ServerName corder.tech ServerAlias www.corder.tech Redirect permanent / https://corder.tech/ RewriteEngine on RewriteCond %{SERVER_NAME} =www.corder.tech [OR] RewriteCond %{SERVER_NAME} =corder.tech RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] ServerName corder.tech ServerAlias www.corder.tech Header always set Strict-Transport-Security "max-age=31536000; includeSubdomains; preload" Header set Content-Security-Policy "default-src 'self'" Header set X-Frame-Options "SAMEORIGIN" Header set X-XSS-Protection "1; mode=block" Header set X-Content-Type-Options "nosniff" Header set Referrer-Policy "no-referrer" DocumentRoot /var/www/html SSLEngine on WSGIDaemonProcess corder.tech/mocha processes=2 threads=15 display-name=%{GROUP} python-home=/usr/local/www/mocha-server:/usr/local/www/mocha-server/venv/lib/python3.5/site-packages WSGIProcessGroup corder.tech/mocha WSGIScriptAlias /mocha /usr/local/www/mocha-server/mocha_server.py Require all granted Include /etc/letsencrypt/options-ssl-apache.conf SSLCertificateFile /etc/letsencrypt/live/corder.tech/fullchain.pem SSLCertificateKeyFile /etc/letsencrypt/live/corder.tech/privkey.pem