I enabled HSTS (Http Strict Transport Security) on a domain through DA's "Custom HTTPD Configurations", including a 301 redirect for requests on port 80. This works as expected.
But I also use the DA option "ssl_redirect_host=" to force DA logins to the hostname. The HSTS on the domain breaks this option though. I'm not really surprised it does, but I do wonder if anyone knows a workaround.
But I also use the DA option "ssl_redirect_host=" to force DA logins to the hostname. The HSTS on the domain breaks this option though. I'm not really surprised it does, but I do wonder if anyone knows a workaround.