ddbfdf6f6e
Open up lets Encrypt acme challenge config ( #165 )
...
Since Lets Encrypt don't publish IP ranges that their acme challenge service will be sourced from, we need to allow free access to this location special to override any IP ACLs added by Advanced Custom Nginx Configuration. Due to the way Nginx config is applied, this only applies to the regex and below, keeping the IP ACLs working for the rest of the website.
2019-07-05 08:32:41 +10:00
9e476e5b24
Only Secure TLS Ciphers & Protocols ( #134 )
...
Disable insecure SSL/TLS ciphers & protocols. Only TLS_1.2 and TLS_1.3 should be enabled.
2019-05-08 10:01:08 +10:00
b49de0e23e
Enable TLS 1.3 by default
2019-05-02 13:03:16 +10:00
2a3d792591
Fixes #68 - HSTS is now part of the UI
2019-02-18 18:21:45 +10:00
48f2bb4cd8
Fix some ip range stuff
2019-01-03 20:25:01 +10:00
3836f7c40a
Fetch ip ranges for CDN servers, Cloudfront and Cloudfare
2019-01-03 17:04:53 +10:00
c97e6ada5b
Support for upstream ssl proxy hosts
2018-12-12 09:47:12 +10:00
c826ed8c1f
Fix proto forwarded header to industry standard
2018-10-25 08:51:43 +10:00
eb391959aa
Added resolvers auto generation in order for hostnames to work
2018-10-19 16:24:44 +10:00
3970d2891f
Docker build changes
2018-06-20 09:53:18 +10:00
36896bcfc9
Bypass basic auth for letsencrypt acme requests, reload nginx after ssl renewals
2018-03-16 10:53:50 +10:00
b324110c49
Trying something to fix the auto ssl renewal process
2018-03-16 10:32:35 +10:00
6e7435c35d
Initial commit
2017-12-21 09:02:37 +10:00
Paul Mansfield
OhHeyAlan
Jamie Curnow
Jamie Curnow
Jamie Curnow