wp can upload videos

2023-02-15 13:22:06 +00:00 · 2023-02-15 13:22:06 +00:00 · 3ec803fadf
parent ed44b8d3d2
commit 3ec803fadf
1 changed files with 6 additions and 3 deletions
--- a/dd-sso/docker/haproxy/haproxy.cnf.parts/backends.cnf
+++ b/dd-sso/docker/haproxy/haproxy.cnf.parts/backends.cnf
@ -48,9 +48,12 @@ backend be_oof

 backend be_wp
 	mode http
-	# Add security headers here, as WP is a tad of a pain to setup
-	http-response set-header Content-Security-Policy "default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval'; connect-src 'self'; img-src 'self' data: *; style-src 'self' 'unsafe-inline' data: fonts.googleapis.com maxcdn.bootstrapcdn.com; font-src 'self' data: fonts.gstatic.com maxcdn.bootstrapcdn.com"
-	http-response set-header X-Content-Type-Options "nosniff"
+	acl existing-x-forwarded-host req.hdr(X-Forwarded-Host) -m found
+	acl existing-x-forwarded-proto req.hdr(X-Forwarded-Proto) -m found
+	http-request add-header X-Forwarded-Host %[req.hdr(Host)] unless existing-x-forwarded-host
+	http-request add-header X-Forwarded-Proto https unless existing-x-forwarded-proto
+    http-request set-header X-SSL %[ssl_fc]
+    http-request set-header X-Forwarded-Proto https
 	server wp dd-apps-wordpress:80 check port 80 inter 5s rise 2 fall 10 resolvers mydns init-addr none
 #
 # END: backends.cnf