SSL test on Qualys SSL Labs Rating A Configuration

Minimal Debian * Jessie and Apache V 2.4.10

Fix DNS CAA No to Yes by add CAA record on DNS Server

Clouddns: Add CAA Record, select the Provider (If available : Comodo, Digicert, etc), if manual insert field Answer with 0 (Number 0 -255), Tag with issue and Value with (if Comodo SSL),, (If Lets Encrypt SLL) then Save All Changes, wait 1 hour to complete.  Then check CAA status at

Incorrect SNI alerts

Insert below within section VirtualHost conf then #service apache2 restart

nano /etc/apache2/sites-available/default-ssl.conf

Insert at the bottom before closed tag of the VirtualHost “</VirtualHost>”


Enable Apache OCSPStapling

Specify cached response location (outside <VirtualHost>, before <VirtualHost _default_:443>

SSLStaplingCache shmcb:${APACHE_RUN_DIR}/ssl_stapling(32768)

The placed must before the following text:

## SSL Virtual Host Context
<VirtualHost _default_:443>

**** Optional Activate HTTP/2 protocol on default-ssl.conf

Insert Protocols h2 h2c http/1.1 after <VirtualHost _default_:443> on /etc/apache2/sites-available/default-ssl.conf

Below the configuration on /etc/apache2/sites-enable/default-ssl.conf

** activate Header first in with command #a2enmod headers

SSLEngine on


# This TLSv1.2 only
SSLProtocol TLSv1.2
# To use TLSv1.2 and TLSv1.3 uncomment line below and comment one above. Please read note above.
#SSLProtocol +TLSv1.2 +TLSv1.3

#enable of OCSP stapling, only in httpd 2.3.3 and later
SSLUseStapling on
SSLStaplingResponderTimeout 5
SSLStaplingReturnResponderErrors off

#if you want to add DHE (Diffie-Hellman key exchange), HTTPD 2.4.8 later, run openssl dhparam -out /etc/ssl/certs/dhparam.pem 4096 uncomment below
#SSLOpenSSLConfCmd Curves secp384r1
#SSLOpenSSLConfCmd DHParameters "/etc/ssl/certs/dhparam.pem"

SSLCertificateFile /etc/apache2/ssl/
SSLCertificateKeyFile /etc/apache2/ssl/
SSLCertificateChainFile /etc/apache2/ssl/

#Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains" activate first in with command #a2enmod headers
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains; preload"

Enable and load mod_rewrite Apache2 on Debian 8

#a2enmod rewrite

Enable Headers

#a2enmod headers

Enable SSL

#a2enmod ssl

** Optional to Activate HTTP/2 module 

#a2enmod http2

Apply SSL Module to Site

#a2ensite default-ssl

To activate the new configuration, you need to run:

#service apache2 reload

Other SSL / TLS Settings on /etc/apache2/mods-enabled/ssl.conf

#Turn of SSL Compression & Ensure Ciphers are used in order

SSLCompression off
SSLHonorCipherOrder on

Enable SSL log by add script below the ErrorLog ${APACHE_LOG_DIR}/error.log CustomLog 

ErrorLog ${APACHE_LOG_DIR}/ssl_engine.log
LogLevel debug

Sometimes error occurred, example log below

[Mon Nov 25 09:54:07.361518 2019] [ssl:error] [pid 5035] (70007)The timeout specified has expired: [client] AH01985: error reading response from OCSP server


SSLStaplingResponderTimeout 3

When Sectigo’s OCSP Responder servers did not respond fast enough, the OSCP requests failed and the errors noted on this thread were logged to the Apache error log. Disable OCSP Stapling:

SSLUseStapling off

Or, instead of disabling OCSP Stapling, we could increase the default timeout value (11 seconds appeared to be suitable for yesterday’s issue):

SSLStaplingResponderTimeout 11

Upgrade Debian 7 Wheezy to Debian 8 Jessie

Backup the configuration and data first

Check current release

#sudo cat /etc/*release
PRETTY_NAME="Debian GNU/Linux 7 (wheezy)"
NAME="Debian GNU/Linux"
VERSION="7 (wheezy)"

Configuration files in the /etc directory

#tar -pczf etc.tar.gz --absolute-names /etc

Backup of the /var/www website directory.

