author | Kim Alvefur <zash@zash.se> |
Mon, 12 Feb 2024 15:44:38 +0100 | |
changeset 5841 | 7d11a3133d17 |
parent 5419 | f8797e3284ff |
permissions | -rw-r--r-- |
1807
4d73a1a6ba68
Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents:
1786
diff
changeset
|
1 |
--- |
4d73a1a6ba68
Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents:
1786
diff
changeset
|
2 |
summary: HTTP Strict Transport Security |
5418
0c8e6269ea38
mod_strict_https: Refresh README
Kim Alvefur <zash@zash.se>
parents:
1807
diff
changeset
|
3 |
--- |
1786 | 4 |
|
5418
0c8e6269ea38
mod_strict_https: Refresh README
Kim Alvefur <zash@zash.se>
parents:
1807
diff
changeset
|
5 |
# Introduction |
1786 | 6 |
|
5418
0c8e6269ea38
mod_strict_https: Refresh README
Kim Alvefur <zash@zash.se>
parents:
1807
diff
changeset
|
7 |
This module implements [RFC 6797: HTTP Strict Transport Security] and |
0c8e6269ea38
mod_strict_https: Refresh README
Kim Alvefur <zash@zash.se>
parents:
1807
diff
changeset
|
8 |
responds to all non-HTTPS requests with a `301 Moved Permanently` |
0c8e6269ea38
mod_strict_https: Refresh README
Kim Alvefur <zash@zash.se>
parents:
1807
diff
changeset
|
9 |
redirect to the HTTPS equivalent of the path. |
1786 | 10 |
|
5418
0c8e6269ea38
mod_strict_https: Refresh README
Kim Alvefur <zash@zash.se>
parents:
1807
diff
changeset
|
11 |
# Configuration |
1786 | 12 |
|
1807
4d73a1a6ba68
Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents:
1786
diff
changeset
|
13 |
Add the module to the `modules_enabled` list and optionally configure |
4d73a1a6ba68
Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents:
1786
diff
changeset
|
14 |
the specific header sent. |
1786 | 15 |
|
5418
0c8e6269ea38
mod_strict_https: Refresh README
Kim Alvefur <zash@zash.se>
parents:
1807
diff
changeset
|
16 |
``` lua |
0c8e6269ea38
mod_strict_https: Refresh README
Kim Alvefur <zash@zash.se>
parents:
1807
diff
changeset
|
17 |
modules_enabled = { |
0c8e6269ea38
mod_strict_https: Refresh README
Kim Alvefur <zash@zash.se>
parents:
1807
diff
changeset
|
18 |
... |
0c8e6269ea38
mod_strict_https: Refresh README
Kim Alvefur <zash@zash.se>
parents:
1807
diff
changeset
|
19 |
"strict_https"; |
0c8e6269ea38
mod_strict_https: Refresh README
Kim Alvefur <zash@zash.se>
parents:
1807
diff
changeset
|
20 |
} |
0c8e6269ea38
mod_strict_https: Refresh README
Kim Alvefur <zash@zash.se>
parents:
1807
diff
changeset
|
21 |
hsts_header = "max-age=31556952" |
0c8e6269ea38
mod_strict_https: Refresh README
Kim Alvefur <zash@zash.se>
parents:
1807
diff
changeset
|
22 |
``` |
1786 | 23 |
|
5419
f8797e3284ff
mod_strict_https: Add way to disable redirect
Kim Alvefur <zash@zash.se>
parents:
5418
diff
changeset
|
24 |
If the redirect from `http://` to `https://` causes trouble with |
f8797e3284ff
mod_strict_https: Add way to disable redirect
Kim Alvefur <zash@zash.se>
parents:
5418
diff
changeset
|
25 |
internal use of HTTP APIs it can be disabled: |
f8797e3284ff
mod_strict_https: Add way to disable redirect
Kim Alvefur <zash@zash.se>
parents:
5418
diff
changeset
|
26 |
|
f8797e3284ff
mod_strict_https: Add way to disable redirect
Kim Alvefur <zash@zash.se>
parents:
5418
diff
changeset
|
27 |
``` lua |
f8797e3284ff
mod_strict_https: Add way to disable redirect
Kim Alvefur <zash@zash.se>
parents:
5418
diff
changeset
|
28 |
hsts_redirect = false |
f8797e3284ff
mod_strict_https: Add way to disable redirect
Kim Alvefur <zash@zash.se>
parents:
5418
diff
changeset
|
29 |
``` |
f8797e3284ff
mod_strict_https: Add way to disable redirect
Kim Alvefur <zash@zash.se>
parents:
5418
diff
changeset
|
30 |
|
5418
0c8e6269ea38
mod_strict_https: Refresh README
Kim Alvefur <zash@zash.se>
parents:
1807
diff
changeset
|
31 |
# Compatibility |
1807
4d73a1a6ba68
Convert all wiki pages to Markdown
Kim Alvefur <zash@zash.se>
parents:
1786
diff
changeset
|
32 |
|
5418
0c8e6269ea38
mod_strict_https: Refresh README
Kim Alvefur <zash@zash.se>
parents:
1807
diff
changeset
|
33 |
------- ------------- |
0c8e6269ea38
mod_strict_https: Refresh README
Kim Alvefur <zash@zash.se>
parents:
1807
diff
changeset
|
34 |
trunk Should work |
0c8e6269ea38
mod_strict_https: Refresh README
Kim Alvefur <zash@zash.se>
parents:
1807
diff
changeset
|
35 |
0.12 Should work |
0c8e6269ea38
mod_strict_https: Refresh README
Kim Alvefur <zash@zash.se>
parents:
1807
diff
changeset
|
36 |
0.11 Should work |
0c8e6269ea38
mod_strict_https: Refresh README
Kim Alvefur <zash@zash.se>
parents:
1807
diff
changeset
|
37 |
------- ------------- |