OcLaunch Launch automagically


HTTPS and IPv6 support

OClaunch blog

Https and IPv6 are now used by OcLaunch sites.

A few days ago, Tuxfamily announced support of TLS certificate for their services and beyond, for everybody, including custom domains, thanks to Let's Encrypt.

We applied HTTPS redirection to ocla.ml first and then to oclaunch.eu.org.

HTTPS

We amend the .htaccess file, adding this code:


# BEGIN HTTPS
<IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteBase /

    RewriteCond %{HTTPS} !=on
    RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [L,R=301]
</IfModule>
# END HTTPS

# BEGIN HSTS
<IfModule mod_headers.c>
# 1 month
    Header always set Strict-Transport-Security "max-age=2628000"
</IfModule>
# END HSTS

This was inspired by Tuxfamily forum.

This redirect to HTTPS page, and set HSTS header. For now, HSTS is set for one month, as a test phase. Since it’s recommended (by Qualys tests) to set it for at least three month, we will upgrade if we do not get problem with HTTPS.

IPv6

We applied recommendations of Tuxfamily for IPv6 on ocla.ml only, since oclaunch.eu.org and lnch.ml are on tuxfamily DNS and thus, it was automatic.

Found problem?

Your feedback is welcome!
Feel free to give it in comment or by (almost) any other way.