From: Philipp Dallig Date: Thu, 26 Oct 2017 09:09:06 +0000 (+0200) Subject: sirona-aem - Korrektur diverser vHosts X-Git-Tag: v0.1.0~2170^2 X-Git-Url: https://git.uhu-banane.de/?a=commitdiff_plain;h=717b044b7f987a36270cafe0fb428d308f060635;p=pixelpark%2Fhiera.git sirona-aem - Korrektur diverser vHosts --- diff --git a/customer/sirona-aem/production.yaml b/customer/sirona-aem/production.yaml index e93d92cf..e3f7b84e 100644 --- a/customer/sirona-aem/production.yaml +++ b/customer/sirona-aem/production.yaml @@ -1486,11 +1486,7 @@ infra::profile::aem::publish::pp_vhosts: - www.ankyloscongress.com - ankyloscongress.com docroot: '/opt/adobe/www/cache/content/events/ankylos-congress-2018' - cert_servername: 'dentsplysironasupport.com' - cert_customer: 'sirona' - ssl_cert: '/etc/pki/tls/certs/dentsplysironasupport.com-cert.pem' - ssl_key: '/etc/pki/tls/private/dentsplysironasupport.com-key.pem' - ssl_chain: '/etc/pki/tls/certs/dentsplysironasupport.com-cert.pem' + ssl: false docroot_owner: apache setenvifnocase: - 'Accept-Language ^.*$ language=en-us' @@ -1518,11 +1514,6 @@ infra::profile::aem::publish::pp_vhosts: - '%%{ich-trickse}{HTTP_HOST} !^www\. [NC]' rewrite_rule: - '^(.*)$ %%{ich-trickse}{REQUEST_SCHEME}://www.%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' - - comment: 'http to https' - rewrite_cond: - - '%%{ich-trickse}{HTTPS} !=on' - rewrite_rule: - - '(.*) https://%%{ich-trickse}{HTTP_HOST}%%{ich-trickse}{REQUEST_URI} [R=301,L]' - comment: 'lanugage Rewrite use Env Vars' rewrite_rule: - '^/$ %%{ich-trickse}{REQUEST_SCHEME}://www.ankyloscongress.com/%%{ich-trickse}{ENV:language}.html [R=301,L]' @@ -3742,6 +3733,172 @@ aem::dispatcher::publish_farm: - 'Expires' - 'Content-Type' - 'Access-Control-Allow-Origin' + digitaldiscoverysummit: + virtualhosts: + - www.digitaldiscoverysummit.com + clientheaders: + - '*' + renders: + - { hostname: "127.0.0.1", port: '4503' } + filter: + - { type: 'deny', glob: '*' } + - { type: 'allow', url: '/' } + - { type: 'allow', url: '*.html' } + - { type: 'allow', url: '*.css' } # enable css + - { type: 'allow', url: '*.gif' } # enable gifs + - { type: 'allow', url: '*.ico' } # enable icos + - { type: 'allow', url: '*.js' } # enable javascript + - { type: 'allow', url: '*.png' } # enable png + - { type: 'allow', url: '*.swf' } # enable flash + - { type: 'allow', url: '*.jpg' } # enable jpg + - { type: 'allow', url: '*.jpeg' } # enable jpeg + - { type: 'allow', url: '*.svg' } # enable svg + - { type: 'allow', url: '*.ttf' } # enable ttf + - { type: 'allow', url: '*.woff' } # enable woff + - { type: 'allow', url: '*.woff2' } # enable woff2 + - { type: 'allow', url: '*.eot' } # enable eot + - { type: 'allow', url: '*.pdf' } # enable pdf + - { type: 'allow', url: '*.wmv' } # enable wmv + - { type: 'allow', url: '*.psd' } # enable psd (Adobe Photoshop Dokument) + - { type: 'allow', url: '*.tif' } # enable tif + - { type: 'allow', url: '*.zip' } # enable zip + - { type: 'allow', url: '*.exe' } # enable exe + - { type: 'allow', url: '*.msi' } # enable msi + - { type: 'allow', url: '*.indd' } # enable indd (Adobe Indesign Dokument) + # Enable features + - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization + - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API + - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API + - { type: 'allow', url: '*.articlelibrary.json' } # enable article library JSON API + - { type: 'allow', url: '*.assetdata.json' } # enable download basket JSON API + - { type: 'allow', url: '*.updatecheck.json' } # enable update check + - { type: 'allow', url: '*.dealers.json' } # enable dealer search JSON API + - { type: 'allow', method: 'post', url: '*.forms.html' } # enable forms + # Security Rules + - { type: 'deny', url: '/etc/' } + - { type: 'deny', url: '/libs/' } + - { type: 'allow', url: '/etc/designs/*' } + - { type: 'allow', url: '/etc/clientlibs/*' } + - { type: 'allow', url: '/etc/segmentation.segment.js' } + - { type: 'allow', url: '/libs/cq/personalization/components/clickstreamcloud/content/config.json' } + - { type: 'allow', url: '/libs/wcm/stats/tracker.js' } + - { type: 'allow', url: '/libs/cq/personalization/*' } # (JS, CSS and JSON) + - { type: 'allow', url: '/libs/cq/security/userinfo.json' } # (CQ user information) + - { type: 'allow', url: '/libs/granite/security/currentuser.json' } # (data must not be cached) + - { type: 'allow', url: '/libs/cq/i18n/*' } # (Internalization) + # CSRF + - { type: 'allow', url: '/libs/granite/csrf/token.json' } # enable CSRF token + # Deny content grabbing + - { type: 'deny', url: '*.infinity.json' } + - { type: 'deny', url: '*.tidy.json' } + - { type: 'deny', url: '*.sysview.xml' } + - { type: 'deny', url: '*.docview.json' } + - { type: 'deny', url: '*.docview.xml' } + - { type: 'deny', url: '*.