Steve Kamerman
c51c9980cf
Removed TLS 1.0 as it is considered unsafe and must be disabled for PCI compliance
2016-09-29 19:52:20 -04:00
Steve Kamerman
6f2b3f1c54
Issue #586 Removed DES-based SSL ciphers
2016-09-29 17:10:17 -04:00
Steve Kamerman
0b1e9e56e1
Issue #535 Added default 2048-bit dhparam.pem file
2016-09-29 16:48:18 -04:00
Jason Wilder
0670a13d92
Merge pull request #581 from chulkilee/ssl_session_tickets
...
add ssl_session_tickets to default site
2016-09-24 20:22:16 -06:00
Chulki Lee
4661bf4dd9
add ssl_session_tickets to default site
...
Fixes #580
2016-09-23 21:58:09 -07:00
Jason Wilder
760936d9ea
Merge pull request #572 from pvlg/patch-2
...
Replace "replace" to "trimSuffix"
2016-09-17 09:58:27 -06:00
pvlg
fe9a538ec8
Replace "replace" to "trimSuffix"
...
I have a domain key-mydomain.com. When I add domain www.key-mydomain.com with ssl cert I did not get the desired result. Function replace cut name ssl cert "www.key-mydomain.com.key" to "www-mydomain.com".
2016-09-17 16:53:01 +03:00
Jason Wilder
f02bc98a6e
Merge pull request #566 from mplx/patch/hsts-no-subdomains
...
do not enable HSTS for subdomains
2016-09-13 09:18:27 -06:00
mplx
37323320c8
do not enable HSTS for subdomains
2016-09-12 09:46:59 +02:00
Jason Wilder
40d433ae80
Merge pull request #493 from ryneeverett/docker_compose_separate_containers
...
Add docker-compose file for separate containers.
2016-09-09 14:18:06 -06:00
Jason Wilder
ec7169c112
Merge pull request #323 from pabra/master
...
connect to uWSGI backends
2016-09-09 14:16:08 -06:00
Jason Wilder
e95d3e9fdf
Merge pull request #555 from freakinruben/patch-1
...
Update ciphers and HTST settings to get A+ rating
2016-09-01 09:21:56 -06:00
Ruben
87879c1ee2
Update ciphers and HTST settings to get A+ rating
...
The default config gets you an 'A' rating. Cipher settings are copied from [Mozilla SSL Configartion Generator](https://mozilla.github.io/server-side-tls/ssl-config-generator/?server=nginx-1.10.1&openssl=1.0.1t&hsts=yes&profile=intermediate )
2016-09-01 11:34:56 +02:00
Jason Wilder
579bc1bf6e
Merge pull request #518 from huiwang/nginx_upgrade
...
upgrade nginx to 1.11.3
2016-08-25 20:55:54 -06:00
hwang
176b78943e
upgrade nginx to 1.11.3 in makefile
2016-08-25 21:46:57 +02:00
Jason Wilder
a6287d7df1
Merge pull request #545 from auchri/patch-1
...
Update .travis.yml
2016-08-25 12:30:16 -06:00
Christoph
c113e7ac82
Update .travis.yml
2016-08-25 20:22:35 +02:00
hwang
03e863d838
upgrade nginx to 1.11.3
2016-08-25 20:16:37 +02:00
ryneeverett
478ad17adb
Remove proxy-tier network in favor of the default.
...
As @huiwang pointed out, using a custom network is unnecessary since the
default bridge network works just as well.
2016-07-29 17:23:10 -04:00
hwang
86c408bbdd
upgrade nginx to 1.11.0
2016-07-29 21:17:14 +02:00
Jason Wilder
30128cfda0
Merge pull request #511 from kamermans/master
...
Mitigate httpoxy attack by suppressing `Proxy` request header
2016-07-19 12:15:35 -06:00
Steve Kamerman
fd127517b9
Added comments about httpoxy
2016-07-19 11:03:41 -04:00
Steve Kamerman
357d58ad97
Mitigate httpoxy attack (httpoxy.org, CVE-2016-(5385-5388,1000109-1000110)
2016-07-18 13:34:37 -04:00
ryneeverett
5f684d4fc5
Add docker-compose file for separate containers.
