From e07a5953369259318ddb3b6d3ac1b2d3998d5128 Mon Sep 17 00:00:00 2001 From: ale <ale@incal.net> Date: Mon, 2 May 2022 13:19:52 +0100 Subject: [PATCH] Add CORS headers to noblogs.ai-cdn.net And disallow all requests that are not static content. --- .../sites-available/noblogs.ai-cdn.net.conf | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/docker/conf/apache2/sites-available/noblogs.ai-cdn.net.conf b/docker/conf/apache2/sites-available/noblogs.ai-cdn.net.conf index 993c36e9..745becda 100644 --- a/docker/conf/apache2/sites-available/noblogs.ai-cdn.net.conf +++ b/docker/conf/apache2/sites-available/noblogs.ai-cdn.net.conf @@ -2,9 +2,24 @@ ServerName noblogs.ai-cdn.net DocumentRoot /opt/noblogs/www + + SetEnvIf X-Forwarded-Proto https HTTPS=on + Header set Access-Control-Allow-Origin "*" + <Directory /opt/noblogs/www> Options FollowSymLinks AllowOverride All - Require all granted + Require all denied </Directory> + + <Directory /opt/noblogs/www/wp-content> + Options -Indexes + Require all granted + </Directory> + + <Directory /opt/noblogs/www/wp-includes> + Options -Indexes + Require all granted + </Directory> + </VirtualHost> -- GitLab