diff options
Diffstat (limited to 'puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb')
-rw-r--r-- | puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb b/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb index 4b051699..5e3960c2 100644 --- a/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb +++ b/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb @@ -21,6 +21,14 @@ RequestHeader set X_FORWARDED_PROTO 'https' + <IfModule mod_headers.c> +<% if @webapp['secure'] -%> + Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains" +<% end -%> + Header always unset X-Powered-By + Header always unset X-Runtime + </IfModule> + DocumentRoot /srv/leap/webapp/public RewriteEngine On |