"Strict-Transport-Security"

Hi,

I have Nextcloud issue with “Strict-Transport-Security” message. I added in Hestia CP apache conf file next:

<IfModule mod_headers.c>
     Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
     <VirtualHost *:443>
           ServerName nextcloud.mydomain.com
     </VirtualHost>
</IfModule>

Nothing is changed. Anybody know how to fix it?

Create a file in
/home/user/conf/web/domain/nginx.ssl.conf_transport_sercurity

With the contents:

add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

I did, but no changes. Same warning.

Solved. Hestia have in dashboard checkbox for this settings.

1 Like