Strict-Transport-Security" HTTP header is not set

MichaIng · 27 April 2021 13:54

https://apps.nextcloud.com/apps/hsts

But that is meant to be used for e.g. shared hostings where you don’t have access to the webserver. Else setting it via webserver directly makes more sense.

przemko · 5 November 2021 10:43

ok you are running lighttpd as web server. You could do following to have HSTS activated. Pls use user root
cd /etc/lighttpd/conf-enabled
ln -s ../conf-available/98-dietpi-hsts.conf 98-dietpi-hsts.conf
service lighttpd force-reload
dietpi-services restart

Hello, I have exactly same situation and I want to remove that warning from my Nextcloud and now my lightpd service is failed.

root@DietPi:/etc/lighttpd/conf-enabled# systemctl status lighttpd.service
● lighttpd.service - Lighttpd Daemon
     Loaded: loaded (/lib/systemd/system/lighttpd.service; disabled; vendor preset: enabled)
     Active: failed (Result: exit-code) since Fri 2021-11-05 11:42:12 CET; 47s ago
    Process: 457049 ExecStartPre=/usr/sbin/lighttpd -tt -f /etc/lighttpd/lighttpd.conf (code=exited, status=255/EXCEPTION)
        CPU: 82ms

lis 05 11:42:12 DietPi systemd[1]: lighttpd.service: Scheduled restart job, restart counter is at 5.
lis 05 11:42:12 DietPi systemd[1]: Stopped Lighttpd Daemon.
lis 05 11:42:12 DietPi systemd[1]: lighttpd.service: Start request repeated too quickly.
lis 05 11:42:12 DietPi systemd[1]: lighttpd.service: Failed with result 'exit-code'.
lis 05 11:42:12 DietPi systemd[1]: Failed to start Lighttpd Daemon.

Regards.

Joulinar · 5 November 2021 10:46

you could run following to verify your configuration

/usr/sbin/lighttpd -tt -f /etc/lighttpd/lighttpd.conf

przemko · 5 November 2021 10:52

Now I remove that link and lighttpd is OK but:

root@DietPi:/# /usr/sbin/lighttpd -tt -f /etc/lighttpd/lighttpd.conf
root@DietPi:/#

Joulinar · 5 November 2021 10:58

there is no but. Only in case of an error you would see something. As there is no output, no issues detected.

przemko · 5 November 2021 11:06

There’re issues when I use:

cd /etc/lighttpd/conf-enabled
ln -s ../conf-available/98-dietpi-hsts.conf 98-dietpi-hsts.conf
service lighttpd force-reload
dietpi-services restart

root@DietPi:/etc/lighttpd/conf-enabled# /usr/sbin/lighttpd -tt -f /etc/lighttpd/lighttpd.conf
2021-11-05 12:06:04: configfile.c.1984) opening configfile /etc/lighttpd/conf-enabled/98-dietpi-hsts.conf failed: No such file or directory
2021-11-05 12:06:04: configfile.c.1970) source: /etc/lighttpd/lighttpd.conf line: 52 pos: 15 parser failed somehow near here: (EOL)

Joulinar · 5 November 2021 11:15

did you checked if /etc/lighttpd/conf-available/98-dietpi-hsts.conf is existing?

przemko · 5 November 2021 11:33

It not exist. Do I have to create?

Joulinar · 5 November 2021 11:42

reading the error message should have answered this question already. Yes of course you need to have the file available.

MichaIng · 8 November 2021 16:07

Did you use dietpi-letsencrypt? If so, run it again and enable HSTS there. It will then create the required config and enable it for Lighttpd.

przemko · 10 November 2021 08:23

Thanks. That works
Regards

MichaIng · 10 November 2021 13:39

Okay great .

GitTech4K · 24 September 2022 15:53

What´s the solution with nginx?

Because I use nginx as webserver for my hosted Nextcloud.

Whats the solution for the “Strict-Transport-Security” HTTP header is not set message with this webserver” message there?

Thank you for your help

Joulinar · 24 September 2022 16:17

Same as above, use dietpi-letsencrypt to create the settings.