Set HSTS header on apache fails

Bayel · February 21, 2017, 5:16pm

Hi I followed the instructions provided by owncloud refering to add the following lines in the virtual host or in the .htaccess file.
<IfModule mod_headers.c> Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains; preload" </IfModule>
In both cases it doesn't work. Could somebody help me, please?

System: Raspbian jessi
Webserver: Apache2
Database: SQL Maria DB

The virtualhost of port 80 is /etc/apache2/sites-enabled/000-default.conf
The virtualhost of por 443 is /etc/apache2/sites-enabled/default-ssl.conf (of this one I'm not really sure)

anon81984126 · February 21, 2017, 5:20pm

Please use a separate thread as the OP had used nginx and not apache. As such webserver configuration stuff heavily depends on your environment and setup its also recommended to get some help by community like http://www.apachelounge.com/

tflidd · February 22, 2017, 10:52pm

Moved this topic.

Make sure your mod_headers module is enabled and check your logfiles.