adrastos20006
Cadet
- Joined
- May 26, 2017
- Messages
- 4
I am hoping somebody can help. I am running FreeNAS 9.3 and using the the owncloud plugin 9.1.2. All is going well with the simple installation of the plugin and the initial log in. I am trying to harden the server some from a security aspect and would like to enable Strict-Security. In the owncloud admin panel I am getting this warning:
"Strict-Transport-Security" HTTP header is not configured to at least "15552000" seconds. For enhanced security we recommend enabling HSTS as described in our security tips.
I don't know where to put this:
I have it in the /mnt/data1/jails_10/owncloud_1/usr/pbi/owncloud-am64/etc/apache24/extra/http-default.conf and httpd-ssl.conf
I am struggling with how to get this implemented in a FreeNAS plugin owncloud environment. Hoping somebody can help.
Thanks. sb
"Strict-Transport-Security" HTTP header is not configured to at least "15552000" seconds. For enhanced security we recommend enabling HSTS as described in our security tips.
I don't know where to put this:
Code:
<IfModule mod_headers.c> Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains" </IfModule>
I have it in the /mnt/data1/jails_10/owncloud_1/usr/pbi/owncloud-am64/etc/apache24/extra/http-default.conf and httpd-ssl.conf
I am struggling with how to get this implemented in a FreeNAS plugin owncloud environment. Hoping somebody can help.
Thanks. sb
Last edited by a moderator: