Bildiğiniz gibi bugün CloudFlare kullanımını bıraktım ve direk olarak web sunucusu üzerinden hizmet vermeye başladık, bu noktada fark ettiğim isteklerde headerların her isteğe eklenmiyor olmasıydı, yani tarayıcı dışında hiç bir istekde güvenlik başlıkları eklenmiyordu.
Bu bir sorun mu? son kullanıcı için aslında değil, otomatize sistemler ile istek yapıldığında istismar edilebilecek bir durum, düzeltmek amacıyla doğru yapılandırmayı bırakıyorum aşağıya
# BEGIN W3TC Minify cache
location ~ /wp-content/cache/minify/.*js_gzip$ {
gzip off;
types {}
default_type application/x-javascript;
add_header Content-Encoding gzip;
expires 14400s;
etag on;
if_modified_since exact;
add_header Pragma "public";
add_header Cache-Control "public";
add_header Vary "Accept-Encoding";
}
location ~ /wp-content/cache/minify/.*css_gzip$ {
gzip off;
types {}
default_type text/css;
add_header Content-Encoding gzip;
expires 14400s;
etag on;
if_modified_since exact;
add_header Pragma "public";
add_header Cache-Control "public";
add_header Vary "Accept-Encoding";
}
# END W3TC Minify cache
# BEGIN W3TC Minify core
set $w3tc_enc "";
if ($http_accept_encoding ~ gzip) {
set $w3tc_enc _gzip;
}
if (-f $request_filename$w3tc_enc) {
rewrite (.*) $1$w3tc_enc break;
}
rewrite ^/wp-content/cache/minify/ /index.php last;
# END W3TC Minify core
# BEGIN W3TC Page Cache core
set $w3tc_rewrite 1;
if ($request_method = POST) {
set $w3tc_rewrite 0;
}
if ($query_string != "") {
set $w3tc_rewrite 0;
}
if ($request_uri !~ \/$) {
set $w3tc_rewrite 0;
}
if ($http_cookie ~* "(comment_author|wp\-postpass|w3tc_logged_out|wordpress_logged_in|wptouch_switch_toggle)") {
set $w3tc_rewrite 0;
}
set $w3tc_preview "";
if ($http_cookie ~* "(w3tc_preview)") {
set $w3tc_preview _preview;
}
set $w3tc_ssl "";
if ($scheme = https) {
set $w3tc_ssl _ssl;
}
if ($http_x_forwarded_proto = 'https') {
set $w3tc_ssl _ssl;
}
set $w3tc_enc "";
if ($http_accept_encoding ~ gzip) {
set $w3tc_enc _gzip;
}
set $w3tc_ext "";
if (-f "$document_root/wp-content/cache/page_enhanced/$http_host/$request_uri/_index$w3tc_ssl$w3tc_preview.html$w3tc_enc") {
set $w3tc_ext .html;
}
if (-f "$document_root/wp-content/cache/page_enhanced/$http_host/$request_uri/_index$w3tc_ssl$w3tc_preview.xml$w3tc_enc") {
set $w3tc_ext .xml;
}
if ($w3tc_ext = "") {
set $w3tc_rewrite 0;
}
if ($w3tc_rewrite = 1) {
rewrite .* "/wp-content/cache/page_enhanced/$http_host/$request_uri/_index$w3tc_ssl$w3tc_preview$w3tc_ext$w3tc_enc" last;
}
# END W3TC Page Cache core
# BEGIN W3TC Page Cache cache
location ~ /wp-content/cache/page_enhanced.*gzip$ {
gzip off;
types {
text/xml xml_gzip;
}
default_type text/html;
add_header Content-Encoding gzip;
expires 3600s;
etag on;
if_modified_since exact;
add_header Pragma "public";
add_header Cache-Control "public";
add_header X-Powered-By "W3 Total Cache/0.14.1";
}
# END W3TC Page Cache cache
# BEGIN W3TC Browser Cache
location ~ \.(css|htc|less|js|js2|js3|js4)$ {
expires 14400s;
etag on;
if_modified_since exact;
add_header Pragma "public";
add_header Cache-Control "public";
try_files $uri $uri/ /index.php?$args;
}
location ~ \.(rtf|rtx|txt|xsd|xsl|xml)$ {
expires 3600s;
etag on;
if_modified_since exact;
add_header Pragma "public";
add_header Cache-Control "public";
add_header X-Powered-By "W3 Total Cache/0.14.1";
try_files $uri $uri/ /index.php?$args;
}
location ~ \.(asf|asx|wax|wmv|wmx|avi|bmp|class|divx|doc|docx|exe|gif|gz|gzip|ico|jpg|jpeg|jpe|webp|json|mdb|mid|midi|mov|qt|mp3|m4a|mp4|m4v|mpeg|mpg|mpe|webm|mpp|_otf|odb|odc|odf|odg|odp|ods|odt|ogg|pdf|png|pot|pps|ppt|pptx|ra|ram|svg|svgz|swf|tar|tif|tiff|_ttf|wav|wma|wri|xla|xls|xlsx|xlt|xlw|zip)$ {
expires 31536000s;
etag on;
if_modified_since exact;
add_header Pragma "public";
add_header Cache-Control "public";
add_header X-Powered-By "W3 Total Cache/0.14.1";
try_files $uri $uri/ /index.php?$args;
}
# END W3TC Browser Cache