HSTS: bump the max-age to 2 years

Side note: https://hstspreload.org/ . This is what the chromium project expects for preloading.
2021-03-22 19:03:23 -07:00
parent 66ff2a9eb7
commit c6920bd860
2 changed files with 2 additions and 1 deletions
--- a/src/nginxconfig.ejs
+++ b/src/nginxconfig.ejs
@@ -82,7 +82,7 @@ server {
    ssl_prefer_server_ciphers off;

    ssl_dhparam /home/yellowtent/boxdata/dhparams.pem;
-    add_header Strict-Transport-Security "max-age=15768000";
+    add_header Strict-Transport-Security "max-age=63072000";

    # https://github.com/twitter/secureheaders
    # https://www.owasp.org/index.php/OWASP_Secure_Headers_Project#tab=Compatibility_Matrix