Https and IPv6 are now used by OcLaunch sites.
A few days ago, Tuxfamily announced support of TLS certificate for their services and beyond, for everybody, including custom domains, thanks to Let's Encrypt.
We applied HTTPS redirection to ocla.ml first and then to oclaunch.eu.org.
HTTPS
We amend the .htaccess
file, adding this code:
# BEGIN HTTPS
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{HTTPS} !=on
RewriteRule .* https://%{SERVER_NAME}%{REQUEST_URI} [L,R=301]
</IfModule>
# END HTTPS
# BEGIN HSTS
<IfModule mod_headers.c>
# 1 month
Header always set Strict-Transport-Security "max-age=2628000"
</IfModule>
# END HSTS
This was inspired by Tuxfamily forum.
This redirect to HTTPS page, and set HSTS header. For now, HSTS is set for one month, as a test phase. Since it’s recommended (by Qualys tests) to set it for at least three month, we will upgrade if we do not get problem with HTTPS.
IPv6
We applied recommendations of Tuxfamily for IPv6 on ocla.ml only, since oclaunch.eu.org and lnch.ml are on tuxfamily DNS and thus, it was automatic.
Found problem?
Your feedback is welcome!
Feel free to give it in comment or by (almost) any other way.