Capçaleres Headers

HSTS #

HTTP Strict Transport Security

Apache #

Al virtualHost HTTPS

LoadModule headers_module modules/mod_headers.so
<VirtualHost*:443>
    Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains;"
</VirtualHost>

Redireccionar l'HTTP (No fa falta incloure DocumentRoot) #

<VirtualHost *:80>
  
  ServerName example.com
  Redirect permanent / https://example.com/
</VirtualHost>

També es pot redireccionar

<VirtualHost *:80>
  [...]
  <IfModule mod_rewrite.c>
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
  </IfModule>
</VirtualHost>

Nginx #

Afegir al bloc server

add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; ";

https://raymii.org/s/tutorials/HTTP_Strict_Transport_Security_for_Apache_NGINX_and_Lighttpd.html

HSTS #

Apache #

Redireccionar l'HTTP (No fa falta incloure DocumentRoot) #

Nginx #

On this page: