well i’ve got a problem.
Im using nginx as webserver and i get the warning message, that my HTTP-Header “Strict-Transport-Security” is not set to at least 15552000 seconds. But my nginx config look like this:
add_header Strict-Transport-Security “max-age=15768000; includeSubDomains; preload;” always;
so i think its correct but it dont work.
Do you got an idea?
Thanks in advance
I’m not a nginx expert. But maybe this coud cause the issue…
### nheritance Rules for
NGINX configuration blocks inherit
add_header directives from their enclosing blocks, so you just need to place the
add_header directive in the top‑level
server block. There’s one important exception: if a block includes an
add_header directive itself, it does not inherit headers from enclosing blocks, and you need to redeclare all
If this doesn’t solve your problem, please post your complete nginx config, maybe someone of the nginx users here will be able to help you…
well it was a Problem in Cloudflare. I configured the HSTS Header there and then after a few minutes it works.