Merge branch 'release/1.0.32'

Author: khalwat

CHANGELOG.md

@@ -1,8 +1,10 @@
 # Nginx-Craft Changelog
 
-## 1.0.32 - UNRELEASED
+## 1.0.32 - 2021.02.08
 ### Changed
 * Changed the include path from `/etc/nginx` to `/home/forge` for the Forge config
+* Removed repeated `server_tokens` within Primary block
+* Changes max-age for HSTS to be one year for preloading
 
 ## 1.0.31 - 2020.11.19
 ### Changed

nginx-partials/security.conf

@@ -1,5 +1,6 @@
 # Security headers via https://securityheaders.io
-add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" always;
+# Submit your domain at https://hstspreload.org to be included in Chrome as HTTPS only.
+add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload" always;
 add_header X-Frame-Options "SAMEORIGIN" always;
 add_header X-XSS-Protection "1; mode=block" always;
 add_header X-Content-Type-Options "nosniff" always;

sites-available/somedomain.com.conf

@@ -41,7 +41,6 @@ server {
 
     # General virtual host settings
     server_name SOMEDOMAIN.com;
-    server_tokens off;
     root "/var/www/SOMEDOMAIN/web";
     index index.html index.htm index.php;
     charset utf-8;