diff --git a/biodatacatalyst-ui/Dockerfile b/biodatacatalyst-ui/Dockerfile
index bc6eed02..209198b5 100644
--- a/biodatacatalyst-ui/Dockerfile
+++ b/biodatacatalyst-ui/Dockerfile
@@ -15,9 +15,6 @@ FROM httpd:2.4.53-alpine as base
ARG FILE_SUFFIX
ENV FILE_SUFFIX=${FILE_SUFFIX}
-# Replace virtual host config file with ours
-COPY httpd-vhosts.conf ${HTTPD_PREFIX}/conf/extra/httpd-vhosts.conf
-
# Enable virtual hosting config file
RUN sed -i '/^#Include conf.extra.httpd-vhosts.conf/s/^#//' ${HTTPD_PREFIX}/conf/httpd.conf
diff --git a/biodatacatalyst-ui/httpd-vhosts-dev.conf b/biodatacatalyst-ui/httpd-vhosts-dev.conf
deleted file mode 100644
index faefee38..00000000
--- a/biodatacatalyst-ui/httpd-vhosts-dev.conf
+++ /dev/null
@@ -1,101 +0,0 @@
-Listen 0.0.0.0:80
-Listen 0.0.0.0:443
-
-##
-## SSL Global Context
-##
-## All SSL configuration in this context applies both to
-## the main server and all SSL-enabled virtual hosts.
-##
-
-#
-# Some MIME-types for downloading Certificates and CRLs
-#
-AddType application/x-x509-ca-cert .crt
-AddType application/x-pkcs7-crl .crl
-
-SSLCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES
-SSLProxyCipherSuite HIGH:MEDIUM:!MD5:!RC4:!3DES
-
-
-SSLHonorCipherOrder on
-
-SSLProtocol all -SSLv2 -SSLv3
-SSLProxyProtocol all -SSLv2 -SSLv3
-SSLPassPhraseDialog builtin
-
-SSLSessionCache "shmcb:${HTTPD_PREFIX}/logs/ssl_scache(512000)"
-SSLSessionCacheTimeout 300
-
-Mutex "file:${HTTPD_PREFIX}/logs/ssl_mutex"
-
-ServerTokens Prod
-
-
- ServerName localhost
- RewriteEngine On
- ProxyPreserveHost On
- RewriteCond %{HTTPS} off [OR]
- RewriteCond %{HTTP_HOST} ^(?:)?(.+)$ [NC]
- RewriteRule ^ https://%{SERVER_NAME}/picsureui/ [L,NE,R=301]
-
-
-
- SSLProxyEngine on
- SSLProxyCheckPeerCN off
-
- SSLCertificateFile "${HTTPD_PREFIX}/cert/server.crt"
- SSLCertificateKeyFile "${HTTPD_PREFIX}/cert/server.key"
- SSLCertificateChainFile "${HTTPD_PREFIX}/cert/server.chain"
-
- # Content security policy:
- # frame-ancestors 'none' - Stops our application from being loaded in an iframe
- # default-src - Restricts loading resources to the same origin
- # script-src - Allows inline scripts but only from the same origin and unsafe-eval and unsafe-inline
- # unsafe-eval - Allows eval() and similar constructs
- # unsafe-inline - Allows inline JavaScript, CSS, and event handlers
- # style-src - Allows inline styles but only from the same origin
- # img-src - Allows images from the same origin and data: URIs
- Header always set Content-Security-Policy "frame-ancestors 'none'; default-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://www.googletagmanager.com; img-src 'self' data: https://public.era.nih.gov blob:;"
-
- # A fall back for legacy browsers that don't yet support CSP frame-ancestors.
- Header always set X-Frame-Options "DENY"
-
- # Attempt to prevent some MIME-type confusion attacks. There is no perfect solution to this problem.
- Header always set X-Content-Type-Options "nosniff"
-
- # Enables built-in XSS protection in modern web browsers.
- # If a XSS is detected mode=block will block the entire page.
- Header always set X-XSS-Protection "1; mode=block;"
-
- # Unset the Server header. Removes 1 approach to getting information about our server.
- Header always unset Server
-
- RewriteEngine On
- ProxyPreserveHost On
-
- RewriteRule ^/picsure/(.*)$ "https://biodatacatalyst.integration.hms.harvard.edu.actual/picsure/$1" [P]
- RewriteRule ^/psama/(.*)$ "https://biodatacatalyst.integration.hms.harvard.edu.actual/psama/$1" [P]
-
- RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
- RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-d
-
- RewriteRule /picsureui/(.*) /picsureui/index.html [C]
- RewriteRule ^/static/(.*)$ /static/$1 [L]
- RewriteRule ^/psamaui/(.*)$ /picsureui/index.html [C]
-
- RedirectMatch ^/$ /picsureui/
- ErrorDocument 404 /index.html
-
- DocumentRoot "${HTTPD_PREFIX}/htdocs"
-
- ErrorLog "${HTTPD_PREFIX}/logs/error_log"
- TransferLog "${HTTPD_PREFIX}/logs/access_log"
- CustomLog "${HTTPD_PREFIX}/logs/ssl_request_log" \
- "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
-
- BrowserMatch "MSIE [2-5]" \
- nokeepalive ssl-unclean-shutdown \
- downgrade-1.0 force-response-1.0
-
-
diff --git a/biodatacatalyst-ui/httpd-vhosts.conf b/biodatacatalyst-ui/httpd-vhosts.conf
deleted file mode 100644
index 911fe284..00000000
--- a/biodatacatalyst-ui/httpd-vhosts.conf
+++ /dev/null
@@ -1,113 +0,0 @@
-Listen 0.0.0.0:80
-Listen 0.0.0.0:443
-
-##
-## SSL Global Context
-##
-## All SSL configuration in this context applies both to
-## the main server and all SSL-enabled virtual hosts.
