diff --git a/.gitignore b/.gitignore
index 063542d9..267c4fb4 100644
--- a/.gitignore
+++ b/.gitignore
@@ -26,6 +26,7 @@ nbactions.xml
# ignore the following folders and files
/etc/httpd/cgi/php.ini
+/etc/httpd/log
/etc/phpstan/.tmp
/etc/phpstan/phpstan.neon
/php-error.log
@@ -35,6 +36,6 @@ nbactions.xml
/composer.phar
/composer*.lock
-config.*properties
+config*.properties
!config.dist.properties
/services.php
diff --git a/etc/httpd/apache22-php-fcgi.conf b/etc/httpd/apache22-php-fcgi.conf
deleted file mode 100644
index 59a9dd1e..00000000
--- a/etc/httpd/apache22-php-fcgi.conf
+++ /dev/null
@@ -1,131 +0,0 @@
-#
-# Example configuration for a MiniStruts project served by Apache 2.2 with PHP as FastCGI process (including SSL).
-#
-
-
- ServerName example.ministruts.com
- ServerAlias local.example.ministruts.com
- ServerAdmin default
-
- UseCanonicalName Off
-
- DocumentRoot "${SITES}/example.ministruts.com/web"
- CustomLog "${SITES}/example.ministruts.com/etc/log/httpd-access.log" combined
- ErrorLog "${SITES}/example.ministruts.com/etc/log/httpd-error.log"
- SetEnv APP_BASE_URI "/"
-
- DirectoryIndex index.php index.html
- Options FollowSymLinks
- AddDefaultCharset UTF-8
-
-
- AllowOverride None
- Order deny,allow
- Deny from all
-
-
- # (1) public access, .htaccess disabled or...
- Order allow,deny
- Allow from all
-
- # (2) ...restricted access, .htaccess enabled
- Order deny,allow
- Deny from all
- Allow from 127.0.0.1
- AllowOverride All
-
-
- RewriteEngine On
- RewriteRule ^/(css|img|js)(/|$)(.*) - [L]
- RewriteCond %{LA-U:REQUEST_FILENAME} !-d
- RewriteCond %{LA-U:REQUEST_FILENAME} !-f
- RewriteRule ^ /index.php [NS,L]
- #RewriteLog "${SITES}/example.ministruts.com/etc/log/mod-rewrite.log"
- #RewriteLogLevel 9
-
- # FcgidMaxRequestsPerProcess must be <= PHP_FCGI_MAX_REQUESTS in the FcgidWrapper script
- FcgidMaxRequestsPerProcess 2000
-
- # FcgidMaxRequestLen (default: 131072) must be >= post_max_size in php.ini (default: 8388608 = 8MB)
- FcgidMaxRequestLen 10000000
-
-
- Options +ExecCGI
- SetHandler fcgid-script
- FcgidWrapper "${SITES}/example.ministruts.com/etc/httpd/cgi/php-wrapper" .php
-
-
- # If the following line is enabled the FcgidWrapper script must be executable. Script and containing directory must
- # be owned by the specified user and group. On errors check settings and the logfile as shown by `suexec -V`.
- #SuexecUserGroup {username} {groupname}
-
-
-
-
-
-
- ServerName example.ministruts.com
- ServerAlias local.example.ministruts.com
- ServerAdmin default
-
- UseCanonicalName Off
-
- DocumentRoot "${SITES}/example.ministruts.com/web"
- CustomLog "${SITES}/example.ministruts.com/etc/log/httpd-access.log" combined
- ErrorLog "${SITES}/example.ministruts.com/etc/log/httpd-error.log"
- SetEnv APP_BASE_URI "/"
-
- DirectoryIndex index.php index.html
- Options FollowSymLinks
- AddDefaultCharset UTF-8
-
-
- AllowOverride None
- Order deny,allow
- Deny from all
-
-
- # (1) public access, .htaccess disabled or...
