Forum Discussion

Cirrus

May 17, 2016

Strict-Transport-Security (HSTS) header throws Operation not supported errors

This is my iRule to add "Strict-Transport-Security" header to my http response code. when HTTP_RESPONSE { set strictTransportSecurityHeader {Strict-Transport-Security} if { [HTTP::head...

Cumulonimbus

May 18, 2016

Hi,

The HSTS irule must be applied to HTTPS VS and not HTTP.

to be sure this irule is executed before other, you can add priority to this irule event and disable event if Policy action is redirect.

when HTTP_RESPONSE priority 1 {
if {[POLICY::targets http-reply] } {
    log local0. "LTM Policy action contains redirect. Disabling event"
    event disable
    return
}
 set strictTransportSecurityHeader "Strict-Transport-Security"
 if { [HTTP::header exists $strictTransportSecurityHeader] } { 
      HTTP::header remove $strictTransportSecurityHeader
 }
HTTP::header insert $strictTransportSecurityHeader "max-age=31536000; includeSubDomains"
}

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Strict-Transport-Security (HSTS) header throws Operation not supported errors

Recent Discussions

Which process is consuming higher CPU

F5 Health Monitor Receive String as JSON

Background Tasks

SSL bridging without SSL proxy forward

Big-IP VE edition for MacBook M4 Chip

Related Content

Implementing HTTP Strict Transport Security in iRules

WhiteBoard Wednesday: HTTP Strict Transport Security

Enforcing HSTS (HTTP Strict Transport Security) in LineRate

Conditional XOR operations

Re: SYN Cookie operation

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS