summaryrefslogtreecommitdiff
path: root/apache2/conf-available/security.conf.diff
diff options
context:
space:
mode:
Diffstat (limited to 'apache2/conf-available/security.conf.diff')
-rw-r--r--apache2/conf-available/security.conf.diff22
1 files changed, 2 insertions, 20 deletions
diff --git a/apache2/conf-available/security.conf.diff b/apache2/conf-available/security.conf.diff
index 66829ed..c363be3 100644
--- a/apache2/conf-available/security.conf.diff
+++ b/apache2/conf-available/security.conf.diff
@@ -9,7 +9,7 @@
#ServerTokens Full
#
-@@ -60,14 +60,52 @@
+@@ -60,14 +60,34 @@
# else than declared by the content type in the HTTP headers.
# Requires mod_headers to be enabled.
#
@@ -43,24 +43,6 @@
+Header always set Referrer-Policy "no-referrer-when-downgrade"
+
+# enable Strict Transport Security
-+# <http://www.debian-administration.org/articles/662>
-+<IfDefine !_NO_HSTS>
-+<IfDefine !_NO_HSTS_SUBDOMAINS>
-+<IfDefine !_NO_HSTS_PRELOAD>
-+ Header set Strict-Transport-Security: "max-age=15768000;includeSubdomains;preload"
-+</IfDefine>
-+<IfDefine _NO_HSTS_PRELOAD>
-+ Header set Strict-Transport-Security: "max-age=15768000;includeSubdomains"
-+</IfDefine>
-+</IfDefine>
-+<IfDefine _NO_HSTS_SUBDOMAINS>
-+<IfDefine !_NO_HSTS_PRELOAD>
-+ Header set Strict-Transport-Security: "max-age=15768000;preload"
-+</IfDefine>
-+<IfDefine _NO_HSTS_PRELOAD>
-+ Header set Strict-Transport-Security: "max-age=15768000"
-+</IfDefine>
-+</IfDefine>
-+</IfDefine>
++Header always set Strict-Transport-Security "max-age=63072000;includeSubdomains;preload"
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet
generated by cgit v1.2.3 (git 2.39.1) at 2024-05-15 13:39:27 +0000