How to Enable HSTS in Webmin

HSTS, which is short for HTTP Strict Transport Security, is a security feature that lets a web site tell browsers that it should only be communicated with using HTTPS, instead of using HTTP.

This tutorial will help you setting HSTS in webmin.

First, navigate to "Servers"-->"Apache Webserver", click the virtual server with SSL enabled which you want to edit. Then click "Edit Directives" to edit configuration file manually.

Second, add the following configs to the bottom of the file.

Header always set Strict-Transport-Security "max-age=63072000; includeSubdomains;"

Click "Save and close" and restart Apache by clicking the "Apply Changes" on the top right.

It's done and now HTTP Strict Transport Security has been enabled. You can run a ssl test here to find if it was enabled.

Comments

  1. neilMarch 29, 2021 at 2:00 PM

    Unfortunately, this throws an illegal command error.

    ReplyDelete

Post a Comment

Popular posts from this blog

ONE-CLICK L2TP/IPSec VPN Installer

Today, I am sharing you a one-click l2tp vpn installer. It's pretty easy to install and use. Before you run the script, make sure that your VPS is not a OpenVZ VPS. This script has been installed on Vultr successfully. Step 1 Run the following commands one by one. wget --no-check-certificate https://raw.githubusercontent.com/teddysun/across/master/l2tp.sh chmod +x l2tp.sh ./l2tp.sh Step 2 Input the information needed according to the instruction the script given. For example, IP range, PSK, username and password. Several minutes later, your L2TP/IPsec VPN server is running. Step 3 If you want to add and delete users, here is a list of commands. l2tp -a : Add a user l2tp -d : Delete a user l2tp -m : Modifies all the passwords of existing users l2tp -l : List all the username and passwords l2tp - h : Help This script of one-click l2tp vpn is pretty straight forward, give it a try, and you will find it is a time saver.
Read more

Alphabet Sold Google Domains to Squarespace

Image
According to Squarespace's press release , Alphabet sold Google Domains assets to them, and the transaction will be completed in the third quarter. The transaction involves 10 million domain names, under the terms of the agreement, Squarespace will honor all existing Google Domains customers' renewal prices for at least 12 months following the closing of the transaction. There will be seamless transfer between them, and there will not be much impact on users. The Google Domains business started in 2014, the word beta was removed in 2022, and it was sold in 2023, which lasted for 9 years. Domain name registration is an important web infrastructure, just like CloudFlare, which is a CDN provider, has also started a domain name hosting service. For Alphabet has Google Cloud service, it is reasonable to have this part of the infrastructure. From what I know of Google's business, there are at least 3 places where domain name registration can be integrated into Google's exist...
Read more