extend teh hsts setting

64934a74 · Chris Hines · c1518389 · 64934a74
Commit 64934a74 authored 4 years ago by Chris Hines
--- a/sv2.conf
+++ b/sv2.conf
@@ -3,7 +3,7 @@ location ~ /.* {
        #alias /var/www/sv2/dist/sv2/;
        try_files $uri$args $uri$args/ $uri/ /index.html;
        add_header Content-Security-Policy "default-src 'self' *.cloud.cvl.org.au; style-src 'self' fonts.googleapis.com 'unsafe-inline'; font-src 'self' fonts.gstatic.com";
-        add_header Strict-Transport-Security "max-age=600; includeSubDomains" always;
+        add_header Strict-Transport-Security "max-age=15768000; includeSubDomains" always;
    	add_header X-Frame-Options "SAMEORIGIN";
    	add_header X-XSS-Protection "1; mode=block";
    	add_header X-Content-Type-Options "nosniff";