From 9db378daffc8a374f3ab2f245e17d52b36a9f7b5 Mon Sep 17 00:00:00 2001
From: root <root@salt.woima.fi>
Date: Wed, 23 Sep 2015 12:50:05 +0300
Subject: [PATCH] preload added to ssl.conf

---
 h5bp/directive-only/ssl.conf | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/h5bp/directive-only/ssl.conf b/h5bp/directive-only/ssl.conf
index adddf99..df77f33 100644
--- a/h5bp/directive-only/ssl.conf
+++ b/h5bp/directive-only/ssl.conf
@@ -35,6 +35,9 @@ keepalive_timeout 300; # up from 75 secs default
 #add_header Strict-Transport-Security "max-age=31536000;";
 # This version tells browsers to treat all subdomains the same as this site and to load exclusively over HTTPS
 #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
+# This version tells browsers to treat all subdomains the same as this site and to load exclusively over HTTPS
+# Recommend is also to use preload service
+#add_header Strict-Transport-Security "max-age=31536000; includeSubdomains; preload;";
 
 # This default SSL certificate will be served whenever the client lacks support for SNI (Server Name Indication).
 # Make it a symlink to the most important certificate you have, so that users of IE 8 and below on WinXP can see your main site without SSL errors.