X-Git-Url: http://git.pld-linux.org/?a=blobdiff_plain;f=eventum-lighttpd.conf;h=3746b23828b01ca140f26db9413fb038c226371f;hb=da6e9570d835df9c2b8548ef0bbbf81838423b65;hp=64bb97471ee6324b1d19f6b89faa1de76b377b6d;hpb=37022e567efc2e55212b3dd8d27641bf4ec35df9;p=packages%2Feventum.git

diff --git a/eventum-lighttpd.conf b/eventum-lighttpd.conf
index 64bb974..3746b23 100644
--- a/eventum-lighttpd.conf
+++ b/eventum-lighttpd.conf
@@ -1,4 +1,3 @@
-# $Id$
 #
 # This config provides two kinds of configuration, for url based ("/eventum")
 # and vhost based ("http://eventum.example.org").
@@ -13,6 +12,12 @@
 #	}
 #}
 
+# HTTP Strict Transport Security (HSTS) headers on https addresses
+#$SERVER["socket"] == ":443" {
+#	# HSTS (mod_setenv is required) (15768000 seconds = 6 months)
+#	setenv.add-response-header += ( "Strict-Transport-Security" => "max-age=15768000" )
+#}
+
 # running as alias, part 1
 alias.url += (
 	"/eventum" => "/usr/share/eventum/htdocs",
@@ -20,7 +25,7 @@ alias.url += (
 
 # running as separate vhost, part 1
 #$HTTP["host"] == "eventum.example.org" {
-#    server.document-root = "/usr/share/eventum/htdocs",
+#	server.document-root = "/usr/share/eventum/htdocs",
 #}
 
 # running as alias, part 2
@@ -43,12 +48,19 @@ $HTTP["url"] =~ "^/eventum/" {
 #		)
 #	}
 
-	# SCM integration. Set here IP of host running CVS
+	# SCM integration. Set here IP of host running CVS, SVN, Git
 	$HTTP["remoteip"] != "127.0.0.1" {
 		$HTTP["url"] =~ "/scm_ping\.php$" {
 			url.access-deny = ( "" )
 		}
 	}
+
+	# IP Restrict XMLRPC
+	$HTTP["url"] =~ "/rpc/xmlrpc.php" {
+		$HTTP["remoteip"] !~ "127.0.0.1" {
+			url.access-deny = ( "" )
+		}
+	}
 }
 
 # vim:ts=4