# Activate HSTS (HTTP Strict Transport Security) # Note: if we set another header in a location we've to # rewrite it add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
