Malin/WPIQ
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
1,725 Commits 1 Branch 0 Tags
8743596451a10c3cbd32026f2c2268c2bd458bc2
Commit Graph

151 Commits

Author SHA1 Message Date
Narender Chopra
b548938539 Update nginx-core.mustache 
# X-XSS-Protection

Even though this feature can protect users of older web browsers that don't yet support CSP, in some cases, XSS protection can create XSS vulnerabilities in otherwise safe websites.

Reference: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection
https://thexssrat.medium.com/x-xss-protection-headers-protection-or-vulnerability-bc7213951320

Chrome has removed their XSS Auditor
Firefox has not, and will not implement X-XSS-Protection
Edge has retired its XSS filter.

# X-Download-Options

Microsoft announced the retirement of Internet Explorer and it's rendered inoperable since June 15, 2022. So, we may safely remove this IE 8 specific HTTP Header too.
 2022-09-28 16:44:12 +05:30
VirtuBox
a4c37d132c Use Cloudflare API to get IPs 2022-09-18 14:01:17 +02:00
VirtuBox
0905651273 Add Private Prefetch Proxy 2022-09-13 15:22:09 +02:00
VirtuBox
c57ca89d7e Fix http2_max deprecated Nginx directive 2022-09-09 11:00:14 +02:00
VirtuBox
68a88ea369 Merge branch 'updating-configuration' into master 2022-09-09 10:48:50 +02:00
VirtuBox
0b08eb1db8 Fix MariaDB bind to localhost 2022-09-09 10:44:34 +02:00
Hamada Habib
3c15940f4e fix obsolete warnings logged 2022-05-28 04:35:37 +02:00
Yogesh Beniwal
b09a9b203c Update Referrer-Policy 2022-05-11 21:57:38 +08:00
VirtuBox
30adb81a81 Merge pull request #423 from WordOps/updating-configuration 
Maintenance release v3.14.1
 2022-02-16 17:27:07 +01:00
VirtuBox
f1f84fdde1 Fix php upstream in WordOps backend 2022-02-16 14:35:58 +01:00
Janio Sarmento
e92437913e #420: No error treatment to /opt/cf-update.sh 2022-02-14 21:06:40 -03:00
Janio Sarmento
f053b4c58b #162: Script to manage Site Admin privileges 2022-02-13 12:24:31 -03:00
Janio Sarmento
b07968a5c1 CF IP blocks validation 2022-02-13 12:23:27 -03:00
Janio Sarmento
b346d0a30d #420 No error treatment to /opt/cf-update.sh 2022-02-13 12:14:53 -03:00
VirtuBox
4d18b78274 Update wo version 2022-01-25 15:49:11 +01:00
VirtuBox
578396e491 Merge pull request #371 from bob-swinkels/master 
Escaping of metacharacters in regex strings in wo/cli/templates/map-wp.mustache
 2021-09-15 19:02:43 +02:00
VirtuBox
b03549cfd6 Merge pull request #390 from yogeshbeniwal/fix/pwa-serviceworker-caching 
Cache exception for PWA Service Worker
 2021-09-14 21:04:27 +02:00
Argus Duong
5bf3d06f30 Update new Cloudflare IPs range 
WordOps already have cron to update these range but it only run weekly. So I've updated it to the latest.
 2021-07-26 11:49:32 +07:00
Yogesh Beniwal
0030856d72 Cache exception for PWA Service Worker 2021-07-16 23:24:06 +08:00
VirtuBox
c698e20697 Merge pull request #381 from WordOps/updating-configuration 
Updating configuration
 2021-05-20 17:11:54 +02:00
Bob Swinkels
cbe42ab2bb Fix wildcard character in regex strings. 
The map directive contains regexes (strings starting with a tilde) that
contain 'asterisk' characters. In a regex, the asterisk character is a
metacharacter, and in this context, it is meant as a wildcard character.
To achieve the desired result, we should place a dot in front of the
asterisk character.
 2021-04-19 15:36:38 +02:00
Bob Swinkels
8403af51f5 Fix escaping of regex metacharacters. 
The map directive contains regexes (strings starting with a tilde) that
contain 'dot' characters. In a regex, the dot character is a
metacharacter and should be escaped by putting a backslash before it.
 2021-04-19 15:25:28 +02:00
Narender Chopra
f501e654cc Update brotli.mustache 
'brotli_comp_level 6' tends to be the most optimal and commonly used level.
'brotli_buffers' has been deprecated: https://github.com/google/ngx_brotli#brotli_buffers
 2021-01-10 15:09:15 +05:30
VirtuBox
0abd5b60c4 Fix mariadb stack status 2020-11-01 22:34:38 +01:00
VirtuBox
3d32e02c65 Improved query strings caching 2020-10-25 14:19:08 +01:00
VirtuBox
f3129f0774 Remove innodb_buffer_pool_instances 2020-10-22 14:54:54 +02:00
VirtuBox
55f50f583c Fix MariaDB upgrade 2020-10-22 12:05:01 +02:00
VirtuBox
dff13eb345 Testing MariaDB 10.5 2020-10-22 11:04:23 +02:00
VirtuBox
4c3ce63a02 Merge pull request #322 from tdtgit/master 
Address issue #319
 2020-10-13 21:23:13 +02:00
Argus Duong
e163bc7717 Address issue #319 - again, not standardlize yet for the release 2020-10-13 23:54:11 +07:00
VirtuBox
62c5150405 Merge pull request #321 from WordOps/updating-configuration 
WordOps Maintenance Release v3.12.3
 2020-10-13 18:28:01 +02:00
Argus Duong
e2dc4bdc27 Address issue #319 2020-10-13 23:06:47 +07:00
VirtuBox
2fb7eb8c47 Use zstd compression instead of gzip 
* fix proftpd TLS version
 2020-09-15 14:33:26 +02:00
Argus Duong
a32d6f483e Add avif support 2020-09-15 08:24:38 +07:00
VirtuBox
dce6b111b0 Merge pull request #308 from WordOps/updating-configuration 
Several bug fixes
 2020-08-20 13:50:14 +02:00
VirtuBox
d30a5d7226 Fix fail2ban install without Nginx 2020-08-07 15:39:46 +02:00
VirtuBox
dcb0b8f4f7 Update proftpd tls.conf template 
* Use Mozilla SSL Configuration Generator
 2020-07-15 19:38:42 +02:00
VirtuBox
0185c63205 Update sshd config 2020-07-09 14:56:36 +02:00
tersor
841227aa17 Exclude the status page itself in traffic calculation 2020-06-03 10:30:13 +02:00
VirtuBox
834279a32f Fix WordOps backend php upstream 2020-05-14 13:06:02 +02:00
VirtuBox
e8dc20e367 Merge pull request #279 from WordOps/updating-configuration 
v3.12.0 release
 2020-05-13 15:13:51 +02:00
VirtuBox
34d640cd22 Fix MariaDB innodb_buffer_pool_instances 2020-05-12 14:57:12 +02:00
Morgan
e0b9b06d0c Updated caching rules 
Removed `/edd_action` as it's actually `/?edd_action` a query string. They are removed by default.

