Manual:$wgForceHTTPS

From mediawiki.org
Jump to navigation Jump to search
This page is a translated version of the page Manual:$wgForceHTTPS and the translation is 31% complete.
Outdated translations are marked like this.
Other languages:
English • ‎Nederlands • ‎français • ‎日本語
サイトのカスタマイズ: $wgForceHTTPS
Redirect insecure HTTP requests to HTTPS.
導入されたバージョン:1.34.3 (Gerrit change 608504; git #c75eef91)
除去されたバージョン:使用中
許容される値:(真偽値)
既定値:false (gerrit:608504, gerrit:612497, gerrit:615840)

詳細

If this setting true, when an insecure HTTP request is received, always redirect to HTTPS. This overrides and disables the preferhttps user preference, and it overrides $wgSecureLogin and the CanIPUseHTTPS hook.

$wgServer may be either https or protocol-relative. If $wgServer starts with "http://", an exception will be thrown.

If a reverse proxy or CDN is used to forward requests from HTTPS to HTTP, the request header "X-Forwarded-Proto: https" should be sent to suppress the redirect.

In addition to setting this to true, for optimal security, the webserver should also be configured to send HTTP Strict Transport Security (HSTS) response headers.

追加

この変数は MediaWiki 1.35.0 (gerrit:615840) で追加されました。

関連項目