From f9fd1a94c4f5f12b289e0aa025ca4c3f4e469362 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sat, 27 Apr 2024 23:49:20 +0200 Subject: Setting HSTS options to "max-age=63072000; includeSubDomains; preload". Signed-off-by: Daniel Baumann --- debian/apache2.postinst | 2 +- debian/config-dir/conf-available/hsts.conf | 7 +++++++ 2 files changed, 8 insertions(+), 1 deletion(-) create mode 100644 debian/config-dir/conf-available/hsts.conf (limited to 'debian') diff --git a/debian/apache2.postinst b/debian/apache2.postinst index c9a0192..bc839f1 100644 --- a/debian/apache2.postinst +++ b/debian/apache2.postinst @@ -56,7 +56,7 @@ enable_default_conf() if is_fresh_install $@ ; then for conf in charset localized-error-pages other-vhosts-access-log \ security serve-cgi-bin \ - csp ; do + csp hsts ; do a2enconf -m -q $conf done fi diff --git a/debian/config-dir/conf-available/hsts.conf b/debian/config-dir/conf-available/hsts.conf new file mode 100644 index 0000000..baf11af --- /dev/null +++ b/debian/config-dir/conf-available/hsts.conf @@ -0,0 +1,7 @@ +# /etc/apache2/conf-available/hsts.conf + + + + Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" + + -- cgit v1.2.3