Commit 298fb52a authored by Richard Weinhold's avatar Richard Weinhold 🎩

remove mod_deflate again since security concerns:...

remove mod_deflate again since security concerns: https://issues.apache.org/bugzilla/show_bug.cgi?id=53219
parent 82fb35cd
......@@ -271,19 +271,12 @@ In `~/html` oder einem Subdomain-Ordner eine `.htaccess` erstellen und damit fü
</IfModule>
RequestHeader set X-Forwarded-Proto https
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml text/css application/x-javascript application/javascript
</IfModule>
```
> siehe Beispiel-.htaccess: [.htaccess](_.htaccess)
Die Zeile mit `RequestHeader` behebt den Fehler "Can't verify CSRF token authenticity" beim Login mit https.
`mod_deflate` ist hier eher optional. Es aktiviert *gzip* für die http-Datenübertragung, was das Laden der Website beschleunigen kann.
## Check Status
```bash
......
......@@ -6,6 +6,7 @@
RequestHeader set X-Forwarded-Proto https
<IfModule mod_deflate.c>
AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml text/css application/x-javascript application/javascript
</IfModule>
#deactivated since security concerns: https://issues.apache.org/bugzilla/show_bug.cgi?id=53219
# <IfModule mod_deflate.c>
# AddOutputFilterByType DEFLATE text/text text/html text/plain text/xml text/css application/x-javascript application/javascript
# </IfModule>
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment