LoadModule mime_module modules/mod_mime.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule headers_module modules/mod_headers.so
LoadModule expires_module modules/mod_expires.so
AddHandler type-map var
AddLanguage fr .fr
AddLanguage en .en
DefaultLanguage fr
# HTTPS : Pour mettre en place le https, activer le module SSL: sudo a2enmod SSL
#
# ServerName $domain
# RewriteEngine On
# RewriteCond %{HTTPS} off
# RewriteCond %{SERVER_NAME} =$domain
# RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]
#
#
#################################################################################################
## Utilisation de http2 si disponible pour de meilleures performances en https
#
# Protocols h2 http/1.1
#
#################################################################################################
## Racine des documents statiques du CMS
DocumentRoot "/home/cms/Ametys_CMS/ametys_site_home/cache"
Options FollowSymLinks
Require all granted
ServerName $domain
UseCanonicalName On
#################################################################################################
## comprimer la sortie de votre serveur avant de l'envoyer au client sur le réseau
## You can test it : https://www.whatsmyip.org/http-compression-test/,
## or https://www.internetmarketingninjas.com/tools/free-tools/pagespeed
AddOutputFilterByType DEFLATE text/plain text/html text/xml text/css
AddOutputFilterByType DEFLATE image/svg+xml image/x-icon
AddOutputFilterByType DEFLATE application/xml application/xhtml+xml application/rss+xml
AddOutputFilterByType DEFLATE text/javascript application/javascript application/x-javascript
AddOutputFilterByType DEFLATE application/vnd.ms-fontobject application/x-font application/x-font-opentype
AddOutputFilterByType DEFLATE application/x-font-otf application/x-font-truetype application/x-font-ttf
AddOutputFilterByType DEFLATE font/opentype font/otf font/ttf
ExpiresActive on
ExpiresDefault "access plus 1 second"
# CSS
ExpiresByType text/css "access plus 1 hours"
# Data interchange
ExpiresByType application/atom+xml "access plus 0 seconds"
ExpiresByType application/rdf+xml "access plus 0 seconds"
ExpiresByType application/rss+xml "access plus 0 seconds"
ExpiresByType application/json "access plus 0 seconds"
ExpiresByType application/ld+json "access plus 0 seconds"
ExpiresByType application/schema+json "access plus 0 seconds"
ExpiresByType application/vnd.geo+json "access plus 0 seconds"
ExpiresByType application/xml "access plus 0 seconds"
ExpiresByType text/xml "access plus 20 minutes"
# Favicon (cannot be renamed!) and cursor images
ExpiresByType image/vnd.microsoft.icon "access plus 1 weeks"
ExpiresByType image/x-icon "access plus 1 weeks"
# HTML
ExpiresByType text/html "access plus 1 seconds"
# JavaScript
ExpiresByType application/javascript "access plus 20 minutes"
ExpiresByType application/x-javascript "access plus 20 minutes"
ExpiresByType text/javascript "access plus 20 minutes"
# Manifest files
ExpiresByType application/manifest+json "access plus 1 days"
ExpiresByType application/x-web-app-manifest+json "access plus 0 seconds"
ExpiresByType text/cache-manifest "access plus 0 seconds"
# Media files
ExpiresByType audio/ogg "access plus 1 hours"
ExpiresByType image/bmp "access plus 1 hours"
ExpiresByType image/gif "access plus 1 hours"
ExpiresByType image/jpeg "access plus 1 hours"
ExpiresByType image/png "access plus 1 hours"
ExpiresByType image/svg+xml "access plus 1 hours"
ExpiresByType image/webp "access plus 1 hours"
ExpiresByType video/mp4 "access plus 1 hours"
ExpiresByType video/ogg "access plus 1 hours"
ExpiresByType video/webm "access plus 1 hours"
# Web fonts
# Embedded OpenType (EOT)
ExpiresByType application/vnd.ms-fontobject "access plus 1 month"
ExpiresByType font/eot "access plus 1 month"
# OpenType
ExpiresByType font/opentype "access plus 1 month"
# TrueType
ExpiresByType application/x-font-ttf "access plus 1 month"
# Web Open Font Format (WOFF) 1.0
ExpiresByType application/font-woff "access plus 1 month"
ExpiresByType application/x-font-woff "access plus 1 month"
ExpiresByType font/woff "access plus 1 month"
# Web Open Font Format (WOFF) 2.0
ExpiresByType application/font-woff2 "access plus 1 month"
# Other
ExpiresByType text/x-cross-domain-policy "access plus 1 week"
AddDefaultCharset UTF-8
#################################################################################################
