Alist 反代

<VirtualHost *:443>
    ServerName my-domain.com
    
    ProxyPass / http://127.0.0.1:5244/ nocanon
    ProxyPassReverse / http://127.0.0.1:5244/ nocanon

    AllowEncodedSlashes NoDecode

    SSLEngine on
    SSLCertificateFile /etc/letsencrypt/live/my-domain.com/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/my-domain.com/privkey.pem

    # 可选:强制使用TLSv1.2或更高版本
    SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
    SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
    SSLHonorCipherOrder on

    # 启用 HTTP Strict Transport Security (HSTS)
    Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
</VirtualHost>

# 重定向 HTTP 到 HTTPS
<VirtualHost *:80>
    ServerName my-domain.com
    Redirect permanent / https://my-domain.com/
</VirtualHost>

Cloudflare站点反代

<VirtualHost *:443>
    ServerName my-domain.com
    
    SSLEngine on
    SSLProxyEngine on
    SSLProxyVerify none
    SSLProxyCheckPeerCN off
    SSLProxyCheckPeerName off
    
    ProxyPass / https://example.com/
    ProxyPassReverse / https://example.com/
    
    # 修改请求头
    RequestHeader set X-Forwarded-Host "example.com"
    RequestHeader set X-Forwarded-Proto "https"
    RequestHeader set Origin "https://example.com"
    RequestHeader set Referer "https://example.com/"

    # 修改响应头
    Header unset X-Frame-Options
    Header always set Access-Control-Allow-Origin "*"
    
    SSLCertificateFile  /etc/letsencrypt/live/my-domain.com/fullchain.pem
    SSLCertificateKeyFile  /etc/letsencrypt/live/my-domain.com/privkey.pem

    # 可选:强制使用TLSv1.2或更高版本
    SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
    SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
    SSLHonorCipherOrder on

    # 启用 HTTP Strict Transport Security (HSTS)
    Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
</VirtualHost>

# 重定向 HTTP 到 HTTPS
<VirtualHost *:80>
    ServerName my-domain.com
    Redirect permanent / https://my-domain.com/
</VirtualHost>

普通的网站

<ifModule mod_ssl.c>
  <VirtualHost *:80>
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
  </VirtualHost>
  <VirtualHost *:443>
    ServerAdmin webmaster@localhost
    DocumentRoot /var/www/game-index
    
    ServerName my-domain.com
    SSLCertificateFile /etc/letsencrypt/live/my-domain.com/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/my-domain.com/privkey.pem
   

    ErrorLog ${APACHE_LOG_DIR}/error.log
    CustomLog ${APACHE_LOG_DIR}/access.log combined
  </VirtualHost>
</IfModule>