mirror of
https://gitea.blesmrt.net/mikaela/shell-things.git
synced 2024-12-23 11:12:48 +01:00
nginx: HSTS: subdomains & preload
This commit is contained in:
parent
ff94369b6d
commit
2ba606cce6
@ -31,7 +31,7 @@ server {
|
|||||||
ssl_prefer_server_ciphers on;
|
ssl_prefer_server_ciphers on;
|
||||||
|
|
||||||
# Enable this if your want HSTS (recommended)
|
# Enable this if your want HSTS (recommended)
|
||||||
add_header Strict-Transport-Security max-age=15768000;
|
add_header Strict-Transport-Security "max-age=15552000; includeSubdomains; preload";
|
||||||
|
|
||||||
# OCSP Stapling ---
|
# OCSP Stapling ---
|
||||||
# fetch OCSP records from URL in ssl_certificate and cache them
|
# fetch OCSP records from URL in ssl_certificate and cache them
|
||||||
|
@ -4,6 +4,9 @@ server {
|
|||||||
listen 443;
|
listen 443;
|
||||||
listen [::]:443;
|
listen [::]:443;
|
||||||
|
|
||||||
|
# Enable this if your want HSTS (recommended)
|
||||||
|
add_header Strict-Transport-Security "max-age=15552000; includeSubdomains; preload";
|
||||||
|
|
||||||
server_name something.example.org;
|
server_name something.example.org;
|
||||||
|
|
||||||
# NOTE: For X-Real-IP & X-Forwarded-For see ../conf.d/rproxy.conf
|
# NOTE: For X-Real-IP & X-Forwarded-For see ../conf.d/rproxy.conf
|
||||||
|
@ -6,6 +6,9 @@ server {
|
|||||||
listen 443;
|
listen 443;
|
||||||
listen [::]:443;
|
listen [::]:443;
|
||||||
|
|
||||||
|
# Enable this if your want HSTS (recommended)
|
||||||
|
add_header Strict-Transport-Security "max-age=15552000; includeSubdomains; preload";
|
||||||
|
|
||||||
root /var/www/vhostdir;
|
root /var/www/vhostdir;
|
||||||
index index.php index.html index.htm;
|
index index.php index.html index.htm;
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user