Mercurial > repos > other > Puppet
diff modules/website/templates/https_core_conf.erb @ 373:c68883dde00b
Increase HSTS header duration
Apparently 6 months isn't long enough and we need at least 12
| author | IBBoard <dev@ibboard.co.uk> |
|---|---|
| date | Tue, 15 Jun 2021 19:30:24 +0100 |
| parents | 94f34831132d |
| children |
line wrap: on
line diff
--- a/modules/website/templates/https_core_conf.erb Sat Apr 24 11:12:33 2021 +0100 +++ b/modules/website/templates/https_core_conf.erb Tue Jun 15 19:30:24 2021 +0100 @@ -1,4 +1,4 @@ -Header always set Strict-Transport-Security "max-age=16070400; includeSubDomains" +Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains" <%- if @csp -%> Header always set Content-Security-Policy "upgrade-insecure-requests; <%= @csp_string %>" <%- end -%>