Hello,
I have used https://securityheaders.com to test my site, I have this warning:
There was a duplicate Strict-Transport-Security header.
I don’t know from where the max-age is declared to 1000 but I suppose it’s a Hestia problem, and not a Drupal problem (I have inspect the .htaccess too).
Thanks for your advice.
When you enable HSTS in Hestia, it adds this header to Nginx conf:
add_header Strict-Transport-Security "max-age=31536000;" always;
I would double check again your Drupal’s conf and the modules you are using.
grep -ri 'header.*strict-transport' /home/YourUser/conf/web/YourDomain/
grep -ri 'header.*strict-transport' /home/YourUser/web/YourDomain/
Solved. The value ‘1000’ was declared in Seckit.
Thanks a lot.
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.