From 30816ce7cb5544665a8030020ad940e8bb4ce865 Mon Sep 17 00:00:00 2001
From: Phan An <me@phanan.net>
Date: Fri, 8 Dec 2017 16:42:51 +0100
Subject: [PATCH] Update README.md

---
 README.md | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index e009dec..9add9b6 100644
--- a/README.md
+++ b/README.md
@@ -100,7 +100,9 @@ RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
 # on your HTTPS website to help prevent man-in-the-middle attacks.
 # See https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security
 <IfModule mod_headers.c>
-    Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
+    Header always set Strict-Transport-Security "max-age=31536000;"
+    # Or, if you want to force HSTS on the sudbmains as well
+    # Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
 </IfModule>
 ```