Hi, I have tried adding add_header to my Nginx conf to add Http Strict Transport Security directives. But there is no changes or nothing happened at all in the scanning results using SSLLabs test https://www.ssllabs.com/ssltest/analyze.html?d=support.apasaja.my&ignoreMismatch=on. Please have a look at Protocol Details and Strict Transport Security.
I have tried adding add_header Strict-Transport-Security "max-age=360000; includeSubdomains"; and my directives are as followed http://pastebin.com/4CCMf4Vz
I've test this with NginX 1.4.1 and 1.5.1, can someone show me how to enable it in Nginx?
I have tried adding add_header Strict-Transport-Security "max-age=360000; includeSubdomains"; and my directives are as followed http://pastebin.com/4CCMf4Vz
I've test this with NginX 1.4.1 and 1.5.1, can someone show me how to enable it in Nginx?