HTTP Strict Transport Security (HSTS) Policy Not Enabled

This public forum is for user-to-user discussions of PHPMaker. Note that this is not support forum.
Post Reply
mishanian
User
Posts: 125

HTTP Strict Transport Security (HSTS) Policy Not Enabled

Post by mishanian »

Hi, I did penetration test and I got this error:

HTTP Strict Transport Security (HSTS) Policy Not Enabled

is there any simple way to add following line to .htaccess by PHPMaker (not manually that will be overwrite on each generate)

<IfModule mod_headers.c>
    Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
</IfModule>

of add the following to PHP header in all pages:

<?php
header("Strict-Transport-Security: max-age=31536000; includeSubDomains; preload");
?>
Top
arbei
User
Posts: 9390

Post by arbei »

You may make an extension to append code to the .htaccess file.

Top
Post Reply

Return to “General Discussion (PHPMaker)”