From 37323320c87a392e94f3c8e8e242afd314636fa1 Mon Sep 17 00:00:00 2001
From: mplx <mplx@donotreply.at>
Date: Mon, 12 Sep 2016 09:46:59 +0200
Subject: [PATCH] do not enable HSTS for subdomains

---
 nginx.tmpl | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nginx.tmpl b/nginx.tmpl
index 980eace..1528b43 100644
--- a/nginx.tmpl
+++ b/nginx.tmpl
@@ -158,7 +158,7 @@ server {
 	{{ end }}
 
 	{{ if (ne $https_method "noredirect") }}
-	add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+	add_header Strict-Transport-Security "max-age=31536000";
 	{{ end }}
 
 	{{ if (exists (printf "/etc/nginx/vhost.d/%s" $host)) }}