Mercurial > repos > other > Puppet
view modules/website/files/zzz-0-custom.conf @ 358:6c29af16b177
Fix PHP-as-html file serving
author | IBBoard <dev@ibboard.co.uk> |
---|---|
date | Sat, 03 Oct 2020 19:41:25 +0100 |
parents | e046606cf218 |
children | df5ad1612af7 |
line wrap: on
line source
SSLProtocol all -SSLv3 -TLSv1 -TLSv1.1 SSLCipherSuite ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 SSLHonorCipherOrder off DirectoryIndex index.php index.html AddType image/x-icon .ico AddType application/x-7z-compressed .7z AddType application/x-rar .rar ExpiresActive On ExpiresByType image/jpeg "access plus 2 weeks" ExpiresByType image/gif "access plus 2 weeks" ExpiresByType image/png "access plus 2 weeks" ExpiresByType text/css "access plus 1 week" ExpiresByType text/javascript "access plus 1 month" ExpiresByType application/javascript "access plus 1 month" ExpiresByType application/x-javascript "access plus 1 month" ExpiresByType image/x-icon "access plus 1 month" <ifModule mod_deflate.c> AddOutputFilterByType DEFLATE text/plain AddOutputFilterByType DEFLATE text/html AddOutputFilterByType DEFLATE text/xml AddOutputFilterByType DEFLATE text/css AddOutputFilterByType DEFLATE text/javascript AddOutputFilterByType DEFLATE application/xml AddOutputFilterByType DEFLATE application/xhtml+xml AddOutputFilterByType DEFLATE application/rss+xml AddOutputFilterByType DEFLATE application/javascript AddOutputFilterByType DEFLATE application/x-javascript </ifModule> <IfModule mod_wsgi.c> WSGISocketPrefix run/wsgi </IfModule> BrowserMatch "Mozilla/2" nokeepalive BrowserMatch "MSIE 4\.0b2;" nokeepalive downgrade-1.0 force-response-1.0 BrowserMatch "RealPlayer 4\.0" force-response-1.0 BrowserMatch "Java/1\.0" force-response-1.0 BrowserMatch "JDK/1\.0" force-response-1.0 SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown KeepAlive On KeepAliveTimeout 5 MaxKeepAliveRequests 50 Header unset ETag FileETag None <Location /> AllowMethods HEAD POST GET OPTIONS </Location> <Files ".well-known"> Require all granted </Files> <FilesMatch "^((\.|~).*|.*(\.(dist|save|swo|swp|php_backup)|~)|backup\..*\.php)$"> Require all denied </FilesMatch> # "A man is not dead while his name is still spoken." - Going Postal, Chapter 4 prologue <IfModule headers_module> header set X-Clacks-Overhead "GNU Terry Pratchett" </IfModule> ServerTokens Minor Header always set Referrer-Policy "no-referrer-when-downgrade" # FIXME: This shouldn't be a fixed URL! Header always set Expect-CT "max-age=0, report-uri='https://ibboard.report-uri.io/r/default/ct/reportOnly'" # We can't just use IPV6 because we're proxying, so look for a colon to tell IPv4 from v6 <If "%{REMOTE_ADDR} =~ /:/"> Header always set X-The-Future "Welcome to the future with IPv6!" </If>