Web Server

Apache

a2dissite a2enmod a2dismod apache2ctl

sudo a2enmod headers
sudo apache2ctl -M | grep headers
sudo a2dismod headers

sudo apache2ctl configtest

sudo a2dissite 000-default.conf

sudo service apache2 restart

/etc/apache2/sites-available/foo.com.conf

<Directory /var/www/foo.com/public_html>
        Options -Indexes -Includes
        AllowOverride None
</Directory>
<VirtualHost *:80>
        ServerAdmin admin@foo.com
        ServerName foo.com
        DocumentRoot /var/www/foo.com/public_html

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>

<VirtualHost *:443>
        ServerAdmin admin@foo.com
        ServerName foo.com
        DocumentRoot /var/www/foo.com/public_html

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        SSLEngine on
        SSLCertificateFile /etc/apache2/ssl/foo.com_44C466971855FC81DFD6E1FC8B3CBE2A.cer
        SSLCertificateKeyFile /etc/apache2/ssl/private/foo.com.key
        SSLCertificateChainFile /etc/apache2/ssl/foo.com_intermediate.cer
</VirtualHost>

# Headers for secutiry concern
<IfModule mod_headers.c>
        Header always append X-Frame-Options SAMEORIGIN
        Header always append X-Content-Type-Options "nosniff"
        Header set X-XSS-Protection "1; mode=block"
        Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure
</IfModule>

參考

• 一台主機但需要架設兩個以上的網站 - Amazon EC2 Ubuntu 設定 Apache Virtual Hosts
• Apache Web Server Hardening and Security Guide
• how-to-config-apache2-to-redirect-url
• How To Increase Max Connections in Apache
• Apache Module mod_cache

SSL

• How to configure SSL/TLS in Apache httpd? - Red Hat Customer Portal

Nginx

• nginx 筆記 - HackMD
• 淺談 Nginx 基本配置、負載均衡、緩存和反向代理 - Max行銷誌
• [部屬網站]Nginx + uWSGI + Flask - HackMD
• Nginx with SSL Termination | All About