#tar -pczf www.tar.gz --absolute-names /var/www

Backup of the /home directories.

#tar -pczf home.tar.gz --absolute-names /home

For ISPConfig 3 users: Backup of your email server files.

#tar -pczf vmail.tar.gz --absolute-names /var/vmail

Backup MySQL databases

#mysqldump --defaults-file=/etc/mysql/debian.cnf -cCeQ --hex-blob --quote-names --routines --events --triggers --all-databases -r all_databases.sql

Then move the tar.gz and .sql files for safe storage on a backup drive.

Check the apt sources.list file

Before upgrade to Jessie, all available Wheezy must updates first. On some systems the package source is defined as “stable” in the sources.list file instead of “wheezy” or “jessie”. To avoid an accidental early upgrade to Jessie, please check the sources.list now and ensure that it contains “wheezy” and not “stable” as source:

#nano /etc/apt/sources.list

deb wheezy main contrib non-free
deb-src wheezy main contrib non-free
deb wheezy-updates main contrib non-free
deb wheezy/updates main contrib non-free
#apt-get update -y && apt-get upgrade -y && apt-get dist-upgrade -y

Update the sources.list for Jessie

Edit the /etc/apt/sources.list file again:

#nano /etc/apt/sources.list

and replace its content with the following lines:

deb jessie main contrib non-free
deb-src jessie main contrib non-free

deb jessie-updates main contrib non-free
deb-src jessie-updates main contrib non-free

deb jessie/updates main contrib non-free
deb-src jessie/updates main contrib non-free
apt-get update -y && apt-get upgrade -y && apt-get dist-upgrade -y

To check which Debian version is currently installed on the system, take a look at the file /etc/os-release.

#cat /etc/os-release
#lsb_release -a

Extract all the tar.gz files to the folder (/var/www/html, /etc/)

#tar -xvf www.tar.gz

Move all folder and files

#mv /sourcefolder/{,.[^.]}* /destinationfolder/

Install php7 on Debian 8

Install php7 on Debian 8

sudo apt-get install software-properties-common
sudo add-apt-repository ppa:ondrej/php
sudo apt-get update
sudo apt-get upgrade
sudo apt-get install -y php7.3

Check php version

php -v

Installing PHP 7.3 Extensions

sudo apt install php7.3-cli php7.3-fpm php7.3-json php7.3-pdo php7.3-mysql php7.3-zip php7.3-gd  php7.3-mbstring php7.3-curl php7.3-xml php7.3-bcmath php7.3-json

To install Apache Module for PHP, run:

sudo apt install libapache2-mod-php7.3

Install AWStats Web analytics on Apache2 Debian 8

AWStats is an open source Web analytics reporting tool that generates advanced web, streaming, ftp or mail server statistics, graphically. This log analyzer works as a CGI or from command line and shows you all possible information your log contains, in few graphical web pages. It uses a partial information file to be able to process large log files, often and quickly.

Update and upgrade Debian

#apt-get update && apt-get upgrade -y

Install awstats

#apt-get install awstats

enable the CGI module in Apache

#a2enmod cgi

Incase want to Disable CGI

#a2dismod cgi

Restart Apache to reflect the changes.

#/etc/init.d/apache2 restart

Configure AWStats

Create a configuration file by duplicating AWStats default conf. For example file for “” or ignore use default awstats.conf

#cd /etc/awstats
#cp /etc/awstats/awstats.conf /etc/awstats/vpshelpdesk.conf

Next, edit configuration file “vpshelpdesk.conf” or “awstats.conf”

#vim awstats.conf
# Examples for Apache combined logs (following two examples are equivalent):
# LogFormat = 1
# LogFormat = "%host %other %logname %time1 %methodurl %code %bytesd %refererquot %uaquot"
# Example for IIS:
# LogFormat = 2

# Change to Apache log file, by default it's /var/log/apache2/access.log

# Change to the website domain name
HostAliases=" localhost"

# When this parameter is set to 1, AWStats adds a button on report page to allow to "update" statistics from a web browser