Removed `/checkout` as we already have /checkout/ (One of my plugins has the URL of /checkout-countdown../ and was never cached.) 

Added `/account/` as it's a common page that shouldn't be cached.
 2020-03-22 19:28:56 +08:00
tersor
e8bbd0c370 Enable Letsencrypt installation on sites that use basic auth 2020-02-12 11:57:13 +01:00
VirtuBox
15f3d49eed Fix fail2ban configuration when nginx not installed 
* improve kernel tweaks 
* remove deprecated kernel tweaks
 2020-01-30 12:35:38 +01:00
VirtuBox
2cdec042b5 Update 22222 port from template 2020-01-13 18:24:18 +01:00
VirtuBox
9a5b3e3368 Fix mysql stack purge with remote db 2020-01-07 16:18:17 +01:00
VirtuBox
bca4155866 Merge remote-tracking branch 'origin/master' into updating-configuration 2019-12-16 14:10:06 +01:00
Morgan
7bb918b2e3 Protect Easy Digital Download files from being accessed directly. 
Easy Digital Download files won't be able to be downloaded directly from the server. 

https://docs.easydigitaldownloads.com/article/682-protected-download-files-on-nginx
 2019-12-16 10:44:32 +08:00
VirtuBox
13a6000c20 Update dependencies 
* display domain type in `wo site info`
 2019-12-11 11:45:20 +01:00