diff --git a/.gitattributes b/.gitattributes index 78178b7..01a473e 100644 --- a/.gitattributes +++ b/.gitattributes @@ -14,6 +14,5 @@ # - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -.travis.yml export-ignore /.git* export-ignore /test export-ignore diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS index 75143b9..28449df 100644 --- a/.github/CODEOWNERS +++ b/.github/CODEOWNERS @@ -1,3 +1,3 @@ -# https://help.github.com/articles/about-codeowners/ +# https://help.github.com/en/github/creating-cloning-and-archiving-repositories/about-code-owners * @h5bp/server-configs-nginx diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md index b356997..75d3b91 100644 --- a/.github/CONTRIBUTING.md +++ b/.github/CONTRIBUTING.md @@ -8,7 +8,7 @@ Please take a moment to review this document in order to make the contribution process easy and effective for everyone involved. Following these guidelines helps to communicate that you respect the time of -the developers managing and developing this open source project. In return, +the developers managing and developing this open-source project. In return, they should reciprocate that respect in addressing your issue or assessing patches and features. @@ -41,7 +41,7 @@ Guidelines for bug reports: 2. **Check if the issue has been fixed** — try to reproduce it using the latest `master` or development branch in the repository. -3. **Isolate the problem** — ideally create a [reduced test +3. **Isolate the problem** — ideally, create a [reduced test case](https://css-tricks.com/reduced-test-cases/) and a live example. A good bug report shouldn't leave others needing to chase you up for more @@ -95,7 +95,7 @@ accurate comments, etc.) and any other requirements (such as test coverage). Adhering to the following process is the best way to get your work included in the project: -1. [Fork](https://help.github.com/articles/fork-a-repo/) the project, clone your +1. [Fork](https://help.github.com/en/github/getting-started-with-github/fork-a-repo) the project, clone your fork, and configure the remotes: ```bash @@ -123,8 +123,8 @@ included in the project: 4. Commit your changes in logical chunks. Please adhere to these [git commit message guidelines](https://tbaggery.com/2008/04/19/a-note-about-git-commit-messages.html) - or your code is unlikely be merged into the main project. Use Git's - [interactive rebase](https://help.github.com/articles/about-git-rebase/) + or your code is unlikely to be merged into the main project. Use Git's + [interactive rebase](https://help.github.com/en/github/using-git/about-git-rebase) feature to tidy up your commits before making them public. 5. Locally merge (or rebase) the upstream development branch into your topic branch: @@ -139,7 +139,7 @@ included in the project: git push origin ``` -7. [Open a Pull Request](https://help.github.com/articles/using-pull-requests/) +7. [Open a Pull Request](https://help.github.com/en/github/collaborating-with-issues-and-pull-requests/about-pull-requests) with a clear title and description. **IMPORTANT**: By submitting a patch, you agree to allow the project diff --git a/.github/workflows/server.yml b/.github/workflows/server.yml index c35f616..a7dbbb9 100644 --- a/.github/workflows/server.yml +++ b/.github/workflows/server.yml @@ -1,3 +1,5 @@ +# https://help.github.com/en/actions + name: server on: [push, pull_request] diff --git a/.gitignore b/.gitignore index 74c3947..4e4a6e1 100644 --- a/.gitignore +++ b/.gitignore @@ -1,7 +1,6 @@ -/logs/ -/conf.d/*.conf -!/conf.d/.default.conf -!/conf.d/no-ssl.default.conf -/test/* -!/test/vhosts/ -/k6/ +logs/ +conf.d/*.conf +!conf.d/.default.conf +!conf.d/no-ssl.default.conf +test/* +!test/vhosts/ diff --git a/README.md b/README.md index f922d6f..cf8a314 100644 --- a/README.md +++ b/README.md @@ -42,7 +42,7 @@ Most specific variables are: nginx -t -c nginx.conf ``` -* To reload Nginx and apply new config +* To reload Nginx and apply the new config ```shell nginx -s reload @@ -88,7 +88,7 @@ This repository has the following structure: * **`basic.conf`** This file loads a small subset of the rules provided by this repository to add - expires headers, allow cross domain fonts and protect system files from web + expires headers, allow cross-domain fonts and protect system files from web access. The `basic.conf` file includes the rules which are recommended to always be defined. diff --git a/h5bp/internet_explorer/x-ua-compatible.conf b/h5bp/internet_explorer/x-ua-compatible.conf index b109bad..56ef895 100644 --- a/h5bp/internet_explorer/x-ua-compatible.conf +++ b/h5bp/internet_explorer/x-ua-compatible.conf @@ -3,7 +3,7 @@ # ---------------------------------------------------------------------- # Force