File: //opt/itc_group.conf
<VirtualHost *:80>
ServerName www.itc-group.it
ServerAlias itc-group.it
DocumentRoot /var/www/html/ict
DirectoryIndex index.php index.html
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{SERVER_NAME}/$1 [R,L]
ErrorLog /var/logs/itc-group.www.error.log
CustomLog /var/logs/itc-group.www.access.log combined
<Directory /var/www/html/ict>
Require all granted
AllowOverride All
</Directory>
</VirtualHost>
<VirtualHost *:443>
<FilesMatch \.php$>
SetHandler application/x-httpd-php
</FilesMatch>
AddType text/html .php
DirectoryIndex index.php
php_value session.save_handler "files"
php_value session.save_path "/var/lib/php/session"
ServerName www.itc-group.it
ServerAlias itc-group.it
DocumentRoot /var/www/html/ict
DirectoryIndex index.php index.html
ErrorLog /var/logs/itc-group.www.error.log
CustomLog /var/logs/itc-group.www.access.log combined
<Directory /var/www/html/ict>
Require all granted
AllowOverride All
</Directory>
SSLEngine on
# A self-signed (snakeoil) certificate can be created by installing
# the ssl-cert package. See
# /usr/share/doc/apache2.2-common/README.Debian.gz for more info.
# If both key and certificate are stored in the same file, only the
# SSLCertificateFile directive is needed.
SSLCertificateFile /etc/letsencrypt/live/www.itc-group.it/cert.pem
SSLCertificateKeyFile /etc/letsencrypt/live/www.itc-group.it/privkey.pem
SSLCertificateChainFile /etc/letsencrypt/live/www.itc-group.it/chain.pem
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
BrowserMatch "MSIE [2-6]" \
nokeepalive ssl-unclean-shutdown \
downgrade-1.0 force-response-1.0
# MSIE 7 and newer should be able to use keepalive
BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
</VirtualHost>