Mirror site is read only www.netnr.com
netnr/ apache.md 2021-06-08 10:20
Apache 命令和配置

### Apache 安装及使用

https://blog.51cto.com/itwish/2160492

### 反向代理 https

https://docs.rapidminer.com/latest/legacy/configure/security/reverse-proxy.html

```
<VirtualHost *:80>
    ServerName server.rapidminer.com
    Redirect / https://server.rapidminer.com
</VirtualHost>

<VirtualHost *:443>
    ServerName server.rapidminer.com
    DocumentRoot /var/www/html

    ProxyPass "/"  "http://10.0.0.178:8080/"
    ProxyPassReverse "/"  "http://10.0.0.178:8080/"

    SSLEngine on

    SSLCertificateFile /etc/httpd/ssl/certificate.crt
    SSLCertificateKeyFile /etc/httpd/ssl/secret-key.key
    SSLCACertificateFile /etc/httpd/ssl/ca.crt

    SSLProtocol -ALL +TLSv1.2
    SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
    SSLHonorCipherOrder on
    SSLCompression off

    ProxyPreserveHost On
    RequestHeader set X-Forwarded-Proto: "https"

    # If the proxy listens on other port than 443
    # RequestHeader set X-Forwarded-Port: <your-custom-port>

    Header always set Strict-Transport-Security "max-age=63072000;"
    Header set X-Content-Type-Options "nosniff"
    Header always append X-Frame-Options "SAMEORIGIN"
    Header set Cache-Control "no-cache, no-store, no-transform"
    Header set Pragma "no-cache"
    Header set X-XSS-Protection "1;  mode=block"
    Header set Referrer-Policy: "strict-origin-when-cross-origin"
    Header set Content-Security-Policy: "default-src https: data: 'self' 'unsafe-inline' 'unsafe-eval';"
    Header set Feature-Policy: "fullscreen 'self'"
    Header set x-permitted-cross-domain-policies "none"

    FileETag None

</VirtualHost>
```