Http Strict Transport Security is not working in NginX 1.4.1 and 1.5.1
June 26, 2013 05:32PM
Hi, I have tried adding add_header to my Nginx conf to add Http Strict Transport Security directives. But there is no changes or nothing happened at all in the scanning results using SSLLabs test https://www.ssllabs.com/ssltest/analyze.html?d=support.apasaja.my&ignoreMismatch=on. Please have a look at Protocol Details and Strict Transport Security.

I have tried adding add_header Strict-Transport-Security "max-age=360000; includeSubdomains"; and my directives are as followed http://pastebin.com/4CCMf4Vz

I've test this with NginX 1.4.1 and 1.5.1, can someone show me how to enable it in Nginx?
Re: Http Strict Transport Security is not working in NginX 1.4.1 and 1.5.1
July 25, 2013 03:04AM
Same here. Some clearification would be sweet.
Thanks.
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 120
Record Number of Users: 8 on April 13, 2023
Record Number of Guests: 500 on July 15, 2024
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready