From 96ee18c02ac98f6f6a3b0007f5d578d2d304db1a Mon Sep 17 00:00:00 2001 From: Thomas Dalichow Date: Wed, 4 Jul 2018 16:21:28 +0200 Subject: [PATCH] fbb-www - enable HSTS headers --- customer/fbb-www/production.yaml | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/customer/fbb-www/production.yaml b/customer/fbb-www/production.yaml index 4e485ed5..d04ad0dd 100644 --- a/customer/fbb-www/production.yaml +++ b/customer/fbb-www/production.yaml @@ -290,6 +290,7 @@ infra::profile::apache::pp_vhosts: - 'HTTPS on X-Forwarded-Proto=https' - 'HTTPS on HTTPS=on' headers: + - 'set Strict-Transport-Security: max-age=31536000 env=HTTPS' - 'set X-Content-Type-Options: nosniff' - 'set X-XSS-Protection: "1; mode=block"' - 'set X-Frame-Options: DENY' @@ -327,6 +328,7 @@ infra::profile::apache::pp_vhosts: - 'HTTPS on X-Forwarded-Proto=https' - 'HTTPS on HTTPS=on' headers: + - 'set Strict-Transport-Security: max-age=31536000 env=HTTPS' - 'set X-Content-Type-Options: nosniff' - 'set X-XSS-Protection: "1; mode=block"' - 'set X-Frame-Options: DENY' @@ -366,6 +368,7 @@ infra::profile::apache::pp_vhosts: - 'HTTPS on X-Forwarded-Proto=https' - 'HTTPS on HTTPS=on' headers: + - 'set Strict-Transport-Security: max-age=31536000 env=HTTPS' - 'set X-Content-Type-Options: nosniff' - 'set X-XSS-Protection: "1; mode=block"' - 'set X-Frame-Options: DENY' @@ -730,6 +733,7 @@ infra::profile::apache::pp_vhosts: - 'HTTPS on X-Forwarded-Proto=https' - 'HTTPS on HTTPS=on' headers: + - 'set Strict-Transport-Security: max-age=31536000 env=HTTPS' - 'set X-Content-Type-Options: nosniff' - 'set X-XSS-Protection: "1; mode=block"' - 'set X-Frame-Options: DENY' @@ -809,6 +813,7 @@ infra::profile::apache::pp_vhosts: - 'Remote_Addr "172\.18\.49\.24" AdslZugriffErlaubt' - 'Remote_Addr "10\.99\.1\.10" AdslZugriffErlaubt' headers: + - 'set Strict-Transport-Security: max-age=31536000 env=HTTPS' - 'set X-Content-Type-Options: nosniff' - 'set X-XSS-Protection: "1; mode=block"' - 'set X-Frame-Options: DENY' -- 2.39.5