From ddd1773ebe15d6734f06bd5d76e607a78a3aa91d Mon Sep 17 00:00:00 2001 From: mathias Date: Mon, 19 Feb 2018 15:04:40 +0100 Subject: [PATCH] Update htaccess --- .htaccess | 29 +++++++++++++++++++---------- report | 17 +++++++++++++++++ 2 files changed, 36 insertions(+), 10 deletions(-) create mode 100755 report diff --git a/.htaccess b/.htaccess index 2372090..9a76bcb 100644 --- a/.htaccess +++ b/.htaccess @@ -1,11 +1,25 @@ AddDefaultCharset utf-8 +AddCharset UTF-8 .css .js FileETag MTime Size +Options +ExecCGI ServerSignature Off SetEnvIf Host ^ suppress-error-charset - -Header set Cache-Control "public, max-age=604800" - +AddType image/x-icon .ico +AddType application/manifest+json .webmanifest + +ErrorDocument 403 https://kaboom.pw/ +ErrorDocument 404 https://kaboom.pw/ + + +SetHandler cgi-script + + + +Header set Content-Security-Policy "default-src 'none'; font-src data:; form-action 'self'; img-src 'self'; manifest-src 'self'; style-src 'self'; upgrade-insecure-requests; report-uri /report" +Header set X-Frame-Options "DENY" +Header set X-Xss-Protection "1; mode=block" + RewriteEngine On RewriteCond %{SERVER_PORT} 80 @@ -17,9 +31,6 @@ RewriteRule ^(.*)$ https://kaboom.pw/$1 [R=301,L] RewriteCond %{HTTP_HOST} ^www.flame.ga$ RewriteRule ^(.*)$ https://kaboom.pw/$1 [R=301,L] -ErrorDocument 403 https://kaboom.pw/ -ErrorDocument 404 https://kaboom.pw/ - AddOutputFilterByType DEFLATE text/plain AddOutputFilterByType DEFLATE text/html AddOutputFilterByType DEFLATE text/xml @@ -30,11 +41,9 @@ AddOutputFilterByType DEFLATE application/rss+xml AddOutputFilterByType DEFLATE application/javascript AddOutputFilterByType DEFLATE application/x-javascript -Header set Cache-Control "public, max-age=0, must-revalidate" -Header set Content-Security-Policy "connect-src 'none'; default-src 'none'; font-src data:; frame-src 'none'; img-src 'none'; media-src 'none'; object-src 'none'; script-src 'none'; style-src 'self'" Header set Referrer-Policy "no-referrer" Header set Strict-Transport-Security "max-age=63072000; includeSubdomains; preload" Header set Vary "Accept-Encoding" Header set X-Content-Type-Options "nosniff" -Header set X-Frame-Options "DENY" -Header set X-Xss-Protection "1; mode=block" +Header unset Accept-Ranges +Header unset Last-Modified diff --git a/report b/report new file mode 100755 index 0000000..8192e49 --- /dev/null +++ b/report @@ -0,0 +1,17 @@ +#!/usr/bin/perl +use CGI; +my $q = new CGI; + +my $data = CGI::param('POSTDATA'); + +if (($data ne "")) +{ + open (SEND, "|/usr/lib/sendmail -t"); + print SEND "From: mail\@mathias.re\n"; + print SEND "To: mail\@mathias.re\n"; + print SEND "Subject: CSP Report\n\n"; + print SEND "$data\n"; + close (SEND); +} + +print $q->redirect('/');