| nginx.org/redirect-to-https |
redirect-to-https |
Sets the 301 redirect rule based on the value of the http_x_forwarded_proto header on the server block to force incoming traffic to be over HTTPS. Useful when terminating SSL in a load balancer in front of the Ingress Controller — see 115 |
False |
| ingress.kubernetes.io/ssl-redirect |
ssl-redirect |
Sets an unconditional 301 redirect rule for all incoming HTTP traffic to force incoming traffic over HTTPS. |
True |
| nginx.org/hsts |
hsts |
Enables HTTP Strict Transport Security (HSTS) \ : the HSTS header is added to the responses from backends. The preload directive is included in the header. |
False |
| nginx.org/hsts-max-age |
hsts-max-age |
Sets the value of the max-age directive of the HSTS header. |
2592000 (1 month) |
| nginx.org/hsts-include-subdomains |
hsts-include-subdomains |
Adds the includeSubDomains directive to the HSTS header. |
False |
| nginx.org/hsts-behind-proxy |
hsts-behind-proxy |
Enables HSTS based on the value of the http_x_forwarded_proto request header. Should only be used when TLS termination is configured in a load balancer (proxy) in front of the Ingress Controller. Note: to control redirection from HTTP to HTTPS configure the nginx.org/redirect-to-https annotation. |
False |
