Forum Discussion

Nimbostratus

Sep 02, 2010

Strict Transport Security

Hi, I have a question, dows anyone implemented Strict Transport Security (STS/HSTS). I have seen many guides to implement this on servers and so on but if you use a ADC then it would be...

config

design

L4L7_53191

Nimbostratus

Sep 13, 2010

This is really interesting, thanks for posting. The good news is that you can accomplish most all of this by simply forcing every request through an SSL enabled virtual server. You can force any non-https request to that VS address back over to the SSL enabled VS. Also, stream profiles can rewrite non-https references for you on the fly.

I'm not saying that this is a superfluous concept at all, but it seems that with an ADC you can actually enforce much of this behavior so you're ahead of the game before you've even started. As far as inserting the header, I agree that this looks totally possible.

-Matt

Recent Discussions

Under Attack? F5 Will Help You.
Contacting F5 Support?

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

Forum Discussion

Strict Transport Security

Recent Discussions

Background Tasks

APM with EntraID as idP / request signed

Should config via cli rather than gui?

APM Modern Customization - modify Header in user-common.js and form in user-logon.js

Which process is consuming higher CPU

Related Content

Implementing HTTP Strict Transport Security in iRules

WhiteBoard Wednesday: HTTP Strict Transport Security

Enforcing HSTS (HTTP Strict Transport Security) in LineRate

What is Transport Layer Security?

F5 Security Podcasts

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS