roles/nginx: Adjust HSTS headers for https block of vhost template
I was only setting it on the PHP block, which is for all dynamic requests (ie pages from WordPress), but it should also be the same for all static files not served from that block. Signed-off-by: Alan Orth <alan.orth@gmail.com>
This commit is contained in:
parent
caec2440bb
commit
7212b87f09
@ -32,5 +32,6 @@
|
||||
spdy_headers_comp 6;
|
||||
|
||||
# Enable this if you want HSTS (recommended, but be careful)
|
||||
add_header Strict-Transport-Security max-age=15768000 always;
|
||||
|
||||
# Include all subdomains and indicate to Google that we want this pre-loaded in Chrome's HSTS store
|
||||
# See: https://hstspreload.appspot.com/
|
||||
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
|
||||
|
Loading…
Reference in New Issue
Block a user