32 lines
1005 B
Plaintext
32 lines
1005 B
Plaintext
|
#
|
||
|
# BEGIN: web-head.cnf
|
||
|
#
|
||
|
mode http
|
||
|
|
||
|
# http-request directives must happen here
|
||
|
|
||
|
http-request del-header ssl_client_cert unless { ssl_fc_has_crt }
|
||
|
http-request set-header ssl_client_cert -----BEGIN\ CERTIFICATE-----\ %[ssl_c_der,base64]\ -----END\ CERTIFICATE-----\ if { ssl_fc_has_crt }
|
||
|
acl is_upgrade hdr(Connection) -i upgrade
|
||
|
acl is_websocket hdr(Upgrade) -i websocket
|
||
|
|
||
|
acl is_nextcloud hdr_beg(host) nextcloud.
|
||
|
acl is_moodle hdr_beg(host) moodle. !path_beg -i /local/tresipuntimportgc/
|
||
|
acl is_moodle_long hdr_beg(host) moodle. path_beg -i /local/tresipuntimportgc/
|
||
|
acl is_oof hdr_beg(host) oof.
|
||
|
acl is_wp hdr_sub(host) .wp.
|
||
|
acl is_wp hdr_beg(host) wp.
|
||
|
acl is_pad hdr_beg(host) pad.
|
||
|
acl is_sso hdr_beg(host) sso.
|
||
|
acl is_api hdr_beg(host) api.
|
||
|
acl is_admin hdr_beg(host) admin.
|
||
|
|
||
|
acl is_root path -i /
|
||
|
http-request deny if is_pad is_root
|
||
|
|
||
|
http-request redirect code 301 location https://moodle."${DOMAIN}" if { hdr(host) -i "${DOMAIN}" }
|
||
|
|
||
|
#
|
||
|
# END: web-head.cnf
|
||
|
#
|