# Requires: a2enmod ssl proxy proxy_http proxy_wstunnel headers rewrite ServerName __QORTAL_PRIMARY_DOMAIN__ ServerAlias __QORTAL_SERVER_ALIASES__ Redirect permanent / https://__QORTAL_PRIMARY_DOMAIN__/ ServerName __QORTAL_PRIMARY_DOMAIN__ ServerAlias __QORTAL_SERVER_ALIASES__ SSLEngine on SSLCertificateFile __TLS_CERT_PATH__ SSLCertificateKeyFile __TLS_KEY_PATH__ ProxyPreserveHost On ProxyAddHeaders On RequestHeader set X-Forwarded-Proto "https" LimitRequestBody 524288000 Timeout 3600 ProxyTimeout 3600 # Block write methods on sensitive endpoints. Require all denied # Fully block these endpoints. Require all denied # Optional hard-block for common attack probes. Require all denied # WebSockets -> API upstream. ProxyPass "/websockets/" "ws://__QORTAL_API_UPSTREAM__/websockets/" ProxyPassReverse "/websockets/" "ws://__QORTAL_API_UPSTREAM__/websockets/" ProxyPass "/websockets/crosschain/" "ws://__QORTAL_API_UPSTREAM__/websockets/crosschain/" ProxyPassReverse "/websockets/crosschain/" "ws://__QORTAL_API_UPSTREAM__/websockets/crosschain/" # API and /render -> API upstream. ProxyPassMatch "^/(addresses|admin|arbitrary|assets|blocks|chat|crosschain|groups|lists|names|payments|peers|polls|render|stats|transactions|utils|at|bootstrap|developer)(.*)$" "http://__QORTAL_API_UPSTREAM__/$1$2" # QDN website fallback -> gateway upstream. ProxyPass "/" "http://__QORTAL_GATEWAY_UPSTREAM__/" ProxyPassReverse "/" "http://__QORTAL_GATEWAY_UPSTREAM__/" ErrorLog ${APACHE_LOG_DIR}/qortal-node-error.log CustomLog ${APACHE_LOG_DIR}/qortal-node-access.log combined