diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 15:17:09 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 15:17:09 +0000 |
commit | dc8a4f1159e390dfe8d30f3d039449bba627342c (patch) | |
tree | afc6ee5025159dfc51b6645cfca61f5e1f7ed34e | |
parent | Setting Content-Security-Policy to "default-src https: 'self'; style-src http... (diff) | |
download | apache2-dc8a4f1159e390dfe8d30f3d039449bba627342c.tar.xz apache2-dc8a4f1159e390dfe8d30f3d039449bba627342c.zip |
Setting HSTS options to "max-age=63072000; includeSubDomains; preload".
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
-rw-r--r-- | debian/apache2.postinst | 2 | ||||
-rw-r--r-- | debian/config-dir/conf-available/hsts.conf | 7 |
2 files changed, 8 insertions, 1 deletions
diff --git a/debian/apache2.postinst b/debian/apache2.postinst index c9a0192..bc839f1 100644 --- a/debian/apache2.postinst +++ b/debian/apache2.postinst @@ -56,7 +56,7 @@ enable_default_conf() if is_fresh_install $@ ; then for conf in charset localized-error-pages other-vhosts-access-log \ security serve-cgi-bin \ - csp ; do + csp hsts ; do a2enconf -m -q $conf done fi diff --git a/debian/config-dir/conf-available/hsts.conf b/debian/config-dir/conf-available/hsts.conf new file mode 100644 index 0000000..baf11af --- /dev/null +++ b/debian/config-dir/conf-available/hsts.conf @@ -0,0 +1,7 @@ +# /etc/apache2/conf-available/hsts.conf + +<IfModule mod_ssl.c> + <IfModule mod_headers.c> + Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" + </IfModule> +</IfModule> |