b83e71bb7e
Replace expires -1 with epoch
2022-11-01 15:59:51 +01:00
771aa10f19
change cache-control to no-cache from max-age=0 for content-types that should not be cached by default
2022-11-01 15:59:51 +01:00
a138f35aca
Remove max-age from mime-types that should not be cached
2022-11-01 15:59:51 +01:00
537a0229a1
Ico files support compression
2021-11-14 22:55:50 +01:00
3869706922
Use one year as default cache TTL
2021-11-14 22:52:52 +01:00
4a229657fd
Extend media and font cache TTL to 1 year
2021-11-14 22:52:52 +01:00
4a40f258a2
Use latest server-configs-test and align requirements
2021-06-29 00:54:40 +02:00
25a569d97d
Add Cross Origin Policies headers
...
Ref https://github.com/h5bp/server-configs-apache/issues/250
2021-06-28 14:46:32 +02:00
36310b927b
Add `Permissions-Policy` header
...
Ref https://github.com/h5bp/server-configs-apache/issues/179
2021-06-28 14:43:00 +02:00
b9ef881d62
Add JPEG XL `image/jxl` MIME type ( #274 )
2021-06-24 16:41:52 +02:00
db79ae491f
Fix documentation wording
2021-06-14 20:21:21 +02:00
688348a5fd
Modernize TLS configuration
2021-06-14 15:24:52 +02:00
f6e5a123e2
Improve security headers documentation
...
Refresh and reorder links
2021-06-14 12:38:26 +02:00
f239e2d043
Clean up IE reference
2021-06-14 01:14:22 +02:00
836467c8b5
Drop `X-XSS-Protection` header usage as per its deprecation
...
Ref https://github.com/h5bp/server-configs-apache/pull/253
Ref https://github.com/h5bp/server-configs-apache/issues/198
Closes https://github.com/h5bp/server-configs-nginx/pull/260
2021-06-14 01:14:22 +02:00
4556277ced
Drop `X-UA-Compatible` header usage as per IE deprecation
...
Ref https://github.com/h5bp/server-configs-apache/issues/210
Ref https://github.com/h5bp/server-configs-apache/issues/182
2021-06-14 01:14:22 +02:00
501444ab43
Improve `X-Frame-Options` documentation ( #277 )
...
Co-authored-by: Léo Colombaro <git@colombaro.fr>
2021-06-13 23:30:25 +02:00
a9aea7038c
Add mime-type `image/avif` and `image/avifs`
2021-01-05 10:49:47 +01:00
d7f6fa09d3
docs: Correct reference to weaker policy in doc block.
2020-12-30 00:09:53 +01:00
654f1aa49c
minor presentational fixes
2020-12-29 20:55:50 +01:00
f0b3fd25ce
Improve writing
...
[ci skip]
2020-12-29 18:22:16 +01:00
abcf858614
Assorted grammar and link fixes
2020-04-14 11:54:27 +02:00
98de990c1c
Add expandable policies to SVGZ
2020-04-13 14:44:29 +02:00
d2f597235a
Do no use non-ASCII characters in loaded configs
...
I had an issue with Certbot (let's encrypt) which failed to reload nginx due to a non-ASCII character in a loaded config file.
E.g.: `Attempting to renew cert (domain.com) from /etc/letsencrypt/renewal/domain.com.conf produced an unexpected error: 'ascii' codec can't decode byte 0xe2 in position 762: ordinal not in range(128). Skipping.`
I found this character using `grep -r -P '[^\x00-\x7f]' /etc/nginx`.
2020-02-05 18:33:14 +01:00
28cb47df42
Rename no-transform.conf file to content_transformation.conf
...
Align with other files and with Apache struct
2020-01-04 18:06:00 +01:00
e0724b8149
Stricter default for Referrer Policy
...
Ref: https://github.com/h5bp/server-configs-apache/pull/204
2020-01-03 19:36:51 +01:00
177a5e94a6
Improve HSTS documentation
...
Ref: https://github.com/h5bp/server-configs-apache/pull/196
2020-01-03 19:34:40 +01:00
7a44fdf69f
Add `font/ttf` & `font/eot` to compressible mime-types list ( #242 )
...
Ref:
* jshttp/mime-db#169
* developers.google.com/web/fundamentals/performance/optimizing-content-efficiency/webfont-optimization#reducing_font_size_with_compression
2019-10-25 10:59:10 +01:00
0af305283f
Fixed description for SSL session cache & timeout ( #237 )
2019-09-08 00:46:31 +02:00
6d1a9d46e6
Additional compression method added for gzip ( #236 )
2019-08-12 21:21:20 +02:00
a1a746a347
Switch tertiary DNS used for OCSP checking to OpenDNS ( #235 )
...
Oracle is shutting down Dyn DNS in 2020.
2019-06-26 00:12:26 +02:00
bc39e4c07d
Revert "Drop Cache-Control: no-transform usage"
...
This partially reverts commit 282d979ahttps://github.com/h5bp/server-configs-apache/issues/185
2019-06-06 00:46:47 +02:00
8db768bd61
Pre-compressed content usage config files
...
Closes #231
2019-05-16 22:57:57 +02:00
d7fc6c362d
Fix rebase artifacts
2019-05-16 00:16:59 +02:00
67c54c53f1
Documentation formatting and reviewing ( #232 )
...
No code changes, some config reordering
2019-05-15 23:20:10 +02:00
c73d1efb60
Fix 304 responses Cache-control override
...
Fix #230
2019-05-15 21:07:50 +02:00
7418b5023b
Fix dropped Cache-Control: no-transform usage for SVGZ Compression
2019-05-15 19:02:13 +02:00
0a6c880be0
Improve wording and file headers
2019-05-15 18:26:04 +02:00
282d979af4
Drop Cache-Control: no-transform usage
...
Obsoleted with secure servers
See https://github.com/h5bp/server-configs-apache/issues/185
2019-05-15 18:24:30 +02:00
28874c33f0
Add Google Public DNS IPv6 and Cloudflare DNS IP addresses to `resolver` ( #229 )
...
Co-authored-by: Léo Colombaro <git@colombaro.fr>
2019-05-15 02:07:47 +02:00
e30032165c
Fix misc typos in comments ( #228 )
2019-05-14 19:02:21 +02:00
276af8da7b
Improve default Content-Security-Policy value ( #224 )
...
See https://github.com/h5bp/server-configs-apache/pull/181
2019-03-26 12:41:15 +01:00
d186781282
Update `ngx_pagespeed` docs link
2019-03-24 22:21:07 +01:00
29ff09ac95
Remove CSP from basic.conf includes
...
Too strong for general purposes.
Closes #222
2019-03-15 18:58:47 +01:00
cec616a103
SVGZ files are already compressed
...
Disable gzip function for them
Regression d2f4e5c68f
2019-03-09 15:08:44 +01:00
3b0c4c41df
Fix regexp expressions in mime-types maps
2019-03-09 13:45:33 +01:00
06e5fc8445
Remove extra match-any regexp
2019-03-09 02:41:29 +01:00
d65cd97761
Use regexp in MIME-types based maps ( #221 )
...
Fix #220
Co-authored-by: Léo Colombaro <git@colombaro.fr>
2019-03-09 02:34:15 +01:00
50a6d793ce
Remove duplicated .conf in include
2019-02-13 14:45:52 +01:00
f600128203
Add Referrer-Policy for html document by default
2019-02-13 14:31:53 +01:00
Allan Tatter