feat(Caddyfile): support security.txt redirection
Introduced handling for security.txt requests in the Caddyfile configuration to redirect users to a dedicated security page. This change enables visitors to easily find security policy and vulnerability reporting information by redirecting requests for `/.well-known/security.txt` and `/security.txt` to `https://security.private.coffee/security.txt`. Implementing this standard practice improves transparency and security posture by facilitating clearer communication with security researchers and the public.
This commit is contained in:
parent
41ffe2a07f
commit
9c7283dffd
GPG key ID:
ECBCC9082395383F
1 changed files with 9 additions and 0 deletions
|
|
@ -14,6 +14,11 @@ private.coffee www.private.coffee {
|
||||||
path assets /assets/*
|
path assets /assets/*
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@security {
|
||||||
|
path security-well-known /.well-known/security.txt
|
||||||
|
path security /security.txt
|
||||||
|
}
|
||||||
|
|
||||||
handle @matrix {
|
handle @matrix {
|
||||||
header /.well-known/matrix/* Content-Type application/json
|
header /.well-known/matrix/* Content-Type application/json
|
||||||
header /.well-known/matrix/* Access-Control-Allow-Origin *
|
header /.well-known/matrix/* Access-Control-Allow-Origin *
|
||||||
|
|
@ -26,6 +31,10 @@ private.coffee www.private.coffee {
|
||||||
root * /srv/private.coffee
|
root * /srv/private.coffee
|
||||||
}
|
}
|
||||||
|
|
||||||
|
handle @security {
|
||||||
|
redir https://security.private.coffee/security.txt
|
||||||
|
}
|
||||||
|
|
||||||
handle {
|
handle {
|
||||||
reverse_proxy * unix//var/run/uwsgi/privatecoffee.sock
|
reverse_proxy * unix//var/run/uwsgi/privatecoffee.sock
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue