[BlueOnyx:14453] Re: SSL change after updates?
Ken Marcus
kenbxlist at precisionwebhosting.com
Fri Feb 7 02:31:44 -05 2014
On 2/6/2014 10:57 PM, Michael Stauber wrote:
> Hi Ken,
>
>> For some reason http:// urls are rewriting to https:// for one site (mine).
> That might be due to the new "HTTP Strict Transport Security" feature I
> added: http://en.wikipedia.org/wiki/HTTP_Strict_Transport_Security
>
> If you really need it disabled, edit /etc/httpd/conf.d/ssl_perl.conf and
> find the line with 'Header add Strict-Transport-Security' in it and
> comment it out for now.
>
> Then restart httpd and you should be good.
>
> I think I should make this option configurable in the GUI. I'll look
> into that when the dust has settled.
>
Michael
Thanks for the changes in the ssl config. That will make it easier to
pass the PCI security scans without having to manually configure the
SSLProtocol SSLHonorCipherOrder and SSLCipherSuite options. All these
changes will be very good in the long run.
On the problem I was having, I commented out this line and restarted
httpd but it did not seem to have any effect.
#$VirtualHost{"$ip:$sslPort"}{'Header add Strict-Transport-Security'}
= "max-age=15768000";
Not a major problem in the short term.
Ken Marcus
More information about the Blueonyx
mailing list