mirror of
https://github.com/freedombox/FreedomBox.git
synced 2026-02-04 08:13:38 +00:00
d6131df6a8
This is useful mostly for future when we may switch from /plinth to /freedombox. Tests: - Accessing /freedombox/app/transmission works. Although redirects generated by the FreedomBox web service still redirect to /plinth. For example, redirection after logout and auto-redirection to login page. - Accessing pages of FreedomBox works as usual on /plinth and /freedombox. Content-Security-Policy is set. - Accessing /foo/plinth/app/transmission throws 404. - Accessing http:// redirects to https:// for /plinth and /freedombox. Signed-off-by: Sunil Mohan Adapa <sunil@medhas.org> Reviewed-by: James Valleroy <jvalleroy@mailbox.org>
18 lines
623 B
Plaintext
18 lines
623 B
Plaintext
##
|
|
## Allow only TLS traffic onto FreedomBox service. This is done by redirecting
|
|
## non-secure traffic to secure traffic. The redirect is permanent as
|
|
## recommended in: http://tools.ietf.org/html/rfc6797#section-7
|
|
##
|
|
## Requires the following Apache modules to be enabled:
|
|
## mod_rewrite
|
|
## mod_ssl
|
|
##
|
|
<LocationMatch "^/(plinth|freedombox)">
|
|
RewriteEngine on
|
|
# Don't redirect for onion sites as it is not needed and leads to
|
|
# unnecessary warning.
|
|
RewriteCond %{HTTP_HOST} !^.*\.onion$ [NC]
|
|
ReWriteCond %{HTTPS} !=on
|
|
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
|
|
</LocationMatch>
|