Commit Graph

131 Commits

Author SHA1 Message Date
Léo Colombaro 7a46aee299
Improve Content transformation docs 2022-12-04 23:31:29 +01:00
Léo Colombaro 9c15882b21
Fix comment indentation 2022-11-03 01:30:40 +00:00
Allan Tatter b83e71bb7e Replace expires -1 with epoch 2022-11-01 15:59:51 +01:00
Allan Tatter 771aa10f19 change cache-control to no-cache from max-age=0 for content-types that should not be cached by default 2022-11-01 15:59:51 +01:00
Allan Tatter a138f35aca Remove max-age from mime-types that should not be cached 2022-11-01 15:59:51 +01:00
Léo Colombaro 537a0229a1 Ico files support compression 2021-11-14 22:55:50 +01:00
Léo Colombaro 3869706922 Use one year as default cache TTL 2021-11-14 22:52:52 +01:00
Jamie Burchell 4a229657fd Extend media and font cache TTL to 1 year 2021-11-14 22:52:52 +01:00
Léo Colombaro 4a40f258a2
Use latest server-configs-test and align requirements 2021-06-29 00:54:40 +02:00
Léo Colombaro 25a569d97d
Add Cross Origin Policies headers
Ref https://github.com/h5bp/server-configs-apache/issues/250
2021-06-28 14:46:32 +02:00
Léo Colombaro 36310b927b
Add `Permissions-Policy` header
Ref https://github.com/h5bp/server-configs-apache/issues/179
2021-06-28 14:43:00 +02:00
Phil Wareham b9ef881d62
Add JPEG XL `image/jxl` MIME type (#274) 2021-06-24 16:41:52 +02:00
Léo Colombaro db79ae491f
Fix documentation wording 2021-06-14 20:21:21 +02:00
Léo Colombaro 688348a5fd Modernize TLS configuration 2021-06-14 15:24:52 +02:00
Léo Colombaro f6e5a123e2
Improve security headers documentation
Refresh and reorder links
2021-06-14 12:38:26 +02:00
Léo Colombaro f239e2d043 Clean up IE reference 2021-06-14 01:14:22 +02:00
Léo Colombaro 836467c8b5 Drop `X-XSS-Protection` header usage as per its deprecation
Ref https://github.com/h5bp/server-configs-apache/pull/253
Ref https://github.com/h5bp/server-configs-apache/issues/198

Closes https://github.com/h5bp/server-configs-nginx/pull/260
2021-06-14 01:14:22 +02:00
Léo Colombaro 4556277ced Drop `X-UA-Compatible` header usage as per IE deprecation
Ref https://github.com/h5bp/server-configs-apache/issues/210
Ref https://github.com/h5bp/server-configs-apache/issues/182
2021-06-14 01:14:22 +02:00
Julio 501444ab43
Improve `X-Frame-Options` documentation (#277)
Co-authored-by: Léo Colombaro <git@colombaro.fr>
2021-06-13 23:30:25 +02:00
Léo Colombaro a9aea7038c Add mime-type `image/avif` and `image/avifs` 2021-01-05 10:49:47 +01:00
franz-josef-kaiser d7f6fa09d3 docs: Correct reference to weaker policy in doc block. 2020-12-30 00:09:53 +01:00
Pete Cooper 654f1aa49c minor presentational fixes 2020-12-29 20:55:50 +01:00
Léo Colombaro f0b3fd25ce
Improve writing
[ci skip]
2020-12-29 18:22:16 +01:00
Léo Colombaro abcf858614 Assorted grammar and link fixes 2020-04-14 11:54:27 +02:00
Léo Colombaro 98de990c1c Add expandable policies to SVGZ 2020-04-13 14:44:29 +02:00
Vincent Herbet d2f597235a Do no use non-ASCII characters in loaded configs
I had an issue with Certbot (let's encrypt) which failed to reload nginx due to a non-ASCII character in a loaded config file.
E.g.: `Attempting to renew cert (domain.com) from /etc/letsencrypt/renewal/domain.com.conf produced an unexpected error: 'ascii' codec can't decode byte 0xe2 in position 762: ordinal not in range(128). Skipping.`

