Page MenuHomePhabricator
Create Task
Maniphest T118787

releases.wikimedia.org should be https only and have hsts set
Closed, ResolvedPublic
Actions

Description

releases.wikimedia.org doesn't have a http to https redirect nor hsts

Details

SubjectRepoBranchLines +/-
releases: enable strict transport securityoperations/puppetproduction+1 -0
releases: load mod_headers for proto redirectoperations/puppetproduction+1 -0
releases: enforce http->https redirect behind misc-weboperations/puppetproduction+7 -0
Customize query in gerrit

Event Timeline

yuvipanda created this task.Nov 16 2015, 11:00 PM
yuvipanda raised the priority of this task from to Needs Triage.
yuvipanda updated the task description. (Show Details)
yuvipanda added a project: SRE.
yuvipanda added subscribers: yuvipanda, BBlack.
Restricted Application added subscribers: StudiesWorld, Aklapper. · View Herald TranscriptNov 16 2015, 11:00 PM
Krenair subscribed.Nov 16 2015, 11:00 PM
Dzahn claimed this task.Nov 17 2015, 12:09 AM
Dzahn triaged this task as Medium priority.Nov 17 2015, 9:35 PM
gerritbot subscribed.Nov 17 2015, 9:43 PM

Change 253757 had a related patch set uploaded (by Dzahn):
releases: enforce http->https redirect behind misc-web

https://gerrit.wikimedia.org/r/253757

gerritbot added a project: Patch-For-Review.Nov 17 2015, 9:43 PM
gerritbot added a comment.Nov 17 2015, 9:52 PM

Change 253759 had a related patch set uploaded (by Dzahn):
releases: enable strict transport security

https://gerrit.wikimedia.org/r/253759

Chmarkine added a project: HTTPS.Nov 18 2015, 4:22 PM
Chmarkine set Security to None.
Chmarkine subscribed.
gerritbot added a comment.Nov 18 2015, 5:27 PM

Change 253757 merged by Dzahn:
releases: enforce http->https redirect behind misc-web

https://gerrit.wikimedia.org/r/253757

gerritbot added a comment.Nov 18 2015, 5:32 PM

Change 253936 had a related patch set uploaded (by Dzahn):
releases: load mod_headers for proto redirect

https://gerrit.wikimedia.org/r/253936

gerritbot added a comment.Nov 18 2015, 5:34 PM

Change 253936 merged by Dzahn:
releases: load mod_headers for proto redirect

https://gerrit.wikimedia.org/r/253936

Dzahn added a comment.Nov 18 2015, 5:44 PM

Merged the protocol redirect. It now redirects http->https.

Waiting with the HSTS headers just a little bit just in case.. because that can't be reverted.

gerritbot added a comment.Nov 24 2015, 9:54 PM

Change 253759 merged by Dzahn:
releases: enable strict transport security

https://gerrit.wikimedia.org/r/253759

Dzahn added a comment.Nov 24 2015, 10:00 PM

Also merged that part and added the STS headers now that about a week went by without complaints.

Dzahn closed this task as Resolved.Nov 24 2015, 10:00 PM
Dzahn removed a project: Patch-For-Review.
Phabricator_maintenance removed a subscriber: yuvipanda.Jun 7 2017, 6:46 PM
Restricted Application added a project: Traffic. · View Herald TranscriptJun 7 2017, 6:46 PM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL