Q&A

댓글 18

  • 라둥이
    2020.09.04 03:52 #1450185
    아파치 재시작은 하셨나요
    추천 0
  • 코학
    2020.09.04 04:14 #1450189
    추천 0
  • 코학
    2020.09.04 04:14 #1450193
    했는데도 적용이 안되네요 ㅠ
    추천 0
  • 기진곰
    2020.09.04 05:04 #1450203

    설치화면에서 자동 감지하는 것은 정확하지 않을 수도 있습니다.

    일단 설치한 후에 짧은주소로 접속이 되는지 확인하고 (예: 도메인/board/글번호)

    된다면 관리자 화면에서 해당기능 켜시면 됩니다.

    추천 0
  • 코학
    2020.09.04 14:42 #1450491
    아쉽게도 안되네요 ㅠ
    활성화가 안된것 같습니다
    추천 0
  • 코학
    2020.09.04 21:37 #1450601
    혹시 관리자 화면에서 어떻게 키나요?
    추천 0
  • chowolms
    2020.09.04 05:10 #1450211
    버추얼호스트 설정 내용좀 알려주시면 됩니다.
    추천 0
  • 코학
    2020.09.04 14:30 #1450487
    [도메인 주소만 다르긴 한데 이거랑 같습니다]
    <VirtualHost *:80>
    ServerName examplesite.com
    ServerAlias www.examplesite.com

    <IfModule mod_rewrite.c>
    RewriteEngine on

    RewriteRule ^ - [E=protossl]
    RewriteCond %{HTTPS} on
    RewriteRule ^ - [E=protossl:s]

    RewriteCond %{HTTPS} !=on
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    </IfModule>

    </VirtualHost>

    # Specify the SSL cache directory. If possible, use shmcb, otherwise use the provided path.
    SSLStaplingCache shmcb:/var/run/ocsp(128000)

    <VirtualHost *:443>
    ServerName examplesite.com
    ServerAlias www.examplesite.com

    DocumentRoot /home/myuser1/www

    <Directory /home/myuser1/www>
    Options FollowSymLinks MultiViews
    AllowOverride All
    require all granted

    # upload_max_filesize and post_max_size must have the same value.
    php_value upload_max_filesize 10M
    php_value post_max_size 10M

    # Enhance session security.
    php_value session.cookie_httponly 1
    php_value session.use_strict_mode 1

    # php_value memory_limit 128M
    # php_value max_execution_time 30
    # php_value max_input_time 60
    </Directory>

    AssignUserID myuser1 myuser1

    ErrorLog ${APACHE_LOG_DIR}/examplesite.com-error.log
    CustomLog ${APACHE_LOG_DIR}/examplesite.com-access.log combined

    Header always set Strict-Transport-Security "max-age=31536000"

    SSLEngine on

    SSLProtocol all -SSLv2 -SSLv3

    SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA

    SSLHonorCipherOrder on
    SSLCertificateFile "/etc/letsencrypt/live/examplesite.com/cert.pem"
    SSLCertificateKeyFile "/etc/letsencrypt/live/examplesite.com/privkey.pem"
    SSLCertificateChainFile "/etc/letsencrypt/live/examplesite.com/chain.pem"

    # Turn on OCSP stapling
    SSLUseStapling on
    SSLStaplingResponderTimeout 5
    SSLStaplingReturnResponderErrors off

    </VirtualHost>
    추천 0
  • 코학
    2020.09.04 14:44 #1450501
    참고한 사이트는
    https://blog.lael.be/post/7264
    입니다
    추천 0
  • chowolms
    2020.09.04 23:33 #1450620
    Https 로 접속했을때도 저리 뜨나요?

    Http 에도 아래 소스 넣어주세요

    <Directory /home/myuser1/www>
    Options FollowSymLinks
    AllowOverride All
    require all granted

    # upload_max_filesize and post_max_size must have the same value.
    php_value upload_max_filesize 10M
    php_value post_max_size 10M

    # Enhance session security.
    php_value session.cookie_httponly 1
    php_value session.use_strict_mode 1

    # php_value memory_limit 128M
    # php_value max_execution_time 30
    # php_value max_input_time 60
    </Directory>
    추천 0
  • 코학
    2020.09.05 01:47 #1450642
    엌 이렇게 하니 되네요 정말 감사합니다.
    추천 0
  • ihatecflax
    2020.09.04 05:49 #1450215
    sudo a2enmod rewrite하신건가요?
    추천 0
  • 코학
    2020.09.04 07:09 #1450336
    추천 0
  • ihatecflax
    2020.09.04 07:21 #1450350
    재작성 모듈을 사용하려는 사이트의 virtual hosts 설정을 확인해보시겠어요?
    추천 0
  • 코학
    2020.09.04 14:29 #1450481
    [도메인 주소만 다르긴 한데 이거랑 같습니다]
    <VirtualHost *:80>
    ServerName examplesite.com
    ServerAlias www.examplesite.com

