Add HSTS headers to all web services

2024-06-11 20:00:40 +02:00 · 2024-06-11 20:00:40 +02:00 · 8a8216d78e
commit 8a8216d78e
parent 5ae55c6c5b
6 changed files with 11 additions and 7 deletions
--- a/roles/www/templates/nginx-site.conf
+++ b/roles/www/templates/nginx-site.conf
@ -16,7 +16,6 @@ server {
    ssl_certificate_key "/var/lib/dehydrated/certs/{{ www_domain }}/privkey.pem";
    {% endif %}

-    # SSL settings from https://cipherli.st/ - AK47 15 jan 2017
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
    add_header X-Frame-Options DENY;
    add_header X-Content-Type-Options nosniff;