roles/nginx: Add extra-security headers to PHP block

nginx inherits headers from higher-level blocks UNLESS we also set
headers in the current block. In this case the FastCGI cache header
was being set, so we weren't getting the extra-security ones.

Signed-off-by: Alan Orth <alan.orth@gmail.com>
This commit is contained in:
Alan Orth 2015-03-19 09:32:06 +03:00
parent 934db06887
commit 9ce7ac72f9
Signed by: alanorth
GPG Key ID: 0FB860CC9C45B1B9

View File

@ -71,6 +71,8 @@ server {
# Enable this if you want HSTS (recommended, but be careful) # Enable this if you want HSTS (recommended, but be careful)
add_header Strict-Transport-Security max-age=15768000 always; add_header Strict-Transport-Security max-age=15768000 always;
{% endif %} {% endif %}
include extra-security.conf;
} }
include extra-security.conf; include extra-security.conf;