Strict HTTP transport security on open

Question

Strict HTTP transport security on open

How to enable HTTP Strict Transport Security in openshift portal? I am working on a php application and am not really sure where to go. I believe I need access to the Apache config file to achieve this - which I don't think lets go down.

+3

security http-headers https openshift

MM 07 Aug 15 at 13:05

source to share

1 answer

luciddreamz · Accepted Answer · 2015-08-14T15:42:53+0000

Just create a file .htaccess

and add the HSTS header there.

# Force https
RewriteEngine on 
RewriteCond %{HTTP:X-Forwarded-Proto} !https 
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

# Add HSTS header
Header set Strict-Transport-Security "max-age=31536000"

Strict HTTP transport security on open

More articles: