Correction : etc/nginx/conf.d/ssl-pfs.conf

author Ludovic CHEVALIER <ludovic.chevalier@heureux-cyclage.org>

Fri, 22 May 2015 13:42:58 +0000 (15:42 +0200)

committer Ludovic CHEVALIER <ludovic.chevalier@heureux-cyclage.org>

Fri, 22 May 2015 13:42:58 +0000 (15:42 +0200)
author Ludovic CHEVALIER <ludovic.chevalier@heureux-cyclage.org>
Fri, 22 May 2015 13:42:58 +0000 (15:42 +0200)
committer Ludovic CHEVALIER <ludovic.chevalier@heureux-cyclage.org>
Fri, 22 May 2015 13:42:58 +0000 (15:42 +0200)
diff --git a/srv/ateliers/etc/nginx/conf.d/ssl-pfs.conf b/srv/ateliers/etc/nginx/conf.d/ssl-pfs.conf

index c097ac4..5d45760 100644 (file)
--- a/srv/ateliers/etc/nginx/conf.d/ssl-pfs.conf
+++ b/srv/ateliers/etc/nginx/conf.d/ssl-pfs.conf
@@ -4,7 +4,7 @@
  # DOC: https://www.openssl.org/docs/apps/ciphers.html
  keepalive_timeout 70;
  add_header Strict-Transport-Security "max-age=31536000;";
-add_header X-Frame-Options DENY;
+add_header X-Frame-Options SAMEORIGIN;
  ssl on;
  ssl_ciphers ECDHE-RSA-AES128-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA128:DHE-RSA-AES128-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA128:kEDH+AESGCM:ECDHE-RSA-AES128-SHA384:ECDHE-RSA-AES128-SHA128:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA128:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA384:AES128-GCM-SHA128:AES128-SHA128:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4;
      # NOTE: prioritizes algorithms that provide Perfect Forward Secrecy.
author	Ludovic CHEVALIER <ludovic.chevalier@heureux-cyclage.org>
	Fri, 22 May 2015 13:42:58 +0000 (15:42 +0200)
committer	Ludovic CHEVALIER <ludovic.chevalier@heureux-cyclage.org>
	Fri, 22 May 2015 13:42:58 +0000 (15:42 +0200)