post: remove more cloudflare headers

This commit is contained in:
MDLeom 2020-04-22 03:25:42 +01:00
parent 6a4a361b67
commit aebe6637a9
No known key found for this signature in database
GPG Key ID: 5D9DB57A25D34EE3
3 changed files with 41 additions and 1 deletions

View File

@ -306,6 +306,8 @@ To prevent any unnecessary request headers from being sent to the upstreams, I u
header_upstream -cf-visitor
header_upstream -true-client-ip
header_upstream -cdn-loop
header_upstream -cf-request-id
header_upstream -cf-cache-status
}
mdleom.com {
@ -315,11 +317,12 @@ mdleom.com {
}
```
The upstream locations insert some information into the response headers that could like my server location. I use `header` directive to filter them out. It applies to all `proxy` directive.
The upstream locations insert some information into the response headers that are irrelevant to the site visitors. I use `header` directive to filter them out. It applies to all `proxy` directive.
```
header / {
-server
-alt-svc
-cdn-cache
-cdn-cachedat
-cdn-edgestorageid
@ -327,6 +330,9 @@ The upstream locations insert some information into the response headers that co
-cdn-requestcountrycode
-cdn-requestid
-cdn-uid
-cf-cache-status
-cf-ray
-cf-request-id
-etag
-set-cookie
-x-bytes-saved
@ -370,6 +376,8 @@ I also add the `Cache-Control` and `Referrer-Policy` to the response header. Use
header_upstream -cf-visitor
header_upstream -true-client-ip
header_upstream -cdn-loop
header_upstream -cf-request-id
header_upstream -cf-cache-status
}
(staticallyCfg) {
@ -391,6 +399,7 @@ mdleom.com:4430 www.mdleom.com:4430 {
header / {
-server
-alt-svc
-cdn-cache
-cdn-cachedat
-cdn-edgestorageid
@ -398,6 +407,9 @@ mdleom.com:4430 www.mdleom.com:4430 {
-cdn-requestcountrycode
-cdn-requestid
-cdn-uid
-cf-cache-status
-cf-ray
-cf-request-id
-etag
-set-cookie
-x-bytes-saved

View File

@ -213,6 +213,16 @@ The rest are similar to "[caddyTor.conf](/blog/2020/03/16/tor-hidden-onion-nixos
(removeHeaders) {
header_upstream -cookie
header_upstream -referer
header_upstream -cf-ipcountry
header_upstream -cf-connecting-ip
header_upstream -x-forwarded-for
header_upstream -x-forwarded-proto
header_upstream -cf-ray
header_upstream -cf-visitor
header_upstream -true-client-ip
header_upstream -cdn-loop
header_upstream -cf-request-id
header_upstream -cf-cache-status
}
(staticallyCfg) {
@ -227,6 +237,7 @@ ggucqf2jmtfxcw7us5sts3x7u2qljseocfzlhzebfpihkyvhcqfa.b32.i2p:8081 mdleom.i2p:808
header / {
-server
-alt-svc
-cdn-cache
-cdn-cachedat
-cdn-edgestorageid
@ -234,6 +245,9 @@ ggucqf2jmtfxcw7us5sts3x7u2qljseocfzlhzebfpihkyvhcqfa.b32.i2p:8081 mdleom.i2p:808
-cdn-requestcountrycode
-cdn-requestid
-cdn-uid
-cf-cache-status
-cf-ray
-cf-request-id
-etag
-set-cookie
-strict-transport-security

View File

@ -188,6 +188,16 @@ The rest are similar to "[caddyProxy.conf](/blog/2020/03/14/caddy-nix-part-3/#ca
(removeHeaders) {
header_upstream -cookie
header_upstream -referer
header_upstream -cf-ipcountry
header_upstream -cf-connecting-ip
header_upstream -x-forwarded-for
header_upstream -x-forwarded-proto
header_upstream -cf-ray
header_upstream -cf-visitor
header_upstream -true-client-ip
header_upstream -cdn-loop
header_upstream -cf-request-id
header_upstream -cf-cache-status
}
(staticallyCfg) {
@ -202,6 +212,7 @@ xw226dvxac7jzcpsf4xb64r4epr6o5hgn46dxlqk7gnjptakik6xnzqd.onion:8080 {
header / {
-server
-alt-svc
-cdn-cache
-cdn-cachedat
-cdn-edgestorageid
@ -209,6 +220,9 @@ xw226dvxac7jzcpsf4xb64r4epr6o5hgn46dxlqk7gnjptakik6xnzqd.onion:8080 {
-cdn-requestcountrycode
-cdn-requestid
-cdn-uid
-cf-cache-status
-cf-ray
-cf-request-id
-etag
-set-cookie
-strict-transport-security