1回答
- 新しい順
- 投票が多い順
- コメントが多い順
0
Hello,
I would suggest to introduce CloudFront and put the LB behind it. CloudFront allows you to set that header https://aws.amazon.com/premiumsupport/knowledge-center/cloudfront-http-security-headers/
Other benefits from CF is edge locations + low latency bare backbone AWS network, caching and last but not least could help in case of you are under DDoS attack.
回答済み 1年前
As per the definition of HSTS, "HTTP Strict Transport Security (HSTS) is an HTTP header that notifies user agents to only connect to a given site over HTTPS, even if the scheme chosen was HTTP." I already redirect http request to https with 301 code in the ELB hence http is literally not possible. Isn't that suffice?
関連するコンテンツ
AWS公式更新しました 1年前
There is a good answer for this on stackoverflow: https://stackoverflow.com/a/51906978/2430241