|
|
@@ -6372,7 +6372,7 @@ quit" > $INSTALL_DIR/batch.sql
|
|
6372
|
6372
|
echo ' include fastcgi_params;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
|
|
6373
|
6373
|
echo ' fastcgi_param SCRIPT_FILENAME $document_root$1;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
|
|
6374
|
6374
|
echo ' fastcgi_param PATH_INFO $2;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
|
|
6375
|
|
- echo ' fastcgi_param HTTPS on;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
|
|
|
6375
|
+ echo ' fastcgi_param HTTPS off;' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
|
|
6376
|
6376
|
echo ' }' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
|
|
6377
|
6377
|
echo '' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
|
|
6378
|
6378
|
echo ' # Optional: set long EXPIRES header on static assets' >> /etc/nginx/sites-available/$OWNCLOUD_DOMAIN_NAME
|
|
|
@@ -6637,6 +6637,8 @@ quit" > $INSTALL_DIR/batch.sql
|
|
6637
|
6637
|
echo " server_name $GIT_DOMAIN_NAME;" >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
|
|
6638
|
6638
|
echo ' access_log off;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
|
|
6639
|
6639
|
echo " error_log /var/log/nginx/${GIT_DOMAIN_NAME}_error.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
|
|
|
6640
|
+ echo ' add_header X-Frame-Options DENY;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
|
|
|
6641
|
+ echo ' add_header X-Content-Type-Options nosniff;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
|
|
6640
|
6642
|
echo ' limit_conn conn_limit_per_ip 10;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
|
|
6641
|
6643
|
echo ' limit_req zone=req_limit_per_ip burst=10 nodelay;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
|
|
6642
|
6644
|
echo ' location / {' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
|
|
|
@@ -7425,6 +7427,9 @@ function install_wiki {
|
|
7425
|
7427
|
echo ' client_max_body_size 20m;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
|
|
7426
|
7428
|
echo ' client_body_buffer_size 128k;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
|
|
7427
|
7429
|
echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
|
|
|
7430
|
+ echo ' add_header X-Frame-Options DENY;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
|
|
|
7431
|
+ echo ' add_header X-Content-Type-Options nosniff;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
|
|
|
7432
|
+ echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
|
|
7428
|
7433
|
echo ' limit_conn conn_limit_per_ip 10;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
|
|
7429
|
7434
|
echo ' limit_req zone=req_limit_per_ip burst=10 nodelay;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
|
|
7430
|
7435
|
echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
|
|
|
@@ -7785,6 +7790,9 @@ function install_blog {
|
|
7785
|
7790
|
echo ' limit_conn conn_limit_per_ip 10;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
|
|
7786
|
7791
|
echo ' limit_req zone=req_limit_per_ip burst=10 nodelay;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
|
|
7787
|
7792
|
echo '' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
|
|
|
7793
|
+ echo ' add_header X-Frame-Options DENY;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
|
|
|
7794
|
+ echo ' add_header X-Content-Type-Options nosniff;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
|
|
|
7795
|
+ echo '' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
|
|
7788
|
7796
|
echo ' # Always redirect the login page to https' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
|
|
7789
|
7797
|
echo ' location /login {' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
|
|
7790
|
7798
|
echo ' rewrite ^ https://$server_name$request_uri?;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
|
Bob Mottram
9 年前