I have installed and configure 2 different instances of Mautic on Apache server on an Amazon Linux AMI and they are on folders as below
- Both abc.com and xyz.com are hosted elsewhere so the DNS is configured to use the Elastic IP of the EC2 instance.
- Server locations are: /var/www/vhosts/abc and /var/www/vhosts/xyz.
- Virtual hosts are configured on /etc/httpd/conf/httpd.conf (I’ll provide the settings below).
- Both instances ran perfectly on http so I moved on to installing certificates based on the instructions given in AWS and here.
- It was a little painful process but I somehow managed to get the certificates created for both in /etc/letsencrypt/live/.
- After that I configured the http.conf file to add the virtual hosts for the port 443 and tried to access the sites
- Things started to behave erratically. One site would work fine and the other wouldn’t. After a while the one worked well stopped working and the other started to work OK.
- I also noticed that when I try the AWS Pubic IP, it’s now pointing to one of those sites (it shouldn’t).
I’m now trying to remove everything and redo it. My guess is that I ran certbot once before configuring the vhosts so it has installed a certificate on the web root (/var/www/html). Could someone kindly explain the steps I need to follow to get this right? Please also explain if I need to move the vhosts folder to /var/www/html as it seems to be the web root folder, not /var/www. Here are my virtual hosts settings:
<VirtualHost *:80> DocumentRoot "/var/www/vhosts/xyz" ServerName "newsletter.xyz.com" ServerAlias "newsletter.xyz.com" <Directory /> Options FollowSymLinks AllowOverride All </Directory> <Directory /var/www/vhosts/xyz> Options FollowSymLinks MultiViews AllowOverride All Order allow,deny Allow from All </Directory>
Options FollowSymLinks MultiViews
Allow from All
# Certificates SSLEngine on SSLCertificateFile /etc/letsencrypt/live/newsletter.xyz.com/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/newsletter.xyz.com/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/newsletter.xyz.com/chain.pem SSLProtocol All -SSLv2 -SSLv3 SSLHonorCipherOrder on SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS"
# Certificates SSLEngine on SSLCertificateFile /etc/letsencrypt/live/newsletter.abc.com/cert.pem SSLCertificateKeyFile /etc/letsencrypt/live/newsletter.abc.com/privkey.pem SSLCertificateChainFile /etc/letsencrypt/live/newsletter.abc.com/chain.pem SSLProtocol All -SSLv2 -SSLv3 SSLHonorCipherOrder on SSLCipherSuite "EECDH+ECDSA+AESGCM EECDH+aRSA+AESGCM EECDH+ECDSA+SHA384 EECDH+ECDSA+SHA256 EECDH+aRSA+SHA384 EECDH+aRSA+SHA256 EECDH+aRSA+RC4 EECDH EDH+aRSA !RC4 !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS"