News/HTTPS enforcement at shared proxy: Difference between revisions

Latest revision as of 18:03, 2 February 2021

Tracked in Phabricator
Task T120486 Resolved

The web proxy service for Cloud VPS projects is enforcing TLS encryption by automatically redirecting from HTTP to HTTPS.

Requests to *.wmcloud.org and *.wmflabs.org hosts via the domain proxy service enforce TLS encryption
Strict-Transport-Security header added to TLS secured responses instructing user-agents to automatically upgrade http:// requests to https:// for the next 24 hours.

Done 2020-08-18: TLS enforced for GET and HEAD requests and Strict-Transport-Security header with one day duration sent to clients.
Done 2021-02-02: TLS enforced for all requests and Strict-Transport-Security header with one year duration sent to clients.

@@ Line 1: / Line 1: @@
-{{Tracked|T120486}}
+{{Tracked|T120486|Resolved}}
 The [[Help:Using a web proxy to reach Cloud VPS servers from the internet|web proxy]] service for Cloud VPS projects is enforcing [[w:Transport Layer Security|TLS]] encryption by automatically redirecting from HTTP to HTTPS.
@@ Line 8: / Line 8: @@
 == Timeline ==
 * {{Done}} 2020-08-18: TLS enforced for ''GET'' and ''HEAD'' requests and Strict-Transport-Security header with ''one day'' duration sent to clients.
-* 2021-02-01: TLS enforced for all requests and Strict-Transport-Security header with ''one year'' duration sent to clients.
+* {{Done}} 2021-02-02: TLS enforced for all requests and Strict-Transport-Security header with ''one year'' duration sent to clients.