gaja-group
/
server-configs-nginx
mirror of https://github.com/h5bp/server-configs-nginx
2
0
Fork 0
Code Issues Releases Wiki Activity

Remove Unnecessary Trailing Semicolon 

No need to add a semicolon for the last directive. In addition, having that unnecessary semicolon causes the HSTS tool (https://hstspreload.org/) for getting on the preload list to fail with an error about the semicolon.
This commit is contained in:
0ri0n 2017-01-07 12:10:02 -05:00 committed by GitHub
parent cb3dc0554e
commit 9c7e84f54f
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
h5bp/directive-only/ssl.conf
View File

@ -32,12 +32,12 @@ keepalive_timeout 300s; # up from 75 secs default
# HSTS (HTTP Strict Transport Security) # HSTS (HTTP Strict Transport Security)
# This header tells browsers to cache the certificate for a year and to connect exclusively via HTTPS. # This header tells browsers to cache the certificate for a year and to connect exclusively via HTTPS.
#add_header Strict-Transport-Security "max-age=31536000;" always; #add_header Strict-Transport-Security "max-age=31536000" always;
# This version tells browsers to treat all subdomains the same as this site and to load exclusively over HTTPS # This version tells browsers to treat all subdomains the same as this site and to load exclusively over HTTPS
#add_header Strict-Transport-Security "max-age=31536000; includeSubDomains;" always; #add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
# This version tells browsers to treat all subdomains the same as this site and to load exclusively over HTTPS # This version tells browsers to treat all subdomains the same as this site and to load exclusively over HTTPS
# Recommend is also to use preload service # Recommend is also to use preload service
#add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload;" always; #add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
# This default SSL certificate will be served whenever the client lacks support for SNI (Server Name Indication). # This default SSL certificate will be served whenever the client lacks support for SNI (Server Name Indication).
# Make it a symlink to the most important certificate you have, so that users of IE 8 and below on WinXP can see your main site without SSL errors. # Make it a symlink to the most important certificate you have, so that users of IE 8 and below on WinXP can see your main site without SSL errors.