From 0632591996893fe136a1f2fe44d9b9f404f41f3e Mon Sep 17 00:00:00 2001
From: Harald Pfeiffer <harald.pfeiffer@xmart.de>
Date: Thu, 1 Nov 2018 13:30:58 +0100
Subject: Initial commit

---
 localfs/etc/httpd/conf.d/security.d/hsts.conf | 4 ++++
 1 file changed, 4 insertions(+)
 create mode 100644 localfs/etc/httpd/conf.d/security.d/hsts.conf

(limited to 'localfs/etc/httpd/conf.d/security.d/hsts.conf')

diff --git a/localfs/etc/httpd/conf.d/security.d/hsts.conf b/localfs/etc/httpd/conf.d/security.d/hsts.conf
new file mode 100644
index 0000000..3276a70
--- /dev/null
+++ b/localfs/etc/httpd/conf.d/security.d/hsts.conf
@@ -0,0 +1,4 @@
+# Do not use header always set, it would push HSTS to non-HTTPS even though it's in this tree...
+<IfModule mod_ssl.c>
+	Header set Strict-Transport-Security "max-age=31556926;includeSubDomains;preload"
+</IfModule>
-- 
cgit v1.2.3