Hi,
I need to edit ssl.conf and add a few customized lines below the variable "Listen" at the top of the file.
I tried a few ways to do it, however failed to accomplish what I need.
These are the lines that I need to add into the file after the top most "Listen" variable in the file.
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
Header always set X-XSS-Protection "1; mode=block"
#Header always set Referrer-Policy "same-origin"
Header always set X-Permitted-Cross-Domain-Policies "master-only"
Header unset X-Powered-By
#Header set X-Content-Type-Options "nosniff"
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript application/x-javascript text/css application/javascript
# enable expirations
ExpiresActive On
# expire files after a day in the client's cache
# expire files after 10 days in the client's cache
ExpiresByType image/gif A864000
ExpiresByType image/jpeg A864000
ExpiresByType image/jpg A864000
ExpiresByType image/png A864000
ExpiresByType text/javascript A864000
ExpiresByType application/x-javascript A864000
ExpiresByType text/css A864000
ExpiresByType image/x-icon A864000
ExpiresByType application/javascript A864000
I use the steps below to add the lines above :
1) arg=$(grep -o -m 1 Listen ssl.conf | head -1)
2) vi add.txt
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
Header always set X-XSS-Protection "1; mode=block"
#Header always set Referrer-Policy "same-origin"
Header always set X-Permitted-Cross-Domain-Policies "master-only"
Header unset X-Powered-By
#Header set X-Content-Type-Options "nosniff"
AddOutputFilterByType DEFLATE text/html text/plain text/xml text/javascript application/x-javascript text/css application/javascript
# enable expirations
ExpiresActive On
# expire files after a day in the client's cache
# expire files after 10 days in the client's cache
ExpiresByType image/gif A864000
ExpiresByType image/jpeg A864000
ExpiresByType image/jpg A864000
ExpiresByType image/png A864000
ExpiresByType text/javascript A864000
ExpiresByType application/x-javascript A864000
ExpiresByType text/css A864000
ExpiresByType image/x-icon A864000
ExpiresByType application/javascript A864000
3) sed -i '/$arg/r add.txt' ssl.conf
The steps above do not work.
I then tried this :
zabbix-cj:/opt/rh/httpd24/root/etc/httpd/conf.d# awk '/$arg/{print $0 RS \
> "Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"" RS \
> "Header always set X-XSS-Protection "1; mode=block"" RS \
> "Header always set X-Permitted-Cross-Domain-Policies "master-only"" RS \
> "Header unset X-Powered-By";next}1' ssl.conf
This throws error :
awk: cmd. line:2: "Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"" RS \
awk: cmd. line:2: ^ syntax error
Please help correct the syntax for the steps I took above (if possible), else suggest another way that will produce what I need.