- Order allow,deny
- Allow from all
-
- # (2) ...restricted access, .htaccess enabled
- Order deny,allow
- Deny from all
- Allow from 127.0.0.1
- AllowOverride All
-
-
- RewriteEngine On
- RewriteRule ^/(css|img|js)(/|$)(.*) - [L]
- RewriteCond %{LA-U:REQUEST_FILENAME} !-d
- RewriteCond %{LA-U:REQUEST_FILENAME} !-f
- RewriteRule ^ /index.php [NS,L]
- #RewriteLog "${SITES}/example.ministruts.com/etc/log/mod-rewrite.log"
- #RewriteLogLevel 9
-
- # FcgidMaxRequestsPerProcess must be <= PHP_FCGI_MAX_REQUESTS in the FcgidWrapper script
- FcgidMaxRequestsPerProcess 2000
-
- # FcgidMaxRequestLen (default: 131072) must be >= post_max_size in php.ini (default: 8388608 = 8MB)
- FcgidMaxRequestLen 10000000
-
-
- Options +ExecCGI
- SetHandler fcgid-script
- FcgidWrapper "${SITES}/example.ministruts.com/etc/httpd/cgi/php-wrapper" .php
-
-
- # If the following line is enabled the FcgidWrapper script must be executable. Script and containing directory must
- # be owned by the specified user and group. On errors check settings and the logfile as shown by `suexec -V`.
- #SuexecUserGroup {username} {groupname}
-
-
- # See etc/httpd/ssl/README.md for SSL certificate configuration.
- SSLEngine on
- SSLProtocol all -SSLv2
- SSLCipherSuite HIGH:MEDIUM
- SSLCertificateFile "${SITES}/example.ministruts.com/etc/httpd/ssl/example.ministruts.com.crt"
- SSLCertificateKeyFile "${SITES}/example.ministruts.com/etc/httpd/ssl/example.ministruts.com.key"
-
-
diff --git a/etc/httpd/apache22-php-module.conf b/etc/httpd/apache22-php-module.conf
deleted file mode 100644
index edb39fdb..00000000
--- a/etc/httpd/apache22-php-module.conf
+++ /dev/null
@@ -1,97 +0,0 @@
-#
-# Example configuration for a MiniStruts project served by Apache 2.2 with PHP as a server module (including SSL).
-#
-
-
- ServerName example.ministruts.com
- ServerAlias local.example.ministruts.com
- ServerAdmin default
-
- UseCanonicalName Off
-
- DocumentRoot "${SITES}/example.ministruts.com/web"
- CustomLog "${SITES}/example.ministruts.com/etc/log/httpd-access.log" combined
- ErrorLog "${SITES}/example.ministruts.com/etc/log/httpd-error.log"
- SetEnv APP_BASE_URI "/"
-
- DirectoryIndex index.php index.html
- Options FollowSymLinks
- AddDefaultCharset UTF-8
-
-
- AllowOverride None
- Order deny,allow
- Deny from all
-
-
- # (1) public access, .htaccess disabled or...
- Order allow,deny
- Allow from all
-
- # (2) ...restricted access, .htaccess enabled
- Order deny,allow
- Deny from all
- Allow from 127.0.0.1
- AllowOverride All
-
-
- RewriteEngine On
- RewriteRule ^/(css|img|js)(/|$)(.*) - [L]
- RewriteCond %{LA-U:REQUEST_FILENAME} !-d
- RewriteCond %{LA-U:REQUEST_FILENAME} !-f
- RewriteRule ^ /index.php [NS,L]
- #RewriteLog "${SITES}/example.ministruts.com/etc/log/mod-rewrite.log"
- #RewriteLogLevel 9
-
-
-
-
-
- ServerName example.ministruts.com
- ServerAlias local.example.ministruts.com
- ServerAdmin default
-
- UseCanonicalName Off
-
- DocumentRoot "${SITES}/example.ministruts.com/web"
- CustomLog "${SITES}/example.ministruts.com/etc/log/httpd-access.log" combined
- ErrorLog "${SITES}/example.ministruts.com/etc/log/httpd-error.log"
- SetEnv APP_BASE_URI "/"
-
- DirectoryIndex index.php index.html
- Options FollowSymLinks
- AddDefaultCharset UTF-8
-
-
- AllowOverride None
- Order deny,allow
- Deny from all
-
-
- # (1) public access, .htaccess disabled or...
