ghzhost
diff --git a/‎bin/v-change-sys-release‎
Lines changed: 0 additions & 1 deletion b/‎bin/v-change-sys-release‎
Lines changed: 0 additions & 1 deletion
diff --git a/‎bin/v-change-web-domain-hsts‎
Lines changed: 75 additions & 0 deletions b/‎bin/v-change-web-domain-hsts‎
Lines changed: 75 additions & 0 deletions
diff --git a/‎install/deb/multiphp/nginx/PHP-56.stpl‎
Lines changed: 4 additions & 0 deletions b/‎install/deb/multiphp/nginx/PHP-56.stpl‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎install/deb/multiphp/nginx/PHP-70.stpl‎
Lines changed: 4 additions & 0 deletions b/‎install/deb/multiphp/nginx/PHP-70.stpl‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎install/deb/multiphp/nginx/PHP-71.stpl‎
Lines changed: 4 additions & 0 deletions b/‎install/deb/multiphp/nginx/PHP-71.stpl‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎install/deb/multiphp/nginx/PHP-72.stpl‎
Lines changed: 4 additions & 0 deletions b/‎install/deb/multiphp/nginx/PHP-72.stpl‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎install/deb/multiphp/nginx/PHP-73.stpl‎
Lines changed: 4 additions & 0 deletions b/‎install/deb/multiphp/nginx/PHP-73.stpl‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎install/deb/nginx/nginx.conf‎
Lines changed: 0 additions & 2 deletions b/‎install/deb/nginx/nginx.conf‎
Lines changed: 0 additions & 2 deletions
diff --git a/‎install/deb/templates/web/nginx/caching.stpl‎
Lines changed: 4 additions & 0 deletions b/‎install/deb/templates/web/nginx/caching.stpl‎
Lines changed: 4 additions & 0 deletions
diff --git a/‎install/deb/templates/web/nginx/default.stpl‎
Lines changed: 4 additions & 0 deletions b/‎install/deb/templates/web/nginx/default.stpl‎
Lines changed: 4 additions & 0 deletions
@@ -28,7 +28,6 @@ if [ -z "$branch" ]; then
     echo ""
     echo "Common release branches:"
     echo "(*) master:   Stable releases only"
-    echo "(*) beta:     Beta builds which are being prepared for release"
     echo "(*) develop:  Daily development builds"
     echo ""
     echo "You can also specify another branch name from the"
 
@@ -0,0 +1,75 @@
+#!/bin/bash
+# info: add/remove HSTS support from a domain
+# options: USER DOMAIN STATUS
+#
+# This function will enable or disable HSTS (HTTP Strict Transport Security)
+# for a web domain.
+
+
+#----------------------------------------------------------#
+#                    Variable&Function                     #
+#----------------------------------------------------------#
+
+# Argument definition
+user=$1
+domain=$2
+domain_idn=$2
+status=$3
+
+# Includes
+source $HESTIA/func/main.sh
+source $HESTIA/func/domain.sh
+source $HESTIA/conf/hestia.conf
+
+#----------------------------------------------------------#
+#                    Verifications                         #
+#----------------------------------------------------------#
+
+check_args '2' "$#" 'USER DOMAIN'
+is_format_valid 'user' 'domain'
+is_object_valid 'user' 'USER' "$user"
+is_object_unsuspended 'user' 'USER' "$user"
+is_object_valid 'web' 'DOMAIN' "$domain"
+is_object_unsuspended 'web' 'DOMAIN' "$domain"
+
+#----------------------------------------------------------#
+#                       Action                             #
+#----------------------------------------------------------#
+
+# Load domain data
+eval $(grep "DOMAIN='$domain'" $USER_DATA/web.conf)
+
+# Check if SSL is enabled
+if [ "$SSL" != 'yes' ]; then
+    echo "Error: SSL is not enabled"
+    exit $E_NOTEXIST
+fi
+
+# Check for Apache/Nginx or Nginx/PHP-FPM configuration
+if [ -z $PROXY_SYSTEM ]; then
+    hstsconf="$HOMEDIR/$user/conf/web/$domain/$WEB_SYSTEM.hsts.conf"
+else
+    hstsconf="$HOMEDIR/$user/conf/web/$domain/$PROXY_SYSTEM.hsts.conf"
+fi
+
+if [ "$status" = "on" ]; then
+    echo 'add_header Strict-Transport-Security "max-age=15768000;" always;' > $hstsconf
+    echo "HTTP Strict Transport Security (HSTS) turned on for $domain."
+elif [ "$status" = "off" ]; then
+    rm -f $hstsconf
+    nginx -s reload
+    echo "HTTP Strict Transport Security (HSTS) turned off for $domain."
+else
+    echo "Error: Invalid mode specified."
+    echo "Usage: v-change-web-domain-hsts USER DOMAIN [ON / OFF]"
+fi
+
+#----------------------------------------------------------#
+#                       Hestia                             #
+#----------------------------------------------------------#
+
+# Logging
+log_history "Enabled HTTP Strict Transport Security on $domain."
+log_event "$OK" "$ARGUMENTS"
+
+exit
@@ -9,6 +9,10 @@ server {
 
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
+    ssl_stapling on;
+    ssl_stapling_verify on;
+
+    include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
 
     location / {
 
 
@@ -9,6 +9,10 @@ server {
 
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
+    ssl_stapling on;
+    ssl_stapling_verify on;
+
+    include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
 
     location / {
 
 
@@ -9,6 +9,10 @@ server {
 
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
+    ssl_stapling on;
+    ssl_stapling_verify on;
+
+    include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
 
     location / {
 
 
@@ -9,6 +9,10 @@ server {
 
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
+    ssl_stapling on;
+    ssl_stapling_verify on;
+
+    include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
 
     location / {
 
 
@@ -9,6 +9,10 @@ server {
 
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
+    ssl_stapling on;
+    ssl_stapling_verify on;
+
+    include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
 
     location / {
 
 
@@ -112,8 +112,6 @@ http {
     ssl_dhparam         /etc/ssl/dhparam.pem;
     ssl_ecdh_curve      secp384r1;
     ssl_session_tickets off;
-    ssl_stapling        on;
-    ssl_stapling_verify on;
     resolver 1.0.0.1 1.1.1.1 valid=300s ipv6=off;
     resolver_timeout    5s;
 
 
@@ -3,8 +3,12 @@ server {
     server_name %domain_idn% %alias_idn%;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
+    ssl_stapling on;
+    ssl_stapling_verify on;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
+    include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
+
     location / {
         proxy_pass      https://%ip%:%web_ssl_port%;
 
 
@@ -3,8 +3,12 @@ server {
     server_name %domain_idn% %alias_idn%;
     ssl_certificate      %ssl_pem%;
     ssl_certificate_key  %ssl_key%;
+    ssl_stapling on;
+    ssl_stapling_verify on;
     error_log  /var/log/%web_system%/domains/%domain%.error.log error;
 
+    include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
+
     location / {
         proxy_pass      https://%ip%:%web_ssl_port%;
         location ~* ^.+\.(%proxy_extentions%)$ {