"Strict-Transport-Security"

servicioexpreso · November 17, 2022, 1:41pm

Hi,

I have Nextcloud issue with “Strict-Transport-Security” message. I added in Hestia CP apache conf file next:

<IfModule mod_headers.c>
     Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
     <VirtualHost *:443>
           ServerName nextcloud.mydomain.com
     </VirtualHost>
</IfModule>

Nothing is changed. Anybody know how to fix it?

eris · November 17, 2022, 3:35pm

Create a file in
/home/user/conf/web/domain/nginx.ssl.conf_transport_sercurity

With the contents:

add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

servicioexpreso · November 17, 2022, 4:22pm

I did, but no changes. Same warning.

servicioexpreso · November 17, 2022, 5:48pm

Solved. Hestia have in dashboard checkbox for this settings.

system · December 17, 2022, 5:48pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.