diff options
author | o <o@immerda.ch> | 2015-03-10 22:14:51 +0100 |
---|---|---|
committer | o <o@immerda.ch> | 2015-03-10 22:14:51 +0100 |
commit | 8074127b8d8913314c90c3fe6131d078a858f7b6 (patch) | |
tree | 17c7308122aa49f0e41074be98cc003d105f742b /templates | |
parent | fa295b03762a0ae3220b8dcade7155674bb71ac0 (diff) |
hsts should be enabled on a per-site basis
hsts does mix very badly with selfsigned certs. thus we disable it by
default. set configuration['hsts'] = true for vhost with valid certs.
Diffstat (limited to 'templates')
-rw-r--r-- | templates/include.d/ssl_defaults.inc.erb | 3 |
1 files changed, 0 insertions, 3 deletions
diff --git a/templates/include.d/ssl_defaults.inc.erb b/templates/include.d/ssl_defaults.inc.erb index 236eb78..77f8e77 100644 --- a/templates/include.d/ssl_defaults.inc.erb +++ b/templates/include.d/ssl_defaults.inc.erb @@ -76,6 +76,3 @@ SSLHonorCipherOrder on SetEnvIf User-Agent ".*MSIE.*" \ nokeepalive ssl-unclean-shutdown \ downgrade-1.0 force-response-1.0 - -# set STS Header -Header add Strict-Transport-Security "max-age=15768000" |