...
Demonstrate that this pattern works.
This is based on the example at
<https://github.com/fatk/docker-letsencrypt-nginx-proxy-companion-examples/blob/master/docker-compose/v2/simple-site/docker-compose.yml >.
2016-07-13 17:31:53 -04:00
Jason Wilder
a2ab8363ca
Merge pull request #483 from jwilder/jw-docker-gen
...
Update to docker-gen 0.7.3
2016-06-13 08:18:07 -06:00
Jason Wilder
8ed5ab38b8
Update to docker-gen 0.7.3
2016-06-13 00:24:21 -06:00
Jason Wilder
db3ef67a7f
Merge pull request #482 from jwilder/jw-revert
...
Revert 9c93efa
2016-06-13 00:21:38 -06:00
Jason Wilder
580517725f
Revert 9c93efa
2016-06-13 00:10:49 -06:00
Jason Wilder
d1e6e1c0be
Merge pull request #344 from schmunk42/feature/error-code
...
changed error code for non-usable/default SSL cert, fixes #341
2016-06-12 15:54:40 -06:00
Jason Wilder
fc619d63ad
Merge pull request #460 from kumy/patch-1
...
Fix a typo in comment
2016-06-12 15:28:40 -06:00
Jason Wilder
c36b42933d
Merge pull request #462 from kamermans/master
...
Disable HSTS when HTTPS_METHOD=noredirect
2016-06-12 15:28:08 -06:00
Jason Wilder
a0dee5c833
Remove -only-exposed from separate container instructions
2016-06-12 15:25:32 -06:00
Jason Wilder
fdfb0becd2
Merge pull request #480 from jwilder/jw-certs
...
Fix template error when /etc/nginx/certs does not exist
2016-06-12 14:28:35 -06:00
Jason Wilder
fdf93cafba
Add docker-compose.yml v2 example
2016-06-12 14:10:46 -06:00
Jason Wilder
b325dad98d
Remove -only-exposed from Procfile
2016-06-12 14:10:46 -06:00
Jason Wilder
9c93efaef9
Fix template error when /etc/nginx/certs does not exist
2016-06-12 14:10:40 -06:00
Jason Wilder
adf4573de4
Remove Circle CI badge
2016-06-12 10:45:59 -06:00
Jason Wilder
8393a57f1f
Merge pull request #477 from jwilder/jw-nginx
...
Nginx updates
2016-06-10 20:22:07 -06:00
Jason Wilder
9b0138f944
Remove docker compose v2 notes
2016-06-10 20:11:58 -06:00
Jason Wilder
c256f31728
Update nginx 1.9.15
2016-06-10 20:08:10 -06:00
Steve Kamerman
da3e257843
Removed HSTS when HTTPS_METHOD=noredirect, added tests, improved docs wrt HSTS
2016-05-19 23:20:43 -04:00
Steve Kamerman
3d77979efb
Expanded documentation on HTTPS_METHOD
2016-05-19 23:16:19 -04:00
kumy
8c76ea9f9b
Fix a typo in comment
2016-05-17 01:46:46 +02:00
Jason Wilder
0ef8dca98c
Merge pull request #443 from jwilder/jw-circle
...
Remove circle.yml
2016-05-04 16:52:41 -06:00
Jason Wilder
c30640b024
Remove circle.yml
...
Using travis now
2016-05-04 16:05:03 -06:00
Jason Wilder
e964b9d29f
Merge pull request #441 from jwilder/jw-0.7.1
...
Update to docker-gen 0.7.1
2016-05-04 16:03:52 -06:00
Jason Wilder
d40d1d4052
Update to docker-gen 0.7.1
2016-05-04 14:51:30 -06:00
Jason Wilder
5b9264d945
Merge pull request #298 from kamermans/master
...
Added env var to disable SSL redirect
2016-05-01 17:45:45 -06:00
Jason Wilder
1c98df2de4
Merge pull request #337 from baptistedonaux/master
...
Support Overlay Network
2016-05-01 17:35:48 -06:00
Jason Wilder
a72c7e6e20
Add docker hub badges
2016-04-22 09:56:21 -06:00