libre-service.eu/documentation
libre-service.eu/documentation
1
0
Fork 0
Code Issues Pull requests Projects Releases Activity

Mise à jour de 'infra/apache.md'

Browse source
This commit is contained in:
Christian P. MOMON 2021-10-31 11:32:32 +01:00
parent 6bce9ae912
commit 7e10bf6fba
1 changed files with 51 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

52
infra/apache.md
View file

@ -1 +1,51 @@
# Apache
# Apache
## Prérequis
Activer le module `headers` :
```
a2enmode headers
apachectl configtest
systemctl reload Apache2
```
## Activation de HSTS
Créer le fichier `/etc/apache2/hsts.conf` :
```
# HTTP Strict Transport Security (mod_headers is required) (63072000 seconds)
Header always set Strict-Transport-Security "max-age=63072000"
```
Inclure la configuration HSTS dans la configuration des sites web hébergés :
```
<VirtualHost *:443>
[…]
Include hsts.conf
[…]
</VirtualHost>
```
## Activation de CSP
Créer le fichier `/etc/apache2/csp.conf` :
```
Header set Content-Security-Policy "default-src 'self'; frame-ancestors 'self';"
Header set X-Frame-Options "SAMEORIGIN"
```
Inclure la configuration HSTS dans la configuration des sites web hébergés :
```
<VirtualHost *:443>
[…]
Include csp.conf
[…]
</VirtualHost>
```
## Vérification Mozilla Observatory
Mozilla met à disposition un service pour évaluer la configuration d'un site web. Vive recommandation de l'utiliser.
Exemples :
* https://observatory.mozilla.org/analyze/www.libre-service.eu