pfizer - security header also on test

diff --git a/customer/pfizer/test-web01-pfizer-de.pixelpark.net.yaml b/customer/pfizer/test-web01-pfizer-de.pixelpark.net.yaml
index fba191c92565d93745c10ab940dbe8b552599db1..2e888526df43832cceb98b660d8a746efa934fcb 100644 (file)
--- a/customer/pfizer/test-web01-pfizer-de.pixelpark.net.yaml
+++ b/customer/pfizer/test-web01-pfizer-de.pixelpark.net.yaml
@@ -610,6 +610,11 @@ site::profile::apache::pp_vhosts:
     docroot_owner: apache
     docroot_group: apache
     docroot_mode: '0770'
+    headers:
+      - 'always unset "X-Powered-By"'
+      - 'set X-Content-Type-Options: nosniff'
+      - 'set X-XSS-Protection: "1; mode=block"'
+      - 'set X-Frame-Options: DENY'
     directories:
       - directory_root:
         provider: directory
@@ -639,6 +644,11 @@ site::profile::apache::pp_vhosts:
     docroot_mode: '0770'
     error_documents:
       - { error_code: 404 , document: "/error/" }
+    headers:
+      - 'always unset "X-Powered-By"'
+      - 'set X-Content-Type-Options: nosniff'
+      - 'set X-XSS-Protection: "1; mode=block"'
+      - 'set X-Frame-Options: DENY'
     directories:
       - directory_root:
         provider: directory
@@ -667,6 +677,11 @@ site::profile::apache::pp_vhosts:
     docroot_group: apache
     docroot_mode: '0770'
     fallbackresource: '/404.html'
+    headers:
+      - 'always unset "X-Powered-By"'
+      - 'set X-Content-Type-Options: nosniff'
+      - 'set X-XSS-Protection: "1; mode=block"'
+      - 'set X-Frame-Options: DENY'
     directories:
       - directory_root:
         provider: directory
@@ -696,6 +711,11 @@ site::profile::apache::pp_vhosts:
     ssl_cert: /etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem
     ssl_chain: /etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem
     ssl_key: /etc/pki/tls/private/wildcard.pixelpark.net-key.pem
+    headers:
+      - 'always unset "X-Powered-By"'
+      - 'set X-Content-Type-Options: nosniff'
+      - 'set X-XSS-Protection: "1; mode=block"'
+      - 'set X-Frame-Options: DENY'
     directories:
       - directory_root:
         provider: directory
@@ -732,6 +752,11 @@ site::profile::apache::pp_vhosts:
     docroot_owner: apache
     docroot_group: apache
     docroot_mode: '0770'
+    headers:
+      - 'always unset "X-Powered-By"'
+      - 'set X-Content-Type-Options: nosniff'
+      - 'set X-XSS-Protection: "1; mode=block"'
+      - 'set X-Frame-Options: DENY'
     directories:
       - directory_root:
         provider: directory
@@ -762,6 +787,11 @@ site::profile::apache::pp_vhosts:
     ssl_cert: /etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem
     ssl_chain: /etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem
     ssl_key: /etc/pki/tls/private/wildcard.pixelpark.net-key.pem
+    headers:
+      - 'always unset "X-Powered-By"'
+      - 'set X-Content-Type-Options: nosniff'
+      - 'set X-XSS-Protection: "1; mode=block"'
+      - 'set X-Frame-Options: DENY'
     directories:
       - directory_root:
         provider: directory
@@ -805,6 +835,11 @@ site::profile::apache::pp_vhosts:
     ssl_cert: /etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem
     ssl_chain: /etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem
     ssl_key: /etc/pki/tls/private/wildcard.pixelpark.net-key.pem
+    headers:
+      - 'always unset "X-Powered-By"'
+      - 'set X-Content-Type-Options: nosniff'
+      - 'set X-XSS-Protection: "1; mode=block"'
+      - 'set X-Frame-Options: DENY'
     directories:
       - directory_root:
         provider: directory
@@ -843,6 +878,11 @@ site::profile::apache::pp_vhosts:
     ssl_cert: /etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem
     ssl_chain: /etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem
     ssl_key: /etc/pki/tls/private/wildcard.pixelpark.net-key.pem
+    headers:
+      - 'always unset "X-Powered-By"'
+      - 'set X-Content-Type-Options: nosniff'
+      - 'set X-XSS-Protection: "1; mode=block"'
+      - 'set X-Frame-Options: DENY'
     directories:
       - directory_root:
         provider: directory
@@ -878,6 +918,11 @@ site::profile::apache::pp_vhosts:
     docroot_owner: apache
     docroot_group: apache
     docroot_mode: '0770'
+    headers:
+      - 'always unset "X-Powered-By"'
+      - 'set X-Content-Type-Options: nosniff'
+      - 'set X-XSS-Protection: "1; mode=block"'
+      - 'set X-Frame-Options: DENY'
     directories:
       - directory_root:
         provider: directory
@@ -905,6 +950,11 @@ site::profile::apache::pp_vhosts:
     docroot_owner: apache
     docroot_group: apache
     docroot_mode: '0770'
+    headers:
+      - 'always unset "X-Powered-By"'
+      - 'set X-Content-Type-Options: nosniff'
+      - 'set X-XSS-Protection: "1; mode=block"'
+      - 'set X-Frame-Options: DENY'
     directories:
       - directory_root:
         provider: directory
@@ -932,6 +982,11 @@ site::profile::apache::pp_vhosts:
     docroot_owner: apache
     docroot_group: apache
     docroot_mode: '0770'
+    headers:
+      - 'always unset "X-Powered-By"'
+      - 'set X-Content-Type-Options: nosniff'
+      - 'set X-XSS-Protection: "1; mode=block"'
+      - 'set X-Frame-Options: DENY'
     directories:
       - directory_root:
         provider: directory
@@ -966,6 +1021,11 @@ site::profile::apache::pp_vhosts:
     passenger_app_env: development
     docroot_owner: apache
     docroot_group: apache
+    headers:
+      - 'always unset "X-Powered-By"'
+      - 'set X-Content-Type-Options: nosniff'
+      - 'set X-XSS-Protection: "1; mode=block"'
+      - 'set X-Frame-Options: DENY'
     directories:
       - docroot:
         provider: directory