4.7 Adding HTTP Strict Transport Security

  1. Open the /etc/opt/novell/apache2/conf/httpd.conf.

  2. Enable the mod_headers library by uncommenting the following line:

    LoadModule headers_module libexec/mod_headers.so

  3. Open /etc/opt/novell/apache2/conf/NovellAgSettings.conf.

    Comment out the header set directive to disable the HSTS header at the bottom of the file:

    Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"

For more information, see Section 6.4, Adding HTTP Strict Transport Security.