Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Sophos Firewall

Discussions WAF - Web Server protection and HSTS

Sophos Firewall requires membership for participation - click to join

Thread Info

State Suggested Answer
Locked Locked
Replies 4 replies
Answers 1 answer
Subscribers 40 subscribers
Views 2808 views
Users 0 members are here

Options

Suggested

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAF - Web Server protection and HSTS

SOMOA over 2 years ago

Hi

I have a new ADFS 2019 system behind a WAF on XG. The external tests keep telling me it has Strict Transport Security (HSTS) off.

Is there a setting on the XG that affects this when putting a local server behind the WAF or have I missed something on the local server?

I know there is TLS options for WAF on XG that I have changed and it does affect this whenr unning external tests. Wondering if HSTS is similar

This thread was automatically locked due to age.

Top Replies

Peter-Paul Gras over 2 years ago +1 suggested

Did you configure HSTS on your ADFS 2019 server?

Parents

0 Peter-Paul Gras over 2 years ago

Did you configure HSTS on your ADFS 2019 server?

SFVH (SFOS 20.0.0 GA-Build222) - Last (re)boot on November 6th 2023

Asus H410i-plus - Pentium 6605 Gold - 250GB M.2 PCIe NVMe SSD - 8GB - 3 ports

[If any of my posts are helpful to you please use the 'Verify Answer' link]
Cancel
Vote Up +1 Vote Down

Cancel

Reply

0 Peter-Paul Gras over 2 years ago

Did you configure HSTS on your ADFS 2019 server?

SFVH (SFOS 20.0.0 GA-Build222) - Last (re)boot on November 6th 2023

Asus H410i-plus - Pentium 6605 Gold - 250GB M.2 PCIe NVMe SSD - 8GB - 3 ports

[If any of my posts are helpful to you please use the 'Verify Answer' link]
Cancel
Vote Up +1 Vote Down

Cancel

Children

No Data