From fdc63dbf757a94105ff1bf9d295fcc4047f34ea4 Mon Sep 17 00:00:00 2001 From: PiBa-NL Date: Mon, 17 Feb 2014 23:10:50 +0100 Subject: haproxy-devel, option for "HTTP Strict Transport Security" HTST --- config/haproxy-devel/haproxy_pool_edit.php | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) (limited to 'config/haproxy-devel/haproxy_pool_edit.php') diff --git a/config/haproxy-devel/haproxy_pool_edit.php b/config/haproxy-devel/haproxy_pool_edit.php index 3bc3ff9d..27519429 100644 --- a/config/haproxy-devel/haproxy_pool_edit.php +++ b/config/haproxy-devel/haproxy_pool_edit.php @@ -189,6 +189,9 @@ if ($_POST) { if ($server_port && !is_numeric($server_port)) $input_errors[] = "The field 'Port' value is not a number."; } + + if ($_POST['strict_transport_security'] !== "" && !is_numeric($_POST['strict_transport_security'])) + $input_errors[] = "The field 'Strict-Transport-Security' is not empty or a number."; if (!$input_errors) { $pool = array(); @@ -789,6 +792,21 @@ set by the 'retries' parameter.   + + Advanced + + + Strict-Transport-Security + + When configured enables "HTTP Strict Transport Security" leave empty to disable.
+ WARNING! the domain will only work over https with a valid certificate!
+ size="20" /> Seconds
+ If configured clients that requested the page with this setting active will not be able to visit this domain over a unencrypted http connection. + So make sure you understand the consequence of this setting or start with a really low value.
+ EXAMPLE: 60 for testing if you are absolutely sure you want this 31536000 (12 months) would be good for production. + + +     -- cgit v1.2.3