From f8d086ba2135ae1363fa3afadd653751fc23e9e5 Mon Sep 17 00:00:00 2001
From: Phan An <me@phanan.net>
Date: Sat, 9 Dec 2017 03:31:35 +0100
Subject: [PATCH] Update README.md

---
 README.md | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 9add9b6..a62fad8 100644
--- a/README.md
+++ b/README.md
@@ -100,9 +100,8 @@ RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
 # on your HTTPS website to help prevent man-in-the-middle attacks.
 # See https://developer.mozilla.org/en-US/docs/Web/Security/HTTP_strict_transport_security
 <IfModule mod_headers.c>
-    Header always set Strict-Transport-Security "max-age=31536000;"
-    # Or, if you want to force HSTS on the sudbmains as well
-    # Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"
+    # Remove "includeSubDomains" if you don't want to enforce HSTS on all subdomains
+    Header always set Strict-Transport-Security "max-age=31536000;includeSubDomains"
 </IfModule>
 ```