<VirtualHost *:443>
  # Uncomment this line and set it up with your actual webmaster email
  # or with your real email.
  #ServerAdmin webmaster@my-domain.com

  # Your actual domain name, on witch this virtual host is available.
  ServerName SITE_HOSTNAME

  # You may want your site to be available on other domain names, this is
  # what alias are for.
  # You can use the * wildcard caracter to match multiple sub-domains.
  #ServerAlias www2.my-domain.com www.my-other-domain.com *.yet-another-domain.com

  # The error log and access log. This can be used by awstats
  # Note : since we keed theses logs in /var/log/apache2, they are
  # automaticaly rotated by logrotate :D.
  ErrorLog /var/log/apache2/SITE_HOSTNAME-error.log
  LogLevel warn
  CustomLog /var/log/apache2/SITE_HOSTNAME-access.log combined


  <IfModule mod_ssl.c>
    #
    # SSL magic
    #

    # We enable the SSL engine. Without this line, we use HTTP, not HTTPS.
    SSLEngine On

    # We allow only "high" and "medium" security key lengths.
    SSLCipherSuite HIGH:MEDIUM

    # We allow SSLv3 and TLSv1 only, we reject the old SSLv2.
    SSLProtocol all -SSLv2

    # Server public certificate file:
    SSLCertificateFile /etc/apache2/ssl/https_cert.cert

    # Server private key file:
    SSLCertificateKeyFile /etc/apache2/ssl/https_key.pem
  </IfModule>


  # Theses lines only apply of the rewrite module is enabled.
  # This is a security enhancement recommanded by the nessus tool.
  <IfModule mod_rewrite.c>
    RewriteEngine on
    RewriteCond %{REQUEST_METHOD} ^(TRACE|TRACK)
    RewriteRule .* - [F]
  </IfModule>

  <IfModule mod_rewrite.c>
    <IfModule mod_proxy.c>
      # Do not ever never comment this line !
      # This line prevent your web server to be used
      # as a proxy server by lurkers and other lamers.
      ProxyRequests   Off

      # This little option pass the hostname to the proxyfied server.
      # This allow you to setup virtual hosts on the proxyfied server.
      # Yay ! This can be a life saver, so trust me, you want this option On.
      ProxyPreserveHost On

      # Here is the magic that proxyfy the LAN server. 
      # The first line is .... i don't remember what...
      # but trust me, it is usefull ;p.
      # The second line is a rewrite rule that do the proxy
      # magic. I was used to use a ProxyPass rule to do this work, but it
      # turned out that sometimes ProxyPass give you a 503 error when under
      # heavy load. The RewriteRule does not have this flow.
      ProxyPassReverse  /  SITE_BEHIND
      RewriteRule     ^/(.*) SITE_BEHIND$1  [P,L]

      # WARNING : the two alernatives below can be avoided easyly by setting
      # up a virtual host on the proxyfied server. This is the path you should
      # follow. The solutions below are very ugly hacks.

      # This first solution is for site that can work from the root of the URL
      # but keep giving URI that is the one from the proxyfied server.
      # It redirect every request to the root of the virtual host.
      # This way the user always see the site being at the root of the server.
      #
      # To use this, comment all ProxyPass and RewriteRule lines of this file,
      # and uncomment the following 3 lines.
      #ProxyPassReverse    /  SITE_BEHIND
      #RewriteRule         ^SITE_BEHIND_URI/(.*) /$1 [R,L]
      #RewriteRule         ^/(.*) SITE_BEHIND$1  [P,L]


      # This second solution is for sites that can not work from the root of the URL
      # and keep giving URI that is the one from the proxyfied server.
      # It redirect every request to the same URI as the one of the virtual host.
      # This way the user always see the site as it would be if he was accessing it
      # directly without proxyfying.
      #
      # To use this, comment all ProxyPass and RewriteRule lines of this file,
      # and uncomment the following 3 lines.
      #ProxyPassReverse  /   SITE_BEHIND
      #RewriteRule       ^SITE_BEHIND_URI(.*) SITE_BEHIND$1  [P,L]
      #RewriteRule       ^/(.*) SITE_BEHIND_URI/$1 [R,L]

    </IfModule>
  </IfModule>

  # This Location directives allow users to access to the proxyfied contents.
  # Do not remove this if you want your site to work :).
  <Location />
    Order deny,allow
    Allow from all
  </Location>

</VirtualHost>


<VirtualHost *:80>
  # Your actual domain name, on witch this virtual host is available.
  # This line is the same as in the HTTPS virtual host.
  ServerName SITE_HOSTNAME

  # You may want your site to be available on other domain names, this is
  # what alias are for.
  # You can use the * wildcard caracter to match multiple sub-domains.
  # This line is the same as in the HTTPS virtual host.
  #ServerAlias www2.my-domain.com www.my-other-domain.com *.yet-another-domain.com


  # Theses lines only apply of the rewrite module is enabled.
  # This is a security enhancement recommanded by the nessus tool.
  <IfModule mod_rewrite.c>
    RewriteEngine on
    RewriteCond %{REQUEST_METHOD} ^{TRACE|TRACK}
    RewriteRule .* - [F]
  </IfModule>

  # Redirect every body to the HTTPS site.
  # This make sure that all users use secure version of the site.
  # Note the "permanent" : It is good for search engine optimization :D.
  Redirect permanent / https://SITE_HOSTNAME/

</VirtualHost>