Complete the code to add the HSTS header in nginx configuration.
add_header Strict-Transport-Security "[1]";
The max-age directive sets the time in seconds that browsers should remember to only use HTTPS. 31536000 seconds equals 1 year, which is a common recommended value.
Complete the code to include subdomains in the HSTS policy.
add_header Strict-Transport-Security "max-age=31536000; [1]";
The correct directive to include all subdomains in the HSTS policy is includeSubDomains (case sensitive, no spaces).
Fix the error in the HSTS header to enable preload.
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; [1]";
The correct directive to enable HSTS preload is preload without any equals sign or hyphens.
Fill both blanks to set HSTS with max age and include subdomains.
add_header Strict-Transport-Security "[1]; [2]";
Use max-age=31536000 for one year and includeSubDomains to cover all subdomains.
Fill all three blanks to set HSTS with max age, include subdomains, and preload.
add_header Strict-Transport-Security "[1]; [2]; [3]";
The recommended HSTS header includes max-age=31536000 (1 year), includeSubDomains, and preload to enable browser preload lists.