Welcome! Log In Create A New Profile

Advanced

HSTS configure

Posted by DenPe 
Forum List Message List New Topic
DenPe
HSTS configure
April 08, 2019 09:58AM
Good day!
According to the HSTS tuning instructions (https://www.nginx.com/blog/http-strict-transport-security-hsts-and-nginx/).
The problem is that we are not tested by https://page-speed.ru/tests/http2/ - HSTS not used, although the title is "Strict-Transport-Security: max-age = 31536000; includeSubDomains".

Please tell me what I am doing wrong.

http.conf:

server {
listen 80 default_server;
server_name *.test.com;
return 301 https://$server_name$request_uri;
}

https.conf:

server {
listen test2.test.com;
server_name test2.test.com;
listen 443 default ssl;
ssl_certificate /etc/nginx/ssl/wildcart_chain.pem;
ssl_certificate_key /etc/nginx/ssl/wildcart_privatekey.pem;

add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";

gzip on;
gzip_min_length 1000;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/html text/plain application/xml;
location / {
client_max_body_size 100m;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:8080;
}
location /b520504b-721c-4810-ba34-9f341eb8544e {
proxy_pass https://panda.aplana.com/b520504b-721c-4810-ba34-9f341eb8544e;
}
}
Reply Quote
Newer Topic Older Topic
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 158
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready