Forum Discussion

Nimbostratus

Jan 22, 2018

HSTS via irule

I have 2 irules. 1 for HTTP HSTS and the other for HTTPS HSTS. they insert the headers but hsts is not enabled. I am running 11.5.4 so the HSTS config is not in my HTTP profile, how can I enable it...

iRules

security

kolom

Altostratus

Jan 22, 2018

Hello pedinopa,

You should enable HSTS only on virtual servers with client SSL profiles.You can enable HSTS on HTTPS Virtual server using the below iRule.

when HTTP_RESPONSE { 
if { !([ HTTP::header exists "Strict-Transport-Security“ ])} 
{ HTTP::header insert "Strict-Transport-Security" "16070400" } 
}

pedinopa_170325

Nimbostratus

Jan 22, 2018

according to ssllabs the HSTS headers are there but not enabled. I tried the irule you suggested did not make a difference.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

HSTS via irule

F5 Academies Are Back – And We’re Coming to a City Near You

Introducing the F5 Application Study Tool (AST)

Recent Discussions

master key file on vcmp guest HA Cluster different?

F5 Health Monitor Receive String as JSON

Rewrite content in XML schema file.

DNS Request to VS?

Guide for exam 402 F5 Certified Solution Expert

Related Content

HSTS is not working.

TMOS HSTS

Hey DeepSeek, can you write iRules?

BIG-IP Next: iRules pool routing

Json parsing with iRules

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS