Software / code / prosody-modules
Diff
mod_strict_https/README.md @ 6003:fe081789f7b5
All community modules: Unify file extention of Markdown files to .md
| author | Menel <menel@snikket.de> |
|---|---|
| date | Tue, 22 Oct 2024 10:26:01 +0200 |
| parent | 5415:f8797e3284ff |
line wrap: on
line diff
--- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/mod_strict_https/README.md Tue Oct 22 10:26:01 2024 +0200 @@ -0,0 +1,37 @@ +--- +summary: HTTP Strict Transport Security +--- + +# Introduction + +This module implements [RFC 6797: HTTP Strict Transport Security] and +responds to all non-HTTPS requests with a `301 Moved Permanently` +redirect to the HTTPS equivalent of the path. + +# Configuration + +Add the module to the `modules_enabled` list and optionally configure +the specific header sent. + +``` lua +modules_enabled = { + ... + "strict_https"; +} +hsts_header = "max-age=31556952" +``` + +If the redirect from `http://` to `https://` causes trouble with +internal use of HTTP APIs it can be disabled: + +``` lua +hsts_redirect = false +``` + +# Compatibility + + ------- ------------- + trunk Should work + 0.12 Should work + 0.11 Should work + ------- -------------
