httpd-vhosts.example.conf

################################################################################
# Setup
#
# 1. Append (& uncomment) the following line to /usr/local/etc/httpd/httpd.conf
# Include /Users/David/Sites/localhost/httpd-vhosts.conf
#
# 2. Change the line with "user = _www" and "group = _www" with your username
# and "staff" in the file /usr/local/etc/php/7.x/php-fpm.d/www.conf
#
# 3. Run: sudo brew services restart httpd && brew services restart php70
#
# 4. Place websites in ~/Sites/; Folder names can resolve to *.test domain names
#    ie. ~/Sites/wordpress/ => http://wordpress.test/
#

################################################################################
# Server configuration
#
Listen 80
Listen 443

LoadModule proxy_module         lib/httpd/modules/mod_proxy.so
LoadModule proxy_fcgi_module    lib/httpd/modules/mod_proxy_fcgi.so
LoadModule rewrite_module       lib/httpd/modules/mod_rewrite.so
LoadModule vhost_alias_module   lib/httpd/modules/mod_vhost_alias.so

################################################################################
# Set up permissions for VirtualHosts
#
DirectoryIndex index.php index.html index.htm

<Directory "/Users/David/Sites">
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Require all granted
</Directory>

################################################################################
# PHP
#
# This is to forward all PHP to php-fpm. Here works for all sites, can also be
# moved inside indivual <VirtualHost> definitions to limit scope.
<FilesMatch \.php$>
  SetHandler proxy:fcgi://localhost:9000
</FilesMatch>
#
# This was used for Apache 2.2, but doesn't work with VirtualDocumentRoot
# ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/Users/David/Sites/$1
#

################################################################################
# HTTP
#
<VirtualHost _default_:80>
  # Apache will form URLs using the hostname supplied by the client
  ServerName computer.local
  DocumentRoot /Users/David/Sites
</VirtualHost>

################################################################################
# HTTPS
#
LoadModule ssl_module "lib/httpd/modules/mod_ssl.so"
LoadModule socache_shmcb_module "lib/httpd/modules/mod_socache_shmcb.so"

## OpenSSL commands to generate certificates
# openssl req -x509 -nodes -days 1826 -newkey rsa:2048 -keyout server.key -out server.crt
# openssl dhparam -out dhparam.pem 2048

<IfModule mod_ssl.c>
  # SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
  # SSLCipherSuite HIGH:MEDIUM:!SHA1:!MD5:!RC4:!3DES
  SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH
  SSLCompression off
  SSLHonorCipherOrder On
  SSLOpenSSLConfCmd DHParameters "/Users/David/Sites/localhost/ssl/dhparam.pem"
  SSLPassPhraseDialog builtin
  SSLProtocol All -SSLv2 -SSLv3
  SSLProxyCipherSuite HIGH:MEDIUM:!SHA1:!MD5:!RC4:!3DES
  SSLProxyProtocol all -SSLv2 -SSLv3
  SSLSessionCache "shmcb:/usr/local/var/run/httpd/ssl_scache(512000)"
  SSLSessionCacheTimeout 300
  SSLSessionTickets Off
  SSLStaplingCache "shmcb:logs/stapling-cache(150000)"
  SSLUseStapling on

  <VirtualHost _default_:443>
    # Apache will form URLs using the hostname supplied by the client
    # UseCanonicalName Off

    ServerName computer.local
    DocumentRoot /Users/David/Sites

    SSLEngine on

    SSLCertificateFile "/Users/David/Sites/localhost/ssl/computer.local.pem"
    SSLCertificateKeyFile "/Users/David/Sites/localhost/ssl/computer.local-key.pem"
    SSLCertificateChainFile "/Users/David/Library/Application Support/mkcert/rootCA.pem"

    <FilesMatch "\.(cgi|shtml|phtml|php)$">
      SSLOptions +StdEnvVars
    </FilesMatch>
    <Directory "/usr/local/var/www/cgi-bin">
      SSLOptions +StdEnvVars
    </Directory>

    BrowserMatch "MSIE [2-5]" nokeepalive ssl-unclean-shutdown downgrade-1.0 force-response-1.0
  </VirtualHost>

  ErrorLog /var/log/apache2/ssl_engine.log
</IfModule>

################################################################################
# PhpMyAdmin
#
Alias /phpmyadmin /usr/local/share/phpmyadmin
<Directory /usr/local/share/phpmyadmin/>
  Options Indexes FollowSymLinks MultiViews
  AllowOverride All
  <IfModule mod_authz_core.c>
    Require all granted
  </IfModule>
  <IfModule !mod_authz_core.c>
    Order allow,deny
    Allow from all
  </IfModule>
</Directory>

################################################################################
# Automatic *.test Virtual Hosts
#
# A directory at /Users/David/Sites/webroot can be accessed at http://webroot.test
# In Drupal, uncomment the line with: RewriteBase /
#

# This log format will display the per-virtual-host as the first field followed by a typical log line
LogFormat "%V %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combinedmassvhost

<VirtualHost *:80>
  ServerName test
  ServerAlias *.test
  # UseCanonicalName Off

  VirtualDocumentRoot /Users/David/Sites/%-2+

  CustomLog "/Users/David/Sites/localhost/logs/test_access_log" combinedmassvhost
  ErrorLog "/Users/David/Sites/localhost/logs/test_error_log"
</VirtualHost>

LogFormat "%V %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combinedmassvhost_ssl

# More specific domains up top and wildcards down below!
<VirtualHost *:443>
  ServerName test
  ServerAlias *.test
  # UseCanonicalName Off

  VirtualDocumentRoot "/Users/David/Sites/%-2+"

  # Please generate specific certificates for each hostname with mkcert, since you cannot use wildcard *.test
  SSLEngine on
  SSLCertificateFile "/Users/David/Sites/localhost/ssl/computer.local.pem"
  SSLCertificateKeyFile "/Users/David/Sites/localhost/ssl/computer.local-key.pem"

  CustomLog "/Users/David/Sites/localhost/logs/test_ssl_access_log" combinedmassvhost_ssl
  ErrorLog "/Users/David/Sites/localhost/logs/test_ssl_error_log"
</VirtualHost>