Skip to content

Commit b8e9ed8

Browse files
Add HTTPS enforcement and security headers
- Add enforce_ssl setting to _config.yml - Add .htaccess with HTTPS redirect and security headers - Ensure all connections use HTTPS for realcoding.blog
1 parent 9d70f50 commit b8e9ed8

File tree

2 files changed

+12
-0
lines changed

2 files changed

+12
-0
lines changed

.htaccess

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
# HTTPS 리다이렉트
2+
RewriteEngine On
3+
RewriteCond %{HTTPS} off
4+
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
5+
6+
# Security Headers
7+
Header always set X-Frame-Options DENY
8+
Header always set X-Content-Type-Options nosniff
9+
Header always set X-XSS-Protection "1; mode=block"
10+
Header always set Referrer-Policy "strict-origin-when-cross-origin"
11+
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"

_config.yml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,6 +3,7 @@ title: Real Coding Blog
33
description: 실무에서 배운 개발 노하우와 기술적 인사이트를 공유합니다
44
url: "https://realcoding.blog"
55
baseurl: ""
6+
enforce_ssl: realcoding.blog
67

78
# Author information
89
author:

0 commit comments

Comments
 (0)