diff --git a/roles/nextcloud/templates/apache2-vhost-ssl.conf b/roles/nextcloud/templates/apache2-vhost-ssl.conf
index 311d337..271ae3d 100644
--- a/roles/nextcloud/templates/apache2-vhost-ssl.conf
+++ b/roles/nextcloud/templates/apache2-vhost-ssl.conf
@@ -9,15 +9,7 @@ SSLStrictSNIVHostCheck off
# Website configuration
ServerName {{ nextcloud_url }}
- # Uncomment me for HTTPS redirection
- # Leaving it off for now for testing
- #Redirect permanent / https://{{ nextcloud_url }}
- DocumentRoot {{ nextcloud_webroot }}
-
- Require all granted
- AllowOverride All
- Options MultiViews FollowSymlinks
-
+ Redirect permanent / https://{{ nextcloud_url }}
SSLEngine on
@@ -36,4 +28,7 @@ SSLStrictSNIVHostCheck off
AllowOverride All
Options MultiViews FollowSymlinks
+
+ Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
+