From b0561529d3e625fc4fb528cafe4ac451d9e0eee7 Mon Sep 17 00:00:00 2001
From: nutra-bot <nutradigest@gmail.com>
Date: Mon, 17 Apr 2023 13:51:51 +0000
Subject: [PATCH] enable HSTS

---
 etc/nginx/sites-available/default | 1 +
 1 file changed, 1 insertion(+)

diff --git a/etc/nginx/sites-available/default b/etc/nginx/sites-available/default
index fefa7a2..d342e98 100644
--- a/etc/nginx/sites-available/default
+++ b/etc/nginx/sites-available/default
@@ -10,6 +10,7 @@ server {
   # listen [::]:80 ipv6only=on;
   listen 443 ssl http2 default_server;
   listen [::]:443 ssl ipv6only=on; # managed by Certbot
+  add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
   # ssl_protocols TLSv1 TLSv1.1; # support legacy browsers
   # ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
 
-- 
2.52.0