From 0a54719948da59442b9a1ae14f4f44f9e0038171 Mon Sep 17 00:00:00 2001
From: Yevhen Popok <xalt7x.service@gmail.com>
Date: Thu, 6 Feb 2025 19:32:42 +0200
Subject: [PATCH] harden_server.rst: larger HSTS max-age value

Nowadays, the common recommendation is to set HTTP Strict Transport Security max-age value to at least 1 year.
It's also min. acceptable value for preload lists.
Please see: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security#preload

Signed-off-by: Yevhen Popok <xalt7x.service@gmail.com>
---
 admin_manual/installation/harden_server.rst | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/admin_manual/installation/harden_server.rst b/admin_manual/installation/harden_server.rst
index 2ccec6f7e28..39d65dc371a 100644
--- a/admin_manual/installation/harden_server.rst
+++ b/admin_manual/installation/harden_server.rst
@@ -140,7 +140,7 @@ VirtualHost file::
  <VirtualHost *:443>
    ServerName cloud.nextcloud.com
      <IfModule mod_headers.c>
-       Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
+       Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
      </IfModule>
   </VirtualHost>