sample-vhost

<VirtualHost *:80>
	ServerAdmin [email protected]
	ServerName sample.local

	<IfModule mod_rewrite.c>
		RewriteEngine On
		RewriteCond %{REQUEST_METHOD} ^TRACE
		RewriteRule .* - [F]

		RewriteCond %{HTTPS} !on
		RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
	</IfModule>
</VirtualHost>

<IfModule mod_ssl.c>
	<VirtualHost *:443>
		ServerAdmin webmaster@localhost
		ServerName sample.local:443

		DocumentRoot /var/www-ssl/sample/public

		<Directory /var/www-ssl/sample/public/>
			Options Indexes FollowSymLinks MultiViews
			AllowOverride All
			Require all granted
		</Directory>

		SSLEngine on

		SSLProtocol all -SSLv2 -SSLv3
		SSLHonorCipherOrder On

		SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 E$
		SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown

		SSLCertificateFile	/home/user/.ssh/dev.local.crt
		SSLCertificateKeyFile /home/user/.ssh/dev.local.key

		<FilesMatch "\.(cgi|shtml|phtml|php)$">
				SSLOptions +StdEnvVars
		</FilesMatch>
		<Directory /usr/lib/cgi-bin>
				SSLOptions +StdEnvVars
		</Directory>

		BrowserMatch "MSIE [2-6]" \
				nokeepalive ssl-unclean-shutdown \
				downgrade-1.0 force-response-1.0
		# MSIE 7 and newer should be able to use keepalive
		BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown

		Header add Strict-Transport-Security: "max-age=15768000;includeSubdomains"

		# levels: trace8, ..., trace1, debug, info, notice, warn, error, crit, alert, emerg.
		LogLevel debug ssl:debug

		ErrorLog ${APACHE_LOG_DIR}/sample-ssl-error.log
		CustomLog ${APACHE_LOG_DIR}/sample-ssl-access.log combined

		php_flag display_startup_errors on
		php_flag display_errors    on
		php_flag html_errors on

		php_flag log_errors on
		php_value error_reporting 8191
		php_value error_log /var/log/php/sample-errors.log

	</VirtualHost>
</IfModule>