- Order allow,deny
- Allow from all
-
- # (2) ...restricted access, .htaccess enabled
- Order deny,allow
- Deny from all
- Allow from 127.0.0.1
- AllowOverride All
-
-
- RewriteEngine On
- RewriteRule ^/(css|img|js)(/|$)(.*) - [L]
- RewriteCond %{LA-U:REQUEST_FILENAME} !-d
- RewriteCond %{LA-U:REQUEST_FILENAME} !-f
- RewriteRule ^ /index.php [NS,L]
- #RewriteLog "${SITES}/example.ministruts.com/etc/log/mod-rewrite.log"
- #RewriteLogLevel 9
-
- # See etc/httpd/ssl/README.md for SSL certificate configuration.
- SSLEngine on
- SSLProtocol all -SSLv2
- SSLCipherSuite HIGH:MEDIUM
- SSLCertificateFile "${SITES}/example.ministruts.com/etc/httpd/ssl/example.ministruts.com.crt"
- SSLCertificateKeyFile "${SITES}/example.ministruts.com/etc/httpd/ssl/example.ministruts.com.key"
-
-
diff --git a/etc/httpd/apache24-php-fcgi.conf b/etc/httpd/apache24-php-fcgi.conf
index 7f2115f5..3fba9344 100644
--- a/etc/httpd/apache24-php-fcgi.conf
+++ b/etc/httpd/apache24-php-fcgi.conf
@@ -1,121 +1,141 @@
#
-# Example configuration for a MiniStruts project served by Apache 2.4 with PHP as FastCGI process (including SSL).
+# VirtualHost configuration for Apache 2.4 with mod_fcgi, without SSL.
#
-
-
- ServerName example.ministruts.com
- ServerAlias local.example.ministruts.com
- ServerAdmin default
-
- UseCanonicalName Off
-
- DocumentRoot "${SITES}/example.ministruts.com/web"
- CustomLog "${SITES}/example.ministruts.com/etc/log/httpd-access.log" combined
- ErrorLog "${SITES}/example.ministruts.com/etc/log/httpd-error.log"
- SetEnv APP_BASE_URI "/"
-
- DirectoryIndex index.php index.html
- Options FollowSymLinks
- AddDefaultCharset UTF-8
-
-
- AllowOverride None
- Require all denied
-
-
- # (1) public access, .htaccess disabled or...
- Require all granted
-
- # (2) ...restricted access, .htaccess enabled
- Require local
- AllowOverride All
-
-
- RewriteEngine On
- RewriteRule ^/(css|img|js)(/|$)(.*) - [L]
- RewriteCond %{LA-U:REQUEST_FILENAME} !-d
- RewriteCond %{LA-U:REQUEST_FILENAME} !-f
- RewriteRule ^ /index.php [NS,L]
- #LogLevel warn rewrite:trace6
-
- # FcgidMaxRequestsPerProcess must be <= PHP_FCGI_MAX_REQUESTS in the FcgidWrapper script
- FcgidMaxRequestsPerProcess 2000
-
- # FcgidMaxRequestLen (default: 131072) must be >= post_max_size in php.ini (default: 8388608 = 8MB)
- FcgidMaxRequestLen 10000000
-
-
- Options +ExecCGI
- SetHandler fcgid-script
- FcgidWrapper "${SITES}/example.ministruts.com/etc/httpd/cgi/php-wrapper" .php
-
-
- # If the following line is enabled the FcgidWrapper script must be executable. Script and containing directory must
- # be owned by the specified user and group. On errors check settings and the logfile as shown by `suexec -V`.
