Options

HTTP Strict Transport Security (HSTS)

arprasannaarprasanna Member
in ADC - Application Delivery

Hello,

can any share me the Aflex script for HTTP Strict Transport Security (HSTS).

Comments

  • Options
    arprasannaarprasanna Member


  • Options
    arprasannaarprasanna Member

    i have this Irule

    when HTTP_REQUEST {

    # save hostname for use in response

    set fqdn_name [HTTP::host]

    }

    when HTTP_REQUEST {

    if { not ([ HTTP::header exists "Strict-Transport-Security" ]) }

    { HTTP::header insert "Strict-Transport-Security" "max-age=16070400; includeSubDomains" }

    ### enable logging only for testing

    # log local0.info "#01 - HTTP-Header Strict-Transport-Security inserted for HTTP-Host: $fqdn_name

    from Client: [IP::client_addr]:[TCP::client_port] ===> VS: [IP::local_addr]:[TCP::local_port]"

    }

    }

    .

    Done.

    aFleX syntax error. Line 6: wrong # args: no script following "{ not ([ HTTP::header exists "Strict-Transport-Sec" argument


    getting the above error message need to convert to aflex

  • Options
    john_allenjohn_allen Member

    I don't see anything wrong with the code on first glance. You might want to try using IF syntax like this:

    if {} {

    }

    That's all I use and haven't had any problems. Could just be a parser glitch.

  • Options
    arprasannaarprasanna Member

    Hi John,

    can you share code what you used.

  • Options
    rvalenciarvalencia Member, A10ers

    This can be enable using http template. Here is an example:

    ! create a HTTP template

    slb template http tp_add_HSTS

      response-header-insert "Strict-Transport-Security: max-age=31536000; includeSubDomains; preload


    ! Bind the HTTP template to the vPort

    slb virtual-server vip1 10.10.10.10

    port 443 https

         template http tp_add_HSTS

        template client-ssl tp_client_ssl01

         service-group sg_tcp_80

  • Options
    rodrigoshrodrigosh Member

    Hello, I set the following value in the HTTP Template


    Strict-Transport-Security: max-age=31536000; includeSubDomains; preload

    Insert if not exist

  • Options
    lexiluna55lexiluna55 Member

    HTTP Strict Transport Security (HSTS) is a crucial web security mechanism that enforces secure connections by instructing browsers to only communicate with websites over HTTPS. By mitigating man-in-the-middle attacks and ensuring data integrity, HSTS enhances user safety and reinforces the overall resilience of online communication protocols. https://fmapps.org

Sign In or Register to comment.