Use HSTS in example

This commit is contained in:
Clement Michaud 2017-10-15 17:18:15 +02:00
parent 92b78f7c15
commit f523e5335f

View File

@ -30,6 +30,7 @@ http {
ssl_certificate /etc/ssl/server.crt;
ssl_certificate_key /etc/ssl/server.key;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
location / {
proxy_set_header X-Original-URI $request_uri;
@ -58,6 +59,8 @@ http {
ssl on;
ssl_certificate /etc/ssl/server.crt;
ssl_certificate_key /etc/ssl/server.key;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
}
server {
@ -70,6 +73,8 @@ http {
ssl_certificate /etc/ssl/server.crt;
ssl_certificate_key /etc/ssl/server.key;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
location /auth_verify {
internal;
proxy_set_header X-Original-URI $request_uri;
@ -124,6 +129,8 @@ http {
ssl_certificate /etc/ssl/server.crt;
ssl_certificate_key /etc/ssl/server.key;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
location /auth_verify {
internal;
proxy_set_header X-Original-URI $request_uri;
@ -161,6 +168,8 @@ http {
ssl_certificate /etc/ssl/server.crt;
ssl_certificate_key /etc/ssl/server.key;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
location /auth_verify {
internal;
proxy_set_header X-Original-URI $request_uri;
@ -198,6 +207,8 @@ http {
ssl_certificate /etc/ssl/server.crt;
ssl_certificate_key /etc/ssl/server.key;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
location /auth_verify {
internal;
proxy_set_header X-Original-URI $request_uri;
@ -235,6 +246,8 @@ http {
ssl_certificate /etc/ssl/server.crt;
ssl_certificate_key /etc/ssl/server.key;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
location /auth_verify {
internal;
proxy_set_header X-Original-URI $request_uri;