Strict transport security off
This commit is contained in:
parent
33e3898932
commit
394dbeb5d7
|
@ -2546,7 +2546,10 @@ server {
|
|||
ssl_prefer_server_ciphers on;
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # not possible to do exclusive
|
||||
ssl_ciphers 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA';
|
||||
add_header Strict-Transport-Security max-age=15768000; # six months
|
||||
add_header Strict-Transport-Security "max-age=0;";
|
||||
# Only uncomment one of the Strict-Transport-Security entries if you are
|
||||
# not using a self-signed certificate
|
||||
# add_header Strict-Transport-Security max-age=15768000; # six months
|
||||
# use this only if all subdomains support HTTPS!
|
||||
# add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
|
||||
|
||||
|
@ -4987,9 +4990,12 @@ server {
|
|||
ssl_prefer_server_ciphers on;
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # not possible to do exclusive
|
||||
ssl_ciphers 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA';
|
||||
#add_header Strict-Transport-Security max-age=15768000; # six months
|
||||
add_header Strict-Transport-Security "max-age=0;";
|
||||
# Only uncomment one of the Strict-Transport-Security entries if you are
|
||||
# not using a self-signed certificate
|
||||
# add_header Strict-Transport-Security max-age=15768000; # six months
|
||||
# use this only if all subdomains support HTTPS!
|
||||
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
|
||||
# add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
|
||||
|
||||
client_max_body_size 6m;
|
||||
|
||||
|
@ -5527,7 +5533,10 @@ server {
|
|||
ssl_prefer_server_ciphers on;
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # not possible to do exclusive
|
||||
ssl_ciphers 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA';
|
||||
add_header Strict-Transport-Security max-age=15768000; # six months
|
||||
add_header Strict-Transport-Security "max-age=0;";
|
||||
# Only uncomment one of the Strict-Transport-Security entries if you are
|
||||
# not using a self-signed certificate
|
||||
# add_header Strict-Transport-Security max-age=15768000; # six months
|
||||
# use this only if all subdomains support HTTPS!
|
||||
# add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
|
||||
|
||||
|
@ -7212,9 +7221,12 @@ server {
|
|||
ssl_prefer_server_ciphers on;
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # not possible to do exclusive
|
||||
ssl_ciphers 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA';
|
||||
#add_header Strict-Transport-Security max-age=15768000; # six months
|
||||
add_header Strict-Transport-Security "max-age=0;";
|
||||
# Only uncomment one of the Strict-Transport-Security entries if you are
|
||||
# not using a self-signed certificate
|
||||
# add_header Strict-Transport-Security max-age=15768000; # six months
|
||||
# use this only if all subdomains support HTTPS!
|
||||
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
|
||||
# add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
|
||||
|
||||
client_max_body_size 6m;
|
||||
|
||||
|
|
Loading…
Reference in New Issue