+# <aliases for dbd>
+<VirtualHost *:80>
+ ServerName www0.defectivebydesign.org
+ ServerAlias www.defectivebydesign.org
+ ServerAlias defectivebydesign.com
+ ServerAlias defectivebydesign.net
+ ServerAlias www.defectivebydesign.com
+ ServerAlias www.defectivebydesign.net
+ ServerAlias dbd.fsf.org
+ ServerAlias defectivebydesign.org
+ ServerAdmin webmaster@fsf.org
+ ### redirect to same domain name, but HTTPS. required for HSTS
+ RewriteEngine On
+ RewriteCond %{HTTPS} !=on
+ RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
+</VirtualHost>
+
+<VirtualHost *:443>
+ ServerName www0.defectivebydesign.org
+ ServerAlias defectivebydesign.com
+ ServerAlias defectivebydesign.net
+ ServerAlias www.defectivebydesign.com
+ ServerAlias www.defectivebydesign.net
+ ServerAlias dbd.fsf.org
+ ServerAlias defectivebydesign.org
+ ServerAdmin webmaster@fsf.org
+ RedirectMatch permanent (.*) https://www.defectivebydesign.org$1
+</VirtualHost>
+
+<VirtualHost *:443>
+ ServerName www.defectivebydesign.org
+ ServerAdmin webmaster@fsf.org
+</VirtualHost>
+# </aliases>
+
+# <configure some basic server parameters>
+# Possible values include: debug, info, notice, warn, error, crit,
+# alert, emerg.
+LogLevel warn
+ServerSignature On
+# </basic params>
+
+# if we have mod_status, use it
+<IfModule mod_status.c>
+ #
+ # Allow server status reports generated by mod_status,
+ # with the URL of http://servername/server-status
+ # Uncomment and change the ".example.com" to allow
+ # access from other hosts.
+ #
+ <Location /server-status>
+ SetHandler server-status
+ Require host 127.0.0.1 74.94.156.210
+ </Location>
+</IfModule>
+
+# <redirects/shortenings of URLs>
+Redirect /day http://www.defectivebydesign.org/dayagainstdrm/2019
+Redirect ^/dayagainstdrm/?$ http://www.defectivebydesign.org/dayagainstdrm/2019
+RedirectPermanent /node/9 /join
+RedirectPermanent /feed.xml /rss.xml
+
+# we can't seem to standardize on using underscores or hyphens, so we're going to use both
+# we can probably have apache use regex for this, I'll investigate that next
+# - Eostre, 2020-08-04
+Redirect ^/amazon-kindle-swindle\. /amazon-kindle-swindle
+Redirect ^/amazon_kindle_swindle\. /amazon-kindle-swindle
+Redirect ^/kindle-swindle\. /amazon-kindle-swindle
+Redirect ^/kindle_swindle\. /amazon-kindle-swindle
+
+# Cf. RT #716003. Ward, 2011-11-30
+RedirectPermanent /user/register https://crm.fsf.org/civicrm/profile/create?gid=36&reset=1
+
+# Cf. RT #839159. Ward, 2013-07-09
+RedirectPermanent /what-is-drm http://www.defectivebydesign.org/what_is_drm_digital_restrictions_management
+RedirectPermanent /what_is_drm http://www.defectivebydesign.org/what_is_drm_digital_restrictions_management
+
+#k054 RT #1044876 2015-09-09
+RedirectPermanent /donate https://my.fsf.org/civicrm/contribute/transact?reset=1&id=40
+RedirectPermanent /no-drm-in-html5 https://my.fsf.org/civicrm/profile/create?gid=183&reset=1
+RedirectPermanent /no-drm-in-html-5 https://my.fsf.org/civicrm/profile/create?gid=183&reset=1
+RedirectPermanent /no_drm_in_html5 https://my.fsf.org/civicrm/profile/create?gid=183&reset=1
+RedirectPermanent /no_drm_in_html_5 https://my.fsf.org/civicrm/profile/create?gid=183&reset=1
+
+# broken links to /en/printable, etc
+# Ward, 2010-01-28
+RewriteRule ^/en/(.*) /$1 [R]
+# </redirects>
+
+# <I think this is for security? idk why we would be messing with / when our webroot is /var/www/html>
+# I'm just an intern, fiddling with code written before I could `echo Hello World`
+# - Eostre, 2020-08-04
+<Directory />
+ Options FollowSymLinks
+ AllowOverride None
+</Directory>
+# </weird stuff>
+
+# <add CGI scripts shipping by our distro>
+ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
+<Directory "/usr/lib/cgi-bin">
+ AllowOverride None
+ Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
+ Require all granted
+</Directory>
+# </cgi>
+
+# <allow us to access usr/share/doc over HTTP, but only from localhost, e.g. allow us to use an SSH tunnel to access it>
+Alias /doc/ "/usr/share/doc/"
+<Directory "/usr/share/doc/">
+ Options Indexes MultiViews FollowSymLinks
+ AllowOverride None
+ Require host 127.0.0.0/255.0.0.0 ::1/128
+</Directory>
+# </share/doc fuckery>
+
+# <manage caching: sets the Expires and Cache-Control headers so that clients know when to use their cache vs. when to refetch a resource>
+<FilesMatch "\.(ico|pdf|jpe?g|png|gif|js|css)$">
+ ExpiresActive On
+ ExpiresDefault "access plus 1 month"
+</FilesMatch>
+
+<FilesMatch ".*">
+ ExpiresActive On
+ ExpiresDefault "access plus 5 minutes"
+</FilesMatch>
+# </caching>