3f5e6fa52f
Disable HTTP Trace method Nessus security scanner has detected a various vulnerabilities related to improper SSL/TLS configuration on the Fuel node. Vulnerabilities reported by Nessus: 78479 - SSLv3 Padding Oracle On Downgraded Legacy Encryption Vulnerability (POODLE) 42873 - SSL Medium Strength Cipher Suites Supported 58751 - SSL/TLS Protocol Initialization Vector Implementation Information Disclosure Vulnerability 11213 - HTTP TRACE / TRACK Methods Allowed Fix linting Change-Id: I8dd4f178835dbebbc0dfd70aefe7002cae0f545f Closes-Bug: 1408590 Signed-off-by: Sergii Golovatiuk <sgolovatiuk@mirantis.com>
6 lines
216 B
Plaintext
6 lines
216 B
Plaintext
# Force everything except cobbler and nailgun dir to port 8000
|
|
RewriteEngine on
|
|
RewriteCond %{HTTPS} off
|
|
RewriteCond %{REQUEST_URI} !^/(cblr|cobbler)
|
|
RewriteRule (.*) http://%{HTTP_HOST}:8000%{REQUEST_URI} [R=301,L]
|