1
0
Fork 0
forked from mirrors/akkoma

installation/pleroma-apache.conf: OCSP stapling needs to be outside of the virtualhost directive

This commit is contained in:
shibayashi 2018-09-03 21:41:21 +02:00
parent d027c53d75
commit 8a4e2f48bf
No known key found for this signature in database
GPG key ID: C10662A33EB28508

View file

@ -27,12 +27,6 @@ CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLCompression off SSLCompression off
SSLSessionTickets off SSLSessionTickets off
# OCSP Stapling, only in httpd 2.3.3 and later
SSLUseStapling on
SSLStaplingResponderTimeout 5
SSLStaplingReturnResponderErrors off
SSLStaplingCache shmcb:/var/run/ocsp(128000)
Header always set X-Xss-Protection "1; mode=block" Header always set X-Xss-Protection "1; mode=block"
Header always set X-Frame-Options "DENY" Header always set X-Frame-Options "DENY"
Header always set X-Content-Type-Options "nosniff" Header always set X-Content-Type-Options "nosniff"
@ -54,3 +48,9 @@ CustomLog ${APACHE_LOG_DIR}/access.log combined
RequestHeader set Host "pleroma.example.com" RequestHeader set Host "pleroma.example.com"
ProxyPreserveHost On ProxyPreserveHost On
</VirtualHost> </VirtualHost>
# OCSP Stapling, only in httpd 2.3.3 and later
SSLUseStapling on
SSLStaplingResponderTimeout 5
SSLStaplingReturnResponderErrors off
SSLStaplingCache shmcb:/var/run/ocsp(128000)