Hello All,
Is there any documentation which helps me to see UTM supporting HSTS and configuration on it?
This thread was automatically locked due to age.
Hi Morris,
from what I know you have to edit
/var/storage/chroot-reverseproxy/usr/apache/conf/reverseproxy.conf
on every entry which matches <VirtualHost IP:443>
add the line
Header always set Strict-Transport-Security
"max-age=63072000; includeSubdomains;"
To activate the change use
/var/mdw/scripts/reverseproxy restart
PS ! Please be aware that such changes can be loss of support entitlement !
Best regards
Alex
-
Hi Morris,
from what I know you have to edit
/var/storage/chroot-reverseproxy/usr/apache/conf/reverseproxy.conf
on every entry which matches <VirtualHost IP:443>
add the line
Header always set Strict-Transport-Security
"max-age=63072000; includeSubdomains;"
To activate the change use
/var/mdw/scripts/reverseproxy restart
PS ! Please be aware that such changes can be loss of support entitlement !
Best regards
Alex
-
Not as far as I know. Two things more for that topic. Every config change via gui will revert that setting made in shell. And the second, I think HSTS is passed through by WAF if the server you specified in WAF already supports HSTS. One example I've myself.
BR
-