change apache umask in /etc/apache2/envvars from 022 to 002 so that new folders are group writables. If there is no such line, just add "umask 002" at the end of the file.
a2enmod ssl headers rewrite
+
+= Kernel tuning
+===============
+
+I suggest you add these lines to your /etc/sysctl.conf file:
+
+# for postgres: a process may use up to 768MB of RAM
+kernel.shmmax=805306368
+# Udp recv queue max size. Note this is not the max size a default socket will
+get. 256*1024-1 => doubled by kernel = 512KB
+net.core.rmem_max=262143
+