How to enable HSTS in Apache/Debian 10?

Hello everyone, so I was trying to set up HSTS after disabling TLSv1 and enabling OCSP stapling. I was on my way to get an A+ for SSL Labs, and when I was modifying the ssl.conf on etc/apache2/sites-enabled, I accidentally broke up the file and left my Linode corrupt.

Thank god I did a backup before, so I could restore it. So, the question is: How to enable HSTS in Apache/Debian 10 and not break up the server at the same time?

Regards,
Jose

2 Replies

Hi Jose -

I'm not sure what may have broken your server, but what sort of modifications did you make?

To try to help you out, I looked online to see if I could find some good resources that talked about setting up HSTS with OCSP stapling. I came across a blog that looks like it's got some pretty good instructions:

CONFIGURING HSTS & OCSP STAPLING

There are two links through the link posted above, and each of them gives you a walkthrough (one for HSTS and the other for OCSP stapling) that come complete with configuration examples. I recommend starting with these and seeing if they can help you get this set up correctly.

Let us know if this works for you, and any issues you run into.

Hello rgerke,

Sorry for the delay, but I already fixed it haha. I accidentally deleted the key from the virtualhost, when I was modifying it to apply HSTS. Thank you for the articles though, it helps me understand this in a cleaner way :)

Reply

Please enter an answer
Tips:

You can mention users to notify them: @username

You can use Markdown to format your question. For more examples see the Markdown Cheatsheet.

> I’m a blockquote.

I’m a blockquote.

[I'm a link] (https://www.google.com)

I'm a link

**I am bold** I am bold

*I am italicized* I am italicized

Community Code of Conduct