summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJonas Smedegaard <dr@jones.dk>2020-10-19 21:44:05 +0200
committerJonas Smedegaard <dr@jones.dk>2020-10-19 21:44:05 +0200
commit6266a6ff0ddb65353b9c491da408bb5fc9b543f3 (patch)
treea679c60454dac5cf1311f3d9b00a55cad012d4ae
parent6f2789383d183f004329daf559dd2b9333fef3cc (diff)
tidy (i.e. revert) logic of checking for HTTPS
-rw-r--r--apache2/conf-available/local-tls.conf2
-rw-r--r--apache2/conf-available/security.conf2
2 files changed, 2 insertions, 2 deletions
diff --git a/apache2/conf-available/local-tls.conf b/apache2/conf-available/local-tls.conf
index da6de62..53f777b 100644
--- a/apache2/conf-available/local-tls.conf
+++ b/apache2/conf-available/local-tls.conf
@@ -15,7 +15,7 @@
<IfDefine _TLSHOST>
-<If "%{HTTPS} == 'off'">
+<If "%{HTTPS} != 'on'">
RedirectMatch permanent ^(?!/.well-known/)(.*) https://${_HOST}/$1
</If>
diff --git a/apache2/conf-available/security.conf b/apache2/conf-available/security.conf
index 6975048..51d0d4c 100644
--- a/apache2/conf-available/security.conf
+++ b/apache2/conf-available/security.conf
@@ -88,6 +88,6 @@ Header always set Permissions-Policy "accelerometer(), ambient-light-sensor(), a
Header always set Referrer-Policy "no-referrer-when-downgrade"
# enable Strict Transport Security
-Header always set Strict-Transport-Security "max-age=63072000;includeSubdomains;preload" "expr=%{HTTPS} != 'off'"
+Header always set Strict-Transport-Security "max-age=63072000;includeSubdomains;preload" "expr=%{HTTPS} == 'on'"
# vim: syntax=apache ts=4 sw=4 sts=4 sr noet