summaryrefslogtreecommitdiff
path: root/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb
diff options
context:
space:
mode:
Diffstat (limited to 'puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb')
-rw-r--r--puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb8
1 files changed, 8 insertions, 0 deletions
diff --git a/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb b/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb
index 4b051699..5e3960c2 100644
--- a/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb
+++ b/puppet/modules/site_apache/templates/vhosts.d/leap_webapp.conf.erb
@@ -21,6 +21,14 @@
RequestHeader set X_FORWARDED_PROTO 'https'
+ <IfModule mod_headers.c>
+<% if @webapp['secure'] -%>
+ Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
+<% end -%>
+ Header always unset X-Powered-By
+ Header always unset X-Runtime
+ </IfModule>
+
DocumentRoot /srv/leap/webapp/public
RewriteEngine On
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-28 20:48:56 +0000