diff --git a/damia/etc/apache2/mods-available/alias.conf b/damia/etc/apache2/mods-available/alias.conf
index 3583d3b..14273c2 100644
--- a/damia/etc/apache2/mods-available/alias.conf
+++ b/damia/etc/apache2/mods-available/alias.conf
@@ -19,6 +19,12 @@
 		Require all granted
 	</Directory>
 
+	Alias /.well-known/ /home/www/.well-known/
+	<Directory /home/www/.well-known/>
+    	AllowOverride All
+    	Require all granted
+	</Directory>
+
 </IfModule>
 
 # vim: syntax=apache ts=4 sw=4 sts=4 sr noet
diff --git a/damia/etc/apache2/sites-available/bremond.conf b/damia/etc/apache2/sites-available/bremond.conf
index cd7432f..2c23565 100644
--- a/damia/etc/apache2/sites-available/bremond.conf
+++ b/damia/etc/apache2/sites-available/bremond.conf
@@ -3,14 +3,12 @@
     ServerAlias www.daniel-bremond.faivre.ml
     DocumentRoot /var/www/html/daniel-bremond 
     #Redirect permanent / https://faivre.ml/
-    RedirectMatch permanent ^(?!/\.well-known/acme-challenge/).* https://daniel-bremond.faivre.ml$0
+    RewriteEngine On
+    RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge [NC]
+    RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
     ErrorLog ${APACHE_LOG_DIR}/bremond-error.log
     CustomLog ${APACHE_LOG_DIR}/bremond-access.log combined
-    Alias /.well-known/ /home/www/well-known/.well-known/
-    <Directory /home/www/well-known/> 
-	AllowOverride All
-	Require all granted
-    </Directory> 
+     
 
 </VirtualHost> 
 
@@ -38,8 +36,6 @@
     #   SSLCertificateFile directive is needed.
     SSLCertificateFile      /etc/letsencrypt/live/faivre.ml/fullchain.pem
     SSLCertificateKeyFile   /etc/letsencrypt/live/faivre.ml/privkey.pem
-    SSLCertificateFile	    /etc/letsencrypt/live/www.faivre.ml/fullchain.pem
-    SSLCertificateKeyFile   /etc/letsencrypt/live/www.faivre.ml/privkey.pem
 
     #   Certificate Authority (CA):
     #   Set the CA certificate verification path where to find CA
diff --git a/damia/etc/apache2/sites-available/eu.bm39-all.conf b/damia/etc/apache2/sites-available/eu.bm39-all.conf
new file mode 100644
index 0000000..1f605e5
--- /dev/null
+++ b/damia/etc/apache2/sites-available/eu.bm39-all.conf
@@ -0,0 +1,74 @@
+# all bm39.eu subdomains
+
+<Macro bm39 $name $domain>
+    <VirtualHost *:80>
+	ServerName $domain
+	ServerAlias www.$domain
+	UseCanonicalName Off
+
+	#DocumentRoot /home/www/eu.bm39/$name
+
+	CustomLog ${APACHE_LOG_DIR}/eu.bm39.$name-access.log combined
+	ErrorLog ${APACHE_LOG_DIR}/eu.bm39.$name-error.log
+
+	# br, feb 13, 2016. The following hack is necessary to have
+	# letsencrypt work in "--webroot" mode, as it does not handle
+	# https redirection
+	RewriteEngine On
+	RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge [NC]
+	RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
+    </VirtualHost>
+
+    <VirtualHost *:443>
+	ServerName $domain
+	ServerAlias www.$domain
+	UseCanonicalName Off
+
+	DocumentRoot /home/www/eu.bm39/$name
+
+	CustomLog ${APACHE_LOG_DIR}/eu.bm39.$name-access.log combined
+	ErrorLog ${APACHE_LOG_DIR}/eu.bm39.$name-error.log
+
+	SSLEngine on
+        SSLCertificateFile      /etc/letsencrypt/live/bm39.eu/fullchain.pem
+        SSLCertificateKeyFile   /etc/letsencrypt/live/bm39.eu/privkey.pem
+
+	<Location />
+	    SSLRequireSSL On
+	    SSLVerifyClient none
+	    SSLVerifyDepth 1
+	    SSLOptions +StdEnvVars +StrictRequire
+	</Location>
+
+	RewriteEngine on
+
+	<Directory  /home/www/eu.bm39/$name>
+    	    Options Indexes FollowSymLinks MultiViews
+    	    AllowOverride All
+    	    Require all granted
+            # Kesako ?
+            SSLRenegBufferSize 10486000
+	</Directory>
+
+        # Kesako ?
+        <IfModule mod_headers.c>
+	    Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
+        </IfModule>
+
+        # Kesako ? Puisque mod_security2 n'est pas utilisé, je commente.
+	#<IfModule mod_security2.c>
+	#    SecRequestBodyNoFilesLimit 5242880
+	#</IfModule>
+
+    </VirtualHost>
+
+</Macro>
+
+# macros: Each line is
+# Use <dir> <fqdn>
+# with dir: /home/www/eu.bm39/<dir>
+Use bm39    root    bm39.eu
+Use bm39    dev     dev.bm39.eu
+Use bm39    test    test.bm39.eu
+
+UndefMacro bm39
diff --git a/damia/etc/apache2/sites-available/faivre.conf b/damia/etc/apache2/sites-available/faivre.conf
index ab9f66e..7c6fc86 100644
--- a/damia/etc/apache2/sites-available/faivre.conf
+++ b/damia/etc/apache2/sites-available/faivre.conf
@@ -3,15 +3,12 @@
     ServerAlias www.faivre.ml 
     DocumentRoot /var/www/html 
     #Redirect permanent / https://faivre.ml/
-    RedirectMatch permanent ^(?!/\.well-known/acme-challenge/).* https://faivre.ml$0
+    RewriteEngine On
+    RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge [NC]
+    RewriteRule ^(.*)$ https://%{HTTP_HOST}$1 [R=301,L]
     ErrorLog ${APACHE_LOG_DIR}/faivre.ml-error.log
     CustomLog ${APACHE_LOG_DIR}/faivre.ml-access.log combined
-    Alias /.well-known/ /home/www/well-known/.well-known/
-    <Directory /home/www/well-known/> 
-	AllowOverride All
-	Require all granted
-    </Directory> 
-
+    
 </VirtualHost> 
 
