diff options
-rw-r--r-- | bin/ncp/CONFIG/nc-nextcloud.sh | 11 | ||||
-rw-r--r-- | changelog.md | 4 | ||||
-rw-r--r-- | lamp.sh | 6 | ||||
-rw-r--r-- | ncp.sh | 3 |
4 files changed, 17 insertions, 7 deletions
diff --git a/bin/ncp/CONFIG/nc-nextcloud.sh b/bin/ncp/CONFIG/nc-nextcloud.sh index fb1205bb..de5f45a2 100644 --- a/bin/ncp/CONFIG/nc-nextcloud.sh +++ b/bin/ncp/CONFIG/nc-nextcloud.sh @@ -194,6 +194,9 @@ EOF LimitRequestBody 0 SSLRenegBufferSize 10486000 </Directory> + <IfModule mod_headers.c> + Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains" + </IfModule> </IfModule> EOF a2ensite nextcloud @@ -206,6 +209,14 @@ EOF RewriteCond %{HTTPS} !=on RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L] </IfModule> + <Directory /var/www/nextcloud/> + Options +FollowSymlinks + AllowOverride All + <IfModule mod_dav.c> + Dav off + </IfModule> + LimitRequestBody 0 + </Directory> </VirtualHost> EOF diff --git a/changelog.md b/changelog.md index d127b4c3..3dc9390e 100644 --- a/changelog.md +++ b/changelog.md @@ -1,5 +1,7 @@ -[v1.29.6](https://github.com/nextcloud/nextcloudpi/commit/55e16b2) (2020-08-29) ncp-web: Fix the style of the language selection dropdown (chrome) +[v1.29.7](https://github.com/nextcloud/nextcloudpi/commit/d98e7ad) (2020-07-24) do not hsts preload by default, only serve hsts header over https + +[v1.29.6](https://github.com/nextcloud/nextcloudpi/commit/14b78e3) (2020-08-29) ncp-web: Fix the style of the language selection dropdown (chrome) [v1.29.5 ](https://github.com/nextcloud/nextcloudpi/commit/34e84ba) (2020-08-30) ncp-web: fix initial screen displaying all sections @@ -75,12 +75,6 @@ SSLStaplingReturnResponderErrors off SSLStaplingCache shmcb:/var/run/ocsp(128000) EOF - cat >> /etc/apache2/apache2.conf <<EOF -<IfModule mod_headers.c> - Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" -</IfModule> -EOF - # CONFIGURE PHP7 ########################################## @@ -73,6 +73,9 @@ Listen 4443 SSLEngine on SSLCertificateFile /etc/ssl/certs/ssl-cert-snakeoil.pem SSLCertificateKeyFile /etc/ssl/private/ssl-cert-snakeoil.key + <IfModule mod_headers.c> + Header always set Strict-Transport-Security "max-age=15768000; includeSubDomains" + </IfModule> # 2 days to avoid very big backups requests to timeout TimeOut 172800 |