Learn about Centmin Mod LEMP Stack today
Become a Member

SSL HSTS not working

Discussion in 'Domains, DNS, Email & SSL Certificates' started by arlon, Mar 2, 2016.

  1. arlon

    arlon Member

    91
    6
    8
    Feb 20, 2016
    Ratings:
    +12
    Local Time:
    12:21 PM
    1.13.6
    10.1
    i want to activate HSTS on my website, i have uncommented hsts rule
    these rule that i have tried:
    add_header Strict-Transport-Security "max-age=31536000" always;
    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
    add_header Strict-Transport-Security "max-age=31536000;";

    i have nprestart too

    i check using curl -I MyDomain | Domain Names, Web Hosting, and Free Domain Services and also ssllabs
     
  2. eva2000

    eva2000 Administrator Staff Member

    34,649
    7,658
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,776
    Local Time:
    3:21 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    you're testing against html files so need to add header to /usr/local/nginx/conf/staticfiles.conf for html location context too

    Code:
        location ~* \.(html|htm|txt)$ {
            #add_header Pragma public;
            add_header Cache-Control "public, must-revalidate, proxy-revalidate";
            access_log off;
            expires 1d;
            break;
            }
     
    • Like Like x 1
  3. arlon

    arlon Member

    91
    6
    8
    Feb 20, 2016
    Ratings:
    +12
    Local Time:
    12:21 PM
    1.13.6
    10.1
    Great, whats is the best rule?
    add_header Strict-Transport-Security "max-age=31536000" always;
    or
    add_header Strict-Transport-Security "max-age=31536000;";

    i don't have subdomain
     
  4. eva2000

    eva2000 Administrator Staff Member

    34,649
    7,658
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,776
    Local Time:
    3:21 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
  5. arlon

    arlon Member

    91
    6
    8
    Feb 20, 2016
    Ratings:
    +12
    Local Time:
    12:21 PM
    1.13.6
    10.1
  6. eva2000

    eva2000 Administrator Staff Member

    34,649
    7,658
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,776
    Local Time:
    3:21 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
..