Forum Discussion
Yann_Desmarest
May 17, 2016Cirrus
How to disable HSTS on the management interface ?
Hi,
I regularly have to clean my browser cache to be able to connect to the BIG-IP management webui due to the HSTS feature.
I saw that this header is served in response from BIG-IP mgmt we...
IanB
May 17, 2016Employee
HSTS is enabled on the management interface via apache's configuration file (which is not intended to be user-modifiable)
/config/httpd/conf/httpd.conf
Restrict to https, with HSTS policy lasting for 6 months, allowing subdomains
Header set Strict-Transport-Security "max-age=16070400; includeSubDomains"
I'm curious as to exactly what problem this is causing for you - all it should be doing is ensuring that you access the GUI via https, rather than http. Can you advise the specifics on how it affects you ?
Recent Discussions
Related Content
DevCentral Quicklinks
* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com
Discover DevCentral Connects