## SSL Configuration
## Ne pas modifier les noms de fichiers dans ce fichier car c'est un fichier de macro
## qui peut etre utilisé pour gérer plusieurs sites.
## stocker les fichiers de certificats en suivant cette nomenclature
## ou $ domain est une variable contenant le domaine utilisé ici
# Include /etc/apache2/ssl/options-ssl-apache.conf
# SSLCertificateFile /etc/apache2/ssl/$domain.crt
# SSLCertificateKeyFile /etc/apache2/ssl/$domain.key
# SSLCertificateChainFile /etc/apache2/ssl/$domain-SSLCertificateChainFile.crt
# HTTPS : Adjust server.xml
# HTTPS : To use HTTP and HTTPS you need to declare two different ports on tomcat, by default we suggest to use 8082 for HTTPS connector on tomcat
# HTTPS : Restart Apache and tomcat
# HTTPS : Finally update site configuration in BO Ametys _admin
#################################################################################################
## RewriteEngine and preserve host in the request headers
##
RewriteEngine On
ProxyRequests Off
ProxyPreserveHost On
#################################################################################################
## Remove headers for better security
##
Header unset "X-Powered-By"
Header unset "Server"
Header unset "X-Cocoon-Version"
Header unset "X- Generator"
#################################################################################################
## Reject TRACE Requests and all php request, the goal is to improve performances and avoid useless requests
## Please comments these line if you activate php on this server, but ask Ametys before.
#Reject TRACE method for better security
RewriteCond %{REQUEST_METHOD} ^(TRACE) [NC]
RewriteRule .* - [F]
#Reject all the access to php files to improve performances and security
RewriteRule .*\.php - [F,L]
#################################################################################################
## Rewrite rules for google validation, robots.txt
## Activate if necessary
Options FollowSymLinks
Require all granted
#Example of RewriteRule to serve google file for webmaster tool
#RewriteRule ^/googleabcdefghijk.html$ /home/cms/Ametys_CMS/www/googleabcdefghijk.html [L]
#Example of RewriteRule to use a specific robots.txt
#RewriteRule ^/robots.txt$ /home/cms/Ametys_CMS/www/robots-blockall.txt [L]
#RewriteRule robots.txt$ /home/cms/Ametys_CMS/www/robots-blockall.txt [L]
#################################################################################################
## Manage errors
##
# Traitement statique des erreurs
ProxyErrorOverride On
ErrorDocument 400 /error/500.html.var
ErrorDocument 401 /error/401.html.var
ErrorDocument 403 /error/403.html.var
ErrorDocument 404 /error/404.html.var
ErrorDocument 500 /error/500.html.var
ErrorDocument 501 /error/500.html.var
ErrorDocument 502 /error/500.html.var
ErrorDocument 503 /error/500.html.var
ErrorDocument 506 /error/500.html.var
#################################################################################################
## Folder of the skin directory to serve these files with apache for better performances
##
Options Multiviews
Options FollowSymLinks
Require all granted
RewriteRule ^/error/(.+)$ /home/cms/Ametys_CMS/application/site/skins/$skin/error/$1 [L]
#################################################################################################
## positionne le header Content-disposition quand la variable d'environnement download est présente
Header set Content-Disposition "attachment; filename=%{download}e;filename*=utf-8''%{download}e" env=download
#################################################################################################
## Gestion du de la session et des langues
RewriteRule ^/(.*);jsessionid=(.*)$ /$1
RewriteRule ^/?$ /fr/index.html [R=301]
RewriteRule ^/fr/?$ /fr/index.html [R=301]
RewriteRule ^/en/?$ /en/index.html [R=301]
RewriteRule ^/es/?$ /es/index.html [R=301]
RewriteRule ^/zh/?$ /zh/index.html [R=301]
#################################################################################################
## Gestion du cache, la dernière règle redirige vers tomcat Ametys
## Si l'URL matche l'expression suivante et que le fichier exite, on le sert en statique avec le serveur Apache.
RewriteCond %{DOCUMENT_ROOT}/$1 -f
RewriteRule ^/(.+)$ %{DOCUMENT_ROOT}/$1 [L]
## Ce bloc sert à positionner la variable d'environnement download quand il y a un parametre de requête download=true
## La valeur de la variable download est le nom du fichier "%-encode".
RewriteCond %{DOCUMENT_ROOT}/$siteid/$1$3 -f
RewriteCond %{QUERY_STRING} ^.*download=true.*$
RewriteRule ^/(([^/]*/)*)([^/]+)$ %{DOCUMENT_ROOT}/$siteid/$1$3 [E=download:$3,L]
RewriteCond %{DOCUMENT_ROOT}/$siteid/$1 -f
RewriteRule ^/(.+)$ %{DOCUMENT_ROOT}/$siteid/$1 [L]
## Redirection de toute autre forme de requetes :
RewriteRule ^(/.*)$ http://localhost:8083$1 [E=AMETYS_PROXY_PASS:1,P,L]
RequestHeader set UNIQUE_ID %{UNIQUE_ID}e env=AMETYS_PROXY_PASS
ProxyPassReverse / http://localhost:8083/
#################################################################################################
## Définition des logs
LogFormat "%{UNIQUE_ID}e $siteid %h %l %u %t \"%r\" %s/%>s %b %D %{AMETYS_PROXY_PASS}e \"%{Referer}i\" \"%{User-Agent}i\"" $siteid-detailed
ErrorLog /var/log/apache2/$domain-error.log
CustomLog /var/log/apache2/$domain-access.log $siteid-detailed
#################################################################################################
## Autorisation locale de proxification vers le connecteur tomcat
## sur le port approprié http ou https
Require all granted