Internet Explorer 8/9/10 to render pages in the highest mode -# available in the various cases when it may not. +# available in various cases when it may not. # # https://hsivonen.fi/doctype/#ie8 # diff --git a/h5bp/location/security_file_access.conf b/h5bp/location/security_file_access.conf index 80c1d4b..1848020 100644 --- a/h5bp/location/security_file_access.conf +++ b/h5bp/location/security_file_access.conf @@ -2,7 +2,7 @@ # | File access | # ---------------------------------------------------------------------- -# Block access to all hidden files and directories with the exception of the +# Block access to all hidden files and directories except for the # visible content from within the `/.well-known/` hidden directory. # # These types of files usually contain user preferences or the preserved state diff --git a/h5bp/security/strict-transport-security.conf b/h5bp/security/strict-transport-security.conf index c9e8f51..9f917a4 100644 --- a/h5bp/security/strict-transport-security.conf +++ b/h5bp/security/strict-transport-security.conf @@ -9,13 +9,13 @@ # opportunity (the initial HTTP connection) for an attacker to downgrade or # redirect the request. # -# The following header ensures that browser only connects to your server +# The following header ensures that a browser only connects to your server # via HTTPS, regardless of what the users type in the browser's address bar. # # (!) Be aware that Strict Transport Security is not revokable and you # must ensure being able to serve the site over HTTPS for the duration # you've specified in the `max-age` directive. When you don't have a -# valid TLS connection anymore (e.g. due to an expired TLS cerfiticate) +# valid TLS connection anymore (e.g. due to an expired TLS certificate) # your visitors will see a nasty error message even when attempting to # connect over HTTP. # diff --git a/h5bp/security/x-xss-protection.conf b/h5bp/security/x-xss-protection.conf index 471345e..d3ae23e 100644 --- a/h5bp/security/x-xss-protection.conf +++ b/h5bp/security/x-xss-protection.conf @@ -7,8 +7,8 @@ # (1) Try to re-enable the cross-site scripting (XSS) filter built into most # web browsers. # -# The filter is usually enabled by default, but in some cases it may be -# disabled by the user. However, in Internet Explorer for example, it can be +# The filter is usually enabled by default, but in some cases, it may be +# disabled by the user. However, in Internet Explorer, for example, it can be # re-enabled just by sending the `X-XSS-Protection` header with the value # of `1`. # diff --git a/h5bp/web_performance/cache_expiration.conf b/h5bp/web_performance/cache_expiration.conf index 849a131..61c3757 100644 --- a/h5bp/web_performance/cache_expiration.conf +++ b/h5bp/web_performance/cache_expiration.conf @@ -2,7 +2,7 @@ # | Cache expiration | # ---------------------------------------------------------------------- -# Serve resources with far-future expiration date. +# Serve resources with a far-future expiration date. # # (!) If you don't control versioning with filename-based cache busting, you # should consider lowering the cache times to something like one week. diff --git a/h5bp/web_performance/pre-compressed_content_brotli.conf b/h5bp/web_performance/pre-compressed_content_brotli.conf index fda8806..b857f6e 100644 --- a/h5bp/web_performance/pre-compressed_content_brotli.conf +++ b/h5bp/web_performance/pre-compressed_content_brotli.conf @@ -2,8 +2,8 @@ # | Brotli pre-compressed content | # ---------------------------------------------------------------------- -# Serve brotli compressed files if they exist and if the client accepts brotli -# encoding. +# Serve brotli compressed CSS, JS, HTML, SVG, ICS and JSON files if they exist +# and if the client accepts br encoding. # # (!) To make this part relevant, you need to generate encoded files by your # own. Enabling this part will not auto-generate brotlied files. diff --git a/h5bp/web_performance/pre-compressed_content_gzip.conf b/h5bp/web_performance/pre-compressed_content_gzip.conf index 1809bfe..fb1c4f5 100644 --- a/h5bp/web_performance/pre-compressed_content_gzip.conf +++ b/h5bp/web_performance/pre-compressed_content_gzip.conf @@ -2,8 +2,8 @@ # | GZip pre-compressed content | # ---------------------------------------------------------------------- -# Serve gzip compressed files if they exist and if the client accepts gzip -# encoding. +# Serve gzip compressed CSS, JS, HTML, SVG, ICS, and JSON files if they exist +# and if the client accepts gzip encoding. # # (!) To make this part relevant, you need to generate encoded files by your # own. Enabling this part will not auto-generate gziped files.