/ Register

Learn about Centmin Mod LEMP Stack today
Become a Member

SSL HSTS not working

Discussion in 'Domains, DNS, Email & SSL Certificates' started by arlon, Mar 2, 2016.

Previous Thread Next Thread
Loading...
  1. Mar 2, 2016 #1
    arlon

    arlon Member

    91
    6
    8
    Feb 20, 2016
    Ratings:
    +12
    Local Time:
    12:21 PM
    1.13.6
    10.1
    i want to activate HSTS on my website, i have uncommented hsts rule
    these rule that i have tried:
    add_header Strict-Transport-Security "max-age=31536000" always;
    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
    add_header Strict-Transport-Security "max-age=31536000;";

    i have nprestart too

    i check using curl -I MyDomain | Domain Names, Web Hosting, and Free Domain Services and also ssllabs
     
  2. Mar 2, 2016 #2
    eva2000

    eva2000 Administrator Staff Member

    34,649
    7,658
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,776
    Local Time:
    3:21 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    you're testing against html files so need to add header to /usr/local/nginx/conf/staticfiles.conf for html location context too

    Code:
        location ~* \.(html|htm|txt)$ {
        #add_header Pragma public;
        add_header Cache-Control "public, must-revalidate, proxy-revalidate";
        access_log off;
        expires 1d;
        break;
        }
     
    • Like Like x 1
  3. Mar 2, 2016 #3
    arlon

    arlon Member

    91
    6
    8
    Feb 20, 2016
    Ratings:
    +12
    Local Time:
    12:21 PM
    1.13.6
    10.1
    Great, whats is the best rule?
    add_header Strict-Transport-Security "max-age=31536000" always;
    or
    add_header Strict-Transport-Security "max-age=31536000;";

    i don't have subdomain
     
  4. Mar 2, 2016 #4
    eva2000

    eva2000 Administrator Staff Member

    34,649
    7,658
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,776
    Local Time:
    3:21 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
  5. Mar 2, 2016 #5
    arlon

    arlon Member

    91
    6
    8
    Feb 20, 2016
    Ratings:
    +12
    Local Time:
    12:21 PM
    1.13.6
    10.1
  6. Mar 2, 2016 #6
    eva2000

    eva2000 Administrator Staff Member

    34,649
    7,658
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +11,776
    Local Time:
    3:21 PM
    Nginx 1.15.x
    MariaDB 5.5/10.x
Previous Thread Next Thread
Loading...
..

.