-##
-
-#
-# Some MIME-types for downloading Certificates and CRLs
-#
-AddType application/x-x509-ca-cert .crt
-AddType application/x-pkcs7-crl .crl
-
-SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES256-SHA384 ECDHE-RSA-AES256-SHA384 AES128-GCM-SHA256 AES128-SHA256 AES256-GCM-SHA384 AES256-SHA256
-SSLProxyCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-SHA256 ECDHE-RSA-AES128-SHA256 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES256-SHA384 ECDHE-RSA-AES256-SHA384 AES128-GCM-SHA256 AES128-SHA256 AES256-GCM-SHA384 AES256-SHA256
-
-
-SSLHonorCipherOrder on
-
-SSLProtocol all -TLSv1.2
-SSLProxyProtocol all -TLSv1.2
-SSLPassPhraseDialog builtin
-
-SSLSessionCache "shmcb:${HTTPD_PREFIX}/logs/ssl_scache(512000)"
-SSLSessionCacheTimeout 300
-
-Mutex "file:${HTTPD_PREFIX}/logs/ssl_mutex"
-
-ServerTokens Prod
-
-
- ServerName localhost
- RewriteEngine On
- ProxyPreserveHost On
-
- #Dont allow httpd debug methods
- RewriteCond %{REQUEST_METHOD} ^TRACK
- RewriteRule .* - [F]
- RewriteCond %{REQUEST_METHOD} ^TRACE
- RewriteRule .* - [F]
-
- RewriteCond %{HTTPS} off [OR]
- RewriteCond %{HTTP_HOST} ^(?:)?(.+)$ [NC]
- RewriteRule ^ https://%{SERVER_NAME}/picsureui/ [L,NE,R=301]
-
-
-
- SSLProxyEngine on
- SSLProxyCheckPeerCN off
-
- SSLCertificateFile "${HTTPD_PREFIX}/cert/server.crt"
- SSLCertificateKeyFile "${HTTPD_PREFIX}/cert/server.key"
- SSLCertificateChainFile "${HTTPD_PREFIX}/cert/server.chain"
-
- Header always set Strict-Transport-Security "max-age=31536000; includeSubdomains; preload"
-
- # Content security policy:
- # frame-ancestors 'none' - Stops our application from being loaded in an iframe
- # default-src - Restricts loading resources to the same origin
- # script-src - Allows inline scripts but only from the same origin and unsafe-eval and unsafe-inline
- # unsafe-eval - Allows eval() and similar constructs
- # unsafe-inline - Allows inline JavaScript, CSS, and event handlers
- # style-src - Allows inline styles but only from the same origin
- # img-src - Allows images from the same origin and data: URIs
- Header always set Content-Security-Policy "frame-ancestors 'none'; default-src 'self'; style-src 'self' 'unsafe-inline'; worker-src 'self' blob:; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://*.googletagmanager.com; img-src 'self' data: https://public.era.nih.gov blob: https://*.google-analytics.com https://*.googletagmanager.com; connect-src 'self' https://*.google-analytics.com https://*.analytics.google.com https://*.googletagmanager.com;"
-
- # A fall back for legacy browsers that don't yet support CSP frame-ancestors.
- Header always set X-Frame-Options "DENY"
-
- # Attempt to prevent some MIME-type confusion attacks. There is no perfect solution to this problem.
- Header always set X-Content-Type-Options "nosniff"
-
- # Enables built-in XSS protection in modern web browsers.
- # If a XSS is detected mode=block will block the entire page.
- Header always set X-XSS-Protection "1; mode=block;"
-
- RewriteEngine On
- ProxyPreserveHost On
-
- #Dont allow httpd debug methods
- RewriteCond %{REQUEST_METHOD} ^TRACK
- RewriteRule .* - [F]
- RewriteCond %{REQUEST_METHOD} ^TRACE
- RewriteRule .* - [F]
-
- RewriteRule ^/picsure/(.*)$ "http://wildfly:8080/pic-sure-api-2/PICSURE/$1" [P]
- RewriteRule ^/psama/(.*)$ "http://wildfly:8080/pic-sure-auth-services/auth/$1" [P]
-
- RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-f
- RewriteCond %{DOCUMENT_ROOT}/%{REQUEST_FILENAME} !-d
-
- RewriteRule /picsureui/(.*) /picsureui/index.html [C]
- RewriteRule ^/static/(.*)$ /static/$1 [L]
- RewriteRule ^/psamaui/(.*)$ /picsureui/index.html [C]
-
- RedirectMatch ^/$ /picsureui/
- ErrorDocument 404 /index.html
-
- DocumentRoot "${HTTPD_PREFIX}/htdocs"
-
- ErrorLog "${HTTPD_PREFIX}/logs/error_log"
- TransferLog "${HTTPD_PREFIX}/logs/access_log"
- CustomLog "${HTTPD_PREFIX}/logs/ssl_request_log" \
- "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
-
- BrowserMatch "MSIE [2-5]" \
- nokeepalive ssl-unclean-shutdown \
- downgrade-1.0 force-response-1.0
-
-