symfony2 的 HTTPS 配置

symfony2 的 HTTPS 配置

我已按照本教程在 ubuntu 服务器上设置 https:

https://www.digitalocean.com/community/tutorials/how-to-create-a-ssl-certificate-on-apache-for-ubuntu-14-04

我最终将该配置与当前常用的非 https symfony2 配置合并:

<IfModule mod_ssl.c>
    <VirtualHost *:443>
        ServerName mysite.com
        ServerAlias www.mysite.com
        DocumentRoot /srv/www/mysite.com/symfony/web/
        ErrorLog /srv/www/mysite.com/logs/error.log
        CustomLog /srv/www/mysite.com/logs/access.log combined

        SSLEngine on
        SSLCertificateFile /etc/apache2/ssl/apache.crt
        SSLCertificateKeyFile /etc/apache2/ssl/apache.key

        <FilesMatch "\.(cgi|shtml|phtml|php)$">
                        SSLOptions +StdEnvVars
        </FilesMatch>

        <Directory /usr/lib/cgi-bin>
                        SSLOptions +StdEnvVars
        </Directory>

        <Directory /srv/www/mysite.com/symfony/web>
                Options Indexes FollowSymLinks
                AllowOverride all
                Order allow,deny
                Allow from all
                Require all granted
        </Directory>

        BrowserMatch "MSIE [2-6]" \
                        nokeepalive ssl-unclean-shutdown \
                        downgrade-1.0 force-response-1.0
        BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown
    </VirtualHost>
</IfModule>

尽管我不太确定:

        <FilesMatch "\.(cgi|shtml|phtml|php)$">
                        SSLOptions +StdEnvVars
        </FilesMatch>

        <Directory /usr/lib/cgi-bin>
                        SSLOptions +StdEnvVars
        </Directory>

        BrowserMatch "MSIE [2-6]" \
                        nokeepalive ssl-unclean-shutdown \
                        downgrade-1.0 force-response-1.0
        BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown

是需要的(或者甚至是他们真正在做的事情)。

另外,有两个<Directory>部分是不是一个糟糕的主意,还是这很正常?(我没有使用 cgi-bin,所以我猜无论如何我都可以删除该<Directory>部分)。

谢谢!

相关内容