Is there a way to add headers in the response to the client?
Drew Green, MCSE, CEH Director of Information Technology [cid:TJT_Footer_Logo2.png]<http://www.tjtpa.com> "Celebrating 25 Years of Building Partnerships that Deliver..." 4700 Falls of Neuse Road Suite 400 Raleigh, NC 27609 Direct: 919-532-7925 Main: 919-571-7055 Fax: 919-516-0277 Email Disclaimer<http://www.tjtpa.com/email-disclaimer> -------- Original Message -------- From: Emilio Campos <[email protected]> Sent: Saturday, November 14, 2015 03:01 PM To: [email protected] Subject: Re: [Pound Mailing List] Add HSTS Header AddHeader directe add headers in the request to backend, not in response to client. Regards 2015-11-14 4:52 GMT+01:00 Drew Green, MCSE, CEH <[email protected]<mailto:[email protected]>>: I'm trying to enable HSTS on our Pound install but am not having any luck. We're running a version newer than 2.7c so I haven't been able to use the patch that's been posted. Is there any reason why adding the HSTS header in my Pound config doesn't work? I put AddHeader "Strict-Transport-Security: max-age=31536000;" and a few variations of that but it doesn't seem to pass the header and the SSL Labs test shows HSTS as disabled. Any ideas? Thanks Drew -- Load balancer distribution - Open Source Project http://www.zenloadbalancer.com Distribution list (subscribe): [email protected]<mailto:[email protected]>
