ServerName {{ webmail_domain }} Redirect permanent / https://{{ webmail_domain }}/ ServerName {{ webmail_domain }} SSLEngine on SSLProtocol ALL -SSLv2 SSLHonorCipherOrder On SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS SSLCertificateFile /etc/ssl/certs/wildcard_public_cert.crt SSLCertificateKeyFile /etc/ssl/private/wildcard_private.key SSLCACertificateFile /etc/ssl/certs/wildcard_ca.pem Header add Strict-Transport-Security "max-age=15768000; includeSubdomains" # Those aliases do not work properly with several hosts on your apache server # Uncomment them to use it or adapt them to your configuration # Alias /roundcube/program/js/tiny_mce/ /usr/share/tinymce/www/ # Alias /roundcube /var/lib/roundcube # Access to tinymce files DocumentRoot /var/lib/roundcube Options Indexes MultiViews FollowSymLinks AllowOverride None Order allow,deny allow from all Options +FollowSymLinks # This is needed to parse /var/lib/roundcube/.htaccess. See its # content before setting AllowOverride to None. AllowOverride All order allow,deny allow from all # Protecting basic directories: Options -FollowSymLinks AllowOverride None Options -FollowSymLinks AllowOverride None Order allow,deny Deny from all Options -FollowSymLinks AllowOverride None Order allow,deny Deny from all CustomLog /var/log/apache2/webmail_access.log combined ErrorLog /var/log/apache2/webmail_error.log