test:~$ sudo nano /etc/apache2/sites-available/default-ssl.conf
<IfModule mod_ssl.c>
<VirtualHost _default_:443>
ServerAdmin webmaster@localhost

DocumentRoot /var/www/myuniqueproxy.com/html

# ServerName is optional for IP-based access
# ServerName your-domain.com

ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined

# SSL Configuration
SSLEngine on

#Allow only TLS 1.2
SSLProtocol -all +TLSV1.2
#SSLCipherSuite RSA+AESGCM

# Allow all common TLS 1.2 cipher suites from your list
SSLCipherSuite HIGH:MEDIUM:!aNULL:!MD5:!RC4:!EXP:!eNULL

# Enforce server order
SSLHonorCipherOrder on

SSLCertificateFile      /etc/apache2/ssl/apache-selfsigned.crt
SSLCertificateKeyFile   /etc/apache2/ssl/apache-selfsigned.key

<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>

# Optional security headers
Header always set X-Frame-Options DENY
Header always set X-Content-Type-Options nosniff
Header always set X-XSS-Protection "1; mode=block"

# Optional SSL settings (hardened)
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite HIGH:!aNULL:!MD5
SSLHonorCipherOrder on
</VirtualHost>
</IfModule>