Set HSTS header on apache fails


#1

Hi I followed the instructions provided by owncloud refering to add the following lines in the virtual host or in the .htaccess file.
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains; preload"
</IfModule>

In both cases it doesn't work. Could somebody help me, please?

System: Raspbian jessi
Webserver: Apache2
Database: SQL Maria DB

The virtualhost of port 80 is /etc/apache2/sites-enabled/000-default.conf
The virtualhost of por 443 is /etc/apache2/sites-enabled/default-ssl.conf (of this one I'm not really sure)


ownCloud 9.1.0 : How to enable HSTS?
#2

Please use a separate thread as the OP had used nginx and not apache. As such webserver configuration stuff heavily depends on your environment and setup its also recommended to get some help by community like http://www.apachelounge.com/


#3

Moved this topic.

Make sure your mod_headers module is enabled and check your logfiles.