You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Currently it looks like http://ydns.eu/ does server-side redirect to https://ydns.eu/. It would be more secure if there was also HSTS so clients wouldn't even attempt to connect using http within the specified time.
I think the nginx server block would need add_header Strict-Transport-Security max-age=15552000; (for half-year).
I personally use add_header Strict-Transport-Security "max-age=15552000; includeSubdomains; preload";, but includeSubdomains wouldn't work here as it would require all users who run httpd to have HTTPS with valid certificate and preload requires subdomains to be included or the preload list doesn't accept your submission.
The text was updated successfully, but these errors were encountered:
Currently it looks like http://ydns.eu/ does server-side redirect to https://ydns.eu/. It would be more secure if there was also HSTS so clients wouldn't even attempt to connect using http within the specified time.
I think the nginx server block would need
add_header Strict-Transport-Security max-age=15552000;(for half-year).I personally use
add_header Strict-Transport-Security "max-age=15552000; includeSubdomains; preload";, butincludeSubdomainswouldn't work here as it would require all users who run httpd to have HTTPS with valid certificate and preload requires subdomains to be included or the preload list doesn't accept your submission.The text was updated successfully, but these errors were encountered: