Create a gist now

Instantly share code, notes, and snippets.

HSTS (HTTP Secure Transport Security) for Apache credit to https://www.owasp.org
# Use HTTP Strict Transport Security to force client to use secure connections only
Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment