do not apply strict transport for subdomains.

author: mo khan <mo@mokhan.ca> 2017-03-12 15:23:37 -0600
committer: mo khan <mo@mokhan.ca> 2017-03-12 15:23:37 -0600
commit: 2aeb233cbbfdd25448c489c2c207285741883a2a (patch)
tree: b9b3a776680730f29c975d646b42b213cdbc693f
parent: 5534c4e0bd65eeb6049a396d1eac82a73a99115b (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/templates/nginx.conf.erb b/templates/nginx.conf.erb
index d49777b..a9c2035 100644
--- a/templates/nginx.conf.erb
+++ b/templates/nginx.conf.erb
@@ -63,7 +63,7 @@ http {
     access_log /var/log/nginx/<%= @domain %>.access.log;
 
     # enable HTST
-    add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
+    add_header Strict-Transport-Security "max-age=63072000; preload";
 
     # disable loading in an iframe
     add_header X-Frame-Options "DENY";
author	mo khan <mo@mokhan.ca>	2017-03-12 15:23:37 -0600
committer	mo khan <mo@mokhan.ca>	2017-03-12 15:23:37 -0600
commit	2aeb233cbbfdd25448c489c2c207285741883a2a (patch)
tree	b9b3a776680730f29c975d646b42b213cdbc693f
parent	5534c4e0bd65eeb6049a396d1eac82a73a99115b (diff)