RE: How to skip setting HSTS header for certain virtual hosts only?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: <users@xxxxxxxxxxxxxxxx>
Subject: RE: How to skip setting HSTS header for certain virtual hosts only?
From: "Eddie B" <eddie@xxxxxxxxxxxxxxx>
Date: Tue, 7 Oct 2014 01:25:15 -0700
In-reply-to: <CAAKASGyGpqyNdzrwoaWAxVO4=U5QbB8ELv-t6BzYPPy_wA5mNw@mail.gmail.com>
Organization: MATTERmedia
Reply-to: users@xxxxxxxxxxxxxxxx
Thread-index: AQI8godNRGcXbpRR0C0rLONQY68K1wIh0reVmzn8j0A=

I am using

SetEnvIF Host "^[dev\.domain\.com]$|^[\w+\.dev\.domain\.com]$" AllowDomain=1

SetEnvIF AllowDomain HTTPS HEADER_PROCESSING=1

<IfModule mod_headers.c>

Header add Strict-Transport-Security "max-age=15768000;includeSubDomains" env=HEADER_PROCESSING

</IfModule>

To avoid sending the header to dev.domain.com or xx.dev.domain.com

But instead it doesn’t send the header to any sites.

thanks

References:
- How to skip setting HSTS header for certain virtual hosts only?
  - From: Eddie B
- Re: How to skip setting HSTS header for certain virtual hosts only?
  - From: Igor Cicimov

Prev by Date: RE: How to skip setting HSTS header for certain virtual hosts only?
Next by Date: Re: Cannot get certificate chain to work.
Previous by thread: RE: How to skip setting HSTS header for certain virtual hosts only?
Next by thread: reg: apache webserver 2.2.27 compilation on linux OS
Index(es):
- Date
- Thread

[Index of Archives] [Open SSH Users] [Linux ACPI] [Linux Kernel] [Linux Laptop] [Kernel Newbies] [Security] [Netfilter] [Bugtraq] [Squid] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux Security] [Linux RAID] [Samba] [Video 4 Linux] [Device Mapper]

Powered by Linux