From aa15e5ab38e719bf0f518d6878d34b6031e78767 Mon Sep 17 00:00:00 2001
From: Pierre-Yves Chibon <pingou@pingoured.fr>
Date: Thu, 23 Oct 2014 15:31:56 +0200
Subject: [PATCH] Import some security things from copr-be

---
 roles/anitya/frontend/files/0_releasemonitoring.conf | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/roles/anitya/frontend/files/0_releasemonitoring.conf b/roles/anitya/frontend/files/0_releasemonitoring.conf
index 24033fe8c1..1c0abb2796 100644
--- a/roles/anitya/frontend/files/0_releasemonitoring.conf
+++ b/roles/anitya/frontend/files/0_releasemonitoring.conf
@@ -4,8 +4,13 @@
 </VirtualHost>
 
 <VirtualHost *:443>
-   ServerName release-monitoring.org
+   ServerName release-monitoring.org:443
+
    SSLEngine on
+   SSLProtocol all -SSLv2
+   # Use secure TLSv1.1 and TLSv1.2 ciphers
+   Header add Strict-Transport-Security "max-age=15768000"
+
    SSLCertificateFile /etc/pki/tls/certs/release-monitoring.org.cert
    SSLCertificateKeyFile /etc/pki/tls/certs/release-monitoring.org.key
 </VirtualHost>