1
# General config
Timeout 300
KeepAlive On
MaxKeepAliveRequests 350
KeepAliveTimeout 15
# MPM
ThreadsPerChild 1200
MaxConnectionsPerChild 0
# h2
Protocols h2 h2c http/1.1
H2WindowSize 2688000
# SSL/Proxying
Listen 443
# Updated with every deployment, applied using a graceful restart httpd -k restart
DocumentRoot "C:\releases\release-20250403-074927\web\public"
SSLCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS
SSLProxyCipherSuite ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
SSLCompression Off
SSLHonorCipherOrder on
SSLProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLProxyProtocol all -SSLv2 -SSLv3 -TLSv1 -TLSv1.1
SSLPassPhraseDialog builtin
SSLSessionCache "dbm:C:/Apache24/logs/ssl_scache"
SSLSessionCacheTimeout 300
SSLUseStapling On
SSLStaplingCache shmcb:C:/Windows/Temp/OCSPstapling_cache(128000)
<VirtualHost _default_:443>
# Enable proxying over HTTPS
SSLProxyEngine on
SSLProxyVerify none
SSLProxyCheckPeerCN off
SSLProxyCheckPeerName off
SSLProxyCheckPeerExpire off
RewriteEngine on
# Protect against the "HTTP Poxy" attack (CVE-2016-5387)
RequestHeader unset Proxy early
# Switch on reverse proxying for incoming requests that match server IDs
# e.g. POST requests for files to https://www.acme.com/?t=server1
# SERVER1
RewriteCond %{HTTP_HOST} .*acme.com.*
RewriteCond %{QUERY_STRING} .*t=server1.* [NC]
RewriteRule ^(.*)$ https://x.x.x.x$1 [P]
# SERVER2
RewriteCond %{HTTP_HOST} .*acme.com.*
RewriteCond %{QUERY_STRING} .*t=server2.* [NC]
RewriteRule ^(.*)$ https://x.x.x.x$1 [P]
...
</VirtualHost>For immediate assistance, please email our customer support: [email protected]