Search results

@AYamshanov I can't find it either. The isn't any Strict-Transport-Security header when I debug on development envorinment. And also, I have added almost all headers as I said before and I don't add Strict-Transport-Security on the dev. It's just added in the product environment in a way I...

@AYamshanov the problem is already exact this option :) I cannot override it. When I turn on the HSTS only the time value should change. HSTS off HSTS on (In this case I don't want the first one)

@AYamshanov, the 2 years in the picture you attached is actually the best practice for the header. Actually, if I turn off HSTS, the duplicate one is not added, but this is not a solution for me. Because I want to change it to 2 years or at least 6 months, not the default value. In short, if...

@AYamshanov, then the currently running version definitely already has this bug. I'm in touch with the hosting firm. I will share link of this thread with them and ask them to upgrade for plesk and SSL certification. From https://docs.plesk.com/release-notes/obsidian/change-log link I see that...

Thanks Peter, I don't use any php, I use just .NET

I use a shared server hosting and the server uses Plesk for Windows 18.0.34 according the support team. I use Let's Encrypt R3 SSL cert. [Images removed on user request] I don't use cloudflare or similar tunnel or something else. I use almost 20 header for CORS. I'm a developer and I'm...

This bug is still NOT RESOLVED, it's a really annoying issue!!!