# Website domain configuration for GameServers.World storefront ServerName gameservers.world ServerAlias www.gameservers.world # Document root points to the _website directory DocumentRoot /var/www/GSP/_website # Directory configuration Options -Indexes +FollowSymLinks AllowOverride All Require all granted DirectoryIndex index.php index.html # PHP configuration php_value upload_max_filesize 50M php_value post_max_size 50M php_value max_execution_time 180 php_value max_input_time 180 php_value session.name "gameservers_website" # Restrict access to sensitive files and directories Require all denied # Protect sensitive files Require all denied # Error and access logs ErrorLog ${APACHE_LOG_DIR}/gameservers-website-error.log CustomLog ${APACHE_LOG_DIR}/gameservers-website-access.log combined # Security headers Header always set X-Content-Type-Options "nosniff" Header always set X-Frame-Options "SAMEORIGIN" Header always set X-XSS-Protection "1; mode=block" Header always set Referrer-Policy "strict-origin-when-cross-origin" # Compression AddOutputFilterByType DEFLATE text/html text/plain text/xml text/css text/javascript application/javascript application/json # Cache static assets ExpiresActive On ExpiresByType image/jpg "access plus 1 month" ExpiresByType image/jpeg "access plus 1 month" ExpiresByType image/gif "access plus 1 month" ExpiresByType image/png "access plus 1 month" ExpiresByType text/css "access plus 1 week" ExpiresByType application/javascript "access plus 1 week" # SSL/HTTPS configuration (uncomment and configure after obtaining SSL certificate) # # ServerName gameservers.world # ServerAlias www.gameservers.world # # DocumentRoot /var/www/GSP/_website # # SSLEngine on # SSLCertificateFile /etc/ssl/certs/gameservers.world.crt # SSLCertificateKeyFile /etc/ssl/private/gameservers.world.key # SSLCertificateChainFile /etc/ssl/certs/ca-bundle.crt # # # Options -Indexes +FollowSymLinks # AllowOverride All # Require all granted # DirectoryIndex index.php index.html # # # # Require all denied # # # # Require all denied # # # ErrorLog ${APACHE_LOG_DIR}/gameservers-website-ssl-error.log # CustomLog ${APACHE_LOG_DIR}/gameservers-website-ssl-access.log combined # # # Security headers # # Header always set X-Content-Type-Options "nosniff" # Header always set X-Frame-Options "SAMEORIGIN" # Header always set X-XSS-Protection "1; mode=block" # Header always set Referrer-Policy "strict-origin-when-cross-origin" # Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains" # # # Redirect www to non-www (optional, uncomment if desired) # # ServerName www.gameservers.world # Redirect permanent / http://gameservers.world/ #