Security Headers Insertion

Problem this snippet solves: Centralize the security header management for one or more domains on the recommendation of SecurityHeaders.io. Be warned!! You can really do damage to your availabili...
Published Mar 14, 2016
Version 1.0
security
JRahm's avatar
JRahm
Icon for Admin rankAdmin
Jan 24, 2018

The 301 should really be only for requests to the http vip. Including the explicit redirect to ssl is considered best practice for capturing the first (pre-hsts-enabled) request.