From d9357aca09344bebefef4efdf83dbbd054d4c3a5 Mon Sep 17 00:00:00 2001
From: "echo r\"0xX4H\" | rev" <pub@mble.dk>
Date: Fri, 15 Aug 2025 16:31:02 +0200
Subject: [PATCH] [enh] add HSTS header (#419)

---
 Caddyfile | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/Caddyfile b/Caddyfile
index d892524..f6725e9 100644
--- a/Caddyfile
+++ b/Caddyfile
@@ -65,6 +65,11 @@ header {
 
 	# Comment header to allow indexing by search engines
 	X-Robots-Tag "noindex, nofollow, noarchive, nositelinkssearchbox, nosnippet, notranslate, noimageindex"
+    
+	# enable HSTS
+	# WARNING: Once this value is set, the site must continue to support HTTPS until the expiry time is reached.
+
+	# Strict-Transport-Security max-age=15768000;
 
 	# Remove "Server" header
 	-Server