Forum Discussion

Jim_Mathers_131

Nimbostratus

Jul 09, 2018

Simplest way to insert "Strict-Transport-Security: max-age=63072000" for all HTTP responses

Hey folks, what is the easiest way to insert that header on an HTTPS vip where we are offloading SSL?

Thanks, Jim

Ret. Employee

How about something like below? This solution checks to make sure the server is not already sending one before inserting the default.

when HTTP_RESPONSE {
     If server has not sent an HSTS header, BIG-IP will
    if { !([HTTP::header exists "Strict-Transport-Security"]) } {
        HTTP::header insert "Strict-Transport-Security" "max-age=63072000"
    }
}

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Simplest way to insert "Strict-Transport-Security: max-age=63072000" for all HTTP responses

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Introduction of Incident Response

custom response page for api

FIX Message Response

Operationlizing Online Fraud Detection, Prevention, and Response

Response and blocking page

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS