[OM Cooker] Apache, owncloud, Header always set Strict-Transport-Security "max-age=31556926;

Blackcrack blackcrack at blackysgate.de
Sat Feb 20 14:43:36 EST 2016


Hi,

i have found out how's also works ,
take a look on the attachment .

specially for owncloud it's this practical well..

this can use also by rpmbuilding for configuring
it for an default installation and make it able for
redirect to httpstoo if the .htaccess be updatet
before an rpm bulded. easy uptade the files..
from owncloud (.htaccess) and the apache owncloud.conf

and therewith can adressed to http and be automatical redirect
to https via htaccess from owncloud if it updatet.

and by the way, all webapplications shoud be per default in
/srv
because this can also use as an own partition and makes more save
as webserver .. for home and Providers .. by the way..

take a look :) ..on the attechment

best regards
Blacky

Am 20.02.2016 um 19:57 schrieb Jean-Claude Vanier:
> Hi,
> currently the setting is:
> http ==> 301 (moved permanently to https)
> https: Strict-Transport-Security max-age=15768000
> for all the CMSes.
>
> We could surely add  "includeSubDomains;" and raise the max-age
> setting  to one year.
> About "preload;", I'm not sure it is worth (and safe) to apply for a
> registration (https://hstspreload.appspot.com/).
> Arguments requested :)
>
> 2016-02-19 14:23 GMT+01:00 Blackcrack <blackcrack at blackysgate.de>:
>>    Hi,
>>
>> if you at moment on the https-header then please add :
>>
>> Header always set Strict-Transport-Security "max-age=31556926;
>> includeSubDomains; preload"
>> the STS should be min "15768000" or more
>> for the apache because this is also for owncloud.
>>   .. also if create anyone an rpm from owncloud
>> for an owncloud fresh 8.2.2 rpm to the serversoftware,
>> please make it as subdomain (virtual server/subdomain) !
>> for adding the https directly
>>
>> https://www.owncloud.**************.***
>> https://owncloud.*************.***
>>
>> for to be able at all, for setting up easy an owncloud.
>>
>> can someone look then, please :) ?
>> maybe add some forum like simplesmachines.rpm, phpBB.rpm and some diffrent
>> groupware on it ? for make OMLx more atraktive ?
>> and maby set it up on /srv and /srv/sub , because,
>> /srv this can make as an own drive/partition / on an own harddisk
>> and it's able for soft raid and something.
>>
>> https://owncloud.org/install/#instructions-server
>>
>> https://download.owncloud.org/community/owncloud-8.2.2.tar.bz2
>> https://owncloud.org/changelog/
>>
>>
>>    best regards
>>    Blacky
>>
>> p.s.: VCL-Vanier, if would have could this issue include into the
>> bughunter..
>> and don't need to ask if i should really enable.. well it's also your
>> Distro, but if you
>> allow to be the software averaged, well.. i can't do it anything..
>> but, thank you for Moderating my Working-adress from gmx and save my
>> Alias...
>>
>> _______________________________________________
>> OM-Cooker mailing list
>> OM-Cooker at ml.openmandriva.org
>> http://ml.openmandriva.org/mailman/listinfo/om-cooker_ml.openmandriva.org
>>
> _______________________________________________
> OM-Cooker mailing list
> OM-Cooker at ml.openmandriva.org
> http://ml.openmandriva.org/mailman/listinfo/om-cooker_ml.openmandriva.org
>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://ml.openmandriva.org/pipermail/om-cooker_ml.openmandriva.org/attachments/20160220/70bcad8b/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Owncloud-http-to-https-via-htaccess.odt
Type: application/vnd.oasis.opendocument.text
Size: 14581 bytes
Desc: not available
URL: <http://ml.openmandriva.org/pipermail/om-cooker_ml.openmandriva.org/attachments/20160220/70bcad8b/attachment-0001.odt>


More information about the OM-Cooker mailing list