I found this character using `grep -r -P '[^\x00-\x7f]' /etc/nginx`.
2020-02-05 18:33:14 +01:00
Léo Colombaro 28cb47df42
Rename no-transform.conf file to content_transformation.conf
Align with other files and with Apache struct
2020-01-04 18:06:00 +01:00
Léo Colombaro e0724b8149
Stricter default for Referrer Policy
Ref: https://github.com/h5bp/server-configs-apache/pull/204
2020-01-03 19:36:51 +01:00
Léo Colombaro 177a5e94a6
Improve HSTS documentation
Ref: https://github.com/h5bp/server-configs-apache/pull/196
2020-01-03 19:34:40 +01:00
minusf 7a44fdf69f Add `font/ttf` & `font/eot` to compressible mime-types list (#242)
Ref:
* jshttp/mime-db#169
* developers.google.com/web/fundamentals/performance/optimizing-content-efficiency/webfont-optimization#reducing_font_size_with_compression
2019-10-25 10:59:10 +01:00
Rahil 0af305283f Fixed description for SSL session cache & timeout (#237) 2019-09-08 00:46:31 +02:00
Jogendra Kumar 6d1a9d46e6 Additional compression method added for gzip (#236) 2019-08-12 21:21:20 +02:00
Pete Cooper a1a746a347 Switch tertiary DNS used for OCSP checking to OpenDNS (#235)
Oracle is shutting down Dyn DNS in 2020.
2019-06-26 00:12:26 +02:00
Léo Colombaro bc39e4c07d
Revert "Drop Cache-Control: no-transform usage"
This partially reverts commit 282d979a

Ref https://github.com/h5bp/server-configs-apache/issues/185
2019-06-06 00:46:47 +02:00
Léo Colombaro 8db768bd61
Pre-compressed content usage config files
Closes #231
2019-05-16 22:57:57 +02:00
Léo Colombaro d7fc6c362d
Fix rebase artifacts 2019-05-16 00:16:59 +02:00
Pete Cooper 67c54c53f1
Documentation formatting and reviewing (#232)
No code changes, some config reordering
2019-05-15 23:20:10 +02:00
Léo Colombaro c73d1efb60
Fix 304 responses Cache-control override
Fix #230
2019-05-15 21:07:50 +02:00
Léo Colombaro 7418b5023b
Fix dropped Cache-Control: no-transform usage for SVGZ Compression 2019-05-15 19:02:13 +02:00
Léo Colombaro 0a6c880be0
Improve wording and file headers 2019-05-15 18:26:04 +02:00
Léo Colombaro 282d979af4
Drop Cache-Control: no-transform usage
Obsoleted with secure servers

See https://github.com/h5bp/server-configs-apache/issues/185
2019-05-15 18:24:30 +02:00
Pete Cooper 28874c33f0 Add Google Public DNS IPv6 and Cloudflare DNS IP addresses to `resolver` (#229)
Co-authored-by: Léo Colombaro <git@colombaro.fr>
2019-05-15 02:07:47 +02:00
Pete Cooper e30032165c Fix misc typos in comments (#228) 2019-05-14 19:02:21 +02:00
Léo Colombaro 276af8da7b
Improve default Content-Security-Policy value (#224)
See https://github.com/h5bp/server-configs-apache/pull/181
2019-03-26 12:41:15 +01:00
Léo Colombaro d186781282
Update `ngx_pagespeed` docs link 2019-03-24 22:21:07 +01:00
Léo Colombaro 29ff09ac95
Remove CSP from basic.conf includes
Too strong for general purposes.

Closes #222
2019-03-15 18:58:47 +01:00
Léo Colombaro cec616a103
SVGZ files are already compressed
Disable gzip function for them
Regression d2f4e5c68f
2019-03-09 15:08:44 +01:00
Léo Colombaro 3b0c4c41df
Fix regexp expressions in mime-types maps 2019-03-09 13:45:33 +01:00
Léo Colombaro 06e5fc8445
Remove extra match-any regexp 2019-03-09 02:41:29 +01:00
Mark Woon d65cd97761 Use regexp in MIME-types based maps (#221)
Fix #220

Co-authored-by: Léo Colombaro <git@colombaro.fr>
2019-03-09 02:34:15 +01:00