Is there a way to add headers in the response to the client?
Drew Green, MCSE, CEH
Director of Information Technology
"Celebrating 25 Years of Building
Partnerships that Deliver..."
4700 Falls of Neuse Road
Raleigh, NC 27609
-------- Original Message --------
From: Emilio Campos <emilio.campos.martin(at)gmail.com>
Sent: Saturday, November 14, 2015 03:01 PM
Subject: Re: [Pound Mailing List] Add HSTS Header
AddHeader directe add headers in the request to backend, not in response to
2015-11-14 4:52 GMT+01:00 Drew Green, MCSE, CEH
I'm trying to enable HSTS on our Pound install but am not having any luck.
We're running a version newer than 2.7c so I haven't been able to use the patch
that's been posted. Is there any reason why adding the HSTS header in my Pound
config doesn't work? I put
AddHeader "Strict-Transport-Security: max-age=31536000;"
and a few variations of that but it doesn't seem to pass the header and the SSL
Labs test shows HSTS as disabled. Any ideas?
Load balancer distribution - Open Source Project
Distribution list (subscribe):