ServerName vpn.lambicall.com DocumentRoot /var/www/html/openvpn/web/public # Redirect all HTTP to HTTPS RewriteEngine On RewriteCond %{HTTPS} off RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L] ServerName vpn.lambicall.com DocumentRoot /var/www/html/openvpn/web/public SSLEngine on SSLCertificateFile /etc/ssl/certs/vpn.lambicall.com.crt SSLCertificateKeyFile /etc/ssl/private/vpn.lambicall.com.key SSLCertificateChainFile /etc/ssl/certs/vpn.lambicall.com.chain.crt AllowOverride All Require all granted Options Indexes FollowSymLinks # Laravel rewrite rules RewriteEngine On RewriteCond %{REQUEST_FILENAME} !-d RewriteCond %{REQUEST_FILENAME} !-f RewriteRule ^ index.php [L] # PHP-FPM configuration for PHP 8.3 SetHandler "proxy:unix:/var/run/php/php8.3-fpm.sock|fcgi://localhost" # Security Headers Header always set X-Frame-Options "SAMEORIGIN" Header always set X-Content-Type-Options "nosniff" Header always set X-XSS-Protection "1; mode=block" Header always set Referrer-Policy "strict-origin-when-cross-origin" Header always set Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://cdn.tailwindcss.com; style-src 'self' 'unsafe-inline';" # Logs ErrorLog ${APACHE_LOG_DIR}/vpn.lambicall.com-error.log CustomLog ${APACHE_LOG_DIR}/vpn.lambicall.com-access.log combined # Compression AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/json # Cache static assets Header set Cache-Control "max-age=604800, public"