Home Explore Help
Sign In
yosoyhendrix
/
hestiacp
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Enable STS only for main domain name, not for all subdomains

Robert Zollner 6 years ago
parent
df56c7e3d3
commit
7c1b0bc742
2 changed files with 2 additions and 2 deletions
Split View Show Diff Stats
  1. 1 1
      install/deb/nginx/nginx.conf
  2. 1 1
      src/deb/nginx/nginx.conf

+ 1 - 1
install/deb/nginx/nginx.conf
View File 

@@ -116,7 +116,7 @@ http {
 
     ssl_stapling_verify on;
 
     resolver 1.0.0.1 1.1.1.1 valid=300s;
 
     resolver_timeout    5s;
 
-    add_header          Strict-Transport-Security "max-age=31536000; includeSubDomains";
 
+    add_header          Strict-Transport-Security "max-age=31536000";
 
     add_header          X-Frame-Options SAMEORIGIN;
 
     add_header          X-Content-Type-Options nosniff;

+ 1 - 1
src/deb/nginx/nginx.conf
View File 

@@ -108,7 +108,7 @@ http {
 
 
         location /error/ {
 
             expires off;
 
-            internal
 
+            internal;
 
         }
 
 
         location /rrd/ {