Commit Graph

17 Commits

Author SHA1 Message Date
Léo Colombaro f6e5a123e2
Improve security headers documentation
Refresh and reorder links
2021-06-14 12:38:26 +02:00
Léo Colombaro 836467c8b5 Drop `X-XSS-Protection` header usage as per its deprecation
Ref https://github.com/h5bp/server-configs-apache/pull/253
Ref https://github.com/h5bp/server-configs-apache/issues/198

Closes https://github.com/h5bp/server-configs-nginx/pull/260
2021-06-14 01:14:22 +02:00
Julio 501444ab43
Improve `X-Frame-Options` documentation (#277)
Co-authored-by: Léo Colombaro <git@colombaro.fr>
2021-06-13 23:30:25 +02:00
Pete Cooper 654f1aa49c minor presentational fixes 2020-12-29 20:55:50 +01:00
Léo Colombaro abcf858614 Assorted grammar and link fixes 2020-04-14 11:54:27 +02:00
Vincent Herbet d2f597235a Do no use non-ASCII characters in loaded configs
I had an issue with Certbot (let's encrypt) which failed to reload nginx due to a non-ASCII character in a loaded config file.
E.g.: `Attempting to renew cert (domain.com) from /etc/letsencrypt/renewal/domain.com.conf produced an unexpected error: 'ascii' codec can't decode byte 0xe2 in position 762: ordinal not in range(128). Skipping.`

I found this character using `grep -r -P '[^\x00-\x7f]' /etc/nginx`.
2020-02-05 18:33:14 +01:00
Léo Colombaro e0724b8149
Stricter default for Referrer Policy
Ref: https://github.com/h5bp/server-configs-apache/pull/204
2020-01-03 19:36:51 +01:00
Léo Colombaro 177a5e94a6
Improve HSTS documentation
Ref: https://github.com/h5bp/server-configs-apache/pull/196
2020-01-03 19:34:40 +01:00
Léo Colombaro d7fc6c362d
Fix rebase artifacts 2019-05-16 00:16:59 +02:00
Pete Cooper 67c54c53f1
Documentation formatting and reviewing (#232)
No code changes, some config reordering
2019-05-15 23:20:10 +02:00
Léo Colombaro 0a6c880be0
Improve wording and file headers 2019-05-15 18:26:04 +02:00
Pete Cooper e30032165c Fix misc typos in comments (#228) 2019-05-14 19:02:21 +02:00
Léo Colombaro 276af8da7b
Improve default Content-Security-Policy value (#224)
See https://github.com/h5bp/server-configs-apache/pull/181
2019-03-26 12:41:15 +01:00
Léo Colombaro f600128203
Add Referrer-Policy for html document by default 2019-02-13 14:31:53 +01:00
Léo Colombaro 6dd4cc27ed Switch from location directives to maps based on MIME-types
* Expire
* X-XSS-Protection
* X-Frame-Options
* X-UA-Compatible
* Content-Security-Policy
* Access-Control-Allow-Origin
2019-02-10 21:56:10 +01:00
Léo Colombaro 10fc3a39a6 Split SSL config
Prepare #180
2018-11-29 10:39:33 +01:00
Léo Colombaro 496af1cfd5
Split directives to enforce atomic structure
* Enforce H5BP style
* Improve inline documentation to simplify maintenance
* Prepare v3
2018-11-23 17:19:51 +01:00