#Default DNSLookup=2, disable DNS Lookup to save memory, set to DNSLookup=0

Build the AWStats statistics from current apache2 logs

#/usr/lib/cgi-bin/ -config=awstats.conf -update

or if use default awstats.conf

#/usr/lib/cgi-bin/ -config=awstats.conf -update

If it is successful no errors, some output will shown:

Create/Update database for config "/etc/awstats/awstats.conf" by AWStats version 7.2 (build 1.992)
From data in log file "/var/log/apache2/access.log"...
Phase 1 : First bypass old records, searching new record...
Searching new records from beginning of log file...
Phase 2 : Now process new records (Flush history on disk after 20000 hosts)...
Jumped lines in file: 0
Parsed lines in file: 4473
Found 0 dropped records,
Found 0 comments,
Found 0 blank records,
Found 0 corrupted records,
Found 0 old records,
Found 173 new qualified records.

Configure Apache to work with AWStats

Copy code into apache config file, recommend put at the bottom

# Directives to add to your Apache conf file to allow use of AWStats as a CGI.
# Note that path "/usr/local/awstats/" must reflect your AWStats Installation path.
Alias /awstatsclasses "/usr/share/awstats/lib/"
Alias /awstats-icon "/usr/share/awstats/icon/"
Alias /awstatscss "/usr/share/doc/awstats/examples/css"
#ScriptAlias /awstats/ /usr/lib/cgi-bin/
# for Security, comment code above, add code below and change folder name 
ScriptAlias /vps/ /usr/lib/cgi-bin/
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch

Restart Apache to reflect the changes.

#/etc/init.d/apache2 restart
#service apache2 restart

The AWStats  can access via browser at http://domain/vps/

Setup Cron Job to update every night at midnight  (

#vim /etc/crontab

Put code below at bottom

0 0 * * * root /usr/lib/cgi-bin/ -config=awstats.conf -update

Error and Solutions once update AWStats via web browser

Error: Couldn’t open server log file “/var/log/apache2/access.log” : Permission denied

Give apache2 (www-data) permission on apache2 log file

#chown -R www-data:www-data /var/log/apache2/
#service apache2 restart

Warning: Error while storing hashfile: can’t create /var/lib/awstats/dnscachelastupdate.hash: Permission denied at (eval 5) line 1.

Warning: Failed to open for writing last update DNS Cache file “/var/lib/awstats/dnscachelastupdate.txt”: Permission denied

Give apache2 (www-data) permission on /var/lib/awstats/

#chown -R www-data:www-data /var/lib/awstats

Reset AWStats statistics to zero

Go to defaultr DirData /var/lib/awstats, delete all files awstatsMMYYYY.txt

#cd /var/lib/awstats
#rm -f awstats**

Go to default Apache2 access.log DirData, delete all files access.log.**

#cd /var/log/apache2/
#rm -f access.**
#touch access.log
#chown -R www-data:www-data /var/log/apache2/

Then Build the AWStats statistics again from apache2 logs

#/usr/lib/cgi-bin/ -config=awstats.conf -update
/var/log/apache2# /usr/lib/cgi-bin/ -config=awstats.conf -update
Create/Update database for config "/etc/awstats/awstats.conf" by AWStats version 7.2 (build 1.992)
From data in log file "/var/log/apache2/access.log"...
Phase 1 : First bypass old records, searching new record...
Direct access to last remembered record is out of file.
So searching it from beginning of log file...
Jumped lines in file: 0
Parsed lines in file: 0
 Found 0 dropped records,
 Found 0 comments,
 Found 0 blank records,
 Found 0 corrupted records,
 Found 0 old records,
 Found 0 new qualified records.

