Securing the webinterface
Useful link
Docs: Securing the Webinterface
Activating the Apache modules
a2enmod ssl
systemctl restart apache2a2enmod sslEnabling module ssl.To activatelocate the newcertificate configuration, you need to run: service apache2 restart
file:
find /etc/apache2/ -type f -exec grep -Hn '^\s*SSLCertificate.*File' {} \;
/etc/apache2/sites-available/default-ssl.conf:32:enabled/000-default
RewriteEngine On
# Never forward request for .well-known (important when using Let's Encrypt)
RewriteCond %{REQUEST_URI} !^/etc/ssl/certs/ssl-cert-snakeoil.pem.well-known
# Next 2 lines: Force redirection if incoming request is not on 443
RewriteCond %{SERVER_PORT} !^443$
RewriteRule (.*) https://%{HTTP_HOST}$1 [L]
# This section passes the system Apaches connection mode to the
# instance Apache. Make sure mod_headers is enabled, otherwise it
# will be ignored and "Analyze configuration" will issue "WARN".
<IfModule headers_module>
RequestHeader set X-Forwarded-Proto expr=%{REQUEST_SCHEME}
RequestHeader set X-Forwarded-SSL expr=%{HTTPS}
</IfModule>/etc/apache2/sites-available/default-ssl.conf:33: