Control Web Panel
WebPanel => Apache => Topic started by: itmonitor on April 10, 2019, 03:21:43 PM
-
Hi! Not sure this is the right forum. Could anybody point me to instructions on how to setup HSTS in CWP?
Any advice is welcome.
Rgs
IM
-
Hi, please, any advice is welcome. Looking forward to your replies.
-
In Apache, add the following parameter in the VHOST site:
Header add Strict-Transport-Security "max-age=15768000"
or
Strict-Transport-Security: max-age=15768000; includeSubDomains
The max-age parameter sets the browser the validity period in seconds that HTTPS will be forced, in which case it will be 6 months. The "includeSubDomains" parameter indicates that this rule will apply to subdomains.
Regards,
Netino
-
Hi, thank you.