SSLCertificateFile /etc/ssl/certs/www.openstreetmap.org.pem
SSLCertificateKeyFile /etc/ssl/private/www.openstreetmap.org.key
+ # Get the real remote IP for requests via a trusted proxy
+ RemoteIPHeader CF-Connecting-IP
+<% @cloudflare.sort.each do |address| -%>
+ RemoteIPTrustedProxy <%= address %>
+<% end -%>
+
#
# Turn on various features
#
#
# Configure timeouts
#
- RequestReadTimeout handshake=20-40,MinRate=500 header=20-40,MinRate=500 body=20,MinRate=500
+ RequestReadTimeout handshake=20-40,MinRate=500 header=20-40,MinRate=500 body=20-120,MinRate=500
+ LogLevel reqtimeout:info
#
# Add the unique ID to the request headers
FileETag Size
ExpiresDefault "access plus 1 year"
- Header set Cache-Control "immutable, max-age=31536000"
+ Header set Cache-Control "immutable, max-age=31536000" "expr=%{REQUEST_STATUS} == 200"
</Location>
#