diff options
author | Jonas Smedegaard <dr@jones.dk> | 2020-10-19 20:29:39 +0200 |
---|---|---|
committer | Jonas Smedegaard <dr@jones.dk> | 2020-10-19 20:29:39 +0200 |
commit | 369792f19ea16fa13f529e356c78da4b66ed7752 (patch) | |
tree | b61189efb6bf1ebc419ec3a3c90d6444795519b3 | |
parent | d07729f5b66b10b80c6857c4f918c2ff4f699049 (diff) |
set HSTS header only with HTTPS
-rw-r--r-- | apache2/conf-available/security.conf | 2 | ||||
-rw-r--r-- | apache2/conf-available/security.conf.diff | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/apache2/conf-available/security.conf b/apache2/conf-available/security.conf index 2fcb473..fabdafb 100644 --- a/apache2/conf-available/security.conf +++ b/apache2/conf-available/security.conf @@ -88,6 +88,6 @@ Header always set Permissions-Policy "accelerometer(), ambient-light-sensor(), a Header always set Referrer-Policy "no-referrer-when-downgrade" # enable Strict Transport Security -Header always set Strict-Transport-Security "max-age=63072000;includeSubdomains;preload" +Header always set Strict-Transport-Security "max-age=63072000;includeSubdomains;preload" "expr=-n %{HTTPS}" # vim: syntax=apache ts=4 sw=4 sts=4 sr noet diff --git a/apache2/conf-available/security.conf.diff b/apache2/conf-available/security.conf.diff index c363be3..5d80605 100644 --- a/apache2/conf-available/security.conf.diff +++ b/apache2/conf-available/security.conf.diff @@ -43,6 +43,6 @@ +Header always set Referrer-Policy "no-referrer-when-downgrade" + +# enable Strict Transport Security -+Header always set Strict-Transport-Security "max-age=63072000;includeSubdomains;preload" ++Header always set Strict-Transport-Security "max-age=63072000;includeSubdomains;preload" "expr=-n %{HTTPS}" # vim: syntax=apache ts=4 sw=4 sts=4 sr noet |