Is it possible to an AND clause to the IF, so that it only adds the header when
env=HTTPS ?
Thanks!
On Tue, Oct 7, 2014 at 9:22 AM, Eddie B wrote:
> I set HSTS for HTTPS only, using this directive at the beginning of
> httpd.conf (apache 2.2)
>
>
>
>
>
> Header add Strict-Transport-Security "max-age=15768000;includeSubDomains"
> env=HTTPS
>
>
>
>
>
> How can I tell Apache to not set HSTS for
I set HSTS for HTTPS only, using this directive at the beginning of httpd.conf
(apache 2.2)
Header add Strict-Transport-Security "max-age=15768000;includeSubDomains"
env=HTTPS
How can I tell Apache to not set HSTS for specific virtual hosts (using some
type of IF statement) using one
Yes, HSTS requests over HTTP are ignored anyway for similar reasons.
Kind Regards,
Scott
First Class Watches
9 Warwick Road
Kenilworth
CV8 1HD
Warwickshire
United Kingdom
On 6 October 2014 23:19, Eddie B wrote:
> Great answer, thank you Scott.
>
>
>
> Do you recommend only setting the HSTS he
Great answer, thank you Scott.
Do you recommend only setting the HSTS header for https requests?
Hello,
Not strictly a httpd specific issue but nevertheless, Chrome/Firefox should
ignore the header because it is not delivered with a valid certificate and
thus there is no way of knowing if it was actually issued by the website.
You should get the expected result if you first respond with an H
I have an https server that sets the HSTS header, but up to date Chrome (and
other HSTS compatible browsers, such as Firefox 32) still let the user
proceed to HTTPS. Isn't the specific reason HSTS exists to prevent users
from proceeding?
Here's the server: http://pastebin.com/JFJw1m40
How i
I found myself in a similar situation and I couldn't find the reason but I
did find a workaround.
To work around this, make a pkcs12 file with all files in it, your private
key and the whole chain up until the root CA certificate, then extract them
back out from that pkcs12, using the extracted fi
Hi.
I'm in a situation where I got 3 certificates
server.pem -- the end user certificate which's sent by the server to the
client.
intermediate.pem -- server.pem is signed by intermediate.pem's private key.
issuer.pem -- intermediate.pem is signed by issuer.pem's private key.
combined.pem is
On 6 Oct 2014, at 14:16, Jakov Sosic wrote:
> There isn't a large number of clients, it's only a large number of vhosts -
> which translates in large number of FDs in use.
So you've made the most obvious diagnosis yourself.
To test that, why not try it with a logger that doesn't
involve an FD
On 10/06/2014 03:06 PM, Tom Evans wrote:
Why do you think it has anything to do with httpd? This is firmly a
"When I do things with PHP, PHP doesn't work therefore httpd has
a problem" type diagnosis.
I'm sorry that I pointed my finger at httpd. It could be anything in the
chain (HW - ke
On Sun, Oct 5, 2014 at 9:22 PM, Jakov Sosic wrote:
> Hi guys.
>
> I'm running CentOS 6 with latest httpd (2.2.15-31.el6).
>
>
> I've noticed a very peculiar problem with Apache. I have a very high number
> of virtual hosts set up - it's around 501.
>
> Problems started occuring after vhost number
12 matches
Mail list logo