*[0-9].json' } + # Deny query + - { type: 'deny', url: '*.query.json' } + cache_docroot: '/opt/adobe/www/cache/content/events/digital-discovery-summit' + cache_rules: + - { type: 'allow', glob: '*' } + cache_invalidate: + - { type: 'deny', glob: '*' } + - { type: 'allow', glob: '*.html' } + - { type: 'allow', glob: '/etc/segmentation.segment.js' } + - { type: 'allow', glob: '*/analytics.sitecatalyst.js' } + cache_allowed_clients: + - { type: 'deny', glob: '*' } + - { type: 'allow', glob: '127.0.0.1' } + cache_headers: + - 'X-Content-Type-Options' + - 'X-Frame-Options' + - 'X-XSS-Protection' + - 'Last-Modified' + - 'Expires' + - 'Content-Type' + - 'Access-Control-Allow-Origin' + ankyloscongress: + virtualhosts: + - www.ankyloscongress.com + clientheaders: + - '*' + renders: + - { hostname: "127.0.0.1", port: '4503' } + filter: + - { type: 'deny', glob: '*' } + - { type: 'allow', url: '/' } + - { type: 'allow', url: '*.html' } + - { type: 'allow', url: '*.css' } # enable css + - { type: 'allow', url: '*.gif' } # enable gifs + - { type: 'allow', url: '*.ico' } # enable icos + - { type: 'allow', url: '*.js' } # enable javascript + - { type: 'allow', url: '*.png' } # enable png + - { type: 'allow', url: '*.swf' } # enable flash + - { type: 'allow', url: '*.jpg' } # enable jpg + - { type: 'allow', url: '*.jpeg' } # enable jpeg + - { type: 'allow', url: '*.svg' } # enable svg + - { type: 'allow', url: '*.ttf' } # enable ttf + - { type: 'allow', url: '*.woff' } # enable woff + - { type: 'allow', url: '*.woff2' } # enable woff2 + - { type: 'allow', url: '*.eot' } # enable eot + - { type: 'allow', url: '*.pdf' } # enable pdf + - { type: 'allow', url: '*.wmv' } # enable wmv + - { type: 'allow', url: '*.psd' } # enable psd (Adobe Photoshop Dokument) + - { type: 'allow', url: '*.tif' } # enable tif + - { type: 'allow', url: '*.zip' } # enable zip + - { type: 'allow', url: '*.exe' } # enable exe + - { type: 'allow', url: '*.msi' } # enable msi + - { type: 'allow', url: '*.indd' } # enable indd (Adobe Indesign Dokument) + # Enable features + - { type: 'allow', url: '/libs/cq/personalization/*' } # enable personalization + - { type: 'allow', url: '/content/dam/api.json' } # enable generic asset JSON API + - { type: 'allow', url: '*.assetlibrary.json' } # enable asset library JSON API + - { type: 'allow', url: '*.articlelibrary.json' } # enable article library JSON API + - { type: 'allow', url: '*.assetdata.json' } # enable download basket JSON API + - { type: 'allow', url: '*.updatecheck.json' } # enable update check + - { type: 'allow', url: '*.dealers.json' } # enable dealer search JSON API + - { type: 'allow', method: 'post', url: '*.forms.html' } # enable forms + # Security Rules + - { type: 'deny', url: '/etc/' } + - { type: 'deny', url: '/libs/' } + - { type: 'allow', url: '/etc/designs/*' } + - { type: 'allow', url: '/etc/clientlibs/*' } + - { type: 'allow', url: '/etc/segmentation.segment.js' } + - { type: 'allow', url: '/libs/cq/personalization/components/clickstreamcloud/content/config.json' } + - { type: 'allow', url: '/libs/wcm/stats/tracker.js' } + - { type: 'allow', url: '/libs/cq/personalization/*' } # (JS, CSS and JSON) + - { type: 'allow', url: '/libs/cq/security/userinfo.json' } # (CQ user information) + - { type: 'allow', url: '/libs/granite/security/currentuser.json' } # (data must not be cached) + - { type: 'allow', url: '/libs/cq/i18n/*' } # (Internalization) + # CSRF + - { type: 'allow', url: '/libs/granite/csrf/token.json' } # enable CSRF token + # Deny content grabbing + - { type: 'deny', url: '*.infinity.json' } + - { type: 'deny', url: '*.tidy.json' } + - { type: 'deny', url: '*.sysview.xml' } + - { type: 'deny', url: '*.docview.json' } + - { type: 'deny', url: '*.docview.xml' } + - { type: 'deny', url: '*.*[0-9].json' } + # Deny query + - { type: 'deny', url: '*.query.json' } + cache_docroot: '/opt/adobe/www/cache/content/events/ankylos-congress-2018' + cache_rules: + - { type: 'allow', glob: '*' } + cache_invalidate: + - { type: 'deny', glob: '*' } + - { type: 'allow', glob: '*.html' } + - { type: 'allow', glob: '/etc/segmentation.segment.js' } + - { type: 'allow', glob: '*/analytics.sitecatalyst.js' } + cache_allowed_clients: + - { type: 'deny', glob: '*' } + - { type: 'allow', glob: '127.0.0.1' } + cache_headers: + - 'X-Content-Type-Options' + - 'X-Frame-Options' + - 'X-XSS-Protection' + - 'Last-Modified' + - 'Expires' + - 'Content-Type' + - 'Access-Control-Allow-Origin' assets: virtualhosts: - 'assets.dentsplysirona.com'