Install Nginx, MySQL, PHP LEMP Stack on Debian 8

Update, upgrade Debian and install Nginx

#sudo apt-get update && sudo apt-get dist-upgrade
#sudo apt-get install nginx

Configure UFW firewall to allow Nginx services

#sudo apt-get install ufw
#sudo ufw enable
#sudo ufw allow 'Nginx HTTP'
#sudo ufw allow ssh
#sudo ufw status

You should see allowed services (Nginx, SSH, etc) in the displayed output:

Status: active
To Action From
-- ------ ----
OpenSSH ALLOW Anywhere
Nginx HTTP ALLOW Anywhere
OpenSSH (v6) ALLOW Anywhere (v6)
Nginx HTTP (v6) ALLOW Anywhere (v6)

Test the Nginx web server on browser http://server_domain_or_IP

Install MySQL , Follow the instructions, choose Y

#sudo apt-get install mysql-server
#sudo mysql_secure_installation

Install PHP for Processing

Since Nginx does not contain native PHP processing like some other web servers, we will need to install fpm, which stands for “fastCGI process manager”. We will tell Nginx to pass PHP requests to this software for processing.  Open /etc/apt/sources.list in your text editor:

#sudo vim/etc/apt/sources.list

Append the contrib and non-free repositories at /etc/apt/sources.list

deb jessie main contrib non-free
deb jessie/updates main contrib non-free
deb jessie-updates main contrib non-free
#sudo apt-get update
#sudo apt-get install php5-fpm php5-mysql

** Choose additional PHP Extension to install as follows

#apt-get -y install php5-mysqlnd php5-curl php5-gd php5-intl php-pear php5-imagick php5-imap php5-mcrypt php5-memcache php5-intl php5-pspell php5-recode php5-snmp php5-sqlite php5-tidy php5-xmlrpc php5-xsl

Secure PHP components

#sudo vim /etc/php5/fpm/php.ini

Uncomment cgi.fix_pathinfo and change conditions to “0”


Restart our PHP processor by typing:

#sudo systemctl restart php5-fpm
#/etc/init.d/php5-fpm restart

Configure Nginx to Use the PHP Processor

Open the default Nginx server block configuration file by typing:

#sudo vim /etc/nginx/sites-available/default

Currently, with the comments removed, the Nginx default server block file looks like this:

server {
    listen 80 default_server;
    listen [::]:80 default_server;

    root /var/www/html;
    index index.html index.htm index.nginx-debian.html;

    server_name _;

    location / {
        try_files $uri $uri/ =404;

We need to make some changes to this file for our site.

  • First, we need to add index.php as the first value of our index directive so that files named index.php are served, if available, when a directory is requested.
  • We can modify the server_name directive to point to our server’s domain name or public IP address.
  • For the actual PHP processing, we just need to uncomment a segment of the file that handles PHP requests. This will be the location ~\.php$ location block, the included fastcgi-php.confsnippet, and the socket associated with php-fpm.
  • We will also uncomment the location block dealing with .htaccess files. Nginx doesn’t process these files. If any of these files happen to find their way into the document root, they should not be served to visitors.
server {
    listen 80 default_server;
    listen [::]:80 default_server;

    root /var/www/html;
    index index.php index.html index.htm index.nginx-debian.html;

    server_name your_server_ip;

    location / {
        try_files $uri $uri/ =404;

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/var/run/php5-fpm.sock;

    location ~ /\.ht {
        deny all;

Test your configuration file for syntax errors by typing:

#sudo nginx -t
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful

If any errors are reported, go back and recheck your file before continuing.

When ready, reload Nginx to make the necessary changes:

#sudo systemctl reload nginx

Create a PHP File phpinfo() to Test Configuration

#vim /var/www/html/info.php

Open at browser http://server_domain_or_IP/info.php

Install WordPress on Apache Server

Install WordPress on Apache Server

Download the wordpress files on /var/www/html or /var/www/ folder depend on the Operating System (Deb 8, Deb 7)

#cd /var/www/
#wget --no-check-certificate

We have to install unzip to unpack our wordpress files
Unzip the wordpress files in the /var/www/ directory:

#apt-get install install unzip

Move all extracted folder files to /var/www/

#cd /var/www/wordpress/
#mv * /var/www/
#rm -rf /var/www/wordpress/

We will need to create an /upload directory on /var/www/wp-content/ folder so we can make contents and upload files into it.

#mkdir -p /var/www/wp-content/uploads

Set the user, group ownership and permissions for the directory:

#chown -R www-data:www-data /var/www/
#chmod -R 755 /var/www/

Create database with mySQL
Log into mysql server as root.

