/ Register

Want to subscribe to topics you're interested in?
Become a Member

SSL HSTS not working

Discussion in 'Domains, DNS, Email & SSL Certificates' started by arlon, Mar 2, 2016.

Previous Thread Next Thread
Loading...
  1. Mar 2, 2016 #1
    arlon

    arlon Member

    95
    6
    8
    Feb 20, 2016
    Ratings:
    +12
    Local Time:
    5:34 AM
    1.13.6
    10.1
    i want to activate HSTS on my website, i have uncommented hsts rule
    these rule that i have tried:
    add_header Strict-Transport-Security "max-age=31536000" always;
    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
    add_header Strict-Transport-Security "max-age=31536000;";

    i have nprestart too

    i check using curl -I MyDomain | Domain Names, Web Hosting, and Free Domain Services and also ssllabs
     
  2. Mar 2, 2016 #2
    eva2000

    eva2000 Administrator Staff Member

    55,951
    12,283
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,870
    Local Time:
    8:34 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    you're testing against html files so need to add header to /usr/local/nginx/conf/staticfiles.conf for html location context too

    Code:
        location ~* \.(html|htm|txt)$ {
        #add_header Pragma public;
        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
        access_log off;
        expires 1d;
        break;
        }
     
  3. Mar 2, 2016 #3
    arlon

    arlon Member

    95
    6
    8
    Feb 20, 2016
    Ratings:
    +12
    Local Time:
    5:34 AM
    1.13.6
    10.1
    Great, whats is the best rule?
    add_header Strict-Transport-Security "max-age=31536000" always;
    or
    add_header Strict-Transport-Security "max-age=31536000;";

    i don't have subdomain
     
  4. Mar 2, 2016 #4
    eva2000

    eva2000 Administrator Staff Member

    55,951
    12,283
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,870
    Local Time:
    8:34 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
  5. Mar 2, 2016 #5
    arlon

    arlon Member

    95
    6
    8
    Feb 20, 2016
    Ratings:
    +12
    Local Time:
    5:34 AM
    1.13.6
    10.1
  6. Mar 2, 2016 #6
    eva2000

    eva2000 Administrator Staff Member

    55,951
    12,283
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,870
    Local Time:
    8:34 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
Previous Thread Next Thread
Loading...

.