offer additional ssl / non-ssl directive textareas

Discussion in 'Feature Requests' started by sjau, Apr 24, 2016.

  1. sjau

    sjau Local Meanie Moderator

    I like ISPC a lot and this far, just the additional textarea to enter apache/nginx directives has been good enough.

    But now I moved to SSL everywhere (thx to Let's Encrypt) and I feel there should be now some additional boxes that could differentiate for directives added to ssl vhost and non-ssl vhost. What comes mostly to mind is a redirect to SSL if non-ssl is being used and sending HSTS header when ssl is used.
    Right now I use this approach:
    <If "%{HTTPS} == 'off'">
        Redirect permanent / https://mydomain.tld
    <If "%{HTTPS} == 'on'">
        Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
    which seesm to work fine. Not sure if there are other "important" directives that differentiate between non-/ssl. If not, maybe instead of text areas one could just add two check boxes:
    [ ] enforce SSL
    [ ] send HTST Header

Share This Page