From cc88ee736856e11daeb398a1e1a48efa4a993e0f Mon Sep 17 00:00:00 2001
From: Thomas Heller <thomas.heller@pixelpark.com>
Date: Fri, 30 Sep 2016 10:37:41 +0200
Subject: [PATCH] bkk-vbu - config changes

---
 ...1-meine-krankenkasse-de.pixelpark.net.yaml | 28 +++++++++++--------
 1 file changed, 16 insertions(+), 12 deletions(-)

diff --git a/customer/bkk-vbu/dev-web01-meine-krankenkasse-de.pixelpark.net.yaml b/customer/bkk-vbu/dev-web01-meine-krankenkasse-de.pixelpark.net.yaml
index 09d0561d..e477b7f3 100644
--- a/customer/bkk-vbu/dev-web01-meine-krankenkasse-de.pixelpark.net.yaml
+++ b/customer/bkk-vbu/dev-web01-meine-krankenkasse-de.pixelpark.net.yaml
@@ -45,6 +45,10 @@ site::profile::apache::pp_vhosts:
     redirect_dest_non_ssl: 'https://dev-web01-meine-krankenkasse-de.pixelpark.net/'
     headers:
       - 'set X-Content-Type-Options: nosniff'
+      - 'set X-XSS-Protection: 1; mode=block'
+      - 'set X-Frame-Options: DENY'
+      - "set Content-Security-Policy: \"default-src 'self'; img-src 'self' webstats.pixelpark.com data:; font-src 'self'; style-src 'self'; script-src 'self' webstats.pixelpark.com; frame-src 'self'; frame-ancestors 'self'\""
+      - "set X-Content-Security-Policy: \"default-src 'self'; img-src 'self' webstats.pixelpark.com data:; font-src 'self'; style-src 'self'; script-src 'self' webstats.pixelpark.com; frame-src 'self'; frame-ancestors 'self'\""
     headers_ssl:
       - 'always set Strict-Transport-Security "max-age=31556926"'
     custom_fragment: |
@@ -124,7 +128,7 @@ site::profile::apache::pp_vhosts:
 
 site::profile::typo3::projects:
   cms01:
-    version: '7.6.9'
+    version: '7.6.11'
     site_path: '/var/www/bkk-meine-krankenkasse'
     db_pass: '5PQQ3NC55JFP'
     db_user: bkk
@@ -135,17 +139,17 @@ site::profile::typo3::projects:
     ssl_key: '/etc/pki/tls/private/wildcard.pixelpark.net-key.pem'
     ssl_chain: '/etc/pki/tls/certs/wildcard.pixelpark.net-cert.pem'
 #   redirect_dest_non_ssl: 'https://dev-cms01-meine-krankenkasse-de.pixelpark.net/'
-    directories:
-      - location1:
-        provider: location
-        path: '/'
-        auth_type: Digest
-        auth_name: cms
-        auth_digest_provider: file
-        auth_digest_algorithm: MD5
-        auth_user_file: '/etc/httpd/htdigest'
-        auth_require: 'valid-user'
-        require: local
+#   directories:
+#      - location1:
+#        provider: location
+#        path: '/'
+#        auth_type: Digest
+#        auth_name: cms
+#        auth_digest_provider: file
+#        auth_digest_algorithm: MD5
+#        auth_user_file: '/etc/httpd/htdigest'
+#        auth_require: 'valid-user'
+#        require: local
     user: deploy.vogel
     mode: '2775'
 
-- 
2.39.5