diff options
| author | William Pitcock <nenolod@dereferenced.org> | 2018-11-11 06:56:46 +0000 |
|---|---|---|
| committer | William Pitcock <nenolod@dereferenced.org> | 2018-11-11 06:56:46 +0000 |
| commit | e4bd5a6950d08eddbbc12ddd3f2e91c43544238c (patch) | |
| tree | a66e4537a439378a5beb98f91e81b8039075ce32 | |
| parent | df72978dce3805157537e8fa1a2fec35fcf9a7cd (diff) | |
| download | pleroma-e4bd5a6950d08eddbbc12ddd3f2e91c43544238c.tar.gz pleroma-e4bd5a6950d08eddbbc12ddd3f2e91c43544238c.zip | |
example configs: kill STS/CT headers
| -rw-r--r-- | installation/caddyfile-pleroma.example | 5 | ||||
| -rw-r--r-- | installation/pleroma-apache.conf | 3 | ||||
| -rw-r--r-- | installation/pleroma.nginx | 3 | ||||
| -rw-r--r-- | installation/pleroma.vcl | 5 |
4 files changed, 0 insertions, 16 deletions
diff --git a/installation/caddyfile-pleroma.example b/installation/caddyfile-pleroma.example index c34b47045..03ff000b6 100644 --- a/installation/caddyfile-pleroma.example +++ b/installation/caddyfile-pleroma.example @@ -21,11 +21,6 @@ example.tld { ciphers ECDHE-ECDSA-WITH-CHACHA20-POLY1305 ECDHE-RSA-WITH-CHACHA20-POLY1305 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-GCM-SHA256 } - header / { - Strict-Transport-Security "max-age=31536000; includeSubDomains;" - Expect-CT "enforce, max-age=2592000" - } - # If you do not want to use the mediaproxy function, remove these lines. # To use this directive, you need the http.cache plugin for Caddy. cache { diff --git a/installation/pleroma-apache.conf b/installation/pleroma-apache.conf index cbb165064..d5e75044f 100644 --- a/installation/pleroma-apache.conf +++ b/installation/pleroma-apache.conf @@ -34,9 +34,6 @@ CustomLog ${APACHE_LOG_DIR}/access.log combined SSLCompression off SSLSessionTickets off - # Uncomment this only after you get HTTPS working. - # Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains" - RewriteEngine On RewriteCond %{HTTP:Connection} Upgrade [NC] RewriteCond %{HTTP:Upgrade} websocket [NC] diff --git a/installation/pleroma.nginx b/installation/pleroma.nginx index 62c99383f..f0e684f2c 100644 --- a/installation/pleroma.nginx +++ b/installation/pleroma.nginx @@ -60,9 +60,6 @@ server { client_max_body_size 16m; location / { - # Uncomment this only after you get HTTPS working. - # add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; - proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; diff --git a/installation/pleroma.vcl b/installation/pleroma.vcl index 5d80c6f44..63c1cb74d 100644 --- a/installation/pleroma.vcl +++ b/installation/pleroma.vcl @@ -119,8 +119,3 @@ sub vcl_pipe { set bereq.http.connection = req.http.connection; } } - -sub vcl_deliver { - # Uncomment this only after you get HTTPS working. - # set resp.http.Strict-Transport-Security= "max-age=31536000; includeSubDomains"; -} |