mirror of
https://github.com/thib8956/nginx-proxy
synced 2024-12-26 04:26:31 +00:00
Remove includeSubdomains from HSTS header
includeSubdomains can lead to issues where not all subdomains are able to use HTTPS. This options might be too strict for the general case: https://www.owasp.org/index.php/HTTP_Strict_Transport_Security. It can be re-enabled w/ a custom template if needed. Fixes #109
This commit is contained in:
parent
879bb59d90
commit
4a99ac5548
@ -105,7 +105,7 @@ server {
|
||||
ssl_certificate /etc/nginx/certs/{{ (printf "%s.crt" $cert) }};
|
||||
ssl_certificate_key /etc/nginx/certs/{{ (printf "%s.key" $cert) }};
|
||||
|
||||
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
|
||||
add_header Strict-Transport-Security "max-age=31536000";
|
||||
|
||||
{{ if (exists (printf "/etc/nginx/vhost.d/%s" $host)) }}
|
||||
include {{ printf "/etc/nginx/vhost.d/%s" $host }};
|
||||
|
Loading…
Reference in New Issue
Block a user