Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
21.7 Legacy Series
»
Enable HSTS on Nginx Reverse Proxy
« previous
next »
Print
Pages: [
1
]
Author
Topic: Enable HSTS on Nginx Reverse Proxy (Read 2271 times)
HunvHunv
Newbie
Posts: 10
Karma: 0
Enable HSTS on Nginx Reverse Proxy
«
on:
December 01, 2021, 03:02:08 pm »
Hi,
I am trying to enable HSTS for the Reverse Proxy using the nginx plugin.
I saw the documentation over here:
https://docs.opnsense.org/manual/how-tos/nginx_header_hardening.html
It states "If you set a setting here, it will override what the webserver sets. You can inject this security setting into a
location or HTTP server
."
I configured a security header and set a timeout as well enabled the subdomain checkbox. (like in the screenshot of documentation).
I can find this setting in the HTTP server setting dialog combobox "Security header" but not in the location one were I think the combobox is called "Custom Security Policy".
The reason I want to config it in "location" is, that it does not work if I configure it in "HTTP server". I also don't see this in the nginx.conf at /usr/local/etc/nginx for my upstream server.
Any ideas what is wrong on my side or what I am actually doing wrong?
Logged
fabian
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: Enable HSTS on Nginx Reverse Proxy
«
Reply #1 on:
December 01, 2021, 10:11:24 pm »
You may have missed to reload the server.
Logged
RamSense
Hero Member
Posts: 595
Karma: 10
Re: Enable HSTS on Nginx Reverse Proxy
«
Reply #2 on:
December 02, 2021, 07:58:03 am »
I just added a security header in nginx, did reload the sever and it works. So I think that reload should work for you HunvHunv.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
21.7 Legacy Series
»
Enable HSTS on Nginx Reverse Proxy
