jstoja
commented
6 years ago This will be easy to fix when #5 will be solved.
Closed pushcx closed 11 months ago
jstoja
commented
6 years ago This will be easy to fix when #5 will be solved.
jstoja
commented
3 years ago Hey Peter,
I see that HSTS has been added to the nginx configuration, but it hasn't been enabled yet (it's commented): https://github.com/lobsters/lobsters-ansible/blob/master/roles/nginx/files/test/nginx/sites-available/lobste.rs#L84
If it hasn't been working properly, would you have more details?
Best, Julien
pushcx
commented
11 months ago Done earlier today with commits to this and the lobsters repo.
Lobste.rs is preloaded into Chrome's list of sites that are HTTPS-only, but the headers to maintain this seem to have gone missing in the move. This is almost certainly a tweak to the nginx.conf.
More info: https://hstspreload.org/?domain=lobste.rs