Welcome to Centmin Mod Community
Become a Member

SSL HSTS not working

Discussion in 'Domains, DNS, Email & SSL Certificates' started by arlon, Mar 2, 2016.

  1. arlon

    arlon Member

    73
    5
    8
    Feb 20, 2016
    Ratings:
    +10
    Local Time:
    6:51 PM
    1.10.1
    10.0
    i want to activate HSTS on my website, i have uncommented hsts rule
    these rule that i have tried:
    add_header Strict-Transport-Security "max-age=31536000" always;
    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
    add_header Strict-Transport-Security "max-age=31536000;";

    i have nprestart too

    i check using curl -I MyDomain | Domain Names, Web Hosting, and Free Domain Services and also ssllabs
     
  2. eva2000

    eva2000 Administrator Staff Member

    29,002
    6,580
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,770
    Local Time:
    9:51 PM
    Nginx 1.13.x
    MariaDB 5.5
    you're testing against html files so need to add header to /usr/local/nginx/conf/staticfiles.conf for html location context too

    Code:
        location ~* \.(html|htm|txt)$ {
            #add_header Pragma public;
            add_header Cache-Control "public, must-revalidate, proxy-revalidate";
            access_log off;
            expires 1d;
            break;
            }
     
    • Like Like x 1
  3. arlon

    arlon Member

    73
    5
    8
    Feb 20, 2016
    Ratings:
    +10
    Local Time:
    6:51 PM
    1.10.1
    10.0
    Great, whats is the best rule?
    add_header Strict-Transport-Security "max-age=31536000" always;
    or
    add_header Strict-Transport-Security "max-age=31536000;";

    i don't have subdomain
     
  4. eva2000

    eva2000 Administrator Staff Member

    29,002
    6,580
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,770
    Local Time:
    9:51 PM
    Nginx 1.13.x
    MariaDB 5.5
  5. arlon

    arlon Member

    73
    5
    8
    Feb 20, 2016
    Ratings:
    +10
    Local Time:
    6:51 PM
    1.10.1
    10.0
  6. eva2000

    eva2000 Administrator Staff Member

    29,002
    6,580
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +9,770
    Local Time:
    9:51 PM
    Nginx 1.13.x
    MariaDB 5.5