rack-ssl-enforcer icon indicating copy to clipboard operation
rack-ssl-enforcer copied to clipboard
verified publisher icon tobmatth

Increase the default HSTS max-age to 2 years

Open toncid opened this issue 5 years ago • 0 comments

It is now recommended that the HSTS max-age value defaults to two years.

More info:

  • https://hstspreload.org/#deployment-recommendations
  • https://wiki.mozilla.org/Security/Server_Side_TLS
  • https://github.com/rails/rails/pull/38345

Any chance of releasing an update? It should be trivial.

toncid avatar Mar 02 '20 16:03 toncid