Impossible to disable HSTS header
-
Ninja firewall has an option to set the Strict-Transport-Security header, however when it is set to “no”, it still sets the header but with a 0 max-age. This is useful for resetting HSTS, but that’s not what I want to do. I’m setting the HSTS header in my nginx config server-wide across multiple sites, so I don’t want Ninja firewall to set it at all. It would be better if the 0 option was under ‘yes’, along with the other duration options, and the ‘no’ option disabled it entirely.
Viewing 1 replies (of 1 total)
Viewing 1 replies (of 1 total)
- The topic ‘Impossible to disable HSTS header’ is closed to new replies.