 <VirtualHost *:443> 
@@ -38,8 +35,6 @@
     #   SSLCertificateFile directive is needed.
     SSLCertificateFile      /etc/letsencrypt/live/faivre.ml/fullchain.pem
     SSLCertificateKeyFile   /etc/letsencrypt/live/faivre.ml/privkey.pem
-    SSLCertificateFile	    /etc/letsencrypt/live/www.faivre.ml/fullchain.pem
-    SSLCertificateKeyFile   /etc/letsencrypt/live/www.faivre.ml/privkey.pem
 
     #   Certificate Authority (CA):
     #   Set the CA certificate verification path where to find CA
@@ -57,7 +52,7 @@
 	SSLVerifyDepth 1
 	SSLOptions +StdEnvVars +StrictRequire
     </Location>
-    <Directory /var/www> 
+    <Directory /var/www/html/faivre> 
 	Options Indexes FollowSymLinks MultiViews
 	AllowOverride All
 	Require all granted
diff --git a/damia/etc/apache2/sites-enabled/dev.bm39.conf b/damia/etc/apache2/sites-enabled/dev.bm39.conf
deleted file mode 120000
index 17f4fc0..0000000
--- a/damia/etc/apache2/sites-enabled/dev.bm39.conf
+++ /dev/null
@@ -1 +0,0 @@
-../sites-available/dev.bm39.conf
\ No newline at end of file
diff --git a/damia/etc/apache2/sites-enabled/eu.bm39-all.conf b/damia/etc/apache2/sites-enabled/eu.bm39-all.conf
new file mode 120000
index 0000000..7284ee0
--- /dev/null
+++ b/damia/etc/apache2/sites-enabled/eu.bm39-all.conf
@@ -0,0 +1 @@
+../sites-available/eu.bm39-all.conf
\ No newline at end of file
diff --git a/damia/etc/apache2/sites-enabled/eu.bm39.conf b/damia/etc/apache2/sites-enabled/eu.bm39.conf
deleted file mode 120000
index a781a6f..0000000
--- a/damia/etc/apache2/sites-enabled/eu.bm39.conf
+++ /dev/null
@@ -1 +0,0 @@
-../sites-available/eu.bm39.conf
\ No newline at end of file
diff --git a/damia/etc/apache2/sites-enabled/faivre.conf b/damia/etc/apache2/sites-enabled/faivre.conf
index 69baaeb..4706cb9 120000
--- a/damia/etc/apache2/sites-enabled/faivre.conf
+++ b/damia/etc/apache2/sites-enabled/faivre.conf
@@ -1 +1 @@
-../sites-available/faivre.conf
\ No newline at end of file
+/etc/apache2/sites-available/faivre.conf
\ No newline at end of file
diff --git a/damia/etc/apache2/sites-enabled/test.bm39.conf b/damia/etc/apache2/sites-enabled/test.bm39.conf
deleted file mode 120000
index 7b23619..0000000
--- a/damia/etc/apache2/sites-enabled/test.bm39.conf
+++ /dev/null
@@ -1 +0,0 @@
-../sites-available/test.bm39.conf
\ No newline at end of file