[root@vpshelpdesk]#mysql -u root -p
Create a mySQL database from console by type this
mysql>CREATE DATABASE dbuser;
mysql>CREATE USER 'user'@'localhost' IDENTIFIED BY 'password';
mysql>GRANT ALL PRIVILEGES ON dbuser.* TO 'user'@'localhost' WITH GRANT OPTION;
mysql>CREATE USER 'user'@'%' IDENTIFIED BY 'password';
mysql>SHOW GRANTS FOR 'user'@'localhost';
Displaying list of users, use the SELECT USER statement

Installing WordPress via web browser http://ipaddress and follow the instruction


Google webmaster sitemap xml namespace error

Google webmaster sitemap xml namespace error

Change the opening <urlset> tag to look like the following

<urlset xmlns="" xmlns:xsi="" xsi:schemaLocation="" xmlns:image="">

Force non www and https and vice-versa with .htaccess

Force non www and https and vice-versa with .htaccess

Redirect web from www to non-www and from HTTP to HTTPS with .htaccess.
redirect to

Insert following code at the top of .htaccess

# pass the default character set
AddDefaultCharset utf-8

Options All -Indexes
Options +FollowSymlinks
RewriteEngine On
#RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://%1%{REQUEST_URI} [L,NE,R=301]

If the default URL to be

# pass the default character set
AddDefaultCharset utf-8

Options All -Indexes
Options +FollowSymlinks
RewriteEngine On
#RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]
RewriteRule ^ https://www.%1%{REQUEST_URI} [L,NE,R=301]

How it works

RewriteEngine On

The first line enables the Apache runtime rewriting engine, required to perform the redirect. You may have already enabled it in a previous config in the same file. If that’s the case, you can skip that line.

RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\. [NC]

These two lines are are the redirect conditions, they are used to determine if the request should be redirected. Because the conditions are joined with an [OR], if any of those two conditions returns true, Apache will execute the rewrite rule (the redirect).

The first condition determines if the request is using a non-HTTPS URL. The second condition determines if the request is using the www URL. Notice that I used www\. and not www., because the pattern is a regular expression and the . dot has a special meaning here, hence it must be escaped.

RewriteCond %{HTTP_HOST} ^(?:www\.)?(.+)$ [NC]

The forth line is a convenient line I used to avoid referending the hostname directly in the URL. It matches the HOST of the incoming request, and decomposes it into www part (if any), and rest of the hostname. We’ll reference it later with %1 in the RewriteRule.

If you know the host name in advance, you may improve the rule by inlining the URL and skipping this condition (see later).

RewriteRule ^ https://www.%1%{REQUEST_URI} [L,NE,R=301]

The RewriteRule is the heart of the redirect. With this line we tell Apache to redirect any request to a new URL, composed by:

%1: the reference to the non-www part of the host
%{REQUEST_URI}: the URI of the request, without the hostname

All these tokens are joined together, and represents the final redirect URI. Finally, we append 3 flags:

NE to not escape special characters
R=301 to use the HTTP 301 redirect status

L to stop processing other rules, and redirect immediately


As I’ve already mentioned, my example uses an extra RewriteCond line to extract the host name, and avoid to inline the hostname in the rule. If you feel this is a performance penalty for you, you can inline the host directly in the rule:

RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} ^www\. [NC]
RewriteRule ^{REQUEST_URI} [L,NE,R=301]

Origin article from

Admin Prestashop cannot login after migration

Unable login to Admin Prestashop after migration to another server

Try to resolve with following step by step but no success (

  • Clear your browser cache and your cookies
  • Try using Firefox instead of Chrome (which seems have some unexpected problems)
  • Check PS_SHOP_DOMAIN and PS_SHOP_DOMAIN_SSL in ps_configuration table
  • Manually clear smarty cache : remove all files from tools/smarty/compile and tools/smarty/cache
  • Disable the IP check in classes/Cookie.php (this can causes many issues with dynamics IP) : in isLoggedBack(), remove or comment the fourth condition :
AND (!isset($this->_content['remote_addr']) OR $this->_content['remote_addr'] == ip2long(Tools::getRemoteAddr()) OR !Configuration::get('PS_COOKIE_CHECKIP'))
  • Make the expire time shorter for cookies (IE can have issues with longest time cookies) : in classes/Cookie.php constructor,
set : $this->_expire = isset($expire) ? (int)($expire) : (time() + 3600);
instead of $this->_expire = isset($expire) ? (int)($expire) : (time() + 1728000);

