add STS header in default ssl config

author: mh <mh@immerda.ch> 2011-02-22 22:59:51 +0100
committer: mh <mh@immerda.ch> 2011-02-22 22:59:51 +0100
commit: a371c169c45dbd14ad3c465f8b7314b14c4ed8cb (patch)
tree: c83e0e002cbe0e32193042552af2548d0ba81439 /files
parent: f14fd057987b5489228a40444c3a101768c5b6bb (diff)
2 files changed, 6 insertions, 0 deletions
diff --git a/files/include.d/CentOS/ssl_defaults.inc b/files/include.d/CentOS/ssl_defaults.inc
index b57cbb9..c1ef0be 100644
--- a/files/include.d/CentOS/ssl_defaults.inc
+++ b/files/include.d/CentOS/ssl_defaults.inc
@@ -142,3 +142,6 @@ SetEnvIf User-Agent ".*MSIE.*" \
 #   compact non-error SSL logfile on a virtual host basis.
 CustomLog logs/ssl_request_log \
           "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b"
+
+# set STS Header
+Header add Strict-Transport-Security "max-age=15768000"
diff --git a/files/include.d/Debian/ssl_defaults.inc b/files/include.d/Debian/ssl_defaults.inc
index 949fe58..d1ec68d 100644
--- a/files/include.d/Debian/ssl_defaults.inc
+++ b/files/include.d/Debian/ssl_defaults.inc
@@ -1,3 +1,6 @@
 SSLProtocol -all +SSLv3 +TLSv1
 SSLCipherSuite HIGH:MEDIUM:!aNULL:!SSLv2:!MD5:@STRENGTH
 SSLHonorCipherOrder on
+
+# set STS Header
+Header add Strict-Transport-Security "max-age=15768000"
author	mh <mh@immerda.ch>	2011-02-22 22:59:51 +0100
committer	mh <mh@immerda.ch>	2011-02-22 22:59:51 +0100
commit	a371c169c45dbd14ad3c465f8b7314b14c4ed8cb (patch)
tree	c83e0e002cbe0e32193042552af2548d0ba81439 /files
parent	f14fd057987b5489228a40444c3a101768c5b6bb (diff)