName cable-service-ca.cable.im - SSLEngine On - - # Su cable-service-ca.cable.im serve un certificato valido (letsencrypt). - # È l'hostname a cui si connette Twilio per ottenere le informazioni - # necessarie a fare la verifica del numero tramite chiamata vocale. - - SSLCertificateFile /etc/letsencrypt/live/cable-service-ca.cable.im/cert.pem - SSLCertificateKeyFile /etc/letsencrypt/live/cable-service-ca.cable.im/privkey.pem - Include /etc/letsencrypt/options-ssl-apache.conf - SSLCertificateChainFile /etc/letsencrypt/live/cable-service-ca.cable.im/chain.pem - - ProxyVia On - ProxyPreserveHost On - ProxyPass / http://127.0.0.1:4242/ - ProxyPassReverse / http://127.0.0.1:4242/ - - - -### Giphy proxy: - ServerName giphy.com ServerAlias *.giphy.com @@ -59,11 +47,14 @@ ProxyVia Block ProxyPreserveHost On - # The AllowConnect directive specifies a list of ports - # to which the proxy CONNECT method may connect. + ## The AllowConnect directive specifies a list of ports + ## to which the proxy CONNECT method may connect. AllowConnect 443 - # Only allow HTTP CONNECT requests, denying the others (GET, POST, ...). + ## Only ever allow incoming HTTP CONNECT requests. + ## Explicitly deny other request types like GET, POST, etc. + ## This tells Apache to return a 403 Forbidden if this virtual + ## host receives anything other than an HTTP CONNECT. Order allow,deny