projects
/
akkoma
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
[Pleroma.Web.MastodonAPI.StatusView] add replies_count
[akkoma]
/
installation
/
pleroma-apache.conf
diff --git
a/installation/pleroma-apache.conf
b/installation/pleroma-apache.conf
index bf8db63ad587406a96fe0b1a9816f61d8e98fda7..992c0c900361562ed6909324a7844dc846793a1f 100644
(file)
--- a/
installation/pleroma-apache.conf
+++ b/
installation/pleroma-apache.conf
@@
-27,17
+27,11
@@
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCompression off
SSLSessionTickets off
SSLCompression off
SSLSessionTickets off
- # OCSP Stapling, only in httpd 2.3.3 and later
- SSLUseStapling on
- SSLStaplingResponderTimeout 5
- SSLStaplingReturnResponderErrors off
- SSLStaplingCache shmcb:/var/run/ocsp(128000)
-
Header always set X-Xss-Protection "1; mode=block"
Header always set X-Frame-Options "DENY"
Header always set X-Content-Type-Options "nosniff"
Header always set Referrer-Policy same-origin
Header always set X-Xss-Protection "1; mode=block"
Header always set X-Frame-Options "DENY"
Header always set X-Content-Type-Options "nosniff"
Header always set Referrer-Policy same-origin
- Header always set Content-Security-Policy "default-src 'none'; base-uri 'self'; form-action 'self'; img-src 'self' data: https:; media-src 'self' https:; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self'; connect-src 'self' wss://pleroma.example.tld; upgrade-insecure-requests;"
+ Header always set Content-Security-Policy "default-src 'none'; base-uri 'self'; form-action 'self';
frame-ancestors 'none';
img-src 'self' data: https:; media-src 'self' https:; style-src 'self' 'unsafe-inline'; font-src 'self'; script-src 'self'; connect-src 'self' wss://pleroma.example.tld; upgrade-insecure-requests;"
# Uncomment this only after you get HTTPS working.
# Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
# Uncomment this only after you get HTTPS working.
# Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
@@
-54,3
+48,9
@@
CustomLog ${APACHE_LOG_DIR}/access.log combined
RequestHeader set Host "pleroma.example.com"
ProxyPreserveHost On
</VirtualHost>
RequestHeader set Host "pleroma.example.com"
ProxyPreserveHost On
</VirtualHost>
+
+# OCSP Stapling, only in httpd 2.3.3 and later
+SSLUseStapling on
+SSLStaplingResponderTimeout 5
+SSLStaplingReturnResponderErrors off
+SSLStaplingCache shmcb:/var/run/ocsp(128000)
\ No newline at end of file