Website : rimsha.abasa.com
backdoor
Home
Console
Upload
information
Create File
Create Folder
About
Tools
:
/
etc
/
apache2
/
sites-enabled
/
Filename :
api.ah7.fit.abasa.com.conf
back
Copy
# Global Configuration ServerName api.ah7.fit.abasa.com # HTTP VirtualHost - Redirect to HTTPS <VirtualHost *:80> ServerName api.ah7.fit.abasa.com ServerAlias www.api.ah7.fit.abasa.com # Redirect HTTP to HTTPS RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^(.*)$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R=301,NE] # Security Headers Header always set X-Content-Type-Options "nosniff" Header always set X-Frame-Options "DENY" Header always set X-XSS-Protection "1; mode=block" RewriteCond %{SERVER_NAME} =www.api.ah7.fit.abasa.com [OR] RewriteCond %{SERVER_NAME} =api.ah7.fit.abasa.com RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] </VirtualHost> # HTTPS VirtualHost - Proxy Requests to Backend <VirtualHost *:443> ServerName api.ah7.fit.abasa.com ServerAlias www.api.ah7.fit.abasa.com # SSL Configuration SSLEngine on Include /etc/letsencrypt/options-ssl-apache.conf # Proxy Configuration ProxyPreserveHost On ProxyPass / http://127.0.0.1:8089/ connectiontimeout=5 timeout=300 ProxyPassReverse / http://127.0.0.1:8089/ # Request Headers RequestHeader set X-Forwarded-Proto "https" RequestHeader set X-Forwarded-Host %{SERVER_NAME}e # Security Headers Header always set X-Content-Type-Options "nosniff" Header always set X-Frame-Options "DENY" Header always set X-XSS-Protection "1; mode=block" Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" # Logging ErrorLog ${APACHE_LOG_DIR}/api.ah7.fit.abasa.com_error.log CustomLog ${APACHE_LOG_DIR}/api.ah7.fit.abasa.com_access.log combined SSLCertificateFile /etc/letsencrypt/live/api.ah7.fit.abasa.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/api.ah7.fit.abasa.com/privkey.pem </VirtualHost> # Disable TRACE method globally for security TraceEnable Off