diff --git a/group_vars/all.yml b/group_vars/all.yml
index c447e51..c2594ec 100644
--- a/group_vars/all.yml
+++ b/group_vars/all.yml
@@ -60,6 +60,7 @@ server_hostname: server.example.com
# Apache configuration behind Nginx reverse proxy.
apache_listen_ip: "127.0.0.1"
apache_listen_port: 82
+apache_listen_port_ssl: 2443
apache_create_vhosts: true
apache_vhosts_filename: "vhosts.conf"
apache_remove_default_vhost: false
@@ -70,6 +71,7 @@ apache_mods_enabled:
- rewrite.load
- ssl.load
- remoteip.load
+ - security.load
apache_mods_disabled:
- php
- php7
diff --git a/roles/ansible-role-apache/templates/90-remoteip.conf.j2 b/roles/ansible-role-apache/templates/90-remoteip.conf.j2
index da328e7..981454d 100644
--- a/roles/ansible-role-apache/templates/90-remoteip.conf.j2
+++ b/roles/ansible-role-apache/templates/90-remoteip.conf.j2
@@ -1,7 +1,11 @@
-LoadModule remoteip_module modules/mod_remoteip.so
+
+ LoadModule remoteip_module modules/mod_remoteip.so
+
-LogFormat "%a %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
+
+ LogFormat "%a %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
-RemoteIPHeader X-Real-IP
-RemoteIPInternalProxy 127.0.0.1
-RemoteIPTrustedProxy 127.0.0.1
+ RemoteIPHeader X-Real-IP
+ RemoteIPInternalProxy 127.0.0.1
+ RemoteIPTrustedProxy 127.0.0.1
+