Starting in Variphy release 12.2.4, Variphy now has the ability to enable HSTS. HSTS is a web server directive that informs browsers how to handle its connection through a specific response headers back from the web server, back to the browser. It forces those connections over HTTPS, regardless of any header response sent as an original HTTP request.
Implement
HSTS can be enabled within Variphy via the applications property’s file. This file can be located at : /opt/variphy/apps/insight/config/.
You may check you current settings by viewing the contents of the insight.properties file by running: cat insight.properties
Edit insight.properities file
At the /opt/variphy/apps/insight/config directory run the following command to edit the file
sudo vi insight.proprties
Arrow down to the line that reads htsts.enabled=false
Type the letter ‘i‘ for Insert Mode. Replace ‘false’ with ‘true’
***Note: Ensure there are no trailing spaces between the = sign or after the word 'true'.
Hit the Escape Key (ESC) to exit Insert Mode
Type :wq (collon, letter w, letter q) Enter. This will save the file and quit.
Restart the Variphy service by running sudo service variphy restart
Clear Browser Cache and Cookies
As HSTS is a browser based soltuion, one must clear their browser cache and cookies first for this to work.
***NOTE - The user MUST manually browse to the Variphy application via the HTTPS URL. All subsequent attempts to the Variphy HTTP port will be redirected to the HTTPS.
Chrome – https://support.google.com/accounts/answer/32050
Firefox – https://support.mozilla.org/en-US/kb/how-clear-firefox-cache
