example configs: kill STS/CT headers

2018-11-11 06:56:46 +00:00 · 2018-11-11 06:56:46 +00:00 · e4bd5a6950
commit e4bd5a6950
parent df72978dce
4 changed files with 0 additions and 16 deletions
--- a/installation/caddyfile-pleroma.example
+++ b/installation/caddyfile-pleroma.example
@ -21,11 +21,6 @@ example.tld  {
    ciphers ECDHE-ECDSA-WITH-CHACHA20-POLY1305 ECDHE-RSA-WITH-CHACHA20-POLY1305 ECDHE-ECDSA-AES256-GCM-SHA384 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES128-GCM-SHA256
  }

-  header / {
-    Strict-Transport-Security "max-age=31536000; includeSubDomains;"
-    Expect-CT "enforce, max-age=2592000"
-  }
-
  # If you do not want to use the mediaproxy function, remove these lines.
  # To use this directive, you need the http.cache plugin for Caddy.
  cache {
--- a/installation/pleroma-apache.conf
+++ b/installation/pleroma-apache.conf
@ -34,9 +34,6 @@ CustomLog ${APACHE_LOG_DIR}/access.log combined
    SSLCompression          off
    SSLSessionTickets       off

-    # Uncomment this only after you get HTTPS working.
-    # Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
-
    RewriteEngine On
    RewriteCond %{HTTP:Connection} Upgrade [NC]
    RewriteCond %{HTTP:Upgrade} websocket [NC]
--- a/installation/pleroma.nginx
+++ b/installation/pleroma.nginx
@ -60,9 +60,6 @@ server {
    client_max_body_size 16m;

    location / {
-        # Uncomment this only after you get HTTPS working.
-        # add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
-
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
--- a/installation/pleroma.vcl
+++ b/installation/pleroma.vcl
@ -119,8 +119,3 @@ sub vcl_pipe {
        set bereq.http.connection = req.http.connection;
    }
 }
-
-sub vcl_deliver {
-  # Uncomment this only after you get HTTPS working.
-  # set resp.http.Strict-Transport-Security= "max-age=31536000; includeSubDomains";
-}