Michael Schiemer
9b74ade5b0
Resolved multiple critical discovery system issues: ## Discovery System Fixes - Fixed console commands not being discovered on first run - Implemented fallback discovery for empty caches - Added context-aware caching with separate cache keys - Fixed object serialization preventing __PHP_Incomplete_Class ## Cache System Improvements - Smart caching that only caches meaningful results - Separate caches for different execution contexts (console, web, test) - Proper array serialization/deserialization for cache compatibility - Cache hit logging for debugging and monitoring ## Object Serialization Fixes - Fixed DiscoveredAttribute serialization with proper string conversion - Sanitized additional data to prevent object reference issues - Added fallback for corrupted cache entries ## Performance & Reliability - All 69 console commands properly discovered and cached - 534 total discovery items successfully cached and restored - No more __PHP_Incomplete_Class cache corruption - Improved error handling and graceful fallbacks ## Testing & Quality - Fixed code style issues across discovery components - Enhanced logging for better debugging capabilities - Improved cache validation and error recovery Ready for production deployment with stable discovery system. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
49 lines
1.4 KiB
Django/Jinja
49 lines
1.4 KiB
Django/Jinja
# Security Headers Configuration
|
|
# Custom PHP Framework - {{ environment | upper }}
|
|
|
|
# Security Headers
|
|
{% for header, value in security_headers.items() %}
|
|
add_header {{ header }} "{{ value }}" always;
|
|
{% endfor %}
|
|
|
|
# HSTS (HTTP Strict Transport Security)
|
|
{% if hsts_enabled %}
|
|
add_header Strict-Transport-Security "max-age={{ hsts_max_age }}{% if hsts_include_subdomains %}; includeSubDomains{% endif %}{% if hsts_preload %}; preload{% endif %}" always;
|
|
{% endif %}
|
|
|
|
# Additional Security Measures
|
|
add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive" always;
|
|
|
|
# Server Information Hiding
|
|
more_clear_headers 'Server';
|
|
more_set_headers 'Server: Custom-Framework/{{ environment }}';
|
|
|
|
# Prevent clickjacking for admin areas
|
|
location /admin {
|
|
add_header X-Frame-Options "DENY" always;
|
|
}
|
|
|
|
# Additional security for API endpoints
|
|
location /api {
|
|
# Rate limiting is handled in separate config
|
|
add_header X-Content-Type-Options "nosniff" always;
|
|
add_header X-XSS-Protection "1; mode=block" always;
|
|
}
|
|
|
|
# Disable access to sensitive files
|
|
location ~* \.(env|git|gitignore|gitattributes|htaccess|htpasswd|ini|log|sh|sql|conf)$ {
|
|
deny all;
|
|
return 404;
|
|
}
|
|
|
|
# Prevent access to hidden files and directories
|
|
location ~ /\. {
|
|
deny all;
|
|
return 404;
|
|
}
|
|
|
|
# Block access to backup and temporary files
|
|
location ~* \.(bak|backup|swp|tmp|temp|~)$ {
|
|
deny all;
|
|
return 404;
|
|
} |