Forum Discussion

Cirrus

Aug 24, 2023

hsts scan result none

We implemented hsts via irule. The ltm logs says headers are inserting but SSL labs results shows none. We tested the in chrome and can see the header values. Below is the rule. HSTS for http vs: ...

application delivery

Nandhi

Cirrus

Hi Edward,

The hsts already added via irule to the specific vs. We can see the inserted header in GET response and browser developer tools. But ssl labs not able to identify it (showing none).

P_Kueppers

MVP

Aug 24, 2023

Why you insert it via irule and not via http profile? are you testing your http:// url or https:// url on ssllabs? Is there maybe any redirect going on and ssllabs isnt doing that redirect, but browser does?

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

hsts scan result none

Recent Discussions

HTTPS Monitor Health - Receive String 200 OK Not Working

SSL Server Profil

Alert Mail when virtual server down trubleshooting

CLI command to fetch details related to backend server IP

F5 Health Monitor Receive String as JSON

Related Content

Scanning for CVE-2017-9841 Drops Precipitously

Reviewing vulnerability scanner results for an Access Policy Manager (APM) protected Virtual Server

OWASP Automated Threats - OAT-014 Vulnerability Scanning

Advanced iRules: Scan

Advanced iRules: Binary Scan

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS