|
1786
|
1 |
#summary HTTP Strict Transport Security |
|
|
2 |
|
|
|
3 |
= Introduction = |
|
|
4 |
|
|
|
5 |
This module implements [https://tools.ietf.org/html/rfc6797 HTTP Strict Transport Security] |
|
|
6 |
and responds to all non-HTTPS requests with a `301 Moved Permanently` redirect to the HTTPS |
|
|
7 |
equivalent of the path. |
|
|
8 |
|
|
|
9 |
= Configuration = |
|
|
10 |
|
|
|
11 |
Add the module to the `modules_enabled` list and optionally configure the specific header sent. |
|
|
12 |
|
|
|
13 |
{{{ |
|
|
14 |
modules_enabled = { |
|
|
15 |
... |
|
|
16 |
"strict_https"; |
|
|
17 |
} |
|
|
18 |
hsts_header = "max-age=31556952" |
|
|
19 |
}}} |
|
|
20 |
|
|
|
21 |
= Compatibility = |
|
|
22 |
||trunk||Works|| |
|
|
23 |
||0.9||Works|| |
|
|
24 |
||0.8||Doesn't work|| |