Bahmni · petmongrels · May 20, 2021 · Jun 2, 2021 · Jun 11, 2021 · Jun 22, 2021
diff --git a/bahmni-web/resources/ssl.conf b/bahmni-web/resources/ssl.conf
@@ -109,6 +109,12 @@ SSLCryptoDevice builtin
 
 </IfModule>
 
+Header edit Set-Cookie ^(.*)$ $1;HttpOnly;Secure;SameSite=Strict
+Header edit Location ^http://(.*)$ https://$1
+RequestHeader unset Referer
+Header always set Strict-Transport-Security "max-age=63072000; includeSubDomains"
+Header always set X-Frame-Options "deny"
+
 ##
 ## SSL Virtual Host Context
 ##

diff --git a/bahmni-web/scripts/postinstall.sh b/bahmni-web/scripts/postinstall.sh
@@ -89,11 +89,16 @@ setupOfflineMetadata(){
      ln -s /opt/bahmni-web/etc/offlineMetadata.json /var/www/html/offlineMetadata.json
 }
 
+removeAutoIndexConf(){
+     mv /etc/httpd/conf.d/autoindex.conf /tmp/
+}
+
 setupConfFiles
 setupCacheDir
 setupClientSideLogging
 setupApps
 setupOfflineMetadata
+removeAutoIndexConf
 
 if [[ "${IMPLEMENTATION_NAME:-default}" = "default" ]]; then
 setupConfigs