harden_server.rst: larger HSTS max-age value

Nowadays, the common recommendation is to set HTTP Strict Transport Security max-age value to at least 1 year. It's also min. acceptable value for preload lists. Please see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security#preload Signed-off-by: Yevhen Popok <[email protected]>
nextcloud · Feb 6, 2025 · 0a54719 · 0a54719
1 parent d75da21
commit 0a54719
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/admin_manual/installation/harden_server.rst b/admin_manual/installation/harden_server.rst
@@ -140,7 +140,7 @@ VirtualHost file::
  <VirtualHost *:443>
    ServerName cloud.nextcloud.com
      <IfModule mod_headers.c>
-       Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
+       Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
      </IfModule>
   </VirtualHost>