Set Strict-Transport-Security header

OrkoGrayskull · October 6, 2022, 10:14am

Hello there,

I want to modify the Strict-Transport-Security header. I use this code in my app.yml:

run:  
# nginx modifications
  - replace:       
      filename: "/etc/nginx/conf.d/discourse.conf"       
      from: /add_header Strict-Transport-Security.+/       
      to: "add_header Strict-Transport-Security 'max-age=31536000; includeSubdomains; preload';"

This works for the first occurrence:
add_header Strict-Transport-Security 'max-age=63072000';

But there is another one with:

location @discourse {
add_header Strict-Transport-Security 'max-age=31536000'; # remember the certificate for a year and automatically connect to HTTPS for this domain

Am I doing something wrong? Why is the second occurrence of Strict-Transport-Security header not modified?

OrkoGrayskull · October 10, 2022, 10:18am

I’ve tested with several customizations. Only the first occurrence of

add_header Strict-Transport-Security

is replaced. Any hints to get this done?

RGJ · October 10, 2022, 10:22am

You need to add global: true to the replace command parameters.

system · November 9, 2022, 10:22am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
"replace" command does not works(discourse-docker) installation	0	349	February 27, 2020
HSTS header not set with www and non www setup support nginx	2	563	October 6, 2022
Allow SSL / HTTPS for your Discourse Docker setup sysadmin how-to , advanced-setup	0	247452	March 18, 2014
How can I update the nginx config directly in discourse/docker ..? installation docker , nginx	10	926	May 6, 2023
How to disable SSL installation	4	780	December 31, 2023

Set Strict-Transport-Security header

Related Topics