fbb-www - enable HSTS headers

author Thomas Dalichow <thomas.dalichow@publicispixelpark.de>

Wed, 4 Jul 2018 14:21:28 +0000 (16:21 +0200)

committer Thomas Dalichow <thomas.dalichow@publicispixelpark.de>

Wed, 4 Jul 2018 14:21:28 +0000 (16:21 +0200)
author Thomas Dalichow <thomas.dalichow@publicispixelpark.de>
Wed, 4 Jul 2018 14:21:28 +0000 (16:21 +0200)
committer Thomas Dalichow <thomas.dalichow@publicispixelpark.de>
Wed, 4 Jul 2018 14:21:28 +0000 (16:21 +0200)
diff --git a/customer/fbb-www/production.yaml b/customer/fbb-www/production.yaml

index 4e485ed51ced7b544379efd77417dd66f88dc032..d04ad0ddf9837d761466b607ed244a6f0965ed0b 100644 (file)
--- a/customer/fbb-www/production.yaml
+++ b/customer/fbb-www/production.yaml
@@ -290,6 +290,7 @@ infra::profile::apache::pp_vhosts:
        - 'HTTPS on X-Forwarded-Proto=https'
        - 'HTTPS on HTTPS=on'
      headers:
+      - 'set Strict-Transport-Security: max-age=31536000 env=HTTPS'
        - 'set X-Content-Type-Options: nosniff'
        - 'set X-XSS-Protection: "1; mode=block"'
        - 'set X-Frame-Options: DENY'
@@ -327,6 +328,7 @@ infra::profile::apache::pp_vhosts:
        - 'HTTPS on X-Forwarded-Proto=https'
        - 'HTTPS on HTTPS=on'
      headers:
+      - 'set Strict-Transport-Security: max-age=31536000 env=HTTPS'
        - 'set X-Content-Type-Options: nosniff'
        - 'set X-XSS-Protection: "1; mode=block"'
        - 'set X-Frame-Options: DENY'
@@ -366,6 +368,7 @@ infra::profile::apache::pp_vhosts:
        - 'HTTPS on X-Forwarded-Proto=https'
        - 'HTTPS on HTTPS=on'
      headers:
+      - 'set Strict-Transport-Security: max-age=31536000 env=HTTPS'
        - 'set X-Content-Type-Options: nosniff'
        - 'set X-XSS-Protection: "1; mode=block"'
        - 'set X-Frame-Options: DENY'
@@ -730,6 +733,7 @@ infra::profile::apache::pp_vhosts:
        - 'HTTPS on X-Forwarded-Proto=https'
        - 'HTTPS on HTTPS=on'
      headers:
+      - 'set Strict-Transport-Security: max-age=31536000 env=HTTPS'
        - 'set X-Content-Type-Options: nosniff'
        - 'set X-XSS-Protection: "1; mode=block"'
        - 'set X-Frame-Options: DENY'
@@ -809,6 +813,7 @@ infra::profile::apache::pp_vhosts:
        - 'Remote_Addr "172\.18\.49\.24" AdslZugriffErlaubt'
        - 'Remote_Addr "10\.99\.1\.10" AdslZugriffErlaubt'
      headers:
+      - 'set Strict-Transport-Security: max-age=31536000 env=HTTPS'
        - 'set X-Content-Type-Options: nosniff'
        - 'set X-XSS-Protection: "1; mode=block"'
        - 'set X-Frame-Options: DENY'
author	Thomas Dalichow <thomas.dalichow@publicispixelpark.de>
	Wed, 4 Jul 2018 14:21:28 +0000 (16:21 +0200)
committer	Thomas Dalichow <thomas.dalichow@publicispixelpark.de>
	Wed, 4 Jul 2018 14:21:28 +0000 (16:21 +0200)