diff --git a/roles/nextcloud/tasks/main.yml b/roles/nextcloud/tasks/main.yml
index 643155f..1fc6692 100644
--- a/roles/nextcloud/tasks/main.yml
+++ b/roles/nextcloud/tasks/main.yml
@@ -38,6 +38,11 @@
         template:
           src: apache2-vhost.conf
           dest: "/etc/apache2/sites-enabled/{{ nextcloud_url }}.conf"
+      - name: Disable default configuration
+        file:
+          # This is a symlink so who cares
+          path: "/etc/apache2/sites-enabled/000-default.conf"
+          state: absent
       - name: Create webroot
         file:
           path: "{{ nextcloud_webroot }}"
@@ -65,6 +70,11 @@
               path: /var/www/nextcloud.tar.bz2
               state: absent
         when: not stat_webroot_index.stat.exists
+      - name: Enable Apache configs and modules
+        shell: "{{ item }}"
+        loop:
+          - "ae2enmod rewrite"
+          - "ae2enmod ssl"
   - name: Register certificates
     block:
       - name: Set up our filesystem heirarchy
diff --git a/roles/nextcloud/templates/apache2-vhost.conf b/roles/nextcloud/templates/apache2-vhost.conf
index f2ac469..f6c152c 100644
--- a/roles/nextcloud/templates/apache2-vhost.conf
+++ b/roles/nextcloud/templates/apache2-vhost.conf
@@ -11,12 +11,21 @@ SSLStrictSNIVHostCheck off
 # Website configuration
 <VirtualHost *:80>
 	ServerName {{ nextcloud_url }}
+	# Uncomment me for HTTPS redirection
+	# Leaving it off for now for testing
+	#Redirect permanent / https://{{ nextcloud_url }}
 	DocumentRoot {{ nextcloud_webroot }}
 </VirtualHost>
 <VirtualHost *:443>
 	SSLEngine on
 	SSLCertificateFile /etc/pki/cert/crt/{{ nextcloud_url }}.crt
 	SSLCertificateKeyFile /etc/pki/cert/private/{{ nextcloud_url }}.key
+	<FilesMatch "\.(cgi|shtml|phtml|php)$">\
+		SSLOptions +StdEnvVars
+	</FilesMatch>
+	<Directory /usr/lib/cgi-bin>
+		SSLOptions +StdEnvVars
+	</Directory>
 	ServerName {{ nextcloud_url }}
 	DocumentRoot {{ nextcloud_webroot }}
 </VirtualHost>