- #SuexecUserGroup {username} {groupname}
-
-
+
+
+ ServerName example.ministruts.com
+ ServerAlias local.example.ministruts.com
+ ServerAdmin default
+
+ UseCanonicalName Off
+
+ DocumentRoot "${SITES}/example.ministruts.com/web"
+ CustomLog "${SITES}/example.ministruts.com/etc/httpd/log/access.log" combined
+ ErrorLog "${SITES}/example.ministruts.com/etc/httpd/log/error.log"
+ SetEnv APP_BASE_URI "/"
+
+ DirectoryIndex index.php index.html
+ Options FollowSymLinks
+ AddDefaultCharset UTF-8
+
+
+ AllowOverride None
+ Require all denied
+
+
+ # public access, .htaccess disabled or...
+ Require all granted
+
+ # ...restricted access, .htaccess enabled
+ Require local
+ AllowOverride All
+
+
+ IncludeOptional "${SITES}/example.ministruts.com/etc/httpd/include-custom.conf"
+
+ RewriteEngine On
+ RewriteRule ^/(css|img|js)(/|$)(.*) - [L]
+ RewriteCond %{LA-U:REQUEST_FILENAME} !-d
+ RewriteCond %{LA-U:REQUEST_FILENAME} !-f
+ RewriteRule ^ /index.php [NS,L]
+ #LogLevel warn rewrite:trace6
+
+ # FcgidMaxRequestsPerProcess must be <= PHP_FCGI_MAX_REQUESTS in the FcgidWrapper script
+ FcgidMaxRequestsPerProcess 2000
+
+ # FcgidMaxRequestLen (default: 131072) must be >= post_max_size in php.ini (default: 8388608 = 8MB)
+ FcgidMaxRequestLen 10000000
+
+
+ Options +ExecCGI
+ SetHandler fcgid-script
+ FcgidWrapper "${SITES}/example.ministruts.com/etc/httpd/cgi/php-wrapper" .php
+
+
+ # If the following line is enabled the FcgidWrapper script must be executable. Script and containing directory must
+ # be owned by the specified user and group. On errors check settings and the logfile as shown by `suexec -V`.
+ #SuexecUserGroup {username} {groupname}
+
+
+
+#
+# VirtualHost configuration for Apache 2.4 with mod_fcgi, with SSL.
+#
-
- ServerName example.ministruts.com
- ServerAlias local.example.ministruts.com
- ServerAdmin default
-
- UseCanonicalName Off
-
- DocumentRoot "${SITES}/example.ministruts.com/web"
- CustomLog "${SITES}/example.ministruts.com/etc/log/httpd-access.log" combined
- ErrorLog "${SITES}/example.ministruts.com/etc/log/httpd-error.log"
- SetEnv APP_BASE_URI "/"
-
- DirectoryIndex index.php index.html
- Options FollowSymLinks
- AddDefaultCharset UTF-8
-
-
- AllowOverride None
- Require all denied
-
-
- # (1) public access, .htaccess disabled or...
- Require all granted
-
- # (2) ...restricted access, .htaccess enabled
- Require local
- AllowOverride All
-
-
- RewriteEngine On
- RewriteRule ^/(css|img|js)(/|$)(.*) - [L]
- RewriteCond %{LA-U:REQUEST_FILENAME} !-d
- RewriteCond %{LA-U:REQUEST_FILENAME} !-f
- RewriteRule ^ /index.php [NS,L]
- #LogLevel warn rewrite:trace6
-
- # FcgidMaxRequestsPerProcess must be <= PHP_FCGI_MAX_REQUESTS in the FcgidWrapper script
- FcgidMaxRequestsPerProcess 2000
-
- # FcgidMaxRequestLen (default: 131072) must be >= post_max_size in php.ini (default: 8388608 = 8MB)
- FcgidMaxRequestLen 10000000
-
-
- Options +ExecCGI
- SetHandler fcgid-script
- FcgidWrapper "${SITES}/example.ministruts.com/etc/httpd/cgi/php-wrapper" .php
-
-
- # If the following line is enabled the FcgidWrapper script must be executable. Script and containing directory must
- # be owned by the specified user and group. On errors check settings and the logfile as shown by `suexec -V`.
