Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 1181 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WAF - Web Server protection and HSTS

SOMOA

Hi

I have a new ADFS 2019 system behind a WAF on XG. The external tests keep telling me it has Strict Transport Security (HSTS) off. 

Is there a setting on the XG that affects this when putting a local server behind the WAF or have I missed something on the local server?

I know there is TLS options for WAF on XG that I have changed and it does affect this whenr unning external tests. Wondering if HSTS is similar



This thread was automatically locked due to age.
Parents
  • 0

    yes the Get-AdfsResponseHeaders shows the setting and is enabled.

  • 0 in reply to SOMOA

    I have no hands-on experience with ADFS 2019.

    On my own websites wich are hosted on a Apache server i have set the HSTS header directive.
    WAF needs no additional configuration, every oworking as expected.

    So my first idea would be that your environment needs additional configuration....

     
    SFVH (SFOS 19.5.1 MR-1-Build278)  - Last (re)boot on Februari 20 2023
    Asus H410i-plus - Pentium 6605 Gold - 250GB M.2 PCIe NVMe SSD - 8GB - 3 ports
    [If any of my posts are helpful to you please use the 'Verify Answer' link]
Reply
  • 0 in reply to SOMOA

    I have no hands-on experience with ADFS 2019.

    On my own websites wich are hosted on a Apache server i have set the HSTS header directive.
    WAF needs no additional configuration, every oworking as expected.

    So my first idea would be that your environment needs additional configuration....

     
    SFVH (SFOS 19.5.1 MR-1-Build278)  - Last (re)boot on Februari 20 2023
    Asus H410i-plus - Pentium 6605 Gold - 250GB M.2 PCIe NVMe SSD - 8GB - 3 ports
    [If any of my posts are helpful to you please use the 'Verify Answer' link]
Children
Unfiltered HTML