From: Philipp Dallig Date: Tue, 14 Mar 2017 11:30:59 +0000 (+0100) Subject: bmbf - set security header for new vhosts X-Git-Tag: v0.1.0~3453^2 X-Git-Url: https://git.uhu-banane.de/?a=commitdiff_plain;h=cf775e5832131be17e70d92ce7f05379e9500389;p=pixelpark%2Fhiera.git bmbf - set security header for new vhosts --- diff --git a/customer/bmbf/test-web02-bmbf.pixelpark.net.yaml b/customer/bmbf/test-web02-bmbf.pixelpark.net.yaml index dd613baf..7ea59036 100644 --- a/customer/bmbf/test-web02-bmbf.pixelpark.net.yaml +++ b/customer/bmbf/test-web02-bmbf.pixelpark.net.yaml @@ -139,48 +139,160 @@ site::profile::apache::pp_vhosts: ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + headers: + - 'always unset "X-Powered-By"' + - 'set X-Content-Type-Options: nosniff' + - 'set X-XSS-Protection: "1; mode=block"' + - 'set X-Frame-Options: DENY' + directories: + - directory_root: + provider: directory + path: '/var/www/wissenschaftsjahr/2007' + options: + - FollowSymLinks + - MultiViews + allow_override: + - None jahr-der-mathematik: docroot: /var/www/wissenschaftsjahr/2008 servername: test-jahr-der-mathematik-de.pixelpark.net ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + headers: + - 'always unset "X-Powered-By"' + - 'set X-Content-Type-Options: nosniff' + - 'set X-XSS-Protection: "1; mode=block"' + - 'set X-Frame-Options: DENY' + directories: + - directory_root: + provider: directory + path: '/var/www/wissenschaftsjahr/2008' + options: + - FollowSymLinks + - MultiViews + allow_override: + - None forschungsexpedition: docroot: /var/www/wissenschaftsjahr/2009 servername: test-www-forschungsexpedition-de.pixelpark.net ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + headers: + - 'always unset "X-Powered-By"' + - 'set X-Content-Type-Options: nosniff' + - 'set X-XSS-Protection: "1; mode=block"' + - 'set X-Frame-Options: DENY' + directories: + - directory_root: + provider: directory + path: '/var/www/wissenschaftsjahr/2009' + options: + - FollowSymLinks + - MultiViews + allow_override: + - None zukunft-der-energie: docroot: /var/www/wissenschaftsjahr/2010 servername: test-www-zukunft-der-energie-de.pixelpark.net ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + headers: + - 'always unset "X-Powered-By"' + - 'set X-Content-Type-Options: nosniff' + - 'set X-XSS-Protection: "1; mode=block"' + - 'set X-Frame-Options: DENY' + directories: + - directory_root: + provider: directory + path: '/var/www/wissenschaftsjahr/2010' + options: + - FollowSymLinks + - MultiViews + allow_override: + - None forschung-fuer-unsere-gesundheit: docroot: /var/www/wissenschaftsjahr/2011 servername: test-www-forschung-fuer-unsere-gesundheit-de.pixelpark.net ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + headers: + - 'always unset "X-Powered-By"' + - 'set X-Content-Type-Options: nosniff' + - 'set X-XSS-Protection: "1; mode=block"' + - 'set X-Frame-Options: DENY' + directories: + - directory_root: + provider: directory + path: '/var/www/wissenschaftsjahr/2011' + options: + - FollowSymLinks + - MultiViews + allow_override: + - None zukunftsprojekt-erde: docroot: /var/www/wissenschaftsjahr/2012 servername: test-www-zukunftsprojekt-erde-de.pixelpark.net ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + headers: + - 'always unset "X-Powered-By"' + - 'set X-Content-Type-Options: nosniff' + - 'set X-XSS-Protection: "1; mode=block"' + - 'set X-Frame-Options: DENY' + directories: + - directory_root: + provider: directory + path: '/var/www/wissenschaftsjahr/2012' + options: + - FollowSymLinks + - MultiViews + allow_override: + - None pioniere-des-demografischen-wandels: docroot: /var/www/wissenschaftsjahr/2013 servername: test-pioniere-des-demografischen-wandels-de.pixelpark.net ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + headers: + - 'always unset "X-Powered-By"' + - 'set X-Content-Type-Options: nosniff' + - 'set X-XSS-Protection: "1; mode=block"' + - 'set X-Frame-Options: DENY' + directories: + - directory_root: + provider: directory + path: '/var/www/wissenschaftsjahr/2013' + options: + - FollowSymLinks + - MultiViews + allow_override: + - None digital-ist: docroot: /var/www/wissenschaftsjahr/2014 servername: test-digital-ist-de.pixelpark.net ssl_cert: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem' ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem' + headers: + - 'always unset "X-Powered-By"' + - 'set X-Content-Type-Options: nosniff' + - 'set X-XSS-Protection: "1; mode=block"' + - 'set X-Frame-Options: DENY' + directories: + - directory_root: + provider: directory + path: '/var/www/wissenschaftsjahr/2014' + options: + - FollowSymLinks + - MultiViews + allow_override: + - None wissenschaftsjahr-zukunftsstadt: docroot: /var/www/wissenschaftsjahr/2015 servername: test-www-wissenschaftsjahr-zukunftsstadt-de.pixelpark.net @@ -195,7 +307,7 @@ site::profile::apache::pp_vhosts: directories: - directory_root: provider: directory - path: '%{docroot}' + path: '/var/www/wissenschaftsjahr/2015' options: - FollowSymLinks - MultiViews