Support

Admin Tools

#32423 HSTS and more

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by on Thursday, 05 March 2020 17:17 CST

marvays
Hi. I have question about hsts and more.
All I have setup and generate in your .htaccess generator.

When I try check it on any security tools, I see problem:
https://securityheaders.com/?q=vybaveniprovozu.cz&followRedirects=on

Why? Can Admintools help me with it?

nicholas
Akeeba Staff
Manager
There is a discrepancy here.

You are asking me about .htaccess which implies that you're using Apache. Your server's headers say it's using NginX. This can mean one of two things:

A. You misspoke. If you're indeed using NginX you can use the "NginX Config Maker" feature of Admin Tools which is similar to .htaccess Maker but for NginX. In this case you need to include the generated configuration in your NginX config and reload the NginX server. Unlike Apache any changes you make are not taken into account until NginX reloads at which points it reads the configuration, compiles it and keeps its (binary, compiled) rules in memory. That's one of the reasons NginX is so darned fast.

B. You are using NginX as a proxy to Apache. In this case it's up to the NginX configuration to honor the HTTP headers Apache is sending. It's also up to the NginX configuration to tell Apache that it's actually serving an HTTPS request which is the necessary condition for Apache to issue the HSTS header that you've configured in your .htaccess. I do not have experience setting up NginX as a proxy. By the time I had time to spend towards that Apache was already offering an HTTP/2 module, making NginX-as-a-proxy an unnecessarily convoluted exercise. Besides, by smartly configuring Apache (including disabling .htaccess support and putting those rules in the vhost configuration and turning on memory mapping) I was able to achieve comparable throughput. If you need help with this kind of NginX-as-a-proxy configuration you need to ask your host.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!