From: Ludovic CHEVALIER <ludovic.chevalier@heureux-cyclage.org>
Date: Fri, 22 May 2015 13:42:58 +0000 (+0200)
Subject: Correction :         etc/nginx/conf.d/ssl-pfs.conf
X-Git-Url: http://git.cyclocoop.org/?p=lhc%2Fadmin.git;a=commitdiff_plain;h=714b8cd168984481f03d8b03cd0ec21f2faf9c85

Correction :         etc/nginx/conf.d/ssl-pfs.conf
---

diff --git a/srv/ateliers/etc/nginx/conf.d/ssl-pfs.conf b/srv/ateliers/etc/nginx/conf.d/ssl-pfs.conf
index c097ac4..5d45760 100644
--- a/srv/ateliers/etc/nginx/conf.d/ssl-pfs.conf
+++ b/srv/ateliers/etc/nginx/conf.d/ssl-pfs.conf
@@ -4,7 +4,7 @@
 # DOC: https://www.openssl.org/docs/apps/ciphers.html
 keepalive_timeout 70;
 add_header Strict-Transport-Security "max-age=31536000;";
-add_header X-Frame-Options DENY;
+add_header X-Frame-Options SAMEORIGIN;
 ssl on;
 ssl_ciphers ECDHE-RSA-AES128-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA128:DHE-RSA-AES128-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA128:kEDH+AESGCM:ECDHE-RSA-AES128-SHA384:ECDHE-RSA-AES128-SHA128:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-SHA128:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA384:AES128-GCM-SHA128:AES128-SHA128:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!3DES:!MD5:!PSK:!RC4;
     # NOTE: prioritizes algorithms that provide Perfect Forward Secrecy.