- #SuexecUserGroup {username} {groupname}
-
-
- # See etc/httpd/ssl/README.md for SSL certificate configuration.
- SSLEngine on
- SSLProtocol all -SSLv2
- SSLCipherSuite HIGH:MEDIUM
- SSLCertificateFile "${SITES}/example.ministruts.com/etc/httpd/ssl/example.ministruts.com.crt"
- SSLCertificateKeyFile "${SITES}/example.ministruts.com/etc/httpd/ssl/example.ministruts.com.key"
-
+
+ ServerName example.ministruts.com
+ ServerAlias local.example.ministruts.com
+ ServerAdmin default
+
+ RewriteEngine On
+ RewriteCond %{HTTPS} off
+ RewriteRule ^/(.*)$ https://%{HTTP_HOST}/$1 [R=302,L]
+
+
+
+
+ ServerName example.ministruts.com
+ ServerAlias local.example.ministruts.com
+ ServerAdmin default
+
+ UseCanonicalName Off
+
+ DocumentRoot "${SITES}/example.ministruts.com/web"
+ CustomLog "${SITES}/example.ministruts.com/etc/httpd/log/access.log" combined
+ ErrorLog "${SITES}/example.ministruts.com/etc/httpd/log/error.log"
+ SetEnv APP_BASE_URI "/"
+
+ DirectoryIndex index.php index.html
+ Options FollowSymLinks
+ AddDefaultCharset UTF-8
+
+
+ AllowOverride None
+ Require all denied
+
+
+ # public access, .htaccess disabled or...
+ Require all granted
+
+ # ...restricted access, .htaccess enabled
+ Require local
+ AllowOverride All
+
+
+ IncludeOptional "${SITES}/example.ministruts.com/etc/httpd/include-custom.conf"
+
+ RewriteEngine On
+ RewriteRule ^/(css|img|js)(/|$)(.*) - [L]
+ RewriteCond %{LA-U:REQUEST_FILENAME} !-d
+ RewriteCond %{LA-U:REQUEST_FILENAME} !-f
+ RewriteRule ^ /index.php [NS,L]
+ #LogLevel warn rewrite:trace6
+
+ # FcgidMaxRequestsPerProcess must be <= PHP_FCGI_MAX_REQUESTS in the FcgidWrapper script
+ FcgidMaxRequestsPerProcess 2000
+
+ # FcgidMaxRequestLen (default: 131072) must be >= post_max_size in php.ini (default: 8388608 = 8MB)
+ FcgidMaxRequestLen 10000000
+
+
+ Options +ExecCGI
+ SetHandler fcgid-script
+ FcgidWrapper "${SITES}/example.ministruts.com/etc/httpd/cgi/php-wrapper" .php
+
+
+ # If the following line is enabled the FcgidWrapper script must be executable. Script and containing directory must
+ # be owned by the specified user and group. On errors check settings and the logfile as shown by `suexec -V`.
+ #SuexecUserGroup {username} {groupname}
+
+
+ # See etc/httpd/ssl/README.md for certificate configuration.
+ SSLEngine on
+ SSLProtocol TLSv1.2 TLSv1.3
+ SSLCipherSuite HIGH:!aNULL:!MD5:!3DES
+ SSLHonorCipherOrder on
+ SSLCertificateFile "${SITES}/example.ministruts.com/etc/httpd/ssl/certificate.pem"
+ SSLCertificateKeyFile "${SITES}/example.ministruts.com/etc/httpd/ssl/private-key.pem"
+
diff --git a/etc/httpd/apache24-php-module.conf b/etc/httpd/apache24-php-module.conf
index 429028f3..0131db8d 100644
--- a/etc/httpd/apache24-php-module.conf
+++ b/etc/httpd/apache24-php-module.conf
@@ -1,87 +1,108 @@
#
-# Example configuration for a MiniStruts project served by Apache 2.4 with PHP as a server module (including SSL).
