From 6d7ef69cda528d94da9afe62a5b9dd30ad37bc3a Mon Sep 17 00:00:00 2001 From: Keegan McAllister Date: Fri, 11 Jan 2013 17:39:19 -0500 Subject: [PATCH] nginx: Add config for plant.humbughq.com (imported from commit e90b8e350014b49de53bfd5640442060672e691d) --- servers/puppet/files/nginx/humbug-include/app | 3 --- servers/puppet/files/nginx/sites-available/humbug | 3 +++ servers/puppet/files/nginx/sites-available/humbug-staging | 3 +++ 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/servers/puppet/files/nginx/humbug-include/app b/servers/puppet/files/nginx/humbug-include/app index 92324cdd88..a88757cf54 100644 --- a/servers/puppet/files/nginx/humbug-include/app +++ b/servers/puppet/files/nginx/humbug-include/app @@ -4,9 +4,6 @@ error_log /var/log/nginx/humbug.error.log; # Enable HSTS: tell browsers to always use HTTPS add_header Strict-Transport-Security max-age=15768000; -# Avoid clickjacking attacks -add_header X-Frame-Options DENY; - # Serve a custom error page when the app is down error_page 502 503 504 /static/public/html/5xx.html; diff --git a/servers/puppet/files/nginx/sites-available/humbug b/servers/puppet/files/nginx/sites-available/humbug index 47a0205fdd..30cffb201b 100644 --- a/servers/puppet/files/nginx/sites-available/humbug +++ b/servers/puppet/files/nginx/sites-available/humbug @@ -26,5 +26,8 @@ server { server_name humbughq.com zephyr.humbughq.com; + # Avoid clickjacking attacks + add_header X-Frame-Options DENY; + include /etc/nginx/humbug-include/app; } diff --git a/servers/puppet/files/nginx/sites-available/humbug-staging b/servers/puppet/files/nginx/sites-available/humbug-staging index 7ca0472424..e246e0bddc 100644 --- a/servers/puppet/files/nginx/sites-available/humbug-staging +++ b/servers/puppet/files/nginx/sites-available/humbug-staging @@ -13,5 +13,8 @@ server { server_name staging.humbughq.com; + # Avoid clickjacking attacks + add_header X-Frame-Options DENY; + include /etc/nginx/humbug-include/app; }