本文最后更新于 1879 天前,其中的信息可能已经有所发展或是发生改变。
Nginx
修改配置文件为如下所示:
map $scheme $hsts_header {
https "max-age=31536000; includeSubDomains; preload";
}
server {
......(others)
add_header Strict-Transport-Security $hsts_header;
......(others)
}修改后重启Nginx。
Apache
修改配置文件为如下所示:
<VirtualHost *:443>
......(others)
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
......(others)
</VirtualHost>修改后重启Apache。
https://websistent.com/add-the-hsts-header-only-for-https-requests-nginx/