Enable HSTS.

2023-03-23 01:07:19 +00:00 · 2023-03-23 01:07:19 +00:00 · b6f78d3605
commit b6f78d3605
parent e55949a59a
1 changed files with 2 additions and 2 deletions
--- a/server/xb000-0/nginx/website.conf
+++ b/server/xb000-0/nginx/website.conf
@ -4,7 +4,7 @@
 # Copyright 2022-2023 Jake Winters
 # SPDX-License-Identifier: BSD-3-Clause-Clear

-# Version: 4.0.0.3
+# Version: 5.0.0.4


 # Server (unencrypted)
@ -52,7 +52,7 @@ server {
        ssl_session_cache shared:MozSSL:10m;
        ssl_session_cache shared:ssl_session_cache:10m;
        ssl_session_tickets off;
-#        add_header Strict-Transport-Security "max-age=157680000; includeSubDomains; preload" always;
+        add_header Strict-Transport-Security "max-age=157680000; preload";
        add_header X-Frame-Options "DENY";
        add_header X-Content-Type-Options nosniff;
 #        add_header Content-Security-Policy "default-src 'self'";