Another Solutions

Find last error log

#tail -f /var/log/apache2/error.log
[Tue Dec 26 06:46:40.753880 2017] [:error] [pid 3816] [client] PHP Fatal error: Call to undefined function mcrypt_encrypt() in /var/www/html/classes/Rijndael.php on line 50

Install php_mcrypt

On Windows

#;extension=php_mcrypt.dll to extension=php_mcrypt.dll
then restart your apache server

On Redhat

##yum install php55-mcrypt

//if php5.5

##yum install php-mcrypt

//if less than 5.4

##service httpd restart

//if apache 2.4

##/etc/init.d/httpd restart

//if apache 2.2 or less

On Ubuntu

##apt-get install php5-mcrypt
##service apache2 restart

Install SSL Certificate Apache Debian 7

Apache Server, Apache2 mod_rewrite module and OpenSSL has been installed by default on Debian 7

Check OpenSSL  version

#openssl version

OpenSSL 1.0.1t  3 May 2016

Create SSL directory

#mkdir -p /etc/apache2/ssl
#cd /etc/apache2/ssl

Generate a pair of private key and public Certificate Signing Request (CSR)

#openssl req -nodes -newkey rsa:2048 -keyout myserver.key -out myserver.csr

*** change myserver with domain name (

This creates a two files, myserver.key and myserver.csr. Enter details into your CSR, let the challenge password empty

Generating a 2048 bit RSA private key
writing new private key to ''
You are about to be asked to enter information that will be incorporated
into your certificate request.
What you are about to enter is what is called a Distinguished Name or a DN.
There are quite a few fields but you can leave some blank
For some fields there will be a default value,
If you enter '.', the field will be left blank.
Country Name (2 letter code) [AU]:AU
State or Province Name (full name) [Some-State]:New South Wales
Locality Name (eg, city) []:Sydney
Organization Name (eg, company) [Internet Widgits Pty Ltd]:Example Pty Ltd
Organizational Unit Name (eg, section) []:Web SSL Security
Common Name (e.g. server FQDN or YOUR name) []
Email Address []

Please enter the following 'extra' attributes
to be sent with your certificate request
A challenge password []:
An optional company name []:

#ls -la /etc/apache2/ssl
-rw-r--r-- 1 root root 1123 Nov 18 18:23
-rw-r--r-- 1 root root 1704 Nov 18 18:23

To create CRT and CA Bundle file log in to website where you buy the SSL Cert, vim and paste to their form to generate both CRT and CA Bundle files

Vim, paste to the panel where we buy the SSL Cert to generate CRT file. Follow their step then wait around 5 minutes for activation, with an email from Comodo Security Services  including Cert, CA file on attachment, once received, then download all the Cert, CA filesthen upload to your server at directory /etc/apache2/ssl.

cd /etc/apache2/ssl

Upload all the Cert, CA files to directory /etc/apache2/ssl above

Replace every of “AllowOverride None” with “AllowOverride all”, then insert SSL configuration to default-ssl

#vim /etc/apache2/sites-available/default-ssl
SSLEngine on

#take from

SSLProtocol +TLSv1.2 +TLSv1.1 +TLSv1 -SSLv2 -SSLv3
SSLHonorCipherOrder On


SSLProxyProtocol +TLSv1.2 -SSLv2 -SSLv3

SSLCertificateFile /etc/apache2/ssl/
SSLCertificateKeyFile /etc/apache2/ssl/
SSLCertificateChainFile /etc/apache2/ssl/

Enable SSL Module

Ensure that the Apache SSL module is enabled, and enable default-ssl configuration:
‘default-ssl’ can be replaced by the real site name you set up in /etc/apache2/sites-available/

#cd /etc/apache2/ssl

Enable SSL

#a2enmod ssl

Disable SSL

#a2dismod ssl

Apply SSL Module to Site

#a2ensite default-ssl

Disable SSL Module to Site

#a2dissite default-ssl

To activate the new configuration, you need to run:

#service apache2 reload