From a7bc4e738753ffebead84d326f3012d126f54c1e Mon Sep 17 00:00:00 2001 From: Adar Nimrod <nimrod@shore.co.il> Date: Sat, 12 Dec 2020 21:17:44 +0200 Subject: [PATCH] Add Expect-CT header. --- conf.d/mail.shore.co.il.conf | 1 + snippets/ssl.conf | 1 + 2 files changed, 2 insertions(+) diff --git a/conf.d/mail.shore.co.il.conf b/conf.d/mail.shore.co.il.conf index 3bd2e13..40bc173 100644 --- a/conf.d/mail.shore.co.il.conf +++ b/conf.d/mail.shore.co.il.conf @@ -19,6 +19,7 @@ server { # Copied from snippetes/ssl.conf. add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; + add_header Expect-CT "max-age=86400, enforce, report-uri=\"https://www.shore.co.il/about\""; include snippets/common-headers.conf; ssl_certificate /var/ssl/mail.crt; ssl_certificate_key /var/ssl/mail.key; diff --git a/snippets/ssl.conf b/snippets/ssl.conf index a209d98..8a0dd0a 100644 --- a/snippets/ssl.conf +++ b/snippets/ssl.conf @@ -1,4 +1,5 @@ add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"; +add_header Expect-CT "max-age=86400, enforce, report-uri=\"https://www.shore.co.il/about\""; include snippets/common-headers.conf; ssl_certificate /var/ssl/site.crt; ssl_certificate_key /var/ssl/site.key; -- GitLab