From b6907cc11e639e10e0f1e0e03207b0b662976359 Mon Sep 17 00:00:00 2001
From: kpcyrd <git@rxv.cc>
Date: Tue, 4 Nov 2014 23:50:07 +0100
Subject: [PATCH] Enable https only on hamburg.freifunk.net

---
 sites-available/wordpress_ffhh | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/sites-available/wordpress_ffhh b/sites-available/wordpress_ffhh
index 7b8bf29..579b9ed 100644
--- a/sites-available/wordpress_ffhh
+++ b/sites-available/wordpress_ffhh
@@ -2,6 +2,13 @@ server {
 	listen				80;		# ipv4 http
 	listen				[::]:80;	# ipv6 http
 
+	server_name			hamburg.freifunk.net www.hamburg.freifunk.net freifunk.ffhh;
+    access_log off; # Bitte nicht aktivieren. Wir wollen ja nicht die IPs unserer Visitor loggen.
+
+    rewrite ^ https://hamburg.freifunk.net/ permanent;
+}
+
+server {
 	listen				443 ssl;	# ipv4 https
 	listen				[::]:443 ssl;	# ipv6 https
 
@@ -36,7 +43,7 @@ server {
 
 	# Tell clients never to use http or self-signed (!) certificates
 	# There's no way to bypass this option after it has been cached!
-	#add_header Strict-Transport-Security max-age=31536000;
+	add_header Strict-Transport-Security max-age=31536000;
 
 	# This order might seem weird - this is attempted to match last if rules below fail.
 	# http://wiki.nginx.org/HttpCoreModule