+# VirtualHost configuration for Apache 2.4 with mod_php, without SSL.
#
-
-
- ServerName example.ministruts.com
- ServerAlias local.example.ministruts.com
- ServerAdmin default
-
- UseCanonicalName Off
-
- DocumentRoot "${SITES}/example.ministruts.com/web"
- CustomLog "${SITES}/example.ministruts.com/etc/log/httpd-access.log" combined
- ErrorLog "${SITES}/example.ministruts.com/etc/log/httpd-error.log"
- SetEnv APP_BASE_URI "/"
-
- DirectoryIndex index.php index.html
- Options FollowSymLinks
- AddDefaultCharset UTF-8
-
-
- AllowOverride None
- Require all denied
-
-
- # (1) public access, .htaccess disabled or...
- Require all granted
-
- # (2) ...restricted access, .htaccess enabled
- Require local
- AllowOverride All
-
-
- RewriteEngine On
- RewriteRule ^/(css|img|js)(/|$)(.*) - [L]
- RewriteCond %{LA-U:REQUEST_FILENAME} !-d
- RewriteCond %{LA-U:REQUEST_FILENAME} !-f
- RewriteRule ^ /index.php [NS,L]
- #LogLevel warn rewrite:trace6
-
+
+
+ ServerName example.ministruts.com
+ ServerAlias local.example.ministruts.com
+ ServerAdmin default
+
+ UseCanonicalName Off
+
+ DocumentRoot "${SITES}/example.ministruts.com/web"
+ CustomLog "${SITES}/example.ministruts.com/etc/httpd/log/access.log" combined
+ ErrorLog "${SITES}/example.ministruts.com/etc/httpd/log/error.log"
+ SetEnv APP_BASE_URI "/"
+
+ DirectoryIndex index.php index.html
+ Options FollowSymLinks
+ AddDefaultCharset UTF-8
+
+
+ AllowOverride None
+ Require all denied
+
+
+ # public access, .htaccess disabled or...
+ Require all granted
+
+ # ...restricted access, .htaccess enabled
+ Require local
+ AllowOverride All
+
+
+ IncludeOptional "${SITES}/example.ministruts.com/etc/httpd/include-custom.conf"
+
+ RewriteEngine On
+ RewriteRule ^/(css|img|js)(/|$)(.*) - [L]
+ RewriteCond %{LA-U:REQUEST_FILENAME} !-d
+ RewriteCond %{LA-U:REQUEST_FILENAME} !-f
+ RewriteRule ^ /index.php [NS,L]
+ #LogLevel warn rewrite:trace6
+
+
+#
+# VirtualHost configuration for Apache 2.4 with mod_php, with SSL.
+#
-
- ServerName example.ministruts.com
- ServerAlias local.example.ministruts.com
- ServerAdmin default
-
- UseCanonicalName Off
-
- DocumentRoot "${SITES}/example.ministruts.com/web"
- CustomLog "${SITES}/example.ministruts.com/etc/log/httpd-access.log" combined
- ErrorLog "${SITES}/example.ministruts.com/etc/log/httpd-error.log"
- SetEnv APP_BASE_URI "/"
-
- DirectoryIndex index.php index.html
- Options FollowSymLinks
- AddDefaultCharset UTF-8
-
-
- AllowOverride None
- Require all denied
-
-
- # (1) public access, .htaccess disabled or...
- Require all granted
-
- # (2) ...restricted access, .htaccess enabled
- Require local
- AllowOverride All
-
-
- RewriteEngine On
- RewriteRule ^/(css|img|js)(/|$)(.*) - [L]
- RewriteCond %{LA-U:REQUEST_FILENAME} !-d
- RewriteCond %{LA-U:REQUEST_FILENAME} !-f
- RewriteRule ^ /index.php [NS,L]
- #LogLevel warn rewrite:trace6
-
- # See etc/httpd/ssl/README.md for SSL certificate configuration.
