How can we improve Kerio Connect?

HTTP Strict Transport Security

HTTP Strict Transport Security (HSTS) is a web security policy mechanism whereby a web server declares that complying user agents (such as a web browser) are to interact with it using secure connections only (such as HTTPS).

http://en.wikipedia.org/wiki/Strict_Transport_Security

http://tools.ietf.org/id/draft-ietf-websec-strict-transport-sec-11.txt

41 votes
Vote
Sign in
Signed in as (Sign out)
You have left! (?) (thinking…)
Marcus Rowell shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

1 comment

Sign in
Signed in as (Sign out)
Submitting...
  • Ryan Lackey commented  ·   ·  Flag as inappropriate

    Yeah, this is really easy to add: just add " Header set Strict-Transport-Security "max-age=500"
    Header append Strict-Transport-Security includeSubDomains" headers. I'm tempted to do it myself outside the web config UI.

Feedback and Knowledge Base