Add comment of Strict-Transport-Security max-age value

author Elan Ruusamäe <glen@pld-linux.org>

Sun, 28 May 2023 11:17:17 +0000 (14:17 +0300)

committer Elan Ruusamäe <glen@pld-linux.org>

Sun, 28 May 2023 11:20:10 +0000 (14:20 +0300)
author Elan Ruusamäe <glen@pld-linux.org>
Sun, 28 May 2023 11:17:17 +0000 (14:17 +0300)
committer Elan Ruusamäe <glen@pld-linux.org>
Sun, 28 May 2023 11:20:10 +0000 (14:20 +0300)
diff --git a/ssl.conf b/ssl.conf

index 692860c63d22635f21168c477cc9bdf4b6766e56..1f04915ab18a20e3a76f397c75590f2eb066f479 100644 (file)
--- a/ssl.conf
+++ b/ssl.conf
@@ -32,7 +32,7 @@ $SERVER["socket"] == ":443" {
         ssl.openssl.ssl-conf-cmd = ("Protocol" => "ALL, -SSLv2, -SSLv3, -TLSv1, -TLSv1.1")
         ssl.cipher-list           = "ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384"
  
-       # HTTP Strict Transport Security (63072000 seconds
+       # HTTP Strict Transport Security (63072000 seconds is around 2 years)
         # setenv.add-response-header  = (
         #       "Strict-Transport-Security" => "max-age=63072000"
         # )
author	Elan Ruusamäe <glen@pld-linux.org>
	Sun, 28 May 2023 11:17:17 +0000 (14:17 +0300)
committer	Elan Ruusamäe <glen@pld-linux.org>
	Sun, 28 May 2023 11:20:10 +0000 (14:20 +0300)