Protocols h2 h2c http/1.1

<VirtualHost *:80>
  <Directory /var/www/html/website/>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Order allow,deny
    allow from all
  </Directory>

  ServerAdmin email@address.tld
  ServerName domain.tld
  DocumentRoot /var/www/html/website

  ErrorLog ${APACHE_LOG_DIR}/website.error.log

  RewriteEngine On
  RewriteCond %{SERVER_NAME} =domain.tld
  RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

<VirtualHost *:443>
  <Directory /var/www/html/website/>
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Order allow,deny
    allow from all
  </Directory>

#  Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"

  ServerAdmin email@address.tld
  ServerName domain.tld
  DocumentRoot /var/www/html/website

  ErrorLog ${APACHE_LOG_DIR}/website.error.log

  RewriteEngine On
  RewriteCond %{SERVER_NAME} =domain.tld
  RewriteCond %{HTTP_HOST} ^www\.(.*)$ [NC]
  RewriteCond %{THE_REQUEST} !HTTP/1.1$
  RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [L,R=301]

  SSLCertificateFile /etc/letsencrypt/live/domain-tld/fullchain.pem
  SSLCertificateKeyFile /etc/letsencrypt/live/domain.tld/privkey.pem
  Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>