Revision 7312dbec
Added by Peter Berbec over 7 years ago
| src/etc/inc/system.inc | ||
|---|---|---|
| 1504 | 1504 |
$nginx_config .= "\t\tadd_header X-Content-Type-Options nosniff;\n"; |
| 1505 | 1505 |
$nginx_config .= "\t\tssl_session_tickets off;\n"; |
| 1506 | 1506 |
$nginx_config .= "\t\tssl_dhparam /etc/dh-parameters.4096;\n"; |
| 1507 |
$ssl_stapling = true; // remove once the option is added in webConfigurator config |
|
| 1508 |
if ($ssl_stapling !== false) {
|
|
| 1509 |
$nginx_config .= "\t\tssl_stapling on;\n"; |
|
| 1510 |
$nginx_config .= "\t\tssl_stapling_verify on\n"; |
|
| 1511 |
$nginx_config .= "\t\tresolver 8.8.8.8 1.1.1.1 valid=300s;\n"; |
|
| 1512 |
$nginx_config .= "\t\tresolver_timeout 5s;\n"; |
|
| 1513 |
} |
|
| 1507 | 1514 |
} else {
|
| 1508 | 1515 |
$nginx_config .= "\n"; |
| 1509 | 1516 |
$nginx_config .= "\tserver {\n";
|
Also available in: Unified diff
Beginings of enabling SSL Stapling
Add the option. Default to enable