<VirtualHost *:443> ServerName ai.succhia.cz # Define the load balancer cluster <Proxy "balancer://myclusterhantani"> BalancerMember "http://ai.kowa.localhost:4322" loadfactor=90 BalancerMember "http://ai.bozz.localhost:4321" loadfactor=10 </Proxy> # Set proxy timeout ProxyTimeout 10 # Proxy settings for the root location <Location /> ProxyPass balancer://myclusterhantani/ ProxyPassReverse balancer://myclusterhantani/ </Location> # Conditional SSL configuration <If "-f '/etc/letsencrypt/live/ai.succhia.cz/cert.pem'"> SSLEngine on SSLCertificateFile /etc/letsencrypt/live/ai.succhia.cz/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/ai.succhia.cz/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/ai.succhia.cz/chain.pem </If> # Harden SSL by setting HSTS header Header set Strict-Transport-Security "max-age=31536000" # Optional: Additional SSL security settings SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 SSLCipherSuite HIGH:!aNULL:!MD5 SSLHonorCipherOrder on # Optional: Enable logging ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog ${APACHE_LOG_DIR}/access.log combined </VirtualHost> <VirtualHost *:80> ServerName ai.succhia.cz Include /etc/apache2/my-includes/redirect-to-https.conf </VirtualHost>