ServerName {{ selfoss_domain }} Redirect permanent / https://{{ selfoss_domain }}/ ServerName {{ selfoss_domain }} SSLEngine on SSLProtocol ALL -SSLv2 -SSLv3 SSLHonorCipherOrder On SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AES:RSA+3DES:!ADH:!AECDH:!MD5:!DSS SSLCertificateFile /etc/ssl/certs/wildcard_public_cert.crt SSLCertificateKeyFile /etc/ssl/private/wildcard_private.key SSLCACertificateFile /etc/ssl/certs/wildcard_ca.pem Header add Strict-Transport-Security "max-age=15768000; includeSubdomains" DocumentRoot /var/www/selfoss Options -Indexes ErrorLog /var/log/apache2/selfoss.info-error_log CustomLog /var/log/apache2/selfoss.info-access_log common AllowOverride All Order allow,deny allow from all DirectoryIndex index.php