Use common-debian-service-https-redirect * security-tracker.debian.org ServerAdmin team@security.debian.org ServerName security-tracker.debian.org Use common-debian-service-ssl security-tracker.debian.org Use common-ssl-HSTS Use http-pkp-security-tracker.debian.org UserDir disabled CacheEnable disk / CacheMinExpire 600 # Keep serving stale entities for up to 10 seconds while # they're being refreshed CacheLock on CacheLockPath /var/lock/apache2/mod_cache CacheLockMaxAge 10 LogLevel warn ErrorLog /var/log/apache2/security-tracker.debian.org-error.log CustomLog /var/log/apache2/security-tracker.debian.org-access.log privacyssl ServerSignature On RewriteEngine on RewriteRule ^/tracker(?:/|$) - [L] # The next rule matches favicon.ico, robots.txt etc. RewriteRule ^/[^./]+[.][a-z]{3}$ - [L] RewriteRule ^/((?:TEMP|CVE)[^/]+)$ /tracker/$1 [R] RewriteRule ^/((?:old|un)?stable|testing)$ /tracker/status/release/$1 [R] RewriteRule ^/((?:old)?stable-backports)$ /tracker/status/release/$1 [R] RewriteRule ^/([a-z0-9.+-]+)$ /tracker/$1 [R] RewriteRule ^/+$ /tracker/ [R] DocumentRoot /srv/security-tracker.debian.org/htdocs/security-tracker AllowOverride none Options +Indexes Require all granted Require all denied # can't handle this CPU wise # # SetOutputFilter DEFLATE # ProxyRequests off ProxyPass /tracker http://localhost:25648/tracker retry=1 ProxyPassReverse /tracker http://localhost:25648/tracker ExpiresActive On ExpiresDefault "access plus 1 hour" # vim: set filetype=apache: