From 1a9b3d1c2114436ef38d1d8de57728e652b41089 Mon Sep 17 00:00:00 2001 From: Dane Powell Date: Wed, 26 Oct 2016 12:27:56 -0700 Subject: [PATCH] Added sample patches for SSL and SAML. (#602) --- template/patches/htaccess-simplesaml.patch | 13 +++++++++++++ template/patches/htaccess-ssl.patch | 17 +++++++++++++++++ 2 files changed, 30 insertions(+) create mode 100644 template/patches/htaccess-simplesaml.patch create mode 100644 template/patches/htaccess-ssl.patch diff --git a/template/patches/htaccess-simplesaml.patch b/template/patches/htaccess-simplesaml.patch new file mode 100644 index 000000000..ff9d7f4e5 --- /dev/null +++ b/template/patches/htaccess-simplesaml.patch @@ -0,0 +1,13 @@ +diff --git a/.htaccess b/.htaccess +index 4716fa1..93f9ab6 100644 +--- a/.htaccess ++++ b/.htaccess +@@ -150,6 +150,8 @@ AddEncoding gzip svgz + # Copy and adapt this rule to directly execute PHP files in contributed or + # custom modules or to run another PHP application in the same directory. + RewriteCond %{REQUEST_URI} !/core/modules/statistics/statistics.php$ ++ # Allow access to simplesaml paths ++ RewriteCond %{REQUEST_URI} !^/simplesaml + # Deny access to any other PHP files that do not match the rules above. + # Specifically, disallow autoload.php from being served directly. + RewriteRule "^(.+/.*|autoload)\.php($|/)" - [F] diff --git a/template/patches/htaccess-ssl.patch b/template/patches/htaccess-ssl.patch new file mode 100644 index 000000000..46f9be48f --- /dev/null +++ b/template/patches/htaccess-ssl.patch @@ -0,0 +1,17 @@ +diff --git a/.htaccess b/.htaccess +index 4716fa1..14014ce 100644 +--- a/.htaccess ++++ b/.htaccess +@@ -122,6 +122,12 @@ AddEncoding gzip svgz + # uncomment the following line: + # RewriteBase / + ++ # Redirect HTTP to HTTPS on cloud ++ RewriteCond %{ENV:AH_SITE_ENVIRONMENT} !^$ ++ RewriteCond %{HTTPS} off ++ RewriteCond %{HTTP:X-Forwarded-Proto} !https ++ RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] ++ + # Redirect common PHP files to their new locations. + RewriteCond %{REQUEST_URI} ^(.*)?/(install.php) [OR] + RewriteCond %{REQUEST_URI} ^(.*)?/(rebuild.php)