Set Strict-Transport-Security header

Hello there,

I want to modify the Strict-Transport-Security header. I use this code in my app.yml:

# nginx modifications
  - replace:       
      filename: "/etc/nginx/conf.d/discourse.conf"       
      from: /add_header Strict-Transport-Security.+/       
      to: "add_header Strict-Transport-Security 'max-age=31536000; includeSubdomains; preload';"

This works for the first occurrence:
add_header Strict-Transport-Security 'max-age=63072000';

But there is another one with:

location @discourse {
add_header Strict-Transport-Security 'max-age=31536000'; # remember the certificate for a year and automatically connect to HTTPS for this domain

Am I doing something wrong? Why is the second occurrence of Strict-Transport-Security header not modified?

I’ve tested with several customizations. Only the first occurrence of

add_header Strict-Transport-Security

is replaced. Any hints to get this done?

You need to add global: true to the replace command parameters.

1 Like

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.