AddHeader directe add headers in the request to backend, not in response to client.
Regards 2015-11-14 4:52 GMT+01:00 Drew Green, MCSE, CEH <[email protected]>: > I'm trying to enable HSTS on our Pound install but am not having any luck. > We're running a version newer than 2.7c so I haven't been able to use the > patch that's been posted. Is there any reason why adding the HSTS header in > my Pound config doesn't work? I put > > AddHeader "Strict-Transport-Security: max-age=31536000;" > > and a few variations of that but it doesn't seem to pass the header and > the SSL Labs test shows HSTS as disabled. Any ideas? > > Thanks > > Drew > > Drew Green, MCSE, CEH > Director of Information Technology > <http://www.tjtpa.com> > > > > *"Celebrating 25 Years of BuildingPartnerships that Deliver..."*4700 > Falls of Neuse Road > Suite 400 > Raleigh, NC 27609 > > Direct: 919-532-7925 > Main: 919-571-7055 > Fax: 919-516-0277 > Email Disclaimer <http://www.tjtpa.com/email-disclaimer> > -- Load balancer distribution - Open Source Project http://www.zenloadbalancer.com Distribution list (subscribe): [email protected]
