1. Home
  2. System Administration
  3. Variphy OVA Administration
  4. Enable HTTP Strict Transport Security (HSTS)
  1. Home
  2. System Administration
  3. Server Management
  4. Enable HTTP Strict Transport Security (HSTS)
  1. Home
  2. System Administration
  3. Enable HTTP Strict Transport Security (HSTS)

Enable HTTP Strict Transport Security (HSTS)

Starting in Variphy release 12.2.4, Variphy now has the ability to enable HSTS. HSTS is a web server directive that informs browsers how to handle its connection through a specific response headers back from the web server, back to the browser. It forces those connections over HTTPS, regardless of any header response sent as an original HTTP request.


HSTS can be enabled within Variphy via the applications property’s file. This file can be located at : /opt/variphy/apps/insight/config/.

You may check you current settings by viewing the contents of the insight.properties file by running: cat insight.properties

View insight.properties values
Edit insight.properities file

At the /opt/variphy/apps/insight/config directory run the following command to edit the file

sudo vi insight.proprties

Arrow down to the line that reads htsts.enabled=false

Type the letter ‘i‘ for Insert Mode. Replace ‘false’ with ‘true’

***Note: Ensure there are no trailing spaces between the = sign or after the word 'true'.

Hit the Escape Key (ESC) to exit Insert Mode

Type :wq (collon, letter w, letter q) Enter. This will save the file and quit.

Restart the Variphy service by running sudo service variphy restart

:wq – Write/Save and Quit
Clear Browser Cache and Cookies

As HSTS is a browser based soltuion, one must clear their browser cache and cookies first for this to work.

***NOTE - The user MUST manually browse to the Variphy application via the HTTPS URL. All subsequent attempts to the Variphy HTTP port will be redirected to the HTTPS.

Chrome – https://support.google.com/accounts/answer/32050

Firefox – https://support.mozilla.org/en-US/kb/how-clear-firefox-cache

Edge – https://support.microsoft.com/en-us/microsoft-edge/delete-cookies-in-microsoft-edge-63947406-40ac-c3b8-57b9-2a946a29ae09

Updated on June 28, 2021

Was this article helpful?

Related Articles