# Apache VirtualHost for Opel Lifts Attendance # File: /etc/httpd/conf.d/opel-attendance.conf ServerName attendance.opellifts.com DocumentRoot /var/www/opel-attendance SSLEngine on SSLCertificateFile /etc/letsencrypt/live/attendance.opellifts.com/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/attendance.opellifts.com/privkey.pem AllowOverride All Require all granted Options -Indexes +FollowSymLinks # Deny access to .env and config files Require all denied # PHP-FPM handler SetHandler "proxy:unix:/run/php-fpm/www.sock|fcgi://localhost" # Rewrite all /api/* to api/index.php RewriteEngine On RewriteRule ^api/(.*)$ api/index.php [QSA,L] # Security headers Header always set X-Content-Type-Options "nosniff" Header always set X-Frame-Options "DENY" Header always set X-XSS-Protection "1; mode=block" Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains" ErrorLog /var/log/httpd/opel-attendance-error.log CustomLog /var/log/httpd/opel-attendance-access.log combined # HTTP to HTTPS redirect ServerName attendance.opellifts.com Redirect permanent / https://attendance.opellifts.com/