diff options
author | Jonas Smedegaard <dr@jones.dk> | 2020-10-19 21:44:05 +0200 |
---|---|---|
committer | Jonas Smedegaard <dr@jones.dk> | 2020-10-19 21:44:05 +0200 |
commit | 6266a6ff0ddb65353b9c491da408bb5fc9b543f3 (patch) | |
tree | a679c60454dac5cf1311f3d9b00a55cad012d4ae | |
parent | 6f2789383d183f004329daf559dd2b9333fef3cc (diff) |
tidy (i.e. revert) logic of checking for HTTPS
-rw-r--r-- | apache2/conf-available/local-tls.conf | 2 | ||||
-rw-r--r-- | apache2/conf-available/security.conf | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/apache2/conf-available/local-tls.conf b/apache2/conf-available/local-tls.conf index da6de62..53f777b 100644 --- a/apache2/conf-available/local-tls.conf +++ b/apache2/conf-available/local-tls.conf @@ -15,7 +15,7 @@ <IfDefine _TLSHOST> -<If "%{HTTPS} == 'off'"> +<If "%{HTTPS} != 'on'"> RedirectMatch permanent ^(?!/.well-known/)(.*) https://${_HOST}/$1 </If> diff --git a/apache2/conf-available/security.conf b/apache2/conf-available/security.conf index 6975048..51d0d4c 100644 --- a/apache2/conf-available/security.conf +++ b/apache2/conf-available/security.conf @@ -88,6 +88,6 @@ Header always set Permissions-Policy "accelerometer(), ambient-light-sensor(), a Header always set Referrer-Policy "no-referrer-when-downgrade" # enable Strict Transport Security -Header always set Strict-Transport-Security "max-age=63072000;includeSubdomains;preload" "expr=%{HTTPS} != 'off'" +Header always set Strict-Transport-Security "max-age=63072000;includeSubdomains;preload" "expr=%{HTTPS} == 'on'" # vim: syntax=apache ts=4 sw=4 sts=4 sr noet |