Public-Key-Pins-Disabled/EN/Solution Tips
Version vom 4. Juli 2018, 12:58 Uhr von Siwebot (Diskussion | Beiträge) (Die Seite wurde neu angelegt: „pin-sha256="<HASH>"; pin-sha256="<HASH>"; max-age=2592000; includeSubDomains; '''Activate HPKP''' - This feature can be activated easily by returning a public…“)
pin-sha256="<HASH>"; pin-sha256="<HASH>"; max-age=2592000; includeSubDomains; Activate HPKP - This feature can be activated easily by returning a public-key-pins HTTP header when the website is called up via HTTPS. (Weitere Infos).
--snip
Public-Key-Pins: pin-sha256="base64=="; max-age=expireTime [; includeSubdomains][; report-uri="reportURI"]
--snap
Here is an example of an .htaccess file which will set the HTTP-Security-Header-Scanner to green. (.htaccess-Beispiel)