    <IfModule mod_rewrite.c>
    RewriteEngine on

    RewriteRule ^ - [E=protossl]
    RewriteCond %{HTTPS} on
    RewriteRule ^ - [E=protossl:s]

    RewriteCond %{HTTPS} !=on
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    </IfModule>

    </VirtualHost>

    # Specify the SSL cache directory. If possible, use shmcb, otherwise use the provided path.
    SSLStaplingCache shmcb:/var/run/ocsp(128000)

    <VirtualHost *:443>
    ServerName examplesite.com
    ServerAlias www.examplesite.com

    DocumentRoot /home/myuser1/www

    <Directory /home/myuser1/www>
    Options FollowSymLinks MultiViews
    AllowOverride All
    require all granted

    # upload_max_filesize and post_max_size must have the same value.
    php_value upload_max_filesize 10M
    php_value post_max_size 10M

    # Enhance session security.
    php_value session.cookie_httponly 1
    php_value session.use_strict_mode 1

    # php_value memory_limit 128M
    # php_value max_execution_time 30
    # php_value max_input_time 60
    </Directory>

    AssignUserID myuser1 myuser1

    ErrorLog ${APACHE_LOG_DIR}/examplesite.com-error.log
    CustomLog ${APACHE_LOG_DIR}/examplesite.com-access.log combined

    Header always set Strict-Transport-Security "max-age=31536000"

    SSLEngine on

    SSLProtocol all -SSLv2 -SSLv3

    SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA

    SSLHonorCipherOrder on
    SSLCertificateFile "/etc/letsencrypt/live/examplesite.com/cert.pem"
    SSLCertificateKeyFile "/etc/letsencrypt/live/examplesite.com/privkey.pem"
    SSLCertificateChainFile "/etc/letsencrypt/live/examplesite.com/chain.pem"

    # Turn on OCSP stapling
    SSLUseStapling on
    SSLStaplingResponderTimeout 5
    SSLStaplingReturnResponderErrors off

    </VirtualHost>
    추천 0
  • 코학
    2020.09.04 14:42 #1450495
    참고한 사이트는
    https://blog.lael.be/post/7264
    입니다
    추천 0
  • ihatecflax
    2020.09.04 14:59 #1450520
    apache에서 nginx로 모두 이사시켜서 정확한 정보는 아닐 수 있지만 443에서
    <IfModule mod_rewrite.c>
    RewriteEngine on
    </IfModule>
    이 코드를 넣어보시겠어요? hsts에 https리다이렉트로 보면 443인데 443에 이 구문이 있어야하지 않을까요?
    추천 0
  • ihatecflax
    2020.09.04 14:59 #1450524
    <VirtualHost *:80>
    ServerName examplesite.com
    ServerAlias www.examplesite.com

    <IfModule mod_rewrite.c>
    RewriteEngine on

    RewriteRule ^ - [E=protossl]
    RewriteCond %{HTTPS} on
    RewriteRule ^ - [E=protossl:s]

    RewriteCond %{HTTPS} !=on
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

    </IfModule>

    </VirtualHost>

    # Specify the SSL cache directory. If possible, use shmcb, otherwise use the provided path.
    SSLStaplingCache shmcb:/var/run/ocsp(128000)

    <VirtualHost *:443>
    ServerName examplesite.com
    ServerAlias www.examplesite.com

    DocumentRoot /home/myuser1/www

    <IfModule mod_rewrite.c>
    RewriteEngine on
    </IfModule>

    <Directory /home/myuser1/www>
    Options FollowSymLinks MultiViews
    AllowOverride All
    require all granted

    # upload_max_filesize and post_max_size must have the same value.
    php_value upload_max_filesize 10M
    php_value post_max_size 10M

    # Enhance session security.
    php_value session.cookie_httponly 1
    php_value session.use_strict_mode 1

    # php_value memory_limit 128M
    # php_value max_execution_time 30
    # php_value max_input_time 60
    </Directory>

    AssignUserID myuser1 myuser1

    ErrorLog ${APACHE_LOG_DIR}/examplesite.com-error.log
    CustomLog ${APACHE_LOG_DIR}/examplesite.com-access.log combined

    Header always set Strict-Transport-Security "max-age=31536000"

    SSLEngine on

    SSLProtocol all -SSLv2 -SSLv3

    SSLCipherSuite ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA

    SSLHonorCipherOrder on
    SSLCertificateFile "/etc/letsencrypt/live/examplesite.com/cert.pem"
    SSLCertificateKeyFile "/etc/letsencrypt/live/examplesite.com/privkey.pem"
    SSLCertificateChainFile "/etc/letsencrypt/live/examplesite.com/chain.pem"

    # Turn on OCSP stapling
    SSLUseStapling on
    SSLStaplingResponderTimeout 5
    SSLStaplingReturnResponderErrors off

    </VirtualHost>
    추천 0
1 / 873 2 3 4 5