Guillaume Vincent
3168380ff0
edit hsts configuration
The header must contain the `includeSubDomains` directive.
The header must contain the `preload` directive.
3 år sedan
Guillaume Vincent
cfed362a77
Use less restrictive TLS configuration
Until the day TLS 1.3 becomes widely supported, web servers must rely on a fallback to TLS 1.2 with correctly configured server directives and strong cipher suites.
* https://www.cloudinsidr.com/content/tls-1-3-and-tls-1-2-cipher-suites-demystified-how-to-pick-your-ciphers-wisely/
* (fr) https://www.ssi.gouv.fr/guide/recommandations-de-securite-relatives-a-tls/
* https://ssl-config.mozilla.org/#server=apache&version=2.4.41&config=intermediate&openssl=1.1.1d&guideline=5.6
3 år sedan
Guillaume Vincent
4bb32d9664
Use modern ssl configuration and fix HSTS
3 år sedan
Peter Dave Hello
2a7c018dc9
Enable Apache OCSP stapling ( #569 )
This will speed up the website loading, and make the website more
reliable to the users when the client fails to connect to the CA for an
OCSP response.
Reference:
- https://en.wikipedia.org/wiki/OCSP_stapling
4 år sedan
Peter Dave Hello
cc7bac7c9b
Enable Apache HTTP/2 for better performance ( #570 )
4 år sedan
Guillaume Vincent
ee30d0528c
Fix preflight CORS redirect issue
4 år sedan
Guillaume Vincent
5d1aa73633
Fix proxy pass for old requests
4 år sedan
Guillaume Vincent
e063e38355
wip refactor containers
4 år sedan