Skip to content

Commit c143acc

Browse files
AvverbioPronomenachoparker
AvverbioPronome
authored and
nachoparker
committed
do not hsts preload by default, only serve hsts header over https
Signed-off-by: Giuseppe C <AvverbioPronome@users.noreply.github.com>
1 parent c506b22 commit c143acc

File tree

4 files changed

+17
-7
lines changed

4 files changed

+17
-7
lines changed

bin/ncp/CONFIG/nc-nextcloud.sh

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -194,6 +194,9 @@ EOF
194194
LimitRequestBody 0
195195
SSLRenegBufferSize 10486000
196196
</Directory>
197+
<IfModule mod_headers.c>
198+
Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains"
199+
</IfModule>
197200
</IfModule>
198201
EOF
199202
a2ensite nextcloud
@@ -206,6 +209,14 @@ EOF
206209
RewriteCond %{HTTPS} !=on
207210
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
208211
</IfModule>
212+
<Directory /var/www/nextcloud/>
213+
Options +FollowSymlinks
214+
AllowOverride All
215+
<IfModule mod_dav.c>
216+
Dav off
217+
</IfModule>
218+
LimitRequestBody 0
219+
</Directory>
209220
</VirtualHost>
210221
EOF
211222

changelog.md

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,7 @@
11

2-
[v1.29.6](https://github.com/nextcloud/nextcloudpi/commit/55e16b2) (2020-08-29) ncp-web: Fix the style of the language selection dropdown (chrome)
2+
[v1.29.7](https://github.com/nextcloud/nextcloudpi/commit/d98e7ad) (2020-07-24) do not hsts preload by default, only serve hsts header over https
3+
4+
[v1.29.6](https://github.com/nextcloud/nextcloudpi/commit/14b78e3) (2020-08-29) ncp-web: Fix the style of the language selection dropdown (chrome)
35

46
[v1.29.5 ](https://github.com/nextcloud/nextcloudpi/commit/34e84ba) (2020-08-30) ncp-web: fix initial screen displaying all sections
57

lamp.sh

Lines changed: 0 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -73,12 +73,6 @@ SSLUseStapling on
7373
SSLStaplingResponderTimeout 5
7474
SSLStaplingReturnResponderErrors off
7575
SSLStaplingCache shmcb:/var/run/ocsp(128000)
76-
EOF
77-
78-
cat >> /etc/apache2/apache2.conf <<EOF
79-
<IfModule mod_headers.c>
80-
Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload"
81-
</IfModule>
8276
EOF
8377

8478
# CONFIGURE PHP7

ncp.sh

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -73,6 +73,9 @@ Listen 4443
7373
SSLEngine on
7474
SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem
7575
SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key
76+
<IfModule mod_headers.c>
77+
Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains"
78+
</IfModule>
7679
7780
# 2 days to avoid very big backups requests to timeout
7881
TimeOut 172800

0 commit comments

Comments
 (0)