install_httpd-2.4.sh: add default additional_ssl_settings (HSTS).

2021-09-17 17:57:19 +02:00 · 2021-09-17 17:57:19 +02:00 · 5fde472f47
commit 5fde472f47
parent 914c901855
1 changed files with 28 additions and 0 deletions
--- a/install_httpd-2.4.sh
+++ b/install_httpd-2.4.sh
@ -3753,6 +3753,34 @@ if [ -f /etc/profile ]; then
 fi


+## - Add additional SSL configuration (HSTS) file: 000-additional-ssl-settings.conf
+## -
+echo "" >> ${_logdir}/main.log
+echo "## - Add additional SSL configuration (HSTS) file: 000-additional-ssl-settings.conf.." >> ${_logdir}/main.log
+echo "## -" >> ${_logdir}/main.log
+echo ""
+echononl "\tAdd additional SSL configuration (HSTS) file: 000-additional-ssl-settings.conf.."
+cat <<EOF > ${PREFIX}/conf/vhosts/000-additional-ssl-settings.conf
+<IfModule mod_headers.c>
+   # - HTTP Strict Transport Security (HSTS)
+   # -
+   # - HSTS tells a browser that the website should only be accessed through
+   # - a secure connection. The HSTS header will be remembered by a standard
+   # compliant browser for max-age seconds.
+   # -
+   # - Remember this settings for 1 year
+   # -
+   Header always set Strict-Transport-Security "max-age=31536000" env=HTTPS
+</IfModule>
+EOF
+if [ "$?" = "0" ]; then
+   echo_ok
+else
+   echo_failed
+   warn "Adding config file 000-logformat.conf failed."
+fi
+
+
 ## - Add default vhost configuration file 000-default.conf
 ## -
 echo "" >> ${_logdir}/main.log