- SSLEngine on
- SSLProtocol all -SSLv2
- SSLCipherSuite HIGH:MEDIUM
- SSLCertificateFile "${SITES}/example.ministruts.com/etc/httpd/ssl/example.ministruts.com.crt"
- SSLCertificateKeyFile "${SITES}/example.ministruts.com/etc/httpd/ssl/example.ministruts.com.key"
-
+
+ ServerName example.ministruts.com
+ ServerAlias local.example.ministruts.com
+ ServerAdmin default
+
+ RewriteEngine On
+ RewriteCond %{HTTPS} off
+ RewriteRule ^/(.*)$ https://%{HTTP_HOST}/$1 [R=302,L]
+
+
+
+
+ ServerName example.ministruts.com
+ ServerAlias local.example.ministruts.com
+ ServerAdmin default
+
+ UseCanonicalName Off
+
+ DocumentRoot "${SITES}/example.ministruts.com/web"
+ CustomLog "${SITES}/example.ministruts.com/etc/httpd/log/access.log" combined
+ ErrorLog "${SITES}/example.ministruts.com/etc/httpd/log/error.log"
+ SetEnv APP_BASE_URI "/"
+
+ DirectoryIndex index.php index.html
+ Options FollowSymLinks
+ AddDefaultCharset UTF-8
+
+
+ AllowOverride None
+ Require all denied
+
+
+ # public access, .htaccess disabled or...
+ Require all granted
+
+ # ...restricted access, .htaccess enabled
+ Require local
+ AllowOverride All
+
+
+ IncludeOptional "${SITES}/example.ministruts.com/etc/httpd/include-custom.conf"
+
+ RewriteEngine On
+ RewriteRule ^/(css|img|js)(/|$)(.*) - [L]
+ RewriteCond %{LA-U:REQUEST_FILENAME} !-d
+ RewriteCond %{LA-U:REQUEST_FILENAME} !-f
+ RewriteRule ^ /index.php [NS,L]
+ #LogLevel warn rewrite:trace6
+
+ # See etc/httpd/ssl/README.md for certificate configuration.
+ SSLEngine on
+ SSLProtocol TLSv1.2 TLSv1.3
+ SSLCipherSuite HIGH:!aNULL:!MD5:!3DES
+ SSLHonorCipherOrder on
+ SSLCertificateFile "${SITES}/example.ministruts.com/etc/httpd/ssl/certificate.pem"
+ SSLCertificateKeyFile "${SITES}/example.ministruts.com/etc/httpd/ssl/private-key.pem"
+
+
diff --git a/etc/httpd/log/.gitkeep b/etc/httpd/log/.gitkeep
new file mode 100644
index 00000000..e69de29b
diff --git a/etc/httpd/ssl/README.md b/etc/httpd/ssl/README.md
index 06bc87c0..156b4831 100644
--- a/etc/httpd/ssl/README.md
+++ b/etc/httpd/ssl/README.md
@@ -1,2 +1,4 @@
-The example web server configuration uses SSL certificates which must be located in "etc/httpd/ssl". You may copy/symlink
-your own certificates there, or you may use the provided self-signed certificates.
+If SSL is enabled the used certificates must be located in this directory. You may
+copy/symlink your own certificates here, or use the provided self-signed certificates.
+The configuration expects the files to be named `certificate.pem` and `private-key.pem`.
+
diff --git a/etc/httpd/ssl/example.ministruts.com.crt b/etc/httpd/ssl/certificate.pem
similarity index 100%
rename from etc/httpd/ssl/example.ministruts.com.crt
rename to etc/httpd/ssl/certificate.pem
diff --git a/etc/httpd/ssl/example.ministruts.com.key b/etc/httpd/ssl/private-key.pem
similarity index 100%
rename from etc/httpd/ssl/example.ministruts.com.key
rename to etc/httpd/ssl/private-key.pem