Closed ch2ch3 closed 6 years ago
Looks good!
I was wondering if maybe we should also use this opportunity to enable HSTS?
Also, as I was looking at the config file, I couldn't see an entry for ustwo.com
on port 443, not sure if that's a problem, but maybe worths adding.
So maybe we could change the block at line 63 to this?
server {
listen 443 default ssl;
server_name ustwo.com local.ustwo.com origin.ustwo.com;
add_header Strict-Transport-Security "max-age=31536000";
include /etc/nginx/ssl.conf;
include /etc/nginx/locations/production.conf;
}
@daaain Sounds good to me! (Although now that you mention it, I don't see how our requests for we have a default in line 64 😅 )https://ustwo.com
are getting processed.
Do you want to add that change to this PR?
👍 added
👋 @phil-linnell
Lovely, thanks both 👍
Hey,
I noticed last night that visiting http://ustwo.com doesn't redirect to HTTPS, only http://www.ustwo.com. Added a fix for this and I think that this should resolve #559 as well.
My nginx is a bit rusty so would be great if @daaain could take a look at this 😄