22abda7495
Set `ssl_prefer_server_ciphers` to `off` ( #328 )
...
Co-authored-by: Léo Colombaro <git@colombaro.fr>
2023-02-24 22:24:52 +01:00
2dcb1c26dc
Add a link to cache expiration `expires` docs
2022-12-05 20:39:44 +01:00
00377b8d29
Rewrite `no-cache` usage docs
2022-12-05 20:08:47 +01:00
373d86a396
Document `Cache-Control`
2022-12-05 20:08:47 +01:00
9fa553bbc4
Use proper `Cache-Control` values
2022-12-05 20:08:47 +01:00
8927afb6f9
Initial usage
2022-12-05 20:08:47 +01:00
71568bffdb
Initial Cache-Control template
2022-12-05 20:08:47 +01:00
b46293cb35
Improve inline alignement
2022-12-05 14:22:08 +01:00
3279a4403c
Reorder and improve `expires` map
2022-12-04 23:37:37 +01:00
7a46aee299
Improve Content transformation docs
2022-12-04 23:31:29 +01:00
9c15882b21
Fix comment indentation
2022-11-03 01:30:40 +00:00
b83e71bb7e
Replace expires -1 with epoch
2022-11-01 15:59:51 +01:00
771aa10f19
change cache-control to no-cache from max-age=0 for content-types that should not be cached by default
2022-11-01 15:59:51 +01:00
a138f35aca
Remove max-age from mime-types that should not be cached
2022-11-01 15:59:51 +01:00
537a0229a1
Ico files support compression
2021-11-14 22:55:50 +01:00
3869706922
Use one year as default cache TTL
2021-11-14 22:52:52 +01:00
4a229657fd
Extend media and font cache TTL to 1 year
2021-11-14 22:52:52 +01:00
4a40f258a2
Use latest server-configs-test and align requirements
2021-06-29 00:54:40 +02:00
25a569d97d
Add Cross Origin Policies headers
...
Ref https://github.com/h5bp/server-configs-apache/issues/250
2021-06-28 14:46:32 +02:00
36310b927b
Add `Permissions-Policy` header
...
Ref https://github.com/h5bp/server-configs-apache/issues/179
2021-06-28 14:43:00 +02:00
b9ef881d62
Add JPEG XL `image/jxl` MIME type ( #274 )
2021-06-24 16:41:52 +02:00
db79ae491f
Fix documentation wording
2021-06-14 20:21:21 +02:00
688348a5fd
Modernize TLS configuration
2021-06-14 15:24:52 +02:00
f6e5a123e2
Improve security headers documentation
...
Refresh and reorder links
2021-06-14 12:38:26 +02:00
f239e2d043
Clean up IE reference
2021-06-14 01:14:22 +02:00
836467c8b5
Drop `X-XSS-Protection` header usage as per its deprecation
...
Ref https://github.com/h5bp/server-configs-apache/pull/253
Ref https://github.com/h5bp/server-configs-apache/issues/198
Closes https://github.com/h5bp/server-configs-nginx/pull/260
2021-06-14 01:14:22 +02:00
4556277ced
Drop `X-UA-Compatible` header usage as per IE deprecation
...
Ref https://github.com/h5bp/server-configs-apache/issues/210
Ref https://github.com/h5bp/server-configs-apache/issues/182
2021-06-14 01:14:22 +02:00
501444ab43
Improve `X-Frame-Options` documentation ( #277 )
...
Co-authored-by: Léo Colombaro <git@colombaro.fr>
2021-06-13 23:30:25 +02:00
a9aea7038c
Add mime-type `image/avif` and `image/avifs`
2021-01-05 10:49:47 +01:00
d7f6fa09d3
docs: Correct reference to weaker policy in doc block.
2020-12-30 00:09:53 +01:00
654f1aa49c
minor presentational fixes
2020-12-29 20:55:50 +01:00
f0b3fd25ce
Improve writing
...
[ci skip]
2020-12-29 18:22:16 +01:00
abcf858614
Assorted grammar and link fixes
2020-04-14 11:54:27 +02:00
98de990c1c
Add expandable policies to SVGZ
2020-04-13 14:44:29 +02:00
d2f597235a
Do no use non-ASCII characters in loaded configs
...
I had an issue with Certbot (let's encrypt) which failed to reload nginx due to a non-ASCII character in a loaded config file.
E.g.: `Attempting to renew cert (domain.com) from /etc/letsencrypt/renewal/domain.com.conf produced an unexpected error: 'ascii' codec can't decode byte 0xe2 in position 762: ordinal not in range(128). Skipping.`
I found this character using `grep -r -P '[^\x00-\x7f]' /etc/nginx`.
2020-02-05 18:33:14 +01:00
28cb47df42
Rename no-transform.conf file to content_transformation.conf
...
Align with other files and with Apache struct
2020-01-04 18:06:00 +01:00
e0724b8149
Stricter default for Referrer Policy
...
Ref: https://github.com/h5bp/server-configs-apache/pull/204
2020-01-03 19:36:51 +01:00
177a5e94a6
Improve HSTS documentation
...
Ref: https://github.com/h5bp/server-configs-apache/pull/196
2020-01-03 19:34:40 +01:00
7a44fdf69f
Add `font/ttf` & `font/eot` to compressible mime-types list ( #242 )
...
Ref:
* jshttp/mime-db#169
* developers.google.com/web/fundamentals/performance/optimizing-content-efficiency/webfont-optimization#reducing_font_size_with_compression
2019-10-25 10:59:10 +01:00
0af305283f
Fixed description for SSL session cache & timeout ( #237 )
2019-09-08 00:46:31 +02:00
6d1a9d46e6
Additional compression method added for gzip ( #236 )
2019-08-12 21:21:20 +02:00
a1a746a347
Switch tertiary DNS used for OCSP checking to OpenDNS ( #235 )
...
Oracle is shutting down Dyn DNS in 2020.
2019-06-26 00:12:26 +02:00
bc39e4c07d
Revert "Drop Cache-Control: no-transform usage"
...
This partially reverts commit 282d979ahttps://github.com/h5bp/server-configs-apache/issues/185
2019-06-06 00:46:47 +02:00
8db768bd61
Pre-compressed content usage config files
...
Closes #231
2019-05-16 22:57:57 +02:00
d7fc6c362d
Fix rebase artifacts
2019-05-16 00:16:59 +02:00
67c54c53f1
Documentation formatting and reviewing ( #232 )
...
No code changes, some config reordering
2019-05-15 23:20:10 +02:00
c73d1efb60
Fix 304 responses Cache-control override
...
Fix #230
2019-05-15 21:07:50 +02:00
7418b5023b
Fix dropped Cache-Control: no-transform usage for SVGZ Compression
2019-05-15 19:02:13 +02:00
0a6c880be0
Improve wording and file headers
2019-05-15 18:26:04 +02:00
282d979af4
Drop Cache-Control: no-transform usage
...
Obsoleted with secure servers
See https://github.com/h5bp/server-configs-apache/issues/185
2019-05-15 18:24:30 +02:00
avj