Commit ac60002b authored by Paweł Chojnacki's avatar Paweł Chojnacki Committed by GitLab

Add more information about HSTS

parent 56ef2187
......@@ -63,6 +63,8 @@ server {
## See app/controllers/application_controller.rb for headers set
## [Optional] Enable HTTP Strict Transport Security
## HSTS is a feature improving protection against MITM attacks
## For more information see: https://www.nginx.com/blog/http-strict-transport-security-hsts-and-nginx/
# add_header Strict-Transport-Security "max-age=31536000; includeSubDomains";
## [Optional] If your certficate has OCSP, enable OCSP stapling to reduce the overhead and latency of running SSL.
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment